Chapter 5 and 6

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Custom subnets

A custom subnet is a collection of leased IP addresses that are divided into smaller groups to serve a network's needs. A custom subnet has a custom subnet mask applied to the IP address, so that what the node sees as its local network is a subset of the whole default network address block. A default gateway is configured for each subnet to route traffic between subnets.

Protocol Analyzers

A protocol analyzer , or a network analyzer or packet analyzer, is diagnostic software that can examine and display data packets that are being transmitted over a network. It can examine packets from protocols that operate in the Physical, Data Link, Network, and Transport layers of the OSI model. Protocol analyzers can gather all information passed through a network, or selectively record certain types of transactions based on various filtering mechanisms. On a wired network, it is possible to gather information on all or just part of a network. On a wireless network, traffic can be captured one wireless channel at a time. There are numerous uses for a protocol analyzer, including: • Analyzing current network traffic patterns and potential problems • Detecting possible network intrusions • Monitoring network usage for performance analysis • Filtering undesirable network traffic • Launching an eavesdropping attack Different protocol analyzers have different levels of functionality. Some have only software components; others use a combination of hardware and software to gather and analyze network information. High-end solutions usually provide support for more protocols, higher speeds, more analytical information, and the ability to send test traffic. The product you will use depends on your environment and the needs of your network. • Most Windows devices include a basic protocol analyzer tool called Network Monitor that enables you to save each network capture to a log. There are two versions of Network Monitor. The first is one that ships with Windows but is not installed by default. You must add it by using Add/Remove Windows Components . This version of Network Monitor can capture only packets that travel to or from the device on which it is installed. There is also a full version of Network Monitor that is included with Systems Management Server, and can be installed separately from the full Systems Management Server product. This version can capture packets sent to or from any device on the network. Note: Network Monitor can be downloaded from http://www.microsoft.com/ download/en/details.aspx?id=4865 • Most Linux distributions include tcpdump, a popular command-line utility for capturing packets. tcpdump can capture IP addresses, MAC addresses, session state and header information as well as data. The capture can be watched in real time, or saved to a file that can be imported and opened by other protocol analyzers. In addition to tcpdump, many Linux system administrators use Wireshark ® to capture and analyze traffic on the network. • The netstat utility is included with most UNIX and Linux distributions. netstat can provide a wide range of information, including open ports and sockets, packets transmitted on those ports, routing tables, and multicast memberships. To capture all packets sent on a network, protocol analyzers require a network adapter and driver that support promiscuous mode operation. Promiscuous mode enables the device running the analyzer to recognize all packets being sent over the network, irrespective of the source or destination. In promiscuous mode, a network card passes all network events to the operating system. In normal modes of operation, network traffic that is not intended for the adapter that received it is filtered out and not passed to the operating system, including the error conditions that the protocol analyzer is designed to detect.

IP address

An IP address is a unique binary address assigned to a device so that it can communicate with other devices on a TCP/IP network. IPv4 addresses are 32 bits in length, whereas IPv6 addresses are 128 bits long. An IP address consists of two portions: the network address portion that is common to all hosts and devices on a physical network, and the host address portion, which is unique to the individual host. However, you probably won't be able to determine which part of the IP address is the network address and which is the node address unless you apply a subnet mask. All devices on a TCP/IP network, such as computers, tablets, routers, and printers, each have a unique IP address.

Distance-vector routing

Distance-vector routing is used on packet-switched networks to automatically calculate route costs and routing table entries. Routers calculate the direction and distance between any two points and route packets based on their calculation of the fewest number of hops. Basically, distance vector means "how far" and "in what direction." This is the general process for distance-vector routing: 1. Each router passes a copy of its routing table to its neighbors and maintains a table of minimum distances to every node. 2. The neighbors add the route to their own tables, incrementing the metric to reflect the extra distance to the end network. The distance is given as a hop count; the vector component specifies the address of the next hop. 3. When a router has two routes to the same network, it selects the one with the lowest metric, assuming that it is faster to route through fewer hops. Note: Distance-vector protocols use the Bellman-Ford algorithm to calculate route paths.

Transmission types

IPv6 uses three different transmission types: unicast, multicast, and anycast. Broadcast addresses are not used for IPv6, and have been replaced with multicast addressing. IPv6 unicast is similar to the unicast address in IPv4, which has a single address identifying a single interface. Multicast in IPv6 is similar to IPv4 broadcast addressing in which a packet sent to a multicast address is delivered to every interface in a group. The difference in IPv6 is that it is targeted and only hosts that are members of the multicast group receive the multicast packets. Anycast is a transmission method in which data is sent from a server to the nearest node within a group. That node then initiates a second anycast and transmits the data to the next nearest node with the group. The process is repeated until all nodes within the group have received the data. Network nodes not in the group ignore the data.

Route convergence

In dynamic routing, when the network topology or conditions change, each router must first learn of the change and then calculate the effect and update its routing tables. Route convergence is the period of time between a network change and the router updates to reach a steady state once again. During route convergence, data delivery can be unreliable, as the routing table may not be updated with the route information.

Comparing static and dynamic routing

In static routing, routing entries are created manually in configuration files. This file is loaded when the router starts. Static routing is used when there are fewer devices on the network. Dynamic routing uses special software designed for routing devices. This software automatically creates routing entries for the router to connect all devices on the network. On systems that support both static and dynamic routing, the static routing will take precedence

IPv6 address space limitations

Limitations of the IPv4 address space include: • The 32-bit IP address space itself, which provides only a theoretical maximum of 2 32 , or approximately 4,295 billion, separate addresses. • The division of the address space into fixed classes, with the result that node addresses falling either between classes or between subnets are unavailable for assignment. • The fact that IP address classes provide a small number of node addresses, leading to difficulty matching IP address leases to a company's needs and IP addresses being wasted. • The depletion of Class A and Class B IP address assignments. • Unassigned and unused address ranges within existing Class A and Class B blocks.

Data Transmission on IP Networks

On a TCP/IP network, a sender transmits a protocol data unit (PDU) and waits for an acknowledgement of its receipt from a recipient—a TCP "ACK" signal. If the recipient is busy, the sender waits until it receives an ACK, after which it transmits the next PDU. Throughput can increase if data is sent as larger PDUs, with the recipient needing to send fewer acknowledgements. PDUs that exist at Layer 4 are segments (for TCP) and datagrams (for UDP).

Path-vector routing

Path-vector routing is used in inter-domain routing, and a router keeps track of the route from itself to the destination. However, rather than recording every individual node, path-vector routing can treat entire autonomous systems as nodes. As the AS border or exterior routers pass routing information from one to the next, each adds its presence to the path and forwards the route to the next autonomous system in the chain. If the destination address is within an AS, the border router passes the packet on to interior routers. Border Gateway Protocol (BGP) is an example of a path vector routing protocol. Path-vector routing is enhanced by its inclusion of routing policies, which are implemented by administrators to enable routers to react to situations such as network congestion, offline nodes, and potentially duplicate routes. Path-vector routing has roots in distance-vector routing, but was designed to scale up to much larger networks

IP Address Classes

The IPv4 address space consists of five blocks of addresses, called address classes, for use on specific networks based on their size. • Class A addresses provide a small number of network addresses for networks with a large number of nodes per network. Used only by extremely large networks, Class A addresses are too expensive for use by most organizations. The technical definition of a Class A address is any address where the first octet (on the left) begins with 0. • Class B addresses provide a balance between the number of network addresses and the number of nodes per network. Most organizations lease Class B addresses for use on networks that connect to the Internet. The technical definition of a Class B address is any address where the first octet (on the left) begins with 10. • Class C addresses provide a large number of network addresses for networks with a small number of nodes per network. The technical definition of a Class C address is any address where the first octet (on the left) begins with 110. • Class D addresses are set aside to support multicast transmissions. Any network can use them, regardless of the base network ID. A multicast server assigns a single Class D address to all members of a multicast session. There is no subnet mask. Class D addresses are routable only with special support from routers. The technical definition of a Class D address is any address where the first octet (on the left) begins with 1110. • Class E addresses are set aside for research and experimentation. The technical definition of a Class E address is any address where the first octet (on the left) begins with 1111. Characteristics of each address class are listed in the following table. Address Class Address Range Example Additional Comments Class A 1.0.0.0 to 126.255.255.255 10.28.220.19 Class A addresses can have up to 126 networks, each with up to 16,777,214 nodes. The practical range for a class A address is from 1.0.0.0 to 126.255.255.255. The actual class A range is from 0.0.0.0 to 127.255.255.255. However, both 0 and 127 in the first octet are reserved for special purposes, and are not assigned to nodes. Nodes use 0.0.0.0 to indicate that they currently have no IP address. 127 is reserved for diagnostics such as the loopback address (127.0.0.1). The default subnet mask for Class A networks is 255.0.0.0. Class B 128.0.0.0 to 191.255.255.255 155.128.20.106 Class B addresses can have up to 16,382 networks, each with up to 65,534 nodes. The default subnet mask for Class B networks is 255.255.0.0. Class C 192.0.0.0 to 223.255.255.255 201.208.120.86 Class C addresses can have up to 2,097,150 networks, each with up to 254 nodes. The default subnet mask for Class C networks is 255.255.255.0. Class D 224.0.0.0 to 239.255.255.255 230.43.160.48 Addresses are set aside to support multicast transmissions. Class E 240.0.0.0 to 255.255.255.255 250.217.39.190 Addresses are set aside for research and experimentation. Note: To test a network node, enter ping 127.0.0.1 , ping loopback , or ping localhost to verify that TCP/IP is functioning on a node

