Essential Networking Notes

[Networking Notes JIMMY]
Broadband versus Baseband

Networks employ two types of signaling methods: baseband and broadband. Baseband
transmissions use digital signaling over a single wire. Communication on baseband transmissions
is bidirectional, allowing signals to be sent and received but not at the same time. To send
multiple signals on a single cable, baseband uses something called Time Division ultiple!ing
"TD#. TD divides a single channel into time slots.
$n terms of %&N network standards, broadband transmissions, on the other hand, use analog
transmissions. 'or broadband transmissions to be sent and received, the media has to be split into
two channels. ultiple channels are created using 're(uency Division)ultiple!ing "'D#.
Simplex, Half Duplex, and Full Duplex
*imple!, half duple!, and full duple! are referred to as dialog modes, and they determine the
direction in which data can flow through the network media.
*imple! allows for one)way communication of data through the network, with the full bandwidth
of the cable being used for the transmitting signal. +ne)way communication is of little use on
%&Ns, making it unusual at best for network implementations. 'ar more common is the half)
duple! mode, which accommodates transmitting and receiving on the network but not at the
same time. any networks are configured for half)duple! communication.
The preferred dialog mode for network communication is the full)duple! mode. To use full
duple!, both the network card and the hub or switch must support full duple!ing. Devices
configured for full duple!ing are capable of transmitting and receiving simultaneously. This
means that ,--bps network cards are capable of transmitting at .--bps using full)duple!
mode.
Media Interference
Depending on where network cabling "commonly referred to as media# is installed, interference
can be a ma/or consideration. Two types of media interference can adversely affect data
transmissions over network media: electromagnetic interference "0$# and crosstalk.
0$ is a problem when cables are installed near electrical devices, such as air conditioners or
fluorescent light fi!tures. $f a network media is placed close enough to such a device, the signal
within the cable might become corrupt. Network media vary in their resistance to the effects of
0$. *tandard 1T2 cable is susceptible to 0$, whereas fiber cable with its light transmissions
is resistant to 0$. 3hen deciding on a particular media, consider where it will run and the
impact 0$ can have on the installation.
& second type of interference is crosstalk. Crosstalk refers to how the data signals on two
separate media interfere with each other. The result is that the signal on both cables can become
corrupt. &s with 0$, media varies in its resistance to crosstalk, with fiber)optic cable being the
most resistant.
Attenuation
&ttenuation refers to the weakening of data signals as they travel through a respective media.
Network media varies in its resistance to attenuation. Coa!ial cable is generally more resistant
than 1T2, *T2 is slightly more resistant than 1T2, and fiber)optic cable does not suffer from
attenuation at all. That4s not to say that a signal does not weaken as it travels over fiber)optic
cable, but the correct term for this weakening is 4chromatic dispersion,4 rather than attenuation.
$t4s important to understand attenuation or chromatic dispersion and the ma!imum distances
specified for network media. 0!ceeding a media4s distance without using repeaters can cause
hard)to)troubleshoot network problems. ost attenuation or chromatic dispersion related
difficulties on a network re(uire using a network analy5er to detect them.
Data Transmission Rates
+ne of the more important media considerations is the supported data transmission rate or speed.
Different media types are rated to certain ma!imum speeds, but whether or not they are used to
this ma!imum depends on the networking standard being used and the network devices
connected to the network.
Transmission rates are normally measured by the number of data bits that can traverse the media
in a single second. $n the early days of data communications, this measurement was e!pressed as
bits per second "bps#, but today4s networks are measured in bps "megabits per second# and
6bps "gigabits per second#.
The different network media vary greatly in the transmission speeds they support. any of
today4s application)intensive networks re(uire more than the ,-bps offered by the older
networking standards. $n some cases, even ,--bps, which is found in many modern %&Ns, is
simply not enough to meet current network needs. 'or this reason, many organi5ations deploy
,6bps networks, and some now even go for ,-6bps implementations.
Netor! Media
3hatever type of network is used, some type of network media is needed to carry signals
between computers. Two types of media are used in networks: cable)based media, such as
twisted pair, and the media types associated with wireless networking, such as radio waves.
$n networks using cable)based media, there are three basic choices:
Twisted pair
Coa!ial
'iber)optic
Twisted)pair and coa!ial cables both use copper wire to conduct the signals electronically7 fiber)
optic cable uses a glass or plastic conductor and transmits the signals as light.
'or many years, coa!ial was the cable of choice for most %&Ns. Today, however "and for the
past ,- years#, twisted pair has proved to be far and away the cable media of choice, thus retiring
coa! to the confines of storage closets. 'iber)optic cable has also seen its popularity rise
butbecause of costhas been primarily restricted to use as a network backbone where segment
length and higher speeds are needed. That said, fiber is now increasingly common in server room
environments as a server to switch connection method, and in building to building connections in
what are termed as metropolitan area networks "&Ns#.
The following sections summari5e the characteristics of each of these cable types.
Tisted"pair #ablin$
Twisted)pair cabling has been around a very long time. $t was originally created for voice
transmissions and has been widely used for telephone communication. Today, in addition to
telephone communication, twisted pair is the most widely used media for networking.
The popularity of twisted pair can be attributed to the fact that it is lighter, more fle!ible, and
easier to install than coa!ial or fiber)optic cable. $t is also cheaper than other media alternatives
and can achieve greater speeds than its coa!ial competition. These factors make twisted pair the
ideal solution for most network environments.
Two main types of twisted)pair cabling are in use today: 1nshielded Twisted 2air "1T2# and
*hielded Twisted 2air "*T2#. 1T2 is significantly more commonplace than *T2 and is used for
most networks. *hielded twisted pair is used in environments in which greater resistance to 0$
and attenuation is re(uired. The greater resistance comes at a price, however. The additional
shielding, plus the need to ground that shield "which re(uires special connectors#, can
significantly add to the cost of a cable installation of *T2.
*T2 provides the e!tra shielding by using an insulating material that is wrapped around the wires
within the cable. This e!tra protection increases the distances that data signals can travel over
*T2 but also increases the cost of the cabling. 'igure , shows *T2 and 1T2 cabling.
Fi$ure % ST& and 'T& cablin$( )Reproduced it* permission from #omputer Des!top
+nc,clopedia( %-.%"/001 T*e #omputer 2an$ua$e #ompan, Inc( All ri$*ts reserved(3
There are several categories of twisted)pair cabling, with the early categories most commonly
associated with voice transmissions. The categories are specified by the 0lectronics $ndustries
&ssociation8Telecommunications $ndustries &ssociation "0$&8T$&#. Table , shows the
categories along with the speeds that they are used to support in common network
implementations.
Table , 1T2 Cable Categories
#ate$or, #ommon Application
, &nalog voice applications
. ,bps
9 ,:bps
; .-bps
< ,--bps
<e ,---bps
: ,---bps =
#oaxial
Coa!ial cable, or coa! as it is commonly referred to, has been around for a long time. Coa!
found success in both T> signal transmission as well as in network implementations. Coa! is
constructed with a copper core at the center that carries the signal, plastic insulation, braided
metal shielding, and an outer plastic covering. Coa!ial cable is constructed in this way to add
resistance to attenuation "the loss of signal strength as it travels over distance#, crosstalk "the
degradation of a signal caused by signals from other cables running close to it#, and 0$
"electromagnetic interference#. 'igure . shows the construction of coa!ial cabling.
Fi$ure / coaxial cablin$(
Networks can use two types of coa!ial cabling: thin coa!ial and thick coa!ial. Both have fallen
out of favor, but you might still encounter thin coa! in your travels.
T*in #oax
Thin coa! is much more likely to be seen than thick coa! in today4s networks, but it isn4t
common, either. Thin coa! is only ..< inches in diameter, making it fairly easy to install.
1nfortunately, one of the disadvantages of all thin coa! types are that they are prone to cable
breaks, which increase the difficulty when installing and troubleshooting coa!ial)based
networks.
There are several types of thin coa! cable, each of which has a specific use. Table . summari5es
the categories of thin coa!.
Table . Thin Coa! Categories
#able T,pe
?6)<@ 81 *olid copper core
?6)<@ &81 *tranded wire core
?6)<@ C81 ilitary specification
?6): 1sed for cable T> and cable modems
& peer)to)peer network is a decentrali5ed network model offering no centrali5ed storage of data
or centrali5ed control over the sharing of files or resources. &ll systems on a peer)to)peer
network can share the resources on their local computer as well as use resources of other
systems.
2eer)to)peer networks are cheaper and easier to implement than client8server networks, making
them an ideal solution for environments in which budgets are a concern. The peer)to)peer model
does not work well with large numbers of computer systems. &s a peer)to)peer network grows, it
becomes increasingly complicated to navigate and access files and resources connected to each
computer because they are distributed throughout the network. 'urther, the lack of centrali5ed
data storage makes it difficult to locate and back up key files.
2eer)to)peer networks are typically found in small offices or in residential settings where only a
limited number of computers will be attached and only a few files and resources shared. &
general rule of thumb is to have no more than ,- computers connected to a peer)to)peer network.
Fiber"optic #able
$n many ways, fiber)optic media addresses the shortcomings associated with copper)based
media. Because fiber)based media use light transmissions instead of electronic pulses, threats
such as 0$, crosstalk, and attenuation become a nonissue. 'iber is well suited for the transfer of
data, video, and voice transmissions. $n addition, fiber)optic is the most secure of all cable
media. &nyone trying to access data signals on a fiber)optic cable must physically tap into the
media. 6iven the composition of the cable, this is a particularly difficult task.
1nfortunately, despite the advantages of fiber)based media over copper, it still does not en/oy the
popularity of twisted)pair cabling. The moderately difficult installation and maintenance
procedures of fiber often re(uire skilled technicians with speciali5ed tools. 'urthermore, the cost
of a fiber)based solution limits the number of organi5ations that can afford to implement it.
&nother sometimes hidden drawback of implementing a fiber solution is the cost of retrofitting
e!isting network e(uipment. 'iber is incompatible with most electronic network e(uipment. This
means that you have to purchase fiber)compatible network hardware.
'iber)optic cable itself is composed of a core glass fiber surrounded by cladding. &n insulated
covering then surrounds both of these within an outer protective sheath. 'igure 9 shows the
composition of a fiber)optic cable.
Fi$ure 4 Fiber"optic cable(
Two types of fiber)optic cable are available: single and multimode fiber. $n multimode fiber,
many beams of light travel through the cable bouncing off of the cable walls. This strategy
actually weakens the signal, reducing the length and speed the data signal can travel. *ingle)
mode fiber uses a single direct beam of light, thus allowing for greater distances and increased
transfer speeds. *ome of the common types of fiber)optic cable include the following:
:..< micron core8,.< micron cladding multimode
<- micron core8,.< micron cladding multimode
@.9 micron core8,.< micron cladding single mode
$n the ever)increasing search for bandwidth that will keep pace with the demands of modern
applications, fiber)optic cables are sure to play a key role.
Media #onnectors
A variety of connectors are used with the associated network media. Media
connectors attach to the transmission media and allow the physical connection into
the computing device. It is necessary to identify the connectors associated with the
specific media. he following sections identify the connectors and associated media.
BN# #onnectors
BNC connectors are associated with coa!ial media and ,-Base. networks. BNC connectors are
not as common as they once were, but still are used on some networks, older network cards, and
older hubs. Common BNC connectors include a barrel connector, T)connector, and terminators.
'igure ; shows two terminators "top and bottom# and two T)connectors "left and right#.
Fi$ure 5 BN# connectors(
R6"%% #onnectors
?A "?egistered Aack# ),, connectors are small plastic connectors used on telephone cables. They
have capacity for si! small pins. Bowever, in many cases, not all the pins are used. 'or e!ample,
a standard telephone connection only uses two pins, while a cable used for a D*% modem
connection uses four.
?A),, connectors are somewhat similar to ?A);< connectors, which are discussed ne!t, though
they are a little smaller. Both ?A),, and ?A);< connectors have small plastic flange on top of the
connector to ensure a secure connection. 'igure < shows two views of an ?A),, connector.
Fi$ure 1 R6"%% connectors(
R6"51 #onnectors
?A);< connectors are the ones you are most likely going to encounter in your network travels.
?A);< connectors are used with twisted)pair cabling, the most prevalent network cable in use
today. ?A);< connectors resemble the aforementioned ?A),, phone /acks, but support up to eight
wires instead of the si! supported by ?A),, connectors. ?A);< connectors are also larger. 'igure
: shows the ?A);< connectors.
Fi$ure 7 R6"51 connectors(
')Type connectors are screw on connections used for attaching coa!ial cable to devices. $n the
world of modern networking, ')Type connectors are most commonly associated with connecting
$nternet modems to cable or satellite $nternet provider4s e(uipment. Bowever, they are also used
for connecting to some proprietary peripherals.
')Type connectors have a 4nut4 on the connection that provides something to grip as the
connection is tightened by hand. $f necessary, this nut can be also be lightly gripped with pliers
to aid disconnection. 'igure C shows an e!ample of an ')Type connector.
Fi$ure 8 F"T,pe connector(
Fiber #onnectors
& variety of connectors are associated with fiber cabling, and there are several ways of
connecting these connectors. These include bayonet, snap)lock, and push)pull connectors. 'igure
@ shows the fiber connectors.
Fi$ure . Fiber connectors( )Reproduced it* permission from #omputer Des!top
+nc,clopedia( %-.%"/001 T*e #omputer 2an$ua$e #ompan, Inc( All ri$*ts reserved(3
I+++%4-5
The $000,9D; interface, also known as 'ire3ire, is more commonly associated with the
attachment of peripheral devices, such as digital cameras or printers, than network connections.
Bowever, it is possible to create small networks with $000,9D; cables. The $000,9D; interface
comes in a ;) or :)pin version, both of which are shown in 'igure D
Fi$ure - 5"pin )left3 and 7"pin )ri$*t3 I+++%4-5 )Fire9ire3 connectors(
'niversal Serial Bus )'SB3
1niversal *erial Bus "1*B# ports are now an e!tremely common sight on both desktop and
laptop computer systems. %ike $000,9D;, 1*B is associated more with connecting consumer
peripherals such as 29 players and digital cameras than networking. Bowever, many
manufacturers now make wireless network cards that plug directly in to a 1*B port. ost
desktop and laptop computers have between two and four 1*B ports, but 1*B hubs are available
that provide additional ports if re(uired.
There are a number of connectors associated with 1*B ports, but the two most popular are Type
& and Type B. Type & connectors are the more common of the two and are the type used on
2Cs. &lthough many peripheral devices also use a Type & connector, an increasing number now
use a Type B. 'igure ,- shows a Type & connector "left# and a Type B connector "right#.
Fi$ure %0 T,pe A )left3 and T,pe B )ri$*t3 'SB connectors(
%0Base/
,-Base., which is defined as part of the $000 @-..9a standard, specifies data transmission
speeds of ,-bps and a total segment length of ,@< meters using ?6)<@ coa!ial cable. The
,-Base. standard specifies a physical bus topology and uses BNC connectors with <-)ohm
terminators at each end of the cable. +ne of the physical ends of each segment must be
grounded.
,-Base. networks allow a ma!imum of five segments with only three of those segments
populated. 0ach of the three populated segments can have a ma!imum of 9- nodes attached.
,-Base. re(uires that there is a minimum of .< meters between nodes. 'or the network to
function properly, the segment must be complete. 3ith this in mind, the addition or removal of
systems might make the network unusable.
#oaxial and t*e 1"5"4 Rule
3hen working with 0thernet networks that use coa!ial media, the <);)9 rule applies. The rule
specifies that the network is limited to a total of five cable segments. These five segments can be
connected using no more than four repeaters, and only three segments on the network can be
populated.
%0BaseT
The ,-BaseT standard is another ,-bps standard using 1T2 cabling. ,-BaseT networks have a
ma!imum segment length of ,-- meters, and up to a total of five physical segments per network.
,-BaseT networks use a star topology with a point)to)point connection between the computer
and the hub or switch. ,-BaseT can use different categories of 1T2 cabling, including 9, ;, <. $t
can also be used with category <e and category : cabling, but that is a little like renting the
Daytona speedway for the day and then cycling around it.
'T& and t*e 1"5"1 Rule
&s with coa!ial implementations, there are rules governing 1T2 networks. 1T2 0thernet
networks use the <);)9 rule, but in a slightly modified form. &s with coa!ial, a total of five
physical segments can be used on the network and these five physical segments can be connected
using four repeaters, but all five physical segments can be populated.
%0BaseF2
,-Base'% is an implementation of ,-bps 0thernet over fiber)optic cabling. $ts primary benefit,
over ,-BaseT, is that it can be used in distances up to .km. Bowever, given the availability of
other faster networking standards, such as ,--Base'E "discussed ne!t#, you are unlikely to
encounter a large number of ,-Base'% implementations.
Table 9 summari5es the characteristics of the ,-bps networking standards discussed in this
section.
Table 9 ,-bps Network Comparison
Standard #able T,pe Se$ment 2en$t* #onnector Topolo$,
,-Base. Thin coa!ial ,@< meters BNC 2hysical bus
,-BaseT Category 9, ;, < ,-- meters ?A);< 2hysical star
twisted pair
,-Base'% 'iber +ptic .--- eters *C8*T 2hysical star
Fast +t*ernet
any of the applications used on modern networks demand more bandwidth than what4s
provided by the ,-bps network standards. To address this need for faster networks, the $000
has developed the $000 @-..9u specifications, of which there are three variations:
,--BaseTE
,--BaseT;
,--Base'E
3e have chosen to include information on it in this section to provide rounded coverage of this
topic.
Introduction to Netor!in$
There are a variety of physical and logical network layouts in use today. &s a network
administrator, you might find yourself working on these different network layouts or topologies
and, as such, will re(uire knowledge of how they are designed to function.
This tutorial reviews general network considerations such as the various topologies used on
today4s networks, %&Ns, 2&Ns, and 3&Ns, and the $000 standards.
2ANs, 9ANs, and &ANs
Networks are classified according to their geographical coverage and si5e. The two most
common network classifications are local area networks "%&Ns# and wide area networks
"3&Ns#.
2ANs
& %&N is a data network that is restricted to a single geographical location and typically
encompasses a relatively small area such as an office building or school. The function of the
%&N is to interconnect workstation computers for the purposes of sharing files and resources.
Because of its locali5ed nature, the %&N is typically high speed and cheaper to set up than a
3&N. 'igure ,., shows an e!ample of a %&N.
Fi$ure %(%( 2ocal area netor!(
9ANs
& 3&N is a network that spans more than one geographical location often connecting separated
%&Ns. 3&Ns are slower than %&Ns and often re(uire additional and costly hardware such as
routers, dedicated leased lines, and complicated implementation procedures. 'igure . shows an
e!ample of a 3&N.
Fi$ure / 9ide area netor!s(
&ANs
3ireless technologies have introduced a new term 3ireless 2ersonal &rea Networks "32&N#.
32&N refers to the technologies involved in connecting devices in very close pro!imity to
e!change data or resources. &n e!ample of this can be seen through connecting a laptop with a
2D& to synchroni5e an address book. Because of their small si5e and the nature of the data
e!change, 32&N devices lend themselves well to ad hoc networking. &d hoc networks are those
that have devices connect directly to each other and not through a wireless access point. &d hoc
wireless networks are discussed later in this chapter.
Because of the close pro!imity of 32&N networking, short)range wireless technologies are
typically used. This includes Bluetooth and $nfrared. The key 32&N technology supported in
3indows E2 2rofessional, for e!ample, is $nfrared Data &ssociation "$rD&#. $n addition, the
$000 wireless standards, including @-..,,b8g, can be used to create a 32&N.
Netor! Models
There are two basic wired network models from which to choose the peer)to)peer network model
and the client8server model. The model used for a network is determined by several factors,
including how the network will be used, how many users will be on the network, and budgetary
considerations.
&eer"to"peer netor!in$
& peer)to)peer network is a decentrali5ed network model offering no centrali5ed storage of data
or centrali5ed control over the sharing of files or resources. &ll systems on a peer)to)peer
network can share the resources on their local computer as well as use resources of other
systems.
2eer)to)peer networks are cheaper and easier to implement than client8server networks, making
them an ideal solution for environments in which budgets are a concern. The peer)to)peer model
does not work well with large numbers of computer systems. &s a peer)to)peer network grows, it
becomes increasingly complicated to navigate and access files and resources connected to each
computer because they are distributed throughout the network. 'urther, the lack of centrali5ed
data storage makes it difficult to locate and back up key files.
2eer)to)peer networks are typically found in small offices or in residential settings where only a
limited number of computers will be attached and only a few files and resources shared. &
general rule of thumb is to have no more than ,- computers connected to a peer)to)peer network.
#lient:Server Netor!in$ Model
The client8server networking model is, without (uestion, the most widely implemented model
and the one you are most likely to encounter when working in real)world environments. The
advantages of the client8server system stem from the fact that it is a centrali5ed model. $t allows
for centrali5ed network management of all network services, including user management,
security, and backup procedures.
& client8server network often re(uires technically skilled personnel to implement and manage the
network. This and the cost of a dedicated server hardware and software increase the cost of the
client8server model. Despite this, the advantages of the centrali5ed management, data storage,
administration, and security make it the network model of choice. Table , summari5es the
characteristics of the peer)to)peer and client8server network models.
Table , Comparison of Networking odels
Attribute &eer"to"&eer Netor! #lient:Server Netor!
*i5e ?estricted to a ma!imum of ,-
computers.
The si5e of the network is limited only
by server si5e and network hardware, and
it can have thousands of connected
systems.
&dministration 0ach individual is responsible for the
administration of his or her own
system. & administrator is not
needed.
& skilled network administrator is often
re(uired to maintain and manage the
network.
*ecurity 0ach individual is responsible for
maintaining security for shared files
or resources connected to the system.
*ecurity is managed from a central
location but often re(uires a skilled
administrator to c*orrectly configure.
Table , Comparison of Networking odels
Attribute &eer"to"&eer Netor! #lient:Server Netor!
Cost inimal startup and implementation
cost.
?e(uires dedicated e(uipment and
speciali5ed hardware and administration,
increasing the cost of the network.
$mplementation 0asy to configure and set up. +ften re(uires comple! setup procedures
and skilled staff to set up.
#entrali;ed and Distributed #omputin$
The terms centrali5ed and distributed computing are used to describe where the network
processing takes place. $n a centrali5ed computing model, one system provides both the data
storage and the processing power for client systems. This networking model is most often
associated with computer mainframes and dumb terminals, where no processing or storage
capability e!ists at the workstation. These network environments are rare, but they do still e!ist.
& distributed network model has the processing power distributed between the client systems
and the server. ost modern networks use the distributed network model, where client
workstations share in the processing responsibilities.
Netor! Topolo$ies
& topology refers to both the physical and logical layout of a network. The physical topology of
a network refers to the actual layout of the computer cables and other network devices. The
logical topology of a network, on the other hand, refers to the way in which the network appears
to the devices that use it.
*everal topologies are in use for networks today. *ome of the more common include the bus,
ring, star, mesh, and wireless topologies. The following sections provide an overview of each.
Bus Topolo$,
& bus network uses a trunk or backbone to which all of the computers on the network connect.
*ystems connect to this backbone using T connectors or taps. To avoid signal reflection, a
physical bus topology re(uires that each end of the physical bus be terminated. 'igure 9 shows
an e!ample of a physical bus topology.
Fi$ure 4 &*,sical bus topolo$,(
The most common implementation of a linear bus is the $000 @-..9 standard. Table .
summari5es the advantages and disadvantages of the bus topology.
Table . &dvantages and Disadvantages of the Bus Topology
Advanta$es Disadvanta$es
Compared to other topologies, a
bus is cheap and easy to
implement.
There might be network disruption when computers are added
or removed.
?e(uires less cable than other
topologies.
Because all systems on the network connect to a single
backbone, a break in the cable will prevent all systems from
accessing the network.
Does not use any speciali5ed
network e(uipment.
Difficult to troubleshoot.
Rin$ Topolo$,
The ring topology is actually a logical ring, meaning that the data travels in circular fashion from
one computer to another on the network. $t is not a physical ring topology. 'igure ; shows the
logical layout of a ring network.
Fi$ure 5 2o$ical desi$n of t*e rin$ netor!(
$n a true ring topology, if a single computer or section of cable fails, there is an interruption in
the signal. The entire network becomes inaccessible. Network disruption can also occur when
computers are added or removed from the network, making it an impractical network design in
environments where there is constant change to the network.
?ing networks are most commonly wired in a star configuration. $n a Token ?ing network, a
multistation access unit "*&1# is e(uivalent to a hub or switch on an 0thernet network. The
*&1 performs the token circulation internally. To create the complete ring, the ring in "?$#
port on each *&1 is connected to the ring out "?+# port on another *&1. The last *&1 in
the ring is then connected to the first, to complete the ring. Table 9 summari5es the advantages
and disadvantages of the ring topology.
Table 9 &dvantages and Disadvantages of the ?ing Topology
Cable faults are easily located, making
troubleshooting easier.
0!pansion to the network can cause network
disruption.
?ing networks are moderately easy to install. & single break in the cable can disrupt the
entire network.
Star Topolo$,
The star topology, all computers and other network devices connect to a central device called a
hub or switch. 0ach connected device re(uires a single cable to be connected to the hub, creating
a point)to)point connection between the device and the hub.
1sing a separate cable to connect to the hub allows the network to be e!panded without
disruption to the network. & break in any single cable will not cause the entire network to fail.
'igure ,.< provides an e!ample of a star topology.
Fi$ure %(1( Star topolo$,(
The star topology is the most widely implemented network design in use today, but it is not
without its shortcomings. Because all devices connect to a centrali5ed hub, this creates a single
point of failure for the network. $f the hub fails, any device connected to it will not be able to
access the network. Because of the number of cables re(uired and the need for network devices,
the cost of a star network is often higher than other topologies. Table ,.; summari5es the
advantages and disadvantages of the star topology.
Table ,.;. &dvantages and Disadvantages of the *tar Topology
*tar networks are easily e!panded without
disruption to the network.
?e(uires more cable than most of the other
topologies.
Cable failure affects only a single user. & central connecting device allows for a single
point of failure.
0asy to troubleshoot and isolate problems. ore difficult than other topologies to
Table ,.;. &dvantages and Disadvantages of the *tar Topology
implement.
Mes* Topolo$,
The mesh topology incorporates a uni(ue network design in which each computer on the network
connects to every other, creating a point)to)point connection between every device on the
network. The purpose of the mesh design is to provide a high level of redundancy. $f one
network cable fails, the data always has an alternative path to get to its destination. 'igure :
shows the mesh topology.
Fi$ure 7( Mes* topolo$,(
&s you can see from 'igure :, the wiring for a mesh network can be very complicated. 'urther,
the cabling costs associated with the mesh topology can be high, and troubleshooting a failed
cable can be tricky. Because of this, the mesh topology is rarely used. & variation on a true mesh
topology is the hybrid mesh. $t creates a redundant point)to)point network connection between
only specific network devices. The hybrid mesh is most often seen in 3&N implementations.
Table < summari5es the advantages and disadvantages of the mesh topology.
Table < &dvantages and Disadvantages of the esh Topology
2rovides redundant paths between devices ?e(uires more cable than the other %&N
Table < &dvantages and Disadvantages of the esh Topology
topologies.
The network can be e!panded without disruption to
current users.
Complicated implementation.
9ireless Topolo$,
!ireless networks are typically implemented using one of two wireless topologies"
the infrastructure# or managed# wireless topology and the ad$hoc# or unmanaged#
wireless topology.
Infrastructure 9ireless Topolo$,
he infrastructure wireless topology is commonly used to e%tend a wired &AN to
include wireless devices. !ireless devices communicate with the wired &AN through
a 'ase station known as an access point (A)* or wireless access point (!A)*. he A)
forms a 'ridge 'etween a wireless and wired &AN# and all transmissions 'etween
wireless stations or 'etween a system and a wired network client# go through the
A). A)s are not mo'ile and have to stay connected to the wired network+ therefore#
they 'ecome part of the wired network infrastructure thus the name. In
infrastructure wireless networks# there might 'e several access points providing
wireless coverage for a large area or only a single access point for a small area such
as a single home or small 'uilding.
Ad Hoc 9ireless Netor!in$
n a wireless ad hoc topology, devices communicate directly between themselves without using
an access point. This peer)to)peer network design is commonly used to connect a small number
of computers or wireless devices. &s an e!ample, an ad hoc wireless network may be set up
temporarily between laptops in a boardroom or to connect to systems in a home instead of a
wired solution. The ad)hoc wireless design provides a (uick method to share files and resources
between a small numbers of systems. 'igure C compares the ad hoc and infrastructure wireless
network designs.
Fi$ure 8 #omparin$ ireless topolo$ies(
I+++ and Netor!in$ Standards
The $nstitute of 0lectrical and 0lectronic 0ngineers "$000# developed a series of networking
standards to ensure that networking technologies developed by respective manufacturers are
compatible. This means that the cabling, networking devices, and protocols are all
interchangeable when designed under the banner of a specific $000 standard. Table :
summari5es the $000 @-. networking standards.
Table : $000 @-. Networking *tandards
Specification Name
@-.., $nternetworking
@-... The %%C "%ogical %ink Control# sublayer
@-..9 C*&8CD "Carrier *ense ultiple &ccess with Collision Detection# for 0thernet
networks
@-..; & token passing bus
@-..< Token ?ing networks
@-..: etropolitan &rea Network "&N#
@-..C Broadband Technical &dvisory 6roup
@-..@ 'iber)+ptic Technical &dvisory 6roup
@-..D $ntegrated >oice and Data Networks
@-..,- *tandards for $nteroperable %&N8&N *ecurity "*$%*# "Network *ecurity#
@-..,, 3ireless networks
@-..,. ,--bps technologies, including ,--B&*0>6)&ny%&N
+nly a few of the standards listed in Table : The standards that are specifically included in the
CompT$& ob/ectives are @-..., @-..9, @-..<, and @-..,,. 0ach of these $000 specifications
outlines specific characteristics for %&N networking, including the speed, topology, cabling, and
access method. The following sections outline the key features of these $000 specifications and
the specific characteristics of each.
.0/(/ I+++ Standard
he ,-... standard# referred to as the &ogical &ink /ontrol (&&/*# manages data flow
control and error control for the other I000 &AN standards. 1ata flow control
regulates how much data can 'e transmitted in a certain amount of time. 0rror
control refers to the recognition and notification of damaged signals.
.0/(4 I+++ Standard
The $000 @-..9 standard defines the characteristics for 0thernet networks. 0thernet networking
is by far the most widely implemented form of local area networking. *everal 0thernet %&N
characteristics are identified in the @-..9 standard.
*ince the development of the original @-..9 standards, there have also been several additions that
have been assigned new designators. These standards are often referred to as the @-..9!
standards. *ome of the newer standards include @-..9u for 'ast 0thernet, @-..95 for 6igabit
0thernet and @-..9ae for ,-)6igabit 0thernet. The features for @-..9 are listed here:
*peed The original $000 @-..9 standard specified a network transfer rate of ,-bps.
There have been modifications to the standard, the result being 'ast 0thernet "@-..9u#,
which can transmit network data up to ,--bps and higher, as well as 6igabit 0thernet
"@-..95#, which can transmit at speeds up to ,---bps. @-..9ae is a very fast @-9.9
standard. Fnown as ,-)6igabit 0thernet, it offers speeds ,- times that of 6igabit
0thernet.
Topology The original 0thernet networks used a bus or star topology because the original
@-..9 standard included specifications for both twisted pair and coa!ial cabling. The
$000 @-..9u and @-..95 specify twisted pair cabling and use a star topology. ?emember
that even when 0thernet uses a physical star topology, it uses a logical bus topology.
edia The media refers to the physical cabling used to transmit the signal around the
network. The original @-..9 specifications identified coa!ial and twisted pair cabling to
be used. The more modern standards specify twisted pair and fiber)optic cable. @-..9ae
currently only supports fiber media.
&ccess method The access method refers to the way that the network media is accessed.
0thernet networks use a system called Carrier *ense ultiple &ccess with Collision
Detection "C*&8CD#. C*&8CD works by monitoring the computers that are sending
data on the network. $f two computers transmit data at the same time, a data collision will
occur. To prevent collisions, the systems sending the data will be re(uired to wait a
period of time and then retransmit the data to avoid the collision. ,-)6igbit 0thernet only
operates in full)duple! mode and, as such, does not need to use the traditional 0thernet
C*&8CD access method.
.0/(1 I+++ Standard
The $000 @-..< standard specifies the characteristics for Token ?ing networks. Token ?ing was
introduced by $B in the mid),D@-s and (uickly became the network topology of choice until
the rise in popularity of 0thernet. $t is unlikely that you will encounter a ring network in your
travels and even more unlikely that you will be implementing a ring network as a new
installation. 'or what it4s worth, Token ?ing is a solid network system, but 0thernet has all but
eliminated it.
The following is a list of the specific characteristics specified in the @-..< standard:
*peed The @-..< Token ?ing specifies network speeds of ; and ,:bps.
Topology Token ?ing networks use a logical ring topology and most often a physical
star. The logical ring is often created in the multistation access unit "*&1#.
edia Token ?ing networks use unshielded twisted pair cabling or shielded twisted pair.
&ccess method @-..< specifies an access method known as token passing. +n a Token
?ing network, only one computer at a time can transmit data. 3hen a computer has data
to send, it must use a special type of packet known as a token. The token travels around
the network looking for computers with data to send. The computer4s data is passed along
with the token until it gets to the destination computer at which point, the data is removed
from the token and the empty token placed back on the ring.
FDDI
he &merican National *tandards $nstitute "&N*$# developed the 'iber Distributed Data $nterface
"'DD$# standard in the mid),D@-s to meet the growing need for a reliable and fast networking
system to accommodate distributed applications. 'DD$ uses a ring network design, but, unlike
the traditional @-..< standard, 'DD$ uses a dual ring technology for fault tolerance. Because of
the dual ring design, 'DD$ is not susceptible to a single cable failure like the regular @-..< $000
standard. 'igure ,.@ shows an 'DD$ network with a dual ring configuration.
Fi$ure %(.( FDDI netor!(
&s with any of the other standards, 'DD$ has specific characteristics:
*peed 'DD$ transmits data at ,--bps and higher.
Topology 'DD$ uses a dual ring topology for fault)tolerant reasons.
edia 'DD$ uses fiber)optic cable that enables data transmissions that e!ceed two
kilometers. &dditionally, it is possible to use 'DD$ protocols over copper wire known as
the Copper Distributed Data $nterface "CDD$#.
&ccess method *imilar to @-..<, 'DD$ uses a token)passing access method.
Table ,.C summari5es each of the wired standards discussed in the previous sections.
Table ,.C. $000 @-. Network *tandards
Standard Speed
&*,sical
Topolo$,
2o$ical
Topolo$, Media
Access
Met*od
@-..9 ,-bps Bus and *tar Coa!ial and
twisted pair
C*&8CD
@-..9u ,--bps "'ast
0thernet#
*tar Bus Twisted pair C*&8CD
@-..95 ,---bps *tar Bus Twisted pair C*&8CD
@-..9ae ,-)6igabit Backbone
connections
N8& 'iber8Not
?e(uired
@-..< ;bps and
,:bps
*tar ?ing Twisted pair Token passing
'DD$ ,--bps Dual ring ?ing 'iber)optic
Twisted pair
"CDD$#.
Token passing
.0/(%% I+++ Standards
The @-..,, standards specify the characteristics of wireless %&N 0thernet networks. 1nder the
banner of @-..,,, there are four common wireless standards. These include @-..,,, @-..,,a,
@-..,,b and @-..,,g. 0ach of these wireless standards identifies several characteristics. Bere is a
review of the @-..,, wireless standards and characteristics:
*peed @-..,, standards are measured in bps and vary between network standards.
edia The @-..,, standards use radio fre(uency "?'# as a transmission media.
Depending on the standard, radio fre(uencies include ..;6B5 and <6B5.
Topology @-..,, wireless standards can be implemented in an ad)hoc or infrastructure
topology.
&ccess method @-..,, uses Carrier *ense ultiple &ccess8Collision &voidance
"C*&8C&#. C*&8C& is a variation on the C*&8CD access method. C*&8C&
access method uses a Glisten before talkingG strategy. &ny system wanting to transmit
data must first verify that the channel is clear before transmitting, thereby avoiding
potential collisions.
*pread *pectrum *pread spectrum refers to the manner in which data signals travel
through a radio fre(uency. *pread spectrum re(uires that data signals either alternate
between carrier fre(uencies or constantly change their data pattern. *pread spectrum is
designed to trade off bandwidth efficiency for reliability, integrity, and security.
?ange @-..,, wireless standards each specify a transmission range. The range is
influenced by many factors such as obstacles or weather.
The following is a look at the various @-..,, standards and their characteristics.
$000 @-..,, There were actually two variations on the initial @-..,, standard. Both offered , or
.bps transmission speeds and the same ?adio 're(uency "?'# of ..;6B5. The difference
between the two was in the way in which data traveled through the ?' media. +ne used
fre(uency hopping spread spectrum "'B**#, and the other, direct se(uence spread spectrum
"D***#.
$000 @-..,,a $n terms of speed, the @-..,,a standard was far ahead of the original standards.
@-..,,a specified speeds of up to <;bps in the <6B5 band7 but most commonly,
communications takes place at :bps, ,.bps, or .;bps. @-..,,a is not compatible with
other wireless standards @-..,,b and @-..,,g. These standards are heavily favored to the
@-..,,a standard.
$000 @-..,,b the @-..,,b standard provides for a ma!imum transmission speed of ,,bps.
Bowever, devices are designed to be backward compatible with previous standards that provided
for speeds of ,), .), and <.<bps. @-..,,b uses a ..;6B5 ?' range and is compatible with
@-..,,g.
$000 @-..,,g @-..,,g is a popular wireless standard today. @-..,,g offers wireless transmission
over distances of ,<- feet and speeds up to <;bps compared with the ,, megabits per second
of the @-..,,b standard. %ike @-..,,b, @-..,,g operates in the ..;6B5 range, and is thus
compatible with it.
Infrared 9ireless Netor!in$
$nfrared has been around for a long time7 perhaps our first e!perience with it was the T> remote.
The command entered onto the remote control travels over an infrared light wave to the receiver
on the T>. $nfrared technology has progressed, and today infrared development in networking is
managed by the $nfrared Data &ssociation "$rD&#.
$rD& wireless networking uses infrared beams to send data transmissions between devices.
$nfrared wireless networking offers higher transmission rates reaching ,-bps to ,:bps.
$nfrared provides a secure, low)cost, convenient cable replacement technology. $t is well suited
for many specific applications and environments. *ome of the key infrared points are included
here:
$nfrared provides ade(uate speeds, up to ,:bps.
& directed infrared system provides a very limited range of appro!imately 9 feet and
typically is used for a 2&N.
$nfrared devices use less power and a decreased drain on batteries.
$nfrared is a secure medium. $nfrared signals typically travel short range between devices,
which eliminates the problem of eavesdropping or signal tampering.
$nfrared is a proven technology. $nfrared devices have been available for (uite some time
and, as such, are a proven, non)proprietary technology with an established user and
support base.
$nfrared has no radio fre(uency interference issues or signal conflicts.
$nfrared replaces cables for many devices such as keyboards, mice, and other peripherals.
$nfrared uses a dispersed mode or a direct line of sight transmission.
Bluetoot*
Bluetooth is a wireless standard used for many purposes including connecting peripheral
devices to a system. Bluetooth uses a low)cost, short)range radio link to create a link to
replace many of the cords that used to connect devices.
Bluetooth)enabled devices support transmissions distances of up to ,- or so meters using
an ad)hoc network design. Bluetooth establishes the link using an ?')based media and
does not re(uire a direct line of sight to make a connection. The Bluetooth *tandard
defines a short ?' link capable of voice or data transmission up to a ma!imum capacity
of C.-Fb8s per channel.
Bluetooth operates at ..; to ..;@6B5 and uses a spread spectrum, fre(uency)hopping
technology. The signal hops can hop between CD fre(uencies at ,B5 intervals to give a
high degree of interference immunity.
&s an established technology, Bluetooth has many advantages, but the speed of C.-Fbps
is limiting. The newest version of Bluetooth, Bluetooth ..-, will increase overall speed to
a data rate of 9bps. This speed might still be significantly slower than @-..,,b or g, but
for an easily configured, cable replacement technology, it is an attractive option.
Spread Spectrum Tec*nolo$,
*pread spectrum refers to the manner in which data signals travel through a radio
fre(uency. *pread spectrum re(uires that data signals either alternate between carrier
fre(uencies or constantly change their data pattern. &lthough the shortest distance
between two points is a straight line "narrowband#, spread spectrum is designed to trade)
off bandwidth efficiency for reliability, integrity, and security. There are two types of
spread spectrum radio: fre(uency hopping and direct se(uence.
'B** re(uires the use of narrowband signals that change fre(uencies in a predictable
pattern. The term fre(uency hopping refers to hopping of data signals between narrow
channels. *omewhere between .- and several hundred milliseconds, the signal hops to a
new channel following a predetermined cyclic pattern.
Because data signals using 'B** switch between ?' bands, they have a strong resistance
to interference and environmental factors. The constant hopping between channels also
increases security as signals are harder to eavesdrop on.
D*** transmissions spread the signal over a full transmission fre(uency spectrum. 'or
every bit of data that is sent, a redundant bit pattern is also sent. This 9.)bit pattern is
called a chip. These redundant bits of data provide for both security and delivery
assurance. Transmissions are so safe and reliable simply because the system sends so
many redundant copies of the data and only a single copy is re(uired to have complete
transmission of the data or information. D*** can minimi5e the effects of interference
and background noise.
FHSS, DSSS, and .0/(%% Standards
The original @-..,, standard had two variations both offering the same speeds but
differing in the ?' spread spectrum used. +ne of the @-..,, used 'B**. This @-..,,
variant used the ..;6B5 radio fre(uency band and operated with a , or .bps data rate.
*ince this original standard, wireless implementations have favored D***.
The second @-..,, variation used D*** and specified a .bps)peak data rate with
optional fallback to ,bps in very noisy environments. @-..,,, @-..,,b, and @-..,,g use
the D*** spread spectrum. This means that the underlying modulation scheme is very
similar between each standard, enabling all D*** systems to coe!ist with ., ,,, and
<;bps @-..,, standards. Because of the underlying differences between @-..,,a and
the @-..,,b8g, they are not compatible.
Table @ summari5es each of the wired standards discussed in the previous sections.
Table @ $000 @-. 3ireless Network *tandards
I+++
Standard Fre<uenc,:Media Speed Topolo$,
Transmission
Ran$e
Access
Met*od
Spread
Spectrum
@-..,, ..;6B5 ?' , to
.bps
&d)
hoc8infra)
structure
C*&8C& D***
@-..,, ..;6B5 ?' , to
.bps
&d)
hoc8infra)
structure
C*&8C& 'B**
@-..,,a <6B5 1p to
<;bps
&d)
hoc8infra)
structure
.< to C< feet
indoors range
can be affected
by building
materials
C*&8C& +'D
@-..,,b ..;6B5 1p to
,,bps
&d)
hoc8infra)
structure
1p to ,<- feet
indoors7 range
can be affected
by building
materials
C*&8C& D***
@-..,,g ..;6B5 1p to
<;bps
&d)
hoc8infra)
structure
1p to ,<- feet
indoors7 range
can be affected
by building
materials
C*&8C& D***
Table @ $000 @-. 3ireless Network *tandards
I+++
Standard Fre<uenc,:Media Speed Topolo$,
Transmission
Ran$e
Access
Met*od
Spread
Spectrum
$rD& $nfrared light
beam
1p to
,:bps
&d)hoc , meter N8& N8&
Bluetooth ..;6B5 ?' C.-Fbps &d)hoc ,- meters N8& 'B**
+stablis*in$ #ommunications Beteen

