Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Topic overview:
I. Introduction to Data and Computer Networks V. Routing
a. Network components a. ARP Revisited (RARP)
b. Network architecture b. Routing Protocols
c. The Internet
d. Network communications modes TRANSPORT LAYER
e. Scope and significance of data and computer VI. Transport Layer Protocols
networking in todays world a. TCP
b. UDP
PHYSICAL LAYER
II. Protocol Architecture APPLICATION LAYER
a. Network communications processes VII. Network Services and Applications
b. Layered protocol architecture a. Client-Server Network
c. OSI Layers b. WWW and HTTP
d. TCP/IP c. FTP
d. Email
DATA-LINK LAYER e. Remote Logging
III. Local Area Network Topologies f. DNS
a. Ethernet g. DHCP
b. Overview of other LAN media h. SNMP
c. MAC and CSMA/CD
d. ARP VIII. WAN Technologies
e. Bridges a. SONET/SDH
f. Switched Ethernet b. ATM
g. VLAN c. IoT
d. Cloud Computing
NETWORK LAYER e. WPAN an Bluetooth
IV. Network Addressing f. RFID
a. Internet Protocol
b. IPv4 and IPv6 IX. NETWORK SECURITY
c. Address Spacing a. Intro to Cryptography
d. NAT b. VPN
A. NETWORK COMPONENTS
Data Representation
1. Text represented as bit pattern, sequence of bits
a. Code set of bit patterns designed to represent test symbols
b. Coding process of representing symbols
i. Unicode 32 bits = a symbol or character
ii. ASCII American Standard Code for Information Interchange; constituted first 127 characters in
Unicode; aka Basic Latin
2. Numbers represented by bit patterns; does not use ASCII; directly converted to binary number
3. Images represented by bit patterns; simplest form is composed of matrix of pixels (picture elements)
a. Pixel small dot; size depends of resolution (higher resolution, better quality, more memory)
b. RGB represent color image; primary color red, green, blue; intensity of color is assigned bit pattern
c. YCM represents color image; primary color yellow, cyan, magenta
4. Audio recording or broadcasting of sound or music; continuous
5. Video recording or broadcasting of picture or movie; continuous or discrete (combination of images)
Data Flow
1. Simplex unidirectional communication; one-way (one transmits, the other receives) (i.e. keyboard, monitors)
2. Half-duplex each station transmits and receive but not at the same time (i.e. one-lane road, CB)
3. Full-duplex both stations transmit and receive simultaneously (i.e. two-way street, telephone network)
Full-duplex twice BW of half-duplex
B. NETWORK ARCHITECTURE
network - interconnection of a set of devices capable of communication where device can be:
Host end system (i.e. computer, desktop, laptop, security system, phone)
Connecting device like router, switch, modem (modulator-demodulator) etc.
Computer network collection of nodes
node any device capable of transmitting or receiving data connected via links
link communications pathway that transfers data from one device to another
Network Criteria
1. Performance achieve high throughput and smaller time delay; depends also on number of users, type of medium,
software efficiency, etc.
a. Transit time amount of time required for a message to travel from one device to another
b. Response time elapsed time between an inquiry and a response
2. Reliability frequency of failure, time it takes a link to recover from a failure, and networks robustness in a failure
3. Security protecting data from unauthorized access, damage and development, and implementing rules and procedures
for recovery from data losses and breaches
J. Oscillada DATCOMM - EK FINALS Reviewer
Physical Structures
1. Type of connection
a. Point-to-point dedicated link between two devices;
entire capacity of link reserved for transmission
between the devices; wired or wireless (i.e. TV remote
infrared)
b. Multipoint/ multidrop more than two specific devices
share a single link; channel capacity is shared (spatially
shared if devices use link at the same time; timeshared
if they take turns)
2. Physical topology
- way in which a network is laid out physically (two or more devices connected to link; two or more links form a topology)
- topology is the geometric representation of the relationship of all links and linking devices (nodes) to one another
a. Mesh topology every device has a dedicated point-to-point link to every other device (i.e. regional telephone)
- number of duplex-mode links/lines = n(n-1)/2
- each device must have n-1 I/O ports
- advantages:
(1) dedicated links guarantees each connection can carry its own data load, eliminating traffic
(2) robust (one unusable link does not incapacitate whole system)
(3) privacy/security (only intended recipient receives data)
(4) fault identification and isolation easier (routing traffic, allowing precise fault location,
cause, and solution
- disadvantages:
(1) amount of cabling and IO ports required; installation and reconnection are difficult
(2) wiring bulk may be greater than available space
(3) expensive hardware required
b. Star topology each device has a dedicated point-to-point link only to a central controller (hub)
- used in LAN
- one link and IO port only; easy to install and reconfigure, less cabling
- robust (one fails, others still work); easy fault identification and isolation
- disadvantages:
(1) whole network depends on a single point
(2) more cabling required than ring and bus
c. Bus topology multipoint; one cable acts as backbone to link all devices
- Drop line connection from device to main cable
- Tap connector either splices or punctures the main cable
- signal weakens along the cable; limited number of taps and spacing
- easy installation but difficult fault isolation and reconnection
- one fault/break stops the whole system
d. Ring topology - each device has a dedicated point-to-point connection with only two devices on its side
- incorporates repeater to regenerate bits; two-way sending
- easy installation and reconfiguration, simplified fault isolation
- alarm issued if one device does not receive a signal within specified period
- one break, whole system fails (so use dual ring)
J. Oscillada DATCOMM - EK FINALS Reviewer
Network Types
Local Area Network (LAN) Wide Area Network (WAN)
Switching
1. Circuit switching dedicated connection (circuit) always available between two end systems (where switch makes it
active or inactive); i.e. PSTN
2. Packet switching communication done in blocks of data (packets); exchange of individual packets; may be stored; may
take different paths
C. THE INTERNET
History of Internet
- 1961 Leonard Kleinrock (MIT) presented theory of packet switching for bursty traffic; papers on packet-switched
networks published by Paul Baran and Donald Davies
- mid 1960s mainframe computers were stand-alone devices
- 1969 ARPANET; software Network Control Protocol (NCP) provided host communication
- 1972 Vint Cerf and Bob Kahn collaborated on Internetting Project an created the gateway
- 1973 Cerf and Kahn paper of Transmission Control Protocol (TCP)
- 1977 demonstration of internet with three different networks; split of TCP into TCP and IP TCP/IP
- 1983 TCP/IP is official protocol for ARPANET which split into MILNET and ARPANET (military, commercial)
TCP transmission control protocol; responsible for higher level functions (segmentation, reassembly, error detection)
IP internet protocol; handles datagram routing
protocol shared convention or rules allowing devices from different systems to communicate
protocol architecture how a protocol is organized and implemented
Protocol functions:
Segmentation and reassembly data stream into smaller blocks or PDUs