The delta method

There is a simpler way to identify the range of addresses for new subnets. It's called the delta method. It uses bit positions to determine the subnet ID increment. In the delta technique, you follow these steps: 1. Identify the bit position of the original subnet mask. 2. Determine how many subnets you need. 3. Based on the number of subnets needed, determine how many bits to move the mask. You can use this image to determine how many bits to move the mask from its original position. 4. Identify the delta. a. Expand the last octet and use the top row of the previous image to insert the decimal equivalents of each bit position. b. Move the mask from the old position to the new position. The number to the left of where the mask ends is the delta. 5. Assign subnet IDs and host address ranges based on the delta. Remember that the more you move the subnet mask, the more subnets you have. Fewer bits remain for the hosts, so there are fewer hosts per subnet. For example, you have the network 192.168.1.0/24 and you need two subnets. 1. The bit position of the original subnet mask is: 2. You know you need two subnets. 3. Based on the need for two subnets, you need to move the mask one bit. This changes the mask from 24 to 25. The dotted decimal equivalent of /25 is 255.255.255.128. 4. Identify the delta. a. Expand the last octet and use the top row of the previous image to insert the decimal equivalents of each bit position. b. Move the mask from the old position, 24, to the new position, 25. The number to the left of where the mask ends is the delta; in this example, it is 128. 5. Assign subnet IDs and host address ranges based on the delta, 128. This means that you need to increment the subnets by 128. Subnet Name Subnet ID First Host ID Last Host ID Broadcast ID Subnet 0 192.168.1.0/25 192.168.1.1 192.168.1.126 192.168.1.127 Subnet 128 192.168.1.128/25 192.168.1.129 192.168.1.254 192.168.1.255 You can subnet this way in any octet, although it is not likely that you will do it in the first octet. Also, the farthest you can go in the fourth octet is to take the mask to /30. In a /30 mask, the delta is 4, so you would only have two IP addresses available for hosts. This is commonly used for point- to-point WAN links where there would be only two nodes that need addresses, a router on either side of the WAN link.

Custom subnet masks

You can use a custom subnet mask to divide a single IP address block into multiple subnets. A custom subnet mask borrows node bits in a contiguous block from the left side of the node portion of the address, and uses them as network bits. This divides a single network address into multiple networks, each containing fewer nodes. Custom subnet masks are sometimes referred to as variable length subnet masks (VLSMs). There are different possible combinations of custom subnet masks on a Class C network. Last Octet of New Mask (Binary) New Mask (Decimal) Number of Added Networks Nodes per Network 10000000 255.255.255.128 2 126 11000000 255.255.255.192 4 62 11100000 255.255.255.224 8 30 11110000 255.255.255.240 16 14 11111000 255.255.255.248 32 6 11111100 255.255.255.252 64 2 11111110 255.255.255.254 Not allowed in Class C 11111111 255.255.255.255 Not allowed in Class C

IPv6 addresses

An IPv6 address is a 128-bit binary number assigned to a computer on a TCP/IP network. Some of the bits in the address represent the network segment; the other bits represent the host itself. IPv6 addresses are not case-sensitive. For readability, the 128-bit binary IPv6 address is usually separated by colons into eight groups of four hexadecimal digits. Each quartet of four hexadecimal digits equals 16 bits: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 While all eight groups must have four digits, leading zeros can be omitted: 2001:db8:85a3:0:0:8a2e:370:7334 and groups of consecutive zeros are replaced with two colons: 2001:db8:85a3::8a2e:370:7334 Some types of IPv6 addresses contain long sequences of zeros. A contiguous sequence of 16-bit blocks set to 0 in the colon-hexadecimal format can be compressed to :: (known as double-colon). To avoid ambiguity, you can perform the double-colon substitution only once per address. A 128-bit address provides 2 128 potential address combinations, which equals 340 billion trillion trillion (340 undecillion) possible addresses. Not all of those addresses will be publicly routable. In IPv6, everything to the left of the mask is referred to as the "prefix." That is the terminology in IPv6 rather than "network ID." Instead of "octets" it has "quartets" between the colons. Different levels in the IP addressing hierarchy have different prefix lengths, and hence different subnet mask assignments: • Regional Internet Registries (RIRs like the American Registry for Internet Numbers, or ARIN, and the Asia-Pacific Network Information Centre, or APNIC): The first 12 bits of an address refer to the Internet registry responsible for that region. Example: 2000::/12. In this case, the RIR is responsible for the address range of 2000::/12 to 200F:FFFF:FFFF:FFFF::/64. • ISPs are assigned /32: The first 32 bits (including the first 23 bits) refers to the ISP. Example: 2001:db8::/32. • Organizations at a specific location are assigned /48: The first 48 bits (including the two mentioned above) refer to the organization (called the "end site" or "site"). Example: 2001:db8:A00::/48—the A00 part refers to the organization/company (note the /48 mask). This designation is why companies and organizations might be referred to as "the 48s." • Subnets within an organization are assigned /64: If there are no subnets, then the organization's main network ID with a trailing zero is used for the prefix. Example: Here is the prefix for subnet zero: 2001:db8:A00:0/64. It is more commonly written as 2001:db8:A00::/. This next example is the prefix for subnet 2: 2001:db8:A00:2::/64. • Hosts are usually assigned a /64 mask. This example is assigned to the first host (probably the router) in the 2001:db8:A00::/64 network: 2001:db8:A00:1::1/64. IPv4 addresses differ from IPv6 addresses in several ways. • IPv4 addresses use 32 bits as opposed to the 128 bits used in IPv6 addressing. • The header information structure is different between IPv4 and IPv6 addresses. IPv6 headers are simpler, but expandable if you need to include options. The loopback address for an IPv6 host is ::1. The default route address (meaning anything unknown is sent to the default gateway) is ::/0. This corresponds with the IPv4 default route of 0.0.0.0/0. A host computer running IPv6 can use an IEEE standard called the extended unique identifier (EUI) to self-assign its node address. With EUI, the MAC address is padded in the center with FFFE, extending it to 64 bits in length. For instance, a MAC address of 01-00-11-22-33-44 would be changed to 0100:11FF:FE22:3344 to become the last 64 bits of the node's IPv6 address. While not a requirement, most vendors are adopting this format, as it's the easiest to implement. IPv6 replaces classful addresses with a more flexible and logical unicast addressing structure. There are different categories of unicast addresses that serve different functions. Unicast Address Type Description Global addresses Globally routable public addresses. Also known as aggregatable global unicast addresses, they are designed such that they can be summarized for efficient routing. Global addresses are the equivalent of the entire IPv4 public address space. Site-local addresses Addresses used for internal networks that are not routable on the Internet. The equivalent of the IPv4 private, nonroutable address blocks. Site-local addresses begin with FEC0::/10. In Sept 2004, the Internet Assigned Numbers Authority (IANA) requested the IETF deprecate this address type because it was ambiguous and could lead to misconfigurations resulting in network security leaks. Site-local addresses have been replaced with "unique local addresses" in the block fc00::/7. Of that block, fd00::/8 has been set aside for the 48s to use in their internal networks. Link-local addresses Addresses that are used to communicate and automatically assigned on private network segments with no router. Link-local addresses always begin with FE80. They are the equivalent of self-assigned IPv4 automatic private IP addressing (APIPA) addresses Unicast Address Type Description IPv6 transitional addresses Addresses used on mixed networks to support routing of IPv6 data across IPv4 networks. This class will be phased out when all routers convert to IPv6. An example of transitional addresses is Microsoft's IPv4-compatible version that Windows sometimes uses during 6-4 transition. In this version, the host ID is not the EUI, but instead the 4 octets of the IPv4 address. So, for example, if the IPv4 address is 192.168.1.26, the IPv6 address is 2001:0db8:85A3:0:192:168:1:26/64. 2002::/16 is a 6-to-4 routing prefix, meaning that networks that are in transition using 6-to-4 will use this prefix. IPv6 Tunneling One of the ways that IPv6 can be implemented is through the tunneling process. Like encapsulation, tunneling envelops a data packet in a form that is acceptable to the carrier. In this instance, you are encapsulating IPv6 packets to traverse IPv4 networks such as the Internet. An example of this is Microsoft DirectAccess, which creates an "Always On" VPN between a client and the corporate network. To make sure the packets can travel across all ISPs, the client encapsulates the IPv6 packets into IPv4 (Teredo tunneling on Windows OS and Miredo tunneling on Linux and Mac OS). The IPv4 encapsulation is removed at the corporate network end. There is also 6to4, which is an Internet transition mechanism that allows IPv6 packets to be transmitted over an IPv4 network without the need to configure explicit tunnels. Special relay servers are also in place that allow 6to4 networks to communicate with native IPv6 networks. The 4to6 Internet transition mechanism is the same but in reverse, allowing IPv4 packets to be transmitted over an IPv6 network. Router Solicitation and Advertising IPv6 routers regularly advertise information on the links to which they are connected. These advertisements are Internet Control Message Protocol Version 6 (ICMPv6) router advertisement (RA) messages, sent to the multicast group ff02::1. All the nodes on a link that belong to this group, and nodes configured for autoconfiguration, analyze those messages. Upon reception of an RA message, an autoconfiguring node not already configured with the corresponding global address will prepend the advertised prefix to the unique identifier. Nodes can send router solicitation (RS) messages to all the routers on the link. Nodes that have not configured an address yet use the unspecified address "::". The routers then answer immediately with an RA message containing a global prefix. The node is then able to extract a prefix and build its global address.

Private IP Address Conflicts

Because they do not get forwarded across external routers, private IP addresses do not cause duplicate IP address conflicts on the Internet. They can, however, cause duplicate IP address problems on an internal network. Private addresses are actual IP addresses that are used by most organizations internally. They are even used across routers inside the company's intranet. If the company's network is not designed well, there is a chance that the same private IP address block will be used in different parts of the internal network, causing problems. Another common cause of duplicate address problems occurs when two small locations use the same internal IP addressing scheme and then connect across the Internet via a VPN. Because the VPN acts as a direct connection between these networks, routers cannot make forwarding decisions if both sides use the same IP addresses.

Parity checking

Parity check is a process used to detect errors in memory or data communication. In this process: 1. A device checks the data sent and received on a word-by-word basis. 2. The sender adds one bit to each word of the data and then transmits to the receiver. If the number of 1s is odd, the bit will be another one, if the number of 1s is even, then the bit is zero. 3. The receiver compares the number of 1s within a transmitted byte to those received. 4. If the count matches, the data is assumed to be valid. If a word is determined to be corrupt, the receiver requests retransmission of the data.

Router discovery protocols

Router discovery protocols are used to identify routers on the network Protocol Description RIP RIP is a distance-vector routing protocol that is easy to configure, works well inside simple autonomous systems, and is best deployed in small networks with fewer numbers of routers and in a non-dynamic environment. Most equipment that supports RIP is lower in cost than that which supports more complicated router discovery protocols. RIP broadcasts the entire routing table, including known routes and costs, every 30 seconds. This places a lot of router discovery traffic on the network. When RIP builds its routing table, it does not take into account network congestion or link speed. A router records the route with the lowest metric to a location and removes the others. RIP is very stable, but convergence is slow. RIP is prone to count-to-infinity loops and does not support many of the new features expected on modern networks such as multicast addressing. RIP has been replaced with RIP version 2 (RIP v2). RIP v2 RIP v2 enhances RIP by supporting the following features: • Next Hop Addressing: Includes IP address information in routing tables for every router in a given path to avoid sending packets using additional routers. • Authentication: Enables password authentication and the use of a key to authenticate routing information to a router. • Subnet mask: Supports additional subnets and hosts on an internetwork by supporting VLSMs and including length information along with the routing information. • Multicast addressing: Decreases the workload of non-RIP v2 hosts by communicating only with RIP v2 routers. RIP v2 packets use 224.0.0.9 as their IP multicast address. • IPv6 support: Supports IPv6 networking. Most hosts and routers support RIP, so ensure that the RIP v2 mode you configure works with your current RIP configuration. Note: For more information on RIP v2, see RFC 1387 "RIP Version 2 Protocol Analysis." You might also be interested in RFCs 1388 and 1389 for RIP II information. OSPF On IP internetworks, link-state routing is usually accomplished by the OSPF protocol. Each OSPF router uses the information in its database to build the shortest possible path to destinations on the internetwork. Although OSPF uses less bandwidth than distance-vector protocols, it requires more memory and CPU resources. OSPF uses Dijkstra's algorithm for computing the best path through a network. OSPF supports IPv4 and IPv6. BGP BGP is a hybrid routing protocol used to establish routing between ISPs. BGP is the routing protocol used to connect Internet backbones. BGP maintains a table of IP networks among autonomous systems. BGP was created as a fully decentralized routing protocol to replace EGP in order to decentralize the Internet. The current version is BGP v4, which supports IPv4 and IPv6. Although BGP was created to replace EGP, BGP is considered an interautonomous routing protocol. When it is used to route information between ASs, it is called External BGP (EBGP), but when EGP is used to route information within an AS, it is referred to as Internal BGP (IBGP). IGRP Interior Gateway Routing Protocol (IGRP) is a distance-vector routing protocol developed by Cisco ® as an improvement over RIP and RIP v2. It was designed to be deployed on interior routers within an AS. IGRP introduced a composite metric, enabling an administrator to manually configure and add to the hop count up to four metric values to give extra value to the metric. Because of this, IGRP can support multiple routes to the same network and can even support load balancing across routes with identical metrics. EIGRP Enhanced Interior Gateway Routing Protocol (EIGRP) is a proprietary routing protocol by Cisco and considered a hybrid protocol. It includes features that support classful and classless subnet masks, and it can be used on multilayer switches. Additional updates reduce convergence times and improve network stability during changes. To ensure that EIGRP is a viable solution for interior routing, EIGRP removed routing protocol dependence on the network protocol. This means that routing tables can be built for several different protocols, such as IPv6. In March 2013, Cisco made EIGRP an open standard. IS-IS Intermediate System to Intermediate System (IS-IS) is a link-state routing protocol that is natively an OSI Network-layer protocol. IS-IS is similar to OSPF (they both use Dijkstra's algorithm) but IS-IS is able to support more routers than OSPF and does not support only a specific type of network address. This made IS-IS easily adaptable to support IPv6.

ARP

The Address Resolution Protocol (ARP) maps an IP address to a physical or media access control (MAC) address recognized within a local network. ARP resides on Layer 2, or the Data Link layer of the OSI model (Network Interface layer of the TCP/IP model), encapsulated by an Ethernet header. ARP enables you to dynamically discover the mapping of a Layer 3 IP address to a Layer 2 MAC address. ARP supports IP by resolving IP addresses to MAC addresses. Address resolution in ARP is performed in the following three steps: 1. ARP receives an IP address from IP. 2. If ARP has the MAC address in its cache, it returns it to IP. If not, it issues a Layer 2 broadcast to resolve the IP address. 3. A target node with the corresponding IP address responds with a Layer 2 unicast that includes its MAC address. ARP adds the MAC address into its cache and then sends it to IP as requested. ARP plays a critical role in address resolution. If IP needs to deliver a packet to an IP address on the local network, it needs to obtain the MAC address of the destination node directly from ARP. However, if IP needs to deliver a packet to an IP address on a remote network, it needs only the MAC address of the default gateway, and not of the destination node.

Comparing distance-vector and link-state routing

The primary advantages of distance-vector routing are that it is very easy to configure and is suitable for small networks. The primary disadvantages of distance-vector routing include the fact that routers send updates to their neighbors on a periodic basis whether the network is changed or not. This consumes extra bandwidth unnecessarily. In addition, distance-vector routers are aware only of their directly connected neighbors, and do not have a complete topology map of the network. They must trust that routing updates that their neighbors provide them are accurate. This provides opportunities for hacking, network "black holes," and infinite routing loops (a condition in which two routers each assume the other has a path to the destination when in truth neither does, so the routers pass a packet back and forth to each other indefinitely). The primary advantage of link-state routing is that all routers build and maintain a complete topology database of the entire network (or at least their area of the network). This means should one link fail, these routers can very quickly adapt by consulting their own databases for alternate routes, rather than relying upon neighboring routers to inform them of possible alternate routes. The primary disadvantage of link-state routing is that it requires a well-designed, hierarchical network with a central backbone area that all traffic and route updates pass through. Link-state routing protocols do not perform well when the network is designed poorly, when the network is discontiguous, or when the IP addresses cannot be summarized by the border routers.

Available Host and Network Addresses

Because neither the node portion nor the network portion of an IP address can be all 1s or all 0s, certain host addresses in each address class are invalid for individual hosts. For example, on a Class A network that uses the default subnet mask, the host address 10.0.0.0 is not valid because the host portion is all 0s—the address is identical to the network address. Similarly, the Class A address 120.255.255.255 is not valid because the host portion is all 1s. A host address with all 1s has a special purpose; it is used as a broadcast address. The address 127.255.255.255 would be used for broadcasts to the local subnet. The number of host addresses or network addresses available on networks in each class depends upon how many bits are in the network portion or host portion of the address. • The formula to calculate available host addresses is 2 n -2, where n is the number of host bits. Two addresses in each block are unavailable because host addresses cannot be all ones or all zeros. • Similarly, the formula to calculate available network addresses is 2 a , where a is the number of network bits. For network addresses, you do not need to reserve two addresses as you do with host addresses.

Connections

A connection is a virtual link between two nodes established for the duration of a communication session. Connections provide flow control, packet sequencing, and error recovery functions to ensure reliable communications between nodes. Connection services ensure reliable delivery by detecting and attempting to correct transmission problems. Connection Service Description Unacknowledged connectionless This service provides no acknowledgement of successfully transmitted data. The application must provide its own reliability checks. Simplex communications use this type of service. Acknowledged connectionless Nodes do not establish a virtual connection. However, they do acknowledge the successful receipt of packets. Web (HTTP) communications use this type of connection service. Connection-oriented Nodes establish a virtual connection for the duration of the session. Nodes negotiate communication parameters and typically share security information to establish a connection. This connection service provides the means for flow control, packet sequencing, and error recovery functions. Traditional, non-web- based networking applications often use connection-oriented services.

Count-to-Infinity Loops

A count-to-infinity loop can occur when a router or network goes down and one of the other routers does not realize that it can no longer reach the route. This loop results in the remaining routers broadcasting incorrect information and updating each other's routing tables to create an endless cycle of hop count recalculation. This cycle continues to infinity, which is configured as 16 hops in most routing implementations. Consider a network containing four routers that connect five networks. In calculating the cost to network E, router 3 figures its cost to be one hop, router 2 figures two hops, and router 1 figures three hops. If router 4 fails, router 3 must recalculate its routing table by using information from other routers. However, router 3 still thinks that it can reach network E, and uses information advertised from router 2 to calculate its table. According to router 2, network E is still two hops away, so router 3 broadcasts that its cost to network E is three hops. Router 1 receives the new information from router 3, updates its table, and then broadcasts this information. Router B also recalculates accordingly and the infinite loop continues.

Default Gateways

A default gateway is the IP address of a router that routes remote traffic from the device's local subnet to remote subnets. Typically, it is the address of the router connected to the Internet. A TCP/IP host does not need a default gateway address if the device does not need to communicate with devices outside its local subnet. In this case, it needs only the MAC address. You need to configure a node with an IP address, a subnet mask, and a default gateway to communicate on the Internet or any other external network. You will need only an IP address and a subnet mask to communicate with other nodes on your network. Note: You can enter ipconfig at the command prompt to view the TCP/IP parameters on your Windows device. In Linux, this command is ifconfig .

Hybrid routing

A hybrid routing protocol is one that uses the best of both distance-vector and link-state routing methods. Cisco's Enhanced Interior Gateway Protocol (EIGRP) is an example of a hybrid routing protocol. As with the distance-vector protocol RIP, EIGRP depends on neighboring routers to advertise the cost of each route. And as with the link-state protocol OSPF, EIGRP maintains a topology table of the entire network, indicating possible alternate routes should the best route fail.

Routes

A route is the path used by data packets to reach the specified destination, using the gateway as the next hop. Routes are added to the routing table, which stores information about connected and remote networks. Connected networks are directly attached to one of the router's interfaces, which are the gateways for the hosts on different local networks. Because remote networks are not directly connected to the router, routes to these networks must be manually configured on the router by the network administrator or set automatically by using dynamic routing protocols.

Routing loops

A routing loop is a routing process in which two routers discover different routes to the same location that include each other, but have incorrect information and thereby never reach the endpoint. Data caught in a routing loop circles around until its TTL expires. Routing loops can be difficult to detect and to troubleshoot; the best prevention is proper router configuration. For example, Routers A, B, and C are connected in a line. When the link between A and B goes down, it prompts B to update its routing table. But, this update does not reach C on time, and it sends its regular update to B. This leads B to assume that C has found an alternate path to reach A. An endless loop is created because B tries to send packets addressed to A via C, which redirects the packets to B. This routing loop continues until the TTL of the data expires.

Routing tables

A routing table is a database created manually or by a route-discovery protocol that contains network addresses as perceived by a specific router. Routers refer to this table to determine where to forward packets. If a router attached to four networks receives a packet from one of them, it would have to determine which of the three other networks is the best route to transfer the packet to its destination. Each router uses its routing table to forward a packet to another network or router until the packet reaches its destination. You can specify the maximum number of hops packets can take from a sender to a receiver. The number of hops along a route between two networks constitutes that route's cost . However, a cost can also consist of other specifications, such as the transmission speed. Typically, a router maintains the most cost-effective route in its table. Routing metrics are metrics used by a router to make routing decisions. The metrics are typically one of the fields in a routing table. Metrics are used to determine whether one particular route should be chosen over another. Router metrics can contain any number of values and are typically based on information such as path length, bandwidth, load, hop counts, costs, latency, maximum transmission unit (MTU), administrative distance, and Shortest Path Bridging (SPB).

Subnet masks

A subnet mask is a number assigned to each host for dividing the IP address into network and node portions. This segregation makes TCP/IP routable. A subnet mask removes the node ID from the IP address, leaving just the network portion. A subnet mask is a series of continuous binary 1s that end abruptly at some point, followed by all 0s. Where the 1s end and the 0s begin marks the dividing line between network ID and host ID Default subnet masks use the value of eight 1s in binary, or 255 in decimal, to mask an entire octet of the IP address. Groups of IP addresses have specific default subnet masks. Default Subnet Mask Value of the First Octet of IP Address 255.0.0.0 1-126 255.255.0.0 128-191, with some being reserved 255.255.255.0 192-223 Note: IP addresses with 127 as the value of the first octet are reserved for loopback (diagnostic) testing. The following are examples of permitted subnet masks: • 255.0.0.0 • 255.255.0.0 • 255.255.255.0 • 255.255.128.0 • 255.255.255.244 Examples of illegal subnet masks are: • 255.0.255.0 • 255.255.292.255 • 255.240.254.0 • 255.255.0.192 Applying a Subnet Mask To apply a subnet mask, you can convert both the IP address and subnet mask to binary. Then, you can use a technique called binary ANDing to combine the two binary numbers. The result of ANDing these two numbers together is to yield the network number of that address. The binary AND operation involves two rules: • 0 AND any other value equals 0. • 1 AND 1 equals 1. Note: There are other ways to accomplish this, which you will see later in this lesson.

Autonomous systems

An autonomous system (AS) or a routing domain is a self-contained network or group of networks governed by a single administration. An AS can connect to other networks or other autonomous systems, but does not share routing information outside of the AS. Each AS has a unique identification number assigned by the Internet Assigned Numbers Authority (IANA). Depending on whether routing takes place within an autonomous system or among different autonomous systems, it is referred to as intra-domain routing or inter-domain routing. Each autonomous system may choose different routing algorithms for intra-domain routing, but only one algorithm can be used for inter- domain routing. IS-IS and Open Shortest Path First (OSPF) are interior (intra-domain) routing protocols designed to work within an autonomous system. IS-IS is an OSI link-state routing protocol that dynamically routes packets between routers or intermediate systems. OSPF is an Internet link-state protocol based on IS-IS. An autonomous system number (ASN) is a 16-bit number assigned by the American Registry for Internet Numbers (ARIN). Nearly all ISPs, as well as many large organizations, have their own ASNs, which uniquely identify each network on the Internet. Classification of Autonomous Systems Autonomous systems can be classified as transit and stub autonomous systems . Autonomous System Description Transit The source or destination node does not reside within an autonomous system. The autonomous system allows the traffic to reach another network. ISPs are examples of transit autonomous systems. Stub Either the source node or destination node must exist within an autonomous system. The stub autonomous system does not allow transit traffic

protocol binding

Assigning a protocol to a network interface card (NIC) is referred to as protocol binding . As protocols govern data transmission, it is critical to bind the protocol to the network interface as it creates a path for the flow of data. Multiple protocols can be bound to a NIC, and the NIC can use any of the protocols that are bound to it to communicate with other nodes on the network. Dual-stack is the side-by-side implementation of IPv4 and IPv6. This is where both protocols run on the same network infrastructure, and there's no need to tunnel IPv6 inside IPv4 or vice versa. Windows has provided dual-stack support since Windows Vista ® . In a scenario where a network interface is bound with multiple protocols, it attempts to connect to a receiving node by sequentially testing the available protocols until it gets a response from the receiving node using a protocol. This carries an inherent risk that the protocol that the node responds to might not be the most efficient one—it is simply the first compatible protocol in the sender's protocol list that the two nodes have in common. In Windows, you can specify the binding order in which to bind protocols to a network interface. When you set the binding order to prefer the protocol you most frequently use on your network, your system does not attempt to use other protocols to access the network, thus increasing the efficiency of the connection. In Linux, the ifconfig command will display whether or not you are using IPv6. You can disable IPv6 by editing /etc/sysctl.conf. You would add the following lines to the file and restart the sysctl service: net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1

The custom subnetting process

Because IP addressing uses the binary numbering system, every time you move the subnet mask to the right one bit, you are dividing by two. • If you move the subnet mask one bit to the right, you are dividing one network in half, giving you two subnets. • If you move the subnet mask one more bit to the right (two bits total) you are dividing the two parts again, giving you four subnets. • If you move the mask yet again (three bits total), you are dividing again, giving you a total of eight subnets. This is rather like watching cells divide under a microscope. For example, suppose you have the network 192.168.1.0 /24. This is a typical Class C network block. The total range of addresses on the host side is 256 (0 to 255). The two outside addresses, 0 and 255, have special meaning and cannot be assigned to hosts. • 0 (192.168.1.0) is the subnet ID. • 1 (192.168.1.1) is the first legitimate host ID, and 254 (192.168.1.254) is the last legitimate host ID. • 255 (192.168.1.255) is the broadcast ID. In binary, the subnet mask looks like this: Now, imagine that you need to divide this network into two parts. To do this, you need to move the mask to the right one bit. When you move the mask to the right one bit, borrowing a bit from the host side, the new mask is now no longer /24, it is /25. In binary, it now looks like this: You have divided the network into two halves, each receiving half of the original block of host addresses. That's 128 addresses per subnet. Address Range Subnet ID First Host ID Last Host ID Broadcast ID 0 to 127 0 1 126 127 128 to 255 128 (192.168.1.128) 129 (192.168.1.129) 254 (192.168.1.254) 255 (192.168.1.255) The new subnet mask for both of these subnets is no longer /24, it is now /25. In dotted decimal, that is 255.255.255.128. Here's another example. Suppose you need to take the same original network of 192.168.1.0/24 and divide it into four subnets. You will need to move the mask 2 bits to the right. The new mask for the four subnets is now /26, or 255.255.255.192. When you divide the original network into four parts, each receives one-fourth of the original block of host addresses. Address Range Subnet ID First Host ID Last Host ID Broadcast ID 0 to 63 0 1 62 63 64 to 127 64 65 126 127 128 to 191 128 129 190 191 192 to 255 192 193 254 255

Buffering

Buffering is a flow control technique in which data received is stored on a temporary high-speed memory location, called a buffer, until the main system components are ready to work with the data. In a networking situation, the network card itself handles buffering so that the processor does not have to become involved. Buffering is also used when reading information from the disk or RAM, in which case the buffer is more often called a cache. A cache controller, a specialized processor chip, manages caching so that the processor does not have to. Even with a high-speed buffer, data can sometimes arrive too quickly to be handled. This situation is called flooding . To avoid flooding, receiving devices typically send a squelch signal to the sender when the buffer is approximately 75 percent full. Upon receiving a squelch signal, the sender will slow or halt further data transmissions until the receiver catches up. Both TCP and UDP use buffering to protect the receiver from being overwhelmed by incoming data. • TCP has a built-in mechanism to continuously communicate the receiver's buffer size to the sender, so that the sender knows how much data it can send at any one time without waiting for an acknowledgement from the receiver. • UDP has no such mechanism. Instead, it discards any packets it cannot accommodate, expecting the application to manage any errors. Because most UDP applications incorporate a continuous stream of content (voice, live video) or repeated requests (Simple Network Management Protocol [SNMP] management, DNS queries), buffer-related errors are tolerated and compensated for by the application.

Classless inter-domain routing (CIDR)

Classless inter-domain routing (CIDR) is a classless addressing method that considers a custom subnet mask as a 32-bit binary word. Mask bits can move in one-bit increments to provide the exact number of nodes and networks required. The CIDR notation combines a network address with a number to represent the number of 1 bits in the mask. With CIDR, multiple class-based networks can be represented as a single block. Note: CIDR can also be referred to as classless routing or supernetting. Because of its efficiencies, CIDR has been rapidly adopted, and the Internet today is largely a classless address space. CIDR and VLSM VLSM and CIDR are essentially the same thing. They both use slash notation to represent a custom subnet mask. The difference is that VLSM refers to lengthening the mask to create multiple subnets out of a single network, whereas CIDR refers to shortening the mask to aggregate smaller networks into a larger network for routing purposes on the Internet. CIDR Subnet Mask Values There are different values possible for each CIDR subnet mask. The /24, /16, and /8 CIDR masks correspond with the classful ranges of Class C, Class B, and Class A, respectively. CIDR Mask (Number of Network Bits) Number of Possible Nodes Standard Subnet Mask in Dotted Decimal /32 N/A 255.255.255.255 /31 N/A 255.255.255.254 /30 2 255.255.255.252 /29 6 255.255.255.248 /28 14 255.255.255.240 /27 30 255.255.255.224 /26 62 255.255.255.192 /25 126 255.255.255.128 /24 254 255.255.255.0 /23 510 255.255.254.0 /22 1,022 255.255.252.0 /21 2,046 255.255.248.0 /20 4,094 255.255.240.0 /19 8,190 255.255.224.0 /18 16,382 255.255.192.0 /17 32,766 255.255.128.0 /16 65,534 255.255.0.0 /15 131,070 255.254.0.0 /14 262,142 255.252.0.0 /13 524,286 255.248.0.0 /12 1,048,574 255.240.0.0 /11 2,097,150 255.224.0.0 /10 4,194,304 255.192.0.0 /9 8,386,606 255.128.0.0 /8 16,777,214 255.0.0.0 /7 33,554,430 254.0.0.0 /6 67,108,862 252.0.0.0 /5 134,217,726 248.0.0.0 /4 268,435,544 240.0.0.0 /3 536,870,910 224.0.0.0 /2 1,073,741,824 192.0.0.0 /1 N/A N/A

Cyclic redundancy checking

Cyclic redundancy check (CRC) is an error detection method in which a predefined mathematical operation is used to calculate a CRC code. In this error detection process: 1. The sender attaches the CRC to a block of data and transmits it to a receiver. 2. The receiver calculates its own CRC value for the data block and compares it to the transmitted CRC. 3. If the values match, the receiver assumes the data was unaltered during transmission. Typically, CRC checks are applied to large blocks of data, such as all the data sent in a packet. Thus, fewer error detection bits must be transmitted with the data in a packet. However, if a CRC check fails, the entire block must be retransmitted. In general, though, CRC checking uses less network bandwidth than parity checking.

Data windows

Data windows constitute a flow control technique in which multiple packets are sent as a unit called a block or a window. The recipient acknowledges each window rather than each packet, resulting in higher throughput. Two types of data windows are available: fixed length and sliding. Data windows define how much data can be sent without waiting for an acknowledgment. The flow control window, whose size is set by the receiver, ensures that packets are sent at the same speed as the receiver's processing. The size of a data window is set by a sender. In the simplest case, a sender transmits one packet and then waits for an acknowledgement from the recipient, an ACK signal. If the recipient is busy, the sender sits idle until it receives the ACK, after which it sends the next packet. Throughput can be increased if data is sent in larger packages, with the recipient sending fewer acknowledgements. The data window size can be fixed or variable. With fixed-length windows , every block contains the same number of packets. To avoid flooding the buffers of some devices, fixed-length windows are typically small. So, while fixed-length windows are more efficient than sending individual packets, they are less efficient than sliding windows. Sliding windows use variable block sizes. The first block sent contains a small number of packets. Each subsequent block is a bit larger, until the sender floods the buffers of the recipient. Upon receiving the squelch signal, the sender reduces the window size and resumes transmission. The window size is continually reevaluated during transmission, with the sender always attempting to send the largest window it can to speed throughput. TCP uses sliding windows to communicate the receiver's buffer size to the sender. A receive buffer is merely an amount of RAM allocated to a process for it to hold incoming or outgoing data until it is finished processing it. A host's TCP receive buffer will expand or contract in size, depending on how much RAM the operating system can spare at the moment. In the header of every TCP segment is a 16-bit Window Size field that tells the sender how much the receiver can handle at that moment. The sender will then accordingly increase or decrease the number of segments it sends before pausing and waiting for an acknowledgement.

Error detection

Error detection is the process of determining if transmitted data has been received correctly and completely. Typically, the sender attaches extra bits in the form of an error detection code (EDC) to the footer of the transmitted data to indicate its original contents. The receiver generates an EDC and compares it with the transmitted EDC to determine if the data has been altered en route. • If the EDCs match, the receiver processes the data. • If the receiver finds an error, it requests retransmission of the data. Error detection can also include a correction component, error detection and correction (EDAC) , wherein if data has an error, the receiver can rebuild the data.

Flow control

Flow control is a technique for optimizing data exchange between systems. If too much data is sent at once, the receiving node can become overwhelmed, dropping packets that arrive too quickly to process. If too little data is sent, the receiver sits idle waiting for more data to arrive. Buffering and data windows are two flow control techniques commonly used in networking. TCP, being a connection-oriented protocol, uses flow control to help regulate the flow of data between hosts and manage the session. UDP, being connectionless, makes no attempt at flow control.

Binary and decimal conversion

Humans normally perform calculations by using the decimal (base 10) numbering system. Electronic machines, however, perform calculations by using the binary (base 2) numbering system . In the decimal numbering system, each position, starting from the rightmost, signifies a higher power of 10. Similarly, in the binary numbering system, each position, starting from the rightmost, signifies a higher power of 2. For a given value of n, the decimal values of 2 n vary accordingly. Exponent Value Decimal Value 2 0 1 2 1 2 2 2 4 2 3 8 2 4 16 2 5 32 2 6 64 2 7 128 The following table shows 8-bit binary numbers and their decimal equivalents, along with the numeric conversion used to go from binary to decimal. Binary Number Conversion Decimal Value 00000001 0+0+0+0+0+0+0+2 0 1 00000011 0+0+0+0+0+0+2 1 +2 0 3 00000111 0+0+0+0+0+2 2 +2 1 +2 0 7 00001111 0+0+0+0+2 3 +2 2 +2 1 +2 0 15 00011111 0+0+0+2 4 +2 3 +2 2 +2 1 +2 0 31 00111111 0+0+2 5 +2 4 +2 3 +2 2 +2 1 +2 0 63 01111111 0+2 6 +2 5 +2 4 +2 3 +2 2 +2 1 +2 0 127 11111111 2 7 +2 6 +2 5 +2 4 +2 3 +2 2 +2 1 +2 0 255 Windows Calculator You can use the Calculator accessory that is built into the Windows operating systems to convert decimal and binary numbers. Switch the calculator to the Programmer view, type a number, and use the Dec and Bin radio buttons to convert the number from one format to another. Other Numbering Systems As you work with computing devices and networks, you are likely to encounter other number systems, such as: • The octal (base 8) numbering system , where each digit is the equivalent of three binary digits. Each position, starting from the rightmost, signifies a higher power of eight. • The hexadecimal (base 16) numbering system , where each digit is the equivalent of four binary digits. Each position, starting from the rightmost, signifies a higher power of 16. This numbering system is sometimes referred to as hex, and the symbols used are 0 through 9 and A through F.

Dotted decimal notation

IP addresses are usually displayed in dotted decimal notation, rather than in binary. The dotted decimal notation consists of four decimal numbers separated by three dots. Each decimal number is called an octet and represents eight binary bits. Each decimal number can range from 0 to 255. When pronouncing a dotted decimal number, include the separator dots.

The IP data packet delivery process

IP assigns the correct source and destination IP address to a data packet. The process of delivering a data packet by IP consists of four steps: 1. The data payload has been prepared by either the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP). If necessary, name resolution has already taken place. 2. The Transport-layer protocol passes the segment/datagram down to IP. 3. IP encapsulates the segment/datagram into an IP packet that includes the source and destination IP addresses. 4. IP passes the packet to the Network Interface layer for Layer 2 addressing and transmissions.

IPv6

IP version 6, or IPv6, the successor to IPv4, is an addressing scheme that increases the available pool of IP addresses by implementing a 128-bit binary address space. This equates to 340 trillion trillion trillion addresses. IPv6 also includes new features, such as simplified address headers, hierarchical addressing, support for time-sensitive network traffic, required security, and a new structure for unicast addressing. IPv6 is not compatible with IPv4, so at present it is narrowly deployed on a limited number of test and production networks. Full adoption of the IPv6 standard will require a general conversion of IP routers to support interoperability. Note: For more information on IPv6, see the IP Version 6 Working Group charter at www.ietf.org/html.charters/ipv6-charter.html by the Internet Engineering Task Force (IETF). Some of the other benefits of IPv6 include: • One of the goals of IPv6 is to keep the IP headers as small as possible, to make access to the address more efficient and quicker. Non-essential information in IPv6 headers is moved to optional extension headers. • Stateless auto-reconfiguration of hosts allows an IPv6 host to configure automatically when connected to a routed IPv6 network. • A new field in the IP header of IPv6 packets enables IP to guarantee the allocation of network resources when requested by time-dependent services such as voice and video transmission. • IPv6 implements network-layer encryption and authentication with IPSec.

Guidelines for implementing IPv6 addressing

IPv6 has many advanced features that are not available in IPv4. Although IPv6 is being implemented in test and production networks, IPv4 is implemented on a larger scale. As there are many IPv4 networks, when implementing IPv6 on a network, you need to follow these guidelines to ensure backward compatibility with IPv4. To implement IPv6 on an IPv4 network, follow these guidelines: • Implement IPv6 in phases throughout the organization. • Ensure interoperability between IPv4 and IPv6 during the initial phase of the transition from IPv4 to IPv6, rather than trying to replace IPv4 completely with IPv6. • Remember that the network classes used in IPv4 will not apply to IPv6. • Configure AAAA domain name service (DNS) records for IPv6 although IPv4 DNS services make use of A records. • Upgrade the necessary hardware to support IPv6. This includes all nodes, hosts, and routers on the network. • Ensure that the IPv6 environment, once implemented, is scalable to support the future requirements of your network. • Ensure that IPv6 packets that are sent on an IPv4 network are encapsulated. This can be done by tunneling.

Encapsulation on TCP/IP Networks

If an application is initiated on the TCP/IP network, data is sent from the Application layer to the Transport layer. The Transport layer adds a header to the datagram and moves the datagram to the Internet layer. In the Internet layer, another header is added to the datagram and passed to the Network Interface layer, which adds a header and a trailer. The entire packet with the header and trailer information is sent to ensure its proper delivery. Upon receiving the data, the device removes the corresponding headers and trailers from the data and moves it up through the stack to the Application layer. Encapsulation on TCP/IP Networks Remind student that data encapsulation was introduced in Lesson 1, during the discussion of the OSI model.

The local and remote delivery process

In the local and remote delivery process: 1. A network node uses a subnet mask to determine whether a data packet is bound for the local subnet or must be routed to a remote subnet. 2. The node applies the subnet mask to its own IP address to determine its own network ID. 3. It then applies the subnet mask to the packet's destination address to determine the destination network ID. 4. Once the node has applied the subnet mask, it compares the two network IDs. 5. If they are the same, then the two nodes are on the same subnet and the node can deliver the packet. 6. If the two networks are different, then the two nodes are remote to each other and the data is routed to the remote network. Note: The process of determining local and remote addresses based on IP addresses falls under the Network layer's routing protocol function.

IP

Internet Protocol (IP) is a Network-layer (OSI Layer 3) protocol that is responsible for routing IP individual datagrams and addressing. Responsible for packet formatting and the logical addressing scheme, IP is a connectionless protocol and acts as an intermediary between higher protocol layers and the network. It makes no guarantees about packet delivery, corruption of data, or lost packets. IP can carry either TCP or UDP as its payload. When IP is used with TCP, then IP provides the connection and TCP provides reliability because it is a guaranteed-delivery protocol.

Link-state routing

Link-state routing floods routing information to all routers within a network. It attempts to build and maintain a more complex route database with more information about the network. Routers can exchange information about a route, such as its quality, bandwidth, and availability. This way, the routers can make a decision about sending data through the network based on more information than just the hop count. Link-state algorithms broadcast small updates and converge quickly, a feature that makes them less prone to routing loops. However, link-state algorithms are more expensive to implement because they require more power and memory. The Open Shortest Path First (OSPF) protocol implements link- state routing. In link-state routing, routers update each other only when one of their links changes state. Otherwise, they do not communicate except for sending a periodic "hello" packet to assure their neighbor routers that they are still functioning on the network.

Guidelines for creating custom IP addressing schemes

Note: All of the Guidelines for this lesson are available as checklists from the Checklist tile on the CHOICE Home screen. You can use the following guidelines to help you create custom subnets: • For simplicity's sake, assign an entire Class C octet to a subnet when possible. • If your subnet has over 100 workstations as well as many transient DHCP clients (such as laptops or mobile devices), consider using a shorter mask to create a larger address pool (/23 or /22). • Make sure none of your subnets have overlapping IP addresses. You can use the following guidelines to help you create custom subnet masks: • Use the table to quickly map the number of needed subnets to the number of borrowed mask bits. • For simplicity's sake, do not use custom subnet masks (VLSM) unless necessary. • Exception to the above: When assigning subnets to point-to-point WAN links, use a /30 mask to conserve IP addresses. You can use the following guidelines to help when you use CIDR: • Use CIDR notation (as opposed to dotted decimal) for VLSM. • When subnetting, physically organize the topology of your network so that the subnets can be aggregated together into a supernet by a single border router. You can use the following guidelines to help you with the subnetting process: • Determine the number of subnets you need based on the number of geographical locations you have, the number of VLANs you have, or the need to isolate segments into their own subnet for security reasons. • Use the delta method to determine the subnet ID increments, as well as the IP address ranges for each subnet. Licensed For Use Only By: Joshua Ross [email protected] Apr 3 2018 8:57AM • Use the number of subnets and number of mask bits table to help you with the subnetting process. You can use the following guidelines to help you with the delta method: • Draw the number of mask bits in a diagram to help you visually identify the old and new mask positions. • Use the number of subnets and number of mask bits table to help you identify the delta. You can use the following guidelines to help you with network ID calculation: • Keep in mind that the network (subnet) ID must always be an increment of a binary number (1, 2, 4, 8, 16, 32, 64, or 128). • Use a diagram of bits to help you identify the delta and thus the network ID increments. Access the Checklist tile on your CHOICE Course screen for reference information and job aids on How to Create Custom IP Addressing Schemes.

Split horizon and poison reverse

One workaround to the count-to-infinity problem is the split horizon method, where a router does not include any routes to the router from which it discovered its own location in its broadcasts. Another workaround to the count-to-infinity problem is called a poison reverse . Unlike in split horizon, routers using poison reverse broadcast routes back to the router from which they calculated their location, but instead of giving a true hop count, to discourage use of the route, the router broadcasts a hop count of 16, as a warning not to use the value specified and as an intimation that the route was learned from router 1.

Private IP Addresses

Private IP addresses are addresses that organizations use for nodes within enterprise networks requiring IP connectivity and not external connections to the Internet. There are IP addresses in three of the address classes (A, B, and C) that are reserved as private IP addresses. When an Internet router receives a data packet bound for one of these reserved IP addresses, it recognizes the address as nonroutable and does not forward it outside the network. Private IP addresses can be used freely on internal networks. Any IP addresses outside of the private IP address ranges are considered public addresses. These are globally routable unicast IP addresses. An organization can use private IP addresses without contacting an Internet registry or the ICANN. These addresses are not injected into the global Internet routing system. Therefore, different organizations can use the address space simultaneously. Problems arising due to the shortage of IP addresses are partly resolved by private IP addresses Note: In order for a device with an assigned private IP address to access Internet resources or other external networks, the private IP address needs to be converted to a routable address. This is usually accomplished through a gateway or by a router. There are also link-local addresses, which are network addresses that are valid only for communications within the network segment or the broadcast domain that the host is connected to. Link-local addresses are usually not guaranteed to be unique beyond a single network segment and routers therefore do not forward packets with link-local addresses. The private IP address ranges are: • 10.0.0.0 to 10.255.255.255 • 172.16.0.0 to 172.31.255.255 • 192.168.0.0 to 192.168.255.255

Connection-Oriented and Connectionless Protocols

Protocols can be divided into two categories depending upon the types of connections they establish. They are connection-oriented and connectionless protocols. Connection-oriented protocols are a data transmission method in which a connection is established before any data can be sent, and where a stream of data is delivered in the same order as it was sent. Connectionless protocols are a data transmission method that does not establish a connection between devices and where data may be delivered out of order and may be delivered over different paths. TCP is an example of a connection-oriented transport protocol, and UDP is an example of connectionless. Connection-oriented protocols operate in three phases. 1. In the first phase, a connection is established and the devices negotiate the parameters for the connection. 2. During the second phase, the devices transfer data. 3. And in the third phase, the connection held by the devices is released and is torn down as it is no longer required. Connectionless protocols do not have any explicit setup or release phases, and are always in the data transfer phase. If a device has data to be sent to the other, it just sends it. Connection-oriented systems can function only in bidirectional communication environments. Connectionless communication is achieved when information is transmitted from a source to a destination without checking to see if the destination is prepared to receive the information. In environments where it is difficult to transmit data to a destination, the sender may have to retransmit the information multiple times before the destination receives the complete message.

Router roles in autonomous systems

Routers can play three different roles in autonomous systems. Router Role Description Interior router Interior routers are arranged inside an AS, and the AS administrator controls them. All interfaces on an interior router connect to subnets inside the AS. Interior routers use IGPs. Interior routers do not provide connections to external networks. Exterior router Exterior routers are entirely outside of an AS. These routers matter to the AS only if they handle data from the AS. Exterior routers use EGPs. Routers that operate on the Internet backbone are exterior routers. Border or edge router Border routers or edge routers are situated on the edge of an AS. They have one or more interfaces inside the AS and one or more interfaces that provide a connection to remote networks. Border routers are usually managed by the administrator of an AS and can be placed between two private networks or between a private network and its ISP to direct requests to the Internet. An interior gateway protocol (IGP), as the name suggests, is a protocol responsible for exchanging routing information between gateways within an AS. In contrast, an exterior gateway protocol (EGP) exchanges routing information between two neighboring gateways. EGPs can also use IGPs to resolve a route within the AS. Examples of IGPs include Routing Information Protocol (RIP), OSPF, Enhanced Interior Gateway Routing Protocol (EIGRP), IS-IS, and Interior Gateway Routing Protocol (IGRP). Examples of EGPs include Exterior Gateway Protocol (EGP) (a legacy Internet routing protocol) and Border Gateway Protocol (BGP).

Dynamic routing

Routers that support dynamic routing perform route discovery operations to build and update routing tables themselves by using specially designed software. Routers transmit data to adjacent routers providing information about the networks they are currently connected to and networks they can reach. In the dynamic routing process, routing entries are created automatically. Dynamically built routing tables can show a more accurate picture of a network because they are updated more often than static tables. This is because the routers, not the administrator, update the tables. If the network suffers traffic congestion or device failures, a router running dynamic routing protocols can automatically detect the problem and calculate a different routing path. This feature is a huge advantage on large networks that have many routers or multiple paths to each endpoint. Route redistribution is when a route from one routing protocol is distributed into another protocol. This allows two different protocols to share and advertise routes to each other. By default, routers advertise and share routes only with other routers running the same protocol.

The route command

Routes to destinations that are not in the default routing table must be added manually. On Windows Server ® 2012 R2, you can use the route command to manage the static routing table. Command Used To route print Display the routing table entries. route add Add static entries. route delete Remove static entries. route change Modify an existing route. route -p Make the specified route persistent across reboots, when used in conjunction with the add command. route -f Clear a routing table of all entries.

Routing

Routing is the process of selecting the best route for transferring a packet from a source to its destination on a network. A router applies appropriate algorithms to generate and maintain an information base about network paths. It considers various routing metrics such as the bandwidth and reliability of the path, and communication costs while evaluating available network paths to determine the optimal route for forwarding a packet. Once the optimal route for a packet is assigned, packet switching is done to transport the packet from the source host to a destination host. The action of forwarding a packet from one router to the next is called a hop . Software-Based Routing in Windows Server Although not as common as hardware-based routers, Windows Server computers with two or more network interface cards (NICs) installed can use the Routing and Remote Access software to function as routers. For testing purposes, instead of installing two NICs, you can install a software- based interface called the Microsoft ® Loopback Adapter on your Windows ® system, which can simulate the presence of an additional NIC.

Routing entry components

Routing entries are entries in routing tables that provide routing information to a router. There are several components to each entry in a routing table. Routing Entry Component Description Network destination or network address The destination field contains the network ID of a destination address and is the search point when processing the routing table. It can be listed as a complete address, but the router will be more efficient if destination entries are listed as network IDs. This way, only one entry is added to the routing table for an entire subnet, no matter how many nodes are on it. Network mask A network mask is specific to a routing entry. It determines the extent to which a packet's destination address needs to match the network destination field of a routing entry before that route is used to deliver the packet. Gateway The gateway field indicates the address to which the packet is delivered on its first hop. It can be the local loopback address, a local IP address, the host's own default gateway address, or the address of an adjacent router. Interface The interface is the IP address of the local port that a host uses to send data. Once a destination entry is found, data is sent to the interface entry listed in the same line as the destination. Metric A metric is the cost of the route, and it is determined by the number of hops. The metric is used to determine which route to use when there are multiple routes to a destination.

Routing table entries

Routing table entries fall into four general categories: • Direct network routes, for subnets to which the router is directly attached. • Remote network routes, for subnets that are not directly attached. • Host routes, for routes to a specific IP address. • Default routes, which are used when a better network or host route is not found. All IP host computers have a routing table with default entries so that the host can deliver packets to common destinations. Entry Description Default gateway (destination: 0.0.0.0) The default gateway entry appears if the local host has been configured with a default gateway address. Local loopback (destination: 127.0.0.1) The local loopback entry provides a delivery route for packets addressed to the local loopback address (127.0.0.1). Local subnet (destination: network portion of local IP address plus host address of all 0) The local subnet entry identifies the route to the local network. An example of a destination address can be 140.125.0.0. Network interface (destination: local IP address) The network interface entry identifies the route to the host's local network card. An example of a destination address can be 140.125.10.25. Subnet broadcast address (destination: network portion of local IP address plus host address of all .255) The subnet broadcast entry identifies the route for broadcasts on the local subnet. An example of a destination address can be 140.125.255.255. Multicast broadcast address (destination: 224.0.0.0) The multicast broadcast entry identifies the address for sending multicast transmissions. Internetwork broadcast address (destination: 255.255.255.255) The internetwork broadcast entry identifies the route for broadcasts to the entire network. However, most routers will not pass these broadcasts. Note: When reading routing tables, it can be helpful to think of each row as a single routing table entry, and each column as a characteristic of that route. In Linux, there are three commands you can use to display a routing table. Any will work, but you have to run the commands as root (administrator): route netstat -rn ip route list Routes can be added to the routing table based on their administrative distance . Administrative distance is a numerical value assigned to a routing protocol, static route, or a directly connected route to signify more desirable routes. A routing protocol with a lower administrative distance is considered "better" and is given priority over routing protocols that have higher administrative distances when multiple paths to the same destination exist. The "better" route is selected by the router and is inserted into the router's routing table to be used to route traffic. SPB allows all paths to be active with multiple equal cost paths. SPB combines an Ethernet data path with an Intermediate System to Intermediate System (IS-IS) link state control protocol running between shortest path bridges. The link state protocol is used to discover and advertise the network topology and compute shortest path trees from all bridges.

Network ID calculation

Sometimes, you will need to determine the base network ID of an IP address on a network that has already been subnetted. For instance, say you have the IP address 206.234.120.87/20, and you need to know the base network ID. 1. Start by identifying the octet that contains both network and node bits, by examining the subnet mask for /20. 2. Convert the shared octet for the IP address to binary; add leading zeros as needed to create an 8- bit number. In this example, the third octet is 120, which has the binary equivalent of 1111000, so you need to add a 0 to the left to create an 8-bit number. 3. Remove the node bits from the shared octet by applying the subnet mask. 4. Convert the shared portion of the IP address back to decimal to determine the base network ID. In this case, 0111000 is 112, so the base network ID is 206.234.112.0. Note: For additional information, check out the LearnTO Create Multiple Subnets by Using Custom Subnet Masks presentation in the LearnTOs for this course on your CHOICE Course screen.

Static routing

Static routing uses table mappings that the network administrator establishes manually in the router prior to routing. Static route mappings do not change unless the network administrator alters them. Static routes remain in a routing table, and traffic is forwarded regardless of whether the destination is active or inactive. Static routing is useful in small networks in which there are no redundant routes and the topology will not change. It is also commonly used when it is not desirable for routers to use bandwidth to update each other with dynamic routes. This is particularly true where there is very little available bandwidth, or routers must dial each other on demand to pass the traffic across a phone line (demand dial routing). In addition, a router will always trust an administrator-configured static route over any route it learned dynamically from other routers. A device configured with a static default gateway cannot switch to an alternate gateway even if one exists. There exists a class of redundancy protocols known as FHRPs (First Hop Redundancy Protocols) that include VRRP (Virtual Router Redundancy Protocol) and HSRP (Hot Standby Router Protocol). These protocols protect against a single point of failure for the default gateway and may also provide load balancing if multiple uplinks are available at first-hop routers. VRRP and HSRP enable multiple routers on a LAN to work together sharing a single virtual IP address. The virtual IP address is configured as the default gateway in each device. In a group, one router is elected to handle all requests sent to the group IP address. It is called the active router with HSRP and the master router with VRRP. There is at least one standby router with HSRP and at least one backup router with VRRP.

Static routing tables

Static routing tables are manually configured on a router. They are easy to set up and are sometimes used on a small network. Also, as long as a network is relatively unchanging, static routing tables are ideal for an extranet in which the border router of an autonomous system (AS) is pointed toward the border router of an external network. The advantage of static routing is that it does not cause additional network traffic by sending routing table updates to other routers. It provides extra security from other systems' rogue routers sending information to the AS routers. Also, the routing table can be configured to cover only the necessary portion of the network. That way, the router does not expend resources for maintaining its routing table. The biggest disadvantage of static routing tables is that they require manual maintenance. Network changes need to be updated manually on all routers affected by the change. Because of this, static routing is prone to configuration errors, and is less efficient than dynamic routing.

Subnets

Subnetting is the process of logically dividing a network into smaller subnetworks or subnets , with each subnet having a unique address. The conventional addressing technique has IP addresses with two hierarchical levels, namely the network ID and host ID. However, in subnet addressing, the host portion is further subdivided into the subnet ID and host ID, so subnet addressing is designed with three hierarchical levels: a network ID, subnet ID, and host ID. You should understand, however, that there is only one subnet mask applied to the IP address. For example, you can think of a subnet as part of your postal address. Each set of numbers represents a geographic area, and as it moves from the left to the right the geographic area becomes more specific. With the IP address of 192.168.12.10, 192 is your country or state, 168 is your city, 12 is your street, and 10 is your house number. The primary purpose for subnetting is to conserve IP addresses. If there are more IP addresses than nodes on a network, those extra IP addresses go to waste. Subnetting reduces the number of available IP addresses for a specific subnetwork, making the unused addresses available for other subnetworks. Two additional benefits of creating subnets are to improve network performance and to provide a more secure network environment. For performance enhancement, an administrator would most likely divide the network into groups of devices that frequently interact with each other, and for security enhancement, the administrator might divide the network based on servers that have restricted applications or sensitive data.

The Three-Way Handshake

TCP uses a three-way handshake to establish a connection. Before a client attempts to connect with a server, the server must perform a passive open. To do this, the server binds to and listens at a port to open it up for connections. Once the passive open is established, a client may initiate an active open. To establish a connection, the three-way handshake occurs: 1. SYN: The active open is performed by the client sending a SYN packet to the server. The client sets the packet's sequence number to a random value A. 2. SYN-ACK: In response, the server replies with a SYN-ACK packet. The acknowledgment number is set to one more than the received sequence number (i.e., A+1), and the sequence number that the server chooses for the packet is another random number, B. 3. ACK: Finally, the client sends an ACK packet back to the server. The sequence number is set to the received acknowledgement value (i.e., A+1), and the acknowledgement number is set to one more than the received sequence number (i.e., B+1). Now both the client and server have received an acknowledgment of the connection. The first two steps establish the connection parameter for one direction and it is acknowledged. The last two steps establish the connection parameter for the other direction and it is acknowledged. With these, a full-duplex communication is established.

ICMP

The Internet Control Message Protocol (ICMP) is used with IP that attempts to report on the condition of a connection between two nodes. ICMP messages notify a sender of network conditions by reporting on errors. ICMP is connectionless and works at OSI Layer 3. If a node is sending data so quickly that the receiving node's buffers flood, the receiving node sends an ICMP source quench message to slow down data transmission from the sending node. A router could also send an ICMP Destination unreachable or Expired in transit message to a sender. When you ping from one device to another, you are using ICMP echo and echo reply messages. ICMP exists at Layer 3 of the OSI model (the Internet layer of the TCP/IP model). Often, ICMP traffic is blocked on networks for security reasons. A common example of ICMP traffic is using the ping utility to check connectivity.

IGMP

The Internet Group Management Protocol (IGMP) is a protocol in the TCP/IP suite that supports multicasting in a routed environment. Operating at Layer 3 of the OSI model (the Internet layer of the TCP/IP model), it provides one-to-many communications and is used to inform all systems on a network as to what host currently belongs to which multicast group. The routers need to support IGMP and multicast packet routing. Routers use IGMP to periodically send out queries to hosts inquiring about group membership. IGMP on the node responsible for multicast traffic sends a message to the router informing it of the multicast session in progress. The router uses IGMP to poll its interfaces for members of the multicast group, and then forwards the multicast transmission to group members. Hosts send out notifications, called host membership reports, as response to the query. Upon receiving the response from hosts, routers forward the multicast transmission to group members. IGMP can be used for one-to-many networking applications such as streaming videos or deploying images to multiple machines, and allows for more efficient use of resources. Note: Routing is covered in greater detail later in the course

The TCP/IP Model

The TCP/IP model is a four-layer model developed by the United States Department of Defense. To some extent, it is similar to the OSI model. The TCP/IP model was developed to allow the addition of new technologies and create a more flexible architecture, which can easily allow the modification of existing protocols. This architecture later became known as the TCP/IP model after two of its most important protocols: TCP and IP. Some vendors use different names for the layers, but you will always have four layers describing the TCP/IP model.

TCP

The TCP/IP protocol suite includes two Transport-layer protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). These protocols correspond to Layer 4 of the OSI model. TCP carries the majority of traffic in today's networks. TCP is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet. It is part of the Internet protocol suite along with the Internet Protocol (IP). TCP is responsible for breaking up data into segments, reassembling them at the other end, resending data lost in transit, and resequencing data. It sends data, waits for an acknowledgement, and retransmits if necessary.

UDP

The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a UDP connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service. And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is commonly used in streaming media such as Voice over IP (VoIP), real-time video (as opposed to video-on-demand), and network management applications in which a device is polled regularly for its health. It is used when performance is more important than the ability to receive all of the data.

RIP v2 vs OSPF

There are differences in characteristics of RIPv2 and OSPF. Characteristic RIP v2 OSPF Size of metric 16—This means that a RIP v2 network cannot be larger than 16 hops. This maximum is further reduced when costs other than 1 are used for certain routes. Limited only by the number of bits in the metric field (65,535). Because OSPF does not suffer from the count- to-infinity problem, it can be the basis for much larger internetworks, and administrators can assign costs to optimize routing without limiting the size of the network. Maximum number of routers 15—This value is related to the allowable metric size. 65,535. This value is related to the allowable metric size. Variable-length subnets Only with RIP v2; RIP treats subnets as part of the internal structure of the network and assumes that all subnets are of equal length. With RIP, all subnets must be contiguous, connected, and hidden from remote networks. Supported by default; because OSPF treats the subnet mask as part of the protocol information, the restrictions that affect RIP do not apply. Convergence Poison reverse or split horizon must be used to counteract the count-to- infinity problem. RIP must calculate all routes before broadcasting the information. Link State Acknowledgements (LSAs) provide rapid convergence among tables; no count-to-infinity problem arises. OSPF passes along LSAs as soon as they are received, meaning that nodes can adjust their routing tables at practically the same time. Broadcast traffic The entire routing table is broadcast every 30 seconds. A Hello packet is broadcast to establish and maintain neighbor relationships, and is typically sent every 10 seconds by default.

Routing methods in autonomous systems

There are different methods for routing inside an autonomous system: between adjacent networks and between distant networks. Routing Method Description Inside an autonomous system When routing inside an autonomous network, data transmission begins at a device and does not leave the AS. That means that when any node sends data, it can send it only to a node on the same local network. Nodes use the Address Resolution Protocol (ARP) to obtain the local destination's MAC address. When a node needs to send data to a remote network, it sends it to the IP address configured as the node's default gateway. When a node sends data to an address on its own subnet, it sends it directly to the address. When a node needs to send data to a node anywhere inside the AS, all routers in the AS should be aware of the path to the destination node. Between adjacent networks Adjacent networks share border routers, and because any router inside an AS knows a direct path to the adjacent network, it knows how to deliver data to the correct border router. That border router then passes the data on to the appropriate network. This configuration gives an AS a single point of contact between adjacent networks. Between distant networks Distant networks are not directly aware of the location of a destination network. You have accessed a distant network if you have sent a request to the Internet for a web page. An AS router cannot know all of the details in the path to a website. In this situation, the routers send the data to a default gateway. If the router serving as the default gateway does not know the destination, it transmits the packet to its own default gateway. Data moves from default gateway to default gateway until it either reaches a router that knows a route to the destination, or the time-to-live (TTL) hop limit expires and the packet expires on the network.

the routing process

There are three steps in the routing process: 1. A router receives data and reads its destination IP address. 2. The router reads its routing table, which lists the locations of other routers on the network. 3. Once it decides on a route, it removes the old destination MAC address and attaches the MAC address of the next hop in the data's path. The packet's ultimate destination IP address never changes. By enabling the router to change the destination MAC address, the data moves through multiple local networks. The number of routing tables will increase as your network grows. Route aggregation can save space in the routing table and simplify routing decisions by aggregating routes to multiple smaller networks. Routing advertisements to neighboring gateways are reduced.

Introduction to IP Addressing

To implement TCP/IP on a network, administrators need to configure three settings on each network node: • IP address • Subnet mask • Default gateway The three main benefits of using IP on a network are: • IP addresses and subnet masks enable each individual network to have a unique network address. • Every network node can determine if a PDU is destined for a node on the local network or on a remote network. • Routers can use network addresses and default gateways to send PDUs to the correct networks.

Comparing routing and switching

When devices communicate with different networks through switches, they are limited to adjacent networks because switches use the media access control (MAC) address of a device to locate it. Routers, on the other hand, are designed to interconnect multiple networks and support connectivity to distant networks. They use a map of the network to make decisions on where to forward data packets. Routers primarily determine the next hop for data. Another advantage that a router has over a switch is that it can read the port number and determine not only the data's destination by using the IP address, but also what kind of data it is transmitting. Broadcasts can either be forwarded or dumped based on the settings of the router. Switches make forwarding decisions based on Layer 2 MAC addresses. Routers make forwarding decisions based on Layer 3 network addresses. These are typically IP addresses, although they can also include Internet Packet Exchange (IPX), AppleTalk, Open Systems Interconnection (OSI) Connectionless Network Protocol (CLNP), and other types of Layer 3 protocol addresses. Routers also connect dissimilar Layer 2 network segments. A router will strip off the Layer 2 header of the incoming packet and replace it with the appropriate Layer 2 header before forwarding the packet out the destination interface. For example, a router can connect Ethernet to token ring, Ethernet to frame relay, High-Level Data Link Control (HDLC) to Point-to-Point Protocol (PPP), 802.11 to Ethernet, and so forth.


Ensembles d'études connexes

External Bones of the Cranium/Face

View Set

Psych History ch. 10, ch. 11, ch. 12, & ch. 13

View Set

Info. Man.: Terminologies, Data Names, and definition Classification of Attributes

View Set

NEC 2017 Printreading Trade Compentency

View Set

Complete Node.js Developer Course (Udemy by Andrew Mead)

View Set