9ireless Devices
$nfrastructure 3ireless communication involves the use of two ma/or components the client
device and an access point, or &2. The &2 acts as a bridge between the client or station and the
wired network.
&s with other forms of network communication, before transmissions between devices can
occur, the wireless access point and the client must first begin to talk to each other. $n the
wireless world, this is a two)step process involving association and authentication.
The association process occurs when a wireless adapter is first turned on. The client adapter will
immediately begin to scan across the wireless fre(uencies for wireless &2s or if using ad hoc
mode, other wireless devices. 3hen the wireless client is configured to operate in infrastructure
mode, the user can choose a wireless &2 with which to connect. The wireless adapter switches to
the assigned channel of the selected wireless &2 and negotiates the use of a port.
The authentication process re(uires that a keyed security measure be negotiated between the &2
and the client. The keyed authentication setting can be set to either shared key authentication or
open authentication. +n many wireless devices, the default setting is set to open authentication.
+pen authentication re(uires identity verification between the wireless
Client and the &2. 3hen set to shared key mode, the client must meet security re(uirements
before communication with the &2 can occur.
*everal components combine to enable wireless communications between devices. 0ach of these
must be configured on both the client and the &2.
The *ervice *et $dentifier "**$D# 3hether your wireless network is using infrastructure
mode or ad)hoc mode, an **$D is re(uired. The **$D is a configurable client
identification that allows clients to communicate to a particular base station. +nly clients
systems that are configured with the same **$D as the &2 can communicate with it.
**$Ds provide a simple password arrangement between base stations and clients.
3ireless Channel ?' channels are important parts of wireless communications. & channel
refers to the band of fre(uency used for the wireless communication. 0ach standard specifies the
channels that can be used. The @-..,,a standard specifies radio fre(uencies ranges between <.,<
and <.@C<6B5. $n contrast, @-..,,b and @-..,,g standards operate between the ..; to ..;DC6B5
ranges. 'ourteen channels are defined in the $000 @-..,,b8g channel set7 ,, of which are
available in North &merica.
*ecurity 'eatures $000 @-..,, provides for security using two methods, authentication and
encryption. &uthentication refers to the verification of client system. $n the infrastructure mode,
authentication is established between an &2 and each station. 3ireless encryption services must
be the same on the client and the &2 for communication to occur.
Factors Affectin$ 9ireless Si$nals
2ecause wireless signals travel through the atmosphere# they are suscepti'le
to different types of interference than with standard wires networks.
Interference weakens wireless signals and is therefore an important
consideration when working with wireless networking.
Interference T,pes
3ireless interference is an important consideration when planning a wireless network.
$nterference is unfortunately inevitable, but the trick is to minimi5e the levels of interference.
3ireless %&N communications are typically based on radio fre(uency signals that re(uire a clear
and unobstructed transmission path.
3hat are some of the factors that cause interferenceH
2hysical ob/ects Trees, masonry, buildings, and other physical structures are some of the
most common sources of interference. The density of the materials used in a building4s
construction determines the number of walls the ?' signal can pass through and still
maintain ade(uate coverage. Concrete and steel walls are particularly difficult for a signal
to pass through. These structures will weaken or, at times, completely prevent wireless
signals.
?adio fre(uency interference 3ireless technologies such as @-..,,b8g use ?' range of
..;6B5 and so do many other devices such as cordless phones, microwaves, and so on.
Devices that share the channel can cause noise and weaken the signals.
0lectrical interference 0lectrical interference comes from devices such as computers,
fridges, fans, lighting fi!tures, or any other motori5ed devices. The impact that electrical
interference has on the signal depends on the pro!imity of the electrical device to the
wireless access point. &dvances in wireless technologies and in electrical devices have
reduced the impact these types of devices have on wireless transmissions.
0nvironmental factors 3eather conditions can have a huge impact on wireless signal
integrity. %ighting, for instance, can cause electrical interference, and fog can weaken
signals as they pass through.
*ome of the e(uipment and materials that can interfere with wireless %&N transmissions include
0(uipment such as cordless phones or microwaves that produce radio waves in the ..; or
<..6B5 range
?' noise caused by two wireless %&Ns operating in close pro!imity
+utdoor broadcast television used by mobile television cameras
1ninterruptible power supply "12*# devices
%arge ob/ects such as pine trees
'luorescent lights
Beavy machinery
Beavy)duty motors found in elevators or other large devices
2lants and trees
Close pro!imity to smaller electric devices such as computers or air conditioners
Transformers
This is not an e!haustive list, but it shows how wireless signals can be influenced by many
different factors.
9ireless Antennas
& wireless antenna is an integral part of the overall wireless communication. &ntennas come in
many different shapes and si5es with each one designed for a specific purpose. *electing the
right antenna for a particular network implementation is a critical consideration and one that
could ultimately decide how successful a wireless implementation will be. $n addition, using the
right antennas can save money as networking costs because you4ll need fewer antennas and
access points.
3hen a wireless signal is low and being influenced by heavy interference, it might be possible to
upgrade the antennas to create a more solid wireless connection. To determine the strength of an
antenna, we refer to its gain value.
&n antenna4s gain is a measure of how well the antenna will send or pick up a radio signal. The
gain value is measured in decibels)isotropic, or dBi. The gain value of an antenna is a unit of
comparison to a reference that reference being an isotropic antenna. &n isotropic antenna is an
antenna that sends signals e(ually in all directions "including up and down#. &n antenna that
does this has a -dBi gain.
&n antenna4s rating "gain# is the difference between the -db isotropic antenna and the actual
antenna rating. &s an e!ample, a wireless antenna advertised as a ,<)dBi antenna is ,< times
stronger than the hypothetical isotropic antenna.
The initials GdBG reference decibels and the GiG reference the isotropic antenna. dBi is a unit
measuring how much better the antenna is compared to isotropic signals.
3hen looking at wireless antennas, remember that a higher gain rating means stronger sent and
received signals. $n terms of performance, the rule of thumb is that every 9dBi of gain added
doubles the effective power output of an antenna.
Antenna #overa$e
3hen selecting an antenna for a particular wireless implementation, it is necessary to determine
the type of coverage used by an antenna. $n a typical configuration, a wireless antenna can be
either omni directional or directional.
&n omni directional antenna is designed to provide a 9:-)degree dispersed wave pattern. This
type of antenna is used when coverage in all directions from the antenna is re(uired. +mni
directional antennas are good to use when a broad)based signal is re(uired. Because of the
dispersed nature of omni directional antennas, the signal is weaker overall and therefore
accommodates shorter signal distances. +mni directional antennas are great in an environment in
which there is a clear line of path between the senders and receivers. The power is evenly spread
to all points, making omni directional antennas well suited for linking several home and small
office users.
Directional antennas are designed to focus the signal in a particular direction. This focused signal
allows for greater distances and a stronger signal between two points. The greater distances
enabled by directional antennas allow a viable alternative for connecting locations, such as two
offices, in a point)to)point configuration.
Directional antennas are also used when you need to tunnel or thread a signal through a series of
obstacles. This concentrates the signal power in a specific direction and allows you to use less
power for a greater distance than an omni directional antenna.
Netor!in$ " Netor! =peratin$ S,stems
and #lient #onnectivit,
Netor! =peratin$ S,stems and #lient
#onnectivit,
Network operating systems "N+*# are some of the most powerful and comple! software
products available today. This tutorial looks at a number of operating systems that are widely
used in today4s network environments.
$n this tutorial, we will also look at the interoperability capabilities of each network operating
system and at the range of client support it provides. Bowever, the information described in this
tutorial is not intended to provide a complete tutorial in any of the operating systems discussed.
2art of the /ob of a network administrator is to manage the network media. This tutorial reviews
some of the common tools used to manage network media.
'inally, configuring client systems to access a network is a common task for administrators.
There are several steps that must be completed including establishing the physical connections
and protocols. *imilarly, this tutorial e!plores the re(uirements to connect client systems outside
the local network. &gain, establishing the physical connections and configuring protocols is
re(uired.
Netor! =peratin$ S,stems
0arly network operating systems provided /ust the basics in terms of network services, such as
file and printer sharing. Today4s network operating systems offer a far broader range of network
services7 some of these services are used in almost every network environment, and others are
used in only a few.
Despite the comple!ity of operating systems, the basic function and purpose of a network
operating system is straightforward: to provide services to the network. The following are some
of the most common of these services:
&uthentication services
'ile and print services
3eb server services
'irewall and pro!y services
Dynamic Bost Configuration 2rotocol "DBC2# and Domain Name *ystem "DN*#
services
These are /ust a few of a large number of services that a network operating system can provide.
The following sections discuss the ma/or operating systems currently in use and how each of
them deals with basic services such as authentication, security, and file and print services.
2inux:'NI>
)roviding a summary of &inu% in a few paragraphs is a difficult task. 3nlike
other operating systems# each of which has only a single variation# &inu% is a
freely distri'uta'le open source operating system that has many variants
called distri'utions. 0ach of these distri'utions offers a slightly different
approach to certain aspects of the operating system# such as installation and
management utilities. 4ome of the most common &inu% distri'utions include
5ed 6at# 4u40# 1e'ian# and /aldera. In light of the many versions of &inu%# if
a command or an approach is listed in this section and is not availa'le in the
version of &inu% you are using# you can look for an e7uivalent command or
approach in your version# and you will very likely find one.
2inux Aut*entication
2eople who are used to working on a 3indows)based system will no doubt discover that
administration on a %inu! system is very different. 'or instance, authentication information such
as a list of users is kept in a te!t file. This file, /etc/passwd, controls who can and cannot log on
to the system.
'or a user to log on to the system, a valid username and password combination must be supplied.
Both of these pieces of information are case sensitive.
2inux File and &rint Services
&lthough it is not the most obvious choice for a file and print server platform, %inu! can perform
the role of a file and print server admirably. $n a base configuration, the volumes on a %inu!
server are not available to network clients. To make them available, one of two file sharing
services is commonly used:
N'* N'* is the original file)sharing system used with %inu!. N'* makes it possible for
areas of the hard disk on a %inu! system to be shared with other clients on the network.
+nce the share has been established from the client side, the fact that the drive is on
another system is transparent to the user.
*amba *amba provides *erver essage Block functionality so that areas of the %inu!
server disks can be made available to 3indows clients. $n much the same way as on
3indows servers, *amba facilitates the sharing of folders that can then be accessed by
3indows client computers. *amba also makes it possible for %inu! printer resources to
be shared with 3indows clients.
&s with the other N+* discussed in this chapter, %inu! has a file system permission structure
that makes it possible to restrict access to files or directories. $n %inu!, each file or directory can
be assigned a very basic set of file rights that dictates the actions that can be performed on the
file. The basic rights are ?ead, 3rite, and 0!ecute. The rights can be e!pressed in an alphabetic
format "that is, ?3E# or a numeric format "CCC#. The rights to a file can be derived from the file
ownership, from a group ob/ect, or from an GeveryoneG designator, which covers all users who
are authenticated on the server. The %inu! file permission structure might not be as sophisticated
as those found in other network operating systems, but it is still more than sufficient in many
environments.
2rinting on a %inu! system occurs through a service called the %ine 2rinter daemon. The %ine
2rinter functionality can be accessed by any user on the network who is properly authori5ed and
connected. $n later versions of %inu!, some distributions have started to provide a more enhanced
printing system called the Common UNIX 2rinting *ystem "C12*#. any people, however, still
prefer to use the traditional %ine 2rinter system because of its simplicity and efficiency.
2inux Application Support
$f you can think of an application that you might need, chances are that it is available for %inu!
in some form. &s well as highly sophisticated commercial applications produced by large
software companies, you can find software for the %inu! platform that is written by an e(ually
enthusiastic army of small software development companies and individuals. This means that
application support for %inu! is on par with, if not greater than, that in other network operating
systems, such as Net3are, even if it has not yet reached the levels achieved by 3indows server
platforms.
$n a sense, all applications created for %inu! are third)party applications in that %inu! itself is
only an operating system kernel. The applications that run on this kernel provide %inu! with its
functionality.
+n the assumption that a network server will have a number of re(uirements, it is common
practice for the %inu! kernel to be bundled with various applications and provided to customers
as a package, which, as discussed earlier, is called a distribution.
+ne aspect in which %inu! certainly has the edge over other operating systems is that many
%inu! applications are free. Developed in the same spirit as %inu! itself, and in many cases
governed by the same licensing types, these free applications can seriously reduce the cost of
maintaining a network server. &lthough it can be said that there are also free server)type
applications for 3indows and Net3are, there are certainly not as many of them as there are for
%inu!. "Note that we are referring to server applications, not applications targeted at workstation
or end)user applications.#
2inux Securit,
Considerable effort has been put into making %inu! a very secure network operating system, and
those efforts are evident. 3hen it is configured correctly, %inu! is a very secure operating
system7 therefore, it is often used as a company4s firewall server. The following are a few
highlights of %inu! security:
?esource access &s in the other network operating systems, access to resources on a
%inu! network is controlled through permissions. &ccess control lists identifying systems
and who can access what resources are held in te!t files such as hosts.deny and
hosts.allow. 2ermissions for network resources and services can be assigned to an
individual user or to a group of users.
1ser authentication To access the local system resources or any network resources, user
authentication, in the form of a username and a password, is re(uired. The user account
information is kept in a te!t file known as the /etc/passwd file in the %inu! system.
'ile and directory security The default file system used by %inu! is the 0ET. file system.
%ike NT'*, which is used with 3indows servers, 0ET. allows administrators to assign
permissions to individual files and folders. These permissions are used to control who is
allowed access to specific data on the server. & secure server should have permissions set
on the important data in the system.
&s %inu! continues to grow in popularity, it will become an increasingly common sight in server
rooms of organi5ations of all si5es. &s a network administrator, you should prepare yourself for
when you encounter a %inu! system not if.
+f the platforms discussed in this chapter, 1N$E and %inu! have the most simplistic approach to
file system security, although for most environments, this approach is more than sufficient. 'ile
permissions can be assigned to either the creator of a file or directory, a group, or the entity
Geveryone,G which includes any authenticated user.
1N$E and %inu! have only three rights that can be assigned. These rights are listed in Table ,.
Table , 'ile 2ermissions on 1N$E8%inu!
Ri$*t Description
?ead &llows files to be listed, opened, and read
3rite &llows files to be created, written to, or modified
0!ecute &llows files to be e!ecuted "that is, run#
The file permissions are listed to the right of the file. The first value specifies whether the file is
a file "-# or a directory "d#. The ne!t three values specify the file rights for the user, the ne!t
three for the group, and the ne!t three for the GeveryoneG assignment.
Mac =S > Server
ac +* is the operating system created for &pple Computer4s line of personal computers. ac
+* has a long history, with the original version being released in ,D@; to run on the original
acintosh computer. $n ,DDD, &pple released its last ma/or revision to its aging 4Classic4
operating system, ac +* D.
The successor to the Classic ac +* was ac +* E, a 1N$E)like operating system with a
friendly and familiar user interface. *uccessive versions of ac +* E have a decimal numeralfor
e!ample, ac +* E.,, E.., and so on.
Because ac +* E uses %inu!81N$E technology, most of the previous section on %inu! applies
to a ac +* E server.
Mac =S > File S,stems and File and &rint
Services
&s you might e!pect, the file systems used on 3indows)based 2Cs is different from those used
in an &pple system. $nstead of the '&T or '&T9. file system, the original ac file system was
&pple4s acintosh 'ile *ystem "'*#. '* was used with earlier ac versions including ac
+* ,9.
ac +* ; introduced &pple4s Bierarchical 'ile *ystem "B'*#. B'* was the primary file system
format used on the acintosh 2lus and later models, until ac +* @.,, when B'* was replaced
by B'* 2lus.
B'*= is the file system most commonly associated with ac +* E. %ike NT'*, B'*= includes
many enhanced features. B'*= supports disk (uotas, byte)range locking, finder information in
metadata, support for hiding file e!tensions on a per)file basis, and more. +ne of the more
publici5ed features of B'*= is /ournaling. $n a /ournaled file system, the system keeps a log of
the hard disk4s main data activity. $n case of a crash or other system failure, the file system can
retrieve lost data by consulting the G/ournalG log, restoring the system to its previous state instead
of having to go through the lengthy process of rebuilding the data.
The following is a list of other file systems supported by ac +* E:
$*+D::- ac supports the ISO9660 file system standard. This is a system)independent
file system for read)only data CDs.
*)D+* ac +* E includes support for *)D+* file system "'&T,., '&T,:, and
'&T9.#.
NT'* ac +* E includes read)only support for NT'*.
1D' 1D' "1niversal Disk 'ormat# is the file system used by D>D)?+ "including
D>D)video and D>D)audio# discs and by many CD)?8?3 packet)writing programs.
3hen working in a heterogeneous network environment "one that uses different +* platforms#,
ac +* E offers a wide)range of support for network file and print services supporting various
file sharing protocols. & file sharing protocol is a high)level network protocol that provides the
structure and language for file re(uests between clients and servers. $t provides the commands
for opening, reading, writing, and closing files across the network. 0ach +* has a different
protocol used as the file sharing protocol.
$n order for a client to have access to multiple servers running different operating systems, either
the client supports the file sharing protocol of each operating system or the server supports the
file sharing protocol of each client. *oftware that adds this capability is very common and
enables interoperability between 3indows, acintosh, Net3are, and 1N$E platforms. The
following is a list of file sharing protocols supported by ac +* E:
&pple 'iling 2rotocol "&'2# The &pple 'iling 2rotocol "&'2# is an &pple proprietary
protocol for file sharing over the network using TC28$2. $f you have a 3indows NT or
3indows .---I .--9 server, you can turn on &pple 'ile 2rotocol "&'2#. &'2 is the
native acintosh file sharing protocol and when enabled, acs will be able to see the
server.
*erver essage Blocks8 Common $nternet 'ile *ystem "*B8C$'*# ac +* E includes
cross)platform support for *B8C'*, the protocols that enable file sharing between
network nodes in a 3indows environment. 1sing ac +* E, acintosh clients can
connect directly to 3indows servers thanks to the *B client built in to the ac +*.
*upport for *B8C'* is supplied by the *amba software package, and installed on all
versions of ac +* E by default. *amba is a networking tool originally designed to
integrate 3indows file sharing protocol "*B8C$'*# and 1N$E systems on a network.
?unning on a 1N$E system, it allows 3indows to share files and printers on the 1N$E
host, and it also allows 1N$E users to access resources shared by 3indows systems.
3henever possible, use ac +* E v,-.. or greater to ensure the best compatibility with
3indows file servers. 3hen using the *B protocol to connect to a 3indows .--- or
.--9 file server, make sure that *B signing "packet signing# is disabled on that server.
Network 'iling *ystem "N'*# N'* is a file sharing protocol associated with 1N$E8%inu!
systems. Clients using ac +* E are able to connect to %inu!81N$E servers using N'*,
/ust like the other 1N$E stations on the network. N'* can be problematic because file
permissions are applied to newly created files and folders on the server based on the user
$D and group $D from the client computer, unless otherwise specified by the server
administrator.
9indos /000 and 9indos Server /004
3indows .--- was the follow)up to the popular 3indows NT ; network operating
system, and it (uickly established itself as a reliable and robust operating system.
3indows .--- built on the success of its predecessor and offered many improvements
and advancements. $n .--9, icrosoft released the latest version of its 3indows server
family of products the aptly named 3indows *erver .--9. icrosoft still currently
supports 3indows .---, and many organi5ations still have 3indows .--- *erver
systems deployed.
Three different versions of 3indows .--- are available for server platforms: 3indows
.--- *erver, &dvanced *erver, and Datacenter *erver. 3indows .--- is also available as
a workstation operating system: 3indows .--- 2rofessional. 3indows .---
2rofessional has the ma/ority of features, capabilities, and strengths of 3indows .---
*erver products but omits the server)type network services and capabilities.
%ike 3indows .---, there are also a number of versions of 3indows *erver .--97
3indows *erver .--9 *tandard 0dition, 3indows *erver .--9 0nterprise 0dition, and
3indows *erver .--9 Datacenter 0dition. &dditionally, 3indows *erver .--9 3eb
0dition is designed as a platform for 3eb)based applications and services. icrosoft
fully e!pects that you will mi! and match editions of 3indows *erver .--9 on a
network, so interoperability between the editions is seamless.
Microsoft Active Director,
&ctive Directory is a directory services system, similar in nature to Novell4s eDirectory,
which allows network ob/ects such as users and groups to be placed into logical areas of a
database. This database can then be distributed among various servers all of which
participate in the &ctive Directory structure. Because all the network ob/ect information
is placed in a single database, albeit a distributed one, it can be used by any network
application or subsystem, eliminating the need for duplicate information to be held on
each server of the network. $n the case of icrosoft server operating systems, 3indows
.--- was the first network operating system to take this approach. 2revious to this, user
accounts on 3indows servers were stored on each server, and special relationships called
trusts had to be set up in order to allow users on one server to access resources in another.
$n &ctive Directory, trusts still e!ist, though their role is somewhat different.
3indows servers on a network can either be domain controllers or member servers.
Domain controllers are servers that have &ctive Directory installed and hold a copy of the
&ctive Directory database. The term domain is used to describe a logical section of the
&ctive Directory database. Domain controllers store user account information, so they
can provide network authentication. &n &ctive Directory domain can have several
domain controllers, with each one having a read8write copy of the &ctive Directory
database. $n fact, for fault)tolerant reasons, this is a good strategy to employ.
ember servers are not involved in the authentication of network users and do not take
part in the &ctive Directory replication process. ember servers are commonly employed
as file and print servers, or with additional software, as database servers, 3eb servers,
firewalls, or servers for other important network services such as DBC2 and DN*.
9indos Server File and &rint Services
The provision of file and print sharing services is a mainstay of any network operating systems,
and 3indows servers are no e!ception. 3indows server systems use a principle called shares to
make areas of a disk available to users. These shares can be secured by share permissions that
can be used on any file system, along with file and folder permissions if they are resident on
New Technology 'ile *ystem "NT'*# partitions.
Both 3indows .--- *erver and 3indows *erver .--9 use the same mechanisms to provide file
system security. ?ights can be assigned to users, groups, and some special entities, which include
the GeveryoneG assignment. Table 9 describes the basic file permissions that can be used with
NT'* on 3indows *erver platforms.
Table 9 Basic 'ile 2ermissions with NT'* on 3indows and 3indows *erver .--9
Ri$*t Description
'ull Control 2rovides all rights
odify &llows files to be modified
?ead J 0!ecute &llows files to be read and e!ecuted "that is, run#
%ist 'older Contents &llows the files in a folder to be listed
?ead &llows a file to be read
3rite &llows a file to be written to
&n added comple!ity to file system security on 3indows platforms is that the shares created to
allow users to access folders across the network can also be assigned a set of permissions.
&lthough these permissions are (uite basic "'ull Control, Change, and ?ead#, they must be
considered because, when assigned, they are combined with NT'* permissions. The rule in this
situation is that the most restrictive permissions assignment applies. 'or e!ample, if a user
connects through a share with ?ead permission and then tries to access a file to which he has the
NT'* 'ull Control right, the actual permissions would be ?ead. The most restrictive right "in
this case, the *hare ?ead permission# overrides the other permissions assignment.
$n addition to the basic file sharing and permission systems, 3indows server systems also
include some advanced features to further enhance the file and server capabilities. These features
include the following:
Disk (uotas The amount of disk space available to a user can be restricted and managed
through disk (uotas. This is a useful element of control over disk usage.
0ncrypting 'ile *ystem "0'*# 0'* allows files to be encrypted while on the disk,
preventing unauthori5ed access. The main advantage of 0'* is that it keeps the files
encrypted even if the user or organi5ation loses physical control of the drives, such as
with a laptop computer.
Distributed 'ile *ystem "D'*# D'* allows multiple directories on distributed servers to
be represented through a single share point, simplifying access for users and
administration.
3indows server systems support the '&T, '&T9., and NT'* file systems. Bowever, if you are
configuring a server, you are unlikely to use '&T or '&T9. as they do not offer any file level
security. &lso, you need NT'* if you want to take advantage of features such as disk (uotas,
D'*, 0'*, file compression, or auditing. Kou also need NT'* to support &ctive Directory.
&lthough it is possible to convert a partition formatted with '&T or '&T9., it is recommended
that you format a drive as NT'* when you are creating partitions rather than converting at a later
date. Drives originally formatted with NT'* have less fragmentation and better performance
than those converted from '&T. $f you do need to convert a partition, you can use the
C+N>0?T utility, but the process is one way. +nce you have converted from '&T, you can
never go back.
3indows server provides comprehensive print server functionality. Clients are able to connect to
printers across the network without the need for locally installed printer drivers. The drivers are
stored on the server and downloaded when the user connects to the printer, making it easy to
ensure that users are using the latest version of the correct driver.
2rinting on a 3indows server can be controlled through a permission mechanism similar to that
used in file system security, though it is less comple!. 2reconfigured groups also allow you to
delegate the management of printing functions, which can be a good idea in large environments.
&ll these features combine to make 3indows a very solid choice as a file and print server.
9indos Securit,
3indows server operating systems provide a full range of security features that make for very
secure network operating systems. 3indows *erver .--9 is considered more secure than
3indows .---, as it employs a Gsecure by defaultG strategy through which unnecessary
applications, services, and security configurations are disabled by default. &dministrators can
then enable applications and services on an as needed basis.
&uthentication security is provided on 3indows servers through Ferberos version <. 'ile system
security and encryption are provided through NT'* permissions and 0'*. Network
communication can be protected by a range of security and authentication protocols, though
$2*ec is most commonly used on 3indows server networks to provide both encryption and
authentication for network data.
AppleS*are I&
ac +* based computers usually can be counted on to rely on the &pple*hare $2 protocol
"although, this is very much at the whim of a network administrator with a modern network, as
both ac +* clients and ac +* servers support so many other protocols#. 3hen connecting
acintosh clients to a server of a different platform, it is often necessary to enable &pple*hare
services to provide backward compatibility to older workstations, or to provide effective
security.
$n the classic versions of the ac +*, &pple*hare functionality was provided by a suite of
e!tensions and control panels providing configuration and core services for this networking
protocol. &s always, when integrating computers using older software onto a newer network,
download and install the latest versions of the &pple*hare software from &pple Computer4s
website, and make sure that the operating system is up)to)date. Download the latest version of
&pple*hare from &pple4s support website at http:88www.apple.com8support8.ac +* E
computers should be kept up)to)date with the *oftware 1pdate utility accessible via *ystem
2references.
&lthough &pple*hare $2 provides a secure way for a user and server to e!change names and
passwords, it is not an encrypted protocol. $t is theoretically possible for an $2 packet to be
intercepted and its contents read by a third party. Therefore, care should be taken when
e!changing sensitive data. 'ortunately, &pple*hare $2 is a pure TC28$2 protocol, so it may be
GtunneledG using any variety of encryption methods. The ac +* itself supports %.T2 over
$2*ec and 22T2, which are capable of encrypting network packets to prevent anyone from
reading intercepted packets.
Netor!in$ " Netor!in$ Devices
Netor!in$ Devices
&ll but the most basic of networks re(uire devices to provide connectivity and functionality.
1nderstanding how these networking devices operate and identifying the functions they perform
are essential skills for any network administrator
This tutorial introduces commonly used networking devices, and, although it is true that you are
not likely to encounter all of the devices mentioned in this tutorial on the e!ams of C*0 J
Network=, you can be assured of working with at least some of them.
Hubs
&t the bottom of the networking food chain, so to speak, are hubs. Bubs are used in networks
that use twisted)pair cabling to connect devices. Bubs can also be /oined together to create larger
networks. Bubs are simple devices that direct data packets to all devices connected to the hub,
regardless of whether the data package is destined for the device. This makes them inefficient
devices and can create a performance bottleneck on busy networks.
$n its most basic form, a hub does nothing e!cept provide a pathway for the electrical signals to
travel along. *uch a device is called a passive hub. 'ar more common nowadays is an active hub,
which, as well as providing a path for the data signals, regenerates the signal before it forwards it
to all of the connected devices. & hub does not perform any processing on the data that it
forwards, nor does it perform any error checking.
Bubs come in a variety of shapes and si5es. *mall hubs with five or eight connection ports are
commonly referred to as workgroup hubs. +thers can accommodate larger numbers of devices
"normally up to 9.#. These are referred to as high)density devices. Because hubs don4t perform
any processing, they do little e!cept enable communication between connected devices. 'or
today4s high)demand network applications, something with a little more intelligence is re(uired.
That4s where switches come in.
MSA'
$n a Token ?ing network, a multistation access unit "*&1# is used in place of the hub that is
used on an 0thernet network. The *&1 performs the token circulation inside the device, giving
the network a physical star appearance. 0ach *&1 has a ?ing $n "?$# port on the device, which
is connected to the ?ing +ut "?+# port on another *&1. The last *&1 in the ring is then
connected to the first to complete the ring. Because Token ?ing networks are few and far
between nowadays, it is far more likely that you will find yourself working with 0thernet hubs
and switches.
Sitc*es
%ike hubs, switches are the connectivity points of an 0thernet network. Devices connect to
switches via twisted)pair cabling, one cable for each device. The difference between hubs and
switches is in how the devices deal with the data that they receive. 3hereas a hub forwards the
data it receives to all of the ports on the device, a switch forwards it only to the port that connects
to the destination device. $t does this by learning the &C address of the devices attached to it,
and then by matching the destination &C address in the data it receives. 'igure , shows how a
switch works.
Fi$ure % Ho a sitc* or!s(
By forwarding data only to the connection that should receive it, the switch can improve network
performance in two ways. 'irst, by creating a direct path between two devices and controlling
their communication, it can greatly reduce the number of collisions on the network. &s you
might recall, collisions occur on 0thernet networks when two devices attempt to transmit at
e!actly the same time. $n addition, the lack of collisions enables switches to communicate with
devices in full)duple! mode. $n a full)duple! configuration, devices can send and receive data
from the switch at the same time. Contrast this with half)duple! communication, in which
communication can occur in only one direction at a time. 'ull)duple! transmission speeds are
double that of a standard, half)duple!, connection. *o, a ,-bps connection becomes .-bps,
and a ,--bps connection becomes .--bps.
The net result of these measures is that switches can offer significant performance improvements
over hub)based networks, particularly when network use is high.
$rrespective of whether a connection is at full or half duple!, the method of switching dictates
how the switch deals with the data it receives. The following is a brief e!planation of each
method:
Cut)through $n a cut)through switching environment, the packet begins to be forwarded
as soon as it is received. This method is very fast, but creates the possibility of errors
being propagated through the network, as there is no error checking.
*tore)and)forward 1nlike cut)through, in a store)and)forward switching environment, the
entire packet is received and error checked before being forwarded. The upside of this
method is that errors are not propagated through the network. The downside is that the
error checking process takes a relatively long time, and store)and)forward switching is
considerably slower as a result.
'ragment 'ree To take advantage of the error checking of store)and)forward switching,
but still offer performance levels nearing that of cut)through switching, 'ragment'ree
switching can be used. $n a 'ragment 'ree)switching environment, enough of the packet
is read so that the switch can determine whether the packet has been involved in a
collision. &s soon as the collision status has been determined, the packet is forwarded.
Hub and Sitc* #ablin$
$n addition to acting as a connection point for network devices, hubs and switches can
also be connected to create larger networks. This connection can be achieved through
standard ports with a special cable or by using special ports with a standard cable.
The ports on a hub to which computer systems are attached are called edium
Dependent $nterface)Crossed "D$)E#. The crossed designation is derived from the fact
that two of the wires within the connection are crossed so that the send signal wire on one
device becomes the receive signal of the other. Because the ports are crossed internally, a
standard or straight)through cable can be used to connect devices.
&nother type of port, called a edium Dependent $nterface "D$# port, is often included
on a hub or switch to facilitate the connection of two switches or hubs. Because the hubs
or switches are designed to see each other as simply an e!tension of the network, there is
no need for the signal to be crossed. $f a hub or switch does not have an D$ port, hubs
or switches can be connected by using a crossover cable between two D$)E ports. The
crossover cable serves to uncross the internal crossing. Kou can see diagrams of the cable
pinouts for both a straight)through and crossover cable in 'igures . and 9, respectively.
Fi$ure / T*e pinouts for a strai$*t"t*rou$* cable(
Fi$ure 4 T*e pinouts for a crossover cable(