Advantages: (1) communications network accept only limited data block size (53 octets for ATM, 1526
octets for Ethernet); (2) efficient error control, fewer bits retransmitted at failure; (3) shorter delay,
better access to shared transmission files; (4) smaller buffers at receiver stations
Disadvantages: (1) larger overhead with smaller PDU; (2) more interrupts; (3) more time spent in
processing smaller PDUs; (4) reassembly is an issue
Encapsulation [header][data][control info]
Control info contains address of sender and receiver, error detection/frame check sequence, protocol
control for other protocol functions
Connection control establish connection, transfer data, terminate connection, sequencing; types of connection:
Connectionless data transfer each packet independent of other PDUs
Connection-oriented data transfer if stations are connected for long time or dynamic protocol; AKA
logical association, or virtual circuit; has three phases: establish connection, transfer data, terminate;
requires connection before data can be transmitted; requires order of packets be maintained
Ordered delivery necessary to sort packets since not guaranteed to arrive in same order sent
Flow control receiving entity to limit the amount of data sent; stop-and-wait (acknowledgement); efficiency =
transmission of fixed number of PDUs without acknowledgement
Error control prevent loss/damaged data; error detection and retransmission (detection of error discard ; no
acknowledgement retransmit)
Addressing naming an entity
Addressing level level in communications architecture at which an entity is named (physical
addressing changes hop to hop; logical addressing remains the same)
Global non-ambiguity address one system:one address; but possible to have more than 1 address
Global applicability any system can be identified from anywhere (public IP, Ethernet NIC MAC)
Addressing mode:
Unicast one to one
Multicast one to many
Broadcast one to all
Multiplexing upward mux (multiple high-level connections, gain BW); downward mux (split high to low-level;
reliability, performance, efficiency)
Transmission services:
Priority control messages
Quality of service max acceptable delay or throughput
Security access restrictions
J. Oscillada DATCOMM - EK FINALS Reviewer
B. OSI MODEL
Primitives:
a. Request issued by service user to invoke/request service
b. Indication/Response issued by service provider/user to indicate notify
c. Confirm issued by service provider to acknowledge/complete procedure
1. Physical layer - specifies characteristics of transmission medium, data rate, topology, nature of connection, mode of data
transfer, etc.; interfacing (connectors, cables)
Sender side physical layer receives data from data link, encodes signal, transmits through medium, receiver side
physical layer decodes signal back into data, sends to data link (synchronization is important)
J. Oscillada DATCOMM - EK FINALS Reviewer
2. Data link layer provides error detection/correction, flow/access control; physical address appended to frame header
Sender side data link layer receives data from network layer, divides into frames, sends to physical layer; receiver
side data link layer receives frame from physical layer, regroups and send to network layer
Uses MAC addressing
3. Network layer highest layer in network node; logical addressing and routing
Sender side network layer receives data from transport layer, divides to packets, add addressing info in header, send
to data link layer; receiver side network layer converts data into packets, verify physical address, send to transport
4. Transport layer ensures error-free data delivered
Sender side transport layer divides data into segments; receiver side receives packets, converts to proper segment
sequence, send to session layer
5. Session layer dialogue discipline (half or full duplex), grouping, recovery (checkpoints)
Sender side receives data, adds checkpoints (syn bits); receiver side receives data, removes checkpoints, send
6. Presentation layer defines syntax used
Sender side receives data, adds header containing info for encryption and compression, send to session laye; receiver
side presentation layer decompresses ad decrypts data, translates back
7. Application layer interface between application programs an OSI environment (HTTP, FTP)
Disadvantages of OSI
Bad timing, bad technology (multiple flow control, error control, addressing) (EMPTY session an presentation; FULL network
and data link), bad implementation
C. TCP/IP
Contains logic needed to support various user SMTP, FTP, HTTP, Specific addressing
4 APPLICATION
applications DNS, Telnet
3 TRANSPORT Uses TCP; common layer shared by all applications SCTP, TCP, UDP Port addressing
2 INTERNET Uses IP for routing across multiple networks IP, ARP, ICMP, IGMP Logical addressing
Includes physical and data-link; exchange of data from LAN, WAN underlying Physical addressing
NETWORK
1 end system and attached network; access and routing technology
INTERFACE
data
TCP/IP applications
SMTP simple mail transfer protocol; basic e-mail transport facility
FTP file transfer protocol; send files from system to system under user command
Telnet remote logon capability
J. Oscillada DATCOMM - EK FINALS Reviewer
D. NETWORK DEVICES
(more detailed discussion in file network_devices_homework1.docx)
1. Repeater Layer 1 device; interconnects media segments of extended network; regenerates corrupted signals
2. Hub Layer 1 device; connects multiple user stations via dedicated cable; possibility of network congestion; shared
collision on all devices (broadcast); physically star, logically bus
3. Switch layer 2 device; multiport bridge; looks for MAC address (table); separates collision domain; data only to intended
receiver; in standard eth, operation in half duplex, no ned for CSMA/CD
4. Router separates broadcast domain and collision domain; special gateway; connects different networks (IP address
capable of subnetting); best path; have built-in AP
5. Bridge layer 2 device; LAN-LAN with same protocol; like a switch
6. Gateway networks with different protocols
7. Access Point (AP) wired to wireless LAN; no decrease in BW
8. WiFi Extender decrease BW due to extension range
Collision domain probability of collision; section of the network connected by shared medium or through repeaters where data
packets can collide with one another when being sent; apparent in early Ethernet versions
1 switch port = 1 coll. domain 1 hub = 1 coll. domain
Broadcast domain logical division of a computer network in which all nodes can reach each other by broadcast at the data link
layer; may be within same LAN segment or bridged to other LAN segments
MAC address media access control; unique ID and does not change (48 bits) (i.e. 07:01:02:01:2C:4B)
- Used for most IEEE 802 network technologies
IP address internet protocol; changes per user; allows network layer to identify devices
IP internetworking protocol; connection-less and unreliable protocol
*** port address is 16 bits represented as a single decimal number
A. PHYSICAL LAYER
Performance characteristics
1. Bandwidth maximum speed
a. BW (Hz) range of frequencies data can pass (4kHz in telephone line)
b. BW (bps) max speed of bit transmission (56kbps in dial up; Trellis Code Modulation)
2. Throughput data rate; actual bit transmission (in std Ethernet, 10Mbps BW, 56kbps throughput)
J. Oscillada DATCOMM - EK FINALS Reviewer
Example: A network with BW = 10Mbps can pass only an average of 12,000 frames/minute with each frame
carrying an average of 10,000 bits. What is the throughput?
(12,000 frames/min) x (10,000 bits/ 1 frame) x (1min/ 60 sec) = 2Mbps
3. Latency total time delivered from first to last bit
Latency = Propagation time + Transmission time + Queueing time + Processing delay
If there is a switch between 2nd and 3rd PCs still half duplex, find
throughput
throughput = 10/2 = 5Mbps
If full duplex with switch, throughput = 5*2 = 10 Mbps (up and down)
If all PCs connected to switch in star topology, throughput of each = 20 Mbps (sent and receiving)
Responsibilities:
1. Framing encapsulation + decapsulation; network layer (datagram) to data link layer (frames)
2. Flow control synchronize sending + receiving device by applying buffer or drop info
3. Error control identify data integrity; checksum or CRC-32 (error detect), hamming code (error correct)
ARP address resolution protocol; Layer 3 protocol; finds the MAC address; sends request (broadcast) receives reply (unicast)
from destination
How to know if unicast/ broadcast:
4A:30:10:21:10:1A unicast 47:20:1B:2E:08:EE broadcast
4A 0100 1010, if last bit 0=unicast 47 0100 0111, if last bit 1=broadcast
FF:FF:FF:FF:FF:FF broadcast
[FF:FF:FF][FF:FF:FF] [OUI][Device Identifier]
C. ETHERNET
Ethernet Frame
Destination Source
Preamble SOF TYPE DATA FCS
Address Address
7B 1B 6B 6B 2B 46-1500B 4B
Physical layer
1. Preamble alternating 1, 0; tells other device that it wants to send frame; can be less than 7 bytes
2. Start of Frame last two bits are 11; synchronize frame-reception portions of all stations on LAN
Contention Methods
1. ALOHA protocol continuous sending (broadcast) of frames but will wait for acknowledgment from receiver then
retransmit if none received after certain time
a. Back-off time time to wait before retransmission; random per host
Back-off time = R*Tp where R = random # (1 to 2k-1, k=15 max number of attempts)
J. Oscillada DATCOMM - EK FINALS Reviewer
2. CSMA carrier sense multiple access; listens first checks if someone is sending a frame sends when the coast is
clear (avoids collision)
Cause of collision: when simultaneous propagation, fails to sense that one is already sending
3. CSMA/CD CSMA/collision detection; when collision occurs/is detected, jamming signal is sent, everybody backs-off
CASE 1: Host 1 sends at t1, Host 3 does not receive any message yet so sends data because unaware of Host 1 sending.
