Networking The Complete Reference, Third Edition

Networking The Complete Reference, Third Edition
Copyright©2015byMcGraw-HillEducation.Allrightsreserved.Exceptaspermitted
undertheUnitedStatesCopyrightActof1976,nopartofthispublicationmaybe
reproducedordistributedinanyformorbyanymeans,orstoredinadatabaseorretrieval
system,withoutthepriorwrittenpermissionofthepublisher.
ISBN:978-0-07-182765-2
MHID:0-07-182765-X
ThematerialinthiseBookalsoappearsintheprintversionofthistitle:ISBN:978-0-07182764-5,MHID:0-07-182764-1.
eBookconversionbycodeMantra
Version1.0
Alltrademarksaretrademarksoftheirrespectiveowners.Ratherthanputatrademark
symbolaftereveryoccurrenceofatrademarkedname,weusenamesinaneditorial
fashiononly,andtothebenefitofthetrademarkowner,withnointentionofinfringement
ofthetrademark.Wheresuchdesignationsappearinthisbook,theyhavebeenprinted
withinitialcaps.
McGraw-HillEducationeBooksareavailableatspecialquantitydiscountstouseas
premiumsandsalespromotionsorforuseincorporatetrainingprograms.Tocontacta
representative,pleasevisittheContactUspageatwww.mhprofessional.com.
InformationhasbeenobtainedbyMcGraw-HillEducationfromsourcesbelievedtobe
reliable.However,becauseofthepossibilityofhumanormechanicalerrorbyoursources,
McGraw-HillEducation,orothers,McGraw-HillEducationdoesnotguaranteethe
accuracy,adequacy,orcompletenessofanyinformationandisnotresponsibleforany
errorsoromissionsortheresultsobtainedfromtheuseofsuchinformation.
TERMSOFUSE
ThisisacopyrightedworkandMcGraw-HillEducationanditslicensorsreserveallrights
inandtothework.Useofthisworkissubjecttotheseterms.Exceptaspermittedunder
theCopyrightActof1976andtherighttostoreandretrieveonecopyofthework,you
maynotdecompile,disassemble,reverseengineer,reproduce,modify,createderivative
worksbasedupon,transmit,distribute,disseminate,sell,publishorsublicensetheworkor
anypartofitwithoutMcGraw-HillEducation’spriorconsent.Youmayusetheworkfor
yourownnoncommercialandpersonaluse;anyotheruseoftheworkisstrictly
prohibited.Yourrighttousetheworkmaybeterminatedifyoufailtocomplywiththese
terms.
THEWORKISPROVIDED“ASIS.”McGRAW-HILLEDUCATIONANDITS
LICENSORSMAKENOGUARANTEESORWARRANTIESASTOTHE
ACCURACY,ADEQUACYORCOMPLETENESSOFORRESULTSTOBE
OBTAINEDFROMUSINGTHEWORK,INCLUDINGANYINFORMATIONTHAT
CANBEACCESSEDTHROUGHTHEWORKVIAHYPERLINKOROTHERWISE,
ANDEXPRESSLYDISCLAIMANYWARRANTY,EXPRESSORIMPLIED,
INCLUDINGBUTNOTLIMITEDTOIMPLIEDWARRANTIESOF
MERCHANTABILITYORFITNESSFORAPARTICULARPURPOSE.McGraw-Hill
Educationanditslicensorsdonotwarrantorguaranteethatthefunctionscontainedinthe
workwillmeetyourrequirementsorthatitsoperationwillbeuninterruptedorerrorfree.
NeitherMcGraw-HillEducationnoritslicensorsshallbeliabletoyouoranyoneelsefor
anyinaccuracy,errororomission,regardlessofcause,intheworkorforanydamages
resultingtherefrom.McGraw-HillEducationhasnoresponsibilityforthecontentofany
informationaccessedthroughthework.UndernocircumstancesshallMcGraw-Hill
Educationand/oritslicensorsbeliableforanyindirect,incidental,special,punitive,
consequentialorsimilardamagesthatresultfromtheuseoforinabilitytousethework,
evenifanyofthemhasbeenadvisedofthepossibilityofsuchdamages.Thislimitationof
liabilityshallapplytoanyclaimorcausewhatsoeverwhethersuchclaimorcausearises
incontract,tortorotherwise.
Greatthanksandhumbleappreciationto
allofthosewhohelpedwiththisbook.
Andtomykidsandtheirkids,andever
andalwaystoSandy.
AbouttheAuthor
BobbiSandbergisasmallbusinessconsultantandretiredCPAwhohasbeenatrainer,
instructor,andteacherofallthingscomputerinthePacificNorthwestformorethan40
years.Shehas“played”withcomputerssincetheyoccupiedentireroomsandrequired
perforatedpapertapeandpunchcards.Today,sheteacheshardwareandsoftwareclasses,
solveshardwareandsoftwareissuesforanumberofclients,andkeepsnetworks
functionalonaregularbasis.Bobbiistheauthororcoauthorofseveralcomputerbooks,
includingQuickBooks2015:TheSmallBusinessGuide,Quicken2015:TheOfficial
Guide,Quicken2014:TheOfficialGuide,MicrosoftOffice2013QuickSteps,and
ComputingforSeniorsQuickSteps.
AbouttheTechnicalEditors
RandalNollanhasbeenworkingwithtechnologysincethelate1970swhenhewrotehis
firstprogramonpinkpunchcards.RandaljoinedtheU.S.Navyin1980asanAviation
Ordnancemanandretiredin2001.Duringthattime,hemaintainedthedBaseIII
vaccinationdatabaseforthesquadroncorpsmanandwasalwaysinthethickof
maintainingthetokenringnetwork,computers,andterminalstheyhadatthetime.He
graduatedfromSkagitValleyCollegeCIS(networking)andMIT(programming)in2003.
HeworkedinInternettechsupportfrom2003to2005andhassincebeenworkingin
computerrepairforalocaltelephonecompanyonWhidbeyIsland,Washington.Inhis
sparetime,heenjoystheoutdoorsbyfishing,crabbing,bicycling,camping,andhunting.
Indoorfunincludesplayingwithanythingtechrelated,remodelinghishome,andmaking
winefromanyfruitthatlandsonhisdoorstep;sometimehemayevenstopworkingand
drinkit.
DwightSpiveyistheauthorofmorethan20booksoncomputersandtechnologyandhas
happilylenthisexpertiseasatechnicaleditortoseveralmoretitles.Dwightishappily
marriedtoCindy,andtheyresideontheGulfCoastofAlabamaalongwiththeirfour
children.Hestudiestheology,drawscomicstrips,androotsfortheAuburnTigersinhis
ever-decreasingsparetime.
VanAguirreisaninformationtechnologyspecialistwhohasbroadexperienceinthe
field.Sincethelate1990s,hehasdevelopedandtaughtcoursesinnetworkingand
multimediatechnology,computingsecurity,computercrimeforensics,ITrisk
management,ITbusinesscontinuity,anddisasterrecoveryplanning.Workingwithother
ITprofessionals,hehasplannedandmanagedtheimplementationofevolving
technologies,includingvirtualization,mobile,andcloudcomputingtosupport
institutionalbusinessandstrategicinitiatives.Asaprojectmanagerineducational
technology,VanhasestablishedandpromotedsuccessfulapprenticeshipprogramsinIT
deskservicemanagementforcollegestudents,integratingLEANprinciplesandITIL
processestosupplementtechnicalskills.
Contents
Acknowledgments
Introduction
PartINetworkBasics
Chapter1WhatIsaNetwork?
LocalAreaNetwork
Basebandvs.Broadband
PacketSwitchingvs.CircuitSwitching
CablesandTopologies
MediaAccessControl
Addressing
Repeaters,Bridges,Switches,andRouters
WideAreaNetworks
ProtocolsandStandards
ClientsandServers
OperatingSystemsandApplications
Chapter2TheOSIReferenceModel
CommunicationsBetweentheLayers
DataEncapsulation
HorizontalCommunications
VerticalCommunications
EncapsulationTerminology
ThePhysicalLayer
PhysicalLayerSpecifications
PhysicalLayerSignaling
TheDataLinkLayer
Addressing
MediaAccessControl
ProtocolIndicator
ErrorDetection
TheNetworkLayer
Routing
Fragmenting
Connection-OrientedandConnectionlessProtocols
TheTransportLayer
ProtocolServiceCombinations
TransportLayerProtocolFunctions
SegmentationandReassembly
FlowControl
ErrorDetectionandRecovery
TheSessionLayer
DialogControl
DialogSeparation
ThePresentationLayer
TheApplicationLayer
PartIINetworkHardware
Chapter3NetworkInterfaceAdapters
NICFunctions
NICFeatures
FullDuplex
BusMastering
ParallelTasking
Wake-on-LANorWake-on-Wireless-LAN
SelectingaNIC
Protocol
TransmissionSpeed
NetworkInterface
BusInterface
Bottlenecks
ISAorPCI?
IntegratedAdapters
Fiber-OpticNICs
PortableSystems
HardwareResourceRequirements
PowerRequirements
Servervs.WorkstationNICs
Chapter4NetworkInterfaceAdaptersandConnectionDevices
Repeaters
Hubs
PassiveHubs
Repeating,Active,andIntelligentHubs
TokenRingMAUs
HubConfigurations
TheUplinkPort
StackableHubs
ModularHubs
Bridges
TransparentBridging
BridgeLoops
SourceRouteBridging
BridgingEthernetandTokenRingNetworks
Routers
RouterApplications
RouterFunctions
RoutingTables
WindowsRoutingTables
RoutingTableParsing
StaticandDynamicRouting
SelectingtheMostEfficientRoute
DiscardingPackets
PacketFragmentation
RoutingandICMP
RoutingProtocols
Switches
SwitchTypes
Routingvs.Switching
VirtualLANs
Layer3Switching
Multiple-LayerSwitching
Chapter5CablingaNetwork
CableProperties
CablingStandards
DataLinkLayerProtocolStandards
CoaxialCable
ThickEthernet
ThinEthernet
CableTelevision
Twisted-PairCable
UnshieldedTwisted-Pair
Category5e
Cat6and6a
Cat7
ConnectorPinouts
ShieldedTwisted-Pair
Fiber-OpticCable
Fiber-OpticCableConstruction
Fiber-OpticConnectors
Chapter6WirelessLANs
WirelessNetworks
AdvantagesandDisadvantagesofWirelessNetworks
TypesofWirelessNetworks
WirelessApplications
TheIEEE802.11Standards
ThePhysicalLayer
PhysicalLayerFrames
TheDataLinkLayer
DataLinkLayerFrames
MediaAccessControl
Chapter7WideAreaNetworks
IntroductiontoTelecommunications
WANUtilization
SelectingaWANTechnology
PSTN(POTS)Connections
LeasedLines
Leased-LineTypes
Leased-LineHardware
Leased-LineApplications
ISDN
ISDNServices
ISDNCommunications
ISDNHardware
DSL
SwitchingServices
Packet-SwitchingServices
Circuit-SwitchingServices
FrameRelay
Frame-RelayHardware
VirtualCircuits
Frame-RelayMessaging
ATM
ThePhysicalLayer
TheATMLayer
TheATMAdaptationLayer
ATMSupport
SONET
Chapter8ServerTechnologies
PurchasingaServer
UsingMultipleProcessors
ParallelProcessing
ServerClustering
UsingHierarchicalStorageManagement
FibreChannelNetworking
NetworkStorageSubsystems
Chapter9DesigningaNetwork
ReasoningtheNeed
SeekingApproval
DesigningaHomeorSmall-OfficeNetwork
SelectingComputers
SelectingaNetworkingProtocol
ChoosingaNetworkMedium
ChoosingaNetworkSpeed
DesigninganInternetwork
SegmentsandBackbones
DistributedandCollapsedBackbones
BackboneFaultTolerance
SelectingaBackboneLANProtocol
ConnectingtoRemoteNetworks
SelectingaWANTopology
PlanningInternetAccess
LocatingEquipment
WiringClosets
DataCenters
FinalizingtheDesign
PartIIINetworkProtocols
Chapter10EthernetBasics
EthernetDefined
EthernetStandards
EthernetII
IEEE802.3
DIXEthernetandIEEE802.3Differences
IEEEShorthandIdentifiers
CSMA/CD
Collisions
LateCollisions
PhysicalLayerGuidelines
10Base-5(ThickEthernet)
10Base-2(ThinEthernet)
10Base-Tor100Base-T(Twisted-PairEthernet)
Fiber-OpticEthernet
CablingGuidelines
ExceedingEthernetCablingSpecifications
TheEthernetFrame
TheIEEE802.3Frame
TheEthernetIIFrame
TheLogicalLinkControlSublayer
TheSNAPHeader
Full-DuplexEthernet
Full-DuplexRequirements
Full-DuplexFlowControl
Full-DuplexApplications
Chapter11100BaseEthernetandGigabitEthernet
100BaseEthernet
PhysicalLayerOptions
CableLengthRestrictions
Autonegotiation
GigabitEthernet
GigabitEthernetArchitecture
MediaAccessControl
TheGigabitMedia-IndependentInterface
ThePhysicalLayer
EthernetTroubleshooting
EthernetErrors
IsolatingtheProblem
100VG-AnyLAN
TheLogicalLinkControlSublayer
TheMACandRMACSublayers
ThePhysicalMedium–IndependentSublayer
TheMedium-IndependentInterfaceSublayer
ThePhysicalMedium–DependentSublayer
TheMedium-DependentInterface
Workingwith100VG-AnyLAN
Chapter12NetworkingProtocols
TokenRing
TheTokenRingPhysicalLayer
TokenPassing
TokenRingFrames
TokenRingErrors
FDDI
FDDITopology
PartIVNetworkSystems
Chapter13TCP/IP
TCP/IPAttributes
TCP/IPArchitecture
TheTCP/IPProtocolStack
IPVersions
IPv4Addressing
SubnetMasking
IPAddressRegistration
SpecialIPAddresses
Subnetting
PortsandSockets
TCP/IPNaming
TCP/IPProtocols
SLIPandPPP
ARP
IP
Chapter14OtherTCP/IPProtocols
IPv6
IPv6Addresses
IPv6AddressStructure
OtherProtocols
ICMP
UDP
TCP
Chapter15TheDomainNameSystem
HostTables
HostTableProblems
DNSObjectives
DomainNaming
Top-LevelDomains
Second-LevelDomains
Subdomains
DNSFunctions
ResourceRecords
DNSNameResolution
ReverseNameResolution
DNSNameRegistration
ZoneTransfers
DNSMessaging
TheDNSHeaderSection
TheDNSQuestionSection
DNSResourceRecordSections
DNSMessageNotation
NameResolutionMessages
RootNameServerDiscovery
ZoneTransferMessages
Chapter16InternetServices
WebServers
SelectingaWebServer
HTML
HTTP
FTPServers
FTPCommands
FTPReplyCodes
FTPMessaging
E-mail
E-mailAddressing
E-mailClientsandServers
SimpleMailTransferProtocol
PostOfficeProtocol
InternetMessageAccessProtocol
PartVNetworkOperatingServices
Chapter17Windows
TheRoleofWindows
Versions
ServicePacks
MicrosoftTechnicalSupport
OperatingSystemOverview
KernelModeComponents
UserModeComponents
Services
TheWindowsNetworkingArchitecture
TheNDISInterface
TheTransportDriverInterface
TheWorkstationService
TheServerService
APIs
FileSystems
FAT16
FAT32
NTFS
ResilientFileSystem
TheWindowsRegistry
OptionalWindowsNetworkingServices
ActiveDirectory
MicrosoftDHCPServer
MicrosoftDNSServer
WindowsInternetNamingService
Chapter18ActiveDirectory
ActiveDirectoryArchitecture
ObjectTypes
ObjectNaming
Domains,Trees,andForests
DNSandActiveDirectory
GlobalCatalogServer
DeployingActiveDirectory
CreatingDomainControllers
DirectoryReplication
Sites
MicrosoftManagementConsole
DesigninganActiveDirectory
PlanningDomains,Trees,andForests
Chapter19Linux
UnderstandingLinux
LinuxDistributions
AdvantagesandDisadvantagesofLinux
FileSystems
LinuxInstallationQuestions
DirectoryStructure
QuickCommandsinLinux
WorkingwithLinuxFiles
Journaling
Editing
LackofFragmentation
Chapter20Unix
UnixPrinciples
UnixArchitecture
UnixVersions
UnixSystemV
BSDUnix
UnixNetworking
UsingRemoteCommands
BerkeleyRemoteCommands
DARPACommands
NetworkFileSystem
Client-ServerNetworking
Chapter21OtherNetworkOperatingSystemsandNetworkingintheCloud
HistoricalSystems
FreeBSD
NetBSD
OpenBSD
OracleSolaris
OperatingintheCloud
HistoryoftheCloud
BenefitsoftheCloud
DisadvantagesintheCloud
HowtheCloudWorks
CloudTypes
CloudServiceModels
InfrastructureasaService
PlatformasaService
SoftwareasaService
NetworkasaService
PartVINetworkServices
Chapter22NetworkClients
WindowsNetworkClients
WindowsNetworkingArchitecture
NetWareClients
MacintoshClients
ConnectingMacintoshSystemstoWindowsNetworks
UnixClients
Applications
UnixAccess
Windows7Interface
Windows8Interface
Chapter23NetworkSecurityBasics
SecuringtheFileSystem
TheWindowsSecurityModel
WindowsFileSystemPermissions
UnixFileSystemPermissions
VerifyingIdentities
FTPUserAuthentication
Kerberos
PublicKeyInfrastructure
DigitalCertificates
Token-BasedandBiometricAuthentication
SecuringNetworkCommunications
IPsec
SSL
Firewalls
PacketFilters
NetworkAddressTranslation
ProxyServers
Circuit-LevelGateways
CombiningFirewallTechnologies
Chapter24WirelessSecurity
WirelessFunctionality
WirelessNetworkComponents
WirelessRouterTypes
WirelessTransmission
WirelessAccessPoints
CreatingaSecureWirelessNetwork
SecuringaWirelessHomeNetwork
SecuringaBusinessNetwork
SecuringaWirelessRouter
SecuringMobileDevices
WhatAretheRisks?
UnsecuredHomeNetworks
WirelessInvasionTools
UnderstandingEncryption
Chapter25OverviewofNetworkAdministration
LocatingApplicationsandDatainWindowsSystems
Server-BasedOperatingSystems
Server-BasedApplications
StoringDataFiles
ControllingtheWorkstationEnvironment
DriveMappingsinWindows
UserProfiles
ControllingtheWorkstationRegistry
UsingSystemPolicies
Chapter26NetworkManagementandTroubleshootingTools
OperatingSystemUtilities
WindowsUtilities
TCP/IPUtilities
NetworkAnalyzers
FilteringData
TrafficAnalysis
ProtocolAnalysis
CableTesters
Chapter27BackingUp
BackupHardware
BackupCapacityPlanning
HardDiskDrives
RAIDSystems
UsingRAID
Network-AttachedStorage
MagneticTapeDrives
TapeDriveInterfaces
MagneticTapeCapacities
BackupSoftware
SelectingBackupTargets
BackingUpOpenFiles
RecoveringfromaDisaster
JobScheduling
RotatingMedia
BackupAdministration
EventLogging
PerformingRestores
Index
Acknowledgments
Thisbook,likemostothers,istheendproductofalotofhardworkbymanypeople.All
ofthepeopleinvolveddeservegreatthanks.Aspecialthank-youtothefollowing:
•RogerStewart,acquisitionseditoratMcGraw-HillEducation,forhis
support,understanding,andalwaysavailableear.Heandhisteamareunbeatable.
•Twoothermembersoftheteam,PattyMonandAmandaRussell.Pattyis
thefinesteditorialsupervisoraround.Sheisbeyondhelpful,alwaysconsiderate
andthoughtful,andjust“there”foranyquestions.Sheisagem.Thegenerous,
organized,andalwayson“top”ofanyconcernorissue,editorialcoordinator
AmandaRussell.Amandaeitherhastheanswerathandorfindsoutquicklyand
reliably.Thesefewdescriptivewordsareonlythetipoftheicebergwhen
discussingtheirtalent,professionalism,andalwaysgenerousspirits.
•Thetechnicaleditors,RandyNollanandDwightSpivey,forthesupport,
suggestions,andideas.Theseskilledandproficientgentlemenmadetheprocess
fun.Andaspecialthank-youtoVanAguirreforhishardworkatthebeginningof
theproject.
•AsheeshRatraandhisteamatMPSLimited,whodeservegreatthanksand
appreciationfortheirhardworkandexpertise.Itwasapleasureandhonor
workingwiththem!
Introduction
Thisbookisdesignedasathorough,practicalplanningguideandunderpinningof
knowledgeforITnetworkingprofessionalsaroundtheworld,includingstudentsofIT
networkingcourses,beginningnetworkadministrators,andthoseseekingworkintheIT
networkingfield.
BenefittoYou,theReader
Afterreadingthisbook,youwillbeabletosetupaneffectivenetwork.Thebookteaches
everything,includingmethodology,analysis,caseexamples,tips,andallthetechnical
supportingdetailsneededtosuitanITaudience’srequirements,soitwillbenefiteveryone
frombeginnerstothosewhoareintermediate-levelpractitioners.
WhatThisBookCovers
Thisbookcoversthedetailsaswellasthebigpicturefornetworking,includingboth
physicalandvirtualnetworks.Itdiscusseshowtoevaluatethevariousnetworkingoptions
andexplainshowtomanagenetworksecurityandtroubleshooting.
Organization
Thisbookislogicallyorganizedintosixparts.Withineachpart,thechaptersstartwith
basicconceptsandprocedures,mostofwhichinvolvespecificnetworkingtasks,andthen
worktheirwayuptomoreadvancedtopics.
Itisnotnecessarytoreadthisbookfrombeginningtoend.Skiparoundasdesired.
Thefollowingsectionssummarizethebook’sorganizationandcontents.
PartI:NetworkBasics
ThispartofthebookintroducesnetworkingconceptsandexplainsboththeOSIand
TCP/IPmodels.
•Chapter1:WhatIsaNetwork?
•Chapter2:TheOSIReferenceModel
PartII:NetworkHardware
Thispartofthebookdiscussesthevarioushardwareitemsusedinacomputernetwork.It
alsoexplainssomebasicswhendesigninganetwork.
•Chapter3:NetworkInterfaceAdapters
•Chapter4:NetworkInterfaceAdaptersandConnectionDevices
•Chapter5:CablingaNetwork
•Chapter6:WirelessLANs
•Chapter7:WideAreaNetworks
•Chapter8:ServerTechnologies
•Chapter9:DesigningaNetwork
PartIII:NetworkProtocols
Thispartofthebookexplainsthevariousrulesandprotocolsfornetworks.
•Chapter10:EthernetBasics
•Chapter11:100BaseEthernetandGigabitEthernet
•Chapter12:NetworkingProtocols
PartIV:NetworkSystems
Thispartofthebookdiscussesthevariousnetworkoperatingsystems.
•Chapter13:TCP/IP
•Chapter14:OtherTCP/IPProtocols
•Chapter15:TheDomainNameSystem
•Chapter16:InternetServices
PartV:NetworkOperatingServices
Inthispartofthebook,youwilllearnabitmoreaboutthebasicsofsomeoftheother
servicesavailable,includingcloudnetworking.InChapter23,youwilllearnsomeofthe
basicsneededtosecureyournetwork.
•Chapter17:Windows
•Chapter18:ActiveDirectory
•Chapter19:Linux
•Chapter20:Unix
•Chapter21:OtherNetworkOperatingSystemsandNetworkinginthe
Cloud
PartVI:NetworkServices
Fromclientstosecuritytotheall-importantbackup,thissectioncoverssomeofthedayto-dayoperationsinnetworking.
•Chapter22:NetworkClients
•Chapter23:NetworkSecurityBasics
•Chapter24:WirelessSecurity
•Chapter25:OverviewofNetworkAdministration
•Chapter26:NetworkManagementandTroubleshootingTools
•Chapter27:BackingUp
Conventions
Allhow-tobooks—especiallycomputerbooks—havecertainconventionsfor
communicatinginformation.Here’sabriefsummaryoftheconventionsusedthroughout
thisbook.
MenuCommands
Windowsandmostotheroperatingsystemsmakecommandsaccessibleonthemenubar
atthetopoftheapplicationwindow.Throughoutthisbook,youaretoldwhichmenu
commandstochoosetoopenawindowordialogortocompleteatask.Thefollowing
formatisusedtoindicatemenucommands:Menu|Submenu(ifapplicable)|Command.
Keystrokes
Keystrokesarethekeysyoumustpresstocompleteatask.Therearetwokindsof
keystrokes:
•KeyboardshortcutsCombinationsofkeysyoupresstocompleteatask
morequickly.Forexample,theshortcutfor“clicking”aCancelbuttonmaybeto
presstheEsckey.Whenyouaretopressakey,youwillseethenameofthekeyin
smallcaps,likethis:ESC.Ifyoumustpresstwoormorekeyssimultaneously,they
areseparatedwithahyphen,likethis:CTRL-P.
•LiteraltextTextyoumusttypeinexactlyasitappearsinthebook.
Althoughthisbookdoesn’tcontainmanyinstancesofliteraltext,thereareafew.
Literaltexttobetypedisinboldfacetype,likethis:Typehelpattheprompt.
•MonospacefontTextthatyouseeatthecommandline.Itlookslikethis:
Nslookup–nameserver
PART
I
NetworkBasics
CHAPTER1
WhatIsaNetwork?
CHAPTER2
TheOSIReferenceModel
CHAPTER
1
WhatIsaNetwork?
Atitscore,anetworkissimplytwo(ormore)connectedcomputers.Computerscanbe
connectedwithcablesortelephonelines,ortheycanconnectwirelesslywithradiowaves,
fiber-opticlines,oreveninfraredsignals.Whencomputersareabletocommunicate,they
canworktogetherinavarietyofways:bysharingtheirresourceswitheachother,by
distributingtheworkloadofaparticulartask,orbyexchangingmessages.Today,themost
widelyusednetworkistheInternet.Thisbookexaminesindetailhowcomputersona
networkcommunicate;whatfunctionstheyperform;andhowtogoaboutbuilding,
operating,andmaintainingthem.
Theoriginalmodelforcollaborativecomputingwastohaveasinglelargecomputer
connectedtoaseriesofterminals,eachofwhichwouldserviceadifferentuser.Thiswas
calledtimesharingbecausethecomputerdivideditsprocessorclockcyclesamongthe
terminals.Usingthisarrangement,theterminalsweresimplycommunicationsdevices;
theyacceptedinputfromusersthroughakeyboardandsentittothecomputer.Whenthe
computerreturnedaresult,theterminaldisplayeditonascreenorprinteditonpaper.
Theseterminalsweresometimescalleddumbterminalsbecausetheydidn’tperformany
calculationsontheirown.Theterminalscommunicatedwiththemaincomputer,never
witheachother.
Astimepassedandtechnologyprogressed,engineersbegantoconnectcomputersso
thattheycouldcommunicate.Atthesametime,computerswerebecomingsmallerand
lessexpensive,givingrisetomini-andmicrocomputers.Thefirstcomputernetworksused
individuallinks,suchastelephoneconnections,toconnecttwosystems.Therearea
numberofcomputernetworkingtypesandseveralmethodsofcreatingthesetypes,which
willbecoveredinthischapter.
LocalAreaNetwork
SoonafterthefirstIBMPCshitthemarketinthe1980sandrapidlybecameacceptedasa
businesstool,theadvantagesofconnectingthesesmallcomputersbecameobvious.Rather
thansupplyingeverycomputerwithitsownprinter,anetworkofcomputerscouldsharea
singleprinter.Whenoneuserneededtogiveafiletoanotheruser,anetworkeliminated
theneedtoswapfloppydisks.Theproblem,however,wasthatconnectingadozen
computersinanofficewithindividualpoint-to-pointlinksbetweenallofthemwasnot
practical.Theeventualsolutiontothisproblemwasthelocalareanetwork(LAN).
ALANisagroupofcomputersconnectedbyasharedmedium,usuallyacable.By
sharingasinglecable,eachcomputerrequiresonlyoneconnectionandcanconceivably
communicatewithanyothercomputeronthenetwork.ALANislimitedtoalocalareaby
theelectricalpropertiesofthecablesusedtoconstructthemandbytherelativelysmall
numberofcomputersthatcanshareasinglenetworkmedium.LANsaregenerally
restrictedtooperationwithinasinglebuildingor,atmost,acampusofadjacentbuildings.
Sometechnologies,suchasfiberoptics,haveextendedtherangeofLANstoseveral
kilometers,butitisn’tpossibletouseaLANtoconnectcomputersindistantcities,for
example.Thatistheprovinceofthewideareanetwork(WAN),asdiscussedlaterinthis
chapter.
Inmostcases,aLANisabaseband,packet-switchingnetwork.Anunderstandingof
thetermsbasebandandpacketswitching,whichareexaminedinthefollowingsections,is
necessarytounderstandhowdatanetworksoperatebecausethesetermsdefinehow
computerstransmitdataoverthenetworkmedium.
Basebandvs.Broadband
Abasebandnetworkisoneinwhichthecableorothernetworkmediumcancarryonlya
singlesignalatanyonetime.Abroadbandnetwork,ontheotherhand,cancarrymultiple
signalssimultaneously,usingadiscretepartofthecable’sbandwidthforeachsignal.As
anexampleofabroadbandnetwork,considerthecabletelevisionserviceyouprobably
haveinyourhome.AlthoughonlyonecablerunstoyourTV,itsuppliesyouwithdozens
ofchannelsofprogrammingatthesametime.Ifyouhavemorethanonetelevision
connectedtothecableservice,theinstallerprobablyusedasplitter(acoaxialfittingwith
oneconnectorfortheincomingsignalsandtwoconnectorsforoutgoingsignals)torunthe
singlecableenteringyourhousetotwodifferentrooms.ThefactthattheTVscanbe
tunedtodifferentprogramsatthesametimewhileconnectedtothesamecableprovesthat
thecableisprovidingaseparatesignalforeachchannelatalltimes.Abasebandnetwork
usespulsesapplieddirectlytothenetworkmediumtocreateasinglesignalthatcarries
binarydatainencodedform.Comparedtobroadbandtechnologies,basebandnetworks
spanrelativelyshortdistancesbecausetheyaresubjecttodegradationcausedbyelectrical
interferenceandotherfactors.Theeffectivemaximumlengthofabasebandnetworkcable
segmentdiminishesasitstransmissionrateincreases.Thisiswhylocalareanetworking
protocolssuchasEthernethavestrictguidelinesforcableinstallations.
NOTEAcablesegmentisanunbrokennetworkcablethatconnectstwo
nodes.
PacketSwitchingvs.CircuitSwitching
LANsarecalledpacket-switchingnetworksbecausetheircomputersdividetheirdatainto
small,discreteunitscalledpacketsbeforetransmittingit.Thereisalsoasimilartechnique
calledcellswitching,whichdiffersfrompacketswitchingonlyinthatcellsarealwaysa
consistent,uniformsize,whereasthesizeofpacketsisvariable.MostLANtechnologies,
suchasEthernet,TokenRing,andFiberDistributedDataInterface(FDDI),usepacket
switching.AsynchronousTransferMode(ATM)isthecell-switchingLANprotocolthatis
mostcommonlyused.
UnderstandingPackets
E-mailmaybetheeasiestwaytounderstandpackets.Eachmessageisdividedbythe
sendingserviceintoaspecificnumberofbytes,oftenbetween1,000and1,500.Then
eachpacketissentusingthemostefficientroute.Forexample,ifyouaresendingan
e-mailtoyourcompany’shomeofficefromyourvacationcabin,eachpacketwill
probablytravelalongadifferentroute.Thisismoreefficient,andifanyonepieceof
equipmentisnotworkingproperlyinthenetworkwhileamessageisbeing
transferred,thepacketthatwouldusethatpieceofequipmentcanberoutedaround
theproblemareaandsentonanotherroute.Whenthemessagereachesits
destination,thepacketsarereassembledfordeliveryoftheentiremessage.
SegmentingthedatainthiswayisnecessarybecausethecomputersonaLANsharea
singlecable,andacomputertransmittingasingleunbrokenstreamofdatawould
monopolizethenetworkfortoolong.Ifyouweretoexaminethedatabeingtransmitted
overapacket-switchingnetwork,youwouldseethepacketsgeneratedbyseveraldifferent
systemsintermixedonthecable.Thereceivingsystem,therefore,musthaveamechanism
forreassemblingthepacketsintothecorrectorderandrecognizingtheabsenceofpackets
thatmayhavebeenlostordamagedintransit.
Theoppositeofpacketswitchingiscircuitswitching,inwhichonesystemestablishes
adedicatedcommunicationchanneltoanothersystembeforeanydataistransmitted.In
thedatanetworkingindustry,circuitswitchingisusedforcertaintypesofwidearea
networkingtechnologies,suchasIntegratedServicesDigitalNetwork(ISDN)andframe
relay.Theclassicexampleofacircuit-switchingnetworkisthepublictelephonesystem.
Whenyouplaceacalltoanotherperson,aphysicalcircuitisestablishedbetweenyour
telephoneandtheirs.Thiscircuitremainsactivefortheentiredurationofthecall,andno
oneelsecanuseit,evenwhenitisnotcarryinganydata(thatis,whennooneistalking).
Intheearlydaysofthetelephonesystem,everyphonewasconnectedtoacentral
officewithadedicatedcable,andoperatorsusingswitchboardsmanuallyconnecteda
circuitbetweenthetwophonesforeverycall.Whiletodaytheprocessisautomatedand
thetelephonesystemtransmitsmanysignalsoverasinglecable,theunderlyingprinciple
isthesame.
LANswereoriginallydesignedtoconnectasmallnumberofcomputersintowhat
latercametobecalledaworkgroup.Ratherthaninvestingahugeamountofmoneyintoa
large,mainframecomputerandthesupportsystemneededtorunit,businessownerscame
torealizethattheycouldpurchaseafewcomputers,cablethemtogether,andperform
mostofthecomputingtaskstheyneeded.Asthecapabilitiesofpersonalcomputersand
applicationsgrew,sodidthenetworks,andthetechnologyusedtobuildthemprogressed
aswell.
CablesandTopologies
MostLANsarebuiltaroundcoppercablesthatusestandardelectricalcurrentstorelay
theirsignals.Originally,mostLANsconsistedofcomputersconnectedwithcoaxial
cables,buteventually,thetwisted-paircablingusedfortelephonesystemsbecamemore
popular.Anotheralternativeisfiber-opticcable,whichdoesn’tuseelectricalsignalsatall
butinsteadusespulsesoflighttoencodebinarydata.Othertypesofnetwork
infrastructureseliminatecablesentirelyandtransmitsignalsusingwhatisknownas
unboundedmedia,suchasradiowaves,infrared,andmicrowaves.
NOTEFormoreinformationaboutthevarioustypesofcablesusedindata
networking,seeChapter5.
LANsconnectcomputersusingvarioustypesofcablingpatternscalledtopologies
(seeFigure1-1),whichdependonthetypeofcableusedandtheprotocolsrunningonthe
computers.Themostcommontopologiesareasfollows:
•BusAbustopologytakestheformofacablethatrunsfromonecomputerto
thenextoneinadaisy-chainfashion,muchlikeastringofChristmastreelights.
Allofthesignalstransmittedbythecomputersonthenetworktravelalongthe
businbothdirectionstoalloftheothercomputers.Thetwoendsofthebusmust
beterminatedwithelectricalresistorsthatnullifythevoltagesreachingthemso
thatthesignalsdonotreflectintheotherdirection.Theprimarydrawbackofthe
bustopologyisthat,likethestringofChristmaslightsitresembles,afaultinthe
cableanywherealongitslengthsplitsthenetworkintwoandpreventssystemson
oppositesidesofthebreakfromcommunicating.Inaddition,thelackof
terminationateitherhalfcanpreventcomputersthatarestillconnectedfrom
communicatingproperly.AswithChristmaslights,findingasinglefaulty
connectioninalargebusnetworkcanbetroublesomeandtimeconsuming.Most
coaxialcablenetworks,suchastheoriginalEthernetLANs,useabustopology.
•Star(hubandspoke)Astartopologyusesaseparatecableforeach
computerthatrunstoacentralcablingnexuscalledahuborconcentrator.The
hubpropagatesthesignalsenteringthroughanyoneofitsportsoutthroughallof
theotherportssothatthesignalstransmittedbyeachcomputerreachalltheother
computers.Hubsalsoamplifythesignalsastheyprocessthem,enablingthemto
travellongerdistanceswithoutdegrading.Astarnetworkismorefaulttolerant
thanabusbecauseabreakinacableaffectsonlythedevicetowhichthatcableis
connected,nottheentirenetwork.Mostofthenetworkingprotocolsthatcallfor
twisted-paircable,suchas10Base-Tand100Base-TEthernet,usethestar
topology.
•StarbusAstarbustopologyisonemethodforexpandingthesizeofaLAN
beyondasinglestar.Inthistopology,anumberofstarnetworksarejoined
togetherusingaseparatebuscablesegmenttoconnecttheirhubs.Eachcomputer
canstillcommunicatewithanyothercomputeronthenetworkbecauseeachof
thehubstransmitsitsincomingtrafficoutthroughthebusportaswellastheother
starports.Designedtoexpand10Base-TEthernetnetworks,thestarbusisrarely
seentodaybecauseofthespeedlimitationsofcoaxialbusnetworks,whichcan
functionasabottleneckthatdegradestheperformanceoffasterstarnetwork
technologiessuchasFastEthernet.
•RingThistopologyissimilartoabustopology,exceptthesetopologies
transmitinonedirectiononlyfromstationtostation.Aringtopologyoftenuses
separatephysicalportsandwirestosendandreceivedata.Aringtopologyis
functionallyequivalenttoabustopologywiththetwoendsconnectedsothat
signalstravelfromonecomputertothenextinanendlesscircularfashion.
However,thecommunicationsringisonlyalogicalconstruct,notaphysicalone.
Thephysicalnetworkisactuallycabledusingastartopology,andaspecialhub
calledamultistationaccessunit(MSAU)implementsthelogicalringbytaking
eachincomingsignalandtransmittingitoutthroughthenextdownstreamport
only(insteadofthroughalloftheotherports,likeastarhub).Eachcomputer,
uponreceivinganincomingsignal,processesit(ifnecessary)andsendsitright
backtothehubfortransmissiontothenextstationonthering.Becauseofthis
arrangement,systemsthattransmitsignalsontothenetworkmustalsoremovethe
signalsaftertheyhavetraversedtheentirering.Networksconfiguredinaring
topologycanuseseveraldifferenttypesofcable.TokenRingnetworks,for
example,usetwisted-paircables,whileFDDInetworksusetheringtopologywith
fiber-opticcable.
•DaisychainsThesetopologiesarethesimplestformasonedeviceis
connectedtoanotherthroughserialports.Thinkofacomputerhookedtoaprinter
andtheprinter,inturn,beinghookedtoalaptop.
•HierarchicalstarThehierarchicalstartopologyisthemostcommon
methodforexpandingastarnetworkbeyondthecapacityofitsoriginalhub.
Whenahub’sportsareallfilledandyouhavemorecomputerstoconnecttothe
network,youcanconnecttheoriginalhubtoasecondhubusingacableplugged
intoaspecialportdesignatedforthispurpose.Trafficarrivingateitherhubisthen
propagatedtotheotherhubaswellastotheconnectedcomputers.Thenumberof
hubsthatasingleLANcansupportisdependentontheprotocolituses.
Figure1-1Commoncabletopographies
Thetopologiesdiscussedherearephysicaltopologies,whichdifferfromlogical
topologiesthatarediscussedinlaterchapters.Physicaltopologiesrefertotheplacement
ofcablesandothercomponentsofthenetwork.Logicaltopologiesrefertotheflowof
dataonthenetwork.
MediaAccessControl
Whenmultiplecomputersareconnectedtothesamebasebandnetworkmedium,there
mustbeamediaaccesscontrol(MAC)mechanismthatarbitratesaccesstothenetworkto
preventsystemsfromtransmittingdataatthesametime.AMACmechanismisa
fundamentalpartofalllocalareanetworkingprotocolsthatuseasharednetworkmedium.
ThetwomostcommonMACmechanismsareCarrierSenseMultipleAccesswith
CollisionDetection(CSMA/CD),whichisusedbyEthernetnetworks,andtokenpassing,
whichisusedbyTokenRing,FDDI,andotherprotocols.Thesetwomechanismsare
fundamentallydifferent,buttheyaccomplishthesametaskbyprovidingeachsystemon
thenetworkwithanequalopportunitytotransmititsdata.(Formoreinformationabout
theseMACmechanisms,seeChapter10forCSMA/CDandChapter12fortoken
passing.)
Addressing
Forsystemsonasharednetworkmediumtocommunicateeffectively,theymusthave
somemeansofidentifyingeachother,usuallysomeformofnumericaladdress.Inmost
cases,thenetworkinterfacecard(NIC)installedintoeachcomputerhasanaddresshardcodedintoitatthefactory,calleditsMACaddressorhardwareaddress,whichuniquely
identifiesthatcardamongallothers.Everypacketthateachcomputertransmitsoverthe
networkcontainstheaddressofthesendingcomputerandtheaddressofthesystemfor
whichthepacketisintended.
InadditiontotheMACaddress,systemsmayhaveotheraddressesoperatingatother
layers.Forexample,TransmissionControlProtocol/InternetProtocol(TCP/IP)requires
thateachsystembeassignedauniqueIPaddressinadditiontotheMACaddressitalready
possesses.Systemsusethevariousaddressesfordifferenttypesofcommunications.(See
Chapter3formoreinformationonMACaddressingandChapter13formoreinformation
onIPaddressing.)
Repeaters,Bridges,Switches,andRouters
LANswereoriginallydesignedtosupportonlyarelativelysmallnumberofcomputers—
30forthinEthernetnetworksand100forthickEthernet—buttheneedsofbusinesses
quicklyoutgrewtheselimitations.Tosupportlargerinstallations,engineersdeveloped
productsthatenabledadministratorstoconnecttwoormoreLANsintowhatisknownas
aninternetwork,whichisessentiallyanetworkofnetworksthatenablesthecomputerson
onenetworktocommunicatewiththoseonanother.Don’tconfusethegenericterm
internetworkwiththeInternet.TheInternetisanexampleofanextremelylarge
internetwork,butanyinstallationthatconsistsoftwoormoreLANsconnectedisalsoan
internetwork.Thisterminologyisconfusingbecauseitissooftenmisused.Sometimes
whatusersmeanwhentheyrefertoanetworkisactuallyaninternetwork,andatother
times,whatmayseemtobeaninternetworkisactuallyasingleLAN.Strictlyspeaking,a
LANoranetworksegmentisagroupofcomputersthatshareanetworkcablesothata
broadcastmessagetransmittedbyonesystemreachesalloftheothersystems,evenifthat
segmentisactuallycomposedofmanypiecesofcable.Forexample,onatypical10BaseTEthernetLAN,allofthecomputersareconnectedtoahubusingindividuallengthsof
cable.Regardlessofthatfact,thisarrangementisstillanexampleofanetworksegmentor
LAN.IndividualLANscanbeconnectedusingseveraldifferenttypesofdevices,someof
whichsimplyextendtheLANwhileanothercreatesaninternetwork.Thesedevicesareas
follows:
•RepeatersArepeaterisapurelyelectricaldevicethatextendsthemaximum
distanceaLANcablecanspanbyamplifyingthesignalspassingthroughit.The
hubsusedonstarnetworksaresometimescalledmultiportrepeatersbecausethey
havesignalamplificationcapabilitiesintegratedintotheunit.Stand-alone
repeatersarealsoavailableforuseoncoaxialnetworkstoextendthemover
longerdistances.Usingarepeatertoexpandanetworksegmentdoesnotdivideit
intotwoLANsorcreateaninternetwork.
•BridgesAbridgeprovidestheamplificationfunctionofarepeater,along
withtheabilitytoselectivelyfilterpacketsbasedontheiraddresses.Packetsthat
originateononesideofthebridgearepropagatedtotheothersideonlyiftheyare
addressedtoasystemthatexiststhere.Becausebridgesdonotpreventbroadcast
messagesfrombeingpropagatedacrosstheconnectedcablesegments,they,too,
donotcreatemultipleLANsortransformanetworkintoaninternetwork.
•SwitchesSwitchesarerevolutionarydevicesthatinmanycaseseliminate
thesharednetworkmediumentirely.Aswitchisessentiallyamultiportrepeater,
likeahub,exceptthatinsteadofoperatingatapurelyelectricallevel,theswitch
readsthedestinationaddressineachincomingpacketandtransmitsitoutonly
throughtheporttowhichthedestinationsystemisconnected.
•RoutersArouterisadevicethatconnectstwoLANstoforman
internetwork.Likeabridge,arouterforwardsonlythetrafficthatisdestinedfor
theconnectedsegment,butunlikerepeatersandbridges,routersdonotforward
broadcastmessages.Routerscanalsoconnectdifferenttypesofnetworks(suchas
EthernetandTokenRing),whereasbridgesandrepeaterscanconnectonly
segmentsofthesametype.
WideAreaNetworks
Internetworkingenablesanorganizationtobuildanetworkinfrastructureofalmost
unlimitedsize.InadditiontoconnectingmultipleLANsinthesamebuildingorcampus,
aninternetworkcanconnectLANsatdistantlocationsthroughtheuseofwidearea
networklinks.AWANisacollectionofLANs,someorallofwhichareconnectedusing
point-to-pointlinksthatspanrelativelylongdistances.AtypicalWANconnectionconsists
oftworouters,oneateachLANsite,connectedusingalong-distancelinksuchasaleased
telephoneline.AnycomputerononeoftheLANscancommunicatewiththeotherLAN
bydirectingitstraffictothelocalrouter,whichrelaysitovertheWANlinktotheother
site.
WANlinksdifferfromLANsinthattheydonotuseasharednetworkmediumand
theycanspanmuchlongerdistances.Becausethelinkconnectsonlytwosystems,thereis
noneedformediaaccesscontrolorasharednetworkmedium.Anorganizationwith
officeslocatedthroughouttheworldcanbuildaninternetworkthatprovidesuserswith
instantaneousaccesstonetworkresourcesatanylocation.TheWANlinksthemselvescan
usetechnologiesrangingfromtelephonelinestopublicdatanetworkstosatellitesystems.
UnlikeaLAN,whichisnearlyalwaysprivatelyownedandoperated,anoutsideservice
provider(suchasatelephonecompany)isnearlyalwaysinvolvedinaWANconnection
becauseprivateorganizationsdon’tusuallyownthetechnologiesneededtocarrysignals
oversuchlongdistances.Generallyspeaking,WANconnectionscanbeslowerandmore
expensivethanLANs,andsometimesmuchmoreso.Asaresult,oneofthegoalsofthe
networkadministratoristomaximizetheefficiencyofWANtrafficbyeliminating
unnecessarycommunicationsandchoosingthebesttypeoflinkfortheapplication.See
Chapter7formoreinformationonWANtechnologies.
TherearealsowirelessLAN/WANnetworksandmetropolitanareanetworks(MANs).
AMANhasthreefeaturesthatdifferentiateitfrombothaLANandaWAN:
•AMAN’ssizeisusuallybetweenthatofaLANandaWAN.Typically,it
coversbetween3and30miles(5to50km).AMANcanencompassseveral
buildings,acompanycampus,orasmalltown.
•AswithWANs,MANsarenormallyownedbyagrouporanetwork
provider.
•MANsareoftenusedasawaytoprovidesharedaccesstooneormore
WANs.
ProtocolsandStandards
Communicationsbetweencomputersonanetworkaredefinedbyprotocols,standardized
methodsthatthesoftwareprogramsonthecomputershaveincommon.Theseprotocols
defineeverypartofthecommunicationsprocess,fromthesignalstransmittedover
networkcablestothequerylanguagesthatenableapplicationsondifferentmachinesto
exchangemessages.Networkedcomputersrunaseriesofprotocols,calledaprotocol
stack,thatspansfromtheapplicationuserinterfaceatthetoptothephysicalnetwork
interfaceatthebottom.Thestackistraditionallysplitintosevenlayers.TheOpen
SystemsInterconnection(OSI)referencemodeldefinesthefunctionsofeachlayerand
howthelayersworktogethertoprovidenetworkcommunications.Chapter2coversthe
OSIreferencemodelindetail.
Earlynetworkingproductstendedtobeproprietarysolutionscreatedbyasingle
manufacturer,butastimepassed,interoperabilitybecameagreaterpriority,and
organizationswereformedtodevelopandratifynetworkingprotocolstandards.Mostof
thesebodiesareresponsibleforlargenumbersoftechnicalandmanufacturingstandardsin
manydifferentdisciplines.Today,mostoftheprotocolsincommonusearestandardized
bythesebodies,someofwhichareasfollows:
•InstituteofElectricalandElectronicEngineers(IEEE)AU.S.-based
societyresponsibleforthepublicationoftheIEEE802workinggroup,which
includesthestandardsthatdefinetheprotocolscommonlyknownasEthernetand
TokenRing,aswellasmanyothers.
•InternationalOrganizationforStandardization(ISO)Aworldwide
federationofstandardsbodiesfrommorethan100countries,responsibleforthe
publicationoftheOSIreferencemodeldocument.
•InternetEngineeringTaskForce(IETF)Anadhocgroupofcontributors
andconsultantswhocollaboratetodevelopandpublishstandardsforInternet
technologies,includingtheTCP/IPprotocols.
ClientsandServers
Localareanetworkingisbasedontheclient-serverprinciple,inwhichtheprocesses
neededtoaccomplishaparticulartaskaredividedbetweencomputersfunctioningas
clientsandservers.Thisisindirectcontrasttothemainframemodel,inwhichthecentral
computerdidalloftheprocessingandsimplytransmittedtheresultstoauserataremote
terminal.Aserverisacomputerrunningaprocessthatprovidesaservicetoother
computerswhentheyrequestit.Aclientisthecomputerrunningaprogramthatrequests
theservicefromaserver.
Forexample,aLAN-baseddatabaseapplicationstoresitsdataonaserver,which
standsby,waitingforclientstorequestinformationfromit.Usersatworkstation
computersrunadatabaseclientprograminwhichtheygeneratequeriesthatrequest
specificinformationinthedatabaseandtransmitthosequeriestotheserver.Theserver
respondstothequerieswiththerequestedinformationandtransmitsittotheworkstations,
whichformatitfordisplaytotheusers.Inthiscase,theworkstationsareresponsiblefor
providingauserinterfaceandtranslatingtheuserinputintoaquerylanguageunderstood
bytheserver.Theyarealsoresponsiblefortakingtherawdatafromtheserverand
displayingitinacomprehensibleformtotheuser.Theservermayhavetoservicedozens
orhundredsofclients,soitisstillapowerfulcomputer.Byoffloadingsomeofthe
application’sfunctionstotheworkstations,however,itsprocessingburdenisnowhere
nearwhatitwouldbeonamainframesystem.
OperatingSystemsandApplications
Clientsandserversareactuallysoftwarecomponents,althoughsomepeopleassociate
themwithspecifichardwareelements.Thisconfusionisbecausesomenetworkoperating
systemsrequirethatacomputerbededicatedtotheroleofserverandthatothercomputers
functionsolelyasclients.Thisisaclient-serveroperatingsystem,asopposedtoapeer-topeeroperatingsystem,inwhicheverycomputercanfunctionasbothaclientandaserver.
Themostbasicclient-serverfunctionalityprovidedbyanetworkoperatingsystem(NOS)
istheabilitytosharefilesystemdrivesandprinters,andthisiswhatusuallydefinesthe
clientandserverroles.Atitscore,aNOSmakesservicesavailabletoitsnetworkclients.
Thesystemcanprovidethefollowing:
•Printerservices,includingmanagingdevices,printjobs,whoisusingwhat
asset,andwhatassetsarenotavailabletothenetwork
•Managinguseraccesstofilesandotherresources,suchastheInternet
•Systemmonitoring,includingprovidingnetworksecurity
•Makingnetworkadministrationutilitiesavailabletonetworkadministrators
Apartfromtheinternalfunctionsofnetworkoperatingsystems,manyLAN
applicationsandnetworkservicesalsooperateusingtheclient-serverparadigm.Internet
applications,suchastheWorldWideWeb,consistofserversandclients,asdo
administrativeservicessuchastheDomainNameSystem(DNS).
Mostoftoday’sdesktopoperatingsystemsarecapableofprovidingsomeofthe
servicestraditionallyascribedtoNOSssincemanysmall-office/home-office(SOHO)
LANimplementationstakeadvantageofthefact.Understandingthismayhelpclarifythe
distinctionbetweenLANsthataretrulyclient-server,relyingonnetworkoperating
systems,andthosenetworkconfigurationsthatleveragepowerfulcomputerswithtoday’s
operatingsystems.Theseoperatingsystemsarenotlimitedtocomputers,butcaninclude
cellphones,tablets,andotherproductsthatarenotconsideredtobe“computers.”
CHAPTER
2
TheOSIReferenceModel
Networkcommunicationstakeplaceonmanylevelsandcanbedifficulttounderstand,
evenfortheknowledgeablenetworkadministrator.TheOpenSystemsInterconnection
(OSI)referencemodelisatheoreticalconstructionthatseparatesnetworkcommunications
intosevendistinctlayers,asshowninFigure2-1.Eachcomputeronthenetworkusesa
seriesofprotocolstoperformthefunctionsassignedtoeachlayer.Thelayerscollectively
formwhatisknownastheprotocolstackornetworkingstack.Atthetopofthestackis
theapplicationthatmakesarequestforaresourcelocatedelsewhereonthenetwork,and
atthebottomisthephysicalmediumthatactuallyconnectsthecomputersandformsthe
network,suchasacable.
Figure2-1TheOSIreferencemodelwithitssevenlayers
TheOSIreferencemodelwasdevelopedintwoseparateprojectsbytheInternational
OrganizationforStandardization(ISO)andtheComitéConsultatifInternational
TéléphoniqueetTélégraphique(ConsultativeCommitteeforInternationalTelephoneand
Telegraphy,orCCITT),whichisnowknownastheTelecommunicationsStandardization
SectoroftheInternationalTelecommunicationsUnion(ITU-T).Eachofthesetwobodies
developeditsownseven-layermodel,butthetwoprojectswerecombinedin1983,
resultinginadocumentcalled“TheBasicReferenceModelforOpenSystems
Interconnection”thatwaspublishedbytheISOasISO7498andbytheITU-TasX.200.
TheOSIstackwasoriginallyconceivedasthemodelforthecreationofaprotocol
suitethatwouldconformexactlytothesevenlayers.Thissuitenevermaterializedina
commercialform,however,andthemodelhassincebeenusedasateaching,reference,
andcommunicationstool.Networkingprofessionals,educators,andauthorsfrequently
refertoprotocols,devices,orapplicationsasoperatingataparticularlayeroftheOSI
modelbecauseusingthismodelbreaksacomplexprocessintomanageableunitsthat
provideacommonframeofreference.Manyofthechaptersinthisbookusethelayersof
themodeltohelpdefinenetworkingconcepts.However,itisimportanttounderstandthat
noneoftheprotocolstacksincommonusetodayconformsexactlytothelayersoftheOSI
model.Inmanycases,protocolshavefunctionsthatoverlaptwoormorelayers,suchas
Ethernet,whichisconsideredadatalinklayerprotocolbutwhichalsodefineselementsof
thephysicallayer.
TheprimaryreasonwhyrealprotocolstacksdifferfromtheOSImodelisthatmany
oftheprotocolsusedtoday(includingEthernet)wereconceivedbeforetheOSImodel
documentswerepublished.Infact,theTCP/IPprotocolshavetheirownlayeredmodel,
whichissimilartotheOSImodelinseveralwaysbutusesonlyfourlayers(seeFigure22).Inaddition,developersareusuallymoreconcernedwithpracticalfunctionalitythan
withconformingtoapreexistingmodel.Theseven-layermodelwasdesignedtoseparate
thefunctionsoftheprotocolstackinsuchawayastomakeitpossibleforseparate
developmentteamstoworkontheindividuallayers,thusstreamliningthedevelopment
process.However,ifasingleprotocolcaneasilyprovidethefunctionsthataredefinedas
belonginginseparatelayersofthemodel,whydivideitintotwoseparateprotocolsjust
forthesakeofconformity?
Figure2-2TheOSIreferencemodelandtheTCP/IPprotocolstack
CommunicationsBetweentheLayers
Networkingistheprocessofsendingmessagesfromoneplacetoanother,andthe
protocolstackillustratedintheOSImodeldefinesthebasiccomponentsneededto
transmitmessagestotheirdestinations.Thecommunicationprocessiscomplexbecause
theapplicationsthatgeneratethemessageshavevaryingrequirements.Somemessage
exchangesconsistofbriefrequestsandrepliesthathavetobeexchangedasquicklyas
possibleandwithaminimumamountofoverhead.Othernetworktransactions,suchas
programfiletransfers,involvethetransmissionoflargeramountsofdatathatmustreach
thedestinationinperfectcondition,withoutalterationofasinglebit.Stillother
transmissions,suchasstreamingaudioorvideo,consistofhugeamountsofdatathatcan
survivethelossofanoccasionalbit,byte,orpacket,butthatmustreachthedestinationin
atimelymanner.
Thenetworkingprocessalsoincludesanumberofconversionsthatultimatelytakethe
applicationprogramminginterface(API)callsgeneratedbyapplicationsandtransform
themintoelectricalcharges,pulsesoflight,orothertypesofsignalsthatcanbe
transmittedacrossthenetworkmedium.Finally,thenetworkingprotocolsmustseetoit
thatthetransmissionsreachtheappropriatedestinationsinatimelymanner.Justasyou
packagealetterbyplacingitinanenvelopeandwritinganaddressonit,thenetworking
protocolspackagethedatageneratedbyanapplicationandaddressittoanothercomputer
onthenetwork.
DataEncapsulation
Tosatisfyalloftherequirementsjustdescribed,theprotocolsoperatingatthevarious
layersworktogethertosupplyaunifiedqualityofservice.Eachlayerprovidesaservice
tothelayersdirectlyaboveandbelowit.Outgoingtraffictravelsdownthroughthestack
tothenetworkphysicalmedium,acquiringthecontrolinformationneededtomakethetrip
tothedestinationsystemasitgoes.Thiscontrolinformationtakestheformofheaders
(andinonecaseafooter)thatsurroundthedatareceivedfromthelayerabove,ina
processcalleddataencapsulation.Theheadersandfooterarecomposedofindividual
fieldsthatcontaincontrolinformation(necessary/requiredbythesystemtodeliver)used
togetthepackettoitsdestination.Inasense,theheadersandfooterformtheenvelope
thatcarriesthemessagereceivedfromthelayerabove.
Inatypicaltransaction,showninFigure2-3,anapplicationlayerprotocol(whichalso
includespresentationandsessionlayerfunctions)generatesamessagethatispasseddown
toatransportlayerprotocol.Theprotocolatthetransportlayerhasitsownpacket
structure,calledaprotocoldataunit(PDU),whichincludesspecializedheaderfieldsanda
datafieldthatcarriesthepayload.Inthiscase,thepayloadisthedatareceivedfromthe
applicationlayerprotocol.BypackagingthedatainitsownPDU,thetransportlayer
encapsulatestheapplicationlayerdataandthenpassesitdowntothenextlayer.
Figure2-3Theapplicationlayerdataisencapsulatedfortransmissionbytheprotocolsatthelowerlayersinthestack.
ThenetworklayerprotocolthenreceivesthePDUfromthetransportlayerand
encapsulatesitwithinitsownPDUbyaddingaheaderandusingtheentiretransportlayer
PDU(includingtheapplicationlayerdata)asitspayload.Thesameprocessoccursagain
whenthenetworklayerpassesitsPDUtothedatalinklayerprotocol,whichaddsaheader
andfooter.Toadatalinklayerprotocol,thedatawithintheframeistreatedaspayload
only,justaspostalemployeeshavenoideawhatisinsidetheenvelopestheyprocess.The
onlysystemthatreadstheinformationinthepayloadisthecomputerpossessingthe
destinationaddress.Thatcomputertheneitherpassesthenetworklayerprotocoldata
containedinthepayloadupthroughitsprotocolstackorusesthatdatatodeterminewhat
thenextdestinationofthepacketshouldbe.Inthesameway,theprotocolsoperatingat
theotherlayersareconsciousoftheirownheaderinformationbutareunawareofwhat
dataisbeingcarriedinthepayload.
Onceitisencapsulatedbythedatalinklayerprotocol,thecompletedpacket(now
calledaframe)isthenreadytobeconvertedtotheappropriatetypeofsignalusedbythe
networkmedium.Thus,thefinalpacket,astransmittedoverthenetwork,consistsofthe
originalapplicationlayerdataplusseveralheadersappliedbytheprotocolsatthe
succeedinglayers,asshowninFigure2-4.
Figure2-4Anencapsulatedframe,readyfortransmission
NOTEEachlayermusttranslatedataintoitsspecificformatbeforesendingit
on.Therefore,eachlayercreatesitsownPDUtotransmittothenext
layer.Aseachlayerreceivesdata,thePDUofthepreviouslayerisread,
andanewPDUiscreatedusingthatlayer’sprotocol.Remember,aPDU
isacompletemessage(orpacket)thatincludestheprotocolofthe
sendinglayer.Atthephysicallayer,youendupwithamessagethat
consistsofallthedatathathasbeenencapsulatedwiththeheadersand/or
footersfromeachofthepreviouslayers.
HorizontalCommunications
Fortwocomputerstocommunicateoveranetwork,theprotocolsusedateachlayerofthe
OSImodelinthetransmittingsystemmustbeduplicatedatthereceivingsystem.When
thepacketarrivesatitsdestination,theprocessbywhichtheheadersareappliedatthe
sourceisrepeatedinreverse.Thepackettravelsupthroughtheprotocolstack,andeach
successiveheaderisstrippedoffbytheappropriateprotocolandprocessed.Inessence,the
protocolsoperatingatthevariouslayerscommunicatehorizontallywiththeircounterparts
intheothersystem,asshowninFigure2-5.
Figure2-5Eachlayerhaslogicalconnectionswithitscounterpartinothersystems.
Thehorizontalconnectionsbetweenthevariouslayersarelogical;thereisnodirect
communicationbetweenthem.Theinformationincludedineachprotocolheaderbythe
transmittingsystemisamessagethatiscarriedtothesameprotocolinthedestination
system.
VerticalCommunications
Theheadersappliedbythevariousprotocolsimplementthespecificfunctionscarriedout
bythoseprotocols.Inadditiontocommunicatinghorizontallywiththesameprotocolin
theothersystem,theheaderinformationenableseachlayertocommunicatewiththe
layersaboveandbelowit,asshowninFigure2-6.Forexample,whenasystemreceivesa
packetandpassesitupthroughtheprotocolstack,thedatalinklayerprotocolheader
includesafieldthatidentifieswhichnetworklayerprotocolthesystemshoulduseto
processthepacket.Thenetworklayerprotocolheaderinturnspecifiesoneofthetransport
layerprotocols,andthetransportlayerprotocolidentifiestheapplicationforwhichthe
dataisultimatelydestined.Thisverticalcommunicationmakesitpossibleforacomputer
tosupportmultipleprotocolsateachofthelayerssimultaneously.Aslongasapackethas
thecorrectinformationinitsheaders,itcanberoutedontheappropriatepaththroughthe
stacktotheintendeddestination.
Figure2-6EachlayerintheOSImodelcommunicateswiththelayeraboveandbelowit.
EncapsulationTerminology
Oneofthemostconfusingaspectsofthedataencapsulationprocessistheterminology
usedtodescribethePDUsgeneratedbyeachlayer.Thetermpacketspecificallyrefersto
thecompleteunittransmittedoverthenetworkmedium,althoughitalsohasbecomea
generictermforthedataunitatanystageintheprocess.Mostdatalinklayerprotocolsare
saidtoworkwithframesbecausetheyincludebothaheaderandafooterthatsurroundthe
datafromthenetworklayerprotocol.ThetermframereferstoaPDUofvariablesize,
dependingontheamountofdataenclosed.AdatalinklayerprotocolthatusesPDUsofa
uniformsize,suchasAsynchronousTransferMode(ATM),issaidtodealincells.
Whentransportlayerdataisencapsulatedbyanetworklayerprotocol,suchasthe
InternetProtocol(IP)orInternetworkPacketExchange(IPX),theresultingPDUiscalled
adatagram.Duringthecourseofitstransmission,adatagrammightbesplitinto
fragments,eachofwhichissometimesincorrectlycalledadatagram.Theterminologyat
thetransportlayerismoreprotocol-specificthanatthelowerlayers.TCP/IP,forexample,
hastwotransportlayerprotocols.Thefirst,calledtheUserDatagramProtocol(UDP),
alsoreferstothePDUsitcreatesasdatagrams,althoughthesearenotsynonymouswith
thedatagramsproducedatthenetworklayer.
WhentheUDPprotocolatthetransportlayerisencapsulatedbytheIPprotocolatthe
networklayer,theresultisadatagrampackagedwithinanotherdatagram.Thedifference
betweenUDPandtheTransmissionControlProtocol(TCP),whichalsooperatesatthe
transportlayer,isthatUDPdatagramsareself-containedunitsthatweredesignedto
containtheentiretyofthedatageneratedbytheapplicationlayerprotocol.Therefore,
UDPistraditionallyusedtotransmitsmallamountsofdata,whileTCP,ontheotherhand,
isusedtotransmitlargeramountsofapplicationlayerdatathatusuallydonotfitintoa
singlepacket.Asaresult,eachofthePDUsproducedbytheTCPprotocoliscalleda
segment,andthecollectionofsegmentsthatcarrytheentiretyoftheapplicationlayer
protocoldataiscalledasequence.ThePDUproducedbyanapplicationlayerprotocolis
typicallycalledamessage.Thesessionandpresentationlayersareusuallynotassociated
withindividualprotocols.Theirfunctionsareincorporatedintootherelementsofthe
protocolstack,andtheydonothavetheirownheadersorPDUs.Allofthesetermsare
frequentlyconfused,anditisnotsurprisingtoseeevenauthoritativedocumentsusethem
incorrectly.
NOTEWhileTCPisoftenusedtotransmitdatapacketstoday,thereare
instanceswhereUDPissuitable.Forexample,UDPisusedwhennewer
datawillreplacepreviousdata,suchasinvideostreamingorgaming.As
anotherexampleoftheneedfornewerdata,considerweatherinformation
thatmustbeupdatedquicklyduringinclementweather.Also,sinceTCP
isaconnection-oriented,streamingprotocol,UDPisthepreferredwayto
multicast(senddataacrossanetworktoseveralusersatthesametime).
ThefollowingsectionsexamineeachofthesevenlayersoftheOSIreferencemodel
inturn,thefunctionsthatareassociatedwitheach,andtheprotocolsthataremost
commonlyusedatthoselayers.Asyouproceedthroughthisbook,youwilllearnmore
abouteachoftheindividualprotocolsandtheirrelationshipstotheotherelementsofthe
protocolstack.
ThePhysicalLayer
ThephysicallayeroftheOSImodeldefinestheactualmediumthatcarriesdatafromone
computertoanother.Thetwomostcommontypesofphysicallayerusedindata
networkingarecopper-basedelectricalcableandfiber-opticcable.Anumberofwireless
physicallayerimplementationsuseradiowaves,infraredorlaserlight,microwaves,and
othertechnologies.Thephysicallayerincludesthetypeoftechnologyusedtocarrythe
data,thetypeofequipmentusedtoimplementthattechnology,thespecificationsofhow
theequipmentshouldbeinstalled,andthenatureofthesignalsusedtoencodethedatafor
transmission.
Forexample,formanyyears,themostpopularphysicallayerstandardsusedforlocal
areanetworkingwas10Base-TEthernet.Ethernetisprimarilythoughtofasadatalink
layerprotocol.However,aswithmostprotocolsfunctioningatthedatalinklayer,Ethernet
includesspecificphysicallayerimplementations,andthestandardsfortheprotocoldefine
theelementsofthephysicallayeraswell.10Base-Treferredtothetypeofcableusedto
formaparticulartypeofEthernetnetwork.TheEthernetstandarddefined10Base-Tasan
unshieldedtwisted-paircable(UTP)containingfourpairsofcopperwiresenclosedina
singlesheath.Today,Ethernetisfoundatmuchfasterspeedssuchas100Base-Trunning
at100megabitspersecond,or1000Base-T,whichrunsat1gigabitpersecond.
NOTEThephysicallayerusesthebinarydatasuppliedbythedatalinklayer
protocoltoencodethedataintopulsesoflight,electricalvoltages,or
otherimpulsessuitablefortransmissionoverthenetworkmedium.
However,theconstructionofthecableitselfisnottheonlyphysicallayerelement
involved.ThestandardsusedtobuildanEthernetnetworkalsodefinehowtoinstallthe
cable,includingmaximumsegmentlengthsanddistancesfrompowersources.The
standardsspecifywhatkindofconnectorsyouusetojointhecable,thetypeofnetwork
interfacecard(NIC)toinstallinthecomputer,andthetypeofhubyouusetojointhe
computersintoanetworktopology.Finally,thestandardspecifieshowtheNICshould
encodethedatageneratedbythecomputerintoelectricalimpulsesthatcanbetransmitted
overthecable.
Thus,youcanseethatthephysicallayerencompassesmuchmorethanatypeof
cable.However,yougenerallydon’thavetoknowthedetailsabouteveryelementofthe
physicallayerstandard.WhenyoubuyEthernetNICs,cables,andhubs,theyarealready
constructedtotheEthernetspecificationsanddesignedtousethepropersignalingscheme.
Installingtheequipment,however,canbemorecomplicated.
PhysicalLayerSpecifications
WhileitisrelativelyeasytolearnenoughaboutaLANtechnologytopurchasethe
appropriateequipment,installingthecable(orothermedium)ismuchmoredifficult
becauseyoumustbeawareofallthespecificationsthataffecttheprocess.Forexample,
theEthernetstandardspublishedbytheIEEE802.3workinggroupspecifythebasic
wiringconfigurationguidelinesthatpertaintotheprotocol’smediaaccesscontrol(MAC)
andcollisiondetectionmechanisms.Theserulesspecifyelementssuchasthemaximum
lengthofacablesegment,thedistancebetweenworkstations,andthenumberofrepeaters
permittedonanetwork.TheseguidelinesarecommonknowledgetoEthernetnetwork
administrators,buttheserulesalonearenotsufficienttoperformalargecableinstallation.
Inaddition,therearelocalbuildingcodestoconsider,whichmighthaveagreateffectona
cableinstallation.Forthesereasons,largephysicallayerinstallationsshould,inmost
cases,beperformedbyprofessionalswhoarefamiliarwithallofthestandardsthatapply
totheparticulartechnologyinvolved.SeeChapter4formoreinformationonnetwork
cablingandcableinstallation.
NOTEThelatestrevisiontotheIEEE802.3“StandardforEthernet”was
publishedinSeptember2012.Itwasamendedto“addressnewmarkets,
bandwidthspeeds,andmediatypes”accordingtotheIEEEwebsiteat
http://standards.ieee.org.
NOTECollisiondetectioniswhenonedevice(ornode)onanetwork
determinesthatdatahas“collided.”Thisissimilartotwopeoplecoming
througharevolvingdooratthesametime,butinthatcase,oneperson
canseetheotherpersonandstops.Ifonenodehearsadistortedversion
ofitsowntransmission,thatnodeunderstandsthatacollisionhas
occurredand,justlikethepersonwhostopstoallowtheothertogo
throughtherevolvingdoor,thatnodewillstopthetransmissionandwait
forsilenceonthenetworktosenditsdata.
PhysicalLayerSignaling
Theprimaryoperativecomponentofaphysicallayerinstallationisthetransceiverfound
inNICs,repeatinghubs,andotherdevices.Thetransceiver,asthenameimplies,is
responsiblefortransmittingandreceivingsignalsoverthenetworkmedium.Onnetworks
usingcoppercable,thetransceiverisanelectricaldevicethattakesthebinarydatait
receivesfromthedatalinklayerprotocolandconvertsitintosignalsofvariousvoltages.
Unlikealloftheotherlayersintheprotocolstack,thephysicallayerisnotconcernedin
anywaywiththemeaningofthedatabeingtransmitted.Thetransceiversimplyconverts
zerosandonesintovoltages,pulsesoflight,radiowaves,orsomeothertypeofsignal,but
itiscompletelyoblivioustopackets,frames,addresses,andeventhesystemreceivingthe
signal.
Thesignalsgeneratedbyatransceivercanbeeitheranalogordigital.Mostdata
networksusedigitalsignals,butsomeofthewirelesstechnologiesuseanalogradio
transmissionstocarrydata.Analogsignalstransitionbetweentwovaluesgradually,
formingthesinewavepatternshowninFigure2-7,whiledigitalvaluetransitionsare
immediateandabsolute.Thevaluesofananalogsignalcanbedeterminedbyvariationsin
amplitude,frequency,phase,oracombinationoftheseelements,asinamplitude
modulated(AM)orfrequencymodulated(FM)radiosignalsorinanalogphaselooplock
(PLL)circuits.
Figure2-7Analogsignalsformwavepatterns.
Theuseofdigitalsignalsismuchmorecommonindatanetworking,however.Allof
thestandardcopperandfiber-opticmediausevariousformsofdigitalsignaling.The
signalingschemeisdeterminedbythedatalinklayerprotocolbeingused.AllEthernet
networks,forexample,usetheManchesterencodingscheme,whethertheyarerunning
overtwisted-pair,coaxial,orfiber-opticcable.Digitalsignalstransitionbetweenvalues
almostinstantaneously,producingthesquarewaveshowninFigure2-8.Dependingonthe
networkmedium,thevaluescanrepresentelectricalvoltages,thepresenceorabsenceofa
beamoflight,oranyotherappropriateattributeofthemedium.Inmostcases,thesignalis
producedwithtransitionsbetweenapositivevoltageandanegativevoltage,although
someuseazerovalueaswell.Givenastablevoltagewithincircuitspecifications,the
transitionscreatethesignal.
Figure2-8Polarencoding
NOTEDigitalsignalsaresusceptibletovoltagedegradation;adigitalcircuit
designedfora5-voltapplicationwillmostlikelybehaveerroneouslyif
voltageattenuationresultsinsignalsof3volts,meaningthecircuitwill
nownotbeabletodistinguishwhethertherewasatransitioneventsince
thesignalisbelowthedesignthreshold.
Figure2-8illustratesasimplesignalingschemecalledpolarsignaling.Inthisscheme,
thesignalisbrokenupintounitsoftimecalledcells,andthevoltageofeachcelldenotes
itsbinaryvalue.Apositivevoltageisazero,andanegativevoltageisaone.This
signalingcodewouldseemtobeasimpleandlogicalmethodfortransmittingbinary
information,butithasonecrucialflaw,andthatistiming.Whenthebinarycodeconsists
oftwoormoreconsecutivezerosorones,thereisnovoltagetransitionforthedurationof
twoormorecells.Unlessthetwocommunicatingsystemshaveclocksthatareprecisely
synchronized,itisimpossibletotellforcertainwhetheravoltagethatremainscontinuous
foraperiodoftimerepresentstwo,three,ormorecellswiththesamevalue.Remember
thatthesecommunicationsoccuratincrediblyhighratesofspeed,sothetimingintervals
involvedareextremelysmall.
Somesystemscanusethistypeofsignalbecausetheyhaveanexternaltimingsignal
thatkeepsthecommunicatingsystemssynchronized.However,manydatanetworksrun
overabasebandmediumthatpermitsthetransmissionofonlyonesignalatatime.Asa
result,thesenetworksuseadifferenttypeofsignalingscheme,onethatisself-timing.In
otherwords,thedatasignalitselfcontainsatimingsignalthatenablesthereceiving
systemtocorrectlyinterpretthevaluesandconvertthemintobinarydata.
TheManchesterencodingschemeusedonEthernetnetworksisaself-timingsignalby
virtueofthefactthateverycellhasavaluetransitionatitsmidpoint.Thisdelineatesthe
boundariesofthecellstothereceivingsystem.Thebinaryvaluesarespecifiedbythe
directionofthevaluetransition;apositive-to-negativetransitionindicatesavalueofzero,
andanegative-to-positivetransitionindicatesavalueofone(seeFigure2-9).Thevalue
transitionsatthebeginningsofthecellshavenofunctionotherthantosetthevoltageto
theappropriatevalueforthemidcelltransition.
Figure2-9TheManchesterencodingscheme
TokenRingnetworksuseadifferentencodingschemecalledDifferentialManchester,
whichalsohasavaluetransitionatthemidpointofeachcell.However,inthisscheme,the
directionofthetransitionisirrelevant;itexistsonlytoprovideatimingsignal.Thevalue
ofeachcellisdeterminedbythepresenceorabsenceofatransitionatthebeginningofthe
cell.Ifthetransitionexists,thevalueofthecelliszero;ifthereisnotransition,thevalue
ofthecellisone(seeFigure2-10).Aswiththemidpointtransition,thedirectionofthe
transitionisirrelevant.
Figure2-10TheDifferentialManchesterencodingscheme
TheDataLinkLayer
Thedatalinklayerprotocolprovidestheinterfacebetweenthephysicalnetworkandthe
protocolstackonthecomputer.Adatalinklayerprotocoltypicallyconsistsofthree
elements:
•Theformatfortheframethatencapsulatesthenetworklayerprotocoldata
•Themechanismthatregulatesaccesstothesharednetworkmedium
•Theguidelinesusedtoconstructthenetwork’sphysicallayer
Theheaderandfooterappliedtothenetworklayerprotocoldatabythedatalinklayer
protocolaretheoutermostonthepacketasitistransmittedacrossthenetwork.Thisframe
is,inessence,theenvelopethatcarriesthepackettoitsnextdestinationand,therefore,
providesthebasicaddressinginformationneededtogetitthere.Inaddition,datalink
layerprotocolsusuallyincludeanerror-detectionfacilityandanindicatorthatspecifies
thenetworklayerprotocolthatthereceivingsystemshouldusetoprocessthedata
includedinthepacket.
OnmostLANs,multiplesystemsaccessasinglesharedbasebandnetworkmedium.
Thismeansthatonlyonecomputercantransmitdataatanyonetime.Iftwoormore
systemstransmitsimultaneously,acollisionoccurs,andthedataislost.Thedatalink
layerprotocolisresponsibleforcontrollingaccesstothesharedmediumandpreventing
anexcessofcollisions.
Whenspeakingofthedatalinklayer,thetermsprotocolandtopologyareoften
confused,buttheyarenotsynonymous.Ethernetissometimescalledatopologywhenthe
topologyactuallyreferstothewayinwhichthecomputersonthenetworkarecabled
together.SomeformsofEthernetuseabustopology,inwhicheachofthecomputersis
cabledtothenextoneinadaisy-chainfashion,whilethestartopology,inwhicheach
computeriscabledtoacentralhub,ismoreprevalenttoday.Aringtopologyisabuswith
theendsjoinedtogether,andameshtopologyisoneinwhicheachcomputerhasacable
connectiontoeveryothercomputeronthenetwork.Theselasttwotypesaremainly
theoretical;LANstodaydonotusethem.TokenRingnetworksusealogicalring,butthe
computersareactuallycabledusingastartopology.Thisconfusionisunderstandable
sincemostdatalinklayerprotocolsincludeelementsofthephysicallayerintheir
specifications.Itisnecessaryforthedatalinklayerprotocoltobeintimatelyrelatedtothe
physicallayerbecausemediaaccesscontrolmechanismsarehighlydependentonthesize
oftheframesbeingtransmittedandthelengthsofthecablesegments.
Addressing
Thedatalinklayerprotocolheadercontainstheaddressofthecomputersendingthe
packetandthecomputerthatistoreceiveit.Theaddressesusedatthislayerarethe
hardware(orMAC)addressesthatinmostcasesarehard-codedintothenetworkinterface
ofeachcomputerandrouterbythemanufacturer.OnEthernetandTokenRingnetworks,
theaddressesare6byteslong,thefirst3bytesofwhichareassignedtothemanufacturer
bytheInstituteofElectricalandElectronicEngineers(IEEE),andthesecond3bytesof
whichareassignedbythemanufacturer.Someolderprotocolsusedaddressesassignedby
thenetworkadministrator,butthefactory-assignedaddressesaremoreefficient,insofaras
theyensurethatnoduplicationcanoccur.
Thedatalinklayerprotocoldoesthefollowing:
•Providespacketaddressingservices
•Packagesthenetworklayerdatafortransmission
•Arbitratesnetworkaccess
•Checkstransmittedpacketsforerrors
Datalinklayerprotocolsarenotconcernedwiththedeliveryofthepackettoits
ultimatedestination,unlessthatdestinationisonthesameLANasthesource.Whena
packetpassesthroughseveralnetworksonthewaytoitsdestination,thedatalinklayer
protocolisresponsibleonlyforgettingthepackettotherouteronthelocalnetworkthat
providesaccesstothenextnetworkonitsjourney.Thus,thedestinationaddressinadata
linklayerprotocolheaderalwaysreferencesadeviceonthelocalnetwork,evenifthe
ultimatedestinationofthemessageisacomputeronanetworkmilesaway.
ThedatalinklayerprotocolsusedonLANsrelyonasharednetworkmedium.Every
packetistransmittedtoallofthecomputersonthenetworksegment,andonlythesystem
withtheaddressspecifiedasthedestinationreadsthepacketintoitsmemorybuffersand
processesit.Theothersystemssimplydiscardthepacketwithouttakinganyfurther
action.
MediaAccessControl
Mediaaccesscontrolistheprocessbywhichthedatalinklayerprotocolarbitratesaccess
tothenetworkmedium.Inorderforthenetworktofunctionefficiently,eachofthe
workstationssharingthecableorothermediummusthaveanopportunitytotransmitits
dataonaregularbasis.Thisiswhythedatatobetransmittedissplitintopacketsinthe
firstplace.Ifcomputerstransmittedalloftheirdatainacontinuousstream,theycould
conceivablymonopolizethenetworkforextendedperiodsoftime.
Twobasicformsofmediaaccesscontrolareusedonmostoftoday’sLANs.Thetoken
passingmethod,usedbyTokenRingandFDDIsystems,usesaspecialframecalleda
tokenthatispassedfromoneworkstationtoanother.Onlythesysteminpossessionofthe
tokenisallowedtotransmititsdata.Aworkstation,onreceivingthetoken,transmitsits
dataandthenreleasesthetokentothenextworkstation.Sincethereisonlyonetokenon
thenetworkatanytime(assumingthatthenetworkisfunctioningproperly),itisn’t
possiblefortwosystemstotransmitatthesametime.
Theothermethod,usedonEthernetnetworks,iscalledCarrierSenseMultipleAccess
withCollisionDetection(CSMA/CD).Inthismethod,whenaworkstationhasdatato
send,itlistenstothenetworkcableandtransmitsifthenetworkisnotinuse.On
CSMA/CDnetworks,itispossible(andevenexpected)forworkstationstotransmitatthe
sametime,resultinginpacketcollisions.Tocompensateforthis,eachsystemhasa
mechanismthatenablesittodetectcollisionswhentheyoccurandretransmitthedatathat
waslost.
BothoftheseMACmechanismsrelyonthephysicallayerspecificationsforthe
networktofunctionproperly.Forexample,anEthernetsystemcandetectcollisionsonlyif
theyoccurwhiletheworkstationisstilltransmittingapacket.Ifanetworksegmentistoo
long,acollisionmayoccurafterthelastbitofdatahasleftthetransmittingsystemand
thusmaygoundetected.Thedatainthatpacketisthenlost,anditsabsencecanbe
detectedonlybytheupperlayerprotocolsinthesystemthataretheultimatedestinations
ofthemessage.Thisprocesstakesarelativelylongtimeandsignificantlyreducesthe
efficiencyofthenetwork.Thus,whiletheOSIreferencemodelmightcreateaneat
divisionbetweenthephysicalanddatalinklayers,intherealworld,thefunctionalityof
thetwoismorecloselyintertwined.
ProtocolIndicator
Mostdatalinklayerprotocolimplementationsaredesignedtosupporttheuseofmultiple
networklayerprotocolsatthesametime.Thismeansthereareseveralpossiblepaths
throughtheprotocolstackoneachcomputer.Tousemultipleprotocolsatthenetwork
layer,thedatalinklayerprotocolheadermustincludeacodethatspecifiesthenetwork
layerprotocolthatwasusedtogeneratethepayloadinthepacket.Thisrequirementisso
thatthereceivingsystemcanpassthedataenclosedintheframeuptotheappropriate
networklayerprocess.
ErrorDetection
Mostdatalinklayerprotocolsareunlikealloftheupperlayerprotocolsinthatthey
includeafooterthatfollowsthepayloadfieldinadditiontotheheaderthatprecedesit.
Thisfootercontainsaframechecksequence(FCS)fieldthatthereceivingsystemusesto
detectanyerrorsthathaveoccurredduringthetransmission.Todothis,thesystem
transmittingthepacketcomputesacyclicalredundancycheck(CRC)valueontheentire
frameandincludesitintheFCSfield.Whenthepacketreachesitsnextdestination,the
receivingsystemperformsthesamecomputationandcomparesitsresultswiththevalue
intheFCSfield.Ifthevaluesdonotmatch,thepacketisassumedtohavebeendamaged
intransitandissilentlydiscarded.
Thereceivingsystemtakesnoactiontohavediscardedpacketsretransmitted;thisis
leftuptotheprotocolsoperatingattheupperlayersoftheOSImodel.Thiserror-detection
processoccursateachhopinthepacket’sjourneytoitsdestination.Someupper-layer
protocolshavetheirownmechanismsforend-to-enderrordetection.
TheNetworkLayer
Thenetworklayerprotocolistheprimaryend-to-endcarrierformessagesgeneratedby
theapplicationlayer.Thismeansthat,unlikethedatalinklayerprotocol,whichis
concernedonlywithgettingthepackettoitsnextdestinationonthelocalnetwork,the
networklayerprotocolisresponsibleforthepacket’sentirejourneyfromthesource
systemtoitsultimatedestination.Anetworklayerprotocolacceptsdatafromthetransport
layerandpackagesitintoadatagrambyaddingitsownheader.Likeadatalinklayer
protocolheader,theheaderatthenetworklayercontainstheaddressofthedestination
system,butthisaddressidentifiesthepacket’sfinaldestination.Thus,thedestination
addressesinthedatalinklayerandnetworklayerprotocolheadersmayactuallyreferto
twodifferentcomputers.Thenetworklayerprotocoldatagramisessentiallyanenvelope
withinthedatalinklayerenvelope,andwhilethedatalinklayerenvelopeisopenedby
everysystemthatprocessesthepacket,thenetworklayerenveloperemainssealeduntil
thepacketreachesitsfinaldestination.
Thenetworklayerprotocolprovides
•End-to-endaddressing
•Internetroutingservices
•Packetfragmentationandreassembly
•Errorchecking
Routing
Networklayerprotocolsusedifferenttypesofaddressingsystemstoidentifytheultimate
destinationofapacket.Themostpopularnetworklayerprotocol,theInternetProtocol
(IP),providesitsown32-bitaddressspacethatidentifiesboththenetworkonwhichthe
destinationsystemresidesandthesystemitself.
Anaddressbywhichindividualnetworkscanbeuniquelyidentifiedisvitaltothe
performanceofthenetworklayerprotocol’sprimaryfunction,whichisrouting.Whena
packettravelsthroughalargecorporateinternetworkortheInternet,itispassedfrom
routertorouteruntilitreachesthenetworkonwhichthedestinationsystemislocated.
Properlydesignednetworkshavemorethanonepossibleroutetoaparticulardestination,
forfault-tolerancereasons,andtheInternethasmillionsofpossibleroutes.Eachrouteris
responsiblefordeterminingthenextrouterthatthepacketshouldusetotakethemost
efficientpathtoitsdestination.Becausedatalinklayerprotocolsarecompletelyignorant
ofconditionsoutsideofthelocalnetwork,itisleftuptothenetworklayerprotocolto
chooseanappropriateroutewithaneyeontheend-to-endjourneyofthepacket,notjust
thenextinterimhop.
Thenetworklayerdefinestwotypesofcomputersthatcanbeinvolvedinapacket
transmission:endsystemsandintermediatesystems.Anendsystemiseitherthecomputer
generatingandtransmittingthepacketorthecomputerthatistheultimaterecipientofthe
packet.Anintermediatesystemisarouterorswitchthatconnectstwoormorenetworks
andforwardspacketsonthewaytotheirdestinations.Onendsystems,allsevenlayersof
theprotocolstackareinvolvedineitherthecreationorthereceptionofthepacket.On
intermediatesystems,packetsarriveandtravelupthroughthestackonlyashighasthe
networklayer.Thenetworklayerprotocolchoosesarouteforthepacketandsendsitback
downtoadatalinklayerprotocolforpackagingandtransmissionatthephysicallayer.
NOTEOnintermediatesystems,packetstravelnohigherthanthenetwork
layer.
Whenanintermediatesystemreceivesapacket,thedatalinklayerprotocolchecksit
forerrorsandforthecorrecthardwareaddressandthenstripsoffthedatalinkheaderand
footerandpassesituptothenetworklayerprotocolidentifiedbytheEthernet-typefield
oritsequivalent.Atthispoint,thepacketconsistsofadatagram—thatis,anetworklayer
protocolheaderandapayloadthatwasgeneratedbythetransportlayerprotocolonthe
sourcesystem.Thenetworklayerprotocolthenreadsthedestinationaddressintheheader
anddetermineswhatthepacket’snextdestinationshouldbe.Ifthedestinationisa
workstationonalocalnetwork,theintermediatesystemtransmitsthepacketdirectlyto
thatworkstation.Ifthedestinationisonadistantnetwork,theintermediatesystem
consultsitsroutingtabletoselecttherouterthatprovidesthemostefficientpathtothat
destination.
Thecompilationandstorageofroutinginformationinareferencetableisaseparate
networklayerprocessthatisperformedeithermanuallybyanadministratoror
automaticallybyspecializednetworklayerprotocolsthatroutersusetoexchange
informationaboutthenetworkstowhichtheyareconnected.Onceithasdeterminedthe
nextdestinationforthepacket,thenetworklayerprotocolpassestheinformationdownto
thedatalinklayerprotocolwiththedatagramsothatitcanbepackagedinanewframe
andtransmitted.WhentheIPprotocolisrunningatthenetworklayer,anadditional
processisrequiredinwhichtheIPaddressofthenextdestinationisconvertedintoa
hardwareaddressthatthedatalinklayerprotocolcanuse.
Fragmenting
Becauserouterscanconnectnetworksthatusedifferentdatalinklayerprotocols,itis
sometimesnecessaryforintermediatesystemstosplitdatagramsintofragmentsto
transmitthem.If,forexample,aworkstationonaTokenRingnetworkgeneratesapacket
containing4,500bytesofdata,anintermediatesystemthatjoinstheTokenRingnetwork
toanEthernetnetworkmustsplitthedataintofragmentsbetween64and1,518bytes
because1,518bytesisthelargestamountofdatathatanEthernetframecancarry.
Dependingonthedatalinklayerprotocolsusedbythevariousintermediatenetworks,
thefragmentsofadatagrammaybefragmentedthemselves.Datagramsorfragmentsthat
arefragmentedbyintermediatesystemsarenotreassembleduntiltheyreachtheirfinal
destinations.
Connection-OrientedandConnectionlessProtocols
Therearetwotypesofend-to-endprotocolsthatoperateatthenetworkandtransport
layers:connection-orientedandconnectionless.Thetypeofprotocolusedhelpsto
determinewhatotherfunctionsareperformedateachlayer.Aconnection-oriented
protocolisoneinwhichalogicalconnectionbetweenthesourceandthedestination
systemisestablishedbeforeanyupper-layerdataistransmitted.Oncetheconnectionis
established,thesourcesystemtransmitsthedata,andthedestinationsystemacknowledges
itsreceipt.Afailuretoreceivetheappropriateacknowledgmentsservesasasignaltothe
senderthatpacketshavetoberetransmitted.Whenthedatatransmissioniscompleted
successfully,thesystemsterminatetheconnection.Byusingthistypeofprotocol,the
sendingsystemiscertainthatthedatahasarrivedatthedestinationsuccessfully.Thecost
ofthisguaranteedserviceistheadditionalnetworktrafficgeneratedbytheconnection
establishment,acknowledgment,andterminationmessages,aswellasasubstantially
largerprotocolheaderoneachdatapacket.
Aconnectionlessprotocolsimplypackagesdataandtransmitsittothedestination
addresswithoutcheckingtoseewhetherthedestinationsystemisavailableandwithout
expectingpacketacknowledgments.Inmostcases,connectionlessprotocolsareused
whenaprotocolhigherupinthenetworkingstackprovidesconnection-orientedservices,
suchasguaranteeddelivery.Theseadditionalservicescanalsoincludeflowcontrol(a
mechanismforregulatingthespeedatwhichdataistransmittedoverthenetwork),error
detection,anderrorcorrection.
MostoftheLANprotocolsoperatingatthenetworklayer,suchasIPandIPX,are
connectionless.Inbothcases,variousprotocolsareavailableatthetransportlayerto
providebothconnectionlessandconnection-orientedservices.Ifyouarerunninga
connection-orientedprotocolatonelayer,thereisusuallynoreasontouseoneatanother
layer.Theobjectoftheprotocolstackistoprovideonlytheservicesthatanapplication
needs,andnomore.
TheTransportLayer
Onceyoureachthetransportlayer,theprocessofgettingpacketsfromtheirsourcetotheir
destinationisnolongeraconcern.Thetransportlayerprotocolsandallthelayersabove
themrelycompletelyonthenetworkanddatalinklayersforaddressingandtransmission
services.Asdiscussedearlier,packetsbeingprocessedbyintermediatesystemstravelonly
ashighasthenetworklayer,sothetransport-layerprotocolsoperateononlythetwoend
systems.ThetransportlayerPDUconsistsofaheaderandthedataithasreceivedfrom
theapplicationlayerabove,whichisencapsulatedintoadatagrambythenetworklayer
below.
Thetransportlayerprovidesdifferentlevelsofservicedependingontheneedsofthe
application:
•Packetacknowledgment
•Guaranteeddelivery
•Flowcontrol
•End-to-enderrorchecking
Oneofthemainfunctionsofthetransportlayerprotocolistoidentifytheupper-layer
processesthatgeneratedthemessageatthesourcesystemandthatwillreceivethe
messageatthedestinationsystem.ThetransportlayerprotocolsintheTCP/IPsuite,for
example,useportnumbersintheirheaderstoidentifyupper-layerservices.
ProtocolServiceCombinations
Datalinkandnetworklayerprotocolsoperatetogetherinterchangeably;youcanuse
almostanydatalinklayerprotocolwithanynetworklayerprotocol.However,transport
layerprotocolsarecloselyrelatedtoaparticularnetworklayerprotocolandcannotbe
interchanged.Thecombinationofanetworklayerprotocolandatransportlayerprotocol
providesacomplementarysetofservicessuitableforaspecificapplication.Asatthe
networklayer,transportlayerprotocolscanbeconnectionoriented(CO)orconnectionless
(CL).TheOSImodeldocumentdefinesfourpossiblecombinationsofCOandCL
protocolsatthesetwolayers,dependingontheservicesrequired,asshowninFigure2-11.
Theprocessofselectingacombinationofprotocolsforaparticulartaskiscalledmapping
atransportlayerserviceontoanetworklayerservice.
Figure2-11Anyconfigurationofconnection-orientedandconnectionlessprotocolscanbeused.
Theselectionofaprotocolatthetransportlayerisbasedontheneedsofthe
applicationgeneratingthemessageandtheservicesalreadyprovidedbytheprotocolsat
thelowerlayers.TheOSIdocumentdefinesfivetheoreticalclassesoftransportlayer
protocol,asshownhere:
•TP0Thisclassdoesnotprovideanyadditionalfunctionalitybeyond
fragmentingandreassemblyfunctions.Thisclassdeterminesthesizeofthe
smallestPDUrequiredbyanyoftheunderlyingnetworksandsegmentsas
needed.
•TP1ThisclassperformsthefunctionsofTP0plusprovidingthecapability
tocorrecterrorsthathavebeendetectedbytheprotocolsoperatingatthelower
layers.
•TP2Thisclassprovidesfragmentationandreassemblyfunctions,
multiplexing,anddemultiplexingandincludescodesthatidentifytheprocessthat
generatedthepacketandthatwillprocessitatthedestination,thusenablingthe
trafficfrommultipleapplicationstobecarriedoverasinglenetworkmedium.
•TP3Thisclassofferserrorrecovery,segmentation,reassembly,
multiplexing,anddemultiplexing.ItcombinestheservicesprovidedbyTP1and
TP2.
•TP4Thisclassprovidescompleteconnection-orientedservice,including
errordetectionandcorrection,flowcontrol,andotherservices.Itassumestheuse
ofaconnectionlessprotocolatthelowerlayersthatprovidesnoneofthese
services.
Thisclassificationoftransportlayerservicesisanotherplacewherethetheoretical
constructsoftheOSImodeldiffersubstantiallyfromreality.Noprotocolsuiteincommon
usehasfivedifferenttransportlayerprotocolsconformingtotheseclasses.Mostofthe
suites,likeTCP/IP,havetwoprotocolsthatbasicallyconformtotheTP0andTP4classes,
providingconnectionlessandconnection-orientedservices,respectively.
TransportLayerProtocolFunctions
TheUDPprotocolisaconnectionlessservicethat,togetherwithIPatthenetworklayer,
providesminimalservicesforbrieftransactionsthatdonotneedtheservicesofa
connection-orientedprotocol.DomainNameSystem(DNS)transactions,forexample,
generallyconsistofshortmessagesthatcanfitintoasinglepacket,sonoflowcontrolis
needed.Atypicaltransactionconsistsofarequestandareply,withthereplyfunctioning
asanacknowledgment,sonootherguaranteeddeliverymechanismisneeded.UDPdoes
haveanoptionalerror-detectionmechanismintheformofachecksumcomputation
performedonboththesourceanddestinationsystems.BecausetheUDPprotocolprovides
aminimumofadditionalservices,itsheaderisonly8byteslong,providinglittle
additionalcontroloverheadtothepacket.
TCP,ontheotherhand,isaconnection-orientedprotocolthatprovidesafullrangeof
servicesbutatthecostofmuchhigheroverhead.TheTCPheaderis20byteslong,andthe
protocolalsogeneratesalargenumberofadditionalpacketssolelyforcontrolprocedures,
suchasconnectionestablishment,termination,andpacketacknowledgment.
SegmentationandReassembly
Connection-orientedtransportlayerprotocolsaredesignedtocarrylargeamountsofdata,
butthedatamustbesplitintosegmentstofitintoindividualpackets.Thesegmentationof
thedataandthenumberingofthesegmentsarecriticalelementsinthetransmission
processandalsomakefunctionssuchaserrorrecoverypossible.Theroutingprocess
performedatthenetworklayerisdynamic;inthecourseofatransmission,itispossible
forthesegmentstotakedifferentroutestothedestinationandarriveinadifferentorder
fromthatinwhichtheyweresent.Itisthenumberingofthesegmentsthatmakesit
possibleforthereceivingsystemtoreassemblethemintotheiroriginalorder.This
numberingalsomakesitpossibleforthereceivingsystemtonotifythesenderthatspecific
packetshavebeenlostorcorrupted.Asaresult,thesendercanretransmitonlythemissing
segmentsandnothavetorepeattheentiretransmission.
FlowControl
Oneofthefunctionscommonlyprovidedbyconnection-orientedtransportlayerprotocols
isflowcontrol,whichisamechanismbywhichthesystemreceivingthedatacannotify
thesenderthatitmustdecreaseitstransmissionrateorriskoverwhelmingthereceiverand
losingdata.TheTCPheader,forexample,includesaWindowfieldinwhichthereceiver
specifiesthenumberofbytesitcanreceivefromthesender.Ifthisvaluedecreasesin
succeedingpackets,thesenderknowsthatithastoslowdownitstransmissionrate.When
thevaluebeginstoriseagain,thesendercanincreaseitsspeed.
ErrorDetectionandRecovery
TheOSImodeldocumentdefinestwoformsoferrorrecoverythatcanbeperformedby
connection-orientedtransportlayerprotocols.Oneisaresponsetosignalederrors
detectedbyotherprotocolsinthestack.Inthismechanism,thetransportlayerprotocol
doesnothavetodetectthetransmissionerrorsthemselves.Instead,itreceivesnotification
fromaprotocolatthenetworkordatalinklayerthatanerrorhasoccurredandthat
specificpacketshavebeenlostorcorrupted.Thetransportlayerprotocolonlyhastosend
amessagebacktothesourcesystemlistingthepacketsandrequestingtheir
retransmission.
Themorecommonlyimplementedformoferrorrecoveryatthetransportlayerisa
completeprocessoferrordetectionandcorrectionthatisusedtocopewithunsignaled
errors,whichareerrorsthathavenotyetbeendetectedbyothermeans.Eventhoughmost
datalinklayerprotocolshavetheirownerror-detectionandcorrectionmechanisms,they
functiononlyovertheindividualhopsbetweentwosystems.Atransportlayererrordetectionmechanismprovideserrorcheckingbetweenthetwoendsystemsandincludes
thecapabilitytorecoverfromtheerrorsbyinformingthesenderwhichpacketshavetobe
resent.Todothis,thechecksumincludedinthetransportlayerprotocolheaderis
computedonlyonthefieldsthatarenotmodifiedduringthejourneytothedestination.
Fieldsthatroutinelychangeareomittedfromthecalculation.
TheSessionLayer
Whenyoureachthesessionlayer,theboundariesbetweenthelayersandtheirfunctions
starttobecomemoreobscure.Therearenodiscreteprotocolsthatoperateexclusivelyat
thesessionlayer.Rather,thesessionlayerfunctionalityisincorporatedintoother
protocols,withfunctionsthatfallintotheprovincesofthepresentationandapplication
layersaswell.NetworkBasicInput/OutputSystem(NetBIOS)andNetBIOSExtended
UserInterface(NetBEUI)aretwoofthebestexamplesoftheseprotocols.Thesession
layerprovidesmechanismsbywhichthemessagedialogbetweencomputersis
established,maintained,andterminated.Forspecificexamplesthatmayfurtherclarify,
seetheISO8327standardthatdefinessessionlayerprotocolsandisassumedtobeused
byvariousIOS8823standardprotocolsinthepresentationlayer.
Theboundarytothesessionlayerisalsothepointatwhichallconcernforthe
transmissionofdatabetweentwosystemsistranscended.Questionsofpacket
acknowledgment,errordetection,andflowcontrolareallleftbehindatthispointbecause
everythingthatcanbedonehasbeendonebytheprotocolsatthetransportlayerand
below.
Thesessionlayerisalsonotinherentlyconcernedwithsecurityandthenetworklogon
process,asthenameseemstoimply.Rather,theprimaryfunctionsofthislayerconcern
theexchangeofmessagesbetweenthetwoconnectedendsystems,calledadialog.There
arealsonumerousotherfunctionsprovidedatthislayer,whichreallyservesasa
multipurpose“toolkit”forapplicationdevelopers.
Theservicesprovidedbythesessionlayerarewidelymisunderstood,andevenatthe
timeoftheOSImodel’sdevelopment,therewassomequestionconcerningwhetherthey
shouldbeallottedalayeroftheirown.Infact,22differentservicesareprovidedbythe
sessionlayer,groupedintosubsetssuchastheKernelFunctionUnit,theBasicActivity
Subset,andtheBasicSynchronizationSubset.Mostoftheseservicesareofinterestonly
toapplicationdevelopers,andsomeareevenduplicatedasaresultofacompromisethat
occurredwhenthetwocommitteescreatingOSImodelstandardswerecombined.
CommunicationsbetweenthelayersoftheOSIreferencemodelarefacilitatedthrough
theuseofservicerequestprimitives,whicharethetoolsinthetoolkit.Eachlayerprovides
servicestothelayerimmediatelyaboveit.Aprocessatagivenlayertakesadvantageofa
serviceprovidedbythelayerbelowbyissuingacommandusingtheappropriateservice
requestprimitive,plusanyadditionalparametersthatmayberequired.Thus,an
applicationlayerprocessissuesarequestforanetworkresourceusingaprimitive
providedbythepresentationlayer.Therequestisthenpasseddownthroughthelayers,
witheachlayerusingtheproperprimitiveprovidedbythelayerbelow,untilthemessage
isreadyfortransmissionoverthenetwork.Oncethepacketarrivesatitsdestination,itis
decodedintoindicationprimitivesthatarepassedupwardthroughthelayersofthestack
tothereceivingapplicationprocess.
Thetwomostimportantservicesattributedtothesessionlayeraredialogcontroland
dialogseparation.Dialogcontrolisthemeansbywhichtwosystemsinitiateadialog,
exchangemessages,andfinallyendthedialogwhileensuringthateachsystemhas
receivedthemessagesintendedforit.Whilethismayseemtobeasimpletask,consider
thefactthatonesystemmighttransmitamessagetotheotherandthenreceiveamessage
withoutknowingforcertainwhentheresponsewasgenerated.Istheothersystem
respondingtothemessagejustsentorwasitsresponsetransmittedbeforethatmessage
wasreceived?Thissortofcollisioncasecancauseseriousproblems,especiallywhenone
ofthesystemsisattemptingtoterminatethedialogorcreateacheckpoint.Dialog
separationistheprocessofinsertingareferencemarkercalledacheckpointintothedata
streampassingbetweenthetwosystemssothatthestatusofthetwomachinescanbe
assessedatthesamepointintime.
DialogControl
Whentwoendsystemsinitiateasessionlayerdialog,theychooseoneoftwomodesthat
controlsthewaytheywillexchangemessagesforthedurationofthesession:eithertwo-
wayalternate(TWA)ortwo-waysimultaneous(TWS)mode.Eachsessionconnectionis
uniquelyidentifiedbya196-bytevalueconsistingofthefollowingfourelements:
•InitiatorSS-USERreference
•ResponderSS-USERreference
•Commonreference
•Additionalreference
Oncemade,thechoiceofmodeisirrevocable;theconnectionmustbeseveredand
reestablishedinordertoswitchtotheothermode.
InTWAmode,onlyoneofthesystemscantransmitmessagesatanyonetime.
Permissiontotransmitisarbitratedbythepossessionofadatatoken.Eachsystem,atthe
conclusionofatransmission,sendsthetokentotheothersystemusingtheS-TOKENGIVEprimitive.Onreceiptofthetoken,theothersystemcantransmititsmessage.
TheuseofTWSmodecomplicatesthecommunicationprocessenormously.Asthe
nameimplies,inaTWSmodeconnection,thereisnotoken,andbothsystemscan
transmitmessagesatthesametime.
NOTERememberthatthereferencestotokensandconnectionsatthesession
layerhavenothingtodowiththesimilarlynamedelementsinlower-layer
protocols.Asessionlayertokenisnottheequivalentofthetokenframe
usedbytheTokenRingprotocol,norisasessionlayerconnectionthe
equivalentofatransportlayerconnectionsuchasthatusedbyTCP.Itis
possibleforendsystemstoterminatethesessionlayerconnectionwhile
leavingthetransportlayerconnectionopenforfurthercommunication.
Theuseofthetokenpreventsproblemsresultingfromcrossedmessagesandprovides
amechanismfortheorderlyterminationoftheconnectionbetweenthesystems.An
orderlyterminationbeginswithonesystemsignalingitsdesiretoterminatetheconnection
andtransmittingthetoken.Theothersystem,onreceivingthetoken,transmitsanydata
remaininginitsbuffersandusestheS-RELEASEprimitivetoacknowledgethe
terminationrequest.OnreceivingtheS-RELEASEprimitive,theoriginalsystemknows
thatithasreceivedallofthedatapendingfromtheothersystemandcanthenusetheSDISCONNECTprimitivetoterminatetheconnection.
Thereisalsoanegotiatedreleasefeaturethatenablesonesystemtorefusetherelease
requestofanother,whichcanbeusedincasesinwhichacollisionoccursbecauseboth
systemshaveissuedareleaserequestatthesametime,andareleasetokenthatprevents
theoccurrenceofthesecollisionsinthefirstplacebyenablingonlyonesystematatime
torequestarelease.
Allofthesemechanismsare“tools”inthekitthatthesessionlayerprovidesto
applicationdevelopers;theyarenotautomaticprocessesworkingbehindthescenes.When
designinganapplication,thedevelopermustmakeanexplicitdecisiontousetheSTOKEN-GIVEprimitiveinsteadofS-TOKEN-PLEASE,forexample,ortousea
negotiatedreleaseinsteadofanorderlytermination.
DialogSeparation
Applicationscreatecheckpointsinordertosavetheircurrentstatustodiskincaseofa
systemfailure.ThiswasamuchmorecommonoccurrenceatthetimethattheOSImodel
wasdevelopedthanitisnow.Aswiththedialogcontrolprocessesdiscussedearlier,
checkpointingisaprocedurethatmustbeexplicitlyimplementedbyanapplication
developerasneeded.
Whentheapplicationinvolvescommunicationbetweentwosystemsconnectedbya
network,thecheckpointmustsavethestatusofbothsystemsatthesamepointinthedata
stream.Performinganyactivityatpreciselythesamemomentontwodifferentcomputers
isnearlyimpossible.Thesystemsmightbeperformingthousandsofactivitiespersecond,
andtheirtimingisnowherenearaspreciseaswouldbeneededtoexecuteaspecifictask
simultaneously.Inaddition,theproblemagainarisesofmessagesthatmaybeintransitat
thetimethecheckpointiscreated.Asaresult,dialogseparationisperformedbysavinga
checkpointataparticularpointinthedatastreampassingbetweenthetwosystems,rather
thanataparticularmomentintime.
WhentheconnectionusesTWAmode,thecheckpointingprocessisrelativelysimple.
OnesystemcreatesacheckpointandissuesaprimitivecalledS-SYNC-MINOR.The
othersystem,onreceivingthisprimitive,createsitsowncheckpoint,secureinthe
knowledgethatnodataisleftintransitatthetimeofsynchronization.Thisiscalleda
minorsynchronizationbecauseitworkswithdataflowinginonlyonedirectionatatime
andrequiresonlyasingleexchangeofcontrolmessages.
ItisstillpossibletoperformaminorsynchronizationinTWSmodeusingaspecial
tokenthatpreventsbothsystemsfromissuingtheS-SYNC-MINORprimitiveatthesame
time.IfitwaspossibletoswitchfromTWStoTWAmodeinmidconnection,theuseofan
additionaltokenwouldnotbenecessary,butmodeswitchingisnotpossible.Thisis
somethingthatmanypeoplethinkisamajorshortcominginthesessionlayer
specification.
Inmostcases,systemsusingTWSmodecommunicationsmustperformamajor
synchronization,whichaccountsnotonlyfortrafficthatcanberunninginbothdirections
butalsoforexpeditedtraffic.AprimitivecalledS-EXPEDITEDenablesonesystemto
transmittotheotherusingwhatamountstoahigh-speedpipelinethatisseparatefromthe
normalcommunicationschannel.Toperformamajorsynchronization,thesystemin
possessionofyetanothertokencalledthemajor/activitytokenissuesaprimitivecalledSSYNC-MAJORandthenstopstransmittinguntilitreceivesaresponse.However,the
systemissuingthisprimitivecannotcreateitscheckpointyet,asinaminor
synchronization,becausetheremaybetrafficfromtheothersystemcurrentlyintransit.
Onreceivingtheprimitive,theothersystemisabletocreateitsowncheckpoint
becauseallofthedataintransithasbeenreceived,includingexpediteddata,whichhasto
havearrivedbeforetheprimitive.Thereceivingsystemthentransmitsaconfirmation
responseoverthenormalchannelandtransmitsaspecialPREPAREmessageoverthe
expeditedchannel.Thesystemthatinitiatedthesynchronizationprocedurereceivesthe
PREPAREmessagefirstandthentheconfirmation,atwhichtimeitcancreateitsown
checkpoint.
ThePresentationLayer
Unlikethesessionlayer,whichprovidesmanydifferentfunctions,thepresentationlayer
hasonlyone.Infact,mostofthetime,thepresentationlayerfunctionsprimarilyasapassthroughservice,meaningthatitreceivesprimitivesfromtheapplicationlayerandissues
duplicateprimitivestothesessionlayerbelowusingthePresentationServiceAccessPoint
(PSAP)andtheSessionServiceAccessPoint(SSAP).Allofthediscussioninthe
previoussectionsaboutapplicationsutilizingsessionlayerservicesactuallyinvolvesthe
useofthepass-throughserviceatthepresentationlayerbecauseitisimpossiblefora
processatanylayeroftheOSImodeltocommunicatedirectlywithanylayerotherthan
theoneimmediatelyaboveorbeneathit.Thepresentationlayernegotiatestheuseofa
transfersyntaxthatissupportedbybothoftheconnecteddevicessotheendsystemsof
differenttypescancommunicate.
Whilethebasicfunctionsoftheprimitivesarenotchangedastheyarepasseddown
throughthepresentationlayer,theycanundergoacrucialtranslationprocessthatisthe
primaryfunctionofthelayer.Applicationsgeneraterequestsfornetworkresourcesusing
theirownnativesyntax,butthesyntaxoftheapplicationatthedestinationsystem
receivingtherequestmaybedifferentinseveralways.Thesystemsmightalsoimplement
encryptionand/orcompressiononthedatatobetransmittedoverthenetwork.
Thistranslationprocessoccursintwophases,oneofwhichrunsatthepresentation
layeroneachsystem.Eachcomputermaintainsanabstractsyntax,whichisthenative
syntaxfortheapplicationrunningonthatsystem,andatransfersyntax,whichisa
commonsyntaxusedtotransmitthedataoverthenetwork.Thepresentationlayeronthe
systemsendingamessageconvertsthedatafromtheabstractsyntaxtothetransfersyntax
andthenpassesitdowntothesessionlayer.Whenthemessagearrivesatthedestination
system,thepresentationlayerconvertsthedatafromthetransfersyntaxtotheabstract
syntaxoftheapplicationreceivingthemessage.Thetransfersyntaxchosenforeach
abstractsyntaxisbasedonanegotiationthatoccurswhenapresentationlayerconnection
isestablishedbetweentwosystems.Dependingontheapplication’srequirementsandthe
natureoftheconnectionbetweenthesystems,thetransfercontextmayprovidedata
encryption,datacompression,orasimpletranslation.
NOTEThepresentationlayerconnectionisnotsynonymouswiththe
connectionsthatoccuratthelowerlayers,noristheredirect
communicationbetweenthepresentationlayersofthetwosystems.
Messagestraveldownthroughtheprotocolstacktothephysicalmedium
andupthroughthestackonthereceivertothepresentationlayerthere.
ThesyntaxnegotiationprocessbeginswhenonesystemusestheP-CONNECT
primitivetotransmitasetofpresentationcontexts,whicharepairsofassociatedabstract
contextsandtransfercontextssupportedbythatsystem.Eachpresentationcontextis
numberedusingauniqueodd-numberedintegercalledapresentationcontextidentifier.
Withthismessage,onesystemisessentiallyinformingtheotherofitspresentationlayer
capabilities.Themessagemaycontainmultipletransfercontextsforeachabstractcontext
togivethereceivingsystemachoice.
OncetheothersystemreceivestheP-CONNECTmessage,itpassesthepresentation
contextsuptotheapplication-layerprocesses,whichdecidewhichofthetransfercontexts
supportedbyeachabstractcontexttheywanttouse.Thereceiverthenreturnsalistof
contextstothesenderwitheitherasingletransfercontextoranerrormessagespecified
foreachabstractcontext.Onreceiptbytheoriginalsender,thislistbecomesthedefined
contextset.Errormessagesindicatethatthereceivingsystemdoesnotsupportanyofthe
transfercontextsspecifiedforaspecificabstractcontext.Oncethenegotiationprocessis
completed,thesystemscanproposenewpresentationcontextsforadditiontothedefined
contextsetorremovecontextsfromthesetusingaprimitivecalledP-ALTER-CONTEXT.
TheApplicationLayer
Asthetoplayerintheprotocolstack,theapplicationlayeristheultimatesourceand
destinationforallmessagestransmittedoverthenetwork.Alloftheprocessesdiscussed
intheprevioussectionsaretriggeredbyanapplicationthatrequestsaccesstoaresource
locatedonanetworksystem.Application-layerprocessesarenotnecessarilysynonymous
withtheapplicationsthemselves,however.Forexample,ifyouuseawordprocessorto
openadocumentstoredonanetworkserver,youareredirectingalocalfunctiontothe
network.Thewordprocessoritselfdoesnotprovidetheapplicationlayerprocessneeded
toaccessthefile.Inmostcases,itisanelementoftheoperatingsystemthatdistinguishes
betweenrequestsforfilesonthelocaldriveandthoseonthenetwork.Otherapplications,
however,aredesignedspecificallyforaccessingnetworkresources.Whenyouruna
dedicatedFTPclient,forexample,theapplicationitselfisinseparablefromtheapplication
layerprotocolitusestocommunicatewiththenetwork.Theapplicationlayerprotocolis
theinterfacebetweentheapplicationrunningonthecomputerthatisrequestingthe
servicesofthenetworkandtheprotocolstackthatconvertsthatrequestintothe
transmittedsignals.
Someoftheotherprotocolsthatarecloselytiedtotheapplicationsthatusethemare
asfollows:
•DHCPDynamicHostConfigurationProtocol
•TFTPTrivialFileTransferProtocol
•DNSDomainNameSystem
•NFSNetworkFileSystem
•RIPRoutingInformationProtocol
•BGPBorderGatewayProtocol
NOTETheseprotocolsaresomewhatdifferentfromapplicationsthatare
designedfortheusers,suchaswordprocessorsorspreadsheets.These
protocolsareprimarilydesignedtobeusedbythesystems.
Inbetweenthesetwoextremesarenumerousapplicationtypesthataccessnetwork
resourcesindifferentwaysandfordifferentreasons.Thetoolsthatmakethataccess
possiblearelocatedintheapplicationlayer.Someapplicationsuseprotocolsthatare
dedicatedtospecifictypesofnetworkrequests,suchastheSimpleMailTransport
Protocol(SMTP)andPostOfficeProtocol(POP3)bothusedfore-mail,theSimple
NetworkManagementProtocol(SNMP)usedforremotenetworkadministration,andthe
HypertextTransferProtocol(HTTP)usedforWorldWideWebcommunications.
Asyouhaveseeninthischapter,thebottomfourlayersoftheOSIreferencemodel
performfunctionsthatareeasilydifferentiated,whilethefunctionsofthesession,
presentation,andapplicationlayerstendtobleedtogether.Manyoftheapplicationlayer
protocolslistedherecontainfunctionsthatrightlybelongatthepresentationorsession
layers,butitisimportantnottolettheOSImodelassertitselftooforciblyintoyour
perceptionofdatanetworking.Themodelisatoolforunderstandinghownetworks
function,notaguideforthecreationofnetworkingtechnologies.
PART
II
NetworkHardware
CHAPTER3
NetworkInterfaceAdapters
CHAPTER4
NetworkInterfaceAdaptersandConnectionDevices
CHAPTER5
CablingaNetwork
CHAPTER6
WirelessLANs
CHAPTER7
WideAreaNetworks
CHAPTER8
ServerTechnologies
CHAPTER9
DesigningaNetwork
CHAPTER
3
NetworkInterfaceAdapters
Everycomputerthatparticipatesonanetworkmusthaveaninterfacetothatnetwork,
usingeitheracableorsomeformofwirelesssignalthatenablesittotransmitdatatothe
otherdevicesonthenetwork.Themostcommonformofwirednetworkinterfaceispart
ofthemainboardandconnectstoanetworkcable,typicallyreferredtoasanetwork
interfacecard(orcontroller),orNICforshort(seeFigure3-1).Alsocalledanetwork
interfaceadapter,thisisnormallyanEthernetconnectionandisusedbysmalland
medium-sizedbusinessesaswellashomenetworkconfigurations.
Figure3-1AtypicalEthernetnetworkcard(photoprovidedbyDsimicatEnglishWikipediaundertheGNUFree
DocumentationLicense)
NICFunctions
Thenetworkinterfaceadapter,incombinationwiththenetworkadapterdriver,
implementsthedatalinklayerprotocolusedonthecomputer,usuallyEthernet,aswellas
partofthephysicallayer.TheNICalsoprovidesthelinkbetweenthenetworklayer
protocol,whichisimplementedcompletelyintheoperatingsystem,andthenetwork
medium,whichisusuallyacableconnectedtotheNIC.IfyouuseanEthernetNIC,your
connectionismadewithanEthernetcablewithanRJ-45connection.TheRJ-45connector
lookslikeatelephoneconnection(RJ-11)butislarger.
TheNICanditsdriverperformthebasicfunctionsneededforthecomputertoaccess
thenetwork.Theprocessoftransmittingdataconsistsofthefollowingsteps(which,
naturally,arereversedduringpacketreception):
1.DatatransferThedatastoredinthecomputer’smemoryistransferredtothe
NICacrossthesystembususingoneofthefollowingtechnologies:directmemory
access(DMA),sharedmemory,orprogrammedI/O.
2.DatabufferingTherateatwhichthePCprocessesdataisdifferentfromthe
transmissionrateofthenetwork.TheNICincludesmemorybuffersthatitusesto
storedatasoitcanprocessanentireframeatonce.
NOTEBandwidthisthetermusedtoindicatespeedcapabilitiesofthe
physicaldevicesusedwheninteractingwithanetwork.BasicEthernet,
forexample,hasabandwidthof10Mbps,sousinganInternetconnection
fasterthanthatwouldbelargelywastedspeed.FastEthernetreaches100
Mbps,usuallyadequateforhomecomputerconnections.GigabitEthernet
canreach1Gbps,and10GigabitEthernetis10Gbps.Evenwireless
connectionsarelimitedbybandwidth.Wireless802.11bis11Mbps,and
Wireless-G802.11ghasatopspeedof54Mbps.Wireless-N802.11can
reach300Mbps.
3.FrameconstructionTheNICreceivesdatathathasbeenpackagedbythe
networklayerprotocolandencapsulatesitinaframethatconsistsofitsowndata
linklayerprotocolheaderandfooter.Dependingonthesizeofthepacketandthe
datalinklayerprotocolused,theNICmayalsohavetosplitthedatainto
segmentsoftheappropriatesizefortransmissionoverthenetwork.Forincoming
traffic,theNICreadstheinformationinthedatalinklayerframe,verifiesthatthe
packethasbeentransmittedwithouterror,anddetermineswhetherthepacket
shouldbepasseduptothenextlayerinthenetworkingstack.lfso,theNICstrips
offthedata1inklayerframeandpassestheencloseddatatothenetworklayer
protocol.
4.MediaaccesscontrolTheNICisresponsibleforarbitratingthesystem’s
accesstothesharednetworkmedium,usinganappropriatemediaaccesscontrol
(MAC)mechanism.Thisisnecessarytopreventmultiplesystemsonthenetwork
fromtransmittingatthesametimeandlosingdatabecauseofapacketcollision.
TheMACmechanismisthesinglemostdefiningelementofadatalinklayer
protocol.(TheMACmechanismisnotneededforincomingtraffic.)
5.Parallel/serialconversionThesystembusconnectingtheNICtothe
computer’smainmemoryarraytransmitsdata16or32bitsatatimeinparallel
fashion,whiletheNICtransmitsandreceivesdatafromthenetworkserially—that
is,onebitatatime.TheNICisresponsiblefortakingtheparalleldata
transmissionthatitreceivesoverthesystembusintoitsbuffersandconvertingit
toaserialbitstreamfortransmissionoutoverthenetworkmedium.Forincoming
datafromthenetwork,theprocessisreversed.
6.Dataencoding/decodingThedatageneratedbythecomputerinbinaryform
mustbeencodedinamattersuitableforthenetworkmediumbeforeitcanbe
transmitted,andinthesameway,incomingsignalsmustbedecodedonreceipt.
Thisandthefollowingsteparethephysicallayerprocessesimplementedbythe
NIC.Foracoppercable,thedataisencodedintoelectricalimpulses;forfiberopticcable,thedataisencodedintopulsesoflight.Othermediamayuseradio
waves,infraredlight,orothertechnologies.Theencodingschemeisdetermined
bythedatalinklayerprotocolbeingused.
7.Datatransmission/receptionTheNICtakesthedataithasencoded,
amplifiesthesignaltotheappropriateamplitude,andtransmitsitoverthenetwork
medium.Thisprocessisentirelyphysicalanddependswhollyonthenatureofthe
signalusedonthenetworkmedium.
TheNICalsoprovidesthedatalinklayerhardware(orMAC)addressthatisusedto
identifythesystemonthelocalnetwork.Mostdatalinklayerprotocolsrelyonaddresses
thatarehard-codedintotheNICbythemanufacturer.Inactuality,theMACaddress
identifiesaparticularnetworkinterface,notnecessarilythewholesystem.Inthecaseofa
computerwithtwoNICsinstalledandconnectedtotwodifferentnetworks,eachNIChas
itsownMACaddressthatidentifiesitonthenetworktowhichitisattached.
Someolderprotocols,suchasARCnet,requiredthenetworkadministratortosetthe
hardwareaddressmanuallyoneachNIC.Ifsystemswithduplicateaddresseswereonthe
network,communicationsproblemsresulted.Today,MACaddressesareassignedintwo
parts,muchlikeIPaddressesanddomainnames.TheInstituteofElectricalandElectronic
Engineers(IEEE)maintainsaregistryofNICmanufacturersandassigns3-byteaddress
codescalledorganizationallyuniqueidentifiers(OUIs)tothemasneeded.
NICFeatures
Inadditiontothebasicfunctionalitydescribedthusfar,NICscanhaveavarietyofother
features,dependingonthemanufacturer,protocol,pricepoint,andthetypeofcomputerin
whichthedeviceistobeused.Someofthesefeaturesarediscussedinthefollowing
sections.
FullDuplex
Mostofthedatalinklayerprotocolsthatusetwisted-paircableseparatethetransmitted
andreceivedsignalsontodifferentwirepairs.Evenwhenthisisthecase,however,the
NICtypicallyoperatesinhalf-duplexmode,meaningthatatanygiventime,itcanbe
transmittingorreceivingdata,butnotbothsimultaneously.NICsthatoperateinfullduplexmodecantransmitandreceiveatthesametime,effectivelydoublingthe
throughputofthenetwork(seeFigure3-2).
Figure3-2Full-duplexsystemscantransferdatainbothdirectionsatthesametime,whilehalf-duplexsystemstransfer
informationinonedirectionatatime.
WhenaNICisoperatinginfull-duplexmode,itcantransmitandreceivedataatany
time,eliminatingtheneedforamediaaccesscontrolmechanism.Thisalsoeliminates
collisions,whichincreasestheoverallefficiencyofthenetwork.Runningafull-duplex
networkrequiresmorethanjustNICsthatsupportthisfeature,however.Thehub,switch,
router,orotherdevicetowhicheachcomputerconnectsmustalsosupportfull-duplex
operation.
BusMastering
Normally,whendataistransmittedbetweenthecomputer’smemoryandanexpansion
cardoverthesystembus,theprocessorfunctionsasthemiddleman,readingdatafromthe
sourceandtransmittingittothedestination.Thisutilizesprocessorclockcyclesthatcould
otherwiseberunningapplicationsorperformingotherimportanttasks.Anexpansioncard
capableofbusmasteringhasachipsetthatarbitratesthecard’saccesstothebus,
eliminatingtheneedforthesystemprocessor’sinvolvementinthetransferofdatatoand
frommemory.BusmasteringNICsenablethecomputertooperatemoreefficiently
becausetheyconservetheprocessorclockcyclesthatwouldotherwisebeexpendedin
datatransfers.
ParallelTasking
ParallelTaskingisafeaturethatwasdevelopedby3ComCorporationandsubsequently
implementedbyotherNICmanufacturers,usingdifferentnames.Thetermdescribesa
processbywhichtheNICcanbegintotransmitapacketoverthenetworkwhilethedata
isstillbeingtransferredtotheNICoverthesystembus.ANICwithoutthiscapability
mustwaituntilanentirepacketisstoredinitsbuffersbeforeitcantransmit.Today,many
NICsfeatureParallelTaskingII,whichimprovesbusmasteringcommunicationsoverthe
PeripheralComponentInterconnect(PCI)bus.Previously,aPCINICcouldtransferonly
64bytesatatimeduringasinglebusmasteroperation,whichrequireddozensof
operationstotransfereachpacket.ParallelTaskingIIenablestheNICtostreamuptoan
entireEthernetpacket’sworthofdata(1,518bytes)duringasinglebusmasteroperation.
Wake-on-LANorWake-on-Wireless-LAN
Today’sindustrystandard,Wake-on-LAN(WoL)isafeaturethatenablesacomputerto
“wake”fromaverylowpowerstate.WoLisanenhancementbuiltintonetworkinterface
adaptersandcomputermotherboardsthatenablesanadministratortoturnacomputeron
fromaremotelocation.Onceturnedon,theadministratorcanperformanynecessary
maintenancetasks.Forthisfeaturetofunction,boththecomputer’smotherboardandthe
NICmusthaveathree-pinremotewake-upconnector,whichisconnectedwithacable.
Whenthecomputeristurnedoff,itactuallyswitchestoalow-powersleepstateinsteadof
beingcompletelypoweredoff.Whileinthisstate,theNICcontinuouslymonitorsthe
networkforaspecialwake-uppacketthatcanbedeliveredtoitbyadesktopmanagement
applicationrunningonanadministrator’scomputer.
WhentheNICreceivesthepacket,itsignalsthemotherboard,whichinturnswitches
thepowersupplybackintoitsfullpowerstate,effectivelyturningonthecomputer.Once
thecomputerisupandrunning,theadministratorcantakecontrolofthesystemusing
whatevertoolsareavailable.
SelectingaNIC
WhenyourmainboarddoesnothaveanacceptableNICoryousimplywanttoupgradethe
built-incard,youneedtoconsiderseveralfactors:
•Thedatalinklayerprotocolusedbythenetwork
•Thetransmissionspeedofthenetwork
•ThetypeofinterfacethatconnectstheNICtothenetwork
•ThetypeofsystembusintowhichyouwillinstalltheNIC
•ThehardwareresourcestheNICrequires
•TheelectricpowertheNICrequires
•TheroleofthecomputerusingtheNIC(serverversusworkstationandhome
versusoffice)
•Appropriatedriveravailability
NOTEThemostcommonnetworkinterfacecardsareaPCI,ISA,or
PCMCIAcard.Thekindyouchooselargelydependsonthecomputeryou
willbeinstallingthecardinandwhattypeofinterfacethatcomputer
offers.APCIcardgoesintoaPCIslotofyourcomputerandoperatesata
fastspeed.Thisisthemostcommonchoiceformostusers.AnISAcard
thatconnectstoacomputer’smotherboardcanbelessexpensivethana
PCIcardbutmayalsobelessreliable.PCMCIAcardsareplacedinan
appropriateslotinlaptops.
Thefollowingsectionsexaminethesecriteriaandhowtheycanaffecttheperformance
oftheNICandyournetwork.
Protocol
Thedatalinklayerprotocolisthesinglemostdefiningcharacteristicofanetwork
interfaceadapter.ThemostpopularprotocolusedatthedatalinklayerisEthernet,but
NICsarealsoavailablethatsupportTokenRing,FDDI,ATM,andothers,aswellas
variationsontheseprotocols.
Allofthecomputersonthenetworkmust,ofcourse,beusingthesamedatalinklayer
protocol,andtheselectionofthatprotocolshouldbeadecisionmadelongbeforeyou’re
readytopurchaseNICs.Thisisbecausealloftheothernetworkhardware,suchascables,
hubs,andotherdevices,arealsoprotocolspecific.TheNICyouselectmustalsosupport
thetypeofcableorothermediumthenetworkuses,aswellasthetransmissionspeedof
thenetwork.YoucanalsoselectEthernetNICsthatsupporttheuseofunshieldedtwistedpair(UTP),twotypesofcoaxial,orfiber-opticcable,aswellasvarioustypesofwireless
transmissions.Theseareallaspectsofthenetworkconfigurationthatyoumustconsider
beforemakingNICpurchases.