Brid$es
Bridges are used to divide larger networks into smaller sections. They do this by sitting
between two physical network segments and managing the flow of data between the two.
By looking at the &C address of the devices connected to each segment, bridges can
elect to forward the data "if they believe that the destination address is on another
interface#, or block it from crossing "if they can verify that it is on the interface from
which it came#. 'igure ; shows how a bridge can be used to segregate a network.
Fi$ure 5 Ho a brid$e is used to se$re$ate netor!s(
3hen bridges were introduced, the &C addresses of the devices on the connected
networks had to be entered manually, a time)consuming process that had plenty of
opportunity for error. Today, almost all bridges can build a list of the &C addresses on
an interface by watching the traffic on the network. *uch devices are called learning
bridges because of this functionality.
Brid$e &lacement and Brid$in$ 2oops
There are two issues that you must consider when using bridges. The first is the bridge
placement, and the other is the elimination of bridging loops:
2lacement Bridges should be positioned in the network using the @-8.- rule. This rule
dictates that @-L of the data should be local and that the other .-L should be destined
for devices on the other side of the bridge.
Bridging loops Bridging loops can occur when more than one bridge is implemented on
the network. $n this scenario, the bridges can confuse each other by leading one another
to believe that a device is located on a certain segment when it is not. To combat the
bridging loop problem, the $000 @-..,d *panning Tree protocol enables bridge
interfaces to be assigned a value that is then used to control the bridge)learning process.
T,pes of Brid$es
Three types of bridges are used in networks:
Transparent bridge derives its name from the fact that the devices on the network are
unaware of its e!istence. & transparent bridge does nothing e!cept block or forward data
based on the &C address.
*ource route bridge 1sed in Token ?ing networks. The source route bridge derives its
name from the fact that the entire path that the packet is to take through the network is
embedded within the packet.
Translational bridge 1sed to convert one networking data format to another7 for e!ample,
from Token ?ing to 0thernet and vice versa.
Today, bridges are slowly but surely falling out of favor. 0thernet switches offer similar
functionality7 they can provide logical divisions, or segments, in the network. $n fact, switches
are sometimes referred to as multiport bridges because of the way they operate.
Routers
$n a common configuration, routers are used to create larger networks by /oining two network
segments. *uch as a *+B+ router used to connect a user to the $nternet. & router can be a
dedicated hardware device or a computer system with more than one network interface and the
appropriate routing software. &ll modern network operating systems include the functionality to
act as a router.
& router derives its name from the fact that it can route data it receives from one network onto
another. 3hen a router receives a packet of data, it reads the header of the packet to determine
the destination address. +nce it has determined the address, it looks in its routing table to
determine whether it knows how to reach the destination and, if it does, it forwards the packet to
the ne!t hop on the route. The ne!t hop might be the final destination, or it might be another
router. 'igure < shows, in basic terms, how a router works.
Fi$ure 1 Ho a router or!s(
&s you can see from this e!ample, routing tables play a very important role in the routing
process. They are the means by which the router makes its decisions. 'or this reason, a routing
table needs to be two things. $t must be up)to)date, and it must be complete. There are two ways
that the router can get the information for the routing table through static routing or dynamic
routing.
Static Routin$
in environments that use static routing# routes and route information are
entered into the routing ta'les manually. Not only can this 'e a time$
consuming task# 'ut also errors are more common. Additionally# when there
is a change in the layout# or topology# of the network# statically configured
routers must 'e manually updated with the changes. Again# this is a time$
consuming and potentially error$laden task. 8or these reasons# static routing
is suited to only the smallest environments with perhaps 9ust one or two
routers. A far more practical solution# particularly in larger environments# is
to use dynamic routing.
D,namic Routin$
In a dynamic routing environment# routers use special routing protocols to
communicate. he purpose of these protocols is simple+ they ena'le routers
to pass on information a'out themselves to other routers so that other
routers can 'uild routing ta'les. here are two types of routing protocols
used the older distance vector protocols and the newer link state protocols.
Distance ?ector Routin$
The two most commonly used distance vector routing protocols are both called ?outing
$nformation 2rotocol "?$2#. +ne version is used on networks running TC28$2. The other,
sometimes referred to as $2E ?$2, is designed for use on networks running the $2E8*2E
protocol.
?$2 works on the basis of hop counts. & hop is defined as one step on the /ourney to the
data4s destination. 0ach router that the data has to cross to reach its destination constitutes
a hop. The ma!imum number of hops that ?$2 can accommodate is ,<. That is to say that
in a network that uses ?$2, all routers must be within ,< hops of each other to
communicate. &ny hop count that is in e!cess of ,< is considered unreachable.
Distance vector routing protocols operate by having each router send updates about all
the other routers it knows about to the routers directly connected to it. These updates are
used by the routers to compile their routing tables. The updates are sent out automatically
every 9- or :- seconds. The actual interval depends on the routing protocol being used.
&part from the periodic updates, routers can also be configured to send a triggered update
if a change in the network topology is detected. The process by which routers learn of a
change in the network topology is known as convergence.
&lthough distance vector protocols are capable of maintaining routing tables, they have
three problems. The first is that the periodic update system can make the update process
very slow. The second problem is that the periodic updates can create large amounts of
network traffic much of the time unnecessarily as the topology of the network should
rarely change. The last, and perhaps more significant, problem is that because the routers
only know about the ne!t hop in the /ourney, incorrect information can be propagated
between routers, creating routing loops.
Two strategies are used to combat this last problem. +ne, split hori5on, works by
preventing the router from advertising a route back to the other router from which it was
learned. The other, poison reverse "also called split hori5on with poison reverse#, dictates
that the route is advertised back on the interface from which it was learned, but that it has
a metric of ,:. ?ecall that a metric of ,: is considered an unreachable destination.
2in! State Routin$
%ink state routing works (uite differently from distance vector)based routing. ?ather than each
router telling each other connected router about the routes it is aware of, routers in a link state
environment send out special packets, called link state advertisements "%*&#, which contain
information only about that router. These %*&s are forwarded to all the routers on the network,
which enables them to build a map of the entire network. The advertisements are sent when the
router is first brought onto the network and when a change in the topology is detected.
+f the two "distance vector and link state#, distance vector routing is better suited to small
networks and link state routing to larger ones. %ink state protocols do not suffer from the
constant updates and limited hop count, and they are also (uicker to correct themselves "to
converge# when the network topology changes.
+n TC28$2 networks, the most commonly used link state routing protocol is the +pen *hortest
2ath 'irst "+*2'#. +n $2E networks, the Net3are %ink *tate 2rotocol "N%*2# is used. Table ,
summari5es the distance vector and link state protocols used with each network protocol.
Table , ?outing 2rotocols
Netor! &rotocol Distance ?ector 2in! State
TC28$2 ?$2 +*2'
$2E8*2E ?$2M N%*2
I&> RI&
4ometimes# to distinguish 'etween the versions of 5I) for I) and I):# the
version for I): is referred to as I): 5I).
@atea,s
Any device that translates one data format to another is called a gateway. 4ome
e%amples of gateways include a router that translates data from one network
protocol to another# a 'ridge that converts 'etween two networking systems# and a
software application that converts 'etween two dissimilar formats. he key point
a'out a gateway is that only the data format is translated# not the data itself. In
many cases# the gateway functionality is incorporated into another device.
9*at is a @atea,A
& gateway is a node that allows you to gain entrance into a network and vice versa. +n the
$nternet the node which is the stopping point can be a gateway or a host node. & computer that
controls the traffic your network or your $*2 "$nternet *ervice 2rovider# receives is a node. $n
most homes a gateway is the device provided by the $nternet *ervice 2rovider that connects users
to the internet.
3hen a computer server serves as a 6ateway node, the gateway node also operates as a firewall
and a pro!y server. & firewall is a system created to prevent unauthori5ed admission into a
private network. & pro!y server is located right between a client application such as a web
browser and the real server. The pro!y server sees if the client applications re(uests can be
carried out by the real server.
1sually a gateway is associated with a router. & router is a device or sometimes computer
software that lets you know the ne!t network data should be sent to ne!t. & router can be
connected to two or more networks at a time, it decides the ne!t destination of the data based on
it4s comprehension of the condition of the networks. & gateway is associated with a router
because a router which uses headers and forwarding tables to figure out where packets or data is
sent provides the path through which information is sent in and out a gateway.
*o a gateway is one of the many ways we can communicate over the 3orld 3ide 3eb. The
gateway allows us to enter different networks on the internet so we can transmit data back and
forth. There4s also software available where you can be able to run several networks on a
computer. &s you have come to see by now having a gateway on your computer has it4s many
benefits.
@atea,s and Default @atea,s
1on;t confuse a gateway with the term default gateway# the term default gateway
refers to a router to which all network transmissions not destined for the local
network are sent.
#S':DS'
& Channel *ervice 1nit8Digital *ervice 1nit "C*18D*1#, sometimes called Data *ervice 1nit,
is a device that converts the digital signal format used on %&Ns into one used on 3&Ns. *uch
translation is necessary because the networking technologies used on 3&Ns are different from
those used on %&Ns.
The C*18D*1 sits between the %&N and the access point provided by the telecommunications
company. any router manufacturers are now incorporating C*18D*1 functionality into their
products.
Netor! #ards
Network cards, also called Network $nterface Cards, are devices that enable computers to
connect to the network.
3hen specifying or installing a N$C, you must consider the following issues:
*ystem bus compatibility $f the network interface you are installing is an internal device,
bus compatibility must be verified. The most common bus system in use is the 2eripheral
Component $nterconnect "2C$# bus, but some older systems might still use $ndustry
*tandard &rchitecture "$*&# e!pansion cards.
*ystem resources Network cards, like other devices, need $?N and memory $8+
addresses. $f the network card does not operate correctly after installation, there might be
a device conflict.
edia compatibility Today, the assumption is that networks use twisted)pair cabling, so
if you need a card for coa!ial or fiber)optic connections, you must specify this. 3ireless
network cards are also available.
0ven more than the assumption you are using twisted)pair cabling is that the networking system
being used is 0thernet. $f you re(uire a card for another networking system such as Token ?ing,
this must be specified when you order.
To install or configure a network interface, you will need drivers of the device, and might need
to configure it, although many devices are now plug and play. ost network cards are now
software configured. any of these software configuration utilities also include testing
capabilities. The drivers and software configuration utilities supplied with the cards are often not
the latest available, so it is best practice to log on to the $nternet and download the latest drivers
and associated software.
ISDN Adapters
$ntegrated *ervices Digital Network "$*DN# is a remote access and 3&N technology that can be
used in place of a 2lain +ld Telephone *ervice "2+T*# dial)up link if it is available. The
availability of $*DN depends on whether your local telecommunications service provider offers
the service, the (uality of the line to your premises, and your pro!imity to the provider4s location.
$*DN offers greater speeds than a modem and can also pick up and drop the line considerably
faster.
$f $*DN is available and you do elect to use it, a special device called an $*DN terminal adapter
is needed to connect to the line. $*DN terminal adapters can be add)in e!pansion cards, e!ternal
devices that connect to the serial port of the system, or speciali5ed interfaces built in to routers or
other networking e(uipment. The $*DN terminal adapter is necessary because, although it uses
digital signals, the signals are formatted differently from those used on a %&N. $n addition, $*DN
can create multiple communication channels on a single line. Today, $*DN is not widely
deployed and has been replaced by faster and often cheaper technologies.
9ireless Access &oints
3ireless access points "&2s# are a transmitter and receiver "transceiver# device used to create a
wireless %&N "3%&N#. &2s are typically a separate network device with a built)in antenna,
transmitter, and adapter. &2s use the wireless infrastructure network mode to provide a
connection point between 3%&Ns and a wired 0thernet %&N. &2s also typically have several
ports allowing a way to e!pand the network to support additional clients.
Depending on the si5e of the network, one or more &2s might be re(uired. &dditional &2s are
used to allow access to more wireless clients and to e!pand the range of the wireless network.
0ach &2 is limited by a transmissions range the distance a client can be from a &2 and still get a
useable signal. The actual distance depends on the wireless standard being used and the
obstructions and environmental conditions between the client and the &2.
*aying that an &2 is used to e!tend a wired %&N to wireless clients doesn4t give you the
complete picture. & wireless &2 today can provide different services in addition to /ust an access
point. Today, the &2s might provide many ports that can be used to easily increase the si5e of the
network. *ystems can be added and removed from the network with no affect on other systems
on the network. &lso, many &2s provide firewall capabilities and DBC2 service. 3hen they are
hooked up, they will provide client systems with a private $2 address and then prevent $nternet
traffic from accessing client systems. *o in effect, the &2 is a switch, a DBC2 *erver, router, and
a firewall.
&2s come in all different shapes and si5es. any are cheaper and designed strictly for home or
small office use. *uch &2s have low powered antennas and limited e!pansion ports. Bigher end
&2s used for commercial purposes have very high powered antennas enabling them to e!tend the
range that the wireless signal can travel.
Modems
& modem, short for modulator8demodulator, is a device that converts the digital signals
generated by a computer into analog signals that can travel over conventional phone lines. The
modem at the receiving end converts the signal back into a format the computer can understand.
odems can be used as a means to connect to an $*2 or as a mechanism for dialing up to a %&N.
odems can be internal add)in e!pansion cards, e!ternal devices that connect to the serial or
1*B port of a system, 2CC$& cards designed for use in laptops, or proprietary devices
designed for use on other devices such as portables and handhelds.
The configuration of a modem depends on whether it is an internal or e!ternal device. 'or
internal devices, the modem must be configured with an interrupt re(uest "$?N# and a memory
$8+ address. $t is common practice, when installing an internal modem, to disable the built)in
serial interfaces and assign the modem the resources of one of those "typically C+.#. Table .
shows the resources associated with serial "C+# port assignments.
Table . Common *erial "C+# 2ort ?esource &ssignments
&ort ID IRB I:= Address Associated Serial I:F Number
C+, ; -9'@ ,
C+. 9 -.'@ .
C+9 ; -90@ ,
C+; 9 -.0@ .
'or e!ternal modems, you need not concern yourself directly with these port assignments, as the
modem connects to the serial port and uses the resources assigned to it. This is a much more
straightforward approach and one favored by those who work with modems on a regular basis.
'or 2CC$& and 1*B modems, the plug)and)play nature of these devices makes them simple to
configure, and no manual resource assignment is re(uired. +nce the modem is installed and
recogni5ed by the system, drivers must be configured to enable use of the device.
Two factors directly affect the speed of the modem connection the speed of the modem itself and
the speed of the 1niversal &synchronous ?eceiver8Transmitter "1&?T# chip in the computer
that is connected to the modem. The 1&?T chip controls the serial communication of a
computer, and although modern systems have 1&?T chips that can accommodate far greater
speeds than the modem is capable of, older systems should be checked to make sure that the
1&?T chip is of sufficient speed to support the modem speed. The 1&?T chip installed in the
system can normally be determined by looking at the documentation that comes with the system.
Table 9 shows the ma!imum speed of the commonly used 1&?T chip types.
Table 9 1&?T Chip *peeds
'ART #*ip Speed )Cbps3
@.<- D:--
,:;<- D:--
,:<<- ,,<,.--
,::<- ;9-,@--
,:C<- D.,,:--
,:D<- D.,,:--
Transceivers )Media #onverters3
The term transceiver does describe a separate network device, but it can also be technology built
and embedded in devices such as network cards and modems. $n a network environment, a
transceiver gets its name from being both a transmitter and a receiver of signals thus the name
transceivers. Technically, on a %&N, the transceiver is responsible for placing signals onto the
network media and also detecting incoming signals traveling through the same wire. 6iven the
description of the function of a transceiver, it makes sense that that technology would be found
with network cards.
&lthough transceivers are found in network cards, they can be e!ternal devices as well. &s far as
networking is concerned, transceivers can ship as a module or chip type. Chip transceivers are
small and are inserted into a system board or wired directly on a circuit board. odule
transceivers are e!ternal to the network and are installed and function similarly to other computer
peripherals, or they can function as standalone devices.
There are many types of transceivers transceivers, fiber optic transceivers, 0thernet transceivers,
wireless "3&2# transceivers, and more. Though each of these media types are different, the
function of the transceiver remains the same. 0ach type of the transceiver used has different
characteristics, such as the number of ports available to connect to the network and whether full)
duple! communication is supported.
%isted with transceivers in the CompT$& ob/ectives are media converters. edia converters are a
technology that allows administrators to interconnect different media types for e!ample, twisted
pair, fiber, and Thin or thick coa! within an e!isting network. 1sing a media converter, it is
possible to connect newer ,--bps, 6igabit 0thernet, or &T e(uipment to e!isting networks
such as ,-B&*0)T or ,--B&*0)T. They can also be used in pairs to insert a fiber segment into
copper networks to increase cabling distances and enhance immunity to electromagnetic
interference "0$#.
Firealls
& firewall is a networking device, either hardware or software based, that controls access to your
organi5ation4s network. This controlled access is designed to protect data and resources from an
outside threat. To do this, firewalls are typically placed at entry8e!it points of a network for
e!ample, placing a firewall between an internal network and the $nternet. +nce there, it can
control access in and out of that point.
&lthough firewalls typically protect internal networks from public networks, they are also used
to control access between specific network segments within a network for e!ample, placing a
firewall between the &ccounts and the *ales departments.
&s mentioned, firewalls can be implemented through software or through a dedicated hardware
device. +rgani5ations implement software firewalls through network operating systems "N+*#
such as %inu!81N$E, 3indows servers, and ac +* servers. The firewall is configured on the
server to allow or permit certain types of network traffic. $n small offices and for regular home
use, a firewall is commonly installed on the local system and configured to control traffic. any
third)party firewalls are available.
Bardware firewalls are used in networks of all si5es today. Bardware firewalls are often
dedicated network devices that can be implemented with very little configuration and protect all
systems behind the firewall from outside sources. Bardware firewalls are readily available and
often combined with other devices today. 'or e!ample, many broadband routers and wireless
access points have firewall functionality built in. $n such case, the router or 3&2 might have a
number of ports available to plug systems in to.
Table ; provides a summary of the networking devices identified in this chapter.
Table ; Network Devices *ummary
Device Function:&urpose Ce, &oints
Bub Connects devices on a
twisted)pair network.
& hub does not perform any tasks besides signal
regeneration.
*witch Connects devices on a
twisted)pair network.
& switch forwards data to its destination by using
the &C address embedded in each packet.
Bridge Divides networks to reduce
overall network traffic.
& bridge allows or prevents data from passing
through it by reading the &C address.
?outer Connects networks together. & router uses the software)configured network
address to make forwarding decisions.
6ateway Translates from one data
format to another.
6ateways can be hardware or software based. &ny
device that translates data formats is called agate
way.
C*18D*1 Translates digital signals used
on a %&N to those used on a
3&N.
C*18D*1 functionality is sometimes incorporated
into other devices, such as a router with a 3&N
connection.
Network card 0nables systems to connect to
the network.
Network interfaces can be add)in e!pansion cards,
2CC$& cards, or built)in interfaces.
$*DN
terminal
adapter
Connects devices to $*DN
lines.
$*DN is a digital 3&N technology often used in
place of slower modem links. $*DN terminal
adapters are re(uired to reformat the data format
for transmission on $*DN links.
3&2 2rovides network capabilities
to wireless network devices.
& 3&2 is often used to connect to a wired
network, thereby acting as a link between wired
and wireless portions of the network.
odem 2rovides serial odems modulate the digital signal into analog at
Table ; Network Devices *ummary
Device Function:&urpose Ce, &oints
communication capabilities
across phone lines.
the sending end and perform the reverse function
at the receiving end.
Transceiver Coverts one media type to
another, such as 1T2 to fiber.
& device that functions as a transmitter and a
receiver of signals such as analog or digital.
'irewall 2rovides controlled data
access between networks.
'irewalls can be hardware or software based and
are an essential part of a networks security
strategy.
MA# Addresses
& &C address is a uni(ue :)byte address that is burned into each network interface or more
specifically, directly into the 2?+ chip on the N$C. The number must be uni(ue, as the &C
address is the basis by which almost all network communication takes place. No matter which
networking protocol is being used, the &C address is still the means by which the network
interface is identified on the network. Notice that $ say network interface. That4s very important,
as a system that has more than one network card in it will have more than one &C address.
&C addresses are e!pressed in si! he!adecimal values. $n some instances, the si! values are
separated by colons ":#7 in others, hyphens ")# are used7 and in still others, a space is simply
inserted between the values. $n any case, because the si! values are he!adecimal, they can only
be numbers -D and the letters &'. *o, a valid &C address might be 00-D0-56-F2-B5-12 or
00-26-DD-14-C4-EE. There is a way of finding out whether a &C address e!ists through the
$000, which is responsible for managing &C address assignment. The $000 has a system in
place that lets you identify the manufacturer of the network interface by looking at the &C
address.
'or e!ample, in the &C address 00-0-C-E!-4C-BD, the 00-0-C portion identifies the
manufacturer and the E!-4C-BD portion is assigned by the manufacturer to make the address
uni(ue. The $000 is the body that assigns manufacturers their $Ds, called +rgani5ationally
1ni(ue $dentifiers, and the manufacturer then assigns the second half, called the 1niversal %&N
&C address. 'rom the $0004s perspective, leaving the actual assignment of addresses to the
manufacturers significantly reduces the administrative overhead for the $000.
The method by which you can discover the &C address of the network interfaces in your
e(uipment depends on which operating system is being used. Table < shows you how to obtain
the &C address on some of the more common platforms.
Table < Commands to +btain &C &ddresses
&latform Met*od
3indows D<8D@8e ?un the winipcfg utility.
3indows NT8.--- ?un ipconfig 8all from a command prompt.
%inu!8*ome 1N$E ?un the ifconfig )a command.
Novell Net3are ?un the config command.
Cisco ?outer ?un the sh int Ointerface nameP command.
&s you work with network interfaces more, you might start to become familiar with which $D is
associated with which manufacturer. &lthough this is a skill that might astound your friends and
impress your colleagues.
Netor!in$ " =SI Model and Netor!
&rotocols
=SI Model and Netor! &rotocols
+ne of the most important networking concepts to understand is the +pen *ystems $nterconnect
"OSI# reference model. This conceptual model, created by the $nternational +rgani5ation for
*tandardi5ation "$*+# in ,DC@ and revised in ,D@;, describes a network architecture that allows
data to be passed between computer systems.
This tutorial looks at the +*$ model and describes how it relates to real)world networking. $t also
e!amines how common network devices relate to the +*$ model. 0ven though the +*$ model is
conceptual, an appreciation of its purpose and function can help you better understand how
protocol suites and network architectures work in practical applications.
=SI Seven 2a,er Model
&s shown in 'igure ,, the +*$ reference model is built, bottom to top, in the following order:
physical, data)link, network, transport, session, presentation, and application. The physical layer
is classified as layer , and the top layer of the model, the application layer, as layer C.
Fi$ure % T*e =SI seven la,er model(
0ach layer of the +*$ model has a specific function. The following sections describe the function
of each layer, starting with the physical layer and working up the model.
&*,sical 2a,er )2a,er %3
The physical layer of the +*$ model identifies the physical characteristics of the network,
including the following specifications:
Bardware The type of media used on the network such as type of cable, type of
connector, and pinout format for cables.
Topology The physical layer identifies the topology to be used in the network. Common
topologies include ring, mesh, star, and bus.
$n addition to these, the physical layer also defines the voltage used on a given media and the
fre(uency at which the signals that carry the data move from one state to another. These
characteristics dictate the speed and bandwidth of a given media as well as the ma!imum
distance over which a certain media type can be used.
Data"lin! 2a,er )2a,er /3
The data)link layer is responsible for getting data to the physical layer so that it can be
transmitted over the network. The data)link layer is also responsible for error detection, error
correction, and hardware addressing. The term frame is used to describe the logical grouping of
data at the data)link layer.
The data)link layer has two distinct sublayers the edia &ccess Control "MAC# sublayer and the
%ogical %ink Control "LLC# sublayer.
&C layer The &C address is defined at this layer. The &C address is the physical
or hardware address burned into each N$C. The &C sublayer also controls access to
network media. The &C layer specification is included in the $000@-.., standard.
%%C layer The %%C layer is responsible for the error and flow)control mechanisms of the
data)link layer. The %%C layer is specified in the @-... standard.
Netor! 2a,er )2a,er 43
The primary responsibility of the network layer is routing providing mechanisms by
which data can be passed from one network system to another. $t does not specify how
the data is passed, but rather provides the mechanisms to do so. 'unctionality at the
network layer is provided through protocols, which are software components.
2rotocols at the network layer are also responsible for route selection, which refers to
determining the best path for the data to take throughout the network. $n contrast to the
data)link layer, which uses &C addresses to communicate on the %&N, network
protocols use software configured addresses and special routing protocols to
communicate on the network. The term packet is used to describe the logical grouping of
data at the data)link layer.
Transport 2a,er )2a,er 53
The basic function of the transport layer is to provide mechanisms to transport data between
network devices. 2rimarily it does this in three ways:
0rror checking 2rotocols at the transport layer ensure that data is sent or received
correctly.
*ervice addressing 2rotocols such as TC28$2 support many network services. The
transport layer makes sure that data is passed to the right service at the upper layers of the
+*$ model.
*egmentation To traverse the network, blocks of data need to be broken down into
packets that are of a manageable si5e for the lower layers to handle. This process, called
segmentation, is the responsibility of the transport layer.
&rotocols at t*e Transport 2a,er
2rotocols that operate at the transport layer can either be connectionless, such as the 1ser
Datagram 2rotocol "1D2# , or connection oriented, such as Transmission Control
2rotocol "TC#. 'or a further discussion of these protocols, and of the difference between
connection oriented and connectionless protocols, refer to the information on network
protocols later in this chapter.
Flo #ontrol
The transport layer is also responsible for data flow control, which refers to the way in which the
receiving device can accept data transmissions. There are two common methods of flow control
used, buffering and windowing:
Buffering when buffering flow control is used, data is temporarily stored and waits for
the destination device to become available. Buffering can cause a problem if the sending
device transmits data much faster than the receiving device is able to manage it.
3indowing $n a windowing environment, data is sent in groups of segments that re(uire
only one acknowledgment. The si5e of the window "that is, how many segments fit into
one acknowledgment# is defined at the time the session between the two devices is
established. &s you can imagine, the need to have only one acknowledgment for every,
say, five segments can greatly reduce overhead.
Session 2a,er )2a,er 13
The session layer is responsible for managing and controlling the synchroni5ation of data
between applications on two devices. $t does this by establishing, maintaining, and breaking
sessions. 3hereas the transport layer is responsible for setting up and maintaining the connection
between the two nodes, the session layer performs the same function on behalf of the application.
&resentation 2a,er )2a,er 73
The presentation layer4s basic function is to convert the data intended for or received from the
application layer into another format. *uch conversion is necessary because of the way in which
data is formatted, so it can be transported across the network. This conversion is not necessarily
readable by applications. *ome common data formats handled by the presentation layer include
the following:
6raphics files A206, T$'', 6$', and so on are graphics file formats that re(uire the data
to be formatted in a certain way.
Te!t and data the presentation layer can translate data into different formats such as
&merican *tandard Code for $nformation $nterchange "&*C$$# and the 0!tended Binary
Coded Decimal $nterchange Code "0BCD$C#.
*ound8video 206s, NuickTime video, and $D$ files all have their own data formats
to and from which data must be converted.
&nother very important function of the presentation layer is encryption, which is the scrambling
of data so that it can4t be read by anyone other than the intended recipient. 6iven the basic role of
the presentation layer that of data)format translator it is the obvious place for encryption and
decryption to take place.
Application 2a,er )2a,er 83
$n simple terms, the function of the application layer is to take re(uests and data from the users
and pass them to the lower layers of the +*$ model. $ncoming information is passed to the
application layer, which then displays the information to the users. *ome of the most basic
application)layer services include file and print capabilities.
The most common misconception about the application layer is that it represents applications
that are used on a system such as a 3eb browser, word processor, or a spreadsheet. $nstead, the
application layer defines the processes that enable applications to use network services. 'or
e!ample, if an application needs to open a file from a network drive, the functionality is provided
by components that reside at the application layer.
=SI Model Summar,
$n summary, Table , lists the seven layers of the +*$ model and describes some of the most
significant points of each layer.
Table , +*$ odel *ummary
=SI 2a,er MaDor Functions
2hysical
"%ayer ,#
Defines the physical structure of the network and the topology.
Data)link
"%ayer .#
2rovides error detection and correction. 1ses two distinct sublayers: the edia
&ccess Control "&C# and %ogical %ink Control "%%C# layers. $dentifies the
method by which media is accessed. Defines hardware addressing through the
&C sub layer.
Network
"%ayer 9#
Bandles the discovery of destination systems and addressing. 2rovides the
mechanism by which data can be passed from one network system to another.
Transport
"%ayer ;#
2rovides connection services between the sending and receiving devices and
ensures reliable data delivery. anages flow control through buffering or
windowing. 2rovides segmentation, error checking, and service identification.
*ession "%ayer
<#
*ynchroni5es the data e!change between applications on separate devices.
2resentation
"%ayer :#
Translates data from the format used by applications into one that can be
transmitted across the network. Bandles encryption and decryption of data.
2rovides compression and decompression functionality. 'ormats data from the
application layer into a format that can be sent over the network.
&pplication 2rovides access to the network for applications.
Table , +*$ odel *ummary
=SI 2a,er MaDor Functions
"%ayer C#
Identif,in$ t*e =SI 2a,ers at 9*ic* ?arious
Netor! #omponents =perate
3hen you have an understanding of the +*$ model, it is possible to relate network connectivity
devices to the appropriate layer of the +*$ model. Fnowing at which +*$ level a device operates
allows you to better understand how it functions on the network. Table . identifies various
network devices and maps them to the +*$ model.
Table . apping Network Devices to the +*$ odel
Device =SI 2a,er
Bub 2hysical "%ayer ,#
*witch Data)link "%ayer .#
Bridge Data)link "%ayer .#
?outer Network "%ayer 9#
N$C Data)link "%ayer .#
3&2 Data)link "%ayer .#
Differentiatin$ Amon$ &rotocols
You might find yourself working with a num'er of protocols in today;s networked
environments. he primary function of these protocols is to facilitate communication
'etween network devices. his section reviews the main characteristics of the most
widely used protocols.
#onnectionless and #onnection"oriented
&rotocols
Before getting into the characteristics of the various network protocols and protocol suites, it4s
important to first identify the difference between connection)oriented and connectionless
protocols.
$n a connection)oriented communication, there is guaranteed delivery of the data. &ny packet
that is not received by the destination system is resent by the sending device. Communication
between the sending and receiving devices continues until the transmission has been verified.
Because of this, connection)oriented protocols have a higher overhead and place greater
demands on bandwidth.
$n contrast to connection)oriented communication, connectionless protocols offer only a best)
effort delivery mechanism. Basically, the information is sent there is no confirmation that the
data has been received. $f there is an error in the transmission, there is no mechanism to resend
the data, so transmissions made with connectionless protocols are not guaranteed.
Connectionless communication re(uires far less overhead than connection)oriented
communication, so it is popular in applications such as streaming audio and video where a small
number of dropped packets might not represent a significant problem.
Internetor! &ac!et +xc*an$e:Se<uenced
&ac!et +xc*an$e
%ike TC28$2 and &ppleTalk that are also discussed in this chapter, $2E8*2E is not a single
protocol but rather a protocol suite. $2E8*2E was created by Novell for use on Novell networks.
3hen Novell had a larger presence in the network arena, so too did the $2E8*2E protocol suite.
Today, the popularity of $2E8*2E has yielded to TC28$2 although it is still used in some network
environments enough. TC28$24s suitability for large multisite networks and its general
acceptance has now even led Novell to adopt TC28$2 as the protocol of choice. Table 9 shows
some of the protocols that comprise the $2E8*2E suite and their functions.
9 $2E8*2E 2rotocols and Their 'unctions
&rotocol Function Related =SI
2a,er)s3
$nternetwork 2acket
0!change "$2E#
& connectionless transport protocol that is primarily
responsible for logical network addressing, route
selections, and connection services.
Network, Transport
Net3are %ink *tate
2rotocol "N%*2#
N%*2 uses a link)state route discovery method to
build routing tables.
Network
Net3are Core
2rotocol "NC2#
NC2 is a connection)oriented protocol that provides
the connection between clients and services.
&pplication,
2resentation,
*ession
?outing $nformation
2rotocol "?$2#
*imilar to the routing protocol used with TC28$2, ?$2
is responsible for the routing of packets on an
$2E8*2E network.
Network
9 $2E8*2E 2rotocols and Their 'unctions
&rotocol Function Related =SI
2a,er)s3
*ervice &dvertising
2rotocol "*&2#
*&2 allows systems providing services to the
network, such as file and print services, to announce
their services and addresses to the network.
&pplication,
2resentation,
*ession
*e(uenced 2acket
0!change "*2E#
*2E is a connection)based protocol used when
guaranteed message delivery is re(uired on the
network.
Transport
I&> Addressin$
An e%ample of an I): address is 0B"D!!CE#000!FE$C06EC. he 0B"D!!CE portion
represents the I): address for the network# which is also sometimes referred to as
the network num'er. he part 000!FE$C06EC is the MA/ address of the node# which
is used for the second part of the address. he node MA/ address is derived directly
from the MA/ address 'urned on to each network card# 'ut in I): addressing# it is
e%pressed without the colons ("*. In addition to this format# I): addresses can also
'e written with each group of four he%adecimal characters separated 'y colonsfor
e%ample# 0000#000$#00!C#$F5!#04CF. In some cases# any leading -s on the network
address portion are dropped. 8or e%ample# 0000000$ can 'e e%pressed simply as $.
he address would then 'e $#00!C#$F5!#04CF.
I&> Interoperabilit,
&s you might e!pect, the $2E8*2E protocol suite is fully supported by Novell Net3are, but it
can also be used in a icrosoft 3indows environment. icrosoft includes its own version of the
$2E8*2E protocol, N3%ink, which provides this interoperability. 1sing the N3%ink protocol
and the icrosoft Client for Net3are, 3indows systems can connect to a Net3are server using
$2E8*2E.
Because of the prevalence of TC28$2, interoperability with the $2E8*2E protocol has become
less important. 'or some time now, TC28$2 has been used as the default protocol on Novell
networks. &s far as %inu! is concerned, there is a way to use the $2E8*2E protocol on a %inu!
system, but TC28$2 is the protocol of choice there too.
I&>:S&> Namin$
3nlike /)<I)# which is discussed later# there are few issues with I):<4): naming
'ecause servers are normally the only parts of a network that are assigned names.
hese names# which are sometimes referred to as addresses# can 'e up to =>
characters (in current versions of Net!are*. !orkstations do not need such names
and instead 9ust use I): addresses.
NetB+'I &rotocol
Net203I was once a popular protocol for smaller networks. It is fast and easy to
configure 'ut has one significant draw'ack in that it is not routa'le. his one fact
limits Net203I to a single network segment far too restrictive for the ma9ority of
today;s networking environments.
NetB+'I Addressin$
In terms of addressing# Net203I is perhaps the simplest of all the protocols
discussed here. 8or this reason# it is still sometimes used on very small simple
networks such as those found in a home or on very small 'usiness networks.
/omputers on a Net203I network are identified 'y Net2I?4 names. he Net2I?4
name can 'e no longer than @A characters and must 'e uni7ue to the network.
3sing the @A characters# you can assign the computers descriptive names such as
workstation# student@# or secretary..
Interoperabilit, it* NetB+'I
he discussion on interopera'ility with Net203I is a short one+ it is used on !indows
platforms e%clusively.
AppleTal!
&ppleTalk is a protocol associated with &pple networks. The &ppleTalk protocol is an
established protocol, having been introduced in the early ,D@-s, and continued development
toward the end of the ,D@-s enabled it to become a viable internet)working protocol.
%ike the $2E8*2E and TC28$2 protocol suites, the &ppleTalk protocol suite is composed of
several protocols. Table ; lists the protocols within the &ppleTalk protocol suite and their
functions.
Table ; &ppleTalk 2rotocols and Their 'unctions
&rotocol Function =SI 2a,er
&pple*hare &pple*hare provides application layer services,
including file and print sharing.
&pplication "%ayer
C#
&ppleTalk &ddress &&?2 is used to map &ppleTalk addresses to Network "%ayer 9#
Table ; &ppleTalk 2rotocols and Their 'unctions
&rotocol Function =SI 2a,er
?esolution 2rotocol
"&&?2#
0thernet and Token ?ing physical addresses.
&ppleTalk Data
*tream 2rotocol
"&D*2#
&D*2 is a session layer protocol used to establish
connections between network devices. $t also
functions at the transport layer and manages flow
control.
*ession "%ayer <#
&ppleTalk 'iling
2rotocol "&'2#
The &'2 protocol manages file sharing for the
network.
2resentation
"%ayer:#8
&pplication "%ayer
C#
&ppleTalk *ession
2rotocol "&*2#
*imilar to the &D*2 protocol, &*2 works at the
session layer of the +*$ model and establishes and
releases connections between networked devices.
*ession "%ayer <#
&ppleTalk
Transaction 2rotocol
"&T2#
&T2 establishes a connectionless session between
networked systems. &T2 functions at the transport
layer.
Transport "%ayer ;#
Datagram Delivery
2rotocol "DD2#
2erforms datagram delivery and also handles
routing functions.
Network "%ayer 9#
0ther Talk %ink
&ccess 2rotocol
"0%&2#
0%&2 is a variation of the &ppleTalk protocol that
is compatible with the 0thernet protocol.
Data)%ink "%ayer .#
Name Binding
2rotocol "NB2#
The NB2 protocol is used to map computer
hostnames to network layer addresses.
Transport "%ayer ;#
2rinter &ccess
2rotocol "2&2#
2&2 is a session layer protocol used to provide
printing services on an &ppleTalk network.
*ession "%ayer <#
?outing Table
aintenance 2rotocol
"?T2#
?T2 is the protocol on &ppleTalk networks that
maintains the routing tables for the network.
Transport "%ayer ;#
Token Talk %ink
&ccess 2rotocol
"T%&2#
T%&2 is a variation on the &ppleTalk protocol that
is compatible with the Token ?ing protocol.
Data)%ink "%ayer .#
Qone $nformation
2rotocol "Q$2#
Q$2 is used to divide network devices into logical
groups called 5ones.
*ession "%ayer <#
AppleTal! Addressin$
%ike the other protocols discussed, the &ppleTalk protocol uses a two)part addressing schemea
node and a network section. The node portion of the address is assigned automatically when the
system is first brought up onto the network. $t is a randomly generated number and then
broadcast to the entire network. $f a duplicate node address is assigned, another will be assigned
and rebroadcast to the network. The network portion of the address is assigned by the network
administrator.
The actual &ppleTalk address is .; bits long with ,: bits used for the network address and @ bits
for the node address. &ppleTalk addresses are e!pressed in decimal format, with the network and
node addresses separated by a period. &n e!ample of an &ppleTalk address might be ;.:C. The ;
represents the network number, and :C is the node number.
AppleTal! Interoperabilit,
Applealk was designed for the purpose of 'eing used on Apple networks and# as
such# is not natively supported 'y most of the other ma9or operating systems.
2ecause of this# today# other protocols such as /)<I) are a more common choice#
even for Apple$'ased networks. In fact# Macintosh systems themselves support the
use of /)<I). Applealk can 'e configured to work with other platforms# 'ut# given
the proliferation of /)<I)# this is not widely done.
AppleTal! Routin$
The earliest implementations of &ppleTalk were not routable, but later versions were. ?outing
functionality for &ppleTalk is provided by the ?T2 protocol. ?T2 provides similar
functionality to the ?$2 protocol used with $2E8*2E and TC28$2 networks.
AppleTal! Namin$
&ppleTalk networks use logical hostnames, making systems readily recogni5able on the
network. The network address)to)hostname resolution is handled by the NB2 protocol in the
&ppleTalk protocol suite. $t performs a similar function to that provided by DN* on a TC28$2
network.
T*e T#&:I& &rotocol Suite
Nuite often, TC28$2 is referred to as a network protocol, although that4s not entirely accurate.
%ike $2E8*2E and &ppleTalk, TC28$2 is actually a protocol suite comprised of many separate
protocols each of which has its own purpose and function. Combined, they all provide the
TC28$2 functionality. The following list contains some of the more well)known protocols found
within the TC28$2 protocol suite:
&ddress ?esolution 2rotocol "&?2#
'ile Transfer 2rotocol "'T2#
$nternet Control essage 2rotocol "$C2#
$nternet 2rotocol "$2#
?everse &ddress ?esolution 2rotocol "?&?2#
*imple ail Transfer 2rotocol "*T2#
Transmission Control 2rotocol "TC2#
This is /ust an introduction to the protocols found within the TC28$2 protocol suite.
T#&:I& Standards
?ne of the strengths of the /)<I) protocol suite is that it is not owned 'y any one
party and is not licensed. his is in contrast to protocols such as Applealk and
I):<4):# which are owned 'y Apple and Novell# respectively. 2ecause of its non$
proprietary nature# /)<I) has an open development model with its standards
pu'lished in documents known as 5e7uests for /omments (58/s*. 58/s are
maintained 'y the Internet 0ngineering ask 8orce (I08*. You can find 58/s
pertaining to /)<I) on I08;s we'site at www.ietf.org.
T#&:I& Addressin$
&nyone who has worked with TC28$2 knows that TC28$2 addressing can be a comple! topic.
This section provides an overview of TC28$2 addressing to compare how other protocols handle
addressing.
$n the most commonly deployed version of TC28$2, version ;, "$2v;# addresses are composed of
four sets of @ bits referred to as octets. These are e!pressed in numbers and separated by periods.
&n e!ample of a TC28$2 address is 192.16.!.2. This format is often referred to as a 9.)bit
dotted decimal.
& single TC28$2 address represents both the $2 address of an individual system and the network
to which the system is attached. Determining which part of the $2 address belongs to the network
and which belongs to the node is the responsibility of the subnet mask. $f part of the address
refers to the network, it is assigned a binary value of 1 within the subnet mask. $f it is the node
address, it4s assigned a binary value of 0 within the subnet mask.
'or e!ample, if you had a subnet mask of 255.255.255.0, the first two octets refer to the
network and the second refer to the node address. *o using the previous $2 address as an
e!ample, the 192.16.! portion of the address represents the network $D, and the .2 portion of
the address represents the node $D. Table < shows default subnet masks and addressing
e!amples.
Table < Determining Network and Node &ddresses
Subnet Mas! I& Address Netor! Address Node Address
.<<.-.-.- ,D..,:@.,-.,-- ,D. ,:@.,-.,--
.<<..<<.-.- ,D..,:@.,-.,-- ,D..,:@ ,-.,--
.<<..<<..<<.- ,D..,:@.,-.,-- ,D..,:@.,- ,--
T#&:I& Interoperabilit,
?f all the protocols used on today;s networks# /)<I) is 'y far the most versatile and
interopera'le. All of the popular operating systems today not only support /)<I)#
'ut the vast ma9ority also use it as the default protocol. his means that in any
network environment# you can have &inu%# !indows# and Net!are servers and
clients all communicating using /)<I).
T#&:I& Namin$
*ystems on a TC28$2 network can be accessed from the network either by their $2 address or by
a hostname. Bostnames are the names assigned to the system to make them easier to remember.
'or instance, the secretary4s computer might have the address of 192.16.4.2!, but you can
access it using its hostname of secretary, or whatever name you assign it.
The name)resolution process from $2 address to hostname is often performed dynamically
through a Domain Name *erver "DN*#. $t can also be done statically using a te!t file called
4Bosts,4 which is stored on each system.
T#&:I& Routin$
/)<I) is a fully routa'le protocol# making it a natural choice for large networks and
those that span multiple locations. As mentioned previously# /)<I) is a protocol
suite+ there are two primary protocols within /)<I) that provide the routing
functionality 5outing Information )rotocol (5I)* and ?pen 4hortest )ath 8irst (?4)8*.
&rotocol Summar,
The most pertinent information from this section is listed in Table :.
Table : Comparison of the >arious 2rotocols Discussed in This Chapter
&rotocol =vervie Routable Addressin$
$2E8*2E 1sed to be the default protocol for
Net3are, but now TC28$2 is
preferred. *till supported by
Netware, 3indows, and %inu!.
*implest addressing scheme of
routable protocols discussed here.
Kes 1ses the &C address to identify
the node, and an eight character ";)
byte# he!adecimal address to
identify the network.
NetB01$ 1sed by 3indows. No 1ses NetB$+* names to identify
systems on the network.
&ppleTalk 1sed by acintosh with some
support on other platforms.
Kes 1ses a two)part addressing scheme.
The first is a randomly generated
number for the node address, and
the second an administrator
assigned number for the network
address.
TC28$2 1sed by default with 1N$E, %inu!,
Net3are and 3indows systems.
&lso supported by acintosh
systems and practically every other
Kes 1ses four sets of @ bits referred to
as octets. & subnet mask is used to
define what parts of the address
refer to the network, and what parts
Table : Comparison of the >arious 2rotocols Discussed in This Chapter
&rotocol =vervie Routable Addressin$
computing platform. The most inter)
operable of all protocols.
refer to the node.
Netor!in$ " T#&:I& )Transmission #ontrol
&rotocol Internet &rotocol3
T#&:I& )Transmission #ontrol
&rotocol:Internet &rotocol3
3ithout (uestion, the TC28$2 protocol suite is the most widely implemented protocol on
networks today.
This tutorial deals with the individual protocols within the protocol suite. The tutorial looks at
the function of the individual protocols and their purposes. $t starts by discussing C:one of the
more comple! facets of TC28$2addressing.
I& Addressin$
$2 addressing is one of the most challenging aspects of TC28$2 and one that can leave even the
most seasoned network administrators scratching their heads. The following sections look at how
$2 addressing works for both $2v; and the newest version of the $2, $2>:.
To communicate on a network using the TC28$2 protocol, each system has to be assigned a
uni(ue address. The address defines both the number of the network to which the device is
attached and the number of the node on that network. $n other words, the $2 address provides two
pieces of information. $t4s a bit like a street name and a house number of a person4s home
address.
0ach device on a logical network segment must have the same network address as all the other
devices on the segment. &ll the devices on that network segment must then have different node
addresses.
$n $2 addressing, another set of numbers, called a subnet mask, is used to define which portion of
the $2 address refers to the network address and which refers to the node address.
$2 addressing is different in $2v; and $2v:. 3e4ll begin our discussion by looking at $2v;, as
$2v: networks are still few an
I&v5
&n $2v; address is composed of four sets of @ binary bits, which are referred to as octets. The
result is that $2 addresses are 9. bits in length. 0ach bit in each octet is assigned a decimal value.
The leftmost bit has a value of ,.@, followed by :;, 9., ,:, @, ;, ., and ,, left to right.
0ach bit in the octet can be either a , or a -. $f the value is ,, it is counted as its decimal value,
and if it is -, it is ignored. $f all the bits are -, the value of the octet is -. $f all the bits in the octet
are ,, the value is .<<, which is ,.@=:;=9.=,:=@=;=.=,.
By using the set of @ bits and manipulating the ,s and -s, you can obtain any value between -
and .<< for each octet.
Table , shows some e!amples of decimal)to)binary value conversions.
Table , Decimal)to)Binary >alue Conversions
Decimal ?alue Binar, ?alue Decimal #alculation
,- ----,-,- @=.R,-
,D. ,,------ ,.@=:;R,D.
.-< ,,--,,-, ,.@=:;=@=;=,R.-<
..9 ,,-,,,,, ,.@=:;=,:=@=;=.=,R..9
I& Address #lasses
$2 addresses are grouped into logical divisions called classes. $n the $2v; address space, there are
five address classes "& through 0#, although only three "&, B, C# are used for assigning
addresses to clients. Class D is reserved for multicast addressing, and Class 0 is reserved for
future development.
+f the three classes available for address assignments, each uses a fi!ed)length subnet mask to
define the separation between the network and the node address. & Class & address uses only the
first octet to represent the network portion, a Class B address uses two octets, and a Class C
address uses the first three octets. The upshot of this system is that Class & has a small number
of network addresses, but each class & address has a very large number of possible host
addresses. Class B has a larger number of networks, but each class B address has a smaller
number of hosts. Class C has an even larger number of networks, but each Class C address has
an even smaller number of hosts. The e!act numbers are provided in Table ..
Table . $2v; &ddress Classes and the Number of &vailable Network8Bost &ddresses
Address
#lass Ran$e
Number of
Netor!s
Number of Hosts per
Netor!
Binar, ?alue of First
=ctet
& ,,.: ,.: ,:,CCC,.,; -!!!!!!!
B ,.@,D, ,:9@; :<,<9; ,-!!!!!!
C ,D...9 .,-DC,,<. .<; ,,-!!!!!
D ..;.9D N& N& ,,,-!!!!
0 .;-.<< N& N& ,,,,!!!!
Subnet Mas! Assi$nment
%ike an $2 address, a subnet mask is most commonly e!pressed in a 9.)bit dotted)decimal
format. 1nlike an $2 address, though, a subnet mask performs /ust one function: $t defines which
parts of the $2 address refer to the network address and which refer to the node address. 0ach of
the classes of $2 address used for address assignment has a standard subnet mask associated with
it. The default subnet masks are listed in Table 9.
Table 9 Default *ubnet asks &ssociated with $2 &ddress Classes
Address #lass Default Subnet Mas!
& .<<.-.-.-
B .<<..<<.-.-
C .<<..<<..<<.-
Default @atea,s
Default gateways are the means by which a device can access hosts on other networks for which
it does not have a specifically configured route. ost workstation configurations actually /ust use
a default gateway rather than having any static routes configured. *uch a configuration is
practical because workstations are typically only connected to one network, and thus have only
one way off that network.
3hen a system wants to communicate with another device, it first determines whether the host is
on the local network or a remote network. $f the host is on a remote network, the system looks in
the routing table to determine whether it has an entry for the network that the remote host is on.
$f it does, it uses that route. $f it does not, the data is sent to the default gateway.
$n essence, the default gateway is simply the path out of the network for a given device.
I&v7 Addressin$
&lthough $2v; has served us well for a number of years, it is finally starting to reach its end. The
main problem with $2v; is simply that the demand for $2 addresses outweighs what $2v; is
capable of providing. That is where $2v: comes in.
By far, the most significant aspect of $2v: is its addressing capability. The address range of $2v;
is nearly depleted, and it is widely acknowledged that we are /ust at the beginning of the digital
era. Therefore, we need an addressing scheme that offers more addresses than can possibly be
used in the foreseeable future. $2v: delivers e!actly that. 3hereas $2v; uses a 9.)bit address,
$2v: uses a ,.@)bit address that yields a staggering
9;-,.@.,9::,D.-,D9@,;:9,;:9,9C;,:-C,;9,,C:@,.,,,;<: possible addressesS
$2v: addresses are e!pressed in a different format from those used in $2v;. &n $2v: address is
composed of eight octet pairs e!pressed in he!adecimal, separated by colons. The following is an
e!ample of an $2v: address:
42DE#$E55#6!F2#21""#CBD4#D$$!#CC21#554F
Subnettin$
Now that you have looked at how $2 addresses are used, you can learn the process of subnetting.
*ubnetting is a process by which the node portions of an $2 address are used to create more
networks than you would have if you used the default subnet mask.
To illustrate subnetting, let4s use an e!ample. *uppose that you have been assigned the Class B
address 150.150.0.0. 1sing this address and the default subnet mask, you could have a single
network "150.150# and use the rest of the address as node addresses. This would give you a large
number of possible node addresses, which in reality is probably not very useful. 3ith subnetting,
you use bits from the node portion of the address to create more network addresses. This reduces
the number of nodes per network, but chances are, you will still have more than enough.
There are two main reasons for subnetting. 'irst, it allows you to use $2 address ranges more
effectively. *econd, it provides increased security and manageability to $2 networking by
providing a mechanism to create multiple networks rather than having /ust one. 1sing multiple
networks confines traffic to only the network that it needs to be on, which reduces overall
network traffic levels. ultiple subnets also create more broadcast domains, which in turn
reduces network wide broadcast traffic.
Identif,in$ t*e Differences beteen &ublic
and &rivate Netor!s
$2 addressing involves many considerations, not least important of which are public and private
networks. & public network is a network to which anyone can connect. The best, and perhaps
only pure, e!ample of such a network is the $nternet. & private network is any network to which
access is restricted. & corporate network or a network in a school is e!amples of private
networks.
The main difference between public and private networks, apart from the fact that access to a
private network is tightly controlled and access to a public network is not, is that the addressing
of devices on a public network must be considered carefully, whereas addressing on a private
network has a little more latitude.
&s already discussed, in order for hosts on a network to communicate by using TC28$2, they
must have uni(ue addresses. This number defines the logical network each host belongs to and
the host4s address on that network. +n a private network with, say, three logical networks and
,-- nodes on each network, addressing is not a particularly comple! task. +n a network on the
scale of the $nternet, however, addressing is very comple!.
$f you are connecting a system to the $nternet, you need to get a valid registered $2 address. ost
commonly, you would obtain this address from your $*2. &lternatively, for e!ample, if you
wanted a large number of addresses, you could contact the organi5ation responsible for address
assignment in your geographical area. Kou can determine who the regional numbers authority for
your area is by visiting the $&N& website.
Because of the nature of their business, $*2s have large blocks of $2 addresses that they can
assign to their clients. $f you need a registered $2 address, getting one from an $*2 will almost
certainly be a simpler process than going through a regional numbers authority. *ome $*2s4 plans
actually include blocks of registered $2 addresses, working on the principle that businesses are
going to want some kind of permanent presence on the $nternet. +f course, if you discontinue
your service with the $*2, you will no longer be able to use the $2 address they provided.
&rivate Address Ran$es
To provide fle!ibility in addressing and to prevent an incorrectly configured network from
polluting the $nternet, certain address ranges are set aside for private use. These address ranges
are called private ranges because they are designated for use only on private networks. These
addresses are special because $nternet routers are configured to ignore any packets they see that
use these addresses. This means that if a private network GleaksG onto the $nternet, it won4t make
it any farther than the first router it encounters.
Three ranges are defined in ?'C ,D,@one each from Classes &, B, and C. Kou can use