When host 3 receives message from host 1, he will sense collision, host 3 will stop broadcasting frames and sends
jamming signal and everyone backs off
CASE 2: Host 1 sends frame and host 3 detects this, he will wait for host 1 to finish before he transmits (1-persistence)
CASE 3: Host 1 is the only one who wants to send, nobody else wants to. No collision
Persistence methods:
a. 1-Persistence method continuous sensing at regular intervals, as many samples until data line detected free
to send; sensing is by order; standard for Ethernet
b. Non-persistence method random intervals of sensing; sense at random if interval is free or busy to send data
Autonegotiation additional feature of 802.3u fast Ethernet; computers in a network negotiates with one another to
determine compatible speed for all
Carrier sensing checks if line is busy before sending a frame
Multiple access many connected to a network in on transmission line
VLAN virtual LAN; separates/connects broadcast networks even if far away; physically separated, logically connected
Layer 1 and 2 operation; uses 2.4GHz (unlicensed band no need to pay, part of ISM) (latest evolution 5GHz)
Uses 2.401 2.473 GHz
Each channel with 22MHz bandwidth, incremental step 5MHz, total of 11 channels
Non-overlapping channels: 1, 6, 11
Advantages: (1) no need for physical wires; (2) no port limitations; (3) less collision based on protocol
Disadvantages: (1) prone to interference; (2) security issues; (3) slower speed; (4) less distance
Characteristics of WLAN
1. Half-duplex ALWAYS broadcast
2. Shared media transmit via air; more users, less BW, higher latency
3. Attenuation greater distance, less signal (a = 1/d2)
4. Interference 2.4GHz unlicensed band
5. Multipath propagation bouncing/spreading of signals thanks to walls/air; in elevator, Faraday cage no signal
6. Transmission acknowledgement hidden station problem solved via CSMA/CA
WLAN architecture
1. BSS basic service set
a. WLAN Infrastructure multiple host connected to base station controller (or AP)
b. ADHOC no base station needed to establish connection
2. ESS extended service set; several BSS connected in distribution system with a server
J. Oscillada DATCOMM - EK FINALS Reviewer
WLAN trivia:
Diffraction allows signals to be sent even in small holes then spread (Huygens principle)
Spread Spectrum
Advantages of spread spectrum:
a. More immune to multipath propagation; avoids multipath grading
b. Inherent security
c. Tolerance to interference
d. Less power density
IP Datagram
- packets used by IP; variable-length with two parts: header and payload (or data)
- payload packet from other protocols using IP services
Header content:
1. VER (version number) of protocol used (IPv4 is 4 0100)
2. HLEN (header length) total length of whole header divided by four; from receiver, multiply by 4
- Example: 0110 6x4 = 24 total length of entire header
3. Type of Service how datagram is handled in upper layer; for network layer prioritizing
4. Total Length total length (header + payload)
- TL = (HLENx4) + Data length
- Data length = TL (HLENx4)
5. Identification, Flags, Fragmentation Offset fragmentation of datagram when size exceeds network capacity; also
for datagram ordering or sequence of packet arrival
6. Time-to-live (TTL) maximum number of hops of packets to avoid traffic; typically 2x(max number of routers)
between any two hosts
7. Protocol define which upper-layer protocol is used to deliver the payload
8. Header Checksum checks integrity of the header (integrity if data is uncorrupted); recalculated every router
9. Source, Destination Addresses IP address of source and destination of the datagram
10. Options + Padding for network testing and debugging
Example:
1. An IPv4 packet has arrived with the first 8 bits as (0100 0010)2. The receiver discards the packet. Why?
- VER: 0100 is correct
- HLEN: 0010 2x4 = 8 bytes HLEN too small since minimum should be 20 bytes ERROR IN PACKET
2. If value of HLEN is (1000)2, how many bytes of options are being carried by this packet? If HLEN is (0100) 2
- HLEN: 1000 8x4 = 32 bytes base header = 20 Options = 32-20 = 12 bytes //
- HLEN: 0100 4x4 = 16 bytes ERROR, packet is discarded
3. HLEN is (0101)2 and TL is (0028)16. How log us the data?
- HLEN: 0101 5x4 = 20 bytes TL: 2816 40 bytes
- Payload = TL HLEN = 20 bytes //
4. (4500 0028 0001 0000 0102)16. Find max number of hops before being dropped and the protocol data belongs to.
- 10 bytes total; TTL at 9th byte (01)16 1 hop maximum
- Protocol at 10th byte (02)16 IGMP protocol
5. CHECKSUM: example of a checksum calculation for an IPv4 header without options. The header is divided into 16-
bit sections. All the sections are added and the sum is complemented after wrapping the leftmost digit. The result
is inserted in the checksum field.
J. Oscillada DATCOMM - EK FINALS Reviewer
- uses 32-bit addressing; total address space 232 - 128 bits length, 16 bytes, 32 hex digits
- Google, FB
IPv6 ADDRESSING
- hexadecimal colon notation address divided into 8
groups
- abbreviation use once to shorten series of 0s (zero
compression)
Addressing types:
1. unicast address single interface
2. anycast address group of computers sharing a single
address; packet sent only to one, most reachable
member
3. multicast address like anycast but all members receives the packet
C. ADDRESS SPACING
- total number of addresses used by the protocol (2b) 32 bits
- prefix and suffix may be fixed or variable length
- i.e. 192.168.10.1, FC.A1.3C.1B n n n n
Domain Naming System (DNS) specific sentence linked to an IP
prefix suffix
address; example www.google.com 202.105.186.141
Network address used in routing a packet to its destination network Network address Host address
CLASSFUL ADDRESSING
- first addressing used; may be thought of as a special case of classless addressing
- MSB defines the class; useful classes: A,B,C
- Class E: experimental purposes
- remaining bits defines host or broadcast address
- Disadvantage: (1) address depletion, limited (2) inefficient, cannot use all hosts available [ie for class A, refer below,
cannot possibly use all 255x255x254 hosts] (3) obsolete
- Advantage: (1) easily identify class, prefix, and suffix (prefix length is fixed)
J. Oscillada DATCOMM - EK FINALS Reviewer
- sample addressing:
Class Address Network Address Broadcast Address
A 10.114.105.5 10.0.0.0 10.255.255.255 * change suffixes to 0
B 167.14.23.1 167.14.0.0 167.14.255.255 or 255
C 205.187.16.3 205.187.16.0 205.187.16.255
- to get total networks available per class: 2^(total network length number of bits to identify class)
example: for class C 24 bits 3 bits = 21 221 = 2,097,152 networks in the world
- to get first byte range for each class: 2^(8 bits number of bits to identify class)
- to identify number of valid hosts: (maximum used)
example: Network address: 205.187.16.0 Broadcast address: 205.187.16.255
256-2 = 254 valid hosts for class C (already used 0 and 255)
Subnet Mask Class A 255.0.0.0 or /8
- identifies network or broadcast address given an IP address Class B 255.255.0.0 or /16
- AND the IP address and subnet mask to get network address
- OR the IP address and invert subnet mask to get broadcast address Class C 255.255.255.0 or /24
- example:
205.187.16.3 /n indicates first n bits are 1 ; notation
205.187.16.3 ; 3 = 0000 0011
AND 255.255.255.0 OR 0.0.0.255 /30 for point-to-point
; 255 = 1111 1111
205.187.16.0 network address 205.187.16.255 broadcast address
First host: 205.187.16.1
Last host: 205.187.16.254
- example: 167.199.170.82/27
167.199.170.82/27 ; 82 = 0101 0010
AND 255.255.255.1110 0000 ; /27 first 27 bits are 1 = 255.255.255.1110 0000
167.199.170.0100 0000 or 167.199.170.64 network address
First host: 167.199.170.65 * max hosts = 232-27 = 32hosts
Last host: 167.199.170.94 * BLOCK SIZE = 32-2 = 30 hosts
Broadcast address: 167.199.170.95
- example: 151.142.223.81/28
151.142.223.81/28 ; 81 = 0101 0001
AND 255.255.255.1111 0000 ; /28 first 28 bits are 1 = 255.255.255.1111 0000
151.142.223.0101 0000 or 151.142.223.80 network address
First host: 151.142.223.81 * max hosts = 232-27 = 16hosts
Last host: 151.142.223.94 * BLOCK SIZE = 32-2 = 14 hosts
Broadcast address: 167.199.170.95
- example: An organization is granted a block of addresses with the beginning address 14.24.74.0/24. The organization
needs to have 3 subblocks of addresses to use in its three subnets. Design the subblocks.