TransmissionSpeed
Somedatalinklayerprotocolscanrunatdifferentspeeds,andthecapabilityofaNICto
supportthesespeedscanbeanimportantpartofselectingthecorrectproductforyour
network.Insomeprotocols,anincreaseinspeedhasbeenfullyassimilatedintothe
technology,whileinothers,thefasterversionisstillanoptionalfeature.FastEthernet
(runningat100Mbps)has,forallpracticalpurposes,replacedtraditional10Mbps
Ethernet.SomeoftheFastEthernetNICsmanufacturedtodayarecombinationdevices
thatsupportboth10and100Mbpsoperation,makingitpossibletograduallyupgradean
olderEthernetnetwork.WhentheconnectionisestablishedbetweentheNICandthehub,
thedevicesnegotiatethehighestpossiblespeedtheyhaveincommon.
NetworkInterface
Thetypeofcable(orothermedium)thatformsthefabricofthenetworkdeterminesthe
networkinterfaceusedontheNIC.Thenetworkcabletypeistypicallyselectedatthe
sametimeasthedatalinklayerprotocol,andtheNICsyoupurchasemustsupportthat
medium.Somedatalinklayerprotocolssupportdifferenttypesofcables,andNICsare
availableforeachone,whileotherprotocolsaredesignedtouseonlyonetypeofcable.
Today,youcanchoosetoinstallaNICthatusestheEthernetcablewithanRJ-45
connector.ThePCIorPCIExpresscardsrequirethatyouopenthecomputertoinstallthe
cards.YoucanalsopurchaseUniversalSerialBus(USB)devicesthatsimplyconnectto
yourcomputerataUSBport.
Ethernetalsosupportstheuseoffiber-opticcableinthatitcarriesdatacodedinto
lightpulsesratherthanintoelectricvoltages.Thecomponentsonafiber-opticNICare
thereforesubstantiallydifferentinform(ifnotfunction)fromthoseonacopper-based
EthernetNIC,includingthenetworkinterface,whichisusuallyastraight-tip(ST)
connector.FastEthernetcanusefiber-opticcabletorunat100Mbpsoverfarlonger
distancesthananycoppermedium.Becauseofthesetechnologicaldifferences,fiber-optic
FastEthernetNICsarenotusuallycombinedwithothertechnologies.Fiber-opticnetwork
hardwareisoftenmoreexpensivethancomparablecopper-basedproducts.
BusInterface
Thenetworkinterfaceadapterenablesanetworksystemtotransmitdatafromitsmain
memoryarraytoanoutsidedestination,justlikeaparallelorserialportdoes.Thedata
travelsfromthememorytothenetworkadapteracrossthesystembus,inthesamemanner
aswithanyotherexpansioncard,likeagraphicsoraudioadapter.ThetypeofbustheNIC
usestocommunicatewiththecomputercanaffecttheperformanceofthenetwork
connection,buttheselectionofabustypefortheNICisuniquetoeachcomputer.PCIis
thebustypeusedinvirtuallyallofthedesktopcomputerssoldtoday.Laptopsandother
portablesusethePCCardbus(formerlyknownasthePersonalComputerMemoryCard
InternationalAssociation,orPCMCIAbus).Oldersystemsusedvariousothertypesof
expansionbuses,suchasVESALocalBus(VLB),MicroChannelArchitecture(MCA),or
ExtendedIndustryStandardArchitecture(EISA).USBadaptersrequirenointernal
installation.Yousimplyplugtheadapterintoacomputer’sUSBport,plugthenetwork
cableintotheadapter,andinstalltheappropriatedriverforthenewdevice.Noexternal
powerconnectionisneeded;theadapterderivespowerfromthebus.Thismakesforan
extremelysimpleinstallation,buttheperformanceofaUSBnetworkadaptercanbe
inferiortootherNICs.
Table3-lliststhecharacteristicsofthesebusesandtheirrespectivebusspeed.
Table3-1PCBusTypes,Widths,Speed,andBandwidth
Bottlenecks
Thebustypeselectioncanaffectnetworkperformanceiftheselectedbusisslowenough
tocauseabottleneckinthenetwork.Innetworking,abottleneckoccurswhenoneelement
ofanetworkconnectionrunsatasignificantlyslowerspeedthanalloftheothers.This
cancausetheentirenetworktoslowdowntothespeedofitsweakestcomponent,
resultinginwastedbandwidthandneedlessexpense.Asanexaggeratedexample,consider
anetworkthatconsistsofmodernPCswiththefastprocessors,connectedbyaFast
Ethernetnetworkrunningat100Mbps.AlloftheworkstationsonthenetworkhaveNICs
thatusethePCIbusexceptforthemaindatabaseserver,whichhasanoldISANIC.The
resultofthisisthattheISANICwillprobablybetheslowestcomponentinallofthe
workstation/serverconnectionsandwillbeabottleneckthatpreventstherestofthe
equipmentfromachievingitsfullpotential.
Theprocessofidentifyingactualbottlenecksisrarelythisclean-cut.Justbecausea
networkprotocolrunsat100Mbpsdoesn’tmeanthatdataiscontinuouslytravelingover
thecableatthatspeed,andtherawspeedofaparticularbustypeisnotindicativeofthat
actualthroughputrateforthedatageneratedbythesystem.However,itisagoodideato
usecommonsensewhenpurchasingNICsandtotrytomaximizetheperformanceofyour
network.
ISAorPCI?
Ifyouhavetodealwiththeolderbustypes,youmayencounterIndustryStandard
Architecture(ISA)cards.Thechoiceformostdesktopsystemsmanufacturedafterabout
1995wasbetweenISAandPCI.ForatraditionalEthernetnetworkrunningat10Mbpsor
aTokenRingnetworkrunningat4or16Mbps,anISANICwasmorethansufficient.In
fact,ISANICscanbeperfectlyserviceableon100Mbpsnetworksaswell,atleastfor
workstations,becausetheaveragenetworkuserdoesnotrequireanythingapproaching
100Mbpsofbandwidthonacontinuousbasis.ThemainreasonfortheISANICbeingthe
bottleneckinthescenariodescribedearlieristhatitisinstalledintheserver.AserverPC
thatishandlingdatarequestsgeneratedbydozensorhundredsofworkstations
simultaneouslynaturallyrequiresmorebandwidththananysingleworkstation.Inaserver,
therefore,theuseofthefastestbusavailableisalwaysrecommended.
However,thereisanotherelementtothebustypedecisionthatyoumustconsider,and
thatistheavailabilityofexpansionbusslotsinyourcomputers.Obviously,toinstalla
networkinterfacecardintoaPC,itmusthaveafreebusslot.LegacyPCshavevarying
numbersofPCIandISAslots,andthehardwareconfigurationofthemachinedetermines
howmanyofthoseslots(ifany)arefree.Manyolder“full-featuredcomputers”have
peripheraldevicesinstalledthatoccupymanyofthebusslots.Becauseitispossiblefora
cardtooccupyaslotwithoutprotrudingthroughthebackofthecomputer,simplylooking
attheoutsideofasystemisnotsufficienttodeterminehowmanyfreeslotsthereare.You
mustopenthemachinetocheckforfreeslotsandtodeterminewhichtypesofslotsare
available.Ifnoslotsareavailable,anexternalnetworkadapterusingtheUSBportmaybe
youronlyrecourse.
Administratorsoflargenetworksoftenpurchaseworkstationsthatdonothaveallthe
state-of-the-artfeaturesfoundinmanyhomesystems,whichmayleavemoreslotsfreefor
additionalcomponentssuchasaNIC.Inaddition,PCstargetedatthecorporatemarketare
morelikelytohaveperipheraldevicessuchasaudioandvideoadaptersintegratedintothe
motherboard,whichalsocanleavemorefreeslots.However,anofficecomputermayalso
useaslimlineorlow-profilecasedesignthatreducesthenumberofslotstominimizethe
computer’sfootprint.
Eveninlegacysystems,theselectionofthebustypefortheNICshouldbebasedon
thenetworkbandwidthrequirementsoftheuserandnotonthetypeofbusslotthe
computerhasfree.However,youmayhavenootherchoicethantoputanISANICina
computerthatcouldbenefitfromaPCIcardbuthasonlyanISAslotfree.
IntegratedAdapters
Asmentionedearlier,manyPCshaveperipheraldevicesintegratedintothemotherboard.
Oneofthesedevicesmaybethenetworkinterfaceadapter.Becauseanintegratednetwork
adapterisnotaseparatecard,itcannotrightfullybecalledaNIC,butitdoesperformthe
samefunctionasanetworkadapterthatisinstalledintothesystem’sexpansionbus.
Althoughtheyreducethedistancethesignalshavetotraveltoreachtheadapterandavoid
theelectricalinterferencethatoccursduringabustransfer,theproblemwithintegrated
networkadaptersisthattheyarenotupgradable.Asystemthathasanintegratednetwork
adapterisundernoobligationtouseit.Youcannearlyalwaysdisabletheadapterby
goingthroughthesystemBIOS,bymanipulatingaswitchorjumperonthemotherboard,
orsimplybyinstallingaNICintoabusslot.Youmightfindadealonworkstationswith
thewrongtypeofintegratednetworkadapterthatisgoodenoughtobeworthbuyingNICs
forthecomputersaswell.
Fiber-OpticNICs
Thefirstconsiderationsforchoosingafiber-opticnetworkcardarenetworktypeand
transmissionrate.Considerthebandwidthneedsoftheserverorworkstation,alongwith
thephysicalmediumusedfortransmissiontodeterminethetransmissionrateofthecard
youpurchase.SinceEthernetoffersspeedsthatvarybetween10Mbps,10/100Mbps,
1000Mbps,andeven10Gbps,itisusuallybesttochooseacardthatworkswiththe
lowestcomponentinthenetwork.Forexample,ifyournetworkusesa100Mbpscable,
usinga1000Mbpscardwillstillonlyresultin100Mbps.
Also,payattentiontothebustype.Serversandworkstationstypicallyusesomeform
ofthePCIbus,suchasthePeripheralComponentInterconnectExpress(PCIe)card.
Today,mostPCsnolongersupporttheISAconnector,sowhenyoupurchasenetwork
cardsforyourPC,donotbuytheoutdatedISAnetworkcard.Instead,chooseacurrent
PCIcard.
Remember,youmustalsoconsidertheconnectortypeusedbytheNIC.Thenetwork
cardneedstobeconnectedwiththenetwork,soitmusthaveafiber-opticconnectorto
linkwithothercomputernetworkequipment.
PortableSystems
NetworkinterfaceadaptersforlaptopsandotherportablesystemstaketheformofPC
CardBusNICsorUSB-connectedadapters.Assuch,considerthespeedofthenetwork
withwhichyouwillbeconnecting,aswellasthepriceandreliabilityofthedeviceyou
choose.
HardwareResourceRequirements
InadditiontoabusslotoranavailableUSBport,acomputermusthavetheappropriate
hardwareresourcesfreetosupportaNIC.Anetworkinterfaceadapterrequiresafree
interruptrequestline(IRQ)andusuallyeitheranI/Oportaddress,amemoryaddress,or
both.WhenevaluatingNICs,youmusttakeintoaccountboththeresourcerequirements
oftheNICandtheresourcesavailableonthecomputer.OnaPCwithalotofperipheral
devicesalreadyinstalled,mostoftheIRQsmayalreadybeinuse,andaddingaNICmay
bedifficult.ThisisbecauseaNICmaybeabletouseonlyaselectfewofthesystem’s
IRQs,andifallofthoseIRQsareoccupied,thecardcannotfunction.Twodevices
configuredtousethesameresourcewillsometimesconflict,causingbothtomalfunction.
Insomecases,however,it’spossiblefortwodevicestoshareanIRQ.Tofreeuponeof
theIRQsusablebytheNIC,youmayhavetoconfigureanotherdevicetouseadifferent
IRQ.Thus,youhavetoconsidernotonlythenumberofavailableIRQsonthecomputer
butalsowhichonesareavailable.Thesameistruefortheotherresourcesrequiredbythe
card.
ManyolderNICssupportedonlytwoorthreeIRQsandotherresources,and
configuringthedevicesinthecomputerwasamanualtrial-and-errorprocess.System
administratorscouldspendhourstryingdifferentcombinationsofhardwaresettingsfor
thecomponentsinasinglecomputerbeforefindingonethatenabledallofthedevicesto
functionsimultaneously.Today,however,NICsaregenerallymoreflexibleandsupporta
widerrangeofresourcesettings.Inaddition,theBIOSandtheoperatingsystemofa
modernPChavefeaturesthatsimplifytheprocessofconfiguringperipheraldevicesto
worktogether.
Plug-and-play,whenitfunctionsproperly,eliminatestheneedtoworryabout
hardwareresourceconfigurationforperipheraldevices.WhenasystemhasaBIOS,an
operatingsystem,andhardwarethatallsupporttheplug-and-playstandard,thecomputer
assignshardwareresourcestoeachdevicedynamicallywhenthesystemstarts.When
plug-and-playisnotsupportedforaparticulardevicesuchasaNIC,operatingsystems
(suchasMicrosoftWindows)providetoolsthatcanidentifythefreeresourcesinthe
machineandindicatewhethertheNIC’scurrentconfigurationconflictswithanyother
devicesinthesystem.
Thus,whenselectingNICs,youshouldbeconsciousofthehardwareresourcesinuse
onthecomputersthatwillusethem.WhenusingNICsandcomputersofrecent
manufacture,thisisrarelyaproblem.However,acomputerwithalotofinstalled
peripheralsmaybeunabletosupportanadditionalcardwithoutremovingoneofthe
existingcomponents.Inothercases,youmayhavetoreconfigureotherdevicestosupport
theadditionofaNIC.MostNICmanufacturerspublishspecificationsheets(often
availableontheirwebsites)thatlistthehardwareresourcestheirNICscanuse.By
comparingthisinformationtothecurrentconfigurationofaPC,youcandetermine
whetherthecomputerhastheresourcestosupporttheNIC.
PowerRequirements
Thepowersuppliesintoday’scomputersusuallyprovidemorethanenoughvoltageto
supportafullloadofexpansioncardsandotherinternalperipherals.However,ifyou’re
runningasystemwithalargenumberofinternaldevices,youmaywanttocomparethe
powerloadincurredbythesedeviceswiththevoltagefurnishedbythecomputer’spower
supplybeforeyouinstallaNIC.Becausethepowerdrainofmechanicaldrivesvaries
dependingonhowoftenandhowheavilythey’reused,asystemputtingoutinsufficient
powertosupportitshardwareloadmayexperienceintermittentproblemsthataredifficult
todiagnose.Whatmayseemtobeafaultydrivemay,infact,betheeffectofan
insufficientpowersupplyforthehardware.
Servervs.WorkstationNICs
TheNICsinserversandworkstationsperformthesamebasicfunctions,andyetthereare
cardsonthemarketthataretargetedspecificallyforuseinservers.SomeoftheseNICs
useprotocols,suchasGigabitEthernet,thatareintendedprimarilyforserversbecause
theircostandcapabilitiesmakethemimpracticalforuseindesktopworkstations.Others,
however,areNICsthatusestandardprotocolsbutthatcontainadditionalfeaturestomake
themmoreusefulinservers.Naturally,theseextrafeaturesdrivethepriceoftheNICup
considerably,anditisuptoyoutodecidewhethertheyareworththeextraexpense.
Today,serverNICsaremoresophisticatedandperformmanyfunctions.Advances
suchasflexibleLANsonmotherboard(LOMs)andsmartNICscanusetheirown
onboardprocessorstoprovidefunctionalitiessuchasencryption/decryption,firewall,
TCP/IPoffloadengine(TOE),iSCSI,andremotedirectmemoryaddress.Understanding
thesecontemporaryNICtechnologiesiscriticalintheadventofvirtualizationandcloud
computing.
CHAPTER
4
NetworkInterfaceAdaptersand
ConnectionDevices
Originally,LANsconsistedofnothingmorethancomputersandcables,butasthe
technologyevolved,moreequipmentwasrequired.Astheearlycoaxialcablenetworks
grewtospanlongerdistances,devicescalledrepeaterswereaddedtoboostthesignals.
Later,whenthedominantmediumforEthernetnetworksshiftedfromcoaxialto
unshieldedtwisted-pair(UTP)cable,hubsbecameanessentialnetworkcomponent.As
networksgrewfromtoolsforlocalizedworkgroupstocompanywideresources,
componentssuchasbridges,switches,androutersweredevelopedinordertocreatelarger
networks.Usingthesedevicesmakesitpossibletobuildnetworksthatspanlonger
distances,supportmorecomputers,andprovideincreasedbandwidthforeachsystemon
thenetwork.Thischapterexaminesthefunctionsofthesedevicesandhowyoucan
integratethemintoyournetworkinfrastructure.
Today,awidevarietyofdevicesareusedinnetworking.Manyofthefollowingitems
areconsideredlegacydevices,inthattheyarenolongerusedinnetworksbuilttoday.
However,youmaystillencountertheminoldersystems.
Repeaters
Asasignaltravelsoveracable,thenaturalresistanceofthemediumcausesittogradually
weakenuntilitisnolongerviable.Thelongerthecable,theweakerthesignalgets.This
weakeningiscalledattenuation,anditisaproblemthataffectsalltypesofcabletosome
degree.Theeffectofattenuationisdependentonthetypeofcable.Coppercable,for
example,ismuchmorepronetoattenuationthanfiber-opticcable.Thisisonereasonwhy
fiber-opticcablesegmentscanbemuchlongerthancopperones.
WhenbuildingaLAN,thestandardforthedatalinklayerprotocolyouintendtouse
containsspecificationsforthetypesofcableyoucanuseandtheguidelinesforinstalling
them.Theseguidelinesinclude,amongotherthings,theminimumandmaximumlengths
forthecablesconnectingthecomputers.Thecable’sattenuationrateisoneofthemost
importantfactorsaffectingthemaximumcablelength.Whenyouhavetorunacable
acrossalongerdistancethanisspecifiedinthestandard,youcanusearepeatertoamplify
thesignal,enablingittotravelgreaterdistanceswithoutattenuatingtothepointofbeing
unreadablebythedestinationsystem.Initssimplestform,arepeaterisanelectrical
deviceusedonacopper-basednetworkthatreceivesasignalthroughonecable
connection,amplifiesit,andtransmitsitoutthroughanotherconnection.
Repeaterswerefirstusedindatanetworkingtoexpandthelengthofcoaxialcable
segmentsonEthernetnetworks.Onacoaxialnetwork,suchasathinorthickEthernet
LAN,astand-alonerepeaterenablesyoutoextendthemaximumbuslengthpast185
meters(forthinEthernet)or500meters(forthickEthernet).Thistypeofrepeateris
simplyasmallboxwithtwoBNCconnectorsonitandapowercable.UsingTconnectors
andterminators,youconnecttwocablesegmentstotherepeaterandtherepeatertoa
powersource.Signalsenteringeitheroneofthetwoconnectorsareimmediatelyamplified
andtransmittedoutthroughtheotherconnector.Onmostnetworkstoday,itisraretoseea
stand-alonerepeaterbecausethisfunctionisbuiltintoanotherdevice,suchasahubora
switch.
Becauseitsfunctionispurelyelectrical,thistypeofrepeaterfunctionedatthe
network’sphysicallayeronly.Therepeatercannotreadthecontentsofthepackets
travelingoverthenetworkorevenknowthattheyarepackets.Thedevicesimply
amplifiedtheincomingelectricalsignalsandpassedthemon.Repeatersarealsoincapable
ofperforminganysortoffiltrationonthedatatravelingoverthenetwork.Asaresult,two
cablesegmentsjoinedbyarepeaterformasinglecollisiondomainandthereforeasingle
network.
Hubs
Ahubisadevicethatfunctionsasthecablingnexusforanetworkthatusesthestar
topology.Eachcomputerhasitsowncablethatconnectstothecentralhub.The
responsibilityofthehubistoseetoitthattrafficarrivingoveranyofitsportsis
propagatedoutthroughtheotherports.Dependingonthenetworkmedium,ahubmight
useelectricalcircuitry,opticalcomponents,orothertechnologiestodisseminatethe
incomingsignaloutamongtheoutgoingports.Afiber-optichub,forexample,actually
usesmirrorstosplitthelightimpulses.
Thehubitselfisabox,eitherfreestandingorrack-mounted,withanumberofportsto
whichthecablesconnect.TheportscanbethestandardRJ-45connectorsusedbytwistedpairnetworks,STconnectorsforfiber-opticcable,oranyothertypeofconnectorusedon
astarnetwork.Inmanycases,hubsalsohaveoneormoreLEDsforeachportthatlightup
toindicatewhenadeviceisconnectedtoit,whentrafficispassingthroughtheport,or
whenacollisionoccurs.
ThetermhuborconcentratorisusedprimarilyinreferencetoEthernetnetworks;the
equivalentdeviceonaTokenRingnetworkiscalledamultistationaccessunit(MAU).
Otherprotocolstypicallyuseoneortheotheroftheseterms,dependingonthemedia
accesscontrol(MAC)mechanismtheprotocoluses.Theinternalfunctionsofhubsand
MAUsareverydifferent,buttheyservethesamebasicpurpose:toconnectacollectionof
computersandotherdevicesintoasinglecollisiondomain.
PassiveHubs
Unlikestand-alonerepeaters,whichwereallessentiallythesame,manydifferenttypesof
hubsexistwithdifferentcapabilities.Atitssimplest,ahubsuppliescableconnectionsby
passingallthesignalsenteringthedevicethroughanyportoutthroughalltheotherports.
Thisisknownasapassivehubbecauseitoperatesonlyatthephysicallayer,hasno
intelligence,anddoesnotamplifyormodifythesignalinanyway.Thistypeofhubwasat
onetimeusedonARCnetnetworks,butitisalmostneverusedonnetworkstoday.
Repeating,Active,andIntelligentHubs
ThehubsusedonEthernetnetworkspropagatedreceivedsignalsthroughanyoftheir
portsoutthroughalloftheotherportsinthedevicesimultaneously.Thiscreatesashared
networkmediumandjoinsthenetworkedcomputersintoasinglecollisionandbroadcast
domain,justasiftheywereconnectedtothesamecable,asonacoaxialEthernetnetwork.
Ethernethubsalsosupplyrepeatingfunctionalitybyamplifyingtheincomingsignalsas
theypropagatethemtotheotherports.Infact,Ethernethubsweresometimesreferredto
asmultipointrepeaters.Unlikeapassivehub,arepeating(oractive)hubrequiresapower
sourcetoboostthesignal.Thedevicestilloperatesatthephysicallayer,however,because
itdealsonlywiththerawsignalstravelingoverthecables.
Somehubsgobeyondrepeatingandcanrepairandretimethesignalstosynchronize
thetransmissionsthroughtheoutgoingports.Thesehubsuseatechniquecalledstoreand
forward,whichinvolvesreadingthecontentsofthepacketstoretransmitthemover
individualportsasneeded.Ahubwiththesecapabilitiescanlowerthenetwork
performanceforthesystemsconnectedtoitbecauseofprocessingdelays.Atthesame
time,packetlossisdiminished,andthenumberofcollisionsisreduced.
AnEthernethubconnectsallofyourcomputersintoasinglecollisiondomain,which
isnotaproblemonasmallnetwork.Largernetworksconsistofmultiplenetwork
segmentsconnectedbyothertypesofdevices,suchasbridges,switches,orrouters.
BecauseanEthernethubalsofunctionsasarepeater,eachofthecablesconnectingthe
hubtoacomputercanbethemaximumlengthallowedbytheprotocolstandard.For
EthernetrunningonUTPcable,themaximumlengthis100meters.
UsingmultiplehubsonasingleLANispossiblebyconnectingthemtogethertoform
ahierarchicalstarnetwork,asshowninFigure4-1.Whenyoudothisusingstandard
repeatinghubs,allthecomputersremaininthesamecollisiondomain,andyoumust
observetheconfigurationguidelinesforthedatalinklayerprotocolusedonthenetwork.
Justaswiththestand-alonerepeatersdiscussedearlierinthischapter,thepathbetween
anytwomachinesona10MbpsEthernetnetworkcannotincludemorethanfourrepeaters
(hubs).FastEthernetnetworkstypicallysupportonlytwohubs.
Figure4-1Thisstarnetworkusesmultiplehubstoexpandthecollisiondomain.
Intelligenthubsareunitsthathavesomeformofintegratedmanagementcapability.A
basicrepeatinghubisessentiallyanelectricaldevicethatpropagatesincomingpacketsto
allavailableportswithoutdiscrimination.Intelligenthubsdothesamething,buttheyalso
monitortheoperationofeachport.Themanagementcapabilitiesvarywidelybetween
products,butmanyintelligenthubsusetheSimpleNetworkManagementProtocol
(SNMP)tosendinformationtoacentralizednetworkmanagementconsole.Otherdevices
mightuseaterminaldirectlyconnectedtothehuboranHTMLinterfaceeasilyaccessed
fromtheInternetfromanywhereonthenetwork.
Theobjectofthemanagementcapabilityistoprovidethenetworkadministratorwith
acentralizedsourceofinformationaboutthehubsandthesystemsconnectedtothem.
Thiseliminatestheneedforthestaffsupportingalargenetworktogorunningtoeach
wiringclosetlookingforthehuborsystemcausingaproblem.Themanagementconsole
typicallydisplaysagraphicalmodelofthenetworkandalertstheadministratorwhena
problemorfailureoccursonanysystemconnectedtothehub.
Onsmallernetworks,thiscapabilityisn’tneeded,butwhenyou’remanagingan
enterprisenetworkwithhundredsorthousandsofnodes,atechnologythatcantellyou
exactlywhichoneofthehubportsismalfunctioningcanbehelpful.Thedegreeof
intelligencebuiltintoahubvariesgreatlywiththeproduct.Mostdeviceshavesufficient
intelligencetogobeyondthedefinitionofahubandprovidebridging,switching,or
routingfunctions.
CollisionDomainsandBroadcastDomains
Acollisiondomainisagroupofcomputersconnectedbyanetworksothatifany
twocomputerstransmitatthesametime,acollisionbetweenthetransmittedpackets
occurs,causingthedatainthepacketstobedamaged.Thisisincontrasttoa
broadcastdomain,whichisagroupofcomputersnetworkedtogetherinsuchaway
thatifonecomputergeneratesabroadcasttransmission,alloftheothercomputersin
thegroupreceiveit.Thesetwoconceptsarethetestsusedtodefinethefunctionality
ofnetworkconnectiondevices(suchasrepeaters,hubs,bridges,switches,and
routers)andareusedrepeatedlyinthischapter.Otherfactorsbesidesattenuation
limitthemaximumdistanceanetworksignalcantravel.OnanEthernetnetwork,for
example,thefirstbitofapacketbeingtransmittedbyonecomputermustreachall
theothercomputersonthelocalnetworkbeforethelastbitistransmitted.Therefore,
youcannotextendanetworksegmentwithoutlimitbyaddingmultiplerepeaters.A
10MbpsEthernetnetworkcanhaveuptofivecablesegmentsconnectedbyfour
repeaters.FastEthernetnetworksaremorelimited,allowingamaximumofonlytwo
repeaters.
TokenRingMAUs
TokenRingnetworksusehubsaswell,althoughtheycallthemmultistationaccessunits.
WhiletheMAU,toallexternalappearances,performsthesamefunctionasanEthernet
hub,itsinternalworkingsarequitedifferent.Insteadofpassingincomingtraffictoallthe
otherportsatonetime,likeinanEthernethub,theMAUtransmitsanincomingpacket
outthrougheachportinturn,oneatatime.Aftertransmittingapackettoaworkstation,
theMAUwaitsuntilthatpacketreturnsthroughthesameportbeforeittransmitsitoutthe
nextport.Thisimplementsthelogicalringtopologyfromwhichtheprotocolgetsits
name.
MAUscontainswitchesthatenablespecificportstobeexcludedfromtheringinthe
eventofafailureofsomekind.Thispreventsamalfunctioningworkstationfrom
disturbingthefunctionalityoftheentirering.MAUsalsohavering-inandring-outports
thatyoucanusetoenlargetheringnetworkbyconnectingseveralMAUs.
NOTESeeChapter12formoreinformationonnetworkprotocols.
HubConfigurations
Hubsareavailableinawidevarietyofsizesandwithmanydifferentfeatures,ranging
fromsmall,simpledevicesdesignedtoserviceahandfulofcomputerstohugerackmountedaffairsforlarge,enterprisenetworks.Hubdesignsfallintothreecategories,as
follows:
•Stand-alonehubs
•Stackablehubs
•Modularhubs
Astand-alonehubisausuallyasmallboxaboutthesizeofapaperbackbookthathas
anywherefrom4to16portsinit.Asthenameimplies,thedeviceisfreestanding,hasits
ownpowersource,andcaneasilyfitonorunderadesk.Four-orfive-porthubscanwork
forhomenetworksorforprovidingquick,adhocexpansionstoalargernetwork.Larger
unitscansupportmoreconnectionsandoftenhaveLEDsthatindicatethepresenceofa
linkpulsesignalontheconnectedcableand,possibly,theoccurrenceofacollisiononthe
network.
Despitethename,astand-alonehubusuallyhassomemechanismforconnectingwith
otherhubstoexpandthenetworkwithinthesamecollisiondomain.Thefollowing
sectionsexaminehowthemostcommonmechanismsareusedforthispurpose.
TheUplinkPort
Thecablesusedonatwisted-pairnetworkarewiredstraightthrough,meaningthateach
oftheeightpinsontheRJ-45connectorononeendofthecableiswiredtothe
correspondingpinontheotherend.UTPnetworksuseseparatewirepairswithinthecable
fortransmittingandreceivingdata.ForaUTPconnectionbetweentwocomputersto
function,however,thetransmitcontactsoneachsystemmustbeconnectedtothereceive
contactsontheother.Therefore,acrossovermustexistsomewhereintheconnection,and
traditionallythisoccursinthehub,asshowninFigure4-2.Thepinsineachofahub’s
portsareconnectedtothoseofeveryotherportusingcrossovercircuitsthattransposethe
transportdata(TD)andreceivedata(RD)signals.Withoutthiscrossovercircuit,the
transmitcontactsonthetwosystemsareconnected,asarethereceivecontacts,preventing
anycommunicationfromtakingplace.
Figure4-2Hubsthatcontaincrossovercircuitsallowcablestobewiredstraightthrough.
NOTESeemoreinformationoncablinginChapter5.
Manyhubshaveaportthatbypassesthecrossovercircuit,whichyoucanuseto
connecttoanotherhub.Thisportistypicallylabeleduplinkandmayormaynothavea
switchthatenablesyoutospecifywhethertheportshouldbecrossedoverorwired
straightthrough.lfyouhavemorethanonehubonyoursystem,youconnectthemusing
theuplinkportononehubonlyandastandardportontheother.lfyouconnecttwohubs
usingtheuplinkportsonbothdevices,thetwocrossoverswouldcanceleachotherout,
andtheconnectionbetweenacomputerattachedtoonehubandacomputerattachedto
theotherwouldbetheequivalentofastraight-throughconnection.Ifahubdoesnothave
anuplinkport,youcanstillconnectittoanotherhubusingastandardportandacrossover
cable,whichisacablethathasthetransmitpinsoneachendwireddirectlytothereceive
pinsontheotherend.Youtypicallyusetheuplinkporttoconnecthubswhenthey’re
locatedsomedistanceawayfromeachotherandyouwanttousethesamecablemedium
throughoutthenetwork.Whenyouareevaluatinghubs,beingawareofjusthowmany
hubportsareavailableforworkstationconnectionsisimportant.Adeviceadvertisedasan
eight-porthubmayhavesevenstandardportsandoneuplinkport,leavingonlyseven
connectionsforcomputers.Nomatterwhatthesizeofthenetwork,purchasinghubswith
afewportsmorethanyouneedrightnow,forexpansionpurposes,isalwaysagoodidea.
Whenyouhaveseveral10Base-TEthernethubsconnectedinahierarchicalstar
topologyusingtheiruplinkports,eachlengthofcableisaseparatesegment.Becausethe
Ethernetguidelinesallowthepathfromonesystemtoanothertotravelacrossonlyfive
segments,connectedbyfourrepeaters,youarelimitedtofourhubsonanyparticular
LAN.
Asyouexpandthistypeofnetworkfurther,youmayrunintoanotherEthernet
limitationnotyetmentioned.Thebusconnectingthehubsiscalledamixingsegment
becauseithasmorethantwodevicesconnectedtoit.Asegmentthatconnectsonlytwo
devices,suchastheUTPcableconnectinghubsthroughtheuplinkport,iscalledalink
segment.Ofthefivesegmentspermittedona10BaseTLAN,onlythreeofthesecanbe
mixingsegments.Thisguideline,statingthatyoucanconnectuptofivesegmentsusing
fourrepeatersandthatnomorethanthreeofthesegmentscanbemixingsegments,is
knownastheEthernet5-4-3rule.
StackableHubs
Asyoumoveupthescaleofhubsizeandcomplexity,youfindunitscalledstackablehubs
thatprovidegreaterexpandability.Asthenameimplies,thesehubshavecasesdesignedto
stackoneontopoftheother,butthisisnottheonlydifference.Unlikestand-alonehubs,
whichcanbelocatedindifferentroomsorfloorsandstillconnectedtogether,stackable
hubsaretypicallylocatedinadatacenterorwiringclosetandareconnectedtogetherwith
shortcables.
Whenyouconnectstackablehubs,theyformwhatisfunctionallyasinglelargerhub.
Thecablesconnectingtheunitsdonotformseparatesegments,soyoucanhavemorethan
fourhubsinterconnected.Inaddition,thesedevicescansharetheircapabilities.Asingle
intelligenthubunitcanmanageitsownports,aswellasthoseofalltheotherunitsinthe
array.
Stackablehubshavetheirownpowersuppliesandcanfunctionindependently,thus
providingamuchmoreexpandableenvironmentthanstand-alonehubs.Youcanstartwith
asingleunit,withoutincurringthemajorexpenseofachassis(likethatusedbymodular
hubs),andconnectadditionalunitsasthenetworkgrows.
ModularHubs
Modularhubsaredesignedtosupportthelargernetworksandprovidethegreatestamount
ofexpandabilityandflexibility.Amodularhubconsistsofachassisthatisnearlyalways
mountedinastandard19-inchequipmentrackandcontainsseveralslotsintowhichyou
plugindividualcommunicationsmodules.Thechassisprovidesacommonpowersource
forallthemodules,aswellasaback-planethatenablesthemtocommunicatewitheach
other.Themodulescontaintheportstowhichyouconnectthecomputercables.Whenyou
plugmultiplemodulesintothechassis,theybecome,ineffect,asinglelargehub.
Bridges
AbridgeisanotherdeviceusedtoconnectLANcablesegments,butunlikehubs,bridges
operateatthedatalinklayeroftheOSImodelandareselectiveaboutthepacketsthatpass
throughthem.Repeatersandhubsaredesignedtopropagateallthenetworktrafficthey
receivetoalloftheconnectedcablesegments.Abridgehastwoormorenetwork
interfaces(completewiththeirownMACaddresses)withtheirportsconnectedto
differentcablesegmentsandoperatinginpromiscuousmode.
NOTEIfacomputerisinpromiscuousmode,itcouldmeanthenetworkor
thatcomputerhasbeenaccessedillegally.
Promiscuousmodemeansthattheinterfacesreceiveallofthepacketstransmittedon
theconnectedsegments.Aseachpacketentersthebridge,thedevicereadsitsdestination
addressinthedatalinklayerprotocolheaderand,ifthepacketisdestinedforasystemon
anothersegment,forwardsthepackettothatsegment.lfthepacketisdestinedfora
systemonthesegmentfromwhichitarrived,thebridgediscardsthepacketbecauseithas
alreadyreacheditsdestination.Thisprocessiscalledpacketfiltering.Packetfilteringis
oneofthefundamentalprinciplesusedbynetworkconnectiondevicestoregulatenetwork
traffic.Inthiscase,thepacketfilteringisoccurringatthedatalinklayer,butitcanalso
occuratthenetworkandtransportlayers.
Justtheabilitytoreadthecontentsofapacketheaderelevatesabridgeabovethelevel
ofahuborrepeater,bothofwhichdealonlywithindividualsignals.However,aswitha
huborrepeater,thebridgemakesnochangesinthepacketwhatsoeverandiscompletely
unawareofthecontentswithinthedatalinklayerframe.InChapter2,theprotocol
operatingattheOpenSystemsInterconnection(OSI)model’sdatalinklayerwas
comparedtoapostalsystem,inwhicheachpacketisapieceofmailandthedatalink
layerframefunctionsastheenvelopecontainingthedatageneratedbytheupperlayers.
Toextendthatanalogy,thebridgeisabletoreadtheaddressesonthepacketenvelopes,
butitcannotreadthelettersinside.Asaresult,youdon’thavetoconsidertheprotocols
runningatthenetworklayerandaboveatallwhenevaluatingorinstallingbridges.
Byusingpacketfiltering,thebridgereducestheamountofexcesstrafficonthe
networkbynotpropagatingpacketsneedlessly.Broadcastmessagesareforwardedtoall
oftheconnectedsegments,however,makingitpossibletouseprotocolsthatrelyon
broadcastswithoutmanualsystemconfiguration.Unlikearepeaterorhub,however,a
bridgedoesnotrelaydatatotheconnectedsegmentsuntilithasreceivedtheentirepacket.
(Remember,hubsandrepeatersworkwithsignals,whilebridgesworkwithpackets.)
Becauseofthis,twosystemsonbridgedsegmentscantransmitsimultaneouslywithout
incurringacollision.Thus,abridgeconnectsnetworksegmentsinsuchawayastokeep
theminthesamebroadcastdomainbutindifferentcollisiondomains.Thesegmentsare
stillconsideredtobepartofthesameLAN,however.
If,forexample,youhaveaLANthatisexperiencingdiminishedperformancebecause
ofhighlevelsoftraffic,youcansplititintotwosegmentsbyinsertingabridgeatthe
midpoint.Thiswillkeepthelocaltrafficgeneratedoneachsegmentlocalandstillpermit
broadcastsandothertrafficintendedfortheothersegmenttopassthrough.OnanEthernet
network,reducingtrafficinthiswayalsoreducesthenumberofcollisions,whichfurther
increasesthenetwork’sefficiency.Bridgesalsoprovidethesamerepeatingfunctionsasa
hub,enablingyoutoextendthecablelengthaccordingly.
Bridgeshavemainlybeenreplacedbyroutersandswitches,whicharecoveredlaterin
thischapter.Today,bridgesareusedprimarilyinwirelessconfigurations.SeeChapter6
forinformationaboutwirelessLANs.
TheSpanningTreeProtocol
Toaddresstheproblemofendlessloopsandbroadcaststormsonnetworkswith
redundantbridging,theDigitalEquipmentCorporationdevisedthespanningtree
algorithm(STA),whichpreservesthefaulttoleranceprovidedbytheadditional
bridges,whilepreventingtheendlessloops.STAwaslaterrevisedbytheInstituteof
ElectricalandElectronicEngineers(IEEE)andstandardizedasthe802.1d
specification.
Thealgorithmworksbyselectingonebridgeforeachnetworksegmentthathas
multiplebridgesavailable.Thisdesignatedbridgetakescareofallthepacket
filteringandforwardingtasksforthesegment.Theothersremainidlebutstandready
totakeovershouldthedesignatedbridgefail.
Duringthisselectionprocess,eachbridgeisassignedauniqueidentifier(using
oneofthebridge’sMACaddresses,plusapriorityvalue),asiseachindividualport
oneachbridge(usingtheport’sMACaddress).Eachportisalsoassociatedwitha
pathcost,whichspecifiesthecostoftransmittingapacketontotheLANusingthat
port.Pathcoststypicallycanbespecifiedbyanadministratorwhenareasonexiststo
preferoneportoveranother,ortheycanbelefttodefaultvalues.
Onceallthecomponentshavebeenidentified,thebridgewiththelowest
identifierbecomestherootbridgefortheentirenetwork.Eachoftheotherbridges
thendetermineswhichofitsportscanreachtherootbridgewiththelowestcost
(calledtherootpathcost)anddesignatesitastherootportforthatbridge.
Finally,foreachnetworksegment,adesignatedbridgeisselected,aswellasa
designatedportonthatbridge.Onlythedesignatedportonthedesignatedbridgeis
permittedtofilterandforwardthepacketsforthatnetworksegment.Theother
(redundant)bridgesonthatsegmentremainoperative—incasethedesignatedbridge
shouldfail—butareinactiveuntiltheyareneeded.Nowthatonlyonebridgeis
operatingoneachsegment,packetscanbeforwardedwithoutloopsforming.
Toperformthesecalculations,bridgesmustexchangemessagesamong
themselves,usingamessageformatdefinedinthe802.1dstandard(seeFigure4-3).
Thesemessagesarecalledbridgeprotocoldataunits(BPDUs).
Figure4-3Theformatofthedatamessageusedwhencomputingthespanningtreeprotocolalgorithm
Foreachcriterion,alowervalueisbetterthanahigherone.Ifabridgereceivesa
BPDUmessagewithbettervaluesthanthoseinitsownmessages,itstops
transmittingBPDUsovertheportthroughwhichitarrived—ineffectrelinquishing
itsdutiestothebridgebettersuitedforthejob.Thebridgealsousesthevaluesinthat
incomingBPDUtorecalculatethefieldsofthemessagesitwillsendthroughthe
otherports.
NOTEThespanningtreealgorithmmustcompletebeforethebridges
beginforwardinganynetworktraffic.
Oncethespanningtreealgorithmhasdesignatedabridgeforeachnetwork
segment,itmustalsocontinuetomonitorthenetworksothattheprocesscanbegin
againwhenabridgefailsorgoesoffline.Allofthebridgesonthenetworkstorethe
BPDUsthey’vereceivedfromtheotherbridgesandtracktheirages.Onceamessage
exceedsthemaximumallowableage,itisdiscardedandthespanningtreemessage
exchangesbeginagain.
Today,avariationofSTPcalledRapidSpanningTreeProtocol(RSTP)is
recommendedandhasbeenaddedasIEEE802.1w,whichhasbecomethestandard.
TheconvergencetimeforlegacySTP(IEEE802.1d),whichisthegapwhennetwork
bridgesandswitchesarenotforwardinganytraffic,isabout30to50seconds.In
modernnetworks,thisconvergencetimegapissueisunacceptable.RSTP(IEEE
802.1w)addressestheproblem.Thisnewstandardenablesrootportsanddesignated
portstoforwardtrafficinafewseconds.
TransparentBridging
Tofilterthepacketsreachingiteffectively,abridgehastoknowwhichsystemsare
locatedonwhichnetworksegmentssoitcandeterminewhichpacketstoforwardand
whichtodiscard.Thebridgestoresthisinformationinanaddresstablethatisinternalto
theunit.Originally,networkadministratorshadtocreatetheaddresstableforabridge
manually,buttoday’sbridgescompiletheaddresstableautomatically,aprocesscalled
transparentbridging.
Assoonasatransparentbridge(alsoknownasalearningbridge)isconnectedtothe
networksegments,itbeginstocompileitsaddresstable.Byreadingthesourceaddresses
inthearrivingpacketsandnotingtheinterfaceoverwhichtheyarrived,thebridgecan
buildatableofnodeaddressesforeachsegmentconnectedtoit.
Toillustrate,pictureanetworkcomposedofthreesegments(A,B,andC),all
connectedtoalocalbridge,asshowninFigure4-4.Whenthebridgeisfirstactivated,it
receivesapacketfromNode1overtheinterfacetoNetworkAthatisdestinedforNode2
onNetworkB.BecausethebridgenowknowsNode1islocatedonNetworkA,itcreates
anentryinitstableforNetworkAthatcontainsNode1’sMACaddress.
Figure4-4Atransparentbridgeforwardspacketsbasedonaddresstablesitcompilesfrompreviouslytransmitted
packets.
Atthistime,thebridgehasnoinformationaboutNode2andthesegmentonwhich
it’slocated,soittransmitsitspacketouttoNetworksBandC—thatis,allofthe
connectedsegmentsexcepttheonefromwhichthepacketarrived.Thisisthedefault
behaviorofabridgewheneveritreceivesapacketdestinedforasystemnotinitstables.It
transmitsthepacketoveralloftheothersegmentstoensurethatitreachesitsdestination.
OnceNode2receivesthepacket,ittransmitsareplytoNode1.BecauseNode2is
locatedonNetworkB,itsreplypacketarrivesatthebridgeoveradifferentinterface.Now
thebridgecanaddanentrytoitstableforNetworkBcontainingNode2’saddress.On
examiningthepacket,thebridgelooksforthedestinationaddressinitstablesand
discoversthattheaddressbelongstoNodel,onNetworkA.Thebridgethentransmitsthe
packetovertheinterfacetoNodeAonly.
Fromthispointon,whenanyothersystemonNetworkAtransmitsapackettoNodel,
thebridgeknowstodiscarditbecausethereisnoneedtopassitalongtotheother
segments.However,thebridgestillusesthosepacketstoaddthetransmittingstationsto
itsaddresstableforNetworkA.
Eventually,thebridgewillhaveaddresstableentriesforallthenodesonthenetwork,
anditcandirectalloftheincomingpacketstotheappropriateoutgoingports.
BridgeLoops
Whenthesegmentsofanetworkareconnectedusingbridges,thefailureormalfunctionof
abridgecanbecatastrophic.Forthisreason,administratorsoftenconnectnetwork
segmentswithredundantbridgestoensurethateverynodecanaccesstheentirenetwork,
evenifabridgeshouldfail.
InFigure4-5,threesegmentsareconnectedbytwobridges.Ifoneofthebridgesfails,
oneofthesegmentsiscutofffromtherestofthenetwork.Toremedythisproblemandto
providefaulttolerance,youcanaddathirdbridgeconnectingthetwoendsegments,as
showninFigure4-6.Thisway,eachsystemalwayshastwopossiblepathstotheother
segments.
Figure4-5Wheneachsegmentisconnectedtotheothersusingonebridge,asinglepointoffailureiscreated.
Figure4-6Connectingeachsegmenttotwobridgesprovidesfaulttolerance.
Installingredundantbridgescanbeagoodidea,butitalsoproduceswhatcanbea
seriousproblem.Whenacomputer(Node1)islocatedonasegmentconnectedtotwo
bridges,asshowninFigure4-7,bothofthebridgeswillreceivethefirstpacketthesystem
transmitsandaddthemachine’saddresstotheirtablesforthatsegment,NetworkA.Both
bridgeswillthentransmitthesamepacketontotheothersegment,NetworkB.Asaresult,
eachbridgewillthenreceivethepacketforwardedbytheotherbridge.Thepacketheaders
willstillshowtheaddressofNode1asthesource,butbothbridgeswillhavereceivedthe
packetovertheNetworkBinterface.Asaresult,thebridgesmay(ormaynot)modify
theiraddresstablestoshowNode1asbeingonNetworkB,notA.Ifthisoccurs,any
subsequenttransmissionsfromNode2onNetworkBthataredirectedtoNode1willbe
droppedbecausethebridgesthinkNode1isonNetworkB,whenitis,infact,onA.
Figure4-7Redundantbridgesprovidefaulttolerance,buttheycanalsocreatebridgingloopsandbroadcaststorms.
Theresultofthisoccurrenceislostdata(becausethebridgesareimproperlydropping
frames)anddegradednetworkperformance.Eventually,theincorrectentriesinthe
bridges’addresstableswillexpireorbemodified,butintheinterim,Node1iscutoff
fromthesystemsontheothernetworksegments.
Ifthisproblemisn’tbadenough,whathappenswhenNode1transmitsabroadcast
messageisworse.BothofthebridgesforwardthepackettoNetworkB,whereitis
receivedbytheotherbridge,whichforwardsitagain.Becausebridgesalwaysforward
broadcastpacketswithoutfilteringthem,multiplecopiesofthesamemessagecirculate
endlesslybetweenthetwosegments,constantlybeingforwardedbybothbridges.Thisis
calledabroadcaststorm,anditcaneffectivelypreventallothertrafficonthenetwork
fromreachingitsdestination.
SourceRouteBridging
SourceroutebridgingisanalternativetotransparentbridgingthatwasdevelopedbyIBM
foruseonmultisegmentTokenRingnetworksandisstandardizedinIEEE802.5.Ona
networkthatusestransparentbridging,thepathapackettakestoadestinationonanother
segmentisdeterminedbythedesignatedbridgesselectedbythespanningtreealgorithm.
Insourceroutebridging,thepathtothedestinationsystemisdeterminedbythe
workstationandcontainedineachindividualpacket.
Todiscoverthepossibleroutesthroughthenetworktoagivendestination,aToken
RingsystemtransmitsanAllRingsBroadcast(ARB)framethatallthebridgesforwardto
allconnectedrings.Aseachbridgeprocessestheframe,itaddsitsroutedesignator(RD),
identifyingthebridgeandport,tothepacket.ByreadingthelistofRDs,bridgesprevent
loopsbynotsendingthepackettothesamebridgetwice.
Ifmorethanonerouteexiststothedestinationsystem,multipleARBswillarrive
there,containinginformationaboutthevariousroutestheytook.Thedestinationsystem
thentransmitsareplytoeachoftheARBsitreceives,usingthelistofRDstoroutethe
packetbacktothesender.
WhentheoriginalsenderoftheARBsreceivestheresponses,itselectsoneofthe
routestothedestinationasthebestone,basedononeormoreofthefollowingcriteria:
•Theamountoftimerequiredfortheexplorerframetoreturntothesender
•Thenumberofhopsbetweenthesourceandthedestination
•Thesizeoftheframethesystemcanuse
Afterselectingoneoftheroutes,thesystemgeneratesitsdatapacketsandincludesthe
routinginformationintheTokenRingframeheader.
TheformatfortheARBpacketandforadatapacketcontainingroutinginformationis
thesameasastandardIEEE802.5frame,exceptthatthefirstbitofthesourceaddress
field,calledtheroutinginformationindicator(RII)bit,issettoavalueof1,indicating
thatthepacketcontainsroutinginformation.Theroutinginformationitself,whichis
nothingmorethanalistofthebridgesthepacketwillusewhentravelingthroughthe
network,iscarriedthroughtheroutinginformationfield(RIF)thatappearsaspartofthe
informationfield,justaftertheframe’ssourceaddressfield.
TheRIFconsistsofa2-byteroutingcontrolsectionandanumberof2-byteroute
designatorsections.
Broadcastindicators(3bits)specifythetypeofroutingtobeusedbytheframe,
accordingtothefollowingvalues:
•NonbroadcastIndicatesthatthepacketcontainsaspecificroutetothe
destinationintheroutedesignatorsectionsoftheRIFfield.
•100:AllroutesbroadcastIndicatesthatthepacketshouldberouted
throughallthebridgesonthenetwork(withouttraversingthesamebridgetwice)
andthateachbridgeshouldaddaroutedesignatorsectiontotheRIFfield
identifyingthebridgeandtheportontowhichitisbeingforwarded.
•110:SingleroutebroadcastIndicatesthatthepacketshouldberoutedonly
throughthebridgesdesignatedbythespanningtreealgorithmandthateach
bridgeshouldaddaroutedesignatorsectiontotheRIFfieldidentifyingthebridge
andtheportontowhichitisbeingforwarded.
•Length(5bits)IndicatesthetotallengthoftheRIFfield,from2to30
bytes.
•Directionbit(1bit)Specifiesthedirectioninwhichthepacketistraveling.
Thevalueofthisbitindicateswhetherthetransmittingnodeshouldreadtheroute
designatorsectionsintheRIFfieldfromlefttoright(0)orfromrighttoleft(1).
•Largestframe(3bits)Indicatesthelargestframesizethatcanbe
accommodatedbytheroute,calledthemaximumtransferunit(MTU).Initiallyset
bythetransmittingsystem,abridgelowersthisvalueifitforwardsthepacket
ontoasegmentthatsupportsonlysmallerframes.Thepermittedvaluesareas
follows:
•000indicatesaMACMTUof552bytes
•001indicatesaMACMTUofl,064bytes
•010indicatesaMACMTUof2,088bytes
•011indicatesaMACMTUof4,136bytes
•100indicatesaMACMTUof8,232bytes
•Unused(4bits)
TheIBMstandardforsourceroutebridgingoriginallyspecifiedamaximumof8route
designatorsectionsinasinglepacket,buttheIEEE802.5standardallowsupto14.Each
workstationmustmaintainitsownroutinginformationtoeachofthesystemswithwhich
itcommunicates.ThiscanresultinalargenumberofARBframesbeingprocessedbya
destinationsystembeforeitevenseesthefirstbyteofapplicationdata.
BridgingEthernetandTokenRingNetworks
Generallyspeaking,Ethernetnetworksusetransparentbridging,andTokenRingnetworks
usesourceroutebridging.So,whathappenswhenyouwanttoconnectanEthernet
segmenttoaTokenRingusingabridge?Theansweriscomplicatedbecausethetask
presentsanumberofsignificantobstacles.
Someofthefundamentalincompatibilitiesofthetwodatalinklayerprotocolsareas
follows:
•BitorderingEthernetsystemsconsiderthefirstbitofaMACaddresstobe
thelow-orderbit,whileTokenRingsystemstreatthefirstbitasthehigh-orderbit.
•MTUsizesEthernetframeshaveamaximumtransferunitsizeof1,500
bytes,whileTokenRingframescanbemuchlarger.Bridgesarenotcapableof
fragmentingpacketsfortransferoverasegmentwithalowerMTUandthen
reassemblingthematthedestination,likeroutersare.Atoo-largepacketarriving
atabridgetoasegmentwithasmallerMTUcanonlybediscarded.
•ExclusiveTokenRingfeaturesTokenRingnetworksuseframestatusbits,
priorityindicators,andotherfeaturesthathavenoequivalentinEthernet.
Inaddition,thetwobridgingmethodshavetheirownincompatibilities.Transparent
bridgesneitherunderstandthespecialfunctionoftheARBmessagesusedinsourceroute
bridgingnorcantheymakeuseoftheRIFfieldinTokenRingpackets.Conversely,source
routebridgesdonotunderstandthespanningtreealgorithmmessagesgeneratedby
transparentbridges,andtheydonotknowwhattodowhentheyreceiveframeswithno
routinginformation.
Twoprimarymethodsexistforovercomingtheseincompatibilities,neitherofwhichis
anidealsolution:
•Translationalbridging
•Sourceroutetransparentbridging
TranslationalBridging
Intranslationalbridging,aspecialbridgetranslatesthedatalinklayerframesbetweenthe
EthernetandTokenRingformats.Nostandardatallexistsforthisprocess,sothemethods
usedbyindividualproductmanufacturerscanvarywidely.Somecompromiseisneededin
thetranslationprocessbecausenowayexiststoimplementallthefeaturesfullyineachof
theprotocolsandtobridgethosefeaturestoitscounterpart.Someofthetechniquesused
invarioustranslationalbridgestoovercometheincompatibilitiesaredescribedinthe
followingparagraphs.
OneofthebasicfunctionsofthebridgeistomapthefieldsoftheEthernetframeonto
theTokenRingframeandviceversa.Thebridgereversesthebitorderofthesourceand
destinationaddressesforthepacketspassingbetweenthesegmentsandmayormaynot
takeactionbasedonthevaluesofaTokenRingpacket’sframestatus,priority,
reservation,andmonitorbits.Bridgesmaysimplydiscardthesebitswhentranslatingfrom
TokenRingtoEthernetandsetredeterminedvaluesforthemwhentranslatingfrom
EthernettoTokenRing.
TodealwiththedifferentMTUsizesofthenetworksegments,atranslationbridgecan
setthelargestframevalueintheTokenRingpacket’sRIFfieldtotheMTUforthe
Ethernetnetwork(1,500bytes).AslongastheTokenRingimplementationsonthe
workstationsreadthisfieldandadjusttheirframesizesaccordingly,noproblemshould
occur,butanyframeslargerthantheMTUontheEthernetsegmentswillbedroppedby
thebridgeconnectingthetwonetworks.
Thebiggestdifferencebetweenthetwotypesofbridgingisthat,onEthernet
networks,theroutinginformationisstoredinthebridges,whileonTokenRingnetworks,
it’sstoredattheworkstations.Forthetranslationalbridgetosupportbothnetworktypes,it
mustappearasatransparentbridgetotheEthernetsideandasourceroutebridgetothe
TokenRingside.
TotheTokenRingnetwork,thetranslationalbridgehasaringnumberandbridge
number,justlikeastandardsourceroutebridge.Theringnumber,however,representsthe
entireEthernetdomain,notjustthesegmentconnectedtothebridge.Aspacketsfromthe
TokenRingnetworkpassthroughthebridge,theinformationfromtheirRIFfieldsis
removedandcachedinthebridge.Fromthatpointon,standardtransparentbridginggets
thepacketstotheirdestinationsontheEthernetnetwork.
WhenapacketgeneratedbyanEthernetworkstationisdestinedforasystemonthe
TokenRingnetwork,thetranslationalbridgelooksupthesysteminitscacheofRIF
informationandaddsanRIFfieldtothepacketcontainingaroutetothenetwork,if
possible.lfnorouteisavailableinthecacheorifthepacketisabroadcastormulticast,
thebridgetransmitsitasasingle-routebroadcast.
SourceRouteTransparentBridging
IBMhasalsocomeupwithaproposedstandardthatcombinesthetwoprimarybridging
technologies,calledsourceroutetransparent(SRT)bridging.Thistechnologyis
standardizedinAppendixCoftheIEEE802.1ddocument.SRTbridgescanforward
packetsoriginatingoneithersourceroutebridgingortransparentbridgingnetworks,using
aspanningtreealgorithmcommontoboth.Thestandardspanningtreealgorithmusedby
TokenRingnetworksforsingle-routebroadcastmessagesisincompatiblewiththe
algorithmusedbyEthernet,asdefinedinthe802.1dspecification.Thisappendix
reconcilesthetwo.
SRTbridgesusethevalueoftheRIFbittodeterminewhetherapacketcontainsRlF
informationand,consequently,whetheritshouldusesourcerouteortransparentbridging.
Themixingofthetwotechnologiesisnotperfect,however,andnetworkadministrators
mayfinditeasiertoconnectEthernetandTokenRingsegmentswithaswitchorarouter
ratherthaneitheratranslationalorSRTbridge.
Routers
Intheprevioussections,youlearnedhowrepeaters,hubs,andbridgescanconnect
networksegmentsatthephysicalanddatalinklayersoftheOSImodel,creatingalarger
LANwithasinglecollisiondomain.Thenextstepupinthenetworkexpansionprocessis
toconnecttwocompletelyseparateLANsatthenetworklayer.Thisisthejobofarouter.
Routersaremoreselectivethanbridgesinthetraffictheypassbetweenthenetworks,and
theyarecapableofintelligentlyselectingthemostefficientpathtoaspecificdestination.
Becausetheyfunctionatthenetworklayer,routerscanalsoconnectdissimilarnetworks.
Youcan,forexample,connectanEthernetnetworktoaTokenRingnetworkbecause
packetsenteringarouterarestrippedoftheirdatalinklayerprotocolheadersastheypass
uptheprotocolstacktothenetworklayer.Thisleavesaprotocoldataunit(PDU)
encapsulatedusingwhatevernetworklayerprotocolisrunningonthecomputer.After
processing,therouterthenencapsulatesthePDUinanewdatalinklayerheaderusing
whateverprotocolisrunningontheothernetworktowhichtherouterisconnected.
Routersareusedforbothhomesandbusinessnetworks.If,forexample,youuseyour
homecomputertodialintoyoursystematworkandaccessresourcesontheoffice
network,yourworkcomputerisfunctioningasarouter.Inthesameway,ifyousharean
InternetconnectionwithsystemsonaLAN,themachineconnectedtotheInternetisa
router.Arouter,therefore,canbeeitherahardwareorasoftwareentity,anditcanrange
fromthesimpletotheextraordinarilycomplex.
Routersareprotocolspecific;theymustsupportthenetworklayerprotocolusedby
eachpacket.Byfar,themostcommonnetworklayerprotocolinusetodayistheInternet
Protocol(IP),whichisthebasisfortheInternetandformostprivatenetworks.
Acomputerthatisconnectedtotwoormorenetworksissaidtobeamultihomed
system.MostWindowssystemstodayfunctionasroutersaswell.Whetherwiredor
wireless,networkroutersworkatthenetworklayeroftheOSImodel.
Mostoftheroutersusedonlargenetworks,though,arestand-alonedevicesthatare
essentiallycomputersdedicatedtoroutingfunctions.Routerscomeinvarioussizes,from
smallunitsthatconnectaworkgroupnetworktoabackbonetolarge,modular,rackmounteddevices.However,whileroutersvaryintheircapabilities,suchasthenumberof
networkstowhichtheyconnect,theprotocolstheysupport,andtheamountoftrafficthey
canhandle,theirbasicfunctionsareessentiallythesame.
RouterApplications
Althoughtheprimaryfunctionofarouteristoconnectnetworksandpasstrafficbetween
them,routerscanfulfillseveraldifferentrolesinnetworkdesigns.Thetypeofrouterused
foraspecificfunctiondeterminesitssize,cost,andcapabilities.Thesimplesttypeof
routingarchitectureiswhenaLANmustbeconnectedtoanotherLANsomedistance
away,usingawideareanetwork(WAN)connection.Abranchofficeforalarge
corporation,forexample,mighthaveaWANconnectiontothecorporateheadquartersin
anothercity(seeFigure4-8).
Figure4-8WiredandwirelessroutersenabletheuseofwideareaconnectionstojointwoLANs.
Tomakecommunicationsbetweenthenetworksinthetwoofficespossible,eachmust
connectitsLANtoarouter,andthetworoutersarelinkedbytheWANconnection.
TheWANconnectionmaytaketheformofaleasedtelephoneline,anIntegrated
ServicesforDigitalNetwork(ISDN)connection,oradigitalsubscriberline(DSL)
connection.Thetechnologyusedtoconnectthetwonetworksisirrelevant,aslongasthe
routersinbothofficesareconnected.Routersarerequiredinthisexamplebecausethe
LANandWANtechnologiesarefundamentallyincompatible.Youcan’trunanEthernet
connectionbetweentwocities,norcanyouuseleasedtelephonelinestoconnecteach
workstationtothefileserverinthenextroom.
Inaslightlymorecomplicatedarrangement,asitewithalargernetworkmayhave
severalLANs,eachofwhichisconnectedtoabackbonenetworkusingarouter.Here,
routersareneededbecauseonesingleLANmaybeunabletosupportthenumberof
workstationsrequired.Inaddition,theindividualLANsmaybelocatedinotherpartsofa
buildingorinseparatebuildingsonthesamecampusandmayrequireadifferenttypeof
networktoconnectthem.Connectionsbetweencampusbuildings,forexample,requirea
networkmediumthatissuitableforoutdooruse,suchasfiber-opticcable,whiletheLANs
ineachbuildingcanusemoreinexpensivecoppercabling.Routersareavailablethatcan
connectthesedifferentnetworktypes,nomatterwhatprotocolstheyuse.
Thesetwoexamplesofrouteruseareoftencombined.Alargecorporatenetwork
usingabackbonetoconnectmultipleLANswillalmostcertainlywanttobeconnectedto
theInternet.ThismeansthatanotherrouterisneededtosupportsometypeofWAN
connectiontoanInternetserviceprovider(ISP).Usersanywhereonthecorporatenetwork
canthenaccessInternetservices.
Bothofthesescenariosuserouterstoconnectarelativelysmallnumberofnetworks,
andtheyaredwarfedbytheInternet,whichisaroutednetworkcomposedofthousandsof
networksallovertheworld.Tomakeitpossibleforpacketstotravelacrossthismazeof
routerswithreasonableefficiency,ahierarchyofroutersleadsfromsmaller,localISPsto
regionalproviders,whichinturngettheirservicefromlargenationalservices(seeFigure
4-9).TrafficoriginatingfromasystemusingasmallISPtravelsupthroughthisvirtual
treetooneofthemainbackbones,acrosstheupperlevelsofthenetwork,andbackdown
againtothedestination.
Figure4-9AhierarchyofroutershelpsyouforwardtraffictoanylocationusingtheInternet.
YoucanseetheroutethatpacketstakefromyourcomputerthroughtheInternettoa
specificdestinationbyusingtheTracerouteutility.TheWindowscommandistracert.This
command-lineutilitytakestheIPaddressorDNSnameyouspecifyandusesInternet
ControlMessageProtocol(ICMP)messagestodisplaythenamesandaddressesofallthe
intermediateroutersonthepathtothedestination.AtypicalTraceroutedisplaygenerated
byaWindows8systemappearsinFigure4-10.
Figure4-10AtypicalTracerouteinWindows8.
RouterFunctions
Thebasicfunctionofarouteristoevaluateeachpacketarrivingononeofthenetworksto
whichitisconnectedandsenditontoitsdestinationthroughanothernetwork.Thegoalis
fortheroutertoselectthenetworkthatprovidesthebestpathtothedestinationforeach
packet.Apacketcanpassthroughseveraldifferentroutersonthewaytoitsdestination.
Eachrouteronapacket’spathisreferredtoasahop,andtheobjectistogetthepacket
whereit’sgoingwiththesmallestnumberofhops.Onaprivatenetwork,apacketmay
needthreeorfour(ormore)hopstogettoitsdestination.OntheInternet,apacketcan
easilypassthrough20ormoreroutersalongitspath.
Arouter,bydefinition,isconnectedtotwoormorenetworks.Therouterhasdirect
knowledgeaboutthosenetworksfortheprotocolsthatitsupports.If,forexample,a
workstationonNetwork1(seeFigure4-11)transmitsapackettoasystemonNetwork2,
therouterconnectingNetworks1,2,and3candirectlydeterminewhichofthetwo
networks(2or3)containsthedestinationsystemandforwardthepacketappropriately.
Figure4-11Routershavedirectknowledgeaboutthenetworkstowhichtheyareconnected.
RoutingTables
Therouterforwardspacketsbymaintainingalistofnetworksandhosts,calledarouting
table.Forcomputerstocommunicateoveranetwork,eachmachinemusthaveitsown
address.Inadditiontoidentifyingthespecificcomputer,however,itsaddressmust
identifythenetworkonwhichit’slocated.OnTCP/IPnetworks,forexample,thestandard
32-bitIPaddressconsistsofanetworkidentifierandahostidentifier.Aroutingtable
consistsofentriesthatcontainthenetworkidentifierforeachconnectednetwork(orin
somecasesthenetworkandhostidentifiersforspecificcomputers).Whentherouter
receivesapacketaddressedtoaworkstationonNetwork3,itlooksatthenetwork
identifierinthepacket’sdestinationaddress,comparesittotheroutingtable,andforwards
ittothenetworkwiththesameidentifier.
Thisisarathersimpletask,aslongastherouterisconnectedtoalloftheLANson
thenetwork.Whenanetworkislargerandusesmultiplerouters,however,nosinglerouter
hasdirectknowledgeofalltheLANs.InFigure4-12,RouterAisconnectedtoNetworks
1,2,and3asbeforeandhastheidentifiersforthosenetworksinitsroutingtable,butit
hasnodirectknowledgeofNetwork4,whichisconnectedusinganotherrouter.
Figure4-12RouterAhasnodirectknowledgeofNetwork4becauseitisconnectedtoadifferentrouter.
HowthendoesRouterAknowwheretosendpacketsthatareaddressedtoa
workstationonadistantnetwork?Theansweristhatroutersmaintaininformationintheir
routingtablesaboutothernetworksbesidesthosetowhichtheyaredirectlyattached.A
routingtablemaycontaininformationaboutmanydifferentnetworksalloverthe
enterprise.Onaprivatenetwork,itisnotuncommonforeveryroutertohaveentriesfor
alloftheconnectednetworks.OntheInternet,however,therearesomanynetworksand
somanyroutersthatnosingleroutingtablecancontainallofthemandfunction
efficiently.Thus,arouterconnectedtotheInternetsendspacketstoanotherrouterthatit
thinkshasbetterinformationaboutthenetworktowhichthepacketisultimatelydestined.
WindowsRoutingTables
EverycomputeronaTCP/IPnetworkhasaroutingtable,evenifitisconnectedtoonly
onenetwork.Attheveryleast,theroutingtableidentifiesthesystem’sdefaultgateway
andinstructsithowtohandletrafficsenttothelocalnetworkandtheloopbacknetwork
address(127.0.0.0).AtypicalroutingtableforaWindowssystemappearsinFigure4-13.
Figure4-13AtypicalroutingtableinaWindowssystem
TodisplaytheroutingtableinaWindowsoraLinuxsystem,typerouteatacommand
prompt.Youcanalsousenetstat–rninWindows,Linux,Unix,orMacOS.
Theentriesinthetablerunhorizontally.Thefunctionoftheinformationineach
columnisasfollows:
•NetworkaddressSpecifiesthenetworkaddressforwhichrouting
informationistobeprovided.Whilemostentrieshavenetworkaddressesinthis
field,it’salsopossibletosupplyroutinginformationforaspecifichostaddress.
Thisiscalledahostroute.
•NetmaskSpecifiesthesubnetmaskusedtodeterminewhichbitsofthe
networkaddressfunctionasthenetworkidentifier.
•GatewaySpecifiestheIPaddressofthegateway(router)thesystemshould
usetosendpacketstothenetworkaddress.Whentheentryisforanetworkto
whichthesystemisdirectlyattached,thisfieldcontainstheaddressofthe
system’snetworkinterface.
•InterfaceSpecifiestheIPaddressofthenetworkinterfacethesystemshould
usetosendtraffictothegatewayaddress.
•MetricSpecifiesthedistancebetweenthesystemandthedestination
network,usuallyintermsofthenumberofhopsneededfortraffictoreachthe
networkaddress.
NOTETCP/IPandInternetterminologyoftenusethetermgateway
synonymouslywithrouter.Ingeneralnetworkingparlance,agatewayis
anapplicationlayerinterfacebetweennetworksthatinvolvessomeform
ofhigh-levelprotocoltranslation,suchasane-mailgatewayoragateway
betweenaLANandamainframe.WhenaWindowssystemreferstoits
“defaultgateway,”however,itisreferringtoastandardrouter,operating
atthenetworklayer.
RoutingTableParsing
Whetherasystemisfunctioningasarouterornot,theresponsibilityofanetworklayer
protocollikeIPistodeterminewhereeachpacketshouldbetransmittednext.TheIP
headerineachpacketcontainstheaddressofthesystemthatistobeitsultimate
destination,butbeforepassingeachpacketdowntothedatalinklayerprotocol,IPuses
theroutingtabletodeterminewhatthedatalinklayerdestinationaddressshouldbeforthe
packet’snexthop.ThisisbecauseadatalinklayerprotocollikeEthernetcanaddressa
packetonlytoasystemonthelocalnetwork,whichmayormaynotbeitsfinal
destination.Tomakethisdetermination,IPreadsthedestinationaddressforeachpacketit
processesfromtheIPheaderandsearchesforamatchingentryintheroutingtable,using
thefollowingprocedure:
1.IPfirstscanstheroutingtable,lookingforahostroutethatexactlymatches
thedestinationIPaddressinthepacket.lfoneexists,thepacketistransmittedto
thegatewayspecifiedintheroutingtableentry.
2.Ifnomatchinghostrouteexists,IPusesthesubnetmasktodeterminethe
networkaddressforthepacketandscanstheroutingtableforanentrythat
matchesthataddress.IfIPfindsamatch,thepacketistransmittedeithertothe
specifiedgateway(ifthesystemisnotdirectlyconnectedtothedestination
network)oroutthespecifiednetworkinterface(ifthedestinationisonthelocal
network).
3.Ifnomatchingnetworkaddressisintheroutingtable,IPscansforadefault
(or0.0.0.0)routeandtransmitsthepackettothespecifiedgateway.
4.Ifnodefaultrouteisinthetable,IPreturnsadestinationunreachable
messagetothesourceofthepacket(eithertheapplicationthatgenerateditorthe
systemthattransmittedit).
StaticandDynamicRouting
Thenextlogicalquestionconcerningtheroutingprocessis,howdotheentriesgetintothe
routingtable?Asystemcangenerateentriesforthedefaultgateway,thelocalnetwork,
andthebroadcastandmulticastaddressesbecauseitpossessesalloftheinformation
neededtocreatethem.Fornetworkstowhichtherouterisnotdirectlyconnected,
however,routingtableentriesmustbecreatedbyanoutsideprocess.Thetwobasic
methodsforcreatingentriesintheroutingtablearecalledstaticrouting,whichisthe
manualcreationofentries,anddynamicrouting,whichusesanexternalprotocoltogather
informationaboutthenetwork.
Onarelativelysmall,stablenetwork,staticroutingisapracticalalternativebecause
youhavetocreatetheentriesinyourrouters’tablesonlyonce.Manuallyconfiguringthe
routingtableonworkstationsisn’tnecessarybecausetheytypicallyhaveonlyonenetwork
interfaceandcanaccesstheentirenetworkthroughonedefaultgateway.Routers,
however,havemultiplenetworkinterfacesandusuallyhaveaccesstomultiplegateways.
Theymust,therefore,knowwhichroutetousewhentryingtotransmittoaspecific
network.
Tocreatestaticentriesinacomputer’sroutingtable,youuseaprogramsuppliedwith
theoperatingsystem.ThestandardtoolforthisonUnixandWindowssystemsisa
character-basedutilitycalledroute(inUnix)orroute.exe(inWindows).Tocreateanew
entryintheroutingtableonaWindowscomputer,forexample,youuseacommandlike
thefollowing:
ROUTEADD192.168.5.0MASK255.255.255.0192.168.2.1METRIC2
Thiscommandinformsthesystemthattoreachanetworkwiththeaddress
192.168.5.0,thesystemmustsendpacketstoagateway(router)withtheaddress
192.168.2.1,andthatthedestinationnetworkistwohopsaway.
Insomecases,graphicalutilitiesareavailablethatcanperformthesametask.For
example,theWindows2012ServersystemwithitsRoutingandRemoteAccessServer
servicerunningenablesyoutocreatestaticroutes.
Staticroutescreatedthiswayremainintheroutingtableuntilyoumanuallychangeor
removethem,andthiscanbeaproblem.Ifagatewayspecifiedinastaticrouteshould
fail,thesystemcontinuestosendpacketstoit,tonoavail.Youmusteitherrepairthe
gatewayormodifythestaticroutesthatreferenceitthroughoutthenetworkbeforethe
systemscanfunctionnormallyagain.
Onlargernetworks,staticroutingbecomesincreasinglyimpractical,notonlybecause
ofthesheernumberofroutingtableentriesinvolved,butalsobecausenetworkconditions
canchangetoooftenandtooquicklyforadministratorstokeeptheroutingtablesonevery
systemcurrent.Instead,thesenetworksusedynamicrouting,inwhichspecializedrouting
protocolsshareinformationabouttheotherroutersinthenetworkandmodifytherouting
tablesaccordingly.Onceconfigured,dynamicroutingneedslittleornomaintenancefrom
networkadministratorsbecausetheprotocolscancreate,modify,orremoveroutingtable
entriesasneededtoaccommodatechangingnetworkconditions.TheInternetistotally
dependentondynamicroutingbecauseitisconstantlymutating,andnomanualprocess
couldpossiblykeepupwiththechanges.
SelectingtheMostEfficientRoute
Manynetworks,evenrelativelysmallones,aredesignedwithmultipleroutersthat
provideredundantpathstoagivendestination.Thus,whilecreatinganetworkthat
consistsofseveralLANsjoinedinaseriesbyrouterswouldbepossible,mostuse
somethingapproachingameshtopologyinstead,asshowninFigure4-14.Thisway,if
anyoneroutershouldfail,allofthesystemscanstillsendtraffictoanyothersystemon
anynetwork.
Figure4-14Byinterconnectingrouters,packetsfromonecomputercantraveltoadestinationcomputeronanother
networkonadifferentroute.
Whenanetworkisdesignedinthisway,anotherimportantpartoftheroutingprocess
isselectingthebestpathtoagivendestination.Theuseofdynamicroutingonthe
networktypicallyresultsinallpossibleroutestoagivennetworkbeingenteredinthe
routingtables,eachofwhichincludesametricthatspecifieshowmanyhopsarerequired
toreachthatnetwork.Mostofthetime,theefficiencyofaparticularrouteismeasuredby
themetricvaluebecauseeachhopinvolvesprocessingbyanotherrouter,whichintroduces
aslightdelay.Whenarouterhastoforwardapackettoanetworkrepresentedbymultiple
entriesintheroutingtable,itchoosestheonewiththelowermetric.
DiscardingPackets
Thegoalofarouteristotransmitpacketstotheirdestinationsusingthepaththatincurs
thesmallestnumberofhops.Routersalsotrackthenumberofhopsthatpacketstakeon
thewaytotheirdestinationsforanotherreason.Whenamalfunctionormisconfiguration
occursinoneormorerouters,itispossibleforpacketstogetcaughtinarouterloopand
bepassedendlesslyfromoneroutertoanother.
Topreventthis,theIPheadercontainsaTimetoLive(TTL)fieldthatthesource
systemgivesacertainnumericalvaluewhenapacketiscreated.Thisvalueis128on
manysystemsandcannotstarthigherthan255.Asapackettravelsthroughthenetwork,
eachrouterthatprocessesitdecrementsthevalueofthisfieldby1.If,foranyreason,the
packetpassesthroughroutersenoughtimestobringthevalueofthisfielddownto0,the
lastrouterremovesitfromthenetworkanddiscardsit.TherouterthenreturnsanICMP
TimetoLiveExceededinTransitmessagetothesourcesystemtoinformitofthe
problem.
PacketFragmentation
Routerscanconnectnetworksofvastlydifferenttypes,andtheprocessoftransferring
datagramsfromonedatalinklayerprotocoltoanothercanrequiremorethansimply
strippingoffoneheaderandapplyinganewone.Thebiggestproblemthatcanoccur
duringthistranslationprocessiswhenoneprotocolsupportsframesthatarelargerthan
theotherprotocol.
If,forexample,arouterconnectsaTokenRingnetworktoanEthernetone,itmay
havetoaccept4,500-bytedatagramsfromonenetworkandthentransmitthemovera
networkthatcancarryonlyl,500-bytedatagrams.Routersdeterminethemaximum
transferunitofaparticularnetworkbyqueryingtheinterfacetothatnetwork.Tomake
thispossible,therouterhastobreakupthedatagramintofragmentsoftheappropriatesize
andthenencapsulateeachfragmentinthecorrectdatalinklayerprotocolframe.This
fragmentationprocessmayoccurseveraltimesduringapacket’sjourneyfromthesource
toitsdestination,dependingonthenumberandtypesofnetworksinvolved.
Forexample,apacketoriginatingonaTokenRingnetworkmaybedividedinto
1,500-bytefragmentstoaccommodatearoutethroughanEthernetnetwork,andtheneach
ofthosefragmentsmaythemselvesbedividedinto576-bytefragmentsfortransmission
overtheInternet.Note,however,thatwhileroutersfragmentpackets,theynever
defragmentthem.Evenifthe576-bytedatagramsarepassedtoanEthernetnetworkas
theyapproachtheirdestination,therouterdoesnotreassembletheminto1,500-byte
datagrams.Allreassemblyisperformedatthenetworklayerofthefinaldestination
system.
RoutingandICMP
TheInternetControlMessageProtocolprovidesseveralimportantfunctionstoroutersand
thesystemsthatusethem.ChiefamongtheseisthecapabilityofrouterstouseICMP
messagestoprovideroutinginformationtootherrouters.RouterssendICMPredirect
messagestosourcesystemswhentheyknowofabetterroutethanthesystemiscurrently
using.Forexample,aworkstationonNetworkAsendsapackettoRouterAthatis
destinedforacomputeronNetworkB,andRouterAdeterminesthatthenexthopshould
betoRouterB,whichisonthesamenetworkasthetransmittingworkstation,RouterA
willuseanICMPmessagetoinformtheworkstationthatitshoulduseRouterBtoaccess
NetworkBinstead(seeFigure4-15).Theworkstationthenmodifiestheentryinits
routingtableaccordingly.
Figure4-15ICMPredirectmessagesprovidesimpleroutinginformationtotransmittingsystems.
RoutersalsogenerateICMPDestinationUnreachablemessagesofvarioustypeswhen
theyareunabletoforwardpackets.Ifarouterreceivesapacketthatisdestinedfora
workstationonalocallyattachednetworkanditcan’tdeliverthepacketbecausethe
workstationisoffline,theroutergeneratesaHostUnreachablemessageandtransmitsitto
thesystemthatoriginatedthepacket.Iftherouterisunabletoforwardthepacketto
anotherrouterthatprovidesaccesstothedestination,itgeneratesaNetworkUnreachable
messageinstead.Networklayerprotocolsprovideend-to-endcommunications,meaningit
isusuallytheendsystemsthatareinvolvedinadialog.ICMPisthereforeamechanism
thatenablesintermediatesystems(routers)tocommunicatewithasourceendsystem(the
transmitter)intheeventthatthepacketscan’treachthedestinationendsystem.
OtherICMPpackets,calledRouterSolicitationandAdvertisementmessages,can
enableworkstationstodiscovertheroutersonthelocalnetwork.Ahostsystemgenerates
aRouterSolicitationmessageandtransmitsitaseitherabroadcastoramulticasttothe
AllRoutersonThisSubnetaddress(2240.02).Routersreceivingthemessagerespond
withRouterAdvertisementmessagesthatthehostsystemusestoupdateitsroutingtable.
Theroutersthengenerateperiodicupdatestoinformthehostoftheircontinued
operationalstatus.Mostsystemscanupdatetheirroutingtableswithinformationfrom
ICMPRouterAdvertisementmessages.Supportforthesemessagesinhardwarerouter
implementationsvariesfromproducttoproduct.
TheICIVIPRedirectandRouterSolicitation/Advertisementmessagesdonot
constitutearoutingprotocolpersebecausetheydonotprovidesystemswithinformation
aboutthecomparativeefficiencyofvariousroutes.Routingtableentriescreatedor
modifiedasaresultofthesemessagesarestillconsideredtobestaticroutes.
RoutingProtocols
Routersthatsupportdynamicroutingusespecializedprotocolstoexchangeinformation
aboutthemselveswithotherroutersonthenetwork.Dynamicroutingdoesn’talterthe
actualroutingprocess;it’sjustadifferentmethodofcreatingentriesintheroutingtable.
Therearetwotypesofroutingprotocols:interiorgatewayprotocolsandexteriorgateway
protocols.Privatenetworkstypicallyuseonlyinteriorgatewayprotocolsbecausethey
havearelativelysmallnumberofroutersanditispracticalforallofthemtoexchange
messageswitheachother.
OntheInternet,thesituationisdifferent.HavingeveryoneoftheInternet’sthousands
ofroutersexchangemessageswitheveryotherrouterwouldbeimpossible.Theamountof
trafficinvolvedwouldbeenormous,andtherouterswouldhavelittletimetodoanything
else.Instead,asisusualwiththeInternet,atwo-levelsystemwasdevisedthatsplitsthe
giganticnetworkintodiscreteunitscalledautonomoussystemsoradministrativedomains
orjustdomains.
Anautonomoussystem(AS)isusuallyaprivatenetworkadministeredbyasingle
authority,suchasthoserunbycorporations,educationalinstitutions,andgovernment
agencies.TherouterswithinanASuseaninteriorgatewayprotocol,suchastheRouting
InformationProtocol(RIP)ortheOpenShortestPathFirst(OSPF)protocol,toexchange
routinginformationamongthemselves.AttheedgesofanASareroutersthat
communicatewiththeotherautonomoussystemsontheInternet,usinganexterior
gatewayprotocol,themostcommonofwhichontheInternetaretheBorderGateway
Protocol(BC-P)andtheExteriorGatewayProtocol(EGP).
Bysplittingtheroutingchoresintoatwo-levelhierarchy,packetstravelingacrossthe
Internetpassthroughroutersthatcontainonlytheinformationneededtogetthemtothe
rightAS.OncethepacketsarriveattheedgeoftheASinwhichthedestinationsystemis
located,therouterstherecontainmorespecificinformationaboutthenetworkswithinthe
AS.TheconceptismuchlikethewaythatIPaddressesanddomainnamesareassignedon
theInternet.Outsideentitiestrackonlythevariousnetworkaddressesordomains.The
individualadministratorsofeachnetworkareresponsibleformaintainingthehost
addressesandhostnameswithinthenetworkordomain.
SeeChapter12formoreinformationonroutingprotocols.
Switches
ThetraditionalnetworkconfigurationusesmultipleLANsconnectedbyrouterstoforma
networkthatislargerthanwouldbepossiblewithasingleLAN.Thisisnecessarybecause
eachLANisbasedonanetworkmediumthatissharedbymultiplecomputers,andthere
isalimittothenumberofsystemsthatcansharethemediumbeforethenetworkis
overwhelmedbytraffic.RouterssegregatethetrafficontheindividualLANs,forwarding
onlythosepacketsaddressedtosystemsonotherLANs.
Routershavebeenaroundfordecades,buttodayswitcheshaverevolutionized
networkdesignandmadeitpossibletocreateLANsofalmostunlimitedsize.Aswitchis
essentiallyamultiportbridgingdeviceinwhicheachportisaseparatenetworksegment.
Similarinappearancetoahub,aswitchreceivesincomingtrafficthroughitsports.Unlike
ahub,whichforwardsthetrafficoutthroughallofitsotherports,aswitchforwardsthe
trafficonlytothesingleportneededtoreachthedestination(seeFigure4-16).If,for
example,youhaveasmallnetworkwitheachcomputerconnectedtoaportinthesame
switchinghub,eachsystemhaswhatamountstoadedicated,full-bandwidthconnectionto
everyothersystem.Nosharednetworkmediumexists,andconsequently,thereareno
collisionsortrafficcongestion.Asanaddedbonus,youalsogetincreasedsecurity
because,withoutasharedmedium,anunauthorizedworkstationcannotmonitorand
capturethetrafficnotintendedforit.
Figure4-16Switchesrepeatincomingtraffic,butonlytothespecificportforwhichthepacketisintended.
Switchesoperateatlayer2oftheOSIreferencemodel,thedatalinklayer,so
consequently,theyareusedtocreateasinglelargenetworkinsteadofaseriesofsmaller
networksconnectedbyrouters.Thisalsomeansthatswitchescansupportanynetwork
layerprotocol.Liketransparentbridges,switchescanlearnthetopologyofanetworkand
performfunctionssuchasforwardingandpacketfiltering.Manyswitchesarealsocapable
offull-duplexcommunicationsandautomaticspeedadjustment.Inthetraditional
arrangementforalargernetwork,multipleLANsareconnectedtoabackbonenetwork
withrouters.Thebackbonenetworkisashared-mediumLANlikealloftheothers,
however,andmustthereforecarryallofthenetworktrafficgeneratedbythehorizontal
networks.Thisiswhythebackbonenetworktraditionallyusesafasterprotocol.Ona
switchednetwork,workstationsareconnectedtoindividualworkgroupswitches,whichin
turnareconnectedtoasingle,high-performanceswitch,thusenablinganysystemonthe
networktoopenadedicatedconnectiontoanyothersystem(seeFigure4-17).This
arrangementcanbeexpandedfurthertoincludeanintermediatelayerofdepartmental
switches.Serversaccessedbyalluserscanthenbeconnecteddirectlytoadepartmental
switchortothetop-levelswitchforbetterperformance.
Figure4-17Today,hierarchiesofswitchesreplacebothhubsandrouters.
Replacinghubswithswitchesisanexcellentwaytoimprovetheperformanceofa
networkwithoutchangingprotocolsormodifyingindividualworkstations.Evenalegacy
Ethernetnetworkexhibitsadramaticimprovementwheneachworkstationisgivenafull
tenMbpsofbandwidth.Today,switchesareavailablefornearlyallnetworks,bothwired
andwireless.
SwitchTypes
Therearetwobasictypesofswitching:cut-throughswitchingandstore-and-forward
switching.Acut-throughswitchreadsonlytheMACaddressofanincomingpacket,looks
uptheaddressinitsforwardingtable,andimmediatelybeginstotransmititoutthrough
theportprovidingaccesstothedestination.Theswitchforwardsthepacketwithoutany
additionalprocessing,suchaserrorchecking,andbeforeithasevenreceivedtheentire
packet.Thistypeofswitchisrelativelyinexpensiveandmorecommonlyusedatthe
workgroupordepartmentlevel,wherethelackoferrorcheckingwillnotaffectthe
performanceoftheentirenetwork.Theimmediateforwardingofincomingpackets
reducesthelatency(thatis,thedelay)thatresultsfromerrorcheckingandother
processing.Ifthedestinationportisinuse,however,theswitchbuffersincomingdatain
memory,incurringalatencydelayanyway,withouttheaddedbenefitoferrorchecking.
Astore-and-forwardswitch,asthenameimplies,storesanentireincomingpacketin
buffermemorybeforeforwardingitoutthedestinationport.Whileinmemory,theswitch
checksthepacketforerrorsandotherconditions.Theswitchimmediatelydiscardsany
packetswitherrors;thosewithouterrorsareforwardedoutthroughthecorrectport.These
switchingmethodsarenotnecessarilyexclusiveofeachother.Someswitchescanworkin
cut-throughmodeuntilapreseterrorthresholdisreached,andthenswitchtostore-and-
forwardoperation.Oncetheerrorsdropbelowthethreshold,theswitchrevertstocutthroughmode.
Switchesimplementthesefunctionsusingoneofthreehardwareconfigurations.
Matrixswitching,alsocalledcrossbarswitching,usesagridofinputandoutput
connections,suchasthatshowninFigure4-18.Dataenteringthroughanyport’sinputcan
beforwardedtoanyportforoutput.Becausethissolutionishardwarebased,thereisno
CPUorsoftwareinvolvementintheswitchingprocess.Incaseswheredatacan’tbe
forwardedimmediately,theswitchbuffersituntiltheoutputportisunblocked.
Figure4-18Matrixswitchingusesagridofinputandoutputcircuits.
Inasharedmemoryswitch,allincomingdataisstoredinamemorybufferthatis
sharedbyalloftheswitch’sportsandthenforwardedtoanoutputport(seeFigure4-19).
Amorecommonlyusedtechnology(showninFigure4-20),calledbus-architecture
switching,forwardsalltrafficacrossacommonbus,usingtime-divisionmultiplexingto
ensurethateachporthasequalaccesstothebus.Inthismodel,eachporthasitsown
individualbufferandiscontrolledbyanapplication-specificintegratedcircuit(ASIC).
Today,switchesareavailableforanysizenetwork,frominexpensiveworkgroupswitches
designedforsmallofficenetworkstostackableandmodularunitsusedinthelargest
networks.
Figure4-19Sharedmemoryswitching
Figure4-20Bus-architectureswitching
Routingvs.Switching
Thequestionofwhethertorouteorswitchonanetworkisadifficultone.Switchingis
fasterandcheaperthanrouting,butitraisessomeproblemsinmostnetwork
configurations.Byusingswitches,youeliminatesubnetsandcreateasingleflatnetwork
segmentthathostsallofyourcomputers.Anytwosystemscancommunicateusinga
dedicatedlinkthatisessentiallyatemporarytwo-nodenetwork.Theproblemsarisewhen
workstationsgeneratebroadcastmessages.Becauseaswitchednetworkformsasingle
broadcastdomain,broadcastmessagesarepropagatedthroughoutthewholenetwork,and
everysystemmustprocessthem,whichcanwasteenormousamountsofbandwidth.
OneoftheadvantagesofcreatingmultipleLANsandconnectingthemwithroutersis
thatbroadcastsarelimitedtotheindividualnetworks.Routersalsoprovidesecurityby
limitingtransmissionstoasinglesubnet.Toavoidthewastedbandwidthcausedby
broadcasts,ithasbecomenecessarytoimplementcertainroutingconceptsonswitched
networks.Thishasledtoanumberofnewtechnologiesthatintegrateroutingand
switchingtovaryingdegrees.Someofthesetechnologiesareexaminedinthefollowing
sections.
VirtualLANs
AvirtualLAN(VLAN)isagroupofsystemsonaswitchednetworkthatfunctionsasa
subnetandcommunicateswithotherVLANsthroughrouters.Thephysicalnetworkisstill
switched,however;theVLANsexistasanoverlaytotheswitchingfabric,asshownin
Figure4-21.NetworkadministratorscreateVLANsbyspecifyingtheMACportorIP
addressesofthesystemsthataretobepartofeachsubnet.Messagesthatarebroadcaston
aVLANarelimitedtothesubnet,justasinaroutednetwork.BecauseVLANsare
independentofthephysicalnetwork,thesystemsinaparticularsubnetcanbelocated
anywhere,andasinglesystemcanevenbeamemberofmorethanoneVLAN.
Figure4-21VLANsarepseudo-subnetsofswitchedworkstations,connectedbyrouters.
Despitethefactthatallthecomputersareconnectedbyswitches,routersarestill
necessaryforsystemsindifferentVLANstocommunicate.VLANsthatarebasedsolely
onlayer2technology,suchasthosethatuseportconfigurationorMACaddressesto
definethemembersystems,musthaveaportdedicatedtoarouterconnection.Inthistype
ofVLAN,thenetworkadministratoreitherselectscertainswitchportstodesignatethe
membersofaVLANorcreatesalistoftheworkstations’MACaddresses.
Becauseoftheadditionalprocessinginvolved,routingisslowerthanswitching.This
particulararrangementissometimesreferredtoas“switchwhereyoucan,routewhere
youmust”becauseroutingisusedforcommunicationonlybetweenVLANs;all
communicationwithinaVLANisswitched.Thisisanefficientarrangementaslongasthe
majorityofthenetworktraffic(70to80percent)isbetweensystemsinthesameV/LAN.
CommunicationspeedwithinaVLANismaximizedattheexpenseoftheinter-VLAN
communication.Whentoomuchtrafficoccursbetweensystemsindifferentsubnets,the
routingslowsdowntheprocesstoomuch,andthespeedoftheswitchesislargelywasted.
Layer3Switching
Layer3switchesaresimilartoroutersandoftensupportthesameroutingprotocols.Layer
3switchesalsouseVLANsbutmixroutingandswitchingfunctionstomake
communicationbetweenVLANsmoreefficient.Thistechnologyisknownbyseveral
differentnames,dependingonthevendoroftheequipment.Theessenceoftheconceptis
describedas“routeonce,switchafterward.”Arouterisstillrequiredtoestablish
connectionsbetweensystemsindifferentVLANs,butoncetheconnectionhasbeen
established,subsequenttraffictravelsoverthelayer2switchingfabric,whichismuch
faster.
Mostofthehardwaredevicescalledlayer3switchescombinethefunctionsofa
switchandarouterintooneunit.Thedeviceiscapableofperformingallofarouter’s
standardfunctionsbutisalsoabletotransmitdatausinghigh-speedswitches,allata
substantiallylowercostthanastandardrouter.Layer3switchesareoptimizedforuseon
LANandmetropolitanareanetwork(MAN)connections,notWANs.Byreplacingthe
routersthatconnectworkgroupordepartmentnetworkstothebackbonewithlayer3
switches,youretainalloftherouterfunctionality,whileincreasingtheoverallspeedat
whichdataisforwarded.
Multiple-LayerSwitching
AsGigabitEthernetbecomesthenorm,newerswitchescanprioritizenetworktrafficby
usinginformationfromotherOSIlayersineitherhardwareorsoftwareconfigurations.For
example,layer4switchingisawaytoallowbetterqualityofservice(QoS)withbetter
managementacrossseveralservers.RoutershaveusedOSIlayer4informationfor
prioritizingnetworktrafficformanyyears.Sincetodayglobalapplicationsneedrapid
disseminationofsessioninformation,layer4switchescanmakeintelligentdecisionsfor
forwardingframes,basedonTCP/UDPportinformationandtheIPdestination/source
addresses.Thistypeofswitchingcandothefollowing:
•Examinethedirectionofclientrequestsatthelayer4switch
•Processmultiplerequestsacrossanyavailableserver
•Measurebothavailabilityandresponsivenessofeachserver
•Establishpolicycontrolsfortrafficmanagement
Formoreinformationaboutmodernservertechnologies,seeChapter8.
CHAPTER
5
CablingaNetwork
Althoughtherearenetworksthatuseradiotransmissionsandotherwirelesstechnologies
totransmitdata,thevastmajorityoftoday’snetworksusesomeformofcableasthe
networkmedium.Mostofthecablesusedfordatanetworkinguseacopperconductorto
carryelectricalsignals,butfiber-optic,aspunglasscablethatcarriespulsesoflight,isan
increasinglypopularalternative.
Cablingissueshave,inrecentyears,becomeseparatedfromthetypicalnetwork
administrator’strainingandexperience.Manyveteranadministratorshaveneverinstalled
(orpulled)cablethemselvesandarelessthanfamiliarwiththetechnologythatformsthe
basisforthenetwork.Inmanycases,theuseoftwisted-paircablehasresultedin
telephonesystemcontractorsbeingresponsibleforthenetworkcabling.Network
consultantstypicallyoutsourceallbutthesmallestcablingjobstooutsidecompanies.
Networkcablingis,inmanycases,structurallyintegratedinthebuildingorother
structureswithinthewholenetworksite.Therefore,cableinstallation,replacement,or
upgradeoftentimesentailsplanningbeyondtheinformationtechnologydepartment’s
operationalcontrol.Evenwhatmayseeminglyappeartobeasimplecablesegment
replacementprojectcanturnouttobelogisticallycomplicated.
However,althoughthecablingrepresentsonlyasmallpartofanetwork’stotalcost
(aslittleas6percent),ithasbeenestimatedtoberesponsibleforasmuchas75percentof
networkdowntime.Thecablingisalsousuallythelongest-livedelementofanetwork.
Youmayreplaceserversandothercomponentsmorethanoncebeforeyoureplacethe
cable.Forthesereasons,spendingabitextraongood-qualitycable,properlyinstalled,isa
worthwhileinvestment.Thischapterexaminesthetypesofcablesusedfornetworks,their
composition,andtheconnectorstheyuse.
CableProperties
Datalinklayerprotocolsareassociatedwithspecificcabletypesandincludeguidelines
fortheinstallationofthecable,suchasmaximumsegmentlengths.Inmostcases,you
haveachoiceastowhatkindofcableyouwanttousewiththeprotocol,whileinothers
youdonot.Partoftheprocessofevaluatingandselectingaprotocolinvolvesexamining
thecabletypesandtheirsuitabilityforyournetworksite.Forexample,aconnection
betweentwoadjacentbuildingsisbetterservedbyfiber-opticthancopper,sowiththat
requirementinmind,youshouldproceedtoevaluatethedatalinklayerprotocolsthat
supporttheuseoffiber-opticcable.
Yourcableinstallationmayalsobegoverned,inpart,bythelayoutofthesiteandthe
localbuildingcodes.Cablesgenerallyareavailableinbothnonplenumandplenumtypes.
Aplenumisanairspacewithinabuilding,createdbythecomponentsofthebuilding
themselves,thatisdesignedtoprovideventilation,suchasaspacebetweenfloorsor
walls.Buildingsthatuseplenumstomoveairusuallydonothaveaductedventilation
system.Inmostcommunities,toruncablethroughaplenum,youmustuseaplenum-rated
cablethatdoesnotgiveofftoxicgaseswhenitburnsbecausetheairintheplenumis
distributedthroughoutthebuilding.Theoutercoveringofaplenumcableisusuallysome
sortofTeflonproduct,whilenonplenumcableshaveapolyvinylchloride(PVC)sheath,
whichdoesproducetoxicgaseswhenitburns.Notsurprisingly,plenumcablecostsmore
thannonplenum,anditisalsolessflexible,makingitmoredifficulttoinstall.However,it
isimportanttousethecorrecttypeofcableinanyinstallation.Ifyouviolatethebuilding
codes,thelocalauthoritiescanforceyoutoreplacetheoffendingcableandpossiblymake
youpayfinesaswell.Becauseofalwaysincreasinginsurancecosts,somecompanieswill
usespecificplenumcablestolowertheirliabilityincaseoffirebecausetheuseofplenum
cablecanresultinlessphysicaldamageshouldtherebeafire.
Costiscertainlyanelementthatshouldaffectyourcableselectionprocess,notonlyof
thecableitselfbutalsooftheancillarycomponentssuchasconnectorsandmounting
hardware,thenetworkinterfacecards(NICs)forthecomputers,andthelaborrequiredfor
thecableinstallation.Thequalitiesoffiber-opticcablemightmakeitseemanidealchoice
foryournetwork,butwhenyouseethecostsofpurchasing,installing,andmaintainingit,
youropinionmaychange.
Finally,thequalityofthecableisanimportantpartoftheevaluationandselection
process.Whenyouwalkintoyourlocalcomputercentertobuyaprefabricatedcable,you
won’thavemuchofaselection,exceptforcablelengthandpossiblycolor.Vendorsthat
provideafullcableselection,however(manyofwhomsellonlineorbymailorder),have
avarietyofcabletypesthatdifferintheirconstruction,theircapabilities,and,ofcourse,
theirprices.
Dependingonthecabletype,agoodvendormayhavebothbulkcableand
prefabricatedcables.Bulkcable(thatis,unfinishedcablewithoutconnectors)shouldbe
availableinvariousgrades,inbothplenumandnonplenumtypes.Thegradeofthecable
candependonseveralfeatures,includingthefollowing:
•ConductorgaugeThegaugeisthediameteroftheactualconductorwithina
cable,whichinthecaseofcoppercablesismeasuredusingtheAmericanWire
Gauge(AWG)scale.ThelowertheAWGrating,thethickertheconductor.A24
AWGcable,therefore,isthinnerthana22AWGcable.Athickerconductor
providesbetterconductivityandmoreresistanceagainstattenuation.
•CategoryratingSometypesofcablesareassignedratingsbyastandards
body,liketheElectronicIndustriesAlliance/TelecommunicationsIndustry
Association(EIA/TIA).Twisted-paircable,forexample,isgivenacategoryrating
thatdefinesitscapabilities.Mostofthetwisted-paircablefoundtodayisCategory
5eorCategory6,knownasCat5eorCat6.NewerinstallationsmayuseCat6a,
whichhasimprovedperformanceatfrequenciesupto500MHz.
•ShieldedorunshieldedSomecablesareavailablewithcasingsthatprovide
differentlevelsofshieldingagainstelectromagneticinterference.Theshielding
usuallytakestheformoffoilorcopperbraid,thelatterofwhichprovidesbetter
protection.Twisted-paircabling,forexample,isavailableinshieldedand
unshieldedvarieties.Foratypicalnetworkenvironment,unshieldedtwisted-pair
providessufficientprotectionagainstinterferencebecausethetwistingofthewire
pairsitselfisapreventativemeasure.
•SolidorstrandedconductorAcablewithasolidmetalconductorprovides
betterprotectionagainstattenuation,whichmeansitcanspanlongerdistances.
However,thesolidconductorhamperstheflexibilityofthecable.Ifflexedorbent
repeatedly,theconductorinsidethecablecanbreak.Solidconductorcables,
therefore,areintendedforpermanentcablerunsthatwillnotbemoved,suchas
thoseinsidewallsorceilings.(Notethatthecablecanbeflexedaroundcorners
andotherobstaclesduringtheinstallation;itisrepeatedflexingthatcandamage
it.)Cableswithconductorscomposedofmultiplecopperstrandscanbeflexed
repeatedlywithoutbreakingbutaresubjecttogreateramountsofattenuation.
Strandedcables,therefore,shouldbeusedforshorterrunsthatarelikelytobe
moved,suchasforpatchcablesrunningfromwallplatestocomputers.
NOTEAttenuationreferstothetendencyofsignalstoweakenastheytravel
alongacablebecauseoftheresistanceinherentinthemedium.The
longeracable,themorethesignalsattenuatebeforereachingtheother
end.Attenuationisoneoftheprimaryfactorsthatlimitsthesizeofadata
network.Differenttypesofcablehavedifferentattenuationrates,with
coppercablebeingfarmoresusceptibletotheeffectthanfiber-optic
cable.
Thesefeaturesnaturallyaffectthepriceofthecable.Alowergaugeismoreexpensive
thanahigherone,ahighercategoryismoreexpensivethanalower,shieldedismore
expensivethanunshielded,andsolidismoreexpensivethanstranded.Thisisnottosay,
however,thatthemoreexpensiveproductispreferableineverysituation.Inadditionto
thecable,agoodvendorshouldhavealloftheequipmentyouneedtoattachthe
appropriateconnectors,includingtheconnectorcomponentsandthetoolsforattaching
them.
Prefabricatedcableshavetheconnectorsalreadyattachedandshouldbeavailablein
variouslengthsandcolors,usingcablewiththefeaturesalreadylisted,andwithvarious
gradesofconnectors.Thehighest-qualityprefabricatedcables,forexample,usuallyhave
arubberbootaroundtheconnectorthatsealsittothecableend,preventsitfromloosening
orpullingout,protectstheconnectorpinsfrombending,andreducessignalinterference
betweenthewires(calledcrosstalk).Onlower-costcables,theconnectorissimply
attachedtotheend,withoutanyextraprotection.
CablingStandards
Priorto1991,thecablingusedfornetworkswasspecifiedbythemanufacturersof
individualnetworkingproducts.Thisresultedintheincompatibilitiesthatarecommonin
proprietarysystems,andtheneedwasrecognizedforastandardtodefineacablingsystem
thatcouldsupportamultitudeofdifferentnetworkingtechnologies.Toaddressthisneed,
theAmericanNationalStandardsInstitute(ANSI),theElectronicIndustryAssociation,
andtheTelecommunicationsIndustryAssociation,alongwithaconsortiumof
telecommunicationscompanies,developedtheANSI/EIA/TIA-568-1991Commercial
BuildingTelecommunicationsCablingStandard.Thisdocumentwasrevisedin1995and
wasknownasANSI/TIA/EIA-T568-A.Anadditionalwiringstandard,theT568-B,was
adoptedin2001.Theprimarydifferencebetweenthetwoisthattwoofthewiringpairs
areswapped.Eachstandarddefinesthepinout(ororderofconnection)fortheeight-pin
connectorplugs.See“ConnectorPinouts”laterinthischapterformoreinformation.
BothofthesestandardsweresupersededbythecurrentTIA/EIA-568-Cstandard.
TIA/EIA-568
The568standarddefinesastructuredcablingsystemforvoiceanddatacommunications
inofficeenvironmentsthathasausablelifespanofatleasttenyears,supportsproductsof
multipletechnologyvendors,andusesanyofthefollowingcabletypesforvarious
applications.Thecurrentstandard(TIA/EIA-568-C)definesthegeneralrequirementswith
subsectionsthatfocusoncablingsystems.Additionalstandards,suchasTIA-569-Aand
TIA-570-A,addresscommercialandresidentialcabling.
Thedocumentsalsoincludespecificationsforinstallingthecablewithinthebuilding
space.Towardthisend,thebuildingisdividedintothefollowingsubsystems:
•BuildingentranceThelocationatwhichthebuilding’sinternalcabling
interfaceswithoutsidecabling.Thisisalsoreferredtoasthedemarcationpoint,
wheretheexternalprovidernetworkendsandconnectswiththecustomer’sonpremisewiring.
•EquipmentroomThelocationofequipmentthatcanprovidethesame
functionsasthatinatelecommunicationsclosetbutthatmaybemorecomplex.
•TelecommunicationsclosetThelocationoflocalizedtelecommunications
equipment,suchastheinterfacebetweenthehorizontalcablingandthebackbone.
•BackbonecablingThecablingthatconnectsthebuilding’svarious
equipmentrooms,telecommunicationsclosets,andthebuildingentrance,aswell
asconnectionsbetweenbuildingsinacampusnetworkenvironment.
•HorizontalcablingThecablingandotherhardwareusedtoconnectthe
telecommunicationsclosettotheworkarea.
Thewiringsareusuallyrunthroughwireways,conduits,orceilingspacesof
eachfloorandcaneitherbeplenumcablingorinternalwiring(IW).
•WorkareaThecomponentsusedtoconnectthetelecommunicationsoutlet
totheworkstation.
Thus,thecableinstallationforamodernbuildingmightlooksomethinglikethe
diagramshowninFigure5-1.Theconnectionstoexternaltelephoneandotherservices
arriveatthebuildingentranceandleadtotheequipmentroom,whichcontainsthe
networkserversandotherequipment.Abackbonenetworkconnectstheequipmentroom
tovarioustelecommunicationsclosetsthroughoutthebuilding,whichcontainnetwork
interfaceequipment,suchasswitches,bridges,routers,orhubs.Fromthe
telecommunicationsclosets,thehorizontalcablingbranchesoutintotheworkareas,
terminatingatwallplates.Theworkareathenconsistsofthepatchcablesthatconnectthe
computersandotherequipmenttothewallplates.
Figure5-1AgenericbuildingcablingsystemasdefinedbyTIA/EIAT-568
Thisis,ofcourse,asimplifiedandgeneralizedplan.TheT568standard,in
coordinationwithotherTIA/EIAstandards,providesguidelinesforthetypesofcabling
withinandbetweenthesesubsystemsthatyoucanusetocreateawiringplancustomized
toyoursiteandyourequipment.
Contractorsyouhiretoperformanofficecableinstallationshouldbefamiliarwith
thesestandardsandshouldbewillingtocertifyinwritingthattheirworkconformstothe
guidelinestheycontain.
DataLinkLayerProtocolStandards
TheprotocolstraditionallyassociatedwiththedatalinklayeroftheOSIreferencemodel,
suchasEthernetandTokenRing,alsooverlapintothephysicallayerinthattheycontain
specificationsforthenetworkcabling.Thus,EthernetandTokenRingstandards,like
thoseproducedbytheIEEE802workinggroup,canalsobesaidtobecablingstandards.
However,thesedocumentsdonotgoasdeeplyintothedetailsofthecablepropertiesand
enterprisecablesystemdesignasT568.
CoaxialCable
Thefirstcommerciallyviablenetworktechnologiesintroducedinthe1970susedcoaxial
cableasthenetworkmedium.Coaxialcableisnamedforthetwoconductorsthatshare
thesameaxisrunningthroughthecable’scenter.Manytypesofcoppercablehavetwo
separateconductors,suchasastandardelectricalcord.Inmostofthese,thetwo
conductorsrunsidebysidewithinaninsulatingsheaththatprotectsandseparatesthem.A
coaxialcable,ontheotherhand,isround,withacoppercoreatitscenterthatformsthe
firstconductor.Itisthiscorethatcarriestheactualsignals.Alayerofdielectricfoam
insulationsurroundsthecore,separatingitfromthesecondconductor,whichismadeof
braidedwiremeshandfunctionsasaground.Aswithanyelectricalcable,thesignal
conductorandthegroundmustalwaysbeseparatedorashortwilloccur,producingnoise
onthecable.Thisentireassemblyisthenenclosedwithinaninsulatingsheath(seeFigure
5-2).
Figure5-2Across-sectionofacoaxialcable
NOTECoaxialcablescanhaveeitherasolidorastrandedcoppercare,and
theirdesignationsreflectthedifference.Thesuffix/Uindicatesasolid
core,whileA/Uindicatesastrandedcore.ThinEthernetusedeitheran
RC-58-UoranRG-58A/Ucable.
Severaltypesofcoaxialcableswereusedfornetworking,andtheyhaddifferent
properties,eveniftheyweresimilarinappearance.Datalinklayerprotocolscalledfor
specifictypesofcable,thepropertiesofwhichdeterminedtheguidelinesandlimitations
forthecableinstallation.
Today,coaxcableisprimarilyusedforconnectingtelevisionstocableboxesor
satellitereceivers.Italsomaybeusedtoconnectacomputer’scablemodemtoanInternet
serviceprovider(ISP).Intheearlydaysofcomputernetworks,thecablewasconnected
withaspecialconnectorcalledaBNC.Theactualmeaningofthebayonet-style
connecter’snameisshroudedinmystery,withmosttechniciansdividedbetweenBritish
NavalConnectorandBayonetNeill-Concelman.
ThickEthernet
RG-8/UcablewasusuallyreferredtoasthickEthernettrunkcablebecausethatwasits
primaryuse.TheRG-8/UcableusedforthickEthernetnetworkshadtheleastamountof
attenuationofthecoaxialcables,dueinnosmallparttoitbeingmuchthickerthanthe
othertypes.ThisiswhyathickEthernetnetworkcouldhavecablesegmentsupto500
meterslong,whilethinEthernetwaslimitedto185meters.
At.405inchesindiameter,RG-8/Uwassimilarinsizetoagardenhosebutmuch
heavierandlessflexible,whichmadeitdifficulttobendaroundcorners.Forthese
reasons,thecablewastypicallyinstalledalongthefloorofthesite.Bycontrast,theRC58A/UcableusedbythinEthernetwasthinner,lighter,andflexibleenoughtorundirectly
totheNIC.
ThickEthernetcablewasusuallyyellowandwasmarkedevery2.5metersforthetaps
towhichtheworkstationsconnect.Toconnectaworkstationtothecable,youapplied
whatwasknownasavampiretap.Avampiretapisaclampthatyouconnectedtothe
cableafterdrillingaholeinthesheath.Theclamphadmetal“fangs”thatpenetratedinto
thecoretosendandreceivesignals.Thevampiretapalsoincludedthetransceiver
(externaltothecomputeronathickEthernetnetwork),whichconnectedtotheNICwitha
cablewithconnectorsatbothends.
Asaresultoftheinconveniencecausedbyitsexpenseandrigidity,anddespiteits
betterperformancethanitssuccessor,thinEthernet,thickEthernetisrarelyseentoday,
evenonlegacynetworks.
ThinEthernet
ThemainadvantageoftheRG-58cableusedforthinEthernetnetworksoverRG-8wasits
relativeflexibility,whichsimplifiestheinstallationprocessandmakesitpossibletorun
thecabledirectlytothecomputer,ratherthanusingaseparateAUIcable.Comparedto
twisted-pair,however,thinEthernetisstillungainlyanddifficulttoconcealbecauseevery
workstationmusthavetwocablesconnectedtoitsNICusingaTfitting.Insteadofneat
wallplateswithmodularjacksforpatchcables,aninternalthinEthernetinstallationhad
twothick,semirigidcablesprotrudingfromthewallforeverycomputer.
Asaresultofthisinstallationmethod,thebuswasactuallybrokenintoseparate
lengthsofcablethatconnecteachcomputertothenext,unlikeathickEthernetbus,which
ideallywasonelongcablesegmentpiercedwithtapsalongitslength.Thismadeabig
differenceinthefunctionalityofthenetworkbecauseifoneofthetwoconnectionsto
eachcomputerwasbrokenforanyreason,thebuswassevered.Whenthishappened,
networkcommunicationsfailedbetweensystemsondifferentsidesofthebreak,andthe
lossofterminationononeendofeachfragmentjeopardizedallofthenetwork’straffic.
RG-58cableusedBNCconnectorstoconnecttotheTandtoconnecttheTtotheNIC
inthecomputer.Evenattheheightofitspopularity,thinEthernetcablewastypically
purchasedinbulk,andtheconnectorswereattachedbytheinstalleroradministrator;
prefabricatedcableswererelativelyrare.TheprocessofattachingaBNCconnector
involvedstrippingtheinsulationoffthecableendtoexposeboththecoppercoreandthe
ground.Theconnectoristhenappliedasseparatecomponents(asocketthatthecable
threadsthroughandapostthatslipsoverthecore).Finally,thesocketiscompressedsoit
gripsthecableandholdsthepostinplace,usingapliersliketoolcalledacrimper.
CableTelevision
Justbecausecoaxialcableisnolongerusedfornetworksdoesnotmeanthatithastotally
outliveditsusefulness.Antennas,radios,andparticularlythecabletelevisionindustrystill
useitextensively.ThecabledeliveringTVservicetoyourhomeisRG-5975-ohm
coaxial,usedinthiscaseforbroadbandratherthanbasebandtransmission(meaningthat
thesinglecablecarriesmultiple,discretesignalssimultaneously).Thiscableisalso
similarinappearancetothinEthernet,butithasdifferentpropertiesandusesdifferent
connectors.TheEconnectorusedforcableTVconnectionsscrewsintothejack,while
BNCconnectorsuseabayonetlockcoupling.
ManycableTVprovidersusethissamecoaxialcabletosupplyInternetaccessto
subscribers,aswellastelevisionsignals.Intheseinstallations,thecoaxialcableconnects
toadevicetypicallyreferredtoasacablemodem,whichthenisconnectedtoacomputer
usinga10Base-TEthernetcable.
Twisted-PairCable
Twisted-paircableisthecurrentstandardfornetworks.Whencomparedtocoaxial,itis
easiertoinstall,issuitableformanydifferentapplications,andprovidesfarbetter
performance.Perhapsthebiggestadvantageoftwisted-paircable,however,isthatitis
alreadyusedincountlesstelephonesysteminstallationsthroughouttheworld.
Thismeansthatmanycontractorsarefamiliarwiththeinstallationproceduresandthat
inanewlyconstructedofficeitispossibletoinstallthecablesatthesametimeasthe
telephonecables.Infact,manyprivatehomesnowbeingbuiltincludetwisted-pair
networkcablingaspartofthebasicserviceinfrastructure.
Unlikecoaxialcable,whichhasonlyonesignal-carryingconductorandoneground,
thetwisted-paircableusedinmostdatanetworkshasfourpairsofinsulatedcopperwires
withinasinglesheath.Eachwirepairistwistedwithadifferentnumberoftwistsperinch
toavoidelectromagneticinterferencefromtheotherpairsandfromoutsidesources(see
Figure5-3).
Figure5-3Across-sectionofatwisted-paircable
Eachpairofwiresinatwisted-paircableiscolorcoded,usingcolorsdefinedinthe
TIA/EIA-T568-AorBstandard,asshowninTable5-1.Ineachpair,thesolid-colored
wirecarriesthesignals,whilethestripedwireactsasaground.
Table5-1ColorCodesforTIA/EIAT-568
UnshieldedTwisted-Pair
Theoutersheathingofatwisted-paircablecanbeeitherrelativelythin,asinunshielded
twisted-pair(UTP)cable,orthick,asinshieldedtwisted-pair(STP).UTPcableisthe
morecommonlyusedofthetwo;mostEthernetnetworksaremorethanadequatelyserved
byUTPcable.TheUTPcableuses22or24AWGcopperconductorsandhasan
impedanceof100ohms.Theinsulationcanbeplenumratedornonplenum.
Beyondthesespecifications,theTIA/EIA-T568standarddefineslevelsof
performanceforUTPcablethatarereferredtoascategories.Ahighercategoryrating
meansthatacableismoreefficientandabletotransmitdataatgreaterspeeds.Themajor
differencebetweenthedifferentcablecategoriesisthetightnessofeachwirepair’s
twisting,commonlyreferredtoastwistperinch.Table5-2listssomeofthecategories
definedbytheT568standard,thespeedratings,themaximumrunlength,thenetwork
applications,andthemaximumfrequencyforeachcategory.
Table5-2CableCategorySpecifications
Category3cablewastraditionallyusedfortelephonesysteminstallationsandwas
alsosuitablefor10Base-TEthernetnetworks,whichrunat10Mbps.Category3wasnot
suitableforthe100MbpsspeedusedbyFastEthernet,exceptinthecaseof100Base-T4,
whichwasspecificallydesignedtorunonCategory3cable.100BaseT4wasableto
functiononlyonthiscablebecauseitusedallfourofthewirepairstocarrydata,whilethe
standardtechnologiesofthetimeusedonlytwopairs.
Category4cableprovidedamarginalincreaseinperformanceoverCategory3and
was,foratime,usedinTokenRingnetworks.Sinceitsratificationin1995,however,most
oftheUTPcableinstalledforcomputernetworks(andtelephonenetworksaswell)was
Category5.Category5UTPcable(oftenknownsimplyasCat5)providedasubstantial
performanceincrease,supportingtransmissionsatupto100MHz.
Category5e
WhileCategory5cablewassufficientforuseon100MbpsnetworkssuchasFast
Ethernet,technologycontinuedtoadvance,andwithGigabitEthernetproductsbecoming
available,runningat1Gbps(1,000Mbps),itwasnecessarytoaccommodatethehigher
speeds.
UTPcableratingshavecontinuedtoadvanceaswell.However,theprocessbywhich
theTIA/EIAstandardsaredefinedandratifiedismuchslowerthanthepaceof
technology,andmanyhigh-performancecableproductsarrivedonthemarketthat
exceededtheCategory5specificationstovaryingdegrees.In1999,afterasurprisingly
accelerateddevelopmentperiodoflessthantwoyears,theTIA/ETAratifiedtheCategory
5e(orEnhancedCategory5)standard.
TheCategory5estandardwasrevisedmorethan14timesduringitsdevelopment
becausetherewasagreatdealofconflictamongtheconcernedpartiesastohowfarthe
standardshouldgo.Category5ewasintendedprimarilytosupporttheIEEE802.3ab
GigabitEthernetstandard,alsoknownas1000Base-T,whichisaversionofthe1,000
Mbpsnetworkingtechnologydesignedtorunonthestandard100-metercoppercable
segmentsalsousedbyFastEthernet.AsyoucanseeinTable5-2,theCategory5e
standardcallsforamaximumfrequencyratingofonly100MHz,thesameasthatof
Category5cable.However,GigabitEthernetusesfrequenciesupto125MHz,and
AsynchronousTransferMode(ATM)networks,whichwerealsoexpectedtousethis
cable,couldrunatfrequenciesofupto155MHz.Asaresult,therewasagooddealof
criticismleveledatthe5estandard,sayingthatitdidn’tgofarenoughtoensureadequate
performanceofGigabitEthernetnetworks.
It’simportanttounderstandthattheTlA/EIAUTPcablestandardsconsistofmany
differentperformancerequirements,butthefrequencyratingistheonethatismost
commonlyusedtojudgethetransmissionqualityofthecable.Infact,theCategory5e
standardisbasicallytheCategory5standardwithslightlyelevatedrequirementsforsome
ofitstestingparameters,suchasnearendcrosstalk(NEXT),theattenuation-to-crosstalk
ratio(ACR),returnloss,anddifferentialimpedance.
Cat6and6a
Cat6wasestablishedin2001.ThisstandardforGigabitEthernetisbackwardcompatible
withtheCat3,5,and5estandards.Thiscablefeatureshigherspecificationsfor
suppressionofbothsystemnoiseandcrosstalkissues.Itwasspecificallydesignedtobe
interoperable,meaningcablemeetingthisstandardmustworkwithproductsmanufactured
bymostvendors.
BecauseCat6cablescontainlargercopperconductors,thesizeisabitlargerthanthe
earlierCategory5and5ecables.ThediameterofCat6rangesfrom.021inchto.25inch
(5.3mmto5.8mm).SinceCat5and5ecablesfallintherangefrom0.19inchto0.22inch
(4.8mmto5.5mm),thephysicalsizecanmakeadifferenceinaninstallation.
CrosstalkisreducedinCat6bymakingeachpairatwistof.5inchorless,whilethe
largerconductorsizeprovideslesssignalloss(attenuation)overthelengthofthecable.
AugmentedCategory6(Cat6a)cableimprovesthebandwidthofCat6.However,
becauseitisavailableinSTPformat,itmusthavespecializedconnectorstogroundthe
cableandisthereforemoreexpensivethanCat6.
Cat7
Cat7(originallyknownasClassF)isbackwardcompatiblewithbothCat5andCat6.It
isatwisted-paircablethatwasdesignedasastandardforGigabitEthernet.Ithas
additionalshieldingthathelpstoreducebothcrosstalkandsystemnoise.Becauseofthis
additionalshielding,Cat7cableisbulkierandmoredifficulttobend.AswithCat6a,
eachlayermustbegroundedoritsthrough-putperformancedeclinestonearlythatofCat
6.
NOTERemember,whenupgradingcabling,allofthenetworkcomponents
mustberatedatthesamecategory.ThismeansyouwillnothaveaCat6
networkifsomeoftheconnectorsorothercomponentsareratedatCat5.
Currently,astechnologyadvances,sodonewstandards.Cat7aiscurrentlyavailable
forsomeapplications,primarilymultipleapplicationsacrossasinglecable.Cat8and
beyondareintheworks.
ConnectorPinouts
Twisted-paircablesuseRJ-45modularconnectorsatbothends(seeFigure5-4).AnRJ-45
(RJistheacronymforregisteredjack)isaneight-pinversionofthefour-pin(or
sometimessix-pin)RJ-11connectorusedonstandardsatintelephonecables.Thepinouts
fortheconnector,whicharealsodefinedintheTIA/ElA-T568-AandBstandards,are
showninFigure5-5.
Figure5-4AnRJ-45connector
Figure5-5The568Aand568Bpinouts
TheUSOCstandard(asshowninFigure5-6)wasthetraditionalpinoutoriginatedfor
voicecommunicationsintheUnitedStates,butthisconfigurationisnotsuitablefordata.
Thisisbecausewhilepins3and6doconnecttoasingle-wirepair,pins1and2are
connectedtoseparatepairs.AT&Tdiscoveredthisshortcomingwhenitbegandoing
researchintocomputernetworksthatwouldrunovertheexistingtelecommunications
infrastructure.In1985,AT&Tpublisheditsownstandard,called258A,whichdefineda
newpinoutinwhichtheproperpinsusedthesamewirepairs.
Figure5-6The568BandUSOCpinouts
TheTIA/EIA,whichwasestablishedin1985afterthebreakupofAT&T,then
publishedthe258AstandardasanadjuncttoTIA/EIA-T568-Ain1995,givingitthename
T568-B(asshownontheleftinFigure5-6).Thus,whilethepinoutnowknownas568B
wouldseemtobenewerthan568A,itisactuallyolder.Pinout568Bbegantobeused
widelyintheUnitedStatesbeforetheTIA/EIA-T568-Astandardwasevenpublished.
AsyoucanseeinFigure5-6,theUSOCstandardusesadifferentlayoutforthewire
pairs,whilethe568Aand568Bpinoutsareidenticalexceptthatthegreenandorangewire
pairsaretransposed.Thus,thetwoTIA/EIAstandardsarefunctionallyidentical;neither
oneoffersaperformanceadvantageovertheother,aslongasbothendsofthecableuse
thesamepinout.Prefabricatedcablesareavailablethatconformtoeitheroneofthese
standards.
Inmostcases,twisted-paircableiswiredstraightthrough,meaningthateachofthe
pinsononeconnectoriswiredtoitscorrespondingpinontheotherconnector,asshown
inFigure5-7.Onatypicalnetwork,however,computersuseseparatewirepairsfor
transmittingandreceivingdata.Fortwomachinestocommunicate,thetransmittedsignal
generatedateachcomputermustbedeliveredtothereceivepinsontheother,meaning
thatasignalcrossovermustoccurbetweenthetransmitandreceivewirepairs.Thecables
arewiredstraightthrough(thatis,withoutthecrossover)onanormalEthernetLAN
becausethehubisresponsibleforperformingthecrossover.Ifyouwanttoconnectone
computertoanotherwithoutahubtoformasimpletwo-nodeEthernetnetwork,youmust
useacrossovercable,inwhichthetransmitpinsoneachendofthecableareconnectedto
thereceivepinsontheotherend,asshowninFigure5-8.
Figure5-7UTPstraight-throughwiring
Figure5-8UTPcrossoverwiring
Becauseeachpinonastraight-throughcableisconnectedtothecorrespondingpinat
theotherend,itdoesn’tmatterwhatcolorsthewiresare,aslongasthepairsareproperly
oriented.So,whenpurchasingprefabricatedcables,eitherthe568Aor568Bpinoutswill
functionproperly.Thetimewhenyoumustmakeaconsciousdecisiontouseonestandard
ortheotheriswhenyouinstallbulkcable(orhaveitinstalled).Youmustconnectthe
samecolorsoneachendofthecabletothesamepinssoyougetastraight-through
connection.Selectingonestandardandstickingtoitisthebestwaytoavoidconfusion
thatcanresultinnonfunctioningconnections.
Attachingtheconnectorstoacablerequiresacrimpertool,muchliketheoneusedfor
coaxialcable,exceptthattheprocessiscomplicatedbyhavingeightconductorstodeal
withinsteadofonlytwo.Anetworkadministratorwhoisnothandywithacrimpercan
easilypurchasetwisted-paircableswithconnectorsattachedinawidevarietyofgrades,
lengths,andcolors.
ShieldedTwisted-Pair
Shieldedtwisted-pairis150-ohmcablecontainingadditionalshieldingthatprotects
signalsagainsttheelectromagneticinterference(EMI)producedbyelectricmotors,power
lines,andothersources.OriginallyusedinTokenRingnetworks,STPisalsointendedfor
installationswhereUTPcablewouldprovideinsufficientprotectionagainstinterference.
TheshieldinginSTPcableisnotjustanadditionallayerofinertinsulation,asmany
peoplebelieve.Rather,thewireswithinthecableareencasedinametallicsheaththatisas
conductiveasthecopperinthewires.Thissheath,whenproperlygrounded,converts
ambientnoiseintoacurrent,justlikeanantenna.Thiscurrentiscarriedtothewires
within,whereitcreatesanequalandoppositecurrentflowinginthetwistedpairs.The
oppositecurrentscanceleachotherout,eliminatingnoisethatinjectsdisturbancetothe
signalspassingoverthewires.
Thisbalancebetweentheoppositecurrentsisdelicate.Iftheyarenotexactlyequal,
thecurrentcanbeinterpretedasnoiseandcandisturbthesignalsbeingtransmittedover
thecable.Tokeeptheshieldcurrentsbalanced,theentireend-to-endconnectionmustbe
shieldedandproperlygrounded.Thismeansthatallofthecomponentsinvolvedinthe
connection,suchasconnectorsandwallplates,mustalsobeshielded.Itisalsovitalto
installthecablecorrectlysothatitisgroundedproperlyandtheshieldingisnotrippedor
otherwisedisturbedatanypoint.
TheshieldinginanSTPcablecanbeeitherfoilorbraidedmetal.Themetalbraidisa
moreeffectiveshield,butitaddsweight,size,andexpensetothecable.Foil-shielded
cable,sometimesreferredtoasscreenedtwisted-pair(ScTP)orfoiltwisted-pair(FTP),is
thinner,lighter,andcheaperbutisalsolesseffectiveandmoreeasilydamaged.Inboth
cases,theinstallationisdifficultwhencomparedtoUTPbecausetheinstallersmustbe
carefulnottoflexandbendthecabletoomuch,ortheycouldriskdamagingtheshielding.
Thecablemayalsosufferfromincreasedattenuationandotherproblemsbecausethe
effectivenessoftheshieldingishighlydependentonamultitudeoffactors,includingthe
compositionandthicknessoftheshielding,thetypeandlocationoftheEMIinthearea,
andthenatureofthegroundingstructure.
ThepropertiesoftheSTPcableitselfweredefinedbyIBMduringthedevelopmentof
theTokenRingprotocol:
•Type1ATwopairsof22AWCwires,eachpairwrappedinfoil,witha
shieldlayer(foilorbraid)aroundbothpairs,andanoutersheathofeitherPVCor
plenum-ratedmaterial
•Type2ATwopairsof22AWGwires,eachpairwrappedinfoil,witha
shieldlayer(foilorbraid)aroundbothpairs,plusfouradditionalpairsof22AWG
wiresforvoicecommunications,withinanoutersheathofeitherPVCorplenumratedmaterial
•Type6ATwopairsof22AWGwires,withashieldlayer(foilorbraid)
aroundbothpairs,andanoutersheathofeitherPVCorplenum-ratedmaterial
•Type9ATwopairsof26AWGwires,withashieldlayer(foilorbraid)
aroundbothpairs,andanoutersheathofeitherPVCorplenum-ratedmaterial
Fiber-OpticCable
Fiber-opticcableiscompletelydifferentfromalloftheothercablescoveredthusfarin
thischapterbecauseitisnotbasedonelectricalsignalstransmittedthroughcopper
conductors.Instead,fiber-opticcableusespulsesoflight(photons)totransmitthebinary
signalsgeneratedbycomputers.Becausefiber-opticcableuseslightinsteadofelectricity,
nearlyalloftheproblemsinherentincoppercable,suchaselectromagneticinterference,
crosstalk,andtheneedforgrounding,arecompletelyeliminated.Inaddition,attenuation
isreducedenormously,enablingfiber-opticlinkstospanmuchgreaterdistancesthan
copper—upto120kilometersinsomecases.
Fiber-opticcableisidealforuseinnetworkbackbones,especiallyforconnections
betweenbuildings,becauseitisimmunetomoistureandotheroutdoorconditions.Fiber
cableisalsoinherentlymoresecurethancopperbecauseitdoesnotradiatedetectable
electromagneticenergylikecopper,anditisextremelydifficulttotap.
Thedrawbacksoffiberopticmainlycenterarounditsinstallationandmaintenance
costs,whichareusuallythoughtofasbeingmuchhigherthanthoseforcoppermedia.
Whatusedtobeagreatdifference,however,hascomeclosertoeveningoutinrecent
years.Thefiber-opticmediumisatthispointonlyslightlymoreexpensivethanUTP.
Evenso,theuseoffiberdoespresentsomeproblems,suchasintheinstallationprocess.
Pullingthecableisbasicallythesameaswithcopper,butattachingtheconnectors
requirescompletelydifferenttoolsandtechniques—youcanessentiallythroweverything
youmayhavelearnedaboutelectricwiringoutthewindow.
Fiberopticshasbeenaroundforalongtime;eventheearly10MbpsEthernet
standardssupporteditsuse,callingitFOIRL,andlater10BaseF.Fiberopticscameintoits
own,however,asahigh-speednetworktechnology,andtodayvirtuallyallofthedatalink
layerprotocolscurrentlyinusesupportitinsomeform.
Fiber-OpticCableConstruction
Afiber-opticcableconsistsofacoremadeofglassorplasticandacladdingthat
surroundsthecore;thenithasaplasticspacerlayer,alayerofKevlarfiberforprotection,
andanoutersheathofTeflonorPVC,asshowninFigure5-9.Therelationshipbetween
thecoreandthecladdingenablesfiber-opticcabletocarrysignalslongdistances.The
transparentqualitiesofthecoreareslightlygreaterthanthoseofthecladding,which
makestheinsidesurfaceofthecladdingreflective.Asthelightpulsestravelthroughthe
core,theyreflectbackandforthoffthecladding.Thisreflectionenablesyoutobendthe
cablearoundcornersandstillhavethesignalspassthroughitwithoutobstruction.
Figure5-9Cross-sectionofafiber-opticcable
Therearetwomaintypesoffiber-opticcable,calledsinglemodeandmultimode,that
differinseveralways.Themostimportantdifferenceisinthethicknessofthecoreand
thecladding.Singlemodefiberistypicallyratedat8.3/125micronsandmultimodefiberat
62.5/125microns.Thesemeasurementsrefertothethicknessofthecoreandthethickness
ofthecladdingandthecoretogether.Lighttravelsdowntherelativelythincoreof
singlemodecablewithoutreflectingoffthecladdingasmuchasinmultimodefiber’s
thickercore.Thesignalcarriedbyasinglemodecableisgeneratedbyalaserandconsists
ofonlyasinglewavelength,whilemultimodesignalsaregeneratedbyalight-emitting
diode(LED)andcarrymultiplewavelengths.Together,thesequalitiesenablesinglemode
cabletooperateathigherbandwidthsthanmultimodeandtraversedistancesupto50
timeslonger.
However,singlemodecableisoftenmoreexpensiveandhasarelativelyhighbend
radiuscomparedtomultimode,whichmakesitmoredifficulttoworkwith.MostfiberopticLANsusemultimodecable,which,althoughinferiorinperformancetosinglemode,
isstillvastlysuperiortocopper.
Multimodecablesareoftenusedforlocalnetworkinstallationswhenextremedistance
isnotanissue.Sincesinglemodecablestransmitlaserlight,ittravelsinonlyonedirection
sothatthewavelengthitusesiscompatiblewiththelaserlightdetectoratthereceiving
end.Thistypeoffiber-opticcableisusedprimarilywheredataspeedanddistanceare
paramount.
Fiber-opticcablesareavailableinavarietyofconfigurationsbecausethecablecanbe
usedformanydifferentapplications.Simplexcablescontainasinglefiberstrand,while
duplexcablescontaintwostrandsrunningsidebysideinasinglesheath.Breakoutcables
cancontainasmanyas24fiberstrandsinasinglesheath,whichyoucandividetoserve
varioususesateachend.Becausefiber-opticcableisimmunetocoppercableproblems
suchasEMIandcrosstalk,it’spossibletobundlelargenumbersofstrandstogether
withouttwistingthemorworryingaboutsignaldegradation,aswithUTPcable.
Fiber-OpticConnectors
Theoriginalconnectorusedonfiber-opticcableswascalledastraighttip(ST)connector.
Itwasabarrel-shapedconnectorwithabayonetlockingsystem,asshowninFigure5-10.
ItwasreplacedbytheSCtype(whichstandsforsubscriberconnector,standard
connector,orSiemonconnector),whichmanyconsidernowtobethetraditional
connector.TheSChasasquarebodyandlocksbysimplypushingitintothesocket.
Figure5-10showstheSTandSCconnectors.
Figure5-10Fiber-opticconnectorsSC(left)andST(right)
Today,connectorswithsmallerformfactorsarereplacingthetraditionalfiber-optic
connectors.Thesesmallerconnectorsreducethefootprintofthenetworkbyallowing
moreconnectorstobeinstalledineachfaceplate.Oneofthemostcommonofthesesmall
connectorsistheLC(whichstandsforlocalconnectororLucentconnector).TheLCisa
duplexconnectorthatisdesignedfortwofiber-opticcables.
Usingfiber-opticcableimpartsafreedomtothenetworkdesignerthatcouldneverbe
realizedwithcoppermedia.Becausefiberopticpermitssegmentlengthsmuchgreater
thanUTP,havingtelecommunicationsclosetscontainingswitchesorhubsscatteredabout
alargeinstallationisnolongernecessary.Instead,horizontalcablerunscanextendallthe
wayfromwallplatesdowntoacentralequipmentroomthatcontainsallofthenetwork’s
patchpanels,hubs,switches,routers,andothersuchdevices.Thisisknownasacollapsed
backbone.Ratherthantravelingconstantlytoremoteareasoftheinstallation,themajority
oftheinfrastructuremaintenancecanbeperformedatthisonelocation.Formore
informationaboutnetworkdesign,seeChapter9.
CHAPTER
6
WirelessLANs
Untilrecently,computernetworkswerethoughtofasusingcablesfortheir
communicationsmedium,buttherehavealsobeenwirelessnetworkingsolutionsavailable
formanyyears.Wirelessnetworkingproductstypicallyusesomeformofradioorlight
waves;thesearecalledunboundedmedia(asopposedtoboundedmedia,whichrefersto
cablednetworks).Thesemediaenableuserswithproperlyequippedcomputerstointeract
withothernetworkedcomputers,justasiftheywereconnectedtothemwithcables.
Wirelessnetworkingproductslonghadareputationforpoorperformanceand
unreliability.Itisonlyinthelasttenortwelveyearsthatthesetechnologieshave
developedtothepointatwhichtheyareserioustoolsforbusinessusers.
Inmanycases,usershavecometoexpectconnectivityinnearlyeverysetting,whether
itbeinthegrocerystore,onacommutertrain,orinarestaurantline.Whetheritbewitha
cellphone,atablet,oralaptop,weexpecttobeabletodownloade-mailandaccessboth
theInternetandourcompany’snetworkinaninstant.Mosttelephoneserviceproviders
nowenableuserstoaccessalloftheseservicesinanylocation.Oneoftheadvantagesof
cellular-baseddatanetworkingisitsrange.UserscanaccesstheInternetandother
networksfromanyplacesupportedbythecellularnetwork.
WirelessNetworks
Wirelessnetworks,orwirelesslocalareanetworks(WLANs),connectdeviceswithradio
wavesratherthancables.Theabilitytoconnectservers,printers,scanningdevices,and
workstationswithoutdraggingcablingthroughwallsisthebiggestadvantageofwireless
networking.
NOTEWideareanetworksarealsowirelessandareintroducedinChapter7.
Themaindifferencebetweenatraditional,cablednetworkandawirelessnetworkis
thewaythedataistransmitted.Wirelessnetworksuseatransmittercalledawireless
accesspoint(WAP)thathasbeenwiredintoanInternetconnectiontocreateahotspotfor
theconnection.Accesstothewirelessnetworkthendependsonseveralthings:
•DistancefromaWAPThecloseroneistoanaccesspoint,thebetterthe
signal.
•TransmissionstrengthofthewirelesscardWirelessfidelity(WiFi)cards
havevaryingdegreesoftransmittingcapabilities.Normally,lower-costcardshave
lesspowerthanmoreexpensivecardsandthereforemustbeclosertotheaccess
point.
•ExistinginterferenceMicrowavedevices,cordlessphones,computers,and
evenBluetoothdevicescaninterferewithaWiFinetwork.
•Currenttrafficonthenetwork,includingthenumberofcurrentusers
DependingontheIEEE802.11standardofaWAPandwhatthecurrentusersare
doing,morethan20usersaccessingaspecificWAPcancausetheconnectionto
degrade.Thisisespeciallytrueifusersareusingfile-sharingsoftwareorpeer-topeerapplicationssuchasSkype.
•LocalenvironmentcharacteristicsBesuretonotehowphysical
obstructionsorbarrierssuchaswalls,placementofdevices,andothersuchissues
willaffectyournetwork.Inasmall-officeenvironment,therearemanycasesof
poorlydesignedwirelessinstallationsduetolackofunderstandingoftheeffects
ofphysicalobstructionsandthechoicebetweenlowerandhigherfrequenciesto
mitigatetheselimitations.
NOTESee“TheIEEE802.11Standards”sectionlaterinthischapterformore
information.
AdvantagesandDisadvantagesofWirelessNetworks
Whilewirelessnetworksarecertainlyusefulandhavetheiradvantages,theyhavesome
definitedisadvantageswhencomparedwithwired(cabled)networks.Table6-1discusses
someoftheadvantagesanddisadvantages.
Table6-1AdvantagesandDisadvantagesofWirelessNetworksvs.WiredNetworks
TypesofWirelessNetworks
Therearemanytypesofwireless,suchasWiFi,Bluetooth,satelliteservices,andothers,
inusetoday.Bluetooth,namedforatenth-centuryDanishking,providesshort-range
wirelesscommunicationsbetweendevicessuchascellularphones,keyboards,orprinters
ataverylowcost.Bluetoothusesradiofrequencysignals,whicharenotlimitedtoline-ofsighttransmissions.Often,keyboardsormiceareavailablewithBluetoothtechnologyto
usewithacellphone,laptop,ortablet.
ThemostwidelyusedtechnologytodayisWiFi.Thistechnologyhasbetter
connectionspeedsand,ifconfiguredproperly,ismoresecurethanaBluetoothconnection.
Table6-2showssomeofthedifferencesbetweenthetwo.
Table6-2Bluetoothvs.WiFi
WirelessApplications
Themostimmediateapplicationforwirelesslocalareanetworkingisthesituationwhereit
isimpracticalorimpossibletoinstallacablednetwork.Insomecases,theconstructionof
abuildingmaypreventtheinstallationofnetworkcables,whileinothers,cosmetic
concernsmaybetheproblem.Forexample,akioskcontainingacomputerthatprovides
informationtoguestsmightbeaworthwhileadditiontoaluxuryhotel,butnotatthe
expenseofrunningunsightlycablesacrossthefloororwallsofameticulouslydecorated
lobby.Thesamemightbethecaseforasmalltwo-orthree-nodenetworkinaprivate
home,whereinstallingcablesinsidewallswouldbedifficultandusingexternalcables
wouldbeunacceptableinappearance.
AnotherapplicationforwirelessLANsistosupportmobileclientcomputers.These
mobileclientscanrangefromlaptop-equippedtechnicalsupportpersonnelforacorporate
internetworktorovingcustomerservicerepresentativeswithspecializedhandheld
devices,suchasrentalcarandbaggagecheckworkersinairports.Withtoday’shandheld
computersandawirelessLANprotocolthatisreliableandreasonablyfast,the
possibilitiesforitsuseareendless.Herearesomeexamples:
•Hospitalscanstorepatientrecordsinadatabaseandpermitdoctorsand
nursestocontinuallyupdatethembyenteringnewinformationintoamobile
computer.
•Workersinretailstorescandynamicallyupdateinventoryfiguresby
scanningtheitemsontheshelves.
•Atravelingsalespersoncanwalkintothehomeofficewithalaptopinhand,
andassoonasthecomputeriswithinrangeofthewirelessnetwork,itconnectsto
theLAN,downloadsnewe-mail,andsynchronizestheuser’sfileswithcopies
storedonanetworkserver.
TheIEEE802.11Standards
In1997,theIEEEpublishedthefirstversionofastandardthatdefinedthephysicaland
datalinklayerspecificationsforawirelessnetworkingprotocolthatwouldmeetthe
followingrequirements:
•Theprotocolwouldsupportstationsthatarefixed,portable,ormobile,
withinalocalarea.Thedifferencebetweenportableandmobileisthataportable
stationcanaccessthenetworkfromvariousfixedlocations,whileamobilestation
canaccessthenetworkwhileitisactuallyinmotion.
•Theprotocolwouldprovidewirelessconnectivitytoautomaticmachinery,
equipment,orstationsthatrequirerapiddeployment—thatis,rapidestablishment
ofcommunications.
•Theprotocolwouldbedeployableonaglobalbasis.
Thisdocument(asofthewritingofthischapter)isnowknownasIEEE802.11,2012
edition,“WirelessLANMediumAccessControl(MAC)andPhysicalLayer(PHY)
Specifications.”Because802.11wasdevelopedbythesameIEEE802committee
responsibleforthe802.3(Ethernet)and802.5(TokenRing)protocols,itfitsintothesame
physicalanddatalinklayerstackarrangement.Thedatalinklayerisdividedintothe
logicallinkcontrol(LLC)andmediaaccesscontrol(MAC)sublayers.The802.11
documentsdefinethephysicallayerandMACsublayerspecificationsforthewireless
LANprotocol,andthesystemsusethestandardLLCsublayerdefinedinIEEE802.2.
Fromthenetworklayerup,thesystemscanuseanystandardsetofprotocols,suchas
TCP/IPorIPX.
NOTEFormoreinformationonLLC,seeChapter10.
Despitetheinclusionof802.11inthesamecompanyasEthernetandTokenRing,the
useofwirelessmediacallsforcertainfundamentalchangesinthewayyouthinkabouta
localareanetworkanditsuse.Someofthesechangesareasfollows:
•UnboundedmediaAwirelessnetworkdoesnothavereadilyobservable
connectionstothenetworkorboundariesbeyondwhichnetworkcommunication
ceases.
•DynamictopologyUnlikecablednetworks,inwhichtheLANtopologyis
meticulouslyplannedoutbeforetheinstallationandremainsstaticuntildeliberate
changesaremade,thetopologyofawirelessLANchangesfrequently,ifnot
continuously.
•UnprotectedmediaThestationsonawirelessnetworkarenotprotected
fromoutsidesignalsascablednetworksare.Onacablednetwork,outside
interferencecanaffectsignalquality,butthereisnowayforthesignalsfromtwo
separatebutadjacentnetworkstobeconfused.Onawirelessnetwork,roving
stationscanconceivablywanderintoadifferentnetwork’soperationalperimeter,
compromisingsecurity.
•UnreliablemediaUnlikeacablednetwork,aprotocolcannotworkunder
theassumptionthateverystationonthenetworkreceiveseverypacketandcan
communicatewitheveryotherstation.
•AsymmetricmediaThepropagationofdatatoallofthestationsona
wirelessnetworkdoesnotnecessarilyoccuratthesamerate.Therecanbe
differencesinthetransmissionratesofindividualstationsthatchangeasthe
devicemovesortheenvironmentinwhichitisoperatingchanges.
Asaresultofthesechanges,thetraditionalelementsofadatalinklayerLANprotocol
(theMACmechanism,theframeformat,andthephysicallayerspecifications)havetobe
designedwithdifferentoperationalcriteriainmind.
ThePhysicalLayer
The802.11physicallayerdefinestwopossibletopologiesandthreetypesofwireless
media,operatingatfourpossiblespeeds.
PhysicalLayerTopologies
AsyoulearnedinChapter1,thetermtopologyusuallyreferstothewayinwhichthe
computersonanetworkareconnected.Abustopology,forexample,meansthateach
computerisconnectedtothenextone,indaisy-chainfashion,whileinastartopology,
eachcomputerisconnectedtoacentralhub.Theseexamplesapplytocablednetworks,
however.Wirelessnetworksdon’thaveaconcretetopologylikecabledonesdo.
Unboundedmediadevices,bydefinition,enablewirelessnetworkdevicestotransmit
signalstoalloftheotherdevicesonthenetworksimultaneously.However,thisdoesnot
equatetoameshtopology,asdescribedinChapter1.Althougheachdevicetheoretically
cantransmitsignalstoalloftheotherwirelessdevicesonthenetworkatanytime,this
doesnotnecessarilymeanthatitwill.Mobilityisanintegralpartofthewirelessnetwork
design,andawirelessLANprotocolmustbeabletocompensateforsystemsthatenter
andleavetheareainwhichthemediumcanoperate.Theresultisthatthetopologiesused
bywirelessnetworksarebasicrulesthattheyusetocommunicate,andnotstatic
arrangementsofdevicesatspecificlocations.IEEE802.11supportstwotypesofwireless
networktopologies:theadhoctopologyandtheinfrastructuretopology.
Thefundamentalbuildingblockofan802.11wirelessLANisthebasicserviceset
(BSS).ABSSisageographicalareainwhichproperlyequippedwirelessstationscan
communicate.TheconfigurationandareaoftheBSSaredependentonthetypeof
wirelessmediumbeingusedandthenatureoftheenvironmentinwhichit’sbeingused,
amongotherthings.Anetworkusingaradiofrequency–basedmediummighthaveaBSS
thatisroughlyspherical,forexample,whileaninfrarednetworkwoulddealmorein
straightlines.TheboundariesoftheBSScanbeaffectedbyenvironmentalconditions,
architecturalelementsofthesite,andmanyotherfactors,butwhenastationmoveswithin
thebasicserviceset’ssphereofinfluence,itcancommunicatewithotherstationsinthe
sameBSS.WhenitmovesoutsideoftheBSS,communicationceases.
ThesimplesttypeofBSSconsistsoftwoormorewirelesscomputersorotherdevices
thathavecomewithintransmissionrangeofeachother,asshowninFigure6-1.The
processbywhichthedevicesenterintoaBSSiscalledassociation.Eachwirelessdevice
hasanoperationalrangedictatedbyitsequipment,andasthetwodevicesapproacheach
other,theareaofoverlapbetweentheirrangesbecomestheBSS.Thisarrangement,in
whichallofthenetworkdevicesintheBSSaremobileorportable,iscalledanadhoc
topologyoranindependentBSS(IBSS).Thetermadhoctopologyreferstothefactthata
networkofthistypemayoftencometogetherwithoutpriorplanningandexistonlyas
longasthedevicesneedtocommunicate.Thistypeoftopologyoperatesasapeer-to-peer
networkbecauseeverydeviceintheBSScancommunicatewitheveryotherdevice.An
examplemightbetransmittingafiletoyourprinterordiagramtoacolleague’stablet.
Multipleadhocnetworkscanbecreatedtotransferdatabetweenseveraldevices.Bytheir
nature,adhocnetworksaretemporary.WhileFigure6-1depictstheBSSasroughly
ovularandtheconvergenceofthecommunicatingdevicesasbeingcausedbytheir
physicallyapproachingeachother,theactualshapeoftheBSSislikelytobefarless
regularandmoreephemeral.Therangesofthedevicescanchangeinstantaneously
becauseofmanydifferentfactors,andtheBSScangrow,shrink,orevendisappear
entirelyatamoment’snotice.
Figure6-1Abasicservicesetcanbeassimpleastwowirelessstationswithincommunicationrangeofeachother.
Whileanadhocnetworkusesbasicservicesetsthataretransientandconstantly
mutable,it’salsopossibletobuildawirelessnetworkwithbasicservicesetsthataremore
permanent.Thisisthebasisofanetworkthatusesaninfrastructuretopology.An
infrastructurenetworkconsistsofatleastonewirelessaccesspoint(AP),whichiseithera
stand-alonedeviceorawireless-equippedcomputerthatisalsoconnectedtoastandard
boundednetworkusingacable.Theaccesspointhasanoperationalrangethatisrelatively
fixed(whencomparedtoanIBSS)andfunctionsasthebasestationforaBSS.Any
mobilestationthatmoveswithintheAP’ssphereofinfluenceisassociatedintotheBSS
andbecomesabletocommunicatewiththecablednetwork(seeFigure6-2).Notethatthis
ismoreofaclient-serverarrangementthanapeer-to-peerone.TheAPenablesmultiple
wirelessstationstocommunicatewiththesystemsonthecablednetworkbutnotwith
eachother.However,theuseofanAPdoesnotpreventmobilestationsfrom
communicatingwitheachotherindependentlyoftheAP.
Figure6-2Anaccesspointenableswirelessstationstoaccessresourcesonacablednetwork.
ItisbecausetheAPispermanentlyconnectedtothecablednetworkandnotmobile
thatthistypeofnetworkissaidtouseaninfrastructuretopology.Thisarrangementis
typicallyusedforcorporateinstallationsthathaveapermanentcablednetworkthatalso
mustsupportwirelessdevicesthataccessresourcesonthecablednetwork.An
infrastructurenetworkcanhaveanynumberofaccesspointsandthereforeanynumberof
basicservicesets.Thearchitecturalelementthatconnectsbasicservicesetstogetheris
calledadistributionsystem(DS).Together,thebasicservicesetsandtheDSthatconnects
themarecalledtheextendedservicesset(ESS).Inpractice,theDSistypicallyacabled
networkusingIEEE802.3(Ethernet)oranotherstandarddatalinklayerprotocol,butthe
networkcanconceivablyuseawirelessdistributionsystem(WDS).Technically,theAPin
anetworkofthistypeisalsocalledaportalbecauseitprovidesaccesstoanetworkusing
anotherdatalinklayerprotocol.It’spossiblefortheDStofunctionsolelyasameansof
connectingAPsandnotprovideaccesstoresourcesonacablednetwork.Whetherthe
mediausedtoformtheBSSandtheDSarethesameordifferent(thestandardtakesno
stanceeitherway),802.11logicallyseparatesthewirelessmediumfromthedistribution
systemmedium.
Thebasicservicesetsconnectedbyadistributionsystemcanbephysicallyconfigured
inalmostanyway.Thebasicservicesetscanbewidelydistantfromeachothertoprovide
wirelessnetworkconnectivityinspecificremoteareas,ortheycanoverlaptoprovidea
largeareaofcontiguouswirelessconnectivity.It’salsopossibleforaninfrastructureBSS
tobeconcurrentwithanIBSS.The802.11standardmakesnodistinctionbetweenthetwo
topologiesbecausebothmustpresentthesameappearancetotheLLCsublayeroperating
attheupperhalfofthedatalinklayer.
PhysicalLayerMedia
TheoriginalIEEE802.11standarddefinedthreephysicallayermedia,twothatusedradio
frequency(RF)signalsandonethatusedinfraredlightsignals.AwirelessLANcoulduse
anyoneofthethreemedia,allofwhichinterfacewiththesameMAClayer.Thesethree
mediawereasfollows:
•Frequency-hoppingspreadspectrum(FHSS)
•Direct-sequencespreadspectrum(DSSS)
•Infrared
ThetwoRFmediabothusedspreadspectrumcommunication,whichisacommon
formofradiotransmissionusedinmanywirelessapplications.Inventedduringthe1940s,
spreadspectrumtechnologytakesanexistingnarrowbandradiosignalanddividesit
amongarangeoffrequenciesinanyoneofseveralways.Theresultisasignalthat
utilizesmorebandwidthbutislouderandeasierforareceivertodetect.Atthesametime,
thesignalisdifficulttointerceptbecauseattemptstolocateitbyscanningthroughthe
frequencybandsturnuponlyisolatedfragments.Itisalsodifficulttojambecauseyou
wouldhavetoblockawiderrangeoffrequenciesforthejammingtobeeffective.
The802.11RFmediaoperateinthe2.4GHzfrequencyband,occupyingthe83MHz
ofbandwidthbetween2.400and2.483GHz.Thesefrequenciesareunlicensedinmost
countries,althoughtherearevaryinglimitationsonthesignalstrengthimposedby
differentgovernments.
Thedifferencebetweenthevarioustypesofspreadspectrumcommunicationsliesin
themethodbywhichthesignalsaredistributedamongthefrequencies.Frequencyhoppingspreadspectrum,forexample,usedapredeterminedcodeoralgorithmtodictate
frequencyshiftsthatoccurcontinually,indiscreteincrements,overawidebandof
frequencies.The802.11FHSSimplementationcalledforseventynine1MHzchannels,
althoughsomecountriesimposedsmallerlimits.Obviously,thereceivingdevicemustbe
equippedwiththesamealgorithminordertoreadthesignalproperly.Therateatwhich
thefrequencychanges(thatis,theamountoftimethatthesignalremainsateach
frequencybeforehoppingtothenextone)isindependentofthebitrateofthedata
transmission.Ifthefrequency-hoppingrateisfasterthanthesignal’sbitrate,the
technologyiscalledafasthopsystem.lfthefrequency-hoppingrateisslowerthanthebit
rate,youhaveaslowhopsystem.The802.11FHSSimplementationranat1Mbps,with
anoptional2Mbpsrate.
Indirect-sequencespreadspectrumcommunications,thesignaltobetransmittedis
modulatedbyadigitalcodecalledachiporclappingcode,whichhasabitratelargerthan
thatofthedatasignal.Thechippingcodeisaredundantbitpatternthatessentiallyturns
eachbitinthedatasignalintoseveralbitsthatareactuallytransmitted.Thelongerthe
chippingcode,themoretheoriginaldatasignalisenlarged.Thisenlargementofthesignal
makesiteasierforthereceivertorecoverthetransmitteddataifsomebitsaredamaged.
Themorethesignalisenlarged,thelesssignificanceattributedtoeachbit.Likewith
FHSS,areceiverthatdoesn’tpossessthechippingcodeusedbythetransmittercan’t
interprettheDSSSsignal,seeingitasjustnoise.TheDSSSimplementationintheoriginal
802.11documentsupported1and2Mbpstransmissionrates.IEEE802.11bexpandedthis
capabilitybyaddingtransmissionratesof5.5and11Mbps.OnlyDSSSsupportedthese
fasterrates,whichistheprimaryreasonwhyitwasthemostcommonlyused802.11
physicallayerspecification.
Lateramendmentshaveimprovedonthetransmissionrates,asshowninTable6-3.
Table6-3802.11StandardsandCurrentAmendments
Infraredcommunicationsusefrequenciesinthe850to950nanometerrange,just
belowthevisiblelightspectrum.ThismediumisrarelyimplementedonwirelessLANs
becauseofitslimitedrange.Unlikemostinfraredmedia,theIEEE802.11infrared
implementationdoesnotrequiredirectline-of-sightcommunications;aninfrarednetwork
canfunctionusingdiffuseorreflectedsignals.However,therangeofcommunicationsis
limitedwhencomparedtoFHSSandDSSS,about10to20meters,andcanfunction
properlyonlyinanindoorenvironmentwithsurfacesthatprovideadequatesignal
diffusionorreflection.Thismakesinfraredunsuitableformobiledevicesandplacesmore
constraintsonthephysicallocationofthewirelessdevicethaneitherFHSSorDHSS.
LikeFHSS,the802.11infraredmediumsupporteda1Mbpstransmissionrateandan
optionalrateof2Mbps.
OrthogonalFrequencyDivisionMultiplexingwasapprovedin1999.Thisprotocol
increasesthroughputto54Mbps,andin2003thisprocesswasapprovedforthe2.4GHz
band.ThismethodisoftenusedforwidebandtransmissionpopularforDSLInternet
access,4Gmobilecommunication,anddigitaltelevision.Itsmainadvantageistheuseof
multiple,narrowbandcarriersratherthanonewidebandcarriertotransportdata.Itis
efficientandworkswellevenwhenreceivinginterferencefromanarrowband.However,
OFDMissensitivetofrequencyoffset,anintentionalshiftofbroadcastfrequenciesdone
toeliminateorlesseninterferencefromotherradiotransmitters.
Since1999therehavebeenseveralamendmentstotheIEEE802.11standard,as
showninTable6-3.
NOTETable6-3showsinformationasofthewritingofthischapter.
PhysicalLayerFrames
InsteadofarelativelysimplesignalingschemesuchastheManchesterandDifferential
ManchestertechniquesusedbyEthernetandTokenRing,respectively,themedia
operatingatthe802.11physicallayerhavetheirownframeformatsthatencapsulatethe
framesgeneratedatthedatalinklayer.Thisisnecessarytosupportthecomplexnatureof
themedia.
TheFrequency-HoppingSpreadSpectrumFrame
TheFHSSframeconsistsofthefollowingfields:
•Preamble(10bytes)Contains80bitsofalternatingzerosandonesthatthe
receivingsystemusestodetectthesignalandsynchronizetiming.
•StartofFrameDelimiter(2bytes)Indicatesthebeginningoftheframe.
•Length(12bits)Specifiesthesizeofthedatafield.
•Signaling(4bits)Containsonebitthatspecifieswhetherthesystemisusing
the1or2Mbpstransmissionrate.Theotherthreebitsarereservedforfutureuse.
Nomatterwhichtransmissionratethesystemisusing,thepreambleandheader
fieldsarealwaystransmittedat1Mbps.Onlythedatafieldistransmittedat2
Mbps.
•CRC(2bytes)Containsacyclicredundancycheckvalue,usedbythe
receivingsystemtotestfortransmissionerrors.
•Data(0to4,095bytes)Containsthedatalinklayerframetobetransmitted
tothereceivingsystem.
TheDirect-SequenceSpreadSpectrumFrame
TheDSSSframeisillustratedinFigure6-3andconsistsofthefollowingfields:
•Preamble(16bytes)Contains128bitsthatthereceivingsystemusesto
adjustitselftotheincomingsignal
•StartofFrameDelimiter(SFD)(2bytes)Indicatesthebeginningofthe
frame
•Signal(1byte)Specifiesthetransmissionrateusedbythesystem
•Service(1byte)ContainsthehexadecimalvalueO0,indicatingthatthe
systemcomplieswiththeIEEE802.11standard
•Length(2bytes)Specifiesthesizeofthedatafield
•CRC(2bytes)Containsacyclicredundancycheckvalue,usedbythe
receivingsystemtotestfortransmissionerrors
•Data(variable)Containsthedatalinklayerframetobetransmittedtothe
receivingsystem
Figure6-3TheDSSSframeformat
TheInfraredFrame
Theframeusedforinfraredtransmissionsconsistsofthefollowingfields:
•Synchronization(SYNC)(57to73slots)Usedbythereceivingsystemto
synchronizetimingand,optionally,toestimatethesignal-to-noiseratioand
performotherpreparatoryfunctions
•StartofFrameDelimiter(SFD)(4slots)Indicatesthebeginningofthe
frame
•DataRate(3slots)Specifiesthetransmissionrateusedbythesystem
•DCLevelAdjustment(DCLA)(32slots)Usedbythereceivertostabilize
theDClevelafterthetransmissionoftheprecedingfields
•Length(2bytes)Specifiesthesizeofthedatafield
•CRC(2bytes)Containsacyclicredundancycheckvalue,usedbythe
receivingsystemtotestfortransmissionerrors
•Data(0to2,500bytes)Containsthedatalinklayerframetobetransmitted
tothereceivingsystem
TheOrthogonalFrequencyDivisionMultiplexingFrame
TheOFDMframehasfourregions:
•ShortPreambleThissectionconsistsof10shortsymbolsthathavebeen
assignedtosubcarriers(-24through24).
•LongPreambleThisincludestwolongsymbolsthathavebeenassignedto
allsubcarriers.
•SignalFieldThiscontainsoneOFDMsymbolthatisassignedtoall
subcarriers.Thesignalfieldisnotscrambled.
•Data/ServiceFieldThisregionisscrambledandtheencodinganddatarates
vary,alongwiththemodulation.
TheDataLinkLayer
LikewithIEEE802.3(Ethernet)and802.5(TokenRing),the802.11documentdefines
onlyhalfofthefunctionalityfoundatthedatalinklayer.LiketheotherIEEE802
protocols,theLLCsublayerformstheupperhalfofthedatalinklayerandisdefinedin
theIEEE802.2standard.The802.11documentdefinestheMACsublayerfunctionality,
whichconsistsofaconnectionlesstransportservicethatcarriesLLCdatatoadestination
onthenetworkintheformofMACservicedataunits(MSDUs).Likeotherdatalinklayer
protocols,thisserviceisdefinedbyaframeformat(actuallyseveralframeformats,inthis
case)andamediaaccesscontrolmechanism.TheMACsublayeralsoprovidessecurity
services,suchasauthenticationandencryption,andreorderingofMSDUs.
DataLinkLayerFrames
The802.11standarddefinesthreebasictypesofframesattheMAClayer,whichareas
follows:
•DataframesUsedtotransmitupperlayerdatabetweenstations
•ControlframesUsedtoregulateaccesstothenetworkmediumandto
acknowledgetransmitteddataframes
•ManagementframesUsedtoexchangenetworkmanagementinformation
toperformnetworkfunctionssuchasassociationandauthentication
Figure6-4showsthegeneralMACframeformat.Thefunctionsoftheframefieldsare
asfollows:
•FrameControl(2bytes)Contains11subfieldsthatenablevariousprotocol
functions.Thesubfieldsareasfollows:
•ProtocolVersion(2bits)Thisspecifiestheversionofthe802.11
standardbeingused.
•Type(2bits)Thisspecifieswhetherthepacketcontainsamanagement
frame(00),acontrolframe(01),oradataframe(10).
•Subtype(4bits)Thisidentifiesthespecificfunctionoftheframe.
•ToDS(1bit)Avalueof1inthisfieldindicatesthattheframeisbeing
transmittedtothedistributionsystem(DS)viaanaccesspoint(AP).
•FromDS(1bit)Avalueof1inthisfieldindicatesthattheframeis
beingreceivedfromtheDS.
•MoreFrag(1bit)Avalueof1indicatesthatthepacketcontainsa
fragmentofaframeandthattherearemorefragmentsstilltobetransmitted.
WhenfragmentingframesattheMAClayer,an802.11systemmustreceivean
acknowledgmentforeachfragmentbeforetransmittingthenextone.
•Retry(1bit)Avalueof1indicatesthatthepacketcontainsafragment
ofaframethatisbeingretransmittedafterafailuretoreceivean
acknowledgment.Thereceivingsystemusesthisfieldtorecognizeduplicate
packets.
•PwrMgt(1bit)Avalueof0indicatesthatthestationisoperatingin
activemode;avalueof1indicatesthatthestationisoperatinginpower-save
mode.APsbufferpacketsforstationsoperatinginpower-savemodeuntilthey
changetoactivemodeorexplicitlyrequestthatthebufferedpacketsbe
transmitted.
•MoreData(1bit)Avalueof1indicatesthatanAPhasmorepacketsfor
thestationthatarebufferedandawaitingtransmission.
•WEP(1bit)Avalueof1indicatesthattheFrameBodyfieldhasbeen
encryptedusingtheWiredEquivalentPrivacy(WEP)algorithm,whichisthe
securityelementofthe802.11standard.WEPcanbeusedonlyinmanagement
framesusedtoperformauthentications.
•Order(1bit)Avalueof1indicatesthatthepacketcontainsadataframe
(orfragment)thatisbeingtransmittedusingtheStrictlyOrderedserviceclass,
whichisdesignedtosupportprotocolsthatcannotprocessreorderedframes.
•Duration/ID(2bytes)Incontrolframesusedforpower-savepolling,this
fieldcontainstheassociationidentity(AID)ofthestationtransmittingtheframe.
Inallotherframetypes,thefieldindicatestheamountoftime(inmicroseconds)
neededtotransmitaframeanditsshortinterframespace(SIFS)interval.
•Address1(6bytes)Thiscontainsanaddressthatidentifiestherecipientof
theframe,usingoneofthefiveaddressesdefinedin802.11MACsublayer
communications,dependingonthevaluesoftheToDSandFromDSfields.
•Address2(6bytes)Thiscontainsoneofthefiveaddressesusedin802.11
MACsublayercommunications,dependingonthevaluesoftheToDSandFrom
DSfields.
•Address3(6bytes)Thiscontainsoneofthefiveaddressesusedin802.11
MACsublayercommunications,dependingonthevaluesoftheToDSandFrom
DSfields.
•SequenceControl(2bytes)Thiscontainstwofieldsusedtoassociatethe
fragmentsofaparticularsequenceandassemblethemintotherightorderatthe
destinationsystem:
•FragmentNumber(4bits)Containsavaluethatidentifiesaparticular
fragmentinasequence.
•SequenceNumber(12bits)Containsavaluethatuniquelyidentifiesthe
sequenceoffragmentsthatmakeupadataset.
•Address4(6bytes)Thiscontainsoneofthefiveaddressesusedin802.11
MACsublayercommunications,dependingonthevaluesoftheToDSandFrom
DSfields.Itisnotpresentincontrolandmanagementframesandsomedata
frames.
•FrameBody(0to2,312bytes)Thiscontainstheactualinformationbeing
transmittedtothereceivingstation.
•FrameCheckSequence(4bytes)Thiscontainsacyclicredundancycheck
(CRC)valueusedbythereceivingsystemtoverifythattheframewastransmitted
withouterrors.
Figure6-4TheIEEE802.11MACsublayerframeformat
ThefouraddressfieldsintheMACframeidentifydifferenttypesofsystems
dependingonthetypeofframebeingtransmittedanditsdestinationinrelationtotheDS.
Thefivedifferenttypesofaddressesareasfollows:
•Sourceaddress(SA)AnIEEEMACindividualaddressthatidentifiesthe
systemthatgeneratedtheinformationcarriedintheFrameBodyfield.
•Destinationaddress(DA)AnIEEEMACindividualorgroupaddressthat
identifiesthefinalrecipientofanMSDU.
•Transmitteraddress(TA)AnIEEEMACindividualaddressthatidentifies
thesystemthattransmittedtheinformationintheFrameBodyfieldonthecurrent
wirelessmedium(typicallyanAP).
•Receiveraddress(RA)AnIEEEMACindividualorgroupaddressthat
identifiestheimmediaterecipientoftheinformationintheFrameBodyfieldon
thecurrentwirelessmedium(typicallyanAP).
•BasicservicesetID(BSSID)AnIEEEMACaddressthatidentifiesa
particularBSS.Onaninfrastructurenetwork,theBSSIDistheMACaddressof
thestationfunctioningastheAPoftheBSS.Onanadhocnetwork(IBSS),the
BSSIDisarandomlygeneratedvaluegeneratedduringthecreationoftheIBSS.
MediaAccessControl
Aswithalldatalinklayerprotocolsthatuseasharednetworkmedium,themediaaccess
controlmechanismisoneoftheprotocol’sprimarydefiningelements.IEEE802.11
definestheuseofaMACmechanismcalledCarrierSenseMultipleAccesswithCollision
Avoidance(CSMA/CA),whichisavariationoftheCarrierSenseMultipleAccesswith
CollisionDetection(CSMA/CD)mechanismusedbyEthernet.
Thebasicfunctionalcharacteristicsofwirelessnetworkshaveaprofoundeffectonthe
MACmechanismstheycanuse.Forexample,theEthernetCSMA/CDmechanismandthe
token-passingmethodusedbyTokenRingandFDDInetworksbothrequireeverydevice
onthenetworktoreceiveeverytransmittedpacket.AnEthernetsystemthatdoesn’t
receiveeverypacketcan’tdetectcollisionsreliably.Inaddition,theEthernetcollision
detectionmechanismrequiresfull-duplexcommunications(becausetheindicationthata
collisionhasoccurredissimultaneoustransmitandreceivesignals),whichisimpractical
inawirelessenvironment.Ifatoken-passingsystemfailstoreceiveapacket,theproblem
isevenmoreseverebecausethepacketcannotthenbepassedontotherestofthe
network,andnetworkcommunicationstopsentirely.Oneofthecharacteristicsofthe
wirelessnetworksdefinedin802.11,however,isthatstationscanrepeatedlyenterand
leavetheBSSbecauseoftheirmobilityandthevagariesofthewirelessmedium.
Therefore,theMACmechanismonawirelessnetworkmustbeabletoaccommodatethis
behavior.
TheCSMApartoftheCSMA/CDmechanismisthesameasthatofanEthernet
network.Acomputerwithdatatotransmitlistenstothenetworkmediumand,ifitisfree,
beginstransmittingitsdata.lfthenetworkisbusy,thecomputerbacksoffforarandomly
selectedintervalandbeginsthelisteningprocessagain.AlsolikeEthernet,theCSMApart
oftheprocesscanresultincollisions.ThedifferenceinCSMA/CAisthatsystemsattempt
toavoidcollisionsinthefirstplacebyreservingbandwidthinadvance.Thisisdoneby
specifyingavalueintheDuration/IDfieldorusingspecializedcontrolmessagescalled
request-to-send(RTS)andclear-to-send(CTS).
Thecarriersensepartofthetransmissionprocessoccursontwolevels,thephysical
andthevirtual.Thephysicalcarriersensemechanismisspecifictothephysicallayer
mediumthenetworkisusingandisequivalenttothecarriersenseperformedbyEthernet
systems.Thevirtualcarriersensemechanism,calledanetworkallocationvector(NAV),
involvesthetransmissionofanRTSframebythesystemwithdatatotransmitanda
responsefromtheintendedrecipientintheformofaCTSframe.Bothoftheseframes
haveavalueintheDuration/IDfieldthatspecifiestheamountoftimeneededforthe
sendertotransmittheforthcomingdataframeandreceiveanacknowledgment(ACK)
frameinreturn.Thismessageexchangeessentiallyreservesthenetworkmediumforthe
lifeofthisparticulartransaction,whichiswherethecollisionavoidancepartofthe
mechanismcomesin.SinceboththeRTSandCTSmessagescontaintheDuration/ID
value,anyothersystemonthenetworkreceivingeitheroneofthetwoobservesthe
reservationandrefrainsfromtryingtotransmititsowndataduringthattimeinterval.This
way,astationthatiscapableofreceivingtransmissionsfromonecomputerbutnotthe
othercanstillobservetheCSMA/CAprocess.
Inaddition,theRTS/CTSexchangeenablesastationtomoreeasilydeterminewhether
communicationwiththeintendedrecipientispossible.IfthesenderofanRTSframefails
toreceiveaCTSframefromtherecipientinreturn,itretransmitstheRTSframe
repeatedlyuntilapreestablishedtimeoutisreached.RetransmittingthebriefRTSmessage
ismuchquickerthanretransmittinglargedataframes,whichshortenstheentireprocess.
Todetectcollisions,IEEE802.11usesapositiveacknowledgmentsystemattheMAC
sublayer.EachdataframethatastationtransmitsmustbefollowedbyanACKframe
fromtherecipient,whichisgeneratedafteraCRCcheckoftheincomingdata.Ifthe
frame’sCRCcheckfails,therecipientconsidersthepackettohavebeencorruptedbya
collision(orotherphenomenon)andsilentlydiscardsit.Thestationthattransmittedthe
originaldataframethenretransmitsitasmanytimesasneededtoreceiveanACK,uptoa
predeterminedlimit.NotethatthefailureofthesendertoreceiveanACKframecouldbe
becauseofthecorruptionornondeliveryoftheoriginaldataframeorthenondeliveryof
anACKframethattherecipientdidsendinreturn.The802.11protocoldoesnot
distinguishbetweenthetwo.
NOTEForadditionalinformationaboutcurrent802.11standards,see
Chapters12and24.
CHAPTER
7
WideAreaNetworks
Thephysicalanddatalinklayerprotocolsusedtobuildlocalareanetworks(LANs)are
quiteefficientoverrelativelyshortdistances.Evenforcampusconnectionsbetween
buildings,fiber-opticsolutionsenableyoutouseaLANprotocolsuchasEthernet
throughoutyourwholeinternetwork.However,whenyouwanttomakeaconnectionover
alongdistance,youmoveintoanentirelydifferentworldofdatacommunicationscalled
wideareanetworking.Awideareanetwork(WAN)isacommunicationslinkthatspansa
longdistanceandconnectstwoormoreLANs.
WANconnectionsmakeitpossibletoconnectnetworksindifferentcitiesorcountries,
enablinguserstoaccessresourcesatremotelocations.ManycompaniesuseWANlinks
betweenofficelocationstoexchangee-mail,groupware,anddatabaseinformation,or
evenjusttoaccessfilesandprintersonremoteservers.Banksandairlines,forexample,
useWANsbecausetheymustbeincontinualcommunicationwithalloftheirbranch
officestokeeptheirdatabasesupdated,butWANconnectionscanalsofunctiononamuch
smallerscale,suchasasystemthatperiodicallydialsintoaremotenetworktosendand
retrievethelateste-mailmessages.
Today,withtheincreaseduseofcloudtechnology,WANvisualizationand
optimizationarebecomingmorecommon.SeeChapter26formoreinformationabout
thesetwoareas.
AWANconnectionrequiresarouterorabridgeateachendtoprovidetheinterfaceto
theindividualLANs,asshowninFigure7-1.Thisreducestheamountoftrafficthat
passesacrossthelink.RemotelinkbridgesconnectLANsrunningthesamedatalinklayer
protocolatdifferentlocationsusingananalogordigitalWANlink.Thebridgesprevent
unnecessarytrafficfromtraversingthelinkbyfilteringpacketsaccordingtotheirdatalink
layerMACaddresses.However,bridgesdopassbroadcasttrafficacrosstheWANlink.
Dependingonthespeedoftheintendedlinkandapplications,thismaybeahugewasteof
bandwidth.It’spossibletomakeagoodcasethatusingremotelinkbridgestoconnect
networksattwositesistechnicallynotaWANbecauseyouareactuallyjoiningthetwo
sitesintoasinglenetwork,insteadcreatinganinternetwork.However,whetherthefinal
resultisanetworkoraninternetwork,thetechnologiesusedtojointhetwositesarethe
sameandarecommonlycalledWANlinks.
Figure7-1RoutersorbridgesconnectWANlinkstoLANs.
IftheWANlinkisintendedonlyforhighlyspecificuses,suchase-mailaccess,data
linklayerbridgescanbewastefulbecausetheyprovidelesscontroloverthetrafficthatis
permittedtopassoverthelink.Routers,ontheotherhand,keepthetwoLANscompletely
separate.Infact,theWANlinkisanetworkinitselfthatconnectsonlytwosystems,
namely,theroutersateachendoftheconnection.Routerspassnobroadcastsoverthe
WANlink(exceptinexceptionalcases,suchaswhenyouuseDHCPorBOOTPrelay
agents).Therefore,administratorscanexercisegreatercontroloverthetrafficpassing
betweentheLANs.Routersalsoenableyoutousedifferentdatalinklayerprotocolson
eachoftheLANsbecausetheyoperateatthenetworklayeroftheOpenSystems
Interconnection(OSI)model.
Whilebridgesarealwaysseparateunits,theroutersusedtoconnecttwonetworks
withaWANlinkcantaketheformofeitheracomputeroradedicatedhardwaredevice.
WhenaremoteuserconnectstoahostPCwithaconnectionandaccessesothersystems
onthenetwork,thehostPCisfunctioningasarouter.Mostsitesusededicatedrouters.
TherouterorbridgelocatedateachterminusoftheWANlinkisconnectedtothelocal
LANandtowhateverhardwareisusedtomakethephysicallayerconnectiontotheWAN.
IntroductiontoTelecommunications
Whenyouentertheworldofwideareanetworking,youexperienceamajorparadigmshift
fromthelocalareanetworkingworld.Whenyoudesign,build,andmaintainaLAN,you
areworkingwithequipmentthatyou(oryourorganization)ownsandcontrolscompletely.
Onceyoupayfortheequipmentitself,thenetworkanditsbandwidthareyourstodowith
asyouplease.WhenyouconnectnetworksusingWANlinks,however,youalmostnever
ownallofthetechnologyusedtomaketheconnections.Unlessyourorganizationhasthe
meanstorunitsownlong-distancefiber-opticcablesorlaunchitsownsatellite(andwe’re
talkingmillions,ifnotbillions,ofdollarsneededtodothisinmostcases),youhaveto
dealwithathird-partytelecommunicationsserviceproviderthatmakesitpossibleforyou
tosendyourdatasignalsoverlongdistances.
TheneedtorelyonanoutsideserviceproviderforWANcommunicationscan
enormouslycomplicatetheprocessofdesigning,installing,andmaintainingthenetwork.
LANtechniciansareoftentinkerersbytrade.Whenproblemswiththenetworkoccur,
theyhavetheirownproceduresforinvestigating,diagnosing,andresolvingthem,
knowingthatthecauseissomewherenearbyiftheycanonlyfindit.ProblemswithWAN
connectionscanconceivablybecausedbytheequipmentlocatedatoneoftheconnected
sites,butit’smorelikelyforthetroubletobesomewhereintheserviceprovider’snetwork
infrastructure.AheavyequipmentoperatorathousandmilesawayinAkron,Ohio,can
severatrunkcablewhilediggingatrench,causingyourWANlinktogodown.Solar
flaresonthesurfaceofthesun93millionmilesawaycandisturbsatellite
communications,causingyourWANlinktogodown.Ineithercase,thereisnothingyou
candoaboutitexceptcallyourserviceproviderandcomplain.Becauseofthisrelianceon
outsideparties,manynetworkadministratorsmaintainbackupWANlinksthatusea
differenttechnologyorserviceproviderforcriticalconnections.
Telecommunicationsisaseparatenetworkingdisciplineuntoitselfthatisatleastas
complicatedasdatanetworking,ifnotmoreso.(lfyouthinkthatlocalareanetworking
hasalotofcrypticacronyms,waituntilyoustartstudyingtelecommunications.)Alarge
organizationreliesatleastasmuchontelecommunicationstechnologyasonitsdata
networkingtechnology.lfthecomputernetworkgoesdown,peoplecomplainloudly;if
thephonesystemgoesdown,peoplequicklybegintopanic.Inmanylargeorganizations,
thepeoplewhomanagethetelecommunicationsinfrastructurearedifferentfromthose
whoadministerthedatanetwork.However,itisintheareaofWANcommunicationsthat
thesetwodisciplinescometogether.Itisn’tcommontofindtechnicalpeoplewhoare
equallyadeptatdatanetworkingandtelecommunications;mosttechnicianstendto
specializeinoneortheother.However,aLANadministratorhastoknowsomething
abouttelecommunicationsiftheorganizationhasofficesatmultiplelocationsthatareto
beconnectedusingWANs.
Alldatanetworkingisaboutbandwidth,ortheabilitytotransmitsignalsbetween
systemsatagivenrateofspeed.OnaLAN,whenyouwanttoincreasethebandwidth
availabletousers,youcanupgradetoafasterprotocoloraddnetworkconnection
componentssuchasbridges,switches,androuters.Aftertheinitialoutlayforthenew
equipmentanditsinstallation,thenetworkhasmorebandwidth,forever.Intheworldof
telecommunications,bandwidthcostsmoney,oftenlotsofit.Ifyouwanttoincreasethe
speedofaWANlinkbetweentwonetworks,notonlydoyouhavetopurchasenew
equipment,butyouprobablyalsohavetopayadditionalfeestoyourserviceprovider.
Dependingonthetechnologyyou’vechosenandyourserviceprovider,youmayhaveto
payafeetohavetheequipmentinstalled,afeetosetupthenewservice,andpermanent
monthlysubscriberfeesbasedontheamountofbandwidthyouwant.Combined,these
feescanbesubstantial,andthey’reongoing;youcontinuetopayaslongasyouusethe
service.
TheresultofthisexpenseisthatWANbandwidthisfarmoreexpensivethanLAN
bandwidth.Innearlyeverycase,yourLANswillrunatspeedsfarexceedingthoseofyour
WANconnections,asshowninTable7-1.
Table7-1LANsvs.WANs
WANUtilization
WANtechnologiesvaryinthewaythey’restructured,thewayyoupayforthem,andthe
wayyouusethem.Thecostsofspecifictechnologiesdependonyourlocation.
SelectingaWANTechnology
TheselectionofaWANconnectionforaspecificpurposeisgenerallyatrade-offbetween
speedandexpense.BecauseyourWANlinkswillalmostcertainlyrunmoreslowlythan
thenetworksthattheyconnect,andcostmoreaswell,it’simportanttodeterminejusthow
muchbandwidthyouneedandwhenyouneeditasyoudesignyournetwork.
ItusuallyisnotpracticaltouseaWANlinkinthesamewayyouwoulduseaLAN
connection.Youmighthavetolimittheamountoftrafficthatpassesoverthelinkinways
otherthanjustusingroutersateachend.Onewayistoschedulecertaintasksthatrequire
WANcommunicationstorunatoff-peakhours.Forexample,databasereplicationtasks
caneasilymonopolizeaWANlinkforextendedperiodsoftime,delayingnormaluser
activities.Manyapplicationsthatrequireperiodicdatareplication,includingdirectory
servicessuchasActiveDirectory,enableyoutospecifywhentheseactivitiesshouldtake
place.ActiveDirectory,forexample,enablesyoutosplityourinternetworkintounits
calledsitesandregulatethetimeandfrequencyofthereplicationthatoccursbetween
domaincontrollersatdifferentsites.
BeforeyouselectaWANtechnology,youshouldconsidertheapplicationsforwhich
itwillbeused.Differentfunctionsrequiredifferentamountsofbandwidthanddifferent
typesaswell.E-mail,forexample,notonlyrequiresrelativelylittlebandwidthbutalsois
intermittentinitstraffic.High-endapplications,suchasfull-motionvideo,notonly
requireenormousamountsofbandwidthbutalsorequirethatthebandwidthbe
continuouslyavailabletoavoiddropoutsinservice.Theneedsofmostorganizationsfall
somewherebetweenthesetwoextremes,butitisimportanttorememberthatthe
continuityofthebandwidthcansometimesbeasimportantasthetransmissionrate.
NOTEWhilethetransmissionratesshowninTable7-2indicatethemaximum
ratedthroughput,theseratesarenotusuallyreflectedinrealitybecauseof
avarietyofreasons.
Table7-2WANTechnologiesandTheirTransmissionRates
Table7-2listssomeofthetechnologiesusedforWANconnectionsandtheir
transmissionspeeds.Thesectionsfollowingthetableexaminesomeofthetechnologies
thataremostcommonlyusedforWANconnectivity.Thesetechnologies,foravarietyof
reasons,usuallydonotnecessarilyreflecttheactualthroughputrealizedbyapplications
usingthem.Intherealworld,thethroughputisgenerallylower.
PSTN(POTS)Connections
AWANconnectiondoesnotnecessarilyrequireamajorinvestmentinhardwareand
installationfees.Manynetworkconnectionsareformedusingapublicswitchedtelephone
network(PSTN)orplainoldtelephoneservice(POTS).Astandardasynchronousmodem
thatconnectstelephonelinestoconnectyourcomputertoanetwork(suchasthatofan
ISP)istechnicallyawidearealink,andforsomepurposes,thisisallthatisneeded.For
example,anemployeeworkingathomeorontheroadcandialintoaserverattheoffice
andconnecttotheLANtoaccesse-mailandothernetworkresources.Inthesameway,a
smallLANconnectionmaybesufficientforasmallbranchofficetoconnecttothe
corporateheadquartersforthesamepurposes.
Themaximumpossibleconnectionspeedis56Kbps(fordigital-to-analogtrafficonly;
analog-to-digitaltrafficislimitedto31.2Kbps).Analogmodemcommunicationsarealso
dependentonthequalityofthelinesinvolved.Manytelephonecompaniesstillcertify
theirlinesforvoicecommunicationsonly,anddonotperformrepairstoimprovethe
qualityofdataconnections.
Usingthesepubliccarrierlinesusuallycostsmuchlessthantryingtoestablisha
privateline.Whenusingpubliclines,manysharethecosts,andthelinesare,bytheir
nature,morereliablethantryingtocreateaprivateinfrastructure.Theissuesinvolvedin
anyWANarethesame:delaytime,qualityofthelink,andavailablebandwidth.The
largerthegeographicarea,themoretheseissuescomeintoplay.
Inmostcases,aLANtoWANconnectionusesacomputerasarouter,althoughmany
usestand-alonedevicesthatperformthesamefunction.Themostbasicarrangementuses
acomputer,tablet,orsmartphoneforremotenetworkaccess.Theremotecomputercanbe
runningane-mailclient,awebbrowser,oranotherapplicationdesignedtoaccessnetwork
resources,orsimplyaccessthefilesystemonthenetwork’sservers.Thissimple
arrangementisbestsuitedtouserswhowanttoconnecttotheirofficecomputerswhileat
homeortraveling.
Acomputercanalsohostmultipleconnections.WhenauserononeLANperformsan
operationthatrequiresaccesstotheotherLAN,theserverautomaticallydialsintoa
serverontheothernetwork,establishestheconnection,andbeginsroutingtraffic.When
thelinkremainsidleforapresettime,theconnectionterminates.Therearealsostandaloneroutersthatperforminthesameway,enablinguserstoconnecttoaremoteLANor
theInternetasneeded.ThisarrangementprovidesWANaccesstouserswithoutthem
havingtoestablishtheconnectionmanually.
Today,theworld’slargestWAN,theInternet,actuallyusesPSTNlinesformuchofits
infrastructure,sothistechnologywillnotsoonbeobsolete.Obviously,thechiefdrawback
tousingthePSTNforotherWANconnectionsisthelimitedbandwidth,butthelowcost
ofthehardwareandservicesrequiredmaketheseconnectionscompelling,andmany
networkadministratorsmakeuseofthemininterestingandcreativeways.Inearlierdialupconnections,somenetworksusedinversemultiplexingtocombinetwosmall
bandwidthchannelsintoalargerchannel.Inversemultiplexingistheprocessof
combiningbandwidthofmultipleconnectionsintoasingleconduit.Seethesections
“FrameRelay”and“ATM”formoreinformationabouthowinversemultiplexingisused
today.
LeasedLines
Aleasedlineisadedicated,permanentconnectionbetweentwositesthatrunsthroughthe
telephonenetwork.Thelineissaidtobededicatedbecausetheconnectionisactive24
hoursadayanddoesnotcompeteforbandwidthwithanyotherprocesses.Thelineis
permanentbecausetherearenotelephonenumbersordialinginvolvedintheconnection,
norisitpossibletoconnecttoadifferentlocationwithoutmodifyingthehardware
installation.WhilethisbookisnaturallymoreinterestedinleasedlinesasWAN
technologies,it’simportanttounderstandthattheyarealsoavitalelementofthevoice
telecommunicationsnetworkinfrastructure.Whenalargeorganizationinstallsitsown
privatebranchexchange(PBX)tohandleitstelephonetraffic,theswitchboardistypically
connectedtooneormoreT-llines,whicharesplitintoindividualchannelswithenough
bandwidthtohandleasinglevoice-gradeconnection(56to64Kbps).Eachofthese
channelsbecomesastandardvoice“telephoneline,”whichisallocatedbythePBXto
users’telephonesasneeded.
Youinstallaleasedlinebycontactingatelephoneserviceprovider,eitherlocalor
longdistance,andagreeingtoacontractthatspecifiesalinegrantingacertainamountof
bandwidthbetweentwolocations,foraspecifiedcost.Thepricetypicallyinvolvesan
installationfee,hardwarecosts,andamonthlysubscriptionfee,anditdependsonboththe
bandwidthofthelineandthedistancebetweenthetwositesbeingconnected.The
advantagesofaleasedlinearethattheconnectiondeliversthespecifiedbandwidthatall
timesandthatthelineisasinherentlysecureasanytelephonelinebecauseitisprivate.
Whiletheservicefunctionsasadedicatedlinebetweenthetwoconnectedsites,thereis
notreallyadedicatedphysicalconnection,suchasaseparatewirerunningtheentire
distance.Theserviceproviderinstallsadedicatedlinebetweeneachofthetwositesand
theprovider’snearestpointofpresence(POP),butfromthere,theconnectionusesthe
provider’sstandardswitchingfacilitiestomaketheconnection.Theproviderguarantees
thatitsfacilitiescanprovideaspecificbandwidthandqualityofservice.
FromtheLANside,thelineusuallyconnectstoarouterandontheWANside,ahub.
Thistypeofconnectioncanbecomeveryexpensiveovertime.Theperformanceofthe
serviceisbasedonthepercentageoferror-freesecondsperday,anditsavailabilityis
computedintermsofthetimethattheserviceisfunctioningatfullcapacityduringa
specificperiod,alsoexpressedasapercentage.Iftheproviderfailstomeettheguarantees
specifiedinthecontract,thecustomerreceivesafinancialremunerationintheformof
servicecredits.Aleased-linecontracttypicallyquantifiesthequalityofserviceusingtwo
criteria:serviceperformanceandavailability.
Leased-LineTypes
Leasedlinescanbeanalogordigital,butdigitallinesaremorecommon.Ananaloglineis
simplyanormaltelephonelinethatiscontinuouslyopen.WhenusedforaWAN
connection,modemsarerequiredatbothendstoconvertthedigitalsignalsofthedata
networktoanalogformfortransmissionandbacktodigitalattheotherend.Insome
cases,thelinemayhaveagreaterservicequalitythanastandardPSTNline.
Digitalleasedlinesaremorecommonbecausenoanalog-to-digitalconversionis
requiredfordatanetworkconnections,andthesignalqualityofadigitallineisusually
superiortothatofananalogline,whetherleasedordial-up.Digitalleasedlinesarebased
onahierarchyofdigitalsignal(D5)speedsusedtoclassifythespeedsofcarrierlinks.
Theselevelstakedifferentformsindifferentpartsoftheworld.InNorthAmerica,theD5
levelsareusedtocreatetheT-carrier(for“trunk-carrier”)service.Europeandmostofthe
restoftheworldusestheE-carrierservice,whichisstandardizedbythe
TelecommunicationssectoroftheInternationalTelecommunicationsUnion(ITU-T),
exceptforJapan,whichhasitsownJ-carrierservice.Eachoftheseservicesnamesthe
variouslevelsbyreplacingtheDSprefixwiththatoftheparticularcarrier.Forexample,
theDS-llevelisknownasaT-1inNorthAmerica,anE-1inEurope,andaJ-1inJapan.
TheonlyexceptiontothisistheDS-0level,whichrepresentsastandard64Kbps
voice-gradechannelandisknownbythisnamethroughouttheworld.Asyougobeyond
theDS-lservice,bandwidthlevelsrisesteeply,asdothecosts.InNorthAmerica,many
networksusemultipleT-1linesforbothvoiceanddata.T-3sareusedmainlybyISPsand
otherserviceproviderswithhigh-bandwidthneeds.SeeTable7-3foranexplanationof
thevarious“T”linesinNorthAmerica.
Table7-3“T”LineTypesinNorthAmerica
Whileit’spossibletoinstallaleasedlineusinganyoftheservicelevelslistedforyour
geographicallocation,youarenotlimitedtotheamountsofbandwidthprovidedbythese
services.Becausethebandwidthofeachserviceisbasedonmultiplesof64Kbps,youcan
splitadigitallinkintoindividual64Kbpschannelsanduseeachoneforvoiceordata
traffic.Serviceprovidersfrequentlytakeadvantageofthiscapabilitytoofferleasedlines
thatconsistofanynumberofthese64Kbpschannelsthatthesubscriberneeds,combined
intoasingledatapipe.ThisiscalledfractionalT-1service.
Leased-LineHardware
AT-llinerequirestwotwistedpairsofwires,andoriginallythelinewasconditioned,
meaningthatarepeaterwasinstalled3,000feetfromeachendpointandevery6,000feet
inbetween.Later,asignalingschemecalledhigh-bit-ratedigitalsubscriberline(HDSL)
madeitpossibletotransmitdigitalsignalsatT-lspeedsoverlongerdistanceswithoutthe
needforrepeatinghardware.
Thehardwarethatwasrequiredateachendofadigitalleasedlinewascalleda
channelserviceunit/dataserviceunit(CSU/DSU),whichwasactuallytwodevicesthat
areusuallycombinedintoasingleunit.TheCSUprovidedtheterminusforthedigitallink
andkepttheconnectionactiveevenwhentheconnectedbridge,router,privatebranch
exchange(PBX),orotherdevicewasn’tactuallyusingit.TheCSUalsoprovidedtesting
anddiagnosticfunctionsfortheline.TheDSUwasthedevicethatconvertsthesignalsit
receivedfromthebridge,router,orPBXtothebipolardigitalsignalscarriedbytheline.
Inappearance,aCSU/DSUlookedsomethinglikeamodem,andasaresult,theywere
sometimesincorrectlycalleddigitalmodems.(Sinceamodem,bydefinition,isadevice
thatconvertsbetweenanaloganddigitalsignals,thetermdigitalmodemwasactually
somethingofanoxymoron.However,justaboutanydeviceusedtoconnectacomputeror
networktoatelephoneorInternetservicehasbeenincorrectlycalledamodem,including
ISDNandcablenetworkequipment.)
TheCSU/DSUwasconnectedtotheleasedlineononesideusinganRJconnectorand
toadevice(ordevices)ontheothersidethatprovidedtheinterfacetothelocalnetwork
(seeFigure7-2),usingaV.35orRS-232connector.Thisinterfacecanbeabridgeora
routerfordatanetworkingoraPBXforvoiceservices.Thelinecanbeeither
unchanneled,meaningthatitisusedasasingledatapipe,orchanneled,meaningthata
multiplexorislocatedinbetweentheCSU/DSUandtheinterfacetobreakupthelineinto
separatechannelsformultipleuses.
Figure7-2TheCSU/DSUprovidestheinterfacebetweenaLANandaleasedline.
Digitalleasedlinesusetimedivisionmultiplexing(TDM)tocreatetheindividual
channelsinwhichtheentiredatastreamisdividedintotimesegmentsthatareallocatedto
eachchannelinturn.Eachtimedivisionisdedicatedtoaparticularchannel,whetheritis
usedornot.Thus,whenoneofthe64KbpsvoicelinesthatarepartofaT-1wasidle,that
bandwidthwaswasted,nomatterhowbusytheotherchannelswere.
Leased-LineApplications
T-1sandotherleasedlinesareusedformanydifferentpurposes.T-1sarecommonlyused
toprovidetelephoneservicestolargeorganizations.OntheWANfront,organizations
withofficesinseverallocationscanuseleasedlinestobuildaprivatenetworkforboth
voiceanddatatraffic.Withsuchanetworkinplace,userscanaccessnetworkresourcesin
anyofthesitesatwill,andtelephonecallscanbetransferredtousersinthedifferent
offices.Theproblemwithbuildinganetworkinthismanneristhatitrequiresatruemesh
topologyofleasedlines—thatis,aseparateleasedlineconnectingeachofficetoevery
otheroffice—tobereliable.Anorganizationwithfoursites,forexample,wouldneedsix
leasedlines,asshowninFigure7-3,andeightsiteswouldrequiretwenty-eightleased
lines!Itwouldbepossibleforthesitestobeconnectedinseries,usingsevenlinksto
connecteightsites,butthenthefailureofanyonelinkorrouterwouldsplitthenetworkin
two.
Figure7-3AprivateWANthatusesleasedlinesrequiresaseparateconnectionbetweeneverytwosites.
Today,mostorganizationsusealessexpensivetechnologytocreateWANlinks
betweentheirvariousoffices.Onealternativetoaprivatenetworkwouldbetouseleased
linesateachsitetoconnecttoapubliccarriernetworkusingatechnologysuchasframe
relayorATMtoprovidetherequiredbandwidth.Eachsitewouldrequireonlyasingle,
relativelyshort-distanceleasedlinetoalocalserviceprovider,insteadofaseparatelineto
eachsite.Formoreinformationonthisalternative,see“Packet-SwitchingServices”later
inthischapter.ThemostcommonapplicationforT-1linesinWANstoday,however,isto
usethemtoconnectaprivatenetworktoanISPinordertoprovideInternetaccesstoits
usersandtohostInternetservices,suchaswebande-mailservers.
T-1sarewell-suitedforprovidingInternetaccesstocorporatenetworksbecause
servicessuchase-mailhavetobeconnectedaroundtheclock.ISPsalsousuallyhavea
localpointofpresence,sotheleasedlinedoesnothavetospanatremendouslylong
distanceandisnottooterriblyexpensive.AsingleT-1connectiontotheInternetcanserve
theneedsofhundredsofaverageuserssimultaneously.
ISDN
Integratedservicedigitalnetwork(ISDN)anddigitalsubscriberline(DSL)areboth
servicesthatutilizetheexistingcopperPOTScableataninstallationtocarrydataatmuch
highertransmissionrates.Inbothcases,thesitemustberelativelyclosetothetelephone
company’snearestpointofpresence(POP),alocationcontainingtelephoneswitching
equipment.BasicrateISDN,forexample,requiresalocationnofartherthan18,000feet
(3.4miles)fromthePOP;DSLdistancesvarywiththedatarate.ISDNandDSLare
sometimescalledlast-miletechnologiesbecausetheyaredesignedtogetdatafromthe
usersitetothePOPathighspeed.
ThecoppercablerunningfromthePOPtotheindividualusersiteistraditionallythe
weakestlinkinthephonesystem.OnceasignalreachesthePOP,itmovesthroughthe
telephonecompany’sswitchesathighspeed.Byeliminatingthebottlenecksatbothends
ofthelink,trafficcanmaintainthatspeedfromendtoend.Whilethesetechnologieshave
beenmarketedintheUnitedStatesprimarilyasInternetconnectivitysolutionsforhome
users,theybothareusableforoffice-to-officeWANconnections.
ISDNwasadigitalpoint-to-pointtelephonesystemthathadbeenaroundformany
yearsbutthatwasnotadoptedaswidelyintheUnitedStatesasitsproponentshadhoped.
Originally,ISDNwasdesignedtocompletelyreplacethecurrentphonesystemwithalldigitalservice,butitthenbecamepositionedasanalternativetechnologyforhomeusers
whorequiredhigh-bandwidthnetworkconnectionsandforlinksbetweenbusiness
networks.Inthiscountry,ISDNtechnologygarneredareputationforbeingoverly
complicated,difficulttoinstall,andnotparticularlyreliable,andtosomeextent,this
reputationwasjustified.Atonetime,inquiriestomostlocalphonecompaniesaboutISDN
servicewouldbemetonlywithpuzzlement,andhorrorstoriesfromconsumersabout
installationdifficultieswerecommon.
ISDNwasadigitalservicethatprovidedagooddealmorebandwidththanstandard
telephoneservice,butunlikealeasedline,itwasnotpermanent.ISDNdevicesdialeda
numbertoestablishaconnection,likeastandardtelephone,meaningthatusersconnected
todifferentsitesasneeded.Forthisreason,ISDNwasknownasacircuit-switching
servicebecauseitcreatedatemporarypoint-to-pointcircuitbetweentwosites.Forthe
homeorbusinessuserconnectingtotheInternet,thismeanttheycouldchangeISPs
withoutanymodificationstotheISDNservicebythetelephonecompany.For
organizationsusingISDNforWANconnectionsbetweenoffices,thismeanttheycould
connecttodifferentofficenetworkswhentheyneededaccesstotheirresources.
ISDNServices
TherearetwomaintypesofISDNservice,whicharebasedonunitsofbandwidthcalledB
channels,runningat64Kbps,andDchannels,runningat16or64Kbps.Bchannelscarry
voiceanddatatraffic,andDchannelscarrycontroltrafficonly.Theservicetypesareas
follows:
•BasicRateInterface(BRI)Alsocalled2B+D,becauseitconsistsoftwo64
KbpsBchannelsandone16KbpsDchannel.BRIwastargetedprimarilyathome
usersforconnectionstobusinessnetworksortheInternet.
•PrimaryRateInterface(PRI)Consistsofupto23Bchannelsandone64
KbpsDchannel,foratotalbandwidthequivalenttoaT-1leasedline.PR1was
aimedmoreatthebusinesscommunity,asanalternativetoleasedlinesthat
providedthesamebandwidthandsignalqualitywithgreaterflexibility.
OneoftheprimaryadvantagesofISDNwastheabilitytocombinethebandwidthof
multiplechannelsasneeded,usinginversemultiplexing.EachBchannelhasitsown
separateten-digitnumber.Forthehomeuser,oneoftheBchannelsoftheBRIservice
carriedvoicetrafficwhiletheotherBchannelwasusedfordata,orbothBchannelscould
becombinedtoformasingle128KbpsconnectiontotheInternetortoaprivatenetwork.
ThePR1servicecombinesanynumberoftheBchannelsinanycombinationtoform
connectionsofvariousbandwidths.Inaddition,theISDNservicesupportsbandwidth-ondemand,whichcansupplementaconnectionwithadditionalBchannelstosupporta
temporaryincreaseinbandwidthrequirements.Dependingontheequipmentused,it’s
possibletoaddbandwidthaccordingtoapredeterminedscheduleofusageneedsorto
dynamicallyaugmentaconnectionwhenthetrafficrisesaboveaparticularlevel.For
bandwidthneedsthatfluctuated,anISDNconnectionwasoftenfarmoreeconomicalthan
aleasedlinebecauseyoupayonlyforthechannelsthatarecurrentlyinuse.Withaleased
line,youmustpaywhetherit’sbeingusedornot.
ISDNCommunications
TheISDNBchannelscarryusertrafficonly,whetherintheformofvoiceordata.TheD
channelisresponsibleforcarryingallofthecontroltrafficneededtoestablishand
terminateconnectionsbetweensites.Thetrafficonthesechannelsconsistsofprotocols
thatspanthebottomthreelayersoftheDSTreferencemodel.Thephysicallayer
establishesacircuit-switchedconnectionbetweentheuserequipmentandthetelephone
company’sswitchingofficethatoperatesat64Kbpsandalsoprovidesdiagnostic
functionssuchasloopbacktestingandsignalmonitoring.Thislayerisalsoresponsiblefor
themultiplexingthatenablesdevicestosharethesamechannel.
Atthedatalinklayer,bridgesandPBXsusinganISDNconnectionemploytheLink
AccessProcedureforDChannel(LAPD)protocol,asdefinedbytheInternational
TelecommunicationsUnion(ITU-T)documentsQ.920throughQ.923,toprovideframerelayandframe-switchingservices.Thisprotocol(whichissimilartotheLAP-Bprotocol
usedbyX.25)usestheaddressinformationprovidedbytheISDNequipmenttocreate
virtualpathsthroughtheswitchingfabricofthetelephonecompany’snetworktothe
intendeddestination.Theendresultisaprivatenetworkconnectionmuchlikethatofa
leasedline.
Thenetworklayerisresponsiblefortheestablishment,maintenance,andtermination
ofconnectionsbetweenISDNdevices.Unlikeleasedlinesandsimilartechnologies,which
maintainapermanentlyopenconnection,ISDNmustuseahandshakeprocedureto
establishaconnectionbetweentwopoints.TheprocessofestablishinganISDN
connectioninvolvesmessagesexchangedbetweenthreeentities:thecaller,theswitch(at
thePOP),andthereceiver.Asusual,networklayermessagesareencapsulatedwithindata
linklayerprotocolframes.Theconnectionprocedureisasfollows:
1.ThecallertransmitsaSETUPmessagetotheswitch.
2.lftheSETUPmessageisacceptable,theswitchreturnsaCALLPROC(call
proceeding)messagetothecallerandforwardstheSETUPmessagetothe
receiver.
3.IfthereceiveracceptstheSETUPmessage,itringsthephone(eitherliterally
orfiguratively)andsendsanALERTINGmessagebacktotheswitch,which
forwardsittothecaller.
4.Whenthereceiveranswersthecall(again,eitherliterallyorfiguratively),it
sendsaCONNECTmessagetotheswitch,whichforwardsittothecaller.
5.ThecallerthensendsaCONNECTACK(connectionacknowledgment)
messagetotheswitch,whichforwardsittothereceiver.Theconnectionisnow
established.
ISDNHardware
ISDNdoesnotrequireanymodificationstothestandardcopperPOTSwiring.Aslongas
yoursiteiswithin18,000feetofaPOP,youcanconvertanexistingtelephonelineto
ISDNjustbyaddingtheappropriatehardwareateachend.Thetelephonecompanyuses
specialdata-encodingschemes(called2BIQinNorthAmericaand4B3TinEurope)to
providehigherdatatransmissionratesoverthestandardcable.AllISDNinstallations
neededadevicecalledaNetworkTermination1(NT1)connectedtothetelephonelineat
eachend.TheservicefromthetelephonecompanyprovideswhatisknownasaU
interfaceoperatingoveronetwistedpairofwires.TheNT1connectstotheUinterface
andconvertsthesignalstothefour-wireS/TinterfaceusedbyISDNterminalequipment
(thatis,thedevicesthatusetheconnection).
DevicesthatconnectdirectlytotheS/Tinterface,suchasISDNtelephonesandISDN
faxmachines,werereferredtoasterminalequipment1(TE1).Devicesthatwerenot
ISDNcapable,suchasstandardanalogphonesandfaxmachines,aswellascomputers,
werecalledterminalequipment2(TE2).ToconnectaTE2devicetotheS/Tinterface,
youneededaninterveningterminaladapter(TA).Youcouldconnectuptosevendevices
toanNT1,bothTE1andTE2.
InNorthAmerica,itwasuptotheconsumertoprovidetheNT1,whichwasavailable
inseveralformsasacommercialproduct.InEuropeandJapan,whereISDNwasmuch
moreprevalent,theNT1wasownedandprovidedbythetelephonecompany;usersonly
neededtoprovidetheterminalequipment.FortheBRIservice,aseparateNT1isrequired
ifyouaregoingtousemorethanonetypeofterminalequipment,suchasaterminal
adapterforacomputerandanISDNtelephone.Iftheservicewasgoingtobeusedonly
fordatanetworking,aswasoftenthecaseintheUnitedStates,thereweresingledevices
availablethatcombinedtheNT1withaterminaladapter.Thesecombinationdevicesoften
tooktheformofanexpansioncardforaPC,oraseparatedevice.Onceagain,theunits
thatareoftencalledISDNmodemsweretechnicallynotmodemsatallbecausetheydid
notconvertsignalsbetweenanaloganddigitalformats.
DSL
Adigitalsubscriberline(DSL)isacollectivetermforagroupofrelatedtechnologiesthat
provideaWANservicethatissomewhatsimilartoISDNbutatmuchhigherspeeds.Like
ISDN,DSLusesstandardPOTSwiringtotransmitdatafromausersitetoatelephone
companyPOPusingaprivatepoint-to-pointconnection.Fromthere,signalstravel
throughthetelephonecompany’sstandardswitchingequipmenttoanotherDSL
connectionatthedestination.AlsolikeISDN,thedistancebetweenthesiteandthePOPis
limited;thefasterthetransmissionrate,theshortertheoperabledistance.
ThetransmissionratesforDSLservicesvarygreatly,andmanyoftheservices
functionasymmetrically,meaningtheyhavedifferentuploadanddownloadspeeds.This
speedvarianceoccursbecausethebundleofwiresatthePOPismoresusceptibletoatype
ofinterferencecallednear-endcrosstalkwhendataisarrivingfromtheusersitethan
whenitisbeingtransmittedouttotheusersite.Theincreasedsignallossrateresulting
fromthecrosstalkrequiresthatthetransmissionratebelowerwhentravelinginthat
direction.
Standardtelephonecommunicationsuseonlyasmallamountofthebandwidth
providedbythePOTScable.DSLworksbyutilizingfrequenciesabovethestandard
telephonebandwidth(300to3,200Hz)andbyusingadvancedsignalencodingmethodsto
transmitdataathigherratesofspeed.SomeoftheDSLservicesuseonlyfrequenciesthat
areoutoftherangeofstandardvoicecommunications,whichmakesitpossibleforthe
linetobeusedfornormalvoicetrafficwhileitiscarryingdigitaldata.
DSLisstillthemostcommonInternetaccesssolution.However,thehigher-speed
serviceslikehigh-bit-ratedigitalsubscriberline(HDSL)havebeendeployedheavilyby
localtelephonecarriers.Asymmetricaloperationisnotmuchofaproblemforservices
suchasasymmetricaldigitalsubscriberline(ADSL),whichwereusedforInternetaccess,
becausetheaverageInternetusersdownloadfarmoredatathantheyupload.ForWAN
connections,however,symmetricalserviceslikeHDSLarestandardforsometime.DSL
differsfromISDNinthatitusespermanentconnections;ithasdial-upservice,no
numbersassignedtotheconnections,andnosession-establishmentprocedures.The
connectioniscontinuouslyactiveandprivate,muchlikethatofaleasedline.
AsanInternetaccesssolution,DSLgrewquicklybecauseofitsrelativelylowprices
andhightransmissionratesandhasallbuteclipsedISDNinthismarket.DSLandcable
connectionsarenowthetwobiggestcompetingtechnologiesintheend-user,high-speed
Internetconnectionmarket.
ThevariousDSLserviceshaveabbreviationswithdifferentfirstletters,whichiswhy
thetechnologyissometimescalledXDSL,withtheXactingasaplaceholder.Table7-4
showstheseservicesandtheirproperties.
Table7-4DSLTypesandProperties
ThehardwarerequiredforaDSLconnectionisastandardPOTSlineandaDSL
“modem”atbothendsofthelink.Forservicesthatprovidesimultaneousvoiceanddata
traffic,aPOTSsplitterisneededtoseparatethelowerfrequenciesusedbyvoicetraffic
fromthehigherfrequenciesusedbytheDSLservice.Inaddition,thetelephoneline
cannotuseloadingcoils,inductorsthatextendtherangeofthePOTSlineattheexpense
ofthehigherfrequenciesthatDSLusestotransmitdata.AsshowninTable7-4,mostDSL
connectionsareasymmetrical,althoughtherearesomesymmetricalvariationsthatdeliver
thesamespeedbothuploadinganddownloading.
AstelephonecompanieshaveupgradedtheirT1andT3linestofiber-opticlines,so
haveDSLspeedsincreased.However,dataratestilldependsonthedistancetothecentral
telephoneoffice.And,inmanycases,linenoiseisafactorthatreduceslinespeed.
NOTEAscabletelevisionhasgrown,sohaveitsservices.Manycable
companiesnowofferhigh-speedInternetaccessinadditiontotelevision
andVoiceoverInternetProtocol(VoIP)services.SeeChapter23for
moreinformationaboutVoIPandcableconnections.
SwitchingServices
EachWANinvolvesmovinginformationthroughuptothousandsofindividualnetworks.
Thishappensbywayofseveralswitching(routing)technologies.Switchingentails
movingdata,includinge-mails,largedocuments,andallofthemyriadtypesof
informationbeingtransmittedthroughouttheworld.Eachitemissentinintermediate
steps,ratherthaninformationfollowingadirectlinefromtheoriginationpointtothe
destination.
Packet-SwitchingServices
Eachmessageisbrokendownintosmallpacketstobesentthroughthenetwork.Apacketswitchingservicetransmitsdatabetweentwopointsbyroutingpacketsthroughthe
switchingnetworkownedbyacarriersuchasAT&T,Sprint,oranothertelephone
company.Theendresultisahigh-bandwidthconnectionsimilarinperformancetoa
leasedline,buttheadvantageofthistypeofserviceisthatasingleWANconnectionata
networksitecanprovideaccesstomultipleremotesitessimplybyusingdifferentroutes
throughthenetwork.Today,packet-switchingnetworkstransmiteverythingfromavoice
telephonecalltodigitaltelevisionreception.
Thepacket-switchingserviceconsistsofanetworkofhigh-speedconnectionsthatis
sometimesreferredtoasthecloud.Oncedataarrivesatthecloud,theservicecanrouteit
toaspecificdestinationathighspeeds.Itisuptotheconsumerstogettheirdatatothe
nearestPOPconnectedtothecloud,afterwhichallswitchingisperformedbythecarrier.
Therefore,anorganizationsettingupWANconnectionsbetweenremotesitesinstallsa
linktoanedgeswitchatalocalPOPusingwhatevertechnologyprovidessuitable
performance.Thislocallinkcantaketheformofaleasedline,ISDN,orDSL.
Oncethedataarrivesattheedgeswitch,itistransmittedthroughthecloudtoanedge
switchatanotherPOP,whereitisroutedtoaprivatelinkconnectingthecloudtothe
destinationsite(seeFigure7-4).
Figure7-4Packet-switchingnetworksuseanetworkcloudtoroutedatabetweenremotesites.
Forexample,anorganizationwitheightofficesscatteredaroundthecountrywould
need28leasedlinestointerconnectallofthesites,someofwhichmayhavetospanlong
distances.Inthisarrangement,theorganizationdoesallofitsownswitching.Usinga
packet-switchingserviceinsteadrequiresoneleasedlineconnectingeachsitetothe
service’slocalPOP.Eightleasedlinesarefarcheaperthan28,especiallywhentheyspan
relativelyshortdistances.Togetthedatawhereit’sgoing,thecarrierprogramsvirtual
circuits(VCs)fromthePOPusedbyeachsitetoeachofthesevenotherPOPs.Thus,
therearestill28routesconnectingeachlocationtoeveryotherlocation,buttheservice
maintainsthem,andtheclientpaysonlyforthebandwidthused.
Unlikealeasedline,however,apacket-switchingservicesharesitsnetworkamong
manyusers.Thelinkbetweentwositesisnotpermanentlyassignedaspecificbandwidth.
Insomeinstances,thiscanbeadrawback,becauseyourlinksarecompetingwiththoseof
otherclientsforthesamebandwidth.However,youcannowcontractforaspecific
bandwidthoveraframe-relaynetwork,andATMisbuiltaroundaqualityofservice(QoS)
featurethatallocatesbandwidthforcertaintypesoftraffic.Inaddition,thesetechnologies
enableyoutoalterthebandwidthallottedtoyourlinks.Unlikealeasedlinewitha
specificbandwidththatyoucan’texceedandthatyoupayforwhetheryou’reusingitor
not,youcontractwithapacket-switchingservicetoprovideacertainamountof
bandwidth,whichyoucanexceedduringperiodsofheavytraffic(possiblywithan
additionalcharge)andwhichyoucanincreaseasyournetworkgrows.
Asthepacket-switchingnetworkbecomesmorecrowded,theentirenetworkslows
down.Thinkaboutahighwaysystem.Themorecarsusingthehighway,themoretraffic
slows.Sincethismediumoftransportationisshared,thereisnoguaranteeforthetimeof
arrivalatthepacket’sdestination.Eachpacketmayuseadifferentcircuit,andthemessage
isnotconnecteduntilitarrivesatitsdestination.
Circuit-SwitchingServices
Thisserviceisatemporaryconnection,suchasISDNoradial-upconnection.Becausethe
connectionisdedicated,informationcanbetransmittedrapidly.However,unlessthe
bandwidthisbeingused,thatbandwidthiswasted.Today,narrowbandISDNand
switchedT1connectionsstillusecircuit-switchedtechnologies.
FrameRelay
Frame-relaynetworksprovidethehigh-speedtransmissionofleasedlineswithgreater
flexibilityandlowercosts.Frame-relayserviceoperatesatthedatalinklayeroftheOSI
referencemodelandrunsatbandwidthsfrom56Kbpsto44.736Mbps(T-3speed).You
negotiateacommittedinformationrate(CIR)withacarrierthatguaranteesyouaspecific
amountofbandwidth,eventhoughyouaresharingthenetworkmediumwithotherusers.
ItispossibletoexceedtheCIR,however,duringperiodsofheavyuse,calledbursts.A
burstcanbeamomentaryincreaseintrafficoratemporaryincreaseoflongerduration.
Usually,burstsuptoacertainbandwidthordurationcarrynoextracharge,buteventually,
additionalchargeswillaccrue.
Thecontractwiththeserviceprovideralsoincludesacommittedburstinformation
rate(CBIR),whichspecifiesthemaximumbandwidththatisguaranteedtobeavailable
duringbursts.IfyouexceedtheCBIR,thereisachancethatdatawillbelost.The
additionalbandwidthprovidedduringaburstmaybe“borrowed”fromyourothervirtual
circuitsthataren’toperatingatfullcapacityorevenfromotherclients’circuits.Oneofthe
primaryadvantagesofframerelayisthatthecarriercandynamicallyallocatebandwidth
toitsclientconnectionsasneeded.Inmanycases,itistheleasedlinetothecarrier’s
nearestPOPthatisthefactorlimitingbandwidth.
Frame-RelayHardware
Eachsiteconnectedtoaframe-relaycloudmusthaveaframe-relayaccessdevice
(FRAD),whichfunctionsastheinterfacebetweenthelocalnetworkandtheleasedline
(orotherconnection)tothecloud(seeFigure7-5).TheFRADissomethinglikearouter,
inthatitoperatesatthenetworklayer.TheFRADacceptspacketsfromtheLANthatare
destinedforothernetworks,stripsoffthedatalinklayerprotocolheader,andpackagesthe
datagramsinframesfortransmissionthroughthecloud.Inthesameway,theFRAD
processesframesarrivingthroughthecloudandpackagesthemfortransmissionoverthe
LAN.ThedifferencebetweenaFRADandastandardrouter,however,isthattheFRAD
takesnopartintheroutingofpacketsthroughthecloud;itsimplyforwardsallthepackets
fromtheLANtotheedgeswitchatthecarrier’sPOP.
Figure7-5Frame-relayconnectionsuseaFRADtoconnectaLANtothecloud.
Theonlyotherhardwareelementinvolvedinaframe-relayinstallationisthe
connectiontothenearestPOP.Inframerelay,theleasedlineisthemostcommonlyused
typeofconnection.Whenselectingacarrier,itisimportanttoconsiderthelocationsof
theirPOPsinrelationtothesitesyouwanttoconnectbecausethecostoftheleasedlines
(whichisnotusuallyincludedintheframe-relaycontract)dependsontheirlength.The
largelong-distancecarriersusuallyhavethemostPOPS,scatteredoverthewidestareas,
butitisalsopossibletousedifferentcarriersforyoursitesandcreateframe-relaylinks
betweenthem.
Wheninstallingleasedlines,itisimportanttotakeintoaccountthenumberofvirtual
circuitsthatwillrunfromtheFRADtoyourvarioussites.Unliketheprivatenetwork
composedofseparateleasedlinestoeverysite,thesingleleased-lineconnectionbetween
theFRADandthecarrier’sedgeserverwillcarryalloftheWANdatatoandfromthe
localnetwork.MultipleVCswillberunningfromtheedgeserverthroughthecloudtothe
othersites,andtheleasedlinefromtheFRADwillessentiallymultiplexthetrafficfrom
allofthoseVCstotheLAN,asshowninFigure7-6.Thus,ifyouareconnectingeight
remotesitestogetherwithframe-relayWANlinks,theleasedlineateachlocationshould
becapableofhandlingthecombinedbandwidthofallsevenVCstotheotherlocations.
Figure7-6TheconnectionfromtheFRADtothecloudcarriesdataforallofthevirtualcircuits.
Inmostcases,theactualtrafficmovingacrossaWANlinkdoesnotutilizeallofthe
bandwidthallottedtoitatalltimes.Therefore,itmaybepossibletocreateaserviceable
WANbycontractingforVCsthathaveT-lspeedsbetweenalleightofficesandusingT-l
leasedlinestoconnectallofthesitestothecloud.Beaware,however,thattheleasedlines
aretheonlyelementsoftheWANthatarenotflexibleintheirbandwidth.lfyoufindthat
yourWANtrafficexceedsthecapacityoftheleasedline,theonlyrecourseistoaugment
itsbandwidthbyinstallinganotherconnection.Thisdoesnotnecessarilymeaninstalling
anotherT-1,however.YoucanaugmentthebandwidthconnectingtheFRADtotheedge
serverbyaddingafractionalT-1orevenadial-upconnectionthatactivatesduringperiods
ofhightraffic.
VirtualCircuits
Thevirtualcircuitsthatarethebasisforframe-relaycommunicationscomeintwotypes:
permanentvirtualcircuits(PVCs)andswitchedvirtualcircuits(SVCs).PVCsareroutes
throughthecarrier’scloudthatareusedfortheWANconnectionsbetweenclientsites.
Unlikestandardinternetworkrouting,PVCsarenotdynamic.Theframe-relaycarrier
createsaroutethroughitscloudforaconnectionbetweensites,assignsitaunique10-bit
numbercalledadatalinkconnectionidentifier(DLCI),andprogramsitintoitsswitches.
ProgrammingaFRADconsistsofprovidingitwiththeDLCIsforallofthePVCSleading
tootherFRADS.DLCIsarelocallysignificantonly;eachFRADhasitsownDLCIfora
particularvirtualcircuit.Framespassingbetweentwositesalwaystakethesameroute
throughthecloudandusetheDLCIasadatalinklayeraddress.Thisisoneofthereasons
whyframerelayissofast;thereisnoneedtodynamicallyroutethepacketsthroughthe
cloudorestablishanewconnectionbeforetransmittingdata.
EachPVCcanhaveitsownCIRandCBIR,anddespitethedescriptionoftheVCas
permanent,thecarriercanmodifytheroutewithinamatterofhoursifoneofthesites
moves.ItisalsopossibletohavethecarriercreateaPVCfortemporaryuse,suchasfora
meetinginwhichaspecialvideoconferencingsessionisrequired.Althoughitwas
originallycreatedfordatatransfers,youcanalsouseframerelaytocarryothertypesof
traffic,suchasvoiceorvideo.Tosetupavoicecalloravideoconferencebetweentwo
sites,therehastobeavirtualcircuitbetweenthem.Thisiseasyifthecommunicationsare
betweentwoofanorganization’sownsites,whicharealreadyconnectedbyaPVC;but
conferencingwithaclientorotheroutsideuserrequiresacalltothecarriertosetupanew
PVC.
Frame-RelayMessaging
Framerelayusestwoprotocolsatthedatalinklayer:LAPDforcontroltrafficandLink
AccessProcedureforFrame-modeBearerServices(LAPF)forthetransferofuserdata.
TheLAPDprotocol,thesameoneusedbyISDN(ITL-TQ921),isusedtoestablishVCs
andprepareforthetransmissionofdata.LAPFisusedtocarrydataandforother
processes,suchasmultiplexinganddemultiplexing,errordetection,andflowcontrol.
Figure7-7showstheformatoftheframeusedtocarrydataacrossaframe-relay
cloud.Thefunctionsofthefieldsareasfollows:
•Flag,1byteContainsthebinaryvalue01111110(or7Einhexadecimal
form)thatservesasadelimiterfortheframe.
•LinkInfo,2bytesContainstheframe’saddressandcontrolfields,as
follows:
•UpperDLCI,6bitsContainsthefirst6bitsofthe10-bitDLCI
identifyingthevirtualcircuitthattheframewillusetoreachitsdestination.
•Command/Response(C/R),1bitUndefined.
•ExtendedAddress(EA),1bitIndicateswhetherthecurrentbyte
containsthelastbitoftheDLCI.TheeighthbitofeverybyteintheLinkInfo
fieldisanEAbit.Whentheframesusestandard10-bitDLCIs,thevalueof
thisbitwillalwaysbe0.
•LowerDLCI,4bitsContainsthelast4bitsofthe10-bitDLCI
identifyingthevirtualcircuitthattheframewillusetoreachitsdestination.
•ForwardExplicitCongestionNotification(FECN),1bitIndicatesthat
networkcongestionwasencounteredinthedirectionfromsourceto
destination.
•BackwardExplicitCongestionNotification(BECN),1bitIndicates
thatnetworkcongestionwasencounteredinthedirectionfromdestinationto
source.
•DiscardEligibility(DE),1bitIndicatesthataframeisoflesser
importancethantheotherframesbeingtransmittedandthatitcanbediscarded
intheeventofnetworkcongestion.
•ExtendedAddress(EA),1bitIndicateswhetherthecurrentbyte
containsthelastbitoftheDLCI.Whentheframesusestandard10-bitDLCIs,
thevalueofthisbitwillalwaysbel.TheEAfieldisintendedtosupportthe
futureexpansionofframe-relaycloudsinwhichDLCIslongerthan10bitsare
needed.
•Information,variableContainsaprotocoldataunit(PDU)generatedbya
networklayerprotocol,suchasanIPdatagram.Theframe-relayprotocolsdonot
modifythecontentsofthisfieldinanyway.
•FrameCheckSequence(FCS),2bytesContainsavaluecomputedbythe
sourceFRADthatischeckedateachswitchduringtheframe’sjourneythrough
thecloud.Framesinwhichthisvaluedoesnotmatchthenewlycomputedvalue
aresilentlydiscarded.Detectionofthemissingframeandretransmissionareleft
totheupper-layerprotocolsattheendsystems.
•Flag,1byteContainsthebinaryvalue01111110(or7Einhexadecimal
form)thatservesasadelimiterfortheframe.
Figure7-7Theframe-relayframeformat
ATM
AsynchronousTransferMode(ATM)haslongbeentheholygrailofthenetworking
industry.Onceknownastheultimatenetworkingtechnology,ATMisdesignedtocarry
voice,data,andvideoovervariousnetworkmedia,usingahigh-speed,cell-switched,
connection-oriented,full-duplex,point-to-pointprotocol.
Insteadofusingvariable-lengthframeslikeEthernet,framerelay,andotherprotocols,
allATMtrafficisbrokendowninto53-bytecells.Thismakesiteasiertoregulateand
meterthebandwidthpassingoveraconnectionbecausebyusingdatastructuresofa
predeterminedsize,networktrafficbecomesmorereadilyquantifiable,predictable,and
manageable.WithATM,it’spossibletoguaranteethatacertainquantityofdatawillbe
deliveredwithinagiventime.Thismakesthetechnologymoresuitableforaunified
voice/data/videonetworkthananondeterministicprotocollikeEthernet,nomatterhow
fastitruns.Inaddition,ATMhasqualityofservice(Q0S)featuresbuiltintotheprotocol
thatenableadministratorstoreserveacertainamountofbandwidthforaspecific
application.
ATMisbothaLANandWANprotocolandisaradicaldeparturefromtheother
lower-layerprotocolsexaminedinthisbook.AllATMcommunicationispoint-to-point.
Therearenobroadcasts,whichmeansthatswitching,andnotrouting,isanintegralpartof
thistechnology.ATMcanalsobedeployedonpublicnetworks,aswellasprivateones.
PubliccarrierscanprovideATMservicesthatenableclientstoconnectLANsatremote
locations.Onprivatenetworks,ATMimplementationsatvariousspeedscanrun
throughoutthenetwork,fromthebackbonetothedesktop.Thus,thesamecellsgenerated
byaworkstationcantraveltoaswitchthatconnectstheLANtoanATMcarrierservice,
throughthecarrier’sATMcloud,andthentoaworkstationonthedestinationnetwork.At
nopointdothecellshavetoreachhigherthanthedatalinklayerofanintermediate
system,andtransmissionspeedsthroughthecloudcanreachashighas2.46Gbps.
Whilenotyettotallyrealized,alargepartofthispotentialhascometopass.ATMis
beingusedasahigh-speedbackboneprotocolandforWANconnections,butthe25.6
MbpsATMLANsolutionintendedfordesktopusehasbeeneclipsedbyFastEthernet,
whichrunsat100Mbpsandisfarmorefamiliartothemajorityofnetworkadministrators.
ManyenterprisebackbonesrunoverATM,largelybecauseadministratorsfindthatits
Q05capabilitiesandsupportforvoice,data,andvideomakeitabetterperformerthan
traditionalLANprotocols.
YoucanuseanATMpacket-switchingserviceforyourWANlinksinroughlythe
samewayasyouwoulduseframerelay,byinstallingarouteratyoursitesandconnecting
themtothecarrier’sPOPsusingleasedlines.ThisprocesstransmitstheLANdatatothe
POPfirstandthenrepackagesitintocells.It’salsopossible,however,toinstallanATM
switchateachremotesite,eitheraspartofanATMbackboneorasaseparatedevice
providinganinterfacetothecarrier’snetwork.Thisway,theLANdataisconvertedto
ATMcellsateachsitebeforeitistransmittedovertheWAN.Likeframerelay,ATM
supportsbothPVCsandSVCs,butATMwasdesignedfromthebeginningtosupport
voiceandvideousingSVCs,whileinframerelay,PVCsandSVCswerealateraddition.
ATMhasanadvantageoverframerelaybecauseofitsgreaterspeedandmanageability.
Manyofthefamiliarconceptsofotherprotocols,suchasmediaaccesscontroland
variable-lengthframes,arenotapplicabletoATM.BecauseATMdoesnotshare
bandwidthamongsystems,thereisnoneedforaMACmechanismsuchasCSMA/CDor
tokenpassing.SwitchesprovideadedicatedconnectiontoeverydeviceontheATM
network.BecauseallATMtransmissionsarecomposedoffixed-lengthcells,theswitching
processissimplerandpredictable.AllATMswitchingishardwarebasedbecausethereis
noneedforsoftware-managedflowcontrolandothersuchtechnologies.Referencesto
ATMsystemsanddevicesrefertoswitchesandrouters,aswellasactualcomputers.The
bandwidthdeliveredbyanATMnetworkisalsoreadilyquantifiable,makingiteasierto
designatetheappropriateamountofbandwidthforaspecificapplication.OnanEthernet
network,forexample,itmaybenecessarytoprovidemuchmorebandwidththanis
actuallyneededtoensuregoodperformancefromavideoconferencingapplication.Thisis
becauseyoumustaccountforthebandwidthrequiredforvideoconferencingontopofthe
maximumbandwidthusedbyallotherapplicationscombined.Thenetwork,therefore,is
designedtoaccommodatethepeaktrafficconditionthatoccursonlyasmallfractionofthe
time.OnanATMnetwork,bandwidthcanbemorepreciselycalculated.
LikeEthernetandTokenRing,ATMencompassesthephysicalanddatalinklayersof
theOSIreferencemodelbutisitselfdividedintothreelayers(seeFigure7-8),whichare
asfollows:
•Physicallayer
•ATMlayer
•ATMadaptationlayer
Figure7-8ATMarchitecture
Thefollowingsectionsexaminethefunctionsperformedateachoftheselayers.
ThePhysicalLayer
TheATMstandardsdonotspecifyprecisephysicallayertechnologiesasmostotherdata
linklayerprotocolsdo.Thismediaindependenceisoneoftheguidingdesignprinciples
behindthetechnology.ATMcanrunatvariousspeedsoverSynchronousOpticalNetwork
(SONET)andD5-3connectionsandlocallyovermultimodefiber-opticandshielded
twisted-pair(STP)cable,amongothers.Speedsrangefrom25.6Mbpsfordesktop
connectionsto2.46Gbps,althoughthemostcommonimplementationsrunat155or625
Mbps.
ThehigherspeedsarecommonlyusedforbackbonesandWANconnections.
NOTESONETisafiber-opticstandardthatdefinesaseriesofopticalcarrier
(OC)servicesrangingfromOC-1,operatingat51.84Mbps,toOC-192
operatingat9,952Mbps.
TheATMphysicallayerisdividedintotwosublayers,calledthephysicalmedium
dependent(PMD)sublayerandthetransmissionconvergence(TC)sublayer.ThePMD
sublayerdefinestheactualmediumusedbythenetwork,includingthetypeofcableand
otherhardware,suchasconnectors,andthesignalingschemeused.Thissublayerisalso
responsibleformaintainingthesynchronizationofalltheclocksinthenetworksystems,
whichitdoesbycontinuouslytransmittingandreceivingclockbitsfromtheother
systems.
TheTCsublayerisresponsibleforthefollowingfourfunctions:
•CelldelineationMaintainstheboundariesbetweencells,enablingsystems
toisolatecellswithinabitstream
•Headererrorcontrol(HEC)sequencegenerationandverification
Ensuresthevalidityofthedatainthecellsbycheckingtheerror-controlcodein
thecellheaders
•CellratedecouplingInsertsorremovesidlecellstosynchronizethe
transmissionratetothecapacityofthereceivingsystem
•TransmissionframeadaptationPackagescellsintotheappropriateframe
fortransmissionoveraparticularnetworkmedium
TheATMLayer
TheATMlayerspecifiestheformatofthecell,constructstheheader,implementsthe
error-controlmechanism,andcreatesanddestroysvirtualcircuits.Therearetwoversions
ofthecellheader,onefortheUserNetworkInterface(UNI),whichisusedfor
communicationsbetweenusersystemsorbetweenusersystemsandswitches,andthe
Network-to-NetworkInterface(NNI),whichisusedforcommunicationsbetween
switches.
Ineachcase,the53bytesofthecellaredividedintoa5-byteheaderanda48-byte
payload.ComparedtoanEthernetheader,whichis18bytes,theATMheaderseemsquite
small,butrememberthatanEthernetframecancarryupto1,500bytesofdata.Thus,fora
full-sizedEthernetframe,theheaderislessthan2percentofthepacket,whileanATM
headerisalmost10percentofthecell.ThismakesATMconsiderablylessefficientthan
Ethernet,asfarastheamountofcontroldatatransmittedacrossthewireisconcerned.
Figure7-9showstheformatoftheATMcell.Thefunctionsofthefieldsareas
follows:
•Genericflowcontrol(GFC),4bitsProvideslocalfunctionsintheUNIcell
thatarenotcurrentlyusedandarenotincludedintheNXIcell.
•Virtualpathidentifier(VPI),8bitsSpecifiesthenextdestinationofthe
cellonitspaththroughtheATMnetworktoitsdestination.
•Virtualchannelidentifier(VCI),16bitsSpecifiesthechannelwithinthe
virtualpaththatthecellwilluseonitspaththroughtheATMnetworktoits
destination.
•Payloadtypeindicator(PTI),3bitsSpecifiesthenatureofthedatacarried
inthecell’spayload,usingthefollowingbitvalues:
•Bit1Specifieswhetherthecellcontainsuserdataorcontroldata.
•Bit2Whenthecellcontainsuserdata,specifieswhethercongestionis
presentonthenetwork.
•Bit3Whenthecellcontainsuserdata,specifieswhetherthepayload
containsthelastsegmentofanAAL-5PDU.
•Celllosspriority(CLP),1bitSpecifiesapriorityforthecell,whichisused
whenanetworkisforcedtodiscardcellsbecauseofcongestion.Avalueof0
indicatesahighpriorityforthecell,whileavalueof1indicatesthatthecellmay
bediscarded.
•Headererrorcontrol(EC),8bitsContainsacodecomputedonthe
precedingfourbitsoftheheader,whichisusedtodetectmultiple-bitheadererrors
andcorrectsingle-biterrors.ThisfeaturedetectserrorsintheATMheaderonly;
thereisnoerrorcontrolofthepayloadatthislayer.
•Payload,48bytesContainstheuser,network,ormanagementdatatobe
transportedinthecell.
Figure7-9TheATMcellformat
VirtualCircuits
AconnectionbetweentwoATMsystemstakestheformofavirtualcircuit.Likeframe
relay,ATMusestwotypesofvirtualcircuits:permanentvirtualcircuits(PVCs),which
networkadministratorsmanuallycreateandwhicharealwaysavailable,andswitched
virtualcircuits(SVCs),whichsystemsdynamicallycreateasneededandthenterminate
afteruse.
Establishingavirtualcircuitthroughthenetworktoadestinationenablesthe
transmissionofcellsthroughthatcircuitwithoutextensiveprocessingbyintermediate
systemsalongtheway.Avirtualcircuitiscomposedofavirtualpath(VP)andavirtual
channel(VC).Avirtualpathisalogicalconnectionbetweentwosystemsthatis
composedofmultiplevirtualcircuits,muchasacablebetweentwopointscancontain
multiplewires,eachcarryingaseparatesignal.OnceaVPisestablishedbetweentwo
points,creatinganadditionalVCforanewconnectionwithinthatVPisarelatively
simplematter.
Inaddition,managingtheVPisaneasywayofmodifyingthepropertiesofallofthe
VCsitcontains.Whenaswitchfails,forexample,theVPcanbereroutedtouseanother
path,andallofitsVCsarereroutedwithit.EveryATMcellheadercontainsavirtualpath
identifierandavirtualchannelidentifier,whichspecifytheVPthatthecellisusingand
theVCwithinthatVP.
ATMAddressing
ATMnetworkshavetheirownaddressesforeachdevice,inadditiontoanyupper-layer
addressestheymightpossess.Theaddressesare20byteslongandhierarchical,muchlike
telephonenumbers,enablingthemtosupportextremelylargenetworks.Unlikeprotocols
thatsharenetworkbandwidth,itisn’tnecessarytoincludesourceanddestination
addressesineachcellbecauseATMtransmissionsusededicatedpoint-to-pointlinks.
Instead,theaddressesareusedbytheATMswitchestoestablishtheVPIsandVCIsfora
connection.
TheATMAdaptationLayer
TheprimaryfunctionoftheATMadaptationlayer(AAL)istopreparethedatareceived
fromthenetworklayerprotocolfortransmissionandsegmentitinto48-byteunitsthatthe
ATMlayerwillpackageascellsbyapplyingtheheader.TheAALconsistsoftwo
sublayers,calledtheconvergencesublayer(CS)andthesegmentationandreassembly
sublayer(SAR).TheCSpreparesthenetwork-layerdataforsegmentationbyapplying
variousfieldsthatarespecifictothetypeofservicethatwilltransmitthedata,creating
convergencesublayerprotocoldataunits(CS-PDUs).TheSARthensplitstheCS-PDUs
intosegmentsoftheappropriatesizeforpackagingincells.
SeveralAALprotocolsareavailableatthissublayer,whichprovidedifferenttypesof
servicetosupportvariousapplications.TheAALprotocolsareasfollows:
•AAL-1Aconnection-orientedserviceintendedforapplicationsthatrequire
circuitemulation,suchasvoiceandvideoconferencing.Thisservicerequires
clocksynchronization,soanetworkmediumthatsupportsclocking,suchas
SONET,isrequired.Forthisservice,theCSsublayeraddsSequenceNumber
(SN)andSequenceNumberProtection(SNP)fieldstothedatathatenablethe
receivingsystemtoassemblethecellsintheproperorder.
•AAL-3/4Supportsbothconnection-orientedandconnectionlessdata
transferswithcell-by-cellerrorcheckingandmultiplexing.TheCScreatesaPDU
byaddingabeginning/endingtagtothedataasaheaderandalengthfieldasa
footer.AftertheSARlayersplitstheCS-PDUintocell-sizedsegments,itaddsa
CRCvaluetoeachsegmentforerror-detectionpurposes.
•AAL-5AlsocalledSimpleandEfficientAdaptationLayer(SEAL),AAL-5
providesbothconnection-orientedandconnectionlessservicesandismost
commonlyusedforLANtraffic.TheCStakesablockofnetworklayerdataupto
64KBinsizeandaddsavariable-lengthpadandan8-bytetrailertoit.Thepad
ensuresthatthedatablockfallsonacellboundary,andthetrailerincludesablock
lengthfieldandaCRCvaluefortheentirePDU.TheSARsplitsthePDUinto48bytesegmentsforpackagingintocells.ThethirdbitofthePTIfieldintheATM
headeristhensettoavalueof0forallofthesegmentsofthedatablockexcept
thelastone,inwhichitissetto1.
ATMSupport
OneproblemisthecostandcomplexityofinstallingandsupportinganATMnetwork.
WhileacompetentEthernetLANadministratorshouldbeabletoinstallthecomponents
ofaGigabitEthernetbackbonewithlittletrouble,anATMbackboneisacompletely
differentstory.ATMnetworksareahybridoftelecommunicationsanddatanetworking
technologies.Thesearetwoseparatetypesofnetworks,butinthecaseofATM,bothcan
usethesamecablesandswitches.AnATMbackbone,therefore,maybeconnectednot
onlytodatanetworkingcomponentssuchasrouters,switches,andservers,butalsoto
PBXsandothertelecommunicationsdevices.
SONET
SynchronousOpticalNetwork(SONET)carriesdataoverfiber-opticcablesusedtodayby
manylong-distancecarriers.Itwasoriginallydesignedtotransmitmanyinformation
types,includingvoice,video,anddata.Thissystem,alongwithSynchronousDigital
Hierarchy(SDH),isusedthroughouttheworldtotransmitinformation.
SONETworksatthephysicallayer,anditsprotocolsspecifyaconsistentmethodof
multiplexingmanysmallsignalsintoonelarger(andfaster)transmission.Several
characteristicsmakethistechnologyattractive:
•Built-insupportformaintenanceandmanagement
•Theabilitytocarrynearlyallhigher-levelprotocols
•Definitionofclearstandardsbetweenvariousproducts
Thistechnologyprovidesstandardsforlineratesupto9.953Gbps.Becausesome
haveexperiencedlineratesapproaching20Gbps,SONEThasbeencalledthefoundation
forthephysicallayerofbroadbandISDN.ATMcanrunasalayerontopofbothSONET
andothertechnologies.
CHAPTER
8
ServerTechnologies
Allofthecomputersonalocalareanetworkcontainroughlythesamecomponents,such
asamicroprocessor,memorymodules,massstoragedevices,keyboards,videoadapters,
andotherinput/outputmechanisms.However,youcanstilldividethecomputersintotwo
basiccategories:serversandclientworkstations.Atonetime,itwaseasytodifferentiate
betweenserversandclientsbecauseserversfunctionedonlyasserversandclientsonlyas
clients.Serversinearlierdayswereessentiallycomputerswithmoreofeverything:faster
processors,morememory,andlargerharddrives,forexample.Nowthatmanycomputers
canfunctionasbothserversandclientssimultaneously,theboundarybetweentheserver
andclientfunctionshasbeenobscuredsomewhat.Recentyearshaveseengreat
developmentsinthefeaturesandtechnologiesthatmakeaserverdifferentfroma
workstation.Fromapplicationserverstowebservers,eachmachineoffersdifferent
servicesandhasdifferentfeatures.Thischapterexaminessomeofthesefeaturesand
technologiesandexplainshowtheycanenhancetheperformanceofyournetwork.
PurchasingaServer
Whenbuildingalocalareanetwork(LAN),youcanpurchasevirtuallyanycomputerand
useitasaserver.Theprimaryattributesthatmakeacomputeraserveraredeterminedby
thenetworkoperatingsystem’shardwarerequirements.Forexample,theWindows2012
Serverrequirementscallfor256MBofmemory,butyoucanactuallyruntheoperating
systemonastandardworkstationcomputerwithaslittleas128MB.Itwon’trunaswell,
butitwillrun.Whenshoppingforcomputers,you’llseethatsomeproductsare
specificallydesignedtobeserversandnotjustbecauseoftheoperatingsysteminstalled
onthemortheamountofmemoryordiskspacetheycontain.Forasmallnetwork
consistingofonlyahandfulofnodes,itmaynotbepracticalforyoutospendtheextra
moneyonacomputerdesignedtobeaserver.Instead,youcanpurchaseahigh-end
workstationwithsufficientresourcestoruntheserveroperatingsystemandusethat.
Whenyoudoneedthefeaturesofarealserver,it’simportanttounderstandhowaserver
candifferfromaworkstationandwhichfeaturesyouneedforyournetwork.
Whenyoulookatthedescriptionofaservercomputerinacatalogoronawebsite,it
mayseematfirstasthoughyou’repayingmoremoneyforless.Serversoftendonotcome
withmonitors,andtheygenerallydonotincludethehigh-performancevideoadaptersand
audiosystemsyoufindinnearlyeveryhomeorofficecomputerpackage.
Thevideoadapterinaserverisinmanycasesintegratedintothecomputer’s
motherboardandincludessufficientmemorytopoweradisplayatavarietyofresolutions.
However,thevideosubsysteminaserverusuallydoesnotincludethe3-Dacceleratorand
othercomponentsfoundonaseparateadaptercardusedinaworkstationformorevideointensivetasks,suchasgame-playingandmultimediaapplications.Avideoadapterina
serveralsotendsnottousetheAcceleratedGraphicsPort(AGP)foritsinterfacetothe
computerbecauseAGPusessystemmemoryforsomeofitsfunctions,andinaserver,you
wantasmuchsystemmemoryaspossibletobedevotedtoyourserverapplications.
Asforaudio,mostserversincludenoaudioadapteratallor,atmost,arudimentary
onethatisalsointegratedintothemotherboard.Speakersareusuallynotincluded.The
onlypurposeforhavinganyaudiocapabilitiesinaserveristoprovideaudiblefeedback
alertingtheadministratorofparticularsystemconditions.However,sinceserversareoften
keptinalockedclosetordatacenter,eventhisbasicaudiocapabilityusuallyisn’t
necessary.
NOTEAlthoughserversgenerallydonotcomeequippedwithhigh-endvideo
andaudioadapters,thereisusuallynoreasonwhyyoucan’taddthem
laterandusethecomputerfortasksmoretraditionallyassociatedwith
clientworkstations.
Thequestionthenremains,whatdoyougetwhenyoupurchaseaserverformore
moneythanyouwouldspendonaworkstationwiththesameprocessorandacomparable
amountofmemoryanddiskspace?Thefollowinglistexaminesthewaysinwhichthe
basiccomponentsinaserverdifferfromtheircounterpartsinaworkstation:
•CaseAservercasecanbelargerthanthatofaworkstationinorderto
provideroomforgreaterexpansion.Servercasesareusuallyeitherfreestanding
towersorspeciallydesignedtobemountedinastandard19-inchequipmentrack.
Expandabilityisanimportantqualityinaserver,andthecasestypicallyhavea
largenumberandvarietyofbaystosupporttheinstallationofadditionaldrives.
Sinceaserverdoesn’tusuallytakeupspaceonauser’sdesk,maintaininga
smallfootprintisnotaconcern,andservercasestendnottohavetheir
componentsshoehornedintothemintheinterestofsavingspace.Theresultisthat
thereismoreroomtoworkinsidethecaseandeasieraccesstothecomponents.A
servercasemightalsohavegreaterphysicalsecuritythanastandardcomputer
case,suchasakey-lockablecoverthatpreventsanyaccesstotheservercontrols
anddrives.
•PowersupplyTosupportthegreaternumberofdrivesandotherdevices
frequentlyfoundinaserver,thepowersupplyistypicallymorerobust.Thepower
supplyusuallyalsohasmoreinternalpowerconnectorsavailabletoattachto
installeddevices.Insomecases,aserver’spowersupplymighthaveitsown
internalsurgeprotectioncircuitry.Someserversalsohaveredundantpower
supplies,providingfaulttoleranceintheeventofapowersupplyfailure.
•FansThepossibilityofhavingmanymoredrivesandmultipleprocessorsin
aservermeansthatthecomputercanpotentiallygeneratealotmoreheatthana
workstation.Servercasestypicallyhavemultiplefansinthem,asidefromtheone
inthepowersupply.Awell-designedcasewillalsohaveacarefullyplanned
ventilationpaththatblowsthecoolerairfromtheoutsidedirectlyacrossthe
componentsthatmostneedtobekeptcool.Insomecases,serversuseasealed
casedesigninwhichalloftheairenteringthecaserunsthroughafilter,enabling
theservertofunctioninanindustrialenvironmentwithoutcontaminatingthe
internalcomponentswithdustandotherparticles.Somehigh-endservers
designedformission-criticalapplicationsalsohavehot-swappablemodularfan
assemblies,meaningthatshouldafanfail,it’spossibletoreplacetheunitwithout
shuttingdowntheserver.
•ProcessorServersusethesamemodelprocessorsasworkstations,andgiven
thecomputerindustry’sdedicationtoaggressivelymarketingthenewestand
fastestprocessorstohomeusers,youmayfindthataserver’sprocessorisnotany
fasterthanaworkstation’s.Infact,becauseserversaredesignedwithanemphasis
onexpandabilityandbecausetheycostmore,theytendtohavelongerlivesthan
workstations,meaningthattheymighthaveaprocessorthatisslowerthanthe
“latestandgreatest.”Whereserversdodifferfromworkstationinthisareaisthat
theyoftenhavemorethanoneprocessor.Formoreinformation,see“Using
MultipleProcessors”laterinthischapter.
•MemoryServersaretypicallycapableofsupportingmorememorythan
workstations,sometimesalotmore.Examiningtheinsideoftheserveranda
workstation,youmaynotseeanydifferencebecauseaservermayhavethesame
numberofmemoryslotsasaworkstationandusethesamebasictypeofmemory
modules.Theserverwillsupportmodulescontainingmorememory,however,ina
greatervarietyofconfigurations.
Inadditiontothesedifferencesinaserver’sbasiccomponents,thereareothermore
advancedtechnologiesthatcanhaveanevengreaterimpactonthecomputer’s
performance,asdiscussedinthefollowingsections.
UsingMultipleProcessors
Eventhoughtheprocessordesignsusedincomputerstodayarecontinuallybeing
enhancedandupgradedtorunateverfasterspeeds,serversoftenrequiremoreprocessing
powerthananysingleprocessorcanprovide.Thisisbecauseaserverapplicationsuchas
adatabaseenginemayhavetoservicerequestsfromdozensorevenhundredsofusersat
thesametime.Toincreasetheprocessingpoweravailabletotheapplication,youcanadd
moreprocessors.Youcanmultiplytheprocessingpowerofaserverintwoways:by
installingmultipleprocessorsintothecomputerorbyconnectingmultiplecomputers
usingahardwareorsoftwareproductthatjoinsthemintoaclusterorasystemarea
network(SAN).
ParallelProcessing
Theuseofmultipleprocessorsinasinglecomputerisnotanewidea,althoughithas
becomecommoninthePCindustryonlyinthelastfewyears.Thetwobiggestadvantages
ofusingmultipleprocessorsareeconomyandexpandability.Whenaprocessor
manufacturerreleasesanewproduct,itspricecomparedtothepreviousmodelsisalways
disproportionatelyhighfortheperformanceincreaseitprovides.Aseachnewprocessoris
supersededbythenextmodel,thepricedropsquickly.Bypurchasingaserverwith
multipleprocessorsinit,youcanrealizenearlythesameprocessingpowerasthelatest
chiponthemarketformuchlessmoney.Multipleprocessorsupportcanalsoextendthe
lifeofaserverbyenablingtheownertoupgradeitasneeded.Youcanbuyasingleprocessorservercontainingamotherboardthatsupportsuptofourprocessorsforonly
slightlymorethanacomputerwithastandardsingleprocessormotherboard.Later,asthe
burdenontheserverisincreasedbytheadditionofmoreusersorapplications,youcan
buyadditionalprocessorsandinstallthemintotheemptymotherboardsockets.
Themethodbywhichacomputermakesuseofmultipleprocessorsisknownas
parallelprocessing.Thisconsistsofdistributingcomputingtasksamongtheavailable
processorssothattheyareallcontinuouslyactive.Therearevariousmethodsinwhich
computerswithmultipleprocessorscanimplementparallelprocessing.Supercomputer
systems,forexample,cancombinethecapabilitiesofhundredsofprocessorstoperform
complextasksthatrequireenormousnumbersofcomputations,suchasweather
forecasting.Inmostcases,thesesupercomputersuseatechniquecalledmassivelyparallel
processing(MPP),inwhichtheprocessorsaregroupedintonodesandconnectedbya
high-speedswitch.Inthisarrangement,eachnodehasitsownmemoryarrayanditsown
busconnectingtheprocessorstothememory.Thereisnosharingofresourcesbetween
nodes,andcommunicationbetweenthemisrestrictedtoadedicatedmessagingsystem.
SymmetricMultiprocessing
TheserverswithmultipleprocessorsusedonLANstodayemployadifferentmethod,
calledsymmetricalmultiprocessing(SMP).InanSMPsystem,theprocessorssharea
singlememoryarray,input/output(I/O)system,andinterrupts,asshowninFigure8-1.
Processingtasksaredistributedevenlybetweenalloftheprocessors,soitisn’tpossible
foroneprocessortobeoverloadedwhileanothersitsidle.Thisisincontrasttoanother
system,calledasymmetricalmultiprocessing,inwhichtasksareassignedtoeach
processorindividuallyandtheworkloadmaynotbebalanced.
Figure8-1SMPcomputershaveasinglememoryarrayandI/Obus,whicharesharedbyalloftheprocessors.
Sharingasinglememoryarrayeliminatestheneedforthemessagingsystemfoundin
MPP.TheprocessorsinanSMPcomputercancommunicateandsynchronizetheir
activitiesmorequicklythanmostotherparallelprocessingtechnologies.
Itisimportanttonotethathavingmultipleprocessorsinacomputerisnotconsidered
tobeafault-tolerancemechanism.Ifoneoftheprocessorsshouldfailwhilethesystemis
running,thecoherencyofthecachedoperatingsystemandapplicationinformationare
likelytobeaffected,eventuallycausingacrash.Failureorremovalofaprocessorwhile
thecomputerisshutdown,however,willnothaveadeleteriouseffectsincetheoperating
systemdetectsthenumberofavailableprocessorsduringthestartupsequenceand
configuresitselfaccordingly.
HardwareandSoftwareRequirements
TousemultipleprocessorsinaLANserver,SMPmustbesupportedbytheprocessors
themselves,thecomputer’smotherboard,theoperatingsystem,andtheapplications
runningontheserver.Ifyouinstallanoperatingsystemoranapplicationthatdoesn’t
supportSMPonaserverwithmultipleprocessors,thesoftwarefunctionsinthenormal
mannerusingonlyoneoftheprocessors.
MostoftheoperatingsystemsintendedforuseonserverssupportSMP.Mostofthe
UnixoperatingsystemssupportSMP,includingLinuxversionsaswellasMac.Insome
cases,suchasFreeBSD,youhavetosubstituteamultiprocessorkernelforthestandard
onesuppliedwiththeoperatingsystem.Interestingly,althoughitisnotconsideredaserver
application,AdobePhotoshopalsosupportsSMP,makingitpossibleforgraphicdesigners
workingwithlargeimagefilesandcomplexfunctionstotakeadvantageofacomputer
withmultipleprocessors.
ServerClustering
Aclusterisagroupofserversthatareconnectedbycablesandthatfunctionasasingle
entity.Toaclientonthenetwork,theclusterappearstobeasingleserver,eventhoughit
consistsoftwoormorecomputers.Clusteringcanprovidethesameadvantageashaving
multipleprocessorsinasingleserversinceitispossibletodividetheserver’sworkload
betweentheprocessorsinthevariouscomputersthatmakeupthecluster.However,
clusteringcanalsoprovidefaulttoleranceinwaysthatSMPcannot.
Thecomputersthatmakeupaclusterareconnectedprogrammaticallyaswellas
physically.Insomecases,operatingsystemsprovidedirectsupportforclustering,whilein
others,aseparateapplicationisrequired.
Clusteringcanprovidetwobasicadvantagesoverasingleserver:loadbalancingand
faulttolerance.Loadbalancingistheprocessbywhichthetasksassignedtotheserverare
distributedevenlyamongthecomputersinthecluster.Thisconceptcanworkindifferent
ways,dependingontheapplicationinvolved.Forexample,aclusterofwebserverscan
balanceitsloadbysendingeachoftheincomingrequestsfromwebbrowserclientstoa
differentserver.WhenyouconnecttoahugelypopularInternetwebsite,youcanbesure
thatallofitsthousandsofconcurrentusersarenotbeingservedbyasinglecomputer.
Instead,thesiteusesaserverfarmthatconsistsofmanyidenticallyconfiguredcomputers.
Eachtimeyouconnecttothesitewithyourwebbrowser,youareprobablyaccessinga
differentserver.Aclusteredterminalserverworksinthesameway;eachnewclient
connectingtotheserverisdirectedtothecomputerthatiscurrentlycarryingthelightest
load.Otherapplicationsthatsplittheprocessingintothreadscandistributethosethreads
equallyamongthecomputersinthecluster.
Thisloadbalancingcapabilitygreatlyenhancestheexpandabilityoftheserver.Ifyou
reachapointwheretheserverisoverburdenedbytheapplicationtrafficitmusthandle,
youcansimplyaddanothercomputertothecluster,andtheworkloadwillautomatically
bebalancedamongtheavailablesystems,thusreducingtheloadoneachone.Youcan
alsoupgradetheserverbyinstallingadditionalprocessorstoSMPcomputersinthecluster
orbyreplacingacomputerwithonethatisfasterandmorecapable.
Loadbalancingalsoprovidesfaulttolerance.Ifoneofthecomputersinthecluster
shouldfail,theotherscontinuetofunctionwiththeloadredistributedbetweenthem.
However,it’salsopossibletoconstructaclusterwithmoreextensivefailovercapabilities.
Afailoverclusterisoneonwhichconnectedcomputersareconfiguredsothatwhenone
fails,theothertakesoverallofitsfunctions.Thistypeofclusterisbettersuitedto
databaseande-mailserversthatmustbecontinuouslyavailable.E-commerceisoneofthe
fewtechnologiesthatcanrequirebothloadbalancingandfailovertechnologiesinone
cluster.
Intoday’sclusteringproducts,agroupofcomputerscanbeclusteredinafailover
configurationwithoutleavingsomeofthemachinesidle.Ifoneofthecomputersfails,its
applicationsaremigratedtoanothercomputerinthecluster,whichtakesoverits
functions,asshowninFigure8-2.(Forthistooccur,allofthecomputersinthecluster
musthaveaccesstotheapplicationsanddatausedbytheothercomputers.)
Figure8-2Inaservercluster,alloftheserversareactive,withfunctionsreadytofailovertootherservers.
SystemAreaNetworks
Asystemareanetwork(orSAN,nottobeconfusedwithastorageareanetwork,also
abbreviatedSAN)isessentiallyadedicated,switchednetworkthatconnectsagroupof
computersthatareinthesameadministrativedomainandlocatedrelativelyclosetoeach
other.Thenetworkachievesgreatertransmissionspeedsbyimplementingareliable
transportservice(muchliketheTransmissionControlProtocol[TCP])inhardware
insteadofsoftware.TheSANhardwareconsistsofnetworkinterfaceadaptercardsthat
useFibreChannelconnectionstoacentralswitch.ASANnetworkinterfaceadapter
makesindividualtransportendpoints(muchliketheportsusedinaTCPsoftware
implementation)availabletotheconnectedcomputers.TheseendpointsarememorybasedregistersthataresharedbytheSANnetworkadapterandthecomputer’sprocessor.
Theprocessorcanthereforepasstheincomingtrafficdirectedataparticularendpoint
immediatelytotheappropriateapplicationrunningonthecomputer.Inasense,aSAN
operatesmuchlikeadistributedmemoryarray,ratherthanastandardnetworking
technology.
ClusterNetworkingHardware
Therearetwoareasinwhichtheuseofserverclusteringcanaffectthehardwareusedto
constructanetwork:thenetworkconnectionsthemselvesandtheserver’smassstorage
hardware.Thecomputersinaclusterusestandardnetworkconnectionstocommunicate
witheachother.Infact,itispossibletobuildaserverclusterwithnoadditional
networkinghardwareotherthaneachcomputer’snormalconnectiontotheenterprise
network.Inafailoverconfiguration,theserversintheclustercommunicatebyexchanging
signalsatregularintervalscalledheartbeats.Theseheartbeatsserveasanindicationto
eachcomputerthattheothercomputersintheclusterareupandrunningproperly.Ifa
computerfailstotransmitapredeterminednumberofconsecutiveheartbeats,theother
computersintheclusterassumethatithasfailedandtakeactiontoassumeitsfunctions.
Thissameheartbeatmethodalsofunctionsattheapplicationlevel.Ifasingleapplication
failsononeofthecomputersinthecluster,theclusterserviceattemptstorestartitonthe
samecomputer.Ifthisshouldfail,theservicethenmigratestheapplicationtoanother
computerinthecluster.
Theheartbeatscanbeexchangedoverthenormalnetworkconnection,butifthe
clusterisonasharednetworkwithothersystems,theadditionaltrafficgeneratedbythe
heartbeatscanbeaproblem.Inaddition,thenetworkconnectionprovidesasinglepointof
failure.Ifacablebreakorafailureinahuborothernetworkcomponentshouldoccur,the
heartbeatscanfailtoreachallofthecomputersinthecluster,resultinginaconditionin
whichbothcomputersattempttotakeonthefunctionsoftheother.
Toaddresstheseproblems,it’sagoodideatobuildaseparate,privatenetworkthatis
dedicatedtothecomputersinthecluster.Ethernetistypicallytheprotocolofchoicefor
thisarrangement,withGigabitEthernetanoptionforinstallationsthatcanbenefitfrom
greaterspeeds.Notonlydoesthisprivatenetworkensurethattheheartbeatsgeneratedby
eachcomputerreachtheothersinatimelyfashion,italsoprovidesabackupforthe
intraclustercommunications.Laterinthischapter,youwillseehowthisseparatenetwork
canalsobeusedwithahigher-speedprotocolsuchasFibreChanneltoconnecttheservers
toexternaldrivearraysandotherstoragedevices.Thisiscalledastorageareanetwork.
ClusterStorageHardware
Oneoftheelementsthatcomplicatetheimplementationofaclusteringsolutionina
failoverconfigurationisthateachofthecomputersintheclusterrequiresaccesstothe
applicationsanddatarunningontheothercomputers.Therearethreewaystoaccomplish
this,whichhavecometodefinethethreebasichardwareconfigurationsyoucanuseina
computerthatispartofacluster.Thesethreehardwareconfigurationsareasfollows:
•ShareddiskInashareddiskconfiguration,thecomputersintheclusterare
allconnectedtothesamediskarrayusingacommonI/Obussothatallofthe
computerscanaccessthesameapplicationsanddatasimultaneously.Thedisk
arraytypicallyusessomeformofSCSI,FibreChannel,orserialstorage
architecture(SSA)toconnecttothecomputers.Becausethisarrangementmakes
itpossiblefortwocomputerstoupdatefilesontheshareddrivesatthesametime,
anadditionalsoftwarecomponentcalledadistributedlockmanagerisneededto
preventfilesfrombeingcorruptedandnewdatafrombeingoverwritten.
•SharednothingAsharednothingconfigurationisoneinwhichthereisno
simultaneousaccessofthesamedatastoresbydifferentcomputersinthecluster.
Theredundantconnectionissothatifonecomputershouldfailandits
applicationsfailovertoanothercomputer,thesubstitutecanimmediatelyaccess
thesamedatastoresastheoriginalsystemandcontinuewhereitleftoff.
•MirroreddiskInamirroreddiskconfiguration,eachcomputermaintainsits
ownstoragedrives,anddataisreplicatedbetweenthecomputersonaregular
basis.
UsingHierarchicalStorageManagement
Hierarchicalstoragemanagement(HSM)isatechniqueforstoringdataonavarietyof
devicetypesinordertominimizestoragecostswhileprovidingeasyaccessibility.Asa
generalrule,thecheaperthemedium,thesloweritsaccesstime.Byinstallingvarious
typesofdrivesinaserver,youcanminimizeyourstoragecostsbyputtingthemost
frequentlyusedfilesonharddrives,occasionallyusedfilesonopticaldiscs,andseldom
usedfilesonmagnetictape.
Theproblemwiththisarrangementiskeepingtrackofwhichfilesarestoredonwhich
device,andthisiswhereHSMprovidesasolution.HSMisasoftwareproductthat
automaticallymigratesfilesbetweenthevariousmedia,dependingonhowoftenthey’re
accessed.AtypicalHSMinstallationconsistsofaserverwithoneormoreharddrivesand
anopticaldiscjukeboxormagnetictape,orboth.Thesedevicesenableyoutomaintain
largeamountsofstorageandstillaccessitwithouthumanintervention.Thisisknownas
nearlinestorage.
Whenafileonaharddrivegoesacertainnumberofdayswithoutbeingaccessed,the
HSMsoftwaremigratesittothesecondarymedium,suchasanopticaldisc.Aftercopying
thefiletotheopticaldisc,thesoftwarecreatesatinykeyfileinitsplaceontheharddrive.
Thekeyfilespecifiesthelocationoftheactualfileandprovidesaplaceholderfornetwork
users.Ifthefilegoesevenlongerwithoutbeingaccessed,HSMmigratesittoatertiary
medium(suchastape)andupdatesthekeyfile.Toauseronthenetwork,thefilesthat
havebeenmigratedtoothermediaappeartostillbeontheharddrive.Whentheuser
attemptstoaccessthefile,HSMreadsthecontentsofthekeyfile,loadstheappropriate
diskortapeintothedrive,readsthefile,andsuppliesittotheuser.Theonlysigntothe
userthatthefileisnotstoredontheharddriveistheadditionaltimeittakesforHSMto
supplythefile.Everythingelseiscompletelyinvisible.Iftheusermodifiesthefile,HSM
migratesitbacktotheharddrive,whereitremainsuntilitreachesthemigrationinterval
onceagain.
HSMsoftwareproductsareusuallyhighlyconfigurable,enablingyoutousevarious
combinationsofmediaandspecifywhatevermigrationintervalsyouwant.AnHSM
installationisnotcheap,butforanetworkthatmuststorevastamountsofdatawhile
keepingitallavailableatafewminutes’notice,HSMisaviablesolution.
FibreChannelNetworking
Thedevelopmentofnewnetworkstoragetechnologies,suchasnetworkattachedstorage
(NAS)andstorageareanetworks(SANs),thatcallforstoragehardwareexternaltothe
serverhasresultedintheneedforameanstotransmitlargeamountsofdatabetween
relativelydistantdevicesathighspeeds.
FibreChannelwasconceivedin1988asahigh-speednetworkingtechnologythatits
advocateshopedwouldbethesuccessortoFastEthernetandFiberDistributedData
Interface(FDDI)onbackbonenetworksthatrequiredlargeamountsofbandwidth.
RatifiedinaseriesofAmericanNationalStandardsInstitute(ANSI)standardsin1994,
FibreChannelneverfoundacceptanceasagenerallocalareanetworkingprotocol,
althoughGigabitEthernet,anextensionoftheEthernetstandardusingtheFibreChannel
physicallayeroptions,did.Instead,FibreChannelhasbecometheprotocolofchoicefor
high-endnetworkstoragetechnologiesandhasparticularlybecomeassociatedwithSANs.
AFibreChannelconnectioncantransferdataattherateof32Gbps.
NOTETheunusualspellingoffibreisdeliberateandintendedtodistinguish
thetermFibreChannelfromfiberoptic.
Unlikedevicesthatconnectstoragedevicesandserversusingabus,FibreChannelis
essentiallyaseparatenetworkthatcanconnectvarioustypesofstoragedeviceswiththe
serversonanetwork.FibreChannelusesstandardnetworkinghardwarecomponents,such
ascables,hubs,andports,toformthenetworkmedium,andtheconnectednodestransmit
andreceivedatausinganyoneofseveralservices,providingvariouslevelsof
performance.FibreChanneldiffersfromstandardnetworkingprotocolssuchasthe
InternetProtocol(IP)inthatmuchofits“intelligence”isimplementedinhardware,rather
thaninsoftwarerunningonahostcomputer.
TheFibreChannelprotocolstackconsistsoffivelayersthatperformthefunctions
attributedtothephysicalanddatalinklayersoftheOpenSystemsInterconnection(OSI)
referencemodel.Theselayersareasfollows:
•FC-0ThislayerdefinesthephysicalcomponentsthatmakeuptheFibre
Channelnetwork,includingthecables,connectors,transmitters,andreceivers,as
wellastheirproperties.
•FC-1Thislayerdefinestheencodingschemeusedtotransmitthedataover
thenetwork,aswellasthetimingsignalsanderrordetectionmechanism.Fibre
Channelusesanencodingschemecalled8B/10B,inwhich10bitsareusedto
represent8bitsofdata,thusyieldinga25percentoverhead.
•FC-2Thislayerdefinesthestructureoftheframeinwhichthedatatobe
transmittedisencapsulatedandthesequenceofthedatatransfer.
•FC-3Thislayerdefinesadditionalservicessuchasthestripingofdata
acrossmultiplesignallinestoincreasebandwidthandtheuseofmultipleports
withasinglealiasaddress.
•FC-4ThislayermapstheFibreChannelnetworktotheupper-layer
protocolsrunningoverit.Whileit’spossibletomapFibreChanneltostandard
networkingprotocols,suchasIP,theFibreChannelProtocol(FCP)istheprotocol
usedtoadaptthestandardparallelSCSIcommandstotheserialSCSI-3
communicationsusedbystoragedevicesonaFibreChannelnetwork.
TheFibreChannelPhysicalLayer
FibreChannelsupportsbothfiber-opticandcoppercables,withfiberopticproviding
greatersegmentlengths.
Thethreephysicallayercableoptionsareasfollows:
•SinglemodefiberopticNine-micronsinglemodefiber-opticcable,using
standardSCconnectors,withamaximumcablelengthof10,000meters
•MultimodefiberopticFifty-or62.5-micronmultimodefiber-opticcable
withSCconnectors,withamaximumcablelengthof500meters
•Shieldedtwisted-pair(STP)Type1STPcablewithDB-9connectors,with
amaximumcablelengthof30meters
Usinganyofthesecabletypes,youcanbuildaFibreChannelnetworkwithanyone
ofthethreefollowingtopologies:
•Point-to-pointThepoint-to-pointtopologylinksaFibreChannelhostbus
adapterinstalledintoacomputertoasingleexternalstoragedeviceorsubsystem.
•LoopThelooptopology,alsocalledacontinuousarbitratedloop,can
containanunlimitednumberofnodes,althoughonly127canbeactiveatanyone
time.Youcanconnectthenodestoeachotherusingaphysicalloop,oryoucan
implementthelooplogicallyusingahubandaphysicalstartopology,asina
TokenRingnetwork.Traffictravelsonlyonedirectionontheloop,unlikeSSA
andFDDI,whichhaveredundantloopsthatpermitbidirectionalcommunications.
Therefore,inthecaseofaphysicalloop,acablebreakornodefailurecantake
downthewholeloop,whilethehubinalogicalloopcanremovethe
malfunctioningnodeandcontinueoperating.EachofthenodesinaFibreChannel
loopactsasarepeater,whichpreventssignaldegradationduetoattenuation,buta
loopisstillasharednetworkwithmultipledevicesutilizingthesamebandwidth,
whichcanlimittheperformanceofeachdevice.
•FabricThefabrictopologyconsistsofnodesconnectedtoswitcheswith
point-to-pointconnections.JustasonanEthernetnetwork,switchingenableseach
devicetousethefullbandwidthofthenetworktechnologyinitstransmissions.
FibreChannelusesnonblockingswitches,whichenablemultipledevicestosend
trafficthroughtheswitchsimultaneously.AswitchedFibreChannelnetworkhas
thebenefitofalmostunlimitedexpandabilitywhilemaintainingexcellent
performance.
FibreChannelCommunications
CommunicationsoveraFibreChannelnetworkarebrokendownintothreehierarchical
structures.Thehighest-levelstructureiscalledanexchange,whichisabidirectional,
application-orientedcommunicationbetweentwonodesonthenetwork.Inthecontextof
astorageoperation,anexchangewouldbetheprocessofreadingfromorwritingtoafile.
Asingledevicecanmaintainmultipleexchangessimultaneously,withcommunications
runninginbothdirections,ifneeded.
Anexchangeconsistsofunidirectionaltransmissionsbetweenportscalledsequences,
whichinthecontextofareadorwriteoperationaretheindividualblockstransmittedover
thenetwork.Eachsequencemustbecompletedbeforethenextonecanbegin.Sequences
arecomposedofframes,andtheframeisthesmallestprotocoldataunittransmittedovera
FibreChannelnetwork.FibreChannelframesareconstructedmuchliketheframesused
inothernetworkingprotocols,suchasEthernetandIP.Theframeconsistsofdiscrete
fieldsthatcontainaddressinganderrordetectioninformation,aswellastheactualdatato
betransmitted.Inthestoragecontext,aframeistheequivalentofaSCSIcommand.
FibreChannelprovidesthreeclassesofservice,withdifferentresourcerequirements
andlevelsofperformanceprovidedbyeach.Theseserviceclassesareasfollows:
•Class1Class1isareliable,connection-oriented,circuit-switchedservicein
whichtwoportsonthenetworkreserveapaththroughthenetworkswitchesto
establishaconnectionforaslongastheyneedit.Theresultisthefunctional
equivalentofapoint-to-pointconnectionthatcanremainopenforanylengthof
time,evenpermanently.Becauseavirtualcircuitexistsbetweenthetwonodes,
framesarealwaystransmittedandreceivedinthesameorder,eliminatingthe
additionalprocessingrequiredtoreorderthepackets,asonanIPnetwork.The
Class1servicetendstowastebandwidthwhentheconnectionisnotinuseallof
thetime,butforapplicationsthatrequireaconnectionwiththeultimatein
reliabilityandperformance,theexpenditurecanbeworthwhile.
•Class2Class2isaconnectionlessservicethatprovidesthesamereliability
asClass1throughtheuseofmessagedeliveryandnondeliverynotifications.
SinceClass2isnotacircuit-switchedservice,framesmayarriveatthe
destinationportinthewrongorder.However,itistheportinthereceivingnode
thatreorderstheframes,nottheprocessorinsidetheserverorstoragesubsystem
containingtheport.Byplacingtheresponsibilityforordereddeliveryofframes
ontheportratherthanontheswitch,asintheClass1service,theswitchesare
betterabletoprovidethemaximumamountofbandwidthtoallofthenodeson
thenetwork.TheClass2servicecanthereforeprovideperformanceandreliability
thatisnearlythatoftheClass1service,withgreateroverallefficiency.Most
storagenetworkimplementationsuseClass2ratherthanClass1forthisreason.
•Class3Class3isanunreliableconnectionlessservicethatdoesnotprovide
notificationofdeliveryandnondeliverylikeClass2.Removingtheprocessing
overheadrequiredtoimplementthenotificationsreducesportlatencyand
thereforegreatlyincreasestheefficiencyofthenetwork.Thisisparticularlytrue
inthecaseofaloopnetwork,whichusesasharedmedium.Inthecaseofa
storagenetwork,theFCPprotocolprovidesframeacknowledgmentand
reorderingservices,makingitunnecessarytoimplementtheminthenetwork
hardware.
NOTEThereisalsoanextensiontotheClass1servicecalledIntermix,which
enablesotherprocessestoutilizetheunusedbandwidthofaClass1
connectionforthetransmissionofClass2andClass3traffic.Inthis
arrangement,however,theClass1trafficmaintainsabsolutepriorityover
theconnection,whichcancausethenodestobufferordiscardClass2
and3frames,ifnecessary.
NetworkStorageSubsystems
Intheoriginalclient-servernetworkdesign,theserverwasacomputerconstructedvery
muchlikeaclient,exceptwithmorestoragecapacity,morememory,afasterprocessor,
andsoon.Astheyearshavepassedanddatastoragerequirementshaveincreasedatan
exponentiallevel,ithasbecomeunwieldyforapersonalcomputertocontainenough
spaceandpowerforthemanydrivesusedinmodernstoragearrays.Movingthestorage
managementtasksawayfromtheserverandintoadedicateddevicealsoreducesthe
processingburdenontheserver.Today,withserverclustersandotheradvancedserver
technologiesbecomingmorepopular,thereisadrivetowardstoragearrayswithgreater
capabilities.
OneofthesolutionsistointegratethestandardstorageI/Oarchitecturewiththe
networkingarchitectureusedforothercommunicationsbetweensystems.CombiningI/O
andnetworkingmakesitpossibletolocatetheserversandthestoragearraysvirtually
anywhere,buildamoreflexibleandexpandablestoragesolution,andenableanyserveron
thenetworktoworkwithanystoragedevice.Therearetwotechnologiesthatareleading
thewayinthisnewareaofdevelopment:networkattachedstorageandstoragearea
networks.Thesetechnologiesarenotmutuallyexclusive;infact,thefuturenetworkis
likelytoencompassbothtosomedegree.
NetworkAttachedStorage
Networkattachedstorageisatermthatisgenerallyappliedtoastand-alonestorage
subsystemthatconnectstoanetworkandcontainseverythingneededforclientsand
serverstoaccessthedatastoredthere.AnNASdevice,sometimescalledanetwork
storageappliance,isnotjustaboxwithapowersupplyandanI/Obuswithharddrives
installedinit.Theunitalsohasaself-containedfilesystemandastripped-down,
proprietaryoperatingsystemthatisoptimizedforthetaskofservingfiles.TheNAS
applianceisessentiallyastand-alonefileserverthatcanbeaccessedbyanycomputeron
thenetwork.Foranetworkthathasserversdedicatedprimarilytofile-servingtasks,NAS
appliancescanreducecostsandsimplifythedeploymentandongoingmanagement
processes.Becausetheapplianceisacompleteturnkeysolution,thereisnoneedto
integrateseparatehardwareandoperatingsystemproductsorbeconcernedabout
compatibilityissues.
NASappliancescanconnecttonetworksindifferentways,anditisherethatthe
definitionofthetechnologybecomesconfusing.AnNASserverisadevicethatcan
respondtofileaccessrequestsgeneratedbyanyothercomputeronthenetwork,including
clientsandservers.Thedevicetypicallyusesastandardfilesystemprotocollikethe
NetworkFileSystem(NFS)ortheCommonInternetFileSystem(CIFS)forits
applicationlayercommunications.TherearetwodistinctmethodsfordeployinganNAS
server,however.YoucanconnecttheappliancedirectlytotheLAN,usingastandard
Ethernetconnection,enablingclientsandserversaliketoaccessitsfilesystemdirectly,or
youcanbuildadedicatedstoragenetwork,usingEthernetorFibreChannel,enablingyour
serverstoaccesstheNASandsharefileswithnetworkclients.
Thelattersolutionplacesanadditionalburdenontheservers,butitalsomovestheI/O
trafficfromtheLANtoadedicatedstoragenetwork,thusreducingnetworktraffic
congestion.Whichoptionyouchooselargelydependsonthetypeofdatatobestoredon
theNASserver.IfyouusetheNAStostoreusers’ownworkfiles,forexample,itcanbe
advantageoustoconnectthedevicetotheLANandletusersaccesstheirfilesdirectly.
However,iftheNASservercontainsdatabasesore-mailstores,aseparateapplication
serverisrequiredtoprocessthedataandsupplyittoclients.Inthiscase,youmaybenefit
morebycreatingadedicatedstoragenetworkthatenablestheapplicationservertoaccess
theNASserverwithoutfloodingtheclientnetworkwithI/Otraffic.
StorageAreaNetworks
Astorageareanetworkissimplyaseparatenetworkwithanenterprisethatisusedto
connectstoragedevicesandthecomputersthatusethem.Inpractice,SANsareusually
associatedwithFibreChannelnetworks,butactuallyyoucanuseanytypeofnetworkfor
thispurpose,includingSSAorEthernet(usuallyGigabitEthernet).Thereasonsfor
buildinganSANhavebeenrepeatedthroughoutthischapter.Servertechnologiessuchas
clusteringandremotediskarraysrequirehigh-bandwidthconnections,andusingthesame
datanetworkastheclientcomputersforthispurposecouldeasilyresultinmassive
amountsoftraffic.Inaddition,thebandwidthrequirementsofastorageI/Onetworkfar
exceedthoseofatypicaldatanetwork.ConstructingaseparateSANusingFibreChannel
orGigabitEthernetisfarcheaperthanequippingallofthecomputersonyournetwork
withultra-high-speednetworkinterfaceadapters.
InatypicalenterprisenetworkcontaininganSAN,theservershaveinterfacestoboth
thedatanetwork(theLAN)andthestoragenetwork(theSAN).TheLAN,therefore,is
completelyordinary,containingclientandservercomputers,andthestoragedevicesare
connectedonlytotheSAN.Wheretheserversstoretheirdataisofnoconsequencetothe
clients,whichdonotevenhavetoknowoftheSAN’sexistence.
AtypicalSANusingFibreChanneltoconnectserverstothestoragedevicescantake
manyforms.ThesimplestpossibleSANconsistsofasingleserverconnectedtoadrive
arrayusingapoint-to-pointFibreChannelconnection.Theserveraccessesthedatastored
onthearray,whichwouldtypicallyuseRAIDtoprovideaddedperformanceandfault
tolerance.OneoftheprimarydifferencesbetweenanSANandanNASdeviceisthat
SANsprovideblock-levelaccesstodata,whileNASappliancesprovidefile-levelaccess.
AmorecomplicatedSANwouldconsistofseveralserversandseveralstoragearrays,
allconnectedtothesamenetwork,asshowninFigure8-3.IftheSANusesFibreChannel
foritscommunications,thenetwork’stopologycantaketheformofalooporafabric,
dependingonwhetherthedevicesareallconnectedtoahuboraswitch.Thisenablesthe
serverstocommunicatewitheachotherandwithallofthestoragedevicesontheSAN.
ThestoragedevicescanbedrivearraysusingRAID,NASservers,oranyother
technologythatmayevolve,aslongasitsupportsFibreChannelorwhatevernetworking
protocoltheSANuses.
Figure8-3AcomplexSANusingaFibreChannellooporfabricnetwork
CHAPTER
9
DesigningaNetwork
Planningisanessentialpartofanynetworkdeployment,andthedesignofthenetworkis
acrucialelementoftheplanningprocess.Dependingonitssizeandlocation,theprocess
ofdesigningyournetworkcanbesimpleorextremelycomplex.Thischapterexamines
someoftheconceptsinvolvedindesigningnetworksthatrangefromsmallhome
networkstolargeenterpriseinternetworks.
Anetworkdesigncanencompassdecisionsmadeatmanylevels.Ataminimum,the
designshouldincludewhathardwareyouintendtopurchase,howmuchitcosts,where
you’regoingtolocateitatyoursite,andhowyou’regoingtoconnectitall.Forahomeor
small-businessnetwork,thiscanbeaseasyastakingafewcomputers,choosinganetwork
interfacecard(NIC)foreachone,andbuyingsomecablesandahuband/orawireless
router.Youcanmakealloftheotherdecisionsinvolvedinsettingupandconfiguringthe
networkasyouproceed.Foralargeenterpriseinternetwork,thedesignprocessis
considerablymorecomplicated.Asyou’velearned,aninternetworkisacollectionof
LANsthathavebeenconnectedsothateachcomputercancommunicatewithanyother
computeronanyoftheLANs.YoucandesigneachLANseparately,usingstandard
hardwarealreadymentioned,butthenyoumustconsiderhowyouaregoingtoconnectthe
LANsintoaninternetworkandregulatethecommunicationsbetweenthem.Youalsohave
toconsideralloftheservicesthatyoumustprovidetoyourusersandhowyouintendto
providethem.Thismeansthenetworkdesignmightincludesoftwareproductsand
configurations,outsideservicesprovidedbythirdparties,andoperatingprocedures,as
wellasahardwarelistandanetworkdiagram.
Inadditiontopurelytechnicalissues,designingalargeinternetworkinvolvesa
numberofimportantbusinessdecisions.Generally,theearlyphasesoftheinternetwork
designprocesstendtoproceedasfollows:
1.Identifythebusinessneedsthatthenetworkisintendedtosatisfy.
2.Createanidealnetworkdesignthatsatisfiesallofthepreviouslydefined
needs.
3.Estimatethecostofbuildingthenetworkasdesigned.
4.Determinewhetherthebenefitsofbuildingthenetworkrationalizethe
expense.
5.Revisethenetworkdesigntobringtheexpenseinlinewiththebenefits.
Thisisahigh-leveloverviewofthenetworkdesignprocessasabusinessdecision,
andwhileeconomicissuesmaynotbetheprimaryconcernofthepeopleinvolvedinthe
technicalsideoftheprocess,thecostoftheprojectwillcertainlyhaveaprofoundeffect
onthedesign.Thischapterismoreinvolvedwiththetechnicalsideofthedesignprocess
thanwiththebusinessside,buthavingsomeideaofthebudgetallottedforthenetwork
andthecostofimplementingthetechnologiesyouselectcanstreamlinethewholedesign
andapprovalprocessconsiderably.
ReasoningtheNeed
Thefirststepindesigninganetworkisalwaystolistthereasonsforbuildingitinthefirst
place.Forahomeorsmall-businessnetwork,thelistisoftenshortandsimple,containing
itemssuchasthedesiretoshareoneprinteramongseveralcomputersandtoaccessthe
Internetusingasingleconnection.Inmostcases,theeconomicdecisionisequallysimple.
Weighthepriceofafewcablesandahuborawirelessrouteragainstthecostofsupplying
eachcomputerwithitsownprinterorInternetconnection,andtheconclusionisobvious.
Foralargeinternetworkinstallation,thelistofrequirementsisusuallymuchlonger,
andthedecision-makingprocessisfarmorecomplex.Someofthequestionsthatyou
shouldaskyourselfasyou’refirstconceivingthenetworkareasfollows:
•Whatbusinessneedswillthenetworksatisfy?
•Whatservicesdoyouexpectthenetworktoprovidenowandinthefuture?
•Whatapplicationsmustthenetworkrunnowandinthefuture?
•Whatarethedifferenttypesofusersyouexpectthenetworktosupportnow?
•Whattypesofusers(andhowmanyofthem)doyouexpectthenetworkto
supportinthefuture?
•Whatlevelofservicedoyouexpectthenetworktoprovideintermsof
speed,availability,andsecurity?
•Whatenvironmentalfactorsatthesitecanpossiblyaffectthenetwork?
•Whatisthegeographiclayoutofthebusiness?Arethereremoteofficesto
connect?
•Whatnetworkmaintenanceskillsandresourcesareavailabletothe
organization?
Byansweringquestionslikethese,youshouldbeabletocomeupwithabasic,highlevelconceptofthetypeofnetworkyouneed.Thisconceptshouldincludeasketchofthe
networkindicatingthenumberoflevelsinthehierarchy.Forexample,anetworkata
singlesitemightconsistofanumberofLANsconnectedbyabackbone,whileanetwork
encompassingmultiplesitesmightconsistofseveralLANs,connectedbyabackboneat
eachlocation,allofwhicharethenconnectedbyWANlinks.Thisplanmayalsoinclude
decisionsregardingthenetworkmediaandprotocolstouse,aroutingstrategy,andother
technicalelements.
NOTEDependingontheenvironmentinwhichabackboneexists,itcanhave
twomeanings.Thefirstisthephysicalconnectionsuchasfiberor
GigabitEthernet,andthesecondisatransmissionmethodsuchasframe
relaythroughthecloud.
SeekingApproval
Thenextstepistostartmakinggenerictechnologyandequipmentselectionsinorderto
developanestimateofthecostsofbuildingandmaintainingthenetwork.Forexample,
youmightatthispointdecidethatyouaregoingtobuildaninternetworkconsistingoften
LANs,connectedbyafiber-opticbackboneandusingaT-1lineforaccesstotheInternet.
Withthisinformation,youcanstarttofigureoutthegeneralcostsofpurchasingand
installingthenecessaryequipment.
Witharoughcostestimateinhand,it’sgenerallytimetodecidewhetherbuildingthe
networkasconceivediseconomicallyfeasible.Inmanycases,thisrequiresanevaluation
bynontechnicalpeople,soalayperson’ssummaryoftheprojectanditscostisusuallyin
order.Atthispoint,someofthefollowingquestionsmaybeconsidered:
•Doesthenetworkdesignsatisfyallofthebusinessneedslistedearlier?
•Dothebusinessneedsthatthenetworkwillsatisfyjustifythecost
expenditures?
•Canthecostsofthenetworkbereducedwhilestillprovidingaminimum
standardofperformance?
•Howwillreducingthequalityofthenetwork(inregardtoelementssuchas
speed,reliability,and/orsecurity)affectthebusinessneedsitisabletosatisfy?
•Canthenetworkbereconceivedtolowertheinitialcostswhilestill
providingsufficientcapabilityforexpansioninthefuture?
Thisreviewprocessmayinvolveindividualsatseveralmanagementlayers,eachwith
theirownconcerns.Inmanycases,businessandeconomicfactorsforcearedesignofthe
networkplanatthispoint,eithertobetteraddressbusinessneedsnotconsideredearlieror
toreducecosts.Usually,it’sbetterforthesemodificationstooccurnow,whilethenetwork
designplanisstillinitspreliminarystages.Oncetheelementsoftheplanaredevelopedin
greaterdetail,itwillbecomemoredifficultandinefficienttodrasticallychangethem.
Whentheeconomicandbusinessfactorsofthenetworkdesignhavebeenreconciled
withthetechnicalfactors,youcanbegintofleshouttheplanindetail.Thefollowing
sectionsexaminesomeofthespecificelementsthatshouldbeincludedinyournetwork
designplan.
DesigningaHomeorSmall-OfficeNetwork
AnetworkforahomeorsmallofficetypicallyconsistsofasingleLANconnecting
anywherefrom2to16computers.TheLANmightalsohaveadditionalnetworkdevices
attachedtoit,suchasanetworkprinterorarouterprovidingaconnectiontotheInternet
oranotheroffice.Forthiskindofnetwork,thedesignprocessconsistsmostlyofselecting
productsthataresuitableforyourusers’needsandforthephysicallayoutofthesite.
SelectingComputers
Virtuallyallthecomputersonthemarkettodaycanbeconnectedtoanetwork,so
compatibilityinthisareaisnotusuallyaconcern.However,forthesakeofconvenience,
it’seasiertodesign,build,andmaintainasmallnetworkinwhichallofthecomputersuse
thesameplatform.IfmostofyourusersareaccustomedtousingWindowsPCs,then
makethenetworkallWindowsPCs.IfmostarecomfortablewithMacintosh,Linux,or
Unixsystems,thenusethose.It’snotimpossibletoconnectcomputersrunningdifferent
platformstothesamenetworkbyanymeans,butifyou’replanningasmallnetworkand
youwanttohaveaseasyatimeofitaspossible,sticktooneplatform.
Standardizingonasingleplatformmaybedifficultinsomesituations,however.Fora
homenetwork,forexample,youmayhavekidswhouseMacsinschoolandadultswho
usePCsatwork.Inasmall-businessenvironment,youaremorelikelytobeableto
imposeoneplatformonyouremployees,unlesstheyhavespecialrequirementssuchas
differenttypesofmachines.Ifyoudofeelcompelledtomixplatforms,youmustbe
carefultoselectproductsthatarecompatiblewitheverytypeofcomputeryouplantouse.
Generally,itisnottoodifficulttoconfiguredifferenttypesofcomputerstoaccessshared
networkresourcessuchasprintersandInternetconnections.However,filesharingcanbe
aproblembecausethecomputersmayusedifferentfileformats.Theotherimportant
considerationwhenselectingthecomputerstobeconnectedtoanetworkiswhetherthey
havetheresourcesneededfornetworking.Forthemostpart,thisjustmeansyoumust
determinewhattypeofnetworkinterfaceadapterthecomputeruses.Ifanyofthe
machinestobeincludedinthenetworkdonothaveappropriateadapters,youcan
purchaseanetworkinterfacecardandeitherinstalltheadapterinafreePCIslotor
purchaseaUniversalSerialBus(USB)networkinterfaceadapter.
SelectingaNetworkingProtocol
TheprotocolyournetworkusesatthedatalinklayeroftheOSIreferencemodelisthe
singlemostdefiningelementofthenetworkdesign.Thedatalinklayerprotocol
determines,amongotherthings,whatnetworkmediumyouwilluse,whatnetworking
hardwareyouwillbuy,howyouwillconnectthecomputers,andhowfastthenetworkcan
transferdata.ThemostcommonchoicesindatalinklayerprotocolsareEthernetfor
LANsorpoint-to-point(PPP)forlargernetworks.
ChoosingaNetworkMedium
TheEthernetprotocolsupportsavarietyofnetworkmedia,butwheninstallinganew
networktoday,thechoiceforabounded(cabled)networkcomesdowntounshielded
twisted-pair(UTP)orfiber-opticcable.Theotheralternativeisawireless(unbounded)
medium.UTPcableisperfectlysuitableformosthomeandsmall-businessnetworks.To
useUTP,youhavetopurchaseanEthernethub(unlessyouarenetworkingonlytwo
computers),andeachofyournetworkdevicesmustbeconnectedtothehubusingacable
nomorethan100meterslong.Category5UTPissufficientfornetworksrunningat
speedsupto100Mbps.Forspeedsupto1,000Mbps(1Gbps),useeitherCategory5eor
Category6UTPcables.Cat5etransmitsat100MHzandCat6transmitsat250MHz.
Bothhaveamaximumlengthof100meterswhenbeingusedfor1Gbpsnetworking.The
differenceisiftheCat6isusedina10Gbpsnetwork,andthenitgetscutdownto
between37and55meters,dependingonthecrosstalkenvironment.
Ifyouareinasituationwherethelocationsofyourcomputerscallforlonger
segments,however,orthenetworkmustoperateinanenvironmentwithextremeamounts
ofelectromagneticinterference(EMI)present,youcanopttousefiber-opticcable.Fiber-
opticcableisimmunetoEMIandsupportslongersegments,butitisalsomoreexpensive
thanUTPandmoredifficulttoinstall.
Forasmallnetwork,theeaseofinstallationisoftenamajorfactorintheselectionofa
networkmedium.AnEthernetnetworkusingUTPisthesimplesttypeofcablednetwork
toinstall.UTPEthernetNICs,hubs,andprefabricatedcablesareavailableinalmostany
computerstore;allyouhavetodoisusethecablestoconnectthecomputerstothehub.
(IfyourcomputersdonothaveaNIC,youwillhavetoinstalltheadaptersbeforemaking
theconnection.)
Thesameisnottrueforfiber-opticcables,whicharegenerallypurchasedas
components(bulkcable,connectors,andsoon)fromprofessionalsuppliers.Unlessyou
arewillingtospendagooddealofmoney,time,andeffortonlearningaboutfiber-optic
cabling,youarenotgoingtoinstallityourself.
It’spossibletoinstallUTPcablefromcomponentsalso,andthisisusuallyhow
professional,internalinstallationsareperformed.Aninternalcableinstallationisonein
whichthecablesareinstalledinsidewallcavitiesanddropceilings.Theonlyelementsof
theinstallationthatarevisibletothenetworkuserarethewallplatestowhichtheir
computersareattached.Thistypeofinstallationisneaterthananexternalonethatuses
prefabricatedcablesthatareusuallyleftexposed,butitrequiresmoreexpertisetoperform
correctly,aswellasadditionaltoolsandaccesstointernalwallcavities.Forasmallbusinessnetworkinatraditionallydesignedofficespace,asmall-scaleinternalinstallation
isfeasible,buthomeownersarelesslikelytowanttodrillholesintheirwalls,floors,and
ceilingsfortheinstallationofcables,despiteagreaterconcernfortheinstallation’s
cosmeticappearance.
Fornetworkinstallationswherecablesareimpracticalorundesirable,youcanalso
electtoinstallawirelessLAN.Therearemanyproductsnowonthemarketatcompetitive
prices,andforhomeuserswantingtonetworktheircomputerswithoutleavingcables
exposedorperformingamajorcableinstallation,thissolutioncanbeideal.
ChoosingaNetworkSpeed
AnotherconsiderationwhendesigninganEthernetLANisthespeedatwhichthenetwork
willrun.EastEthernetrunsat100Mbps,andGigabitEthernetrunsat1,000Mbps.You
canfindmanyEthernetNICsthatsupporteitherspeed.TheNICautodetectsthespeedof
thehubtowhichit’sattachedandconfiguresitselfaccordingly.
DesigninganInternetwork
Thedesignelementsdiscussedthusfarapplytolargeinternetworksaswellastosmall,
single-segmentLANs.EventhelargestinternetworkconsistsofindividualLANsthat
requirethesamecomponentsasastand-aloneLAN,suchascomputers,NICs,cables,
hubs,andswitches.Foralargeinternetworkwithmorevariedrequirements,youcan
designeachLANseparately,selectingprotocolsandhardwarethatbestsuitthephysical
environmentandtherequirementsoftheusers,oryoucancreateauniformdesignsuitable
foralloftheLANs.OnceyougetbeyondtheindividualLANs,however,youfacethe
problemofconnectingthemtoformtheinternetwork.Thefollowingsectionsexaminethe
technologiesyoucanusetodothis.
SegmentsandBackbones
ThetraditionalconfigurationforaprivateinternetworkistohaveaseriesofLANs(called
networksegmentsorsometimeshorizontalnetworks)connectedusinganother,separate
networkcalledabackbone.Abackboneisnothingmorethananetworkthatconnects
othernetworks,forminganinternetwork.Theindividualsegmentscanbenetworksthat
serviceworkgroups,departments,floorsofabuilding,orevenwholebuildings.Eachof
thesegmentsisthenconnectedtoabackbonenetwork,usingarouteroraswitch,as
showninFigure9-l.Thisenablesaworkstationonanyofthenetworkstocommunicate
withanyotherworkstation.ThetermbackbonecanrefertoaLANthatconnectsother
LANs(usuallyinthesamebuildingorcampus)ortoanetworkofwidearealinksthat
connectnetworksorinternetworksatremotelocations.
Figure9-1AnexampleofmultipleLANs,connectedbyabackbone
Oneofthemostcommonconfigurationsforalargeinternetworkthatencompassesan
entirebuildingwithmultiplefloorsistohaveaseparateLANconnectingallofthe
networkdevicesoneachfloor(whichistheoriginofthetermhorizontalnetwork)anda
backbonenetworkrunningverticallybetweenthefloors,connectingalloftheLANs.Of
course,theconfigurationyouusemustdependonthebuildinginwhichtheinternetwork
isinstalled.Ifyourentireorganizationishousedinanenormousbuildingwithonlytwo
floors,youwillprobablyhavetocreateseveralLANsoneachfloorandconnectthem
withabackbonethatrunsthroughoutthebuilding.
WhentwocomputersonthesameLANcommunicatewitheachother,thetrafficstays
onthatlocalnetwork.However,whenthecommunicatingcomputersareondifferent
LANs,thetrafficgoesthroughtherouterconnectingthesourcecomputertothebackbone
andthentotheLANonwhichthedestinationcomputerislocated.Itisalsocommon
practicetoconnectnetworkresourcesrequiredbyalloftheinternetwork’susersdirectly
tothebackbone,insteadoftooneofthehorizontalnetworks.Forexample,ifyouhavea
singlee-mailserverforyourentireorganization,connectingittooneofthehorizontal
networksforcesallofthee-mailclienttrafficfromtheentireinternetworktotraveltothat
segment,possiblyoverburdeningit.Connectingtheservertothebackbonenetwork
enablesthetrafficfromallofthehorizontalsegmentstoreachitequitably.Becausethe
backboneissharedbythehorizontalnetworks,itcarriesalloftheinternetworktraffic
generatedbyeachofthecomputersoneveryLAN.Thiscanbeagreatdealoftraffic,and
forthisreason,thebackbonetypicallyrunsatahigherspeedthanthehorizontalnetworks.
Backbonesmayalsohavetotraversegreaterdistancesthanhorizontalnetworks,soitis
commonforthemtousefiber-opticcable,whichcanspanmuchlongerdistancesthan
copper.
Whentheconceptofthebackbonenetworkoriginated,thetypicaldepartmentalLAN
wasrelativelyslow,running10MbpsEthernet.ThefirstbackboneswerethickEthernet
trunks,selectedbecausetheRG-8coaxialcablecouldbeinstalledinsegmentsupto500
meterslong.Thesebackbonesranatthesamespeedasthehorizontalnetworks,however.
Tosupportalloftheinternetworktraffic,adistributedbackbonerunningatahigherspeed
wasneeded.ThisledtotheuseofdatalinklayerprotocolslikeFiberDistributedData
Interface(FDDI).FDDIranat100Mbps,whichwasfasterthananythingelseatthetime,
anditusedfiber-opticcable,whichcanspanmuchgreaterdistancesthanthickEthernet.
OnceFastEthernetproductsarrivedonthemarket,thesituationchangedbyanorder
ofmagnitude;100Mbpshorizontalnetworksbecamecommon,andanevenfaster
backbonetechnologywasneededtokeepupwiththetrafficloadtheygenerate.Thisledto
thedevelopmentofprotocolslikeAsynchronousTransferMode(ATM),runningatspeeds
upto655Mbps,andGigabitEthernet,at1,000Mbps.
DistributedandCollapsedBackbones
TherearetwobasictypesofbackboneLANsingeneraluse:thedistributedbackboneand
thecollapsedbackbone.Inadistributedbackbone,thebackbonetakestheformofa
separatecablesegmentthatrunsthroughouttheenterpriseandisconnectedtoeachofthe
horizontalnetworksusingarouterorswitch.Inacollapsedbackbone,thehuboneachof
thehorizontalnetworksisconnectedtoacentrallylocatedmodularrouterorswitch(see
Figure9-2).Thisrouterorswitchfunctionsasthebackbonefortheentireinternetworkby
passingtrafficbetweenthehorizontalnetworks.Thistypeofbackboneusesnoadditional
cablesegmentbecausethecentralrouter/switchhasindividualmodulesforeachnetwork,
connectedbyabackplane.Thebackplaneisaninternalcommunicationsbusthattakesthe
placeofthebackbonecablesegmentinadistributedbackbonenetwork.
Figure9-2AsinglerouterorswitchconnectsalloftheLANsinacollapsedbackbone.
Theadvantageofacollapsedbackboneisthatinternetworktraffichastopassthrough
onlyonerouteronthewaytoitsdestination,unlikeadistributedbackbone,whichhas
separateroutersconnectingeachnetworktothebackbone.Thedisadvantageofa
collapsedbackboneisthatthehuboneachnetworkmustconnecttothecentralrouterwith
onecablesegment.Dependingonthelayoutofthesiteandthelocationoftherouter,this
distancemaybetoolongforcoppercable.
Becauseacollapsedbackbonedoesnotuseaseparatecablesegmenttoconnectthe
horizontalnetworks,itdoesnotneeditsownprotocol.Today’stechnologyhasmadethe
collapsedbackboneapracticalsolution.
Whilethismaybeanidealsolutionforanewnetworkbeingconstructedtoday,there
arethousandsofexistingnetworksthatstilluse10MbpsEthernetorotherrelativelyslow
protocolsontheirhorizontalnetworksandcan’teasilyadapttothecollapsedbackbone
concept.Someorallofthehorizontalnetworksmightbeusingoldermedia,suchas
Category3UTPoreventhinEthernet,andcan’tsupportthelongcablerunstoacentral
router.Thehorizontalnetworksmightevenbeinseparatebuildingsonacampus,inwhich
caseacollapsedbackbonewouldrequireeachbuildingtohaveacableruntothelocation
oftherouter.Incaseslikethese,adistributedbackboneisnecessary.
BackboneFaultTolerance
Becauseitprovidesallinternetworkcommunications,thebackbonenetworkisavitally
importantpartoftheoveralldesign.Ahorizontalnetworkthatcan’taccessthebackbone
isisolated.ComputersonthatLANcancommunicatewitheachotherbutnotwiththe
computersonotherLANs,whichcancutthemofffromvitalnetworkservices.Toensure
continuousaccesstothebackbone,someinternetworksdesignredundantelementsintothe
planforfault-tolerancepurposes.Youcan,forexample,usetworoutersoneachLAN,
bothofwhichconnecttothebackbonenetworkhubsothatifonerouterfails,theother
providescontinuedaccesstotherestofthenetwork.Somedesignsgosofarastoinclude
twoseparatedistributedbackbonenetworks.
Thisplanalsocallsfortworoutersoneachhorizontalnetwork,butinthiscase,the
routersareconnectedtotwodifferentbackbonenetworks,asshowninFigure9-3.This
way,theinternetworkcancontinuetofunctiondespitethefailureofarouter,abackbone
hub,oranybackbonecablesegment.Anotherbenefitofthisdesignistheabilityto
balancetheinternetworktrafficloadamongthetwobackbones.Byconfiguringhalfofthe
computerstouseonebackboneandhalftheother(byvaryingtheirdefaultgateway
addresses),yousplittheinternetworktrafficbetweenthetwo.Thiscanmaketheuseof
Ethernetonboththehorizontalandbackbonenetworksapracticalproposition,evenona
highlytraffickednetwork.WithasinglebackboneconnectingEthernetLANs,youmay
findthatyouneedtouseGigabitEthernetoranotherhigh-speedprotocoltosupportthe
internetworktraffic.
Figure9-3Redundantbackbonescanprovidebothloadbalancingandfaulttolerance.
SelectingaBackboneLANProtocol
Theprotocolthatyouuseonthebackboneconnectingyourhorizontalnetworksshould
dependontheamountoftrafficithastocarryandthedistanceithastospan.Insome
organizations,mostofthenetworkcommunicationsarelimitedtotheindividual
horizontalLANs.If,forexample,yourcompanyconsistsofseveraldepartmentsthatare
largelyautonomous,eachwiththeirownserversonaseparatehorizontalLAN,allofthe
intradepartmentaltrafficremainsonthehorizontalnetworkandneverreachesthe
backbone.Inacaselikethis,youcanprobablyusethesametechnologyonthebackbone
asthehorizontalLANs,suchasEthernetthroughout.If,ontheotherhand,yourcompany
consistsofdepartmentsthatallrelyonthesameresourcestodotheirwork,suchasa
centraldatabase,itmakessensetoconnectthedatabaseserversdirectlytothebackbone.
Whenyoudothis,however,thebackbonemustbeabletosupportthetrafficgeneratedby
allofthehorizontalnetworkscombined.IfthehorizontalnetworksarerunningFast
Ethernet,thebackboneshouldusuallyuseafastertechnology,suchasGigabitEthernet,in
ordertokeepup.
ThedistancethatthebackboneLANmustspanandtheenvironmentinwhichit’sused
canalsoaffecttheprotocolselection.Ifyoursiteislargeenoughthatthebackbonecable
runsarelikelytoexceedthe100-meterlimitforunshieldedtwisted-paircable,youshould
considerusingfiber-opticcable.Fiberopticisalsothepreferredsolutionifyouhaveto
connecthorizontalLANsthatarelocatedindifferentbuildingsonthesamecampus.Fiber
opticismoreexpensivetopurchaseandinstallthanUTP,butitisinteroperablewith
coppercableinmostcases.Forexample,youcanpurchaseFastEthernethubsandrouters
thatsupportbothcabletypessothatyoucanuseUTPonyourhorizontalnetworksand
fiberopticonthebackbone.
ConnectingtoRemoteNetworks
InadditiontoconnectingLANsatthesamesite,manyinternetworksuseabackboneto
connecttoremotenetworks.Insomecases,theorganizationconsistsofmultipleofficesin
differentcitiesorcountriesthatmustcommunicatewitheachother.Ifeachofficehasits
owninternetwork,connectingtheofficeswithWANlinksformsanotherbackbonethat
addsathirdleveltothenetworkhierarchyandcreatesasingle,enterpriseinternetwork.
However,evenanorganizationwithoneinternetworkatasinglelocationislikelytoneed
aWANconnectiontoanInternetserviceprovidersothatuserscanaccesse-mailandother
Internetservices.
ThetechnologyyouselectforyourWANconnectionsdependsonfactorssuchasthe
amountofbandwidthyournetworkneeds,whenitneedsit,and,asalways,yourbudget.
Youcanuseanythingfromdial-on-demandtelephoneconnectionstohigh-speedleased
linestoflexiblebandwidthsolutions,suchasframerelay.
SelectingaWANTopology
AnotherfactorinselectingaWANtechnologyisthetopologyyouwillusetoconnect
yourvarioussites.WANtopologiesaremoreflexiblethanthoseonLANs,whichare
dictatedbythedatalinkandphysicallayerprotocolsyouelecttouse.YoucanuseWAN
linkstobuildaninternetworkinmanydifferentways.Forexample,thefullmesh
topology,whenusedonaWAN,consistsofaseparate,dedicatedlink(suchasaleased
line)betweeneachtwositesinyourorganization.Ifyouhavefiveofficesindifferent
cities,eachofficehasfourseparateWANlinksconnectingittotheotheroffices,foratotal
oftenlinks(seeFigure9-4).Ifyouhaveeightoffices,atotalof28separateWANlinks
arerequired.Thisarrangementprovidesthegreatestamountoffaulttolerancesincea
singlelinkfailureaffectsonlythetwositesinvolved,aswellasthemostefficient
network,sinceeachsitecancommunicatedirectlywitheachoftheothersites.However,
thissolutioncanalsobeexpensiveaswellaswasteful,unlessyournetworkgenerates
sufficientWANtrafficbetweeneachpairofsitestofillalloftheselinksmostofthetime.
Figure9-4ThefullmeshWANtopology
Afullmeshtopology,consistingofindividuallinksbetweenthesites,assumestheuse
ofdedicated,point-to-pointWANconnectionssuchasleasedlines.However,thereare
alternativestothistypeoflinkthatcanprovidewhatamountstoafullmeshtopologyat
muchlessexpense.Framerelayusesasingleleasedlineateachsitetoconnecttoa
serviceprovider’snetwork,calledthecloud.Withallofthesitesconnectedtothesame
cloud(usingaccesspointslocaltoeachlocation),eachsitecanestablishavirtualcircuitto
everyothersiteasneeded.
Attheotherendofthespectrumfromthefullmeshtopologyisthestartopology,
whichdesignatesonesiteasthemainoffice(orhub)andconsistsofaseparate,dedicated
connectionbetweenthehubandeachoftheotherbranchsites.Thistopologyusesthe
fewestnumberofWANlinkstoconnectallofthesites,providingthegreatesteconomy,
andenablesthemainofficetocommunicatedirectlywitheachofthebranchsites.
However,whentwoofthebranchsiteshavetocommunicate,theymustdosobygoing
throughthehub.Whetherthestartopologyissuitableforyournetworkdependson
whetherthebranchsitesfrequentlyneedtocommunicatewitheachother.
Aringtopologyhaseachsiteconnectedtotwoothersites,asshowninFigure9-5.
Thistopologyusesonlyonelinkmorethanastar,butitprovidesagreaterdegreeoffault
tolerance.Ifanyonelinkfails,itisstillpossibleforanytwositestocommunicateby
sendingtrafficaroundtheringintheotherdirection.Bycontrast,alinkfailureinastar
internetworkdisconnectsoneofthesitesfromtheotherscompletely.Thedisadvantageof
theringisthedelayintroducedbytheneedfortraffictopassthroughmultiplesitesin
ordertoreachitsdestination,inmostcases.Asiteonastarinternetworkisnevermore
thantwohopsfromanyothersite,whileringsitesmayhavetopassthroughseveralhops.
Figure9-5TheringWANtopology
Eachofthesetopologiesrepresentsanextremeexampleofanetworkcommunication
technique,butnoneofthemhastobefollowedabsolutelyineverycase.Youcan,for
example,createapartialmeshtopologybyeliminatingsomeofthelinksfromthefull
meshdesign.Notallofyoursitesmayrequireadedicatedlinktoeveryothersite,soyou
caneliminatetheextraneouslinks,thusreducingthecostofthenetwork.Whenasitehas
tocommunicatewithanothersitetowhichitdoesnothaveadirectconnection,itcango
throughoneofitsconnectedsitesinstead.Inthesameway,youcanbuildmorefault
toleranceintoastarnetworkbyhavingtwohubsitesinsteadofoneandconnectingeach
oftheothersitestobothhubs.Thisrequirestwiceasmanylinksasastandardstar
topologybutstillfewerthanafullmesh.
PlanningInternetAccess
ConnectinganetworktotheInternetisusuallyfarlesscomplicatedthanconnecting
multiplesiteswithWANlinks.Evenifyourinternetworkconsistsofseveralsites,itis
morecommontoequipeachonewithitsownInternetconnection,ratherthanconnectone
siteandhavetheothersitesaccesstheInternetthroughtheintersiteWAN.TheWAN
technologyyouusetoconnecteachsitetotheInternetshouldonceagaindependonthe
bandwidthyourequireandyourbudget.
LocatingEquipment
DesigningtheindividualLANsthatmakeuptheinternetworkissimilartodesigninga
single,stand-aloneLAN,exceptyoumustworkthebackboneconnectionsintothedesign.
Largeinternetworksaremorelikelytouseinternalbulkcableinstallationsforthenetwork
segments,ratherthantheprefabricated,externalcablescommonlyusedforhomeand
small-businessnetworks.Inaninternalinstallation,cablesruninsidewallsandceilings
andterminateatwallplatesandpatchpanels.Thistypeofinstallationismuchmore
complicatedthananexternalonewherethecablesareleftexposed.Therefore,this
installationisfrequentlyoutsourcedtoacontractorwhospecializesinon-premiseswiring.
Forthesereasons,adetailednetworkplanshowingtherouteofeachcableandthe
locationofeachwallplateandpatchpanelisessential.Youdon’twanttohavetocallthe
contractorinaftertheinstallationisfinishedtopulladditionalcables.
Designingsuchanetworkandcreatingtheplanaretasksthatrequireanintimate
knowledgeofthebuildinginwhichthenetworkistobelocated.AswithahomeorsmallbusinessLAN,youmustdecidewhereallofthecomputersandothernetworkdevicesare
goingtobelocatedandthenworkouthowyouaregoingtorunthecablesthatconnect
themtothehub.Foraninternetworkdesign,youalsohavetodecidewhereyou’regoing
toputtherouterthatconnectseachLANtothebackbone(inthecaseofadistributed
backbonenetwork)orhowyou’regoingtoconnecteachLANtothemainrouter/switch
(inthecaseofacollapsedbackbonenetwork).
WiringClosets
Intheclassicexampleofamultiflooredofficebuildingwithahorizontalnetworkoneach
floorandadistributedbackboneconnectingthemvertically,itiscommonpracticetohave
atelecommunicationsroom,oftencalledawiringcloset,oneachfloor.Thisclosetcan
serveasthelocationforthepatchpanelwhereallofthecablerunsforthefloorterminate,
aswellasthehubthatconnectsallofthedevicesonthefloorintoaLANandtherouter
thatconnectstheLANtothebackbonenetwork.It’salsopossibletoinstallworkgroupor
evenenterpriseserversintheseclosets.Tofacilitatethebackbonecabling,thebest
arrangementisforthewiringclosetsoneachfloortobeontopofeachother,withachase
orwiringconduitrunningverticallythroughthemandconnectingalloftheclosetsinthe
building.
Tosomepeople,thetermwiringclosetmightinvokevisionsofhubsandrouters
shovedintoadarklittlespacealongwithmopsandbuckets,butthisshoulddefinitelynot
bethecase.Wiringclosetsmayalreadyexist,eveninabuildingnotalreadycabledfora
datanetwork,tosupporttelephoneequipmentandotherbuildingservices.Theclosetmay
indeedbeasmallspace,butitshouldbewelllitandhaveroomenoughtoworkin,if
necessary.Theroomiscalledaclosetbecausethereistypicallynoroom(orneed)for
desksandworkstationsinside.Mostoftherouters,servers,andothernetworking
equipmentavailabletodaycanbeequippedwithremoteadministrationcapabilities,which
minimizestheneedtoactuallyopentheclosettophysicallyaccesstheequipment.Unlike
anequipmentstoragecloset,awiringorserverclosetmustalsomaintainanappropriate
environmentfortheequipmentinside.Aspacethatisnotheatedinthewinternorair
conditionedinthesummercangreatlyshortenthelifeofdelicateelectronics.Wiring
closetsmustalsobekeptlocked,ofcourse,toprotectthevaluableequipmentfromtheft
and“experimentation”byunauthorizedpersonnel.
DataCenters
Wiringclosetsareeminentlysuitablefordistributedbackbonenetworksbecausethistype
ofnetworkrequiresthatarelativelylargeamountofexpensiveequipmentbescattered
throughoutthebuilding.Anotherorganizationaloption,bettersuitedforacollapsed
backbonenetwork,istohaveasingledatacentercontainingallofthenetworking
equipmentfortheentireenterprise.Inthiscontext,adatacenterisreallyjustalarger,
moreelaboratewiringcloset.Typically,adatacenterisasecuredroomorsuitethathas
beenoutfittedtosupportlargeamountsofelectronicequipment.Thisusuallyincludes
specialairconditioning,extrapowerlines,powerconditioningandbackup,additional
fixturessuchasamodularfloorwithawiringspacebeneathit,andextrasecurityto
preventunauthorizedaccess.
Thecentertypicallycontainsthenetwork’senterpriseserversandtheroutersthatjoin
theLANstogetherandprovideInternetandWANaccess.Ifthebuildinghousingthe
networkisnottoolarge,youcanplaceallofthehubsfortheindividualLANsinthedata
centeraswell.Thismeansthateverywallplateinthebuildingtowhichacomputeris
connectedhasacableconnectingittoahubinthedatacenter.Thisarrangementis
feasibleonlyifthelengthofthecablerunsarelessthan100meters,assumingthatthe
horizontalnetworksareusingUTPcable.Ifthedistancebetweenanyofyourwallplate
locationsandthedatacenterexceeds100meters,youmusteitherusefiber-opticcable
(whichsupportslongersegments)orplacethehubsatthelocationofeachLAN.Ifyou
choosetodothelatter,youonlyhavetofindarelativelysecureplaceforeachhub.
Whenthehubsaredistributedaroundthebuilding,youneedonlyonecablerunfrom
eachhubtothedatacenter.Ifyouusecentralizedhubs,eachofyourcablerunsextendsall
thewayfromthecomputertothedatacenter.Notonlycanthisusemuchmorecable,but
thesheerbulkofthecablesmightexceedthesizeofthewiringspacesavailableinthe
building.However,theadvantageofhavingcentralizedhubsisthatnetworksupport
personnelcaneasilyservicethemandmonitortheirstatus,andconnectingthemtothehub
orswitchthatjoinstheLANsintoaninternetworkissimplyamatterofrunningacable
acrosstheroom.
Typically,theequipmentinadatacenterismountedinracks,whichcanextendfrom
floortoceiling.Virtuallyallmanufacturersofservers,hubs,routers,andothernetwork
devicesintendedforlargeenterprisenetworkstohaveproductsdesignedtoboltintothese
standard-sizedracks,whichmakesiteasiertoorganizeandaccesstheequipmentinthe
datacenter.
FinalizingtheDesign
Asyoufleshoutthenetworkdesignindetail,youcanbegintoselectspecificvendors,
products,andcontractors.Thisprocesscanincludeshoppingforthebesthardwareprices
incatalogsandonwebsites,evaluatingsoftwareproducts,interviewingandobtaining
estimatesfromcableinstallationcontractors,andinvestigatingserviceprovidersforWAN
technologies.Thisisthemostcriticalpartofthedesignprocess,forseveralreasons.First,
thisisthepointatwhichyou’llbeabletodeterminetheactualcostofbuildingthe
network,notjustanestimate.Second,itisatthisphasethatyoumustmakesureallthe
componentsyouselectareactuallycapableofperformingasyourpreliminaryplan
expectsthemto.If,forexample,youdiscoverthattheroutermodelwithallofthefeatures
youneedisnolongeravailable,youmayhavetomodifytheplantouseadifferenttypeof
routerortoimplementthefeatureyouneedinanotherway.Third,theconcrete
informationyoudevelopatthisstageenablesyoutocreateadeploymentschedule.A
networkdesignplancanneverhavetoomuchdetail.Documentingyournetworkas
completelyaspossible,bothbefore,during,andafterconstruction,canonlyhelpyouto
maintainandrepairitlater.Theplanningprocessforalargenetworkcanbelongand
complicated,butitisrareforanyofthetimespenttobewasted.
PART
III
NetworkProtocols
CHAPTER10
EthernetBasics
CHAPTER11
100BaseEthernetandGigabitEthernet
CHAPTER12
NetworkingProtocols
CHAPTER
10 EthernetBasics
Ethernetisthedatalinklayerprotocolusedbythevastmajorityofthelocalareanetworks
operatingtoday.Sincethe1990s,theEthernetstandardshavebeenrevisedandupdatedto
supportmanydifferenttypesofnetworkmediaandtoprovidedramaticspeedincreases
overtheoriginalprotocol.BecausealloftheEthernetvariantsoperateusingthesame
basicprinciplesandbecausethehigh-speedEthernettechnologiesweredesignedwith
backwardcompatibilityinmind,upgradingastandardnetworkisusuallyrelativelyeasy.
Thisisinmarkedcontrasttootherhigh-speedtechnologiessuchasFiberDistributedData
Interface(FDDI)andAsynchronousTransferMode(ATM),forwhichupgradescan
requireextensiveinfrastructuremodifications,suchasnewcabling,aswellastrainingand
acclimationforthepersonnelsupportingthenewtechnology.
ThischapterexaminesthefundamentalEthernetmechanismsandhowtheyprovidea
unifiedinterfacebetweenthephysicallayeroftheOpenSystemsInterconnection(OSI)
referencemodelandmultipleprotocolsoperatingatthenetworklayer.Thenyou’lllearn
hownewertechnologiessuchasFastEthernetandGigabitEthernetimproveontheolder
standardsandprovidesufficientbandwidthfortheneedsofvirtuallyanynetwork
application.Finally,therewillbeadiscussionofupgradestrategiesandreal-world
troubleshootingtechniquestohelpyouimprovetheperformanceofyourownnetwork.
EthernetDefined
TheEthernetprotocolprovidesaunifiedinterfacetothenetworkmediumthatenablesan
operatingsystemtotransmitandreceivemultiplenetworklayerprotocolssimultaneously.
LikemostofthedatalinklayerprotocolsusedonLANs,Ethernetis,intechnicalterms,
connectionlessandunreliable.Ethernetmakesitsbestefforttotransmitdatatothe
appointeddestination,butnomechanismexiststoguaranteeasuccessfuldelivery.Instead,
servicessuchasguaranteeddeliveryareleftuptotheprotocolsoperatingatthehigher
layersoftheOSImodel,dependingonwhetherthedatawarrantsit.
NOTEInthiscontext,thetermunreliablemeansonlythattheprotocollacksa
meansofacknowledgingthatpacketshavebeensuccessfullyreceived.
AsdefinedbytheEthernetstandards,theprotocolconsistsofthreeessential
components:
•Aseriesofphysicallayerguidelinesthatspecifythecabletypes,wiring
restrictions,andsignalingmethodsforEthernetnetworks
•Aframeformatthatdefinestheorderandfunctionsofthebitstransmittedin
anEthernetpacket
•Amediaaccesscontrol(MAC)mechanismcalledCarrierSenseMultiple
AccesswithCollisionDetection(CSMA/CD)thatenablesallofthecomputerson
theLANequalaccesstothenetworkmedium.
Fromaproductperspective,theEthernetprotocolconsistsofthenetworkinterface
adaptersinstalledinthenetwork’scomputersusuallyintheformofnetworkinterface
cards(NICs),thenetworkadapterdriverstheoperatingsystemusestocommunicatewith
thenetworkadapters,andthehubsandcablesyouusetoconnectthecomputers.When
youpurchasenetworkadaptersandhubs,youmustbesuretheyallsupportthesame
Ethernetstandardsforthemtobeabletoworktogetheroptimally.
EthernetStandards
WhenEthernetwasfirstdesignedinthe1970s,itcarrieddataoverabasebandconnection
usingcoaxialcablerunningat10MbpsandasignalingsystemcalledManchester
encoding.ThiseventuallycametobeknownasthickEthernetbecausethecableitselfwas
approximately1centimeterwide,aboutthethicknessofagardenhose(indeed,itscolor
andrigidityledtoitsbeingreferredtoasthe“frozenyellowgardenhose”bywhimsical
networkadministrators).ThefirstEthernetstandard,whichwastitled“TheEthernet,a
LocalAreaNetwork:DataLinkLayerandPhysicalLayerSpecifications,”waspublished
in1980byaconsortiumofcompaniesthatincludedDEC,Intel,andXerox,givingriseto
theacronymDIX,thus,thedocumentbecameknownastheDIXEthernetstandard.
EthernetII
TheDIX2.0standard,commonlyknownasDIXEthernetII,waspublishedin1982and
expandedthephysicallayeroptionstoincludeathinnertypeofcoaxialcable,whichcame
tobecalledthinEthernet,ThinNet,orcheapernetbecauseitwaslessexpensivethanthe
originalthickcoaxialcable.
IEEE802.3
Duringthistime,adesirearosetobuildaninternationalstandardaroundtheEthernet
protocol.In1980,aworkinggroupwasformedbyastandards-makingbodycalledthe
InstituteofElectricalandElectronicsEngineers(IEEE),underthesupervisionoftheir
LocalandMetropolitanAreaNetworks(LAN/MAN)StandardsCommittee,forthe
purposeofdevelopingan“Ethernet-like”standard.Thiscommitteeisknownbythe
number802,andtheworkinggroupwasgiventhedesignationIEEE802.3.Theresulting
standard,publishedin1985,wascalledthe“IEEE802.3CarrierSenseMultipleAccess
withCollisionDetection(CSMA/CD)AccessMethodandPhysicalLayerSpecifications.”
ThetermEthernetwas(andstillis)scrupulouslyavoidedbytheIEEE802.3group
becausetheywantedtoavoidcreatinganyimpressionthatthestandardwasbasedona
commercialproductthathadbeenregisteredasatrademarkbyXerox.However,witha
fewminordifferences,thisdocumentessentiallydefinesanEthernetnetworkunder
anothername,andtothisday,theproductsconformingtotheIEEE802.3standardare
calledbythenameEthernet.
NOTETheIEEEStandardsareavailablefordownloadingat
http://standards.ieee.org/about/get/802/802.3.html.
DIXEthernetandIEEE802.3Differences
WhiletheDIXEthernetIIstandardtreatedthedatalinklayerasasingleentity,theIEEE
standardsdividethelayerintotwosublayers,calledlogicallinkcontrol(LLC)andmedia
accesscontrol(MAC).TheLLCsublayerisolatesthefunctionsthatoccurbeneathitfrom
thoseaboveitandisdefinedbyaseparatestandard:IEEE802.2.TheIEEEcommittee
usesthesameabstractionlayerwiththenetworktypesdefinedbyother802standards,
suchasthe802.5TokenRingnetwork.TheuseoftheLLCsublayerwiththe802.3
protocolalsoledtoasmallbutimportantchangeintheprotocol’sframeformat,as
describedinthe“TheEthernetFrame”sectionlaterinthischapter.TheMACsublayer
definesthemechanismbywhichEthernetsystemsarbitrateaccesstothenetworkmedium,
asdiscussedintheforthcomingsection“CSMA/CD.”
By1990,theIEEE802.3standardhadbeendevelopedfurtherandnowincludedother
physicallayeroptionsthatmadecoaxialcableallbutobsolete,suchasthetwisted-pair
cablecommonlyusedintelephoneinstallationsandfiber-opticcable.Becauseitiseasyto
workwith,inexpensive,andreliable,twisted-pair(or10Base-T)Ethernetquicklybecame
themostpopularmediumforthisprotocol.MostoftheEthernetnetworksinstalledtoday
usetwisted-paircable,whichcontinuestobesupportedbythenew,higher-speed
standards.Fiber-optictechnologyenablesnetworkconnectionstospanmuchlonger
distancesthancopperandisimmunefromelectromagneticinterference.
Table10-1liststheprimarydifferencesbetweentheIEEE802.3standardandtheDIX
EthernetIIstandard.
Table10-1DifferencesBetweentheIEEE802.3StandardsandtheOldDIXEthernetIIStandards
IEEEShorthandIdentifiers
TheIEEEisalsoresponsiblefortheshorthandidentifiersthatareoftenusedwhen
referringtospecificphysicallayerEthernetimplementations,suchas100Base-TforaFast
Ethernetnetwork.Inthisidentifier,the100referstothespeedofthenetwork,whichis
100Mbps.AlloftheEthernetidentifiersbeginwith10,100,or1000.
TheBasereferstothefactthatthenetworkusesbasebandtransmissions.Asexplained
inChapter1,abasebandnetworkisoneinwhichthenetworkmediumcarriesonlyone
signalatatime,asopposedtoabroadbandnetwork,whichcancarrymanysignals
simultaneously.AlloftheEthernetvariantsarebaseband,exceptforonebroadband
version,whichisrarely,ifever,used.
TheTin100Base-Tspecifiesthetypeofmediumthenetworkuses.Forexample,the
Tin100Base-Tstandsfortwisted-paircable.Table10-2explainssomeoftheEthernet
identifiers.Foracompletelist,gotohttp://standards.ieee.org/about/get/802/802.3.html
andenterthespecificstandard.
Table10-2IEEEShorthandIdentifiersforEthernetNetworks
NOTEBeginningwiththe10Base-Tspecification,theIEEEbeganincluding
ahyphenaftertheBasedesignatortopreventpeoplefrompronouncing
10Base-Tas“tenbassett.”
CSMA/CD
Today,manyoftheissueswithcollisionsonanEthernetnetworkhavebeeneliminated
withshared,full-duplex,point-to-pointchannelsbetweenthenodeoriginating
transmissionandthereceiver.However,sinceCSMA/CDissupportedforbackward
compatibility,IEEE802.3stilldefinesthespecification.
LikeanyMACmethod,CSMA/CDenabledthecomputersonthenetworktosharea
singlebasebandmediumwithoutdataloss.TherearenoprioritiesonanEthernetnetwork
asfarasmediaaccessisconcerned;theprotocolwasdesignedsothateverynodehas
equalaccessrightstothenetworkmedium.Figure10-1illustratestheprocessbywhich
CSMA/CDarbitratesaccesstothenetworkmediumonanEthernetnetwork.While
obsoleteintoday’sEthernetnetworks,itissupportedforcompatibilitywithearlier
networks,soyouneedtounderstandtheprocess.
Figure10-1IfNodeBbeginstotransmitdatabeforethetransmissionfromNodeAreachesit,acollisionwilloccur.
WhenanodeonanEthernetnetworkwantstotransmitdata,itfirstmonitorsthe
networkmediumtoseewhetheritiscurrentlyinuse.Thisisthecarriersensephaseofthe
process.Ifthenodedetectstrafficonthenetwork,itpausesforashortintervalandthen
listenstothenetworkagain.Oncethenetworkisclear,anyofthenodesonthenetwork
mayuseittotransmittheirdata.Thisisthemultipleaccessphase.Thismechanismin
itselfarbitratesaccesstothemedium,butitisnotwithoutfault.
Itisentirelypossiblefortwo(ormore)systemstodetectaclearnetworkandthen
transmittheirdataatnearlythesamemoment.Thisresultsinwhatthe802.3standardcalls
asignalqualityerror(SQE)or,astheconditionismorecommonlyknown,apacket
collision.Collisionsoccurwhenonesystembeginstransmittingitsdataandanother
systemperformsitscarriersenseduringthebriefintervalbeforethefirstbitinthe
transmittedpacketreachesit.Thisintervalisknownasthecontentiontime(orslottime)
becauseeachofthesystemsinvolvedbelievesithasbeguntotransmitfirst.Everynodeon
thenetworkis,therefore,alwaysinoneofthreepossiblestates:transmission,contention,
oridle.
Whenpacketsfromtwodifferentnodescollide,anabnormalconditioniscreatedon
thecablethattravelsontowardbothsystems.Onacoaxialnetwork,thevoltagelevel
spikestothepointatwhichitisthesameorgreaterthanthecombinedlevelsofthetwo
transmitters(+/−0.85V).Onatwisted-pairorfiber-opticnetwork,theanomalytakesthe
formofsignalactivityonboththetransmitandreceivecircuitsatthesametime.
Wheneachtransmittingsystemdetectstheabnormality,itrecognizesthatacollision
hastakenplace,immediatelystopssendingdata,andbeginstakingactiontocorrectthe
problem.Thisisthecollisiondetectionphaseoftheprocess.Becausethepacketsthat
collidedareconsideredtobecorrupted,boththesystemsinvolvedtransmitajampattern
thatfillstheentirenetworkcablewithvoltage,informingtheothersystemsonthenetwork
ofthecollisionandpreventingthemfrominitiatingtheirowntransmissions.
Thejampatternisasequenceof32bitsthatcanhaveanyvalue,aslongasitdoesnot
equalthevalueofthecyclicredundancycheck(CRC)calculationinthedamagedpacket’s
framechecksequence(FCS)field.AsystemreceivinganEthernetpacketusestheFCS
fieldtodeterminewhetherthedatainthepackethasbeenreceivedwithouterror.Aslong
asthejampatterndiffersfromthecorrectCRCvalue,allreceivingnodeswilldiscardthe
packet.Inmostcases,networkadapterssimplytransmit32bitswiththevalue1.Theodds
ofthisalsobeingthevalueoftheCRCforthepacketare1in232(inotherwords,not
likely).
Aftertransmittingthejampattern,thenodesinvolvedinthecollisionbothreschedule
theirtransmissionsusingarandomizeddelayintervaltheycalculatewithanalgorithmthat
usestheirMACaddressesasauniquefactor.Thisprocessiscalledbackingoff.Because
bothnodesperformtheirownindependentbackoffcalculations,thechancesofthemboth
retransmittingatthesametimearesubstantiallydiminished.Thisisapossibility,however,
andifanothercollisionoccursbetweenthesametwonodes,theybothincreasethe
possiblelengthoftheirdelayintervalsandbackoffagain.Asthenumberofpossible
valuesforthebackoffintervalincreases,theprobabilityofthesystemsagainselectingthe
sameintervaldiminishes.TheEthernetspecificationscallthisprocesstruncatedbinary
exponentialbackoff(ortruncatedBEB).AnEthernetsystemwillattempttotransmita
packetasmanyas16times(reportedasan“excessivecollisionerror”),andifacollision
resultseachtime,thepacketisdiscarded.
Collisions
EverysystemonanEthernetnetworkusestheCSMA/CDMACmechanismforevery
packetittransmits,sotheentireprocessobviouslyoccursquickly.Mostofthecollisions
thatoccuronatypicalEthernetnetworkareresolvedinmicroseconds(millionthsofa
second).ThemostimportantthingtounderstandwhenitcomestoEthernetmedia
arbitrationisthatpacketcollisionsarenaturalandexpectedoccurrencesonthistypeof
network,andtheydonotnecessarilysignifyaproblem.Ifyouuseaprotocolanalyzeror
othernetworkmonitoringtooltoanalyzethetrafficonanEthernetnetwork,youwillsee
thatacertainnumberofcollisionsalwaysoccur.
NOTEThetypeofpacketcollisiondescribedhereisnormalandexpected,but
thereisadifferenttype,calledalatecollision,thatsignifiesaserious
networkproblem.Thedifferencebetweenthetwotypesofcollisionsis
thatnormalcollisionsaredetectableandlatecollisionsarenot.Seethe
nextsection,“LateCollisions,”formoreinformation.
Normalpacketcollisionsbecomeaproblemonlywhentherearetoomanyofthem
andsignificantnetworkdelaysbegintoaccumulate.Thecombinationofthebackoff
intervalsandtheretransmissionofthepacketsthemselves(sometimesmorethanonce)
incursdelaysthataremultipliedbythenumberofpacketstransmittedbyeachcomputer
andbythenumberofcomputersonthenetwork.
ThefundamentalfaultoftheCSMA/CDmechanismwasthatthemoretrafficthere
wasonthenetwork,themorecollisionstherewerelikelytobe.Theutilizationofa
networkisbasedonthenumberofsystemsconnectedtoitandtheamountofdatathey
sendandreceiveoverthenetwork.Whenexpressedasapercentage,thenetwork
utilizationrepresentstheproportionofthetimethenetworkisactuallyinuse—thatis,the
amountoftimethatdataisactuallyintransit.OnanaverageEthernetnetwork,the
utilizationwaslikelytobesomewhereinthe30to40percentrange.Whentheutilization
increasestoapproximately80percent,thenumberofcollisionsincreasestothepointat
whichtheperformanceofthenetworknoticeablydegrades.Inthemostextremecase,
knownasacollapse,thenetworkissoheavilytrafficked,itisalmostperpetuallyinastate
ofcontention,waitingforcollisionstoberesolved.Thisconditioncanconceivablybe
causedbythecoincidentaloccurrenceofrepeatedcollisions,butitismorelikelytoresult
fromamalfunctioningnetworkinterfacethatiscontinuouslytransmittingbadframes
withoutpausingforcarriersenseorcollisiondetection.Anadapterinthisstateissaidto
bejabbering.
NOTEDatalinklayerprotocolsthatuseatoken-passingmediaaccesscontrol
mechanism,suchasTokenRingandFDDI,arenotsubjectto
performancedegradationcausedbyhigh-networktrafficlevels.Thisis
becausetheseprotocolsuseamechanismthatmakesitimpossiblefor
morethanonesystemonthenetworktotransmitatanyonetime.On
networkslikethese,collisionsarenotnormaloccurrencesandsignifya
seriousproblem.Formoreinformationontokenpassing,seeChapter12.
LateCollisions
ThephysicallayerspecificationsfortheEthernetprotocolaredesignedsothatthefirst64
bytesofeverypackettransmissioncompletelyfilltheentireaggregatelengthofcablein
thecollisiondomain.Thus,bythetimeanodehastransmittedthefirst64bytesofa
packet,everyothernodeonthenetworkhasreceivedatleastthefirstbitofthatpacket.At
thispoint,theothernodeswillnottransmittheirowndatabecausetheircarriersense
mechanismhasdetectedtrafficonthenetwork.
Itisessentialforthefirstbitofeachtransmittedpackettoarriveateverynodeonthe
networkbeforethelastbitleavesthesender.Thisisbecausethetransmittingsystemcan
detectacollisiononlywhileitisstilltransmittingdata.(Remember,onatwisted-pairor
fiber-opticnetwork,itisthepresenceofsignalsonthetransmitandreceivewiresatthe
sametimethatindicatesacollision.)Oncethelastbithasleftthesendingnode,thesender
considersthetransmissiontohavecompletedsuccessfullyanderasesthepacketfromthe
networkadapter’smemorybuffer.Itisbecauseofthiscollisiondetectionmechanismthat
everypackettransmittedonanEthernetnetworkmustbeatleast64bytesinlength,even
ifthesendingsystemhastopaditwithuseless(0)bitstoreachthatlength.
Ifacollisionshouldoccurafterthelastbithasleftthesendingnode,itiscalledalate
collision,orsometimesanout-of-windowcollision.(Todistinguishbetweenthetwotypes
ofcollisions,thenormallyoccurringtypewassometimescalledanearlycollision.)
Becausethesendingsystemhasnowayofdetectingalatecollision,itconsidersthe
packettohavebeentransmittedsuccessfully,eventhoughthedatahasactuallybeen
destroyed.Anydatalostasaresultofalatetransmissioncannotberetransmittedbyadata
linklayerprocess.ItisuptotheprotocolsoperatingathigherlayersoftheOSImodelto
detectthedatalossandtousetheirownmechanismstoforcearetransmission.This
processcantakeupto100timeslongerthananEthernetretransmission,whichisone
reasonwhythistypeofcollisionisaproblem.
Latecollisionsresultfromseveraldifferentcauses.Ifanetworkinterfaceadapter
shouldmalfunctionandtransmitapacketlessthan64byteslong(calledarunt),thelast
bitcouldleavethesenderbeforethepackethasfullypropagatedaroundtheInternet.In
othercases,theadapter’scarriersensemechanismmightfail,causingittotransmitatthe
wrongtime.Inbothinstances,youshouldreplacethemalfunctioningadapter.Another
possiblecauseoflatecollisionsisanetworkthatdoesnotfallwithintheEthernetcabling
guidelines.
PhysicalLayerGuidelines
TheEthernetspecificationsdefinenotonlythetypesofcableyoucanusewiththe
protocol,butalsotheinstallationguidelinesforthecable,suchasthemaximumlengthof
cablesegmentsandthenumberofhubsorrepeaterspermitted.Asexplainedearlier,the
configurationofthephysicallayermediumisacrucialelementoftheCSMA/CDmedia
accesscontrolmechanism.Iftheoveralldistancebetweentwosystemsonthenetworkis
toolongortherearetoomanyrepeaters,diminishedperformancecanresult,whichis
quitedifficulttodiagnoseandtroubleshoot.
Tables10-3and10-4displaythecablingguidelines,whichvaryforeachofthemedia
tocompensatefortheperformancecharacteristicsofthedifferentcabletypes.
Table10-3PhysicalLayerOptionsfor10MbpsEthernet
Table10-4PhysicalLayerOptionsforToday’sEthernetTypes
10Base-5(ThickEthernet)
ThickEthernet,orThickNet,usedRG-8coaxialcableinabustopologytoconnectupto
100nodestoasinglesegmentnomorethan500meterslong.Becauseitcanspanlong
distancesandiswellshielded,thickEthernetwascommonlyusedforbackbonenetworks
intheearlydaysofEthernet.However,RG-8cable,likeallofthecoaxialcablesusedin
Ethernetnetworks,cannotsupporttransmissionratesfasterthan10Mbps,whichlimitsits
utilityasabackbonemedium.Assoonasafasteralternativewasavailable(suchas
FDDI),mostnetworkadministratorsabandonedthickEthernet.However,althoughitis
hardlyeverusedanymore,thecomponentsofathickEthernetnetworkareagood
illustrationofthevariouscomponentsinvolvedinthephysicallayerofanEthernet
network.
ThecoaxialcablesegmentonathickEthernetnetworkshould,wheneverpossible,be
asingleunbrokenlengthofcable,oratleastbepiecedtogetherfromthesamespoolor
cablelotusingNconnectorsoneachcableendandanNbarrelconnectorbetweenthem.
Thereshouldbeasfewbreaksaspossibleinthecable,andifyoumustusecablefrom
differentlots,theindividualpiecesshouldbe23.4,70.2,or117meterslongtominimize
thesignalreflectionsthatmayoccur.Bothendsofthebusmustbeterminatedwitha50ohmresistorbuiltintoanNterminator,andthecableshouldbegroundedatone(andonly
one)endusingagroundingconnectorattachedtotheNterminator.
NOTEFormoreinformationonRG-8andallofthecablesusedtobuild
Ethernetnetworks,seeChapter4.
UnlikealloftheotherEthernetphysicallayeroptions,thethickEthernetcabledidnot
rundirectlytothenetworkinterfacecardinthePC.Thisisbecausethecoaxialcableitself
waslarge,heavy,andcomparativelyinflexible.Instead,theNICisconnectedtotheRG-8
trunkcablewithanothercable,calledtheattachmentunitinterface(AUI)cable.TheAUI
cablehas15-pinD-shellconnectorsatbothends,oneofwhichplugsdirectlyintotheNIC,
andtheotherintoamediumattachmentunit(MAU),alsoknownasatransceiver.The
MAUconnectstothecoaxialcableusingadevicecalledthemediumdependentinterface
(MDI),whichclampstothecableandmakesanelectricalconnectionthroughholescut
intotheinsulatingsheath.Becauseofthefanglikeappearanceoftheconnector,thisdevice
iscommonlyreferredtoasavampiretap.
NOTEDonotconfusetheMAUsusedonthickEthernetnetworkswiththe
multistationaccessunits(MAUs)usedashubsonTokenRingnetworks.
Themaximumof100nodesonathickEthernetcablesegment(and30
nodesonaThinNetsegment)isbasedonthenumberofMAUspresent
onthenetwork.BecauserepeatersincludetheirownMAUs,theycount
towardthemaximum.
NOTEIffornootherreason,theDIXEthernetstandardshouldbefondly
rememberedforusingmoresensiblenamesformanyofEthernet’s
technicalconcepts,suchascollisionratherthansignalqualityerror.The
DIXEthernetnameforthemediumattachmentunitisthetransceiver
(becauseitbothtransmitsandreceives),anditsnamefortheattachment
unitinterfacecableistransceivercable.
EachstandardAUIcableonathickEthernetnetworkcouldbeupto50meterslong,
whichprovidedforanaddeddegreeofflexibilityintheinstallation.StandardAUIcables
werethesamethicknessasthethickEthernetcoaxialandsimilarlyhardtoworkwith.
Therewerealsothinnerandmoreflexible“office-grade”AUIcables,butthesewere
limitedtoamaximumlengthof12.5meters.
The500-metermaximumlengthforthethickEthernetcablemadeitpossibleto
connectsystemsatcomparativelylongdistancesandprovidedexcellentprotectionagainst
interferenceandattenuation.Unfortunately,thecablewasdifficulttoworkwithandeven
hardertohide.Today,sitesthatrequirelongcablesegmentsorbetterinsulationareaptto
usefiberoptic.
10Base-2(ThinEthernet)
ThinEthernet,orThinNet,wassimilarinfunctionalitytoThickEthernet,exceptthatthe
cablewasRG-58coaxial,about5millimetersindiameter,andmuchmoreflexible.For
thinEthernet(andallotherEthernetphysicallayeroptionsexceptthickEthernet),the
MAU(transceiver)wasintegratedintothenetworkinterfacecardandnoAUIcablewas
needed.
ThinEthernetusedBayonetNeill-Concelman(BNC)connectorsandafittingcalleda
T-connectorthatattachestothenetworkcardinthePC.Thisconnectorissometimes
erroneouslycalledaBritishNavalConnectororBayonetNutConnector.Youcreatedthe
networkbusbyrunningacabletooneendoftheT-connector’scrossbarandthenusing
anothercableontheotherendofthecrossbartoconnecttothenextsystem,asshownin
Figure10-2.LikethickEthernet,athinEthernetnetworkmustbeterminatedand
grounded.Thetwosystemsattheendsofthebusmusthaveaterminatorcontaininga50ohmresistorononeendoftheirTstoterminatethebus,andoneend(only)shouldbe
connectedtoaground.
Figure10-2ThinEthernetnetworksusedT-connectorstoformasinglecablesegmentconnectingupto30computersin
abustopology.
NOTETheT-connectorsonanEthernetnetworkhadtobedirectlyconnected
tothenetworkinterfacecardsinthecomputers.Usingalengthofcableto
jointheT-connectortothecomputerwasnotpermitted.
Becausethecablewasthinner,thinEthernetwasmorepronetointerferenceand
attenuationandwaslimitedtoasegmentlengthof185metersandamaximumof30
nodes.Eachpieceofcableformingthesegmenthadtobeatleast0.5meterslong.
ConnectorfaultswereacommonoccurrenceonthinEthernetnetworksbecause
prefabricatedcableswererelativelyrare(comparedtotwistedpair),andtheBNC
connectorswereusuallycrimpedontotheRG-58cablesbynetworkadministrators,which
canbeatrickyprocess.Also,somecheapconnectorswerepronetoaconditioninwhich
anoxidelayerbuildsupbetweentheconductorsresultinginaseriousdegradationinthe
networkconnectivity.Theseconnectorswerenotoriouslysensitivetoimpropertreatment.
Anaccidentaltugorapersontrippingoveroneofthetwocablesconnectedtoeach
machineeasilyweakenedtheconnectionandcausedintermittenttransmissionproblems
thataredifficulttoisolateanddiagnose.
10Base-Tor100Base-T(Twisted-PairEthernet)
MostoftheEthernetnetworkstodayuseunshieldedtwisted-pair(UTP)cable,originally
knownintheEthernetworldas10Base-T,whichsolvedseveraloftheproblemsthat
plaguecoaxialcables.Today,thedifferencesareinthespeedoftransmission.
Amongotherthings,UTPEthernetnetworksare
•EasilyhiddenUTPcablescanbeinstalledinsidewalls,floors,andceilings
withstandardwallplatesprovidingaccesstothenetwork.Onlyasingle,thin
cablehastoruntothecomputer.PullingtoohardonaUTPcableinstalledinthis
mannerdamagesonlyaneasilyreplaceablepatchcableconnectingthecomputer
tothewallplate.
•FaulttolerantUTPnetworksuseastartopologyinwhicheachcomputer
hasitsowndedicatedcablerunningtothehub.Abreakinacableoraloose
connectionaffectsonlythesinglemachinetowhichitisconnected.
•UpgradeableUTPcableinstallationrunning10MbpsEthernetor100Mbps
Ethernetcanbeupgradedatalatertime.
Unshieldedtwisted-paircableconsistsoffourpairsofwiresinasinglesheath,with
eachpairtwistedtogetheratregularintervalstoprotectagainstcrosstalkand8-pinRJ-45
connectorsatbothends.Sincethisisn’tabusnetwork,noterminationorgroundingis
necessary.Both10Base-Tand100Base-TEthernetuseonlytwoofthefourwirepairsin
thecable,however:onepairfortransmittingdatasignals(TD)andoneforreceivingthem
(RD),withonewireineachpairhavingapositivepolarityandoneanegative.
Unlikecoaxialnetworks,10Base-Tcallsfortheuseofahub.Thisisadevicethat
functionsbothasawiringnexusandasasignalrepeater,towhicheachofthenodeson
thenetworkhasanindividualconnection(seeFigure10-3).Themaximumlengthforeach
cablesegmentis100meters,butbecausethereisnearlyalwaysaninterveninghubthat
repeatsthesignals,thetotaldistancebetweentwonodescanbeasmuchas200meters.
Figure10-310Base-Tnetworksusedahubtoconnectallthenetworknodesinastartopology.
UTPcablesaretypicallywiredstraightthrough,meaningthewireforeachpinis
connectedtothecorrespondingpinattheotherendofthecable.Fortwonodesto
communicate,however,theTDsignalsgeneratedbyeachmachinemustbedeliveredto
theRDconnectionsintheothermachine.Inmostcases,thisisaccomplishedbya
crossovercircuitwithinthehub.Youcanconnecttwocomputersdirectlytogetherwithout
ahubbyusingacrossovercable,though,whichconnectstheTDsignalsateachendto
theRDsignalsattheotherend.
NOTEFormoreinformationonnetworkcablesandtheirinstallation,see
Chapter4.Formoreinformationonhubsandrepeaters,seeChapter6.
Fiber-OpticEthernet
Fiber-opticcableisaradicaldeparturefromthecopper-based,physicallayeroptions
discussedsofar.Becauseitusespulsesoflightinsteadofelectriccurrent,fiberopticis
immunetoelectromagneticinterferenceandismuchmoreresistanttoattenuationthan
copper.Asaresult,fiber-opticcablecanspanmuchlongerdistances,andbecauseofthe
electricisolationitprovides,itissuitablefornetworklinksbetweenbuildings.Fiber-optic
cableisanexcellentmediumfordatacommunications,butinstallingandmaintainingitis
somewhatmoreexpensivethancopper,anditrequirescompletelydifferenttoolsand
skills.
Themediumitselfonafiber-opticEthernetnetworkistwostrandsof62.5/125
multimodefibercable,withonestrandusedtotransmitsignalsandonetoreceivethem.
Thereweretwomainfiber-opticstandardsfor10MbpsEthernet:theoriginalFOIRL
standardand10Base-F,whichdefinesthreedifferentfiber-opticconfigurationscalled
10Base-FL,10Base-FB,and10Base-FP.Ofallthesestandards,10Base-FLwasalwaysthe
mostpopular,butrunningfiber-opticcableat10Mbpsisanunderuseofthemedium’s
potentialthatbordersonthecriminal.Nowthat100Mbpsdatalinklayerprotocols,such
asFastEthernetandFDDI,runonthesamefiber-opticcable,thereisnoreasontouseany
oftheseslowersolutionsinanewinstallation.
FOIRL
Theoriginalfiber-opticstandardforEthernetfromtheearly1980swascalledtheFiberOpticInter-RepeaterLink(FOIRL).Itwasdesignedtofunctionasalinkbetweentwo
repeatersupto1,000metersaway.Intendedforuseincampusnetworks,FOIRLcould
jointwodistantnetworks,particularlythoseinadjacentbuildings,usingafiber-optic
cable.
10Base-FL
The10Base-FsupplementwasdevelopedbytheIEEE802.3committeetoprovidea
greatervarietyoffiber-opticalternativesforEthernetnetworks.Designedwithbackward
compatibilityinmind,10Base-FLwastheIEEEcounterparttoFOIRL.Itincreasedthe
maximumlengthofafiber-opticlinkto2,000metersandpermittedconnectionsbetween
tworepeaters,twocomputers,oracomputerandarepeater.
Asinallofthe10Base-Fspecifications,acomputerconnectedtothenetworkusesan
externalfiber-opticMAU(orFOMAU)andanAUIcableupto25meterslong.Theother
endofthecableconnectstoafiber-opticrepeatinghubthatprovidesthesamebasic
functionsasahubforcoppersegments.
CablingGuidelines
Inadditiontotheminimumandmaximumsegmentlengthsforthevarioustypesof
10BaseEthernetmedia,thestandardsimposedlimitsonthenumberofrepeatersyou
coulduseinasinglecollisiondomain.Thiswasnecessarytoensurethateverypacket
transmittedbyanEthernetnodebegantoreachitsdestinationbeforethelastbitleftthe
sender.Ifthedistancetraveledbyapacketwastoolong,thesenderwasunabletodetect
collisionsreliably,anddatalossescouldoccur.
LinkSegmentsandMixingSegments
Whendefiningthelimitsonthenumberofrepeatersallowedonthenetwork,the802.3
standarddistinguishesbetweentwotypesofcablesegments,calledlinksegmentsand
mixingsegments.Alinksegmentisalengthofcablethatjoinsonlytwonodes,whilea
mixingsegmentjoinsmorethantwo.
The5-4-3Rule
TheEthernetstandardsstatethat,inasingleEthernetcollisiondomain,theroutetaken
betweenanytwonodesonthenetworkcanconsistofnomorethanfivecablesegments,
joinedbyfourrepeaters,andonlythreeofthesegmentscanbemixingsegments.Thisis
knownastheEthernet5-4-3rule.Thisruleismanifestedindifferentways,dependingon
thetypeofcableusedforthenetworkmedium.
NOTEAcollisiondomainisdefinedasanetworkconfigurationonwhichtwo
nodestransmittingdataatthesametimewillcauseacollision.Theuseof
bridges,switches,orintelligenthubs,insteadofstandardrepeaters,does
notextendthecollisiondomainanddoesnotfallundertheEthernet5-4-3
rule.Ifyouhaveanetworkthathasreacheditsmaximumsizebecauseof
thisrule,youshouldconsiderusingoneofthesedevicestocreate
separatecollisiondomains.SeeChapter6formoreinformation.
Onacoaxialnetwork,whetheritwasthickorthinEthernet,youcouldhavefivecable
segmentsjoinedbyfourrepeaters.Onacoaxialnetwork,arepeaterhadonlytwoports
anddidnothingbutamplifythesignalasittraveledoverthecable.Asegmentisthe
lengthofcablebetweentworepeaters,eventhoughinthecaseofthinEthernetthe
segmentcouldconsistofmanyseparatelengthsofcable.Thisrulemeantthattheoverall
lengthofathickEthernetbus(calledthemaximumcollisiondomaindiameter)couldbe
2,500meters(500×5),whileathinEthernetbuscouldbeupto925meters(185×5)
long.
Oneitherofthesenetworks,however,onlythreeofthecablesegmentsactuallyhad
nodesconnectedtothem(seeFigure10-4).Youcanusethetwolinksegmentstojoin
mixingsegmentslocatedatsomedistancefromeachother,butyoucannotpopulatethem
withcomputersorotherdevices.
Figure10-4Coaxialnetworksconsistedofuptofivecablesegments,withonlythreeofthefiveconnectedtocomputers
orotherdevices.
UTPCabling
Ona10Base-TUTPnetwork,thesituationwasdifferent.Becausetherepeatersonthis
typeofnetworkwereactuallymultiporthubsorswitches,everycablesegmentconnecting
anodetothehubisalinksegment.Youcanhavefourhubsinacollisiondomainthatare
connectedtoeachotherandeachofwhichcanbeconnectedtoasmanynodesasthehub
cansupport(seeFigure10-5).Becausedatatravelingfromonenodetoanyothernode
passesthroughamaximumofonlyfourhubsandbecauseallthesegmentsarelink
segments,thenetworkisincompliancewiththeEthernetstandards.
Figure10-5Twisted-pairnetworksuselinksegmentstoconnecttothecomputers,makingitpossibletohavefour
populatedhubs.
NOTEOnepotentiallycomplicatingfactortothisarrangementwaswhenyou
connected10Base-ThubsusingthinEthernetcoaxialcable.Some
10Base-ThubsincludedBNCconnectorsthatenabledyoutouseabusto
chainmultiplehubstogether.Whenyoudidthiswithmorethantwohubs
connectedbyasinglecoaxialsegment,youwereactuallycreatinga
mixingsegment,andyouhadtocountthistowardthemaximumofthree
mixingsegmentspermittedonthenetwork.
The10Base-Fspecificationsincludedsomemodificationstothe5-4-3rule.Whenfive
cablesegmentswerepresentona10Base-Fnetworkconnectedbyfourrepeaters,FOIRL,
10Base-FL,and10Base-FBsegmentscouldbenomorethan500meterslong.10Base-FP
segmentscanbenomorethan300meterslong.
EthernetTimingCalculations
The5-4-3ruleisageneralguidelinethatisusuallyaccurateenoughtoensureyour
networkwillperformproperly.However,itisalsopossibletoassessthecomplianceofa
networkwiththeEthernetcablingspecificationsmorepreciselybycalculatingtwo
measurements:theround-tripsignaldelaytimeandtheinterframegapshrinkageforthe
worst-casepaththroughyournetwork.
Theround-tripsignaldelaytimeistheamountoftimeittakesabittotravelbetween
thetwomostdistantnodesonthenetworkandbackagain.Theinterframegapshrinkage
istheamountthenormal96-bitdelaybetweenpacketsisreducedbynetworkconditions,
suchasthetimerequiredforrepeaterstoreconstructasignalbeforesendingitonitsway.
Inmostcases,thesecalculationsareunnecessary;aslongasyoucomplywiththe5-43rule,yournetworkshouldfunctionproperly.Ifyouareplanningtoexpandacomplex
networktothepointatwhichitpushesthelimitsoftheEthernetguidelines,however,it
mightbeagoodideatogetaprecisemeasurementtoensurethateverythingfunctionsasit
should.Ifyouendupwithaseverelatecollisionproblemthatrequiresanexpensive
networkupgradetoremedy,yourbossisn’tlikelytowanttohearabouthowreliablethe54-3ruleusuallyis.
NOTECalculatingtheround-tripsignaldelaytimeandtheinterframegap
shrinkageforyournetworkisnotpartofaremedyforexcessivenumbers
ofearlycollisions.
FindingtheWorst-CasePath
Theworst-casepathistheroutedatatakeswhentravelingbetweenthetwomostdistant
nodesonthenetwork,bothintermsofsegmentlengthandnumberofrepeaters.Ona
relativelysimplenetwork,youcanfindtheworstcasepathbychoosingthetwonodeson
thetwooutermostnetworksegmentseitherthathavethelongestlinksegmentsconnecting
themtotherepeaterorthatareatthefarendsofthecablebus,asshowninFigure10-6.
Figure10-6Onasimplenetworkwithall10Base-Tsegments,theworst-casepathranbetweenthenodeswiththe
longestcablesonbothendsegments.
Onmorecomplexnetworksusingvarioustypesofcablesegments,youhavetoselect
severalpathstotestyournetwork.Inaddition,youmayhavetoaccountforthevariations
causedbyhavingdifferentcablesegmenttypesattheleftandrightendsofthepath.
Ifyournetworkiswelldocumented,youshouldhaveaschematiccontainingthe
precisedistancesofallyourcableruns.Youneedthesefigurestomakeyourcalculations.
Ifyoudon’thaveaschematic,determiningtheexactdistancesmaybethemostdifficult
partofthewholeprocess.Themostaccuratemethodfordeterminingthelengthofacable
runistouseamultifunctioncabletester,whichutilizesatechniquecalledtimedomain
reflectometry(TDR).TDRissimilartoradar,inthattheunittransmitsatestsignal,
preciselymeasuresthetimeittakesthesignaltotraveltotheotherendofthecableand
backagain,andthenusesthisinformationtocomputethecable’slength.Ifyoudon’thave
acabletesterwithTDRcapabilities,youcanmeasurethecablelengthsmanuallyby
estimatingthedistancesbetweentheconnectors.Thiscanbeparticularlydifficultwhen
cablesareinstalledinsidewallsandceilingsbecausetheremaybeunseenobstaclesthat
extendthelengthofthecable.Ifyouusethismethod,youshoulderronthesideof
cautionandincludeanadditionaldistancefactortoaccountforpossibleerrors.
Alternatively,youcansimplyusethemaximumallowablecabledistancesforthevarious
cablesegments,aslongasyouaresurethecablerunsdonotexceedtheEthernet
standard’smaximumsegmentlengthspecifications.
Onceyouhavedeterminedtheworst-casepath(orpaths)youwilluseforyour
calculations,it’sagoodideatocreateasimplediagramofeachpathwiththecable
distancesinvolved.Eachpathwillhaveleftandrightendsegmentsandmayhaveoneor
moremiddlesegments.Youwillthenperformyourcalculationsontheindividual
segmentsandcombinetheresultstotesttheentirepath.
ExceedingEthernetCablingSpecifications
TheEthernetspecificationshaveacertainamountofleewaybuiltintothemthatmakesit
possibletoexceedthecablinglimitations,withinreason.Ifanetworkhasanextrarepeater
oracablethat’salittletoolong,itwillprobablycontinuetofunctionwithoutcausingthe
latecollisionsthatoccurwhenthespecificationsaregrosslyexceeded.Youcanseehow
thisissobycalculatingtheactualamountofcoppercablefilledbyanEthernetsignal.
Electricalsignalspassingthroughacoppercabletravelatapproximately200,000,000
meters/second(2/3ofthespeedoflight).Ethernettransmitsat10Mbps,or10,000,000
bits/second.Bydividing200,000,000by10,000,000,youarriveatafigureof20metersof
cableforeverytransmittedbit.Thus,thesmallestpossibleEthernetframe,whichis512
bits(64bytes)long,occupies10,240metersofcoppercable.
IfyoutakethelongestpossiblelengthofcoppercablepermittedbytheEthernet
standards,a500-meterthickEthernetsegment,youcanseethattheentire500meters
wouldbefilledbyonly25bitsofdata(at20meters/bit).Twonodesatthefarendsofthe
segmentwouldhavearound-tripdistanceof1,000meters.
Whenoneofthetwonodestransmits,acollisioncanoccuronlyiftheothernodealso
beginstransmittingbeforethesignalreachesit.Ifyougrantthatthesecondnodebegins
transmittingatthelastpossiblemomentbeforethefirsttransmissionreachesit,thenthe
firstnodecansendnomorethan50bits(occupying1,000metersofcable,500downand
500back)beforeitdetectsthecollisionandceasestransmitting.Obviously,this50bitsis
wellbelowthe512-bitbarrierthatseparatesearlyfromlatecollisions.
Ofcourse,thisexampleinvolvesonlyonesegment.Butevenifyouextendathick
Ethernetnetworktoitsmaximumcollisiondomaindiameter—fivesegmentsof500
meterseach,or2,500meters—anodewouldstilltransmitonly250bits(occupying5,000
metersofcable,2,500downand2,500back)beforedetectingacollision.
Thus,youcanseethattheEthernetspecificationsfortheround-tripsignaldelaytime
arefullytwiceasstrictastheyneedtobeinthecaseofathickEthernetnetwork.Forthe
othercoppermedia,thinEthernetand10Base-T,thespecificationsareevenmorelax
becausethemaximumsegmentlengthsaresmaller,whilethesignalingspeedremainsthe
same.Forafull-lengthfive-segment10Base-Tnetworkonly500meterslong,the
specificationistentimesstricterthanitneedstobe.
Thisisnottosaythatyoucansafelydoublethemaximumcablelengthsonyour
networkacrosstheboardorinstalladozenrepeaters(althoughitispossibletosafely
lengthenthesegmentsona10Base-Tnetworkupto150metersifyouuseCategory5
UTPcableinsteadofCategory3).Otherfactorscanaffecttheconditionsonyournetwork
tobringitclosertothelimitsdefinedbythespecifications.Infact,thesignaltimingisnot
asmuchofarestrictingfactoron10MbpsEthernetinstallationsasisthesignalstrength.
Theweakeningofthesignalduetoattenuationisfarmorelikelytocauseperformance
problemsonanoverextendednetworkthanareexcesssignaldelaytimes.Thepointhereis
todemonstratethatthedesignersoftheEthernetprotocolbuiltasafetyfactorintothe
networkfromthebeginning,perhapspartiallyexplainingwhyitcontinuestoworksowell
morethan20yearslater.
TheEthernetFrame
TheEthernetframeisthesequenceofbitsthatbeginsandendseveryEthernetpacket
transmittedoveranetwork.Theframeconsistsofaheaderandfooterthatsurroundand
encapsulatethedatageneratedbytheprotocolsoperatingathigherlayersoftheOSI
model.Theinformationintheheaderandfooterspecifiestheaddressesofthesystem
sendingthepacketandthesystemthatistoreceiveitandalsoperformsseveralother
functionsthatareimportanttothedeliveryofthepacket.
TheIEEE802.3Frame
ThebasicEthernetframeformat,asdefinedbytheIEEE802.3standard,isshownin
Figure10-7.Thefunctionsoftheindividualfieldsarediscussedinthefollowingsections.
Figure10-7TheEthernetframeenclosesthedatapasseddowntheprotocolstackfromthenetworklayerandpreparesit
fortransmission.
PreambleandStartofFrameDelimiter
Thepreambleconsistsof7bytesofalternatingzerosandones,whichthesystemsonthe
networkusetosynchronizetheirclocksandthendiscard.TheManchesterencoding
schemeEthernetusesrequirestheclocksoncommunicatingsystemstobeinsyncsothat
theybothagreeonhowlongabittimeis.Systemsinidlemode(thatis,notcurrently
transmittingandnotintheprocessofrectifyingacollision)areincapableofreceivingany
datauntiltheyusethesignalsgeneratedbythealternatingbitvaluesofthepreambleto
preparefortheforthcomingdatatransmission.
NOTEFormoreinformationonManchesterencodingandthesignalingthat
occursatthephysicallayer,seeChapter2.
Bythetimethe7bytesofthepreamblehavebeentransmitted,thereceivingsystem
hassynchronizeditsclockwiththatofthesender,butthereceiverisalsounawareofhow
manyofthe7byteshaveelapsedbeforeitfellintosync.Tosignalthecommencementof
theactualpackettransmission,thesendertransmitsa1-bytestartofframedelimiter,
whichcontinuesthealternatingzerosandones,exceptforthelasttwobits,whichareboth
ones.Thisisthesignaltothereceiverthatanydatafollowingispartofadatapacketand
shouldbereadintothenetworkadapter’smemorybufferforprocessing.
DestinationAddressandSourceAddress
AddressingisthemostbasicfunctionoftheEthernetframe.Becausetheframecanbesaid
toformanenvelopeforthenetworklayerdatacarriedinsideit,itisonlyfittingthatthe
envelopehaveanaddress.TheaddressestheEthernetprotocolusestoidentifythesystems
onthenetworkare6byteslongandhard-codedintothenetworkinterfaceadaptersineach
machine.TheseaddressesarereferredtoashardwareaddressesorMACaddresses.The
hardwareaddressoneveryEthernetadaptermadeisunique.TheIEEEassigns3-byte
prefixestoNICmanufacturersthatitcallsorganizationallyuniqueidentifiers(OUIs),and
themanufacturerssupplytheremaining3bytes.Whentransmittingapacket,itisthe
networkadapterdriveronthesystemthatgeneratesthevaluesforthedestinationaddress
andsourceaddressfields.
Thedestinationaddressfieldidentifiesthesystemtowhichthepacketisbeingsent.
Theaddressmayidentifytheultimatedestinationofthepacketifit’sonthelocalnetwork,
ortheaddressmaybelongtoadevicethatprovidesaccesstoanothernetwork,suchasa
router.Addressesatthedatalinklayeralwaysidentifythepacket’snextstoponthelocal
network.Itisuptothenetworklayertocontrolend-to-endtransmissionandtoprovidethe
addressofthepacket’sultimatedestination.
EverynodeonasharedEthernetnetworkreadsthedestinationaddressfromthe
headerofeverypackettransmittedbyeverysystemonthenetworktodeterminewhether
theheadercontainsitsownaddress.Asystemreadingtheframeheaderandrecognizing
itsownaddressthenreadstheentirepacketintoitsmemorybuffersandprocessesit
accordingly.Adestinationaddressofallonessignifiesthatthepacketisabroadcast,
meaningitisintendedforallofthesystemsonthenetwork.Certainaddressescanalsobe
designatedasmulticastaddressesbythenetworkingsoftwareonthesystem.Amulticast
addressidentifiesagroupofsystemsonthenetwork,allofwhicharetoreceivecertain
messages.
Thesourceaddressfieldcontainsthe6-byteMACaddressofthesystemsendingthe
packet.(Thespecificationsallowfor2-byteaddressesaswell.)
Length
Thelengthfieldinan802.3frameis2byteslongandspecifieshowmuchdataisbeing
carriedasthepacket’spayloadinbytes.Thisfigureincludesonlytheactualupper-layer
datainthepacket.Itdoesnotincludetheframefieldsfromtheheaderorfooterorany
paddingthatmighthavebeenaddedtothedatafieldtoreachtheminimumsizeforan
Ethernetpacket(64bytes).ThemaximumsizeforanEthernetpacket,includingthe
frame,is1,518bytes.Becausetheframeconsistsof18bytes,themaximumvalueforthe
lengthfieldis1,500.
DataandPad
Thedatafieldcontainsthepayloadofthepacket—thatis,the“contents”oftheenvelope.
Aspasseddownfromthenetworklayerprotocol,thedatawillincludeanoriginalmessage
generatedbyanupper-layerapplicationorprocess,plusanyheaderinformationaddedby
theprotocolsintheinterveninglayers.Inaddition,an802.3packetwillcontainthe3-byte
logicallinkcontrolheaderinthedatafield.
Forexample,thepayloadofapacketcontaininganInternethostnametoberesolved
intoanIPaddressbyaDNSserverconsistsoftheoriginalDNSmessagegeneratedatthe
applicationlayer,aheaderappliedbytheUDPprotocolatthetransportlayer,aheader
appliedbytheIPprotocolatthenetworklayer,andtheLLCheader.Althoughthesethree
additionalheadersarenotpartoftheoriginalmessage,totheEthernetprotocoltheyare
justpayloadthatiscarriedinthedatafieldlikeanyotherinformation.Justaspostal
workersarenotconcernedwiththecontentsoftheenvelopestheycarry,theEthernet
protocolhasnoknowledgeofthedatawithintheframe.
TheentireEthernetpacket(excludingthepreambleandthestartofframedelimiter)
mustbeaminimumof64bytesinlengthfortheprotocol’scollisiondetectionmechanism
tofunction.
Therefore,subtracting18bytesfortheframe,thedatafieldmustbeatleast46byteslong.
Ifthepayloadpasseddownfromthenetworklayerprotocolistooshort,theEthernet
adapteraddsastringofmeaninglessbitstopadthedatafieldouttotherequisitelength.
ThemaximumallowablelengthforanEthernetpacketis1,518bytes,meaningthe
datafieldcanbenolargerthan1,500bytes(includingtheLLCheader).
FrameCheckSequence
Thelast4bytesoftheframe,followingthedatafield(andthepad,ifany),carrya
checksumvaluethereceivingnodeusestodeterminewhetherthepackethasarrived
intact.Justbeforetransmission,thenetworkadapteratthesendingnodecomputesacyclic
redundancycheck(CRC)onallofthepacket’sotherfields(exceptforthepreambleand
thestartofframedelimiter)usinganalgorithmcalledtheAUTODINIIpolynomial.The
valueoftheCRCisuniquelybasedonthedatausedtocomputeit.
Whenthepacketarrivesatitsdestination,thenetworkadapterinthereceivingsystem
readsthecontentsoftheframeandperformsthesamecomputation.Bycomparingthe
newlycomputedvaluewiththeoneintheFCSfield,thesystemcanverifythatnoneof
thepacket’sbitvalueshaschanged.Ifthevaluesmatch,thesystemacceptsthepacketand
writesittothememorybuffersforprocessing.Ifthevaluesdon’tmatch,thesystem
declaresanalignmenterroranddiscardstheframe.Thesystemwillalsodiscardtheframe
ifthenumberofbitsinthepacketisnotamultipleof8.Onceaframeisdiscarded,itisup
tothehigher-layerprotocolstorecognizeitsabsenceandarrangeforretransmission.
TheEthernetIIFrame
Thefunctionofthe2-bytefieldfollowingthesourceaddresswasdifferentintheframe
formatsofthetwopredominantEthernetstandards.Whilethe802.3frameusesthisfield
tospecifythelengthofthedatainthepacket,theEthernetIIstandardusedittospecify
theframetype,alsocalledtheEthertype.TheEthertypespecifiesthememorybufferin
whichtheframeshouldbestored.Thelocationofthememorybufferspecifiedinthisfield
identifiesthenetworklayerprotocolforwhichthedatacarriedintheframeisintended.
Thisisacrucialelementofeveryprotocoloperatinginthedatalink,network,and
transportlayersofasystem’snetworkingstack.Thedatainthepacketmustbedelivered
notonlytothepropersystemonthenetwork,butalsototheproperapplicationorprocess
onthatsystem.Becausethedestinationcomputercanberunningmultipleprotocolsatthe
networklayeratthesametime,suchasIP,NetBEUI,andIPX,theEthertypefieldinforms
theEthernetadapterdriverwhichoftheseprotocolsshouldreceivethedata.
WhenasystemreadstheheaderofanEthernetpacket,theonlywaytotellanEthernet
IIframefroman802.3framewasbythevalueofthelength/Ethertypefield.Becausethe
valueofthe802.3lengthfieldcanbenohigherthan1,500(0x05DC,inhexadecimal
notation),theEthertypevaluesassignedtothedevelopersofthevariousnetworklayer
protocolsareallhigherthan1,500.
TheLogicalLinkControlSublayer
TheIEEEsplitsthefunctionalityofthedatalinklayerintotwosublayers:mediaaccess
controlandlogicallinkcontrol.OnanEthernetnetwork,theMACsublayerincludes
elementsofthe802.3standard:thephysicallayerspecifications,theCSMA/CD
mechanism,andthe802.3frame.ThefunctionsoftheLLCsublayeraredefinedinthe
802.2standard,whichisalsousedwiththeother802MACstandards.
TheLLCsublayeriscapableofprovidingavarietyofcommunicationsservicesto
networklayerprotocols,includingthefollowing:
•UnacknowledgedconnectionlessserviceMultisourceagreements(MSA)
simpleservicethatprovidesnoflowcontrolorerrorcontrolanddoesnot
guaranteeaccuratedeliveryofdata
•Connection-orientedserviceMSAfullyreliableservicethatguarantees
accuratedatadeliverybyestablishingaconnectionwiththedestinationbefore
transmittingdataandbyusingerrorandflowcontrolmechanisms
•AcknowledgedconnectionlessserviceMSAmidrangeservicethatuses
acknowledgmentmessagestoprovidereliabledeliverybutthatdoesnotestablish
aconnectionbeforetransmittingdata
Onatransmittingsystem,thedatapasseddownfromthenetworklayerprotocolis
encapsulatedfirstbytheLLCsublayerintowhatthestandardcallsaprotocoldataunit
(PDU).ThenthePDUispasseddowntotheMACsublayer,whereitisencapsulated
againinaheaderandfooter,atwhichpointitcantechnicallybecalledaframe.Inan
Ethernetpacket,thismeansthedatafieldofthe802.3framecontainsa3-or4-byteLLC
header,inadditiontothenetworklayerdata,thusreducingthemaximumamountofdata
ineachpacketfrom1,500to1,496bytes.
TheLLCheaderconsistsofthreefields,thefunctionsofwhicharedescribedinthe
followingsections.
DSAPandSSAP
Thedestinationserviceaccesspoint(DSAP)fieldidentifiesalocationinthememory
buffersonthedestinationsystemwherethedatainthepacketshouldbestored.Thesource
serviceaccesspoint(SSAP)fielddoesthesameforthesourceofthepacketdataonthe
transmittingsystem.Bothofthese1-bytefieldsusevaluesassignedbytheIEEE,which
functionsastheregistrarfortheprotocol.
InanEthernetSNAPpacket,thevalueforboththeDSAPandSSAPfieldsis170(or
0xAA,inhexadecimalform).ThisvalueindicatesthatthecontentsoftheLLCPDUbegin
withaSubnetworkAccessProtocol(SNAP)header.TheSNAPheaderprovidesthesame
functionalityastheEthertypefieldtothe802.3frame.
Control
ThecontrolfieldoftheLLCheaderspecifiesthetypeofserviceneededforthedatainthe
PDUandthefunctionofthepacket.Dependingonwhichoftheservicesisrequired,the
controlfieldcanbeeither1or2byteslong.InanEthernetSNAPframe,forexample,the
LLCusestheunacknowledged,connectionlessservice,whichhasa1-bytecontrolfield
valueusingwhatthestandardcallstheunnumberedformat.Thevalueforthecontrolfield
is3,whichisdefinedasanunnumberedinformationframe—thatis,aframecontaining
data.Unnumberedinformationframesarequitesimpleandsignifyeitherthatthepacket
containsanoncriticalmessageorthatahigher-layerprotocolissomehowguaranteeing
deliveryandprovidingotherhigh-levelservices.
Theothertwotypesofcontrolfields(whichare2byteseach)aretheinformation
formatandthesupervisoryformat.Thethreecontrolfieldformatsaredistinguishedby
theirfirstbits,asfollows:
•Theinformationformatbeginswitha0bit.
•Thesupervisoryformatbeginswitha1bitanda0bit.
•Theunnumberedformatbeginswithtwo1bits.
TheremainderofthebitsspecifytheprecisefunctionofthePDU.Inamorecomplex
exchangeinvolvingtheconnection-orientedservice,unnumberedframescontain
commands,suchasthoseusedtoestablishaconnectionwiththeothersystemand
terminateitattheendofthetransmission.Thecommandstransmittedinunnumbered
framesareasfollows:
•Unnumberedinformation(UI)Usedtosenddataframesbythe
unacknowledged,connectionlessservice
•Exchangeidentification(XID)Usedasbothacommandandaresponsein
theconnection-orientedandconnectionlessservices
•TESTUsedasbothacommandandaresponsewhenperforminganLLC
loopbacktest
•Framereject(FRMR)Usedasaresponsewhenaprotocolviolationoccurs
•SetAsynchronousBalancedModeExtended(SABME)Usedtorequest
thataconnectionbeestablished
•Unnumberedacknowledgment(UA)Usedasthepositiveresponsetothe
SABMEmessage
•Disconnectmode(DM)UsedasanegativeresponsetotheSABME
message
•Disconnect(DISC)Usedtorequestthataconnectionbeclosed;aresponse
ofeitherUAorDMisexpected
Informationframescontaintheactualdatatransmittedduringconnection-orientedand
acknowledgedconnectionlesssessions,aswellastheacknowledgmentmessagesreturned
bythereceivingsystem.Onlytwotypesofmessagesaresentininformationframes:N(S)
andN(R)forthesendandreceivepackets,respectively.Bothsystemstrackthesequence
numbersoftheframestheyreceive.AnN(S)messageletsthereceiverknowhowmany
packetsinthesequencehavebeensent,andanN(R)messageletsthesenderknowwhat
packetinthesequenceitexpectstoreceive.
Supervisoryframesareusedonlybytheconnection-orientedserviceandprovide
connectionmaintenanceintheformofflowcontrolanderror-correctionservices.The
typesofsupervisorymessagesareasfollows:
•Receiverready(RR)Usedtoinformthesenderthatthereceiverisreadyfor
thenextframeandtokeepaconnectionalive
•Receivernotready(RNR)Usedtoinstructthesendernottosendanymore
packetsuntilthereceivertransmitsanRRmessage
•Framereject(REJ)Usedtoinformthesenderofanerrorandrequest
retransmissionofallframessentafteracertainpoint
LLCApplications
Insomecases,theLLCframeplaysonlyaminorroleinthenetworkcommunications
process.OnanetworkrunningTCP/IPalongwithotherprotocols,forexample,theonly
functionofLLCmaybetoenable802.3framestocontainaSNAPheader,whichspecifies
thenetworklayerprotocoltheframeshouldgoto,justliketheEthertypeinanEthernetII
frame.Inthisscenario,theLLCPDUsallusetheunnumberedinformationformat.Other
high-levelprotocols,however,requiremoreextensiveservicesfromLLC.
TheSNAPHeader
BecausetheIEEE802.3frameheaderdoesnothaveanEthertypefield,itwouldnormally
beimpossibleforareceivingsystemtodeterminewhichnetworklayerprotocolshould
receivetheincomingdata.Thiswouldnotbeaproblemifyouranonlyonenetworklayer
protocol,butwithmultipleprotocolsinstalled,itbecomesaseriousproblem.802.3
packetsaddressthisproblembyusingyetanotherprotocolwithintheLLCPDU,called
theSubnetworkAccessProtocol.
TheSNAPheaderis5byteslongandfounddirectlyaftertheLLCheaderinthedata
fieldofan802.3frame.Thefunctionsofthefieldsareasfollows:
•OrganizationcodeTheorganizationcode,orvendorcode,isa3-bytefield
thattakesthesamevalueasthefirst3bytesofthesourceaddressinthe802.3
header.
•LocalcodeThelocalcodeisa2-bytefieldthatisthefunctionalequivalent
oftheEthertypefieldintheEthernetIIheader.
NOTEMany,ifnotall,oftheregisteredvaluesfortheNIChardwareaddress
prefixes,theEthertypefield,andtheDSAP/SSAPfieldsarelistedinthe
“AssignedNumbers”documentpublishedasarequestforcomments
(RFC)bytheInternetEngineeringTaskForce(IETF).Findthecurrent
versionnumberforthisdocumentatwww.ietf.org/rfc.html.
Full-DuplexEthernet
TheCSMA/CDmediaaccesscontrolmechanismisthedefiningelementoftheEthernet
protocol,butitisalsothesourceofmanyofitslimitations.Thefundamentalshortcoming
oftheEthernetprotocolisthatdatacantravelinonlyonedirectionatatime.Thisis
knownashalf-duplexoperation.Withspecialhardware,itisalsopossibletorunEthernet
connectionsinfull-duplexmode,meaningthatthedevicecantransmitandreceivedata
simultaneously.Thiseffectivelydoublesthebandwidthofthenetwork.Full-duplex
capabilityforEthernetnetworkswasstandardizedinthe802.3xsupplementtothe802.3
standardin1997.
Whenoperatinginfull-duplexmode,theCSMA/CDMACmechanismisignored.
Systemsdonotlistentothenetworkbeforetransmitting;theysimplysendtheirdata
whenevertheywant.Becausebothofthesystemsinafull-duplexlinkcantransmitand
receivedataatthesametime,thereisnopossibilityofcollisionsoccurring.Becauseno
collisionsoccur,thecablingrestrictionsintendedtosupportthecollisiondetection
mechanismarenotneeded.Thismeansyoucanhavelongercablesegmentsonafullduplexnetwork.Theonlylimitationisthesignaltransmittingcapability(thatis,the
resistancetoattenuation)ofthenetworkmediumitself.
ThisisaparticularlyimportantpointonaFastEthernetnetworkusingfiber-optic
cablebecausethecollisiondetectionmechanismisresponsibleforitsrelativelyshort
maximumsegmentlengths.Whileahalf-duplex100Base-FXlinkbetweentwodevices
canbeamaximumofonly412meterslong,thesamelinkoperatinginfull-duplexmode
canbeupto2,000meters(2km)longbecauseitisrestrictedonlybythestrengthofthe
signal.A100Base-FXlinkusingsingle-modefiber-opticcablecanspandistancesof20
kmormore.Thesignalattenuationontwisted-pairnetworks,however,makes10Base-T,
100Base-TX,and1000Base-Tnetworksstillsubjecttothe100-metersegmentlength
restriction.
Full-DuplexRequirements
Therearethreerequirementsforfull-duplexEthernetoperation:
•Anetworkmediumwithseparatetransmitandreceivechannels
•Adedicatedlinkbetweentwosystems
•Networkinterfaceadaptersandswitchesthatsupportfull-duplexoperation
Full-duplexEthernetispossibleonlyonlinksegmentsthathaveseparatechannelsfor
thecommunicationsineachdirection.Thismeansthattwisted-pairandfiber-optic
networkscansupportfull-duplexcommunicationsusingregular,Fast,andGigabit
Ethernet,butcoaxialcablecannot.OftheEthernetvariantsusingtwisted-pairandfiberopticcables,10Base-FBand10Base-FPdidnotsupportfull-duplex(whichisnotagreat
loss,sincenooneusedthem),nordoes100Base-T4(whichisalsorarelyused).Allofthe
othernetworktypessupportfull-duplexcommunications.
Full-duplexEthernetalsorequiresthateverytwocomputershaveadedicatedlink
betweenthem.Thismeansyoucan’tuserepeatinghubsonafull-duplexnetworkbecause
thesedevicesoperateinhalf-duplexmodebydefinitionandcreateasharednetwork
medium.Instead,youmustuseswitches,alsoknownasswitchinghubs,whicheffectively
isolateeachpairofcommunicatingcomputersonitsownnetworksegmentandprovide
thepacket-bufferingcapabilitiesneededtosupportbidirectionalcommunications.
Finally,eachofthedevicesonafull-duplexEthernetnetworkmustsupportfullduplexcommunicationsandbeconfiguredtouseit.Switchesthatsupportfull-duplexare
readilyavailable,asareFastEthernetNICs.Full-duplexoperationisanessential
componentof1000Base-TGigabitEthernet,andmany1000Base-XGigabitEthernet
adapterssupportfull-duplexaswell.Ensuringthatyourfull-duplexequipmentisactually
operatinginfull-duplexmodecansometimesbetricky.Autonegotiationisdefinitelythe
easiestwayofdoingthis;dual-speedFastEthernetequipmentautomaticallygivesfullduplexoperationpriorityoverhalf-duplexatthesamespeed.However,adaptersand
switchesthatdonotsupportmultiplespeedsmaynotincludeautonegotiation.For
example,virtuallyall100Base-TXNICsaredualspeed,supportingboth10and100Mbps
transmissions.AutonegotiationisalwayssupportedbytheseNICs,whichmeansthat
simplyconnectingtheNICtoafull-duplexswitchwillenablefull-duplex
communications.FastEthernetNICsthatusefiber-opticcables,however,areusually
single-speeddevicesandmayormaynotincludeautonegotiationcapability.Youmay
havetomanuallyconfiguretheNICbeforeitwillusefull-duplexcommunications.
Full-DuplexFlowControl
Theswitchinghubsonfull-duplexEthernetnetworkshavetobeabletobufferpacketsas
theyreadthedestinationaddressineachoneandperformtheinternalswitchingneededto
senditonitsway.Theamountofbuffermemoryinaswitchis,ofcourse,finite,andasa
result,it’spossibleforaswitchtobeoverwhelmedbytheconstantinputofdatafrom
freelytransmittingfull-duplexsystems.Therefore,the802.3xsupplementdefinesan
optionalflowcontrolmechanismthatfull-duplexsystemscanusetomakethesystemat
theotherendofalinkpauseitstransmissionstemporarily,enablingtheotherdeviceto
catchup.
Thefull-duplexflowcontrolmechanismiscalledtheMACControlprotocol,which
takestheformofaspecializedframethatcontainsaPAUSEcommandandaparameter
specifyingthelengthofthepause.TheMACControlframeisastandardEthernetframe
ofminimumlength(64bytes)withthehexadecimalvalue8808intheEthertypeorSNAP
LocalCodefield.Theframeistransmittedtoaspecialmulticastaddress(01-80-C2-00-0001)designatedforusebyPAUSEframes.ThedatafieldoftheMACControlframe
containsa2-byteoperationalcode(opcode)withahexadecimalvalueof0001,indicating
thatitisaPAUSEframe.Atthistime,thisistheonlyvalidMACControlopcodevalue.A
2-bytepause-timeparameterfollowstheopcode,whichisanintegerspecifyingthe
amountoftimethereceivingsystemsshouldpausetheirtransmissions,measuredinunits
calledquanta,eachofwhichisequalto512bittimes.Therangeofpossiblevaluesforthe
pause-timeparameteris0to65,535.
Full-DuplexApplications
Full-duplexEthernetcapabilitiesaremostoftenprovidedinFastEthernetandGigabit
Ethernetadaptersandswitches.Whilefull-duplexoperationtheoreticallydoublesthe
bandwidthofanetwork,theactualperformanceimprovementthatyourealizedependson
thenatureofthecommunicationsinvolved.Upgradingadesktopworkstationtofull
duplexwillprobablynotprovideadramaticimprovementinperformance.Thisisbecause
desktopcommunicationstypicallyconsistofrequest/responsetransactionsthatare
themselveshalf-duplexinnature,andprovidingafull-duplexmediumwon’tchangethat.
Full-duplexoperationisbettersuitedtothecommunicationsbetweenswitchesona
backbone,whicharecontinuallycarryinglargeamountsoftrafficgeneratedbycomputers
alloverthenetwork.
CHAPTER
11 100BaseEthernetandGigabit
Ethernet
100BaseEthernetandGigabitEthernetaretoday’s100and1,000Mbpsvariantsofthe
Ethernetprotocol,respectively.Althoughsimilarto10BaseEthernetinmanyways,the
100Baseprotocolshavesomeconfigurationissuesthatyoumustbeawareofinorderto
design,install,andadministerthenetworksthatusethem.
100BaseEthernet
TheIEEE802.3uspecification,ratifiedin1995,definedwhatiscommonlyknownas
100BaseEthernet,adatalinklayerprotocolrunningat100Mbps,whichistentimesthe
speedoftheoriginalEthernetprotocol.Thisisnowtheindustrystandardformanynew
installations,largelybecauseitimprovesnetworkperformancesomuchwhilechangingso
little.
100BaseEthernetlefttwoofthethreedefiningelementsofanEthernetnetwork
unchanged.TheprotocolusesthesameframeformatasIEEE802.3andthesame
CSMA/CDmediaaccesscontrolmechanism.Thechangesthatenabletheincreasein
speedareinseveralelementsofthephysicallayerconfiguration,includingthetypesof
cableused,thelengthofcablesegments,andthenumberofhubspermitted.
PhysicalLayerOptions
Thefirstdifferencebetween10Baseand100BaseEthernetwasthatcoaxialcablewasno
longersupported.100BaseEthernetrunsonlyonUTPorfiber-opticcable,although
shieldedtwisted-pair(STP)isanoptionaswell.GonealsowastheManchestersignaling
scheme,tobereplacedbythe4B/5BsystemdevelopedfortheFiberDistributedData
Interface(FDDI)protocol.Thephysicallayeroptionsdefinedin802.3uwereintendedto
providethemostflexibleinstallationparameterspossible.Virtuallyeveryaspectofthe
100BaseEthernetprotocol’sphysicallayerspecificationswasdesignedtofacilitate
upgradesfromearliertechnologiesand,particularly,from10Base-T.Inmanycases,
existingUTPnetworksupgradedto100BaseEthernetwithoutpullingnewcable.Theonly
exceptiontothiswasincasesofnetworksthatspannedlongerdistancesthan100Base
Ethernetcouldsupportwithcoppercabling.
100BaseEthernetdefinedthreephysicallayerspecifications,asshowninTable11-1.
Table11-1IEEE802.3uPhysicalLayerSpecifications
Inadditiontotheconnectorsshownforeachofthecabletypes,the802.3ustandard
describedamedium-independentinterface(MII)thatuseda40-pinD-shellconnector.
TakingfromthedesignoftheoriginalthickEthernetstandard,theMIIconnectedtoan
externaltransceivercalledaphysicallayerdevice(PHY),which,inturn,connectedtothe
networkmedium.TheMIImadeitpossibletobuilddevicessuchashubsandcomputers
thatintegrated100BaseEthernetadaptersbutwerenotcommittedtoaparticularmedia
type.BysupplyingdifferentPHYunits,youcouldconnectthedevicetoa100Base
Ethernetnetworkusinganysupportedcabletype.SomePHYdevicesconnecteddirectly
totheMII,whileothersusedacablenotunliketheAUIcablearrangementinthick
Ethernet.Whenthiswasthecase,theMIIcablecouldbenomorethan0.5meterslong.
Mostofthe100BaseEthernethardwareonthemarkettodayusesinternaltransceivers
anddoesnotneedanMIIconnectororcable,butafewproductsdotakeadvantageofthis
interface.
100Base-TX
UsingstandardsforphysicalmediadevelopedbytheAmericanNationalStandards
Institute(ANSI),100Base-TXanditsfiber-opticcounterpart,100Base-FX,wereknown
collectivelyas100Base-X.Theyprovidedthecorephysicallayerguidelinesfornewcable
installations.Like10Base-T,100Base-TXcalledfortheuseofunshieldedtwisted-pair
cablesegmentsupto100metersinlength.Theonlydifferencefroma10Base-Tsegment
wasinthequalityandcapabilitiesofthecableitself.
100Base-TXwasbasedontheANSITP-PMDspecificationandcallsfortheuseof
Category5UTPcableforallnetworksegments.Asyoucanseeinthetable,theCategory
5cablespecificationprovidedthepotentialformuchgreaterbandwidththantheCategory
3cablespecifiedfor10Base-Tnetworks.Asanalternative,usingType1shieldedtwistedpaircablewasalsopossibleforinstallationswheretheoperatingenvironmentpresenteda
greaterdangerofelectromagneticinterference.
Forthesakeofcompatibility,100Base-TX(aswellas100Base-T4)usedthesame
typeofRJ-45connectorsas10Base-T,andthepinassignmentswerethesameaswell.The
pinassignmentsweretheoneareainwhichthecablespecificationsdifferedfromANSI
TP-PMDtomaintainbackwardcompatibilitywith10Base-Tnetworks.
100Base-T4
100Base-T4wasintendedforuseonnetworksthatalreadyhadUTPcableinstalled,but
thecablewasnotratedasCategory5.The10Base-Tspecificationallowedfortheuseof
standardvoice-grade(Category3)cable,andthereweremanynetworksthatwerealready
wiredfor10Base-TEthernet(orevenfortelephonesystems).100Base-T4ranat100
MbpsonCategory3cablebyusingallfourpairsofwiresinthecable,insteadofjusttwo,
as10Base-Tand100Base-TXdo.
Thetransmitandreceivedatapairsina100Base-T4circuitarethesameasthatof
100Base-TX(and10Base-T).Theremainingfourwiresfunctionasbidirectionalpairs.As
ona10Base-Tnetwork,thetransmitandreceivepairsmustbecrossedoverfortrafficto
flow.Thecrossovercircuitsina100BaseEthernethubconnectthetransmitpairtothe
receivepair,asalways.Ina100Base-T4hub,thetwobidirectionalpairsarecrossedas
wellsothatpair3connectstopair4,andviceversa.
100Base-FX
The100Base-FXspecificationcalledforthesamehardwareasthe10Base-FL
specificationexceptthatthemaximumlengthofacablesegmentwasnomorethan412
meters.Aswiththeother100BaseEthernetphysicallayeroptions,themediumwas
capableoftransmittingasignaloverlongerdistances,butthelimitationwasimposedto
ensuretheproperoperationofthecollision-detectionmechanism.Asmentionedearlier,
whenyoueliminatetheCSMA/CDMACmechanism,likeonafull-duplexEthernet
network,100Base-FXsegmentscanbemuchlonger.
CableLengthRestrictions
Becausethenetworkoperatesattentimesthespeedof10BaseEthernet,100BaseEthernet
cableinstallationsweremorerestricted.Ineffect,the100BaseEthernetstandardusesupa
gooddealofthelatitudebuiltintotheoriginalEthernetstandardstoachievegreater
performancelevels.In10MbpsEthernet,thesignaltimingspecificationswereatleast
twiceasstrictastheyhadtobeforsystemstodetectearlycollisionsproperlyonthe
network.Thelengthsofthenetworksegmentsweredictatedmorebytheneedtomaintain
thesignalstrengththanthesignaltiming.
On100Base-Tnetworks,however,signalstrengthisnotasmuchofanissueassignal
timing.TheCSMA/CDmechanismona100BaseEthernetnetworkfunctionsexactlylike
thatofa10MbpsEthernetnetwork,andthepacketsarethesamesize,buttheytravelover
themediumattentimesthespeed.Becausethecollisiondetectionmechanismisthesame,
asystemstillmustbeabletodetectthepresenceofacollisionbeforetheslottimeexpires
(thatis,beforeittransmits64bytesofdata).Becausethetrafficismoving100Mbps,
though,thedurationofthatslottimeisreduced,andthemaximumlengthofthenetwork
mustbereducedaswelltosensecollisionsaccurately.Forthisreason,themaximum
overalllengthofa100Base-TXnetworkisapproximately205meters.Thisisafigureyou
shouldobservemuchmorestringentlythanthe500-metermaximumfora10Base-T
network.
NOTEWhenyouplanyournetwork,besuretoremainconsciousthatthe
100-metermaximumcablesegmentlengthspecificationinthe100Base
Ethernetstandardincludestheentirelengthofcableconnectinga
computertothehub.Ifyouhaveaninternalcableinstallationthat
terminatesatwallplatesatthecomputersiteandapatchpanelatthehub
site,youmustincludethelengthsofthepatchcablesconnectingthewall
platetothecomputerandthepatchpaneltothehubinyourtotal
measurement.Thespecificationrecommendsthatthemaximumlength
foraninternalcablesegmentbe90meters,leaving10metersforthe
patchcables.
HubConfigurations
Becausethemaximumlengthfora100Base-TXsegmentis100meters,thesameasthat
for10Base-T,therestrictionsontheoveralllengthofthenetworkarefoundinthe
configurationoftherepeatinghubsusedtoconnectthesegments.The802.3usupplement
describedtwotypesofhubsforall100Base-Tnetworks:ClassIandClassII.Every
100BaseEthernethubmusthaveacircledRomannumeralIorIIidentifyingitsclass.
ClassIhubsareintendedtosupportcablesegmentswithdifferenttypesofsignaling.
100Base-TXand100Base-FXusethesamesignalingtype,while100Base-T4isdifferent
(becauseofthepresenceofthetwobidirectionalpairs).AClassIhubcontainscircuitry
thattranslatesincoming100Base-TX,100Base-FX,and100Base-T4signalstoacommon
digitalformatandthentranslatesthemagaintotheappropriatesignalforeachoutgoing
hubport.Thesetranslationactivitiescausecomparativelylongtimingdelaysinthehub,so
youcanhaveonlyoneClassIhubonthepathbetweenanytwonodesonthenetwork.
ClassIIhubscanonlysupportcablesegmentsofthesamesignalingtype.Becauseno
translationisinvolved,thehubpassestheincomingdatarapidlytotheoutgoingports.
Becausethetimingdelaysareshorter,youcanhaveuptotwoClassIIhubsonthepath
betweentwonetworknodes,butallthesegmentsmustusethesamesignalingtype.This
meansaClassIIhubcansupporteither100Base-TXand100Base-FXtogetheror
100Base-T4alone.
Additionalsegmentlengthrestrictionsarealsobasedonthecombinationofsegments
andhubsusedonthenetwork.Themorecomplexthenetworkconfigurationgets,the
shorteritsmaximumcollisiondomaindiametercanbe.Table11-2summarizesthese
restrictions.
Table11-2100BaseEthernetMultisegmentConfigurationGuidelines
NotethatanetworkconfigurationthatusestwoClassIIhubsactuallyusedthree
lengthsofcabletoestablishthelongestconnectionbetweentwonodes:twocablesto
connectthenodestotheirrespectivehubsandonecabletoconnectthetwohubs.For
example,theassumptionofthestandardisthattheadditional5metersaddedtothelength
limitforanall-coppernetworkwillaccountforthecableconnectingthetwohubs,as
showninFigure11-1.Butinpractice,thethreecablescanbeofanylengthaslongastheir
totallengthdoesnotexceed205meters.
Figure11-1Thecablesegmentsinanetworkwithtwohubscanbeofanylength,aslongasyouobservethemaximum
collisiondomaindiameter.
Whattheserestrictionsmeanto100Base-FXnetworksisthattheonlyfibersegment
thatcanbe412meterslongisonethatdirectlyconnectstwocomputers.Onceyouadda
hubtothenetwork,thetotaldistancebetweencomputersdropsdrastically.Thislargely
negatesoneofthemajorbenefitsofusingfiber-opticcable.Yousawearlierinthischapter
thattheoriginalEthernetstandardsallowforfiber-opticsegmentsupto2kilometers
(2,000meters)long.Theclosertolerancesofthecollision-detectionmechanismona
100BaseEthernetnetworkmakeitimpossibletoduplicatethecollisiondomaindiameter
ofstandardslike10Base-FL.Consideringthatotherhigh-speedprotocolssuchasFDDI
usethesametypeofcableandcansupportdistancesupto200kilometers,100Base
Ethernetmightnotbetheoptimalfiber-opticsolution,unlessyouusethefull-duplex
optiontoincreasethesegmentlength.
100BaseEthernetTimingCalculations
AswiththeoriginalEthernetstandards,thecablingguidelinesintheprevioussectionsare
nomorethanrulesofthumbthatprovidegeneralsizelimitationsfora100BaseEthernet
network.Makingmoreprecisecalculationstodetermineifyournetworkisfullycompliant
withthespecificationsisalsopossible.For100BaseEthernet,thesecalculationsconsist
onlyofdeterminingtheround-tripdelaytimeforthenetwork.Nointerframegap
shrinkagecalculationexistsfor100BaseEthernetbecausethelimitednumberofrepeaters
permittedonthenetworkallbuteliminatesthisasapossibleproblem.
CalculatingtheRound-TripDelayTimeTheprocessofcalculatingtheround-trip
delaytimebeginswithdeterminingtheworst-casepaththroughyournetwork,justasin
thecalculationsfor10BaseEthernetnetworks.Asbefore,ifyouhavedifferenttypesof
cablesegmentsonyournetwork,youmayhavemorethanonepathtocalculate.Thereis
noneedtoperformseparatecalculationsforeachdirectionofacomplexpath,however,
becausetheformulamakesnodistinctionbetweentheorderofthesegments.
Theround-tripdelaytimeconsistsofadelaypermetermeasurementforthespecific
typeofcableyournetworkuses,plusanadditionaldelayconstantforeachnodeand
repeateronthepath.Table11-3liststhedelayfactorsforthevariousnetworkcomponents.
Table11-3DelayTimesfor100BaseEthernetNetworkComponents
Tocalculatetheround-tripdelaytimefortheworst-casepaththroughyournetwork,
youmultiplythelengthsofyourvariouscablesegmentsbythedelayfactorslistedinthe
tableandaddthemtogether,alongwiththeappropriatefactorsforthenodesandhubsand
asafetybufferof4bittimes.Ifthetotalislessthan512,thepathiscompliantwiththe
100BaseEthernetspecification.Thus,thecalculationsforthenetworkshowninFigure
11-2wouldbeasfollows:
(150meters×1.112bittimes/meter)+100bittimes+(2×92bittimes)+4bittimes=454.8bittimes
Figure11-2Thisworst-casepathiscompliantwiththeround-tripdelaytimelimitationsdefinedintheEthernet
standard.
So,150metersofCategory5cablemultipliedbyadelayfactorof1.112bittimesper
meteryieldsadelayof166.8bittimes,plus100bittimesfortwo100Base-TXnodes,two
hubsat92bittimeseach,andanextra4forsafetyyieldsatotalround-tripdelaytimeof
454.8bittimes,whichiswellwithinthe512limit.
NOTEAswiththecalculationsfor10BaseEthernetnetworks,youmaybe
abletoavoidhavingtomeasureyourcablesegmentsbyusingthe
maximumpermittedsegmentlengthinyourcalculations.Onlyifthe
resultofthiscalculationexceedsthespecificationdoyouhaveto
considertheactuallengthsofyourcables.
Autonegotiation
Mostoftoday’sEthernetadapterssupportmultiplespeedsanduseanautonegotiation
systemthatenablesamultispeeddevicetosensethecapabilitiesofthenetworktowhichit
isconnectedandtoadjustitsspeedaccordingly.Theautonegotiationmechanismin
100BaseEthernetisbasedon100Baselinkpulse(FLP)signals,whicharethemselvesa
variationonthenormallinkpulse(NLP)signalsusedbytheold10Base-Tand10Base-FL
networks.
StandardEthernetnetworksuseNLPsignalstoverifytheintegrityofalinkbetween
twodevices.MostEthernethubsandnetworkinterfaceadaptershavealink-pulseLED
thatlightswhenthedeviceisconnectedtoanotheractivedevice.Forexample,whenyou
takeaUTPcablethatisconnectedtoahubandplugitintoacomputer’sNICandturnthe
computeron,theLEDsonboththeNICandthehubporttowhichit’sconnectedshould
light.ThisistheresultofthetwodevicestransmittingNLPsignalstoeachother.When
eachdevicereceivestheNLPsignalsfromtheotherdevice,itlightsthelink-pulseLED.If
thenetworkiswiredincorrectly,becauseofacablefaultorimproperuseofacrossover
cableorhubuplinkport,theLEDswillnotlight.Thesesignalsdonotinterferewithdata
communicationsbecausethedevicestransmitthemonlywhenthenetworkisidle.
NOTEThelink-pulseLEDindicatesonlythatthenetworkiswiredcorrectly,
notthatit’scapableofcarryingdata.Ifyouusethewrongcableforthe
protocol,youwillstillexperiencenetworkcommunicationproblems,
eventhoughthedevicespassedthelinkintegritytest.
100BaseEthernetdevicescapableoftransmittingatmultiplespeedselaborateonthis
techniquebytransmittingFLPsignalsinsteadofNLPsignals.FLPsignalsincludea16-bit
datapacketwithinaburstoflinkpulses,producingwhatiscalledanFLPburst.Thedata
packetcontainsalinkcodeword(LCW)withtwofields:theselectorfieldandthe
technologyabilityfield.Together,thesefieldsidentifythecapabilitiesofthetransmitting
device,suchasitsmaximumspeedandwhetheritiscapableoffull-duplex
communications.
BecausetheFLPbursthasthesameduration(2nanoseconds)andinterval(16.8
nanoseconds)asanNLPburst,astandardEthernetsystemcansimplyignoretheLCWand
treatthetransmissionasanormallinkintegritytest.Whenitrespondstothesender,the
multiple-speedsystemsetsitselftooperateat10Base-Tspeed,usingatechniquecalled
paralleldetection.Thissamemethodappliesalsoto100BaseEthernetdevicesincapable
ofmultiplespeeds.
Whentwo100BaseEthernetdevicescapableofoperatingatmultiplespeeds
autonegotiate,theydeterminethebestperformanceleveltheyhaveincommonand
configurethemselvesaccordingly.Thesystemsusethefollowinglistofprioritieswhen
comparingtheircapabilities,withfull-duplex1000Base-Tprovidingthebestperformance
andhalf-duplex10Base-Tprovidingtheworst:
•1000Base-T(full-duplex)
•1000Base-T
•100Base-TX(full-duplex)
•100Base-T4
•100Base-TX
•10Base-T(full-duplex)
•10Base-T
NOTEFLPsignalsaccountonlyforthecapabilitiesofthedevicesgenerating
them,nottheconnectingcable.Ifyouconnectadual-speed100Base-TX
computerwitha100Base-TXhubusingaCategory3cablenetwork,
autonegotiationwillstillconfigurethedevicestooperateat100Mbps,
eventhoughthecablecan’tsupporttransmissionsatthisspeed.
Thebenefitofautonegotiationisthatitpermitsadministratorstoupgradeanetwork
graduallyto100BaseEthernetwithaminimumofreconfiguration.If,forexample,you
have10/100dual-speedNICsinallyourworkstations,youcanrunthenetworkat10
Mbpsusing10Base-Thubs.Later,youcansimplyreplacethehubswithmodels
supporting100BaseEthernet,andtheNICswillautomaticallyreconfigurethemselvesto
operateatthehigherspeedduringthenextsystemreboot.Nomanualconfigurationatthe
workstationisnecessary.
GigabitEthernet
When100MbpsnetworkingtechnologieslikeFDDIwerefirstintroduced,most
horizontalnetworksused10MbpsEthernet.Thesenewprotocolswereusedprimarilyon
backbones.Nowthat100Baseand1000BaseEthernethavetakenoverthehorizontal
networkmarket,a100Mbpsbackboneis,inmanycases,insufficienttosupportthe
connectionsbetweenswitchesthathavetoaccommodatemultiple100BaseEthernet
networks.GigabitEthernetwasdevelopedtobethenextgenerationofEthernetnetwork,
runningat1Gbps(1,000Mbps),tentimesthespeedof100BaseEthernet.
GigabitEthernetusesthesameframeformat,framesize,andmediaaccesscontrol
methodaswasstandardin10MbpsEthernet.100BaseEthernetovertookFDDIasthe
dominant100Mbpssolutionbecauseitpreventednetworkadministratorsfromhavingto
useadifferentprotocolonthebackbone.Inthesameway,GigabitEthernetprevents
administratorsfromhavingtouseadifferentprotocolfortheirbackbones.
ConnectinganATMorFDDInetworktoanEthernetnetworkrequiresthatthedatabe
convertedatthenetworklayerfromoneframeformattoanother.ConnectingtwoEthernet
networks,evenwhenthey’rerunningatdifferentspeeds,isadatalinklayeroperation
becausetheframesremainunchanged.Inaddition,usingEthernetthroughoutyour
networkeliminatestheneedtotrainadministratorstoworkwithanewprotocoland
purchasenewtestinganddiagnosticequipment.Thebottomlineisthatinmostcasesitis
possibletoupgradea100BaseEthernetbackbonetoGigabitEthernetwithoutcompletely
replacinghubs,switches,andcables.Thisisnottosay,however,thatsomehardware
upgradeswillnotbenecessary.Hubsandswitcheswillneedmodulessupportingthe
protocol,andnetworkingmonitoringandtestingproductsmayalsohavetobeupgradedto
supportthefasterspeed.
GigabitEthernetArchitecture
GigabitEthernetwasfirstdefinedinthe802.3zsupplementtothe802.3standard,which
waspublishedinJune1998.The802.3zdefinedanetworkrunningat1,000Mbpsin
eitherhalf-duplexorfull-duplexmode,overavarietyofnetworkmedia.Theframeused
toencapsulatethepacketsisidenticaltothatof802.3Ethernet,andtheprotocol(inhalfduplexmode)usesthesameCarrierSenseMultipleAccesswithCollisionDetection
(CSMA/CD)MACmechanismastheotherEthernetincarnations.
Aswith10Baseand100BaseEthernet,theGigabitEthernetstandardcontainsboth
physicalanddatalinklayerelements,asshowninFigure11-3.Thedatalinklayer
consistsofthelogicallinkcontrol(LLC)andmediaaccesscontrol(MAC)sublayersthat
arecommontoalloftheIEEE802protocols.TheLLCsublayerisidenticaltothatused
bytheotherEthernetstandards,asdefinedintheIEEE802.2document.Theunderlying
conceptoftheMACsublayer,theCSMA/CDmechanism,isfundamentallythesameas
onastandardEthernetor100BaseEthernetnetworkbutwithafewchangesintheway
thatit’simplemented.
Figure11-3TheGigabitEthernetprotocolarchitecture
MediaAccessControl
GigabitEthernetisdesignedtosupportfull-duplexoperationasitsprimarysignaling
mode.Asmentionedearlier,whensystemscantransmitandreceivedatasimultaneously,
thereisnoneedforamediaaccesscontrolmechanismlikeCSMA/CD.However,some
modificationsarerequiredforsystemsona1000Base-Xnetworktooperateinhalf-duplex
mode.Ethernet’scollision-detectionmechanismworksproperlyonlywhencollisionsare
detectedwhileapacketisstillbeingtransmitted.Oncethesourcesystemfinishes
transmittingapacket,thedataispurgedfromitsbuffers,anditisnolongerpossibleto
retransmitthatpacketintheeventofacollision.
Whenthespeedatwhichsystemstransmitdataincreases,theround-tripsignaldelay
timeduringwhichacollisioncanbedetecteddecreases.When100BaseEthernet
increasedthespeedofanEthernetnetworkbytentimes,thestandardcompensatedby
reducingthemaximumdiameterofthenetwork.Thisenabledtheprotocoltousethesame
64-byteminimumpacketsizeastheoriginalEthernetstandardandstillbeabletodetect
collisionseffectively.
GigabitEthernetincreasesthetransmissionspeedanothertentimes,butreducingthe
maximumdiameterofthenetworkagainwasimpracticalbecauseitwouldresultin
networksnolongerthan20metersorso.Asaresult,the802.3zsupplementincreasesthe
sizeoftheCSMA/CDcarriersignalfrom64bytesto512bytes.Thismeansthatwhilethe
64-byteminimumpacketsizeisretained,theMACsublayerofaGigabitEthernetsystem
appendsacarrierextensionsignaltosmallpacketsthatpadsthemoutto512bytes.This
ensuresthattheminimumtimerequiredtotransmiteachpacketissufficientforthe
collision-detectionmechanismtooperateproperly,evenonanetworkwiththesame
diameteras100BaseEthernet.
ThecarrierextensionbitsareaddedtotheEthernetframeaftertheframecheck
sequence(FCS),sothatwhiletheyareavalidpartoftheframeforcollision-detection
purposes,thecarrierextensionbitsarestrippedawayatthedestinationsystembeforethe
FCSiscomputed,andtheresultsarecomparedwiththevalueinthepacket.Thispadding,
however,cangreatlyreducetheefficiencyofthenetwork.Asmallpacketmayconsistof
upto448bytesofpadding(512minus64),theresultofwhichisathroughputonly
slightlygreaterthan100BaseEthernet.Toaddressthisproblem,802.3zintroducesa
packet-burstingcapabilityalongwiththecarrierextension.Packetburstingworksby
transmittingseveralpacketsbacktobackuntila1,500-bytebursttimerisreached.This
compensatesforthelossincurredbythecarrierextensionbitsandbringsthenetworkback
uptospeed.
WhenGigabitEthernetisusedforbackbonenetworks,full-duplexconnections
betweenswitchesandserversarethemorepracticalchoice.Theadditionalexpenditurein
equipmentisminimal,andasidefromeliminatingthiscollision-detectionproblem,it
increasesthetheoreticalthroughputofthenetworkto2Gbps.
TheGigabitMedia-IndependentInterface
Theinterfacebetweenthedatalinkandphysicallayers,calledthegigabitmediumindependentinterface(GMII),enablesanyofthephysicallayerstandardstousetheMAC
andLLCsublayers.TheGMIIisanextensionofthemedium-independentinterfacein
100BaseEthernet,whichsupportstransmissionspeedsof10,100,and1,000Mbpsand
hasseparate8-bittransmitandreceivedatapaths,forfull-duplexcommunication.The
GMIIalsoincludestwosignalsthatarereadablebytheMACsublayer,calledcarrier
senseandcollisiondetect.Oneofthesignalsspecifiesthatacarrierispresent,andthe
otherspecifiesthatacollisioniscurrentlyoccurring.Thesesignalsarecarriedtothedata
linklayerbywayofthereconciliationsublayerlocatedbetweentheGMIIandtheMAC
sublayer.
TheGMIIisbrokenintothreesublayersofitsown,whichareasfollows:
•Physicalcodingsublayer(PCS)
•Physicalmediumattachment(PMA)
•Physicalmedium-dependent(PMD)
Thefollowingsectionsdiscussthefunctionsofthesesublayers.
ThePhysicalCodingSublayer
Thephysicalcodingsublayerisresponsibleforencodinganddecodingthesignalsonthe
waytoandfromthePMA.Thephysicallayeroptionsdefinedinthe802.3zdocumentall
usethe8B/10Bcodingsystem,whichwasadoptedfromtheANSIFibreChannel
standards.Inthissystem,each8-bitdatasymbolisrepresentedbya10-bitcode.Thereare
alsocodesthatrepresentcontrolsymbols,suchasthoseusedintheMACcarrierextension
mechanism.Eachcodeisformedbybreakingdownthe8databitsintotwogroups
consistingofthe3mostsignificantbits(y)andthe5remainingbits(x).Thecodeisthen
namedusingthefollowingnotation:/Dx,y/,wherexandyequalthedecimalvaluesofthe
twogroups.Thecontrolcodesarenamedthesameway,exceptthattheletterDisreplaced
byaK:/Kx,y/.
Theideabehindthistypeofcodingistominimizetheoccurrenceofconsecutivezeros
andones,whichmakeitdifficultforsystemstosynchronizetheirclocks.Tohelpdothis,
eachofthecodegroupsmustbecomposedofoneofthefollowing:
•Fivezerosandfiveones
•Sixzerosandfourones
•Fourzerosandsixones
NOTEThe1000Base-Tphysicallayeroptiondoesnotusethe8B/10Bcoding
system.See“1000Base-T”laterinthischapterformoreinformation.
ThePCSisalsoresponsibleforgeneratingthecarriersenseandcollision-detect
signalsandformanagingtheautonegotiationprocessusedtodeterminewhatspeedthe
networkinterfacecardshoulduse(10,100,or1,000Mbps)andwhetheritshouldrunin
half-duplexorfull-duplexmode.
ThePhysicalMediumAttachmentSublayer
Thephysicalmediumattachmentsublayerisresponsibleforconvertingthecodegroups
generatedbythePCSintoaserializedformthatcanbetransmittedoverthenetwork
mediumandforconvertingtheserialbitstreamarrivingoverthenetworkintocode
groupsforusebytheupperlayers.
ThePhysicalMedium-DependentSublayer
Thephysicalmedium-dependentsublayerprovidestheinterfacebetweenthecoded
signalsgeneratedbythePCSandtheactualphysicalnetworkmedium.Thisiswherethe
actualopticalorelectricsignalsthataretransmittedoverthecablearegeneratedand
passedontothecablethroughthemedium-dependentinterface(MDI).
ThePhysicalLayer
Collectivelycalled1000Base-X,therewerethreephysicallayeroptionsforGigabit
Ethernetdefinedintheoriginal802.3zdocument,twoforfiber-opticcableandonefor
copper.Thesethreephysicallayeroptionsin802.3zwereadoptedfromtheANSIX3T11
FibreChannelspecifications.Theuseofanexistingstandardforthiscrucialelementof
thetechnologyhasgreatlyacceleratedthedevelopmentprocess,bothoftheGigabit
Ethernetstandardsandofthehardwareproducts.Ingeneral,1000Base-Xcallsfortheuse
ofthesametypesoffiber-opticcablesasFDDIand100Base-FXbutatshorterdistances.
ThelongestpossibleGigabitEthernetsegment,usingsingle-modefibercable,is5
kilometers.
Intheensuingyears,additionshavebeenmadetotheoriginaldescription,including
IEEE802.bj,whichdefinesafour-lane100Gbpsstandardthatoperatesatlengthsuptoat
least5metersonlinksconsistentwithcoppertwin-axialcables.TheIEEEisalsoworking
onGigabitEthernettooperateoverasingletwisted-paircableforindustrial(and
automotive)use(IEEE802.3bp),aswellas40GBase-T(IEEE802.3bq)forfour-pair
balancedtwisted-paircableswithtwoconnectionsover30-meterdistances.Thelatter
standardisscheduledforimplementationinearly2016.
NOTEForitsmultimodecableoptions,the802.3zstandardpioneeredtheuse
oflaserlightsourcesathighspeeds.Mostfiber-opticapplicationsuse
lasersonlywithsingle-modecable,whilethesignalsonmultimode
cablesareproducedbylight-emittingdiodes(LEDs).Thejittereffect,
whichwasaproblemwithpreviouseffortstouselaserswithmultimode
cable,wasresolvedbyredefiningthepropertiesofthelasertransmitters
usedtogeneratethesignals.
Unlikestandardand100BaseEthernet,thefiber-opticphysicallayerstandardsfor
1000Base-Xwerenotbasedonthepropertiesofspecificcabletypes,butratheronthe
propertiesoftheopticaltransceiversthatgeneratethesignalonthecable.Eachofthe
fiber-opticstandardssupportsseveralgradesofcable,usingshort-orlong-wavelength
lasertransmitters.Thephysicallayeroptionsfor1000Base-Xaredescribedinthe
followingsections.
1000Base-LX
1000Base-LXwasintendedforuseinbackbonesspanningrelativelylongdistances,using
longwavelengthlasertransmissionsinthe1,270-to1,355-nanometerrangewitheither
multimodefibercablewithinabuildingorsingle-modefiberforlongerlinks,suchas
thosebetweenbuildingsonacampusnetwork.Multimodefibercablewithacorediameter
of50or62.5micronssupportslinksofupto550meters,while9-micronsingle-mode
fibersupportslinksofupto5,000meters(5km).BothfibertypesusestandardSC
connectors.
1000Base-SX
1000Base-SXusedshort-wavelengthlasertransmissionsrangingfrom770to860
nanometersandisintendedforuseonshorterbackbonesandhorizontalwiring.This
optionismoreeconomicalthan1000Base-LXbecauseitusesonlytherelatively
inexpensivemultimodefibercable,inseveralgrades,andthelasersthatproducetheshort
wavelengthtransmissionsarethesameasthosecommonlyusedinCDandCD-ROM
players.Asofthiswriting,mostofthefiber-opticGigabitEthernetproductsonthemarket
supportthe1000Base-SXstandard.
1000Base-T
Althoughitwasnotincludedinthe802.3zstandard,oneoftheoriginalgoalsofthe
GigabitEthernetdevelopmentteamwasforittorunonstandardCategory5UTPcable
andsupportconnectionsupto100meterslong.Thisenablesexisting100BaseEthernet
networkstobeupgradedtoGigabitEthernetwithoutpullingnewcableorchangingthe
networktopology.1000Base-Twasdefinedinaseparatedocumentcalled802.3ab.
Toachievethesehighspeedsovercopper,1000Base-Tmodifiedthewaythatthe
protocolusestheUTPcable.Whiledesignedtousethesamecableinstallationsas
100Base-TX,1000Base-Tusesallfourofthewirepairsinthecable,while100Base-TX
usesonlytwopairs.Inaddition,allfourpairscancarrysignalsineitherdirection.This
effectivelydoublesthethroughputof100Base-TX,butitstilldoesn’tapproachspeedsof
1,000Mbps.However,1000Base-Talsousesadifferentsignalingschemetotransmitdata
overthecablethantheother1000Base-Xstandards.Thismakesitpossibleforeachofthe
fourwirepairstocarry250Mbps,foratotalof1,000Mbpsor1Gbps.Thissignaling
schemeiscalledPulseAmplitudeModulation5(PAM-5).
WhiledesignedtorunoverstandardCategory5cable,asdefinedintheTIA/EIA
standards,thestandardrecommendsthat1000Base-TnetworksuseatleastCategory5e
(orenhancedCategory5)cable.Category5ecableistestedforitsresistancetoreturnloss
andequal-levelfar-endcrosstalk(ELFEXT).Aswith100BaseEthernet,1000Base-T
NICsandotherequipmentareavailablethatcanrunatmultiplespeeds,either100/1000or
10/100/1000Mbps,tofacilitategradualupgradestoGigabitEthernet.Autonegotiation,
optionalin100BaseEthernet,ismandatoryinGigabitEthernet.
WhilenetworksthatrunGigabitEthernettothedesktoparenotlikelytobe
commonplaceforsometime,itwilleventuallyhappen,ifhistoryisanyindicator.
EthernetTroubleshooting
TroubleshootinganEthernetnetworkoftenmeansdealingwithaprobleminthephysical
layer,suchasafaultycableorconnectionorpossiblyamalfunctioningNICorhub.When
anetworkconnectioncompletelyfails,youshouldimmediatelystartexaminingthe
cablingandotherhardwareforfaults.Ifyoufindthattheperformanceofthenetworkis
degrading,however,orifaproblemisaffectingspecificworkstations,youcansometimes
getanideaofwhatisgoingwrongbyexaminingtheEtherneterrorsoccurringonthe
network.
EthernetErrors
ThefollowingaresomeoftheerrorsthatcanoccuronanEthernetnetwork.Someare
relativelycommon,whileothersarerare.Detectingtheseerrorsusuallyrequiresspecial
toolsdesignedtoanalyzenetworktraffic.Mostsoftwareapplicationscandetectsomeof
theseconditions,suchasthenumberofearlycollisionsandFCSerrors.Others,suchas
latecollisions,aremuchmoredifficulttodetectandmayrequirehigh-endsoftwareor
hardwaretoolstodiagnose.
•EarlycollisionsStrictlyspeaking,anearlycollisionisnotanerrorbecause
collisionsoccurnormallyonanEthernetnetwork.Buttoomanycollisions(more
thanapproximately5percentofthetotalpackets)isasignthatnetworktrafficis
approachingcriticallevels.Itisagoodideatokeeparecordofthenumberof
collisionsoccurringonthenetworkatregularintervals(suchasweekly).Ifyou
noticeamarkedincreaseinthenumberofcollisions,youmightconsidertryingto
decreasetheamountoftraffic,eitherbysplittingthenetworkintotwocollision
domainsorbymovingsomeofthenodestoanothernetwork.
•LatecollisionsLatecollisionsarealwaysacauseforconcernandare
difficulttodetect.Theyusuallyindicatethatdataistakingtoolongtotraversethe
network,eitherbecausethecablesegmentsaretoolongorbecausetherearetoo
manyrepeaters.ANICwithamalfunctioningcarriersensemechanismcouldalso
beatfault.Networkanalyzerproductsthatcantracklatecollisionscanbe
extremelyexpensive,butarewellworththeinvestmentforalargeenterprise
network.Becauselatecollisionsforcelostpacketstoberetransmittedbyhigherlayerprotocols,youcansometimesdetectatrendofnetworklayer
retransmissions(bytheIPprotocol,forexample)causedbylatecollisions,usinga
basicprotocolanalyzersuchasNetworkMonitor.
•RuntsAruntisapacketlessthan64byteslong,causedeitherbya
malfunctioningNICorhubportorbyanodethatceasestransmittinginthe
middleofapacketbecauseofadetectedcollision.Acertainnumberofrunt
packetsoccurnaturallyasaresultofnormalcollisions,butaconditionwhere
moreruntsoccurthancollisionsindicatesafaultyhardwaredevice.
•GiantsAgiantisapacketthatislargerthantheEthernetmaximumof1,518
bytes.TheproblemisusuallycausedbyaNICthatisjabbering,ortransmitting
improperlyorcontinuously,or(lesslikely)bythecorruptionoftheheader’s
lengthindicatorduringtransmission.Giantsneveroccurnormally.Theyarean
indicationofamalfunctioninghardwaredeviceoracablefault.
•AlignmenterrorsApacketthatcontainsapartialbyte(thatis,apacket
withasizeinbitsthatisnotamultipleof8)issaidtobemisaligned.Thiscanbe
theresultofanerrorintheformationofthepacket(intheoriginatingNIC)or
evidenceofcorruptionoccurringduringthepacket’stransmission.Most
misalignedpacketsalsohaveCRCerrors.
•CRCerrorsApacketinwhichtheframechecksequencegeneratedatthe
transmittingnodedoesnotequalthevaluecomputedatthedestinationissaidto
haveexperiencedaCRCerror.Theproblemcanbecausedbydatacorruption
occurringduringtransmission(becauseofafaultycableorotherconnecting
device)orconceivablybyamalfunctionintheFCScomputationmechanismin
eitherthesendingorreceivingnode.
•BroadcaststormsWhenamalformedbroadcasttransmissioncausesthe
othernodesonthenetworktogeneratetheirownbroadcastsforatotaltrafficrate
of126packetspersecondormore,theresultisaself-sustainingconditionknown
asabroadcaststorm.Becausebroadcasttransmissionsareprocessedbeforeother
frames,thestormeffectivelypreventsanyotherdatafrombeingsuccessfully
transmitted.
IsolatingtheProblem
WheneveryouexceedanyoftheEthernetspecifications(orthespecificationsforany
protocol,forthatmatter),theplacewhereyou’repushingtheenvelopeshouldbethefirst
placeyoucheckwhenaproblemarises.Ifyouhaveexceededthemaximumlengthfora
segment,forexample,trytoeliminatesomeoftheexcesslengthtoseewhetherthe
problemcontinues.OnathinEthernetnetwork,thisusuallymeanscross-cablingto
eliminatesomeoftheworkstationsfromthesegment.OnaUTPnetwork,connectthe
samecomputertothesamehubportusingashortercablerun.Ifyouhavetoomany
workstationsrunningonacoaxialbus(thickorthinEthernet),youcandeterminewhether
overpopulationistheproblemsimplybyshuttingdownsomeofthemachines.
EncounteringexcessiverepeatersonaUTPnetworkisaconditionthatyoucantestfor
bycheckingtoseewhetherproblemsoccurmoreoftenonpathswithalargernumberof
hubs.Youcanalsotrytocross-cablethehubstoeliminatesomeofthemfromaparticular
path.Thisisrelativelyeasytodoinanenvironmentinwhichallthehubsarelocatedin
thesamewiringclosetordatacenter,butifthehubsarescatteredalloverthesite,you
mayhavetodisconnectsomeofthehubstemporarilytoreducethesizeofthecollision
domaintoperformyourtests.Thesameistrueofacoaxialnetworkonwhichtheprimary
functionoftherepeatersistoextendthecollisiondomaindiameter.Youmayhaveto
disconnectthecablefromeachoftherepeatersinturn(rememberingtoterminatethebus
properlyeachtime)toisolatetheproblem.
Reducingthesizeofthecollisiondomainisalsoagoodwaytonarrowdownthe
locationofacablefault.InaUTPnetwork,thestartopologymeansthatacablebreakwill
affectonlyonesystem.Onacoaxialnetworkusingabustopology,however,asingle
cablefaultcanbringdowntheentirenetwork.Onamultisegmentnetwork,terminating
thebusateachrepeaterinturncantellyouwhichsegmenthasthefault.
Abetter,albeitmoreexpensive,methodforlocatingcableproblemsistousea
multifunctioncabletester.Thesedevicescanpinpointtheexactlocationofmanydifferent
typesofcablefaults.
NOTEOnceyoulocateamalfunctioningcable,it’sagoodideatodisposeof
itimmediately.Leavingabadcablelyingaroundcanresultinsomeone
elsetryingtouseitandthustheneedforanothertroubleshootingsession.
100VG-AnyLAN
100VG-AnyLANisa100Mbpsdesktopnetworkingprotocolthatisusuallygroupedwith
100BaseEthernetbecausethetwowerecreatedatthesametimeandbrieflycompetedfor
thesamemarket.However,thisprotocolcannotstrictlybecalledanEthernetvariant
becauseitdoesnotusetheCSMA/CDmediaaccesscontrolmechanism.
100VG-AnyLANisdefinedintheIEEE802.12specification,whilealloftheEthernet
variantsaredocumentedbythe802.3workinggroup.OriginallytoutedbyHewlettPackardandAT&Tasa100MbpsUTPnetworkingsolutionthatissuperiorto100Base
Ethernet,themarkethasnotupheldthatbelief.Whileafew100VGproductsarestill
available,100BaseEthernethasclearlybecomethedominant100Mbpsnetworking
technology.
Aswith100BaseEthernet,theintentionbehindthe100VGstandardistouseexisting
10Base-Tcableinstallationsandtoprovideaclear,gradualupgradepathtothe100Base
technology.Originallyintendedtosupportallthesamephysicallayeroptionsas100Base
Ethernet,onlythefirst100VGcablingoptionhasactuallymaterialized,usingallfourwire
pairsinaUTPcableratedCategory3orbetter.Themaximumcablesegmentlengthis100
metersforCategory3and4cablesandis200metersforCategory5.Upto1,024nodes
arepermittedonasingle-collisiondomain.100VG-AnyLANusesatechniquecalled
quartetsignalingtousethefourwirepairsinthecable.
100VGusesthesameframeformataseither802.3Ethernetor802.5TokenRing,
makingitpossibleforthetraffictocoexistonanetworkwiththeseotherprotocols.Thisis
anessentialpointthatprovidesaclearupgradepathfromtheolder,slowertechnologies.
Aswith100BaseEthernet,dual-speedNICsareavailabletomakeitpossibletoperform
upgradesgradually,onecomponentatatime.
A10Base-T/100VG-AnyLANNIC,however,wasasubstantiallymorecomplex
devicethana10/100100BaseEthernetcard.Whilethesimilaritybetweenstandardand
100BaseEthernetenablestheadaptertousemanyofthesamecomponentsforboth
protocols,100VGissufficientlydifferentfrom10Base-Ttoforcethedevicetobe
essentiallytwonetworkinterfaceadaptersonasinglecard,whichsharelittleelsebutthe
cableandbusconnectors.This,andtherelativelackofacceptancefor100VG-AnyLAN,
hasledthepricesofthehardwaretobesubstantiallyhigherthanthosefor100Base
Ethernet.
Theoneareainwhich100VG-AnyLANdiffersmostsubstantiallyfromEthernetisin
itsmediaaccesscontrolmechanism.100VGnetworksuseatechniquecalleddemand
priority,whicheliminatesthenormallyoccurringcollisionsfromthenetworkandalso
providesameanstodifferentiatebetweennormalandhigh-prioritytraffic.The
introductionofprioritylevelsisintendedtosupportapplicationsthatrequireconsistent
streamsofhighbandwidth,suchasreal-timeaudioandvideo.
The100VG-AnyLANspecificationsubdividesitsfunctionalityintoseveralsublayers.
LiketheotherIEEE802standards,theLLCsublayerisatthetopofanode’sdatalink
layer’sfunctionality,followedbytheMACsublayer.Onarepeater(hub),therepeater
mediaaccesscontrol(RMAC)sublayerisdirectlybelowtheLLC.BeneaththeMACor
RMACsublayer,thespecificationcallsforaphysicalmedium–independent(PMI)
sublayer,amedium-independentinterface,andaphysicalmedium–dependentsublayer.
Finally,themedium-dependentinterfaceprovidestheactualconnectiontothenetwork
medium.Thefollowingsectionsexaminetheactivitiesateachoftheselayers.
TheLogicalLinkControlSublayer
TheLLCsublayerfunctionalityisdefinedbytheIEEE802.2standardandisthesameas
thatusedwith802.3(Ethernet)and802.5(TokenRing)networks.
TheMACandRMACSublayers
100VG’sdemand-prioritymechanismreplacestheCSMA/CDmechanisminEthernetand
100BaseEthernetnetworks.UnlikemostotherMACmechanisms,accesstothemedium
onademand-prioritynetworkiscontrolledbythehub.Eachnodeonthenetwork,inits
defaultstate,transmitsanIdle_Upsignaltoitshub,indicatingthatitisavailabletoreceive
data.Whenanodehasdatatotransmit,itsendseitheraRequest_Normalsignalora
Request_Highsignaltothehub.Thesignalthenodeusesforeachpacketisdeterminedby
theupper-layerprotocols,whichassignprioritiesbasedontheapplicationgeneratingthe
data.
Thehubcontinuouslyscansallofitsportsinaround-robinfashion,waitingtoreceive
requestsignalsfromthenodes.Aftereachscan,thehubselectsthenodewiththelowest
portnumberthathasahigh-priorityrequestpendingandsendsittheGrantsignal,which
isthepermissionforthenodetotransmit.AftersendingtheGrantsignaltotheselected
node,thehubsendstheIncomingsignaltoalloftheotherports,whichinformsthenodes
ofapossibletransmission.Aseachnodereceivestheincomingsignal,itstopstransmitting
requestsandawaitstheincomingtransmission.
Whenthehubreceivesthepacketfromthesendingnode,itreadsthedestination
addressfromtheframeheaderandsendsthepacketouttheappropriateport.Alltheother
portsreceivetheIdle_Downsignal.Afterreceivingeitherthedatapacketorthe
Idle_Downsignal,thenodesreturntotheiroriginalstateandbegintransmittingeithera
requestoranIdle_Upsignal.Thehubthenprocessesthenexthigh-priorityrequest.When
allthehigh-priorityrequestshavebeensatisfied,thehubthenpermitsthenodesto
transmitnormal-prioritytraffic,inportnumberorder.
NOTEBydefault,a100VGhubtransmitsincomingpacketsoutonlytothe
port(orports)identifiedinthepacket’sdestinationaddress.Thisis
knownasoperatinginprivatemode.Configuringspecificnodesto
operateinpromiscuousmodeispossible,however,inwhichcasethey
receiveeverypackettransmittedoverthenetwork.
Theprocessingofhigh-priorityrequestsfirstenablesapplicationsthatrequiretimely
accesstothenetworktoreceiveit,butamechanismalsoexiststoprotectnormal-priority
trafficfromexcessivedelays.Ifthetimeneededtoprocessanormal-priorityrequest
exceedsaspecifiedinterval,therequestisupgradedtohighpriority.
Onanetworkwithmultiplehubs,oneroothubalwaysexists,towhichalltheothers
areultimatelyconnected.Whentheroothubreceivesarequestthroughaporttowhich
anotherhubisconnected,itenablesthesubordinatehubtoperformitsownportscanand
processonerequestfromeachofitsownports.Inthisway,permissiontoaccessthe
mediaispropagateddownthenetworktree,andallnodeshaveanequalopportunityto
transmit.
MACFramePreparation
Inadditiontocontrollingaccesstothenetworkmedium,theMACsublayerassemblesthe
packetframefortransmissionacrossthenetwork.Fourpossibletypesofframesexistona
100VG-AnyLANnetwork:
•802.3
•802.5
•Void
•Linktraining
802.3and802.5Frames100VG-AnyLANiscapableofusingeither802.3(Ethernet)or
802.5(TokenRing)framessothatthe100VGprotocolcancoexistwiththeothernetwork
typesduringagradualdeploymentprocess.Usingbothframetypesatonceisimpossible,
however.Youmustconfigureallthehubsonthenetworktouseoneortheotherframe
type.
All100VGframesareencapsulatedwithinaStartofStreamfieldandanEndof
Streamfieldbythephysicalmedium–independentsublayer,whichinformsthePMI
sublayeronthereceivingstationwhenapacketisbeingsentandwhenthetransmissionis
completed.Insidethesefields,the802.3and802.5framesusethesameformatsdefinedin
theirrespectivespecifications.
TheMACsublayersuppliesthesystem’sownhardwareaddressforeachpacket’s
sourceaddressfieldandalsoperformstheCRCcalculationsforthepacket,storingthem
intheFCSfield.
Onincomingpackets,theMACsublayerperformstheCRCcalculationsand
comparestheresultswiththecontentsoftheFCSfield.Ifthepacketpassestheframe
check,theMACsublayerstripsoffthetwoaddressesandtheFCSfieldsandpassesthe
remainingdatatothenextlayer.
VoidFramesVoidframesaregeneratedbyrepeatersonlywhenanodefailstotransmita
packetwithinagiventimeperiodaftertherepeaterhasacknowledgedit.
LinkTrainingFramesEverytimeanodeisrestartedorreconnectedtothenetwork,it
initiatesalinktrainingprocedurewithitshubbytransmittingaseriesofspecializedlink
trainingpackets.Thisprocedureservesseveralpurposes,asfollows:
•ConnectiontestingForanodetoconnecttothenetwork,itmustexchange
24consecutivetrainingpacketswiththehubwithoutcorruptionorloss.This
ensuresthatthephysicalconnectionisviableandthattheNICandhubportare
functioningproperly.
•PortconfigurationThedatainthetrainingpacketsspecifieswhetherthe
nodewilluse802.3or802.5frames,whetheritwilloperateinprivateor
promiscuousmode,andwhetheritisanendnode(computer)orarepeater(hub).
•AddressregistrationThehubreadsthenode’shardwareaddressfromthe
trainingpacketsandaddsittothetableitmaintainsofalltheconnectednodes’
addresses.
Trainingpacketscontain2-byterequestedconfigurationandallowedconfiguration
fieldsthatenablenodesandrepeaterstonegotiatetheportconfigurationsettingsforthe
connection.Thetrainingpacketsthenodegeneratescontainitssettingsintherequested
configurationfieldandnothingintheallowedconfigurationfield.Therepeater,on
receivingthepackets,addsthesettingsitcanprovidetotheallowedconfigurationfield
andtransmitsthepacketstothenode.
Thepacketsalsocontainbetween594and675bytesofpaddinginthedatafieldto
ensurethattheconnectionbetweenthenodeandtherepeaterisfunctioningproperlyand
cantransmitdatawithouterror.
ThePhysicalMedium–IndependentSublayer
Asthenameimplies,thephysicalmedium–independentsublayerperformsthesame
functionsforall100VGpackets,regardlessofthenetworkmedium.WhenthePMI
sublayerreceivesaframefromtheMACsublayer,itpreparesthedatafortransmission
usingatechniquecalledquartetsignaling.Thequartetreferstothefourpairsofwiresina
UTPcable,allofwhichtheprotocolusestotransmiteachpacket.Quartetsignaling
includesfourseparateprocesses,asfollows:
1.Eachpacketisdividedintoasequenceof5-bitsegments(calledquintets)and
assignedsequentiallytofourchannelsthatrepresentthefourwirepairs.Thus,the
first,fifth,andninthquintetswillbetransmittedoverthefirstpair;thesecond,
sixth,andtenthoverthesecondpair;andsoon.
2.Thequintetsarescrambledusingadifferentalgorithmforeachchannelto
randomizethebitpatternsforeachpairandeliminatestringsofbitswithequal
values.Scramblingthedatainthiswayminimizestheamountofinterferenceand
crosstalkonthecable.
3.Thescrambledquintetsareconvertedtosextets(6-bitunits)usingaprocess
called5B6Bencoding,whichreliesonapredefinedtableofequivalent5-bitand
6-bitvalues.Becausethesextetscontainanequalnumberofzerosandones,the
voltageonthecableremainsevenanderrors(whichtaketheformofmorethan
threeconsecutivezerosorones)aremoreeasilydetected.Theregularvoltage
transitionsalsoenablethecommunicatingstationstosynchronizetheirclocks
moreaccurately.
4.Finally,thepreamble,StartofFramefield,andEndofFramefieldareadded
totheencodedsextets,and,ifnecessary,paddingisaddedtothedatafieldtobring
ituptotheminimumlength.
TheMedium-IndependentInterfaceSublayer
Themedium-independentinterfacesublayerisalogicalconnectionbetweenthePMIand
PMDlayers.Aswith100BaseEthernet,theMIIcanalsotaketheformofaphysical
hardwareelementthatfunctionsasaunifiedinterfacetoanyofthemediasupportedby
100VG-AnyLAN.
ThePhysicalMedium–DependentSublayer
Thephysicalmedium–dependentsublayerisresponsibleforgeneratingtheactual
electricalsignalstransmittedoverthenetworkcable.Thisincludesthefollowing
functions:
•LinkstatuscontrolsignalgenerationNodesandrepeatersexchangelink
statusinformationusingcontroltonestransmittedoverallfourwirepairsinfullduplexmode(twopairstransmittingandtwopairsreceiving).Normaldata
transmissionsaretransmittedinhalf-duplexmode.
•DatastreamsignalconditioningThePMDsublayerusesasystemcalled
nonreturntozero(NRZ)encodingtogeneratethesignalstransmittedoverthe
cable.NRZminimizestheeffectsofcrosstalkandexternalnoisethatcandamage
packetsduringtransmission.
•ClockrecoveryNRZencodingtransmits1bitofdataforeveryclockcycle,
at30MHzperwirepair,foratotalof120MHz.Becausethe5B6Bencoding
schemeuses6bitstocarry5bitsofdata,thenettransmissionrateis100MHz.
TheMedium-DependentInterface
Themedium-dependentinterfaceistheactualhardwarethatprovidesaccesstothe
networkmedium,asrealizedinanetworkinterfacecardorahub.
Workingwith100VG-AnyLAN
Whencomparedtothesuccessof100BaseEthernetproductsinthemarketplace,100VGAnyLANobviouslyhasnotbeenacceptedasanindustrystandard,butafewnetworksstill
useit.Theproblemisnotsomuchoneofperformance,because100VGcertainlyrivals
100BaseEthernetinthatrespect,but,instead,ofmarketingandsupport.
Despiteusingthesamephysicallayerspecificationsandframeformats,100VGAnyLANissufficientlydifferentfromEthernettocausehesitationonthepartofnetwork
administratorswhohaveinvestedlargeamountsoftimeandmoneyinlearningtosupport
CSMA/CDnetworks.Deployinganew100VG-AnyLANwouldnotbeawisebusiness
decisionatthispoint,andeventryingtopreserveanexistinginvestmentinthistechnology
isadoubtfulcourseofaction.
Mixing100VG-AnyLANand100BaseEthernetnodesonthesamecollisiondomainis
impossible,butyoucancontinuetouseyourexisting100VGsegmentsandtoaddnew
100BaseEthernetsystemsaslongasyouuseaswitchtocreateaseparatecollision
domain.Themostpracticalmethodfordoingthisistoinstallamodularswitchintowhich
youcanplugtransceiverssupportingdifferentdatalinklayerprotocols.
CHAPTER
12 NetworkingProtocols
Althoughthevastmajorityoflocalareanetworks(LANs)useoneoftheEthernetvariants,
otherdatalinklayerprotocolsprovidedtheirownuniqueadvantages.Chiefamongthese
advantageswastheuseofmediaaccesscontrolmechanisms(MACs)otherthanCarrier
SenseMultipleAccesswithCollisionDetection(CSMA/CD).TokenRingandFiber
DistributedDataInterface(FDDI)werebothviableLANprotocolsthatapproachedthe
problemofsharinganetworkcableinawhollydifferentway.
TokenRing
TokenRingwasthetraditionalalternativetotheEthernetprotocolatthedatalinklayer.
ThesupportersofTokenRingwereand,inmanycasesare,stalwart,andwhileitdidnot
everovertakeEthernetinpopularity,itwasfarfrombeingoutoftherace.TokenRingwas
originallydevelopedbyIBMandlaterstandardizedintheIEEE802.5document,so,like
Ethernet,therewereslightlydivergentprotocolstandards.
ThebiggestdifferencebetweenTokenRingandEthernetwasthemediaaccesscontrol
mechanism.Totransmititsdata,aworkstationmustbetheholderofthetoken,aspecial
packetcirculatedtoeachnodeonthenetworkinturn.Onlythesysteminpossessionofthe
tokencantransmit,afterwhichitpassesthetokentothenextsystem.Thiseliminatesall
possibilityofcollisionsinaproperlyfunctioningnetwork,aswellastheneedfora
collision-detectionmechanism.
TheTokenRingPhysicalLayer
Asthenameimplies,thenodesonaTokenRingnetworkconnectinaringtopology.This
is,inessence,abuswiththetwoendsconnectedtoeachothersothatsystemscanpass
datatothenextnodeonthenetworkuntilitarrivesbackatitssource.Thisisexactlyhow
theprotocolfunctions:Thesystemthattransmitsapacketisalsoresponsibleforremoving
itfromthenetworkafterithastraversedthering.
Thisring,however,islogical,notphysical.Thatis,thenetworktoallappearances
takestheformofastartopology,withtheworkstationsconnectedtoacentralhubcalleda
multistationaccessunit(MAU,orsometimesMSAU).Thelogicalring(sometimescalled
acollapsedring)isactuallyafunctionoftheMAU,whichacceptspacketstransmittedby
onesystemanddirectsthemouteachsuccessiveportinturn,waitingforthemtoreturn
overthesamecablebeforeproceedingtothenextport(seeFigure12-1).Inthis
arrangement,therefore,thetransmitandreceivecircuitsineachworkstationareactually
separateportsthatjusthappentousethesamecablebecausethesystemalwaystransmits
datatothenextdownstreamsystemandreceivesdatafromthenextupstreamsystem.
Figure12-1TokenRingnetworksappeartouseastartopology,butdatatravelsintheformofaring.
NOTETheMAUisalsoknownasaconcentrator.
CableTypes
TheoriginalIBMTokenRingimplementationsusedaproprietarycablesystemdesigned
byIBM,whichtheyreferredtoasType1,ortheIBMCablingSystem(ICS).Type1wasa
150-ohmshieldedtwisted-pair(STP)cablecontainingtwowirepairs.TheportsofaType
1MAUuseproprietaryconnectorscalledIBMdataconnectors(IDCs)oruniversaldata
connectors(UDCs),andthenetworkinterfacecardsusedstandardDB9connectors.A
cablewithIDCsateachend,usedtoconnectMAUs,wascalledapatchcable.Acable
withoneIDCandoneDB9,usedtoconnectaworkstationtotheMAU,wascalledalobe
cable.
TheothercablingsystemusedonTokenRingnetworks,calledType3byIBM,used
standardunshieldedtwisted-pair(UTP)cable,withCategory5recommended.Like
Ethernet,TokenRingusedonlytwoofthewirepairsinthecable,onepairtotransmitdata
andonetoreceiveit.Type3cablesystemsalsousedstandardRJ-45connectorsforboth
thepatchcablesandthelobecables.ThesignalingsystemusedbyTokenRingnetworks
atthephysicallayerisdifferentfromthatofEthernet,however.TokenRinguses
DifferentialManchestersignaling,whileEthernetusesManchester.
Type3UTPcablinglargelysupplantedType1intheTokenRingworld,mainly
becauseitwasmucheasiertoinstall.Type1cablewasthickandrelativelyinflexible
whencomparedtoType3,andtheIDCconnectorswerelarge,makinginternalcable
installationsdifficult.
NOTEThephysicallayerstandardsforTokenRingnetworkswerenotas
preciselyspecifiedasthoseforEthernet.Infact,theIEEE802.5standard
isquiteabriefdocumentthatcontainsnophysicallayerspecificationsat
all.ThecabletypesandwiringstandardsforTokenRingderivedfromthe
practicesusedinproductsmanufacturedbyIBM,theoriginaldeveloper
andsupporteroftheTokenRingprotocol.Asaresult,productsmadeby
othermanufacturersdifferedintheirrecommendationsforphysicallayer
elementssuchascablelengthsandthemaximumnumberofworkstations
allowedonanetwork.
TokenRingNICs
ThenetworkinterfacecardsforTokenRingsystemsweresimilartoEthernetNICsin
appearance.MostofthecardsusedRJ-45connectorsforUTPcable,althoughDB9
connectorswerealsoavailable,andtheinternalconnectorssupportedallofthemajor
systembuses,includingPCIandISA.EveryTokenRingadapterhadaverylarge-scale
integration(VLSI)chipsetthatconsistedoffiveseparateCPUs,eachofwhichhaditsown
separateexecutablecode,datastoragearea,andmemoryspace.EachCPUcorresponded
toaparticularstateorfunctionoftheadapter.Thiscomplexityisoneofthemainreasons
whyTokenRingNICsweresubstantiallymoreexpensivethanEthernetNICs.
TokenRingMAUs
Tomaintaintheringtopology,alloftheMAUsonaTokenRingnetworkneededtobe
interconnectedusingtheRingInandRingOutportsintendedforthispurpose.Figure12-2
illustrateshowtheMAUsthemselveswerecabledinaringthatwasextendedbythelobe
cablesconnectingeachoftheworkstations.ItwasalsopossibletobuildaTokenRing
networkusingacontrolaccessunit(CAU),whichwasessentiallyanintelligentMAUthat
supportedanumberoflobeattachmentmodules(LAMs).Toincreasethenumberof
workstationsconnectedtoaTokenRingnetworkwithoutaddinganewMAU,youcould
uselobeaccessunits(LAUs)thatenabledyoutoconnectseveralworkstationstoasingle
lobe.
Figure12-2TheMAUsinaTokenRingnetworkformedthebasicring.Thisringwasextendedwitheachworkstation
addedtothenetwork.
NOTELAMscansupportupto20nodeseach.
TokenRingMAUs(nottobeconfusedwithanEthernethub,whichwasoccasionally
calledaMAU,ormediumaccessunit)werequitedifferentfromEthernethubsinseveral
ways.First,thetypicalMAUwasapassivedevice,meaningitdidnotfunctionasa
repeater.ThecablingguidelinesforTokenRingnetworkswerebasedontheuseofpassive
MAUs.TherewererepeatingMAUsonthemarket,however,thatenabledyoutoextend
thenetworkcablelengthsbeyondthepublishedstandards.
Second,theportsonallMAUsremainedinaloopbackstateuntiltheywereinitialized
bytheworkstationconnectedtothem.Intheloopbackstate,theMAUpassedsignalsit
receivedfromthepreviousportdirectlytothenextportwithoutsendingthemoutoverthe
lobecable.Whentheworkstationbooted,ittransmittedwhatwasknownasaphantom
voltagetotheMAU.Phantomvoltagedidnotcarrydata;itjustinformedtheMAUofthe
presenceoftheworkstation,causingtheMAUtoaddittothering.OnolderType1Token
Ringnetworks,anadministratorhadtomanuallyinitializeeachportintheMAUwitha
special“key”plugbeforeattachingalobecabletoit.Thisinitializationwasessentialin
TokenRingbecauseofthenetwork’srelianceoneachworkstationtosendeachpacketit
receivedfromtheMAUrightback.TheMAUcouldnotsendthepackettothenext
workstationuntilitreceiveditfromthepreviousone.IfaMAUweretotransmitapacket
outthroughaporttoaworkstationthatwasturnedoffornonexistent,thepacketwould
neverreturn,theringwouldbebroken,andthenetworkwouldceasefunctioning.Because
oftheneedforthisinitializationprocess,itwasimpossibletoconnecttwoTokenRing
networkswithoutaMAU,likeyoucanwithEthernetandacrossovercable.
Finally,MAUsalwayshadtwoportsforconnectingtotheotherMAUsinthe
network.Ethernetsystemsusingastartopologyconnectedtheirhubsinahierarchicalstar
configuration(alsocalledabranchingtree),inwhichonehubcouldbeconnectedto
severalothers,eachofwhich,inturn,wasconnectedtootherhubs,asshowninFigure123.TokenRingMAUswerealwaysconnectedinaring,withtheRingInportconnectedto
thenextupstreamMAUandtheRingOutportconnectedtothenextdownstreamMAU.
EvenifyournetworkhadonlytwoMAUs,youhadtoconnecttheRingInportoneach
onetotheRingOutportontheotherusingtwopatchcables.
Figure12-3Ethernethubs(atleft)wereconnectedusingabranchingtreearrangement,whileTokenRingMAUs(at
right)wereconnectedinaring.
TheconnectionsbetweenTokenRingMAUswereredundant.Thatis,ifacableor
connectorfailurecausedabreakbetweentwooftheMAUs,theadjacentMAUs
transmittedanydatareachingthembackintheotherdirection,sothepacketsalways
reachedalloftheworkstationsconnectedtothenetwork.TheTokenRingstandardsused
aspecificationcalledtheadjustedringlength(ARL)todeterminethetotallengthofthe
datapathintheeventofthistypeoffailure.
CalculatingtheARL
TocalculatetheARLforanetwork,youtookthesumofallthepatchcablelengths
betweenwiringclosetsminusthelengthoftheshortestpatchcableconnectingtwowiring
closetsandmadethefollowingadjustments:
•Added3metersforeverypunchdownconnectioninvolvedinthepath
betweentwoMAUs
•Added30metersforeverysurgeprotectorusedonthenetwork
•Added16metersforeveryeight-portMAU
BecauseMAUswereoftenstoredinwiringclosets,thestandardreferstothenumber
ofwiringclosetsusedonthenetworkusingMAUsmorethan3metersapart.Whetherthe
MAUswerephysicallylocatedindifferentclosetsisnotrelevant;anytwoMAUs
connectedbyacablemorethan3meterslongweresaidtobeindifferentwiringclosets.
Patchcablesshorterthan3meterswerenottobeincludedintheARLcalculations.
NOTEAlloftheringlengthsdiscussedinreferencetoTokenRingnetworks
refertopassiveMAUnetworks.UnlikeanEthernethub,aTokenRing
MAUdidnotusuallyfunctionasarepeater.WhenyouusedactiveMAUs
thatincludedsignal-repeatingcapabilities,thecablescouldbemuch
longer,dependingonthecapabilitiesoftheindividualMAU.
TokenPassing
AccesstothenetworkmediumonaTokenRingnetworkwasarbitratedthroughtheuseof
a3-bytepacketknownasthetoken.Whenthenetworkwasidle,theworkstationswere
saidtobeinbitrepeatmode,awaitinganincomingtransmission.Thetokencirculated
continuouslyaroundthering,fromnodetonode,untilitreachedaworkstationthathad
datatotransmit.Totransmititsdata,theworkstationmodifiesasinglemonitorsettingbit
inthetokentoreflectthatthenetworkisbusyandsendsittothenextworkstation,
followedimmediatelybyitsdatapacket.
Thepacketalsocirculatesaroundthering.Eachnodereadthedestinationaddressin
thepacket’sframeheaderandeitherwrotethepackettoitsmemorybuffersforprocessing
beforetransmittingittothenextnodeorjusttransmitteditwithoutprocessing.(Compare
thiswithEthernetsystemsthatsimplydiscardpacketsthatarenotaddressedtothem.)In
thisway,thepacketreacheseverynodeonthenetworkuntilitarrivesattheworkstation
thatoriginallysentit.
Onreceiptofthepacketafterithadtraversedthering,thesendingnodecomparedthe
incomingdatawiththedataitoriginallytransmittedtoseewhetheranyerrorshad
occurredduringtransmission.Iferrorshadoccurred,thecomputerretransmittedthe
packet.Ifnoerrorsoccurred,thecomputerremovedthepacketfromthenetworkand
discardeditandthenchangedthemonitorsettingbitbacktoitsfreestateandtransmitted
it.Theprocesswasthenrepeated,witheachsystemhavinganequalchancetotransmit.
Althoughitwasnotpartoftheoriginalstandard,most16MbpsTokenRingsystems
todayincludedafeaturecalledearlytokenrelease(ETR),whichenabledthetransmitting
systemtosendthe“free”tokenimmediatelyafterthedatapacket(insteadofthe“busy”
tokenbeforethedatapacket),withoutwaitingforthedatatotraversethenetwork.That
way,thenextnodeonthenetworkreceivedthedatapacket,capturedthefreetoken,and
transmitteditsowndatapacket,followedbyanotherfreetoken.Thisenabledmultiple
datapacketstoexistonthenetworksimultaneously,buttherewasstillonlyonetoken.
Earlytokenreleaseeliminatessomeofthelatencydelaysonthenetworkthatoccurred
whilesystemswaitedforthefreetokentoarrive.
NOTEEarlytokenreleasewaspossibleonlyon16MbpsTokenRing
networks.SystemsthatuseETRcouldcoexistonthesamenetworkwith
systemsthatdidnot.
Becauseonlythecomputerholdingthetokencantransmitdata,TokenRingnetworks
didnotexperiencecollisionsunlessaseriousmalfunctionoccurred.Thismeantthatthe
networkcouldoperateuptoitsfullcapacitywithnodegradationofperformance,ascan
happeninanEthernetnetwork.Thetoken-passingsystemwasalsodeterministic,which
meantthatitcouldcalculatethemaximumamountoftimethatwouldelapsebeforea
particularnodecouldtransmit.
TokenRingisnottheonlydatalinklayerprotocolthatusedtokenpassingforits
mediaaccesscontrolmethod.FDDIusestokenpassing.
SystemInsertion
Beforeitcouldjointhering,aworkstationhadtocompleteafive-stepinsertionprocedure
thatverifiedthesystem’scapabilitytofunctiononthenetwork.Thefivestepswereas
follows:
1.MedialobecheckThemedialobechecktestedthenetworkadapter’s
capabilitytotransmitandreceivedataandthecable’scapabilitytocarrythedata
totheMAU.WiththeMAUloopingtheincomingsignalforthesystembackout
throughthesamecable,theworkstationtransmittedaseriesofMACLobeMedia
Testframestothebroadcastaddress,withthesystem’sownaddressasthesource.
ThenthesystemtransmittedaMACDuplicationAddressTestframewithitsown
addressasboththesourceandthedestination.Toproceedtothenextstep,the
systemhadtosuccessfullytransmit2,047MACLobeMediaTestframesandone
MACDuplicationAddressTestframe.Thetestingsequencecouldberepeated
onlytwotimesbeforetheadapterwasconsideredtohavefailed.
2.PhysicalinsertionDuringthephysicalinsertionprocess,theworkstation
sentaphantomvoltage(alow-voltageDCsignalinvisibletoanydatasignalson
thecable)upthelobecabletotheMAUtotriggertherelaythatcausedtheMAU
toaddthesystemintothering.Afterdoingthis,theworkstationwaitedforasign
thatanactivemonitorispresentonthenetwork,intheformofeitheranActive
MonitorPresent(AMP),StandbyMonitorPresent(SMP),orRingPurgeframe.If
thesystemdidnotreceiveoneoftheseframeswithin18seconds,itinitiateda
monitorcontentionprocess.Ifthecontentionprocessdidnotcompletewithinone
secondoriftheworkstationbecametheactivemonitor(see“TokenRing
Monitors”laterinthischapter)andinitiatedaringpurgethatdidnotcomplete
withinonesecond,oriftheworkstationreceivedaMACBeaconorRemove
Stationframe,theconnectiontotheMAUfailedtoopen,andtheinsertionwas
unsuccessful.
3.AddressverificationTheaddressverificationprocedurecheckedtosee
whetheranotherworkstationontheringhadthesameaddress.BecauseToken
Ringsupportedlocallyadministeredaddresses(LAAs),itwaspossibleforthisto
occur.ThesystemgeneratedaseriesofMACDuplicationAddressTestframes
likethoseinstep1,exceptthatthesewerepropagatedovertheentirenetwork.If
noothersystemwasusingthesameaddress,thetestframesshouldcomeback
withtheirAddressRecognized(ARI)andFrameCopied(FCI)bitssetto0,at
whichtimethesystemproceededtothenextstep.Ifthesystemreceivedtwotest
frameswiththeARIandFCIbitssetto1orifthetestframesdidnotreturnwithin
18seconds,theinsertionfailed,andtheworkstationwasremovedfromthering.
4.RingpollparticipationThesystemmustsuccessfullyparticipateinaring
pollbyreceivinganAMPorSMPframewiththeARIandFCIbitssetto0,
changingthosebitsto1,andtransmittingitsownSMPframe.Iftheworkstation
didnotreceiveanAMPorSMPframewithin18seconds,theinsertionfailed,and
theworkstationwasremovedfromthering.
5.RequestinitializationTheworkstationtransmittedfourMACRequest
Initializationframestothefunctionaladdressofthenetwork’sringparameter
server.IfthesystemreceivedtheframeswiththeARIandFCIbitssetto0,
indicatingthattherewasnofunctioningringparameterserver,thesystem’s
networkadapteruseditsdefaultvalues,andtheinitialization(aswellastheentire
systeminsertion)wasdeemedsuccessful.Ifthesystemreceivedoneofitsframes
withtheARIandFCIbitssetto1(indicatingthataringparameterserverhad
receivedtheframe),itwaitedtwosecondsforaresponse.Iftherewasno
response,thesystemretrieduptofourtimes,afterwhichtheinitializationfailed,
andtheworkstationwasremovedfromthering.
SystemStates
Duringitsnormalfunctions,aTokenRingsystementersthreedifferentoperationalstates,
whichareasfollows:
1.RepeatWhileintherepeatstate,theworkstationtransmittedallthedata
arrivingattheworkstationthroughthereceiveporttothenextdownstreamnode.
Whentheworkstationhadapacketofitsownqueuedfortransmission,itmodified
thetokenbitintheframe’saccesscontrolbytetoavalueof1andenteredthe
transmitstate.Atthesametime,thetokenholdingtimer(THT)thatallowsthe
system8.9msoftransmissiontimewasresettozero.
2.TransmitOnceinthetransmitstate,theworkstationtransmittedasingle
frameontothenetworkandreleasedthetoken.Aftersuccessfullytransmittingthe
frame,theworkstationtransmittedidlefill(asequenceofones)untilitreturnedto
therepeatstate.IfthesystemreceivedaBeacon,RingPurge,orClaimToken
MACframewhileitwastransmitting,itinterruptedthetransmissionandsentan
AbortDelimiterframetoclearthering.
3.StrippingAtthesametimethataworkstation’stransmitportwasinthe
transmitstate,itsreceiveportwasinthestrippingstate.Asthetransmitteddata
returnedtotheworkstationaftertraversingthering,thesystemstrippeditfromthe
networksothatitwouldnotcirculateendlessly.Oncethesystemdetectedtheend
delimiterfieldonthereceiveport,itknewthattheframehadbeencompletely
strippedandreturnedtotherepeatstate.Ifthe8.9msTHTexpiredbeforetheend
delimiterarrived,thesystemrecordedalostframeerrorforlatertransmissionina
SoftErrorReportframebeforereturningtotherepeatstate.
TokenRingMonitors
EveryTokenRingnetworkhadasystemthatfunctionedastheactivemonitorthatwas
responsibleforensuringtheproperperformanceofthenetwork.Theactivemonitordid
nothaveanyspecialprogrammingorhardware;itwassimplyelectedtotherolebya
processcalledmonitorcontention.Alloftheothersystemsonthenetworkthenfunctioned
asstandbymonitors,shouldthecomputerfunctioningastheactivemonitorfail.The
functionsoftheactivemonitorwereasfollows:
•TransmitActiveMonitorPresentframesEverysevenseconds,theactive
monitor(AM)transmittedanActiveMonitorPresentMACframethatinitiated
theringpollingprocess.
•MonitorringpollingTheAMhadtoreceiveeitheranActiveMonitor
PresentorStandbyMonitorPresentframefromthenodeimmediatelyupstreamof
itwithinsevensecondsofinitiatingaringpollingprocedure.Iftherequiredframe
didnotarrive,theAMrecordedaringpollingerror.
•ProvidemasterclockingTheAMgeneratedamasterclocksignalthatthe
otherworkstationsonthenetworkusedtosynchronizetheirclocks.Thisensured
thatallthesystemsonthenetworkknewwheneachtransmittedbitbeginsand
ends.Thisalsoreducednetworkjitter,thesmallamountofphaseshiftthattended
tooccuronthenetworkasthenodesrepeatedthetransmitteddata.
•ProvidealatencybufferInthecaseofasmallring,itwaspossiblefora
workstationtobegintransmittingatokenandtoreceivethefirstbitsonitsreceive
portbeforeithadfinishedtransmitting.TheAMpreventedthisbyintroducinga
propagationdelayofatleast24bits(calledalatencybuffer),whichensuredthat
thetokencirculatesaroundthenetworkproperly.
NOTEAlatencybufferisalsoknownasfixedlatency.
•Monitorthetoken-passingprocessTheactivemonitorhadtoreceivea
goodtokenevery10milliseconds,whichensuredthatthetoken-passing
mechanismwasfunctioningproperly.Ifaworkstationraisedthetokenpriority
andfailedtoloweritorfailedtocompletelystripitspacketfromthering,theAM
detectedtheproblemandremedieditbypurgingtheringandgeneratinganew
token.Everynode,onreceivingaRingPurgeMACframefromtheAM,stopped
whatitwasdoing,resetitstimers,andenteredbitrepeatmodeinpreparationfor
receiptofanewpacket.
RingPollingRingpollingwastheprocessbywhicheachnodeonaTokenRingnetwork
identifieditsnearestactiveupstreamneighbor(NAUN).Theworkstationsusedthis
informationduringthebeaconingprocesstoisolatethelocationofanetworkfault.
Thering-pollingprocesswasinitiatedbytheactivemonitorwhenittransmittedan
ActiveMonitorPresent(AMP)MACframe.ThisframecontainedanAddressRecognized
bitandaFrameCopiedbit,bothofwhichhaveavalueof0.Thefirstsystemdownstream
oftheAMreceivedtheframeandchangedtheARIandFCIbitsto1.Thereceiving
systemalsorecordedtheaddressofthesendingsystemasitsNAUN.Thisisbecausethe
firststationthatreceivedanAMPframealwayschangedthevaluesofthosetwobits.
Therefore,thesystemreceivingaframewithzero-valuedARIandFCIbitsknewthe
senderwasitsnearestactiveupstreamneighbor.
BeaconingWhenastationonaTokenRingnetworkfailedtodetectasignalonits
receiveport,itassumedthattherewasafaultinthenetworkandinitiatedaprocesscalled
beaconing.ThesystembroadcastMACbeaconframestotheentirenetworkevery20
milliseconds(withoutcapturingatoken)untilthereceivesignalcommencedagain.Each
stationtransmittingbeaconframeswassaying,inessence,thataproblemexistedwithits
nearestactiveupstreamneighborbecauseitwasnotreceivingasignal.IftheNAUN
beganbeaconingalso,thisindicatedthattheproblemwasfartherupstream.Bynoting
whichstationsonthenetworkwerebeaconing,itwaspossibletoisolatethe
malfunctioningsystemorcablesegment.TherewerefourtypesofMACbeaconframes,
asfollows:
•SetRecoveryMode(priority1)TheSetRecoveryModeframewasrarely
seenbecauseitwasnottransmittedbyaworkstation’sTokenRingadapter.This
framewasusedonlyduringarecoveryprocessinitiatedbyanattachednetwork
managementproduct.
•SignalLoss(priority2)TheSignalLossframewasgeneratedwhena
monitorcontentionprocessfailedbecauseofatimeoutandthesystementeredthe
contentiontransmitmodebecauseofafailuretoreceiveanysignalfromthe
activemonitor.Thepresenceofthisframeonthenetworkusuallyindicatedthata
cablebreakorahardwarefailurehadoccurred.
•StreamingSignal,NotClaimToken(priority3)TheStreamingSignal,
NotClaimTokenframewasgeneratedwhenamonitorcontentionprocessfailed
becauseofatimeoutandthesystemhadreceivednoMACClaimTokenframes
duringthecontentionperiod.Thesystemhadreceivedaclocksignalfromthe
activemonitor,however,ortheSignalLossframewouldhavebeengenerated
instead.
•StreamingSignal,ClaimToken(priority4)TheStreamingSignal,Claim
Tokenframewasgeneratedwhenamonitorcontentionprocessfailedbecauseofa
timeoutandthesystemhadreceivedMACClaimTokenframesduringthe
contentionperiod.Thisframewasusuallyanindicationofatransientproblem
causedbyacablethatwastoolongorbysignalinterferencecausedby
environmentalnoise.
Whenasystemsuspectedthatitmaybethecauseofthenetworkproblemresultingin
beaconing,itremoveditselffromtheringtoseewhethertheproblemdisappeared.Ifthe
systemtransmittedbeaconframesformorethan26seconds,itperformedabeacon
transmitauto-removaltest.
IfthesystemreceivedeightconsecutivebeaconframesthatnameitastheNAUNofa
beaconingsystemdownstream,itperformedabeaconreceiveauto-removaltest.
TokenRingFrames
FourdifferenttypesofframeswereusedonTokenRingnetworks,unlikeEthernet
networks,whichhadonesingle-frameformat.Thedataframetypewastheonlyonethat
actuallycarriedthedatageneratedbyupper-layerprotocols,whilethecommandframe
typeperformedringmaintenanceandcontrolprocedures.Thetokenframetypewasa
separateconstructionusedonlytoarbitratemediaaccess,andtheabortdelimiterframe
typewasusedonlywhencertaintypesoferrorsoccurred.
TheDataFrame
TokenRingdataframescarriedtheinformationgeneratedbyupper-layerprotocolsina
standardlogicallinkcontrol(LLC)protocoldataunit(PDU),asdefinedintheIEEE802.2
document.Table12-1describesthefieldsthatmadeuptheframeandtheirfunctions.
Table12-1TokenRingDataFramesandTheirFunctions
TheCommandFrameCommandframes,alsocalledMACframes,differedfromdata
framesonlyintheinformationfieldandsometimestheframecontrolfield.MACframes
didnotuseanLLCheader;instead,theycontainedaPDUconsistingof2bytesthat
indicatedthelengthofthecontrolinformationtofollow,a2-bytemajorvectorIDthat
specifiedthecontrolfunctionoftheframe,andavariablenumberofbytescontainingthe
controlinformationitself.
MACframesperformedringmaintenanceandcontrolfunctionsonly.Theynever
carriedupper-layerdata,andtheywereneverpropagatedtoothercollisiondomainsby
bridges,switches,orrouters.
TheTokenFrameThetokenframewasextremelysimple,consistingofonlythree1bytefields:thestartdelimiter,accesscontrol,andenddelimiterfields.Thetokenbitinthe
accesscontrolfieldwasalwayssettoavalueof1,andthedelimiterfieldstookthesame
formasinthedataandcommandframes.
TheAbortDelimiterFrameTheabortdelimiterframeconsistedonlyofthestart
delimiterandtheenddelimiterfields,usingthesameformatastheequivalentfieldsinthe
dataandcommandframes.Thisframetypewasusedprimarilywhenanunusualevent
occurred,suchaswhenthetransmissionofapacketwasinterruptedandended
prematurely.Whenthishappened,theactivemonitortransmittedanabortdelimiterframe
thatflushedoutthering,removingalltheimproperlytransmitteddataandpreparingitfor
thenexttransmission.
TokenRingErrors
TheIEEE802.5standarddefinedanumberofsofterrortypesthatsystemsonthenetwork
couldreporttotheworkstationfunctioningastheringerrormonitorusingMACframes.
WhenaTokenRingadapterdetectedasofterror,itbeganatwo-secondcountdown,
duringwhichitwaitedtoseewhetherothererrorsoccurred.Afterthetwoseconds,the
systemsentasofterrorreportmessagetotheaddressoftheringerrormonitor.Therewere
severaltypesofsofterrorsdetectablebyTokenRingsystems,asshownnext:
•BursterrorAbursterroroccurredwhenasystemdetectedfivehalf-bit
times(thatis,threetransmittedbits)thatlackedtheclocktransitioninthemiddle
ofthebitcalledforbytheDifferentialManchesterencodingsystem.Thistypeof
errorwastypicallycausedbynoiseonthecableresultingfromfaultyhardwareor
someotherenvironmentalinfluence.
•LineerrorAlineerroroccurredwhenaworkstationreceivedaframethat
hadanerrordetectionbitintheenddelimiterfieldwithavalueof1,either
becauseofaCRCerrorintheframechecksequenceorbecauseabitviolatingthe
DifferentialManchesterencodingsystemwasdetectedinanyfieldsotherthanthe
startdelimiterandenddelimiter.Anetworkwithnoiseproblemswouldtypically
haveonelineerrorforeverytenbursterrors.
•LostframeerrorAlostframeerroroccurredwhenasystemtransmitteda
frameandfailedtoreceiveitbackwithinthefourmillisecondsallottedbythe
returntorepeattimer(RRT).Thiserrorcouldbecausedbyexcessivenoiseonthe
network.
•TokenerrorAtokenerroroccurredwhentheactivemonitor’stenmillisecondvalidtransmissiontimer(VTX)expiredwithoutthereceiptofaframe
andtheAMhadtogenerateanewtoken,oftencausedbyexcessivenoiseonthe
network.
•InternalerrorAninternalerroroccurredwhenasystemdetectedaparity
errorduringdirectmemoryaccess(DMA)betweenthenetworkadapterandthe
computer.
•FrequencyerrorAfrequencyerroroccurredwhenastandbymonitor
systemreceivedasignalthatdifferedfromtheexpectedfrequencybymorethana
givenamount.
•ACerrorAnACerroroccurredwhenasystemreceivedtwoconsecutive
ring-pollingframeswithARIandFCIbitssetto0,inwhichthefirstframewasan
AMPoranSMPandthesecondframewasanSMP.
•FCerrorAFrameCopiederroroccurredwhenasystemreceivedaunicast
MACframewiththeARIbitsetto1,indicatingeitheranoiseproblemora
duplicateaddressonthenetwork.
•AbortdelimitertransmittederrorAnabortdelimitertransmittederror
occurredwhenanetworkconditioncausedaworkstationtostoptransmittingin
themiddleofaframeandtogenerateanabortdelimiterframe.
•ReceivecongestionerrorAreceivecongestionerroroccurredwhena
systemreceivedaunicastframebuthadnoavailablebufferspacetostorethe
packetbecauseitwasbeingoverwhelmedbyincomingframes.
FDDI
Appearingfirstinthelate1980sanddefinedinstandardsdevelopedbytheAmerican
NationalStandardsInstitute(ANSI)X3T9.5committee,FiberDistributedDataInterface
(FDDI,pronounced“fiddy”)wasthefirst100Mbpsdatalinklayerprotocoltoachieve
popularuse.
AtthetimeofFDDI’sintroduction,10MbpsthickandthinEthernetwerethe
dominantLANtechnologies,andFDDIrepresentedamajorstepforwardinspeed.In
addition,theuseoffiber-opticcableprovideddramaticincreasesinpacketsize,network
segmentlength,andthenumberofworkstationssupported.FDDIpacketscancarryupto
4,500bytesofdata(comparedto1,500forEthernet),and,undercertainconditions,a
networkcanconsistofupto100kmofcable,supportingupto500workstations.These
improvements,incombinationwithfiberoptics’completeresistancetotheeffectsof
electromagneticinterference,makeitanexcellentprotocolforconnectingdistant
workstationsandnetworks,eventhoseindifferentbuildings.Asaresult,FDDIoriginally
becameknownprimarilyasabackboneprotocol,aroleforwhichitisadmirablysuited.
Whileitoriginallywasdesignedtorunonfiber-opticcables,FDDIcanalsorunoncopper
cablesusingelectricalsignals.
Becauseofitsuseasabackboneprotocol,productssuchasbridgesandroutersthat
connectEthernetnetworkstoFDDIbackbonesarecommon.FDDIiscompletelydifferent
fromEthernet,andthetwonetworktypescanbeconnectedonlybyusingadevicesuchas
arouteroratranslationbridgethatisdesignedtoprovideaninterfacebetweendifferent
networks.ThisprotocolisreliablebecauseFDDInetworkshavetwocounter-rotating
ringsthatbackeachotherup.Thatis,shouldoneringfailtofunction,thesystemprovides
analternativemethodofsendingdata.
FDDITopology
FDDIisatoken-passingprotocollikeTokenRingthatuseseitheradouble-ringorastar
topology.UnlikeTokenRing,inwhichtheringtopologyislogicalandnotphysical,the
originalFDDIspecificationcalledforthesystemstoactuallybecabledinaringtopology.
Inthiscase,itisadoublering,however.Thedoublering(alsocalledatrunkring)consists
oftwoseparaterings,aprimaryandasecondary,withtrafficrunninginopposite
directionstoprovidefaulttolerance.Thecircumferenceofthedoubleringcanbeupto
100km,andworkstationscanbeupto2kmapart.
Workstationsconnectedtobothringsarecalleddualattachmentstations(DASs).Ifa
cableshouldbreakoraworkstationshouldmalfunction,trafficisdivertedtothe
secondaryringthatisrunningintheoppositedirection,enablingittoaccessanyother
systemonthenetworkusingthesecondarypath.AFDDInetworkoperatinginthisstateis
calledawrappedring.Figure12-4showsaproperlyfunctioningFDDIdual-ringnetwork
andawrappedring.
Figure12-4TheFDDIdoublering,functioningnormallyontheleftandwrappedontheright
Ifasecondcablebreakshouldoccur,thenetworkisthendividedintotwoseparate
rings,andnetworkcommunicationsareinterrupted.Awrappedringisinherentlyless
efficientthanthefullyfunctionaldoubleringbecauseoftheadditionaldistancethatthe
trafficmusttravelandis,therefore,meanttobeatemporarymeasureonlyuntilthefaultis
repaired.
FDDIcanalsouseastartopologyinwhichworkstationsareattachedtoahub,called
adualattachmentconcentrator(DAC).Thehubcaneitherstandaloneorbeconnectedto
adoublering,formingwhatissometimescalledadualringoftrees.Workstations
connectedtothehubaresingle-attachmentstations(SASs);theyareconnectedonlytothe
primaryringandcannottakeadvantageofthesecondaryring’swrappingcapabilities.The
FDDIspecificationsdefinefourtypesofportsusedtoconnectworkstationstothe
network:
•ADASconnectiontosecondaryring
•BDASconnectiontoprimaryring
•MDACportforconnectiontoanSAS
•SSASconnectiontoMportinaconcentrator
Table12-2describesthevarioustypesofconnectionsusingthefourtypesofFDDI
ports.
Table12-2FDDIConnectionTypes
DASsandDACshavebothAandBportstoconnectthemtoadoublering.Signals
fromtheprimaryringenterthroughtheBportandexitfromtheAport,whilethesignals
fromthesecondaryringenterthroughAandexitthroughB.AnSAShasasingleSport,
whichconnectsittotheprimaryringonlythroughanMportonaDAC.
NOTEThe500workstationand100kmnetwork-lengthlimitationsarebased
ontheuseofDAScomputers.AFDDInetworkcomposedonlyofSAS
machinescanbeupto200kmlongandsupportupto1,000workstations.
DAScomputersthatareattacheddirectlytothedoubleringfunctionasrepeaters;they
regeneratethesignalsastheypasseachpacketalongtotherestofthenetwork.Whena
systemisturnedoff,however,itdoesnotpassthepacketsalong,andthenetworkwraps,
unlessthestationisequippedwithabypassswitch.Abypassswitch,implementedeither
aspartofthenetworkinterfaceadapterorasaseparatedevice,enablesincomingsignals
topassthroughthestationandontotherestofthenetwork,butitdoesnotregenerate
them.Onafiber-opticnetwork,thisistheequivalentofopeningawindowtoletthe
sunlightintoaroominsteadofturningonanelectriclight.Aswithanynetworkmedium,
thesignalhasatendencytoattenuateifitisnotregenerated.Iftoomanyadjacentsystems
arenotrepeatingthepackets,thesignalscanweakentothepointatwhichstationscan’t
readthem.
TheDACfunctionsmuchlikeaTokenRingMAUinthatitimplementsalogicalring
whileusingaphysicalstartopology.ConnectingaDACtoadoubleringextendsthe
primaryringtoeachconnectedworkstationandback,asshowninFigure12-5.Noticethat
whiletheDACisconnectedtoboththeprimaryandsecondaryrings,theMportsconnect
onlytheprimaryringtotheworkstations.Thus,whiletheDACitselftakesadvantageof
thedoublering’sfaulttolerance,abreakinthecableconnectingaworkstationtotheDAC
severstheworkstationfromthenetwork.However,theDACiscapableofdynamically
removingamalfunctioningstationfromthering(again,likeaTokenRingMAU)sothat
theproblemaffectsonlythesingleworkstationandnottheentirering.
Figure12-5DACsconnectedtothedoubleringprovidemultipleSASconnections
ItissometimespossibletoconnectaDAStotwoDACportstoprovideastandbylink
tothehubiftheactivelinkfails.Thisiscalleddualhoming.However,thisisdifferent
fromconnectingtheDASdirectlytothedoubleringbecauseboththeAandBportsonthe
workstationareconnectedtoMportsonthehub.Mportsareconnectedonlytothe
primaryring,soadual-homedsystemsimplyhasabackupconnectiontotheprimaryring,
notaconnectiontobothrings.
CascadinghubsarepermittedonaFDDInetwork.ThismeansyoucanplugoneDAC
intoanMportofanotherDACtoextendthenetwork.Thereisnolimittothenumberof
layers,aslongasyouobservethemaximumnumberofworkstationspermittedonthe
ring.Itisalsopossibletocreateatwo-stationringbyconnectingtheSportsontwoSAS
computersorbyconnectinganSporttoeithertheAorBportofaDAS.SomeFDDI
adaptersmayrequirespecialconfigurationtodothis.
FDDISubsystems
ThefunctionalityoftheFDDIprotocolisbrokendownintofourdistinctlayers,as
follows:
•Physicalmediadependent(PMD)Preparesdatafortransmissionovera
specifictypeofnetworkmedium
•Physical(PHY)Encodesanddecodesthepacketdataintoaformatsuitable
fortransmissionoverthenetworkmediumandisresponsibleformaintainingthe
clocksynchronizationonthering
•Mediaaccesscontrol(MAC)ConstructsFDDIpacketsbyapplyingthe
framecontainingaddressing,scheduling,androutingdata,andthennegotiates
accesstothenetworkmedium
•Stationmanagement(SMT)ProvidesmanagementfunctionsfortheFDDI
ring,includinginsertionandremovaloftheworkstationfromthering,fault
detectionandreconfiguration,neighboridentification,andstatisticsmonitoring
TheFDDIstandardsconsistofseparatedocumentsforeachoftheselayers,aswellas
separatespecificationsforsomeoftheoptionsatcertainlayers.Theoperationsperformed
ateachlayerarediscussedinthefollowingsections.
ThePhysicalMediaDependentLayer
Thephysicalmediadependentlayerisresponsibleforthemechanicsinvolvedin
transmittingdataoveraparticulartypeofnetworkmedium.TheFDDIstandardsdefine
twophysicallayeroptions,asfollows.
Fiber-OpticTheFiber-PMDstandardsdefinetheuseofeithersingle-modeor
multimodefiber-opticcable,aswellastheoperatingcharacteristicsoftheother
componentsinvolvedinproducingthesignals,includingtheopticalpowersources,photodetectors,transceivers,andmediuminterfaceconnectors.Forexample,theopticalpower
sourcesmustbeabletotransmita25-microwattsignal,whilethephotodetectorsmustbe
capableofreadinga2-microwattsignal.
The2kmmaximumdistancebetweenFDDIstationscitedearlierisformultimode
fiber;withsingle-modecable,runsof40kmto60kmbetweenworkstationsarepossible.
Thereisalsoalow-costmultimodefibercablestandard,calledLCF-PMD,thatallows
only500metersbetweenworkstations.Allofthesefibercablesusethesamewavelength
(1300nm),soit’spossibletomixthemonthesamenetwork,aslongasyouadheretothe
cablingguidelinesoftheleastcapablecableinuse.
Twisted-PairTheTP-PMDstandard,sometimescalledtheCopperDistributedData
Interface(CDDI,pronounced“siddy”),callsfortheuseofeitherstandardCategory5
unshieldedtwisted-pairorType1shieldedtwisted-paircable.Inbothcases,themaximum
distanceforacablerunis100meters.Twisted-paircableistypicallyusedforSAS
connectionstoconcentrators,whilethebackboneusesfiberoptic.Thismakesitpossible
touseinexpensivecoppercableforhorizontalwiringtotheworkstationsandretainthe
attributesoffiberopticonthebackbonewithouttheneedtobridgeorroutebetweenFDDI
andEthernet.CDDInevergainedwideacceptanceinthemarketplace,probablybecause
oftheintroductionofFastEthernetatapproximatelythesametime.
ThePhysicalLayer
WhilethePMDlayerdefinesthecharacteristicsofspecificmediatypes,thePHYlayeris
implementedinthenetworkinterfaceadapter’schipsetandprovidesamedia-independent
interfacetotheMAClayeraboveit.IntheoriginalFDDIstandards,thePHYlayeris
responsiblefortheencodinganddecodingofthepacketsconstructedbytheMAClayer
intothesignalsthataretransmittedoverthecable.FDDIusesasignalingschemecalled
Non-ReturntoZeroInverted(NRZI)4B/5B,whichissubstantiallymoreefficientthanthe
ManchesterandDifferentialManchesterschemesusedbyEthernetandTokenRing,
respectively.
TheTP-PMDstandard,however,callsforadifferentsignalingscheme,whichis
Multi-LevelTransition(MLT-3),whichusesthreesignalvaluesinsteadofthetwousedby
NRZI4B/5B.Bothoftheseschemesprovidethesignalneededtosynchronizetheclocks
ofthetransmittingandreceivingworkstations.
TheMediaAccessControlLayer
TheMAClayeracceptsprotocoldataunits(PDUs)ofupto9,000bytesfromthenetwork
layerprotocolandconstructspacketsupto4,500bytesinsizebyencapsulatingthedata
withinaFDDIframe.Thislayerisalsoresponsiblefornegotiatingaccesstothenetwork
mediumbyclaimingandgeneratingtokens.
DataFramesMostofthepacketstransmittedbyaFDDIstationaredataframes.Adata
framecancarrynetworklayerprotocoldata,MACdatausedinthetokenclaimingand
beaconingprocesses,orstationmanagementdata.
FDDIframescontaininformationencodedintosymbols.Asymbolisa5-bitbinary
stringthattheNRZI4B/5Bsignalingschemeusestotransmita4-bitvalue.Thus,two
symbolsareequivalentto1byte.Thisencodingprovidesvaluesforthe16hexadecimal
datasymbols,8controlsymbolsthatareusedforspecialfunctions(someofwhichare
definedintheframeformatthatfollows),and8violationsymbolsthatFDDIdoesnotuse.
Table12-3liststhesymbolsusedbyFDDIandthe5-bitbinarysequencesusedto
representthem.
Table12-3FDDISymbolValues
Figure12-6showstheformatofaFDDIdataframe.Thefunctionsoftheframefields
areasfollows:
•Preamble(PA),8bytesContainsaminimumof16symbolsofidle,thatis,
alternating0sand1s,whichtheothersystemsonthenetworkusetosynchronize
theirclocks,afterwhichtheyarediscarded.
•StartingDelimiter(SD),1byteContainsthesymbolsJandK,which
indicatethebeginningoftheframe.
•FrameControl(FC),1byteContainstwosymbolsthatindicatewhatkind
ofdataisfoundintheINFOfield.Someofthemostcommonvaluesareas
follows:
•40(Voidframe)ContainsnothingbutIusedtoresettimersduring
initialization.
•41,4F(StationManagement[SMT]frame)IndicatesthattheINFOfield
containsanSMTPDU,whichiscomposedofanSMTheaderandSMT
information.
•C2,C3(MACframe)IndicatesthattheframeiseitheraMACClaimframe
(C2)oraMACBeaconframe(C3).Theseframesareusedtorecoverfrom
abnormaloccurrencesinthetoken-passingprocess,suchasfailuretoreceivea
tokenorfailuretoreceiveanydataatall.
•50,51(LLCframe)IndicatesthattheINFOfieldcontainsastandardIEEE
802.2LLCframe.FDDIpacketscarryingapplicationdatauselogicallinkcontrol
(LLC)frames.
•60(implementerframe)Theseframesaredefinedbytheuserofthe
networkorvendor.
•70(reservedframe)Theseframesarereservedforfutureuse.
•DestinationAddress(DA),6bytesSpecifiestheMACaddressofthe
systemonthenetworkthatwillnextreceivetheframeoragrouporbroadcast
address.
•SourceAddress(SA),6bytesSpecifiestheMACaddressofthesystem
sendingthepacket.
•Data(INFO),variableContainsnetworklayerprotocoldata,anSMT
headeranddata,orMACdata,dependingonthefunctionoftheframe,as
specifiedintheFCfield.
•FrameCheckSequence(FCS),4bytesContainsacyclicredundancy
checkvalue,generatedbythesendingsystem,thatwillberecomputedatthe
destinationandcomparedwiththisvaluetoverifythatthepackethasnotbeen
damagedintransit.
•EndingDelimiter(ED),4bitsContainsasingleTsymbolindicatingthat
theframeiscomplete.
•EndofFrameSequence(FS),12bitsContainsthreeindicatorsthatcan
haveeitherthevalueR(Reset)orthevalueS(Set).AllthreehavethevalueR
whentheframeisfirsttransmittedandmaybemodifiedbyintermediatesystems
whentheyretransmitthepacket.Thefunctionsofthethreeindicatorsareas
follows:
•E(Error)Indicatesthatthesystemhasdetectedanerror,eitherinthe
FCSorintheframeformat.AnysystemreceivingaframewithavalueofS
forthisindicatorimmediatelydiscardstheframe.
•A(Acknowledge)Indicatesthatthesystemhasdeterminedthatthe
frame’sdestinationaddressappliestoitself,becausetheDAfieldcontains
eithertheMACaddressofthesystemorabroadcastaddress.
•C(Copy)Indicatesthatthesystemhassuccessfullycopiedthecontents
oftheframeintoitsbuffers.Undernormalconditions,theAandCindicators
aresettogether;aframeinwhichtheAindicatorissetandCisnotindicates
thattheframecouldnotbecopiedtothesystem’sbuffers.Thisismostlikely
becauseofthesystemshavingbeenoverwhelmedwithtraffic.
Figure12-6TheFDDIdataframe
TokenPassingFDDIusestokenpassingasitsmediaaccesscontrolmechanism,likethe
TokenRingprotocol.Aspecialpacketcalledatokencirculatesaroundthenetwork,and
onlythesysteminpossessionofthetokenispermittedtotransmititsdata.Theoptional
featurecalledearlytokenreleaseonaTokenRingnetwork,inwhichasystemtransmitsa
newtokenimmediatelyafteritfinishestransmittingitslastpacket,isstandardonaFDDI
network.FDDIsystemscanalsotransmitmultiplepacketsbeforereleasingthetokento
thenextstation.Whenapackethastraversedtheentireringandreturnedtothesystem
thatoriginallycreatedit,thatsystemremovesthetokenfromtheringtopreventitfrom
circulatingendlessly.
Figure12-7showstheformatofthetokenframe.Thefunctionsofthefieldsareas
follows:
•Preamble(PA),8bytesContainsaminimumof16symbolsofidle,thatis,
alternating0sand1s,whichtheothersystemsonthenetworkusetosynchronize
theirclocks,afterwhichtheyarediscarded
•StartingDelimiter(SD),1byteContainsthesymbolsJandK,which
indicatethebeginningoftheframe
•FrameControl(FC),1byteContainstwosymbolsthatindicatethe
functionoftheframe,usingthefollowinghexadecimalvalues:
•80(NonrestrictedToken)
•C0(RestrictedToken)
•EndingDelimiter(ED),1byteContainstwoTsymbolsindicatingthatthe
frameiscomplete
Figure12-7TheFDDItokenframe
FDDIisadeterministicnetworkprotocol.Bymultiplyingthenumberofsystemson
thenetworkbytheamountoftimeneededtotransmitapacket,youcancalculatethe
maximumamountoftimeitcantakeforasystemtoreceivethetoken.Thisiscalledthe
targettokenrotationtime.FDDInetworkstypicallyruninasynchronousringmode,in
whichanycomputercantransmitdatawhenitreceivesthetoken.SomeFDDIproducts
canalsoruninsynchronousringmode,whichenablesadministratorstoallocateaportion
ofthenetwork’stotalbandwidthtoasystemorgroupofsystems.Alloftheother
computersonthenetworkrunasynchronouslyandcontendfortheremainingbandwidthin
thenormalmanner.
TheStationManagementLayer
UnlikeEthernetandmostotherdatalinklayerprotocols,FDDIhasnetworkmanagement
andmonitoringcapabilitiesintegratedintoitandwasdesignedaroundthesecapabilities.
TheSMTlayerisresponsibleforringmaintenanceanddiagnosticsoperationsonthe
network,suchasthefollowing:
•Stationinitialization
•Stationinsertionandremoval
•Connectionmanagement
•Configurationmanagement
•Faultisolationandrecovery
•Schedulingpolicies
•Statisticscollection
AcomputercancontainmorethanoneFDDIadapter,andeachadapterhasitsown
PMD,PHY,andMAClayerimplementations,butthereisonlyoneSMTimplementation
fortheentiresystem.SMTmessagesarecarriedwithinstandardFDDIdataframeswitha
valueof41or4Fintheframecontrolfield.Instationmanagementframes,theINFOfield
oftheFDDIdataframecontainsanSMTPDU,whichiscomposedofanSMTheaderand
anSMTinfofield.Figure12-8showstheformatoftheSMTPDU.Thefunctionsofthe
fieldsareasfollows:
•FrameClass,1byteSpecifiesthefunctionofthemessage,usingthe
followingvalues:
•01(NeighborInformationFrame[NIF])FDDIstationstransmitperiodic
announcementsoftheirMACaddresses,whichenablethesystemsonthenetwork
todeterminetheirupstreamneighboraddresses(UNAs)andtheirdownstream
neighboraddresses(DNAs).ThisisknownastheNeighborNotificationProtocol.
Networkmonitoringproductscanalsousethesemessagestocreateamapofthe
FDDIring.
•02(StatusInformationFrame-Configuration[SIF-Cfg])Usedtorequest
andprovideasystem’sconfigurationinformationforpurposesoffaultisolation,
ringmapping,andstatisticsmonitoring.
•03(StatusInformationFrame-Operation[SIF-Opr])Usedtorequestand
provideasystem’soperationinformationforpurposesoffaultisolation,ring
mapping,andstatisticsmonitoring.
•04(EchoFrame)UsedforSMT-to-SMTloopbacktestingbetweenFDDI
systems.
•05(ResourceAllocationFrame[RAF])Usedtoimplementnetwork
policies,suchastheallocationofsynchronousbandwidth.
•06(RequestDeniedFrame[RDF])Usedtodenyarequestissuedby
anotherstationbecauseofanunsupportedVersionIDvalueoralengtherror.
•07(StatusReportFrame[SRF])Usedtoreportastation’sstatusto
networkadministratorswhenspecificconditionsoccur,muchlikeanSNMPtrap.
Someoftheseconditionsareasfollows:
•FrameErrorConditionIndicatestheoccurrenceofanunusuallyhigh
numberofframeerrors
•LERConditionIndicatestheoccurrenceoflinkerrorsonaportabovea
specifiedlimit
•DuplicateAddressConditionIndicatesthatthesystemoritsupstream
neighborisusingaduplicateaddress
•PeerWrapConditionIndicatesthataDASisoperatinginwrapped
mode—inotherwords,thatitisdivertingdatafromtheprimaryringtothe
secondarybecauseofacablebreakorothererror
•HoldConditionIndicatesthatthesystemisinaholding-prmorholdingsecstate
•NotCopiedConditionIndicatesthatthesystem’sbuffersare
overwhelmedandthatpacketsarebeingrepeatedwithoutbeingcopiedinto
thebuffers
•EBErrorConditionIndicatesthepresenceofanelasticitybuffererror
onanyport
•MACPathChangeIndicatesthatthecurrentpathhaschangedforany
ofthesystem’sMACaddresses
•PortPathChangeIndicatesthatthecurrentpathhaschangedforanyof
thesystem’sports
•MACNeighborChangeIndicatesachangeineithertheupstreamor
downstreamneighboraddress
•UndesirableconnectionIndicatestheoccurrenceofanundesirable
connectiontothesystem
•08(ParameterManagementFrame-Get[PMF-Get])Providesthemeans
tolookatmanagementinformationbase(MIB)attributesonremotesystems.
•09(ParameterManagementFrame-Set[PMF-Set])Providesthemeansto
setvaluesforcertainMIBattributesonremotesystems.
•FF(ExtendedServiceFrame[ESF])Intendedforusewhendefiningnew
SMTservices.
•FrameType,1byteIndicatesthetypeofmessagecontainedintheframe,
usingthefollowingvalues:
•01Announcement
•02Request
•03Response
•VersionID,2bytesSpecifiesthestructureoftheSMTInfofield,usingthe
followingvalues:
•0001Indicatestheuseofaversionlowerthan7.x
•0002Indicatestheuseofversion7.x
•TransactionID,4bytesContainsavalueusedtoassociaterequestand
responsemessages.
•StationID,8bytesContainsauniqueidentifierforthestation,consistingof
twouser-definablebytesandthe6-byteMACaddressofthenetworkinterface
adapter.
•Pad,2bytesContainstwobyteswithavalueof00thatbringtheoverall
sizeoftheheaderto32bytes.
•InfoFieldLength,2bytesSpecifiesthelengthoftheSMTInfofield.
•SMTInfo,variableContainsoneormoreparameters,eachofwhichis
composedofthefollowingsubfields:
•ParameterType,2bytesSpecifiesthefunctionoftheparameter.The
firstofthetwobytesindicatestheparameter’sclass,usingthefollowing
values:
•00Generalparameters
•10SMTparameters
•20MACparameters
•32PATHparameters
•40PORTparameters
•ParameterLength,2bytesSpecifiesthetotallengthoftheResource
IndexandParameterValuefields.
•ResourceIndex,4bytesIdentifiestheMAC,PATH,orPORTobject
thattheparameterisdescribing.
•ParameterValue,variableContainstheactualparameterinformation.
Figure12-8TheFDDIstationmanagementlayerPDUformat
AFDDIsystemusesSMTmessagestoinsertitselfintotheringwhenitispowered
up.Theprocedureconsistsofseveralsteps,inwhichitinitializestheringandteststhe
linktothenetwork.Thenthesysteminitiatesitsconnectiontotheringusingaclaim
token,whichdetermineswhetheratokenalreadyexistsonthenetwork.Ifatokenframe
alreadyexists,theclaimtokenconfiguresittoincludethenewlyinitializedsysteminthe
token’spath.Ifnotokenisdetected,allofthesystemsonthenetworkgenerateclaim
frames,whichenablethesystemstodeterminethevalueforthetokenrotationtimeand
determinewhichsystemshouldgeneratethetoken.
BecauseoftheSMTheader’ssizeandthenumberoffunctionsperformedbySMT
messages,thecontroloverheadonaFDDInetworkishigh,relativetootherprotocols.
PART
IV
NetworkSystems
CHAPTER13
TCP/IP
CHAPTER14
OtherTCP/IPProtocols
CHAPTER15
TheDomainNameSystem
CHAPTER16
InternetServices
CHAPTER
13 TCP/IP
Sinceitsinceptioninthe1970s,theTCP/IPprotocolsuitehasevolvedintotheindustry
standardfordatatransferprotocolsatthenetworkandtransportlayersoftheOpen
SystemsInterconnection(OSI)model.Inaddition,thesuiteincludesmyriadother
protocolsthatoperateaslowasthedatalinklayerandashighastheapplicationlayer.
Operatingsystemstendtosimplifytheappearanceofthenetworkprotocolstackto
makeitmorecomprehensibletotheaverageuser.OnaWindowsworkstation,for
example,youinstallTransmissionControlProtocol/InternetProtocol(TCP/IP)by
selectingasinglemodulecalledaprotocol,butthisprocessactuallyinstallssupportfora
wholefamilyofprotocols,ofwhichTCPandIPareonlytwo.Understandinghowthe
individualTCP/IPprotocolsfunctionandhowtheyworktogethertoprovide
communicationservicesisanessentialpartofadministeringaTCP/IPnetwork.
TCP/IPAttributes
ThereareseveralreasonswhyTCP/IPistheprotocolsuiteofchoiceonthemajorityof
datanetworks,nottheleastofwhichisthatthesearetheprotocolsusedontheInternet.
TCP/IPwasdesignedtosupportthefledglingInternet(thencalledtheARPANET)ata
timebeforetheintroductionofthePCwheninteroperabilitybetweencomputingproducts
madebydifferentmanufacturerswasallbutunheardof.TheInternetwas,andis,
composedofmanydifferenttypesofcomputers,andwhatwasneededwasasuiteof
protocolsthatwouldbecommontoallofthem.
ThemainelementthatsetsTCP/IPapartfromtheothersuitesofprotocolsthat
providenetworkandtransportlayerservicesisitsself-containedaddressingmechanism.
EverydeviceonaTCP/IPnetworkisassignedanIPaddress(orsometimesmorethanone)
thatuniquelyidentifiesittotheothersystems.Devicestodayusenetworkinterface
adaptersthathaveuniqueidentifiers(MACaddresses)hard-codedintothem,whichmakes
theIPaddressredundant.Othertypesofcomputershaveidentifiersassignedbynetwork
administrators,however,andnomechanismexiststoensurethatanothersystemona
worldwideinternetworksuchastheInternetdoesnotusethesameidentifier.
BecauseIPaddressesareregisteredbyacentralizedbody,youcanbecertainthatno
two(properlyconfigured)machinesontheInternethavethesameaddress.Becauseofthis
addressing,theTCP/IPprotocolscansupportvirtuallyanyhardwareorsoftwareplatform
inusetoday.TheIPXprotocolswillalwaysbeassociatedprimarilywithNovellNetWare,
andNetBEUIisusedalmostexclusivelyonMicrosoftWindowsnetworks.TCP/IP,
however,istrulyuniversalinitsplatforminteroperability,supportedbyallanddominated
bynone.
AnotheruniqueaspectoftheTCP/IPprotocolsisthemethodbywhichtheirstandards
aredesigned,refined,andratified.RatherthanrelyingonaninstitutionalizedstandardsmakingbodyliketheInstituteofElectricalandElectronicsEngineers(IEEE),theTCP/IP
protocolsaredevelopedinademocraticmannerbyanadhocgroupofvolunteerswho
communicatelargelythroughtheInternet.Anyonewhoisinterestedenoughtocontribute
tothedevelopmentofaprotocoliswelcome.Inaddition,thestandardsthemselvesare
publishedbyabodycalledtheInternetEngineeringTaskForce(IETF)andarereleasedto
thepublicdomain,makingthemaccessibleandreproduciblebyanyone.Standardslike
thosepublishedbytheIEEEareavailable,butuntilveryrecently,youhadtopayhundreds
ofdollarstopurchaseanofficialcopyofanIEEEstandardlikethe802.3documenton
whichEthernetisbased.Ontheotherhand,youcanlegallydownloadanyoftheTCP/IP
standards,calledrequestforcomments(RFCs),fromtheIETF’swebsiteatwww.ietf.org/
orfromanynumberofotherInternetsites.
TheTCP/IPprotocolsarealsoextremelyscalable.Asevidenceofthis,considerthat
theseprotocolsweredesignedatatimewhentheARPANETwasessentiallyanexclusive
clubforscientistsandacademicsandnooneintheirwildestdreamsimaginedthatthe
protocolstheywerecreatingwouldbeusedonanetworkthesizeoftheInternetasit
existstoday.ThemainfactorlimitingthegrowthoftheInternetisthe32-bitsizeoftheIP
addressspaceitself,andanewerversionoftheIPprotocol,calledIPv6,addressesthat
shortcomingwitha128-bitaddressspace.BySeptember30,2014,allU.S.government
agenciesmustupdatetheirpublicnetworkstothisversion.
NOTEFormoreinformationaboutIPv6,seeChapter14.
TCP/IPArchitecture
TCP/IPisdesignedtosupportnetworksofalmostanypracticalsize.Asaresult,TCP/IP
mustbeabletoprovidetheservicesneededbytheapplicationsusingitwithoutbeing
overlyprofligateinitsexpenditureofnetworkbandwidthandotherresources.To
accommodatetheneedsofspecificapplicationsandfunctionswithinthoseapplications,
TCP/IPusesmultipleprotocolsincombinationtoprovidethequalityofservicerequired
forthetaskandnomore.
TheTCP/IPProtocolStack
TCP/IPpredatestheOSIreferencemodel,butitsprotocolsbreakdownintofourlayers
thatcanberoughlyequatedtotheseven-layerOSIstack,asshowninFigure13-1.
Figure13-1TheTCP/IPprotocolshavetheirownprotocolstackthatcontainsonlyfourlayers.
OnLANs,thelinklayerfunctionalityisnotdefinedbyaTCP/IPprotocolbutbythe
standarddatalinklayerprotocols,suchasEthernetandTokenRing.Toreconcilethe
MACaddresssuppliedbyanetworkinterfaceadapterwiththeIPaddressusedatthe
networklayer,systemsuseaTCP/IPprotocolcalledtheAddressResolutionProtocol
(ARP).However,theTCP/IPstandardsdodefinethetwoprotocolsmostcommonlyused
toestablishlinklayercommunicationsusingmodemsandotherdirectconnections.These
arethePoint-to-PointProtocol(PPP)andtheSerialLineInternetProtocol(SLIP).
AttheInternetlayeristheInternetProtocol(IP),whichistheprimarycarrierforallof
theprotocolsoperatingattheupperlayers,andtheInternetControlMessageProtocol
(ICMP),whichTCP/IPsystemsusefordiagnosticsanderrorreporting.IP,asageneral
carrierprotocol,isconnectionlessandunreliablebecauseservicessuchaserrorcorrection
andguaranteeddeliveryaresuppliedatthetransportlayerwhenrequired.
Twoprotocolsoperateatthetransportlayer:theTransmissionControlProtocol(TCP)
andtheUserDatagramProtocol(UDP).TCPisconnection-orientedandreliable,while
UDPisconnectionlessandunreliable.Anapplicationusesoneortheother,dependingon
itsrequirementsandtheservicesalreadyprovidedforitattheotherlayers.
Thetransportlayercan,insomeways,besaidtoencompasstheOSIsessionlayeras
wellasthetransportlayerintheOSImodel,butnotineverycase.Windowssystems,for
example,canuseTCP/IPtocarrytheNetBIOSmessagestheyusefortheirfileand
printer-sharingactivities,andNetBIOSstillprovidesthesamesessionlayerfunctionality
aswhenasystemusesNetBEUIorIPXinsteadofTCP/IP.Thisisjustoneillustrationof
howthelayersoftheTCP/IPprotocolstackareroughlyequivalenttothoseoftheOSI
model,butnotdefinitivelyso.Bothofthesemodelsarepedagogicalandarediagnostic
toolsmorethantheyareguidelinesforprotocoldevelopmentanddeployment,andtheydo
notholduptostrictcomparisonsofthevariouslayers’functionswithactualprotocols.
Theapplicationlayeristhemostdifficulttodefinebecausetheprotocolsoperating
therecanbefullyrealized,self-containedapplicationsinthemselves,suchastheFile
TransferProtocol(FTP),ormechanismsusedbyotherapplicationstoperformaservice,
suchastheDomainNameSystem(DNS)andtheSimpleMailTransferProtocol(SMTP).
IPVersions
Currently,twoversionsofIParebeingused.Thenextseveralsectionsinthischapter
discusstheolderversionofIPv4,thatis,IPversion4.Initiallypublishedintheearly
1980s,thisversiondidnotanticipatethegrowthoftheInternetnorthemillionsofmobile
devicesinusetoday.WhilesuchenhancementsasClasslessInter-DomainRouting
(CIDR)andNetworkAddressTranslators(NATs)forestalledtheissueforatime,the
dramaticincreaseintheuseofsmartphones,tablets,andothersuchdevicescreatedthe
demandformoreIPaddressavailability.(Seethesectionsdiscussingtheseenhancements
laterinthischapter.)
Inthe1990s,IPv6wasestablishedandcreated128-bitaddressfieldsintheIPpacket
headerratherthanthe32-bitaddressespresentinIPv4.Inthismanner,eachtimeasingle
bitisadded,thenumberofpossibleaddressesdoubles.However,asdiscussedinChapter
14,thislatestversiondoesnotsolvealloftheissueswithIPaddresses.Table13-1shows
someofthedifferencesbetweenIPv4andIPv6.
Table13-1SomeDifferencesBetweenIPv4andIPv6
IPv4Addressing
TheIPv4addressesusedtoidentifysystemsonaTCP/IPnetworkwerethesinglemost
definitivefeatureoftheprotocolsuite.TheIPaddressisanabsoluteidentifierofboththe
individualmachineandthenetworkonwhichitresides.EveryIPdatagrampacket
transmittedoveraTCP/IPnetworkcontainstheIPaddressesofthesourcesystemthat
generateditandthedestinationsystemforwhichitisintendedinitsIPheader.While
EthernetandTokenRingsystemshaveauniquehardwareaddresscodedintothenetwork
interfacecard,thereisnoinherentmethodtoeffectivelyroutetraffictoanindividual
systemonalargenetworkusingthisaddress.
ANIC’shardwareaddressiscomposedofaprefixthatidentifiesthemanufacturerof
thecardandanodeaddressthatisuniqueamongallthecardsbuiltbythatmanufacturer.
Themanufacturerprefixisuseless,asfarasroutingtrafficisconcerned,becauseanyone
manufacturer’scardscanbescatteredaroundthenetworkliterallyatrandom.Todeliver
networkpacketstoaspecificmachine,amasterlistofallofthesystemsonthenetwork
andtheirhardwareaddresseswouldbeneeded.OnanetworkthesizeoftheInternet,this
wouldobviouslybeimpractical.Byidentifyingthenetworkonwhichasystemislocated,
IPaddressescanberoutedtotheproperlocationusingarelativelymanageablelistof
networkaddresses,notalistofindividualsystemaddresses.
IPaddressesare32bitslongandarenotatedasfour8-bitdecimalnumbersseparated
byperiods,asin192.168.2.45.Thisisknownasdotteddecimalnotation;eachofthe8-bit
numbersissometimescalledanoctetoraquad.(Thesetermswereoriginallyused
becausetherearecomputersforwhichthemorecommontermbytedoesnotequal8bits.)
Becauseeachquadisthedecimalequivalentofan8-bitbinarynumber,theirpossible
valuesrunfrom0to255.Thus,thefullrangeofpossibleIPaddressesis0.0.0.0to
255.255.255.255.
IPaddressesdonotrepresentcomputersperse;rather,theyrepresentnetwork
interfaces.AcomputerwithtwonetworkinterfacecardshastwoIPaddresses.Asystem
withtwoormoreinterfacesissaidtobemultihomed.Iftheinterfacesconnectthe
computertodifferentnetworksandthesystemisconfiguredtopasstrafficbetweenthe
networks,thesystemissaidtofunctionasarouter.
NOTEAroutercanbeastandardcomputerwithtwonetworkinterfacesand
softwarethatprovidesroutingcapabilities,oritcanbeadedicated
hardwaredevicedesignedspecificallyforroutingnetworktraffic.At
times,theTCP/IPstandardsrefertoroutersofanykindasgateways,
whilestandardnetworkingterminologydefinesagatewayasbeingan
applicationlayerdevicethatforwardstrafficbetweennetworksthatuse
differentprotocols,asinane-mailgateway.Donotconfusethetwo.
EveryIPaddresscontainsbitsthatidentifyanetworkandbitsthatidentifyan
interface(calledahost)onthatnetwork.Toreferenceanetwork,systemsusejustthe
networkbits,replacingthehostbitswithzeros.Routersusethenetworkbitstoforward
packetstoanotherrouterconnectedtothedestinationnetwork,whichthentransmitsthe
datatothedestinationhostsystem.
SubnetMasking
IPaddressesalwaysdedicatesomeoftheirbitstothenetworkidentifierandsometothe
hostidentifier,butthenumberofbitsusedforeachpurposeisnotalwaysthesame.Many
commonaddressesuse24bitsforthenetworkand8forthehost,butthesplitbetweenthe
networkandhostbitscanbeanywhereintheaddress.Toidentifywhichbitsareusedfor
eachpurpose,everyTCP/IPsystemhasasubnetmaskalongwithitsIPaddress.Asubnet
maskisa32-bitbinarynumberinwhichthebitscorrespondtothoseoftheIPaddress.A
bitwitha1valueinthemaskindicatesthatthecorrespondingbitintheIPaddressispart
ofthenetworkidentifier,whilea0bitindicatesthatthecorrespondingaddressbitispart
ofthehostidentifier.AswithanIPaddress,thesubnetmaskisexpressedindotted
decimalnotation,soalthoughitmaylooksomethinglikeanIPaddress,themaskhasa
completelydifferentfunction.
Asanexample,considerasystemwiththefollowingTCP/IPconfiguration:
IPaddress:192.168.2.45
Subnetmask:255.255.255.0
Inthiscase,the192.168.2portionoftheIPaddressidentifiesthenetwork,whilethe
45identifiesthehost.Whenexpressedindecimalform,thismayappearconfusing,butthe
binaryequivalentsareasfollows:
IPaddress:11000000101010000000001000101101
Subnetmask:11111111111111111111111100000000
Asyoucanseeinthisexample,thedividinglinebetweenthenetworkandhostbits
liesbetweenthethirdandfourthquads.Thedividinglineneednotfallbetweenquads,
however.Asubnetmaskof255.255.240.0allocates12bitsforthehostaddressbecause
thebinaryequivalentofthemaskisasfollows:
11111111111111111111000000000000
Thedividinglinebetweenthenetworkandhostbitscanfallanywhereinthe32bitsof
themask,butyouneverseenetworkbitsmixedupwithhostbits.Aclearlinealways
separatesthenetworkbitsontheleftfromthehostbitsontheright.
IPAddressRegistration
ForIPaddressestouniquelyidentifythesystemsonthenetwork,itisessentialthatnotwo
interfacesbeassignedthesameaddress.Onaprivatenetwork,theadministratorsmust
ensurethateveryaddressisunique.Theycandothisbymanuallytrackingtheaddresses
assignedtotheirnetworksandhosts,ortheycanuseaserviceliketheDynamicHost
ConfigurationProtocol(DHCP)toassigntheaddressesautomatically.
OntheInternet,however,thisproblemisconsiderablymorecomplicated.With
individualadministratorscontrollingthousandsofdifferentnetworks,notonlyisit
impracticaltoassumethattheycangettogetherandmakesurethatnoaddressesare
duplicated,butnoworldwideserviceexiststhatcanassignaddressesautomatically.
Instead,theremustbeaclearinghouseorregistryforIPaddressassignmentsthatensures
noaddressesareduplicated.
Eventhistaskismonumental,however,becausemillionsofsystemsareconnectedto
theInternet.Infact,sucharegistryexists,butinsteadofassigningindividualhost
addressestoeachsystem,itassignsnetworkaddressestocompaniesandorganizations.
TheorganizationchargedwithregisteringnetworkaddressesfortheInternetiscalledthe
InternetAssignedNumbersAuthority(IANA).Afteranorganizationobtainsanetwork
address,theadministratorissolelyresponsibleforassigninguniquehostaddressestothe
machinesonthatnetwork.
NOTETheIANAmaintainsawebsiteatwww.iana.org.
Thistwo-tieredsystemofadministrationisoneofthebasicorganizationalprinciples
oftheInternet.Domainnameregistrationworksthesameway.Anindependentdomain
registryregistersdomainnamestoorganizationsandindividuals,andtheindividual
administratorsofthosedomainsareresponsibleforassigningnamesinthosedomainsto
theirhosts.
IPAddressClasses
TheIANAregistersseveraldifferentclassesofnetworkaddresses,whichdifferintheir
subnetmasks,thatis,thenumberofbitsusedtorepresentthenetworkandthehost.Table
13-2summarizestheseaddressclasses.
Table13-2IPv4AddressClasses
Theideabehindthedifferentclasseswastocreatenetworksofvaryingsizessuitable
fordifferentorganizationsandapplications.Acompanybuildingarelativelysmall
networkcanregisteraClassCaddressthat,becausetheaddresseshaveonly8hostbits,
supportsupto254systems,whilelargerorganizationscanuseClassBorAaddresses
with16or24hostbitsandcreatesubnetsoutofthem.Youcreatesubnetsby“borrowing”
someofthehostbitsandusingthemtocreatesubnetworkidentifiers,essentiallynetworks
withinanetwork.
Thesurestwaytoidentifytheclassofaparticularaddressistolookatthevalueofthe
firstquad.ClassAaddressesalwayshada0astheirfirstbit,whichmeansthatthebinary
valuesforthefirstquadrangefrom00000000to01111111,whichtranslatesintothe
decimalvalues0through127.Inthesameway,ClassBaddressesalwayshad10astheir
firsttwobits,providingfirstquadvaluesof10000000to10111111,or128to191.ClassC
addresseshad110astheirfirstthreebits,sothefirstquadcanrangefrom11000000to
11011111,or192to223.
TheIPaddressclassdeterminedtheboundarybetweenthehostandthenetwork
addresses.
Inpractice,networkaddressesarenotregisteredwiththeIANAdirectlybythe
companiesandorganizationsrunningtheindividualnetworks.Instead,companiesinthe
businessofprovidingInternetaccess,calledInternetserviceproviders(ISPs),register
multiplenetworksandsupplyblocksofaddressestoclientsasneeded.
ClassDaddressesarenotintendedforallocationinblocksliketheotherclasses.This
partoftheaddressspaceisallocatedformulticastaddresses.Multicastaddresses
representgroupsofsystemsthathaveacommonattributebutthatarenotnecessarily
locatedinthesameplaceorevenadministeredbythesameorganization.Forexample,
packetssenttothemulticastaddress224.0.0.1areprocessedbyalloftheroutersonthe
localsubnet.
UnregisteredIPAddresses
IPaddressregistrationisdesignedfornetworksconnectedtotheInternetwithcomputers
thatmustbeaccessiblefromothernetworks.Whenyouregisteranetworkaddress,noone
elseispermittedtouseit,andtheroutersontheInternethavetheinformationneededto
forwardpacketstoyournetwork.Foraprivatenetworkthatisnotconnectedtothe
Internet,itisnotnecessarytoregisternetworkaddresses.Inaddition,mostbusiness
networksconnectedtotheInternetusesomesortoffirewallproducttopreventintruders
fromaccessingtheirnetworksfromoutside.Innearlyallcases,thereisnorealneedfor
everysystemonanetworktobedirectlyaccessiblefromtheInternet,andthereisa
genuinedangerindoingso.Manyfirewallproducts,therefore,isolatethesystemsonthe
network,makingregisteredIPaddressesunnecessary.
ForanetworkthatiscompletelyisolatedfromtheInternet,administratorscanuseany
IPaddressestheywant,aslongastherearenoduplicatesonthesamenetwork.Ifanyof
thenetwork’scomputersconnecttotheInternetbyanymeans,however,thereispotential
foraconflictbetweenaninternaladdressandthesystemontheInternetforwhichthe
addresswasregistered.If,forexample,youhappenedtoassignoneofyournetwork
systemsthesameaddressasaMicrosoftwebserver,auseronyournetworkattemptingto
accessMicrosoft’ssitemayreachtheinternalmachinewiththesameaddressinstead.
Topreventtheseconflicts,RFC1918,“AddressAllocationforPrivateInternets,”
specifiedthreeaddressrangesintendedforuseonunregisterednetworks,asshownhere.
Theseaddresseswerenotassignedtoanyregisterednetworkandcould,therefore,beused
byanyorganization,publicorprivate.
•ClassA10.0.0.0through10.255.255.255
•ClassB172.16.0.0through172.31.255.255
•ClassC192.168.0.0through192.168.255.255
UsingunregisteredIPaddressesnotonlysimplifiedtheprocessofobtainingand
assigningaddressestonetworksystems,italsoconservedtheregisteredIPaddressesfor
usebysystemsthatactuallyneededthemfordirectInternetcommunications.Aswith
manydesigndecisionsinthecomputerfield,nooneexpectedatthetimeofitsinception
thattheInternetwouldgrowtobeasenormousasitisnow.The32-bitaddressspacefor
theIPprotocolwasthoughttobebigenoughtosupportallfuturegrowth(aswasthe
original640KBmemorylimitationinPCs).
SpecialIPAddresses
Asidefromtheblocksofaddressesdesignatedforusebyunregisterednetworks,there
wereotheraddressesnotallocatedtoregisterednetworksbecausetheywereintendedfor
specialpurposes.Table13-3liststheseaddresses.
Table13-3Special-PurposeIPAddresses
Subnetting
Theoretically,theIPaddressesyouassigntothesystemsonyournetworkdonothaveto
correlateexactlytothephysicalnetworksegments,butinstandardpractice,it’sagood
ideaiftheydo.Obviously,anorganizationthatregistersaClassBaddressdoesnothave
65,534nodesonasinglenetworksegment;theyhaveaninternetworkcomposedofmany
segments,joinedbyrouters,switches,orotherdevices.Tosupportamultisegment
networkwithasingleIPnetworkaddress,youcreatesubnetscorrespondingtothe
physicalnetworksegment.
Asubnetissimplyasubdivisionofthenetworkaddressthatyoucreatebytaking
someofthehostidentifierbitsandusingthemasasubnetidentifier.Todothis,you
modifythesubnetmaskonthemachinestoreflecttheborrowedbitsaspartofthe
networkidentifier,insteadofthehostidentifier.
Forexample,youcansubnetaClassBnetworkaddressbyusingthethirdquad,
originallyintendedtobepartofthehostidentifier,asasubnetidentifierinstead,asshown
inFigure13-2.Bychangingthesubnetmaskfrom255.255.0.0to255.255.255.0,you
dividetheClassBaddressinto254subnetsof254hostseach.Youthenassigneachofthe
physicalsegmentsonthenetworkadifferentvalueforthethirdquadandnumberthe
individualsystemsusingonlythefourthquad.Theresultisthattheroutersonyour
networkcanusethevalueofthethirdquadtodirecttraffictotheappropriatesegments.
Figure13-2ThetopexampleshowsastandardClassBaddress,splitinto16-bitnetworkandhostidentifiers.Inthe
bottomexample,theaddresshasbeensubnettedbyborrowingeightofthehostbitsforuseasasubnetidentifier.
NOTEThesubnetidentifierispurelyatheoreticalconstruction.Torouters
andothernetworksystems,anIPaddressconsistsonlyofnetworkand
hostidentifiers,withthesubnetbitsincorporatedintothenetwork
identifier.
Thepreviousexampledemonstratesthemostbasictypeofsubnetting,inwhichthe
boundariesofthesubnetidentifierfallbetweenthequads.However,youcanuseany
numberofhostbitsforthesubnetidentifierandadjustthesubnetmaskandIPaddress
accordingly.Thisiscalledvariablemasksubnetting.If,forexample,youhaveaClassB
addressanddecidetouse4hostbitsforthesubnetidentifier,youwoulduseasubnet
maskwiththefollowingbinaryvalue:
11111111111111111111000000000000
Thefirst4bitsofthethirdquadarechangedfromzerosandonestoindicatethatthese
bitsarenowpartofthenetworkidentifier.Thedecimalequivalentofthisnumberis
255.255.240.0,whichisthevalueyouwoulduseforthesubnetmaskinthesystem’s
TCP/IPconfiguration.Byborrowing4bitsinthisway,youcancreateupto14subnets,
consistingof4,094hostseach.Theformulafordeterminingthenumberofsubnetsand
hostsisasfollows:
2x-2
wherexequalsthenumberofbitsusedforthesubnetidentifier.Yousubtract2toaccount
foridentifiersconsistingofallzerosandallones,whicharetraditionallynotused,because
thevalue255isusedforbroadcasts,andthevalue0torepresentthenetwork.Forthis
example,therefore,youperformthefollowingcalculations:
24-2=14
212-2=4,094
NOTESomeTCP/IPimplementationsarecapableofusing0asasubnet
identifier,butyoushouldavoidthispracticeunlessyouarecertainthatall
ofyourroutersalsosupportthisfeature.
TodeterminetheIPaddressesyouassigntoparticularsystems,youincrementthe4
bitsofthesubnetidentifierseparatelyfromthe12bitsofthehostidentifierandconvert
theresultsintodecimalform.Thus,assumingaClassBnetworkaddressof172.16.0.0
withasubnetmaskof255.255.240.0,thefirstIPaddressofthefirstsubnetwillhavethe
followingbinaryaddress:
10101100000100000001000000000001
Thefirsttwoquadsarethebinaryequivalentsof172and16.Thethirdquadconsists
ofthe4-bitsubnetidentifier,withthevalue0001,andthefirst4bitsofthe12-bithost
identifier.Becausethisisthefirstaddressonthissubnet,thevalueforthehostidentifieris
000000000001.
Althoughthese12bitsareincrementedasasingleunit,whenconvertingthebinary
valuestodecimals,youtreateachquadseparately.Therefore,thevalueofthethirdquad
(00010000)indecimalformis16,andthevalueofthefourthquad(00000001)indecimal
formis1,yieldinganIPaddressof172.16.16.1.
Fortunately,manuallycomputingthevaluesforyourIPaddressesisn’tnecessary
whenyousubnetthenetwork.Utilitiesareavailablethatenableyoutospecifyanetwork
addressandclassandthenselectthenumberofbitstobeusedforthesubnetidentifier.
TheprogramthensuppliesyouwiththeIPaddressesforthemachinesintheindividual
subnets.
NOTEThereareseveralfreeIPv4andIPv6subnetcalculatorutilities
available.Typefreesubnetcalculatorinanysearchengine.
PortsandSockets
TheIPv4addressmakesitpossibletoroutenetworktraffictoaparticularsystem,but
oncepacketsarriveatthecomputerandbegintravelinguptheprotocolstack,theystill
mustbedirectedtotheappropriateapplication.Thisisthejobofthetransportlayer
protocol,eitherTCPorUDP.Toidentifyspecificprocessesrunningonthecomputer,TCP
andUDPuseportnumbersthatareincludedineveryTCPandUDPheader.Typically,the
portnumberidentifiestheapplicationlayerprotocolthatgeneratedthedatacarriedinthe
packet.
Theportnumberspermanentlyassignedtospecificservices,whicharecalledwellknownports,arestandardizedbytheInternetAssignedNumbersAuthority(IANA)and
publishedinthe“AssignedNumbers”RFC(RFC1700).EveryTCP/IPsystemhasafile
calledServicesthatcontainsalistofthemostcommonwell-knownportnumbersandthe
servicestowhichtheyareassigned.
Forexample,theIPheaderofaDNSquerymessagecontainstheIPaddressofaDNS
serverinitsDestinationAddressfield.Oncethepackethasarrivedatthedestination,the
receivingcomputerseesthattheUDPheader’sDestinationPortfieldcontainsthewellknownportvalue53.Thesystemthenknowstopassthemessagetotheserviceusingport
number53,whichistheDNSservice.
NOTETheportnumberassignmentsfortheTCPandUDPprotocolsare
separate.Althoughnottypical,itispossibleforaservicetousedifferent
portnumbersforTCPandUDPandforthesameportnumbertobe
assignedtoadifferentserviceforeachprotocol.
ThecombinationofanIPaddressandaportnumberisknownasasocket.The
uniformresourcelocator(URL)formatcallsforasockettobenotatedwiththeIPaddress
followedbytheportnumber,separatedbyacolon,asin192.168.2.45:80.
Notallportnumbersarewellknown.Whenaclientconnectstoawell-knownservice,
suchasawebserver,itusesthewell-knownportnumberforthatservice(whichinthe
caseofawebserveris80),butselectstheportnumberthatitwilluseasitsSourcePort
valueatrandom.Thisisknownasanephemeralportnumber.Thewebserver,on
receivingthepacketfromtheclientaddressedtoport80,readstheSourcePortvalueand
knowstoaddressitsreplytotheephemeralportnumbertheclienthaschosen.Toprevent
clientsfromselectingwell-knownportsfortheirephemeralportnumbers,allofthewellknownportnumberassignmentsfallbelow1,024,andallephemeralportnumbersmustbe
over1,024andhigher.
TCP/IPNaming
IPaddressesareanefficientmeansofidentifyingnetworksandhosts,butwhenitcomes
touserinterfaces,theyaredifficulttouseandremember.Therefore,theDomainName
System(DNS)wasdevisedtosupplyfriendlynamesforTCP/IPsystems.Inadiscussion
ofthenetworkandtransportlayerTCP/IPprotocols,themostimportantinformationto
rememberaboutDNSnamesisthattheyhavenothingtodowiththeactualtransmission
ofdataacrossthenetwork.
PacketsareaddressedtotheirdestinationsusingIPaddressesonly.Wheneverauser
suppliesaDNSnameinanapplication(suchasaURLinawebbrowser),thefirstthing
thesystemdoesisinitiateatransactionwithaDNSservertoresolvethenameintoanIP
address.Thisoccursbeforethesystemtransmitsanytrafficatalltothedestinationsystem.
OncethesystemhasdiscoveredtheIPaddressofthedestination,itusesthataddressinthe
IPheadertosendpacketstothatdestination;theDNSnameisnolongerusedafterthat
point.
NOTEThestructureofDNSnamesandthefunctionsofDNSserversare
discussedmorefullyinChapter15.
TCP/IPProtocols
ThefollowingsectionsexaminesomeofthemajorprotocolsthatmakeuptheTCP/IP
suite.TherearedozensofTCP/IPprotocolsandstandards,butonlyafewarecommonly
usedbythesystemsonaTCP/IPnetwork.
SLIPandPPP
TheSerialLineInternetProtocol(SLIP)andthePoint-to-PointProtocol(PPP)areunique
amongtheTCP/IPprotocolsbecausetheyprovidefulldatalinklayerfunctionality.
SystemsconnectedtoaLANrelyononeofthestandarddatalinklayerprotocols,suchas
EthernetandTokenRing,tocontroltheactualconnectiontothenetwork.Thisisbecause
thesystemsareusuallysharingacommonmediumandmusthaveaMACmechanismto
regulateaccesstoit.
SLIPandPPPweredesignedforusewithdirectconnectionsinwhichthereisnoneed
formediaaccesscontrol.Becausetheyconnectonlytwosystems,SLIPandPPParecalled
point-to-pointorend-to-endprotocols.OnasystemusingSLIPorPPP,theTCP/IP
protocolsdefinetheworkingsoftheentireprotocolstack,exceptforthephysicallayer
itself,whichreliesonahardwarestandardlikethatfortheRS-232serialportinterface,
whichprovidesaconnectiontothemodem.
Inmostcases,systemsuseSLIPorPPPtoprovideInternetorWANconnectivity,
whetherornotthesystemisconnectedtoaLAN.Virtuallyeverystand-alonePCthatuses
amodemtoconnecttoanISPforInternetaccessdoessousingaPPPconnection,
althoughafewsystemtypesstilluseSLIP.LANsalsouseSLIPorPPPconnectionsin
theirrouterstoconnecttoanISPtoprovideInternetaccesstotheentirenetworkorto
connecttoanotherLAN,formingaWANconnection.Althoughcommonlyassociated
withmodemconnections,otherphysicallayertechnologiescanalsouseSLIPandPPP,
includingleasedlines,ISDN,framerelay,andATMconnections.
SLIPandPPPareconnection-orientedprotocolsthatprovideadatalinkbetweentwo
systemsinthesimplestsenseoftheterm.TheyencapsulateIPdatagramsfortransport
betweencomputers,justasEthernetandTokenRingdo,buttheframetheyuseisfar
simpler.ThisisbecausetheprotocolsarenotsubjecttothesameproblemsastheLAN
protocols.Becausethelinkconsistsonlyofaconnectionbetweenthetwocomputers,
thereisnoneedforamediaaccesscontrolmechanismlikeCSMA/CDortokenpassing.
Also,thereisnoproblemwithaddressingthepacketstoaspecificdestination;because
onlytwocomputersareinvolvedintheconnection,thedatacangotoonlyoneplace.
SLIP
SLIPwascreatedintheearly1980stoprovidethesimplestpossiblesolutionfor
transmittingdataoverserialconnections.Noofficialstandarddefinedtheprotocol,mainly
becausethereisnothingmuchtostandardizeandinteroperabilityisnotaproblem.There
isanIETFdocument,however,called“ANonstandardforTransmissionofIPDatagrams
overSerialLines”(RFC1055),thatdefinesthefunctionalityoftheprotocol.
TheSLIPframeissimplicityitself.Asingle1-bytefieldwiththehexadecimalvalue
c0servesasanENDdelimiter,followingeveryIPdatagramtransmittedoverthelink.The
ENDcharacterinformsthereceivingsystemthatthepacketcurrentlybeingtransmitted
hasended.SomesystemsalsoprecedeeachIPdatagramwithanENDcharacter.Thisway,
ifanylinenoiseoccursbetweendatagramtransmissions,thereceivingsystemtreatsitasa
packetuntoitselfbecauseitisdelimitedbytwoENDcharacters.Whentheupper-layer
protocolsattempttoprocessthenoise“packet,”theyinterpretitasgibberishanddiscard
it.
Ifadatagramcontainsabytewiththevaluec0,thesystemaltersittothe2-bytestring
dbdcbeforetransmissiontoavoidterminatingthepacketincorrectly.Thedbbyteis
referredtoastheESC(escape)character,which,whencoupledwithanothercharacter,
servesaspecialpurpose.IfthedatagramcontainsanactualESCcharacteraspartofthe
data,thesystemsubstitutesthestringdbddbeforetransmission.
NOTETheESCcharacterdefinedbySLIPisnottheequivalentoftheASCII
ESCcharacter.
SLIPShortcomings
Becauseofitssimplicity,SLIPwaseasytoimplementandaddedlittleoverheadtodata
transmissions,butitalsolackedfeaturesthatcouldmakeitamoreusefulprotocol.For
example,SLIPlacksthecapabilitytosupplytheIPaddressofeachsystemtotheother,
meaningthatbothsystemshadtobeconfiguredwiththeIPaddressoftheother.SLIPalso
hadnomeansofidentifyingtheprotocolitcarriedinitsframe,whichpreventeditfrom
multiplexingnetworklayerprotocols(suchasIPandIPX)overasingleconnection.SLIP
alsohadnoerror-detectionorcorrectioncapabilities,whichleftthesetaskstotheupperlayerprotocols,causinggreaterdelaysthanadatalinklayererror-detectionmechanism
would.
PPP
PPPwascreatedasanalternativetoSLIPthatprovidedgreaterfunctionality,suchasthe
capabilitytomultiplexdifferentnetworklayerprotocolsandsupportvarious
authenticationprotocols.Naturally,thecostoftheseadditionalfeaturesisalargerheader,
butPPPstilladdedonlyamaximumof8bytestoapacket(ascomparedtothe16bytes
neededforanEthernetframe).MostoftheconnectionstoInternetserviceproviders,
whetherbystand-alonesystemsorrouters,usePPPbecauseitenablestheISPto
implementaccesscontrolmeasuresthatprotecttheirnetworksfromintrusionby
unauthorizedusers.
AtypicalPPPsessionconsistsofseveralconnectionestablishmentandtermination
procedures,usingotherprotocolsinadditiontothePPP.Theseproceduresareasfollows:
•ConnectionestablishmentThesysteminitiatingtheconnectionusesthe
LinkControlProtocol(LCP)tonegotiatecommunicationparametersthatthetwo
machineshaveincommon.
•AuthenticationAlthoughnotrequired,thesystemmayusean
authenticationprotocolsuchasthePasswordAuthenticationProtocol(PAP)orthe
ChallengeHandshakeAuthenticationProtocol(CHAP)tonegotiateaccesstothe
othersystem.
•NetworklayerprotocolconnectionestablishmentForeachnetworklayer
protocolthatthesystemsuseduringthesession,theyperformaseparate
connectionestablishmentprocedureusingaNetworkControlProtocol(NCP)
suchastheInternetProtocolControlProtocol(IPCP).
UnlikeSLIP,PPPisstandardized,butthespecificationsaredividedamongseveral
differentRFCs.Table13-4liststhedocumentsforeachoftheprotocols.
Table13-4PPPandRelatedStandards
ThePPPFrame
RFC1661definedthebasicframeusedbythePPPprotocoltoencapsulateotherprotocols
andtransmitthemtothedestination.Theframeissmall,only8(orsometimes10)bytes,
andisillustratedinFigure13-3.
Figure13-3ThePPPframeformat
Thefunctionsofthefieldsareasfollows:
•Flag(1byte)Containsahexadecimalvalueof7eandfunctionsasapacket
delimiter,likeSLIP’sENDcharacter.
•Address(1byte)Containsahexadecimalvalueofff,indicatingthepacketis
addressedtoallstations.
•Control(1byte)Containsahexadecimalvalueof03,identifyingthepacket
ascontaininganHDLCunnumberedinformationmessage.
•Protocol(2bytes)Containsacodeidentifyingtheprotocolthatgenerated
theinformationinthedatafield.Codevaluesinthe0xxxto3xxxrangeareusedto
identifynetworklayerprotocols,valuesfrom4xxxto7xxxidentifylow-volume
networklayerprotocolswithnocorrespondingNCP,valuesfrom8xxxtobxxx
identifynetworklayerprotocolswithcorrespondingNCPs,andvaluesfromcxxx
tofxxxidentifylinklayercontrolprotocolslikeLCPandtheauthentication
protocols.Thepermittedcodes,specifiedintheTCP/IP“AssignedNumbers”
document(RFC1700),includethefollowing:
•0021UncompressedIPdatagram(usedwhenVanJacobsoncompression
isenabled)
•002bNovellIPXdatagram
•002dIPdatagramswithcompressedIPandTCPheaders(usedwhenVan
Jacobsoncompressionisenabled)
•002fIPdatagramscontaininguncompressedTCPdata(usedwhenVan
Jacobsoncompressionisenabled)
•8021InternetProtocolControlProtocol(IPCP)
•802bNovellIPXControlProtocol(IPXIP)
•c021LinkControlProtocol(LCP)
•c023PasswordAuthenticationProtocol(PAP)
•c223ChallengeHandshakeAuthenticationProtocol(CHAP)
•DataandPad(variable,upto1,500bytes)Containsthepayloadofthe
packet,uptoadefaultmaximumlength(calledthemaximumreceiveunit[MRU])
of1,500bytes.Thefieldmaycontainmeaninglessbytestobringitssizeuptothe
MRU.
•FrameCheckSequence(FCS,2or4bytes)ContainsaCRCvalue
calculatedontheentireframe,excludingtheflagandframechecksequence
fields,forerror-detectionpurposes.
•Flag(1byte)Containsthesamevalueastheflagfieldatthebeginningof
theframe.Whenasystemtransmitstwopacketsconsecutively,oneoftheflag
fieldsisomittedbecausetwowouldbemistakenasanemptyframe.
SeveralofthefieldsinthePPPframecanbemodifiedasaresultofLCPnegotiations
betweenthetwosystems,suchasthelengthoftheprotocolandFCSfieldsandtheMRU
forthedatafield.Thesystemscanagreetousea1-byteprotocolfieldora4-byteFCS
field.
TheLCPFrame
PPPsystemsuseLinkControlProtocol(LCP)tonegotiatetheircapabilitiesduringthe
connectionestablishmentprocesssotheycanachievethemostefficientpossible
connection.LCPmessagesarecarriedwithinPPPframesandcontainconfiguration
optionsfortheconnection.Oncethetwosystemsagreeonaconfigurationtheycanboth
support,thelinkestablishmentprocesscontinues.Byspecifyingtheparametersforthe
connectionduringthelinkestablishmentprocess,thesystemsdon’thavetoinclude
redundantinformationintheheaderofeverydatapacket.
Figure13-4showstheLCPmessageformat.
Figure13-4TheLCPmessageformat
Thefunctionsoftheindividualfieldsarelistedhere:
•Code(1byte)SpecifiestheLCPmessagetype,usingthefollowingcodes:
•1Configure-Request
•2Configure-Ack
•3Configure-Nak
•4Configure-Reject
•5Terminate-Request
•6Terminate-Ack
•7Code-Reject
•8Protocol-Reject
•9Echo-Request
•10Echo-Reply
•11Discard-Request
•Identifier(1byte)Containsacodeusedtoassociatetherequestandreplies
ofaparticularLCPtransaction.
•Length(2bytes)SpecifiesthelengthoftheLCPmessage,includingthe
code,identifier,length,anddatafields.
•Data(variable)Containsmultipleconfigurationoptions,eachofwhichis
composedofthreesubfields.
EachoftheoptionsintheLCPmessage’sdatafieldconsistsofthesubfieldsshownin
Figure13-5.Thefunctionsofthesubfieldsareasfollows:
•Type(1byte)Specifiestheoptiontobeconfigured,usingacodefromthe
“AssignedNumbers”RFC,asfollows:
•0VendorSpecific
•1MaximumReceiveUnit
•2AsyncControlCharacterMap
•3AuthenticationProtocol
•4QualityProtocol
•5MagicNumber
•6Reserved
•7ProtocolFieldCompression
•8AddressandControlFieldCompression
•9FCSAlternatives
•10Self-DescribingPad
•11NumberedMode
•12MultilinkProcedure
•13Callback
•14ConnectTime
•15CompoundFrames
•16NominalDataEncapsulation
•17MultilinkMRRU
•18MultilinkShortSequenceNumberHeaderFormat
•19MultilinkEndpointDiscriminator
•20Proprietary
•21DCEIdentifier
•Length(1byte)SpecifiesthelengthoftheLCPmessage,includingthe
code,identifier,length,anddatafields.
•Data(variable)ContainsinformationpertinenttothespecificLCPmessage
type,asindicatedbythecodefield.
Figure13-5TheLCPoptionformat
TheLCPprotocolisalsodesignedtobeextensible.Byusingacodevalueof0,
vendorscansupplytheirownoptionswithoutstandardizingthemwiththeIANA,as
documentedinRFC2153,“PPPVendorExtensions.”
AuthenticationProtocols
PPPconnectionscanoptionallyrequireauthenticationtopreventunauthorizedaccess,
usinganexternalprotocolagreedonduringtheexchangeofLCPconfigurationmessages
andencapsulatedwithinPPPframes.Twoofthemostpopularauthenticationprotocols—
PAPandCHAP—aredefinedbyTCP/IPspecifications,butsystemscanalsouseother
proprietaryprotocolsdevelopedbyindividualvendors.
ThePAPFramePAPistheinherentlyweakerofthetwoprimaryauthentication
protocolsbecauseitusesonlyatwo-wayhandshakeandtransmitsaccountnamesand
passwordsoverthelinkincleartext.SystemsgenerallyusePAPonlywhentheyhaveno
otherauthenticationprotocolsincommon.PAPpacketshaveavalueofc023inthePPP
header’sprotocolfieldanduseamessageformatthatisbasicallythesameasLCP,except
fortheoptions.
TheCHAPFrameTheCHAPprotocolisconsiderablymoresecurethanPAPbecauseit
usesathree-wayhandshakeandnevertransmitsaccountnamesandpasswordsinclear
text.CHAPpacketshaveavalueofc223inthePPPheader’sprotocolfieldandusea
messageformatalmostidenticaltoPAP’s.
TheIPCPFrame
PPPsystemsuseNetworkControlProtocols(NCPs)tonegotiateconnectionsforeachof
thenetworklayerprotocolstheywilluseduringthesession.Beforeasystemcan
multiplexthetrafficgeneratedbydifferentprotocolsoverasinglePPPconnection,itmust
establishaconnectionforeachprotocolusingtheappropriateNCPs.
TheInternetProtocolControlProtocol(IPCP),whichistheNCPforIP,isagood
exampleoftheprotocolstructure.ThemessageformatoftheNCPsisnearlyidenticalto
thatofLCP,exceptthatitsupportsonlyvalues1through7forthecodefield(thelink
configuration,linktermination,andcoderejectvalues)andusesdifferentoptionsinthe
datafield.LikeLCP,themessagesarecarriedinPPPframes,butwithavalueof8021in
thePPPheader’sprotocolfield.
TheoptionsthatcanbeincludedinthedatafieldofanIPCPmessageusethe
followingvaluesinthetypefield:
•2(IPCompressionProtocol)Specifiestheprotocolthesystemshoulduse
tocompressIPheaders,forwhichtheonlyvalidoptionisVanJacobson
compression.
NOTEVanJacobsonTCP/IPHeaderCompressionisadatacompression
protocoldescribedinRFC1144,specificallydesignedbyVanJacobson
toimproveTCP/IPperformanceoverslowseriallinks.Thiscompression
reducesthenormal40-byteTCP/IPpacketheadersdownto3to4bytes
fortheaveragecasebysavingthestateofTCPconnectionsatbothends
ofalinkandsendingthedifferencesonlyintheheaderfieldsthatchange.
Whilethismakesabigdifferenceonlow-speedlinks,itwillnotdo
anythingabouttheprocessingdelayinherenttomostdial-upmodems.
•3(IPAddress)UsedbythetransmittingsystemtorequestaparticularIP
addressor,ifthevalueis0.0.0.0,torequestthatthereceivingsystemsupplyan
address(replacesthetype1IPAddressesoption,whichisnolongerused).
PPPConnectionEstablishment
Oncethephysicallayerconnectionbetweenthetwosystemshasbeenestablished,thePPP
connectionestablishmentprocessbegins.Thetwosystemspassthroughseveraldistinct
phasesduringthecourseofthesession,asillustratedinFigure13-6anddiscussedinthe
followingsections.
Figure13-6PPPconnectionphases
LinkDeadBothsystemsbeginandendthesessionintheLinkDeadphase,which
indicatesthatnophysicallayerconnectionexistsbetweenthetwomachines.Onatypical
session,anapplicationorserviceononesysteminitiatesthephysicallayerconnection.
Oncethehardwareconnectionprocessiscompleted,thesystemspassintotheLink
Establishmentphase.
LinkEstablishmentIntheLinkEstablishmentphase,thesysteminitiatingthe
connectiontransmitsanLCPConfigureRequestmessagetothedestinationcontainingthe
optionsitwouldliketoenable,suchastheuseofspecificauthentication,link-quality
monitoring,andnetworklayerprotocols(ifany),andwhetherthesystemsshouldmodify
standardfeatures,suchasthesizeoftheFCSfieldoradifferentMRUvalue.Ifthe
receivingsystemcansupportallthespecifiedoptions,itreplieswithaConfigureAck
messagecontainingthesameoptionvalues,andthisphaseoftheconnectionprocessis
completed.
Ifthereceivingsystemrecognizestheoptionsintherequestmessagebutcannot
supportthevaluesforthoseoptionssuppliedbythesender(suchasifthesystemsupports
authenticationbutnotwiththeprotocolthesenderhasspecified),itreplieswitha
ConfigureNakmessagecontainingtheoptionswithvaluesitcannotsupport.Withthese
options,thereplyingsystemsuppliesallthevaluesitdoessupportandalsomayinclude
otheroptionsitwouldliketoseeenabled.Usingthisinformation,theconnectingsystem
generatesanotherConfigureRequestmessagecontainingoptionsitknowsaresupported,
towhichthereceiverreplieswithaConfigureAckmessage.
Ifthereceivingsystemfailstorecognizeanyoftheoptionsintherequest,itreplies
withaConfigureRejectmessagecontainingonlytheunrecognizedoptions.Thesender
thengeneratesanewConfigureRequestmessagethatdoesnotcontaintherejected
options,andtheprocedurecontinuesaspreviouslyoutlined.Eventually,thesystems
performasuccessfulrequest/acknowledgmentexchange,andtheconnectionprocess
movesontothenextphase.
AuthenticationTheAuthenticationphaseoftheconnectionprocessisoptionalandis
triggeredbytheinclusionoftheAuthenticationProtocoloptionintheLCPConfigure
Requestmessage.DuringtheLCPlinkestablishmentprocess,thetwosystemsagreeonan
authenticationprotocoltouse.UseofthePAPandCHAPprotocolsiscommon,butother
proprietaryprotocolsareavailable.
ThemessageformatandexchangeproceduresfortheAuthenticationphaseare
dictatedbytheselectedprotocol.InaPAPauthentication,forexample,thesendingsystem
transmitsanAuthenticateRequestmessagecontaininganaccountnameandpassword,
andthereceiverreplieswitheitheranAuthenticateAckorAuthenticateNakmessage.
CHAPisinherentlymoresecurethanPAPandrequiresamorecomplexmessage
exchange.ThesendingsystemtransmitsaChallengemessagecontainingdatathatthe
receiveruseswithitsencryptionkeytocomputeavalueitreturnstothesenderina
Responsemessage.Dependingonwhetherthevalueintheresponsematchesthesender’s
owncomputations,ittransmitsaSuccessorFailuremessage.
Asuccessfultransactioncausestheconnectionproceduretoproceedtothenextphase,
buttheeffectofafailureisdictatedbytheimplementationoftheprotocol.Somesystems
proceeddirectlytotheLinkTerminationphaseintheeventofanauthenticationfailure,
whileothersmightpermitretriesorlimitednetworkaccesstoahelpsubsystem.
LinkQualityMonitoringTheuseofalinkqualitymonitoringprotocolisalsoan
optionalelementoftheconnectionprocess,triggeredbytheinclusionoftheQuality
ProtocoloptionintheLCPConfigureRequestmessage.Althoughtheoptionenablesthe
sendingsystemtospecifyanyprotocolforthispurpose,onlyonehasbeenstandardized,
theLinkQualityReportprotocol.Thenegotiationprocessthatoccursatthisphaseenables
thesystemstoagreeonanintervalatwhichtheyshouldtransmitmessagescontaininglink
trafficanderrorstatisticsthroughoutthesession.
NetworkLayerProtocolConfigurationPPPsupportsthemultiplexingofnetwork
layerprotocolsoverasingleconnection,andduringthisphase,thesystemsperforma
separatenetworklayerconnectionestablishmentprocedureforeachofthenetworklayer
protocolsthattheyhaveagreedtouseduringtheLinkEstablishmentphase.Eachnetwork
layerprotocolhasitsownnetworkcontrolprotocol(NCP)forthispurpose,suchasthe
InternetProtocolControlProtocol(IPCP)ortheInternetworkingPacketExchange
ControlProtocol(IPXCP).ThestructureofanNCPmessageexchangeissimilartothatof
LCP,excepttheoptionscarriedintheConfigureRequestmessageareuniquetothe
requirementsoftheprotocol.DuringanIPCPexchange,forexample,thesystemsinform
eachotheroftheirIPaddressesandagreeonwhethertouseVanJacobsonheader
compression.Otherprotocolshavetheirownindividualneedsthatthesystemsnegotiate
asneeded.NCPinitializationandterminationprocedurescanalsooccuratanyothertime
duringtheconnection.
LinkOpenOncetheindividualNCPexchangesarecompleted,theconnectionisfully
established,andthesystemsentertheLinkOpenphase.Networklayerprotocoldatacan
nowtraveloverthelinkineitherdirection.
LinkTerminationWhenoneofthesystemsendsthesessionorasaresultofother
conditionssuchasaphysicallayerdisconnection,anauthenticationfailure,oran
inactivitytimeout,thesystemsentertheLinkTerminationphase.Toseverthelink,one
systemtransmitsanLCPTerminateRequestmessagetowhichtheothersystemreplies
withaTerminateAck.BothsystemsthenreturntotheLinkDeadphase.
NCPsalsosupporttheTerminateRequestandTerminateAckmessages,buttheyare
intendedforusewhilethePPPconnectionremainsintact.Infact,thePPPconnectioncan
remainactiveevenifallofthenetworklayerprotocolconnectionshavebeenterminated.
Itisunnecessaryforsystemstoterminatethenetworklayerprotocolconnectionsbefore
terminatingthePPPconnection.
ARP
TheAddressResolutionProtocol(ARP)occupiesanunusualplaceintheTCP/IPsuite
becauseitdefiesallattemptsatcategorization.UnlikemostoftheotherTCP/IPprotocols,
ARPmessagesarenotcarriedwithinIPdatagrams.Aseparateprotocolidentifieris
definedinthe“AssignedNumbers”documentthatdatalinklayerprotocolsusetoindicate
thattheycontainARPmessages.Becauseofthis,thereissomedifferenceofopinion
aboutthelayeroftheprotocolstacktowhichARPbelongs.SomesayARPisalinklayer
protocolbecauseitprovidesaservicetoIP,whileothersassociateitwiththeInternetlayer
becauseitsmessagesarecarriedwithinlinklayerprotocols.
ThefunctionoftheARPprotocol,asdefinedinRFC826,“AnEthernetAddress
ResolutionProtocol,”istoreconciletheIPaddressesusedtoidentifysystemsattheupper
layerswiththehardwareaddressesatthedatalinklayer.Whenitrequestsnetwork
resources,aTCP/IPapplicationsuppliesthedestinationIPaddressusedintheIPprotocol
header.ThesystemmaydiscovertheIPaddressusingaDNSorNetBIOSname-resolution
process,oritmayuseanaddresssuppliedbyanoperatingsystemorapplication
configurationparameter.
DatalinklayerprotocolssuchasEthernet,however,havenouseforIPaddressesand
cannotreadthecontentsoftheIPdatagramanyway.Totransmitthepackettoits
destination,thedatalinklayerprotocolmusthavethehardwareaddresscodedintothe
destinationsystem’snetworkinterfaceadapter.ARPconvertsIPaddressesintohardware
addressesbybroadcastingrequestpacketscontainingtheIPaddressonthelocalnetwork
andwaitingfortheholderofthatIPaddresstorespondwithareplycontainingthe
equivalenthardwareaddress.
NOTEARPwasoriginallydevelopedforusewithDIXEthernetnetworks,
buthasbeengeneralizedtoallowitsusewithotherdatalinklayer
protocols.
ThebiggestdifferencebetweenIPaddressesandhardwareaddressesisthatIPis
responsibleforthedeliveryofthepackettoitsultimatedestination,whileanEthernet
implementationisconcernedonlywithdeliverytothenextstoponthejourney.Ifthe
packet’sdestinationisonthesamenetworksegmentasthesource,theIPprotocoluses
ARPtoresolvetheIPaddressoftheultimatedestinationintoahardwareaddress.If,
however,thedestinationislocatedonanothernetwork,theIPprotocolwillnotuseARPto
resolvetheultimatedestinationaddress(thatis,thedestinationaddressintheIPheader).
Instead,itwillpasstheIPaddressofthedefaultgatewaytotheARPprotocolforaddress
resolution.
Thisisbecausethedatalinkprotocolheadermustcontainthehardwareaddressofthe
nextintermediatestopasitsdestination,whichmaywellbearouter.Itisuptothatrouter
toforwardthepacketonthenextlegofitsjourney.Thus,inthecourseofasingle
internetworktransmission,manydifferentmachinesmayperformARPresolutionsonthe
samepacketwithdifferentresults.
ARPMessageFormat
ARPmessagesarecarrieddirectlywithindatalinklayerframes,using0806asthe
EthertypeorSNAPLocalCodevaluetoidentifytheprotocolbeingcarriedinthepacket.
ThereisoneformatforalloftheARPmessagetypes,whichisillustratedinFigure13-7.
Figure13-7TheARPmessageformat
ARPTransactions
AnARPtransactionoccurswhentheIPprotocolinaTCP/IPsystemisreadytotransmita
datagramoverthenetwork.ThesystemknowsitsownhardwareandIPaddresses,aswell
astheIPaddressofthepacket’sintendeddestination.Allitlacksisthehardwareaddress
ofthesystemonthelocalnetworkthatistoreceivethepacket.TheARPmessage
exchangeproceedsaccordingtothefollowingsteps:
1.ThetransmittingsystemgeneratesanARPRequestpacketcontainingitsown
addressesintheSenderHardwareAddressandSenderProtocolAddressfields.
TheTargetProtocolAddresscontainstheIPaddressofthesystemonthelocal
networkthatistoreceivethedatagram,whiletheTargetHardwareAddressisleft
blank.Someimplementationsinsertabroadcastaddressorothervalueintothe
TargetHardwareAddressfieldoftheARPRequestmessage,butthisvalueis
ignoredbytherecipientbecausethisistheaddresstheprotocolistryingto
ascertain.
2.ThesystemtransmitstheARPRequestmessageasabroadcasttothelocal
network,askingineffect,“WhoisusingthisIPaddress,andwhatisyour
hardwareaddress?”
3.EachTCP/IPsystemonthelocalnetworkreceivestheARPRequest
broadcastandexaminesthecontentsoftheTargetProtocolAddressfield.Ifthe
systemdoesnotusethataddressononeofitsnetworkinterfaces,itsilently
discardsthepacket.Ifthesystemdoesusetheaddress,itgeneratesanARPReply
messageinresponse.Thesystemusesthecontentsoftherequestmessage’s
SenderHardwareAddressandSenderProtocolAddressfieldsasthevaluesforits
replymessage’sTargetHardwareAddressandTargetProtocolAddressfields.The
systemtheninsertsitsownhardwareaddressandIPaddressintotheSender
HardwareAddressandSenderProtocolAddressfields,respectively.
4.ThesystemusingtherequestedIPaddresstransmitsthereplymessageasa
unicasttotheoriginalsender.Onreceiptofthereply,thesystemthatinitiatedthe
ARPexchangeusesthecontentsoftheSenderHardwareAddressfieldasthe
DestinationAddressforthedatalinklayertransmissionoftheIPdatagram.
ARPCaching
Becauseofitsrelianceonbroadcasttransmissions,ARPcangenerateasignificantamount
ofnetworktraffic.Tolessentheburdenoftheprotocolonthenetwork,TCP/IPsystems
cachethehardwareaddressesdiscoveredthroughARPtransactionsinmemoryfora
designatedperiodoftime.Thisway,asystemtransmittingalargestringofdatagramsto
thesamehostdoesn’thavetogenerateindividualARPrequestsforeachpacket.
Thisisparticularlyhelpfulinaninternetworkenvironmentinwhichsystemsroutinely
transmitthemajorityoftheirpacketstodestinationsonothernetworks.Whenanetwork
segmenthasonlyasinglerouter,allIPdatagramsdestinedforothernetworksaresent
throughthatrouter.WhensystemshavethehardwareaddressforthatrouterintheARP
cache,theycantransmitthemajorityoftheirdatagramswithoutusingARPbroadcasts.
TheamountoftimethatentriesremainintheARPcachevarieswithdifferentTCP/IP
implementations.Windowssystemspurgeentriesaftertwominuteswhentheyarenot
usedtotransmitadditionaldatagrams.
IP
TheInternetProtocol(IP),asdefinedinRFC791,istheprimarycarrierprotocolforthe
TCP/IPsuite.IPisessentiallytheenvelopethatcarriesthemessagesgeneratedbymostof
theotherTCP/IPprotocols.OperatingatthenetworklayeroftheOSImodel,IPisa
connectionless,unreliableprotocolthatperformsseveralfunctionsthatareacriticalpart
ofgettingpacketsfromthesourcesystemtothedestination.Amongthesefunctionsare
thefollowing:
•AddressingIdentifyingthesystemthatwillbetheultimaterecipientofthe
packet
•PackagingEncapsulatingtransportlayerdataindatagramsfortransmission
tothedestination
•FragmentingSplittingdatagramsintosectionssmallenoughfor
transmissionoveranetwork
•RoutingDeterminingthepathofthepacketthroughtheinternetworktothe
destination
Thefollowingsectionsexaminethesefunctionsinmoredetail.
Addressing
IPistheprotocolresponsibleforthedeliveryofTCP/IPpacketstotheirultimate
destination.Itisvitaltounderstandhowthisdiffersfromtheaddressingperformedbya
datalinklayerprotocollikeEthernetorTokenRing.Datalinklayerprotocolsareaware
onlyofthemachinesonthelocalnetworksegment.Nomatterwherethepacketfinally
endsup,thedestinationaddressinthedatalinklayerprotocolheaderisalwaysthatofa
machineonalocalnetwork.
Iftheultimatedestinationofthepacketisasystemonanothernetworksegment,the
datalinklayerprotocoladdresswillpointtoarouterthatprovidesaccesstothatsegment.
Onreceiptofthepacket,therouterstripsoffthedatalinklayerprotocolheaderand
generatesanewonecontainingtheaddressofthepacket’snextintermediatedestination,
calledahop.Thus,throughoutthepacket’sjourney,thedatalinkprotocolheaderwill
containadifferentdestinationaddressforeachhop.
ThedestinationaddressintheIPheader,however,alwayspointstothefinal
destinationofthepacket,regardlessofthenetworkonwhichit’slocated,anditnever
changesthroughoutthejourney.IPisthefirstprotocolinthestack(workingupfromthe
bottom)tobeconsciousofthepacket’send-to-endjourneyfromsourcetodestination.
Mostoftheprotocol’sfunctionsrevolvearoundthepreparationofthetransportlayerdata
fortransmissionacrossmultiplenetworkstothedestination.
Packaging
IPisalsoresponsibleforpackagingtransportlayerprotocoldataintostructurescalled
datagramsforitsjourneytothedestination.Duringthejourney,routersapplyanewdata
linklayerprotocolheadertoadatagramforeachhop.Beforereachingitsfinaldestination,
apacketmaypassthroughnetworksusingseveraldifferentdatalinklayerprotocols,each
ofwhichrequiresadifferentheader.TheIP“envelope,”ontheotherhand,remainsintact
throughouttheentirejourney,exceptforafewbitsthataremodifiedalongtheway,just
likeamailingenvelopeispostmarked.
Asitreceivesdatafromthetransportlayerprotocol,IPpackagesitintodatagramsofa
sizesuitablefortransmissionoverthelocalnetwork.Adatagram(inmostcases)consists
ofa20-byteheaderplusthetransportlayerdata.Figure13-8illustratestheheader.
Figure13-8TheIPheaderformat
Thefunctionsoftheheaderfieldsareasfollows:
•Version,4bitsSpecifiestheversionoftheIPprotocolinuse.Thevaluefor
thecurrentimplementationis4.
•IHL(InternetHeaderLength),4bitsSpecifiesthelengthoftheIPheader,
in32-bitwords.Whentheheadercontainsnooptionalfields,thevalueis5.
•TOS(TypeofService),1byteBits1through3and8areunused.Bits4
through7specifytheserviceprioritydesiredforthedatagram,usingthe
followingvalues:
•0000Default
•0001MinimizeMonetaryCost
•0010MaximizeReliability
•0100MaximizeThroughput
•1000MinimizeDelay
•1111MaximizeSecurity
•TotalLength,2bytesSpecifiesthelengthofthedatagram,includingallthe
headerfieldsandthedata.
•Identification,2bytesContainsauniquevalueforeachdatagram,usedby
thedestinationsystemtoreassemblefragments.
•Flags,3bitsContainsbitsusedduringthedatagramfragmentationprocess,
withthefollowingvalues:
•Bit1Notused.
•Bit2(Don’tFragment)Whensettoavalueof1,preventsthedatagram
frombeingfragmentedbyanysystem.
•Bit3(MoreFragments)Whensettoavalueof0,indicatesthatthelast
fragmentofthedatagramhasbeentransmitted.Whensetto1,indicatesthat
fragmentsstillawaittransmission.
•FragmentOffset,13bitsSpecifiesthelocation(in8-byteunits)ofthe
currentfragmentinthedatagram.
•TTL(TimetoLive),1byteSpecifiesthenumberofroutersthedatagram
shouldbepermittedtopassthroughonitswaytothedestination.Eachrouterthat
processesthepacketdecrementsthisfieldby1.Oncethevaluereaches0,the
packetisdiscarded,whetherornotithasreachedthedestination.
•Protocol,1byteIdentifiestheprotocolthatgeneratedtheinformationinthe
datafield,usingvaluesfoundinthe“AssignedNumbers”RFC(RFC1700)and
thePROTOCOLfilefoundoneveryTCP/IPsystem,someofwhichareas
follows:
•1InternetControlMessageProtocol(ICMP)
•2InternetGroupManagementProtocol(IGMP)
•3Gateway-to-GatewayProtocol(GGP)
•6TransmissionControlProtocol(TCP)
•8ExteriorGatewayProtocol(EGP)
•17UserDatagramProtocol(UDP)
•HeaderChecksum,2bytesContainsachecksumvaluecomputerintheIP
headerfieldsonlyforerror-detectionpurposes.
•SourceIPAddress,4bytesSpecifiestheIPaddressofthesystemfrom
whichthedatagramoriginated.
•DestinationIPAddress,4bytesSpecifiestheIPaddressofthesystemthat
willbetheultimaterecipientofthedatagram.
•Options(variable)Cancontainanyof16optionsdefinedinthe“Assigned
Numbers”RFC,describedlaterinthissection.
•Data(variable,uptotheMTUfortheconnectednetwork)Containsthe
payloadofthedatagram,consistingofdatapasseddownfromatransportlayer
protocol.
SystemsusetheIPheaderoptionstocarryadditionalinformation,eithersuppliedby
thesenderorgatheredasthepackettravelstothedestination.Eachoptioniscomposedof
thefollowingfields:
•OptionType(1byte)Containsavalueidentifyingtheoptionthatconsists
ofthefollowingthreesubfields:
•CopyFlag(1bit)Whensettoavalueof1,indicatestheoptionshould
becopiedtoeachofthefragmentsthatcomprisethedatagram.
•OptionClass(2bits)Containsacodethatidentifiestheoption’sbasic
function,usingthefollowingvalues:
•0Control
•2Debuggingandmeasurement
•OptionNumber(5bits)Containsauniqueidentifierfortheoption,as
specifiedinthe“AssignedNumbers”RFC.
•OptionLength(1byte)Specifiesthetotallengthoftheoption,including
theOptionType,OptionLength,andOptionDatafields.
•OptionData(OptionLengthminus2)Containstheoption-specific
informationbeingcarriedtothedestination.
Table13-5listssomeoftheoptionssystemscaninsertintoIPdatagrams,thevalues
fortheoptionsubfields,andtheRFCsthatdefinetheoption’sfunction.Thefunctionsof
theoptionsareasfollows:
•EndofOptionsListConsistingonlyofanOptionTypefieldwiththevalue
0,thisoptionmarkstheendofalltheoptionsinanIPheader.
•NoOperationConsistingonlyofanOptionTypefield,systemscanusethis
optiontopadoutthespacebetweentwootheroptions,toforcethefollowing
optiontobeginattheboundarybetween32-bitwords.
•LooseSourceRouteandStrictSourceRouteSystemsusetheLoose
SourceRouteandStrictSourceRouteoptionstocarrytheIPaddressesofrouters
thedatagrammustpassthroughonitswaytothedestination.Whenasystemuses
theLooseSourceRouteoption,thedatagramcanpassthroughotherroutersin
additiontothoselistedintheoption.TheStrictSourceRouteoptiondefinesthe
entirepathofthedatagramfromthesourcetothedestination.
•TimeStampThisoptionisdesignedtoholdtimestampsgeneratedbyone
ormoresystemsprocessingthepacketasittravelstoitsdestination.Thesending
systemmaysupplytheIPaddressesofthesystemsthataretoaddtimestampsto
theheader,enablethesystemstosavetheirIPaddressestotheheaderalongwith
thetimestamps,oromittheIPaddressesofthetime-stampingsystemsentirely.
Thesizeoftheoptionisvariabletoaccommodatemultipletimestamps,butmust
bespecifiedwhenthesendercreatesthedatagramandcannotbeenlargedenroute
tothedestination.
•RecordRouteThisoptionprovidesthereceivingsystemwitharecordofall
theroutersthroughwhichthedatagramhaspassedduringitsjourneytothe
destination.Eachrouteraddsitsaddresstotheoptionasitprocessesthepacket.
Table13-5IPHeaderOptions
Fragmenting
ThesizeoftheIPdatagramsusedtotransmitthetransportlayerdatadependsonthedata
linklayerprotocolinuse.Ethernetnetworks,forexample,cancarrydatagramsupto
1,500bytesinsize,whileTokenRingnetworkstypicallysupportpacketsaslargeas4,500
bytes.Thesystemtransmittingthedatagramusesthemaximumtransferunit(MTU)ofthe
connectednetwork,thatis,thelargestpossibleframethatcanbetransmittedusingthat
datalinklayerprotocol,asonefactorindetermininghowlargeeachdatagramshouldbe.
Duringthecourseofitsjourneyfromthesourcetothedestination,packetsmay
encounternetworkswithdifferentMTUs.AslongastheMTUofeachnetworkislarger
thanthepacket,thedatagramistransmittedwithoutaproblem.Ifapacketislargerthan
theMTUofanetwork,however,itcannotbetransmittedinitscurrentform.Whenthis
occurs,theIPprotocolintherouterprovidingaccesstothenetworkisresponsiblefor
splittingthedatagramintofragmentssmallerthantheMTU.Therouterthentransmits
eachfragmentinaseparatepacketwithitsownIPheader.
Dependingonthenumberandnatureofthenetworksitpassesthrough,adatagram
maybefragmentedmorethanoncebeforeitreachesthedestination.Asystemmightsplit
adatagramintofragmentsthatarethemselvestoolargefornetworksfurtheralonginthe
path.Anotherrouter,therefore,splitsthefragmentsintostillsmallerfragments.
Reassemblyofafragmenteddatagramtakesplaceonlyatthedestinationsystemafterit
hasreceivedallofthepacketscontainingthefragments,notattheintermediaterouters.
NOTETechnicallyspeaking,thedatagramisdefinedastheunitofdata,
packagedbythesourcesystem,containingaspecificvalueontheIP
header’sIdentificationfield.Whenarouterfragmentsadatagram,ituses
thesameIdentificationvalueforeachnewpacketitcreates,meaningthe
individualfragmentsarecollectivelyknownasadatagram.Referringtoa
singlefragmentasadatagramisincorrectuseoftheterm.
Whenarouterreceivesadatagramthatmustbefragmented,itcreatesaseriesofnew
packetsusingthesamevaluefortheIPheader’sIdentificationfieldastheoriginal
datagram.Theotherfieldsoftheheaderarethesameaswell,withthreeimportant
exceptions,whichareasfollows:
•ThevalueoftheTotalLengthfieldischangedtoreflectthesizeofthe
fragment,insteadofthesizeoftheentiredatagram.
•Bit3oftheFlagsfield,theMoreFragmentsbit,ischangedtoavalueof1to
indicatethatfurtherfragmentsaretobetransmitted,exceptinthecaseofthe
datagram’slastfragment,inwhichthisbitissettoavalueof0.
•ThevalueoftheFragmentOffsetfieldischangedtoreflecteachfragment’s
placeinthedatagram,basedonthesizeofthefragments(whichis,inturn,based
ontheMTUofthenetworkacrosswhichthefragmentsaretobetransmitted).The
valueforthefirstfragmentis0;thenextisincrementedbythesizeofthe
fragment,inbytes.
ThesechangestotheIPheaderareneededforthefragmentstobeproperly
reassembledbythedestinationsystem.Theroutertransmitsthefragmentslikeanyother
IPpackets,andbecauseIPisaconnectionlessprotocol,theindividualfragmentsmaytake
differentroutestothedestinationandarriveinadifferentorder.Thereceivingsystemuses
theMoreFragmentsbittodeterminewhenitshouldbeginthereassemblyprocessand
usestheFragmentOffsetfieldtoassemblethefragmentsintheproperorder.
SelectingthesizeofthefragmentsisleftuptoindividualIPimplementations.
Typically,thesizeofeachfragmentistheMTUofthenetworkoverwhichitmustbe
transmitted,minusthesizeofthedatalinkandIPprotocolheaders,androundeddownto
thenearest8bytes.Somesystems,however,automaticallycreate576-bytefragments
becausethisisthedefaultpathMTUusedbymanyrouters.
Fragmentationisnotdesirable,butitisanecessaryevil.Obviously,because
fragmentingadatagramcreatesmanypacketsoutofonepacket,itincreasesthecontrol
overheadincurredbythetransmissionprocess.Also,ifonefragmentofadatagramislost
ordamaged,theentiredatagrammustberetransmitted.Nomeansofreproducingand
retransmittingasinglefragmentexistsbecausethesourcesystemhasnoknowledgeofthe
fragmentationperformedbytheintermediaterouters.TheIPimplementationonthe
destinationsystemdoesnotpasstheincomingdatauptothetransportlayeruntilallthe
fragmentshavearrivedandbeenreassembled.Thetransportlayerprotocolmusttherefore
detectthemissingdataandarrangefortheretransmissionofthedatagram.
Routing
BecausetheIPprotocolisresponsibleforthetransmissionofpacketstotheirfinal
destinations,IPdeterminestheroutethepacketswilltake.Apacket’srouteisthepathit
takesfromoneendsystem,thesource,toanotherendsystem,thedestination.Therouters
thepacketpassesthroughduringthetriparecalledintermediatesystems.Thefundamental
differencebetweenendsystemsandintermediatesystemsishowhighthepacketdata
reachesintheprotocolstack.
Onthesourcecomputer,arequestforaccesstoanetworkresourcebeginsatthe
applicationlayerandwendsitswaydownthroughthelayersoftheprotocolstack,
eventuallyarrivingatthephysicallayerencapsulatedinapacket,readyfortransmission.
Whenitreachesthedestination,thereverseoccurs,andthepacketispassedupthestack
totheapplicationlayer.Onendsystems,therefore,theentireprotocolstackparticipatesin
theprocessingofthedata.Onintermediatesystems,suchasrouters,thedataarrivingover
thenetworkispassedonlyashighasthenetworklayerprotocol,which,inthiscase,isIP
(seeFigure13-9).
Figure13-9Packetspassingthroughrouterstravelnohigherthanthenetworklayeroftheprotocolstack.
IPstripsoffthedatalinklayerprotocolheaderand,afterdeterminingwhereitshould
sendthepacketnext,preparesitforpackaginginadatalinklayerprotocolframesuitable
fortheoutgoingnetwork.ThismayinvolveusingARPtoresolvetheIPaddressofthe
packet’snextstopintoahardwareaddressandthenfurnishingthataddresstothedatalink
layerprotocol.
Routingisaprocessthatoccursonehopofapacket’sjourneyatatime.Thesource
systemtransmitsthepackettoitsdefaultgateway(router),andtherouterdetermines
wheretosendthepacketnext.Ifthefinaldestinationisonanetworksegmenttowhich
therouterisattached,itsendsthepacketthere.Ifthedestinationisonanothernetwork,
therouterdetermineswhichoftheotherroutersitshouldsendthepackettoinorderforit
toreachitsdestinationmostefficiently.Thus,thenextdestinationforthepacket,
identifiedbythedestinationaddressinthedatalinklayerprotocol,maynotbethesame
systemasthatspecifiedintheIPheader’sDestinationIPAddressfield.
Eventually,oneoftherouterswillhaveaccesstothenetworkonwhichthepacket’s
finaldestinationsystemislocatedandwillbeabletosenditdirectlytothatmachine.
Usingthismethod,theroutingprocessisdistributedamongthenetwork’srouters.Noneof
thecomputersinvolvedintheprocesshascompleteknowledgeofthepacket’sroute
throughthenetworkatanytime.Thisdistributionoflabormakeshugenetworkslikethe
Internetpossible.Nopracticalmethodexistsforasinglesystemtodetermineaviablepath
throughthemanythousandsofroutersontheInternettoaspecificdestinationforeach
packet.
Themostcomplexpartoftheroutingprocessisthemannerinwhichtherouter
determineswheretosendeachpacketnext.Routershavedirectknowledgeonlyofthe
networksegmentstowhichtheyareconnected.Theyhavenomeansofunilaterally
determiningthebestroutetoaparticulardestination.Inmostcases,routersgain
knowledgeaboutothernetworksbycommunicatingwithotherroutersusingspecialized
protocolsdesignedforthispurpose,suchastheRoutingInformationProtocol(RIP).Each
routerpassesinformationaboutitselftotheotherroutersonthenetworkstowhichitis
connected,thoseroutersupdatetheirneighboringrouters,andsoon.
Regularupdatesfromtheneighboringroutersenableeachsystemtokeepupwith
changingconditionsonthenetwork.Ifaroutershouldgodown,forexample,its
neighborswilldetectitsabsenceandspreadthewordthattherouterisunavailable.The
otherrouterswilladjusttheirbehaviorasneededtoensurethattheirpacketsarenotsent
downadead-endstreet.
Routingprotocolsenableeachroutertocompileatableofnetworkswiththe
informationneededtosendpacketstothatnetwork.Essentially,thetablesays“send
traffictonetworkx;useinterfacey”whereyisoneoftherouter’sownnetworkinterfaces.
Administratorscanalsomanuallyconfigureroutesthroughthenetwork.Thisiscalled
staticrouting,asopposedtoprotocol-basedconfiguration,whichiscalleddynamic
routing.
Oncomplexnetworks,theremaybeseveralviableroutesfromasourcetoaparticular
destination.Routerscontinuallyratethepossiblepathsthroughthenetwork,sotheycan
selecttheshortest,fastest,oreasiestrouteforapacket.
CHAPTER
14 OtherTCP/IPProtocols
WhileInternetProtocolversion4(IPv4)hasbeenthemostcommonlyused,thereare
manyotherpartsoftheTransmissionControlProtocol/InternetProtocol(TCP/IP)suiteof
protocols.ThischapterdiscussesotherpartsoftheTCP/IPfamilyaswellasothergroups
orprotocolsuitesencounteredintoday’snetworks.
IPv6
AsmentionedinChapter13,nooneinvolvedintheoriginaldesignandimplementationof
theInternetcouldhavepredicteditsexplosivegrowth.TheTCP/IPprotocolsheldup
remarkablywelloverthedecades,provingthatthescalabilityfeaturesincorporatedinto
themwerewelldesigned.However,thesinglebiggestproblemwiththeuseofthese
protocolsistherapidconsumptionoftheaddressspaceprovidedbyIPv4,thecurrent
version.ThelastblockofIPv4addresseswereallottedbytheInternetAssignedNumbers
Authority(IANA)inFebruary2011,sothefreepoolofIPv4addressesisnowgone.
IPaddressesarenolongerbeingusedonlybycomputers;cellularphones,tablets,
globalpositioningsystems,andothermobiledevicesneedtheseaddressesaswell.
Anticipatingtheeventualdepletionofthe32-bitaddressspace,workcommencedonan
upgradedversionofIPin1998,whichhasresultedinseveraldozenrequestsfor
comments(RFCs),includingRFC2460,“InternetProtocol,Version6(IPv6)
Specification.”IPv6doesnotreplaceIPv4,whichisstillusedinmanyapplications.This
versionenhancesandsolvessomeoftheinherentissuesinIPv4.
TheprimaryimprovementinIPv6istheexpansionoftheaddressspacefrom32to
128bits.Forthenearfuture,thisshouldprovideasufficientnumberofIPaddressesforall
devicesthatcanmakeuseofthem(whichisprobablywhatthedesignersofIPv4said
whentheydecidedtouse32-bitaddresses).Inadditiontotheexpandedaddressspace,
IPv6includesthefollowingenhancements:
•SimplifiedheaderformatIPv6removesextraneousfieldsfromtheprotocol
headerandmakesotherfieldsoptionaltoreducethenetworktrafficoverhead
generatedbytheprotocol.
•HeaderextensionsIPv6introducestheconceptofextensionheaders,which
areseparate,optionalheaderslocatedbetweentheIPheaderanditspayload.The
extensionheaderscontaininformationthatisusedonlybytheendsystemthatis
thepacket’sfinaldestination.Bymovingthemintoextensionheaders,the
intermediatesystemsdon’thavetoexpendthetimeandprocessorclockcycles
neededtoprocessthem.
•FlowlabelingIPv6enablesapplicationstoapplya“flowlabel”tospecific
packetsinordertorequestanonstandardqualityofservice.Thisisintendedto
enableapplicationsthatrequirereal-timecommunications,suchasstreaming
audioandvideo,torequestpriorityaccesstothenetworkbandwidth.
•SecurityextensionsIPv6includesextensionsthatsupportauthentication,
dataintegrity,anddataconfidentiality.
IPv6requiresanumberoffundamentalchangestothehardwareandsoftwarethat
makeupthenetworkinfrastructure,apartfromjusttheadaptationto128-bitaddresses.
Forexample,theoperatingsystemsandapplicationsthatuseIPv6mustalsoincludethe
IPv6versionofICMP,definedinRFC2463.Also,networksthatuseIPv6mustsupporta
maximumtransferunitvalueofatleast1,280bytes.Issueslikethesecomplicatedthe
processoftransitioningtheInternetfromIPv4toIPv6.RFC1933definedmechanisms
designedtofacilitatethetransitionprocess,suchassupportforbothIPv4andIPv6layers
inthesamesystemandthetunnelingofIPv6datagramswithinIPv4datagrams,enabling
theexistingIPv4routinginfrastructuretocarryIPv6information.Thesearesomeofthe
differences:
•LargeraddressspaceThe128-bitaddressesinIPv6allowjustover340
trilliontrilliontrillionaddresses.
•DatagramformatThepacketheaderinIPv6enablesmoresecureand
efficientrouting.
•ImprovedreassemblyThemaximumtransmissionunit(MTU)is1,280
bytesinIPv6.
•BetterconnectivityUnderIPv6,everysystemhasauniqueIPaddressand
canmovethroughtheInternetwithoutany“translators.”Onceitisfully
implemented,eachhostcanreacheveryotherhostdirectly.However,firewalls
andnetworkpoliciesdocreatesomelimitationsonthisconnectivity.
IPv6Addresses
AccordingtoRFC4291,“IPVersion6AddressingArchitecture,”therearethreetypesof
identifiersforIPv6addresses:
•AnycastWhenusingananycastaddress,apacketisdeliveredtooneofthe
interfacesidentifiedbythataddress.
•MulticastPacketssenttoamulticastaddressinIPv6aredeliveredtoall
interfacesidentifiedbythataddress.ThisisthesameasIPv4.
•UnicastPacketssenttoaunicastaddressaredeliveredonlytothataddress.
UnicastAddressTypes
TherearethreetypesofunicastaddressesinIPv6:linklocal,uniquelocal,andglobal
unicast.Eachhasitsownconfiguration.
Link-LocalAddressInthisconfiguration,theautoconfiguredIPv6startswithFE80,as
shownhere:
1111111010000000(FE80inhexadecimal)
withthenext48bitssetto0.
TheseaddressesareusedbetweenIPv6hostsonabroadcastsegmentonlyandarenot
routable.Thus,arouterneverforwardstheaddressoutsidethelink.
Unique-LocalAddressThistypeshouldbeusedonlyforlocalcommunication,even
thoughitisgloballyunique.Theaddressisdividedbetweenprefix(1111110),localbit(1
bitonly),globalID(40bits),subnetID(16bits),andinterfaceID(64bits).Theprefixis
alwayssetto1111110(asshown),withthelocalbitsetto1iftheaddressislocally
assigned.Atthistime,thelocalbithasnotyetbeendefined.
GlobalUnicastAddressEssentially,thisisIPv4’spublicaddress.InIPv6,these
addressesaregloballyidentifiableanduniquelyaddressable.Themostsignificant48bits
aredesignatedastheglobalroutingprefix,andthe3mostsignificantbitsoftheprefixare
alwayssetto001,asshowninTable14-1.
Table14-1TheGlobalUnicastAddressinIPv6
IPv6AddressStructure
AllIPv6addressesarefourtimeslonger(128bitsinsteadof32bits)thanIPv4addresses.
AsdiscussedinChapter13,anIPv4addresscontainsfouroctetsandhasadecimalvalue
between0and255.Aperiodseparateseachoftheoctets.IPv4addressmustincludefour
octets.
NormalIPv6Addresses
IPv6addresseshaveaformatthatlookslikethis:
y:y:y:y:y:y:y:y.
Inthisformat,eachyiscalledasegmentandcanbeanyhexadecimalvaluebetween0
andFFFF.NormalIPv6addressesrequireeightsegments.
DualIPv6Addresses
ThedualIPv6addresscombinesbothanIPv6andanIPv4addressandlookslikethis:
y:y:y:y:y:y:x.x.x.x.
TheIPv6portionisalwaysfirst,andthesegmentsareseparatedbycolonsinsteadof
periods.Itmusthavesixsegments.TheIPv4portionmustcontainthreeperiodsandfour
octets.
OtherProtocols
Thereareothertypesofnetworkprotocols,someofwhicharediscussedhere.See
Chapters15and16foradditionalinformation.
ICMP
TheInternetControlMessageProtocol(ICMP)isanetworklayerprotocolthatdoesnot
carryuserdata,althoughitsmessagesareencapsulatedinIPdatagrams.ICMPfillstwo
rolesintheTCP/IPsuite.Itprovideserror-reportingfunctions,informingthesending
systemwhenatransmissioncannotreachitsdestination,forexample,anditcarriesquery
andresponsemessagesfordiagnosticprograms.Thepingutility,forinstance,whichis
includedineveryTCP/IPimplementation,usesICMPechomessagestodetermine
whetheranothersystemonthenetworkcanreceiveandsenddata.
TheICMPprotocol,asdefinedinRFC792,consistsofmessagescarriedinIP
datagrams,withavalueof1intheIPheader’sProtocolfieldand0intheTypeofService
field.Figure14-1illustratestheICMPmessageformat.
Figure14-1TheICMPmessageformat
TheICMPmessageformatconsistsofthefollowingfields:
•Type(1byte)Containsacodeidentifyingthebasicfunctionofthemessage
•Code(1byte)Containsasecondarycodeidentifyingthefunctionofthe
messagewithinaspecifictype
•Checksum(2bytes)Containstheresultsofachecksumcomputationonthe
entireICMPmessage,includingtheType,Code,Checksum,andDatafields(with
avalueof0intheChecksumfieldforcomputationpurposes)
•Data(variable)Containsinformationspecifictothefunctionofthe
message
TheICMPmessagetypesarelistedinTable14-2.
Table14-2ICMPMessageTypes
ICMPErrorMessages
BecauseofthewayTCP/IPnetworksdistributeroutingchoresamongvarioussystems,
thereisnowayforeitheroftheendsystemsinvolvedinatransmissiontoknowwhathas
happenedduringapacket’sjourney.IPisaconnectionlessprotocol,sono
acknowledgmentmessagesarereturnedtothesenderatthatlevel.Whenusinga
connection-orientedprotocolatthetransportlayer,likeTCP,thedestinationsystem
acknowledgestransmissions,butonlyforthepacketsitreceives.Ifsomethinghappens
duringthetransmissionprocessthatpreventsthepacketfromreachingthedestination,
thereisnowayforIPorTCPtoinformthesenderaboutwhathappened.
ICMPerrormessagesaredesignedtofillthisvoid.Whenanintermediatesystem,such
asarouter,hastroubleprocessingapacket,theroutertypicallydiscardsthepacket,
leavingtheupper-layerprotocolstodetectthepacket’sabsenceandarrangefora
retransmission.ICMPmessagesenabletheroutertoinformthesenderoftheexactnature
oftheproblem.DestinationsystemscanalsogenerateICMPmessageswhenapacket
arrivessuccessfullybutcannotbeprocessed.
TheDatafieldofanICMPerrormessagealwayscontainstheIPheaderofthe
datagramthesystemcouldnotprocess,plusthefirst8bytesofthedatagram’sownData
field.Inmostcases,these8bytescontainaUDPheaderorthebeginningofaTCPheader,
includingthesourceanddestinationportsandthesequencenumber(inthecaseofTCP).
Thisenablesthesystemreceivingtheerrormessagetoisolatetheexacttimetheerror
occurredandthetransmissionthatcausedit.
However,ICMPerrormessagesareinformationalonly.Thesystemreceivingthem
doesnotrespondnordoesitnecessarilytakeanyactiontocorrectthesituation.Theuser
oradministratormayhavetoaddresstheproblemthatiscausingthefailure.
Ingeneral,allTCP/IPsystemsarefreetotransmitICMPerrormessages,exceptin
certainspecificsituations.TheseexceptionsareintendedtopreventICMPfromgenerating
toomuchtrafficonthenetworkbytransmittinglargenumbersofidenticalmessages.
Theseexceptionalsituationsareasfollows:
•TCP/IPsystemsdonotgenerateICMPerrormessagesinresponsetoother
ICMPerrormessages.Withoutthisexception,itwouldbepossiblefortwo
systemstobounceerrormessagesbackandforthbetweenthemendlessly.
SystemscangenerateICMPerrorsinresponsetoICMPqueries,however.
•Inthecaseofafragmenteddatagram,asystemgeneratesanICMPerror
messageonlyforthefirstfragment.
•TCP/IPsystemsnevergenerateICMPerrormessagesinresponseto
broadcastormulticasttransmissions,transmissionswithasourceIPaddressof
0.0.0.0,ortransmissionsaddressedtotheloopbackaddress.
ThefollowingsectionsexaminethemostcommontypesofICMPerrormessagesand
theirfunctions.
DestinationUnreachableMessagesDestinationunreachablemessageshaveavalueof
3intheICMPTypefieldandanyoneof13valuesintheCodefield.Asthenameimplies,
thesemessagesindicatethatapacketortheinformationinapacketcouldnotbe
transmittedtoitsdestination.Thevariousmessagesspecifyexactlywhichcomponentwas
unreachableand,insomecases,why.Thistypeofmessagecanbegeneratedbyarouter
whenitcannotforwardapackettoacertainnetworkortothedestinationsystemononeof
therouter’sconnectednetworks.Destinationsystemsthemselvescanalsogeneratethese
messageswhentheycannotdeliverthecontentsofthepackettoaspecificprotocolor
host.
Inmostcases,theerrorisaresultofsometypeoffailure,eithertemporaryor
permanent,inacomputerorthenetworkmedium.Theseerrorscouldalsopossiblyoccur
asaresultofIPoptionsthatpreventthetransmissionofthepacket,suchaswhen
datagramsmustbefragmentedfortransmissionoveraspecificnetworkandtheDon’t
FragmentflagintheIPheaderisset.
SourceQuenchMessagesThesourcequenchmessage,withaTypevalueof4anda
Codevalueof0,functionsasanelementaryformofflowcontrolbyinforminga
transmittingsystemthatitissendingpacketstoofast.Whenthereceiver’sbuffersarein
dangerofbeingoverfilled,thesystemcantransmitasourcequenchmessagetothesender,
whichslowsdownitstransmissionrateasaresult.Thesendershouldcontinuetoreduce
therateuntilitisnolongerreceivingthemessagesfromthereceiver.
Thisisabasicformofflowcontrolthatisreasonablyeffectiveforusebetween
systemsonthesamenetworkbutthatgeneratestoomuchadditionaltrafficonrouted
networks.Inmostcases,thisisunnecessarybecauseTCPprovidesitsownflow-control
mechanismoveradditionaltrafficoninternetworks.
RedirectMessagesRedirectmessagesaregeneratedonlybyrouterstoinformhostsor
otherroutersofbetterroutestoaparticulardestination.
Becausehavingthehostsendthepacketsintendedforthatdestinationdirectlyto
Router2wouldbemoreefficient,Router1sendsaredirectdatagramfortheNetwork
message(Type5,Code0)tothetransmittinghostafteritforwardstheoriginalpacketto
Router2.TheredirectmessagecontainstheusualIPheaderandpartialdatainformation,
aswellastheIPaddressoftherouterthehostshoulduseforitsfuturetransmissionsto
thatnetwork.
Inthisexample,theredirectmessageindicatesthatthehostshouldusetheotherrouter
forthepacketsitwilltransmittoallhostsonNetworkBinthefuture.Theotherredirect
messages(withCodes1through3)enabletheroutertospecifyanalternativerouterfor
transmissionstothespecifichost,tothespecifichostwiththesameTypeofServicevalue,
andtotheentirenetworkwiththesameTypeofServicevalue.
TimeExceededMessagesTimeexceededmessagesareusedtoinformatransmitting
systemthatapackethasbeendiscardedbecauseatimeouthaselapsed.TheTimetoLive
ExceededinTransitmessage(Type11,Code0)indicatesthattheTime-to-Livevalueina
packet’sIPheaderhasreachedzerobeforearrivingatthedestination,forcingtherouterto
discardit.
ThismessageenablestheTCP/IPtracerouteprogramtodisplaytheroutethroughthe
networkthatpacketstaketoagivendestination.Bytransmittingaseriesofpacketswith
incrementedvaluesintheTime-to-Livefield,eachsuccessiverouteronthepathtothe
destinationdiscardsapacketandreturnsanICMPtimeexceededmessagetothesource.
TheFragmentReassemblyTimeExceededmessage(Code1)indicatesthata
destinationsystemhasnotreceivedallthefragmentsofaspecificdatagramwithinthe
timelimitspecifiedbythehost.Asaresult,thesystemmustdiscardallthefragmentsit
hasreceivedandreturntheerrormessagetothesender.
ICMPQueryMessages
ICMPquerymessagesarenotgeneratedinresponsetootheractivities,asaretheerror
messages.Systemsusethemforself-containedrequest/replytransactionsinwhichone
computerrequestsinformationfromanother,whichrespondswithareplycontainingthat
information.
BecausetheyarenotassociatedwithotherIPtransmissions,ICMPqueriesdonot
containdatagraminformationintheirDatafields.Thedatatheydocarryisspecifictothe
functionofthemessage.Thefollowingsectionsexaminesomeofthemorecommon
ICMPquerymessagesandtheirfunctions.
EchoRequestsandRepliesEchoRequestandEchoReplymessagesarethebasisfor
theTCP/IPpingutility,whichsendstestmessagestoanotherhostonthenetworkto
determinewhetheritiscapableofreceivingandrespondingtomessages.Eachping
consistsofanICMPEchoRequestmessage(Type8,Code0)that,inadditiontothe
standardICMPType,Code,andChecksumfields,addsIdentifierandSequenceNumber
fieldsthatthesystemsusetoassociaterequestsandreplies.
Ifthesystemreceivingthemessageisfunctioningnormally,itreversestheSourceand
DestinationIPAddressfieldsintheIPheader,changesthevalueoftheICMPTypefieldto
0(EchoReply),andrecomputesthechecksumbeforetransmittingitbacktothesender.
RouterSolicitationsandAdvertisementsThesemessagesmakeitpossibleforahost
systemtodiscovertheaddressesoftheroutersconnectedtothelocalnetwork.Systems
canusethisinformationtoconfigurethedefaultgatewayentryintheirroutingtables.
WhenahostbroadcastsormulticastsaRouterSolicitationmessage(Type10,Code0),the
routersonthenetworkrespondwithRouterAdvertisementmessages(Type9,Code0).
Routerscontinuetoadvertisetheiravailabilityatregularintervals(typicallyseventoten
minutes).Ahostmaystopusingarouterasitsdefaultgatewayifitfailstoreceive
continuedadvertisements.
TheRouterSolicitationmessageconsistsonlyofthestandardType,Code,and
Checksumfields,plusa4-bytepadintheDatafield.Figure14-2showstheRouter
Advertisementmessageformat.
Figure14-2TheRouterAdvertisementmessageformat
TheRouterAdvertisementmessageformatcontainsthefollowingadditionalfields:
•NumberofAddresses(1byte)Specifiesthenumberofrouteraddresses
containedinthemessage.Theformatcansupportmultipleaddresses,eachof
whichwillhaveitsownRouterAddressandPreferenceLevelfields.
•AddressEntrySize(1byte)Specifiesthenumberof4-bytewordsdevoted
toeachaddressinthemessage.Thevalueisalways2.
•Lifetime(2bytes)Specifiesthetime,inseconds,thatcanelapsebetween
advertisementsbeforeasystemassumesarouterisnolongerfunctioning.The
defaultvalueisusually1,800seconds(30minutes).
•RouterAddress(4bytes)SpecifiestheIPaddressoftheroutergenerating
theadvertisementmessage.
•PreferenceLevel(4bytes)Containsavaluespecifiedbythenetwork
administratorthathostsystemscanusetoselectonerouteroveranother.
UDP
TwoTCP/IPprotocolsoperateatthetransportlayer:TCPandUDP.TheUserDatagram
Protocol(UDP),definedinRFC768,isaconnectionless,unreliableprotocolthatprovides
minimaltransportservicetoapplicationlayerprotocolswithaminimumofcontrol
overhead.Thus,UDPprovidesnopacketacknowledgmentorflow-controlserviceslike
TCP,althoughitdoesprovideend-to-endchecksumverificationonthecontentsofthe
packet.
Althoughitprovidesaminimumofservicesofitsown,UDPdoesfunctionasapassthroughprotocol,meaningthatitprovidesapplicationswithaccesstonetworklayer
services,andviceversa.If,forexample,adatagramcontainingUDPdatacannotbe
deliveredtothedestinationandarouterreturnsanICMPDestinationUnreachable
message,UDPalwayspassestheICMPmessageinformationupfromthenetworklayerto
theapplicationthatgeneratedtheinformationintheoriginaldatagram.UDPalsopasses
alonganyoptionalinformationincludedinIPdatagramstotheapplicationlayerand,in
theoppositedirection,informationfromapplicationsthatIPwilluseasvaluesforthe
Time-to-LiveandTypeofServiceheaderfields.
ThenatureoftheUDPprotocolmakesitsuitableonlyforbrieftransactionsinwhich
allthedatatobesenttothedestinationfitsintoasingledatagram.Thisisbecauseno
mechanismexistsinUDPforsplittingadatastreamintosegmentsandreassemblingthem,
asinTCP.ThisdoesnotmeanthatthedatagramcannotbefragmentedbyIPinthecourse
oftransmission,however.Thisprocessisinvisibletothetransportlayerbecausethe
receivingsystemreassemblesthefragmentsbeforepassingthedatagramupthestack.
Inaddition,becausenopacketacknowledgmentexistsinUDP,itismostoftenused
forclient-servertransactionsinwhichtheclienttransmitsarequestandtheserver’sreply
messageservesasanacknowledgment.Ifasystemsendsarequestandnoreplyis
forthcoming,thesystemassumesthedestinationsystemdidnotreceivethemessageand
retransmits.ItismostlyTCP/IPsupportserviceslikeDNSandDHCP,servicesthatdon’t
carryactualuserdata,thatusethistypeoftransaction.ApplicationssuchasDHCPalso
useUDPwhentheyhavetosendbroadcastormulticasttransmissions.BecausetheTCP
protocolrequirestwosystemstoestablishaconnectionbeforetheytransmituserdata,it
doesnotsupportbroadcastsandmulticasts.
TheheaderforUDPmessages(sometimesconfusinglycalleddatagrams,likeIP
messages)issmall,only8bytes,asopposedtothe20bytesoftheTCPheader.Figure143illustratestheformat.
Figure14-3TheUDPmessageformat
Thefunctionsofthefieldsareasfollows:
•SourcePortNumber(2bytes)Identifiestheportnumberoftheprocessin
thetransmittingsystemthatgeneratedthedatacarriedintheUDPdatagram.In
somecases,thismaybeanephemeralportnumberselectedbytheclientforthis
transaction.
•DestinationPortNumber(2bytes)Identifiestheportnumberofthe
processonthedestinationsystemthatwillreceivethedatacarriedintheUDP
datagram.Well-knownportnumbersarelistedinthe“AssignedNumbers”RFC
andintheServicesfileoneveryTCP/IPsystem.
•UDPLength(2bytes)SpecifiesthelengthoftheentireUDPmessage,
includingtheHeaderandDatafields,inbytes.
•UDPChecksum(2bytes)Containstheresultsofachecksumcomputation
computedfromtheUDPheaderanddata,alongwithapseudo-headercomposed
oftheIPheader’sSourceIPAddress,DestinationIPAddress,andProtocolfields,
plustheUDPLengthfield.Thispseudo-headerenablestheUDPprotocolatthe
receivingsystemtoverifythatthemessagehasbeendeliveredtothecorrect
protocolonthecorrectdestinationsystem.
•Data(variable,upto65,507bytes)Containstheinformationsuppliedby
theapplicationlayerprotocol.
TCP
TheTransmissionControlProtocolistheconnection-oriented,reliablealternativetoUDP,
whichaccountsforthemajorityoftheuserdatatransmittedacrossaTCP/IPnetwork,as
wellasgivingtheprotocolsuiteitsname.TCP,asdefinedinRFC793,provides
applicationswithafullrangeoftransportservices,includingpacketacknowledgment,
errordetectionandcorrection,andflowcontrol.
TCPisintendedforthetransferofrelativelylargeamountsofdatathatwillnotfitinto
asinglepacket.Thedataoftentakestheformofcompletefilesthatmustbesplitupinto
multipledatagramsfortransmission.InTCPterminology,thedatasuppliedtothe
transportlayerisreferredtoasasequence,andtheprotocolsplitsthesequenceinto
segmentsfortransmissionacrossthenetwork.AswithUDP,however,thesegmentsare
packagedinIPdatagramsthatmayenduptakingdifferentroutestothedestination.TCP,
therefore,assignssequencenumberstothesegmentssothereceivingsystemcan
reassembletheminthecorrectorder.
BeforeanytransferofuserdatabeginsusingTCP,thetwosystemsexchange
messagestoestablishaconnection.Thisensuresthatthereceiverisoperatingandcapable
ofreceivingdata.Oncetheconnectionisestablishedanddatatransferbegins,the
receivingsystemgeneratesperiodicacknowledgmentmessages.Thesemessagesinform
thesenderoflostpacketsandalsoprovidetheinformationusedtocontroltherateofflow
tothereceiver.
TheTCPHeader
Toprovidetheseservices,theheaderappliedtoTCPsegmentsisnecessarilylargerthan
thatforUDP.At20bytes(withoutoptions),it’sthesamesizeastheIPheader.
Thefunctionsofthefieldsareasfollows:
•SourcePort(2bytes)Identifiestheportnumberoftheprocessinthe
transmittingsystemthatgeneratedthedatacarriedintheTCPsegments.Insome
cases,thismaybeanephemeralportnumberselectedbytheclientforthis
transaction.
•DestinationPort(2bytes)Identifiestheportnumberoftheprocessonthe
destinationsystemthatwillreceivethedatacarriedintheTCPsegments.Wellknownportnumbersarelistedinthe“AssignedNumbers”RFCandinthe
ServicesfileoneveryTCP/IPsystem.
•SequenceNumber(4bytes)Specifiesthelocationofthedatainthis
segmentinrelationtotheentiredatasequence.
•AcknowledgmentNumber(4bytes)Specifiesthesequencenumberofthe
nextsegmentthattheacknowledgingsystemexpectstoreceivefromthesender.
ThisisactiveonlywhentheACKbitisset.
•DataOffset(4bits)Specifiesthelength,in4-bytewords,oftheTCPheader
(whichmaycontainoptionsexpandingittoasmuchas60bytes).
•Reserved(6bits)Unused.
•ControlBits(6bits)Containssix1-bitflagsthatperformthefollowing
functions:
•URGIndicatesthatthesequencecontainsurgentdataandactivatesthe
UrgentPointerfield
•ACKIndicatesthatthemessageisanacknowledgmentofpreviously
transmitteddataandactivatestheAcknowledgmentNumberfield
•PSHInstructsthereceivingsystemtopushallthedatainthecurrent
sequencetotheapplicationidentifiedbytheportnumberwithoutwaitingfor
therest
•RSTInstructsthereceivingsystemtodiscardallthesegmentsinthe
sequencethathavebeentransmittedthusfarandresetstheTCPconnection
•SYNUsedduringtheconnectionestablishmentprocesstosynchronize
thesequencenumbersinthesourceanddestinationsystems
•FINIndicatestotheothersystemthatthedatatransmissionhasbeen
completedandtheconnectionistobeterminated
•Window(2bytes)ImplementstheTCPflow-controlmechanismby
specifyingthenumberofbytesthesystemcanacceptfromthesender.
•Checksum(2bytes)Containsachecksumcomputationcomputedfromthe
TCPheader;data;andapseudo-headercomposedoftheSourceIPAddress,
DestinationIPAddress,Protocolfieldsfromthepacket’sIPheader,andthelength
oftheentireTCPmessage.
•UrgentPointer(2bytes)ActivatedbytheURGbit,specifiesthedatainthe
sequencethatshouldbetreatedbythereceiverasurgent.
•Options(variable)Maycontainadditionalconfigurationparametersforthe
TCPconnection,alongwithpaddingtofillthefieldtothenearest4-byte
boundary.Theavailableoptionsareasfollows:
•MaximumSegmentSizeSpecifiesthesizeofthelargestsegmentsthe
currentsystemcanreceivefromtheconnectedsystem
•WindowScaleFactorUsedtodoublethesizeoftheWindowSizefield
from2to4bytes
•TimestampUsedtocarrytimestampsindatapacketsthatthereceiving
systemreturnsinitsacknowledgments,enablingthesendertomeasurethe
round-triptime
•Data(variable)Maycontainasegmentoftheinformationpasseddown
fromanapplicationlayerprotocol.InSYN,ACK,andFINpackets,thisfieldis
leftempty.
ConnectionEstablishment
DistinguishingTCPconnectionsfromtheothertypesofconnectionscommonlyusedin
datanetworkingisimportant.Whenyoulogontoanetwork,forexample,youinitiatea
sessionthatremainsopenuntilyoulogoff.Duringthatsession,youmayestablishother
connectionstoindividualnetworkresourcessuchasfileserversthatalsoremainopenfor
extendedlengthsoftime.TCPconnectionsaremuchmoretransient,however,and
typicallyremainopenonlyforthedurationofthedatatransmission.Inaddition,asystem
(orevenasingleapplicationonthatsystem)mayopenseveralTCPconnectionsatonce
withthesamedestination.
Asanexample,considerabasicclient-servertransactionbetweenawebbrowserand
awebserver.WheneveryoutypeaURLinthebrowser,theprogramopensaTCP
connectionwiththeservertotransferthedefaultHTMLfilethatthebrowserusesto
displaytheserver’shomepage.Theconnectionlastsonlyaslongasittakestotransfer
thatonepage.Whentheuserclicksahyperlinktoopenanewpage,anentirelynewTCP
connectionisneeded.Ifthereareanygraphicsonthewebpages,aseparateTCP
connectionisneededtotransmiteachimagefile.
Theadditionalmessagesrequiredfortheestablishmentoftheconnection,plusthesize
oftheheader,addconsiderablytothecontroloverheadincurredbyaTCPconnection.
ThisisthemainreasonwhyTCP/IPhasUDPasalow-overheadtransportlayer
alternative.
Thecommunicationprocessbetweentheclientandtheserverbeginswhentheclient
generatesitsfirstTCPmessage,beginningthethree-wayhandshakethatestablishesthe
connectionbetweenthetwomachines.Thismessagecontainsnoapplicationdata;it
simplysignalstotheserverthattheclientwantstoestablishaconnection.TheSYNbitis
set,andthesystemsuppliesavalueintheSequenceNumberfield,calledtheinitial
sequencenumber(ISN),asshowninFigure14-4.
Figure14-4Theclient’sSYNmessageinitiatestheconnectionestablishmentprocess.
ThesystemusesacontinuouslyincrementingalgorithmtodeterminetheISNitwill
useforeachconnection.Theconstantcyclingofthesequencenumbersmakesithighly
unlikelythatmultipleconnectionsusingthesamesequencenumberswilloccurbetween
thesametwosockets.Theclientsystemthentransmitsthemessageasaunicasttothe
destinationsystemandenterstheSYN-SENTstate,indicatingthatithastransmittedits
connectionrequestandiswaitingforamatchingrequestfromthedestinationsystem.
Theserver,atthistime,isintheLISTENstate,meaningthatitiswaitingtoreceivea
connectionrequestfromaclient.Whentheserverreceivesthemessagefromtheclient,it
replieswithitsownTCPcontrolmessage.Thismessageservestwofunctions:It
acknowledgesthereceiptoftheclient’smessage,asindicatedbytheACKbit,andit
initiatesitsownconnection,asindicatedbytheSYNbit(seeFigure14-5).Theserverthen
enterstheSYN-RECEIVEDstate,indicatingthatithasreceivedaconnectionrequest,
issuedarequestofitsown,andiswaitingforanacknowledgmentfromtheothersystem.
BoththeACKandSYNbitsarenecessarybecauseTCPisafull-duplexprotocol,meaning
thataseparateconnectionisactuallyrunningineachdirection.Bothconnectionsmustbe
individuallyestablished,maintained,andterminated.Theserver’smessagealsocontainsa
valueintheSequenceNumberfield(116270),aswellasavalueintheAcknowledgment
Numberfield(119841004).
Figure14-5Theserveracknowledgestheclient’sSYNandsendsaSYNofitsown.
Bothsystemsmaintaintheirownsequencenumbersandarealsoconsciousofthe
othersystem’ssequencenumbers.Later,whenthesystemsactuallybegintosend
applicationdata,thesesequencenumbersenableareceivertoassembletheindividual
segmentstransmittedinseparatepacketsintotheoriginalsequence.
Remember,althoughthetwosystemsmustestablishaconnectionbeforetheysend
applicationdata,theTCPmessagesarestilltransmittedwithinIPdatagramsandare
subjecttothesametreatmentasanyotherdatagram.Thus,theconnectionisactuallya
virtualone,andthedatagramsmaytakedifferentroutestothedestinationandarriveina
differentorderfromthatinwhichtheyweresent.
Aftertheclientreceivestheserver’smessage,ittransmitsitsownACKmessage(see
Figure14-6)acknowledgingtheserver’sSYNbitandcompletingthebidirectional
connectionestablishmentprocess.Thismessagehasavalueof119841004asitssequence
number,whichisthevalueexpectedbytheserver,andanacknowledgmentnumberof
116271,whichisthesequencenumberitexpectstoseeintheserver’snexttransmission.
BothsystemsnowentertheESTABLISHEDstate,indicatingthattheyarereadyto
transmitandreceiveapplicationdata.
Figure14-6Theclientthenacknowledgestheserver’sSYN,andtheconnectionisestablishedinbothdirections.
DataTransfer
OncetheTCPconnectionisestablishedinbothdirections,thetransmissionofdatacan
begin.Theapplicationlayerprotocoldetermineswhethertheclientortheserverinitiates
thenextexchange.InaFileTransferProtocol(FTP)session,forexample,theserversends
aReadymessagefirst.InaHypertextTransferProtocol(HTTP)exchange,theclient
beginsbysendingtheURLofthedocumentitwantstoreceive.
Thedatatobesentisnotpackagedfortransmissionuntiltheconnectionis
established.ThisisbecausethesystemsusetheSYNmessagestoinformtheothersystem
ofthemaximumsegmentsize(MSS).TheMSSspecifiesthesizeofthelargestsegment
eachsystemiscapableofreceiving.ThevalueoftheMSSdependsonthedatalinklayer
protocolusedtoconnectthetwosystems.
EachsystemsuppliestheotherwithanMSSvalueintheTCPmessage’sOptions
field.LikewiththeIPheader,eachoptionconsistsofmultiplesubfields,whichforthe
MaximumSegmentSizeoption,areasfollows:
•Kind(1byte)Identifiesthefunctionoftheoption.FortheMaximum
SegmentSizeoption,thevalueis2.
•Length(1byte)Specifiesthelengthoftheentireoption.FortheMaximum
SegmentSizeoption,thevalueis4.
•MaximumSegmentSize(2bytes)Specifiesthesize(inbytes)ofthe
largestdatasegmentthesystemcanreceive.
Intheclientsystem’sfirstTCPmessage,shownearlierinFigure14-4,thevalueofthe
Optionsfieldis(inhexadecimalnotation)020405B001010402.Thefirst4bytesofthis
valueconstitutetheMSSoption.TheKindvalueis02,theLengthis04,andtheMSSis
05B0,whichindecimalformis1,456bytes.Thisworksouttothemaximumframesize
foranEthernetIInetwork(1,500bytes)minus20bytesfortheIPheaderand24bytesfor
theTCPheader(20bytesplus4optionbytes).Theserver’sownSYNpacketcontainsthe
samevalueforthisoptionbecausethesetwocomputerswerelocatedonthesameEthernet
network.
NOTETheremaining4bytesintheOptionsfieldconsistof2bytesof
padding(0101)andtheKind(04)andLength(02)fieldsoftheSACKPermittedoption,indicatingthatthesystemiscapableofprocessing
extendedinformationaspartofacknowledgmentmessages.
Whenthetwosystemsarelocatedondifferentnetworks,theirMSSvaluesmayalso
bedifferent,andhowthesystemsdealwiththisisleftuptotheindividualTCP
implementations.Somesystemsmayjustusethesmallerofthetwovalues,whileothers
mightreverttothedefaultvalueof536bytesusedwhennoMSSoptionissupplied.
Windows2000systemsuseaspecialmethodofdiscoveringtheconnectionpath’sMTU
(thatis,thelargestpacketsizepermittedonaninternetworklinkbetweentwosystems).
Thismethod,asdefinedinRFC1191,enablesthesystemstodeterminethepacketsizes
permittedonintermediatenetworks.Thus,evenifthesourceanddestinationsystemsare
bothconnectedtoEthernetnetworkswith1,500-byteMTUs,theycandetectan
intermediateconnectionthatsupportsonlya576-byteMTU.
OncetheMSSfortheconnectionisestablished,thesystemscanbeginpackagingdata
fortransmission.InthecaseofanHTTPtransaction,thewebbrowserclienttransmitsthe
desiredURLtotheserverinasinglepacket(seeFigure14-7).Noticethatthesequence
numberofthispacket(119841004)isthesameasthatforthepreviouspacketitsentin
acknowledgmenttotheserver’sSYNmessage.ThisisbecauseTCPmessagesconsisting
onlyofanacknowledgmentdonotincrementthesequencecounter.Theacknowledgment
numberisalsothesameasinthepreviouspacketbecausetheclienthasnotyetreceived
thenextmessagefromtheserver.NotealsothatthePSHbitisset,indicatingthatthe
servershouldsendtheencloseddatatotheapplicationimmediately.
Figure14-7ThefirstdatapacketsentovertheconnectioncontainstheURLrequestedbythewebbrowser.
Afterreceivingtheclient’smessage,theserverreturnsanacknowledgmentmessage,
asshowninFigure14-8,thatusesthesequencenumberexpectedbytheclient(116271)
andhasanacknowledgmentnumberof119841363.Thedifferencebetweenthis
acknowledgmentnumberandthesequencenumberoftheclientmessagepreviouslysent
is359;thisiscorrectbecausethedatagramtheclientsenttotheserverwas399bytes
long.Subtracting40bytesfortheIPandTCPheadersleaves359bytesofdata.Thevalue
intheserver’sacknowledgmentmessage,therefore,indicatesthatithassuccessfully
received359bytesofdatafromtheclient.Aseachsystemsendsdatatotheother,they
incrementtheirsequencenumbersforeachbytetransmitted.
Figure14-8Theserveracknowledgesallofthedatabytestransmittedbytheclient.
Thenextstepintheprocessisfortheservertorespondtotheclient’srequestby
sendingittherequestedHTMLfile.UsingtheMSSvalue,theservercreatessegments
smallenoughtobetransmittedoverthenetworkandtransmitsthefirstoneinthe
message,asshowninFigure14-9.Thesequencenumberisagainthesameastheserver’s
previousmessagebecausethepreviousmessagecontainedonlyanacknowledgment.The
acknowledgmentnumberisalsothesamebecausetheserverissendingasecondmessage
withoutanyinterveningcommunicationfromtheclient.
Figure14-9Inresponsetotheclient’srequest,theserverbeginstotransmitthewebpageaftersplittingitintomultiple
segments.
Inadditiontotheacknowledgmentservicejustdescribed,theTCPheaderfields
providetwomoreservices:
•Errorcorrection
•Flowcontrol
Thefollowingsectionsexamineeachofthesefunctions.
ErrorCorrectionYousawinthepreviousexamplehowareceivingsystemusesthe
acknowledgmentnumberinitsACKmessagetoinformthesenderthatitsdatawas
receivedcorrectly.Thesystemsalsousethismechanismtoindicatewhenanerrorhas
occurredanddataisnotreceivedcorrectly.
TCP/IPsystemsuseasystemofdelayedacknowledgments,meaningtheydonothave
tosendanacknowledgmentmessageforeverypackettheyreceive.Themethodusedto
determinewhenacknowledgmentsaresentisleftuptotheindividualimplementation,but
eachacknowledgmentspecifiesthatthedata,uptoacertainpointinthesequence,has
beenreceivedcorrectly.Thesearecalledpositiveacknowledgmentsbecausetheyindicate
thatdatahasbeenreceived.Negativeacknowledgmentsorselectiveacknowledgments,
whichspecifythatdatahasnotbeenreceivedcorrectly,arenotpossibleinTCP.
Whatif,forexample,inthecourseofasingleconnection,aservertransmitsfivedata
segmentstoaclientandthethirdsegmentmustbediscardedbecauseofachecksumerror?
Thereceivingsystemmustthensendanacknowledgmentbacktothesenderindicating
thatallthemessagesupthroughthesecondsegmenthavebeenreceivedcorrectly.Even
thoughthefourthandfifthsegmentswerealsoreceivedcorrectly,thethirdsegmentwas
not.Usingpositiveacknowledgmentsmeansthatthefourthandfifthsegmentsmustbe
retransmitted,inadditiontothethird.
ThemechanismusedbyTCPiscalledpositiveacknowledgmentwithretransmission
becausethesendingsystemautomaticallyretransmitsalloftheunacknowledgedsegments
afteracertaintimeinterval.Thewaythisworksisthatthesendingsystemmaintainsa
queuecontainingallofthesegmentsithasalreadytransmitted.Asacknowledgments
arrivefromthereceiver,thesenderdeletesthesegmentsthathavebeenacknowledged
fromthequeue.Afteracertainelapsedtime,thesendingsystemretransmitsallofthe
unacknowledgedsegmentsremaininginthequeue.Thesystemsusealgorithms
documentedinRFC1122tocalculatethetimeoutvaluesforaconnectionbasedonthe
amountoftimeittakesforatransmissiontotravelfromonesystemtotheotherandback
again,calledtheround-triptime.
FlowControlFlowcontrolisanimportantelementoftheTCPprotocolbecauseitis
designedtotransmitlargeamountsofdata.Receivingsystemshaveabufferinwhichthey
storeincomingsegmentswaitingtobeacknowledged.Ifasendingsystemtransmitstoo
manysegmentstooquickly,thereceiver’sbufferfillsupandanypacketsarrivingatthe
systemarediscardeduntilspaceinthebufferisavailable.TCPusesamechanismcalleda
slidingwindowforitsflowcontrol,whichisessentiallyameansforthereceivingsystem
toinformthesenderofhowmuchbufferspaceithasavailable.
EachacknowledgmentmessagegeneratedbyasystemreceivingTCPdataspecifies
theamountofbufferspaceithasavailableinitsWindowfield.Aspacketsarriveatthe
receivingsystem,theywaitinthebufferuntilthesystemgeneratesthemessagethat
acknowledgesthem.Thesendingsystemcomputestheamountofdataitcansendby
takingtheWindowvaluefromthemostrecentlyreceivedacknowledgmentand
subtractingthenumberofbytesithastransmittedsinceitreceivedthatacknowledgment.
Iftheresultofthiscomputationiszero,thesystemstopstransmittinguntilitreceives
acknowledgmentofoutstandingpackets.
ConnectionTermination
Whentheexchangeofdatabetweenthetwosystemsiscomplete,theyterminatetheTCP
connection.Becausetwoconnectionsareactuallyinvolved—oneineachdirection—both
mustbeindividuallyterminated.Theprocessbeginswhenonemachinesendsamessage
inwhichtheFINcontrolbitisset.Thisindicatesthatthesystemwantstoterminatethe
connectionithasbeenusingtosenddata.
Whichsysteminitiatestheterminationprocessisdependentontheapplication
generatingthetraffic.InanHTMLtransaction,theservercanincludetheFINbitinthe
messagecontainingthelastsegmentofdatainthesequence,oritcantaketheformofa
separatemessage.TheclientreceivingtheFINfromtheserversendsanacknowledgment,
closingtheserver’sconnection,andthensendsaFINmessageofitsown.Notethat,
unlikethethree-wayhandshakethatestablishedtheconnection,theterminationprocedure
requiresfourtransmissionsbecausetheclientsendsitsACKandFINbitsinseparate
messages.Whentheservertransmitsitsacknowledgmenttotheclient’sFIN,the
connectioniseffectivelyterminated.
CHAPTER
15 TheDomainNameSystem
Computersaredesignedtoworkwithnumbers,whilehumansaremorecomfortable
workingwithwords.ThisfundamentaldichotomyisthereasonwhytheDomainName
System(DNS)cametobe.Backinthedarkdaysofthe1970s,whentheInternetwasthe
ARPANETandtheentireexperimentalnetworkconsistedofonlyafewhundredsystems,
aneedwasrecognizedforamechanismthatwouldpermituserstorefertothenetwork’s
computersbyname,ratherthanbyaddress.TheintroductionoftheTransmissionControl
Protocol/InternetProtocol(TCP/IP)protocolsintheearly1980sledtotheuseof32-bitIP
addresses,whichevenindotteddecimalformweredifficulttoremember.
HostTables
Thefirstmechanismforassigninghuman-friendlynamestoaddresseswascalledahost
table,whichtooktheformofafilecalled/etc/hostsonUnixsystems.Thehosttablewasa
simpleASCIIfilethatcontainedalistofnetworksystemaddressesandtheirequivalent
hostnames.Whenuserswantedtoaccessresourcesonothernetworksystems,theywould
specifyahostnameintheapplication,andthesystemwouldresolvethenameintothe
appropriateaddressbylookingitupinthehosttable.Thishosttablestillexistsonall
TCP/IPsystemstoday,usuallyintheformofafilecalledHostssomewhereonthelocal
diskdrive.Ifnothingelse,thehosttablecontainsthefollowingentry,whichassignstothe
standardIPloopbackaddressthehostnamelocalhost:
127.0.0.1localhost
Today,theDomainNameSystemhasreplacedthehosttablealmostuniversally,but
whenTCP/IPsystemsattempttoresolveahostnameintoanIPaddress,itisstillpossible
toconfigurethemtochecktheHostsfilefirstbeforeusingDNS.Ifyouhaveasmall
networkofTCP/IPsystemsthatisnotconnectedtotheInternet,youcanusehosttableson
yourmachinestomaintainfriendlyhostnamesforyourcomputers.Thenameresolution
processwillbeveryfastbecausenonetworkcommunicationsarenecessaryandyouwill
notneedaDNSserver.
HostTableProblems
TheuseofhosttablesonTCP/IPsystemscausedseveralproblems,allofwhichwere
exacerbatedasthefledglingInternetgrewfromasmall“family”ofnetworkedcomputers
intotoday’sgiganticnetwork.Themostfundamentalproblemwasthateachcomputerhad
tohaveitsownhosttable,whichlistedthenamesandaddressesofalloftheother
computersonthenetwork.Whenyouconnectedanewcomputertothenetwork,you
couldnotaccessituntilanentryforitwasaddedtoyourcomputer’shosttable.
Foreveryonetokeeptheirhosttablesupdated,itwasnecessarytoinformthe
administratorswhenasystemwasaddedtothenetworkoranameoraddresschange
occurred.HavingeveryadministratorofanARPANETsysteme-maileveryother
administratoreachtimetheymadeachangewasobviouslynotapracticalsolution,soit
wasnecessarytodesignatearegistrarthatwouldmaintainamasterlistofthesystemson
thenetwork,theiraddresses,andtheirhostnames.
ThetaskofmaintainingthisregistrywasgiventotheNetworkInformationCenter
(NIC)attheStanfordResearchInstitute(SRI),inMenloPark,California.Themasterlist
wasstoredinafilecalledHosts.txtonacomputerwiththehostnameSRI-NIC.
AdministratorsofARPANETsystemswoulde-mailtheirmodificationstotheNIC,which
wouldupdatetheHosts.txtfileperiodically.Tokeeptheirsystemsupdated,the
administratorswoulduseFTPtodownloadthelatestHosts.txtfilefromSRI-NICand
compileitintoanewHostsfilefortheirsystems.
Initially,thiswasanadequatesolution,butasthenetworkcontinuedtogrow,it
becameincreasinglyunworkable.Asmoresystemswereaddedtothenetwork,the
Hosts.txtfilegrewlarger,andmorepeoplewereaccessingSRI-NICtodownloaditona
regularbasis.Theamountofnetworktrafficgeneratedbythissimplemaintenancetask
becameexcessive,andchangesstartedoccurringsofastthatitwasdifficultfor
administratorstokeeptheirsystemsupdated.
Anotherseriousproblemwasthattherewasnocontroloverthehostnamesusedto
representthesystemsonthenetwork.OnceTCP/IPcameintogeneraluse,theNICwas
responsibleforassigningnetworkaddresses,butadministratorschosetheirown
hostnamesforthecomputersontheirnetworks.Theaccidentaluseofduplicatehostnames
resultedinmisroutedtrafficanddisruptionofcommunications.Imaginethechaosthat
wouldresulttodayifanyoneontheInternetwasallowedtosetupawebserveranduse
thenamemicrosoft.comforit.Clearly,abettersolutionwasneeded,andthisledtothe
developmentoftheDomainNameSystem.
DNSObjectives
Toaddresstheproblemsresultingfromtheuseofhosttablesfornameregistrationand
resolution,thepeopleresponsiblefortheARPANETdecidedtodesignacompletelynew
mechanism.Theirprimaryobjectivesatfirstseemedtobecontradictory:todesigna
mechanismthatwouldenableadministratorstoassignhostnamestotheirownsystems
withoutcreatingduplicatenamesandtomakethathostnameinformationglobally
availabletootheradministratorswithoutrelyingonasingleaccesspointthatcould
becomeatrafficbottleneckandasinglepointoffailure.Inaddition,themechanismhadto
beabletosupportinformationaboutsystemsthatusevariousprotocolswithdifferent
typesofaddresses,andithadtobeadaptableforusebymultipleapplications.
ThesolutionwastheDomainNameSystem,designedbyPaulMockapetrisand
publishedin1983astwoInternetEngineeringTaskForce(IETF)documentscalled
requestforcomments(RFC):RFC882,“DomainNames:ConceptsandFacilities,”and
RFC883,“DomainNames:ImplementationSpecification.”Thesedocumentswere
updatedin1987,publishedasRFC1034andRFC1035,respectively,andratifiedasan
IETFstandard.Sincethattime,numerousotherRFCshaveupdatedtheinformationinthe
standardtoaddresscurrentnetworkingissues.
Currentrequestsandupdatestoolderentriescanbefoundatrfc-editor.org.
TheDNS,asdesignedbyMockapetris,consistsofthreebasicelements:
•Ahierarchicalnamespacethatdividesthehostsystemdatabaseintodiscrete
elementscalleddomains
•Domainnameserversthatcontaininformationaboutthehostand
subdomainswithinagivendomain
•Resolversthatgeneraterequestsforinformationfromdomainnameservers
Theseelementsarediscussedinthefollowingsections.
DomainNaming
TheDomainNameSystemachievesthedesignatedobjectivesbyusingahierarchical
system,bothinthenamespaceusedtonamethehostsandinthedatabasethatcontains
thehostnameinformation.BeforetheDNSwasdeveloped,administratorsassignedsimple
hostnamestothecomputersontheirnetworks.Thenamessometimesreflectedthe
computer’sfunctionoritslocation,aswithSRI-NIC,buttherewasnopolicyinplacethat
requiredthis.Atthattime,therewerefewenoughcomputersonthenetworktomakethis
apracticalsolution.
Tosupportthenetworkasitgrewlarger,Mockapetrisdevelopedahierarchicalname
spacethatmadeitpossibleforindividualnetworkadministratorstonametheirsystems,
whileidentifyingtheorganizationthatownsthesystemsandpreventingtheduplicationof
namesontheInternet.TheDNSnamespaceisbasedondomains,whichexistina
hierarchicalstructuremuchlikethedirectorytreeinafilesystem.Adomainisthe
equivalentofadirectory,inthatitcancontaineithersubdomains(subdirectories)orhosts
(files),formingastructurecalledtheDNStree(seeFigure15-1).Bydelegatingthe
responsibilityforspecificdomainstonetworkadministratorsallovertheInternet,the
resultisadistributeddatabasescatteredonsystemsalloverthenetwork.
Figure15-1TheDomainNameSystemusesatreestructurelikethatofafilesystem.
NOTEThetermdomainhasmorethanonemeaninginthecomputerindustry.
Adomaincanbeagroupofdevicesonanetworkadministeredasone
unit.OntheInternet,itcanbeanIPaddress,suchasmcgrawhill.comin
whichallthedevicessharingpartofthisaddressareconsideredpartof
thesamedomain.Youmayalsoseesoftwarethatisinthepublicdomain,
whichmeanstheprogramcanbeusedwithoutcopyrightrestrictions.
ToassignuniqueIPaddressestocomputersallovertheInternet,atwo-tieredsystem
wasdevisedinwhichadministratorsreceivethenetworkidentifiersthatformthefirstpart
oftheIPaddressesandthenassignhostidentifierstoindividualcomputersthemselvesto
formthesecondpartoftheaddresses.Thisdistributestheaddressassignmenttasksamong
thousandsofnetworkadministratorsallovertheworld.TheDNSnamespacefunctionsin
thesameway:Administratorsareassigneddomainnamesandarethenresponsiblefor
specifyinghostnamestosystemswithinthatdomain.
TheresultisthateverycomputerontheInternetisuniquelyidentifiablebyaDNS
namethatconsistsofahostnameplusthenamesofallofitsparentdomains,stretchingup
totherootoftheDNStree,separatedbyperiods.Eachofthenamesbetweentheperiods
canbeupto63characterslong,withatotallengthof255charactersforacompleteDNS
name,includingthehostandallofitsparentdomains.Domainandhostnamesarenotcase
sensitiveandcantakeanyvalueexceptthenullvalue(nocharacters),whichrepresentsthe
rootoftheDNStree.Domainandhostnamesalsocannotcontainanyofthefollowing
symbols:
_:,/\[email protected]#!$%^&*(){}[]|;"<>~`
NOTEUsingashellprompt,youcanentertheIPaddressofacomputerto
lookuptheDNSname.
InFigure15-2,acomputerinthemycorpdomainfunctionsasawebserver,andthe
administratorhasthereforegivenitthehostnamewww.Thisadministratorisresponsible
forthemycorpdomainandcanthereforeassignsystemsinthatdomainanyhostnamehe
wants.Becausemycorpisasubdomainofcom,thefullDNSnameforthatwebserveris
www.mycorp.com.Thus,aDNSnameissomethinglikeapostaladdress,inwhichthe
top-leveldomainistheequivalentofthestate,thesecond-leveldomainisthecity,andthe
hostnameisthestreetaddress.
Figure15-2ADNSnamelikewww.mycorp.comreflectsasystem’splaceinthedomainhierarchy.
BecauseacompleteDNSnametracesthedomainpathallthewayupthetreestructure
totheroot,itshouldtheoreticallyendwithaperiod,indicatingthedivisionbetweenthe
top-leveldomainandtheroot.However,thistrailingperiodisnearlyalwaysomittedin
commonuse,exceptincasesinwhichitservestodistinguishanabsolutedomainname
fromarelativedomainname.Anabsolutedomainname(alsocalledafullyqualified
domainname[FQDN])doesspecifythepathallthewaytotheroot,whilearelative
domainnamespecifiesonlythesubdomainrelativetoaspecificdomaincontext.For
example,whenworkingonacomplexnetworkcalledzacker.comthatusesseverallevels
ofsubdomains,youmightrefertoasystemusingarelativedomainnameofmail.paris
withoutaperiodbecauseit’sunderstoodbyyourcolleaguesthatyou’reactuallyreferring
toasystemwithanabsolutenameofmail.paris.zacker.com.(withaperiod).
It’salsoimportanttounderstandthatDNSnameshavenoinherentconnectiontoIP
addressesoranyothertypeofaddress.Theoretically,thehostsystemsinaparticular
domaincanbelocatedondifferentnetworks,thousandsofmilesapart.
Top-LevelDomains
IneveryDNSname,thefirstwordontherightrepresentsthedomainatthehighestlevel
intheDNStree,calledatop-leveldomain.Thesetop-leveldomainsessentiallyfunctionas
registrarsforthedomainsatthesecondlevel.Forexample,theadministratorof
zacker.comwenttothecomtop-leveldomainandregisteredthenamezacker.Inreturnfor
afee,thatadministratornowhasexclusiveuseofthenamezacker.comandcancreateany
hostorsubdomainnamesinthatdomainthathewants.Itdoesn’tmatterthatthousandsof
othernetworkadministratorshavenamedtheirwebserverswwwbecausetheyallhave
theirownindividualdomainnames.Thehostnamewwwmaybeduplicatedanywhere,as
longastheDNSnameisunique.
TheoriginalDNSnamespacecalledforseventop-leveldomains,centeredinU.S.
nomenclatureanddedicatedtospecificpurposes,asfollows:
•comCommercialorganizations
•eduFour-year,degree-grantingeducationalinstitutionsinNorthAmerica
•govU.S.governmentinstitutions
•intOrganizationsestablishedbyinternationaltreaty
•milU.S.militaryapplications
•netNetworkingorganizations
•orgNoncommercialorganizations
Theedu,gov,int,andmildomainswereoriginallyreservedforusebycertified
organizations,butthecom,org,andnetdomainswereandarecalledglobaldomains,
becauseorganizationsanywhereintheworldcanregistersecond-leveldomainswithin
them.Originally,thesetop-leveldomainsweremanagedbyacompanycalledNetwork
Solutions(NSI,formerlyknownasInterNIC,theInternetNetworkInformationCenter)as
aresultofcooperativeagreementwiththeU.S.government.Youcanstillgotoitsweb
siteatwww.networksolutions.com/andregisternamesinthesetop-leveldomains.
In1998,theagreementwiththeU.S.governmentwaschangedtopermitother
organizationstocompetewithNSIinprovidingdomainregistrations.Anorganization
calledtheInternetCorporationforAssignedNamesandNumbers(ICANN)isresponsible
fortheaccreditationofdomainnameregistrars.Underthisnewpolicy,theproceduresand
feesforregisteringnamesinthecom,net,andorgdomainsmayvary,buttherewillbeno
differenceinthefunctionalityofthedomainnames,norwillduplicatenamesbe
permitted.ThecompletelistofregistrarsthathavebeenaccreditedbyICANNisavailable
athttp://www.webhosting.info/registrars/.
Currently,morethan1,900newtop-leveldomainnameshavebeensubmittedto
ICANN,andduring2015,itisanticipatedthateachweeknewnameswillbeavailablefor
openregistration.Whiletheremaybeconflicts,theissueswill,atthistime,besettledby
auctionornegotiation.Approvalfornewtop-leveldomainnamescurrentlyhasthree
stages:
•SunrisestageDuringthis60-dayperiod,legaltrademarkownerscan“stake
theirclaim”beforeregistrationforthatname.
•LandrushstageThisisapreregistrationperiodwhereapplicantscanpaya
fee(whichinmanycaseswillbesubstantial)foraspecificdomainname.
•OpenregistrationDuringthistime,anyonecanregisteranewdomain.
.comDomainConflicts
Thecomtop-leveldomainistheonemostcloselyassociatedwithcommercialInternet
interests,andnamesofcertaintypesinthecomdomainarebecomingscarce.For
example,itisdifficultatthistimetocomeupwithasnappynameforanInternet
technologycompanythatincludestheword“net”thathasnotalreadybeenregisteredin
thecomdomain.
Therehavealsobeenconflictsbetweenorganizationsthatthinktheyhavearighttoa
particulardomainname.Trademarklawpermitstwocompaniestohavethesamename,as
longastheyarenotdirectlycompetitiveinthemarketplace.However,A1AutoParts
CompanyandA1Softwaremaybothfeelthattheyhavearighttothea1.comdomain,and
lawsuitshaveariseninsomecases.Inotherinstances,forward-thinkingprivate
individualswhoregistereddomainsusingtheirownnameshavelaterbeenconfrontedby
corporationswiththesamenamewhowanttojumpontheInternetbandwagonandthink
theyhavearighttothatname.IfacertainindividualofScottishextractionregistershis
domainonlytofindoutsomeyearslaterthatafast-foodcompany(forexample)isvery
anxioustoacquirethatdomainname,theendresultcanbeeitheraprofitablesettlement
fortheindividualoranastycourtcase.
ThisphenomenongaverisetoaparticularbreedofInternetbottom-feederknownas
domainnamespeculators.Thesepeopleregisterlargenumbersofdomainnamesthatthey
thinksomecompanymightwantsomeday,hopingthattheycanreceivealargefeein
returnforsellingthemthedomainname.Anotherunscrupulouspracticeisforacompany
inaparticularbusinesstoregisterdomainsusingthenamesoftheircompetitors.Thus,
whenInternetusersgotopizzaman.com,expectingtofindRaythePizzaMan’swebsite,
theyinsteadfindthemselvesredirectedtothesiteforBob’sPizzaPalace,whichislocated
acrossthestreetfromRay’s.
Cybersquatting
Bydefinition,cybersquattingisthepracticeofregisteringanInternetdomainnamesimply
forthepurposeofprofitingbysellingthenametosomeoneelse.AccordingtotheWorld
IntellectualPropertyOrganization(WIPO),thispracticeincludesthefollowing:
•Abusiveregistrationofadomainnamethatismisleadinglysimilaror
identicaltoanexistingtrademark.
•Aregistereddomainnameforwhichtheregisteringpartyhasnorightsor
legitimateinterests.
•Adomainnamethatisregisteredandusedinbadfaith.
ICANNcreateditsUniformDomainNameResolutionPolicy(UDRP)tocounteract
cybersquatting.Since2000,allregistrantsofdomainssuchas.com,.net,and.orghave
beensubjecttothispolicy.Inresponsetothenewtop-leveldomains(TLDs),inMarch
2013,ICANNlaunchedtheIPTrademarkClearinghouse,acentralizeddatabaseofvalid
trademarkstoprotectthesetrademarks,especiallyduringthetimeinwhichthenewTLDs
arelaunched.
Country-CodeDomains
Therearemanycountry-codedomains(alsocalledinternationaldomains),namedfor
specificcountriesusingtheISOdesignations,suchasfrforFranceanddeforDeutschland
(Germany).Manyofthesecountriesallowfreeregistrationofsecond-leveldomainsto
anyone,withoutrestrictions.Fortheothercountries,anorganizationmustconformto
somesortoflocalpresence,tax,ortrademarkguidelinesinordertoregisterasecond-level
domain.Eachofthesecountry-codedomainsismanagedbyanorganizationinthat
country,whichestablishesitsowndomainnameregistrationpolicies.
NOTEForthecountrycodesmaintainedbytheInternationalOrganizationfor
Standardization(ISO),seewww.iso.org/iso/country_codes.htm.
Thereisalsoaustop-leveldomainthatisaviablealternativefororganizationsunable
toobtainasatisfactorynameinthecomdomain.InMarch2014,theNational
TelecommunicationsandInformationAdministration(NTIA)armoftheU.S.Department
ofCommerceawardedtheadministrativecontracttoNeustarforthreeyears.Thisentity
registerssecond-leveldomainstobusinessesandindividuals,aswellastogovernment
agencies,educationalinstitutions,andotherorganizations.Theonlyrestrictionisthatall
usdomainsmustconformtoanaminghierarchythatusestwo-letterstateabbreviationsat
thethirdlevelanduseslocalcityorcountynamesatthefourthlevel.Thus,anexampleof
avaliddomainnamewouldbesomethinglikemgh.newyork.ny.us.Thegeneralformatis
<organization-name>.<locality>.<state>.us,where<state>isastate’stwo-letterpostal
abbreviation.
Second-LevelDomains
Theregistrarsofthetop-leveldomainsareresponsibleforregisteringsecond-leveldomain
names,inreturnforasubscriptionfee.Aslongasanorganizationcontinuestopaythe
feesforitsdomainname,ithasexclusiverightstothatname.Thedomainregistrar
maintainsrecordsthatidentifytheownerofeachsecond-leveldomainandspecifythree
contactswithintheregistrant’sorganization—anadministrativecontact,abillingcontact,
andatechnicalcontact.Inaddition,theregistrarmusthavetheIPaddressesoftwoDNS
serversthatfunctionasthesourceforfurtherinformationaboutthedomain.Thisisthe
onlyinformationmaintainedbythetop-leveldomain.Theadministratorsofthe
registrant’snetworkcancreateasmanyhostsandsubdomainswithinthesecond-level
domainastheywantwithoutinformingtheregistrarsatall.
Tohostasecond-leveldomain,anorganizationmusthavetwoDNSservers.ADNS
serverisasoftwareprogramthatrunsonacomputer.DNSserverproductsareavailable
forallofthemajornetworkoperatingsystems.TheDNSserversdonothavetobelocated
ontheregistrant’snetwork;manycompaniesoutsourcetheirInternetserverhostingchores
andusetheirserviceprovider’sDNSservers.TheDNSserversidentifiedinthetop-level
domain’srecordaretheauthorityforthesecond-leveldomain.Thismeansthatthese
serversaretheultimatesourceforinformationaboutthatdomain.Whennetwork
administratorswanttoaddahosttothenetworkorcreateanewsubdomain,theydosoin
theirownDNSservers.Inaddition,wheneverauserapplicationsomewhereonthe
InternethastodiscovertheIPaddressassociatedwithaparticularhostname,therequest
eventuallyendsupatoneofthedomain’sauthoritativeservers.
Thus,initssimplestform,theDomainNameSystemworksbyreferringrequestsfor
theaddressofaparticularhostnametoatop-leveldomainserver,whichinturnpassesthe
requesttotheauthoritativeserverforthesecond-leveldomain,whichrespondswiththe
requestedinformation.ThisiswhytheDNSisdescribedasadistributeddatabase.The
informationaboutthehostsinspecificdomainsisstoredontheirauthoritativeservers,
whichcanbelocatedanywhere.Thereisnosinglelistofallthehostnamesontheentire
Internet,whichisactuallyagoodthingbecauseatthetimethattheDNSwasdeveloped,
noonewouldhavepredictedthattheInternetwouldgrowaslargeasithas.
ThisdistributednatureoftheDNSdatabaseeliminatesthetraffic-congestionproblem
causedbytheuseofahosttablemaintainedonasinglecomputer.Thetop-leveldomain
serverhandlesmillionsofrequestsaday,buttheyarerequestsonlyfortheDNSservers
associatedwithsecond-leveldomains.Ifthetop-leveldomainshadtomaintainrecordsfor
everyhostineverysecond-leveldomaintheyhaveregistered,theresultingtrafficwould
bringtheentiresystemtoitsknees.
Distributingthedatabaseinthiswayalsosplitsthechoresofadministeringthe
databaseamongthousandsofnetworkadministratorsaroundtheworld.Domainname
registrantsareeachresponsiblefortheirownareaofthenamespaceandcanmaintainitas
theywantwithcompleteautonomy.
Subdomains
ManyofthedomainsontheInternetstopattwolevels,meaningthatthesecond-level
domaincontainsonlyhostsystems.However,itispossiblefortheadministratorsofa
second-leveldomaintocreatesubdomainsthatformadditionallevels.Theustop-level
domain,forexample,requiresaminimumofthreelevels:thecountrycode,thestatecode,
andthelocalcityorcountycode.Thereisnolimitonthenumberoflevelsyoucancreate
withinadomain,exceptforthoseimposedbypracticalityandthe255-charactermaximum
DNSnamelength.
Insomecases,largeorganizationsusesubdomainstosubdividetheirnetworks
accordingtogeographicalororganizationalboundaries.Alargecorporationmightcreatea
third-leveldomainforeachcityorcountryinwhichithasanoffice,suchas
paris.zacker.comandnewyork.zacker.com,orforeachofseveraldepartments,suchas
sales.zacker.comandmis.zacker.com.Theorganizationalparadigmforeachdomainisleft
completelyuptoitsadministrators.
Theuseofsubdomainscanmakeiteasiertoidentifyhostsonalargenetwork,but
manyorganizationsalsousethemtodelegatedomainmaintenancechores.TheDNS
serversforatop-leveldomaincontaintheaddressesforeachsecond-leveldomain’s
authoritativeservers.Inthesameway,asecond-leveldomain’sserverscanreferto
authoritativeserversforthird-leveladministratorsateachsitetomaintaintheirownDNS
servers.
Tomakethisdelegationpossible,DNSserverscanbreakupadomain’snamespace
intoadministrativeunitscalledzones.Adomainwithonlytwolevelsconsistsofonlya
singlezone,whichissynonymouswiththedomain.Athree-leveldomain,however,can
bedividedintomultiplezones.AzonecanbeanycontiguousbranchofaDNStreeand
canincludedomainsonmultiplelevels.Forexample,inthediagramshowninFigure153,theparis.zacker.comdomain,includingallofitssubdomainsandhosts,isonezone,
representedbyitsownDNSservers.Therestofthezacker.comdomain,including
newyork.zacker.com,chicago.zacker.com,andzacker.comitself,isanotherzone.Thus,a
zonecanbedefinedasanypartofadomain,includingitssubdomains,thatisnot
designatedaspartofanotherzone.
Figure15-3AzoneisanadministrativeentitythatcontainsabranchoftheDNStree.
EachzonemustberepresentedbyDNSserversthataretheauthorityforthatzone.A
singleDNSservercanbeauthoritativeformultiplezones,soyoucouldconceivablycreate
aseparatezoneforeachofthethird-leveldomainsinzacker.comandstillhaveonlytwo
setsofDNSservers.
DNSFunctions
DNSserversareaubiquitouspartofmostTCP/IPnetworks,evenifyouaren’tawareofit.
IfyouconnecttotheInternet,youuseaDNSservereachtimeyouenteraservernameor
URLintoawebbrowserorotherapplicationtoresolvethenameofthesystemyou
specifiedintoanIPaddress.Whenastand-alonecomputerconnectstoanInternetservice
provider(ISP),theISP’sserverusuallysuppliestheaddressesoftheDNSserversthatthe
systemwilluse.OnaTCP/IPnetwork,administratorsorusersconfigureclientswiththe
addressesoftheDNSserverstheywilluse.Thiscanbeamanualprocessperformedfor
eachworkstationoranautomaticprocessperformedusingaservicesuchasDynamicHost
ConfigurationProtocol(DHCP).TheenduserwillnotusuallyseetheIPaddressbecause
thisisalltakencareofinthebackground.
TCP/IPcommunicationsarebasedsolelyonIPaddresses.Beforeonesystemcan
communicatewithanother,itmustknowitsIPaddress.Often,theusersuppliesafriendly
name(suchasaDNSname)foradesiredservertoaclientapplication.Theapplication
mustthenresolvethatservernameintoanIPaddressbeforeitcantransmitamessageto
it.Ifthenameresolutionmechanismfailstofunction,nocommunicationwiththeserveris
possible.
VirtuallyallTCP/IPnetworksusesomeformoffriendlynameforhostsystemsand
includeamechanismforresolvingthosenamesintotheIPaddressesneededtoinitiate
communicationsbetweensystems.IfthenetworkisconnectedtotheInternet,DNSname
resolutionisanecessity.Privatenetworksdonotnecessarilyneedit,however.Microsoft
WindowsNTnetworks,forexample,useNetBIOSnamestoidentifytheirsystemsand
havetheirownmechanismsforresolvingthosenamesintoIPaddresses.These
mechanismsincludetheWindowsInternetNamingSystem(WINS)andalsothe
transmissionofbroadcastmessagestoeverysystemonthenetwork.NetBIOSnamesand
nameresolutionmechanismsdonotreplacetheDNS;theyareintendedforuseon
relativelysmall,privatenetworksandwouldnotbepracticalontheInternet.Acomputer
canhavebothaNetBIOSnameandaDNShostnameandusebothtypesofname
resolution.
ResourceRecords
DNSserversarebasicallydatabaseserversthatstoreinformationaboutthehostsand
subdomainforwhichtheyareresponsibleinresourcerecords(RRs).Whenyourunyour
ownDNSserver,youcreatearesourcerecordforeachhostnamethatyouwanttobe
accessiblebytherestofthenetwork.Thereareseveraldifferenttypesofresourcerecords
usedbyDNSservers,themostimportantofwhichareasfollows:
•Startofauthority(SOA)Indicatesthattheserveristhebestauthoritative
sourcefordataconcerningthezone.EachzonemusthaveanSOArecord,and
onlyoneSOArecordcanbeinazone.
•Nameserver(NS)IdentifiesaDNSserverfunctioningasanauthorityfor
thezone.EachDNSserverinthezone(whetherprimary,master,orslave)must
berepresentedbyanNSrecord.
•Address(A)Providesaname-to-addressmappingthatsuppliesanIP
addressforaspecificDNSname.Thisrecordtypeperformstheprimaryfunction
oftheDNS,convertingnamestoaddresses.
•PTR(Pointer)Providesanaddress-to-namemappingthatsuppliesaDNS
nameforaspecificaddressinthein-addr.arpadomain.Thisisthefunctional
oppositeofanArecord,usedforreverselookupsonly.
•Canonicalname(CNAME)Createsanaliasthatpointstothecanonical
name(thatis,the“real”name)ofahostidentifiedbyanArecord.CNAME
recordsareusedtoprovidealternativenamesbywhichsystemscanbeidentified.
Forexample,youmayhaveasystemwiththenameserver1.zacker.comonyour
networkthatyouuseasawebserver.Changingthehostnameofthecomputer
wouldconfuseyourusers,butyouwanttousethetraditionalnameofwwwto
identifythewebserverinyourdomain.OnceyoucreateaCNAMErecordforthe
namewww.zacker.comthatpointstoserver1.zacker.com,thesystemis
addressableusingeithername.
•Mailexchanger(MX)Identifiesasystemthatwilldirecte-mailtrafficsent
toanaddressinthedomaintotheindividualrecipient,amailgateway,oranother
mailserver.
InadditiontofunctioningastheauthorityforasmallsectionoftheDNSnamespace,
serversprocessclientnameresolutionrequestsbyeitherconsultingtheirownresource
recordsorforwardingtherequesttoanotherDNSserveronthenetwork.Theprocessof
forwardingarequestiscalledareferral,andthisishowalloftheDNSserversonthe
Internetworktogethertoprovideaunifiedinformationresourcefortheentiredomain
namespace.
DNSNameResolution
AllInternetapplicationsuseDNStoresolvehostnamesintoIPaddresses.Whenyoutype
aURLcontainingaDNSname(suchasmcgrawhill.com)intothebrowser’sAddressfield
andpressENTER,itiswhiletheapplicationgoesthroughtheprocessoffindingthesite
andconnectingthattheDNSnameresolutionprocessoccurs.
Fromtheclient’sperspective,theprocedurethatoccursduringthesefewseconds
consistsoftheapplicationsendingaquerymessagetoitsdesignatedDNSserverthat
containsthenametoberesolved.TheserverthenreplieswithamessagecontainingtheIP
addresscorrespondingtothatname.Usingthesuppliedaddress,theapplicationcanthen
transmitamessagetotheintendeddestination.ItisonlywhenyouexaminetheDNS
server’sroleintheprocessthatyouseehowcomplextheprocedurereallyis.
Resolvers
ThecomponentintheclientsystemthatgeneratestheDNSqueryiscalledaresolver.In
mostcases,theresolverisasimplesetoflibraryroutinesintheoperatingsystemthat
generatesthequeriestobesenttotheDNSserver,readstheresponseinformationfromthe
server’sreplies,andfeedstheresponsetotheapplicationthatoriginallyrequestedit.In
addition,aresolvercanresendaqueryifnoreplyisforthcomingafteragiventimeout
periodandcanprocesserrormessagesreturnedbytheserver,suchaswhenitfailsto
resolveagivenname.
DNSRequests
ATCP/IPclientusuallyisconfiguredwiththeaddressesoftwoDNSserverstowhichit
cansendqueries.AclientcansendaquerytoanyDNSserver;itdoesnothavetousethe
authoritativeserverforthedomaininwhichitbelongs,nordoestheserverhavetobeon
thelocalnetwork.UsingtheDNSserverthatisclosesttotheclientisbest,however,
becauseitminimizesthetimeneededformessagestotravelbetweenthetwosystems.A
clientneedsaccesstoonlyoneDNSserver,buttwoareusuallyspecifiedtoprovidea
backupincaseoneserverisunavailable.
TherearetwotypesofDNSqueries:recursiveanditerative.Whenaserverreceivesa
recursivequery,itisresponsiblefortryingtoresolvetherequestednameandfor
transmittingareplytotherequestor.Eveniftheserverdoesnotpossesstherequired
informationitself,itmustsenditsownqueriestootherDNSserversuntilitobtainsthe
requestedinformationoranerrormessagestatingwhytheinformationwasunavailable
andmustthenrelaytheinformationtotherequestor.Thesystemthatgeneratedthequery,
therefore,receivesareplyonlyfromtheoriginalservertowhichitsentthequery.The
resolversinclientsystemsnearlyalwayssendrecursivequeriestoDNSservers.
Whenaserverreceivesaniterativequery(alsocalledanonrecursivequery),itcan
eitherrespondwithinformationfromitsowndatabaseorrefertherequestortoanother
DNSserver.Therecipientofthequeryrespondswiththebestansweritcurrently
possesses,butisnotresponsibleforsearchingfortheinformation,aswitharecursive
query.DNSserversprocessingarecursivequeryfromaclienttypicallyuseiterative
queriestorequestinformationfromotherservers.ItispossibleforaDNSservertosenda
recursivequerytoanotherserver,thusineffect“passingthebuck”andforcingtheother
servertosearchfortherequestedinformation,butthisisconsideredbadformandisrarely
donewithoutpermission.
OneofthescenariosinwhichDNSserversdosendrecursivequeriestootherservers
iswhenyouconfigureaservertofunctionasaforwarder.Onanetworkrunningseveral
DNSservers,youmaynotwantalloftheserverssendingqueriestootherDNSserverson
theInternet.IfthenetworkhasarelativelyslowconnectiontotheInternet,forexample,
severalserverstransmittingrepeatedqueriesmayusetoomuchoftheavailable
bandwidth.
Topreventthis,someDNSimplementationsenableyoutoconfigureoneserverto
functionastheforwarderforallInternetqueriesgeneratedbytheotherserversonthe
network.AnytimethataserverhastoresolvetheDNSnameofanInternetsystemand
failstofindtheneededinformationinitscache,ittransmitsarecursivequerytothe
forwarder,whichisthenresponsibleforsendingitsowniterativequeriesovertheInternet
connection.Oncetheforwarderresolvesthename,itsendsareplytotheoriginalDNS
server,whichrelaysittotheclient.
Thisrequest-forwardingbehaviorisafunctionoftheoriginalserveronly.The
forwardersimplyreceivesstandardrecursivequeriesfromtheoriginalserverand
processesthemnormally.Aservercanbeconfiguredtouseaforwarderineitherexclusive
ornonexclusivemode.Inexclusivemode,theserverreliescompletelyontheforwarderto
resolvetherequestedname.Iftheforwarder’sresolutionattemptfails,theserverrelaysa
failuremessagetotheclient.Aserverthatusesaforwarderinexclusivemodeiscalleda
slave.Innonexclusivemode,iftheforwarderfailstoresolvethenameandtransmitsan
errormessagetotheoriginalserver,thatservermakesitsownresolutionattemptbefore
respondingtotheclient.
RootNameServers
Inmostcases,DNSserversthatdonotpossesstheinformationneededtoresolveaname
requestedbyaclientsendtheirfirstiterativequerytooneoftheInternet’srootname
servers.Therootnameserverspossessinformationaboutallofthetop-leveldomainsin
theDNSnamespace.WhenyoufirstinstallaDNSserver,theonlyaddressesthatitneeds
toprocessclientrequestsarethoseoftherootnameserversbecausetheseserverscansend
arequestforanameinanydomainonitswaytotheappropriateauthority.
TherootnameserverscontaintheaddressesoftheauthoritativeserversforallthetopleveldomainsontheInternet.Infact,therootnameserversaretheauthoritiesforcertain
top-leveldomains,buttheycanalsoreferqueriestotheappropriateserverforanyofthe
othertop-leveldomains,includingthecountry-codedomains,whicharescatteredallover
theworld.Therearecurrently13rootnameservers,andtheyprocessmillionsofrequests
eachday.Theserversarealsoscatteredwidelyandconnectedtodifferentnetworktrunks,
sothechancesofallofthembeingunavailableareminimal.Ifthisweretooccur,virtually
allDNSnameresolutionwouldcease,andtheInternetwouldbecrippled.
Currently,theNTIAadministersauthoritythroughICANNovertheserootname
servers.However,inMarch2014,theNTIAannounceditwillcedeauthoritytoanother
organization,whichhasnotyetbeenidentified.
ResolvingaDomainName
Withtheprecedingpiecesinplace,youarenowreadytoseehowtheDNSserverswork
togethertoresolvethenameofaserverontheInternet(seeFigure15-4).Theprocessisas
follows:
Figure15-4DNSserverscommunicateamongthemselvestolocatetheinformationrequestedbyaclient.
1.AuseronaclientsystemspecifiestheDNSnameofanInternetserverinan
applicationsuchasawebbrowserorFileTransferProtocol(FTP)client.
2.Theapplicationgeneratesanapplicationprogramminginterface(API)callto
theresolverontheclientsystem,andtheresolvercreatesaDNSrecursivequery
messagecontainingtheservername.
3.TheclientsystemtransmitstherecursivequerymessagetotheDNSserver
identifiedinitsTCP/IPconfiguration.
4.Theclient’sDNSserver,afterreceivingthequery,checksitsresource
recordstoseewhetheritistheauthoritativesourceforthezonecontainingthe
requestedservername.Ifitistheauthority,itgeneratesareplymessageand
transmitsittotheclient.IftheDNSserverisnottheauthorityforthedomainin
whichtherequestedserverislocated,itgeneratesaniterativequeryandsubmitsit
tooneoftherootnameservers.
5.TherootnameserverexaminesthenamerequestedbytheoriginalDNS
serverandconsultsitsresourcerecordstoidentifytheauthoritativeserversforthe
name’stop-leveldomain.Becausetherootnameserverreceivedaniterative
request,itdoesnotsenditsownrequesttothetop-leveldomainserver.Instead,it
transmitsareplytotheoriginalDNSserverthatcontainsareferraltothetop-level
domainserveraddresses.
6.TheoriginalDNSserverthengeneratesanewiterativequeryandtransmitsit
tothetop-leveldomainserver.Thetop-leveldomainserverexaminesthesecondleveldomainintherequestednameandtransmitstotheoriginalserverareferral
containingtheaddressesofauthoritativeserversforthatsecond-leveldomain.
7.Theoriginalservergeneratesyetanotheriterativequeryandtransmitsitto
thesecond-leveldomainserver.Iftherequestednamecontainsadditionaldomain
names,thesecond-leveldomainserverreplieswithanotherreferraltothethirdleveldomainservers.Thesecond-leveldomainservermayalsorefertheoriginal
servertotheauthoritiesforadifferentzone.Thisprocesscontinuesuntilthe
originalserverreceivesareferraltothedomainserverthatistheauthorityforthe
domainorzonecontainingtherequestedhost.
8.Oncetheauthoritativeserverforthedomainorzonecontainingthehost
receivesaqueryfromtheoriginalserver,itconsultsitsresourcerecordsto
determinetheIPaddressoftherequestedsystemandtransmitsitinareply
messagetothatoriginalserver.
9.Theoriginalserverreceivesthereplyfromtheauthoritativeserverand
transmitstheIPaddressbacktotheresolverontheclientsystem.Theresolver
relaystheaddresstotheapplication,whichcantheninitiatecommunicationswith
thesystemspecifiedbytheuser.
Thisprocedureassumesasuccessfulcompletionofthenameresolutionprocedure.If
anyoftheauthoritativeDNSserversqueriedreturnsanerrormessagetotheoriginal
serverstating,forexample,thatoneofthedomainsinthenamedoesnotexist,thiserror
messageisrelayedtotheclientandthenameresolutionprocessissaidtohavefailed.
DNSServerCaching
Thisprocessmayseemextremelylongandcomplex,butinmanycases,itisn’tnecessary
fortheclient’sDNSservertosendqueriestotheserversforeachdomainspecifiedinthe
requestedDNSname.DNSserversarecapableofretainingtheinformationtheylearn
abouttheDNSnamespaceinthecourseoftheirnameresolutionproceduresandstoringit
inacacheonthelocaldrive.
ADNSserverthatreceivesrequestsfromclients,forexample,cachestheaddressesof
therequestedsystems,aswellastheaddressesforparticulardomains’authoritative
servers.Thenexttimethataclienttransmitsarequestforapreviouslyresolvedname,the
servercanrespondimmediatelywiththecachedinformation.Inaddition,ifaclient
requestsanothernameinoneofthesamedomains,theservercansendaquerydirectlyto
anauthoritativeserverforthatdomain,andnottoarootnameserver.Thus,usersshould
generallyfindthatnamesincommonlyaccesseddomainsresolvemorequicklybecause
oneoftheserversalongthelinehasinformationaboutthedomaininitscache,while
namesinobscuredomainstakelongerbecausetheentirerequest/referralprocessis
needed.
NegativeCachingInadditiontostoringinformationthataidsinthenameresolution
process,mostmodernDNSserverimplementationsarecapableofnegativecaching.
NegativecachingoccurswhenaDNSserverretainsinformationaboutnamesthatdonot
existinadomain.If,forexample,aclientsendsaquerytoitsDNSservercontaininga
nameinwhichthesecond-leveldomaindoesnotexist,thetop-leveldomainserverwill
returnareplycontaininganerrormessagetothateffect.Theclient’sDNSserverwillthen
retaintheerrormessageinformationinitscache.Thenexttimeaclientrequestsanamein
thatdomain,theDNSserverwillbeabletorespondimmediatelywithitsownerror
message,withoutconsultingthetop-leveldomain.
CacheDataPersistenceCachingisavitalelementoftheDNSarchitecturebecauseit
reducesthenumberofrequestssenttotherootnameandtop-leveldomainservers,which,
beingatthetopoftheDNStree,arethemostlikelytoactasabottleneckforthewhole
system.However,cachesmustbepurgedeventually,andthereisafinelinebetween
effectiveandineffectivecaching.BecauseDNSserversretainresourcerecordsintheir
caches,itcantakehoursorevendaysforchangesmadeinanauthoritativeservertobe
propagatedaroundtheInternet.Duringthisperiod,usersmayreceiveincorrect
informationinresponsetoaquery.Ifinformationremainsinservercachestoolong,the
changesthatadministratorsmaketothedataintheirDNSserverstaketoolongto
propagatearoundtheInternet.Ifcachesarepurgedtooquickly,thenumberofrequests
senttotherootnameandtop-leveldomainserversincreasesprecipitously.
TheamountoftimethatDNSdataremainscachedonaserveriscalleditstimetolive
(TTL).Unlikemostdatacaches,thetimetoliveisnotspecifiedbytheadministratorof
theserverwherethecacheisstored.Instead,theadministratorsofeachauthoritativeDNS
serverspecifyhowlongthedatafortheresourcerecordsintheirdomainsorzonesshould
beretainedintheserverswhereitiscached.Thisenablesadministratorstospecifyatimeto-livevaluebasedonthevolatilityoftheirserverdata.OnanetworkwherechangesinIP
addressesortheadditionofnewresourcerecordsisfrequent,alowertime-to-livevalue
increasesthelikelihoodthatclientswillreceivecurrentdata.Onanetworkthatrarely
changes,youcanusealongertime-to-livevalueandminimizethenumberofrequestssent
totheparentserversofyourdomainorzone.
DNSLoadBalancing
Inmostcases,DNSserversmaintainoneIPaddressforeachhostname.However,there
aresituationsinwhichmorethanoneIPaddressisrequired.Inthecaseofahighly
traffickedwebsite,forexample,oneservermaynotbesufficienttosupportallofthe
clients.Tohavemultiple,identicalserverswiththeirownIPaddresseshostingthesame
site,somemechanismisneededtoensurethatclientrequestsarebalancedamongthe
machines.
Onewayofdoingthisistocontrolhowtheauthoritativeserversforthedomainon
whichthesiteislocatedresolvetheDNSnameofthewebserver.SomeDNSserver
implementationsenableyoutocreatemultipleresourcerecordswithdifferentIPaddresses
forthesamehostname.Astheserverrespondstoqueriesrequestingresolutionofthat
name,itusestheresourcerecordsinarotationalfashiontosupplytheIPaddressofa
differentmachinetoeachclient.
DNScachingtendstodefeattheeffectivenessofthisrotationalsystembecauseservers
usethecachedinformationaboutthesite,ratherthanissuinganewqueryandpossibly
receivingtheaddressforanothersystem.Asaresult,itisgenerallyrecommendedthatyou
usearelativelyshorttime-to-livevaluefortheduplicatedresourcerecords.
ReverseNameResolution
TheDomainNameSystemisdesignedtofacilitatetheresolutionofDNSnamesintoIP
addresses,buttherearealsoinstancesinwhichIPaddresseshavetoberesolvedintoDNS
names.Theseinstancesarerelativelyrare.Inlogfiles,forexample,somesystemsconvert
IPaddressestoDNSnamestomakethedatamorereadilyaccessibletohumanreaders.
Certainsystemsalsousereversenameresolutioninthecourseofauthentication
procedures.
ThestructureoftheDNSnamespaceandthemethodbywhichit’sdistributedamong
variousserversisbasedonthedomainnamehierarchy.Whentheentiredatabaseis
locatedononesystem,suchasinthecaseofahosttable,searchingforaparticular
addresstofindoutitsassociatednameisnodifferentfromsearchingforanametofindan
address.However,locatingaparticularaddressintheDNSnamespacewouldseemto
requireasearchofalloftheInternet’sDNSservers,whichisobviouslyimpractical.
Tomakereversenameresolutionpossiblewithoutperformingamassivesearchacross
theentireInternet,theDNStreeincludesaspecialbranchthatusesthedotteddecimal
valuesofIPaddressesasdomainnames.Thisbranchstemsfromadomaincalledinaddr.arpa,whichislocatedjustbeneaththerootoftheDNStree,asshowninFigure15-5.
Justbeneaththein-addrdomain,thereare256subdomainsnamedusingthenumbers0to
255torepresentthepossiblevaluesofanIPaddress’sfirstbyte.Eachofthesesubdomains
containsanother256subdomainsrepresentingthepossiblevaluesofthesecondbyte.The
nextlevelhasanother256domains,eachofwhichcanhaveupto256numberedhosts,
whichrepresentthethirdandfourthbytesoftheaddress.
Figure15-5Thein-addr.arpadomainhierarchy
Usingthein-addr.arpadomainstructure,eachofthehostsrepresentedbyastandard
nameonaDNSserveralsohasanequivalentDNSnameconstructedusingitsIPaddress.
Therefore,ifasystemwiththeIPaddress192.168.214.23islistedintheDNSserverfor
thezacker.comdomainwiththehostnamewww,thereisalsoaresourcerecordforthat
systemwiththeDNSname23.214.168.192.in-addr.arpa,meaningthatthereisahostwith
thename23inadomaincalled214.168.192.in-addr.arpa,asshowninFigure15-6.This
domainstructuremakesitpossibleforasystemtosearchfortheIPaddressofahostina
domain(orzone)withouthavingtoconsultotherserversintheDNStree.Inmostcases,
youcanconfigureaDNSservertoautomaticallycreateanequivalentresourcerecordin
thein-addr.arpadomainforeveryhostyouaddtothestandarddomainnamespace.
Figure15-6EachhostintheDNSdatabasehastworesourcerecords.
ThebytevaluesofIPaddressesarereversedinthein-addr.arpadomainbecauseina
DNSname,theleastsignificantwordcomesfirst,whereasinIPaddresses,theleast
significantbytecomeslast.Inotherwords,aDNSnameisstructuredwiththerootofthe
DNStreeontherightsideandthehostnameontheleft.InanIPaddress,thehost
identifierisontheright,andthenetworkidentifierisontheleft.Itwouldbepossibleto
createadomainstructureusingtheIPaddressbytesintheirregularorder,butthiswould
complicatetheadministrationprocessbymakingithardertodelegatemaintenancetasks
basedonnetworkaddresses.
DNSNameRegistration
Asyouhavealreadylearned,nameresolutionistheprocessbywhichIPaddress
informationforahostnameisextractedfromtheDNSdatabase.Theprocessbywhich
hostnamesandtheiraddressesareaddedtothedatabaseiscallednameregistration.Name
registrationreferstotheprocessofcreatingnewresourcerecordsonaDNSserver,thus
makingthemaccessibletoalloftheotherDNSserversonthenetwork.
ThenameregistrationprocessonatraditionalDNSserverisdecidedlylow-tech.
Thereisnomechanismbywhichtheservercandetectthesystemsonthenetworkand
entertheirhostnamesandIPaddressesintoresourcerecords.Infact,acomputermaynot
evenbeawareofitshostnamebecauseitreceivesallofitscommunicationsusingIP
addressesandneverhastoanswertoitsname.
ToregisterahostintheDNSnamespace,anadministratorhastomanuallycreatea
resourcerecordontheserver.Themethodforcreatingresourcerecordsvariesdepending
ontheDNSserverimplementation.Unix-basedserversrequireyoutoeditatextfile,
whileMicrosoftDNSServerusesagraphicalinterface.
ManualNameRegistration
ThemanualnameregistrationprocessisanadaptationofthehosttableforuseonaDNS
server.Itiseasytoseehow,intheearlydays,administratorswereabletoimplementDNS
serversontheirnetworkbyusingtheirhosttableswithslightmodifications.Today,
however,themanualnameregistrationprocesscanbeproblematiconsomenetworks.
Ifyouhavealargenumberofhosts,manuallycreatingresourcerecordsforallofthem
canbeatediousaffair,evenwithagraphicalinterface.However,dependingonthenature
ofthenetwork,itmaynotbenecessarytoregistereverysystemintheDNS.If,for
example,youarerunningaWindowsNTnetworkusingunregisteredIPaddresses,you
maynotneedyourownDNSserveratall,exceptpossiblytoprocessclientname
resolutionrequests.WindowsNTnetworkshavetheirownNetBIOSnamingsystemand
nameresolutionmechanisms,andyougenerallydon’tneedtorefertothemusingDNS
names.
TheexceptionstothiswouldbesystemswithregisteredIPaddressesthatyouuseas
webserversorothertypesofInternetservers.ThesemustbevisibletoInternetusersand,
therefore,musthaveahostnameinaregisteredDNSdomain.Inmostcases,thenumber
ofsystemslikethisonanetworkissmall,somanuallycreatingtheresourcerecordsisnot
muchofaproblem.IfyouhaveUnixsystemsonyournetwork,however,youaremore
likelytouseDNStoidentifythemusingnames,andinthiscase,youmustcreateresource
recordsforthem.
DynamicUpdates
Asnetworksgrowlargerandmorecomplex,thebiggestproblemarisingfrommanual
nameregistrationstemsfromtheincreasinguseofDHCPserverstodynamicallyassignIP
addressestonetworkworkstations.ThemanualconfigurationofTCP/IPclientsisanother
long-standingnetworkadministrationchorethatisgraduallybeingphasedoutinfavorof
anautomatedsolution.AssigningIPaddressesdynamicallymeansthatworkstationscan
havedifferentaddressesfromonedaytothenext,andtheoriginalDNSstandardhasno
wayofkeepingupwiththechanges.
OnnetworkswhereonlyafewservershavetobevisibletotheInternet,itwasn’ttoo
greataninconveniencetoconfigurethemmanuallywithstaticIPaddressesanduseDHCP
fortheunregisteredsystems.ThissituationchangedwiththeadventofWindows2000and
ActiveDirectory.WindowsNTnetworksusedWINStoresolveNetBIOSnamesintoIP
addresses,butnameregistrationwasautomaticwithWINS.WINSautomaticallyupdated
itsdatabaserecordforaworkstationassignedanewIPaddressbyaDHCPserversothat
noadministratorinterventionwasrequired.ActiveDirectory,however,reliedheavilyon
DNSinsteadofWINStoresolvethenamesofsystemsonthenetworkandtokeeptrackof
thedomaincontrollersavailableforusebyclientworkstations.
TomaketheuseofDNSpractical,membersoftheIETFdevelopedanew
specification,publishedasRFC2136,“DynamicUpdatesintheDomainNameSystem.”
ThisdocumentdefinedanewDNSmessagetype,calledanUpdate,withwhichsystems
suchasdomaincontrollersandDHCPserverscouldgenerateandtransmittoaDNS
server.TheseUpdatemessagesmodifyordeleteexistingresourcerecordsorcreatenew
ones,basedonprerequisitesspecifiedbytheadministrator.
ZoneTransfers
MostnetworksuseatleasttwoDNSserverstoprovidefaulttoleranceandtogiveclients
accesstoanearbyserver.Becausetheresourcerecords(inmostcases)havetobecreated
andupdatedmanuallybyadministrators,theDNSstandardsdefineamechanismthat
replicatestheDNSdataamongtheservers,thusenablingadministratorstomakethe
changesonlyonce.
ThestandardsdefinetwoDNSserverroles:theprimarymasterandthesecondary
master,orslave.Theprimarymasterserverloadsitsresourcerecordsandother
informationfromthedatabasefilesonthelocaldrive.Theslave(orsecondarymaster)
serverreceivesitsdatafromanotherserverinaprocesscalledazonetransfer,whichthe
slaveperformseachtimeitstartsandperiodicallythereafter.Theserverfromwhichthe
slavereceivesitsdataiscalleditsmasterserver,butitneednotbetheprimarymaster.A
slavecanreceivedatafromtheprimarymasteroranotherslave.
Zonetransfersareperformedforindividualzones,andbecauseasingleservercanbe
theauthorityformultiplezones,morethanonetransfermaybeneededtoupdateallofa
slaveserver’sdata.Inaddition,theprimarymasterandslaverolesarezonespecific.A
servercanbetheprimarymasterforonezoneandtheslaveforanother,althoughthis
practicegenerallyshouldnotbenecessaryandislikelytogeneratesomeconfusion.
Althoughslaveserversreceiveperiodiczonetransfersfromtheirprimaries,theyare
alsoabletoloaddatabasefilesfromtheirlocaldrives.Whenaslaveserverreceivesazone
transfer,itupdatesthelocaldatabasefiles.Eachtimetheslaveserverstarts,itloadsthe
mostcurrentresourcerecordsithasfromthedatabasefilesandthenchecksthisdatawith
theprimarymastertoseewhetheranupdateisneeded.Thispreventszonetransfersfrom
beingperformedneedlessly.
DNSMessaging
DNSnameresolutiontransactionsuseUserDatagramProtocol(UDP)datagramsonport
53forserversandonanephemeralportnumberforclients.Communicationbetweentwo
serversusesport53onbothmachines.Incasesinwhichthedatatobetransmitteddoes
notfitinasingleUDPdatagram,inthecaseofzonetransfers,thetwosystemsestablisha
standardTCPconnection,alsousingport53onbothmachines,andtransmitthedatausing
asmanypacketsasneeded.
TheDomainNameSystemusesasinglemessageformatforallofitscommunications
thatconsistsofthefollowingfivesections:
•HeaderContainsinformationaboutthenatureofthemessage
•QuestionContainstheinformationrequestedfromthedestinationserver
•AnswerContainsRRssupplyingtheinformationrequestedintheQuestion
section
•AuthorityContainsRRspointingtoanauthorityfortheinformation
requestedintheQuestionsection
•AdditionalContainsRRswithadditionalinformationinresponsetothe
Questionsection
EveryDNSmessagehasaHeadersection,andtheotherfoursectionsareincluded
onlyiftheycontaindata.Forexample,aquerymessagecontainstheDNSnametobe
resolvedintheQuestionsection,buttheAnswer,Authority,andAdditionalsectionsaren’t
needed.Whentheserverreceivingthequeryconstructsitsreply,itmakessomechangesto
theHeadersection,leavestheQuestionsectionintact,andaddsentriestooneormoreof
theremainingthreesections.Eachsectioncanhavemultipleentriessothataservercan
sendmorethanoneresourcerecordinasinglemessage.
TheDNSHeaderSection
TheHeadersectionoftheDNSmessagecontainscodesandflagsthatspecifythefunction
ofthemessageandthetypeofservicerequestedfromorsuppliedbyaserver.Figure15-7
showstheformatoftheHeadersection.
Figure15-7TheDNSHeadersectionformat
ThefunctionsoftheHeaderfieldsareasfollows:
•ID,2bytesContainsanidentifiervalueusedtoassociatequerieswith
replies.
•Flags,2bytesContainsflagbitsusedtoidentifythefunctionsand
propertiesofthemessage,asfollows:
•QR,1bitSpecifieswhetherthemessageisaquery(value0)ora
response(value1).
•OPCODE,4bitsSpecifiesthetypeofquerythatgeneratedthemessage.
Responsemessagesretainthesamevalueforthisfieldasthequerytowhich
theyareresponding.Possiblevaluesareasfollows:
•0Standardquery(QUERY)
•1Inversequery(IQUERY)
•2Serverstatusrequest(STATUS)
•3–15Unused
•AA(AuthoritativeAnswer),1bitIndicatesthataresponsemessagehas
beengeneratedbyaserverthatistheauthorityforthedomainorzoneinwhich
therequestednameislocated.
•TC(Truncation),1bitIndicatesthatthemessagehasbeentruncated
becausetheamountofdataexceedsthemaximumsizeforthecurrenttransport
mechanism.InmostDNSimplementations,thisbitfunctionsasasignalthatthe
messageshouldbetransmittedusingaTCPconnectionratherthanaUDP
datagram.
•RD(RecursionDesired),1bitInaquery,indicatesthatthedestination
servershouldtreatthemessageasarecursivequery.Inaresponse,indicatesthat
themessageistheresponsetoarecursivequery.Theabsenceofthisflagindicates
thatthequeryisiterative.
•RA(RecursionAvailable),1bitSpecifieswhetheraserverisconfiguredto
processrecursivequeries.
•Z,3bitsUnused.
•RCODE(ResponseCode),4bitsSpecifiesthenatureofaresponse
message,indicatingwhenanerrorhasoccurredandwhattypeoferror,usingthe
followingvalues:
•0Noerrorhasoccurred.
•1–FormatErrorIndicatesthattheserverwasunabletounderstandthe
query.
•2–ServerFailureIndicatesthattheserverwasunabletoprocessthe
query.
•3–NameErrorUsedbyauthoritativeserversonlytoindicatethata
requestednameorsubdomaindoesnotexistinthedomain.
•4–NotImplementedIndicatesthattheserverdoesnotsupportthetype
ofqueryreceived.
•5–RefusedIndicatesthatserverpolicies(suchassecuritypolicies)have
preventedtheprocessingofthequery.
•6–15Unused.
•QDCOUNT,2bytesSpecifiesthenumberofentriesintheQuestion
section.
•ANCOUNT,2bytesSpecifiesthenumberofentriesintheAnswersection.
•NSCOUNT,2bytesSpecifiesthenumberofnameserverRRsinthe
Authoritysection.
•ARCOUNT,2bytesSpecifiesthenumberofentriesintheAdditional
section.
TheDNSQuestionSection
TheQuestionsectionofaDNSmessagecontainsthenumberofentriesspecifiedinthe
header’sQDCOUNTfield.Inmostcases,thereisonlyoneentry.Eachentryisformatted
asshowninFigure15-8.
Figure15-8TheDNSQuestionsectionformat
Thefunctionsofthefieldsareasfollows:
•QNAME,variableContainstheDNS,domain,orzonenameaboutwhich
informationisbeingrequested
•QTYPE,2bytesContainsacodethatspecifiesthetypeofRRthequeryis
requesting
•QCLASS,2bytesContainsacodethatspecifiestheclassoftheRRbeing
requested
DNSResourceRecordSections
ThethreeremainingsectionsofaDNSmessage,theAnswer,Authority,andAdditional
sections,eachcontainresourcerecordsthatusetheformatshowninFigure15-9.The
numberofresourcerecordsineachsectionisspecifiedintheheader’sANCOUNT,
NSCOUNT,andRCOUNTfields.
Figure15-9TheformatoftheDNSAnswer,Authority,andAdditionalsections
Thefunctionsofthefieldsareasfollows:
•NAME,variableContainstheDNS,domain,orzonenameaboutwhich
informationisbeingsupplied.
•TYPE,2bytesContainsacodethatspecifiesthetypeofRRtheentry
contains.
•CLASS,2bytesContainsacodethatspecifiestheclassoftheRR.
•TTL,4bytesSpecifiestheamountoftime(inseconds)thattheRRshould
becachedintheservertowhichitisbeingsupplied.
•RDLENGTH,2bytesSpecifiesthelength(inbytes)oftheRDATAfield.
•RDATA,variableContainsRRdata,thenatureofwhichisdependentonits
TYPEandCLASS.ForanA-typerecordintheINclass,forexample,thisfield
containstheIPaddressassociatedwiththeDNSnamesuppliedintheNAME
field.
Differenttypesofresourcerecordshavedifferentfunctionsand,therefore,may
containdifferenttypesofinformationintheRDATAfield.Mostresourcerecords,suchas
theNS,A,PTR,andCNAMEtypes,haveonlyasinglenameoraddressinthisfield,
whileothershavemultiplesubfields.TheSOAresourcerecordisthemostcomplexinthe
DomainNameSystem.Forthisrecord,theRDATAfieldisbrokenupintosevensubfields.
ThefunctionsoftheSOAresourcerecordsubfieldsareasfollows:
•MNAME,variableSpecifiestheDNSnameoftheprimarymasterserver
thatwasthesourcefortheinformationaboutthezone.
•RNAME,variableSpecifiesthee-mailaddressoftheadministrator
responsibleforthezonedata.Thisfieldhasnoactualpurposeasfarastheserver
isconcerned;itisstrictlyinformational.Thevalueforthisfieldtakestheformof
aDNSname.Standardpracticecallsfortheperiodafterthefirstwordtobe
[email protected]ailaddress.
•SERIAL,4bytesContainsaserialnumberthatisusedtotrack
modificationstothezonedataontheprimarymasterserver.Thevalueofthis
fieldisincremented(eithermanuallyorautomatically)ontheprimarymaster
servereachtimethezonedataismodified,andtheslavecomparesitsvaluetothe
onesuppliedbytheprimarymastertodeterminewhetherazonetransferis
necessary.
•REFRESH,4bytesSpecifiesthetimeinterval(inseconds)atwhichthe
slaveshouldtransmitanSOAquerytotheprimarymastertodeterminewhethera
zonetransferisneeded.
•RETRY,4bytesSpecifiesthetimeinterval(inseconds)atwhichtheslave
shouldmakerepeatattemptstoconnecttotheprimarymasterafteritsinitial
attemptfails.
•EXPIRE,4bytesSpecifiesthetimeinterval(inseconds)afterwhichthe
slaveserver’sdatashouldexpire,intheeventthatitcannotcontacttheprimary
masterserver.Oncethedatahasexpired,theslaveserverstopsrespondingto
queries.
•MINIMUM,4bytesSpecifiesthetime-to-liveinterval(inseconds)thatthe
servershouldsupplyforalloftheresourcerecordsinitsresponsestoqueries.
DNSMessageNotation
ThelatterfoursectionsoftheDNSmessagearelargelyconsistentinhowtheynotatethe
informationintheirfields.DNS,domain,andzonenamesareallexpressedinthesame
way,andthesectionsallusethesamevaluesfortheresourcerecordtypeandclasscodes.
TheonlyexceptionsareafewadditionalcodesthatareusedonlyintheQuestionsection,
calledQTYPESandQCLASSES,respectively.Thefollowingsectionsdescribehowthese
valuesareexpressedintheDNSmessage.
DNSNameNotation
Dependingonthefunctionofthemessage,anyorallofthefoursectionscancontainthe
fullyqualifiednameofahostsystem,thenameofadomain,orthenameofazoneona
server.Thesenamesareexpressedasaseriesofunits,calledlabels,eachofwhich
representsasinglewordinthename.Theperiodsbetweenthewordsarenotincluded,so
todelineatethewords,eachlabelbeginswithasinglebytethatspecifiesthelengthofthe
word(inbytes),afterwhichthespecifiednumberofbytesfollows.Thisisrepeatedfor
eachwordinthename.Afterthefinalwordofafullyqualifiedname,abytewiththe
valueof0isincludedtorepresentthenullvalueoftherootdomain.
ResourceRecordTypes
AllofthedatadistributedbytheDomainNameSystemisstoredinresourcerecords.
Querymessagesrequestcertainresourcerecordsfromservers,andtheserversreplywith
thoseresourcerecords.TheQTYPEfieldinaQuestionsectionentryspecifiesthetypeof
resourcerecordbeingrequestedfromtheserver,andtheTYPEfieldsintheAnswer,
Authority,andAdditionalsectionentriesspecifythetypeofresourcerecordsuppliedby
theserverineachentry.Table15-1containstheresourcerecordtypesandthecodesused
torepresenttheminthesefields.Allofthevaluesinthistablearevalidforboththe
QTYPEandTYPEfields.Table15-2containsfouradditionalvaluesthatrepresentsetsof
resourcerecordsthatarevalidfortheQTYPEfieldinQuestionsectionentriesonly.
Table15-1DNSResourceRecordTypesandValuesforUseintheTYPEorQTYPEField
Table15-2AdditionalValuesRepresentingSetsofResourceRecordsforUseintheQTYPEFieldOnly
ClassTypes
TheQCLASSfieldintheQuestionsectionandtheCLASSfieldintheAnswer,Authority,
andAdditionalsectionsspecifythetypeofnetworkforwhichinformationisbeing
requestedorsupplied.Althoughtheyperformedavalidfunctionatonetime,thesefields
arenowessentiallymeaninglessbecausevirtuallyallDNSmessagesusetheINclass.
CSNETandCHAOSclassnetworksareobsolete,andtheHesiodclassisusedforonlya
fewexperimentalnetworksatMIT.Foracademicpurposesonly,thevaluesfortheCLASS
andQCLASSvaluesareshowninTables15-3and15-4.
Table15-3ValuesfortheResourceRecordCLASSandQCLASSFields
Table15-4AdditionalValuefortheResourceRecordQCLASSFieldOnly
NameResolutionMessages
TheprocessofresolvingaDNSnameintoanIPaddressbeginswiththegenerationofa
querybytheresolverontheclientsystem.Figure15-10showsaquerymessage,captured
inanetworkmonitorprogram,generatedbyawebbrowsertryingtoconnecttotheURL
www.zacker.com/.Thevalueofthemessage’sOPCODEflagis0,indicatingthatthisisa
regularquery,andtheRDflaghasavalueof1,indicatingthatthisisarecursivequery.As
aresult,theDNSserverreceivingthequery(whichiscalledCZ1)willberesponsiblefor
resolvingtheDNSnameandreturningtheresultstotheclient.TheQDCOUNTfield
indicatesthatthereisoneentryintheQuestionsectionandnoentriesinthethreeresource
recordsections,whichisstandardforaquerymessage.TheQuestionsectionspecifiesthe
DNSnametoberesolved(www.zacker.com)andthetype(1=A)andclass(1=IN)of
theresourcerecordbeingrequested.
Figure15-10Thenameresolutionquerymessagegeneratedbytheresolver
CZ1isnottheauthoritativeserverforthezacker.comdomain,nordoesithavethe
requestedinformationinitscache,soitmustgenerateitsownqueries.CZ1firstgenerates
aquerymessageandtransmitsittooneoftherootnameservers(198.41.0.4)configured
intotheserversoftware.TheentryintheQuestionsectionisidenticaltothatoftheclient’s
querymessage.Theonlydifferencesinthisqueryarethattheserverhasincludeda
differentvalueintheIDfield(4114)andhaschangedthevalueoftheRDflagto0,
indicatingthatthisisaniterativequery.
TheresponsethatCZ1receivesfromtherootnameserverbypassesonestepofthe
processbecausethisrootnameserverisalsotheauthoritativeserverforthecomtop-level
domain.Asaresult,theresponsecontainstheresourcerecordthatidentifiesthe
authoritativeserverforthezacker.comdomain.IftherequestedDNSnamehadbeenina
top-leveldomainforwhichtherootnameserverwasnotauthoritative,suchasoneofthe
country-codedomains,theresponsewouldcontainaresourcerecordidentifyingthe
properauthoritativeservers.
TheresponsemessagefromtherootdomainserverhasaQRbitthathasavalueof1,
indicatingthatthisisaresponsemessage,andthesameIDvalueastherequest,enabling
CZ1toassociatethetwomessages.TheQDCOUNTfieldagainhasavalueof1because
theresponseretainstheQuestionsection,unmodified,fromthequerymessage.The
NSCOUNTandARCOUNTfieldsindicatethattherearetwoentrieseachintheAuthority
andAdditionalsections.ThefirstentryintheAuthoritysectioncontainstheNSresource
recordforoneoftheauthoritativeserversforzacker.comknowntotherootname/topleveldomainserver,andthesecondentrycontainstheNSrecordfortheother.Thetype
andclassvaluesarethesameasthoserequestedinthequerymessage;thetime-to-live
valueassignedtobothrecordsis172,800seconds(48hours).TheRDATAfieldinthefirst
entryis16byteslongandcontainstheDNSnameofthefirstauthoritativeserver
(ns1.secure.net).TheRDATAfieldinthesecondentryisonly6byteslongandcontains
onlythehostname(ns2)fortheotherauthoritativeserversinceit’sinthesamedomainas
thefirstone.
TheseAuthoritysectionentriesidentifytheserversthatCZ1needstocontactto
resolvethewww.zacker.comdomainname,butitdoessousingDNSnames.Toprevent
CZ1fromhavingtogothroughthiswholeprocessagaintoresolvens1.secure.netand
ns2.secure.netintoIPaddresses,therearetwoentriesintheAdditionalsectionthatcontain
theAresourcerecordsforthesetwoservers,whichincludetheirIPaddresses.
Usingtheinformationcontainedinthepreviousresponse,CZ1transmitsaqueryto
thefirstauthoritativeserverforthezacker.comdomain(ns1.secure.net–192.41.1.10).
Exceptforthedestinationaddress,thisqueryisidenticaltotheonethatCZ1senttothe
rootnameserver.TheresponsemessagethatCZ1receivesfromthens1.secure.netserver
(finally)containstheinformationthattheclientoriginallyrequested.Thismessage
containstheoriginalQuestionsectionentryandtwoentrieseachintheAnswer,Authority,
andAdditionalsections.
ThefirstentryintheAnswersectioncontainsaresourcerecordwithaTYPEvalueof
5(CNAME)andatime-to-livevalueof86,400seconds(24hours).Theinclusionofa
CNAMEresourcerecordinaresponsetoaqueryrequestinganArecordindicatesthatthe
hostnamewwwexistsinthezacker.comdomainonlyasacanonicalname(thatis,analias
foranothername),whichisspecifiedintheRDATAfieldaszacker.com.Thesecondentry
intheAnswersectioncontainstheAresourcerecordforthenamezacker.com,which
specifiestheIPaddress192.41.15.74intheRDATAfield.ThisistheIPaddressthatthe
clientsystemmustusetoreachthewww.zacker.comwebserver.Theentriesinthe
AuthorityandAdditionalsectionsspecifythenamesandaddressesoftheauthoritative
serverforzacker.comandareidenticaltotheequivalententriesintheresponsemessage
fromtherootnameserver.
RootNameServerDiscovery
EachtimetheDNSserverstarts,itloadstheinformationstoredinitsdatabasefiles.One
ofthesefilescontainsrootnameserverhints.Actually,thisfilecontainsthenamesand
addressesofalltherootnameservers,buttheDNSserver,insteadofrelyingonthisdata,
usesittosendaquerytothefirstoftherootnameservers,requestingthatitidentifythe
authoritativeserversfortherootdomain.Thisistoensurethattheserverisusingthemost
currentinformation.Thequeryisjustlikethatforanameresolutionrequest,exceptthat
thereisnovalueintheNAMEfield.
Thereplyreturnedbytherootnameservercontains13entriesinboththeAnswerand
Additionalsections,correspondingtothe13rootnameserverscurrentlyinoperation(see
Figure15-11).EachentryintheAnswersectioncontainstheNSresourcerecordforone
oftherootnameservers,whichspecifiesitsDNSname,andthecorrespondingentryin
theAdditionalsectioncontainstheArecordforthatserver,whichspecifiesitsIPaddress.
Alloftheseserversarelocatedinadomaincalledroot-server.netandhaveincremental
hostnamesfromatom.Becausetheinformationabouttheseserversdoesnotchange
often,ifatall,theirresourcerecordscanhavealongtime-to-livevalue:518,400seconds
(144hoursor6days)fortheNSrecordsand3,600,000(1,000hoursor41.67days)forthe
Arecords.
Figure15-11Therootnameserver’sresponsemessage,containingtheRRsforall13rootnameservers
ZoneTransferMessages
AzonetransferisinitiatedbyaDNSserverthatfunctionsasaslaveforoneormorezones
whenevertheserversoftwareisstarted.Theprocessbeginswithaniterativequeryforan
SOAresourcerecordthattheslavesendstotheprimarymastertoensurethatitisthebest
sourceforinformationaboutthezone(seeFigure15-12).ThesingleQuestionsection
entrycontainsthenameofthezoneintheQNAMEfieldandavalueof6fortheQTYPE
field,indicatingthattheserverisrequestingtheSOAresourcerecord.
Figure15-12TheSOAquerymessagegeneratedbyaslaveservertodeterminewhetherazonetransferiswarranted
Theprimarymasterthenrepliestotheslavewitharesponsethatincludestheoriginal
QuestionsectionandasingleAnswersectioncontainingtheSOAresourcerecordforthe
zone(seeFigure15-13).Theslaveusestheinformationintheresponsetoverifythe
primarymaster’sauthorityandtodeterminewhetherazonetransferisneeded.Ifthevalue
oftheSOArecord’sSERIALfield,asfurnishedbytheprimarymaster,isgreaterthanthe
equivalentfieldontheslaveserver,thenazonetransferisrequired.
Figure15-13TheresponsemessagefromtheprimarymasterservercontainingtheSOAresourcerecord
AzonetransferrequestisastandardDNSquerymessagewithaQTYPEvalueof252,
whichcorrespondstotheAXFRtype.AXFRistheabbreviationforaresourcerecordset
thatconsistsofalloftherecordsinthezone.However,inmostcases,alloftheresource
recordsinthezonewillnotfitintoasingleUDPdatagram.UDPisaconnectionless,
unreliableprotocolinwhichtherecanbeonlyoneresponsemessageforeachquery
becausetheresponsemessagefunctionsastheacknowledgmentofthequery.Becausethe
primarymasterwillalmostcertainlyhavetousemultiplepacketsinordertosendallof
theresourcerecordsinthezonetotheslave,adifferentprotocolisneeded.Therefore,
beforeittransmitsthezonetransferrequestmessage,theslaveserverinitiatesaTCP
connectionwiththeprimarymasterusingthestandardthree-wayhandshake.Oncethe
connectionisestablished,theslavetransmitstheAXFRqueryinaTCPpacketusingport
53(seeFigure15-14).
Figure15-14TheAXFRqueryrequestingazonetransfer,transmittedtotheprimarymasterserverusingaTCP
connection
Inresponsetothequery,theprimarymasterservertransmitsalloftheresource
recordsintherequestedzoneasentriesintheAnswersection,asshowninFigure15-15.
Onceallofthedatahasbeentransmitted,thetwosystemsterminatetheTCPconnection
intheusualmanner,andthezonetransferiscompleted.
Figure15-15Onepacketfromazonetransfertransmittedbytheprimarymasterserver
CHAPTER
16 InternetServices
Atonetime,thetermserverincomputernetworkingwasnearlyalwaysusedinthephrase
fileserver,referringtoaPCrunninganetworkoperatingsystem(NOS)thatenablesusers
toaccesssharedfilesandprinters.However,therapidgrowthoftheInternethaschanged
thecommonmeaningoftheterm.TomostInternetusers,serversaretheinvisiblesystems
thathostwebsitesorthatenablethemtosendandreceivee-mail.ForLANusers,servers
stillfillthetraditionalfileandprintersharingroles,butalsoprovideapplication-related
functions,suchasaccesstodatabases.Thus,peoplearegraduallylearningthataserveris
bothasoftwareaswellasahardwareentityandthatasinglecomputercanactually
functioninmultipleserverrolessimultaneously.
InternetserversaresoftwareproductsthatprovidetraditionalInternetservicesto
clients,whetherornottheyareactuallyconnectedthroughtheInternet.Web,FTP,andemailareallservicesthatcanbeasusefulonaLAN,asmartphone,oratabletasonthe
Internet.Thischapterexaminesthetechnologybehindtheseservicesandtheprocedures
forimplementingthemonyournetwork.
WebServers
TheWebisaubiquitoustoolforbusiness,education,andrecreation.Alongwiththe
proliferationofmobiledevices,a“webpresence”isnearlyrequiredformostbusinesses.
ThebasicbuildingblocksoftheWebareasfollows:
•WebserversComputersrunningasoftwareprogramthatprocessesresource
requestsfromclients
•BrowsersClientsoftwarethatgeneratesresourcerequestsandsendsthemto
webservers
•HypertextTransferProtocol(HTTP)TheTransmissionControl
Protocol/InternetProtocol(TCP/IP)applicationlayerprotocolthatserversand
browsersusetocommunicate
•HypertextMarkupLanguage(HTML)Themarkuplanguageusedto
createwebpages
SelectingaWebServer
Awebserverisactuallyarathersimpledevice.Whenyouseecomplexpagesfulloffancy
textandgraphicsonyourmonitor,you’reactuallyseeingsomethingthatismorethe
productofthepagedesignerandthebrowsertechnologythanofthewebserver.Inits
simplestform,awebserverisasoftwareprogramthatprocessesrequestsforspecificfiles
frombrowsersanddeliversthosefilestothebrowser.Theserverdoesnotreadthe
contentsofthefiles,nordoesitparticipateintherenderingprocessthatcontrolshowa
webpageisdisplayedinthebrowser.Thedifferencesbetweenwebserverproductsarein
theadditionalfeaturestheyprovideandtheirabilitytohandlelargenumbersofrequests.
WebServerFunctions
Awebserverisaprogramthatrunsinthebackgroundonacomputerandlistensona
particularTCPportforincomingrequests.Simplyspeaking,theprocessisasfollows:
1.Acomputerclientasksforafile.
2.Theserverfindsthefile.
3.Theserverssendsaresponsetotheclient,usuallyaheaderaswellasthe
data.
4.Theserverclosestheconnection.
ThestandardTCPportforanHTTPserveris80,althoughmostserversenableyouto
specifyadifferentportnumberforasiteandmayuseasecondportnumberforthe
server’sadministrativeinterface.Toaccessawebserverusingadifferentport,youmust
specifythatportnumberaspartoftheURL.
UniformResourceLocatorsTheformatoftheuniformresourcelocator(URL)that
youtypeintoabrowser’sAddressfieldtoaccessaparticularwebsiteisdefinedinRFC
1738,publishedbytheInternetEngineeringTaskForce(IETF).AURLconsistsoffour
elementsthatidentifytheresourcethatyouwanttoaccess:
•ProtocolSpecifiestheapplicationlayerprotocolthatthebrowserwilluseto
connecttotheserver.SomeofthevaluesdefinedintheURLstandardareas
follows(othershavebeendefinedbyadditionalstandardspublishedsinceRFC
3986,whichupdatedRFC1738):
•httpHypertextTransferProtocol
•ftpFileTransferProtocol
•mailtoMailaddress
•newsUsenetnews
•telnetReferencetointeractivesessions
•waisWideareainformationservers
•fileHost-specificfilenames
•ServernameSpecifiestheDNSnameorIPaddressoftheserver.
•PortnumberSpecifiestheportnumberthattheserverismonitoringfor
incomingtraffic.
•DirectoryandfileIdentifiesthelocationofthefilethattheservershould
sendtothebrowser.
TheformatofaURLisasfollows:
protocol://name:port/directory/file.html
Mostofthetime,usersdonotspecifytheprotocol,port,directory,andfileintheir
URLs,andthebrowserusesitsdefaultvalues.WhenyouenterjustaDNSname,suchas
www.zacker.com,thebrowserassumestheuseoftheHTTPprotocol,port80,andtheweb
server’shomedirectory.Fullyexpanded,thisURLwouldappearsomethinglikethe
following:
http://www.zacker.com:80/index.html
Theonlyelementthatcouldvaryamongdifferentserversisthefilenameofthedefault
webpage,hereshownasindex.html.Thedefaultfilenameisconfiguredoneachserver
andspecifiesthefilethattheserverwillsendtoaclientwhennofilenameisspecifiedin
theURL.
Ifyouconfigureawebservertouseaportotherthan80tohostasite,usersmust
specifytheportnumberaspartoftheURL.Themainexceptiontothisiswhenthe
administratorwantstocreateasitethatishiddenfromtheaverageuser.Somewebserver
products,forexample,areconfigurableusingawebbrowser,andtheservercreatesa
separateadministrativesitecontainingtheconfigurationcontrolsfortheprogram.During
thesoftwareinstallation,theprogrampromptstheadministratorforaportnumberthatit
shouldusefortheadministrativesite.Thus,specifyingthenameoftheserverona
browseropensthedefaultsiteonport80,butspecifyingtheservernamewiththeselected
portaccessestheadministrativesite.
Theuseofanonstandardportisnotreallyasecuritymeasurebecausethereare
programsavailablethatcanidentifytheportsthatawebserverisusing.The
administrativesiteforaserverusuallyhassecurityintheformofuserauthenticationas
well;theportnumberisjustameansofkeepingthesitehiddenfromcurioususers.
CGIMuchofthetrafficgeneratedbytheWebtravelsfromthewebservertothe
browser.TheupstreamtrafficfrombrowsertoserverconsistsmainlyofHTTPrequests
forspecificfiles.However,therearemechanismsbywhichbrowserscansendothertypes
ofinformationtoservers.Theservercanthenfeedtheinformationtoanapplicationfor
processing.TheCommonGatewayInterface(CGI)isawidelysupportedmechanismof
thistype.Inmostcases,theusersuppliesinformationinaformbuiltintoawebpage
usingstandardHTMLtagsandthensubmitstheformtoaserver.Theserver,upon
receivingthedatafromthebrowser,executesaCGIscriptthatdefineshowthe
informationshouldbeused.Theservermightfeedtheinformationasaquerytoa
databaseserver,useittoperformanonlinefinancialtransaction,oruseitforanyother
purpose.
LoggingVirtuallyallwebservershavethecapabilitytomaintainlogsthattrackall
clientaccesstothesiteandanyerrorsthathaveoccurred.Thelogstypicallytaketheform
ofatextfile,witheachserveraccessrequestorerrorappearingonaseparateline.Each
linecontainsmultiplefields,separatedbyspacesorcommas.Theinformationloggedby
theserveridentifieswhoaccessedthesiteandwhen,aswellastheexactdocumentssent
totheclientbytheserver.
Mostwebserversenabletheadministratortochooseamongseveralformatsforthe
logstheykeep.Someserversuseproprietarylogformats,whichgenerallyarenot
supportedbythestatisticsprograms,whileotherserversmayalsobeabletologserver
informationtoanexternaldatabaseusinganinterfacesuchasOpenDatabase
Connectivity(ODBC).Mostservers,however,supporttheCommonLogFileformat
definedbytheNationalCenterforSupercomputingApplications(NCSA).Thisformat
consistsofnothingbutone-lineentrieswithfieldsseparatedbyspaces.Theformatfor
eachCommonLogFileentryandthefunctionsofeachfieldareasfollows:
remotehostlognameusernamedaterequeststatusbytes
•remotehostSpecifiestheIPaddressoftheremoteclientsystem.Some
serversalsoincludeaDNSreverselookupfeaturethatresolvestheaddressintoa
DNSnameforloggingpurposes.
•lognameSpecifiestheremotelognameoftheuserattheclientsystem.
Mostoftoday’sbrowsersdonotsupplythisinformation,sothefieldinthelogis
filledwithaplaceholder,suchasadash.
•usernameSpecifiestheusernamewithwhichtheclientwasauthenticatedto
theserver.
•dateSpecifiesthedateandtimethattherequestwasreceivedbytheserver.
Mostserversusethelocaldateandtimebydefault,butmayincludeaGreenwich
meantimedifferential,suchas–0500forU.S.EasternStandardTime.
•requestSpecifiesthetextoftherequestreceivedbytheserver.
•statusContainsoneofthestatuscodesdefinedintheHTTPstandardthat
specifieswhethertherequestwasprocessedsuccessfullyand,ifnot,why.
•bytesSpecifiesthesize(inbytes)ofthefiletransmittedtotheclientbythe
serverinresponsetotherequest.
ThereisalsoalogfileformatcreatedbytheWorldWideWebConsortium(W3C),
calledtheExtendedLogFileformat,thataddressessomeoftheinherentproblemsofthe
CommonLogFileformat,suchasdifficultiesininterpretingloggeddatabecauseof
spaceswithinfields.TheExtendedLogFileprovidesanextendableformatwithwhich
administratorscanspecifytheinformationtobeloggedorinformationthatshouldn’tbe
logged.TheformatfortheExtendedLogFileconsistsoffields,aswellasentries.Fields
appearonseparatelines,beginningwiththe#symbol,andspecifyinformationaboutthe
datacontainedinthelog.Thevalidfieldentriesareasfollows:
•#Version:integer.integerSpecifiestheversionofthelogfileformat.This
fieldisrequiredineverylogfile.
•#Fields:[specifiers]Identifiesthetypeofdatacarriedineachfieldofalog
entry,usingabbreviationsspecifiedintheExtendedLogFileformatspecification.
Thisfieldisrequiredineverylogfile.
•#SoftwarestringIdentifiestheserversoftwarethatcreatedthelog.
•#Start-Date:datetimeSpecifiesthedateandtimethatloggingstarted.
•#End-Date:datetimeSpecifiesthedateandtimethatloggingceased.
•#Date:datetimeSpecifiesthedateandtimeatwhichaparticularentrywas
addedtothelogfile.
•#Remark:textContainscommentinformationthatshouldbeignoredbyall
processes.
Thesefieldsenableadministratorstospecifytheinformationtoberecordedinthelog
whilemakingitpossibleforstatisticsprogramstocorrectlyparsethedatainthelog
entries.
RemoteAdministrationAllwebserversneedsomesortofadministrativeinterfacethat
youcanusetoconfiguretheiroperationalparameters.Evenano-frillsserverletsyou
defineahomedirectorythatshouldfunctionastherootofthesiteandotherbasicfeatures.
Someserverproductsincludeaprogramthatyoucanrunonthecomputerthatprovides
thisinterface,butmanyproductshavetakentheopportunitytoincludeanadministrative
websitewiththeproduct.Withasitelikethis,youcanconfiguretheserverfromany
computerusingastandardwebbrowser.Thisisaconvenienttoolforthenetwork
administrator,especiallywhenthewebserversystemislocatedinaserverclosetorother
remotelocationorwhenonepersonisresponsibleformaintainingseveralservers.
Thebiggestproblemwiththisformofremoteadministrationissecurity,butthereare
mechanismsthatcanpreventunauthorizedusersfrommodifyingtheserverconfiguration.
Themostbasicofthesemechanisms,asmentionedearlier,istheuseofanonstandardport
numberfortheadministrativesite.Serversthatusenonstandardportstypicallyrequirethat
youspecifytheportnumberduringtheserverinstallation.
AsecondmethodistoincludeameansbywhichyoucanspecifytheIPaddressesof
theonlysystemsthataretobepermittedaccesstotheadministrativeinterface.IIS
includesthismethod,andbydefault,theonlysystemthatcanaccesstheweb-based
interfaceistheoneonwhichtheserverisinstalled.However,youcanopenuptheserver
toremoteadministrationandspecifytheaddressesofotherworkstationstobegranted
accessorspecifytheaddressesofsystemsthataretobedenied.
VirtualDirectoriesAwebserverutilizesadirectoryonthecomputer’slocaldriveas
thehomedirectoryforthewebsiteithosts.Theservertransmitsthedefaultfilenamein
thatdirectorytoclientswhentheyaccessthesiteusingaURLthatconsistsonlyofaDNS
nameorIPaddress.Subdirectoriesbeneaththatdirectoryalsoappearassubdirectorieson
thewebsite.IIS,forexample,usestheC:\InetPub\wwwrootdirectoryasthedefaulthome
directoryforitswebsite.IfthatwebserverisregisteredintheDNSwiththename
www.zacker.com,thedefaultpagedisplayedbyabrowseraccessingthatsitewillbethe
default.htmfileinthewwwrootdirectory.AfileintheC:\InetPub\wwwroot\docsdirectory
ontheserverwill,therefore,appearonthesiteinwww.zacker.com/docs.
Usingthissystem,allthefilesanddirectoriesthataretoappearonthewebsitemust
belocatedbeneaththehomedirectory.However,thisisnotaconvenientarrangementfor
everysite.Onanintranet,forexample,administratorsmaywanttopublishdocumentsin
existingdirectoriesusingawebserverwithoutmovingthemtothehomedirectory.To
makethispossible,someserverproductsenableyoutocreatevirtualdirectoriesonthe
site.Avirtualdirectoryisadirectoryatanotherlocation—elsewhereonthedrive,on
anotherdrive,orsometimesevenonanothercomputer’sshareddrive—thatispublished
onawebsiteusinganalias.Theadministratorspecifiesthelocationofthedirectoryand
thealiasunderwhichitwillappearonthesite.Thealiasfunctionsasasubdirectoryonthe
sitethatuserscanaccessinthenormalmannerandcontainsthefilesandsubdirectories
fromtheotherdrive.
NOTESeeChapters25and26forinformationaboutwebandnetwork
security.
HTML
TheHypertextMarkupLanguageisthelinguafrancaoftheWeb,butitactuallyhaslittle
todowiththefunctionsofawebserver.Webserversareprogramsthatdeliverrequested
filestoclients.ThefactthatmostofthesefilescontainHTMLcodeisimmaterialbecause
theserverdoesnotreadthem.Theonlywayinwhichtheyaffecttheserver’sfunctionsis
whentheclientparsestheHTMLcodeandrequestsadditionalfilesfromtheserverthat
areneededtodisplaythewebpageinthebrowser,suchasimagefiles.Eveninthiscase,
however,theimagefilerequestsarejustadditionalrequeststotheserver.
HTTP
Communicationbetweenwebserversandtheirbrowserclientsisprovidedbyan
applicationlayerprotocolcalledtheHypertextTransferProtocol.HTTPisarelatively
simpleprotocolthattakesadvantageoftheservicesprovidedbytheTCPprotocolatthe
transportlayertotransferfilesfromserverstoclients.Whenaclientconnectstoaweb
serverbytypingaURLinabrowserorclickingahyperlink,thesystemgeneratesan
HTTPrequestmessageandtransmitsittotheserver.Thisisanapplicationlayerprocess,
butbeforeitcanhappen,communicationatthelowerlayersmustbeestablished.
UnlesstheuserorthehyperlinkspecifiestheIPaddressofthewebserver,thefirst
stepinestablishingtheconnectionbetweenthetwosystemsistodiscovertheaddressby
sendinganameresolutionrequesttoaDNSserver.Thisaddressmakesitpossibleforthe
IPprotocoltoaddresstraffictotheserver.Oncetheclientsystemknowstheaddress,it
establishesaTCPconnectionwiththeserver’sport80usingthestandardthree-way
handshakeprocessdefinedbythatprotocol.
OncetheTCPconnectionisestablished,thebrowserandtheservercanexchange
HTTPmessages.HTTPconsistsofonlytwomessagetypes,requestsandresponses.
Unlikethemessagesofmostotherprotocols,HTTPmessagestaketheformofASCIItext
strings,notthetypicalheaderswithdiscretecodedfields.Infact,youcanconnecttoa
webserverwithaTelnetclientandrequestafilebyfeedinganHTTPcommanddirectlyto
theserver.TheserverwillreplywiththefileyourequestedinitsrawASCIIform.
EachHTTPmessageconsistsofthefollowingelements:
•StartlineContainsarequestcommandorareplystatusindicator,plusa
seriesofvariables
•Headers[optional]Containsaseriesofzeroormorefieldscontaining
informationaboutthemessageorthesystemsendingit
•EmptylineContainsablanklinethatidentifiestheendoftheheadersection
•Messagebody[optional]Containsthepayloadbeingtransmittedtothe
othersystem
HTTPRequests
ThestartlineforallHTTPrequestsisstructuredasfollows:
RequestTypeRequestURIHTTPVersion
HTTPstandardsdefineseveraltypesofrequestmessages,whichincludethefollowing
valuesfortheRequestTypevariable:
•GETContainsarequestforinformationspecifiedbytheRequestURI
variable.Thistypeofrequestaccountsforthevastmajorityofrequestmessages.
•HEADFunctionallyidenticaltotheGETrequest,exceptthatthereply
shouldcontainonlyastartlineandheaders;nomessagebodyshouldbeincluded.
•POSTRequeststhattheinformationincludedinthemessagebodybe
acceptedbythedestinationsystemasanewsubordinatetotheresourcespecified
bytheRequestURIvariable.
•OPTIONSContainsarequestforinformationaboutthecommunication
optionsavailableontherequest/responsechainspecifiedbytheRequestURI
variable.
•PUTRequeststhattheinformationincludedinthemessagebodybestored
atthedestinationsysteminthelocationspecifiedbytheRequestURIvariable.
•DELETERequeststhatthedestinationsystemdeletetheresourceidentified
bytheRequestURIvariable.
•TRACERequeststhatthedestinationsystemperformanapplicationlayer
loopbackoftheincomingmessageandreturnittothesender.
•CONNECTReservedforusewithproxyserversthatprovideSSL
tunneling.
TheRequestURIvariablecontainsauniformresourceidentifier(URI),atextstring
thatuniquelyidentifiesaparticularresourceonthedestinationsystem.Inmostcases,this
variablecontainsthenameofafileonawebserverthattheclientwantstheservertosend
toitorthenameofadirectoryfromwhichtheservershouldsendthedefaultfile.The
HTTPVersionvariableidentifiestheversionoftheHTTPprotocolthatissupportedbythe
systemgeneratingtherequest.
Thus,whenausertypesthenameofawebsiteintoabrowser,therequestmessage
generatedcontainsastartlinethatappearsasfollows:
GET/HTTP/1.1
TheGETcommandrequeststhattheserversendafile.Theuseoftheforwardslashas
thevaluefortheRequestURIvariablerepresentstherootofthewebsite,sotheserverwill
respondbysendingthedefaultfilelocatedintheserver’shomedirectory.
HTTPHeaders
Followingthestartline,anyHTTPmessagecanincludeaseriesofheaders,whicharetext
stringsformattedinthefollowingmanner:
FieldName:FieldValue
Here,theFieldNamevariableidentifiesthetypeofinformationcarriedintheheader,
andtheFieldValuevariablecontainstheinformation.Thevariousheadersmostlyprovide
informationaboutthesystemsendingthemessageandthenatureoftherequest,whichthe
servermayormaynotusewhenformattingthereply.Thenumber,choice,andorderof
theheadersincludedinamessagearelefttotheclientimplementation,buttheHTTP
specificationrecommendsthattheybeorderedusingfourbasiccategories.
GeneralHeaderFieldsGeneralheadersapplytobothrequestandresponsemessages
butdonotapplytotheentity(thatis,thefileorotherinformationinthebodyofthe
message).ThegeneralheaderFieldNamevaluesareasfollows:
•Cache-ControlContainsdirectivestobeobeyedbycachingmechanismsat
thedestinationsystem
•ConnectionSpecifiesoptionsdesiredforthecurrentconnection,suchthatit
bekeptaliveforusewithmultiplerequests
•DateSpecifiesthedateandtimethatthemessagewasgenerated
•PragmaSpecifiesdirectivesthatarespecifictotheclientorserver
implementation
•TrailerIndicatesthatspecificheaderfieldsarepresentinthetrailerofa
messageencodedwithchunkedtransfer-coding
•Transfer-EncodingSpecifieswhattypeoftransformation(ifany)hasbeen
appliedtothemessagebodyinordertosafelytransmitittothedestination
•UpgradeSpecifiesadditionalcommunicationprotocolssupportedbythe
client
•ViaIdentifiesthegatewayandproxyserversbetweentheclientandthe
serverandtheprotocolstheyuse
•WarningContainsadditionalinformationaboutthestatusortransformation
ofamessage
RequestHeaderFieldsRequestheadersapplyonlytorequestmessagesandsupply
informationabouttherequestandthesystemmakingtherequest.Therequestheader
FieldNamevaluesareasfollows:
•AcceptSpecifiesthemediatypesthatareacceptableintheresponse
message
•Accept-CharsetSpecifiesthecharactersetsthatareacceptableinthe
responsemessage
•Accept-EncodingSpecifiesthecontentcodingsthatareacceptableinthe
responsemessage
•Accept-LanguageSpecifiesthelanguagesthatareacceptableinthe
responsemessage
•AuthorizationContainscredentialswithwhichtheclientwillbe
authenticatedtotheserver
•ExpectSpecifiesthebehaviorthattheclientexpectsfromtheserver
•FromContainsane-mailaddressfortheusergeneratingtherequest
•HostSpecifiestheInternethostnameoftheresourcebeingrequested
(usuallyaURL),plusaportnumberifdifferentfromthedefaultport(80)
•If-MatchUsedtomakeaparticularrequestconditionalbymatching
particularentitytags
•If-Modified-SinceUsedtomakeaparticularrequestconditionalby
specifyingthemodificationdateoftheclientcacheentrycontainingtheresource,
whichtheservercomparestotheactualresourceandreplieswitheitherthe
resourceoracachereferral
•If-None-MatchUsedtomakeaparticularrequestconditionalbynot
matchingparticularentitytags
•If-RangeRequeststhattheservertransmitthepartsofanentitythatthe
clientismissing
•If-Unmodified-SinceUsedtomakeaparticularrequestconditionalby
specifyingadatethattheservershouldusetodeterminewhethertosupplythe
requestedresource
•Max-ForwardsLimitsthenumberofproxiesorgatewaysthatcanforward
therequesttoanotherserver
•Proxy-AuthorizationContainscredentialswithwhichtheclientwill
authenticateitselftoaproxyserver
•RangeContainsoneormorebyterangesrepresentingpartsoftheresource
specifiedbytheResourceURIvariablethattheclientisrequestingbesentbythe
server
•RefererSpecifiestheresourcefromwhichtheResourceURIvaluewas
obtained
•TESpecifieswhichextensiontransfer-codingstheclientcanacceptinthe
responseandwhethertheclientwillaccepttrailerfieldsinachunkedtransfercoding
•User-AgentContainsinformationaboutthebrowsergeneratingtherequest
ResponseHeaderFieldsTheresponseheadersapplyonlytoresponsemessagesand
provideadditionalinformationaboutthemessageandtheservergeneratingthemessage.
TheresponseheaderFieldNamevaluesareasfollows:
•Accept-RangesEnablesaservertoindicateitsacceptanceofrangerequests
foraresource(usedinresponsesonly)
•AgeSpecifiestheelapsedtimesinceacachedresponsewasgeneratedata
server
•EtagSpecifiesthecurrentvalueoftheentitytagfortherequestedvariant
•LocationDirectsthedestinationsystemtoalocationfortherequested
resourceotherthanthatspecifiedbytheRequestURIvariable
•Proxy-AuthenticateSpecifiestheauthenticationschemeusedbyaproxy
server
•Retry-AfterSpecifieshowlongarequestedresourcewillbeunavailableto
theclient
•ServerIdentifiesthewebserversoftwareusedtoprocesstherequest
•VarySpecifiestheheaderfieldsusedtodeterminewhetheraclientcanusea
cachedresponsetoarequestwithoutrevalidationbytheserver
•WWW-AuthenticateSpecifiesthetypeofauthenticationrequiredinorder
fortheclienttoaccesstherequestedresource
EntityHeaderFieldsThetermentityisusedtodescribethedataincludedinthe
messagebodyofaresponsemessage,andtheentityheadersprovideadditional
informationaboutthatdata.TheentityheaderFieldNamevaluesareasfollows:
•AllowSpecifiestherequesttypessupportedbyaresourceidentifiedbya
particularRequestURIvalue
•Content-EncodingSpecifiesadditionalcontent-codingmechanisms(such
asgzip)thathavebeenappliedtothedatainthebodyofthemessage
•Content-LanguageSpecifiesthelanguageofthemessagebody
•Content-LengthSpecifiesthelengthofthemessagebody,inbytes
•Content-LocationSpecifiesthelocationfromwhichtheinformationinthe
messagebodywasderived,whenitisseparatefromthelocationspecifiedbythe
ResourceURIvariable
•Content-MD5ContainsanMD5digestofthemessagebody(asdefinedin
RFC1864)thatwillbeusedtoverifyitsintegrityatthedestination
•Content-RangeIdentifiesthelocationofthedatainthemessagebody
withinthewholeoftherequestedresourcewhenthemessagecontainsonlypartof
theresource
•Content-TypeSpecifiesthemediatypeofthedatainthemessagebody
•ExpiresSpecifiesthedateandtimeafterwhichthecachedresponseistobe
consideredstale
•Last-ModifiedSpecifiesthedateandtimeatwhichtheserverbelievesthe
requestedresourcewaslastmodified
•Extension-HeaderEnablestheuseofadditionalentityheaderfieldsthat
mustberecognizedbyboththeclientandtheserver
HTTPResponses
TheHTTPresponsesgeneratedbywebserversusemanyofthesamebasicelementsas
therequests.Thestartlinealsoconsistsofthreeelements,asfollows:
HTTPVersionStatusCodeStatusPhrase
TheHTTPVersionvariablespecifiesthestandardsupportedbytheserver,usingthe
samevalueslistedearlier.TheStatusCodeandStatusPhrasevariablesindicatewhetherthe
requesthasbeenprocessedsuccessfullybytheserverand,ifithasn’t,whynot.Thecode
isathree-digitnumber,andthephraseisatextstring.Thecodevaluesaredefinedinthe
HTTPspecificationandareusedconsistentlybyallwebserverimplementations.Thefirst
digitofthecodespecifiesthegeneralnatureoftheresponse,andthesecondtwodigits
givemorespecificinformation.Thestatusphrasesaredefinedbythestandardaswell,but
somewebserverproductsenableyoutomodifythetextstringsinordertosupplymore
informationtotheclient.Thecodesandphrasesdefinedbythestandardarelistedinthe
followingsections.
InformationalCodesInformationalcodesareusedonlyinresponseswithnomessage
bodiesandhavethenumeral1astheirfirstdigit,asshownhere:
•100–ContinueIndicatesthattherequestmessagehasbeenreceivedbythe
serverandthattheclientshouldeithersendanothermessagecompletingthe
requestorcontinuetowaitforaresponse.Aresponseusingthiscodemustbe
followedbyanotherresponsecontainingacodeindicatingcompletionofthe
request.
•101–SwitchingProtocolAresponsetoanUpdaterequestbytheclientand
indicatestheserverisswitchingaswell.Whilenotincommonuse,thiscodewas
createdtoallowmigrationtoanincompatibleprotocolversion.
SuccessfulCodesSuccessfulcodeshavea2astheirfirstdigitandindicatethatthe
client’srequestmessagehasbeensuccessfullyreceived,understood,andaccepted.The
validcodesareasfollows:
•200–OKIndicatesthattherequesthasbeenprocessedsuccessfullyandthat
theresponsecontainsthedataappropriateforthetypeofrequest.
•201–CreatedIndicatesthattherequesthasbeenprocessedsuccessfully
andthatanewresourcehasbeencreated.
•202–AcceptedIndicatesthattherequesthasbeenacceptedforprocessing
butthattheprocessinghasnotyetbeencompleted.
•203–NonauthoritativeInformationIndicatesthattheinformationinthe
headersisnotthedefinitiveinformationsuppliedbytheserverbutisgathered
fromalocalorathird-partycopy.
•204–NoContentIndicatesthattherequesthasbeenprocessedsuccessfully
butthattheresponsecontainsnomessagebody.Itmaycontainheader
information.
•205–ResetContentIndicatesthattherequesthasbeenprocessed
successfullyandthattheclientbrowserusershouldresetthedocumentview.This
messagetypicallymeansthatthedatafromaformhasbeenreceivedandthatthe
browsershouldresetthedisplaybyclearingtheformfields.
•206–PartialContentIndicatesthattherequesthasbeenprocessed
successfullyandthattheserverhasfulfilledarequestthatusestheRangeheader
tospecifypartofaresource.
RedirectionCodesRedirectioncodeshavea3astheirfirstdigitandindicatethat
furtheractionfromtheclient(eitherthebrowserortheuser)isrequiredtosuccessfully
processtherequest.Thevalidcodesareasfollows:
•300–MultipleChoicesIndicatesthattheresponsecontainsalistof
resourcesthatcanbeusedtosatisfytherequest,fromwhichtheusershouldselect
one.
•301–MovedPermanentlyIndicatesthattherequestedresourcehasbeen
assignedanewpermanentURIandthatallfuturereferencestothisresource
shoulduseoneofthenewURIssuppliedintheresponse.
•302–FoundIndicatesthattherequestedresourceresidestemporarilyunder
adifferentURIbutthattheclientshouldcontinuetousethesameRequestURI
valueforfuturerequestssincethelocationmaychangeagain.
•303–SeeOtherIndicatesthattheresponsetotherequestcanbefound
underadifferentURIandthattheclientshouldgenerateanotherrequestpointing
tothenewURI.
•304–NotModifiedIndicatesthattheversionoftherequestedresourcein
theclientcacheisidenticaltothatontheserverandthatretransmissionofthe
resourceisnotnecessary.
•305–UseProxyIndicatesthattherequestedresourcemustbeaccessed
throughtheproxyspecifiedintheLocationheader.
•306–UnusedNolongerusedandiscurrentlyreservedforfutureuse.
•307–TemporaryRedirectIndicatesthattherequestedresourceresides
temporarilyunderadifferentURIbutthattheclientshouldcontinuetousethe
sameRequestURIvalueforfuturerequestssincethelocationmaychangeagain.
•308–PermanentRedirectIndicatesthattheresourceisnowatanother
URL.Whilesimilartothe301responsecode,theexceptionfora308codeisthat
theuseragentmustnotchangetheHTTPmethodused.
ClientErrorCodesClienterrorcodeshavea4astheirfirstdigitandindicatethatthe
requestcouldnotbeprocessedbecauseofanerrorbytheclient.Thevalidcodesareas
follows:
•400–BadRequestIndicatesthattheservercouldnotunderstandthe
requestbecauseofmalformedsyntax
•401–UnauthorizedIndicatesthattheservercouldnotprocesstherequest
becauseuserauthenticationisrequired
•402–PaymentRequiredReservedforfutureuse
•403–ForbiddenIndicatesthattheserverisrefusingtoprocesstherequest
andthatitshouldnotberepeated
•404–NotFoundIndicatesthattheservercouldnotlocatetheresource
specifiedbytheRequestURIvariable
•405–MethodNotAllowedIndicatesthattherequesttypecannotbeused
forthespecifiedRequestURI
•406–NotAcceptableIndicatesthattheresourcespecifiedbythe
RequestURIvariabledoesnotconformtoanyofthedatatypesspecifiedinthe
requestmessage’sAcceptheader
•407–ProxyAuthenticationRequiredIndicatesthattheclientmust
authenticateitselftoaproxyserverbeforeitcanaccesstherequestedresource
•408–RequestTimeoutIndicatesthattheclientdidnotproducearequest
withintheserver’stimeoutperiod
•409–ConflictIndicatesthattherequestcouldnotbeprocessedbecauseofa
conflictwiththecurrentstateoftherequestedresource,suchaswhenaPUT
commandattemptstowritedatatoaresourcethatisalreadyinuse
•410–GoneIndicatesthattherequestedresourceisnolongeravailableatthe
serverandthattheserverisnotawareofanalternativelocation
•411–LengthRequiredIndicatesthattheserverhasrefusedtoprocessa
requestthatdoesnothaveaContent-Lengthheader
•412–PreconditionFailedIndicatesthattheserverhasfailedtosatisfyone
ofthepreconditionsspecifiedintherequestheaders
•413–RequestEntityTooLargeIndicatesthattheserverisrefusingto
processtherequestbecausethemessageistoolarge
•414–RequestURITooLongIndicatesthattheserverisrefusingtoprocess
therequestbecausetheRequestURIvalueislongerthantheserveriswillingto
interpret
•415–UnsupportedMediaTypeIndicatesthattheserverisrefusingto
processtherequestbecausetherequestisinaformatnotsupportedbythe
requestedresourcefortherequestedmethod
•416–RequestedRangeNotSatisfiableIndicatesthattheservercannot
processtherequestbecausethedataspecifiedbytheRangeheaderintherequest
messagedoesnotexistintherequestedresource
•417–ExpectationFailedIndicatesthattheservercouldnotsatisfythe
requirementsspecifiedintherequestmessage’sExpectheader
ServerErrorCodesServererrorcodeshavea5astheirfirstdigitandindicatethatthe
requestcouldnotbeprocessedbecauseofanerrorbytheserver.Thevalidcodesareas
follows:
•500–InternalServerErrorIndicatesthattheserverencounteredan
unexpectedconditionthatpreventeditfromfulfillingtherequest
•501–NotImplementedIndicatesthattheserverdoesnotsupportthe
functionalityrequiredtosatisfytherequest
•502–BadGatewayIndicatesthatagatewayorproxyserverhasreceived
aninvalidresponsefromtheupstreamserveritaccessedwhileattemptingto
processtherequest
•503–ServiceUnavailableIndicatesthattheservercannotprocessthe
requestbecauseofitbeingtemporarilyoverloadedorundermaintenance
•504–GatewayTimeoutIndicatesthatagatewayorproxyserverdidnot
receiveatimelyresponsefromtheupstreamserverspecifiedbytheURIorsome
otherauxiliaryserverneededtocompletetherequest
•505–HTTPVersionNotSupportedIndicatesthattheserverdoesnot
support,orrefusestosupport,theHTTPprotocolversionusedintherequest
message
Afterthestartline,aresponsemessagecancontainaseriesofheaders,justlikethose
inarequest,thatprovideinformationabouttheserverandtheresponsemessage.The
headersectionconcludeswithablankline,afterwhichcomesthebodyofthemessage,
typicallycontainingthecontentsofthefilerequestedbytheclient.Ifthefileislargerthan
whatcanfitinasinglepacket,theservergeneratesadditionalresponsemessages
containingmessagebodiesbutnostartlinesorheaders.
FTPServers
TheFileTransferProtocolisanapplicationlayerTCP/IPprotocolthatenablesan
authenticatedclienttoconnecttoaserverandtransferfilestoandfromtheothermachine.
FTPisnotthesameassharingadrivewithanothersystemonthenetwork.Accessis
limitedtoafewbasicfilemanagementcommands,andtheprimaryfunctionofthe
protocolistocopyfilestoyourlocalsystem,nottoaccesstheminplaceontheserver.
LikeHTTP,FTPusestheTCPprotocolforitstransportservicesandreliesonASCII
textcommandsforitsuserinterface.TherearenowmanygraphicalFTPclientsavailable
thatautomatethegenerationandtransmissionoftheappropriatetextcommandstoa
server.
ThebigdifferencebetweenFTPandHTTP(aswellasmostotherprotocols)isthat
FTPusestwoportnumbersinthecourseofitsoperations.WhenanFTPclientconnectsto
aserver,itusesport21toestablishacontrolconnection.Thisconnectionremainsopen
duringthelifeofthesession;theclientandserveruseittoexchangecommandsand
replies.Whentheclientrequestsafiletransfer,theserverestablishesasecondconnection
onport20,whichitusestotransferthefileandthenterminatesimmediatelyafterward.
FTPCommands
AnFTPclientconsistsofauserinterface,whichmaybetextbasedorgraphical,anda
userprotocolinterpreter.Theuserprotocolinterpretercommunicateswiththeserver
protocolinterpreterusingtextcommandsthatarepassedoverthecontrolconnection(see
Figure16-1).Whenthecommandscallforadatatransfer,oneoftheprotocolinterpreters
triggersadatatransferprocess,whichcommunicateswithalikeprocessontheother
machineusingthedataconnection.Thecommandsissuedbytheuserprotocolinterpreter
donotnecessarilycorrespondtothetraditionaltext-baseduserinterfacecommands.For
example,toretrieveafilefromaserver,thetraditionaluserinterfacecommandisGET
plusthefilename,butaftertheuserprotocolinterpreterreceivesthiscommand,itsendsan
RETRcommandtotheserverwiththesamefilename.Thus,theuserinterfacecanbe
modifiedforpurposesoflanguagelocalizationorotherreasons,butthecommandsused
bytheprotocolinterpretersremainconsistent.
Figure16-1TheprotocolinterpretersintheFTPclientandserverexchangecontrolmessages
ThefollowingsectionslistthecommandsusedbytheFTPprotocolinterpreters.
AccessControlCommands
FTPclientsusetheaccesscontrolcommandstologintoaserver,authenticatetheuser,
andterminatethecontrolconnectionattheendofthesession.Thesecommandsareas
follows:
•USERusernameSpecifiestheaccountnameusedtoauthenticatetheclient
totheserver.
•PASSpasswordSpecifiesthepasswordassociatedwiththepreviously
furnishedusername.
•ACCTaccountSpecifiesanaccountusedforaccesstospecificfeaturesof
theserverfilesystem.TheACCTcommandcanbeissuedatanytimeduringthe
sessionandnotjustduringtheloginsequence,aswithUSER.
•CWDpathnameChangestheworkingdirectoryintheserverfilesystemto
thatspecifiedbythepathnamevariable.
•CDUPShiftstheworkingdirectoryintheserverfilesystemonelevelupto
theparentdirectory.
•SMNTpathnameMountsadifferentfilesystemdatastructureontheserver,
withoutalteringtheuseraccountauthentication.
•REINTerminatesthecurrentsession,leavingthecontrolconnectionopen
andcompletinganydataconnectiontransferinprogress.AnewUSERcommand
isexpectedtofollowimmediately.
•QUITTerminatesthecurrentsessionandclosesthecontrolconnectionafter
completinganydataconnectiontransferinprogress.
TransferParameterCommands
Thetransferparametercommandspreparethesystemstoinitiateadataconnectionand
identifythetypeoffilethatistobetransferred.Thesecommandsareasfollows:
•PORThost/portNotifiestheserveroftheIPaddressandephemeralport
numberthatitexpectsadataconnectiontouse.Thehost/portvariableconsistsof
sixintegers,separatedbycommas,representingthefourbytesoftheIPaddress
andtwobytesfortheportnumber.
•PASVInstructstheservertospecifyaportnumberthattheclientwilluseto
establishadataconnection.Thereplyfromtheservercontainsahost/port
variable,likePORT.
•TYPEtypecodeSpecifiesthetypeoffiletobetransferredoveradata
connection.Currentlyusedoptionsareasfollows:
•AASCIIplain-textfile
•IBinaryfile
•STRUstructurecodeSpecifiesthestructureofafile.Thedefaultsetting,F
(forFile),indicatesthatthefileisacontiguousbytestream.Twootheroptions,R
(forRecord)andP(forPage),arenolongerused.
•MODEmodecodeSpecifiesthetransfermodeforadataconnection.The
defaultsetting,S(forStream),indicatesthatthefilewillbetransferredasabyte
stream.Twootheroptions,B(forBlock)andC(forCompressed),arenolonger
used.
FTPServiceCommands
TheFTPservicecommandsenabletheclienttomanagethefilesystemontheserverand
initiatefiletransfers.Thesecommandsareasfollows:
•RETRfilenameInstructstheservertotransferthespecifiedfiletothe
client.
•STORfilenameInstructstheservertoreceivethespecifiedfilefromthe
client,overwritinganidenticallynamedfileintheserverdirectoryifnecessary.
•STOUInstructstheservertoreceivethefilefromtheclientandgiveita
uniquenameintheserverdirectory.Thereplyfromtheservermustcontainthe
uniquename.
•APPEpathnameInstructstheservertoreceivethespecifiedfilefromthe
clientandappendittotheidenticallynamedfileintheserverdirectory.Ifnofile
ofthatnameexists,theservercreatesanewfile.
•ALLObytesAllocatesaspecifiednumberofbytesontheserverbeforethe
clientactuallytransmitsthedata.
•RESTmarkerSpecifiesthepointinafileatwhichthefiletransfershould
berestarted.
•RNFRfilenameSpecifiesthenameofafiletoberenamed;mustbe
followedbyanRNTOcommand.
•RNTOfilenameSpecifiesthenewnameforthefilepreviouslyreferenced
inanRNFRcommand.
•ABORAbortsthecommandcurrentlybeingprocessedbytheserver,closing
anyopendataconnections.
•DELEfilenameDeletesthespecifiedfileontheserver.
•RMDpathnameDeletesthespecifieddirectoryontheserver.
•MKDpathnameCreatesthespecifieddirectoryontheserver.
•PWDReturnsthenameoftheserver’scurrentworkingdirectory.
•LISTpathnameInstructstheservertotransmitanASCIIfilecontaininga
listofthespecifieddirectory’scontents,includingattributes.
•NLSTpathnameInstructstheservertotransmitanASCIIfilecontaininga
listofthespecifieddirectory’scontents,withnoattributes.
•SITEstringCarriesnonstandard,implementation-specificcommandstothe
server.
•SYSTReturnsthenameoftheoperatingsystemrunningontheserver.
•STATfilenameWhenusedduringafiletransfer,returnsastatusindicator
forthecurrentoperation.Whenusedwithafilenameargument,returnstheLIST
informationforthespecifiedfile.
•HELPstringReturnshelpinformationspecifictotheserver
implementation.
•NOOPInstructstheservertoreturnanOKresponse.Thisisusedasa
sessionkeep-alivemechanism;thecommandperformsnootheractions.
FTPReplyCodes
AnFTPserverrespondstoeachcommandsentbyaclientwithathree-digitreplycode
andatextstring.AswithHTTP,thesereplycodesmustbeimplementedasdefinedinthe
FTPstandardonallserverssothattheclientcandetermineitsnextaction,butsome
productsenableyoutomodifythetextthatisdeliveredwiththecodeanddisplayedtothe
user.
Thefirstdigitofthereplycodeindicateswhetherthecommandwascompleted
successfully,unsuccessfully,ornotatall.Thepossiblevaluesforthisdigitareasfollows:
•1##–PositivepreliminaryreplyIndicatesthattheserverisinitiatingthe
requestedactionandthattheclientshouldwaitforanotherreplybeforesending
anyfurthercommands
•2##–PositivecompletionreplyIndicatesthattheserverhassuccessfully
completedtherequestedaction
•3##–PositiveintermediatereplyIndicatesthattheserverhasacceptedthe
commandbutthatmoreinformationisneededbeforeitcanexecuteitandthatthe
clientshouldsendanothercommandcontainingtherequiredinformation
•4##–TransientnegativecompletionreplyIndicatesthattheserverhasnot
acceptedthecommandorexecutedtherequestedactionduetoatemporary
conditionandthattheclientshouldsendthecommandagain
•5##–PermanentnegativecompletionreplyIndicatesthattheserverhas
notacceptedthecommandorexecutedtherequestedactionandthattheclientis
discouraged(butnotforbidden)fromresendingthecommand
Theseconddigitofthereplycodeprovidesmorespecificinformationaboutthenature
ofthemessage.Thepossiblevaluesforthisdigitareasfollows:
•#0#–SyntaxIndicatesthatthecommandcontainsasyntaxerrorthathas
preventeditfrombeingexecuted
•#1#–InformationIndicatesthatthereplycontainsinformationthatthe
commandrequested,suchasstatusorhelp
•#2#–ConnectionsIndicatesthatthereplyreferstothecontrolordata
connection
•#3#–AuthenticationandaccountingIndicatesthatthereplyreferstothe
loginprocessortheaccountingprocedure
•#4#–UnusedCurrentlyunused.Isavailableforfutureuse.
•#5#–FilesystemIndicatesthestatusoftheserverfilesystemasaresultof
thecommand
TheerrorcodesdefinedbytheFTPstandardareasfollows:
•110Restartmarkerreply
•120Servicereadyinnnnminutes
•125Dataconnectionalreadyopen;transferstarting
•150Filestatusokay;abouttoopendataconnection
•200Commandokay
•202Commandnotimplemented,superfluousatthissite
•211Systemstatus,orsystemhelpreply
•212Directorystatus
•213Filestatus
•214Helpmessage
•215NAMEsystemtype
•220Servicereadyfornewuser
•221Serviceclosingcontrolconnection
•225Dataconnectionopen;notransferinprogress
•226Closingdataconnection
•227EnteringPassiveMode(h1,h2,h3,h4,p1,p2)
•230Userloggedin,proceed
•250Requestedfileactionokay,completed
•257“PATHNAME”created
•331Usernameokay,needpassword
•332Needaccountforlogin
•350Requestedfileactionpendingfurtherinformation
•421Servicenotavailable;closingcontrolconnection
•425Can’topendataconnection
•426Connectionclosed;transferaborted
•450Requestedfileactionnottaken
•451Requestedactionaborted;localerrorinprocessing
•452Requestedactionnottaken;insufficientstoragespaceinsystem
•500Syntaxerror,commandunrecognized
•501Syntaxerrorinparametersorarguments
•502Commandnotimplemented
•503Badsequenceofcommands
•504Commandnotimplementedforthatparameter
•530Notloggedin
•532Needaccountforstoringfiles
•550Requestedactionnottaken;fileunavailable(e.g.,filenotfound,no
access)
•551Requestedactionaborted;pagetypeunknown
•552Requestedfileactionaborted;exceededstorageallocation(forcurrent
directoryordataset)
•553Requestedactionnottaken;filenamenotallowed
FTPMessaging
AnFTPsessionbeginswithaclientestablishingaconnectionwithaserverbyusingeither
aGUIorthecommandlinetospecifytheserver’sDNSnameorIPaddress.Thefirst
orderofbusinessistoestablishaTCPconnectionusingthestandardthree-way
handshake.TheFTPserverislisteningonport21forincomingmessages,andthisnew
TCPconnectionbecomestheFTPcontrolconnectionthatwillremainopenforthelifeof
thesession.ThefirstFTPmessageistransmittedbytheserver,announcingand
identifyingitself,asfollows:
220CZ2MicrosoftFTPService(Version5.0)
AswithallmessagestransmittedoveraTCPconnection,acknowledgmentisrequired.
Duringthecourseofthesession,themessageexchangeswillbepunctuatedbyTCPACK
packetsfrombothsystems,asneeded.Afteritsendstheinitialacknowledgment,theclient
promptstheuserforanaccountnameandpasswordandperformstheuserloginsequence,
asfollows:
USERanonymous
331Anonymousaccessallowed,sendidentity(e-mailname)aspassword.
[email protected]
230Anonymoususerloggedin.
TheclienttheninformstheserverofitsIPaddressandtheportthatitwillusefordata
connectionsontheclientsystem,asfollows:
PORT192,168,2,3,7,233
200PORTcommandsuccessful.
Thevalues192,168,2,and3arethefourdecimalbytevaluesoftheIPaddress,andthe7
and233arethe2bytesoftheportnumbervalue,whichtranslatesas2025.Byconverting
these2portbytestobinaryform(0000011111101001)andthenconvertingthewhole2bytevaluetoadecimal,youget2025.
Atthispoint,theclientcansendcommandstotheserverrequestingfiletransfersor
filesystemprocedures,suchasthecreationanddeletionofdirectories.Onetypicalclient
commandistorequestalistingofthefilesintheserver’sdefaultdirectory,asfollows:
NLST-l
Inresponsetothiscommand,theserverinformstheclientthatitisgoingtoopenadata
connectionbecausethelististransmittedasanASCIIfile.
150OpeningASCIImodedataconnectionfor/bin/ls.
TheserverthencommencestheestablishmentofthesecondTCPconnection,usingits
ownport20andtheclientport2025specifiedearlierinthePORTcommand.Oncethe
connectionisestablished,theservertransmitsthefileithascreatedcontainingthelisting
forthedirectory.Dependingonthenumberoffilesinthedirectory,thetransfermay
requirethetransmissionofmultiplepacketsandacknowledgments,afterwhichtheserver
immediatelysendsthefirstmessageinthesequencethatterminatesthedataconnection.
Oncethedataconnectionisclosed,theserverrevertstothecontrolconnectionand
finishesthefiletransferwiththefollowingpositivecompletionreplymessage:
226Transfercomplete.
Atthispoint,theclientisreadytoissueanothercommand,suchasarequestfor
anotherfiletransfer,whichrepeatstheentireprocessbeginningwiththePORTcommand
orsomeotherfunctionthatusesonlythecontrolconnection.Whentheclientisreadyto
terminatethesessionbyclosingthecontrolconnection,itsendsaQUITcommand,and
theserverrespondswithanacknowledgmentlikethefollowing:
221
E-mail
WhileInternetservicessuchastheWebandFTParewildlypopular,theservicethatisthe
closesttobeingaubiquitousbusinessandpersonalcommunicationstoolise-mail.E-mail
isauniquecommunicationsmediumthatcombinestheimmediacyofthetelephonewith
theprecisionofthewrittenword,andnoInternetserviceismorevaluabletothenetwork
user.Untilthemid-1990s,thee-mailsystemsyouwerelikelytoencounterwereselfcontained,proprietarysolutionsdesignedtoprovideanorganizationwithinternal
communications.Asthevalueofe-mailasabusinesstoolbegantoberecognizedbythe
generalpublic,businesspeoplebeganswappingthee-mailaddressessuppliedtothemby
specificonlineservices.However,ifyousubscribedtoadifferentservicethanyour
intendedcorrespondent,youwereoutofluck.TheriseoftheInternetrevolutionizedtheemailconceptbyprovidingasingle,worldwidestandardformailcommunicationsthatwas
independentofanysingleserviceprovider.Today,e-mailaddressesarealmostascommon
astelephonenumbers,andvirtuallyeverynetworkwithanInternetconnectionsuppliesits
userswithe-mailaddresses.
E-mailAddressing
Thee-mailaddressformatsoonbecomessecondnaturetobeginninge-mailusers.An
Internete-mailaddressconsistsofausernameandadomainname,separatedbyan“at”
symbol(@),[email protected]
sites,thedomainnameinane-mailaddress([email protected])
identifiestheorganizationhostingthee-mailservicesforaparticularuser.Forindividual
users,thedomainistypicallythatofanISP,whichnearlyalwayssuppliesoneormoreemailaddresseswithanInternetaccessaccount.Forcorporateusers,thedomainnameis
usuallyregisteredtotheorganizationandisusuallythesamedomainusedfortheirweb
sitesandotherInternetservices.
Theusernamepartofane-mailaddress([email protected])
representsthenameofamailboxthathasbeencreatedonthemailserverservicingthe
domain.Theusernameoftenconsistsofacombinationofnamesand/orinitialsidentifying
anindividualuserattheorganization,butit’salsocommontohavemailboxesforspecific
rolesandfunctionsinthedomain.Forexample,mostdomainsrunningawebsitehavea
[email protected]ionalityof
thewebsite.
BecauseInternete-mailreliesonstandarddomainnamestoidentifymailservers,the
DomainNameSystem(DNS)isanessentialpartoftheInternete-mailarchitecture.DNS
serversstoreinformationinunitsofvarioustypescalledresourcerecords.TheMX
resourcerecordistheoneusedtoidentifyane-mailserverinaparticulardomain.Whena
mailserverreceivesanoutgoingmessagefromane-mailclient,itreadstheaddressofthe
intendedrecipientandperformsaDNSlookupofthedomainnameinthataddress.The
servergeneratesaDNSmessagerequestingtheMXresourcerecordforthespecified
domain,andtheDNSserver(afterperformingthestandarditerativeprocessthatmay
involverelatingtherequesttootherdomainservers)replieswiththeIPaddressoftheemailserverforthedestinationdomain.Theserverwiththeoutgoingmessagethenopensa
connectiontothedestinationdomain’smailserverusingtheSimpleMailTransfer
Protocol(SMTP).Itisthedestinationmailserverthatprocessestheusernamepartofthe
e-mailaddressbyplacingthemessageintheappropriatemailbox,whereitwaitsuntilthe
clientpicksitup.
E-mailClientsandServers
LikeHTTPandFTP,Internete-mailisaclient-serverapplication.However,inthiscase,
severaltypesofserversareinvolvedinthee-mailcommunicationprocess.SMTPservers
areresponsibleforreceivingoutgoingmailfromclientsandtransmittingthemail
messagestotheirdestinationservers.Theothertypeofserveristheonethatmaintainsthe
mailboxesandwhichthee-mailclientsusetoretrievetheirincomingmail.Thetwo
predominantprotocolsforthistypeofserverarethePostOfficeProtocol,version3
(POP3)andtheInternetMessageAccessProtocol(IMAP).Thisisanothercasewhereit’s
importanttounderstandthatthetermserverreferstoanapplicationandnotnecessarilyto
aseparatecomputer.Inmanycases,theSMTPandeitherthePOP3orIMAPserverrunon
thesamecomputer.
E-mailserverproductsgenerallyfallintotwocategories,thosethataredesigned
solelyforInternete-mailandthosethatprovidemorecomprehensiveinternale-mail
servicesaswell.Theformerarerelativelysimpleapplicationsthattypicallyprovide
SMTPsupportandmayormaynotincludeeitherPOP3orIMAPaswell.Ifnot,youhave
topurchaseandinstallaPOP3orIMAPserveralsosothatyouruserscanaccesstheir
mail.OneofthemostcommonSMTPserversusedontheInternetisafreeUnixprogram
calledsendmail,buttherearemanyotherproducts,bothopensourceandcommercial,that
runonavarietyofcomputingplatforms.
Afterinstallingthemailserverapplications,theadministratorcreatesamailboxfor
eachuserandregisterstheserver’sIPaddressinaDNSMXresourcerecordforthe
domain.ThisenablesotherSMTPserversontheInternettosendmailtotheusers’
mailboxes.ClientsaccessthePOP3orIMAPservertodownloadmailfromtheir
mailboxesandsendoutgoingmessagesusingtheSMTPserver.ISPstypicallyusemail
serversofthistypebecausetheirusersarestrictlyconcernedwithInternete-mail.The
servermayprovideotherconvenienceservicesforusersaswell,suchasweb-basedclient
access,whichenablesuserstoaccesstheirmailboxesfromanywebbrowser.
Themorecomprehensivee-mailserversareproductsthatevolvedfrominternale-mail
systems.ProductslikeMicrosoftExchangestartedoutasserversthatacorporationwould
installtoprovideprivatee-mailservicetouserswithinthecompany,aswellasother
servicessuchascalendars,personalinformationmanagers,andgroupscheduling.As
Internete-mailbecamemoreprevalent,theseproductswereenhancedtoincludethe
standardInternete-mailconnectivityprotocolsaswell.Today,asingleproductsuchas
Exchangeprovidesawealthofcommunicationsservicesforprivatenetworkusers.Onthis
typeofe-mailproduct,themailmessagesandotherpersonaldataarestoredpermanently
onthemailservers,andusersrunaspecialclienttoaccesstheirmail.Storingthemailon
theservermakesiteasierforadministratorstobackitupandenablesuserstoaccesstheir
mailfromanycomputer.E-mailapplicationssuchasExchangearemuchmoreexpensive
thanInternet-onlymailservers,andadministeringthemismorecomplicated.
Ane-mailclientisanyprogramthatcanaccessauser’smailboxonamailserver.
Somee-mailclientprogramsaredesignedstrictlyforInternete-mailandcantherefore
accessonlySMTP,POP3,and/orIMAPservers.Therearemanyproducts,both
commercialandfree,thatperformthesamebasicfunctions.Inmanycases,e-mailclient
functionalityisintegratedintootherprograms,suchaspersonalinformationmanagers
(PIMs).BecausetheInternete-mailprotocolsarestandardized,userscanrunanyInternet
e-mailclientwithanySMTP/POP3/IMAPservers.ConfiguringanInternete-mailclientto
sendandretrievemailissimplyamatterofsupplyingtheprogramwiththeIPaddresses
ofanSMTPserver(foroutgoingmail)andaPOP3orIMAPserver(forincomingmail),
aswellasthenameofamailboxonthePOP3/IMAPserveranditsaccompanying
password.
Themorecomprehensivee-mailserverproductsrequireaproprietaryclienttoaccess
alloftheirfeatures.InthecaseofExchange,theclientistheMicrosoftOutlookprogram
includedaspartofthemanyMicrosoftOfficeversions.Outlookisanunusuale-mail
clientinthatyoucanconfigureittooperateincorporate/workgroupmode,inwhichthe
clientconnectstoanExchangeserver,orinInternet-onlymode.Bothmodesenableyouto
accessSMTPandPOP3/IMAPservices,butcorporate/workgroupmodeprovidesaccessto
alloftheExchangefeatures,suchasgroupscheduling,andstorestheuser’smailonthe
server.Internet-onlymodestoresthemailonthecomputer’slocaldrive.
SimpleMailTransferProtocol
SMTPisanapplicationlayerprotocolthatisstandardizedintheIETF’sRFC821
document.SMTPmessagescanbecarriedbyanyreliabletransportprotocol,butonthe
Internetandmostprivatenetworks,theyarecarriedbytheTCPprotocol,usingwellknownportnumber25attheserver.LikeHTTPandFTP,SMTPmessagesarebasedon
ASCIItextcommands,ratherthantheheadersandfieldsusedbytheprotocolsatthe
lowerlayersoftheprotocolstack.SMTPcommunicationscantakeplacebetweene-mail
clientsandserversorbetweenservers.Ineachcase,thebasiccommunicationmodelisthe
same.Onecomputer(calledthesender-SMTP)initiatescommunicationwiththeother(the
receiver-SMTP)byestablishingaTCPconnectionusingthestandardthree-way
handshake.
SMTPCommands
OncetheTCPconnectionisestablished,thesender-SMTPcomputerbeginstransmitting
SMTPcommandstothereceiver-SMTP,whichrespondswithareplymessageanda
numericcodeforeachcommanditreceives.Thecommandsconsistofakeywordandan
argumentfieldcontainingotherparametersintheformofatextstring,followedbya
carriagereturn/linefeed(CR/LF).
NOTETheSMTPstandardusesthetermssender-SMTPandreceiver-SMTP
todistinguishthesenderandthereceiveroftheSMTPmessagesfromthe
senderandthereceiverofanactualmailmessage.Thetwoarenot
necessarilysynonymous.
Thecommandsusedbythesender-SMTPandtheirfunctionsareasfollows(the
parenthesescontaintheactualtextstringstransmittedbythesendingcomputer):
•HELLO(HELO)Usedbythesender-SMTPtoidentifyitselftothe
receiver-SMTPbytransmittingitshostnameastheargument.Thereceiver-SMTP
respondsbytransmittingitsownhostname.
•MAIL(MAIL)Usedtoinitiateatransactioninwhichamailmessageisto
bedeliveredtoamailboxbyspecifyingtheaddressofthemailsenderasthe
argumentand,optionally,alistofhoststhroughwhichthemailmessagehasbeen
routed(calledasourceroute).Thereceiver-SMTPusesthislistintheeventithas
toreturnanondeliverynoticetothemailsender.
•RECIPIENT(RCPT)Identifiestherecipientofamailmessage,usingthe
recipient’smailboxaddressastheargument.Ifthemessageisaddressedto
multiplerecipients,thesender-SMTPgeneratesaseparateRCPTcommandfor
eachaddress.
•DATA(DATA)Containstheactuale-mailmessagedata,followedbya
CRLF,aperiod,andanotherCRLF(<CRLF>.<CRLF>),whichindicatestheend
ofthemessagestring.
•SEND(SEND)Usedtoinitiateatransactioninwhichmailistobedelivered
toauser’sterminal(insteadoftoamailbox).LiketheMAILcommand,the
argumentcontainsthesender’smailboxaddressandthesourceroute.
•SENDORMAIL(SOML)Usedtoinitiateatransactioninwhichamail
messageistobedeliveredtoauser’sterminal,iftheyarecurrentlyactiveand
configuredtoreceivemessages,ortotheuser’smailbox,iftheyarenot.The
argumentcontainsthesamesenderaddressandsourcerouteastheMAIL
command.
•SENDANDMAIL(SAML)Usedtoinitiateatransactioninwhichamail
messageistobedeliveredtoauser’sterminal,iftheyarecurrentlyactiveand
configuredtoreceivemessages,andtotheuser’smailbox.Theargumentcontains
thesamesenderaddressandsourcerouteastheMAILcommand.
•RESET(RSET)Instructsthereceiver-SMTPtoabortthecurrentmail
transactionanddiscardallsender,recipient,andmaildatainformationfromthat
transaction.
•VERIFY(VRFY)Usedbythesender-SMTPtoconfirmthattheargument
identifiesavaliduser.Iftheuserexists,thereceiver-SMTPrespondswiththe
user’sfullnameandmailboxaddress.
•EXPAND(EXPN)Usedbythesender-SMTPtoconfirmthattheargument
identifiesavalidmailinglist.Ifthelistexists,thereceiver-SMTPrespondswith
thefullnamesandmailboxaddressesofthelist’smembers.
•HELP(HELP)Usedbythesender-SMTP(presumablyaclient)torequest
helpinformationfromthereceiver-SMTP.Anoptionalargumentmayspecifythe
subjectforwhichthesender-SMTPneedshelp.
•NOOP(NOOP)PerformsnofunctionotherthantorequestthatthereceiverSMTPgenerateanOKreply.
•QUIT(QUIT)Usedbythesender-SMTPtorequesttheterminationofthe
communicationschanneltothereceiver-SMTP.Thesender-SMTPshouldnot
closethechanneluntilithasreceivedanOKreplytoitsQUITcommandfromthe
receiver-SMTP,andthereceiver-SMTPshouldnotclosethechanneluntilithas
receivedandrepliedtoaQUITcommandfromthesender-SMTP.
•TURN(TURN)Usedbythesender-SMTPtorequestthatitandthe
receiver-SMTPshouldswitchroles,withthesender-SMTPbecomingthereceiverSMTPandthereceiver-SMTPthesender-SMTP.Theactualroleswitchdoesnot
occuruntilthereceiver-SMTPreturnsanOKresponsetotheTURNcommand.
NOTENotallSMTPimplementationsincludesupportforallofthe
commandslistedhere.Theonlycommandsthatarerequiredtobe
includedinallSMTPimplementationsareHELO,MAIL,RCPT,DATA,
RSET,NOOP,andQUIT.
SMTPReplies
Thereceiver-SMTPisrequiredtogenerateareplyforeachofthecommandsitreceives
fromthesender-SMTP.Thesender-SMTPisnotpermittedtosendanewcommanduntilit
receivesareplytothepreviousone.Thispreventsanyconfusionofrequestsandreplies.
Thereplymessagesgeneratedbythereceiver-SMTPconsistofathree-digitnumerical
valueplusanexplanatorytextstring.Thenumberandthetextstringareessentially
redundant;thenumberisintendedforusebyautomatedsystemsthattakeactionbasedon
thereply,whilethetextstringisintendedforhumans.Thetextmessagescanvaryfrom
implementationtoimplementation,butthereplynumbersmustremainconsistent.
Thereplycodesgeneratedbythereceiver-SMTPareasfollows(italicizedvalues
representvariablesthatthereceiver-SMTPreplaceswithanappropriatetextstring):
•211Systemstatus,orsystemhelpreply
•214Helpmessage
•220Domainserviceready
•221Domainserviceclosingtransmissionchannel
•250Requestedmailactionokay,completed
•251Usernotlocal;willforwardtoforward-path
•354Startmailinput;endwith<CRLF>.<CRLF>
•421Domainservicenotavailable,closingtransmissionchannel
•450Requestedmailactionnottaken:mailboxunavailable
•451Requestedactionaborted:localerrorinprocessing
•452Requestedactionnottaken:insufficientsystemstorage
•500Syntaxerror,commandunrecognized
•501Syntaxerrorinparametersorarguments
•502Commandnotimplemented
•503Badsequenceofcommands
•504Commandparameternotimplemented
•550Requestedactionnottaken:mailboxunavailable
•551Usernotlocal;pleasetryforward-path
•552Requestedmailactionaborted:exceededstorageallocation
•553Requestedactionnottaken:mailboxnamenotallowed
•554Transactionfailed
SMTPTransactions
AtypicalSMTPmailtransactionbegins(afteraTCPconnectionisestablished)withthe
sender-SMTPtransmittingaHELOcommandtoidentifyitselftothereceiver-SMTPby
includingitshostnameasthecommandargument.Ifthereceiver-SMTPisoperational,it
respondswitha250reply.Next,thesender-SMTPinitiatesthemailtransactionby
transmittingaMAILcommand.Thiscommandcontainsthemailboxaddressofthe
messagesenderastheargumentonthecommandline.Notethatthissenderaddressrefers
tothepersonwhogeneratedthee-mailmessageandnotnecessarilytotheSMTPserver
currentlysendingcommands.
NOTEInthecasewheretheSMTPtransactionisbetweenane-mailclient
andanSMTPserver,thesenderofthee-mailandthesender-SMTPrefer
tothesamecomputer,butthereceiver-SMTPisnotthesameasthe
intendedreceiver(thatis,theaddressee)ofthee-mail.Inthecaseoftwo
SMTPserverscommunicating,suchaswhenalocalSMTPserver
forwardsthemailmessagesithasjustreceivedfromclientstotheir
destinationservers,neitherthesender-SMTPnorthereceiver-SMTPrefer
totheultimatesenderandreceiverofthee-mailmessage.
Ifthereceiver-SMTPisreadytoreceiveandprocessamailmessage,itreturnsa250
responsetotheMAILmessagegeneratedbythesender-SMTP.Afterreceivingapositive
responsetoitsMAILcommand,thesender-SMTPproceedsbysendingatleastoneRCPT
messagethatcontainsasitsargumentthemailboxaddressofthee-mailmessage’s
intendedrecipient.Iftherearemultiplerecipientsforthemessage,thesender-SMTPsends
aseparateRCPTcommandforeachmailboxaddress.Thereceiver-SMTP,onreceivingan
RCPTcommand,checkstoseewhetherithasamailboxforthataddressand,ifso,
acknowledgesthecommandwitha250reply.Ifthemailboxdoesnotexist,thereceiverSMTPcantakeoneofseveralactions,suchasgeneratinga251UserNotLocal;Will
Forwardresponseandtransmittingthemessagetotheproperserverorrejectingthe
messagewithafailureresponse,suchas550RequestedActionNotTaken:Mailbox
Unavailableor551UserNotLocal.Ifthesender-SMTPgeneratesmultipleRCPT
messages,thereceiver-SMTPmustreplyseparatelytoeachonebeforethenextcanbe
sent.
ThenextstepintheprocedureisthetransmissionofaDATAcommandbythesenderSMTP.TheDATAcommandhasnoargument,andisfollowedsimplybyaCRLF.On
receivingtheDATAcommand,thereceiver-SMTPreturnsa354responseandassumes
thatallofthelinesthatfollowarethetextofthee-mailmessageitself.Thesender-SMTP
thentransmitsthetestofthemessage,onelineatatime,endingwithaperiodona
separateline(inotherwords,aCRLF.CRLFsequence).Onreceiptofthisfinalsequence,
thereceiver-SMTPrespondswitha250replyandproceedstoprocessthemailmessageby
storingitinthepropermailboxandclearingitsbuffers.
MultipurposeInternetMailExtension
SMTPisdesignedtocarrytextmessagesusing7-bitASCIIcodesandlinesnomorethan
1,000characterslong.Thisexcludesforeigncharactersand8-bitbinarydatafrombeing
carriedine-mailmessages.TomakeitpossibletosendthesetypesofdatainSMTPemail,anotherstandardcalledtheMultipurposeInternetMailExtension(MIME)was
publishedinfiveRFCdocuments,numbered2045through2049.MIMEisessentiallya
methodforencodingvarioustypesofdataforinclusioninane-mailmessage.
ThetypicalSMTPe-mailmessagetransmittedaftertheDATAcommandbeginswitha
headercontainingthefamiliarelementsofthemessageitself,suchastheTo,From,and
Subjectfields.MIMEaddstwoadditionalfieldstothisinitialheader,aMIME-Version
indicatorthatspecifieswhichversionofMIMEthemessageisusingandaContent-Type
fieldthatspecifiestheformatoftheMIME-encodeddataincludedinthemessage.The
Content-TypefieldcanspecifyanyoneofseveralpredeterminedMIMEformats,oritcan
indicatethatthemessageconsistsofmultiplebodyparts,eachofwhichusesadifferent
format.
Forexample,theheaderofamultipartmessagemightappearasfollows:
MIME-Version:1.0
From:[email protected]
To:[email protected]
Subject:Networkdiagrams
Content-Type:multipart/mixed;boundary=gc0p4Jq0M2Yt08j34c0p
TheContent-Typefieldinthisexampleindicatesthatthemessageconsistsofmultiple
parts,indifferentformats.Theboundaryparameterspecifiesatextstringthatisusedto
delimittheparts.Thevaluespecifiedintheboundaryparametercanbeanytextstring,just
aslongasitdoesnotappearinthemessagetext.Afterthisheadercomestheseparate
partsofthemessage,eachofwhichbeginswiththeboundaryvalueonaseparatelineand
aContent-Typefieldthatspecifiestheformatforthedatainthatpartofthemessage,as
follows:
—gc0p4Jq0M2Yt08j34c0p
Content-Type:image/jpeg
Theactualmessagecontentthenappears,intheformatspecifiedbytheContent-Type
value.
Theheaderforeachpartofthemessagecanalsocontainanyofthefollowingfields:
•Content-Transfer-EncodingSpecifiesthemethodusedtoencodethedata
inthatpartofthemessage,usingvaluessuchas7-bit,8-bit,Base64,andBinary
•Content-IDOptionalfieldthatspecifiesanidentifierforthatpartofthe
messagethatcanbeusedtoreferenceitinotherplaces
•Content-DescriptionOptionalfieldthatcontainsadescriptionofthedatain
thatpartofthemessage
ThemostcommonlyrecognizableelementsofMIMEarethecontenttypesusedto
describethenatureofthedataincludedaspartofane-mailmessage.AMIMEcontent
typeconsistsofatypeandasubtype,separatedbyaforwardslash,asinimage/jpeg.The
typeindicatesthegeneraltypeofdata,andthesubtypeindicatesaspecificformatforthat
datatype.Theimagetype,forexample,hasseveralpossiblesubtypes,includingjpegand
gif,whicharebothcommongraphicsformats.Systemsinterpretingthedatausethe
MIMEtypestodeterminehowtheyshouldhandlethedata,eveniftheydonotrecognize
theformat.Forexample,anapplicationreceivingdatawiththetext/richtextcontenttype
mightdisplaythecontenttotheuser,evenifitcannothandletherichtextformat.Because
thebasictypeistext,theapplicationcanbereasonablysurethatthedatawillbe
recognizabletotheuser.Iftheapplicationreceivesamessagecontainingimage/gifdata,
however,andisincapableofinterpretingthegifformat,itcanbeequallysure,becausethe
messagepartisoftheimagetype,thattheraw,uninterpreteddatawouldbemeaningless
totheuserandasaresultwouldnotdisplayitinitsrawform.
ThesevenMIMEcontenttypesareasfollows:
•TextContainstextualinformation,eitherunformatted(subtype:plain)or
enrichedbyformattingcommands
•ImageContainsimagedatathatrequiresadevicesuchasagraphicaldisplay
orgraphicalprintertoviewtheinformation
•AudioContainsaudioinformationthatrequiresanaudiooutputdevice(such
asaspeaker)topresenttheinformation
•VideoContainsvideoinformationthatrequiresthehardware/software
neededtodisplaymovingimages
•ApplicationContainsuninterpretedbinarydata,suchasaprogramfile,or
informationtobeprocessedbyaparticularapplication
•MultipartContainsatleasttwoseparateentitiesusingindependentdata
types
•MessageContainsanencapsulatedmessage,suchasthosedefinedbyRFC
822,whichmaythemselvescontainmultiplepartsofdifferenttypes
PostOfficeProtocol
ThePostOfficeProtocol,version3(POP3)isaservicedesignedtoprovidemailbox
servicesforclientcomputersthatarethemselvesnotcapableofperformingtransactions
withSMTPservers.Forthemostpart,thereasonfortheclientsrequiringamailbox
serviceisthattheymaynotbecontinuouslyconnectedtotheInternetandarethereforenot
capableofreceivingmessagesanytimearemoteSMTPserverwantstosendthem.A
POP3serveriscontinuouslyconnectedandisalwaysavailabletoreceivemessagesfor
offlineusers.Theserverthenretainsthemessagesinanelectronicmailboxuntiltheuser
connectstotheserverandrequeststhem.
POP3issimilartoSMTPinthatitreliesontheTCPprotocolfortransportservices
(usingwell-knownport110)andcommunicateswithclientsusingtext-basedcommands
andresponses.AswithSMTP,theclienttransmitscommandstotheserver,butinPOP3,
thereareonlytwopossibleresponsecodes,+OK,indicatingthesuccessfulcompletionof
thecommand,and–ERR,indicatingthatanerrorhasoccurredtopreventthecommand
frombeingexecuted.InthecaseofPOP3,theserveralsosendstherequestede-mail
messagedatatotheclient,ratherthantheclientsendingoutgoingmessagestotheserver
asinSMTP.
APOP3client-serversessionconsistsofthreedistinctstates:theauthorizationstate,
thetransactionstate,andtheupdatestate.Thesestatesaredescribedinthefollowing
sections.
TheAuthorizationState
ThePOP3sessionbeginswhentheclientestablishesaTCPconnectionwithanactive
server.OncetheTCPthree-wayhandshakeiscomplete,theservertransmitsagreetingto
theclient,usuallyintheformofan+OKreply.Atthispoint,thesessionentersthe
authorizationstate,duringwhichtheclientmustidentifyitselftotheserverandperform
anauthenticationprocessbeforeitcanaccessitsmailbox.ThePOP3standarddefinestwo
possibleauthenticationmechanisms.OneoftheseutilizestheUSERandPASS
commands,whichtheclientusestotransmitamailboxnameandthepasswordassociated
withittotheserverincleartext.Another,moresecure,mechanismusestheAPOP
command,whichperformsanencryptedauthentication.
Whileintheauthorizationstate,theonlycommandpermittedtotheclientotherthan
authentication-relatedcommandsisQUIT,towhichtheserverrespondswitha+OKreply
beforeterminatingthesessionwithoutenteringthetransactionorupdatestates.
Oncetheauthenticationprocesshasbeencompletedandtheclientgrantedaccessto
itsmailbox,thesessionentersthetransactionstate.
TheTransactionState
Oncethesessionhasenteredthetransactionstate,theclientcanbegintotransmitthe
commandstotheserverwithwhichitretrievesthemailmessageswaitinginitsmailbox.
Whentheserverentersthetransactionstate,itassignsanumbertoeachofthemessagesin
theclient’smailboxandtakesnoteofeachmessage’ssize.Thetransactionstate
commandsusethesemessagenumberstorefertothemessagesinthemailbox.The
commandspermittedwhilethesessionisinthetransactionstateareasfollows.Withthe
exceptionoftheQUITcommand,allofthefollowingcommandscanbeusedonlyduring
thetransactionstate.
•STATCausestheservertotransmitadroplistingofthemailboxcontentsto
theclient.Theserverrespondswithasinglelinecontainingan+OKreply,
followedonthesamelinebythenumberofmessagesinthemailboxandthetotal
sizeofallthemessages,inbytes.
•LISTCausestheservertotransmitascanlistingofthemailboxcontentsto
theclient.Theserverrespondswithamultilinereplyconsistingofa+OKonthe
firstline,followedbyanadditionallineforeachmessageinthemailbox,
containingitsmessagenumberanditssize,inbytes,followedbyalinecontaining
onlyaperiod,whichindicatestheendofthelisting.Aclientcanalsoissuethe
LISTcommandwithaparameterspecifyingaparticularmessagenumber,which
causestheservertoreplywithascanlistingofthatmessageonly.
•RETRCausestheservertotransmitamultilinereplycontainingan+OK
reply,followedbythefullcontentsofthemessagenumberspecifiedasa
parameterontheRETRcommandline.Aseparatelinecontainingonlyaperiod
servesasadelimiter,indicatingtheendofthemessage.
•DELECausestheservertomarkthemessagerepresentedbythemessage
numberspecifiedasaparameterontheDELEcommandlineasdeleted.Once
marked,clientscannolongerretrievethemessage,nordoesitappearindrop
listingsandscanlistings.However,theserverdoesnotactuallydeletethemessage
untilitenterstheupdatestate.
•NOOPPerformsnofunctionotherthantocausetheservertogeneratean
+OKreply.
•RSETCausestheservertounmarkanymessagesthathavebeenpreviously
markedasdeletedduringthesession.
•QUITCausesthesessiontoentertheupdatestatepriortotheterminationof
theconnection.
TheUpdateState
Oncetheclienthasfinishedretrievingmessagesfromthemailboxandperformingother
transactionstateactivities,ittransmitstheQUITcommandtotheserver,causingthe
sessiontotransitiontotheupdatestate.Afterenteringtheupdatestate,theserverdeletes
allofthemessagesthathavebeenmarkedfordeletionandreleasesitsexclusiveholdon
theclient’smailbox.Iftheserversuccessfullydeletesallofthemarkedmessages,it
transmitsa+OKreplytotheclientandproceedstoterminatetheTCPconnection.
InternetMessageAccessProtocol
POP3isarelativelysimpleprotocolthatprovidesclientswithonlythemostbasicmailbox
service.Innearlyallcases,thePOP3serverisusedonlyasatemporarystoragemedium;
e-mailclientsdownloadtheirmessagesfromthePOP3serveranddeletethemfromthe
serverimmediatelyafterward.Itispossibletoconfigureaclientnottodeletethemessages
afterdownloadingthem,buttheclientmustthendownloadthemagainduringthenext
session.TheInternetMessageAccessProtocol(IMAP)isamailboxservicethatis
designedtoimproveuponPOP3’scapabilities.
IMAPfunctionssimilarlytoPOP3inthatitusestext-basedcommandsandresponses,
buttheIMAPserverprovidesconsiderablymorefunctionsthanPOP3.Thebiggest
differencebetweenIMAPandPOP3isthatIMAPisdesignedtostoree-mailmessageson
theserverpermanently,andIMAPprovidesawiderselectionofcommandsthatenable
clientstoaccessandmanipulatetheirmessages.Storingthemailontheserverenables
userstoeasilyaccesstheirmailfromanycomputerorfromdifferentcomputers.
Take,forexample,anofficeworkerwhonormallydownloadshere-mailmessagesto
herworkcomputerusingaPOP3server.Shecancheckhermailfromherhomecomputer
ifshewantstobyaccessingthePOP3serverfromthere,butanymessagesthatshe
downloadstoherhomecomputerarenormallydeletedfromthePOP3server,meaning
thatshewillhavenorecordofthemonherofficecomputer,wheremostofhermailis
stored.UsingIMAP,shecanaccessallofhermailfromeitherherhomeoroffice
computeratanytime,includingallofthemessagesshehasalreadyreadatbothlocations.
Tomakethestorageofclients’e-mailontheserverpractical,IMAPincludesanumber
oforganizationalandperformancefeatures,includingthefollowing:
•Userscancreatefoldersintheirmailboxesandmovetheire-mailmessages
amongthefolderstocreateanorganizedstoragehierarchy.
•Userscandisplayalistofthemessagesintheirmailboxesthatcontainsonly
theheaderinformationandthenselectthemessagestheywanttodownloadin
theirentirety.
•Userscansearchformessagesbasedonthecontentsoftheheaderfields,the
messagesubject,orthebodyofthemessage.
WhileIMAPcanbeasensiblesolutionforacorporatee-mailsysteminwhichusers
mightbenefitfromitsfeatures,itisimportanttorealizethatIMAPrequiresconsiderably
moreinthewayofnetworkandsystemresourcesthanPOP3.Inadditiontothediskspace
requiredtostoremailontheserverindefinitely,IMAPrequiresmoreprocessingpowerto
executeitsmanycommandsandconsumesmorenetworkbandwidthbecauseusersremain
connectedtotheserverformuchlongerperiodsoftime.Forthesereasons,POP3remains
themailboxserverofchoiceforInternetserviceproviders,thelargestconsumersofthese
serverproducts.
PART
V
NetworkOperatingServices
CHAPTER17
Windows
CHAPTER18
ActiveDirectory
CHAPTER19
Linux
CHAPTER20
Unix
CHAPTER21
OtherNetworkOperatingSystemsandNetworkingintheCloud
CHAPTER
17 Windows
Intheyearssinceitsinitialreleasein1985,Microsoft’sWindowsoperatingsystemhas
becomethemostprevalentoperatingsystemonthemarket.Window’sfamiliarinterface
andeaseofuseenabledrelativelyunsophisticateduserstoinstallandmaintainlocalarea
networks(LANs),makingLANtechnologyaubiquitouspartofdoingbusiness.The
variousversionsofWindows8(and8.1),thelatestincarnationsoftheoperatingsystem,
aredesignedforusebymobiledevices,stand-alonecomputers,andthemostpowerful
servers.
TheRoleofWindows
Windowsoperatesonapeer-to-peermodel,inwhicheachsystemcanfunctionbothasa
clientandasaserver.Asaresult,thesamefamiliarinterfaceisusedinallWindows
computers,bothclientsandservers,simplifyingthelearningcurveforusersaswellasthe
developmenteffortforsoftwaredesigners.
AtthetimeofWindowsNT’sintroduction,installingaserverwaslargelyamanual
processinwhichyouhadtomodifytheserver’sconfigurationfilesinordertoloadthe
appropriatedrivers.Windows,ontheotherhand,hadanautomatedinstallationprogram
muchlikethoseofmostapplications.Whiletheprocessofsettingupearliernetworks
requiredconsiderableexpertise,manypeoplediscoveredthatareasonablysavvyPCuser
couldinstalltheWindowsoperatingsystem(OS)andWindowsapplicationswithlittle
difficulty.
AmajorfactorthatcontributedtoWindows’riseinpopularitywasitsadoptionof
TransmissionControlProtocol/InternetProtocol(TCP/IP)asitsdefaultprotocols.Asthe
Internetgrew,amarketdevelopedforaplatformthatwaseasiertousethanUnixthat
wouldrunInternetandintranetserverapplications,andWindowsfitthebillnicely.
Eventually,majordatabaseengineswererunningonWindowsservers,andthesimilarity
oftheclientandserverplatformsstreamlinedthedevelopmentprocess.
Versions
ThefirstversionofWindowsNT(whichwasgiventheversionnumber3.1toconform
withthethen-currentversionofWindows)wasintroducedin1993.Themotivationbehind
itwastocreateanew32-bitOSfromthegroundupthatleftallvestigesofDOSbehind.
AlthoughtheinterfacewasnearlyidenticalinappearancetothatofaWindows3.1
system,NTwasacompletelynewOSinmanyfundamentalways.Backward
compatibilitywithexistingapplicationsisafactorthathasalwayshinderedadvancesin
operatingsystemdesign,andonceMicrosoftdecidedthatrunninglegacyprogramswas
nottobeaprioritywithWindowsNT,itwasfreetoimplementradicalchanges.
ThevariousversionsofWindowsNTfellintothreedistinctgenerations,basedonthe
userinterface.ThefirstgenerationconsistedofWindowsNT3.1,3.5,and3.51,allthree
ofwhichusethesameWindows3.1–styleinterface.Version3.1usedNetBEUIasits
defaultprotocol,whichimmediatelylimiteditsusetorelativelysmallnetworks.TCP/IP
andIPXsupportwereavailable,butonlythroughtheSTREAMSinterface.
ThesecondgenerationconsistedofWindowsNT4.0,whichwasreleasedin1996as
aninterimupgradeleadingtowardthemajorinnovationthatMicrosoftbeganpromisingin
1993.NT4usedthesameinterfaceintroducedinWindows95andpositionedtheOS
morepositivelyasanInternetplatformwiththeinclusionoftheInternetExplorerweb
browserandInternetInformationServices—acombinationWorldWideWeb,FTP,and
Gopherserver.
ThethirdgenerationwasWindows2000,whichwasthelong-awaitedreleaseofthe
operatingsystemthatwasoriginallycode-namedCairo.TheWindows2000interfacewas
arefinedversionoftheNT4/Windows95graphicaluserinterface(GUI),butthebiggest
improvementwastheinclusionofActiveDirectory,anenterprisedirectoryservicethat
representedaquantumleapoverthedomain-baseddirectoryserviceincludedinWindows
NT.WindowsXPwasthenext-generationoperatingsystemthatbroughttheDOS-based
worldofWindows95,98,andMEtogetherwiththeWindowsNT/2000designtoforma
singleproductlinethatwassuitableforbothhomeandofficecomputers.
SinceWindowsXP(whichwasnolongerautomaticallyupdatedafterApril2014),
therehavebeenseveralnewsystems.WindowsVistawasreleasedin2006andincluded
IPv6,comprehensivewirelessnetworking,and64-bitsupport.Vistareceivedgeneral
criticismbasedonseveralfactors,suchasperformance,whichwascriticizedasnotbeing
muchofanimprovementoverWindowsXP.Manyusersresoundinglyattackedthe
enhancementsthatweresupposedtocreateadditionalsecuritysuchastheproduct
activationrequirementsandthepersistentUserAccountControl(UAC)securityfeature.
(UACinWindowsVistarequiredapprovalofeachapplicationbeforeitcouldbeutilized.)
Inretrospect,WindowsVistaisoftenconsideredtobeoneofthebiggesttechfailuresof
theearlyyearsofthe21stcentury.
AfterthefailureofWindowsVista,MicrosoftintroducedWindows7in2009.
Originallydesignedasanincrementalupgrade,thisversionincludedarevampedUAC
andmuchbetterperformanceandintuitiveinterface.Itofferedimprovedperformance
withthemulticoreprocessorsthatwerebecomingcommon,supportformoremodern
graphicscards,mediafeatures,andfastboottimes,aswellassupportforvirtualhard
disks.
In2013,MicrosoftintroducedWindows8.Windows8wasvisuallyquitedifferent
fromearliersystemsandwasdesignedtoworkontouchscreens(suchasthoseonmobile
devices)aswellaswithamouseandkeyboard.Bycombiningthemobile-friendlyscreens
withtheWindowsdesktopwithwhichmostwerefamiliar,theresultwasasystemthat
pleasednoone.Withinafewmonths(byMicrosoftstandards),Windows8.1wasreleased,
whichkeptmanyofthefeaturesofthe“mobile”screensbutmadethedesktopmore
accessibletopleasedesktopusers.
Microsofthastraditionallyreleaseditsserversoftwareinconjunctionwithits
operatingsystems.However,startingwithWindowsServer2008(R2),ithassometimes
changedreleasetimes.Thelatestversion,WindowsServer2012R2,however,was
releasedatthesametimeasWindows8.1inOctoberof2013.
ServicePacks
Traditionally,MicrosofthasreleasedregularupdatestotheWindowsproductsintheform
ofservicepacks,whichcontainnumerousfixesandupgradesinonepackage,usinga
singleinstallationroutine.Microsoftwasoneofthefirstsoftwarecompaniestoadoptthis
updatereleasemethod,whichwasavastimprovementoverdozensofsmallpatchreleases
(sometimescalledhotfixes)thataddressedsingle,specificissues.Apartfromthe
inconvenienceofdownloadingandinstallingmanysmallpatches,thisupdatemethodwas
atechnicalsupportnightmarebecauseitwasdifficultforboththeuserandthetechnician
toknowexactlywhichpatcheshadbeeninstalled.Servicepacksweredesignedtodetect
thecomponentsinstalledonaWindowscomputerandinstallonlytheupdatesneededby
thosecomponents.
Servicepacksconsistofasinglereleaseforallofthevariouseditionsofanoperating
system.Servicepacksoftenconsistofmorethanjustbugfixes.Theymayinclude
upgradedversionsofoperatingsystemutilities,newfeatures,orentirelynewprograms.
Allofthecomponentsareinstalledatthesametimebytheservicepack’ssetupprogram.
Servicepacksaresometimes(butnotalways)cumulative,meaningthateachsuccessive
servicepackforaparticularproductcontainsthecontentsofallofthepreviousservice
packsforthatproduct.ThissimplifiestheprocessofinstallingWindowsonanew
computerorupdatingonethathasn’tbeenpatchedinsometime,butitalsocausesthe
servicepackreleasestogrowverylarge.Microsoftmakesitsservicepacksavailableas
freedownloadsoronCD-ROMs,forwhichyoumustpaypostage,handling,andmedia
fees.
Again,traditionally,Microsoft’spolicywastoproducesecurityfixesforboththe
currentservicepackandthepreviousone.ITpeopleappreciatedthisbecausethisallowed
plentyoftimetotestthenewupdatebeforeitwasdeployedacrosstheirnetworks.
However,whenthefirstupdatetoWindows8.1wasreleasedinApril2014,thispolicy
seemstohavechanged.Microsoftstatedthatthisupdatewasmandatoryandthatallfuture
securityupdateswouldrequiretheAprilupdatetobeinstalled.Thispolicyandtheupdate
maysignaltheendofservicepacksastheypreviouslybeenknown.
MicrosoftTechnicalSupport
ForthenetworkadministratorwhoisheavilycommittedtotheuseofMicrosoftproducts,
MicrosoftTechNetwasasubscription-basedCD-ROMproductthatwasaninvaluable
resourcefortechnicalinformationandproductupdatesthatendedin2013.Themonthly
releasestypicallyincludedsixormoreCD-ROMscontainingresourcekits,
documentation,theentireKnowledgeBaseforalloftheMicrosoftproducts,andalotof
othermaterial.
Startingin2013,Microsoftreplacedthisprogramwithanumberoffreeresources,
includingtheTechNetEvaluationCenterlocatedathttp://technet.microsoft.com/enUS/evalcenter.ThesenewservicesforITprofessionalsincludeTechNetVirtualLabsfor
freeonlinetesting.Thisenvironmentisdesignedtoevaluatenewproducts;the
documentationstatesthatthetestingcanbecompletedonlineinlessthantwohours,so
thereisnoneedtoinstallevaluationcopieslocally.Microsoftalsohaspaidsubscriptions
foraccesstobothcurrentandpriorsoftwareversionsthroughitsMSDNandMAPS
programs.BothofferITprofessionalsthechancetodownloadproducts,askquestions,test
products,andtakee-learningclassesonMicrosoftproducts.
Inaddition,MicrosofthascreatedaprogramforstudentscalledDreamSpark.This
programallowsregisteredstudentstodownloadsoftwarefortestingandstudy.Forsmall
businessstartups,asimilarprogramcalledBizSparkisavailablebasedoncertain
eligibilitycriteria.Thereareadditional(free)coursesavailablethroughtheMicrosoft
VirtualAcademysiteatwww.microsoftvirtualacademy.com.
OperatingSystemOverview
Windowssystemsaremodularoperatingsystemsthataredesignedtotakeadvantageof
theadvancedcapabilitiesbuiltintothelatestprocessors,whileleavingbehindthememory
andstorageconstraintsimposedbyDOS-basedoperatingsystems.Earlyoperating
systemssuchasDOSweremonolithic—thatis,theentireOSconsistedofasingle
functionalunit,whichmadeitdifficulttoupgradeandmodify.BycreatinganOS
composedofmanyseparatecomponents,Microsoftmadeiteasiertoupgradeandmodify
partsoftheoperatingsystemwithoutaffectingotherelementsintheoverallfunctionality
ofthewhole.
KernelModeComponents
TheWindowsoperatingsystemsarecomposedofcomponentsthatruninoneoftwo
modes:kernelmodeandusermode(seeFigure17-1).Acomponentrunninginkernel
modehasfullaccesstothesystem’shardwareresourcesviathehardwareabstraction
layer(HAL),whichisavirtualinterfacethatisolatesthekernelfromthecomputer
hardware.AbstractingthekernelfromthehardwaremakesitfareasiertoporttheOSto
differenthardwareplatforms.
Figure17-1Windowsarchitecture
TheOSkernelitselfisresponsiblefordelegatingspecifictaskstothesystem
processororprocessorsandotherhardware.Tasksconsistofprocesses,brokendowninto
threads,whicharethesmallestunitsthatthekernelcanscheduleforexecutionbya
processor.Athreadisasequenceofinstructionstowhichthekernelassignsapriority
levelthatdetermineswhenitwillbeexecuted.Whenthecomputerhasmultiple
processors,thekernelrunsonallofthemsimultaneously,sharingaccesstospecific
memoryareasandallocatingthreadstospecificprocessorsaccordingtotheirpriorities.
InadditiontotheHALandthekernel,Windows’executiveservicesruninkernel
mode.Theseexecutiveservicesconsistofthefollowingcomponents.
ObjectManager
Windowscreatesobjectsthatfunctionasabstractrepresentationsofoperatingsystem
resources,suchashardwaredevicesandfilesystementities.Anobjectconsistsof
informationabouttheresourceitrepresentsandalistofmethods,whichareprocedures
usedtoaccesstheobject.Afileobject,forexample,consistsofinformationsuchasthe
file’snameandmethodsdescribingtheoperationsthatcanbeperformedonthefile,such
asopen,close,anddelete.
TheWindowsObjectManagermaintainsahierarchical,globalnamespaceinwhich
theobjectsarestored.Forexample,whenthesystemloadsakernelmodedevicedriver,it
registersadevicenamewiththeObjectManager,suchas\Device\CDRom0foraCDROMdriveor\Device\Serial0foraserialport.Theobjectsthemselvesarestoredin
directoriessimilartothoseinafilesystem,buttheyarenotpartofanyWindowsfile
system.Inadditiontohardwaredevices,objectscanreferencebothabstractandconcrete
entities,includingthefollowing:
•Files
•Directories
•Processes
•Threads
•Memorysegments
•Semaphores
Byusingastandardformatforallobjects,regardlessofthetypeofentitiesthey
represent,theObjectManagerprovidesaunifiedinterfaceforobjectcreation,security,
monitoring,andauditing.Accesstoobjectsinthenamespaceisprovidedtosystem
processesusingobjecthandles,whichcontainpointerstotheobjectsandtoaccesscontrol
information.
NOTEThekernelmodeobjectsdiscussedherearenotequivalenttothe
objectsintheActiveDirectorydatabase.Theyaretwocompletely
differenthierarchies.ActiveDirectoryrunsinusermodewithinthe
Windowssecuritysubsystem.
Usually,theonlyplacesthatyouseedevicesreferredtobytheseobjectnamesare
entriesintheregistry’sHKEY_LOCAL_MACHINE\HARDWAREkeyanderror
messagessuchasthosedisplayedintheinfamous“bluescreenofdeath.”Applications
typicallyrunintheWin32subsystem,whichisausermodecomponentthatcannotuse
internalWindowsdevicenames.Instead,theWin32subsystemreferencesdevicesusing
standardMS-DOSdevicenames,likedrivelettersandportdesignationssuchasCOM1.
TheseMS-DOSnamesexistasobjectsintheObjectManager’snamespace,inadirectory
called\??,buttheydonothavethesamepropertiesastheoriginalresources;theyare
actuallyonlysymboliclinkstotheequivalentWindowsdevicenames.
SecurityReferenceMonitor
EveryWindowsobjecthasanaccesscontrollist(ACL)thatcontainsaccesscontrolentries
(ACEs)thatspecifythesecurityidentifiers(SIDs)ofusersorgroupsthataretobe
permittedaccesstotheobject,aswellasthespecificactionsthattheuserorgroupcan
perform.Whenausersuccessfullylogsontothecomputer,Windowscreatesasecurity
accesstoken(SAT)thatcontainstheSIDsoftheuserandallthegroupsofwhichtheuser
isamember.Whenevertheuserattemptstoaccessanobject,theSecurityReference
MonitorisresponsibleforcomparingtheSATwiththeACLtodeterminewhethertheuser
shouldbegrantedthataccess.
ProcessandThreadManager
TheProcessandThreadManagerisresponsibleforcreatinganddeletingtheprocess
objectsthatenablesoftwaretorunonaWindowssystem.Eachprocess(orsoftware
program)hasitsuniqueidentifier,andathreadistheidentifierforthepartoftheprogram
thatiscurrentlyrunning.Aprocessobjectincludesavirtualaddressspaceandacollection
ofresourcesallocatedtotheprocess,aswellasthreadscontainingtheinstructionsthat
willbeassignedtothesystemprocessors.Whenamachinehasonlyoneprocessor,each
threadmustberunbyitself.Afterthatthreadhascompleted,theprocessorexecutesthe
nextthread.Onamachinewithmorethanoneprocessor,aprogram(application)with
multiplethreadscanexecutethosemultiplethreads,withonethreadbeingrunoneach
processor.
VirtualMemoryManager
TheabilitytousevirtualmemorywasoneofthemajorPCcomputingadvancements
introducedintheIntel80386processor,andWindowsNTand2000weredesignedaround
thiscapability.Virtualmemoryistheabilitytousethecomputer’sdiskspaceasan
extensiontothephysicalmemoryinstalledinthemachine.
EveryprocesscreatedonaWindowscomputerbytheProcessManagerisassigneda
virtualaddressspacethatappearstobe4GBinsize.TheVirtualMemoryManager
(VMM)isresponsibleformappingthatvirtualaddressspacetoactualsystemmemory,as
needed,in4KBunitscalledpages.Whenthereisnotenoughphysicalmemoryinthe
computertoholdallofthepagesallocatedbytherunningprocesses,theVMMswapsthe
leastrecentlyusedpagestoafileonthesystem’sharddiskdrivecalledPagefile.sys.This
swappingprocessisknownasmemorypaging.
LocalProcedureCallFacility
TheenvironmentalsubsystemsthatruninWindows’usermode(suchastheWin32
subsystem)areutilizedbyapplications(alsorunninginusermode)inaserver-client
relationship.Themessagesbetweentheclientsandserversarecarriedbythelocal
procedurecall(LPC)facility.Localprocedurecallsareessentiallyaninternalizedversion
oftheremoteprocedurecallsusedformessagingbetweensystemsconnectedbya
network.
Whenanapplication(functioningasaclient)makesacallforafunctionthatis
providedbyoneoftheenvironmentalsubsystems,amessagecontainingthatcallis
transmittedtotheappropriatesubsystemusingLPCs.Thesubsystem(functioningasthe
server)receivesthemessageandrepliesusingthesametypeofmessage.Theprocessis
completelytransparenttotheapplication,whichisnotawarethatthefunctionisnot
implementedinitsowncode.
I/OManager
TheI/OManagerhandlesallofaWindowscomputer’sinput/outputfunctionsby
providingauniformenvironmentforcommunicationbetweenthevariousdriversloaded
onthemachine.UsingthelayeredarchitectureshowninFigure17-2,theI/OManager
enableseachdrivertoutilizetheservicesofthedriversinthelowerlayers.Forexample,
whenanapplicationneedstoaccessafileonadrive,theI/OManagerpassesanI/O
requestpacket(IRP)generatedbyafilesystemdriverdowntoadiskdriver.SincetheI/O
Managercommunicateswithallofthedriversinthesameway,therequestcanbe
satisfiedwithoutthefilesystemhavinganydirectknowledgeofthediskdevicewherethe
fileisstored.
Figure17-2TheI/OManagerprovidesalayeredinterfacebetweenWindowsdrivers.
WindowManager
TheWindowManager,alongwiththeGraphicalDeviceInterface(GDI),isresponsible
forcreatingthegraphicaluserinterfaceusedbyWindowsapplications.Applicationsmake
callstoWindowManagerfunctionsinordertocreatearchitecturalelementsonthescreen,
suchasbuttonsandwindows.Inthesameway,theWindowManagerinformsthe
applicationwhentheusermanipulatesscreenelementsbymovingthecursor,clicking
buttons,orresizingawindow.
UserModeComponents
Inadditiontothekernelmodeservices,Windowshastwotypesofprotectedsubsystems
thatruninusermode:environmentsubsystemsandintegralsubsystems.Theenvironment
subsystemsenableWindowstorunapplicationsthatweredesignedforvariousOS
environments,suchasWin32.Integralsubsystems,likethesecuritysystem,performvital
OSfunctions.UsermodesubsystemsareisolatedfromeachotherandfromtheWindows
executiveservicessothatmodificationstothesubsystemcodedonotaffectthe
fundamentaloperabilityoftheOS.Ifausermodecomponentsuchasasubsystemor
applicationshouldcrash,theothersubsystemsandtheWindowsexecutiveservicesarenot
affected.
TheWin32Subsystem
Win32istheprimaryenvironmentsubsystemthatprovidessupportforallnativeWindows
applications.AlloftheotherenvironmentsubsystemsincludedwithWindowsareoptional
andloadedonlywhenaclientapplicationneedsthem,butWin32isrequiredandrunsat
alltimes.Thisisbecauseitisresponsibleforhandlingthekeyboardandmouseinputsand
thedisplayoutputforalloftheothersubsystems.SincetheyrelyonWin32APIcalls,the
otherenvironmentsubsystemscanallbesaidtobeclientsofWin32.
TheDOS/Win16Subsystem
UnlikeearlierversionsofWindows,Windows2000andNTdidnotrunaDOSkernel,and
asaresult,theycouldnotshellouttoaDOSsession.Instead,2000andNTemulatedDOS
usingasubsystemthatcreatesvirtualDOSmachines(VDMs).EveryDOSapplication
usedaseparateVDMthatemulatedanIntelx86processorinVirtual86mode(evenona
non-Intelsystem).Alloftheapplication’sinstructionsrannativelywithintheVDMexcept
forI/Ofunctions,whichwereemulatedusingvirtualdevicedrivers(VDDs).VDDs
convertedtheDOSI/OfunctionsintostandardWindowsAPIcallsandfedthemtotheI/O
Manager,whichsatisfiedthecallsusingthestandardWindowsdevicedrivers.
NOTEBecauseofthisemulation,notallDOSprogramsareguaranteedtorun
optimally.
Services
AserviceisaprogramorothercomponentthatWindowsloadswiththeOSbeforeauser
logsonorseesthedesktopinterface.Servicesusuallyloadautomaticallyandpermitno
interferencefromthesystemuserasthey’reloading.Thisisincontrasttoother
mechanismsthatloadprogramsautomatically,suchastheStartupprogramgroup.Auser
withappropriaterightscanstart,stop,andpauseservicesusingtheServicesconsoleorthe
NETcommandandalsospecifywhetheraparticularserviceshouldloadwhenthesystem
starts,notloadatall,orrequireamanualstartup.SeeFigure17-3fortheoptions.
Figure17-3TheNETcommandisusedfromthecommandprompt.
Userswithoutadministrativerightscannotcontroltheservicesatall,whichmakesthe
servicesausefultoolfornetworkadministrators.Youcan,forexample,configurea
workstationtoloadaparticularserviceatstartup,anditwillrunwhetherauserlogsonor
not.TheServerservice,forexample,whichenablesnetworkuserstoaccessthe
computer’sshares,loadsautomaticallybydefault.Evenifnoonelogsontothecomputer,
itispossibletoaccessitssharesfromthenetwork.
TheWindowsNetworkingArchitecture
NetworkingisanintegralpartofWindows,andtheoperatingsystemsuseamodular
networkingarchitecturethatprovidesagreatdealofflexibilityforthenetwork
administrator.WhilenotperfectlyanalogoustotheOpenSystemsInterconnection(OSI)
referencemodel,theWindowsnetworkingarchitectureisstructuredinlayersthatprovide
interchangeabilityofmodulessuchasnetworkadapterdriversandprotocols.Figure17-4
showsthebasicstructureofthenetworkingstack.
Figure17-4TheWindowsnetworkingarchitecture
Windowsreliesontwoprimaryinterfacestoseparatethebasicnetworkingfunctions,
calledtheNDISinterfaceandTransportDriverInterface(TDI).Betweenthesetwo
interfacesaretheprotocolsuitesthatprovidetransportservicesbetweencomputersonthe
network:TCP/IP,NetBEUI,andIPX.Althoughtheyhavedifferentfeatures,thesethree
setsofprotocolsareinterchangeablewhenitcomestobasicnetworkingservices.A
Windowscomputercanuseanyoftheseprotocolsorallofthemsimultaneously.TheTDI
andNDISinterfacesenablethecomponentsoperatingaboveandbelowthemtoaddress
whicheverprotocolisneededtoperformaparticulartask.
TheNDISInterface
TheNetworkDriverInterfaceSpecification(NDIS)isastandarddevelopedjointlyby
Microsoftand3Comthatdefinesaninterfacebetweenthenetworklayerprotocolsandthe
mediaaccesscontrol(MAC)sublayerofthedatalinklayerprotocol.TheNDISinterface
liesbetweenthenetworkadapterdriversandtheprotocoldrivers.Protocolsdonot
communicatedirectlywiththenetworkadapter;instead,theygothroughtheNDIS
interface.ThisenablesaWindowscomputertohaveanynumberofnetworkadaptersand
anynumberofprotocolsinstalled,andanyprotocolcancommunicatewithanyadapter.
ThelatestversionofNDISis6.10,whichappearedinWindowsVista.NDIS6.30is
includedinWindows8,andNDIS6.40withWindows8.1.Itisimplementedona
Windows8systemintwoparts:theNDISwrapper(Ndis.sys)andtheNDISMACdriver.
TheNDISwrapperisnotdevicespecific;itcontainscommoncodethatsurroundsthe
MACdriversandprovidestheinterfacebetweenthenetworkadapterdriversandthe
protocoldriversinstalledinthecomputer.ThisreplacestheProtocolManager
(PROTMAN)usedbyotherNDISversionstoregulateaccesstothenetworkadapter.
TheNDISMACdriverisdevicespecificandprovidesthecodeneededforthesystem
tocommunicatewiththenetworkinterfaceadapter.Thisincludesthemechanismfor
selectingthehardwareresourcesthedeviceuses,suchastheIRQandI/Oportaddress.All
ofthenetworkinterfaceadaptersinaWindowssystemmusthaveanNDISdriver,which
isprovidedbyvirtuallyallofthemanufacturersproducingNICstoday.
TheTransportDriverInterface
TheTransportDriverInterface(TDI)performsroughlythesamebasicfunctionasthe
NDISwrapperbuthigherupinthenetworkingstack.TheTDIfunctionsastheinterface
betweentheprotocoldriversandthecomponentsoperatingabovethem,suchastheserver
andtheredirectors.Trafficmovingupanddownthestackpassesthroughtheinterfaceand
canbedirectedtoanyoftheinstalledprotocolsorothercomponents.
AbovetheTDI,Windowshasseveralmorecomponentsthatapplicationsusetoaccess
networkresourcesinvariousways,usingtheTDIastheinterfacetotheprotocoldrivers.
BecauseWindowsisapeer-to-peeroperatingsystem,therearecomponentsthathandle
trafficrunninginbothdirections.ThemostbasicofthesecomponentsaretheWorkstation
andServerservices,whichenablethesystemtoaccessnetworkresourcesandprovide
networkclientswithaccesstolocalresources(respectively).Alsoatthislayerare
applicationprogramminginterfaces(APIs),suchasNetBIOSandWindowsSockets,
whichprovideapplicationsrunningonthesystemspecialaccesstocertainnetwork
resources.
EffectivewithWindows8,whichhastwoworkingmodes,MetroandDesktop,TDIis
beingphasedout.(Youmayseeamessage“TDIfiltersandLSPsarenotallowed”when
workinginMetromode.)MostappsthatworkedinWindows7alsoworkinDesktop
mode,includingLSP.However,MetromodecannotusethenormalWinAPIandinstead
usesWinRT,whichhasbeendevelopedespeciallyforWindows8.
NOTELayerServiceProtocolsisaretiredMicrosoftWindowsservicethat
couldinsertitselfintotheTCP/IPprotocolstackandmodifyandintercept
bothinboundandoutboundtraffic.
TheWorkstationService
Whenyouopenafileorprintadocumentinanapplication,theprocessisthesame
whetherthefileorprinterispartofthelocalsystemoronthenetwork,asfarastheuser
andtheapplicationareconcerned.TheWorkstationservicedetermineswhetherthe
requestedfileorprinterislocaloronthenetworkandsendstherequesttotheappropriate
driver.Byprovidingaccesstonetworkresourcesinthisway,theWorkstationserviceis
essentiallytheclienthalfofWindows’client-servercapability.
TheWorkstationserviceconsistsoftwomodules:Services.exe,theServiceControl
Manager,whichfunctionsastheusermodeinterfaceforallservices;andtheWindows
networkredirector.Whenanapplicationrequestsaccesstoafile,therequestgoestothe
I/OManager,whichpassesittotheappropriatefilesystemdriver.Theredirectorisalsoa
filesystemdriver,butinsteadofprovidingaccesstoalocaldrive,theredirectortransmits
therequestdownthroughtheprotocolstacktotheappropriatenetworkresource.TheI/O
Managertreatsaredirectornodifferentlyfromanyotherfilesystemdrivers.Windows
installsaredirectorfortheMicrosoftWindowsnetworkbydefault.
TheMultipleUNCProvider
Inthecaseofasystemwithmultiplenetworkclients(andmultipleredirectors),Windows
usesoneoftwomechanismsfordeterminingwhichredirectoritshoulduse,dependingon
howanapplicationformatsitsrequestsfornetworkresources.ThemultipleUNCprovider
(MUP)isusedforapplicationsthatuseUniformNamingConvention(UNC)namesto
specifythedesiredresource,andthemultiproviderrouter(MPR)isusedforapplications
thatuseWin32networkAPIs.
TheUNCdefinestheformatthatWindowsusesforidentifyingnetworkitems.UNC
namestakethefollowingform:
\server\share
TheMultiproviderRouter
ForapplicationsthatrequestaccesstonetworkresourcesusingtheWin32networkAPIs
(alsoknownastheWNetAPIs),themultiproviderrouterdetermineswhichredirector
shouldprocesstherequests.Inadditiontoaredirector,anetworkclientinstalledona
WindowscomputerincludesaproviderDLLthatfunctionsasaninterfacebetweenthe
MPRandtheredirector.TheMPRpassestherequeststhatitreceivesfromapplicationsto
theappropriateproviderDLLs,whichpassthemtotheredirectors.
TheServerService
JustastheWorkstationserviceprovidesnetworkclientcapabilities,theServerservice
enablesotherclientsonthenetworktoaccessthecomputer’slocalresources.Whenthe
redirectoronaclientsystemtransmitsarequestforaccesstoafileonaserver,the
receivingsystempassestherequestuptheprotocolstacktotheServerservice.TheServer
serviceisafilesystemdriver(calledSrv.sys)thatisstartedbytheServiceControl
Manager,justliketheWorkstationservice,thatoperatesjustabovetheTDI.Whenthe
Serverservicereceivesarequestforaccesstoafile,itgeneratesareadrequestandsends
ittotheappropriatelocalfilesystemdriver(suchastheNTFSorFATdriver)throughthe
I/OManager.Thelocalfilesystemdriveraccessestherequestedfileintheusualmanner
andreturnsittotheServerservice,whichtransmitsitacrossthenetworktotheclient.The
Serverservicealsoprovidessupportforprintersharing,aswellasremoteprocedurecalls
(RPCs)andnamedpipes,whichareothermechanismsusedbyapplicationsto
communicateoverthenetwork.
APIs
ServicesarenottheonlycomponentsthatinteractwiththeTDIonaWindowssystem.
Applicationprogramminginterfaces,suchasNetBIOSandWindowsSockets,alsosend
andreceivedatathroughtheTDI,enablingcertaintypesofapplicationstocommunicate
withothernetworksystemswithoutusingtheServerandWorkstationservices.Windows
alsosupportsotherAPIsthatoperatehigherupinthestackandusethestandardservices
toreachtheTDI.
NetBIOS
NetBIOSwasanintegralcomponentofMicrosoftWindowsnetworkingthroughWindows
XPbecauseitprovidesthenamespaceusedtoidentifythedomains,computers,and
sharesonthenetwork.BecauseofitsdependenceonNetBIOS,Windowssupportsitinall
ofitsprotocols.NetBEUIisinherentlydesignedforusewithNetBIOScommunications,
andtheNetBIOSoverTCP/IP(NetBT)standardsdefinedbytheInternetEngineering
TaskForce(IETF)enableitsusewiththeTCP/IPprotocols.BecauseNetBIOScouldbe
usedtogatherinformationaboutyournetwork(andeachcomputer),manypeopledisable
itinbothWindows7andWindows8.
NOTEIntoday’snetworks,NetBIOSisoftenusedforfileandprintsharingonalocal
network.Thisleavesanopenpathforhackers.Youcanremovetheriskintwoways.
DisableNetBIOSthroughyournetworkconnectionsettingsonyourEthernetadapter
ordisabletheportsusedbyNetBIOS:
UDP137,theNetBIOSnameserviceport
UDP138,theNetBIOSdatagramserviceport
TCP139,theNetBIOSsessionserviceport
WindowsSockets
TheWindowsSocketsspecificationdefinesoneoftheAPIsthatismostcommonlyused
byapplicationsbecauseitistheacceptedstandardforInternetnetworkaccess.Web
browsers,FTPclients,andotherInternetclientandserverapplicationsalluseWindows
Sockets(Winsock)togainaccesstonetworkresources.UnlikeNetBIOS,Winsockdoes
notsupportalloftheWindowsprotocols.WhileitcanbeusedwithNWLink(IPX),the
overwhelmingmajorityofWinsockapplicationsuseTCP/IPexclusively.Aswith
NetBIOS,WinsockisimplementedinWindowsasakernelmodeemulatorjustabovethe
TDIandausermodedriver,calledWsock32.dll.
FileSystems
TheFATfilesystemwasaholdoverfromtheDOSdaysthatthedevelopersoftheoriginal
WindowsNTproductwereseekingtotranscend.Whileanadequatesolutionfora
workstation,the16-bitFATfilesystemusedbyDOScannotsupportthelargevolumes
typicallyrequiredonservers,anditlacksanysortofaccesscontrolmechanism.
FAT16
ThetraditionalDOSfilesystemdividedaharddiskdriveintovolumesthatwere
composedofuniformlysizedclustersandusedafileallocationtable(FAT)tokeeptrack
ofthedatastoredineachcluster.Eachdirectoryonthedrivecontainedalistofthefilesin
thatdirectoryand,inadditiontothefilenameandotherattributes,specifiedtheentryin
theFATthatrepresentedtheclustercontainingthebeginningofthefile.ThatfirstFAT
entrycontainedareferencetoanotherentrythatreferencesthefile’ssecondcluster,the
secondentryreferencesthethird,andsoon,untilenoughclustersareallocatedtostorethe
entirefile.ThisisknownasaFATchain.
NOTEItwasonlywiththeintroductionoftheFAT32filesystemthatthe
traditionalFATfilesystemcametobecalledFAT16.Inmostcases,
referencestoaFATdrivewithoutanumericalidentifierrefertoaFAT16
drive.
TheotherlimitingfactoroftheFATfilesystemisthatasclustersgrowlarger,more
drivespaceiswastedbecauseofslack.Slackisthefractionofaclusterleftemptywhen
thelastbitofdatainafilefailstocompletelyfillthelastclusterinthechain.When3KB
ofdatafromafileislefttostore,forexample,avolumewith4KBclusterswillcontain
1KBofslack,whileavolumewith64KBclusterswillwaste61KB.WindowsNTis
designedtobeaserverOSaswellasaworkstationOS,andserversarenaturallyexpected
tohavemuchlargerdrives.Theamountofslackspaceandthe4GBlimitonvolumesize
arenotacceptableforaserverOS.
TheothermajorshortcomingoftheFATfilesystemistheamountofinformation
abouteachfilethatisstoredonthediskdrive.Inadditiontothedataitself,aFATdrive
maintainsthefollowinginformationabouteachfile:
•FilenameLimitedtoaneight-characternameplusathree-character
extension
•AttributesContainsfourusablefileattributes:Read-only,Hidden,System,
andArchive
•Date/timeSpecifiesthedateandtimethatthefilewascreatedorlast
modified
•SizeSpecifiesthesizeofthefile,inbytes
FAT32
Asharddiskdrivecapacitiesgrewovertheyears,thelimitationsoftheFATfilesystem
becamemoreofaproblem.Toaddresstheproblem,Microsoftcreatedafilesystemthat
used32-bitFATentriesinsteadof16-bitones.Thelargerentriesmeantthattherecouldbe
moreclustersonadrive.TheresultswerethatthemaximumsizeofaFAT32volumeis2
terabytes(or2,048GB)insteadof2GBforaFAT16drive,andtheclusterscanbemuch
smaller,thusreducingthewastebecauseofslackspace.
TheFAT32filesystemwasintroducedintheWindows95OSR2releaseandwasalso
includedinWindows98,WindowsME,andWindows2000.FAT32supportedlarger
volumesandsmallerclusters,butitdidnotprovideanyappreciablechangein
performance,anditstilldidnothavetheaccesscontrolcapabilitiesneededfornetwork
serverslikeNTFSdoes.
NTFS
NTFSwasthefilesystemintendedtobeusedthroughWindows7.Withoutit,youcannot
installActiveDirectoryorimplementthefileanddirectory-basedpermissionsneededto
secureadrivefornetworkuse.BecauseitusesacompletelydifferentstructurethanFAT
drives,youcannotcreateNTFSdrivesusingtheFDISKutility.
IntheNTFSfilesystem,filestaketheformofobjectsthatconsistofanumberof
attributes.UnlikeDOS,inwhichthetermattributetypicallyrefersonlytotheRead-only,
System,Hidden,andArchiveflags,NTFStreatsalloftheinformationregardingthefileas
anattribute,includingtheflags,thedates,thesize,thefilename,andeventhefiledata
itself.NTFSalsodiffersfromFATinthattheattributesarestoredwiththefile,insteadof
inaseparatedirectorylisting.
TheequivalentstructuretotheFATonanNTFSdriveiscalledthemasterfiletable
(MFT).UnlikeFAT,however,theMFTcontainsmorethanjustpointerstootherlocations
onthedisk.Inthecaseofrelativelysmallfiles(uptoapproximately1,500bytes),allof
theattributesareincludedintheMFT,includingthefiledata.Whenlargeramountsof
dataneedtobestored,additionaldiskclusterscalledextentsareallocated,andpointersare
includedwiththefile’sattributesintheMFT.TheattributesstoredintheMFTarecalled
residentattributes;thosestoredinextentsarecallednonresidentattributes.
InadditiontothefourstandardDOSfileattributes,anNTFSfileincludesa
Compressionflag;twodates/timesspecifyingwhenthefilewascreatedandwhenitwas
lastmodified;andasecuritydescriptorthatidentifiestheownerofthefile,liststheusers
andgroupsthatarepermittedtoaccessit,andspecifieswhataccesstheyaretobegranted.
ResilientFileSystem
StartingwithWindowsServer2012andWindowsServer8,Microsofthasintroduced
ResilientFileSystem(ReFS),animprovedsystemthathastheabilitytohandlemuch
highervolumesandcansharestoragepoolsacrossmachines.ItisbuiltontheNTFS,and
oneofitsmainadvantagesistheabilitytodetectallformsofdiskcorruption.Primarily
designedforstorageatthispoint,itcannotbootanoperatingsystemorbeusedon
removablemedia.
TheWindowsRegistry
TheregistryisthedatabasewhereWindowsstoresnearlyallofitssystemconfiguration
data.Asasystemornetworkadministrator,you’llbeworkingwiththeregistryina
varietyofways,sincemanyoftheWindowsconfigurationtoolsfunctionbymodifying
entriesintheregistry.Theregistryisahierarchicaldatabasethatisdisplayedinmost
registryeditorapplicationsasanexpandabletree,notunlikeadirectorytree.Attherootof
thetreearefivecontainers,calledkeys,withthefollowingnames:
•HKEY_CLASSES_ROOTContainsinformationonfileassociations—that
is,associationsbetweenfilenameextensionsandapplications.
•HKEY_CURRENT_USERContainsconfigurationinformationspecificto
theusercurrentlyloggedontothesystem.Thiskeyistheprimarycomponentofa
userprofile.
•HKEY_LOCAL_MACHINEContainsinformationonthehardwareand
softwareinstalledinthecomputer,thesystemconfiguration,andtheSecurity
AccountsManagerdatabase.Theentriesinthiskeyapplytoallusersofthe
system.
•HKEY_USERSContainsinformationonthecurrentlyloadeduserprofiles,
includingtheprofilefortheuserwhoiscurrentlyloggedonandthedefaultuser
profile.
•HKEY_CURRENT_CONFIGContainshardwareprofileinformationused
duringthesystembootsequence.
Inmostcases,youworkwiththeentriesintheHKEY_LOCAL_MACHINEand
HKEY_CURRENT_USERkeys(oftenabbreviatedastheHKLMandHKCU,
respectively)whenyouconfigureaWindowssystem,whetheryouareawareofitornot.
Whenthekeysaresavedasfiles,asinthecaseofuserprofiles,they’reoftenreferredtoas
hives.Whenyouexpandoneofthesekeys,youseeaseriesofsubkeys,ofteninseveral
layers.Thekeysandsubkeysfunctionasorganizationalcontainersfortheregistryentries,
whichcontaintheactualconfigurationdataforthesystem.Aregistryentryconsistsof
threecomponents:thevaluename,thevaluetype,andthevalueitself.
Thevaluenameidentifiestheentryforwhichavalueisspecified.Thevaluetype
specifiesthenatureofthedatastoredintheentry,suchaswhetheritcontainsabinary
value,analphanumericstringofagivensize,ormultiplevalues.Thevaluetypesfoundin
theregistryareasfollows:
•REG_SZIndicatesthatthevalueconsistsofastringofalphanumeric
characters.Manyoftheuser-configurablevaluesintheregistryareofthistype.
•REG_DWORDIndicatesthatthevalueconsistsofa4-bytenumericalvalue
usedtospecifyinformationsuchasdeviceparameters,servicevalues,andother
numericconfigurationparameters.
•REG_MULTI_SZSameastheREG_SZvaluetype,exceptthattheentry
containsmultiplestringvalues.
•REG_EXPAND_SZSameastheREG_SZvaluetype,exceptthattheentry
containsavariable(suchas%SystemRoot%)thatmustbereplacedwhenthevalue
isaccessedbyanapplication.
•REG_BINARYIndicatesthatthevalueconsistsofrawbinarydata,usually
usedforhardwareconfigurationinformation.Youshouldnotmodifytheseentries
manuallyunlessyouarefamiliarwiththefunctionofeverybinarybitinthevalue.
•REG_FULL_RESOURCE_DESCRIPTORIndicatesthatthevalueholds
configurationdataforhardwaredevicesintheformofaninformationrecordwith
multiplefields.
Theregistryhierarchyislargeandcomplex,andthenamesofitskeysandentriesare
oftencryptic.Locatingthecorrectentrycanbedifficult,andthevaluesareoftenlessthan
intuitive.Whenyouedittheregistrymanually,youmustbecarefultosupplythecorrect
valueforthecorrectentryortheresultscanbecatastrophic.Anincorrectregistry
modificationcanhaltthecomputerorpreventitfrombooting,forcingyoutoreinstall
Windowsfromscratch.
Becauseoftheregistry’ssensitivitytoimproperhandling,selectingthepropertoolto
modifyitiscrucial.Thetrade-offinWindows’registryeditingtoolsisbetweenasafe,
easy-to-useinterfacewithlimitedregistryaccessandcomprehensiveaccessusingaless
intuitiveinterface.Thefollowingsectionsexaminethevariousregistryeditingtools
includedwithWindows.
TheControlPanel
Althoughitisn’tevidentfromtheinterface,mostofthefunctionsintheWindowsControl
Panelworkbymodifyingsettingsintheregistry.TheControlPanel’sgraphicalinterface
providesuserswithsimplifiedaccesstotheregistryandpreventsthemfromintroducing
incorrectvaluesduetotypographicalerrors.YoucanalsouseWindows’security
mechanismstopreventunauthorizedaccesstocertainregistrysettingsthroughtheControl
Panel.ThemaindisadvantageofusingtheControlPaneltomodifytheregistryisthatit
providesuseraccesstoonlyasmallfractionoftheregistry’ssettings.
TheSystemPolicyEditor
Systempoliciesarecollectionsofregistrysettingssavedinapolicyfilethatyoucan
configureaWindowscomputertoloadwheneverauserlogsontothesystemorthe
network.Youcancreatedifferentsetsofpoliciesforeachofyournetworkuserssothat
whenJohnDoelogsontoaworkstation,hiscustomizedregistrysettingsaredownloaded
tothecomputerandloadedautomatically.WindowsincludesatoolcalledtheSystem
PolicyEditorthatyoucanusetocreatepolicyfiles;youcanalsouseittomodifythe
registrydirectly.LiketheControlPanel,theSystemPolicyEditorusesagraphical
interfacetosetregistryvalues,butitisfarmoreconfigurablethantheControlPaneland
canprovideaccesstoagreatmanymoreregistryentries.
ThesystempoliciesthattheSystemPolicyEditorlistsinitshierarchicaldisplayare
derivedfromafilecalledapolicytemplate.ThetemplateisanASCIItextfilewithan
.admextensionthatusesaspecialformattodefinehoweachpolicyshouldappearinthe
SystemPolicyEditorandwhichregistrysettingseachpolicyshouldmodify.Windows
includesseveraltemplatefilesthatdefinepoliciesforawiderangeofsystemsettings,
someofwhicharealsoconfigurablethroughtheControlPanel.Becausecreatinganew
systempolicyissimplyamatterofcreatinganewtemplate,softwaredeveloperscan
includewiththeirproductstemplatefilesthatdefineapplication-specificsystempolicies.
Youcanalsocreateyourowntemplatestomodifyotherregistrysettings.
TheprocessofsettingvaluesforasystempolicybyusingtheSystemPolicyEditor
consistsofnavigatingthroughthehierarchicaldisplayandselectingapolicy.Some
policiesconsistofasinglefeaturethatyoucantoggleonandoff,whileothershave
additionalcontrolsintheformofcheckboxes,pull-downmenus,ordataentryfields.To
createapolicyfile,youselectthepoliciesyouwanttoset,specifyvaluesforthem,and
thensavethemtoafilewitha.polextension.
TheSystemPolicyEditorcanalsodirectlymodifytheWindowsregistry,however.
WhenyouselectFile|OpenRegistry,theprogramconnectstotheregistryonthelocal
machine.Whenyouconfigureapolicy,theprogramappliesthenecessarychangesdirectly
totheregistry.Inaddition,whenyouchooseFile|Connect,youcanselectanother
Windowscomputeronthenetworkandmodifyitsregistryfromyourremotelocation.
TheuseofcustomizabletemplatefilesmakestheSystemPolicyEditorafarmore
comprehensiveregistry-editingtoolthantheControlPanel.Youcanspecifyvaluesfora
widerrangeofregistryentries,whilestillretainingtheadvantagesofthegraphical
interface.BecausethechangesthattheSystemPolicyEditormakestotheregistryare
controlledbythepolicytemplate,thepossibilityofamisspelledvalueinadataentryfield
stillexists,butthechancesofanincorrectvaluedamagingthesystemisfarlessthanwhen
editingtheregistrymanually.
GroupPolicies
Windowsgrouppoliciesarethenextstepintheevolutionofthesystempoliciesfoundin
WindowsNTand98.Grouppoliciesincludealloftheregistrymodificationcapabilities
foundinNTsystempolicies,plusagreatdealmore,suchastheabilitytoinstalland
updatesoftware,implementdiskquotas,andredirectfoldersonuserworkstationsto
networkshares.WhileNTsystempoliciesareassociatedwithdomainusersandgroups,
WindowsgrouppoliciesareassociatedwithActiveDirectoryobjects,suchassites,
domains,andorganizationalunits.
TheRegistryEditors
WindowsincludesaRegistryEditor,calledregedit.exe,thatprovidesdirectaccesstothe
entireregistry.TherearemanyWindowsfeaturesyoucanconfigureusingtheRegistry
Editorthatarenotaccessiblebyanyotheradministrativeinterface.Theseprogramsare
themostpowerfulandcomprehensivemeansofmodifyingregistrysettingsinWindows
andalsothemostdangerous.Theseeditorsdonotsupplyfriendlynamesfortheregistry
entries,andtheydonotusepull-downmenusorcheckboxestospecifyvalues.Youmust
locate(orcreate)thecorrectentryandsupplythecorrectvalueintheproperformat,orthe
resultscanbewildlyunpredictable.WindowsinstallstheRegistryEditorwiththeOS,but
itdoesnotcreateshortcutsforthemintheStartmenuoronthedesktop.Youmustlaunch
theRegistryEditorbyusingtheRundialogbox,byusingWindowsExplorer,orby
creatingyourownshortcuts.LiketheSystemPolicyEditor,theRegistryEditorenables
youtoconnecttoanotherWindowssystemonthenetworkandaccessitsregistry.
NOTEMakingregistryadjustmentscancausemajorissueswithyour
computer.Registryeditingshouldbedoneonlyafteracompleteregistry
backup.
OptionalWindowsNetworkingServices
Inadditiontoitscoreservices,Windows,particularlyintheServerversions,includesa
largecollectionofoptionalservicesthatyoucanchoosetoinstalleitherwiththeOSorat
anytimeafterward.Someoftheseservicesarediscussedinthefollowingsections.
ActiveDirectory
ActiveDirectory,theenterprisedirectoryserviceincludedwithmostWindowsServer
products,isahierarchical,replicateddirectoryservicedesignedtosupportnetworksof
virtuallyunlimitedsize.FormoreinformationonActiveDirectory,seeChapter18.
MicrosoftDHCPServer
UnlikeNetBEUIandIPX,usingtheTCP/IPprotocolsonanetworkrequiresthateach
computerbeconfiguredwithauniqueIPaddress,aswellasotherimportantsettings.A
DynamicHostConfigurationProtocol(DHCP)serverisanapplicationdesignedto
automaticallysupplyclientsystemswithTCP/IPconfigurationsettingsasneeded,thus
eliminatingatediousmanualnetworkadministrationchore.
MicrosoftDNSServer
TheDomainNameSystem(DNS)facilitatestheuseoffamiliarnamesforcomputersona
TCP/IPnetworkinsteadoftheIPaddressestheyusetocommunicate.Designedforuseon
theInternet,DNSserversresolvedomainnames(Internetdomainnames,notNTdomain
names)intoIPaddresses,eitherbyconsultingtheirownrecordsorbyforwardingthe
requesttoanotherDNSserver.TheDNSserverincludedwithWindowshasaserverto
functionontheInternetinthiscapacity.
WindowsInternetNamingService
WindowsInternetNamingService(WINS)isanotherservicethatsupportstheuseof
TCP/IPonaWindowsnetwork.Windows9xandNTidentifiedsystemsusingNetBIOS
names,butinordertotransmitapackettoamachinewithagivennameusingTCP/IP,the
senderhadtofirstdiscovertheIPaddressassociatedwiththatname.WINSisessentiallya
databaseserverthatstorestheNetBIOSnamesofthesystemsonthenetworkandtheir
associatedIPaddresses.Whenasystemwantstotransmit,itsendsaquerytoaWINS
servercontainingtheNetBIOSnameofthedestinationsystem,andtheWINSserver
replieswithitsIPaddress.
CHAPTER
18 ActiveDirectory
Thedomain-baseddirectoryserviceusedbyWindowsoncecameunderfireforits
inabilitytoscaleuptosupportlargernetworks.Anenterprisenetworkthatconsistsof
multipledomainsislimitedinitscommunicationbetweenthosedomainstothetrust
relationshipsthatadministratorsmustmanuallyestablishbetweenthem.Inaddition,
becauseeachdomainmustbemaintainedindividually,theaccountadministrationprocess
iscomplicatedenormously.SincetheoriginalWindowsNT3.1releasein1993,Microsoft
promisedtodeliveramorerobustdirectoryservicebettersuitedforuseonlargenetworks,
andfinallyMicrosoftaccomplishedthetaskinWindows2000withActiveDirectory.
ActiveDirectory(AD)isanobject-oriented,hierarchical,distributeddirectory
servicesdatabasesystemthatprovidesacentralstorehouseforinformationaboutthe
hardware,software,andhumanresourcesofanentireenterprisenetwork.Basedonthe
generalprinciplesoftheX.500globaldirectorystandards,networkusersarerepresented
byobjectsintheActiveDirectorytree.Administratorscanusethoseobjectstograntusers
accesstoresourcesanywhereonthenetwork,whicharealsorepresentedbyobjectsinthe
tree.Unlikeaflat,domain-basedstructureforadirectory,ActiveDirectoryexpandsthe
structureintomultiplelevels.ThefundamentalunitoforganizationintheActive
Directorydatabaseisstillthedomain,butagroupofdomainscannowbeconsolidated
intoatree,andagroupoftreescanbeconsolidatedintoaforest.Administratorscan
managemultipledomainssimultaneouslybymanipulatingthetreeandcanmanage
multipletreessimultaneouslybymanipulatingaforest.
Adirectoryserviceisnotonlyadatabaseforthestorageofinformation,however.It
alsoincludestheservicesthatmakethatinformationavailabletousers,applications,and
otherservices.ActiveDirectoryincludesaglobalcatalogthatmakesitpossibletosearch
theentiredirectoryforparticularobjectsusingthevalueofaparticularattribute.
Applicationscanusethedirectorytocontrolaccesstonetworkresources,andother
directoryservicescaninteractwithADusingastandardizedinterfaceandtheLightweight
DirectoryAccessProtocol(LDAP).
ActiveDirectoryArchitecture
ActiveDirectoryiscomposedofobjects,whichrepresentthevariousresourcesona
network,suchasusers,usergroups,servers,printers,andapplications.Anobjectisa
collectionofattributesthatdefinetheresource,giveitaname,listitscapabilities,and
specifywhoshouldbepermittedtouseit.Someofanobject’sattributesareassigned
automaticallywhenthey’recreated,suchasthegloballyuniqueidentifier(GUID)
assignedtoeachone,whileothersaresuppliedbythenetworkadministrator.Auser
object,forexample,hasattributesthatstoreinformationabouttheuseritrepresents,such
asanaccountname,password,telephonenumber,ande-mailaddress.Attributesalso
containinformationabouttheotherobjectswithwhichtheuserinteracts,suchasthe
groupsofwhichtheuserisamember.Therearemanydifferenttypesofobjects,eachof
whichhasdifferentattributes,dependingonitsfunctions.
ActiveDirectoryprovidesadministratorsanduserswithaglobalviewofthenetwork.
EarlierWindowsNTdirectoryservicescouldusemultipledomains,butinsteadof
managingtheusersofeachdomainseparately,forexample,asinWindowsNT4.0,AD
administratorscreateasingleobjectforeachuserandcanuseittograntthatuseraccessto
resourcesinanydomain.
Eachtypeofobjectisdefinedbyanobjectclassstoredinthedirectoryschema.The
schemaspecifiestheattributesthateachobjectmusthave,theoptionalattributesitmay
have,thetypeofdataassociatedwitheachattribute,andtheobject’splaceinthedirectory
tree.TheschemaarethemselvesstoredasobjectsinActiveDirectory,calledclassschema
objectsandattributeschemaobjects.Aclassschemaobjectcontainsreferencestothe
attributeschemaobjectsthattogetherformtheobjectclass.Thisway,anattributeis
definedonlyonce,althoughitcanbeusedinmanydifferentobjectclasses.
TheschemaisextensiblesothatapplicationsandservicesdevelopedbyMicrosoftor
thirdpartiescancreatenewobjectclassesoraddnewattributestoexistingobjectclasses.
ThisenablesapplicationstouseActiveDirectorytostoreinformationspecifictotheir
functionsandprovidethatinformationtootherapplicationsasneeded.Forexample,
ratherthanmaintainitsowndirectory,ane-mailserverapplicationsuchasMicrosoft
ExchangecanmodifytheActiveDirectoryschemasothatitcanuseADtoauthenticate
usersandstoretheire-mailinformation.
ObjectTypes
TherearetwobasictypesofobjectsinActiveDirectory,calledcontainerobjectsandleaf
objects.Acontainerobjectissimplyanobjectthatstoresotherobjects,whilealeafobject
standsaloneandcannotstoreotherobjects.Containerobjectsessentiallyfunctionasthe
branchesofthetree,andleafobjectsgrowoffofthebranches.ActiveDirectoryuses
containerobjectscalledorganizationalunits(OUs)tostoreotherobjects.Containerscan
storeothercontainersorleafobjects,suchasusersandcomputers.Theguidingruleof
directorytreedesignisthatrightsandpermissionsflowdownwardthroughthetree.
Assigningapermissiontoacontainerobjectmeansthat,bydefault,alloftheobjectsin
thecontainerinheritthatpermission.Thisenablesadministratorstocontrolaccessto
networkresourcesbyassigningrightsandpermissionstoasinglecontainerratherthanto
manyindividualusers.
Bydefault,anActiveDirectorytreeiscomposedofobjectsthatrepresenttheusers
andcomputersonthenetwork,thelogicalentitiesusedtoorganizethem,andthefolders
andprinterstheyregularlyaccess.Theseobjects,theirfunctions,andtheiconsusedto
representthemintoolssuchasActiveDirectoryUsersandComputersarelistedinTable
18-1.
Table18-1SomeActiveDirectoryObjectTypes
ObjectNaming
EveryobjectintheActiveDirectorydatabaseisuniquelyidentifiedbyanamethatcanbe
expressedinseveralforms.ThenamingconventionsarebasedontheLightweight
DirectoryAccessProtocol(LDAP)standarddefinedinRFC2251,publishedbythe
InternetEngineeringTaskForce(IETF).Thedistinguishedname(DN)ofanobject
consistsofthenameofthedomaininwhichtheobjectislocated,plusthepathdownthe
domaintreethroughthecontainerobjectstotheobjectitself.Thepartofanobject’sname
thatisstoredintheobjectiscalleditsrelativedistinguishedname(RDN).
NOTETheLightweightDirectoryAccessProtocolisanadaptationofthe
DirectoryAccessProtocol(DAP)designedforusebyX.500directories.
ActiveDirectorydomaincontrollersandseveralotherdirectoryservices
useLDAPtocommunicatewitheachother.
Byspecifyingthenameoftheobjectandthenamesofitsparentcontainersuptothe
rootofthedomain,theobjectisuniquelyidentifiedwithinthedomain,eveniftheobject
hasthesamenameasanotherobjectinadifferentcontainer.Thus,ifyouhavetwousers,
calledJohnDoeandJaneDoe,youcanusetheRDNjdoeforbothofthem.Aslongas
theyarelocatedindifferentcontainers,theywillhavedifferentDNs.
CanonicalNames
MostActiveDirectoryapplicationsrefertoobjectsusingtheircanonicalnames.A
canonicalnameisaDNinwhichthedomainnamecomesfirst,followedbythenamesof
theobject’sparentcontainersworkingdownfromtherootofthedomainandseparatedby
forwardslashes,followedbytheobject’sRDN,asfollows:
mgh.com/sales/inside/jdoe
Inthisexample,jdoeisauserobjectintheinsidecontainer,whichisinthesales
container,whichisinthemgh.comdomain.
LDAPNotation
ThesameDNcanalsobeexpressedinLDAPnotation,whichwouldappearasfollows:
cn=jdoe,ou=inside,ou=sales,dc=mgh,dc=com
Thisnotationreversestheorderoftheobjectnames,startingwiththeRDNontheleft
andthedomainnameontheright.Theelementsareseparatedbycommasandincludethe
LDAPabbreviationsthatdefineeachtypeofelement.Theseabbreviationsareasfollows:
•cnCommonname
•ouOrganizationalunit
•dcDomaincomponent
Inmostcases,LDAPnamesdonotincludetheabbreviations,andtheycanbeomitted
withoutalteringtheuniquenessorthefunctionalityofthename.Itisalsopossibleto
expressanLDAPnameinaURLformat,asdefinedinRFC1959,whichappearsas
follows:
ldap://cz1.mgh.com/cn=jdoe,ou=inside,ou=sales,dc=mgh,dc=com
Thisformatdiffersinthatthenameofaserverhostingthedirectoryservicemust
appearimmediatelyfollowingtheldap://identifier,followedbythesameLDAPnameas
shownearlier.ThisnotationenablesuserstoaccessActiveDirectoryinformationusinga
standardwebbrowser.
GloballyUniqueIdentifiers
InadditiontoitsDN,everyobjectinthetreehasagloballyuniqueidentifier(GUID),
whichisa128-bitnumberthatisautomaticallyassignedbytheDirectorySystemAgent
whentheobjectiscreated.UnliketheDN,whichchangesifyoumovetheobjecttoa
differentcontainerorrenameit,theGUIDispermanentandservesastheultimate
identifierforanobject.
UserPrincipalNames
Distinguishednamesareusedbyapplicationsandserviceswhentheycommunicatewith
ActiveDirectory,buttheyarenoteasyforuserstounderstand,type,orremember.
Therefore,eachuserobjecthasauserprinciplename(UPN)thatconsistsofausername
andasuffix,[email protected],justlikethestandardInternete-mailaddress
formatdefinedinRFC822.Thisnameprovidesuserswithasimplifiedidentityonthe
networkandinsulatesthemfromtheneedtoknowtheirplaceinthedomaintree
hierarchy.
Inmostcases,theusernamepartoftheUPNistheuserobject’sRDN,andthesuffixis
theDNSnameofthedomaininwhichtheuserobjectislocated.However,ifyour
networkconsistsofmultipledomains,youcanopttouseasingledomainnameasthe
suffixforallofyourusers’UPNs.Thisway,theUPNcanremainunchangedevenifyou
movetheuserobjecttoadifferentdomain.
TheUPNisaninternalnamethatisusedonlyontheWindows2000network,soit
doesn’thavetoconformtotheuser’sInternete-mailaddress.However,usingyour
network’se-maildomainnameasthesuffixisagoodideasothatusershavetoremember
onlyoneaddressforaccessinge-mailandloggingontothenetwork.
NOTEYoucanusetheActiveDirectoryDomainsandTrustsconsoleto
specifyalternativeUPNsuffixessothatallofyouruserscanlogontothe
networkusingthesamesuffix.
Domains,Trees,andForests
Windowshasalwaysbaseditsnetworkingparadigmondomains,andallbutsmall
networksrequiremultipledomainstosupporttheirusers.ActiveDirectorymakesiteasier
tomanagemultipledomainsbycombiningthemintolargerunitscalledtreesandforests.
WhenyoucreateanewActiveDirectorydatabasebypromotingaservertodomain
controller,youcreatethefirstdomaininthefirsttreeofanewforest.Ifyoucreate
additionaldomainsinthesametree,theyallsharethesameschema,configuration,and
globalcatalogserver(GCS,amasterlistdirectoryofActiveDirectoryobjectsthat
providesuserswithanoverallviewoftheentiredirectory)andareconnectedbytransitive
trustrelationships.
Trustrelationshipsarehowdomainsinteractwitheachothertoprovideaunified
networkdirectory.IfDomainAtrustsDomainB,theusersinDomainBcanaccessthe
resourcesinDomainA.InWindowsNTdomains,trustrelationshipsoperateinone
directiononlyandmustbeexplicitlycreatedbynetworkadministrators.Ifyouwantto
createafullnetworkoftrustsbetweenthreedomains,forexample,youmustcreatesix
separatetrustrelationshipssothateachdomaintrustseveryotherdomain.Active
Directoryautomaticallycreatestrustrelationshipsbetweendomainsinthesametree.
Thesetrustrelationshipsflowinbothdirections,areauthenticatedusingtheKerberos
securityprotocol,andaretransitive,meaningthatifDomainAtrustsDomainBand
DomainBtrustsDomainC,thenDomainAautomaticallytrustsDomainC.Atree,
therefore,isasingleadministrativeunitthatencompassesanumberofdomains.The
administrativenightmareofmanuallycreatingtrustrelationshipsbetweenlargenumbers
ofdomainsisdiminished,andusersareabletoaccessresourcesonotherdomains.
Thedomainsinatreeshareacontiguousnamespace.UnlikeaWindowsNTdomain,
whichhasasingle,flatname,anActiveDirectorydomainhasahierarchicalnamethatis
basedontheDNSnamespace,suchasmycorp.com.Sharingacontiguousnamespace
meansthatifthefirstdomaininatreeisgiventhenamemycorp.com,thesubsequent
domainsinthattreewillhavenamesthatbuildontheparentdomain’sname,suchas
sales.mycorp.comandmis.mycorp.com(seeFigure18-1).
Figure18-1ActiveDirectoryparentandchilddomains
Theparent-childrelationshipsinthedomainhierarchyarelimitedsolelytothesharing
ofanamespaceandthetrustrelationshipsbetweenthem.Unlikethecontainerhierarchy
withinadomain,rightsandpermissionsdonotflowdownthetreefromdomainto
domain.
Inmostcases,asingletreeissufficientforanetworkofalmostanysize.However,it
ispossibletocreatemultipletreesandjointheminaunitknownasaforest.Allofthe
domainsinaforest,includingthoseinseparatetrees,sharethesameschema,
configuration,andGCS.Everydomaininaforesthasatransitivetrustrelationshipwith
theotherdomains,regardlessofthetreestheyarein.Theonlydifferencebetweenthe
treesinaforestisthattheyhaveseparatenamespaces.Eachtreehasitsownrootdomain
andchilddomainsthatbuildoffofitsname.Thefirstdomaincreatedinaforestisknown
astheforestrootdomain.
Themostcommonreasonforhavingmultipletreesisthemergingoftwo
organizations,bothofwhichalreadyhaveestablisheddomainnamesthatcannotbe
readilyassimilatedintoonetree.Usersareabletoaccessresourcesinothertreesbecause
thetrustrelationshipsbetweendomainsindifferenttreesarethesameasthosewithina
singletree.Itisalsopossibletocreatemultipleforestsonyournetwork,buttheneedfor
thisisrare.
Differentforestsdonotsharethesameschema,configuration,andGCS,noraretrust
relationshipsautomaticallycreatedbetweenforests.Itispossibletomanuallycreate
unidirectionaltrustsbetweendomainsindifferentforests,justasyouwouldonaWindows
NTnetwork.Inmostcases,though,theprimaryreasonforcreatingmultipleforestsisto
completelyisolatetwoareasofthenetworkandpreventinteractionbetweenthem.
DNSandActiveDirectory
WindowsNTisbasedonNetBIOSandusesaNetBIOSnameservercalledWindows
InternetNamingService(WINS)tolocatecomputersonthenetworkandresolvetheir
namesintoIPaddresses.TheprimarylimitationofNetBIOSandWINSisthattheyusea
flatnamespace,whereasActiveDirectory’snamespaceishierarchical.TheADname
spaceisbasedonthatoftheDomainNameSystem(DNS),sothedirectoryusesDNS
serversinsteadofWINStoresolvenamesandlocatedomaincontrollers.Youmusthaveat
leastoneDNSserverrunningonyournetworkinorderforActiveDirectorytofunction
properly.
ThedomainsinActiveDirectoryarenamedusingstandardDNSdomainnames,
whichmayormaynotbethesameasthenamesyourorganizationusesontheInternet.If,
forexample,youhavealreadyregisteredthedomainnamemycorp.comforusewithyour
Internetservers,youcanchoosetousethatsamenameastheparentdomaininyourAD
treeorcreateanewnameforinternaluse.Thenewnamedoesn’thavetoberegisteredfor
Internetuse,becauseitsusewillbelimitedtoyourWindows2000networkonly.
DNSisbasedonresourcerecords(RRs)thatcontaininformationaboutspecific
machinesonthenetwork.Traditionally,administratorsmustcreatetheserecordsmanually,
butonaWindowsnetwork,thiscausesproblems.Thetaskofmanuallycreatingrecords
forhundredsofcomputersislonganddifficult,anditiscompoundedbytheuseofthe
DynamicHostConfigurationProtocol(DHCP)toautomaticallyassignIPaddressesto
networksystems.BecausetheIPaddressesonDHCP-managedsystemscanchange,there
mustbeawayfortheDNSrecordstobeupdatedtoreflectthosechanges.
TheMicrosoftDNSserversupportsdynamicDNS(DDNS),whichworkstogether
withMicrosoftDHCPServertodynamicallyupdatetheresourcerecordsforspecific
systemsastheirIPaddresseschange.
GlobalCatalogServer
Tosupportlargeenterprisenetworks,ActiveDirectorycanbebothpartitionedand
replicated,meaningthatthedirectorycanbesplitintosectionsstoredondifferentservers,
andcopiesofeachsectioncanbemaintainedonseparateservers.Splittingupthe
directoryinthisway,however,makesitmoredifficultforapplicationstolocatespecific
information.Therefore,ActiveDirectorymaintainstheglobalcatalog,whichprovidesan
overallpictureofthedirectorystructure.WhileadomaincontrollercontainstheActive
Directoryinformationforonedomainonly,theglobalcatalogisareplicaoftheentire
ActiveDirectory,exceptthatitincludesonlytheessentialattributesofeachobject,known
asbindingdata.
Becausetheglobalcatalogconsistsofasubstantiallysmalleramountofdatathanthe
entiredirectory,itcanbestoredonasingleserverandaccessedmorequicklybyusersand
applications.Theglobalcatalogmakesiteasyforapplicationstosearchforspecific
objectsinActiveDirectoryusinganyoftheattributesincludedinthebindingdata.
DeployingActiveDirectory
AllofthearchitecturalelementsofActiveDirectorythathavebeendescribedthusfar,
suchasdomains,trees,andforests,arelogicalcomponentsthatdonotnecessarilyhave
anyeffectonthephysicalnetwork.Inmostcases,networkadministratorscreatedomains,
trees,andforestsbasedonthepoliticaldivisionswithinanorganization,suchas
workgroupsanddepartments,althoughgeographicalelementscancomeintoplayaswell.
Physically,however,anActiveDirectoryinstallationismanifestedasacollectionof
domaincontrollers,splitintosubdivisionscalledsites.
CreatingDomainControllers
Adomaincontroller(DC)isasystemthathostsallorpartoftheActiveDirectory
databaseandprovidestheservicestotherestofthenetworkthroughwhichapplications
accessthatdatabase.Whenauserlogsontothenetworkorrequestsaccesstoaspecific
networkresource,theworkstationcontactsadomaincontroller,whichauthenticatesthe
userandgrantsaccesstothenetwork.
ActiveDirectoryhasonlyonetypeofdomaincontroller.Wheninstallingaserver,you
havetospecifywhetheritshouldbeaprimarydomaincontroller(PDC),abackupdomain
controller(BDC),oramemberserver.Onceasystemisinstalledasadomaincontroller
foraspecificdomain,thereisnowaytomoveittoanotherdomainorchangeitbacktoa
memberserver.AllWindowsserversstartoutasstand-aloneormemberservers;youcan
thenpromotethemtodomaincontrollersandlaterdemotethembacktomemberservers.
ActiveDirectoryhasnoPDCsorBDCs;alldomaincontrollersfunctionaspeers.
AserverthatistofunctionasadomaincontrollermusthaveatleastoneNTFS5.0
drivetoholdtheActiveDirectorydatabase,logfiles,andthesystemvolume,anditmust
haveaccesstoaDNSserverthatsupportstheSRVresourcerecordand(optionally)
dynamicupdates.IfthecomputercannotlocateaDNSserverthatprovidesthesefeatures,
itofferstoinstallandconfiguretheMicrosoftDNSServersoftwareontheWindows
system.
DirectoryReplication
Everydomainonyournetworkshouldberepresentedbyatleasttwodomaincontrollers
forreasonsoffaulttolerance.OnceyournetworkisreliantonActiveDirectoryfor
authenticationandotherservices,inaccessibledomaincontrollerswouldbeamajor
problem.Therefore,eachdomainshouldbereplicatedonatleasttwodomaincontrollers
sothatoneisalwaysavailable.Directoryservicereplicationisnothingnew,butActive
DirectoryreplicatesitsdomaindatadifferentlyfromWindowsNT.
WindowsNTdomainsarereplicatedusingatechniquecalledsinglemaster
replication,inwhichasinglePDCwithread-writecapabilitiesreplicatesitsdatatooneor
moreBDCsthatareread-only.Inthismethod,replicationtrafficalwaystravelsinone
direction,fromthePDCtotheBDCs.IfthePDCfails,oneoftheBDCscanbepromoted
toPDC.Thedrawbackofthisarrangementisthatchangestothedirectorycanbemade
onlytothePDC.Whenanadministratorcreatesanewuseraccountormodifiesan
existingone,forexample,theUserManagerforDomainsutilitymustcommunicatewith
thePDC,evenifitislocatedatadistantsiteconnectedbyaslowWANlink.
ActiveDirectoryusesmultiplemasterreplication,whichenablesadministratorsto
makechangesonanyofadomain’sreplicas.ThisiswhytherearenolongerPDCsor
BDCs.Theuseofmultiplemastersmakesthereplicationprocessfarmoredifficult,
however.Insteadofsimplycopyingthedirectorydatafromonedomaincontrollerto
another,theinformationoneachdomaincontrollermustbecomparedwiththatonallof
theotherssothatthechangesmadetoeachreplicaarepropagatedtoeveryotherreplica.
Inaddition,it’spossiblefortwoadministratorstomodifythesameattributeofthesame
objectontwodifferentreplicasatvirtuallythesametime.Thereplicationprocessmustbe
abletoreconcileconflictsliketheseandseetoitthateachreplicacontainsthemostup-todateinformation.
MultimasterDataSynchronization
Somedirectoryservices,suchasNDS,basetheirdatasynchronizationalgorithmsontime
stampsassignedtoeachdatabasemodification.Whicheverchangehasthelatertimestamp
istheonethatbecomesoperativewhenthereplicationprocessiscompleted.Theproblem
withthismethodisthattheuseoftimestampsrequirestheclocksonallofthenetwork’s
domaincontrollerstobepreciselysynchronized,whichisdifficulttoarrange.TheActive
Directoryreplicationprocessreliesontimestampsinonlycertainsituations.Instead,AD
usesupdatesequencenumbers(USNs),whichare64-bitvaluesassignedtoall
modificationswrittentothedirectory.Wheneveranattributechanges,thedomain
controllerincrementstheUSNandstoresitwiththeattribute,whetherthechangeresults
fromdirectactionbyanadministratororreplicationtrafficreceivedfromanotherdomain
controller.
Theonlyproblemwiththismethodiswhenthesameattributeismodifiedontwo
differentdomaincontrollers.Ifanadministratorchangesthevalueofaspecificattribute
onServerBbeforeachangemadetothesameattributeonServerAisfullypropagatedto
allofthereplicas,thenacollisionissaidtohaveoccurred.Toresolvethecollision,the
domaincontrollersusepropertyversionnumberstodeterminewhichvalueshouldtake
precedence.UnlikeUSNs,whichareasinglenumericalsequencemaintainedseparately
byeachdomaincontroller,thereisonlyonepropertyversionnumberforeachobject
attribute.
Whenadomaincontrollermodifiesanattributeasaresultofdirectactionbya
networkadministrator,itincrementsthepropertyversionnumber.However,whena
domaincontrollerreceivesanattributemodificationinthereplicationtrafficfromanother
domaincontroller,itdoesnotmodifythepropertyversionnumber.Adomaincontroller
detectscollisionsbycomparingtheattributevaluesandpropertyversionnumbersreceived
duringareplicationeventwiththosestoredinitsowndatabase.Ifanattributearriving
fromanotherdomaincontrollerhasthesamepropertyversionnumberasthelocalcopyof
thatattributebutthevaluesdon’tmatch,acollisionhasoccurred.Inthiscase,andonlyin
thiscase,thesystemusesthetimestampsincludedwitheachoftheattributestodetermine
whichvalueisnewerandshouldtakeprecedenceovertheother.
Sites
Asingledomaincanhaveanynumberofdomaincontrollers,allofwhichcontainthe
sameinformation,thankstotheADreplicationsystem.Inadditiontoprovidingfault
tolerance,youcancreateadditionaldomaincontrollerstoprovideuserswithlocalaccess
tothedirectory.InanorganizationwithofficesinmultiplelocationsconnectedbyWAN
links,itwouldbeimpracticaltohaveonlyoneortwodomaincontrollersbecause
workstationswouldhavetocommunicatewiththeADdatabaseoverarelativelyslow,
expensiveWANconnection.Therefore,administratorsoftencreateadomaincontrollerat
eachlocationwherethereareresourcesinthedomain.
TherelativelyslowspeedoftheaverageWANconnectionalsoaffectsthereplication
processbetweendomaincontrollers,andforthisreason,ActiveDirectorycanbreakupa
domainintosites.Asiteisacollectionofdomaincontrollersthatareassumedtobewell
connected,meaningthatallofthesystemsareconnectedusingthesamerelativelyhighspeedLANtechnology.TheconnectionsbetweensitesareassumedtobeWANsthatare
slowerandpossiblymoreexpensive.
Theactualspeedoftheintrasiteandintersiteconnectionsisnotanissue.Theissueis
therelativespeedbetweenthedomaincontrollersatthesamesiteandthoseatdifferent
sites.Thereasonfordividingadomainintologicalunitsthatreflectthephysicallayoutof
thenetworkistocontrolthereplicationtrafficthatpassesovertheslowerWANlinks.
ActiveDirectoryalsousessitestodeterminewhichdomaincontrolleraworkstation
shouldaccesswhenauthenticatingauser.Wheneverpossible,authenticationprocedures
useadomaincontrollerlocatedonthesamesite.
IntrasiteReplication
Thereplicationofdatabetweendomaincontrollerslocatedatthesamesiteiscompletely
automaticandself-regulating.AcomponentcalledtheKnowledgeConsistencyChecker
(KCC)dynamicallycreatesconnectionsbetweenthedomaincontrollersasneededto
createareplicationtopologythatminimizeslatency.Latencyistheperiodoftimeduring
whichtheinformationstoredonthedomaincontrollersforasingledomainisdifferent—
thatis,theintervalbetweenthemodificationofanattributeononedomaincontrollerand
thepropagationofthatchangetotheotherdomaincontrollers.TheKCCtriggersa
replicationeventwheneverachangeismadetotheADdatabaseonanyofthesite’s
replicas.
TheKCCmaintainsatleasttwoconnectionstoeachdomaincontrolleratthesite.This
way,ifacontrollergoesoffline,replicationbetweenalloftheotherdomaincontrollersis
stillpossible.TheKCCmaycreateadditionalconnectionstomaintaintimelycontact
betweentheremainingdomaincontrollerswhilethesystemisunavailableandthen
removethemwhenthesystemcomesbackonline.Inthesameway,ifyouaddanew
domaincontroller,theKCCmodifiesthereplicationtopologytoincludeitinthedata
synchronizationprocess.Asarule,theKCCcreatesareplicationtopologyinwhicheach
domaincontrollerisnomorethanthreehopsawayfromanyotherdomaincontroller.
Becausethedomaincontrollersarealllocatedonthesamesite,theyareassumedtobe
wellconnected,andtheKCCiswillingtoexpendnetworkbandwidthintheinterestof
replicationspeed.Allupdatesaretransmittedinuncompressedformbecauseeventhough
thisrequiresthetransmissionofmoredata,itminimizestheamountofprocessingneeded
ateachdomaincontroller.
Replicationoccursprimarilywithindomains,butwhenmultipledomainsarelocated
atthesamesite,theKCCalsocreatesconnectionsbetweentheglobalcatalogserversfor
eachdomainsothattheycanexchangeinformationandcreateareplicaoftheentire
ActiveDirectorycontainingthesubsetofattributesthatformthebindingdata.
IntersiteReplication
Bydefault,adomainconsistsofasinglesite,calledDefault-First-Site-Name,andany
additionaldomainsyoucreateareplacedwithinthatsite.Youcan,however,usethe
ActiveDirectorySitesandServicesconsoletocreateadditionalsitesandmovedomains
intothem.Justaswithdomainsinthesamesite,ActiveDirectorycreatesareplication
topologybetweendomainsindifferentsites,butwithseveralkeydifferences.
BecausetheWANlinksbetweensitesareassumedtobeslower,ActiveDirectory
attemptstominimizetheamountofreplicationtrafficthatpassesbetweenthem.First,
therearefewerconnectionsbetweendomaincontrollersatdifferentsitesthanwithasite;
thethree-hopruleisnotobservedfortheintersitereplicationtopology.Second,all
replicationdatatransmittedoverintersiteconnectionsiscompressedtominimizethe
amountofbandwidthutilizedbythereplicationprocess.Finally,replicationevents
betweensitesarenotautomaticallytriggeredbymodificationstotheActiveDirectory
database.Instead,replicationcanbescheduledtooccuratspecifiedtimesandintervalsto
minimizetheeffectonstandardusertrafficandtotakeadvantageoflowerbandwidth
costsduringoff-hours.
MicrosoftManagementConsole
MicrosoftManagementConsole(MMC)isanapplicationthatprovidesacentralized
administrationinterfaceformanyoftheservicesincludedinWindows,includingthose
usedtomanageActiveDirectory.Windowsreliesonseparatemanagementapplications
formanyofitsservices,suchastheDHCPManager,WINSManager,andDisk
Administrator.Windowsconsolidatesalloftheseapplications,andmanyothers,into
MMC.Mostofthesystemadministrationtasksfortheoperatingsystemarenow
performedthroughMMC.
MMChasnoadministrativecapabilitiesofitsown;itis,essentially,ashellfor
applicationmodulescalledsnap-insthatprovidetheadministrativefunctionsformanyof
Windows’applicationsandservices.Snap-instaketheformoffileswithan.mscextension
thatyouloadeitherfromthecommandlineorinteractivelythroughtheMMCmenus.
Windowssuppliessnap-infilesforallofitstools,buttheinterfaceisdesignedsothat
third-partysoftwaredeveloperscanusetheMMCarchitecturetocreateadministration
toolsfortheirownapplications.
MMCcanloadmultiplesnap-inssimultaneouslyusingtheWindowsmultipledocumentinterface(MDI).Youcanusethiscapabilitytocreateacustomizedmanagement
interfacecontainingallofthesnap-insyouuseonaregularbasis.WhenyourunMMC
(bylaunchingtheMmc.exefilefromtheRundialogbox)andselectConsole|New,you
getanemptyConsoleRootwindow.ByselectingConsole|Add/RemoveSnap-in,youcan
buildalistoftheinstalledsnap-insandloadselectedonesintotheconsole.Thevarious
snap-insappearinanexpandable,Explorer-likedisplayintheleftpaneofMMC’smain
screen,asshowninFigure18-2.
Figure18-2Workingwithsnap-insinWindows7
NOTEInWindows8or8.1,locatetheWindowsSystemsappandchoose
Run.
ManyofWindow’sadministrativetools,suchasActiveDirectorySitesandServices,
areactuallypreconfiguredMMCconsoles.SelectingComputerManagementfromthe
Programs/AdministrativeToolsgroupintheStartmenudisplaysaconsolethatcontainsa
collectionofthebasicadministrationtoolsforaWindowssystem.Bydefault,the
ComputerManagementconsoleadministersthelocalsystem,butyoucanuseallofits
toolstomanagearemotenetworksystembyselectingAction|ConnectToAnother
Computer.
CreatingandConfiguringSites
Splittinganetworkintositeshasnoeffectonthehierarchyofdomains,trees,andforests
thatyouhavecreatedtorepresentyourenterprise.However,sitesstillappearasobjectsin
ActiveDirectory,alongwithseveralotherobjecttypesthatyouusetoconfigureyour
network’sreplicationtopology.TheseobjectsarevisibleonlyintheActiveDirectorySites
andServicestool.TheobjectcalledDefault-First-Site-Nameiscreatedautomatically
whenyoupromotethefirstserveronyournetworktoadomaincontroller,alongwitha
serverobjectthatappearsintheServersfolderbeneathit.Serverobjectsarealways
subordinatetositeobjectsandrepresentthedomaincontrollersoperatingatthatsite.A
sitecancontainserverobjectsfordomaincontrollersinanynumberofdomains,locatedin
anytreeorforest.Youcanmoveserverobjectsbetweensitesasneeded.
Theothertwoimportantobjecttypesassociatedwithsitesandserversaresubnetand
sitelinkobjects.SubnetobjectsrepresenttheparticularIPsubnetsthatyouuseatyour
varioussitesandareusedtodefinetheboundariesofthesite.Whenyoucreateasubnet
object,youspecifyanetworkaddressandsubnetmask.Whenyouassociateasitewitha
subnetobject,serverobjectsforanynewdomaincontrollersthatyoucreateonthatsubnet
areautomaticallycreatedinthatsite.Youcanassociatemultiplesubnetobjectswitha
particularsitetocreateacompletepictureofyournetwork.
SitelinkobjectsrepresenttheWANlinksonyournetworkthatActiveDirectorywill
usetocreateconnectionsbetweendomaincontrollersatdifferentsites.ActiveDirectory
supportstheuseoftheInternetProtocol(IP)andtheSimpleMailTransportProtocol
(SMTP)forsitelinks,bothofwhichappearintheInter-SiteTransportsfolderinActive
DirectorySitesandServices.AnSMTPsitelinkcantaketheformofanyapplicationsyou
usetosende-mailusingtheSMTPprotocol.Whenyoucreateasitelinkobject,youselect
thesitesthatareconnectedbytheWANlinktheobjectrepresents.Theattributesofsite
linkobjectsincludevariousmechanismsfordeterminingwhenandhowoftenActive
Directoryshouldusethelinktotransmitreplicationtrafficbetweensites:
•CostThecostofasitelinkcanreflecteitherthemonetarycostoftheWAN
technologyinvolvedorthecostintermsofthebandwidthneededforother
purposes.
•ScheduleThisspecifiesthehoursofthedayduringeachdayoftheweek
thatthelinkcanbeusedtocarryreplicationtraffic.
•ReplicationperiodThisspecifiestheintervalbetweenreplication
proceduresthatusethislink,subjecttothescheduledescribedpreviously.
Bydefault,ActiveDirectorycreatesanIPsitelinkobject,DEFAULTIPSITELINK,
thatyoucanuseasisorcanmodifytoreflectthetypeoflinkusedtoconnectyoursites.If
allofyoursitesareconnectedbyWANlinksofthesametype,youdon’thavetocreate
additionalsitelinkobjectsbecauseasinglesetofschedulingattributesshouldbe
applicableforallofyourintersiteconnections.IfyouusevarioustypesofWAN
connections,however,youcancreateaseparatesitelinkobjectforeachtypeand
configureitsattributestoreflecthowyouwantittobeused.
ThereisanothertypeofobjectthatyoucancreateintheInter-SiteTransports
container,calledasitelinkbridgeobject,thatisdesignedtomakeitpossibletoroute
replicationtrafficthroughoneremotesitetoothers.Bydefault,thesitelinksyoucreate
aretransitive,meaningthattheyarebridgedtogether,enablingthemtoroutereplication
traffic.Forexample,ifyouhaveasitelinkobjectconnectingSiteAtoSiteBandanother
oneconnectingSiteBtoSiteC,thenSiteAcansendreplicationtraffictoSiteC.Ifyou
want,youcandisablethedefaultbridgingbyopeningthePropertiesdialogboxfortheIP
folderandclearingtheBridgeAllSiteLinkscheckbox.Ifyoudothis,youmustmanually
createsitelinkbridgeobjectsinordertoroutereplicationtrafficinthisway.Asitelink
bridgeobjectgenerallyrepresentsarouteronthenetwork.Whileasitelinkobjectgroups
twositeobjects,asitelinkbridgeobjectgroupstwositelinkobjects,makingitpossible
forreplicationtraffictoberoutedbetweenthem.
Onceyouhavecreatedobjectsrepresentingthesitesthatformyournetworkandthe
linksthatconnectthem,theKCCcancreateconnectionsthatformthereplication
topologyfortheentireinternetwork,subjecttothelimitationsimposedbythesitelink
objectattributes.TheconnectionscreatedbytheKCC,bothwithinandbetweensites,
appearasobjectsintheNTDSSettingscontainerbeneatheachserverobject.Aconnection
objectisunidirectional,representingthetrafficrunningfromtheserverunderwhichthe
objectappearstothetargetserverspecifiedasanattributeoftheobject.Inmostcases,
thereshouldbenoneedtomanuallycreateorconfigureconnectionobjects,butitis
possibletodoso.Youcancustomizethereplicationtopologyofyournetworkbycreating
yourownconnectionsandschedulingthetimesduringwhichtheymaybeused.Manually
createdconnectionobjectscannotbedeletedbytheKCCtoaccommodatechanging
networkconditions;theyremaininplaceuntilyoumanuallyremovethem.
DesigninganActiveDirectory
Aswithanyenterprisedirectoryservice,theprocessofdeployingActiveDirectoryon
yournetworkinvolvesmuchmorethansimplyinstallingthesoftware.Theplanning
processis,inmanycases,morecomplicatedthantheconstructionofthedirectoryitself.
Naturally,thelargeryournetwork,themorecomplicatedtheplanningprocesswillbe.You
shouldhaveaclearideaoftheformthatyourADstructurewilltakeandwhowill
maintaineachpartofitbeforeyouactuallybegintodeploydomaincontrollersandcreate
objects.
Inmanycases,theplanningprocesswillrequiresomehands-ontestingbeforeyou
deployActiveDirectoryonyourproductionnetwork.Youmaywanttosetupatest
networkandtrysomeforestdesignsbeforeyoucommityourselftoanyoneplan.
Althoughatestnetworkcan’tfullysimulatetheeffectsofhundredsofusersworkingat
once,thetimethatyouspendfamiliarizingyourselfwiththeActiveDirectorytoolsand
procedurescanonlyhelpyoulaterwhenyou’rebuildingthelivedirectoryservice.
PlanningDomains,Trees,andForests
ActiveDirectoryexpandsthescopeofthedirectoryservicebytwoordersofmagnitudeby
providingtreesandforeststhatyoucanusetoorganizemultipledomains.Inaddition,the
domainsthemselvescanbesubdividedintosmalleradministrativeentitiescalled
organizationalunits.Tousethesecapabilitieseffectively,youmustevaluateyournetwork
inlightofbothitsphysicallayoutandtheneedsoftheorganizationthatitserves.
CreatingMultipleTrees
Inmostcases,asingletreewithoneormoredomainsissufficienttosupportanenterprise
network.Themainreasonforcreatingmultipletreesisifyouhavetwoormoreexisting
DNSnamespacesthatyouwanttoreflectinActiveDirectory.Forexample,acorporation
thatconsistsofseveraldifferentcompaniesthatoperateindependentlycanusemultiple
treestocreateaseparatenamespaceforeachcompany.Althoughtherearetransitivetrust
relationshipsbetweenallofthedomainsinatree,separatetreesareconnectedonlyby
trustsbetweentheirrootdomains.
Ifyouhaveseverallevelsofchilddomainsineachtree,theprocessofaccessinga
resourceinadifferenttreeinvolvesthepassingofauthenticationtrafficupfromthe
domaincontainingtherequestingsystemtotherootofthetree,acrosstotherootofthe
othertree,anddowntothedomaincontainingtherequestedresource.Ifthetreesoperate
autonomouslyandaccessrequestsforresourcesinothertreesarerare,thismaynotbe
muchofaproblem.Ifthetrustrelationshipsinadirectorydesignlikethisdocausedelays
onaregularbasis,youcanmanuallycreatewhatareknownasshortcuttrustsbetween
childdomainslowerdowninbothtrees.
Justasyoucancreatemultipletreesinaforest,youcancreatemultipleforestsinthe
ActiveDirectorydatabase.Scenariosinwhichtheuseofmultipleforestsisnecessaryare
evenrarerthanthosecallingformultipletreesbecauseforestshavenoinherenttrust
relationshipsbetweenthematallanduseadifferentglobalcatalog,makingitmore
difficultforuserseventolocateresources.Youmaywanttouseaseparateforestforalabbasedtestnetworkorforaprojectthatyoudon’twantothernetworkuserstoknoweven
exists.
CHAPTER
19 Linux
DevelopedasacollegeprojectbyLinusTorvaldsofSweden,theLinuxoperatingsystem
hasemergedasoneofthemostpopularUnixvariants.Thischaptercoverstheadvantages
anddisadvantagesofLinux,Linuxfilesystems,andhowtoworkwithLinuxfiles.
UnderstandingLinux
WrittenintheCprogramminglanguage,LinuxusesGNUtools,whicharefreely
available.Likeothervariants,LinuxisavailableasafreedownloadfromtheInternetin
versionsformoststandardhardwareplatformsandiscontinuallyrefinedbyanadhoc
groupofprogrammerswhocommunicatemainlythroughInternetmailinglistsand
newsgroups.Becauseofitspopularity,manyLinuxmodulesandapplicationshavebeen
developed.Oftennewfeaturesandcapabilitiesaretheresultofprogrammersadaptingthe
existingsoftwarefortheirownusesandthenpostingtheircodeforotherstouse.Asthe
productincreasesinpopularity,morepeopleworkonitinthisway,andthedevelopment
processaccelerates.ThisactivityhasalsoledtothefragmentationoftheLinux
developmentprocess.ManydifferentLinuxversionsareavailable,whicharesimilarin
theirkernelfunctionsbutvaryinthefeaturestheyinclude.SomeoftheseLinuxpackages
areavailablefordownloadontheInternet,butthegrowthinthepopularityofthe
operatingsystem(OS)hasledtocommercialdistributionreleasesaswell.
NOTEGNUisanoperatingsystemannouncedin1993thatcontainstotally
freesoftware.Accordingtowww.gnu.org,GNUstandsforGNU’sNot
Unix.
LinuxDistributions
ManyLinuxvariationsareavailablefreeforthedownload,andothersrequiresomesortof
paymentordonation.Table19-1showssomeoftheLinuxdistributions(oftencalled
distros)available.Theyarelistedinalphabeticorder,notinorderofpopularity.
Table19-1SomeLinuxDistros
Today’sLinuxsystemsrunondevicesfromtabletsandcellphonestoworkstations
andhigh-endservers.Sincethesystemisopensource(meaningthatitisavailablefor
anyone),asproblemsorglitchesoccur,anyoneworldwidecanreporttheproblem,and
manypeoplewillwritecodetofixtheissueforfutureusers.AsLinuxhasmatured,some
newerusersjustwanttousetheprogram,notwritecode.Theseuserswantaprogramthat
theycandownloadanduserightaway.Itisforthoseusersthatsomecompanieshave
developeddistributionsthatareguaranteedtowork“outofthebox.”Thesecompanies
requirepaymentforLinuxandofferbothtechnicalsupportandwarrantiesonthe
downloadedprogram.
AdvantagesandDisadvantagesofLinux
Besidesbeinganopensourcesystem,Linuxoftenrequireslessdiskspacethanmany
otheroperatingsystems.Thereareotheradvantagesaswell:
•Sincethesystemisopensource,manypeoplehavecontributedtoits
stability.
•Securityflawsareoftenfoundbeforetheybecomeanissue.
•Itsrobustadaptabilityadjuststomanysituations.
•Itiseasilycustomizableandupdatable.
•Appsareusuallyfree,andthenumberofappsisincreasing.
•Linuxisscalable,meaningitcanbeusedastheoperatingsystemforsmall
itemssuchaswirelessroutersandtabletstolarge,multitieredsystemssuchas
storageclustersanddatacenters.
Opensourcealsohassomedisadvantages:
•Applicationsmaybemoredifficulttofindandlearn(althoughtodaymany
applicationsareavailable,andsomeevenlooklikemorefamiliarWindows
programs).Forexample,OpenOfficeandLibreOfficebothofferasetof
applicationsincludingawordprocessor,aspreadsheet,andapresentation
manager.ThescreenslookmuchthesameinWindowsandLinux,asshownin
Figure19-1.
Figure19-1TheOpenOfficeWriterscreenlookssimilarinbothWindowsandLinux.
•TherearemanydistributionsofLinux,soitcanbedifficulttotransfer
knowledgeofonedistrotoanother.
•Linuxcanbeconfusingatfirstfornewusers.
ThepopularityofLinuxhasreachedthepointatwhichitisexpandingbeyondUnix’s
traditionalmarketofcomputerprofessionalsandtechnicalhobbyists.Inpart,thisis
becauseofabacklashagainstMicrosoft,whichsomepeoplebelieveisclosetoholdinga
monopolyonoperatingsystems.Whenyoupayfora“commercial”Linuxreleasesuchas
Ubuntu,youdownloadnotonlytheOSandsourcecodebutalsoavarietyofapplications,
productdocumentation,andtechnicalsupport,whichareoftenlackinginthefree
downloadreleases.Otherdistributorsprovidesimilarproductsandservices,butthisdoes
notnecessarilymeanthattheseLinuxversionsarebinarycompatible.Insomecases,
softwarewrittenforonedistributionwillnotrunonanotherone.
ThefreeLinuxdistributionsprovidemuchofthesamefunctionalityasthe
commercialonesbutinalessconvenientpackage.Thedownloadscanbelargeandtime
consuming,andyoumayfindyourselfinterruptingtheinstallationprocessfrequentlyto
trackdownsomeessentialpieceofinformationortodownloadanadditionalmoduleyou
didn’tknowyouneeded.OneofthebiggestadvantagesofLinuxoverotherUnixvariants
isitsexcellentdriversupport.Devicedriversareanintegralpartofanyoperatingsystem,
andifUnixisevergoingtobecomearivaltoWindowsinthepersonalcomputer
mainstream,it’sgoingtohavetorunonthesamecomputersthatrunWindows,usingthe
sameperipherals.ManyoftheotherUnixvariantshaverelativelylimiteddevicedriver
support.IfyouaretryingtoinstallaUnixproductonanIntel-basedcomputerwiththe
latestandgreatestvideoadapter,forexample,youmaynotbeabletofindadriverthat
takesfulladvantageofitscapabilities.
Devicedrivers,eventhoseincludedwithoperatingsystems,aregenerallywrittenby
thedevicemanufacturer.Notsurprisingly,hardwaremanufacturersdevotemostoftheir
driverdevelopmentattentiontoWindows,withothersystemsgettingonlyperfunctory
support,ifanyatall.ThefansofLinuxarelegion,however,andtheOS’sdevelopment
modelhasledtheoperatingsystem’ssupporterstodeveloptheirowndriversformanyof
thedevicescommonlyfoundinIntel-basedcomputers.Ifyouarehavingtroublefinding
appropriatedriversforyourhardwarethatrunonotherUnixvariants,youaremorelikely
tohavesuccesswithLinux.
Forexample,acomputerrunningLinuxasitsOSandApacheasitswebserver
softwareisapowerfulcombinationthatiseasilyequalorsuperiortomostofthe
commercialproductsonthemarket—andthesoftwareiscompletelyfree.
FileSystems
ForthemanycomputeruserswhoarefamiliarwiththeMicrosoftNTFSandtheolderFAT
filesystem,themyriadoffilesystemsavailableinopensourceoperatingsystemscanbe
daunting.Table19-2showssomeofthefilesystemsthatareavailableforLinuxusers.
Table19-2LinuxFileSystems
BitsandBytes
Alldatainacomputerisacombinationofzerosandones.Eachzerooroneis
designatedasabit.Abyteconsistsof8bits.Forexample,00110111isonebyte.
Thereareanumberofotherdesignations,indicatingtheamountofstoragespace
availableineachdesignation.Today,harddrivesaremeasuredinterabytes,while
randomaccessmemory(RAM)iscurrentlymeasuredingigabytes.
•Akilobyteis1,024bytesshownas1KB.
•Amegabyteis1,024kilobytes,shownas1MB.
•Agigabyteis1,024megabytes,shownas1GB.
•Aterabyteis1,024gigabytes,shownas1TB.
•Apetabyteis1,024terabytes,shownas1PB.
•Aexabtyeis1,024petabytes,shownas1EB.
NOTEAnoldtechiesayingisthat4bits=1nibble.
NOTEAlegacysystemisonethatisoutdated,unsupported,orobsolete.
Someorganizationsstilluseoldersystemsbecauseofsoftwareor
hardwarerequirements.
LinuxInstallationQuestions
BeforeyouinstallLinuxonamachine,youshouldknowtheanswerstothefollowing:
•Haveyoureadthedocumentationforthedistributionyoudownloaded?
•Willthisdistributionworkonthehardwareyouareusing?
•HowmuchRAMisavailableonthismachine?
•DoyouwanttoinstalljustaworkstationorcreateaLinuxserver?Canyou
downloadallthenecessarysoftware?
•DoyouhavetocreateaCDorDVDfromthedownloadedfile?Normally,
Linuxdownloadsarein.isoformat,andmanyrequirethatyouburnthe
downloadedfiletoaCDorDVDinordertoperformtheinstallation.
•Doyouunderstandhowtousean.isofile?
•IsLinuxthemainoperatingsystemoroneofseveral?
•Doyouneedtocreateanewpartitionbeforeyouinstallthesystem?
•SinceLinuxexpectstobeonanetwork,whatistheIPaddressand
hostname?
BootingLinux
WhenyoubootyourLinuxcomputer,thereareseveralstepstotheprocess,asshownin
Figure19-2.Intextmode,onceyourLinuxterminaldisplaystheloginpromptaswhite
lettersonablackbackground,youenteryourusernameandpassword(pressingenterafter
each).
Figure19-2ThebootsequenceinLinux
LoggingOutofLinux
Intextmode,enterthelogoutcommandandpressenter.
DirectoryStructure
MostLinuxdistributionscontainthedirectoriesdescribedinTable19-3.
Table19-3TypicalLinuxDirectories
QuickCommandsinLinux
YoucanuseseveralcommandsinLinuxtofindyourwayaround.Table19-4listsseveral
commoncommandsandtheresultingaction.Thecommandstructureisasfollows:
Table19-4CommonLinuxCommands
commandoption(s)argument(s)
Eachwouldbeshownfromtherootprompt,suchasthis:
[email protected]:~#command
Unlikeotheroperatingsystems,Linuxcommandsarecasesensitive.
WorkingwithLinuxFiles
ForthosefamiliarwithWindowspathnames,thisishowyouwouldfindafile:
C:\MyFolder\MyFinances\MyBudget.txt
TofindthesamefileinLinux,youwouldusethispathway:
/MyFolder/MyFinances/MyBudget.txt
Youmaynoteseveraldifferencesinthetwo.First,thereisnodrivenameshown.
Linuxmountstherootpartitionwhenthecomputerfirstboots.Therefore,allthefilesand
foldersarefoundat/.Second,theslashesareforwardslashesinsteadofthebackslashesin
Windows.Also,inLinux,allfilesandfolderarecasesensitive,whileinWindows,case
doesnotmatter.InLinux,/School/English/essay1.txtisadifferentfilethan
/School/English/Essay1.txt.
Linuxfilesystemsareoftenmorereliablethanothersystemsbecauseofseveral
factors.
Journaling
Inmorefamiliarfilesystems,eachfileiswrittendirectlytoalocationontheharddrive,
andifthecomputershutsdownforanyreason,theinformationinthatfilemaybelostor
corrupted.Afilesystemthatjournalsfirstwritesinformationtoaspecialfilecalleda
journalthatisstoredonanotherpartoftheharddrive.Thisjournalcontainsdataabout
boththefileandlocationandismucheasiertoretrieveifthereisaproblem.Atanygiven
time,thissystemhasthreepossiblestates:asavedfile,ajournalreportthatshowsthefile
asnotbeingsaved,orajournalfilethatshowsinconsistenciesbutcanberebuilt.
Thissystemismorereliablethansystemswritingdirectlytotheharddrive.Some
systemswritethedatatwice,whichcanpreventcorruptionandsaveafterapoweror
softwareproblemrequirestheusertorebootthesystem.
Editing
OneofthebestfeaturesofaLinux(orUnix)fileisthatitcanbeeditedwhileitisopen.
Unix/Linuxfilesareindexedbynumber(calledainode)thatcontainstheattributessuch
asname,permissions,location,andsoon.Whenafileisdeleted,theinodeisjustunlinked
fromthefilename.Ifotherprogramsareusingthatfile,thelinktotheoperatingsystemis
stillopenandwillbeupdatedaschangesaremadetoit.
LackofFragmentation
FATandNTFSsystemsdonotkeepallthepiecesoftheirfilestogetherinordertoutilize
spacemoreefficiently.Whilethispracticesavedspaceinthesmallerharddrivesofthe
day,itmadefordifficultieswhenitcametoperformancebecausetheprocessorwould
havetoconnectthepartsofthefilesbeforetheycouldberun.Startingwiththeext3
system,Linuxfileblocksarekepttogether.
CHAPTER
20 Unix
Unixisamultiuser,multitaskingoperatingsystem(OS)withrootsthatdatebacktothe
late1960s.Itwasdevelopedthroughoutthe1970sbyresearchersatAT&T’sBellLabs,
finallyculminatinginUnixSystemVRelease1in1983.Duringthistime,andsincethen,
manyotherorganizationshavebuilttheirownvariantsontheUnixformula,andnow
dozensofdifferentoperatingsystemsfunctionusingthesamebasicUnixcomponents,
includingbothAppleandLinux.Thiswaspossiblebecause,fromthebeginning,Unixhas
beenmoreofacollaborativeresearchprojectthanacommercialproduct.Whilesome
companiesguardthesourcecodetotheiroperatingsystems,manyUnixdevelopersmake
theircodefreelyavailable.Thisenablesanyonewiththeappropriateskillstomodifythe
OStotheirownspecifications.
Unixisnotauser-friendlyOS,norisitcommonlyfoundonthedesktopoftheaverage
personalcomputeruser.Toitsdetractors,UnixisanoutdatedOSthatreliesprimarilyon
anarchaic,character-basedinterface.Toitsproponents,however,Unixisthemost
powerful,flexible,andstableOSavailable.Asisusuallythecase,bothopinionsare
correcttosomedegree.
YouarenotgoingtoseeracksofUnix-basedgamesandotherrecreationalsoftwareat
thecomputerstoreanytimesoon,norareyoulikelytoseeofficesfullofemployees
runningproductivityapplications,suchaswordprocessorsandspreadsheets,onUnix
systems.However,whenyouuseabrowsertoconnecttoawebsite,there’sagoodchance
thattheserverhostingthesiteisrunningsomeformofUnix.Yoursmartphone,tablet,or
MacusesaformofUnix.Inaddition,manyoftheverticalapplicationsdesignedfor
specificindustries,suchasthoseusedwhenyoubookahotelroomorrentacar,runon
Unixsystems.Inthisinstance,wearediscussingthebaseformofUnix,akatheterminal
orcommandline.
Asaserveroperatingsystem,Unixhasareputationforbeingstableenoughtosupport
mission-criticalapplications,portableenoughtorunonmanydifferenthardware
platforms,andscalableenoughtosupportauserbaseofalmostanysize.AllUnixsystems
useTransmissionControlProtocol/InternetProtocol(TCP/IP)astheirnativeprotocols,so
theyarenaturallysuitedforuseontheInternetandfornetworkingwithotheroperating
systems.Infact,UnixsystemswereinstrumentalinthedevelopmentoftheInternetfrom
anexperimentindecentralized,packet-switchednetworkingtotheworldwide
phenomenonitistoday.
UnixPrinciples
Morethanotheroperatingsystems,Unixisbasedonaprincipleofsimplicitythatmakesit
highlyadaptabletomanydifferentneeds.ThisisnottosaythatUnixissimpletouse
becausegenerallyitisn’t.Rather,itmeansthattheOSisbasedonguidingprinciplesthat
treatthevariouselementsofthecomputerinasimpleandconsistentway.Forexample,a
Unixsystemtreatsphysicaldevicesinthecomputer,suchastheprinter,thekeyboard,and
thedisplay,inthesamewayasittreatsthefilesanddirectoriesonitsdrives.Youcancopy
afiletothedisplayortoaprinterjustasyouwouldcopyittoanotherdirectoryanduse
thedeviceswithanyotherappropriatefile-basedtools.
AnotherfundamentalprincipleofUnixistheuseofsmall,simpletoolsthatperform
specificfunctionsandthatcaneasilyworktogetherwithothertoolstoprovidemore
complexfunctions.Insteadoflargeapplicationswithmanybuilt-infeatures,Unix
operatingsystemsarefarmorelikelytoutilizeasmalltoolthatprovidesabasicserviceto
othertools.Agoodexampleisthesortcommand,whichtakesthecontentsofatextfile,
sortsitaccordingtouser-suppliedparameters,andsendstheresultstoanoutputdevice,
suchasthedisplayoraprinter.Inadditiontoapplyingthecommandtoanexistingtext
file,youcanuseittosorttheoutputofothercommandsbeforedisplayingorprintingit.
Theelementthatletsyoujointoolsinthiswayiscalledapipe(|),whichenablesyou
touseonetooltoprovideinputtooracceptoutputfromanothertool.DOScanusepipes
toredirectstandardinputandoutputinvariousways,butUnixincludesamuchwider
varietyoftoolsandcommandsthatcanbecombinedtoprovideelaborateandpowerful
functions.
Thus,Unixisbasedonrelativelysimpleelements,butitsabilitytocombinethose
elementsmakesitquitecomplex.Whilealargeapplicationattemptstoanticipatethe
needsoftheuserbycombiningitsfunctionsinvariouspredeterminedways,Unixsupplies
userswiththetoolsthatprovidethebasicfunctionsandletsthemcombinethetoolstosuit
theirownneeds.TheresultisanOSwithgreatflexibilityandextensibilitybutthat
requiresanoperatorwithmorethantheaveragecomputeruser’sskillstotakefull
advantageofit.However,theoperatorhastorememberallthecommands.
Becauseofthisguidingprinciple,Unixisinmanywaysa“programmer’soperating
system.”Ifatooltoperformacertaintaskisnotincluded,youusuallyhavetheresources
availabletofashiononeyourself.Thisisnottosaythatyouhavetobeaprogrammerto
useUnix,butmanyofthetechniquesthatprogrammersusewhenwritingcodeare
instrumentaltotheuseofmultipletoolsontheUnixcommandline.
Ifallofthistalkofprogrammingandcommand-linecomputingisintimidating,be
assuredthatitisquitepossibletoinstall,maintain,anduseaUnixsystemwithouta
substantialinvestmentinlearningcommand-linesyntax.SomeoftheUnixoperating
systemsarebeinggearedmoreandmoretotheaveragecomputeruser,withmostofthe
commonsystemfunctionsavailablethroughthegraphicaluserinterface(GUI).Youcan
performmostofyourdailycomputingtasksontheseoperatingsystemswithoutever
seeingacommandprompt.
ThevariousUnixoperatingsystemsarebuiltaroundbasicelementsthatare
fundamentallythesame,buttheyincludevariouscollectionsoftoolsandprograms.
Dependingonwhichvariantyouchooseandwhetheritisacommercialproductorafree
download,youmayfindthattheOScomescompletewithmodulessuchaswebandDNS
serversandotherprograms,oryoumayhavetoobtaintheseyourself.However,oneofthe
otherprinciplesofUnixdevelopmentthathasenduredthroughtheyearsisthecustomof
makingthesourcecodeforUnixsoftwarefreelyavailabletoeveryone.Theresultofthis
opensourcemovementisawealthofUnixtools,applications,andothersoftwarethatis
freelyavailablefordownloadfromtheInternet.
Insomecases,programmersmodifyexistingUnixmodulesfortheirownpurposes
andthenreleasethosemodificationstothepublicdomainsothattheycanbeofhelpto
others.SomeprogrammerscollaborateonUnixsoftwareprojectsassomethingofahobby
andreleasetheresultstothepublic.OneofthebestexamplesofthisistheLinux
operatingsystem,whichwasdesignedfromthebeginningtobeafreeproductandwhich
hasnowbecomeoneofthemostpopularUnixvariantsinusetoday.
UnixArchitecture
BecauseUnixisavailableinsomanyvariants,Unixoperatingsystemscanrunona
varietyofhardwareplatforms.ManyoftheUnixvariantsareproprietaryversionscreated
byspecificmanufacturerstorunontheirownhardwareplatforms.MostofthesoftwareonlyUnixsolutionsrunonIntel-basedPCs,andsomeareavailableinversionsfor
multipleplatforms.
ThehardwarerequirementsforthevariousUnixplatformsvarygreatly,dependingon
thefunctionsrequiredofthemachine.YoucanrunLinuxonanold386,forexample,as
longasyoudon’texpecttouseaGUIorrunaserversupportingalargenumberofusers.
Today,manylargebusinessesareusingLinuxasacost-savingalternativebecauseeven
mid-rangeUnixserverscancostmorethan$200,000,includinghardware.
NomatterwhathardwareaUnixsystemuses,thebasicsoftwarecomponentsarethe
same(seeFigure20-1).Thekernelisthecoremodulethatinsulatestheprogramsrunning
onthecomputerfromthehardware.Thekernelusesdevicedriversthatinteractwiththe
specifichardwaredevicesinstalledinthecomputertoperformbasicfunctionssuchas
memorymanagement,input/output,interrupthandling,andaccesscontrol.
Figure20-1BasiccomponentsofaUnixsystem
TheUnixkernelprovidesapproximately100systemcallsthatprogramscanuseto
executecertaintasks,suchasopeningafile,executingaprogram,andterminatinga
process.However,thesystemcallscanvarywildlydependingonthevariant.Theseare
thebuildingblocksthatprogrammersusetointegratehardware-relatedfunctionsintotheir
applications’morecomplextasks.ThesystemcallscanvarybetweenthedifferentUnix
versionstosomeextent,particularlyinthewaythatthesysteminternalsperformthe
differentfunctions.
Abovethekernelistheshell,whichprovidestheinterfaceyouusetoissuecommands
andexecuteprograms.Theshellisacommandinterpreter,muchlikeCommand.comin
DOSandCmd.exeinWindows,whichprovidesacharacter-basedcommandpromptthat
youusetointeractwiththesystem.Theshellalsofunctionsasaprogramminglanguage
youcanusetocreatescripts,whicharefunctionallysimilartooldDOSbatchfilesbut
muchmoreversatileandpowerful.
UnlikeWindows,whichlimitsyoutoasinglecommandinterpreter,Unixtraditionally
hasseveralshellsyoucanchoosefrom,withdifferentcapabilities.Theshellsthatare
includedwithparticularUnixoperatingsystemsvary,andothersareavailableasfree
downloads.Often,theselectionofashellisamatterofpersonalpreference,guidedbythe
user’spreviousexperience.Thebasiccommandsusedforfilemanagementandother
standardsystemtasksarethesameinalloftheshells.Thedifferencesbecomemore
evidentwhenyourunmorecomplexcommandsandcreatescripts.
TheoriginalUnixshellisaprogramcalledshthatwascreatedbySteveBourneandis
commonlyknownastheBourneshell.Someoftheothercommonshellsareasfollows:
•cshKnownastheCshellandoriginallycreatedforusewithBerkeley
SoftwareDistribution(BSD)Unix;utilizesasyntaxsimilartothatoftheC
languageandintroducesfeaturessuchasacommandhistorylist,jobcontrol,and
aliases.ScriptswrittenfortheBourneshellusuallyneedsomemodificationtorun
intheCshell.
•kshKnownastheKornshell;buildsontheBourneshellandaddselements
oftheCshell,aswellasotherimprovements.ScriptswrittenfortheBourneshell
usuallycanrunintheKornshellwithoutmodification.
•bashThedefaultshellusedbyLinux;closelyrelatedtotheKornshell,with
elementsoftheCshell.
Runningontopoftheshellarethecommandsthatyouusetoperformtasksonthe
system.Unixincludeshundredsofsmallprograms,usuallycalledtoolsorcommands,
whichyoucancombineonthecommandlinetoperformcomplextasks.Hundredsof
othertoolsareavailableontheInternetthatyoucancombinewiththoseprovidedwiththe
OS.Unixcommand-linetoolsareprograms,butdon’tconfusethemwiththecomplex
applicationsusedbyotheroperatingsystems,suchasWindows.Unixhasfull-blown
applicationsaswell,butitsrealpowerliesinthesesmallprograms.Addinganewtoolon
aUnixsystemdoesnotrequireaninstallationprocedure;yousimplyhavetospecifythe
appropriatelocationofthetoolinthefilesysteminorderfortheshelltorunit.
UnixVersions
ThesheernumberofUnixvariantscanbebewilderingtoanyonetryingtofindthe
appropriateoperatingsystemforaparticularapplication.However,apartfromsystems
intendedforspecialpurposes,virtuallyanyUnixOScanperformwellinavarietyof
roles,andtheselectionyoumakemaybebasedmoreoneconomicfactors,hardware
platform,orpersonaltastethanonanythingelse.If,forexample,youdecidetopurchase
proprietaryUnixworkstations,you’llbeusingtheversionoftheOSintendedforthe
machine.IfyouintendtorunUnixonIntel-basedcomputers,youmightchoosetheOS
basedontheGUIthatyoufeelmostcomfortablewith,oryoumightbelookingforthe
bestbargainyoucanfindandlimityourselftotheversionsavailableasfreedownloads.
ThefollowingsectionsdiscusssomeofthemajorUnixversionsavailable.
UnixSystemV
UnixSystemVistheculminationoftheoriginalUnixworkbegunbyAT&T’sBellLabs
inthe1970s.Upuntilrelease3.2,theprojectwaswhollydevelopedbyAT&T,evenwhile
otherUnixworkwasongoingattheUniversityofCaliforniaatBerkeleyandotherplaces.
UnixSystemVRelease4(SVR4),releasedinthelate1980s,consolidatedthebenefitsof
theSVRoperatingsystemwiththoseofBerkeley’sBSD,Sun’sSunOS,andMicrosoft’s
Xenix.Thisreleasebroughttogethersomeofthemostimportantelementsthatarenow
indeliblyassociatedwiththenameUnix,includingnetworkingelementssuchasthe
TCP/IPInternetPackagefromBSD,whichincludesfiletransfer,remotelogin,andremote
programexecutioncapabilities,andtheNetworkFileSystem(NFS)fromSunOS.
AT&TeventuallysplititsUnixdevelopmentprojectoffintoasubsidiarycalledUnix
SystemLaboratories(USL),whichreleasedSystemVRelease4.2.In1993,AT&Tsold
USLtoNovell,whichreleaseditsownversionofSVR4underthenameUnixWare.In
lightofpressurefromtheothercompaniesinvolvedinUnixdevelopment,Novell
transferredtheUnixtrademarktoaconsortiumcalledX/Open,thusenablingany
manufacturertodescribeitsproductasaUnixOS.In1995,Novellsoldallofitsinterest
inUnixSVR4andUnixWaretotheSantaCruzOperation(SCO),whichownsittothis
day.In1997,SCOreleasedUnixSystemVRelease5(SVR5)underthename
OpenServer,aswellasversion7ofitsUnixWareproduct.Thesearethedescendantsof
theoriginalAT&Tproducts,andtheyarestillonthemarket.
BSDUnix
In1975,oneoftheoriginaldevelopersofUnix,KenThompson,tookasabbaticalatthe
UniversityofCaliforniaatBerkeley,andwhilethere,heportedhiscurrentUnixversionto
aPDP-11/70system.Theseedheplantedtookroot,andBerkeleybecameamajor
developerofUnixinitsownright.BSDUnixintroducedseveralofthemajorfeatures
associatedwithmostUnixversions,includingtheCshellandthevitexteditor.Several
versionsofBSDUnixappearedthroughoutthe1970s,culminatingin3BSD.In1979,the
U.S.DepartmentofDefense’sAdvancedResearchProjectsAgency(DARPA)fundedthe
developmentof4BSD,whichcoincidedwiththedevelopmentandadoptionoftheTCP/IP
networkingprotocols.FormoreinformationaboutBSDUnix,seeChapter21.
UnixNetworking
Unixisapeer-to-peernetworkoperatingsystem,inthateverycomputeriscapableofboth
accessingresourcesonothersystemsandsharingitsownresources.Thesenetworking
capabilitiestakethreebasicforms,asfollows:
•Theabilitytoopenasessiononanothermachineandexecutecommandson
itsshell
•Theabilitytoaccessthefilesystemonanothermachine,usingaservicelike
NFS
•Theabilitytorunaservice(calledadaemon)ononesystemandaccessit
usingaclientonanothersystem
TheTCP/IPprotocolsareanintegralpartofallUnixoperatingsystems,andmanyof
theTCP/IPprogramsandservicesthatmaybefamiliartoyoufromworkingwiththe
InternetarealsoimplementedonUnixnetworks.Forexample,Unixnetworkscanuse
DNSserverstoresolvehostnamesintoIPaddressesanduseBOOTPorDHCPserversto
automaticallyconfigureTCP/IPclients.StandardInternetservicessuchasFileTransfer
Protocol(FTP)andTelnethavelongbeenavitalelementofUnixnetworking,asare
utilitiessuchasPingandTraceroute.
ThefollowingsectionsexaminethetypesofnetworkaccessusedonUnixsystemsand
thetoolsinvolvedinimplementingthem.
UsingRemoteCommands
OneformofnetworkaccessthatisfarmorecommonlyusedonUnixthanonother
networkoperatingsystemsistheremoteconsolesession,inwhichauserconnectsto
anothercomputeronthenetworkandexecutescommandsonthatsystem.Oncethe
connectionisestablished,commandsenteredbytheuserattheclientsystemareexecuted
bytheremoteserver,andtheoutputisredirectedoverthenetworkbacktotheclient’s
display.It’simportanttounderstandthatthisisnottheequivalentofaccessingashared
networkdriveonaWindowscomputerandexecutingafile.Inthelattercase,theprogram
runsusingtheclientcomputer’sprocessorandmemory.Whenyouexecuteacommandon
aUnixcomputerusingaremoteconsolesession,theprogramactuallyrunsontheother
computer,usingitsresources.
BecauseUnixreliesheavilyonthecommandprompt,character-basedremotesessions
aremoreusefulthantheyareinamoregraphicallyorientedenvironmentlikethatof
Windows.
BerkeleyRemoteCommands
TheBerkeleyremotecommandswereoriginallypartofBSDUnixandhavesincebeen
adoptedbyvirtuallyeveryotherUnixOS.Sometimesknownasther*commands,these
toolsareintendedprimarilyforuseonlocalareanetworks(LANs),ratherthanoverwide
areanetwork(WAN)orInternetlinks.Thesecommandsenableyounotonlytoopena
sessiononaremotesystembuttoperformspecifictasksonaremotesystemwithout
logginginandwithoutworkinginteractivelywithashellprompt.
rlogin
Therlogincommandestablishesaconnectiontoanothersystemonthenetworkand
providesaccesstoitsshell.Onceconnected,anycommandsyouenterareexecutedbythe
othercomputerusingitsprocessor,filesystem,andothercomponents.Toconnectto
anothermachineonthenetwork,youuseacommandlikethefollowing:
rlogin[-lusername]hostname
wherethehostnamevariablespecifiesthenameofthesystemtowhichyouwantto
connect.
NOTEYoucansometimesusetheIPaddressinsteadofyourhostname.
Authenticationisrequiredforthetargetsystemtoestablishtheconnection,whichcan
happenusingeitherhost-leveloruser-levelsecurity.Tousehost-levelsecurity,theclient
systemmustbetrustedbytheserverbyhavingitshostnamelistedinthe/etc/host.equiv
fileontheserver.Whenthisisthecase,theclientlogsinwithoutausernameorpassword
becauseitisautomaticallytrustedbytheservernomatterwho’susingthesystem.
User-levelsecurityrequirestheuseofausernameandsometimesapassword,in
additiontothehostname.Bydefault,rloginsuppliesthenameoftheusercurrentlylogged
inontheclientsystemtotheremotesystem,aswellasinformationaboutthetypeof
terminalusedtoconnect,whichistakenfromthevalueoftheTERMvariable.Thenamed
usermusthaveanaccountintheremotesystem’spassworddatabase,andiftheclient
systemisnottrustedbytheremotesystem,theremotesystemmaythenprompttheclient
forthepasswordassociatedwiththatusername.It’salsopossibletologinusinga
differentusernamebyspecifyingitontherlogincommandlinewiththe-lswitch.
Fortheusernametobeauthenticatedbytheremotesystemwithoutusingapassword,
itmustbedefinedasanequivalentuserbybeinglistedina.rhostsfilelocatedinthe
user’shomedirectoryonthatsystem.The.rhostsfilecontainsalistofhostnamesand
usernamesthatspecifywhetherauserworkingonaspecificmachineshouldbegranted
immediateaccesstothecommandprompt.Dependingonthesecurityrequirementsforthe
remotesystem,the.rhostsfilescanbeownedeitherbytheremoteusersthemselvesorby
therootaccountonthesystem.Addinguserstoyour.rhostsfileisasimplewayofgiving
themaccesstoyouraccountonthatmachinewithoutgivingthemthepassword.
NOTETherootaccountonaUnixcomputerisabuilt-insuperuserthathas
fullaccesstotheentiresystem,muchliketheAdministratoraccountin
Windowsbutevenmorepowerful(dependingontheversionof
Windows).
Onceyouhavesuccessfullyestablishedaconnectiontoaremotesystem,youcan
executeanycommandinitsshellthatyouwouldonyourlocalsystem,exceptforthose
thatlaunchgraphicalapplications.Youcanalsouserloginfromtheremoteshellto
connecttoathirdcomputer,givingyousimultaneousaccesstoallthree.Toterminatethe
connectiontoaremotesystem,youcanusetheexitcommand,presstheCTRL-Dkey
combination,ortypeatildefollowedbyaperiod(~.).
rsh
Insomeinstances,youmaywanttoexecuteasinglecommandonaremotesystemand
viewtheresultingoutputwithoutactuallyloggingin.Youcandothiswiththersh
command,usingthefollowingsyntax:
rshhostnamecommand
wherethehostnamevariablespecifiesthesystemonwhichyouwanttoopenaremote
shell,andthecommandvariableisthecommandtobeexecutedontheremotesystem.
Unlikerlogin,interactiveauthenticationisnotpossiblewithrsh.Forthecommandto
work,theusermusthaveeitheraproperlyconfigured.rhostsfileontheremotesystemor
anentryinthe/etc/host.equivfile.Thershcommandprovidesessentiallythesame
command-linecapabilitiesasrlogin,exceptthatitworksforonlyasinglecommandand
doesnotmaintainanopensession.
NOTEThershcommandwascalledremshonHP-UXsystems.Thereare
manycasesinwhichcommandsprovidingidenticalfunctionshave
differentnamesonvariousUnixoperatingsystems.
rcp
Thercpcommandisusedtocopyfilestoorfromaremotesystemacrossanetwork
withoutperforminganinteractivelogin.Thercpfunctionsmuchlikethecpcommand
usedtocopyfilesonthelocalsystem,usingthefollowingsyntax:
rcp[-r]sourcehost:filenamedesthost:filename
wherethesourcehost:filenamevariablespecifiesthehostnameofthesourcesystemand
thenameofthefiletobecopied,andthedesthost:filenamevariablespecifiesthehostname
ofthedestinationsystemandthenamethatthefileshouldbegivenonthatsystem.You
canalsocopyentiredirectoriesbyaddingthe-rparametertothecommandandspecifying
directorynamesinsteadoffilenames.Aswithrsh,thereisnologinprocedure,sotouse
rcp,eithertheclientsystemmustbetrustedbytheremotesystemortheusermustbe
listedinthe.rhostsfile.
SecureShellCommands
ThedownsideoftheBerkeleyremotecommandsisthattheyareinherentlyinsecure.
Passwordsaretransmittedoverthenetworkincleartext,makingitpossibleforintruders
tointerceptthem.Becauseofthissusceptibilitytocompromise,manyadministrators
prohibittheuseofthesecommands.Toaddressthisproblem,thereisaSecureShell
programthatprovidesthesamefunctionsasrlogin,rsh,andrcp,butwithgreatersecurity.
TheequivalentprogramsintheSecureShellarecalledslogin,ssh,andscp.Theprimary
differencesinusingthesecommandsarethattheconnectionisauthenticatedonbothsides
andallpasswordsandotherdataaretransmittedinencryptedform.
DARPACommands
TheBerkeleyremotecommandsaredesignedforuseonlikeUnixsystems,butthe
DARPAcommandsweredesignedaspartoftheTCP/IPprotocolsuiteandcanbeusedby
anytwosystemsthatsupportTCP/IP.VirtuallyallUnixoperatingsystemsincludeboth
theclientandserverprogramsforTelnet,FTP,andTrivialFileTransferProtocol(TFTP)
andinstallthembydefault,althoughsomeadministratorsmaychoosetodisablethem
later.
telnet
Thetelnetcommandissimilarinitsfunctionalitytorlogin,exceptthattelnetdoesnot
sendanyinformationabouttheuserontheclientsystemtotheserver.Youmustalways
supplyausernameandpasswordtobeauthenticated.AswithalloftheDARPA
commands,youcanuseaTelnetclienttoconnecttoanycomputerrunningaTelnetserver,
evenifitisrunningadifferentversionofUnixoranon-UnixOS.Thecommandsyoucan
usewhileconnected,however,arewhollydependentontheOSrunningtheTelnetserver.
If,forexample,youinstallaTelnetserveronaWindowssystem,youcanconnecttoit
fromaUnixclient,butonceconnected,youcanuseonlythecommandsrecognizedby
Windows.SinceWindowsisnotprimarilyacharacter-basedOS,itscommand-line
capabilitiesarerelativelylimited,unlessyouinstalloutsideprograms.
ftp
Theftpcommandprovidesmorecomprehensivefiletransfercapabilitiesthanrcpand
enablesaclienttoaccessthefilesystemonanycomputerrunninganFTPserver.
However,insteadofaccessingfilesinplaceontheothersystem,ftpprovidesonlythe
abilitytotransferfilestoandfromtheremotesystem.Forexample,youcannoteditafile
onaremotesystem,butyoucandownloadittoyourownsystem,edititthere,andthen
uploadthenewversiontotheoriginallocation.LikewithTelnet,usersmustauthenticate
themselvestoanFTPserverbeforetheyaregrantedaccesstothefilesystem.Many
systemsrunningFTP,suchasthoseontheInternet,supportanonymousaccess,buteven
thisrequiresanauthenticationprocessofsortsinwhichtheusersuppliesthename
“anonymous”andtheserverisconfiguredtoacceptanypassword.
tftp
ThetftpcommandusestheTrivialFileTransferProtocoltocopyfilestoorfromaremote
system.WhereasftpreliesontheTransmissionControlProtocolatthetransportlayer,tftp
usestheUserDatagramProtocol(UDP).BecauseUDPisaconnectionlessprotocol,no
authenticationbytheremotesystemisneeded.However,thislimitsthecommandto
copyingonlyfilesthatarepubliclyavailableontheremotesystem.TheTFTPprotocol
wasdesignedprimarilyforusebydisklessworkstationsthathavetodownloadan
executableoperatingsystemfilefromaserverduringthebootprocess.
NetworkFileSystem
Sharingfilesisanessentialpartofcomputernetworking,andUnixsystemsuseseveral
mechanismstoaccessfilesonothersystemswithoutfirsttransferringthemtoalocal
drive,aswithftpandrcp.ThemostcommonlyusedofthesemechanismsistheNetwork
FileSystem(NFS),whichwasdevelopedbySunMicrosystemsinthe1980sandhasnow
beenstandardizedbytheInternetEngineeringTaskForce(IETF)asRFC1094(NFS
Version2)andRFC1813(NFSVersion3).ByallowingNFStobepublishedasanopen
standard,Sunmadeitpossibleforanyonetoimplementtheservice,andtheresultisthat
NFSsupportisavailableforvirtuallyeveryOSinusetoday.
PracticallyeveryUnixvariantavailableincludessupportforNFS,whichmakesit
possibletosharefilesamongsystemsrunningdifferentUnixversions.Non-Unix
operatingsystems,suchasWindowsandNetWare,canalsosupportNFS,butaseparate
product(marketedbyeitherthemanufacturerorathirdparty)isrequired.SinceWindows
andNetWarehavetheirowninternalfile-sharingmechanisms,theseotheroperating
systemsmostlyrequireNFSonlytointegrateUnixsystemsintotheirnetworks.
NFSisaclient-serverapplicationinwhichaservermakesallorpartofitsfilesystem
availabletoclients(usingaprocesscalledexportingorsharing),andaclientaccessesthe
remotefilesystembymountingit,whichmakesitappearjustlikepartofthelocalfile
system.NFSdoesnotcommunicatedirectlywiththekernelonthelocalcomputerbut
ratherreliesontheremoteprocedurecalls(RPC)service,alsodevelopedbySun,to
handlecommunicationswiththeremotesystem.RPChasalsobeenreleasedasanopen
standardbySunandpublishedasanIETFdocumentcalledRFC1057.Thedata
transmittedbyNFSisencodedusingamethodcalledExternalDataRepresentation
(XDR),asdefinedinRFC1014.Inmostcases,theserviceusestheUDPprotocolfor
networktransportandlistensonport2049.
NFSisdesignedtokeeptheserversideoftheapplicationassimpleaspossible.NFS
serversarestateless,meaningtheydonothavetomaintaininformationaboutthestateofa
clienttofunctionproperly.Inotherwords,theserverdoesnotmaintaininformationabout
whichclientshavefilesopen.Intheeventthataservercrashes,clientssimplycontinueto
sendtheirrequestsuntiltheserverresponds.Ifaclientcrashes,theservercontinuesto
operatenormally.Thereisnoneedforacomplicatedreconnectionsequence.Because
repeatediterationsofthesameactivitiescanbetheconsequenceofthisstatelessness,NFS
isalsodesignedtobeasidempotentaspossible,meaningthattherepeatedperformanceof
thesametaskwillnothaveadeleteriouseffectontheperformanceofthesystem.NFS
serversalsotakenopartintheadaptationoftheexportedfilesystemtotheclient’s
requirements.Theserversuppliesfilesysteminformationinageneralizedform,anditis
uptotheclienttointegrateitintoitsownfilesystemsothatapplicationscanmakeuseof
it.
ThecommunicationbetweenNFSclientsandserversisbasedonaseriesofRPC
proceduresdefinedintheNFSstandardandlistedinTable20-1.Thesebasicfunctions
enabletheclienttointeractwiththefilesystemontheserverinallofthewaysexpected
byatypicalapplication.AnInternet-DraftreleasedinApril2014byIETFdescribesminor
updatestoearlierNFSversions.Thegoalofthisrevision,accordingtothedraft,isto
“improveaccessandgoodperformanceontheInternet,providestrongsecurity,good
cross-platforminteroperability,andisdesignedforprotocolextensionswhichdonot
compromisebackwardcompatibility.”(Seehttp://tools.ietf.org/html/draft-ietf-nfsv4rfc3530bis-33#section-1.1formoreinformation.)
Table20-1SomeRPCProceduresinNFSVersions
OnasystemconfiguredtofunctionasanNFSserver,youcancontrolwhichpartsof
thefilesystemareaccessibletoclientsbyusingcommandssuchasshareonSolarisand
SVR4systemsandexportfsonLinuxandHP-UX.Usingthesecommands,youspecify
whichdirectoriesclientscanaccessandwhatdegreeofaccesstheyareprovided.Youcan
choosetoshareadirectoryonaread-onlybasis,forexample,orgrantread-writeaccess,
andyoucanalsodesignatedifferentaccesspermissionsforspecificusers.
Clientsystemsaccessthedirectoriesthathavebeensharedbyaserverbyusingthe
mountcommandtointegratethemintothelocalfilesystem.Themountcommand
specifiesadirectorysharedbyaserver,theaccessthatclientapplicationsshouldhaveto
theremotedirectory(suchasread-writeorread-only),andthemountpointfortheremote
files.Themountpointisadirectoryonthelocalsysteminwhichthesharedfilesand
directorieswillappear.Applicationsandcommandsrunningontheclientsystemcan
referencetheremotefilesjustasiftheywerelocatedonalocaldrive.
Client-ServerNetworking
Client-servercomputingisthebasisfornetworkingonUnixsystems,asitisonmany
othercomputingplatforms.Unixisapopularapplicationserverplatformlargelybecause
itsrelativesimplicityandflexibilityenablethecomputertodevotemoreofitsresources
towarditsprimaryfunction.OnaWindowsserver,forexample,asignificantamountof
systemresourcesaredevotedtorunningtheGUIandothersubsystemsthatmayhavelittle
ornothingtodowiththeserverapplicationsthatareitsprimaryfunctions.Whenyou
dedicateacomputertofunctioningasawebserver,forexample,andyouwantittobe
abletoserviceasmanyclientsaspossible,itmakessensetodisableallextraneous
functions,whichissomethingthatisfareasiertodoonaUnixsystemthaninWindows.
ServerapplicationsonUnixsystemstypicallyrunasdaemons,whicharebackground
processesthatruncontinuously,regardlessofthesystem’sotheractivities.Therearemany
commercialserverproductsavailableforvariousUnixversionsandalsoagreatmanythat
areavailablefreeofcharge.BecausetheTCP/IPprotocolswerelargelydevelopedonthe
Unixplatform,UnixserversoftwareisavailableforeveryTCP/IPapplicationin
existence.
CHAPTER
21 OtherNetworkOperatingSystems
andNetworkingintheCloud
Additionaloperatingsystemshavebeencreatedascomputinghasevolved.Today,many
usersareturningtothecloudfornetworking(andotherservices).Astechnology
advances,newmethodsandapproacheswilldevelop.
HistoricalSystems
In1977,aUnix-basedoperatingsystemwasdevelopedbytheUniversityofCalifornia,
Berkeley.ThissystemwasoriginallyanextensionofAT&TResearch’sUnixoperating
system.Eventually,BerkeleySoftwareDistribution(BSD)Unixcametobetheoperating
system(OS)thatmanyotherorganizationsusedasthebasisfortheirownUnixproducts,
includingSunMicrosystems’SunOS.Theresultisthatmanyoftheprogramswrittenfor
oneBSD-basedUnixversionarebinary-compatiblewithotherversions.OncetheSVR4
releaseconsolidatedthebestfeaturesofBSDandseveralotherUnixversionsintoone
product,theBSDproductbecamelessinfluentialandculminatedinthe4.4BSDversionin
1992.
AlthoughmanyoftheUnixvariantsthatarepopulartodayoweagreatdebttothe
BSDdevelopmentproject,theversionsofBSDthatarestillcommonlyusedarepublic
domainoperatingsystems,suchasFreeBSD,Linux,NetBSD,andOpenBSD.Allofthese
operatingsystemsarebasedonBerkeley’s4.4BSDreleaseandcanbedownloadedfrom
theInternetfreeofchargeandusedforprivateandcommercialapplicationsatnocost.
FreeBSD
FreeBSD,availableatfreebsd.org/inversionsfortheIntelandAlphaplatforms,isbased
ontheBerkeley4.4BSD-Lite2releaseandisbinary-compatiblewithLinux,SCO,SVR4,
andNetBSDapplications.TheFreeBSDdevelopmentprojectisdividedintotwo
branches:theSTABLEbranch,whichincludesonlywell-testedbugfixesandincremental
enhancements,andtheCURRENTbranch,whichincludesallofthelatestcodeandis
intendedprimarilyfordevelopers,testers,andenthusiasts.Thecurrentstableversionasof
January2015is10.1.
NetBSD
NetBSD,availableatnetbsd.org/,isderivedfromthesamesourcesasFreeBSDbutboasts
portabilityasoneofitshighestpriorities.NetBSDisavailableinformalreleasesfor15
hardwareplatforms,rangingfromIntelandAlphatoMac,SPARC,andMIPSprocessors,
includingthosedesignedforhandheldWindowsCEdevices.Manyotherportsareinthe
developmentalandexperimentalstages.NetBSD’sbinarycompatibilityenablesitto
supportapplicationswrittenformanyotherUnixvariants,includingBSD,FreeBSD,
HP/UX,Linux,SVR4,Solaris,SunOS,andothers.Networkingcapabilitiessupported
directlybythekernelincludeNFS,IPv6,networkaddresstranslation(NAT),andpacket
filtering.ThelatestversionofNetBSD,releasedinSeptember2014is6.1.5.
OpenBSD
OpenBSDisavailableatopenbsd.org/;thecurrentversionis5.6,releasedinNovember
2014.LiketheotherBSD-derivedoperatingsystems,OpenBSDisbinary-compatiblewith
mostofitspeers,includingFreeBSD,SVR4,Solaris,SunOS,andHP/UX,anditcurrently
supports20hardwareplatforms,includingIntel,Alpha,SPARC,PowerPC,andothers.
However,thetopprioritiesofOpenBSD’sdevelopersaresecurityandcryptography.
BecauseOpenBSDisanoncommercialproduct,itsdevelopersfeeltheycantakeamore
uncompromisingstanceonsecurityissuesanddisclosemoreinformationaboutsecurity
thancommercialsoftwaredevelopers.Also,becauseitisdevelopedinanddistributed
fromCanada,OpenBSDisnotsubjecttotheAmericanlawsthatprohibittheexportof
cryptographicsoftwaretoothercountries.Thedevelopersare,therefore,morelikelyto
takeacryptographicapproachtosecuritysolutionsthanareAmerican-basedcompanies.
OracleSolaris
SunMicrosystems(sun.com)becameinvolvedinUnixdevelopmentintheearly1980s,
whenitsoperatingsystemwasknownasSunOS.In1991,Suncreatedasubsidiarycalled
SunSoftthatbeganworkonanewUnixversionbasedonSVR4,whichitcalledSolaris.
PurchasedbyOraclein2010,OracleSolarisisnowacompletecloudinfrastructure
operatingsystemandbillsitselfasthe“industry’smostwidelydeployedUnixoperating
system”andthe“firstfullyvirtualizedoperatingsystem.”Seethenextsectiontolearn
moreaboutcloudcomputing.
OperatingintheCloud
Working“inthecloud”isnotanewconcept.WhenVannevarBushandJ.C.R.Licklider
wereformulatingtheAdvancedResearchProjectsAgencyNetwork(ARPANET)inthe
1960s,Lickliderenvisionedthe“IntergalacticComputerNetwork.”Apaperwrittenwith
RobertW.Taylorin1968entitled“TheComputerasaCommunicationDevice”predicted
thatcomputernetworkswouldbeusedforcommunication.Althoughhisideaswerenot
realizeduntiltheavailabilityofhigherbandwidthsinthe1990s,muchofwhathe
describedisusedtoday.HispaperisstillavailableatseverallocationsontheInternet,
includinghttp://memex.org/licklider.pdf.
HistoryoftheCloud
Thetermcloudcomputinghasbeeninuseforseveraldecades.Whiletheexactorigin
seemstobeunknown,acloudsymbolhaslongbeenusedtorepresenttheInternetwhen
creatingcomputerdiagrams.And,theclouditselfisanetworkedgroupofserversthatcan
beaccessedovertheInternet,makingitpossibletoobtainservices,resources,andstorage
fromanyworldlocationwhereanInternetconnectionisavailable.
PrecursorstotheCloud
Inthe1950s,mainframecomputerswereusedforcommunicationatlargecompaniesand
universities.Manywereincapableofprocessinginformationbutwereaccessiblefromsocalledthin-clientworkstations.Theseunitswerequitecostly,andtimeonthemwasoften
rentedtoothers;therefore,“time-sharing”becameapopularmethodofrecoupingthehigh
costoftheseunits.
In1960,theDataphonewascreatedbyAT&Ttoconvertdigitalcomputersignalsto
analogsignalssothedigitalsignalscouldbesentviaAT&T’slong-distancenetwork.
Onlinetransactionprocessingbecameavailableovertelephonelinesin1964.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement