Saturday, 2 June 2012

Vlan (Virtual LAN)

Pagi ini belajar konsep Vlan... 
Bingung... Baca konsep dasar dulu Vlan... Cekidot 

Virtual LAN atau disingkat VLAN merupakan sekelompok perangkat pada satu LAN atau lebih yang dikonfigurasikan (menggunakan perangkat lunak pengelolaan) sehingga dapat berkomunikasi seperti halnya bila perangkat tersebut terhubung ke jalur yang sama, padahal sebenarnya perangkat tersebut berada pada sejumlah segmen LAN yang berbeda.

virtual local area networkvirtual LAN or VLAN, is a group of hosts with a common set of requirements, which communicate as if they were attached to the same broadcast domain, regardless of their physical location. A VLAN has the same attributes as a physical local area network (LAN), but it allows for end stations to be grouped together even if not on the same network switch. VLAN membership can be configured through software instead of physically relocating devices or connections.
To physically replicate the functions of a VLAN would require a separate, parallel collection of network cables and equipment separate from the primary network. However, unlike a physically separate network, VLANs must share bandwidth; two separate one-gigabit VLANs that share a single one-gigabit interconnection can suffer reduced throughput and congestion. It virtualizes VLAN behaviors (configuring switch ports, tagging frames when entering VLAN, lookup MAC table to switch/flood frames to trunk links, and untagging when exit from VLAN.)

Protocols and design

The protocol most commonly used today in configuring VLANs is IEEE 802.1Q. The IEEE committee defined this method of multiplexing VLANs in an effort to provide multivendor VLAN support. Prior to the introduction of the 802.1Q standard, several proprietary protocols existed, such as Cisco's ISL (Inter-Switch Link) and 3Com's VLT (Virtual LAN Trunk). Cisco also implemented VLANs over FDDI by carrying VLAN information in an IEEE 802.10 frame header, contrary to the purpose of the IEEE 802.10 standard.
Both ISL and IEEE 802.1Q tagging perform "explicit tagging" - the frame itself is tagged with VLAN information. ISL uses an external tagging process that does not modify the existing Ethernet frame, while 802.1Q uses a frame-internal field for tagging, and so does modify the Ethernet frame. This internal tagging is what allows IEEE 802.1Q to work on both access and trunk links: frames are standard Ethernet, and so can be handled by commodity hardware.
The IEEE 802.1Q header contains a 4-byte tag header containing a 2-byte tag protocol identifier (TPID) and a 2-byte tag control information (TCI). The TPID has a fixed value of 0x8100 that indicates that the frame carries the 802.1Q/802.1p tag information. The TCI contains the following elements:
  • Three-bit user priority
  • One-bit canonical format indicator (CFI)
  • Twelve-bit VLAN identifier (VID) - uniquely identifies the VLAN the frame belongs to
The VID limits the number of VLANs on a given Ethernet network to 4,096. This does not impose the same limit on the number of IP subnets in such a network, since a single VLAN can contain multiple IP subnets.
The 802.1Q standard can create an interesting scenario on the network. Recalling that the maximum size for an Ethernet frame as specified by IEEE 802.3 is 1518 bytes, this means that if a maximum-sized Ethernet frame gets tagged, the frame size will be 1522 bytes, a number that violates the IEEE 802.3 standard. To resolve this issue, the 802.3 committee created a subgroup called 802.3ac to extend the maximum Ethernet size to 1522 bytes. Some network devices that do not support a larger frame size will process the frame successfully but may report these anomalies as a "baby giant."[3]
Inter-Switch Link (ISL) is a Cisco proprietary protocol used to interconnect multiple switches and maintain VLAN information as traffic travels between switches on trunk links. This technology provides one method for multiplexing bridge groups (VLANs) over a high-speed backbone. It is defined for Fast Ethernet and Gigabit Ethernet, as is IEEE 802.1Q. ISL has been available on Cisco routers since Cisco IOS Software Release 11.1.
With ISL, an Ethernet frame is encapsulated with a header that transports VLAN IDs between switches and routers. ISL does add overhead to the packet as a 26-byte header containing a 10-bit VLAN ID. In addition, a 4-byte CRC is appended to the end of each frame. This CRC is in addition to any frame checking that the Ethernet frame requires. The fields in an ISL header identify the frame as belonging to a particular VLAN.
A VLAN ID is added only if the frame is forwarded out a port configured as a trunk link. If the frame is to be forwarded out a port configured as an access link, the ISL encapsulation is removed.
Early network designers often configured VLANs with the aim of reducing the size of the collision domain in a large single Ethernet segment and thus improving performance. When Ethernet switches made this a non-issue (because each switch port is a collision domain), attention turned to reducing the size of the broadcast domain at the MAC layer. VLAN can also serve to restrict access to network resources without regard to physical topology of the network, although the strength of this method remains debatable as VLAN Hopping[4] is a common means of bypassing such security measures.
VLANs operate at Layer 2 (the data link layer) of the OSI model. Administrators often configure a VLAN to map directly to an IP network, or subnet, which gives the appearance of involving Layer 3 (the network layer). In the context of VLANs, the term "trunk" denotes a network link carrying multiple VLANs, which are identified by labels (or "tags") inserted into their packets. Such trunks must run between "tagged ports" of VLAN-aware devices, so they are often switch-to-switch or switch-to-router links rather than links to hosts. (Note that the term 'trunk' is also used for what Cisco calls "channels" : Link Aggregation or Port Trunking). A router (Layer 3 device) serves as the backbone for network traffic going across different VLANs.