Subblock 1: 10 Subblock 2: 60 Subblock 3: 120
Solution:
Subnet Hosts Block Size
1. rearrange from highest to lowest host then choose nearest block size
3 120 128 /25
total hosts = 190 nearest is 256 or /24 addresses
2 60 64 /26
2. allocate n addresses per subblock starting from highest 1 10 16 /28
Subblock 3
Network address 14.24.74.0/25
Broadcast address 14.24.74.127/25
First Host 14.24.74.1/25
Last Host 14.24.74.126.25
Subblock 2
Network address 14.24.74.128/26
Broadcast address 14.24.74.191/26
First Host 14.24.74.129/26
Last Host 14.24.74.190/26
Subblock 1
Network address 14.24.74.192/28
Broadcast address 14.24.74.207/28
First Host 14.24.74.193/28
Last Host 14.24.74.206/28
Unused block
First 14.24.74.208
Last 14.24.74.255
- example: An ISP is granted a block of addresses starting with 190.100.0.0/16 (65,536 addresses). The ISP needs to
distribute these addresses to three groups of customers as follows. Design the subblocks and find out how many
addresses are still available after these allocations.
-
Subblock 1: 64 customers, each needs 256 addresses
J. Oscillada DATCOMM - EK FINALS Reviewer
- provide the mapping between the private and universal addresses and supports VPN
- private use but Internet sees it as public use (multiple private addresses)
- private addresses for internal communication and global Internet address for external communication
- client-server where client starts the communication
- one to many
Private Address Range Total
Private Addresses used by private networks invisible to the Internet;
10.0.0.0 10.255.255.255 224
range of local addresses; may be for small office use
172.16.0.0 172.32.255.255 220
192.168.0.0 192.168.255.255 216
J. Oscillada DATCOMM - EK FINALS Reviewer
1. Address translation at the NAT router, source address in packet replaced with global NAT address; if from
destination address, NAT router replaces destination address with private address
2. Translation table lets router identify the destination address of packet from the Internet
a. 1 IP address simplest form only private and external address; during translation, router notes the
destination address; when reply comes from dest, private address found using the source address
i. Private network initiates
b. Pool of IP addresses allows more than one private-network host to access an external host
i. Drawbacks: (1) limited to maximum 4 connections to the same destination, (2) cannot access
two external server programs at the same time
c. IP address + Port addresses allows many-to-many communication by giving more information; five
columns; eliminates ambiguity
- ISP Internet Service Provider get 1000 addresses to create address for all users
J. Oscillada DATCOMM - EK FINALS Reviewer
V. ROUTING
- helps IP to find the link-layer/physical address of a host or a router when its network-layer/IP address is given
- Looking for physical address broadcast to whole system
- Layer 3 auxiliary protocol; within the network
- detect ARP reply unicast contains correct address
Case Description Target IP address
1 Same network: host to host Destination address in IP datagram
Different network host to host: pass through
2 IP address of router
router first
3 Router to router IP address of appropriate router from the routing table
4 Router to host Destination address in IP datagram
PROXY ARP
- proxy ARP router replies to any ARP request received for given IP address destinations
REVERESED ARP (RARP) - find the IP address given MAC address when in another network
B. ROUTING PROTOCOLS
Routing Algorithms
1. Distance Vector Routing simplest and easiest; each node shares routing table with immediate neighbors;
initialize routing table then update; get cost between immediate neighbors (directly connected)
- (1) each node creates own least-cost tree (2) trees made more complete by exchanging with immediate
neighbors
- Update existing least cost with new lesser cost; compare old and new tables
- Router tells all neighbors continuously what it knows
- if not immediate neighbor; 0 if loopback
a. Bellman-Ford Equation heart of DVR; finds minimum/shortest distance between two nodes through
other nodes when costs are given between each nodes; D xy = min{Dxy, (cxz + Dzy)}
b. Distance Vector rationale for DVR; 1-D array representation of least-cost tree
J. Oscillada DATCOMM - EK FINALS Reviewer
2. Link-State Routing - define the characteristic of a link (an edge) that represents a network in the internet; cost
at the edge specifies state of the link
- prefer links with lower costs; infinity means no link or broken link
a. Link-state database collection of states for all links used by each node to create tree; shows whole
map of internet; created by flooding (each node send messages to all immediate neighbors to get node
identity + link cost = LS packet)
b. Dijkstras Algorithm formation of least-cost tree; slow; gets cost of nearest node and so on
3. Path-Vector Routing not based on least-cost routing; best route is determined by the source using the policy
it imposes on the route (source controls the path); mainly for routing packets between ISPs
a. Spanning tree not the least-cost tree; tree determined by source imposing its own policy (route that
meets policy best)
Unicast Routing Protocols
Hierarchical routing considering each ISP as an
autonomous system (AS); internet routing cannot be
done with one protocol only because:
o Scalability problem size of the forwarding
tables becomes huge, searching for a
destination in a forwarding table becomes
time-consuming, and updating creates a
huge amount of traffic
o Administrative issue wrt Internet structure
where admin must have control
Autonomous System (AS) private entity owns a local network
o Given a 16-bit autonomous number (ASN) by ICANN
o Intradomain protocol within AS; aka interior gateway protocol (IGP); may be more than 1 (i.e. PLDT
to PLDT network)
o Interdomain global routing protocol or exterior gp (EGP); only 1 (i.e. PLDT to GLOBE network)
o Defined by connection mode
Stub AS only 1 connection to another; initiate or terminate data traffic; data cannot pass
through
Multihomed AS more than one connection to other AS; traffic not allowed to pass
Transient AS more than one connection with traffic allowed to pass (ie backbone)
ii. Network link advertises the network as a node; but network is passive entity and cannot do
announcements itself so a router does the advertisement
iii. Summary link to network done by area border router; summary of links collected by
backbone to an area
iv. Summary link to AS done by AS router
v. External link also done by an AS router to announce the existence of a single network outside
the AS to the backbone area to be disseminated into the areas
e. Implementation as a program in the network layer using IP service for propagation; protocol field 89
i. OSPF Message OSPF is complex and has five types
1. Type 1 or hello self introduction to neighbors
2. Type 2 or database description response to hello; acquire full LSDB
3. Type 3 or link-state request from router needing info about LS
4. Type 4 or link-state update main OSPF message for building LSDB
5. Type 5 or link-state acknowledgment create reliability in OSPF
ii. Authentication prevents a malicious entity from sending OSPF messages to a router and
causing the router to become part of the routing system to which it actually does not belong
iii. OSPF algorithm same with link-state but with changes
f. Performance
i. Update messages large area flooding may create heavy traffic
ii. Convergence of forwarding table faster but each router needs to run Dijkstras
iii. Robustness more robust than RIP; after receiving LSDB, each router is independent ; failures
in one router does not affect others as seriously as in RIP
Client-server paradigm local host (client) needs process on remote host (server); client starts the communication,
receives a port number an uses ephemeral port
2. Port Addressing used to identify the process used (16 bits from 0-65,535)
FTP port numbers: 20,21; Telnet is 23; SSH is 22 (default remote logging)
a. Ephemeral port number for client program; short-lived/temporary like a clients life; greater than 1023;
depends on availability
b. Well-known port number universal port numbers for server; permanent; established by IANA and known
by client; not chosen randomly; (i.e. HTPP is 80 an FTP is 25)
For ICANN or IANA range:
Well-known port: 0 - 1023; assigned and controlled by IANA (ie UDP, TCP)
Registered port: 1024 - 49,151; not controlled by IANA; can only be registered to prevent duplication
Dynamic port: 49,152 - 65,535; neither controlled nor registered; ephemeral
3. Encap/Decap encap at sender side and transport layer adds header to data; decap at receiver
4. Mux/Demux mux (many to one) done by source; demux (one to many) done by destination
5. Flow control ensure balance between production and consumption; use of buffers typically
a. Delivery mode: (1) Pushing sender delivers items whenever produced without request from consumer
and (2) Pulling item delivery after consumer request
b. At pushing, client may get overwhelmed need for flow control
6. Error control responsible for (1) detect and discard corrupted packets (2) keep track of lost and discarded packets
and resend them (3) recognize duplicates and discard them (4) buffer out-of-order packets until missing packets
arrive; for BOTH transport and network layers (TCP/IP ensures reliability)
a. Sequence numbers determine if packets arrive correctly; range from 0-2m-1 where m bits; numbering
system per data byte assigned to each segment
b. Acknowledgment when packets arrive safe; if no ACK after time expiration, packets are resent
7. Congestion control mechanisms and techniques that control the congestion and keep the load below the capacity
Well-known ports
Other ports
- connection-oriented (establish first the virtual circuit before sending data), reliable
- guaranteed data delivery sequence
- with error and flow control
- Steps: (1) establish new connection (2) transfer data (3) terminate connection
- Stream oriented delivery data come in stream or in order; requires sequence number
o Data + Control need sequence number
o Control Only logically no sequence number
o Control Only + Requires ACK sequence number + imaginary 1 byte
- ACK value number of next byte that receiving party is expecting to receive
o (i.e. ACKnum = 5643, bytes until 5642 has been received; expecting to receive 5643 next)
1. Connection Establishment
a. Three-way handshaking
- client first sends SYN to indicate it wants to send
- server sends ACK+SYN to indicate it also wants to
communicate with client
- client finally sends ACK established
b. Full-duplex communication (Piggybacking)
SYN = no data, 1 imaginary byte
SYN+ACK = no data, 1 imaginary byte
ACK = no data, no imaginary byte
2. Data Transfer
a. Piggybacking
J. Oscillada DATCOMM - EK FINALS Reviewer
3. Connection Termination
a. Three-way handshaking
- similar to establishment but instead use FIN to
terminate communication
- ACK by both parties
b. Full-duplex communication (piggybacking)
4. Half-Close Termination
a. Only one party closes; not ACK by one end; one-sided
termination
Ie client wants to end but serve still wants to send;
server keeps on sending but client wil just ACK (seen
zone) until server sends FIN
DATA TRANSFER
- Example: Find value of receiver window (rwnd) for host A if receiver host B has buffer size = 5000
bytes and 1000 bytes or received unprocessed data
Solution: rwnd = 5000-1000 = 4000 bytes sent to next segment
- Example: Find window size of host A if rwnd = 3000 bytes and cwnd = 3500 bytes
Solution: get the minimum = 3000 bytes
2. Retransmission
- Retransmission timer expires (RTO) starts counting when no ACK is received for that segment
- 3 duplicate ACK segments received
Normal operation very fast transmission that ACK from server sent at the same time
Lost Segment RTO expires; sender unaware of loss and keeps sending data; receiver will detect the loss and
tells sender that it wants to receive the lost segment; when RTO expires, sender will resend lost segment to
receiver
Fast Retransmission 3 duplicate ACK; sender sends too fast that it did not detect a lost; at third ACK, it will
finally retransmit segment lost
J. Oscillada DATCOMM - EK FINALS Reviewer
Control Field
Application layer provides services to the user; communication via logical connection
A. CLIENT-SERVER NETWORK
-distributed application structure in tasks are partitioned between service providers (server) and the clients
-first packet sent by client (initiator)