whichever range you want, although the Class & and Class B address ranges offer more
addressing options than does Class C. The address ranges are defined in Table ;.
Table ; 2rivate &ddress ?anges
#lass Address Ran$e Default Subnet Mas!
& ,-.-.-.-,-..<<..<<..<< .<<.-.-.-
B ,C..,:.-.-,C..9,..<<..<< .<<..<<.-.-
C ,D..,:@.-.-,D..,:@..<<..<< .<<..<<..<<.-
Assi$nin$ I& Addresses
6aving esta'lished the need for each system on a /)<I) 'ased network to have a
uni7ue address# we can now go on to look at how those systems receive their
addresses.
Static Addressin$
4tatic addressing refers to the manual assignment of I) addresses to a system.
here are two main pro'lems with this approach. 4tatically configuring one system
with the correct address is simple# 'ut in the course of configuring# say# a few
hundred systems# mistakes are likely to 'e made. If the I) addresses are entered
incorrectly# the system will most likely not 'e capa'le of connecting to other
systems on the network. Another draw'ack of static addressing is reconfiguration. If
the I) addressing scheme for the organiBation changes# each system must again 'e
manually reconfigured. In a large organiBation with hundreds or thousands of
systems# such a reconfiguration could take a considera'le amount of time. hese
draw'acks to static addressing are so significant that nearly all networks use
dynamic I) addressing.
D,namic Addressin$
Dynamic addressing refers to the assignment of $2 addresses automatically. +n modern networks
the mechanism used to do this is the Dynamic Bost Configuration 2rotocol "DBC2#. DBC2 is a
protocol, part of the TC28$2 protocol suite, which enables a central system to provide client
systems with $2 addresses. &ssigning addresses automatically with DBC2 alleviates the burden
of address configuration and reconfiguration that occurs with static $2 addressing.
The basic function of the DBC2 service is to automatically assign $2 addresses to client systems.
To do this, ranges of $2 addresses, known as scopes, are defined on a system that is running a
DBC2 server application. 3hen another system configured as a DBC2 client is initiali5ed, it
asks the server for an address. $f all things are as they should be, the server assigns an address to
the client for a predetermined amount of time, which is known as the lease, from the scope.
& DBC2 server can typically be configured to assign more than /ust $2 addresses7 they are often
used to assign the subnet mask, the default gateway, and Domain Name *ervice "DN*#
information.
1sing DBC2 means that administrators do not have to manually configure each client system
with a TC28$2 address. This removes the common problems associated with statically assigned
addresses such as human error. The potential problem of assigning duplicate $2 addresses is also
eliminated. DBC2 also removes the need to reconfigure systems if they move from one subnet to
another, or if you decide to make a wholesale change of the $2 addressing structure.
DH#& Dependent and Independent
DBC2 is a protocol)dependant service, not a platform dependent service. This means that you
can use, for e!ample, a %inu! DBC2 server for a network with 3indows clients or a Novell
DBC2 server with %inu! clients.
%ike DBC2, B++T2 is a broadcast)based system. Therefore, routers must be configured to
forward B++T2 broadcasts. Today, it is far more likely that DBC2, rather than B++T2, is used.
A&I&A
&utomatic 2rivate $2 addressing "&2$2&# is a feature introduced with 3indows D@, and has been
included in all subse(uent 3indows versions. The function of &2$2& is that a system is capable
of providing itself with an $2 address in the event that it is incapable of receiving an address
dynamically from a DBC2 server. $n such an event, &2$2& assigns the system an address from
the 169.254.0.0 address range and configures an appropriate subnet mask "255.255.0.0#.
Bowever, it doesn4t configure the system with a default gateway address. &s a result,
communication is limited to the local network.
The idea behind &2$2& is that systems on a segment can communicate with each other in the
event of DBC2 server failure. $n reality, the limited usability of &2$2& makes it little more than
a last resort measure. 'or e!ample, imagine that a system is powered on while the DBC2 server
is operational and receives an $2 address of 192.16.100.2. Then the DBC2 server fails. Now,
if the other systems on the segment are powered on and are unable to get an address from the
DBC2 server because it is down, they would self)assign addresses in the 169.254.0.0 address
range via &2$2&. The systems with &2$2& addresses would be able to talk to each other, but
they couldn4t talk to a system that received an address from the DBC2 server. %ikewise, any
system that received an $2 address via DBC2 would be unable to talk to systems with &2$2&
assigned addresses. This, and the absence of a default gateway, is why &2$2& is of limited use in
real)world environments.
T#&:I& &rotocols
he /)<I) protocol suite is made up of many different protocols# each of which
performs a specific task or function. he following sections look at the functions of
these protocols and their purposes.
Internet &rotocol )I&3
he $2 protocol is a network layer protocol responsible for transporting data between network
devices and for handling $2 addressing. $2 is a connectionless protocol, meaning that data
delivery is not guaranteed7 it takes the best)effort approach.
Transmission #ontrol &rotocol )T#&3
/) functions at the transport layer of the ?4I model and is a connection$oriented
protocol that uses I) as its network protocol. 2eing connection$oriented means that
/) esta'lishes a mutually acknowledged session 'etween two hosts 'efore
communication takes place. /) provides relia'ility to I) communications.
4pecifically# /) adds features such as flow control# se7uencing# and error detection
and correction. 8or this reason# higher$level applications that need guaranteed
delivery use /) rather than its lightweight and connectionless 'rethren# the 3ser
1atagram )rotocol (31)*.
'ser Data$ram &rotocol )'D&3
1D2 operates at the transport layer of the +*$ model and performs functions similar to that of
TC2, with one notable difference7 1D2 is a connectionless protocol and does not guarantee data
delivery. Both TC2 and 1D2 use $2 as its transport protocol.
Because 1D2 does not need to guarantee data delivery it is much more efficient than TC2, so for
applications that don4t need the added features of TC2, 1D2 is much more economical in terms
of bandwidth and processing effort. & good e!ample of 1D2 is an online radio station that sends
data but does not confirm data delivery.
File Transfer &rotocol )FT&3
The 'T2 protocol is an application layer protocol that provides a method for uploading and
downloading files from a remote system running 'T2 server software. 'T2 uses the TC2
transport protocol to guarantee the delivery of data packets.
'T2 has some basic security capabilities, such as a capability to authenticate users. Bowever,
rather than create a user account for every user, you can configure 'T2 server software to accept
anonymous logons. 3hen you do this, the username is anonymous, and the password is normally
the user4s email address. ost 'T2 servers that offer files to the general public operate in this
way.
'T2 is popular for distributing files over the $nternet but is also used within organi5ations that
need to fre(uently e!change large files with other people or organi5ations that find it impractical
to use regular email.
FT& Securit, #oncerns
+ne significant issue with 'T2 is that usernames and passwords are communicated between
client and host in clear te!t. This is a potential security concern. 'or this reason, secure methods
of copying files such as *'T2, discussed later, are becoming more commonly used.
'T2 is platform independent, meaning that all the common network operating systems offer 'T2
server capabilities. $n addition, all commonly used client operating systems offer 'T2 client
functionality. &lternatively, third)party utilities such as *mart'T2 and Cute'T2 are often used.
There are several commands that can be used with 'T2. Table < lists the commands that are used
with the 'T2 protocol.
Table < 'T2 Commands
#ommand &urpose
ls %ists the files in the current directory on the remote system.
cd Changes the working directory on the remote host.
lcd Changes the working directory on the local host.
put 1ploads a single file to the remote host.
get Downloads a single file from the remote host.
mput 1ploads multiple files to the remote host.
mget Downloads multiple files from the remote host.
Table < 'T2 Commands
#ommand &urpose
binary *witches transfers into binary mode.
ascii *witches transfers into &*C$$ mode "the default#.
Secure File Transfer &rotocol )SFT&3
+ne of the big problems associated with 'T2 is that it transmits data between sender and receiver
in an unencrypted format. The solution is the *ecure 'ile Transfer 2rotocol, which is based on
*ecure *hell "**B# technology. **B provides robust authentication between sender and
receiver, in addition to encryption capabilities.
*'T2 is implemented through client and server software that is available for all commonly used
computing platforms.
Trivial File Transfer &rotocol )TFT&3
& variation on 'T2 is T'T2, which is also a file transfer mechanism. 'T2 and T'T2 are both
application layer protocols7 however, T'T2 does not have the rudimentary security capability or
the level of functionality that 'T2 has. T'T2 uses only 1D2 as a transport protocol, making it a
connectionless protocol. &s such, it has a lower overhead than 'T2.
&nother feature that T'T2 does not offer is directory navigation. $n 'T2, commands can be
e!ecuted to navigate around and manage the file system7 T'T2 offers no such capability. T'T2
re(uires that you re(uest not only e!actly what you want, but also from what specific location.
Simple Mail Transfer &rotocol )SMT&3
The *T2 protocol defines how mail messages are sent between hosts. *T2 is a connection)
oriented protocol7 it uses TC2 connections to guarantee error)free delivery of messages. *T2 is
not overly sophisticated and re(uires that the destination host always be available. 'or this
reason, mail systems spool incoming mail so that users can read it at a later time. Bow the user
then reads the mail depends on how the client accesses the *T2 server. *T2 is an application
layer protocol. Today, *T2 is often used to send email between servers, whereas another
protocol such as 2+29 or $&2; is used to download the email from the server to a client
system.
H,pertext Transfer &rotocol )HTT&3
$n practical uses, BTT2 is the protocol that allows te!t, graphics, multimedia, and other material
to be downloaded from an BTT2 server "commonly called a 3eb server#. BTT2 defines which
actions clients can re(uest and how servers should answer those re(uests. BTT2 uses TC2 as a
transport protocol, making it a connection)oriented protocol. Bowever, it can also use 1D2 for
certain functions.
BTT2 uses a uniform resource locator "1?%# to determine which page should be downloaded
from the remote server. The 1?% contains the type of re(uest "for e!ample, http:88#, the name of
the server being contacted "for e!ample, www.novell.com#, and optionally the page being
re(uested "for e!ample, 8support#. The result is the synta! that $nternet)savvy people are familiar
with: http:88www.novell.com8support. BTT2 functions at the application layer of the +*$ model.
H,pertext Transfer &rotocol Secure )HTT&S3
Normal BTT2 re(uests are sent in clear te!t, and for some $nternet transactions such as online
banking or e)commerce, this poses a significant security problem. The solution for such
applications is to use the BTT2* protocol. BTT2* uses a security technology known as *ecure
*ockets %ayer "**%#, which encrypts the information sent between the client and the host. Kou
can tell when you are accessing a page with BTT2* because the 1?% will have an BTT2*:88
address as opposed to 4plain4 BTT2, which uses an address of BTT2:88. &n e!ample of an
BTT2* 1?% address is https:88www.nationalonlinebank.com.
%ike BTT2, BTT2* uses the TC2 transport protocol and operates at the application layer of the
+*$ model.
&ost =ffice &rotocol version 4 )&=&43 and
Internet Messa$e Access &rotocol version 5
)IMA&53
Both 2+29 and $&2; are mechanisms for downloading, or pulling, email from a mail server.
They are necessary because, although the mail is transported around the network via *T2,
users cannot always read it immediately so it must be stored in a central location. 'rom this
location, it must then be downloaded, which is what 2+29 and $&2; allow you to do.
+ne of the problems with 2+29 is that the password used to access a mailbo! is transmitted
across the network in clear te!t. That means if someone wanted to, he could determine your
2+29 password with relative ease. This is an area in which $&2; offers an advantage over
2+29. $t uses a more sophisticated authentication system, which makes it harder for someone to
determine a password.
Telnet
The function of Telnet is to allow the establishment of sessions on a remote host. & user can then
e!ecute commands on that remote host as if he were physically sitting at the system. Telnet is
widely used to access 1N$E and %inu! systems, as well as to administer some managed
networking e(uipment such as switches or routers. Telnet uses TC2 as a transport layer protocol
and functions at the application layer of the +*$ model.
Secure S*ell )SSH3
*ecure *hell "**B# is a secure alternative to Telnet. **B provides security by encrypting data as
it travels between systems. $t also provides more robust authentication systems than Telnet.
&lthough **B, like Telnet, is primarily associated with 1N$E and %inu! systems,
implementations of **B are available for all commonly used computing platforms including
3indows and acintosh. &s discussed earlier, **B is the foundational technology for the
*ecure 'ile Transfer 2rotocol "*'T2#.
Internet #ontrol Messa$e &rotocol )I#M&3
$C2 is a protocol that works with $2 to provide error checking and reporting functionality. $n
effect, $C2 is a tool that $2 uses in its (uest to provide best)effort delivery. $C2 functions at
the network layer of the +*$ model.
$C2 can be used for a number of functions. $ts most common is probably the widely used and
incredibly useful p%n& utility. '%n& sends a stream of $C2 echo re(uests to a remote host. $f the
host is able to respond, it does so by sending echo reply messages back to the sending host. $n
that one simple process, $C2 enables the verification of the protocol suite configuration of both
the sending and receiving nodes and any intermediate networking devices.
Address Resolution &rotocol:Reverse Address
Resolution &rotocol )AR&:RAR&3
The basic function of the &?2 protocol is to resolve $2 addresses to edia &ccess Control
"&C# addresses. 3hen a system attempts to contact another host, $2 first determines whether
the other host is on the same network it is on by looking at the $2 address. $f $2 determines that
the destination is on the local network, it consults the &?2 cache to determine whether it has a
corresponding entry.
$f there is not an entry for the host in the &?2 cache, $2 sends a broadcast on the local network,
asking the host with the target $2 address to send back its &C address. The communication is
sent as a broadcast because without the target system4s &C address, the source system is unable
to communicate directly with the target system.
The ?everse &ddress ?esolution 2rotocol "?&?2# performs the same function as &?2, but in
reverse. $n other words, it resolves &C addresses to $2 addresses. ?&?2 makes it possible for
applications or systems to learn their own $2 address from a router or DN* server. *uch a
resolution comes in handy for tasks such as performing reverse lookups in DN*.
Netor! Time &rotocol )NT&3
N) uses the /) transport protocol and is the protocol that facilitates the
communication of time information 'etween systems. he idea is that one system
configured as a time provider transmits time information to other systems that can
'e 'oth the time receivers and the time providers to other systems.
Netor! Nes Transport &rotocol )NNT&3
The Network News Transfer 2rotocol "NNT2# is a protocol associated with posting and
retrieving messages from newsgroups. & newsgroup is the name given to a discussion forum that
is hosted on a remote system. By using NNT2 client software, similar to that included with many
common email clients, users can post, reply, and retrieve messages.
NNT2 is an application layer protocol that uses TC2 as its transport mechanism.
Secure #op, &rotocol )S#&3
the 4ecure /opy )rotocol (4/)* is another protocol 'ased on 4ecure 4hell (446*
technology. 4/) provides a secure means to copy files 'etween systems on a
network. 2y using 446 technology# it encrypts data as it travels across the network#
there'y securing it from eavesdropping. It is intended as a more secure su'stitute
for the 5emote /opy )rotocol (5/)*. 4/) is most commonly associated with 3NI: or
&inu% platforms# though it is availa'le as a command$line utility or as part of
application software for most commonly used computing platforms. 4/) operates at
the application layer of the ?4I model.
2i$*tei$*t Director, Access &rotocol
)2DA&3
The %ightweight Directory &ccess 2rotocol "%D&2# is a protocol that provides a mechanism to
access and (uery directory services systems. These directory services systems are most likely to
be Novell Directory *ervices "ND*# and icrosoft4s &ctive Directory. &lthough %D&2 supports
command)line (ueries that are e!ecuted directly against the directory database, most %D&2
interactions will be via utilities such as an authentication program "network logon# or locating a
resource in the directory through a search utility. %D&2 operates at the application layer of the
+*$ model.
Internet @roup Mana$ement &rotocol
)I@M&3
The $nternet 6roup anagement 2rotocol "$62# protocol is associated with the process of
multicasting. ulticasting is a mechanism by which groups of network devices can send and
receive data between the members of the group at one time, rather than separately sending
messages to each device in the group.
The $62 protocol is used to register devices into a multicast group, as well as to discover what
other devices on the network are members of the same multicast group. Common applications
for multicasting include groups of routers on an internetwork and videoconferencing clients.
$62 operates at the network layer of the +*$ model.
2ine &rinter Remote )2&R3
The %ine 2rinter ?emote "%2?# protocol provides a means to connect to print servers on a
network. $t is a generic printing protocol supported by all commonly used operating systems
including 1N$E, 3indows, and %inu!.
To make use of %2?, client software is installed on a system. 3hen a file is sent to print, it is
channeled over the network by %2? to a print server or printer. That server or printer runs a print
server program, normally the %ine 2rinter Daemon "%2D#, which accepts the %2? information
and adds that /ob to the print (ueue. %2? operates at the application layer of the +*$ model.
T#&:I& &rotocol Suite Summar,
The details of each of the protocols discussed in the preceding sections are summari5ed in Table
:.
Table : TC28$2 2rotocol *uite *ummary
&rotocol Full Name Description =SI 2a,er
$2 $nternet 2rotocol Connectionless protocol used for moving
data around a network.
Network
TC2 Transmission Control
2rotocol
Connection)oriented protocol that offers
flow control, se(uencing, and
retransmission of dropped packets.
Transport
1D2 1ser Datagram 2rotocol Connectionless alternative to TC2 that is
used for applications that do not re(uire
the functions offered by TC2.
Transport
'T2 'ile Transfer 2rotocol 2rotocol for uploading and down)loading
files to and from a remote host7 also
accommodates basic file)management
tasks.
&pplication
*'T2 *ecure 'ile Transfer
2rotocol
2rotocol that performs a similar function
to 'T2, but provides more secure
authentication and encryption
mechanisms.
&pplication
T'T2 Trivial 'ile Transfer
2rotocol
'ile transfer protocol that does not have
the security or error)checking capabilities
of 'T27 uses 1D2 as a transport protocol
and is therefore connectionless.
&pplication
*T2 *imple ail Transfer
2rotocol
echanism for transporting email across
networks.
&pplication
BTT2 Byperte!t Transfer
2rotocol
2rotocol for retrieving files from a 3eb
server.
&pplication
BTT2* Byperte!t Transfer
2rotocol *ecure
*ecure protocol for retrieving files from a
3eb server.
&pplication
2+298$&2; 2ost +ffice 2rotocol
version 98$nternet
essage &ccess
2rotocol version ;
1sed for retrieving email from a server
on which the mail is stored.
&pplication
Telnet Telnet &llows sessions to be opened on a remote
host.
&pplication
**B *ecure *hell %ike Telnet, allows sessions to be opened
on a remote host, but provides
authentication and encryption
&pplication
Table : TC28$2 2rotocol *uite *ummary
&rotocol Full Name Description =SI 2a,er
capabilities.
$C2 $nternet Control
essage 2rotocol
1sed for error reporting, flow control,
and route testing.
Network
&?2 &ddress ?esolution
2rotocol
?esolves $2 addresses to &C addresses,
to enable communication between
devices.
Network
?&?2 ?everse &ddress
?esolution 2rotocol
?esolves &C addresses to $2 addresses. Network
NT2 Network Time 2rotocol 1sed to communicate time
synchroni5ation information between
devices.
&pplication
NNT2 Network News
Transport 2rotocol
2rotocol used for accessing and
downloading messages from $nternet)
based newsgroups.
&pplication
*C2 *ecure Copy 2rotocol 2rotocol that uses *ecure *hell "**B#
technology to provide a safe way to copy
files between systems.
&pplication
%D&2 %ightweight Directory
&ccess 2rotocol
2rovides a mechanism to access directory
services systems
&pplication
$62 $nternet 6roup
anagement 2rotocol
2rotocol used for communication
between devices in a multicast group.
Network
%2? %ine 2rinter ?emote 2rovides a mechanism to send printing
tasks to a print server.
&pplication
T#&:'D& &ort Functions
0ach TC28$2 protocol or application has a port associated with it. 3hen a communication is
received, the target port number is checked to determine which protocol or service it is destined
for. The re(uest is then forwarded to that protocol or service. Take, for e!ample, BTT2, whose
assigned port number is 0. 3hen a 3eb browser forms a re(uest for a web page, the re(uest is
sent to port 0 on the target system. 3hen the target system receives the re(uest, it e!amines the
port number and when it sees that the port is 0, it forwards the re(uest to the 3eb server
application.
TC28$2 has :<,<9< ports available with 0 to 102! being labeled as the well)known ports. $t is
important to understand the numbers of some of the well)known ports, as administration often
re(uires you to specify port assignments when working with applications and configuring
services. Table C shows some of the most common port assignments.
Table C TC28$2 2ort &ssignments for Commonly 1sed 2rotocols
&rotocol &ort Assi$nment
'T2 .-
'T2 .,
**B ..
Telnet .9
*T2 .<
DN* <9
T'T2 :D
BTT2 @-
2+29 ,,-
NNT2 ,,D
NT2 ,.9
$&2; ,;9
BTT2* ;;9
Netor! Services
Network services provide the ability to manage and administer TC28$2)based networks. Today, it
is (uite likely that a network of any si5e will use a number of network services, making them an
important component of network administration.
Domain Name Service )DNS3
The function of the DN* service is to resolve hostnames, such as server,.!y5.com, to $2
addresses. *uch a resolution system makes it possible for people to remember the names of, and
refer to fre(uently used hosts, using the easy)to)remember hostnames rather than the hard)to)
remember $2 addresses.
*imilar to other TC28$2)based services, DN* is a platform)independent protocol. Therefore, it
can be used on %inu!, 1N$E, 3indows, Net3are, and almost every other platform.
+n networks where there is no DN* server, it is possible to resolve hostnames to $2 address
using the B+*T* file7 however, such environments are becoming increasingly rare. &ll common
network operating systems now include DN* server application software.
The B+*T* file is a te!t file, found on almost all 2C operating systems, in which you can place
hostname)to)$2)address resolution information. 3hen B+*T* files are used, it4s up to the
administrator to manually make changes to the file if needed.
This factor alone is sufficient to make the installation of a DN* server an obvious choice.
Netor! Address Translation )NAT3 and
Internet #onnection S*arin$ )I#S3
N&T and $C* are two strategies that enable networks to access the $nternet through a single
connection. Baving a single access point for the network enables an organi5ation to have $nternet
access with a single $2 address.
NAT
The basic principle of N&T is that many computers can GhideG behind a single registered $2
address or a group of registered $2 addresses. 1sing N&T means that, in its most basic
implementation, only one registered $2 address is needed on the e!ternal interface of the system
that is acting as the gateway between an internal private network and an e!ternal public network
such as the $nternet.
& system performing the N&T service funnels the re(uests that are given to it to the e!ternal
network. 'or instance, a client re(uests a website, and the re(uest goes through the N&T server
to the $nternet. To the remote system, the re(uest looks like it is originating from a single
address, that of the N&T server, and not the individual client systems making the re(uest. The
system that is performing the N&T function keeps track of who asked for what and makes sure
that when the data is returned, it is directed to the correct system.
*ervers that provide N&T functionality do so in different ways. 'or e!ample, it is possible to
statically map a single internal $2 address to a single e!ternal one so that outgoing re(uests are
always tagged with the same $2 address. &lternatively, if you have a group of public $2
addresses, you can have the N&T system assign addresses to devices on a first)come, first)serve
basis. 0ither way, the basic function of N&T is the same.
I#S
&lthough $C* is discussed separately from N&T, it is nothing more than an implementation of
N&T on 3indows platforms since 3indows e. $C* makes it very simple to share an $nternet
connection with multiple systems on the network.
Because $C* was intended as a simple mechanism for a small office network or a home network
to share a single $nternet connection, configuration is simple. Bowever, simplicity is also the
potential downfall of $C*. $C* provides no security, and the system providing the shared
connection is not secure against outside attacks. 'or that reason, $C* should be used only when
no other facilities are available or in con/unction with a firewall application, which later versions
of icrosoft 3indows, such as E2, now include.
9indos Internet Name Service )9INS3
+n 3indows networks, a system called 3$N* enables Network Basic $nput8+utput *ystem
"NetB$+*# names to be resolved to $2 addresses. NetB$+* name resolution is necessary on
3indows networks so that systems can locate and access each other by using the NetB$+*
computer name rather than the $2 address. $t4s a lot easier for a person to remember a computer
called secretary than to remember its $2 address, 192.16.2.!4. The NetB$+* name needs to be
resolved to an $2 address and subse(uently to a &C address "by &?2#.
NetB$+* name resolution can be performed three ways on a network. The simplest way is to use
a 3$N* server on the network that will automatically perform the NetB$+* name resolution. $f a
3$N* server is not available, the NetB$+* name resolution can be performed statically using a
%B+*T* file. 1sing a %B+*T* file re(uires that you manually configure at least one te!t
file with the entries. &s you can imagine, this can be a time)consuming process, particularly if
the systems on the network change fre(uently. The third method, and the default, is that systems
will resolve NetB$+* names using broadcasts. There are two problems with this approach. 'irst,
the broadcasts create additional network traffic, and second, the broadcasts cannot traverse
routers unless the router is configured to forward them. This means that resolutions between
network segments are not possible.
Simple Netor! Mana$ement &rotocol
)SNM&3
*N2 is a management protocol that enables network devices to communicate information
about their state to a central system. $t also enables the central system to pass configuration
parameters to the devices.
$n an *N2 configuration, a system known as a manager acts as the central communication
point for all the *N2)enabled devices on the network. +n each device that is to be managed
and monitored via *N2, software called an *N2 agent is set up and configured with the $2
address of the manager. Depending on the configuration, the *N2 manager is then capable of
communicating with and retrieving information from the devices running the *N2 agent
software. $n addition, the agent is able to communicate the occurrence of certain events to the
*N2 manager as they happen. These messages are known as traps.
&n important part of *N2 is an *N2 management system, which is a computer running a
special piece of software called a Network anagement *ystem "N*#. These software
applications can be free, or they can cost thousands of dollars. The difference between the free
applications and those that cost a great deal of money normally boils down to functionality and
support. &ll N* systems, regardless of cost, offer the same basic functionality. Today, most
N* applications use graphical maps of the network to locate a device and then (uery it. The
(ueries are built in to the application and are triggered by a point and click. Kou can actually
issue *N2 re(uests from a command)line utility, but with so many tools available, it is simply
not necessary.
&n *N2 agent can be any device capable of running a small software component that
facilitates communication with an *N2 manager. *N2 agent functionality is supported by
almost any device designed to be connected to a network.
Netor! File S,stem )NFS3
The Network 'ile *ystem "N'*# is a protocol and network service that allows you to access file
systems on remote computers across the network. N'* is most commonly associated with 1N$E
and %inu! operating system platforms, but versions of N'* are available for a wide range of
server operating systems including icrosoft 3indows. 'rom a client perspective, 1N$E and
%inu! implementations use N'* as the default file system access mechanism. Bowever, versions
of N'* client software are also available for most commonly deployed workstation operating
systems.
Eero #onfi$uration )Eeroconf3
Qero Configurations "Qeroconf# provides a means of networking computer systems together
without re(uiring specific network configuration. This approach is becoming increasingly
necessary as we use a larger number and wider variety of computing devices in a networked
scenario.
There are three basic re(uirements for a system to support Qeroconf. 'irst, the system must be
capable of assigning itself an $2 address without the need for a DBC2 server. *econd, the system
must be capable of resolving the hostname of another system to an $2 address without the use of
a DN* server. 'inally, a system must be capable of locating or advertising services on the
network without a directory services system such as icrosoft4s &ctive Directory or Novell
Directory *ervices. Currently, Qero Configuration is supported, with additional software, by ac
and 3indows operating systems, as well as by %inu! and 1N$E.
Server Messa$e Bloc! )SMB3
*erver essage Block "*B# is an application and presentation layer protocol that provides a
mechanism to access shared network resources such as files or printers on network servers. *B
is the default file access method used on 3indows networks. Today, *B is more commonly
referred to as the Common $nternet 'ile *ystem "C$'*#, though the functionality remains the
same. +n a network that uses 3indows servers and clients, administrators access the
functionality of *B through 3indows 0!plorer and the command line N0T utility.
Apple File &rotocol )AF&3
The &pple 'ile 2rotocol "&'2#, more correctly called the &ppleTalk 'iling 2rotocol, is to &pple
systems what N'* is to %inu!81N$E systems, and *B or C$'* is to 3indows *ystems. $t is a
protocol through which the file system on remote computers can be accessed. &'2 is not widely
used outside of &pple networks, and unless you are working on networks that use &pple
acintosh systems, you are unlikely to encounter &'2.
2ine &rinter Daemon )2&D3
The %ine 2rinter Daemon "%2D# protocol provides print services on both client and server
systems. The most common use of %2D is as a print server and client on 1N$E and %inu!
systems. &s well as providing the basic print mechanisms, %2D supports a set of commands that
enable the print (ueue to be controlled. $t also provides commands for controlling print /obs once
they have been placed in the print (ueue.
T#&:I& Service Summar,
Table @ helps you (uickly identify the purpose and function of each of the TC28$2 services
covered in the previous sections.
Table @ *ummary of TC28$2 *ervices
Service &urpose:Function
DN* ?esolves hostnames to $2 addresses.
N&T Translates private network addresses into public network addresses.
Table @ *ummary of TC28$2 *ervices
Service &urpose:Function
$C* 0nables a single $nternet connection to be shared among multiple systems on the
network.
3$N* ?esolves NetB$+* names to $2 addresses.
*N2 2rovides network management facilities on TC28$2)based networks.
N'* *ervice that provides file sharing between server and client. Typically associated with
1N$E and %inu! operating systems, but versions are available for most commonly
deployed operating systems.
Qeroconf 2rovides a system by which devices can communicate with no network configuration
or setup.
*B &pplication and presentation layer protocol that provides access to file and print
services on server platforms that provide *B access.
&'2 2rovides remote file system access on &pple networks.
%2D 2rinting service that provides both server and client printing functions.
?2ANs, Antivirus, Fault Tolerance, and
Disaster Recover,
&s far as network administration goes, nothing is more important than fault tolerance and
disaster recovery. 'irst and foremost, it is the responsibility of the network administrator to
safeguard the data held on the servers and to ensure that when re(uested, this data is ready to go.
Because both fault tolerance and disaster recovery are such an important part of network
administration. $n that light, this tutorial is important both in terms of real)world application.
Before diving into the fault tolerant and disaster recovery ob/ectives, we will start this tutorial by
reviewing the function of virtual %&Ns ">%&N*#.
?irtual 2ANs
To understand >%&Ns, it is first necessary to have a basic understanding of how a traditional
%&N operates. & standard local area network "%&N# uses hardware such as hubs, bridges, and
switches in the same physical segment to provide a connection point for all end node devices. &ll
network nodes are capable of communicating with each other without the need for a router7
however, communications with devices on other %&N segments does re(uire the use of a router.
&s a network grows, routers are used to e!pand the network. The routers provide the capability
to connect separate %&Ns and to isolate users into broadcast and collision domains. 1sing
routers to route data around the network and between segments increases latency. %atency refers
to delays in transmission caused by the routing process.
>irtual %&Ns "!LANs# provide an alternate method to segment a network and in the process,
significantly increase the performance capability of the network, and remove potential
performance bottlenecks. & >%&N is a group of computers that are connected and act as if they
are on their own physical network segments, even though they might not be. 'or instance,
suppose that you work in a three)story building in which the advertising employees are spread
over all three floors. & >%&N can let all the advertising personnel use the network resources as
if they were connected on the same segment. This virtual segment can be isolated from other
network segments. $n effect, it would appear to the advertising group that they were on a network
by themselves.
>%&Ns offer some clear advantages. Being able to create logical segmentation of a network
gives administrators fle!ibility beyond the restrictions of the physical network design and cable
infrastructure. >%&Ns allow for easier administration because the network can be divided into
well)organi5ed sections. 'urther, you can increase security by isolating certain network segments
from others. 'or instance, you can segment the marketing personnel from finance or the
administrators from the students. >%&Ns can ease the burden on overworked routers and reduce
broadcast storms. Table , summari5es the benefits of >%&Ns.
Table , Benefits of >%&Ns
Advanta$es Description
$ncreased security By creating logical "virtual# boundaries, network segments can be isolated.
$ncreased
performance
By reducing broadcast traffic throughout the network, >%&Ns free up
bandwidth.
+rgani5ation Network users and resources that are linked and communicate fre(uently can
be grouped together in a >%&N.
*implified
administration
3ith a >%&N, the network administrator4s /ob is easier when moving users
between %&N segments, recabling, addressing new stations, and
reconfiguring hubs and routers.
?2AN Members*ip
Kou can use several methods to determine >%&N membership or how devices are assigned to a
specific >%&N. The following sections describe the common methods of determining how
>%&N membership is assigned.
&rotocol"based ?2ANs
3ith protocol)based >%&N membership, computers are assigned to >%&Ns by using the
protocol that is in use and the %ayer 9 address. 'or e!ample, this method enables an $nternetwork
2acket 0!change "$2E# network or a particular $nternet 2rotocol "$2# subnet to have its own
>%&N.
$t is important to note that although >%&N membership might be based on %ayer 9 information,
this has nothing to do with routing or routing functions. The $2 numbers are used only to
determine the membership in a particular >%&Nnot to determine routing.
&ort"based ?2ANs
2ort)based >%&Ns re(uire that specific ports on a network switch be assigned to a >%&N. 'or
e!ample, ports , through @ might be assigned to marketing, ports D through ,@ might be assigned
to sales, and so on. 1sing this method, a switch determines >%&N membership by taking note of
the port used by a particular packet. 'igure , shows an e!ample of a port)based >%&N.
Fi$ure % &ort"based ?2AN confi$uration(
MA# Address based ?2ANs
&s you might have guessed, the edia &ccess Control "&C# address type of >%&N assigns
membership according to the &C address of the workstation. To do this, the switch must keep
track of the &C addresses that belong to each >%&N. The advantage of this method is that a
workstation computer can be moved anywhere in an office without needing to be reconfigured7
because the &C address does not change, the workstation remains a member of a particular
>%&N. Table . provides e!amples of &C address based >%&Ns.
Table . &C &ddress based >%&Ns
MA# Address ?2AN Description
;;);<)<9)<;)--)-- , *ales
;;);<)<9)<;),9),. . arketing
;;);<)<9)<;)D9)-, 9 &dministration
;;);<)<9)<;)'<),C , *ales
&lthough the acceptance and implementation of >%&Ns has been slow, the ability to logically
segment a %&N provides a new level of administrative fle!ibility, organi5ation, and security.
?iruses, ?irus Solutions, and Malicious
Softare
>iruses, spyware, worms, and other malicious code are an unfortunate part of modern
computing. $n today4s world, an unprotected computer is at high risk of having some form of
malicious software installed on the system: & protected system is still at risk7 the risk is /ust
lower.
By definition, a virus is a program that is self)replicating and operates on a computer system
without the user4s knowledge. These viruses will either attach to or replace system files, system
e!ecutables, and data files. +nce in, the virus can perform many different functions. $t might
completely consume system resources making the system basically too slow to use, it might
completely corrupt and down a computer, or it might compromise data integrity and availability.
$n order to be considered a virus, the malicious code must meet two criteria: $t must be self)
replicating, and it must be capable of e!ecuting itself. Three common virus types are listed
below:
Boot sector virus Boot sector viruses target the boot record of hard disks or floppy disks.
$n order to boot, floppy disks or hard drives contain an initial set of instructions that start
the boot process. Boot sector viruses infect this program and activate when the system
boots. This enables the virus to stay hidden in memory and operate in the background.
'ile viruses >ery common are the file viruses. 'ile viruses attack applications and
program files. This type of virus often targets the .e!e, .com, and .bat by either destroying
them, preventing applications to run, or by modifying them and using them to propagate
the virus.
acro viruses the actual data such as documents, spreadsheets, and so on represents the
most important and irreplaceable elements on a computer system. acro viruses are
designed to attack documents and files and therefore are particularly nasty.
TroDans, 9orms, Sp,are, and Hoaxes
There are other forms of malicious programs, which by definition are not a virus but still
threaten our computer systems.
Tro/an horse is a program that appears harmless or even helpful, but after being e!ecuted
performs an undesirable and malicious action. 'or instance, a Tro/an horse can be a
program advertised to be a patch, harmless application such as a calculator or a product
upgrade or enhancement. The trick is to fool the user to download and install the
program. +nce e!ecuted, the Tro/an horse can perform the function it was actually
designed to do. This might include crashing a system, stealing data, and corrupting data.
3orms are similar to viruses in that they replicate, but they do not re(uire a host file to
spread from system to system. The difference between viruses and worms is that a worm
does not attach itself to an e!ecutable program as do viruses: & worm is self)contained
and does not need to be part of another program to propagate itself. This makes a worm
capable of replicating at incredible speeds. This can cause significant network slowdowns
as the worm spreads.
& worm can do any number of malicious actions, including deleting files and sending
documents via email without the user knowing. & worm can also carry another program
designed to open a backdoor in the system used by spam senders to send /unk mail and
notices to a computer. +nce this backdoor access is open to the computer, your system, it
is vulnerable and open to data theft, modification, or worse.
*pyware is a new threat that can be very hidden and easy to get. *pyware is designed to
monitor activity on a computer, such as 3eb surfing activity, and send that information
to a remote source. $t is commonly installed along with a free program that might have
been downloaded.
*pyware detection software is becoming increasingly popular and given the information
that can be stolen, should be considered an important part of a secure system.
+ne final consideration is that of virus hoa!es. The threat of virus activity is very real,
and, as such, we are alerted to it. *ome take advantage of this to create elaborate virus
hoa!es. Boa!es will often pop up on the computer screen or arrive in the email warning
of a virus or claiming that your system has contracted a virus. These are more annoying
than dangerous but serve to confuse and complicate the virus issue.
&rotectin$ #omputers from ?iruses
The threat from malicious code is a very real concern. 3e need to take the steps to protect our
systems, and although it might not be possible to eliminate the threat, it is possible to
significantly reduce the threat.
+ne of the primary tools used in the fight against malicious software is antivirus software.
&ntivirus software is available from a number of companies, and each offers similar features and
capabilities. The following is a list of the common features and characteristics of antivirus
software.
?eal)time protection &n installed antivirus program should continuously monitor the
system looking for viruses. $f a program is downloaded, an application opened, or a
suspicious email received, the real)time virus monitor will detect and remove the threat.
The virus application will sit in the background and will be largely unnoticed by the user.
>irus scanning &n antivirus program must be capable of scanning selected drives and
disk either locally or remotely. *cans can either be run manually, or they can be
scheduled to run at a particular time.
*cheduling $t is a best practice to schedule virus scanning to occur automatically at a
predetermined time. $n a network environment, this would typically occur off hours when
the overhead of the scanning process won4t impact users.
%ive updates New viruses and malicious software are released with alarming fre(uency.
$t is recommended that the antivirus software be configured to receive virus updates
regularly.
0mail vetting 0mails represent one of the primary sources for virus delivery. $t is
essential to use antivirus software that provides email scanning for both inbound and
outbound email.
Centrali5ed management $f used in a network environment, it is a good idea to use
software that supports centrali5ed management of the virus program from the server.
>irus updates and configurations only need to be made on the server and not on each
individual client station.
*oftware is only part of the solution in a proactive virus solution. & complete virus protection
strategy re(uires many aspects to help limit the risk of viruses and includes the following:
Develop in)house policies and rules $n a corporate environment or even a small office, it
is important to establish what information can be placed onto a system. 'or e!ample,
should users be able to download programs from the $nternetH Can users bring in their
own floppy disks or other storage mediaH
onitoring virus threats 3ith new viruses coming out all the time, it is important to
check to see if new viruses have been released and what they are designed to do.
0ducate users +ne of the keys to a complete antivirus solution is to train users in virus
prevention and recognition techni(ues. $f users know what they are looking for, it can
prevent a virus from entering the system or the network.
Back up copies of important documents $t should be mentioned that no solution is
absolute and care should be taken to ensure that the data is backed up. $n the event of a
malicious attack, redundant information is available in a secure location.
&utomate virus scanning and updates Today4s antivirus software can be configured to
scan and update itself automatically. Because such tasks can be forgotten and overlooked,
it is recommended to have these processes scheduled to run at predetermined times.
0mail vetting 0mail is one of the commonly used virus delivery mechanisms. &ntivirus
software can be used to check inbound and outbound emails for virus activity.
Fault Tolerance
&s far as computers are concerned, fault tolerance refers to the capability of the computer
system or network to provide continued data availability in the event of hardware failure.
0very component within a server, from C21 fan to power supply, has a chance of failure.
*ome components such as processors rarely fail, whereas hard disk failures are well
documented.
&lmost every component has fault)tolerant measures. These measures typically re(uire
redundant hardware components that can easily or automatically take over when there is
a hardware failure.
+f all the components inside computer systems, the one that re(uires the most
redundancy are the hard disks. Not only are hard disk failures more common than any
other component but they also maintain the data, without which there would be little need
for a network.
Hard Dis!s Are Half t*e &roblem
In fact# according to recent research# hard disks are responsi'le for one of every two
server hardware failures. his is an interesting statistic to think a'out.
Dis!"level Fault Tolerance
Making the decision to have hard disk fault tolerance on the server is the first step+
the second is deciding which fault$tolerant strategy to use. 6ard disk fault tolerance
is implemented according to different RAID (redundant array of ine%pensive disks*
levels. 0ach 5AI1 level offers differing amounts of data protection and performance.
he 5AI1 level appropriate for a given situation depends on the importance placed
on the data# the difficulty of replacing that data# and the associated costs of a
respective 5AI1 implementation. ?ftentimes# the cost of data loss and replacement
outweigh the costs associated with implementing a strong 5AI1 fault$tolerant
solution.
RAID 0F Stripe Set it*out &arit,
&lthough it4s given ?&$D status, ?&$D - does not actually provide any fault tolerance7 in fact,
using ?&$D - might even be less fault tolerant than storing all of your data on a single hard disk.
?&$D - combines unused disk space on two or more hard drives into a single logical volume
with data being written to e(ually si5ed stripes across all the disks. By using multiple disks, reads
and writes are performed simultaneously across all drives. This means that disk access is faster,
making the performance of ?&$D - better than other ?&$D solutions and significantly better
than a single hard disk. The downside of ?&$D - is that if any disk in the array fails, the data is
lost and must be restored from backup.
Because of its lack of fault tolerance, ?&$D - is rarely implemented. 'igure . shows an e!ample
of ?&$D - striping across three hard disks.
Fi$ure / RAID 0 stripin$ it*out parit,(
RAID %
+ne of the more common ?&$D implementations is ?&$D ,. ?&$D , re(uires two hard disks
and uses disk mirroring to provide fault tolerance. 3hen information is written to the hard disk,
it is automatically and simultaneously written to the second hard disk. Both of the hard disks in
the mirrored configuration use the same hard disk controller7 the partitions used on the hard disk
need to be appro!imately the same si5e to establish the mirror. $n the mirrored configuration, if
the primary disk were to fail, the second mirrored disk would contain all the re(uired information
and there would be little disruption to data availability. ?&$D , ensures that the server will
continue operating in the case of the primary disk failure.
There are some key advantages to a ?&$D , solution. 'irst, it is cheap, as only two hard disks are
re(uired to provide fault tolerance. *econd, no additional software is re(uired for establishing
?&$D ,, as modern network operating systems have built)in support for it. ?&$D levels using
striping are often incapable of including a boot or system partition in fault)tolerant solutions.
'inally, ?&$D , offers load balancing over multiple disks, which increases read performance
over that of a single disk. 3rite performance however is not improved.
Because of its advantages, ?&$D , is well suited as an entry)level ?&$D solution, but it has a
few significant shortcomings that e!clude its use in many environments. $t has limited storage
capacity two ,--6B hard drives only provide ,--6B of storage space. +rgani5ations with large
data storage needs can e!ceed a mirrored solutions capacity in very short order. ?&$D , also has
a single point of failure, the hard disk controller. $f it were to fail, the data would be inaccessible
on either drive. 'igure 9 shows an e!ample of ?&$D , disk mirroring.
Fi$ure 4 RAID % dis! mirrorin$(
&n e!tension of ?&$D , is disk duple!ing. Disk duple!ing is the same as mirroring with the
e!ception of one key detail: $t places the hard disks on separate hard disk controllers, eliminating
the single point of failure.
RAID 1
?&$D <, also known as "isk striping with parity, uses distributed parity to write information
across all disks in the array. 1nlike the striping used in ?&$D -, ?&$D < includes parity
information in the striping, which provides fault tolerance. This parity information is used to re)
create the data in the event of a failure. ?&$D < re(uires a minimum of three disks with the
e(uivalent of a single disk being used for the parity information. This means that if you have
three ;-6B hard disks, you have @-6B of storage space with the other ;-6B used for parity. To
increase storage space in a ?&$D < array, you need only add another disk to the array.
Depending on the sophistication of the ?&$D setup you are using, the ?&$D controller will be
able to incorporate the new drive into the array automatically, or you will need to rebuild the
array and restore the data from backup.
any factors have made ?&$D < a very popular fault)tolerant design. ?&$D < can continue to
function in the event of a single drive failure. $f a hard disk were to fail in the array, the parity
would re)create the missing data and continue to function with the remaining drives. The read
performance of ?&$D < is improved over a single disk.
There are only a few drawbacks for the ?&$D < solution. These are as follows:
The costs of implementing ?&$D < are initially higher than other fault)tolerant measures
re(uiring a minimum of three hard disks. 6iven the costs of hard disks today, this is a
minor concern.
?&$D < suffers from poor write performance because the parity has to be calculated and
then written across several disks. The performance lag is minimal and won4t have a
noticeable difference on the network.
3hen a new disk is placed in a failed ?&$D < array, there is a regeneration time when the
data is being rebuilt on the new drive. This process re(uires e!tensive resources from the
server.
'igure ; shows an e!ample of ?&$D < striping with parity.
Fi$ure -(5( RAID 1 stripin$ it* parit,(
RAID %0
*ometimes ?&$D levels are combined to take advantage of the best of each. +ne such strategy is
?&$D ,-, which combines ?&$D levels , and -. $n this configuration, four disks are re(uired. &s
you might e!pect, the configuration consists of a mirrored stripe set. To some e!tent, ?&$D ,-
takes advantage of the performance capability of a stripe set while offering the fault tolerance of
a mirrored solution. &s well as having the benefits of each though, ?&$D ,- also inherits the
shortcomings of each strategy. $n this case, the high overhead and the decreased write
performance are the disadvantages. 'igure < shows an e!ample of a ?&$D ,- configuration.
Table 9 provides a summary of the various ?&$D levels.
Fi$ure 1 Dis!s in a RAID %0 confi$urations(
Table 9 *ummary of ?&$D %evels
RAID
2evel Description Advanta$es Disadvanta$es
Re<uired
Dis!s
?&$D
-
Disk striping $ncreased read and write
performance. ?&$D - can be
implemented with only two
disks.
Does not offer any fault
tolerance.
Two or
more
?&$D
,
Disk mirroring 2rovides fault tolerance. Can
also be used with separate disk
controllers, reducing the single
point of failure "called disk
duple!ing#.
?&$D , has a <-L
overhead and suffers
from poor write
performance.
Two
?&$D
<
Disk striping
with distributed
parity
Can recover from a single disk
failure7 increased read
performance over a poor write
single disk. Disks can be added
to the array to increase storage
capacity.
ay slow down
network during
regeneration time, and
may suffer from
performance
inimum
of three
?&$D *triping with $ncreased perfor mance with Bigh overhead as with 'our
Table 9 *ummary of ?&$D %evels
RAID
2evel Description Advanta$es Disadvanta$es
Re<uired
Dis!s
,- mirrored
volumes
striping7
striping7 offers mirrored fault
tolerance.
mirroring.
Server and Services Fault Tolerance
In addition to providing fault tolerance for individual hardware components# some
organiBations go the e%tra mile to include the entire server in the fault$tolerant
design. 4uch a design keeps servers and the services they provide up and running.
!hen it comes to server fault tolerance# two key strategies are commonly
employed" stand$'y servers and server clustering.
Stand"b, Servers
*tand)by servers are a fault)tolerant measure in which a second server is configured identically
to the first one. The second server can be stored remotely or locally and set up in a failover
configuration. $n a failover configuration, the secondary server is connected to the primary and
ready to take over the server functions at a heartbeat4s notice. $f the secondary server detects that
the primary has failed, it will automatically cut in. Network users will not notice the transition, as
there will be little or no disruption in data availability.
The primary server communicates with the secondary server by issuing special notification
notices referred to as heartbeats. $f the secondary server stops receiving the heartbeat messages,
it assumes that the primary has died and so assumes the primary server configuration.
Server #lusterin$
Those companies wanting ma!imum data availability that have the funds to pay for it can choose
to use server clustering. &s the name suggests, server clustering involves grouping servers
together for the purposes of fault tolerance and load balancing. $n this configuration, other
servers in the cluster can compensate for the failure of a single server. The failed server will have
no impact on the network, and the end users will have no idea that a server has failed.
The clear advantage of server clusters is that they offer the highest level of fault tolerance and
data availability. The disadvantages are e(ually clear cost. The cost of buying a single server can
be a huge investment for many organi5ations7 having to buy duplicate servers is far too costly.
2in! Redundanc,
&lthough a failed network card might not actually stop the server or a system, it might as well. &
network server that cannot be used on the network makes for server downtime. &lthough the
chances of a failed network card are relatively low, our attempts to reduce the occurrence of
downtime have led to the development of a strategy that provides fault tolerance for network
connections.
Through a process called adapter teaming, groups of network cards are configured to act as a
single unit. The teaming capability is achieved through software, either as a function of the
network card driver or through specific application software. The process of adapter teaming is
not widely implemented7 though the benefits it offers are many, so it4s likely to become a more
common sight. The result of adapter teaming is increased bandwidth, fault tolerance, and the
ability to manage network traffic more effectively. These features are broken down into three
sections:
&dapter fault tolerance the basic configuration enables one network card to be configured
as the primary device and others as secondary. $f the primary adapter fails, one of the
other cards can take its place without the need for intervention. 3hen the original card is
replaced, it resumes the role of primary controller.
&dapter load balancing because software controls the network adapters, workloads can be
distributed evenly among the cards so that each link is used to a similar degree. This
distribution allows for a more responsive server because one card is not overworked
while another is under worked.
%ink aggregation, this provides vastly improved performance by allowing more than one
network card4s bandwidth to be aggregated combined into a single connection. 'or
e!ample, through link aggregation, four ,--Bps network cards can provide a total of
;--Bps bandwidth. %ink aggregation re(uires that both the network adapters and the
switch being used support it. $n ,DDD, the $000 ratified the @-..9ad standard for link
aggregation, allowing compatible products to be produced.
2in! Redundanc,
&lthough a failed network card might not actually stop the server or a system, it might as well. &
network server that cannot be used on the network makes for server downtime. &lthough the
chances of a failed network card are relatively low, our attempts to reduce the occurrence of
downtime have led to the development of a strategy that provides fault tolerance for network
connections.
Through a process called adapter teaming, groups of network cards are configured to act as a
single unit. The teaming capability is achieved through software, either as a function of the
network card driver or through specific application software. The process of adapter teaming is
not widely implemented7 though the benefits it offers are many, so it4s likely to become a more
common sight. The result of adapter teaming is increased bandwidth, fault tolerance, and the
ability to manage network traffic more effectively. These features are broken down into three
sections:
&dapter fault tolerance The basic configuration enables one network card to be
configured as the primary device and others as secondary. $f the primary adapter fails,
one of the other cards can take its place without the need for intervention. 3hen the
original card is replaced, it resumes the role of primary controller.
&dapter load balancing Because software controls the network adapters, workloads can
be distributed evenly among the cards so that each link is used to a similar degree. This
distribution allows for a more responsive server because one card is not overworked
while another is under worked.
%ink aggregation This provides vastly improved performance by allowing more than one
network card4s bandwidth to be aggregated combined into a single connection. 'or
e!ample, through link aggregation, four ,--Bps network cards can provide a total of
;--Bps bandwidth. %ink aggregation re(uires that both the network adapters and the
switch being used support it. $n ,DDD, the $000 ratified the @-..9ad standard for link
aggregation, allowing compatible products to be produced.
'sin$ 'ninterruptible &oer Supplies
No discussion of fault tolerance can be complete without a look at power)related issues
and the mechanisms used to combat them. 3hen you4re designing a fault)tolerant system,
your planning should definitely include 12*s "1ninterruptible 2ower *upplies#. & 12*
serves many functions and is a ma/or part of server consideration and implementation.
+n a basic level, a 12* is a bo! that holds a battery and a built)in charging circuit.
During times of good power, the battery is recharged7 when the 12* is needed, it4s ready
to provide power to the server. ost often, the 12* is re(uired to provide enough power
to give the administrator time to shut down the server in an orderly fashion, preventing
any potential data loss from a dirty shutdown.
9*, 'se a '&SA
+rgani5ations of all shapes and si5es need 12*s as part of their fault)tolerance strategies. & 12*
is as important as any other fault)tolerance measure. Three key reasons make a 12* necessary:
Data availability The goal of any fault)tolerance measure is data availability. & 12*
ensures access to the server in the event of a power failure or at least as long as it takes to
save a file.
2rotection from data loss 'luctuations in power or a sudden power down can damage the
data on the server system. $n addition, many servers take full advantage of caching, and a
sudden loss of power could cause the loss of all information held in cache.
2rotection from hardware damage Constant power fluctuations or sudden power downs
can damage hardware components within a computer. Damaged hardware can lead to
reduced data availability while the hardware is being repaired.

&oer T*reats
$n addition to keeping a server functioning long enough to safely shut it down, a 12* also
safeguards a server from inconsistent power. This inconsistent power can take many forms. &
12* protects a system from the following power)related threats:
Blackout & total failure of the power supplied to the server.
*pike & spike is a very short "usually less than a second# but very intense increase in
voltage. *pikes can do irreparable damage to any kind of e(uipment, especially
computers.
*urge Compared to a spike, a surge is a considerably longer "sometimes many seconds#
but usually less intense increase in power. *urges can also damage your computer
e(uipment.
*ag & sag is a short)term voltage drop "the opposite of a spike#. This type of voltage drop
can cause a server to reboot.
Brownout & brownout is a drop in voltage that usually lasts more than a few minutes.
any of these power)related threats can occur without your knowledge7 if you don4t have a 12*,
you cannot prepare for them. 'or the cost, it is worth buying a 12*, if for no other reason than to
sleep better at night.
Disaster Recover,
0ven the most fault)tolerant networks will fail, which is an unfortunate fact. 3hen those costly
and carefully implemented fault)tolerant strategies do fail, you are left with disaster recovery.
Disaster recovery can take on many forms. $n addition to real disaster, fire, flood, theft, and the
like, many other potential business disruptions can fall under the banner of disaster recovery. 'or
e!ample, the failure of the electrical supply to your city block might interrupt the business
function. *uch an event, although not a disaster per se, might invoke the disaster recovery
methods.
The cornerstone of every disaster recovery strategy is the preservation and recoverability of data.
3hen talking about preservation and recoverability, we are talking about backups. 3hen we are
talking about backups, we are likely talking about tape backups. $mplementing a regular backup
schedule can save you a lot of grief when fault tolerance fails or when you need to recover a file
that has been accidentally deleted. 3hen it comes time to design a backup schedule, there are
three key types of backups that are used full, differential, and incremental.
Full Bac!up
The preferred method of backup is the full backup method, which copies all files and directories
from the hard disk to the backup media. There are a few reasons why doing a full backup is not
always possible. 'irst among them is likely the time involved in performing a full backup.
Depending on the amount of data to be backed up, full backups can take an e!tremely long time
and can use e!tensive system resources. Depending on the configuration of the backup hardware,
this can slow down the network considerably. $n addition, some environments have more data
than can fit on a single tape. This makes taking a full backup awkward, as someone may need to
be there to manually change the tapes.
The main advantage of full backups is that a single tape or tape set holds all the data you need
backed up. $n the event of a failure, a single tape might be all that is needed to get all data and
system information back. The upshot of all this is that any disruption to the network is greatly
reduced.
1nfortunately, its strength can also be its weakness. & single tape holding an organi5ation4s data
can be a security risk. $f the tape were to fall into the wrong hands, all the data can be restored on
another computer. 1sing passwords on tape backups and using a secure offsite and onsite
location can minimi5e the security risk.
Differential Bac!up
'or those companies that /ust don4t (uite have enough time to complete a full backup daily, there
is the differential backup. Differential backups are faster than a full backup, as they back up only
the data that has changed since the last full backup. This means that if you do a full backup on a
*aturday and a differential backup on the following 3ednesday, only the data that has changed
since *aturday is backed up. ?estoring the differential backup will re(uire the last full backup
and the latest differential backup.
Differential backups know what files have changed since the last full backup by using a setting
known as the archive bit. The archive bit flags files that have changed or been created and
identifies them as ones that need to be backed up. 'ull backups do not concern themselves with
the archive bit, as all files are backed up regardless of date. & full backup, however, will clear
the archive bit after data has been backed up to avoid future confusion. Differential backups take
notice of the archive bit and use it to determine which files have changed. The differential
backup does not reset the archive bit information.
Incremental Bac!up
*ome companies have a very finite amount of time they can allocate to backup procedures. *uch
organi5ations are likely to use incremental backups in their backup strategy. $ncremental backups
save only the files that have changed since the last full or incremental backup. %ike differential
backups, incremental backups use the archive bit to determine the files that have changed since
the last full or incremental backup. 1nlike differentials, however, incremental backups clear the
archive bit, so files that have not changed are not backed up.
The faster backup times of incremental backups comes at a price the amount of time re(uired to
restore. ?ecovering from a failure with incremental backups re(uires numerous tapesall the
incremental tapes and the most recent full backup. 'or e!ample, if you had a full backup from
*unday and an incremental for onday, Tuesday, and 3ednesday, you would need four tapes to
restore the data. Feep in mind: 0ach tape in the rotation is an additional step in the restore
process and an additional failure point. +ne damaged incremental tape and you will be unable to
restore the data. Table ; summari5es the various backup strategies.
Table ; Backup *trategies
Bac!up
T,pe
Advanta$es Disadvanta$es Data Bac!ed 'p Arc*ive Bit
'ull Backs up all data on
a single tape or tape
set ?estoring data.
re(uires the least
amount of tapes.
Depending on the
amount of data, full
backups can take a
long time.
&ll files and
directories are
backed up.
Does not use the
archive bit, but
resets it after data
has been backed
up.
Differential 'aster backups than
a full.
1ses more tapes than
a full backup. ?estore
process takes longer
than a full backup.
&ll files and
directories that
have changed
since the last full
or differential
backup.
1ses the archive
bit to determine
the files that have
changed, but does
not reset the
archive bit.
$ncremental 'aster backup
times.
?e(uires multiple
disks7 restoring data
takes more time than
the other backup
methods.
The files and
directories that
have changed
since the last full
or incremental
backup.
1ses the archive
bit to determine
the files that have
changed, and
resets the archive
bit.
Tape Rotations
&fter you have decided on the backup type you will use, you are ready to choose a backup
rotation. *everal backup rotation strategies are in use some good, some bad, and some really bad.
The most common, and perhaps the best, rotation strategy is the 6randfather, 'ather, *on
rotation "6'*#.
The 6'* backup rotation is the most widely used and for good reason. &n e!ample 6'* rotation
may re(uire ,. tapes: four tapes for daily backups "son#, five tapes for weekly backups "father#,
and three tapes for monthly backups "grandfather#.
1sing this rotation schedule, it is possible to recover data from days, weeks, or months previous.
*ome network administrators choose to add tapes to the monthly rotation to be able to retrieve
data even further back, sometimes up to a year. $n most organi5ations, however, data that is a
week old is out of date, let alone si! months or a year.
Bac!up Best &ractices
any details go into making a backup strategy a success. The following list contains issues to
consider as part of your backup plan.
+ffsite storage Consider having backup tapes stored offsite so that in the event of a disaster
in a building, a current set of tapes is still available offsite. The offsite tapes should be as
current as any onsite and should be secure.
%abel tapes The goal is to restore the data as (uickly as possible, and trying to find the tape
you need can be difficult if not marked. 'urther, it can prevent you from recording over a
tape you need.
New tapes like old cassette tapes, the tape cartridges used for the backups wear out over time.
+ne strategy used to prevent this from becoming a problem is to introduce new tapes
periodically into the rotation schedule.
>erify backups never assume that the backup was successful. *easoned administrators know
that checking backup logs and performing periodic test restores are parts of the backup
process.
Cleaning 'rom time to time, it is necessary to clean the tape drive. $f the inside gets dirty,
backups can fail.
Hot and #old Spares
The impact that a failed component has on a system or network depends largely on the pre)
disaster preparation and on the recovery strategies used. Bot and cold spares represent a
strategy for recovering from failed components.
Hot Spare and Hot Sappin$
Bot spares gives system administrators the ability to (uickly recover from component failure
another mechanism to deal with component failure. $n a common use, a hot spare enables a
?&$D system to automatically failover to a spare hard drive should one of the other drives in
the ?&$D array fail. & hot spare does not re(uire any manual intervention rather, a redundant
drive resides in the system at all times, /ust waiting to take over if another drive fails. The hot
spare drive will take over automatically, leaving the failed drive to be removed at a later
time. 0ven though hot)spare technology adds an e!tra level of protection to your system,
after a drive has failed and the hot spare has been used, the situation should be remedied as
soon as possible.
Bot swapping is the ability to replace a failed component while the system is running.
2erhaps the most commonly identified hot)swap component is the hard drive. $n certain
?&$D configurations, when a hard drive crashes, hot swapping allows you simply to take the
failed drive out of the server and install a new one.
The benefits of hot swapping are very clear in that it allows a failed component to be
recogni5ed and replaced without compromising system availability. Depending on the
system4s configuration, the new hardware will normally be recogni5ed automatically by both
the current hardware and the operating system. Nowadays, most internal and e!ternal ?&$D
subsystems support the hot)swapping feature. *ome hot)swappable components include
power supplies and hard disks.
#old Spare and #old Sappin$
The term col" spare refers to a component, such as a hard disk, that resides within a
computer system but re(uires manual intervention in case of component failure. & hot spare
will engage automatically, but a cold spare might re(uire configuration settings or some other
action to engage it. & cold spare configuration will typically re(uire a reboot of the system.
The term cold spare has also been used to refer to a redundant component that is stored
outside the actual system but is kept in case of component failure. To replace the failed
component with a cold spare, the system would need to be powered down.
Cold swapping refers to replacing components only after the system is completely powered
off. This strategy is by far the least attractive for servers because the services provided by the
server will be unavailable for the duration of the cold)swap procedure. odern systems have
come a long way to ensure that cold swapping is a rare occurrence. 'or some situations and
for some components, however, cold swapping is the only method to replace a failed
component. The only real defense against having to shut down the server is to have
redundant components residing in the system.
Hot, 9arm, and #old Sites
& disaster recovery plan might include the provision for a recovery site that can be brought
(uickly into play. These sites fall into three categories: hot, warm, and cold. The need for
each of these types of sites depends largely on the business you are in and the funds
available. Disaster recovery sites represent the ultimate in precautions for organi5ations that
really need it. &s a result, they don4t come cheap.
The basic concept of a disaster recovery site is that it can provide a base from which the
company can be operated during a disaster. The disaster recovery site is not normally
intended to provide a desk for every employee, but is intended more as a means to allow key
personnel to continue the core business function.
$n general, a cold recovery site is a site that can be up and operational in a relatively short
time span, such as a day or two. 2rovision of services, such as telephone lines and power, is
taken care of, and the basic office furniture might be in place, but there is unlikely to be any
computer e(uipment, even though the building might well have a network infrastructure and
a room ready to act as a server room. $n most cases, cold sites provide the physical location
and basic services.
Cold sites are useful if there is some forewarning of a potential problem. 6enerally speaking,
cold sites are used by organi5ations that can weather the storm for a day or two before they
get back up and running. $f you are the regional office of a ma/or company, it might be
possible to have one of the other divisions take care of business until you are ready to go7 but
if you are the one and only office in the company, you might need something a little hotter.
'or organi5ations with the dollars and the desire, hot recovery sites represent the ultimate in
fault)tolerance strategies. %ike cold recovery sites, hot sites are designed to provide only
enough facilities to continue the core business function, but hot recovery sites are set up to be
ready to go at a moment4s notice.
& hot recovery site will include phone systems with the phone lines already connected. Data
networks will also be in place, with any necessary routers and switches plugged in and turned
on. Desks will have desktop 2Cs installed and waiting, and server areas will be replete with
the necessary hardware to support business)critical functions. $n other words, within a few
hours, the hot site can become a fully functioning element of an organi5ation.
The issue that confronts potential hot)recovery site users is simply that of cost. +ffice space
is e!pensive at the best of times, but having space sitting idle DD.D percent of the time can
seem like a tremendously poor use of money. & very popular strategy to get around this
problem is to use space provided in a disaster recovery facility, which is basically a building,
maintained by a third)party company, in which various businesses rent space. *pace is
apportioned, usually, on how much each company pays.
*itting in between the hot and cold recovery sites is the warm site. & warm site will typically
have computers but not configured ready to go. This means that data might need to be
upgraded or other manual interventions might need to be performed before the network is
again operational. The time it takes to get a warm site operational lands right in the middle of
the other two options, as does the cost.
Netor!in$ " Troubles*ootin$ #onnectivit,
Troubles*ootin$ #onnectivit,
'or anyone working with TC28$2 networks, troubleshooting connectivity is something that is
simply going to have to be done. This tutorial identifies the tools that are used in the
troubleshooting process and identifies scenarios in which these tools can be used.
Troubles*ootin$ it* Dia$nostic 'tilities
any utilities can be used when troubleshooting TC28$2. &lthough the actual utilities
available vary from platform to platform, the functionality between platforms is (uite similar.
Table , lists the TC28$2 troubleshooting tools along with their purpose.
Table , Common TC28$2 Troubleshooting Tools and Their 2urpose
Tool &urpose
tracert8traceroute 1sed to track the path a packet takes as it travels across a network. tracert is
used on 3indows systems, traceroute is used on 1N$E, %inu!, and acintosh
systems.
ping 1sed to test connectivity between two devices on a network.
arp 1sed to view and work with the $2 address to &C address resolution cache.
Table , Common TC28$2 Troubleshooting Tools and Their 2urpose
Tool &urpose
netstat 1sed to view the current TC28$2 connections on a system.
nbtstat 1sed to view statistics related to NetB$+* name resolutions, and to see
information about current NetB$+* over TC28$2 connections.
ipconfig 1sed to view and renew TC28$2 configuration on a 3indows system.
ifconfig 1sed to view TC28$2 configuration on a 1N$E, %inu! or acintosh system.
winipcfg 6raphical tool used to view TC28$2 configuration on 3indows D<, D@, and
e.
nslookup8dig 1sed to perform manual DN* lookups. nslookup can be used on 3indows,
1N$E, acintosh, and %inu! systems. dig can only be used on 1N$E, %inu!,
and acintosh systems.
The following sections look in more detail at these utilities and the output they produce.
T*e Trace Route 'tilit, )tracert:traceroute3
The trace route utility does e!actly what its name implies it traces the route between two
hosts. $t does this by using $nternet Control essage 2rotocol "$C2# echo packets to report
information back at every step in the /ourney. 0ach of the common network operating
systems provides a trace route utility, but the name of the command and the output vary
slightly on each. Table . shows the trace route command synta! used in various operating
systems
Table . Trace ?oute 1tility Commands
=peratin$ S,stem Trace Route #ommand S,ntax
3indows *erver .---8.--9 tracert O$2 addressP
Novell Net3are iptrace
%inu!81N$E traceroute O$2 addressP
acintosh traceroute O$2 addressP
Trace route provides a lot of useful information, including the $2 address of every router
connection it passes through and, in many cases, the name of the router "although this
depends on the router4s configuration#. Trace route also reports the length, in milliseconds, of
the round)trip the packet made from the source location to the router and back. This
information can help identify where network bottlenecks or breakdowns might be. The
following is an e!ample of a successful t(ace(t command on a 3indows .--- system:
C#)*t(ace(t 24.$.$0.!$
,(ac%n& (o-te to c1-p4.sttlwa1.ho.e.net /24.$.$0.!$0 o1e( a .a2%.-. o3 !0
hops#
1 !0 .s 20 .s 20 .s 24.6$.14.1
2 20 .s 20 .s !0 .s (d1ht-&e!-0.o4.shawca5le.net /24.6$.224.$0
! 50 .s !0 .s !0 .s (c1wh-at.0-2-1.1c.shawca5le.net
/204.209.214.19!0
4 50 .s !0 .s !0 .s (c2wh-pos15-0.1c.shawca5le.net
/204.209.214.900
5 !0 .s 40 .s !0 .s (c2wt-pos2-0.wa.shawca5le.net /66.16!.$6.!$0
6 !0 .s 40 .s !0 .s c1-pos6-!.sttlwa1.ho.e.net /24.$.$0.!$0
,(ace co.plete.
*imilar to the other common operating systems, the t(ace(t display on a 3indows)based
system includes several columns of information. The first column represents the hop number.
Kou may recall that 4hop4 is the term used to describe a step in the path a packet takes as it
crosses the network. The ne!t three columns indicate the round)trip time, in milliseconds,
that a packet takes in its attempts to reach the destination. The last column is the hostname
and the $2 address of the responding device.
+f course, not all trace route attempts are successful. The following is the output from a
t(ace(t command on a 3indows *erver .--9 system that doesn4t manage to get to the
remote host:
C#)*t(ace(t co.pt%a.o(&
,(ac%n& (o-te to co.pt%a.o(& /216.119.10!.$20

o1e( a .a2%.-. o3 !0 hops#
1 2$ .s 2 .s 14 .s 24.6$.1$9.1
2 55 .s 1! .s 14 .s (d1ht-&e!-0.o4.shawca5le.net /24.6$.224.$0
! 2$ .s 2$ .s 2 .s (c1wh-at.0-2-1.shawca5le.net
/204.209.214.190
4 2 .s 41 .s 2$ .s (c1wt-pos2-0.wa.shawca5le.net
/66.16!.$6.650
5 2 .s 41 .s 2$ .s (c2wt-pos1-0.wa.shawca5le.net /66.16!.6.20
6 41 .s 55 .s 41 .s c1-pos6-!.sttlwa1.ho.e.net /24.$.$0.!$0
$ 54 .s 42 .s 2$ .s ho.e-&w.st6wa.%p.att.net /192.205.!2.2490
6 6 6 7e8-est t%.ed o-t.
9 6 6 6 7e8-est t%.ed o-t.
10 6 6 6 7e8-est t%.ed o-t.
11 6 6 6 7e8-est t%.ed o-t.
12 6 6 6 7e8-est t%.ed o-t.
1! 6 6 6 7e8-est t%.ed o-t.
14 6 6 6 7e8-est t%.ed o-t.
15 6 6 6 7e8-est t%.ed o-t.
$n this e!ample, the trace route re(uest only gets to the seventh hop, at which point it fails7
this failure indicates that the problem lies on the far side of the device in step C or on the near
side of the device in step @. $n other words, the device at step C is functioning but might not
be able to make the ne!t hop. The cause of the problem could be a range of things, such as an
error in the routing table or a faulty connection. &lternatively, the seventh device might be
operating ,--L, but device @ might not be functioning at all. $n any case, you can isolate the
problem to /ust one or two devices.
The trace route utility can also help you isolate a heavily congested network. $n the following
e!ample, the trace route packets fail in the midst of the t(ace(t from a 3indows *erver
.--9 system, but subse(uently are able to continue. This behavior can be an indicator of
network congestion:
C#)*t(ace(t co.pt%a.o(&
,(ac%n& (o-te to co.pt%a.o(& /216.119.10!.$20o1e( a .a2%.-. o3 !0 hops#

1 96 .s 96 .s 55 .s 24.6$.1$9.1
2 14 .s 1! .s 2 .s (d1ht-&e!-0.o4.shawca5le.net /24.6$.224.$0
! 2 .s 2$ .s 41 .s (c1wh-at.0-2-1.shawca5le.net
/204.209.214.190
4 2 .s 41 .s 2$ .s (c1wt-pos2-0.wa.shawca5le.net
/66.16!.$6.650
5 41 .s 2$ .s 2$ .s (c2wt-pos1-0.wa.shawca5le.net /66.16!.6.20
6 55 .s 41 .s 2$ .s c1-pos6-!.sttlwa1.ho.e.net /24.$.$0.!$0
$ 54 .s 42 .s 2$ .s ho.e-&w.st6wa.%p.att.net /192.205.!2.2490
55 .s 41 .s 2 .s &5(!-p40.st6wa.%p.att.net /12.12!.44.1!00
9 6 6 6 7e8-est t%.ed o-t.
10 6 6 6 7e8-est t%.ed o-t.
11 6 6 6 7e8-est t%.ed o-t.
12 6 6 6 7e8-est t%.ed o-t.
1! 69 .s 6 .s 69 .s &5(2-p20.sd2ca.%p.att.net /12.122.11.2540
14 55 .s 6 .s 69 .s &5(1-p60.sd2ca.%p.att.net /12.122.1.1090
15 2 .s 69 .s 2 .s &5(1-p!0.ph.a9.%p.att.net /12.122.2.1420
16 6 .s 69 .s 2 .s &a(2-p!60.ph.a9.%p.att.net /12.12!.142.450
1$ 110 .s 96 .s 96 .s 12.125.99.$0
1 124 .s 96 .s 96 .s l%&ht.c(ystaltech.co. /216.119.10$.10
19 2 .s 96 .s 96 .s 216.119.10!.$2
,(ace co.plete.
6enerally speaking, trace route utilities allow you to identify the location of a problem in the
connectivity between two devices. &fter you have determined this location, you might need
to use a utility such as p%n& to continue troubleshooting. $n many cases, as in the e!amples
provided in this chapter, the routers might be on a network such as the $nternet and therefore
not within your control. $n that case, there is little you can do e!cept inform your $*2 of the
problem.
pin$
ost network administrators are very familiar with the p%n& utility and are likely to use it on
an almost daily basis. The basic function of the p%n& command is to test the connectivity
between the two devices on a network. &ll the command is designed to do is determine
whether the two computers can see each other and to notify you of how long the round)trip
takes to complete.
&lthough p%n& is most often used on its own, a number of switches can be used to assist in
the troubleshooting process. Table 9 shows some of the commonly used switches with p%n&
on a 3indows system.
Table 9 ping Command *witches
=ption Description
ping )t 2ings a device on the network until stopped
ping )a ?esolves addresses to hostnames
ping )n count *pecifies the number of echo re(uests to send
ping )r count ?ecords route for count hops
ping )s count Timestamp for count hops
ping )w timeout Timeout in milliseconds to wait for each reply
p%n& works by sending $C2 echo re(uest messages to another device on the network. $f the
other device on the network hears the p%n& re(uest, it automatically responds with an $C2
echo reply. By default, the p%n& command on a 3indows)based system sends four data
packets7 however, using the -t switch, a continuous stream of p%n& re(uests can be sent.
p%n& is perhaps the most widely used of all network tools7 it is primarily used to verify
connectivity between two network devices. +n a good day, the results from the p%n&
command will be successful, and the sending device will receive a reply from the remote
device. Not all p%n& results are that successful, and to be able to effectively use p%n&, you
must be able to interpret the results of a failed p%n& command.
T*e Destination Host 'nreac*able Messa$e
The Destination Bost 1nreachable error message means that a route to the destination
computer system cannot be found. To remedy this problem, you might need to e!amine the
routing information on the local host to confirm that the local host is correctly configured, or
you might need to make sure that the default gateway information is correct. The following is
an e!ample of a p%n& failure that gives the Dest%nat%on host -n(eacha5le message:
'%n&%n& 24.6$.54.2!! w%th !2 5ytes o3 data#
Dest%nat%on host -n(eacha5le.
'%n& stat%st%cs 3o( 24.6$.54.2!!#
'ac4ets# Sent : 4; 7ece%1ed : 0; <ost : 4 =100> loss?;
"pp(o2%.ate (o-nd t(%p t%.es %n .%ll%-seconds#
@%n%.-. : 0.s; @a2%.-. : 0.s; "1e(a&e : 0.s
T*e Re<uest Timed =ut Messa$e
The ?e(uest Timed +ut error message is very common when you use the p%n& command.
0ssentially, this error message indicates that your host did not receive the p%n& message back
from the destination device within the designated time period. &ssuming that the network
connectivity is okay on your system, this is typically an indicator that the destination device
is not connected to the network, is powered off, or is not configured correctly. $t could also
mean that some intermediate device is not operating correctly. $n some rare cases, it can also
indicate that there is so much congestion on the network that timely delivery of the p%n&
message could not be completed. $t might also mean that the p%n& is being sent to an invalid
$2 address or that the system is not on the same network as the remote host, and an
intermediary device is not configured correctly. $n any of these cases, the failed p%n& should
initiate a troubleshooting process that might involve other tools, manual inspection, and
possibly reconfiguration. The following e!ample shows the output from a p%n& to an invalid
$2 address:
C#)*p%n& 169.$6.54.!
'%n&%n& 169.$6.54.! w%th !2 5ytes o3 data#
7e8-est t%.ed o-t.

7e8-est t%.ed o-t.
7e8-est t%.ed o-t.
7e8-est t%.ed o-t.
'%n& stat%st%cs 3o( 169.$6.54.!#

'ac4ets# Sent : 4; 7ece%1ed : 0; <ost : 4 =100>
@%n%.-. : 0.s; @a2%.-. : 0.s; "1e(a&e : 0.s
During the p%n& re(uest, you might receive some replies from the remote host that are
intermi!ed with 7e8-est t%.ed o-t errors. This is often a result of a congested network.
&n e!ample follows7 notice that this e!ample, which was run on a 3indows e system, uses
the -t switch to generate continuous p%n&s:
C#)*p%n& -t 24.6$.14.65
'%n&%n& 24.6$.14.65 w%th !2 5ytes o3 data#
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:55.s ,,<:12$

7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:54.s ,,<:12$
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:2$.s ,,<:12$
7e8-est t%.ed o-t.
7e8-est t%.ed o-t.
7e8-est t%.ed o-t.
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:69.s ,,<:12$
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:2.s ,,<:12$
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:2.s ,,<:12$
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:6.s ,,<:12$
7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:41.s ,,<:12$
'%n& stat%st%cs 3o( 24.6$.14.65#

'ac4ets# Sent : 11; 7ece%1ed : ; <ost : ! =2$> loss?;
@%n%.-. : 2$.s; @a2%.-. : 69.s; "1e(a&e : !!.s
$n this e!ample, three packets were lost. $f this continued on your network, you would need
to troubleshoot to find out why packets were being dropped.
T*e 'n!non Host Messa$e
The 1nknown Bost error message is generated when the hostname of the destination
computer cannot be resolved. This error usually occurs when you p%n& an incorrect
hostname, as shown in the following e!ample, or try to use p%n& with a hostname when
hostname resolution "via DN* or a AOS,S te!t file# is not configured:
C#)*p%n& www.co.pt%a.ca
Bn4nown host www.co.pt%a.ca
$f the p%n& fails, you need to verify that the p%n& is being sent to the correct remote host. $f it
is, and if name resolution is configured, you have to dig a little more to find the problem.
This error might indicate a problem with the name resolution process, and you might need to
verify that the DN* or 3$N* server is available. +ther commands, such as nsloo4-p or d%&,
can help in this process.
T*e +xpired TT2 Messa$e
The Time to %ive "TT%# is an important consideration in understanding the p%n& command.
The function of the TT% is to prevent circular routing, which occurs when a p%n& re(uest
keeps looping through a series of hosts. The TT% counts each hop along the way toward its
destination device. 0ach time it counts one hop, the hop is subtracted from the TT%. $f the
TT% reaches -, the TT% has e!pired, and you get a message like the following:
7eply 3(o. 24.6$.10.1# ,,< e2p%(ed %n t(ans%t
$f the TT% is e!ceeded with p%n&, you might have a routing problem on the network. Kou
can modify the TT% for p%n& on a 3indows system by using the p%n& -% command.
Troubles*ootin$ it* pin$
&lthough p%n& does not completely isolate problems, you can use it to help identify where a
problem lies. 3hen troubleshooting with p%n&, take the following steps:
@. p%n& the I) address of your local loop'ack# using the command p%n& 12$.0.0.1. If
this command is successful# you know that the /)<I) protocol suite is installed
correctly on your system and functioning. If you are una'le to p%n& the local
loop'ack adapter# /)<I) might need to 'e reloaded or reconfigured on the
machine you are using.
The Loopback Address
The loopback is a special function within the protocol stack that is supplied for
troubleshooting purposes. The Class & $2 address 12$.C.C.C is reserved for the
loopback7 although convention dictates that you use 12$.0.0.1, you can use any
address in the 12$.C.C.C range, e!cept for the network number itself
"12$.0.0.0# and the broadcast address "12$.255.255.255#. Kou can also p%n&
by using the default hostname for the local system, which is called localhost "for
e!ample, p%n& localhost#.
.. p%n& the assigned I) address of your local network interface card (NI/*. If the
p%n& is successful# you know that your NI/ is functioning on the network and has
/)<I) correctly installed. If you are una'le to p%n& the local NI/# /)<I) might
not 'e 'ound correctly to the NI/ or the NI/ drivers might 'e improperly
installed.
C. p%n& the I) address of another known good system on your local network. 2y
doing so# you can determine whether the computer you are using can see other
computers on the network. If you can p%n& other devices on your local network#
you have network connectivity.
If you cannot p%n& other devices on your local network and you were a'le to p%n&
the I) address of your system# you might not 'e connected to the network
correctly.
=. After you;ve confirmed that you have network connectivity for the local network#
you can verify connectivity to a remote network 'y sending a p%n& to the I)
address of the default gateway.
A. If you are a'le to p%n& the default gateway# you can verify remote connectivity
'y sending a p%n& to the I) address of a system on a remote network.
1sing /ust the p%n& command in these steps, you can confirm network connectivity on not
only the local network, but also on a remote network. The whole process re(uires as much
time as it takes to type in the command, and you can do it all from a single location.
$f you are an optimistic person, you can perform step < first. $f that works, all the other steps
will also work, saving you the need to test them. $f your step < trial fails, you can go back to
step , and start the troubleshooting process from the beginning.
AR&
The &ddress ?esolution 2rotocol "&?2# is used to resolve $2 addresses to &C addresses.
This is important because on a network, devices find each other using the $2 address, but
communication between devices re(uires the &C address.
3hen a computer wants to send data to another computer on the network, it must know the
&C address of the destination system. To discover this information, &?2 sends out a
discovery packet to obtain the &C address. 3hen the destination computer is found, it
sends its &C address to the sending computer. The &?2)resolved &C addresses are
stored temporarily on a computer system in the &?2 cache. $nside this &?2 cache is a list of
matching &C and $2 addresses. This &?2 cache is checked before a discovery packet is
sent on to the network to determine if there is an e!isting entry.
0ntries in the &?2 cache are periodically flushed so that the cache doesn4t fill up with unused
entries. The following code shows an e!ample of the &?2 command with the output from a
3indows .--- system:
C#)*a(p -a
Inte(3ace# 24.6$.1$9.22 on Inte(3ace 02!
Inte(net "dd(ess 'hys%cal "dd(ess ,ype
24.6$.1$9.1 00-00-$$-9!-d-!d dyna.%c
&s you might notice in the previous code, the type is listed as dynamic. 0ntries in the &?2
cache can be added statically or dynamically. *tatic entries are added manually and do not
e!pire. The dynamic entries are added automatically when the system accesses another on the
network.
&s with other command)line utilities, there are several switches available for the a(p
command. Table ; shows the available switches for 3indows)based systems.
Table ; &?2 *witches
Sitc* Description
)a or )g Displays both the $2 and &C addresses and whether they are dynamic or static
entries
inetTaddr *pecifies a specific internet address
)N ifTaddr Displays the &?2 entries for a specified network interface
ethTaddr *pecifies a &C address
ifTaddr *pecifies an $nternet address
)d Deletes an entry from the &?2 cache
)s &dds a static permanent address to the &?2 cache
T*e netstat #ommand
The netstat command displays the protocol statistics and current TC28$2 connections on the
local system. 1sed without any switches, the netstat command shows the active connections
for all outbound TC28$2 connections. $n addition, several switches are available that change the
type of information netstat displays. Table < shows the various switches available for the
netstat utility.
Table < netstat *witches
Sitc* Description
)a Displays the current connections and listening ports
)e Displays 0thernet statistics
)n %ists addresses and port numbers in numerical form
)p *hows connections for the specified protocol
)r *hows the routing table
)s %ists per)protocol statistics
interval *pecifies the length of time to wait before redisplaying statistics
The netstat utility is used to show the port activity for both TC2 and 1D2 connections,
showing the inbound and outbound connections. 3hen used without switches, the netstat
utility has four information headings.
2roto %ists the protocol being used, either 1D2 or TC2.
%ocal address *pecifies the local address and port being used.
'oreign address $dentifies the destination address and the port being used.
*tate *pecifies whether the connection is established.
$n its default usage, the netstat command shows outbound connections that have been
established by TC2. The following shows a sample output from a netstat command without
using any switches:
C#)*netstat
"ct%1e Connect%ons
'(oto <ocal "dd(ess Fo(e%&n "dd(ess State
,C' laptop#24 @EDI"SE7DICES1#1$55 ES,"B<ISAED
,C' laptop#1!! www.test.co.#0 ES,"B<ISAED
,C' laptop#25 194.$0.5.241#0 ES,"B<ISAED
,C' laptop#260 194.$0.5.241#0 ES,"B<ISAED
,C' laptop#2!54 www.test.co.#0 ES,"B<ISAED
,C' laptop#2!61 www.test.co.#0 ES,"B<ISAED
,C' laptop#1114 www.test.co.#0 ES,"B<ISAED
,C' laptop#196! www.test.co.#0 ES,"B<ISAED
,C' laptop#2$0 localhost#4!1 ,I@EEF"I,
,C' laptop#4!1 localhost#262 ,I@EEF"I,
,C' laptop#4!1 localhost#26! ,I@EEF"I,
,C' laptop#4!1 localhost#26$ ,I@EEF"I,
,C' laptop#4!1 localhost#2$2 ,I@EEF"I,
%ike any other command)line utility, they are often used with switches. The following sections
provide a brief e!planation of the switches and a sample output from each.
netstat e
The netstat -e command shows the activity for the N$C and displays the number of packets
that have been both sent and received. &n e!ample of the netstat -e command is shown here:
C#)FIGDOFS)Des4top*netstat -e
Inte(3ace Stat%st%cs
7ece%1ed Sent
Bytes 1$412!5 402!$510
Bn%cast pac4ets $9129 5055
Gon--n%cast pac4ets 69! 254
D%sca(ds 0 0
E((o(s 0 0
Bn4nown p(otocols !06
&s you can see, the netstat -e command shows more than /ust the packets that have been sent
and received:
Bytes The number of bytes that have been sent or received by the N$C since the computer
was turned on.
1nicast packets 2ackets sent and received directly to this interface.
Non)unicast packets Broadcast or multicast packets that were picked up by the N$C.
Discards The number of packets re/ected by the N$C, perhaps because they were damaged.
0rrors The errors that occurred during either the sending or receiving process. &s you would
e!pect, this column should be a low number. $f it is not, it could indicate a problem with the
N$C.
1nknown protocols The number of packets that were not recogni5able by the system.
netstat "a
The netstat -a command displays statistics for both TC2 and 1ser Datagram 2rotocol "1D2#.
Bere is an e!ample of the netstat -a command:
C#)FIGDOFS)Des4top*netstat -a
"ct%1e Connect%ons
'(oto <ocal "dd(ess Fo(e%&n "dd(ess State
,C' laptop#102$ <"',O'#0 <IS,EGIGH
,C' laptop#10!0 <"',O'#0 <IS,EGIGH
,C' laptop#10!5 <"',O'#0 <IS,EGIGH
,C' laptop#50000 <"',O'#0 <IS,EGIGH
,C' laptop#5000 <"',O'#0 <IS,EGIGH
,C' laptop#10!5 .s&(-ns41..s&(.hot.a%l.co.#16! ES,"B<ISAED
,C' laptop#n5sess%on <"',O'#0 <IS,EGIGH
,C' laptop#102$ localhost#50000 ES,"B<ISAED
,C' laptop#50000 localhost#102$ ES,"B<ISAED
BD' laptop#1900 6#6
BD' laptop#n5na.e 6#6
BD' laptop#n5data&(a. 6#6
BD' laptop#154$ 6#6
BD' laptop#10! 6#6
BD' laptop#12 6#6
BD' laptop#!!66 6#6
&s you can see, the output includes four columns, which show the protocol, the local address, the
foreign address, and the state of the port. The TC2 connections show the local and foreign
destination addresses and the current state of the connection. 1D2, however, is a little different7
it does not list a state status because as mentioned throughout this book, 1D2 is a connectionless
protocol and does not establish connections. The following list briefly e!plains the information
provided by the netstat -a command:
2roto The protocol used by the connection.
%ocal &ddress the $2 address of the local computer system and the port number it is using. $f
the entry in the local address field is an asterisk "6#, it indicates that the port has not yet been
established.
'oreign &ddress the $2 address of a remote computer system and the associated port. 3hen a
port has not been established, as with the 1D2 connections, 6#6 appears in the column.
*tate the current state of the TC2 connection. 2ossible states include established, listening,
closed, and waiting.
netstat "r
The netstat -( command is often used to view the routing table for a system. & system
uses a routing table to determine routing information for TC28$2 traffic. The following is an
e!ample of the netstat -( command from a 3indows e system:
C#)FIGDOFS)Des4top*netstat (
7o-te ta5le
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
"ct%1e 7o-tes#
Getwo(4 Dest%nat%on Get.as4 Hateway Inte(3ace @et(%c
0.0.0.0 0.0.0.0 24.6$.1$9.1 24.6$.1$9.22 1
24.6$.1$9.0 255.255.255.0 24.6$.1$9.22 24.6$.1$9.22 1
24.6$.1$9.22 255.255.255.255 12$.0.0.1 12$.0.0.1 1
24.255.255.255 255.255.255.255 24.6$.1$9.22 24.6$.1$9.22 1
12$.0.0.0 255.0.0.0 12$.0.0.1 12$.0.0.1 1
224.0.0.0 224.0.0.0 24.6$.1$9.22 24.6$.1$9.22 1
255.255.255.255 255.255.255.255 24.6$.1$9.22 2 1
De3a-lt Hateway# 24.6$.1$9.1
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
'e(s%stent 7o-tes#
Gone
netstat s
The netstat -s command displays a number of statistics related to the TC28$2 protocol
suite. 1nderstanding the purpose of every field in the output is for your reference, sample
output from the netstat -s command is shown here:
C#)*netstat -s
I' Stat%st%cs
'ac4ets 7ece%1ed : !99!

7ece%1ed Aeade( E((o(s : 0
7ece%1ed "dd(ess E((o(s : 1$6
Data&(a.s Fo(wa(ded : 49
Bn4nown '(otocols 7ece%1ed : 0
7ece%1ed 'ac4ets D%sca(ded : 0
7ece%1ed 'ac4ets Del%1e(ed : !$566
O-tp-t 7e8-ests : !9$!!4
7o-t%n& D%sca(ds : 0
D%sca(ded O-tp-t 'ac4ets : 0
O-tp-t 'ac4et Go 7o-te : 916
7easse.5ly 7e8-%(ed : 0
7easse.5ly S-ccess3-l : 0
7easse.5ly Fa%l-(es : 0
Data&(a.s S-ccess3-lly F(a&.ented : 0
Data&(a.s Fa%l%n& F(a&.entat%on : 0
F(a&.ents C(eated : 0
IC@' Stat%st%cs
7ece%1ed Sent
@essa&es 40641 41111
E((o(s 0 0
Dest%nat%on Bn(eacha5le 22! 60
,%.e E2ceeded 24 0
'a(a.ete( '(o5le.s 0 0
So-(ce I-enches 0 0
7ed%(ects 0 !
Echos 20245 2014
Echo 7epl%es 20149 20245
,%.esta.ps 0 0
,%.esta.p 7epl%es 0 0
"dd(ess @as4s 0 0
"dd(ess @as4 7epl%es 0 0
,C' Stat%st%cs
"ct%1e Opens : 1!5!

'ass%1e Opens : 2!1!2
Fa%led Connect%on "tte.pts : 9259
7eset Connect%ons : 254
C-((ent Connect%ons : 15
Se&.ents 7ece%1ed : !!0242
Se&.ents Sent : !269!5
Se&.ents 7et(ans.%tted : 151
BD' Stat%st%cs
Data&(a.s 7ece%1ed : 20402

Go 'o(ts : 20594
7ece%1e E((o(s : 0
Data&(a.s Sent : 1021$
nbtstat
The n5tstat utility is used to view protocol statistics and information for NetB$+* over TC28$2
connections. n5tstat is commonly used to troubleshoot NetB$+* name resolution problems.
Because n5tstat provides the resolution of NetB$+* names, it4s available only on 3indows
systems.
& number of case)sensitive switches are available for the n5tstat command. Table :
summari5es these switches.
Table : nbtstat *witches
Sitc* Description
nbtstat )a "&dapter status# +utputs the NetB$+* name table and &C addresses
of the card for the specified computer
nbtstat )& "$2 address# "&dapter status# %ists the remote machine4s name table given its $2
address
Table : nbtstat *witches
Sitc* Description
nbtstat )c "cache# 2rovides a list of the contents of the NetB$+* name cache
nbtstat )n "names# %ists local NetB$+* names
nbtstat )r "resolved# %ists names resolved by broadcast or 3$N*
nbtstat )? "?eload# 2urges and reloads the remote cache name table
nbtstat )* "*essions# *ummari5es the current NetB$+* sessions and their status
nbtstat )s "sessions# %ists sessions table converting destination $2 addresses to computer
NetB$+* names
nbtstat )??
"?elease?efresh#
*ends Name ?elease packets to 3$N*, and then starts ?efresh
nbtstat ?emoteName ?emote host machine name
nbtstat $2 address Dotted decimal representation of the $2 address
nbtstat interval ?edisplays selected statistics, pausing interval seconds between each
display. 2ress Ctrl=C to stop redisplaying statistics
&s an e!ample, the following is the output from the n5tstat -n command:
C#)*n5tstat -n
<ana J 0#
Gode Ip"dd(ess# /169.254.196.1920 Scope Id# /0
GetBIOS <ocal Ga.e ,a5le
Ga.e ,ype Stat-s
---------------------------------------------
<"',O' K00* BGIIBE 7e&%ste(ed
LCS K00* H7OB' 7e&%ste(ed
<"',O' K0!* BGIIBE 7e&%ste(ed
T*e ipconfi$ #ommand
The %pcon3%& command is a technician4s best friend when it comes to viewing the TC28$2
configuration of a 3indows system. 1sed on its own, the %pcon3%& command shows basic
information such as the name of the network interface, the $2 address, the subnet mask, and
the default gateway. Combined with the /all switch, it shows a detailed set of information,
as you can see in the following e!ample:
C#)*%pcon3%& /all
F%ndows 2000 I' Con3%&-(at%on
Aost Ga.e . . . . . . . . . . . . # se(1e(
'(%.a(y DGS S-33%2 . . . . . . . # w(%te
Gode ,ype . . . . . . . . . . . . # B(oadcast
I' 7o-t%n& Ena5led. . . . . . . . # Mes
FIGS '(o2y Ena5led. . . . . . . . # Go
DGS S-33%2 Sea(ch <%st. . . . . . # w(%te
o4.anyothe(host.net
Ethe(net adapte( <ocal "(ea Connect%on#
Connect%on-spec%3%c DGS S-33%2 . # o4.anyothe(host.net

Desc(%pt%on . . . . . . . . . . . # D-<%n4 DFE-5!0,C 'CI Fast Ethe(net
'hys%cal "dd(ess. . . . . . . . . # 00-0-C-E!-4C-BD
DAC' Ena5led. . . . . . . . . . . # Mes
"-tocon3%&-(at%on Ena5led . . . . # Mes
I' "dd(ess. . . . . . . . . . . . # 24.6$.14.65
S-5net @as4 . . . . . . . . . . . # 255.255.254.0
De3a-lt Hateway . . . . . . . . . # 24.6$.14.1
DAC' Se(1e( . . . . . . . . . . . # 24.6$.25!.195
DGS Se(1e(s . . . . . . . . . . . # 24.6$.25!.195
24.6$.25!.212
<ease O5ta%ned.. . . . # ,h-(sday; Fe5(-a(y 0$; 2002 !#42#00 "@
<ease E2p%(es .. . . . # Sat-(day; Fe5(-a(y 09; 2002 !#42#00 "@
&s you can imagine, you can use the output from an %pcon3%& /all command in a massive
range of troubleshooting scenarios. Table C lists some of the most common troubleshooting
symptoms, along with where to look for clues about solving them in the %pcon3%& /all
output.
Table C Common Troubleshooting *ymptoms That ipconfig Can Belp *olve
S,mptom Field to #*ec! in ipconfi$ =utput
1ser is unable to connect to any other system. ake sure the TC28$2 address and subnet mask
are correct. $f the network uses DBC2, make sure
DBC2 is enabled.
1ser is able to connect to another system on
the same subnet but is not not able to connect
to a remote system.
ake sure the default gateway is correctly
configured.
1ser is unable to browse the $nternet. ake sure the DN* server parameters are
configured correctly.
1ser is unable to browse across remote
subnets.
ake sure the 3$N* or DN* server parameters
are configured correctly, if applicable.
1sing the /all switch might be far and away the most popular, but there are a few others.
These include the switches listed in Table @.
Table @ ipconfig *witches
Sitc* Description
H Displays the ipconfig help screen
8all Displays additional $2 configuration information
8release ?eleases the $2 address of the specified adapter
8renew ?enews the $2 address of a specified adapter
ifconfi$
%3con3%& performs the same function as %pcon3%&, but on a %inu!, 1N$E, or acintosh system.
Because %inu! relies more heavily on command)line utilities than 3indows, the %inu! and
1N$E version of %3con3%& provides much more functionality than %pcon3%&. +n a %inu! or
1N$E system, you can get information about the usage of the %3con3%& command by using
%3con3%& --help. The following output provides an e!ample of the basic %3con3%& command
run on a %inu! system:
eth0 <%n4 encap#Ethe(net AFadd( 00#60#0#1$#6!#"0
%net add(#192.16.1.101 Bcast#192.16.1.255 @as4#255.255.255.0
B' B7O"DC"S, 7BGGIGH @,B#1500 @et(%c#1
7C pac4ets#911 e((o(s#0 d(opped#0 o1e((-ns#0 3(a.e#0
,C pac4ets#04 e((o(s#0 d(opped#0 o1e((-ns#0 ca((%e(#0
coll%s%ons#0 t28-e-elen#100
Inte((-pt#5 Base add(ess#02e400
lo <%n4 encap#<ocal <oop5ac4
%net add(#12$.0.0.1 @as4#255.0.0.0
B' <OO'B"CL 7BGGIGH @,B#!924 @et(%c#1
7C pac4ets#1 e((o(s#0 d(opped#0 o1e((-ns#0 3(a.e#0
,C pac4ets#1 e((o(s#0 d(opped#0 o1e((-ns#0 ca((%e(#0
coll%s%ons#0 t28-e-elen#0
&lthough the %3con3%& command displays the $2 address, subnet mask and default gateway
information for both the installed network adapter and the local loopback adapter, it does not
report DCB2 lease information. $nstead, you can use the p-.p s command to view detailed
information on the DBC2 lease including the assigned $2 address, the address of the DBC2
server, and the time remaining on the lease. The p-.p command can also be used to release and
renew $2 addresses assigned via DBC2 and to view DN* server information.
T*e inipcf$ #ommand
+n a 3indows D@ *econd 0dition and 3indows e systems, the w%n%pc3& command is used in
addition to the %pcon3%& command. The difference between the two utilities is that w%n%pc3& is
a graphical utility.
$n basic mode, w%n%pc3& shows information including the edia &ccess Control "&C# address
and $2 address of the interface, the subnet mask, and the default gateway. 'or detailed
information, similar to that produced with %pcon3%& /all, a ore $nfo button allows you to
switch into a much more detailed screen.
The same troubleshooting scenarios, with the same solutions, apply to w%n%pc3& as to %pcon3%&.
Table D lists some solutions to common problems.
Table D Common Troubleshooting 2roblems That winipcfg Can Belp *olve
S,mptom Field to #*ec! in inipcf$ =utput
1ser is unable to connect to any other system. Check that the TC28$2 address and subnet mask
are correct. $f using DBC2, make sure DBC2 is
enabled.
1ser is able to connect to other system on the
same subnet, but is not able to connect to a
remote system.
Check that the default gateway is correctly
configured.
1ser is unable to browse the $nternet. ake sure the DN* server paramenters are
configured correctly.
1ser is unable to browse across remote
subnets.
ake sure the 3$N* or DN* server parameters
are configured correctly "if applicable#.
nsloo!up
nsloo4-p is a utility used to troubleshoot DN*)related problems. 1sing nsloo4-p, you can,
for e!ample, run manual name resolution (ueries against DN* servers, get information about
the DN* configuration of your system or specify what kind of DN* record should be
resolved.
3hen nsloo4-p is started, it displays the current hostname and the $2 address of the locally
configured DN* server. Kou will then see a command prompt which allows you to specify
further (ueries. This is known as 4interactive4 mode. The commands you can enter in
interactive mode are listed in Table ,-.
Table ,- nslookup *witches
Sitc* Description
all 2rints options, as well as current server and host information
Table ,- nslookup *witches
Sitc* Description
UnoVdebug 2rints debugging information
UnoVd. 2rints e!haustive debugging information
UnoVdefname &ppends the domain name to each (uery
UnoVrecurse &sks for recursive answer to (uery
UnoVsearch 1ses domain search list
UnoVvc &lways uses a virtual circuit
domainRN&0 *ets default domain name to N&0
srchlistRN,U8N.8...8N:V *ets domain to N, and search list to N,, N., and so on
rootRN&0 *ets root server to N&0
retryRE *ets number of retries to E
timeoutRE *ets initial timeout interval to E seconds
typeRE *ets (uery type "for e!ample, &, &NK, CN&0, E, N*, 2T?, *+&,
or *?>#
(uerytypeRE *ame as type
classRE *ets (uery class "for e!ample, $N U$nternetV, &NK#
UnoVms!fr 1ses * fast 5one transfer
i!frverRE Current version to use in $E'? transfer re(uest
server N&0 *ets default server to N&0, using current default server
e!it 0!its the program
$nstead of using interactive mode, you can also e!ecute nsloo4-p re(uests directly at the
command prompt. The following listing shows the output from nsloo4-p when a domain
name is specified to be resolved.
C#)*nsloo4-p co.pt%a.o(&
Se(1e(# nsc1.ht.o4.shawca5le.net
"dd(ess# 64.59.16.1!
Gon-a-tho(%tat%1e answe(#
Ga.e# co.pt%a.o(&
"dd(ess# 20.252.144.4

&s you can see from the output, nslookup shows the hostname and $2 address of the DN*
server against which the resolution was performed, along with the hostname and $2 address
of the resolved host.
di$
%& is used on %inu!, 1N$E or acintosh system to perform manual DN* lookups. d%&
performs the same basic task as nsloo4-p, but with one ma/or distinction: The d%& command
does not have an interactive mode and instead uses only command)line switches to customi5e
results.
d%& is generally considered a more powerful tool than nsloo4-p, but in the course of a
typical network administrator4s day, the minor limitations of nsloo4-p are unlikely to be too
much of a factor. $nstead, d%& is often simply the tool of choice for DN* information and
troubleshooting on 1N$E, %inu!, or acintosh systems. %ike nsloo4-p, d%& can be used to
perform simple name resolution re(uests. The output from this process can be seen in the
following listing:
N KK** D%H .2 KK** 2y9.co.
NN (es opt%ons# %n%t (ec-(s de3na. dns(ch
NN &ot answe(#
NN -**AE"DE7KK- opcode# IBE7M; stat-s# GOE77O7; %d# 4
NN 3la&s# 8( (d (aN IBE7M# 1; "GSFE7# 1; "B,AO7I,M# 2; "DDI,IOG"<# 0
NN IBE7M SEC,IOG#
NN 2y9.co.; type : "; class : IG
NN "GSFE7 SEC,IOG#
2y9.co.. $h!!. IG " 6!.240.9!.15$
NN "B,AO7I,M SEC,IOG#
2y9.co.. $h!!. IG GS -s(2dns1."BC.co..
2y9.co.. $h!!. IG GS oldt2dns2."BC.co..
NN ,otal 8-e(y t%.e# $ .sec

NN F7O@# localhost.localdo.a%n to SE7DE7# de3a-lt -- 209.5!.4.1!0
NN FAEG# Sat Oct 16 20#21#24 2004
NN @SH SIOE sent# !0 (c1d# 10!
&s you can see, dig provides a number of pieces of information in the basic output more so
than nsloo4-p. There are three key areas of the output from which network administrators
can gain information. These are the 4&nswer *ection,4 the 4&uthority *ection,4 and the last
four lines of the output.
The &nswer *ection of the output provides the name of the domain or host being resolved,
along with its $2 address. The " in the results line indicates the record type that is being
resolved.
The &uthority *ection provides information on the authoritative DN* servers for the domain
against which the resolution re(uest was performed. This information can be useful in
determining whether the correct DN* servers are considered authoritative for a domain.
The last four lines of the output show how long the name resolution re(uest took to process
and the $2 address of the DN* server that performed the resolution. $t also shows the date and
time of the re(uest, as well as the si5e of the packets sent and received.
Interpretin$ ?isual Indicators
+ne of the easiest ways to spot signs of trouble on a network or with a network component is to
look at the devices4 %0Ds. any of the devices used in modern networks such as hubs, routers,
switches, and even N$Cshave these small indicator lights that let you know what, if anything, is
going wrong. The following sections e!amine some of the common networking devices and what
you can learn from their %0Ds.
2+Ds on Netor!in$ Devices

$f you have seen a hub or a switch, you have no doubt noticed the %0Ds on the front of the
device. 0ach ?A);< connector has one or two dedicated %0Ds. These %0Ds are designed to
provide the network administrator with a (uick idea of the status of a connection or a
potential problem. Table ,, provides some e!amples of link)light indicators functioning on a
typical hub or switch.
Table ,, 0!ample %ink)%ight $ndicator %0D *tates for a Network Bub or *witch
2+D State Meanin$
*olid green & device is connected to the port, but there is no activity on the device.
Blinking green There is activity on the port. The connected system is sending or
receiving data.
No %0D lit There is no detectable link. 0ither there4s a problem with the connection
between the device and the hub "such as an unplugged cable#, or the
remote system is powered down.
'ast continuous
blinking for e!tended
periods
This often indicates a fault with the connection, which can commonly be
attributed to a faulty N$C.
Blinking amber There are collisions on the network. & few orange %0Ds flashing
intermittently are okay, but continuously blinking amber %0Ds indicate
a problem.
Note that the %0Ds4 se(uencing and meanings vary among the different hub manufacturers
and therefore might be different from those listed in Table ,,.
$n addition to link)light indicators, some hubs and switches have port)speed %0Ds that, when
lit, indicate the speed at which the connected device is functioning. *ome also have %0Ds
that indicate whether the link is operating in full)duple! mode.
By understanding the function of the lights on networking devices, you can tell at a glance
the status of a device and the systems connected to it. Kou should take the time to familiari5e
yourself with the indicator lights on the network devices you work with and with their
various states.
2+Ds on NI#s and =t*er Devices
$n addition to hubs and switches, most other networking devices have %0Ds that provide a
variety of information. ost N$Cs have at least one %0D that indicates whether there is a link
between the system and the network into which it is plugged. The link light operates at a physical
level7 in other words, it should be lit when the 2C is on, regardless of whether the networking
software is loaded, the network configuration is correct, or the user is logged on to the network.
$n addition to the link light %0D, many N$Cs have additional lights to indicate the speed at which
the network connection is established and8or when there is network activity on the link.
%0Ds are also included on cable modems and D*% modems, which are commonly used in small
or home office implementations for $nternet connectivity. The number of %0Ds and their
functionality depends on the device. 'or e!ample, one cable modem might have four %0Ds: one
indicating that the modem is online, a *end indicator, a ?eceive indicator, and one labeled
essage. $n contrast, a D*% modem might have si! %0Ds. +ne shows that the device is
powered, and one flashes to indicate that the device is operating normally. Then there is a link
light for both the local network and the D*% connection, and another %0D for each interface that
flashes to indicate activity on those links.
The usefulness of %0Ds in troubleshooting scenarios cannot be overstated. %0Ds provide an
instant, visual indicator about the state of a network link. $n some cases, as with collision lights,
they can even alert you to problems on the network. 1nderstanding how to interpret information
provided by %0Ds is important for the real world.
$magine a scenario in which a user who is working at workstation & calls and tells you she is
unable to access the $nternet. The $nternet connection could be down, but by connecting to the
$nternet yourself, you determine that it is working correctly7 therefore, it is safe to assume that
the problem is at the user4s end rather than with the $nternet connectivity. Ne!t, you decide to
visit the user4s workstation to see whether you can p%n& the $nternet router. Before you begin the
p%n& test, you look at the back of the system and see that the link %0D on the N$C is not lit. &t
this point, you can be fairly sure that the p%n& test will not work because without the link light,
there is no connectivity between the N$C and the switch.
Now you have narrowed the problem to one of a few sources. 0ither the N$C or the cable is
faulty, the switch to which the user is connected is not functioning, or the port on the switch to
which the user is connected is faulty.
The easiest way to test whether the cable is the problem is to borrow a known working cable
from workstation B or C and swap it with the cable connecting workstation & to the hub, switch,
or wall port. 3hen you try this, if the link light does not come on, you can deduce that the N$C is
faulty. $f the light does come on, you can deduce that either the port on the switch or a cable is
faulty. The ne!t step is to swap the cable out or try the original cable in another switch port.
3hatever the actual problem, link lights play an important role in the troubleshooting process.
They give you an easy method of seeing what steps do and don4t work.
Troubles*ootin$ Remote #onnectivit,
?emote connectivity errors are bugs that prevent you from connecting to the office network,
from remotely dialing in to your home computer, or from logging on to your $*2 and
subse(uently the $nternet.
&lthough many means and methods are available for establishing remote connectivity, network
administrators can focus their attention on some common hot spots when troubleshooting errors,
including authentication failure, protocol configuration problems, and physical connectivity.
Troubles*ootin$ &*,sical #onnectivit,
3hen you4re troubleshooting remote connectivity errors, it is often easy to forget the most basic
troubleshooting practices. By this, we mean ensuring that all the physical connections are in
place. 3hen you suspect a physical connectivity problem, here are a few key places to look:
'aulty cable
$mproperly connected cable
$ncorrect cable
'aulty interface
'aulty networking devices
Now that we have looked at some of the more generali5ed considerations of remote connectivity
troubleshooting from a physical perspective, we4ll focus specifically on some of the commonly
used remote access technologies.
DS2
Troubleshooting D*% is similar to troubleshooting any other $nternet connection. The following
are a few things to check when users are e!periencing problems with a D*% connection:
2hysical connections
The N$C installed in the computer system
Network card drivers
2rotocol configuration
%0Ds on the D*% modem
#able Troubles*ootin$ &rocedures
3ith very few problems. 3hen problems do occur, you can try various troubleshooting
measures:
Check the physical connections.
0nsure that the protocol configuration on the system is valid.
Check the indicator lights on the cable modem.
Cycle the power on the cable modem, and on the system.
$f you are sure that the connectors are all in place and the configuration of the system is correct,
the ne!t step is to call the technical support line of the cable provider.
Home Satellite Troubles*ootin$ &rocedures
Your a'ility to trou'leshoot satellite Internet connections might 'e very limited.
he hardware associated with home satellite remote access installations are
very specialiBed# and e7uipment providers often prefer that you let them do the
hardware trou'leshooting. Diven this limitation# calls to technical support occur
very early in the trou'leshooting process.
9ireless Internet Access Troubles*ootin$
&rocedures
Troubleshooting wireless access is normally confined to ensuring that the adapter is functioning
correctly and configured properly.
The main factors that can affect wireless access are environmental conditions and outside
interference. any people who live in areas that often have fog or other damp conditions
e!perience poor performance "or none at all# from wireless $nternet service.
Bere are some specific things you should check when troubleshooting a wireless connection:
Check the configuration of the wireless interface.
ove the computer around to find out if it4s in a dead spot.
Check with other people to see if there is a problem with the service, rather than /ust your
system.
$f you are sure that everything is configured correctly, you might have to contact the wireless
provider to see if anything is amiss.
&=TS Troubles*ootin$ &rocedures
Troubleshooting a dial)up connection problem can be tricky and time)consuming because you
must consider many variables. $n fact, of the remote connectivity mechanisms discussed in this
chapter, you are far more likely to have problems with a 2+T* connection than any of the others.
The following are some places to start your troubleshooting under various conditions.
$f the user is unable to dial out, try the following:
Check physical connections.
Check that there is a dial tone on the line.
$f the user can dial out but can4t get a connection, try the following:
ake sure that the user is dialing the correct number.
Call the $*2 to determine whether it is having problems.
Determine if Call 3aiting is enabled on the line, or there is some other telephone
provider service interfering with communications.
$f the user can dial out and can get a connection but is then disconnected, try the following:
0nsure that the modem connection is configured correctly.
Check that the username and password are correct.
>erify that the connection settings are correct.
Modem"Specific Troubles*ootin$
$f you are confident that a modem is installed and configured correctly, but it4s still not
working properly, you can test and configure it by using special commands from the &T
command set. Table ,. lists some of the most commonly used &T commands.
Table ,. Commonly 1sed &T Commands
AT #ommand Result
&T& *ets the modem to auto)answer
&TB Bangs up an active connection
&TD Dials a number
&TQ ?esets the modem
&T$9 Displays the name and model of the modem
$n general, getting the modem to respond to an &TQ command is a good enough indicator
that the modem is functioning.
Troubles*ootin$ Aut*entication Failure
&ll forms of remote connectivity should re(uire some form of authentication to confirm
that those trying to access the remote resources have permission to do so. &s a network
administrator, you can e!pect to become very familiar with authentication
troubleshooting. Nuite often, authentication errors result from users incorrectly entering
usernames and8or passwords.
&uthentication issues can also arise as a result of permissions changes in users4 accounts.
$f you4re troubleshooting remote connectivity and you have confirmed that the correct
username and password are used, you should confirm that the user has the appropriate
permissions to access the network.
The third and perhaps least likely cause for authentication failure is a downed
authentication server. $n such a circumstance, you are likely to receive numerous calls
regarding authentication difficulty not /ust one or two.
Troubles*ootin$ &rotocol #onfi$uration
&roblems
any, but not all, of the problems you encounter with remote connectivity can be
addressed with the measures listed previously. Bowever, you might encounter a problem
when you have confirmed that the network user is using the correct username and
password combination, that no changes have been made to the user4s account
information, that all physical connections are in place, and that the user still cannot
establish a remote connection.
The ne!t most likely cause of a client connectivity problem is protocol configuration.
2rotocol configuration issues are usually on the client side of the network. +n a TC28$2
network, each client computer must have a uni(ue address in order to participate on the
network. 'ailure to obtain addressing information automatically could indicate a problem
with a DBC2 server. Kou should check the DBC2 server to make sure that it is
functioning and that addresses are available for assignment.
Beyond basic protocol issues such as addressing, remote connectivity troubleshooting
also brings with it the additional considerations of authentication protocols. There is one
basic rule that applies to all such issues. $f a client in a remote connectivity solution is
configured to use one type of authentication protocol, and the server to which he is
connecting does not support that protocol, the connection will be refused.
Troubles*ootin$ Small =ffice:Home
=ffice Router
&s more people choose to use broadband $nternet connectivity methods such as cable and
D*%, the use of compact hub8router and switch8router combinations has become
commonplace.
ost *+B+ routers are, in fact, more than routers. ost are also 0thernet hubs or
switches, making it possible to share an $nternet connection with other systems on the
network. They also typically provide basic firewalling capabilities and, in many cases,
DBC2 server functionality.
#onfi$uration
The most common configuration method for *+B+ routers is through a browser
interface, though some models also use a custom application for this purpose.
Configuration is generally straightforward, as *+B+ routers are designed to be home
user friendly.
Troubles*ootin$
Because a *+B+ router is a network device, the rules and procedures that apply to other
troubleshooting scenarios are valid. $f you are e!periencing $nternet connectivity issues
on a network with a *+B+ router, the first step is to ensure that the *+B+ router is
powered on and that all the network connections are complete and secure. &lso,
familiari5e yourself with the diagnostic %0Ds on your *+B+ router so that you can
interpret the information they provide accordingly.
+ne of the easiest ways to test whether the *+B+ router is the cause of a problem is to
remove it from the communications chain and plug a 2C directly in to the broadband
interface "be that cable or D*%#. $f the 2C is configured to obtain an $2 address
automatically, it should be able to get an $2 address from the $*2 /ust as easily as it would
from the *+B+ router. $f the system subse(uently works fine and can access the $nternet,
you know that the problem lies with the *+B+ router and not the configuration of the
system.
Identif,in$ and Troubles*ootin$ #lient
#onnectivit, &roblems
/lient connectivity errors are one of the most common sources of network$
related pro'lems. Issues range from plain old user error to more comple%
protocol and ca'ling issues. 4ometimes# even administrators make mistakes that
can impact usersE !ith so many possi'ilities# it is no wonder that client
connectivity persists as one of the 'iggest network trou'leshooting hotspots.
&rotocol +rrors
he client system must have a protocol assigned or 'ound to its NI/ in order to
access resources. You can use various tools to verify that a protocol is 'eing
used 'y the systemfor e%ample# on !indows .---<:)<.--C systems# you use the
%pcon3%& command+ on older !indows client systems# you use the w%n%pc3&
command+ and on &inu%# 3NI:# and Macintosh systems# you can use the
%3con3%& command.
&rotocol"Specific Issues
Kou need to consider a number of factors related to network protocols when you troubleshoot a
client connectivity. The following list describes some of the protocol)specific issues you should
consider in such a situation:
Transmission Control 2rotocol8$nternet 2rotocol "TC28$2# 'or a system to operate on a
TC28$2)based network, it must have at the very least a uni(ue $2 address, the correct
subnet mask for the network to which it is connected, and "for cross)network
connectivity# a default gateway entry. $n addition, Domain Name *ervice "DN*# server
addresses might be re(uired.
$nternetwork 2acket 0!change8*e(uenced 2acket 0!change "$2E8*2E# 0ach system on
an $2E8*2E network must have a uni(ue address, although the addresses are generated
and assigned automatically. +n older networks, care must be taken to ensure that the
correct frame type is being used, although systems are usually able to autodetect the
frame type that is in use.
Network B$+* 0!tended 1ser $nterface "NetB01$# 0ach system on a network that uses
NetB01$ must have a uni(ue name to identify the computer on the network. 'or name
resolution between network segments, a network needs either a 3indows $nternet
Naming *ystem "3$N*# server or manual name resolution through an <@AOS,S file.
&ppleTalk 0ach system on an &ppleTalk network must have a uni(ue address. $f
&ppleTalk over TC28$2 is being used, ensure that the system is configured with a valid $2
address, subnet mask, and "if needed# a default gateway.
3hen protocol settings are correctly configured, protocol problems are infre(uent. 1nless
settings are manually changed, very little can go wrong.
Aut*entication
Before users can log on to any system, their identities must be verified. By far the most common
type of authentication used is the standard username and password combination. 3hen a user
account is created, it is good practice for the administrator to set a password. The user should
change that password immediately so that the administrator no longer knows it.
ost user password problems can be traced to users entering an incorrect password or entering
the correct password incorrectly. &ll common operating systems offer the ability for the
administrator to change a user4s password, but none offer the capability to determine the user4s
e!isting password. Therefore, if a user does forget his or her password, a new one has to be
created and issued.
&ermissions +rrors
&ccess to applications and data across the network is controlled by permissions. 2ermissions are
responsible for protecting the data on the network and ensuring that only those who should have
access to it do.
The first rule of permissions troubleshooting is to remember that permissions do not change
themselves. $f a user cannot access a file, the first (uestion to the user should always be, GCould
you ever access the fileHG $f the user says, GKes, but now $ can4t access the file,G you should
check server change logs or documentation to see if any changes have been made in the
permissions structure.
$f no changes have been made, you should verify that the user is in fact allowed access to that
file or directory. $n large environments, trying to keep track of who should have access to what
can be a tricky business one that is best left to defined policies and documentation.
The following are some other items you should consider when troubleshooting permissions
problems:
+n some operating systems, rights and permissions can be inherited from parent
directories or other directories that are higher in the directory structure. & change in the
permissions assignments at one level might have an effect on a lower level in the
directory tree.
'ile permissions can be gained from ob/ects other than the user4s account. Depending on
the operating system being used, rights can also be gained from group membership, other
network ob/ects, or security e(uivalence. 3hen you are troubleshooting a permissions
problem, be sure that you understand where rights are supposed to originate.
'ile attributes can override file permissions, and they can prevent actions from being
performed on certain files. To the uninitiated, this might seem like a file permissions
problem, but in fact it is correct operation.
&s with many other $T troubleshooting scenarios, you can solve most permissions problems
effectively if you fully understand what you are troubleshooting and the factors that affect the
situation. &lso in common with other troubleshooting scenarios, you need to approach the
problem methodically.
&*,sical #onnectivit, +rrors
&lthough many of the problems associated with client connectivity can be traced to software)
based problems such as configuration, authentication, and permissions issues, physical
connectivity is often the root of the problem.
3hen you are troubleshooting physical connectivity errors, the first place to look is at the
network cables. &lthough it is rare, cables can become loose or disconnected from N$Cs or from
the ports on a hub or switch. +ftentimes, this is the result of other cables being plugged in or
unplugged, or of other activity on the connections around the one that is having the problem.
+ther cable considerations include e!ceeded ma!imum lengths, cable breaks, and improperly
terminated or made cables, although these are only a consideration in e!ceptional cases.
2hysical connectivity errors also involve the devices used to establish the physical client8server
connectivity. This can include hubs, switches, *&1s, N$Cs, routers, and connectivity
hardware. &lthough it is possible to have a problem with a single port on one of the
aforementioned devices, it is more likely that the entire unit will malfunction. Thankfully,
networking devices are very resilient devices that provide many years of service with few or no
problems.
Troubles*ootin$ #*ec!lists
$n a real)world networking environment, you will be e!pected to be able to troubleshoot client
connectivity in many different areas. The following sections provide some troubleshooting
checklists that can help you review some of the various troubleshooting areas.
Troubles*ootin$ #ablin$ &roblems
Cable accounts for a great many of the problems on a network. There are many places to look
when you suspect a cable)related problem. $f you suspect that cable is at the bottom of your
network troubles, consider the following areas:
%oose connections Kou need to verify that cables are securely attached and that they are
attached to the correct ports.
2oorly crimped or bent cable sometimes a chair running over a cable or a cable that has a
poor crimp can cause problems.
$ncorrect cable length ?ecall from that cables cannot e!ceed a specified ma!imum
length.
Cable placement Care must be taken when cables are run too closely to strong electrical
devices. $f cables are run too closely to electrical devices, you need to ensure that they are
designed for the task.
Troubles*ootin$ =peratin$ S,stem
#onnectivit,
$f you are struggling with operating system connectivity issues, consider the following:
1sername8password ake sure that users are logging on to the network with the correct
username8password combination.
Configuration $t might be necessary to confirm that the network settings on the client
computer have not changed.
&ccount activity Kou need to verify that the user has an active account on the network
and that it has the correct permissions set. %og on with a known working account from
the client4s system, which will allow you to isolate the problem to the computer or the
user account.
2hysical connections Kou should check to see if a cable has come unplugged from the
client4s system.
N$C To confirm that a card is working, you might need to swap out the card with one that
is known to be working.
Troubles*ootin$ Netor! &rintin$
2rinting is one of the services that network users e!pect to be working, and it is the
administrator4s /ob to make sure that it is available. 3hen trying to get printing back up and
running on the network, confirm the following:
2rinter online status Kou should confirm that the printer is online and ready to go. $f there
is a problem with the printer itself, the printer might display error messages on an %CD
panel or use %0Ds to indicate a problem.
2rinter functioning Nearly all printers have a test print feature. Kou can use it to make
sure that the printer itself is functioning correctly.
2rinter connectivity >erify that the printer is visible to the network. $f the printer is
connected directly to the network using TC28$2, for instance, you can p%n& the printer to
test for connectivity.
Client configuration 0nsure that the computers that are trying to access the printer are
configured correctly to use that printer.
2ermissions +n many operating systems, it is possible to set permissions to allow or deny
users access to a printer. Kou need to verify that the correct permissions have been set.
Check logs Network operating systems log printer activity. onitoring printer logs can
often provide clues as to the source of a problem.
Driver software $f you are having problems isolating a printing issue, consider
reinstalling or replacing the printer driver.
Troubles*ootin$ Data Access
The inability to access data is not always a result of connectivity errors. $f a user is unable to
access data, there are a few key areas to verify:
2roper network login *ometimes people use a shortcut or try to access data without being
properly logged on to the network. Kou should verify that users are correctly logged on to
the network and that any necessary network drives are connected.
2ermissions when you are troubleshooting data access, ensure that the permissions are set
correctly.
Connectivity you need to verify that the system that maintains the data is available. Kou
need to confirm that the server is available. 3hat can seem like a problem accessing a
file can mask a potentially larger problem such as a disk or server failure.
Data integrity *ometimes data itself can be corrupt. This is the worst)case scenario, and
the robust nature of today4s file systems ensures that it occurs rarely. This is when you
need backups.
>iruses $n some cases, viruses might be your problem. Kou can use a virus)checking
program to determine if indeed this is the problem.
Troubles*ootin$ NI#s
3hen N$Cs are configured correctly and verified to be working, very little goes wrong with
them. 3hen you are troubleshooting a N$C, you should consider the following:
?esource settings N$Cs re(uire specific computer resources in order to operate. &fter you
install a card or add new devices, you should check for device conflicts.
*peed settings $f you are not getting the e!pected speed from the N$C, you should
confirm the speed settings and, if applicable, the duple! settings.
&rotocols $n order for the N$C to work on the network, it must have a valid protocol
assigned to it, and all addressing information needs to be in place.
'aulty card *ome N$Cs are faulty when they ship from the manufacturer, and some are
damaged through poor handling. To test for this, you can swap the card with one that is
known to be working.
Netor!in$ " Troubles*ootin$ and
Supportin$ t*e Netor!
Troubles*ootin$ and Supportin$ t*e
Netor!
Many duties and responsi'ilities fall under the um'rella of network
administration. ?f all these# one of the most practiced is that of trou'leshooting.
No matter how well a network is designed and how many preventative
maintenance schedules are in place# trou'leshooting will always 'e necessary.
2ecause of this# network administrators have to develop those trou'leshooting
skills.
his tutorials focuses on all areas of trou'leshooting# including trou'leshooting
'est practices and some of the tools and utilities you;ll use to assist in the
trou'leshooting process. o start# we;ll look at the impact of modifying network
services.
&redictin$ t*e Impact of Modif,in$, Addin$,
or Removin$ Netor! Services
All network services re7uire a certain amount of network resources in order to
function. he amount of resources re7uired depends on the e%act service 'eing
used. 2efore implementing or removing any service on a network# it is very
important to understand the impact that these services can have on the entire
network. o provide some idea of the demands various services place on the
network# this section outlines some of the most common network services and
the impact their addition# modification# or removal might have on the network
and clients.
Addin$, Modif,in$, or Removin$ DH#&
DBC2 automatically assigns TC28$2 addressing to computers when they /oin the network
and automatically renews the addresses before they e!pire. The advantage of using DBC2 is
the reduced number of addressing errors, which makes network maintenance much easier.
+ne of the biggest benefits of using DBC2 is that the reconfiguration of $2 addressing can be
performed from a central location, with little or no effect on the clients. $n fact, you can
reconfigure an entire $2 addressing system without the users noticing. &s always, a cost is
associated with everything good, and with DBC2, the cost is increased network traffic.
Kou know what the function of DBC2 is and the service it provides to the network, but what
impact does the DBC2 service have on the network itselfH *ome network services can
consume huge amounts of network bandwidth, but DBC2 is not one of them. The traffic
generated between the DBC2 server and the DBC2 client is minimal during normal usage
periods.
The bulk of the network traffic generated by DBC2 occurs during two phases of the DBC2
communication process: when the lease of the $2 address is initially granted to the client
system and when that lease is renewed. The entire DBC2 communication process takes less
than a second, but if there are a very large number of client systems, the communication
process can slow down the network.
'or most network environments, the traffic generated by the DBC2 service is negligible. 'or
environments in which DBC2 traffic is a concern, you can reduce this traffic by increasing
the lease duration for the client systems, thereby reducing communication between the
DBC2 client and the server.
$f the DBC2 service has to be removed, it can have a significant impact on network users.
&ll client systems re(uire a valid $2 address to get onto the network. $f DBC2 is unavailable,
each client system would need to be configured with a static $2 address. Because DBC2 $2
addressing is automatic and does not assign duplicate $2 addresses, as sometimes happens
with manual entries, DBC2 is the preferred method of network $2 assignment.
$f DBC2 is added to a network, all client systems will need to be configured to use DBC2. $n
a 3indows environment, this is as easy as selecting a radio button to use DBC2. $f client
systems are not configured to use the DBC2 server, they will not be able to access the
network.
Addin$, Modif,in$, or Removin$ 9INS
3$N* is used on icrosoft networks to facilitate communications between computers by
resolving NetB$+* names to $2 addresses. 0ach time a computer starts, it registers itself with
a 3$N* server by contacting that server over the network. $f that system then needs to
contact another device on the network, it can contact the 3$N* server to get the NetB$+*
name resolved to an $2 address. $f you are thinking about not using 3$N*, you should know
that the alternative is for computers to identify themselves and resolve NetB$+* names to $2
addresses via broadcasts. Broadcasts are inefficient because all data is transmitted to every
device on the network segment. Broadcasts can be a significant problem for large network
segments. &lso, if a network has more than one segment, you cannot browse to remote
segments because broadcasts are not typically forwarded by routers, which will eliminate this
method of resolution.
Because 3$N* actually replaces the broadcast communication on a network, it has a positive
impact on network resources and bandwidth usage. This does not mean that 3$N* does not
generate any network traffic /ust that the traffic is more organi5ed and efficient. The amount
of network traffic generated by 3$N* clients to a 3$N* server is minimal and should not
have a negative impact in most network environments.
3$N* server information can be entered manually into the TC28$2 configuration on a
system, or it can be supplied via DBC2. $f the 3$N* server addresses change and the client
configuration is being performed manually, each system needs to be reconfigured with the
new 3$N* server addresses. $f you are using DBC2, you need to update only the DBC2
scope with the new information.
?emoving 3$N* from a network increases the amount of broadcast traffic and can
potentially limit browsing to a single segment unless another method of resolution "such as
the use of the statically maintained <@AOS,S file# is in place.
Addin$, Modif,in$, or Removin$ DNS
The function of DN* is to resolve hostnames to $2 addresses. 3ithout such a service,
network users would have to identify a remote system by its $2 address rather than by its
easy)to)remember hostname.
Name resolution can be provided dynamically by a DN* server, or it can be accomplished
statically, using the AOS,S file on the client system. $f you are using a DN* server, the $2
address of the DN* server is re(uired. DN* server addresses can be entered manually, or
they can be supplied through a DBC2 server.
Identif, and Troubles*oot +rrors it* a
&articular &*,sical Topolo$,
0ach of the physical network topologies re7uires its own trou'leshooting
strategies and methods. !hen trou'leshooting a network# it is important to know
which topology is used as it can greatly impact the procedures used to resolve
any pro'lems. his section lists each of the respective physical network
topologies and some common trou'leshooting strategies.
Star Topolo$,
The most common topology used today is the star topolog#. The star topology uses a central
connection point such as a hub in which all devices on the network connect. 0ach device on the
network uses its own length of cable, thus allowing devices to be added or removed from the
network without disruption to current network users. 3hen troubleshooting a physical star
network, consider the following:
The central device, hubs or switches, provides a single point of failure. 3hen
troubleshooting a loss of connectivity for several users, it might be a faulty hub. Try
placing the cables in a known working hub to confirm.
Bubs and switches provide light)emitting diodes "%0Ds# that provide information
regarding the port status. 'or instance, by using the %0Ds, you can determine whether
there is a /abbering network card, whether there is a proper connection to the network
device, and whether there are too many collisions on the network.
0ach device, printer, or computer connects to a central device using its own length of
cable. 3hen troubleshooting a connectivity error in a star network, it might be necessary
to verify that the cable works. This can be done by swapping the cable with a known
working one or using a cable tester.
0nsure that the patch cables and cables have the correct specifications.
'igure , shows how a single cable break would affect other client systems on the network.
Fi$ure % Identif,in$ cable brea!s in a star netor!(
Rin$ Topolo$,
&lthough not as commonly used as it once was, you might find yourself troubleshooting a ring
network. ost ring networks are logical rings, meaning that each computer is logically
connected to each other. & physical ring topology is a rare find but a 'iber Distributed Data
$nterface "'DD$# is often configured in a physical ring topology. & logical ring topology uses a
central connecting device as with a star network called a multistation access unit "*&1#. 3hen
troubleshooting either a logical or physical ring topology, consider the following:
& physical ring topology uses a single length of cable interconnecting all computers and
forming a loop. $f there is a break in the cable, all systems on the network will be unable
to access the network.
The *&1 on a logical ring topology represents a single point of failure. $f all devices
are unable to access the network, it might be that the *&1 is faulty.
>erify that the cabling and connectors have the correct specifications.
&ll Network $nterface Cards "N$Cs# on the ring network must operate at the same speed.
3hen connecting *&1s in a ring network, ensure that the ring in and ring out
configuration is properly set.
'igure . shows how a single cable break would affect other client systems on a physical ring
network.
Fi$ure / Identif,in$ cable brea!s in a p*,sical rin$ netor!(
Bus Netor! +rrors
Troubleshooting a bus network can be a difficult and frustrating task. The following list contains
a few hotspots to be aware of when troubleshooting a bus network:
& bus topology must be continuous. & break in the cable at any point will render the
entire segment unusable. $f the location of the break in the cable is not apparent, you can
check each length of cable systematically from one end to the other to identify the
location of the break, or you can use a tool such as a time domain reflectometer, which
can be used to locate a break in a cable.
The cable used on a bus network has two distinct physical endpoints. 0ach of these cable
ends re(uires a terminator. Terminators are used to absorb electronic signals so that they
are not reflected back on the media, compromising data integrity. & failed or missing
terminator will render the entire network segment unusable.
The addition, removal, or failure of a device on the network might prevent the entire
network from functioning. &lso, the coa!ial cable used in a bus network can be damaged
very easily. oving cables in order to add or remove devices can cause cable problems.
The T connectors used on bus networks do allow devices to be added and removed
without necessarily affecting the network, but care must be taken when doing this.
+ne end of the bus network should be grounded. $ntermittent problems or a high
occurrence of errors can indicate poor or insufficient grounding.
'igure 9 shows how a single cable break would affect other client systems on a bus network.
Fi$ure 4 Identif,in$ cable brea!s in a bus netor!(
Mes* Netor! +rrors
& mesh topology offers high redundancy by providing several paths for data to reach its
destination. $n a true mesh network, each device on the network is connected to every other
device, and if one cable fails, there is another to provide an alternative data path. &lthough a
mesh topology is resilient to failure, the number of connections involved can make a mesh
network somewhat tricky to troubleshoot.
3hen troubleshooting a mesh network, consider the following points:
& mesh topology interconnects all devices on the network, offering the highest level of
redundancy of all the topologies. $n a pure mesh environment, all devices are directly
connected to all other devices. $n a hybrid mesh environment, some devices are
connected only to certain others in the topology.
&lthough a mesh topology can accommodate failed links, mechanisms should still be in
place so that failed links are detected and reported.
Design and implementation of a true mesh network can be comple! and often re(uires
speciali5ed hardware devices.
Infrastructure Troubles*ootin$
No doubt, you will find yourself troubleshooting wiring and infrastructure problems less
fre(uently than you4ll troubleshoot client connectivity problems and thankfully so.
3iring) and infrastructure)related problems can be very difficult to trace, and sometimes
a very costly solution is needed to remedy the situation. 3hen troubleshooting these
problems, a methodical approach is likely to pay off.
& network infrastructure refers to the physical components that are used to create the
network. This includes the media used, switches, routers, bridges, patch panels, hubs and
so on.
3hen troubleshooting the infrastructure it is important to know where these devices are
on the network and what they are designed to do. $n this section we e!plore two essential
infrastructure components, media and hardware components.
Troubles*ootin$ Netor! Media
The physical connections used to create the networks are sometimes at the root of a
network connectivity error. Troubleshooting wiring involves knowing what wiring your
network uses and where it is being used. 3hen troubleshooting network media consider:
edia range "attenuation# &ll cables used in networking have certain limitations, in terms
of distance. $t might be that the network problems are a result of trying to use a cable in
an environment or a way for which it was not designed. 'or e!ample, you might find that
a network is connecting two workstations that are ,9- meters apart with Category < 1T2
cabling. Category < 1T2 is specified for distances up to ,-- meters, so e!ceeding the
ma!imum cable length can be a potential cause of the problem. The first step in
determining the allowable cable distance is to identify the type of cable used.
Determining the cable type is often as easy as reading the cable. The cable should be
stamped with its type whether it is, for e!ample, 1T2 Category <, ?6)<@, or something
else.
0$ and crosstalk interference Copper)based media is sub/ect to the effects of 0$ and
crosstalk interference. 1T2 cables are particularly susceptible to 0$ caused by devices
such as power lines, electric motors, fluorescent lighting and so on. Consider using
plenum rated cable in environments where cables are run through areas where 0$ may
occur. This includes heating ducts, elevator shafts and through ceilings around lighting
fi!tures. Crosstalk occurs when cables are run in close pro!imity and the signals from
one interfere with the signals on the other. This can be hard to troubleshoot and isolate, so
when designing a network ensure that crosstalk preventative measures are taken.
Throughout limitations & problem with a particular media may be simply that it cannot
accommodate the throughout re(uired by the network. This would create network)wide
bottlenecks. $t may be necessary to update the network media to correct the problem, for
instance, upgrading the network backbone to fiber optic media.
edia connectors Troubleshooting media re(uires verifying that the connectors are
correctly attached. $n the case of 1T2 or coa!ial, sometimes it may be necessary to swap
out a cable with a known working one to test. 'or fiber, different types of connectors are
used in fiber optic cabling. Before implementing a fiber solution, ensure that the switches
and routers used match with the connectors used with the fiber optic cable.
Troubles*ootin$ Infrastructure Hardare
$f you are looking for a challenge, troubleshooting hardware infrastructure problems is
for you. $t is often not an easy task and usually involves many processes, including base
lining and performance monitoring. +ne of the keys to identifying the failure of a
hardware network device is to know what devices are used on a particular network and
what each device is designed to do. *ome of the common hardware components used in a
network infrastructure are shown in Table ,.
Table , Common network hardware components, their function and troubleshooting strategies.
Netor!in$
Device Si$ns Function Troubles*ootin$ and Failure
Bubs Bubs are used with a star
network topology and 1T2
cable to connect multiple
systems to a centrali5ed
physical device.
Because hubs connect multiple network devices, if
many devices are unable to access the network, the
hub may have failed. 3hen a hub fails,all devices
connected to it will be unavailable to access the
network. &dditionally, hubs use broadcasts and
forward data to all the connected ports increasing
network traffic. 3hen network traffic is high and
the network is operating slowly, it may be necessary
to replace slow hubs.
*witches %ike hubs, switches are
used with a star topology to
create a central connectivity
device.
The inability of several network devices to access
the network may indicate a failed switch. $f the
switch fails, all devices connected to the switch will
be unable to access the network. *witches forward
data only to the intended recipient allowing them to
better manage data than hubs.
?outers ?outers are used to separate
broadcast domains and to
connect different networks.
$f a router fails, network clients will be unable to
access remote networks connected by the router. 'or
e!ample, if clients access a remote office through a
network router and the router fails, the remote office
Table , Common network hardware components, their function and troubleshooting strategies.
Netor!in$
Device Si$ns Function Troubles*ootin$ and Failure
would be unavailable. Testing router connectivity
can be done using utilities such as ping and tracert.
Bridges Bridges are commonly used
to connect network
segments within the same
network. Bridges manage
the flow of traffect between
these network segments.
& failed bridge would prevent the flow of traffic
between network segments. $f communication
between network segments has failed, it may be due
to a failed bridge.
3ireless
&ccess 2oints
3ireless access points
provide the bridge between
the wired and wireless
network.
$f wireless clients are unable to access the wired
network, the 3&2 may have failed. Bowever, there
are many configuration settings to verify first.
Troubles*ootin$ a 9ireless Infrastructure
!ireless networks do not re7uire physical ca'le to connect computers+ rather#
they use wireless media. he 'enefits of such a configuration are clearusers
have remote access to files and resources without the need for physical
connections. !ireless networking eliminates ca'le faults and ca'le 'reaks. It
does# however# introduce its own considerations such as signal interference and
security.
9ireless Si$nal Bualit,
Because wireless signals travel through the atmosphere, they are sub/ected to environmental
factors that can weaken data signals. 0verything from electrical devices, storms, ?' interference,
and obstacles such as trees can weaken wireless data signals. Aust how weakened the signal
becomes depends on many factors7 however, all of these elements serve to decrease the power of
the wireless signal.
$f you are troubleshooting a wireless connection that has a particularly weak signal, there are a
few infrastructure changes that can be done to help increase the power of a signal.
&ntenna 2erhaps the first and most obvious thing to check is to ensure that the antenna on
the wireless access point is positioned for best reception7 this will often take a little trial
and error to get the placement right. Today4s wireless access cards commonly ship with
diagnostic software that displays signal strength.
Device 2lacement +ne of the factors that can degrade wireless signals is ?' interference.
Because of this, it is important to try and keep wireless devices away from appliances that
output ?' noise. This includes devices such as microwaves, certain cordless devices
using the same fre(uency, and electrical devices.
Network %ocation &lthough there might be limited choice, as much as possible, it is
important to try to reduce the number of obstructions that the signal must pass through.
0very obstacle strips a little more power from the signal. The type of material a signal
must pass through also can have a significant impact on the signal integrity.
Boost *ignal $f all else fails, it is possible to purchase devices such as wireless repeaters
that can amplify the wireless signal. The device takes the signal and amplifies it so that
the signal has greater strength. This will also increase the distance that the client system
can be placed from the 3&2.
$n order to successfully manage the wireless signals, you will need to know the wireless standard
that you are using. The standards that are used today specify range distances, ?' ranges, and
speeds. $t might be that the wireless standard is not capable of doing what you need. Table .
highlights the characteristics of common wireless standards.
Table . Comparing 3ireless *tandards
Standard Speed Ran$e Fre<uenc, #oncerns
@-..,,a 1p to
<;bps
.<C< feet <6B5 Not compatible with @-..,,g or @-..,,b
@-..,,b 1p to
,,bps
1p to ,<-
feet
..;6B5 ight conflict with other devices using the
..;6B5 range
@-..,,g 1p to
<;bps
1p to ,<-
feet
..;6B5 ight conflict with other devices using the
..;6B5 range
Bluetooth C.-Fbps 99 feet ..;6B5 ight conflict with other devices using the
..;6B5 range
&s you can see in Table ., the speeds are listed with the G1p toG disclaimer. This is because each
standard will decrease the data rate if there is interference. @-..,,b wireless link offers speeds up
to ,,bps, but it will automatically back down from ,,bps to <.<, ., and ,bps when the
radio signal is weak or when interference is detected. @-..,,g auto sensing rates are ,, ., <.<, :,
D, ,., ,@, .;, 9:, ;@, and <; bps. 'inally, @-..,,a provides rates up to <;bps, but will
automatically back down to rates ;@, 9:, .;, ,@, ,., D, and :bps.
9ireless #*annels
?' channels are important parts of wireless communications. & channel is the fre(uency band
used for the wireless communication. 0ach standard specifies the channels that can be used. The
@-..,,a standards specifies radio fre(uencies ranging between <.,< and <.@C<6B5. $n contrast,
@-..,,b and @-..,,g standards operate between the ..; to ..;DC6B5 range. &s far as channels
are concerned, @-..,,a has a wider fre(uency band, allowing more channels and therefore more
data throughput. &s a result of the wider band, @-..,,a supports up to eight nonoverlapping
channels. @-..,,b8g standards use the smaller band and support only up to three nonoverlapping
channels.
$t is recommended that the nonoverlapping channels be used for communication. $n the 1nited
*tates, @-..,,b8g uses ,, channels for data communication as mentionedthree of these, channels
,, :, and ,,, are nonoverlapping channels. ost manufacturers set their default channel to one of
the nonoverlapping channels to avoid transmission conflicts. 3ith wireless devices, you have the
option of selecting which channel your 3%&N operates on in order to avoid interference from
other wireless devices that operate in the ..;6B5 fre(uency range.
3hen troubleshooting a wireless network, be aware that overlapping channels can disrupt the
wireless communications. 'or e!ample, in many environments, &2s are inadvertently placed
closely together. 2erhaps two access points in separate offices are located ne!t door to each other
or between floors. *ignal disruption will result if there is channel overlap between the access
points. The solution here is to try and move the access point to avoid the problem with the
overlap or change channels to one of the other nonoverlapping channels. 'or e!ample, switch
from channel : to channel ,,.
&s far as troubleshooting is concerned, you would typically only change the channel of a
wireless device if there is a channel overlap with another device. $f a channel must be changed, it
must be changed to another nonoverlapping channel.
SSIDs
The *ervice *et $dentifier "**$D# is a configurable client identification that allows clients to
communicate to a particular base station. $n application, only clients that are configured with the
same **$D can communicate with base stations having the same **$D. **$D provides a simple
password arrangement between base stations and clients.
&s far as troubleshooting is concerned, if a client is not able to access a base station, ensure that
both are using the same **$D. $ncompatible **$Ds are sometimes found when clients move
computers, such as laptops, between different wireless networks. They obtain an **$D from one
network and then if the system is not rebooted, the old **$D won4t allow communication to a
different base station.
9+& Settin$s
The 3ired 0(uivalent 2rivacy "302# is a security protocol for wireless networks that encrypts
transmitted data . 302 is easy to configure with only three possible security options+ff "no
security#, :;)bit "basic security#, and ,.@)bit "stronger security#. 302 is not difficult to crack,
and using it reduces performance slightly.
$f your network operates with 302 turned off, your system is very open for someone to access
your data. Depending on the sensitivity of your data, you can choose between the :;)bit and ,.@)
bit encryption. &lthough the ,.@)bit 302 encryption provides greater security, it does so at a
performance cost. :;)bit offers less impact on system performance and less security.
&s far as troubleshooting is concerned, in order for wireless communication to take place,
wireless devices must all use the same 302 setting. ost devices are set to +ff by default7 if
changed, all clients must use the same settings.
9ireless A& #overa$e
%ike any other network media, &2s have a limited transmission distance. This limitation is an
important consideration when deciding where an &2 should be placed on the network. 3hen
troubleshooting a wireless network, pay close attention to the distance that client systems are
away from the &2.
3hen faced with a problem in which client systems cannot consistently access the &2, you could
try moving the &2 to better cover the area, but then you might disrupt access for users in other
areas. *o what can be done to troubleshoot &2 coverageH
Depending on the network environment, the (uick solution might be to throw money at the
solution and purchase another access point, cabling, and other hardware, and e!pand the
transmission area through increased hardware. Bowever, there are a few things to try before
installing another wireless access point. The following list starts with the least e!pensive solution
to the most e!pensive.
$ncrease transmission power *ome access points have a setting to ad/ust the transmission
power output. By default, most of these settings will be set to the ma!imum output7
however, it is worth verifying /ust in case. &s a side note, the transmission power can be
decreased if trying to reduce the dispersion of radio waves beyond the immediate
network. $ncreasing the power would provide clients stronger data signals and greater
transmission distances.
?elocate the &2 3hen wireless client systems suffer from connectivity problems, the
solution might be as simple as relocating the 3&2 to another location. $t might be that it
is relocated across the room, a few feet, or across the hall. 'inding the right location will
likely take a little trial and error.
&d/ust or replace antennas $f the access point distance is not sufficient for some network
clients, it might be necessary to replace the default antenna used with both the &2 and the
client with higher end antennas. 1pgrading an antenna can make a big difference in terms
of transmission range. 1nfortunately, not all 3&2s have replaceable antennas.
*ignal amplification ?' amplifiers add significant distance to wireless signals. &n ?'
amplifier increases the strength and readability of the data transmission. The amplifier
provides improvement of both the received and transmitted signals, resulting in an
increase in wireless network performance.
1se a repeater Before installing a new &2, you might want to first think about a wireless
repeater. 3hen set to the same channel as the &2, the repeater will take the transmission
and repeat it. *o, the 3&2 transmission gets to the repeater, and then the repeater
duplicates the signal and passes it forward. $t is an effective strategy to increase wireless
transmission distances.
Troubles*ootin$ Steps and &rocedures
?egardless of the problem, effective network troubleshooting follows some specific
troubleshooting steps. These steps provide a framework in which to perform the
troubleshooting process and, when followed, can reduce the time it takes to isolate and
fi! a problem. The following sections discuss the common troubleshooting steps and
procedures.
,. $dentify the symptoms and potential causes.
.. $dentify the affected area.
9. 0stablish what has changed.
;. *elect the most probable cause.
<. $mplement an action plan and solution including potential effects.
:. Test the result.
C. $dentify the results and effects of the solution.
@. Document the solution and process.
Identif, t*e S,mptoms and &otential #auses
The first step in the troubleshooting process is to establish e!actly what the symptoms of the
problem are. This stage of the troubleshooting process is all about information gathering. To get
this information, we need knowledge of the operating system used, good communication skills,
and a little patience. $t is very important to get as much information as possible about the
problem. Kou can glean information from three key sources: the computer "in the form of logs
and error messages#, the computer user e!periencing the problem, and your own observation.
+nce you have identified the symptoms, you can begin to formulate some of the potential causes
of those symptoms.
Identif,in$ t*e Affected Area
*ome computer problems are isolated to a single user in a single location7 others affect several
thousand users spanning multiple locations. 0stablishing the affected area is an important part of
the troubleshooting process, and it will often dictate the strategies you use in resolving the
problem.
2roblems that affect many users are often connectivity issues that disable access for many users.
*uch problems can often be isolated to wiring closets, network devices, and server rooms. The
troubleshooting process for problems that are isolated to a single user will often begin and end at
that user4s workstation. The trail might indeed lead you to the wiring closet or server, but that is
not likely where the troubleshooting process would begin. 1nderstanding who is affected by a
problem can provide you with the first clues about where the problem e!ists.
+stablis*in$ 9*at Has #*an$ed
!hether there is a pro'lem with a workstation;s access to a data'ase or an
entire network# keep in mind that they were working at some point. Although
many claim that the Fcomputer 9ust stopped working#F it is unlikely. 8ar more
likely is that there have 'een changes to the system or the network that caused
the pro'lem. &ook for newly installed applications# applied patches or updates#
new hardware# a physical move of the computer# or a new username and
password. 0sta'lishing any recent changes to a system will often lead you in the
right direction to isolate and trou'leshoot a pro'lem.
Selectin$ t*e Most &robable #ause of t*e
&roblem
There can be many different causes for a single problem on a network, but with appropriate
information gathering, it is possible to eliminate many of them. 3hen looking for a probable
cause, it is often best to look at the easiest solution first and then work from there. 0ven in
the most comple! of network designs, the easiest solution is often the right one. 'or instance,
if a single user cannot log on to a network, it is best to confirm network settings before
replacing the N$C. ?emember, though, that at this point, you are only trying to determine the
most probable cause, and your first guess might, in fact, be incorrect. $t might take a few tries
to determine the correct cause of the problem.
Implement an Action &lan and Solution
Includin$ &otential +ffects
&fter identifying a cause, but before implementing a solution, you should develop a plan for the
solution. This is particularly a concern for server systems in which taking the server offline is a
difficult and undesirable prospect. &fter identifying the cause of a problem on the server, it is
absolutely necessary to plan for the solution. The plan must include details around when the
server or network should be taken offline and for how long, what support services are in place,
and who will be involved in correcting the problem.
2lanning is a very important part of the whole troubleshooting process and can involve formal or
informal written procedures. Those who do not have e!perience troubleshooting servers might be
wondering about all the formality, but this attention to detail ensures the least amount of network
or server downtime and the ma!imum data availability.
3ith the plan in place, you should be ready to implement a solution that is, apply the patch,
replace the hardware, plug in a cable, or implement some other solution. $n an ideal world, your
first solution would fi! the problem, although unfortunately this is not always the case. $f your
first solution does not fi! the problem, you will need to retrace your steps and start again.
$t is important that you attempt only one solution at a time. Trying several solutions at once can
make it very unclear which one actually corrected the problem.
Testin$ t*e Results
&fter the corrective change has been made to the server, network, or workstation, it is necessary
to test the resultsnever assume. This is when you find out if you were right and the remedy you
applied actually worked. Don4t forget that first impressions can be deceiving, and a fi! that seems
to work on first inspection might not actually have corrected the problem.
The testing process is not always as easy as it sounds. $f you are testing a connectivity problem,
it is not difficult to ascertain whether your solution was successful. Bowever, changes made to
an application or to databases you are unfamiliar with are much more difficult to test. $t might be
necessary to have people who are familiar with the database or application run the tests with you
in attendance.
Identif, t*e Results and +ffects of t*e
Solution
*ometimes, you will apply a fi! that corrects one problem but creates another problem. any
such circumstances are hard to predict but not always. 'or instance, you might add a new
network application, but the application re(uires more bandwidth than your current network
infrastructure can support. The result would be that overall network performance would be
compromised.
0verything done to a network can have a ripple effect and negatively affect another area of the
network. &ctions such as adding clients, replacing hubs, and adding applications can all have
unforeseen results. $t is very difficult to always know how the changes you make to a network
are going to affect the network4s functioning. The safest thing to do is assume that the changes
you make are going to affect the network in some way and reali5e that you /ust have to figure out
how. This is when you might need to think outside the bo! and try to predict possible outcomes.
Documentin$ t*e Solution
&lthough it is often neglected in the troubleshooting process, documentation is as important as
any of the other troubleshooting procedures. Documenting a solution involves keeping a record
of all the steps taken during the fi! not necessarily /ust the solution.
'or the documentation to be of use to other network administrators in the future, it must include
several key pieces of information. 3hen documenting a procedure, you should include the
following information:
Date 3hen was the solution implementedH $t is important to know the date because if
problems occur after your changes, knowing the date of your fi! makes it easier to
determine whether your changes caused the problems.
3hy &lthough it is obvious when a problem is being fi!ed why it is being done, a few
weeks later, it might become less clear why that solution was needed. Documenting why
the fi! was made is important because if the same problem appears on another system,
you can use this information to reduce time finding the solution.
3hat The successful fi! should be detailed, along with information about any changes to
the configuration of the system or network that were made to achieve the fi!. &dditional
information should include version numbers for software patches or firmware, as
appropriate.
?esults any administrators choose to include information on both successes and
failures. The documentation of failures might prevent you from going down the same
road twice, and the documentation of successful solutions can reduce the time it takes to
get a system or network up and running.
3ho $t might be that information is left out of the documentation or someone simply
wants to ask a few (uestions about a solution. $n both cases, if the name of the person
who made a fi! is in the documentation, he or she can easily be tracked down. +f course,
this is more of a concern in environments in which there are a number of $T staff or if
system repairs are performed by contractors instead of actual company employees.
Netor!in$ " 9AN Tec*nolo$ies Internet
Access And Securit, &rotocols
!AN echnologies Internet Access# and 4ecurity )rotocols
Many technologies are used to create today;s wide area networks (!ANs*. 0ach
of these technologies has advantages and disadvantages# making some of them
well suited for certain environments and completely impractical in others. 0ach
of the technologies varies in terms of media# speed# availa'ility# and cost. his
tutorial e%amines various !AN technologies and the protocols used to secure
and esta'lish the connections.
9AN Tec*nolo$ies
Many of today;s network environments are not restricted to a single location or
&AN. Instead# many of these networks span great distances# 'ecoming wide area
networks (!ANs*. !hen they do# hardware and software are needed to connect
these networks. his section reviews the characteristics of various !AN
technologies. 2efore we go on to discuss the specific !AN technologies# we must
first look at an important element of the !AN technologies switching methods.
Sitc*in$ Met*ods
$n order for systems to communicate on a network, there has to be a communication path or
multiple paths between which the data can travel. To communicate with another entity, these
paths move the information from one location to another and back. This is the function of
switching. *witching provides communication pathways between two endpoints and manages
how data is to flow between these endpoints. Two of the more common switching methods used
today include:
2acket switching
Circuit switching
&ac!et Sitc*in$
$n packet switching, messages are broken down into smaller pieces called packets. 0ach packet is
assigned source, destination, and intermediate node addresses. 2ackets are re(uired to have this
information because they do not always use the same path or route to get to their intended
destination. ?eferred to as independent routing, this is one of the advantages of packet switching.
$ndependent routing allows for a better use of available bandwidth by letting packets travel
different routes to avoid high)traffic areas. $ndependent routing also allows packets to take an
alternate route if a particular route is unavailable for some reason.
$n a packet)switching system, when packets are sent onto the network, the sending device is
responsible for choosing the best path for the packet. This path might change in transit, and it is
possible for the receiving device to receive the packets in a random or nonse(uential order.
3hen this happens, the receiving device waits until all the data packets are received, and then it
reconstructs them according to their built)in se(uence numbers.
Two types of packet)switching methods are used on networks: virtual)circuit packet switching
and datagram packet switching.
>irtual)Circuit 2acket *witching 3hen virtual)circuit switching is used, a logical
connection is established between the source and the destination device. This logical
connection is established when the sending device initiates a conversation with the
receiving device. The logical communication path between the two devices can remain
active for as long as the two devices are available or can be used to send packets once.
&fter the sending process has completed, the line can be closed.
Datagram 2acket *witching 1nlike virtual)circuit packet switching, datagram packet
switching does not establish a logical connection between the sending and transmitting
devices. The packets in datagram packet switching are independently sent, meaning that
they can take different paths through the network to reach their intended destination. To
do this, each packet must be individually addressed to determine where its source and
destination are. This method ensures that packets take the easiest possible routes to their
destination and avoid high)traffic areas.
#ircuit Sitc*in$
$n contrast to the packet)switching method, circuit switching re(uires a dedicated
physical connection between the sending and receiving devices. The most commonly
used analogy to represent circuit switching is a telephone conversation in which the
parties involved have a dedicated link between them for the duration of the conversation.
3hen either party disconnects, the circuit is broken and the data path is lost. This is an
accurate representation of how circuit switching works with network and data
transmissions. The sending system establishes a physical connection, the data is
transmitted between the two, and when the transmission is complete, the channel is
closed.
*ome clear advantages to the circuit)switching technology make it well suited for certain
applications. The primary advantage is that after a connection is established, there is a
consistent and reliable connection between the sending and receiving device. This allows
for transmissions at a guaranteed rate of transfer.
%ike all technologies, circuit switching has downsides. &s you might imagine, a
dedicated communication line can be very inefficient. &fter the physical connection is
established, it is unavailable to any other sessions until the transmission is complete.
&gain, using the phone call analogy, this would be like a caller trying to reach another
caller and getting a busy signal. Circuit switching can therefore be fraught with long
connection delays.
Inte$rated Services Di$ital Netor!
)ISDN3
$*DN has long been an alternative to the slower modem 3&N connections but at a
higher cost. $*DN allows the transmission of voice and data over the same physical
connection.
$*DN connections are considerably faster than regular modem connections. To access
$*DN, a special phone line is re(uired, and this line is usually paid for through a monthly
subscription. Kou can e!pect these monthly costs to be significantly higher than those for
traditional dial)up modem connections.
To establish an $*DN connection, you dial the number associated with the receiving
computer, much as you do with a conventional phone call or modem dial)up connection.
& conversation between the sending and receiving devices is then established. The
connection is dropped when one end disconnects or hangs up. The line pickup of $*DN is
very fast, allowing a connection to be established, or brought up, much more (uickly than
a conventional phone line.
$*DN has two defined interface standards Basic ?ate $nterface "B?$# and 2rimary ?ate
$nterface "2?$#.
BRI
$%I IS&N uses three separate channels two bearer "B# channels of :;Fbps each and a delta "D#
channel of ,:Fbps. B channels can be divided into ; D channels, which allows businesses to
have @ simultaneous $nternet connections. The B channels carry the voice or data, and the D
channels are used for signaling.
The two B channels can be used independently as :;Fbps carriers, or they can be combined to
provide ,.@Fbps transfer sp
&RI
2?$ is a form of $*DN that is generally carried over a T, line and can provide transmission rates
of up to ,.<;;bps. 2?$ is composed of .9 B channels, each providing :;Fbps for data8voice
capacity, and one :;Fbps D channel, which is used for signaling. Table , compares B?$ and 2?$
$*DN.
Table , B?$ and 2?$ $*DN Comparison
#*aracteristic &RI BRI
*peed ,.<;;bps ,.@Fbps
Channels .9B=D .B=D
Transmission carrier T, $*DN
Fiber Distributed Data Interface )FDDI3
DD$ is an &merican National *tandards $nstitute "&N*$# topology standard that uses fiber)optic
cable and token)passing media access.
'DD$ is implemented using both multimode and single)mode fiber cable and can reach
transmissions speeds of up to ,--bps at distances of more than . kilometers. 'DD$ combines
the strengths of Token ?ing, the speed of 'ast 0thernet, and the security of fiber)optic cable.
*uch advantages make 'DD$ a strong candidate for creating network backbones and connecting
private %&Ns to create &Ns and 3&Ns.
1nlike the regular @-..< network standard, 'DD$ uses a dual)ring configuration. The first, or
primary, ring is used to transfer the data around the network, and the secondary ring is used for
redundancy and fault tolerance7 the secondary ring waits to take over if the primary ring fails. $f
the primary ring fails, the secondary ring kicks in automatically, with no disruption to network
users.
'DD$ has a few significant advantages some of which stem directly from the fact that it uses
fiber)optic cable as its transmission media. These include a resistance to 0$, the security
offered by fiber, and the longer distances available with fiber cable. $n addition to the advantages
provided by the fiber)optic cable, 'DD$ itself has a few strong points, including
'ault)tolerant design By using a dual)ring configuration, 'DD$ provides some fault
tolerance. $f one cable fails, the other can be used to transmit the data throughout the
network.
*peed because of the use of multiple tokens 1nlike the $000 @-..< standard, 'DD$ uses
multiple tokens, which increase the overall network speed.
Beaconing 'DD$ uses beaconing as a built)in error)detection method, making finding
faults, such as cable breaks, a lot easier.
%ike every technology, there are always a few caveats:
Bigh cost The costs associated with 'DD$ and the devices and cable needed to implement
an 'DD$ solution are very costly7 too costly for many small organi5ations.
$mplementation difficulty 'DD$ setup and management can be very comple!, re(uiring
trained professionals with significant e!perience to manage and maintain the cable and
infrastructure.
T"carrier 2ines
T'carrier lines are high)speed dedicated digital lines that can be leased from telephone
companies. This creates an always open, always available line between you and whomever you
choose to connect to when you establish the service. T)carrier lines can support both voice and
data transmissions and are often used to create point)to)point private networks. Because they are
a dedicated link, they can be a costly 3&N option. 'our types of T)carrier lines are available:
T, T, lines offer transmission speeds of ,.<;;bps, and they can create point)to)point
dedicated digital communication paths. T, lines have commonly been used for
connecting %&Ns.
T. T. leased lines offer transmission speeds of :.9,.bps. They accomplish this by
using D: :;Fbps B channels.
T9 T9 lines offer transmission speeds of up to ;;.C9:bps, using :C. :;Fbps B
channels.
T; T; lines offer impressive transmission speeds of up to .C;.,C:bps by using ;,-9.
:;Fbps B channels
+f these T)carrier lines, the ones commonly associated with networks.
$t is important to point out that T)carrier is the designation to the technology used in the 1nited
*tates and Canada. $n 0urope, they are referred to as 0)carriers and in Aapan, A)carriers. Table .
shows the T808A carriers.
Table . Comparing T808A Carriers
Name Transmission Speed
T), ,.<;;bps
T),C 9.,<.bps
T). :.9,.bps
T)9 ;;.C9:bps
T); .C;.,C:bps
A)- :;Fbps
A), ,.<;;bps
A),C 9.,<.bps
A). :.9,.bps
A)9 9..-:;bps
A)9C DC.C.@bps
A); 9DC..--bps
0)- :;Fbps
0), ..-;@bps
0). @.;;@bps
0)9 9;.9:@bps
0); ,9D..:;bps
0)< <:<.,;@bps
S=N+T:=#"x 2evels
Bell Communications ?esearch developed *+N0T, a fiber)optic 3&N technology that delivers
voice, data, and video at speeds in multiples of <,.@;bps. Bell4s main goals in creating *+N0T
were to create a standardi5ed access method for all carriers and to unify different standards
around the world. *+N0T is capable of transmission speeds between <,.@;bps and ..;@@6bps.
+ne of Bell4s biggest accomplishments with *+N0T was to create a new system that defined
data rates in terms of +ptical Carrier "+C# levels, as shown in Table 9.
Table 9 +C %evels and Transmission ?ates
=# 2evel Transmission Rate
+C), <,.@;bps
+C)9 ,<<.<.bps
+C),. :...-@bps
+C).; ,..;;6bps
+C);@ ..;@@6bps
+C),D. D.D<96bps
>(/1
+ne of the older 3&N technologies is E..<, which is a packet)switching technology. Today,
E..< is not as widely implemented as it once was. E..<4s veteran status is both its greatest
advantage and its greatest disadvantage. +n the upside, E..< is a global standard that can be
found in many places. E..< had an original ma!imum transfer speed of <:Fbps, which, when
compared to other technologies in the mid),DC-s, was fast but almost unusable for most
applications on today4s networks. $n the ,D@-s a digital version of E..< was released increasing
throughput to a ma!imum :;kbps. This too is slow by today4s standards.
Because E..< is a packet)switching technology, it uses different routes to get the best possible
connection between the sending and receiving device at a given time. &s conditions on the
network change, such as increased network traffic, so do the routes that the packets take.
Conse(uently, each packet is likely to take a different route to reach its destination during a
single communication session. The devices that make it possible to use E..< service are called
packet assemblers8disassemblers "2&Ds#. & 2&D is re(uired at each end of the E..< connection.
Table ; compares the various 3&N technologies reviewed in this Chapter.
Table ; Comparing 3&N Technologies
9AN
Tec*nolo$, Speed
Supported
Media
Sitc*in$
Met*od 'sed Ce, #*aracteristics
$*DN B?$: :;Fbps to Copper8fiber) Can be used for $*DN can be used to transmit
Table ; Comparing 3&N Technologies
9AN
Tec*nolo$, Speed
Supported
Media
Sitc*in$
Met*od 'sed Ce, #*aracteristics
,.@Fbps
2?$: :;Fbps to
,.<bps
optic circuit)
switching or
packet)
switching
connections
all types of traffic, including
voice, video, and data. B?$
uses .B=D channels, 2?$ uses
.9B=D channels. B channels
are :;Fbps. $*DN uses the
public network and re(uires
dial)in access.
T)carrier
"T,, T9#
T,: ,.<;;bps
T9: ;;.C9:bps
Copper8fiber)
optic
Circuit
switching
T)carrier is used to create
point)to)point network
connections for private
networks.
'DD$ ,--bps 'iber)optic N8& 1ses a dual)ring configuration
for fault tolerance. 1ses a
token)passing media)access
method. 1ses beaconing for
error detection.
E..< <:Fbps8:;Fbps Copper8fiber)
optic
2acket
switching
E..< is limited to <:Fbps.
E..< provides a packet)
switching network over
standard phone lines.
*+N0T8+c! <,.@bps 'iber)optic to
..;6bps
N8& *+N0T defines synchronous
data transfer over optical
cable.
Internet Access Tec*nolo$ies
$nternet access has become an integral part of modern business. There are several ways to obtain
$nternet access. The type chosen will often depend on the cost as well as what technologies are
available in the area you are located. This section e!plores some of the more common methods
of obtaining $nternet access.
xDS2 Internet Access
D*% is an $nternet access method that uses a standard phone line to provide high)speed $nternet
access. D*% is most commonly associated with high)speed $nternet access7 because it is less
e!pensive than technologies such as $*DN, it is often used in homes and small businesses. 3ith
D*%, a different fre(uency can be used for digital and analog signals, which means that you can
talk on the phone while you4re uploading data.
D*% arrived on the scene in the late ,DD-s, and it brought with it a staggering number of flavors.
Together, all these variations are known as !D*%:
&symmetric D*% "&D*%# 2robably the most common of the D*% varieties is &D*%.
&D*% uses different channels on the line: +ne channel is used for 2+T* and is
responsible for analog traffic, the second channel is used to provide upload access, and
the third channel is used for downloads. 3ith &D*%, downloads are faster than uploads.
*ymmetric D*% "*D*%# *D*% offers the same speeds for uploads and for downloads,
making it most suitable for business applications such as 3eb hosting, intranets, and e)
commerce. $t is not widely implemented in the home8small business environment and
cannot share a phone line.
$*DN D*% "$D*%# $*DN D*% is a symmetric type of D*% that is commonly used in
environments where *D*% and &D*% are unavailable. $D*% does not support analog
phones.
?ate &daptive D*% "?&D*%# ?&D*% is a variation on &D*% that can modify its
transmission speeds based on the signal (uality. ?&D*% supports line sharing.
>ery Bigh Bit ?ate D*% ">BD*%# >BD*% is an asymmetric version of D*% and, as
such, can share a telephone line.
Bigh Bit ?ate D*% "BD*%# BD*% is a symmetric technology that offers identical
transmission rates in both directions. BD*% does not allow line sharing with analog
phones.
3hy are there are so many D*% variationsH The answer is (uite simply that each flavor of D*%
is aimed at a different user, business, or application.
Businesses with high bandwidth needs are more likely to choose a symmetric form of D*%,
whereas budget)conscious environments such as home offices are likely to opt for an option that
allows phone line sharing at the e!pense of bandwidth. $n addition, some of the D*% variants are
simply older technologies. 3hile the name persists, they have been replaced with newer D*%
implementations. 3hen you4re working in a home8small office environment, you should e!pect
to work with an &D*% system.
Table < summari5es the ma!imum speeds of the various D*% options. Feep in mind that
ma!imum speeds are rarely obtained.
Table < D*% *peeds
DS2 ?ariation 'pload Speed Donload Speed
&D*% ,bps @bps
*D*% ,.<bps ,.<bps
Table < D*% *peeds
DS2 ?ariation 'pload Speed Donload Speed
$D*% ,;;Fbps ,;;Fbps
?&D*% ,bps Cbps
>BD*% ,.:bps ,9bps
BD*% C:@Fbps C:@Fbps
#able Internet Access
able $nternet access is an always on $nternet access method that is available in areas that have
digital cable television. Cable $nternet access is attractive to many small businesses and home
office users because it is both ine!pensive and reliable. ost cable providers do not restrict how
much use is made of the access. Connectivity is achieved by using a device called a cable
modem7 it has a coa!ial connection for connecting to the provider4s outlet and an 1nshielded
Twisted 2air "1T2# connection for connecting directly to a system or to a hub or switch.
Cable providers often supply a cable modem free of charge, although of course you are paying
for the rental of the modem in a monthly service fee. any cable providers offer free or low)cost
installation of cable $nternet service, which includes installing a network card in a 2C. *ome
providers also do not charge for the network card. Cable $nternet costs are comparable to D*%
subscription.
ost cable modems supply a ,-bps 0thernet connection for the home %&N, although you
wouldn4t e!pect the actual $nternet connection to reach these speeds. The actual speed of the
connection can vary somewhat depending on the utili5ation of the shared cable line in your area.
$n day)to)day application, data rates range from ,.<bps to 9bps.
+ne of the biggest disadvantages of cable access is cited "by D*% providers at least# as the fact
that you share the available bandwidth with everyone else in your cable area. &s a result, during
peak times, performance of a cable link might be poorer than in low)use periods. $n residential
areas, busy times are evenings and weekends, and particularly right after school. $n general,
though, performance with cable systems is good, and in low)usage periods, it can be very fast.
Broadband Securit, #onsiderations
3hether using D*% or cable $nternet access, there are a few things to keep in mind. 0ach of
these technologies offers always on service. This means that even when you are away from your
computer, it is still on the $nternet. &s you can imagine, this creates a security risk. The longer
you are online, the more chance someone has of remotely accessing your system.
The operating systems we use today all have some security holes through which some people are
waiting to e!ploit. These attacks often focus on technologies such as email or open TC281D2
ports. Combining +* security holes with an always on $nternet technology is certainly a
dangerous mi!.
Today, D*% and cable $nternet connections have to be protected by mechanisms such as
firewalls to protect the system. The firewall system will offer features such as packet filtering
and network address translation "N&T#. The firewall can be a third)party software application
installed on the system, or it can be a hardware device.
$n addition to a firewall, it is e(ually important to ensure that the operating system you are using
is completely up)to)date in terms of service packs and security updates. Today4s client systems
typically offer automatic update features that will alert you when a new security update is
available.
'ollowing a few safety rules, both D*% and cable $nternet can provide safe $nternet access. 3e
/ust have to be security diligent.
&=TS:&STN )&lain =ld Telep*one
Service:&ublic Sitc*ed Telep*one Netor!3
The most popular means of connecting to the $nternet or a remote network might still be the
good old telephone line and modem.
$nternet access through a phone system re(uires two things: a modem and a dial)up access
account through an $*2. odems are devices that convert the digital signals generated by a
computer system into analog signals that can travel across a phone line. & computer can have
either an internal or e!ternal modem. 0!ternal modems tend to be less problematic to install and
troubleshoot because they don4t re(uire reconfiguration of the host system. $nternal modems use
one of the serial port assignments "that is, a C+ port# and must therefore be configured not to
conflict with other devices.
The second piece of the pu55le, the dial)up $*2 account, can easily be obtained by contacting one
of the many local, regional, or national $*2s. ost $*2s offer a range of plans that are normally
priced based on the amount of time the user is allowed to spend online. &lmost without
e!ception, $*2s offer <:Fbps access, the ma!imum possible under current standards. ost $*2s
also provide email accounts, access to newsgroup servers, and often small amounts of 3eb
space.
$t is a good idea to research an $*2 choice carefully. 'ree services e!ist, but they generally
restrict users to a certain number of online hours per month or use e!tensive banner advertising
to pay for the services. Normally, you pay a monthly service fee for an $*27 doing so provides a
degree of reassurance because the $*2 can be held accountable. 2aid)for service also tends to
provide a higher level of support.
&nother big consideration for dial)up $nternet access is how many lines the $*2 has. $*2s never
have the same number of lines as subscribers7 instead, they work on a first)come, first)serve
basis for dial)up clients. This means that on occasion, users get busy signals when they try to
connect. Before signing up for a dial)up $nternet access account, you should ask the company
what its ratio of lines to subscribers is and use that figure as part of your comparison criteria.
Satellite Internet Access
any of us take D*% and cable $nternet access for granted, but these technologies are not
offered everywhere. 'or areas where cheaper broadband options are not available, there are a
limited number $nternet options. +ne of the primary ones is $nternet via satellite.
*atellite access provides a viable $nternet access solution for those who cannot get other methods
of broadband. *atellite $nternet offers an always on connection with theoretical speeds advertised
anywhere from <,.Fbps upload speeds to .-;@Fbps download speeds, considerably faster than
a <:k dial)up connection. +ne of the primary drawbacks to satellite $nternet is the cost, and even
with the high price tag, it is not as fast as D*% or cable modem.
&lthough satellite $nternet is slower and more costly than D*% or cable, it offers some very
attractive features first of which has to be its portability. Nuite literally, wherever you go, you
can have $nternet access. 'or business with remote users and clients, the benefit to this is clear.
But the technology has far reaching impact7 it is not uncommon to see ?>s with a satellite dish
on the roof. They have .;8C unlimited access to the $nternet as they travel.
There are many companies offering satellite $nternet services, and a (uick $nternet search will
reveal many. These $nternet providers offer different $nternet packages that vary greatly in terms
of price, access speeds, and service. *ome target business, whereas others are aiming for the
private market.
Two different types of broadband $nternet satellite services are deployed: one)way and two)way
systems. & one)way satellite system re(uires a satellite card and a satellite dish installed at the
end user4s site7 this system works by sending outgoing re(uests on one link using a phone line,
with inbound traffic returning on the satellite link. & two)way satellite system, on the other hand,
provides data paths for both upstream and downstream data. %ike a one)way system, a two)way
system also uses a satellite card and a satellite dish installed at the end user4s site7 bidirectional
communication occurs directly between the end user4s node and the satellite.
Bome satellite systems are asymmetric7 that is, download speeds are faster than upload speeds.
$n fact, a home satellite system is likely to use a modem for the upline traffic, with downloads
coming over the satellite link. The e!act speeds you can e!pect with satellite $nternet depend on
many factors. &s with other wireless technologies, atmospheric conditions can significantly
affect the performance of satellite $nternet access. +ne additional consideration for satellite
$nternet is increased propagation timethe time it takes for the signal to travel back and forth from
the satellite. $n networking terms, this time is very high and an important consideration for
business applications.
9ireless Internet Access
Not too long ago, it would have been inconceivable to walk into your local coffee shop with your
laptop under your arm and surf the 3eb while drinking a latte. 2utting aside the fact that
beverages and laptops don4t mi!, wireless $nternet access is everywhere and increasing.
3ireless $nternet access is provided by a 3ireless $nternet *ervice 2rovider "3$*2#. The 3$*2
provides public wireless $nternet access known as hotspots. Botspots provide $nternet access for
mobile network devices such as laptops, handheld computers, and cell phones in airports, coffee
shops, conference rooms, and so on. & hotspot is created using one or many wireless access
points near the hotspot location.
Client systems might need to install special application software for billing and security
purposes7 others re(uire no configuration other than obtaining the network name "**$D#.
Botspots do not always re(uire a fee for service as companies use them as a marketing tool to
lure $nternet users to their businesses.
&s of today, hotspots are not everywhere, but finding them is not difficult. Typically, airports,
hotels, and coffee shops will advertise that they offer $nternet access for customers or clients. $n
addition, 3$*2 providers list their hotspot sites online so that they are easily found.
0stablishing a connection to a wireless hotspot is a straightforward process. $f not e(uipped with
built)in wireless capability, laptops will re(uire an e!ternal wireless adapter card. 3ith the
physical re(uirements of the wireless card taken care of, connect as follows:
,. 3hen you arrive at the hotspot site, power up your laptop. $n some instances, you might
need to reboot your system if it was on standby to clear out old configuration settings.
.. The card might detect the network automatically. $f this is the case, configuration
settings, such as the **$D, will be automatically detected, and the wireless $nternet will
be available. $f $nternet access is free, there is little else to do7 if it is a paid)for service,
you will need to enter a method of payment. +ne thing to remember is to verify that you
are using encryption for secure data transfer.
9. $f for some reason the wireless settings are not automatically detected, you will need to
open up your wireless N$Cs configuration utility and manually set the configurations.
These settings can include setting the mode to infrastructure, inputting the correct **$D,
and setting the level of encryption used.
$n addition to using a 3$*2, some companies such as hotels and cafes will provide wireless
$nternet access by connecting a wireless router to a D*% or cable $nternet connection. The router
becomes the wireless access point to which the users connect, and it allows clients to connect to
the $nternet through the broadband connection. The technology is based on the @-..,, standards,
typically @-..,,b8g, and client systems re(uire only an internal or e!ternal wireless adapter.
Remote Access &rotocols and Services
Today, there are many ways to establish remote access into networks. *ome of these include
such things as virtual private networks ">2Ns# or plain old modem dial)up access. ?egardless of
the techni(ue used for remote access or the speed at which access is achieved, certain
technologies need to be in place in order for the magic to happen. These technologies include the
protocols to allow the access to the server and to secure the data transfer after the connection is
established. &lso necessary are methods of access control that make sure only authori5ed users
are using the remote access features.
&ll the ma/or operating systems include built)in support for remote access. They provide both
the access methods and security protocols necessary to secure the connection and data transfers.
Remote Access Service )RAS3
?&* is a remote access solution included with 3indows *erver products. ?&* is a feature)rich,
easy)to)configure, and easy)to)use method of configuring remote access.
&ny system that supports the appropriate dial)in protocols, such as 222, can connect to a ?&*
server. ost commonly, the clients are 3indows systems that use the dial)up networking
feature7 but any operating system that supports dial)up client software will work. Connection to a
?&* server can be made over a standard phone line, using a modem, over a network, or via an
$*DN connection.
?&* supports remote connectivity from all the ma/or client operating systems available today,
including all newer 3indows +*s:
3indows .--- 2rofessional based clients
3indows E2 Bome based clients
3indows E2 2rofessional based clients
1N$E)basedI%inu! clients
acintosh)based clients
&lthough the system is called ?&*, the underlying technologies that enable the ?&* process are
dial)up protocols such as *erial %ine $nternet 2rotocol "*%$2# and 2oint)to)2oint 2rotocol "222#.
S2I&
*%$2 was designed to allow data to be transmitted via Transmission Control 2rotocol8$nternet
2rotocol "TC28$2# over serial connections in a 1N$E environment. *%$2 did an e!cellent /ob, but
time proved to be its enemy. *%$2 was developed in an atmosphere in which security was not an
overriding concern7 conse(uently, *%$2 does not support encryption or authentication. $t
transmits all the data used to establish a connection "username and password# in clear te!t, which
is, of course, dangerous in today4s insecure world.
$n addition to its inade(uate security, *%$2 also does not provide error checking or packet
addressing, so it can be used only in serial communications. $t supports only TC28$2, and log in
is accomplished through a terminal window.
any operating systems still provide at least minimal *%$2 support for backward capability to
older environments, but *%$2 has been replaced by a newer and more secure alternative: 222.
*%$2 is still used by some government agencies and large corporations in 1N$E remote access
applications, so you might come across it from time to time.
&&&
222 is the standard remote access protocol in use today. 222 is actually a family of protocols
that work together to provide connection services.
Because 222 is an industry standard, it offers interoperability between different software vendors
in various remote access implementations. 222 provides a number of security enhancements
compared to regular *%$2the most important being the encryption of usernames and passwords
during the authentication process. 222 allows remote clients and servers to negotiate data
encryption methods and authentication methods and support new technologies. 222 even gives
administrators the ability to choose which particular local area network "%&N# protocol to use
over a remote link. 'or e!ample, administrators can choose among NetB$+* 0!tended 1ser
$nterface "NetB01$#, N3%ink "$nternetwork 2acket 0!change8*e(uenced 2acket 0!change
"$2E8*2E##, &ppleTalk, or TC28$2.
During the establishment of a 222 connection between the remote system and the server, the
remote server needs to authenticate the remote user and does so by using the 222 authentication
protocols. 222 accommodates a number of authentication protocols, and it4s possible on many
systems to configure more than one authentication protocol. The protocol used in the
authentication process depends on the security configurations established between the remote
user and the server. 222 authentication protocols include CB&2, *)CB&2 ".#, 0&2, *2&2,
and 2&2. 0ach of these authentication methods is discussed later in this chapter in the section on
authentication protocols.
222o0 "2oint)to)2oint 2rotocol over 0thernet# is a protocol used for connecting multiple
network users on an 0thernet local area network to a remote site through a common device. 'or
e!ample, using 222o0 it is possible to have all users on a network share the same link such as a
D*%, cable modem, or a wireless connection to the $nternet. 222o0 is a combination of 222 and
the 0thernet protocol, which supports multiple users in a local area network. Bence the name.
The 222 protocol information is encapsulated within an 0thernet frame.
3ith 222o0, a number of different users can share the same physical connection to the $nternet,
and in the process, 222o0 provides a way to keep track of individual user $nternet access times.
Because 222o0 allows for individual authenticated access to high)speed data networks, it is an
efficient way to create a separate connection to a remote server for each user. This strategy
allows $nternet access and billing on a per)user basis rather than a per)site basis.
1sers accessing 222o0 connections re(uire the same information as re(uired with standard dial)
up phone accounts, including a username and password combination. &s with a dial)up 222
service, an $nternet service provider "$*2# will most likely automatically assign configuration
information such as the $2 address, subnet mask, default gateway, and DN* server.
There are two distinct stages in the 222o0 communication process the discover stage and the
222 session stage. The discovery stage has four steps to complete to establish the 222o0
connection: initiation, offer, re(uest, and session confirmation. These steps represent back and
forth communication between the client and the 222o0 server. +nce these steps have been
negotiated, the 222 session can be established using familiar 222 authentication protocols.
&&T&
The function of the 2oint)to)2oint Tunneling 2rotocol "22T2# is to create a secure transmission
tunnel between two points on a network. The tunneling functionality that 22T2 provides forms
the basis for creating multi)protocol virtual private networks ">2Ns#, which allow users to
access remote networks through a secure connection. 22T2 works in con/unction with 222 and,
as such, uses 222 authentication methods including 2&2, CB&2, and *)CB&2.
To establish a 22T2 session between a client and server, a TC2 connection known as a 22T2
control connection is re(uired to create and maintain the communication tunnel. The 22T2
control connection e!ists between the $2 address of the 22T2 client and the $2 address of the
22T2 server, using TC2 port ,C.9 on the server and a dynamically assigned port on the client. $t
is the function of the 22T2 control connection to pass the 22T2 control and management
messages used to maintain the 22T2 communication tunnel between the remote system and the
server. +nce the 22T2 connection is made, it provides a secure channel, or tunnel, using the
original 222 connection between the devices.
?irtual &rivate Netor!s
>2Ns are one of the most popular methods of remote access. 0ssentially, a >2N e!tends a %&N
by establishing a remote connection, using a public network such as the $nternet. & >2N
provides a point)to)point dedicated link between two points over a public $2 network.
>2N encapsulates encrypted data inside another datagram that contains routing information. The
connection between two computers establishes a switched connection that is dedicated to the two
computers. The encrypted data is encapsulated inside the 222 or $2*ec protocols and that
connection is used to deliver the data.
& >2N allows anyone with an $nternet connection to use the infrastructure of the public network
to dial in to the main network and access resources as if he or she were logged on to the network
locally. $t also allows two networks to be connected to each other securely. +nce connected, data
can be e!changed between networks. $n this way, >2Ns create a 3&N.
any elements are involved in establishing a >2N connection, including the following:
& >2N client The >2N client is the computer that initiates the connection to the >2N
server.
& >2N server The >2N server authenticates connections from >2N clients.
&n access method &s mentioned, a >2N is most often established over a public network
such as the $nternet7 however, some >2N implementations use a private intranet. The
network that is used must be $2 based.
>2N protocols 2rotocols are re(uired to establish, manage, and secure the data over the
>2N connection. 22T2 and %.T2 are commonly associated with >2N connections.
>2Ns have become very popular because they allow the public $nternet to be safely used as a
wide area network "3&N# connectivity solution.
Remote Des!top &rotocol
$n a 3indows environment, Terminal *ervices provides a way for a client system to connect to a
server, such as 3indows server .---8.--9, and by using the ?emote Desktop 2rotocol "?D2#
run programs on the server as if they were local client applications. *uch a configuration is
known as thin client computing, whereby client systems use the resources of the server instead of
their local processing power.
+riginally, Terminal *ervices was available in remote administration mode or application server
mode. Today, in 3indows *erver .--9, Terminal *ervices remote administration mode is no
more as it has been replaced with the ?emote Desktop feature.
3indows *erver .--9 and E2 2rofessional have built)in support for ?emote Desktop
Connections. The underlying protocol used to manage the connection is ?D2. ?D2 is a low
bandwidth protocol used to send mouse movements, keystrokes, and bitmap images of the screen
on the server to the client computer. ?D2 does not actually send data over the connection only
screenshots and client keystrokes.
Securit, &rotocols
&ny discussion of remote access is sure to include security, and for a good reason: ?emote
access opens your network to remote users. &lthough you4d like to think that only authori5ed
users would try to connect from remote locations, the reality is that an e(ual number of
illegitimate users will probably attempt to connect. Because many of the methods used to
establish remote access are over public networks, securing the data you send and the points at
which you connect at an important consideration. & significant element of this security is
encryption.
0ncryption is the process of encoding data so that it can be securely sent over remote
connections. &s well as encrypting the data itself, the usernames and passwords used to gain
access to the remote network are also typically encrypted. $n practical terms, encryption is the
process of encoding data using a mathematical algorithm that makes it difficult for unauthori5ed
users to read the data if they are able to intercept it. The algorithm used in the encryption is
actually a mathematical value known as a key. The key is re(uired in order to read the encrypted
data. 0ncryption techni(ues use public and private keys7 public keys can be shared, and private
keys cannot.
I& Securit, )I&Sec3
$2*ec was created by the $nternet 0ngineering Task 'orce "$0T'# and can be used on both $2v;
and $2v: networks. $t is designed to encrypt data and authenticate users. $2*ec encryption
ensures that data on a network cannot be viewed, accessed, or modified by those who should not
have access to it. $2*ec provides security for both internal and e!ternal networks. $t might seem
that protection on an internal network is less necessary than on an e!ternal network7 however,
much of the data you send across networks has little or no protection, allowing unwanted eyes to
access it.
$2*ec provides several key security services:
Data verification and authentication $t verifies that the data received is from the intended
source.
2rotection from data tampering $t ensures that the data has not been tampered with and
changed between the sending and receiving devices.
2rivate transactions $t ensures that the data sent between the sending and receiving
devices is unreadable by any other devices.
$2*ec operates at the network layer of the +pen *ystems $nterconnect "+*$# model and provides
security for protocols that operate at higher layers of the +*$ model. Thus, by using $2*ec, you
can secure practically all TC28$2)related communications.
2a,er / Tunnelin$ &rotocol )2/T&3
The %ayer . Tunneling 2rotocol "L(T# is a combination of 22T2 and Cisco4s %.' technology.
%.T2 utili5es tunneling to deliver data. $t authenticates the client in a two)phase process: $t first
authenticates the computer and then the user. By authenticating the computer, it prevents the data
from being intercepted, changed, and returned to the user in what is known as a man)in)the)
middle attack. %.T2 assures both parties that the data they are receiving is the data sent by the
originator.
%.T2 operates at the data)link layer, making it protocol independent. This means that an %.T2
connection can support protocols such as $2E and &ppleTalk.
%.T2 and 22T2 are both tunneling protocols, so you might be wondering which you should use.
Bere is a (uick list of some of the advantages of each, starting with 22T2:
22T2 has been around the longest7 it offers more interoperability than %.T2.
22T2 is easier to configure than %.T2 because %.T2 uses digital certificates.
22T2 has less overhead than %.T2.
The following are some of the advantages of %.T2:
%.T2 offers greater security than 22T2.
%.T2 supports common public key infrastructure technology.
%.T2 provides support for header compression.
Secure Soc!ets 2a,er )SS23
**% is a security protocol that is used on the $nternet. +riginally developed by Netscape for use
with its Navigator browser, **% uses public key encryption to establish secure connections over
the $nternet. **% provides three key services:
*erver authentication **% allows a user to confirm a server4s identity. 'or e!ample, you
can use this ability when you are purchasing something online with a credit card but first
want to verify the server4s identity.
Client authentication **% allows a server to confirm a user4s identity. This functionality
is often used when a server is sending sensitive information such as banking information
or sensitive documents to a client system and wants to verify the client4s identity.
0ncrypted connections $t is possible to configure **% to re(uire all information sent
between a client and a server to be encrypted by the sending software and decrypted by
the receiving software. Doing this establishes private and secure communication between
two devices. $n addition, **% has a mechanism to determine whether the data sent has
been tampered with or altered in transit.
Kou can see **% security on the 3eb when you access a secure universal resource locator
"1?%#. *ecure websites begin with https#// instead of the http#//. Byperte!t Transfer
2rotocol over **% "BTT2*# connections re(uires a browser with built)in security features to
establish a secure connection.
9+&
302 was the first attempt to keep wireless networks safe. 302 was designed to be easy to
configure and implement. +riginally, it was hoped that 302 would provide the same level of
security to wireless networks as was available to wired. $t was soon discovered that 302 had
significant shortcomings.
302 is an $000 standard, introduced in ,DDC, designed for securing @-..,, networks. 3ith
302 enabled, each data packet transmitted over the wireless connection would be encrypted.
+riginally, the data packet was combined with a secret ;-)bit number key as it passed through an
encryption algorithm known as ?C;. The packet was scrambled and sent across the airwaves. +n
the receiving end, the data packet passed through the ?C; backward, and the host received the
data as it was intended. 302 originally used a ;-)bit number key, but later specified ,.@)bit
encryption, making 302 that much more robust.
302 was designed to provide security by encrypting data from the sending and receiving
devices. $n a short period of time, however, it was discovered that 302 encryption was not
nearly as secure as hoped. 2art of the problem was that when the @-..,, standards were being
written, security was not the ma/or concern it is today. &s a result, 302 security was easy to
crack with freely available hacking tools. 'rom this point, wireless communication was regarded
as a potentially insecure transmission media.
9&A
*ecurity weaknesses associated with 302 provided administrators with a very valid reason to be
concerned with wireless security. The need for increased wireless security was important for
wireless networking to reach its potential and to bring a sense of confidence for those with
sensitive data to use wireless communications. $n response, the 3i)'i 2rotected &ccess "32&#
was created. 32& was designed to improve on the security weaknesses of 302 and to be
backward compatible with older devices using the 302 standard. 32& addressed two main
security concerns:
0nhanced data encryption 32& uses a Temporal Fey $ntegrity 2rotocol "TF$2#, which
scrambles encryption keys using a hashing algorithm. Then the keys are issued an
integrity check to verify that they have not been modified or tampered with during transit.
&uthentication 32& uses the 0!tensible &uthentication 2rotocol "0&2#. 302 regulates
access to a wireless network based on a computer4s hardware)specific &C address,
which is relatively simple to be sniffed out and stolen. 0&2 is built on a more secure
public)key encryption system to ensure that only authori5ed network users can access the
network.
.0/(%x
@-..,! is an $000 standard specifying port)based network access control. @-..,! was not
specifically designed for wireless networks rather, it provides authenticated access for
both wired and wireless networks. 2ort)based network access control uses the physical
characteristics of a switched local area network "%&N# infrastructure to authenticate
devices that are attached to a %&N port and to prevent access to that port in cases in
which the authentication process fails.
During a port)based network access control interaction, a %&N port adopts one of two
roles: authenticator or supplicant. $n the role of authenticator, a %&N port enforces
authentication before it allows user access to the services that can be accessed through
that port. $n the role of supplicant, a %&N port re(uests access to the services that can be
accessed through the authenticator4s port. &n authentication server, which can either be a
separate entity or co)located with the authenticator, checks the supplicant4s credentials on
behalf of the authenticator. The authentication server then responds to the authenticator,
indicating whether the supplicant is authori5ed to access the authenticator4s services.
The authenticator4s port)based network access control defines two logical access points to
the %&N through one physical %&N port. The first logical access point, the uncontrolled
port, allows data e!change between the authenticator and other computers on the %&N,
regardless of the computer4s authori5ation state. The second logical access point, the
controlled port, allows data e!change between an authenticated %&N user and the
authenticator.
Aut*entication &rotocols
Two primary technologies are re(uired for securing data transmissions: encryption and
authentication. 0ncryption was discussed earlier7 in this section, authentication protocols are
reviewed.
3hen designing a remote connection strategy, it is critical to consider how remote users will be
authenticated. &uthentication defines the way in which a remote client and server will negotiate
on a user4s credentials when the user is trying to gain access to the network. Depending on the
operating system used and the type of remote access involved, several different protocols are
used to authenticate a user. The following authentication protocols are used with various
technologies, including 222:
Challenge Bandshake &uthentication 2rotocol "CB&2# CB&2 is an authentication
system that uses the D< encryption scheme to secure authentication responses. CB&2
is a commonly used protocol, and as the name suggests, anyone trying to connect is
challenged for authentication information. 3hen the correct information is supplied, the
systems Gshake hands,G and the connection is established.
icrosoft Challenge Bandshake &uthentication 2rotocol "*)CB&2# *)CB&2, based
on CB&2, was developed to authenticate remote 3indows)based workstations. There are
two versions of *)CB&27 the main difference between the two is that *)CB&2
version . offers mutual authentication. This means that both the client and the server
must prove their identities in the authentication process. Doing so ensures that the client
is connecting to the e!pected server.
2assword &uthentication 2rotocol "2&2# 2&2 is the least secure of the authentication
methods because it uses unencrypted passwords. 2&2 is often not the first choice of
protocols used7 rather, it is used when more sophisticated types of authentication fail
between a server and a workstation.
0!tensible &uthentication 2rotocol "0&2# 0&2 is an e!tension made to standard 222.
0&2 has additional support for a variety of authentication schemes including smart cards.
$t is often used with >2Ns to add security against brute)force or dictionary attacks.
*hiva 2assword &uthentication 2rotocol "*2&2# *2&2 is an encrypting authentication
protocol used by *hiva remote access servers. *2&2 offers a higher level of security than
other authentication protocols such as 2&2, but it is not as secure as CB&2.
Remote Aut*entication Dial"In 'ser
Service )RADI'S3
&mong the potential issues network administrators face when implementing remote
access are utili5ation and the load on the remote access server. &s a network4s remote
access implementation grows, reliance on a single remote access server might be
impossible, and additional servers might be re(uired. ?&D$1* can help in this scenario.
?&D$1* is a protocol that enables a single server to become responsible for all remote
access authentication, authori5ation, and auditing "or accounting# services. The ?&D$1*
protocol can be implemented as a vendor)specific product such as icrosoft4s $nternet
&uthentication *erver "$&*#.
?&D$1* functions as a client8server system. The remote user dials in to the remote
access server, which acts as a ?&D$1* client, or network access server "N&*#, and
connects to a ?&D$1* server. The ?&D$1* server performs authentication,
authori5ation, and auditing "or accounting# functions and returns the information to the
?&D$1* client "which is remote access server running ?&D$1* client software#7 the
connection is either established or re/ected based on the information received.
Cerberos
*easoned administrators can tell you about the risks of sending clear)te!t, unencrypted
passwords across any network. The Ferberos network authentication protocol is designed
to ensure that the data sent across networks is safe from attack. $ts purpose is to provide
authentication for client8server applications.
Ferberos authentication works by assigning a uni(ue key "called a ticket#, to each client
that successfully authenticates to a server. The ticket is encrypted and contains the
password of the user, which is used to verify the user4s identity when a particular network
service is re(uested.
Ferberos was created at assachusetts $nstitute of Technology to provide a solution to
network security issues. 3ith Ferberos, the client must prove its identity to the server,
and the server must also prove its identity to the client. Ferberos provides a method to
verify the identity of a computer system over an insecure network connection.
Ferberos is distributed freely, as is its source code, allowing anyone interested to view
the source code directly. Ferberos is also available from many different vendors that
provide additional support for its use.

Essential Networking Notes

Cargado por

Información del documento

Descripción original:

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

Essential Networking Notes

Cargado por

Copyright:

Formatos disponibles

[Networking Notes JIMMY]

Broadband versus Baseband

+stablis*in$ #ommunications Beteen

Fi$ure 4 T*e pinouts for a crossover cable(

[Networking Notes JIMMY]

[Networking Notes JIMMY]

,(ac%n& (o-te to co.pt%a.o(& /216.119.10!.$20

,(ac%n& (o-te to co.pt%a.o(& /216.119.10!.$20o1e( a .a2%.-. o3 !0 hops#

7e8-est t%.ed o-t.

'%n& stat%st%cs 3o( 169.$6.54.!#

7eply 3(o. 24.6$.14.65# 5ytes:!2 t%.e:55.s ,,<:12$

'%n& stat%st%cs 3o( 24.6$.14.65#

'ac4ets 7ece%1ed : !99!

"ct%1e Opens : 1!5!

Data&(a.s 7ece%1ed : 20402

Connect%on-spec%3%c DGS S-33%2 . # o4.anyothe(host.net

[Networking Notes JIMMY]

NN ,otal 8-e(y t%.e# $ .sec

2+Ds on Netor!in$ Devices

También podría gustarte