[edit]
Cisco VLAN Trunking Protocol (VTP)

On Cisco Devices, VTP (VLAN Trunking Protocol) maintains VLAN configuration consistency across the entire network. VTP uses Layer 2 trunk frames to manage the addition, deletion, and renaming of VLANs on a network-wide basis from a centralized switch in the VTP server mode. VTP is responsible for synchronizing VLAN information within a VTP domain and reduces the need to configure the same VLAN information on each switch.
VTP minimizes the possible configuration inconsistencies that arise when changes are made. These inconsistencies can result in security violations, because VLANs can cross connect when duplicate names are used. They also could become internally disconnected when they are mapped from one LAN type to another, for example, Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping scheme that enables seamless trunking within a network employing mixed-media technologies.
VTP provides the following benefits:
  • VLAN configuration consistency across the network
  • Mapping scheme that allows a VLAN to be trunked over mixed media
  • Accurate tracking and monitoring of VLANs
  • Dynamic reporting of added VLANs across the network
  • Plug-and-play configuration when adding new VLANs
As beneficial as VTP can be, it does have disadvantages that are normally related to the spanning tree protocol (STP) as a bridging loop propagating throughout the network can occur. Cisco switches run an instance of STP for each VLAN, and since VTP propagates VLANs across the campus LAN, VTP effectively creates more opportunities for a bridging loop to occur.
Before creating VLANs on the switch that will propagate via VTP, a VTP domain must first be set up. A VTP domain for a network is a set of all contiguously trunked switches with the same VTP domain name. All switches in the same management domain share their VLAN information with each other, and a switch can participate in only one VTP management domain. Switches in different domains do not share VTP information.
Using VTP, each Catalyst Family Switch advertises the following on its trunk ports:
  • Management domain
  • Configuration revision number
  • Known VLANs and their specific parameters

[edit]
Establishing VLAN memberships

The two common approaches to assigning VLAN membership are as follows:
  • Static VLANs
  • Dynamic VLANs
Static VLANs are also referred to as port-based VLANs. Static VLAN assignments are created by assigning ports to a VLAN. As a device enters the network, the device automatically assumes the VLAN of the port. If the user changes ports and needs access to the same VLAN, the network administrator must manually make a port-to-VLAN assignment for the new connection.
Dynamic VLANs are created through the use of software. With a VLAN Management Policy Server (VMPS), an administrator can assign switch ports to VLANs dynamically based on information such as the source MAC address of the device connected to the port or the username used to log onto that device. As a device enters the network, the switch queries a database for the VLAN membership of the port that device is connected to.

[edit]
Protocol-Based VLANs

In a switch that supports protocol-based VLANs, traffic is handled on the basis of its protocol. Essentially, this segregates or forwards traffic from a port depending on the particular protocol of that traffic; traffic of any other protocol is not forwarded on the port.
For example, it is possible to connect to a given switch the following:
  • a host generating ARP traffic to port 10
  • a network with IPX traffic to port 20
  • a router forwarding IP traffic to port 30
If a protocol-based VLAN is created that supports IP and contains all three ports, this prevents IPX traffic from being forwarded to ports 10 and 30, and ARP traffic from being forwarded to ports 20 and 30, while still allowing IP traffic to be forwarded on all three ports.

[edit]
VLAN Cross Connect

VLAN Cross Connect (CC) is a mechanism used to create Switched VLANs, VLAN CC uses IEEE 802.1ad frames where the S Tag is used as a Label as in MPLS. IEEE approves the use of such a mechanism in par 6.11 of IEEE 802.1ad-2005.



Sumber :

Command Switch Catalyst


n this article I will introduce the Cisco Internetwork Operating System (IOS) command line interface (CLI) for the 2960 series switch. You will need to logon to a switch and become familiar with the different levels of access on the switch. You will also become familiar with the commands available to you in each mode (user or privileged) and the switch help facility, history, and editing features.

User vs. Privileged Mode

User mode is indicated with the > next to the switch name. You can look at settings but can not make changes from user mode. In Privilege mode, indicated by the #, you can do anything. To get into privilege mode the keyword is enable.

HELP

To view all commands available from this mode type:?This will give you the list of all available commands for the switch in your current mode. You can also use the question mark after you have started typing a command. For example if you want to use a show command but you do not remember which one it is, use the ? as this will output all commands that you can use with the show command.

Configuration Mode

From privilege mode you can enter configuration mode by typing config term command you can exit configuration mode type type end or+z

Configuration of Cisco 2960 Switch

To practically implement these command either create a simple topology on packet tracer or download this topology.
Now click on any switch and configure it as given below
To know all available command on user exec mode type ? and press enter
Switch>?
Exec commands:
    [1-99]         Session number to resume
    connect        Open a terminal connection
    disconnect     Disconnect an existing network connection
    enable         Turn on privileged commands
    exit           Exit from the EXEC
    logout         Exit from the EXEC
    ping           Send echo messages

[Output is omitted]
Three command can be used to logout from terminal use any one
Switch>enable
Switch#disable
Switch>exit

Switch con0 is now available

Press RETURN to get started.
Show version command will tell about the device platform and detected interface and ios name
Switch>enable
Switch#show version
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version
12.2(25)FX, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 12-Oct-05 22:05 by pt_team
ROM: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)FX,
RELEASE SOFTWARE (fc4)
System returned to ROM by power-on
Cisco WS-C2960-24TT (RC32300) processor (revision C0) with
21039K bytes of memory.
24 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

[Output is omitted]
show mac address command will show all detected mac address dynamically and manually
Switch#show mac-address-table
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

   1    0001.643a.5501    DYNAMIC     Gig1/1
Run time configuration of ram can be any time by simple show run commands
Switch#show running-config
Building configuration...
Current configuration : 925 bytes
version 12.2
no service password-encryption
!
hostname Switch

[Output is omitted]
To view startup configuration [ Stored in NVRAM] use show start command
Switch#show startup-config
Current configuration : 925 bytes
version 12.2
no service password-encryption
!
hostname Switch

[Output is omitted]
show vlan command will give the detail overview of all vlan configured on switch
Switch#show vlan

VLAN Name                      Status    Ports
---- -------------------------------- --------- -----------------------
1    default                   active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                         Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                         Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                         Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                         Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                         Fa0/21, Fa0/22, Fa0/23, Fa0/24
[Output is omitted]
show interface command will show all detected interface with their hardware description and configuration
Switch#show interfaces
FastEthernet0/1 is up, line protocol is up (connected)
  Hardware is Lance, address is 0060.2f9d.9101 (bia 0060.2f9d.9101)
  MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
[Output is omitted]
interface vlan 1 is used to assign ip address and default gateway to switch. Show interface vlan 1 will give a over view of vlan1.
Switch#show interface vlan1
Vlan1 is administratively down, line protocol is down
  Hardware is CPU Interface, address is 0060.5c23.82ae
   (bia 0060.5c23.82ae)
  MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  ARP type: ARPA, ARP Timeout 04:00:00

[Output is omitted]
delete command is used to delete all vlan configuration from switch Don’t add space between flash and vlan.dat Run this exactly shown here adding a space could erase flash entirely leaving switch blank
Switch#delete flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:/vlan.dat? [confirm]
%deleting flash:/vlan.dat
Startup configuration can be removed by erase commands
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files!
Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
use configure terminal command to go in global configuration mode
Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Now change default switch name to switch 1
Switch(config)#hostname Switch1
Set enable password to vinita and secret to nikki
Switch1(config)#enable password vinita
Switch1(config)#enable secret nikki
Set console password to vinita and enable it by login command, order of command is important set password before you enable it
Switch1(config)#line console 0
Switch1(config-line)#password vinita
Switch1(config-line)#login
Switch1(config-line)#exit
Enable 5 telnet session [ vty0 - vty4] for router and set their password to vinita
Switch1(config)#line vty 0 4
Switch1(config-line)#password vinita
Switch1(config-line)#login
Switch1(config-line)#exit
Now set switch ip address to 192.168.0.10 255.255.255.0 and default gateway to 192.168.0.5
Switch1(config)#interface vlan1
Switch1(config-if)#ip address 192.168.0.10 255.255.255.0
Switch1(config-if)#exit
Switch1(config)#ip default-gateway 192.168.0.5
Set a description finance VLAN to interface fast Ethernet 1
Switch1(config)#interface fastEthernet 0/1
Switch1(config-if)#description finance VLAN
By default switch automatically negotiate speed and duplex but you can adjust it manually
Switch1(config-if)#duplex full
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1,
 changed state to downSwitch1
(config-if)#duplex auto
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
Switch1(config-if)#duplex half
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1,
changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
Switch1(config-if)#duplex auto
Switch1(config-if)#speed 10
Switch1(config-if)#speed 100
Switch1(config-if)#speed auto
Switch1(config-if)#exit
Switch1(config)#exit
mac address table can be wiped out by clear commands
Switch1#show
Switch1#show mac-address-table
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

   1    0001.643a.5501    DYNAMIC     Gig1/1
Switch1#clear mac-address-table
Switch1#clear mac-address-table ?
  dynamic  dynamic entry type
Switch1#clear mac-address-table dynamic
To restart switch use reload command [ running configuration will be erased so copy it first to startup configuration ]
Switch1#reload
Proceed with reload? [confirm]
Switch con0 is now available
Press RETURN to get started.


CCNA basic switch configuration commands sheet

Commanddescriptions
switch>?
The ? works here the same as in a router Used to get the list of all available commands
switch>enable
User mode, same as a router
switch#
Privileged mode
switch#disable
Leaves privileged mode
switch>exit
Leaves user mode
switch#show version
Displays information about software and hardware.
switch#show flash:
Displays information about flash memory (will work only for the 2900/2950 series).
switch#show mac-address-table
Displays the current MAC address forwarding table
.
switch#show running-config
Displays the current configuration in DRAM.
switch#show startup-config
Displays the current configuration in NVRAM.
switch#show vlan
Displays the current VLAN configuration.
switch#show interfaces
Displays the interface configuration and status of line: up/up, up/down, admin down.
switch#show interface vlan1
Displays setting of virtual interface VLAN 1, the default VLAN on the switch.


Switch#delete flash:vlan.dat
Removes the VLAN database from flash memory.
Delete filename [vlan.dat]?
Press Enter
Delete flash:vlan.dat? [confirm]
Press Enter
Switch#erase startup-config
Erases the file from NVRAM.
Switch#reload
Restarts the switch.
To Set Host Names
Switch#configure terminal
Moves to global configuration mode
Switch(config)#hostname Switch1
Creates a locally significant host name of the switch. This is the same command as the router.


Switch(config)#enable password vinita
Sets the enable password to vinita
Switch(config)#enable secret nikki
Sets the encrypted secret password to nikki
Switch(config)#line console 0
Enters line console mode
Switch(config-line)#login
Enables password checking
Switch(config-line)#password vinita
Sets the password to vinita
Switch(config-line)#exit
Exits line console mode
Switch(config-line)#line vty 0 4
Enters line vty mode for all five virtual ports
Switch(config-line)#login
Enables password checking
Switch(config-line)#password vinita
Sets the password to vinita
Switch(config-line)#exit
Exits line vty mode
Switch(config)# 
To Set IP Addresses and Default Gateways
Switch(config)#interface vlan1
Enters the virtual interface for VLAN 1, the default VLAN on the switch
Switch(config-if)#ip address 192.168.0.10 255.255.255.0
Sets the IP address and netmask to allow for remote access to the switch
Switch(config-if)#exit 
Switch(config)#ip default-gateway 192.168.0.5
Allows IP information an exit past the local network
To Set Interface Descriptions
Switch(config)#interface fastethernet 0/1
Enters interface configuration mode
Switch(config-if)#description Finance VLAN
Adds a description of the interface
To Set Duplex Operation
Switch(config)#interface fastethernet 0/1
Moves to interface configuration mode
Switch(config-if)#duplex full
Forces full-duplex operation
Switch(config-if)#duplex auto
Enables auto-duplex config
Switch(config-if)#duplex half
Forces half-duplex operation
To Set Operation Speed
Switch(config)#interface fastethernet 0/1 
Switch(config-if)#speed 10
Forces 10-Mbps operation
Switch(config-if)#speed 100
Forces 100-Mbps operation
Switch(config-if)#speed auto
Enables autospeed configuration
MAC Address Table
switch#show mac address-table
Displays current MAC address forwarding table
switch#clear mac address-table
Deletes all entries from current MAC address forwarding table
switch#clear mac address-table dynamic

Deletes only dynamic entries from table



Friday, 1 June 2012

OSI LAYER



The OSI reference modelis the primary model for network communications. The early development of LANs, MANs, and WANs was confused in many ways. The early 1980s saw great increases in the number and sizes of networks. As companies realized that they could save money and gain productivity by using networking technology, they added networks and expanded existing networks as rapidly as new network technologies and products were introduced.
In 1984, the International Organization for Standardization (ISO) developed the OSI Reference Model to describe how information is transferred from one networking component to another, from the point when a user enters information using a keyboard and mouse to when that information is converted to electrical or light signals transferred along a piece of wire (or radio waves transferred through the air).
ISO developed the seven-layer model to help vendors and network administrators gain a better understanding of how data is handled and transported between networking devices, as well as to provide a guideline for the implementation of new networking standards and technologies. To assist in this process, the OSI Reference Model separates the network communication process into seven simple layers.
Dividing the network into these seven layers provides these advantages:

Reduces complexity:

It breaks network communication into smaller, simpler parts. It divides the network communication process into smaller and simpler components, thus aiding component development, design, and troubleshooting.

Standardizes interfaces:

It standardizes network components to allow multiple vendor development and support.

Facilitates modular engineering:

It allows different types of network hardware and software to communicate with each other.

Interoperability between Vendors

It allows multiple-vendor development through standardization of network components. Defines the process for connecting two layers together, promoting interoperability between vendors It Allows vendors to compartmentalize their design efforts to fit a modular design, which eases implementations and simplifies troubleshooting.

Ensures interoperable technology:

It prevents changes in one layer from affecting the other layers, allowing for quicker development.

Accelerates evolution:

It provides for effective updates and improvements to individual components without affecting other components or having to rewrite the entire protocol.

Simplifies teaching and learning:

It breaks network communication into smaller components to make learning easier. Provides a teaching tool to help network administrators understand the communication process used between networking components


The OSI Reference Model

  • The OSI reference model consists of seven layers: physical, data-link, network, transport, session, presentation, and application.
  • The OSI model layers usually do not correspond exactly to the protocol stack running on an actual system.
  • The data-link layer protocols often include physical layer specifications.
  • The network and transport layer protocols work together to provide a cumulative end-to-end communication service.
  • The functions of the session, presentation, and application layers are often combined into a single application layer protocol.



Each OSI layer contains a set of functions performed by programs to enable data to travel from a source to a destination on a network.
In this article I will provide brief descriptions of each layer in the OSI reference model.

Application Layer

The application layer is the OSI layer that is closest to the user. This layer provides network services to the user's applications. It differs from the other layers in that it does not provide services to any other OSI layer, but only to applications outside the OSI reference model. Applications layer provide a platform to access the data of remote computer.
The application layer protocols that you should know are as follows:
  • SNMP (Simple Network Management Protocol)— Communicates status and allows control of networked devices.
  • TFTP (Trivial File Transfer Protocol)— Simple, lightweight file transfer.
  • DNS (Domain Naming System)— Translates a website name (easy for people) to an IP address (easy for computers).
  • DHCP (Dynamic Host Configuration Protocol)— Assigns IP, mask, and DNS server (plus a bunch of other stuff) to hosts.
  • Telnet— Provides a remote terminal connection to manage devices to which you are not close enough to use a console cable.
  • HTTP (Hypertext Transfer Protocol)— Browses web pages.
  • FTP (File Transfer Protocol)— Reliably sends/retrieves all file types.
  • SMTP (Simple Mail Transfer Protocol)— Sends email.
  • POP3 (Post Office Protocol v.3)— Retrieves email.
  • NTP (Network Time Protocol)— Synchronizes networked device clocks.

presentation layer

The presentation layer is responsible for formatting data so that application-layer protocols (and then the users) can recognize and work with it. Presentation layer format the file extensions—such as .doc, .jpg, .txt, .avi, and so on. you realize that each of these file types is formatted for use by a particular type of application. The presentation layer taking the application layer data and marking it with the formatting codes so that it can be viewed reliably when accessed later. If necessary, the presentation layer might be able to translate between multiple data formats by using a common format.

The Session Layer

The session layer establishes, manages, and terminates sessions between two communicating hosts. It provides its services to the presentation layer. The session layer also synchronizes dialogue between the presentation layers of the two hosts and manages their data exchange. For example, web servers have many users, so many communication processes are open at a given time. Therefore, keeping track of which user communicates on which path is important.

Transport Layer
He transport layer is possibly the most important layer for exam study purposes. A lot is going on here, and it is heavily tested.
The transport layer's main jobs
  • It sets up and maintains a session connection between two devices.
  • It can provide for the reliable or unreliable delivery of data across this connection.
  • It multiplexes connections, allowing multiple applications to simultaneously send and receive data. When
  • Implementing a reliable connection, sequence numbers and acknowledgments (ACKs) are used.
  • Flow control (through the use of windowing or acknowledgements)
  • Reliable connections (through the use of sequence numbers and Acknowledgement )
Transport layer use two protocols for sending data TCP and UDP.
TCP
TCP is connection oriented protocols. Connection-oriented transmission is said to be reliable. Thinks TCP as registry AD facility available in Indian post office. For this level of service, you have to buy extra ticket and put a bunch of extra labels on it to track where it is going and where it has been. But, you get a receipt when it is delivered, you are guaranteed delivery, and you can keep track of whether your shipment got to its destination. All of this costs you more—but it is reliable!

UDP
UDP is connection less protocols. Connection-less transmission is said to be unreliable. Now, don't get too wrapped up in the term "unreliable" this doesn't mean that the data isn't going to get there; it only means that it isn't guaranteed to get there. Think of your options when you are sending a postcard, put it in the mailbox, and chances are good that it will get where it's supposed to go—but there is no guarantee, and stuff does go missing once in a while. On the other hand, it's cheap.

The transport layer can use two basic flow control methods:
  • Ready/not ready signals
  • Windowing
There are two problems with the use of ready/not ready signals to implement flow control. 
First, the destination may respond to the source with a not ready signal when its buffer fills up. While this message is on its way to the source, the source is still sending information to the destination, which the destination will probably have to drop because its buffer space is full.
The second problem with the use of these signals is that once the destination is ready to receive more information, it must first send a ready signal to the source, which must receive it before more information can be sent.In many implementations, the window size is dynamically negotiated up front and can be renegotiated during the lifetime of the connection.

In windowing a window size is defined between two host engaged in data transmission. And sender host will wait for an acknowledgement signal after sending the segments equal to window size. If any packet lost in way receiver will respond with acknowledgement for lost packet. And sender will send lost packet again.

Reliability

When reliability is necessary, it should cover these four items:
  • recognizing lost packets and having them re-sent
  • recognizing packets that arrive out of order and reordering them
  • detecting duplicate packets and dropping the extra ones
  • Avoiding congestion

Connection Multiplexing/Application Mapping

Transport layer assigns a unique set of numbers for each connection. These numbers are called port or socket numbers. TCP, and UDP, provide a multiplexing function for a device: This allows multiple applications to simultaneously send and receive data.
Imagine a server that performs a number of functions—for example email, web pages, FTP, and DNS. The server has a single IP address, but can perform all these different functions for all the hosts that want to connect to it. The transport layer (layer 4) uses port numbers to distinguish between different types of traffic that might be headed for the same IP address.

Port numbers are divided into ranges by the IANA. Following are the current port ranges:
Port numberdescriptions
0–1023
Well-Known—For common TCP/IP functions and applications
1024–49151
Registered—For applications built by companies
49152–65535
Dynamic/Private—For dynamic connections or unregistered applications

Common TCP and UDP Port Numbers

TCPUDP
FTP20, 21DNS53
Telnet23DHCP67,68
SMTP25TFTP69
DNS53NTP123
HTTP80SNMP161
POP110
NNTP119
HTTPS443



Network Layer

The network layer provides a logical topology and layer-3 addresses. Routers function at the network layer. This layer is responsible for three main functions:

  • Defines logical addresses used at layer-3
  • Finds paths, based on the network numbers of logical addresses, to reach destination devices
  • Connects different data link types together, such as Ethernet, FDDI, Serial, and Token Ring
IP packet
Where the transport layer uses segments to transfer information between machines, the Internet layer uses datagram's. Datagram is just another word for packet.

The IP protocol is mainly responsible for these functions:
  • Connectionless data delivery: best effort delivery with no data recovery capabilities
  • Hierarchical logical addressing to provide for highly scalable internetworks
IP addresses are broken into two components:
  • Network component Defines on what segment, in the network, a device is located
  • Host component defines the specific device on a particular network segment
Two types of packets are used at the Network layer: data and route updates.
Data packets
Used to transport user data through the internetwork. Protocols used to support data traffic are called routed protocols; examples of routed protocols are IP and IPv6.

Route update packets
Used to update neighboring routers about the networks connected to all routers within the internetwork. Protocols that send route update packets are called routing protocols; examples of some common ones are RIP, RIPv2, EIGRP, and OSPF. Route update packets are used to help build and maintain routing tables on each router.

IP Classes

 Class A addresses range from 1-126: 00000001-01111111.
  • Class B addresses range from 128-191: 10000000-10111111.
  • Class C addresses range from 192-223: 11000000-11011111.
  • Class D addresses range from 224-239: 11100000-11101111.
  • Class E addresses range from 240-254:
  1. 0 is reserved and represents all IP addresses;
  2. 127 is a reserved address and is used for testing, like a loop back on an interface:
  3. 255 is a reserved address and is used for broadcasting purposes.
Public addresses are Class A, B, and C addresses that can be used to access devices in other public networks, such as the Internet. Public IP address assign authority The Internet Assigned Numbers Authority (IANA) is ultimately responsible for handing out and managing public addresses. Normally you get public addresses directly from your ISP, which, in turn, requests them from one of five upstream address registries:
  • American Registry for Internet Numbers (ARIN)
  • Reseaux IP Europeans Network Coordination Center (RIPE NCC)
  • Asia Pacific Registry for Internet Numbers (APNIC)
  • Latin American and Caribbean Internet Address Registry (LACNIC)
  • African Network Information Centre (AfriNIC)

Private IP and ISP

Private ip address can be used to configure private network. You can use private ip to build your network without paying a single rupees. But one biggest problem with private ip is that with private you can not access the internet. This is the point where ISP comes from. ISP purchase a bulk of public ip address and provide them on rent. Whatever you pay to ISP for accessing internet is actually the charge of using public ip address.

Private ip address:- Not route able in public network
  • Class A: 10.0.0.0-10.255.255.255 (1 Class A network)
  • Class B: 172.16.0.0-172.31.255.255 (16 Class B networks)
  • Class C: 192.168.0.0-192.168.255.255 (256 Class C networks)
ProtocolDescription
IP
IP of TCP/IP, featuring routable 32-bit addressing.
IPX
The equivalent of IP in Novell Netware.
ICMP
Internet Connection Management Protocol. Incorporates Ping and Traceroute, which are layer 3 link-testing utilities.
OSPF, IGRP, EIGRP, RIP, ISIS
Dynamic routing protocols that learn about remote networks and the best paths to them from other routers running the same protocol.
ARP, RARP
Address Resolution Protocol (and Reverse ARP). ARP learns what MAC address is associated with a given IP address. Reverse ARP learns an IP address given a MAC address.


Data link layer

Main functions of data link layer is

  • Defining the Media Access Control (MAC) or hardware addresses
  • Defining the physical or hardware topology for connections
  • Defining how the network layer protocol is encapsulated in the data link layer frame
  • Providing both connectionless and connection-oriented services
  • Defines hardware (MAC) addresses as well as the communication process that occurs within a media.
  • The first six hexadecimal digits of a MAC address form the OUI.
  • MAC addresses only need to be unique in a broadcast domain,
  • You can have the same MAC address in different broadcast domains (virtual LANs).
There are two specifications of Ethernet frame Ethernet II and 802
802.2 use a SAP or SNAP field to differentiate between encapsulatedlayer-3 payloads.
With a SNAP frame, the SAP fields are set to 0xAA and the type field is used to indicate the layer-3 protocol. One of the issues of the original SAP field in the 802.2 SAP frame is that even though it is eight bits (one byte) in length, only the first six bits are used for identifying upper-layer protocols, which allows up to 64 protocols.
802.2 SNAP frame support of up to 65,536 protocols
Ethernet II's Version of Ethernet
  • Ethernet II does not have any sub layers, while IEEE 802.2/3 has two: LLC and MAC.
  • Ethernet II has a type field instead of a length field (used in 802.3). IEEE 802.2 defines the type for IEEE Ethernet

Physical Layer

The Physical layer communicates directly with the various types of actual communication media. Different kinds of media represent these bit values in different ways. Some use audio tones, while others utilize state transitions—changes in voltage from high to low and low to high. Specific protocols are needed for each type of media to explain the proper bit patterns to be used, how data is encoded into media signals, and the various qualities of the physical media’s attachment interface.

Fiber Cabling

Two types of fiber are used for connections: multimode and single-mode.
Multimode fiber
has a fiber thickness of either 850 or 1300 nanometers (nm), and the light signal is typically provided by an LED. When transmitting a signal, the light source is bounced off of the inner cladding (shielding) surrounding the fiber. Multimode fiber can achieve speeds in the hundreds of Mbps range, and many signals can be generated per fiber.

Single-mode fiber
has a fiber thickness of 1300 or 1550 nm and uses a laser as the light source. Because lasers provide a higher output than LEDs, single-mode fiber can span over 10 kilometers and have speeds up to 100Gbps. With single-mode fiber, only one signal is used per fiber.

  • Loss factor is used to describe any signal loss in the fiber before the light source gets to the end of the fiber.
  • Connector loss is a loss that occurs when a connector joins two pieces of fibers: a slight signal loss is expected.
  • Attenuation describe the signal loose due to distance
  • Microbending is when a wrinkle in the fiber, typically where the cable is slightly bent, causes a distortion in the light source.
  • Macrobending is when there is leakage of the light source from the fiber, typically from a bend in the fiber cable. to overcome this problem over long distances, optical amplifiers can be used.
Two main standards are used to describe the transmission of signals across a fiber:
SONET is defined by the Exchange Carriers Standards Association (ECSA) and American National Standards Institute (ANSI) and is typically used in North America.
SDH is an international standard used throughout most of the world (with the exception of North America). Both of these standards define the physical layer framing used to transmit light sources, which also includes overhead for the transmission

Core Layer

The core provides a high-speed layer-2 switching infrastructure and typically does not manipulate packet contents.

Distribution Layer

The distribution layer provides a boundary between the access and core layers. It contains routers and switches. Routers are used to provide the logical boundary--broadcasts are contained within the access layer and Filtering policies can be implemented to restrict traffic flows.

Access Layer

The access layer provides the user's initial access to the network, which is typically via switches or hubs.

TCP/IP protocol

The TCP/IP protocol stack has four layers. Note that although some of the layers in the TCP/IP protocol stack have the same names as layers in the OSI reference model, the layers have different functions in each model, as is described in the following list:

Application layer:

The application layer handles high-level protocols, including issues of representation, encoding, and dialog control. The TCP/IP model combines all application-related issues into one layer and ensures that this data is properly packaged for the next layer.

Transport layer:

The transport layer deals with QoS issues of reliability, flow control, and error correction. One of its protocols, TCP, provides for reliable network communications.

Internet layer:

The purpose of the Internet layer is to send source datagrams from any network on the internetwork and have them arrive at the destination, regardless of the path they took to get there.

Network access layer:

The name of this layer is broad and somewhat confusing. It is also called the host-to-network layer. It includes the LAN and WAN protocols and all the details in the OSI physical and data link layers.