-types of server: proxy, web, application, chat, mail, domain, etc
-client conversion to server: possible because clients may be programmed to act as servers and are still connected
through the internet; also, connection or flow of information
is bidirectional
B. WWW AND HTTP
Cache speeds up the accessing of web pages by storing web objects on the user machine
HTTP METHODS
- transferring files from a server to a client; standard network protocol used for the transfer of computer files from a
server to a client using the Clientserver model on a computer network; may either be data or control
J. Oscillada DATCOMM - EK FINALS Reviewer
Control connection first connection always established in an FTP server; allows client to connect and send commands
to the server; instructs the sending or the transferring of a file
Data communication used by the server to exchange file listings and transfer files; actual data exchange is done
D. EMAIL SYSTEM
SMTP (Simple Mail Transfer Protocol) used when email is delivered from an email client, such as Outlook Express, to
an email server or when email is delivered from one email server to another; uses port 25
POP3 (Post Office Protocol 3) is the most recent version of a standard protocol for receiving e-mail; a client/server
protocol in which e-mail is received and held for you by your Internet server; typically uses port 110
ICMP (Internet Message Access Protocol) is a standard email protocol that stores email messages on a mail server, but
allows the end user to view and manipulate/download the messages as though they were stored locally on the end user's
computing device(s); typically uses port 143
Agents:
1. User agent program allowing the user to receive and send email messages; software that gives information about
what system specifications are used (i.e. Mozilla Thunderbird, Microsoft Outlook, Opera, etc.)
2. Message transfer agent receives, routes, transports, and delivers mail messages using the SMTP protocol in the
client-server network; like an electronic mail deliverer dispersing messages to an electronic mailbox or to another
MTA
3. Message access agent responsible for getting, accessing or the delivery of the email to the local inbox through
POP3 and IMAP4
Architecture of EMAIL
E. REMOTE LOGGING
- Format:
Remote logging - in a client-server model, it allows a user to establish a session on the remote machine and then run
its applications
- allows the users system to directly send important data or system event information to a central
server dedicated to storing and archiving that data
- advantage scenario: Keeping a remote copy of your systems logs on a centrally located, secure log
server can help you recover more quickly from a system crash or help you analyze a security incident.
In cases of system crashes or when local logs have been altered or lost, log copies are secured and
backed up in the central server for easy retrieval
SSH vs TELNET - when higher security is needed; SSH provides confidentiality of user data even if intruder obtains a
copy of the packets sent over SSH connection
- TELNET is unsecure and mostly only used as a network diagnostics tool
Root server server that does not store any domains but delegates the task to other servers
DNS clients and resolver used by the client on communicating to the local DNS Server
Iterative solution a DNS client allows the DNS server to return the best answer it can give based on its cache or zone
data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can
return is a referral
Recursive iteration the DNS client requires that the DNS server respond to the client with either the requested resource
record or an error message stating that the record or domain name does not exist. The DNS server cannot just refer the
DNS client to a different DNS server
J. Oscillada DATCOMM - EK FINALS Reviewer
A. SONET/SDH
ARCHITECTURE
1. SIGNALS
a. STS Synchronous Transport Signals electrical signaling levels
b. OC Optical carriers - corresponding optical signals
c. STM Synchronous Transport Module - a separate standard similar to SDH
2. DEVICES
a. Terminals - Data sources and receivers
b. STS Multiplexer / Demultiplexer - device in charge of transporting the STS signals from the data sources
(e.g. computers)
c. Regenerator - aka repeaters; light signals also experience deterioration therefore they need a way to be
boosted every now and then
d. Add/Drop Multiplexer - can add or drop SPEs from different sources without demultiplexing the whole
frame by relying on bit timing only
3. TERMINALS
a. Sections - optical link connecting two neighboring devices
b. Lines - optical link connecting two multiplexers
c. Paths - optical link connecting two terminals
SONET LAYERS
1. Photonic Layer - corresponds to the physical layer of the OSI model; uses NRZ
encoding
2. Section Layer - responsible for the movement of a signal across a physical section
3. Line Layer - responsible for the movement of a signal across a physical line
4. The path layer - responsible for the movement of a signal from its optical source to
its optical destination
SONET FRAMES
- 125 us duration
- Section Overhead (SOH) - defines and identifies frames, and monitors
section errors and communication between section terminating
equipment
- Line Overhead (LOH) - locates the first octet of SPE and monitors line
errors and communication between terminating equipment;
multiplexing, concatenating, and protection switching
- Path Overhead (POH) - verifies connection, and monitors path errors, receiver status, and communication between
path terminating equipment
SONET NETWORKS
1. Point-to-point network
2. Multipoint network
3. Automatic switching protection
a. Unidirectional path switching
b. Bidirectional path switching
4. Combinational network
J. Oscillada DATCOMM - EK FINALS Reviewer
B. ATM
ATM adaptation layer (AAL) layer in the ATM protocol that encapsulates the user data
ATM layer - layer in ATM that provides routing, traffic management, switching, and multiplexing services
ATM DEVICES
1. ATM endpoint - contains the ATM network interface adapter (router, switches, CODECs)
2. ATM switch - cell transit through the ATM Network
C. INTERNET OF THINGS
COMMUNICATION MODELS
1. Device-to-device
2. Device-to-cloud
3. Device-to-gateway
4. Back-End Data-sharing
PROTOCOLS
1. 6LowPAN - is an acronym of IPv6 over Low power Wireless Personal Area Networks; adaption layer for IPv6 over
IEEE802.15.4 links; operates only in the 2.4 GHz frequency range with 250 kbps transfer rate
2. IEEE 802.15.4 - basis for the ZigBee,ISA100.11a, WirelessHART, and MiWi specifications
3. CoAP (constrained application protocol) - specialized web transfer protocol for use with constrained nodes and
constrained network
4. MQTT (message queue telemetry transport) - thing or sensor publishes data and server will subscribe to data
5. Other protocols: HTTP, XMPP
SOFTWARE AS A SERVER
- Uses the web to deliver applications that is managed by a third party vendor
J. Oscillada DATCOMM - EK FINALS Reviewer
- Some SAAS applications can run directly from the web browser without installations required
- Email collaboration and customer relationship management are the common applications
- Known as on demand software because it does not need traditional software installation and maintenance
- service provider will have the burden for the security and performance
CLOUD STORAGE
- saving data to an off-site storage system maintained by a third party
- Instead of the traditional way of storing of data in hard drives and large storage servers, data are stored in a remote
database; serves as a backup service
ARCHITECTURE
1. Piconet network connection where one device is designated as primary and the rest as secondary; supports up to 7
active slave devices. Other connecting devices are in a parked state
2. Scatternet network connection where a secondary device in a piconet acts as a master in another piconet
F. RFID
A. INRODUCTION TO CRYPTOGRAPHY
NETWORK ATTACKS
1. Eavesdropping - occurs when network communication is in a clear text format. Attackers may gain access and interpret
data
2. Data modification - altering the data in the packet
3. Man in the middle attack - third party user actively monitors, captures and controls communication
4. Compromised Key Attack - attackers may obtain key that interpret secured communication
TYPES OF CRYPTOGRAPHY
1. Symmetric-key cryptography algorithm (secret-key) - a key is shared by the sender and receiver
2. Asymmetric-key cryptography algorithm (public-key) - a public key and private key will be used
J. Oscillada DATCOMM - EK FINALS Reviewer
TRADITIONAL CIPHER
1. Caesar Cipher - monoalphabetic ciphe; shift cipher; used by the romans; each letter is substituted with a certain number
either up or down; the alphabet (3 was the most common number of shifts)
2. Polyalphabetic cipher - One Leon Battista Alberti - Father of western cryptography; using multiple substitution of
alphabets; message will be substituted by other alphabets according to a specific keyword; limiting the use of frequency
analysis to crack the cipher
3. Transposition cipher - Characters location changes; key serves as the map between the position of the symbols in the;
plaintext to the cipher text
4. One Time Pad - Gilbert Vernam in 1918; substitution and transposition cipher; uses a keyword once with the same length
as the message; proved to be unbreakable; encounters practical problems, low message volume
B. VPN
- virtual private network that allows a user to connect to a private network over the Internet securely and privately
- Client-Server technology
- Functions: Authentication, Access Control, Confidentiality, Data Integrity
VPN IMPLEMENTATION
1. Remote access
2. Site-to-site access
a. Intranet
b. Extranet
VPN OPERATION
1. Tunneling Internetwork infrastructure for secure data transfer
Generic name for any system capable of encapsulating data packet
Virtual point-to-point connection via public networks; transports encapsulated datagrams
Uses tunneling protocols: PPTP, L2TP, IPSec, SOCKS
2. Encryption - Protect against passive attacks or external snooping
packet payloads externally visible are encrypted
Ensures data security when traveling through global Internet
Scrambles readable data (plaintext) then unscramble using keys
3. Authentication - Protects against active attack
Ensures that data originates at the source that it claims
Requires digitally signing each packet with a secure hash to prove legitimacy of source and not from a
fake/attacker
Must be done mutually (client and server authenticate each other)
4. Firewall - Uses packet filtering to allow or disallow the flow of specific types of network traffic
IP packet filtering allows admins to define what IP traffic is allowed to cross the firewall
Important when private intranets are connected to public networks for security
TUNNELING PROTOCOLS
1. PPTP Point to Point Tunneling Protocol
- Layer 2 (tunneling) protocol
- one of the most widely used VPN protocol; created by the PPTP forum
- is built on the protocols of PPP (Point-to-Point Protocol)
o Authentication (PAP/CHAP)
o Error Detection (FCS)
- encapsulates PPP frames into IP datagrams for transmission using GRE (Generic Routing Protocol)
- Requires tunnel maintenance with the PPTP Control Connection
2. L2TP Layer 2 Tunneling Protocol
- officially published in 1999.
- combination of Microsofts PPTP and Layer 2 Forwarding (L2F).
- can be used in either voluntary or compulsory tunneling.
- two endpoints of an L2TP tunnel
o LAC (L2TP Access Concentrator)
o LNS (L2TP Network Server)
J. Oscillada DATCOMM - EK FINALS Reviewer
3. IPSec Protocol
- Provides security at the network layer (separate authentication and priva
- secures IP datagrams between any two network-layer entities
- Security Association (SA) - simplex connection established by protocol
- Opportunistic encryption - ideally works without you knowing its there
- PSec examines packets, determine existence of security association with destination, tries to automatically encrypt
and decrypt packets
- Features authentication, integrity, confidentiality
- Can be used for encryption in correlation with L2TP tunneling protocol
- Elements:
o Encapsulating Security Payload (ESP) - provides confidentiality, authentication, integrity
o Authentication Header (AH) - provides authentication and data integrity but does not provide encryption
o Internet Key Exchange (IKE) - provides key management and security association (SA); all devices must share a
common or public key
References: