2 OSI TCP/IP
The Functions of the Transport Layer
It is the assembler/disassembler software. Also initializes requests for packets that were not received in good order.
Names of Two NIC Roles
1. Logical Link Control (LLC): the aspect of the NIC that talks to the system's operating system (usually via device drivers). Handles multiple network protocols and provides flow control. 2. Media Access Control (MAC): the role in which frames are created and addressed.
Layer 7 - the Application Layer
Allow users to exchange data on a network. -Networks in Windows 7 or 8 -Web browsers: Google Chrome, Mozilla Firefox -E-mail applications All operating systems have application programming interfaces (APIs) at the Application layer for network-aware applications. It allows application software to use the data that has arrived.
Entering Layer 2
Network cards operate at both Layer 2 and Layer 1 of the OSI seven-layer model. If cornered to answer one or the other, however, go with the more common answer, Layer 2.
Translation Layer 6 or the Presentation Layer
The Presentation layer translates data from lower layers into a format usable by the Application layer, and vice versa. TCP/IP networks do not necessarily map directly to the OSI model.
Unicast
A frame addressed specifically to a device's MAC address is called a unicast frame. This one to one addressing scheme is called unicast addressing.
Segments Within Packets
TCP segments have fields that ensure the connection-oriented communication works properly
TCP/IP The Internet Layer
The Internet Layer deals with any device or application that uses IP protocols and IP addressing and routing. It maps to the Network layer (Layer 3) of the OSI model. Routers function at this layer and IP packets are created in this layer. This is the "IP packet" layer.
The Application Layer
The TCP/IP Application layer maps to the top three layers of the OSI model. It uses a unique port numbering system that gives each application a unique number between 1 and 65,535. It allows Presentation layer formats, such as MIME. Every TCP/IP application must be a part of a network to function.
UDP Datagram
The UDP datagram includes data from the Application layer with added port and length numbers plus a checksum. A UDP datagram lacks most of the extra fields found in TCP segments. UDP does not care if the receiving computer gets its data.
After the Frame is Received by the Destination NIC
The receiving NIC uses the FCS to verify that the data is valid. If the data is valid, the receiving NIC strips off all the framing information and sends the data to the software—the operating system—for processing.
Three Things Network Protocols Must Do
To use a system not dependent on MACs, a network must have have its own protocol. This is a piece of software that oversees the implementation of the rules of the protocol. The rules must describe: 1. how to chop up data and assemble it into packets 2. it must create unique identifiers for systems 3. ensure the packet get from one subnet to another.
Protocol Data Unit
The unit of data specified at each layer of the OSI.
Four Steps in Sending From Sending OS to Receiving NIC
1. First, the sending system's operating system hands some data to its NIC. The NIC builds a frame to transport that data to the receiving NIC. 2. After the NIC creates the frame, it adds the FCS, and then dumps it and the data into the frame. 3. Next, the NIC puts both the destination MAC address and its own MAC address onto the frame. It waits until no other NIC is using the cable, and then sends the frame through the cable to the network. 4. The frame propagates down the wire into the central box, which creates copies of the frame and sends it to every other system on the network (if the box is a hub). Every NIC receives the frame and checks the MAC address. If a NIC finds that a frame is addressed to it, it processes the frame; if the frame is not addressed to it, the NIC erases it.
Frames, Packets, and Segments/Datagrams in TCP/IP
1. The Application Layer: creates the data/payload starts and ends here 2. The Transport layer: breaks the data into chunks, i.e., into TCP/UDP segments 3. The Internet layer: adds the IP addressing and creates the IP packets 4. The Link layer: wraps the IP packet into a frame, with the MAC address information and a frame check sequence (FCS)
The Layers Are:
7. Application 6. Presentation 5. Session 4. Transport 3. Network 2. Data Link 1. Physical Best remembered with the help of a mnemonic/ From layers 1 to 7: Please Do Not Throw Sausage Pizza Away
Layer 2
Any device that deals with the MAC address is part of the OSI Data Link layer.
MAC Addresses
Each MAC address is 12 hex characters or 48 bits in length. Every address is unique. A typical MAC address would be: 00-40-05-60-7D-49. The first six characters are the Organizationally Unique Identifier(OUI). That is the NIC manufacturer. The last six are the Device ID. No two Mac address are identical. In the output from ipconfig /all it is listed as Physical Address. MAC addresses are also known as Physical Addresses. A number of different frame types are used in different networks. All NICs on the same network must use the same frame type or they will not be able to communicate with other NICs. You can find the MAC address on your computer by typing ifconfig in Macs ip a in Linux and cmd then ipconfig /all in Windows.
Encapsulation and De-Encapsulation
Encapsulation: the entire process of preparing data to go onto a network It includes all the steps from the application to the Application, Presentation, Session, Transport, Network, and Data Link layers. De-encapsulation: the reverse process of encapsulation It includes stripping all the extra header information out as the data goes up the stack.
Layer 6 Presentation Layer
Here, data from the lower layers is translated into a format usable by the application layer.
IP or Layer 3 The Network Layer
Here, packets are created and addressed. The Internet Protocol is the primary logical addressing protocol for TCP/IP. A router connects each of the subnets. The IP address is used to forward data not the MAC address. The devices still have MAC addresses, but those can't be changed. IPs can be changed with software. This allows systems to communicate across data lines that do not use Ethernet. TCP/IP dominates networking today, and although it might be fun to imagine that it had humble beginnings in someone's garage lab, such is far from the case. In the early 1970s, two researchers at the U.S. Defense Advanced Research Projects Agency (DARPA), Robert E. Kahn and Vinton Cerf, worked out the basic parameters of what would become TCP/IP. TCP/ IP offered amazing robustness in its design and eventual implementation.
The OSI Seven Layer Model
ISO (International Organization for Standardization) proposed the OSI seven-layer model. ISO is not really an acronym. It is the Greek word for equal. Each layer defines an important function in computer networking and outlines the protocols that govern each layer. Each layer/protocol is designed so that the have little to do with the operation of the other layers.
Segments Within Packets II
If you take the IP address away from a packet what is left is a container called the TCP segment. There are many fields in the TCP segment including: destination port source port sequence number checksum flags acknowledgements data The port is a number between 1 and 65536. The TCP looks for a port number of 80. Data comes from the application layer and goes to the transport level. There the data is broken into chunks. Port and sequence numbers are added. This creates a TCP segment. Now the segment is handed to the Internet layer. It creates the IP packet. The transport layer also creates another kind of message. It is the UDP. It lacks most of the fields of a segment. It does not care if the data is accurately received.
Layer 3
In the Network layer containers called packets are created. They are the layer's PDU. The IP in TCP/IP gives every device a unique numeric identifier. This is the dot separated group of four numbers all under 256. Logical addresses are stored in system software but are not burned in like MACs. In TCP/IP packets are created. They contain Destination IP address, Sending Address and data. The packet is then encapsulated into a frame. Routers route using IP addresses. They open frames and examine IP addresses and decide where to send the data. Then they re-enclose in frames and dispatch the frame. The frame type may change to identify the appropriate connection technology for the next router. So the departed frame may differ from the arriving frame but the packet within remains unchanged. When the frame finally gets to the router that administers the destination system it will use the destination IP to add the destination MAC to the frame it creates. This will be stripped off by the NIC of the destination system. The OS of the NIC's device will do the rest after the NIC drivers hand the data to it.
Frames Packets and Segments
In the TCP/IP model the application later creates data, the transport layer chunks it into TCP segments or UDP datagrams. The Internet layer adds the IP addressing and creates IP packets. The Internet layer adds IP addressing and creates IP packets. The Link layer adds MAC information and puts the packet into a frame. The data can now hit the wire.
Hubs
In the early days, the central box was called a hub. The hub made copies of a frame and sent a copy to every other system on the network. Every frame sent on a network was received by every NIC. Only the NIC with the matching MAC address would process that particular frame
To Hell and Back Describing the Path of a Network Request
Layer 1 - The Physical Layer This layer defines how data is physically moved from computer to computer. It comprises things like copper cables, fiber optics, central boxes even radio waves. This layer is blind to what the actual data passing through it is. The hardest working/key component of this layer is the NIC or Network Interface Card. It is the interface between the network and the computer. Formerly they were inserted cards but are now built into the mother board. The NIC gives every system - I think that just means computer/device on the network - a unique address which is burned onto a chip. The address is described elsewhere. Arguably it is part of the second layer. The NIC creates frames which are containers for the data travelling from one system to another. NICs create and send outgoing frames and receive and read incoming frames. Frames begin with the MAC address of the destination device followed by the sender's MAC, then a type field that describes what is encapsulated in the frame, then the actual data (usually limited to 1500 bytes of data) and finally the FCS or frame sequence check, a mathematical check-digit like number used to verify that the data has not been corrupted in transmission. (It is called a cyclic redundancy check or CRC). Without limiting the amount of data a frame could carry it might 'hog' network resources, especially if the central box were a hub. Sometimes the frame is visualized as having three parts header (the MACs and the type) the payload(data) and the the trailer (FCS). In the old days NICs sent frames through cable to hubs. The hub would copy the frame and forward it to every device on the network. The NICs of those devices would compare their MACs to the MAC of the intended receiver in contained in the frame. If the they matched processing continued. Otherwise it was the end of the line. Hubs performed broadcast addressing using (I think) broadcast frames. More modern networks replaced hubs with switches. They had decision making powers hubs did not. They forward frames directly to their intended destination. This must have cut down cable traffic immensely. Switches create unicast frames and use unicast addressing. Any device that deals with a MAC address is part of Layer 2 - The Data Link Layer. Switches and hubs are part of the physical layer but switches read MACs so they are part of the data link layer.
Layers 1 and 2: Network Hardware
Layer 1 defines the method of moving data between computers so it includes the pieces of hardware described below. These and anything else that moves - fiber optics, radio waves - data from one system to another is part of level 1. 1. Cabling Most networks use unshielded twisted pair (UTP) cable as a physical channel to move the bits of data between systems. 2. Central Boxes Each computer system has a cable leading to a central box. The central box sends the data received from one system to all the other systems attached to it. 3. Network Interface Cards (NICS) NICs are installed in PCs. Network cables attach to the NICs. They are the interface between the PC and the network. At one time they were cards that could be slid in and out of a PC. Now they are permanent parts of the interior. Cables run from the NIC in the PC to a jack on the wall. Inside the wall another cable runs all the way back to the central box. Any device that deals with the MAC address is considered part of layer two; the data link layer. So, these devices are part of layer 2: 1. Switches 2. NICs are in layers one and two.
FCS
Most FCSs are only 4 bytes long, yet the average frame carries at most 1500 bytes of data. How can 4 bytes tell you if all 1500 bytes in the data are correct? That's the magic of the math of the CRC. Without going into the grinding details, think of the CRC as just the remainder of a division problem. (Remember learning remainders from division back in elementary school?) The NIC sending the frame does a little math to make the CRC. Using binary arithmetic, it works a division problem on the data using a divisor called a key. The result of this division is the CRC. When the frame gets to the receiving NIC, it divides the data by the same key. If the receiving NIC's answer is the same as the CRC, it knows the data is good.
Layer 4 or Assembly and Disassembly or The Transport Layer
Most data is much larger than a single frame. The transport protocol: Breaks up the (received from the OS) data into chunks called segments or datagrams (depending on the specific transport protocol used) Gives each segment some type of sequence number. The sequence numbers notify the receiving system of the total number of segments and how to put them together. (similar to the numbering of boxes by UPS) A lot of things happen on a TCP/IP network at the Transport layer. I'm simplifying here because the TCP/IP model does a way better job describing what happens with each TCP/IP-specific Transport layer protocol than does the OSI model.
Layer 4 Transport Layer
Most transmitted data is too large to be contained in a single frame. The process of divvying up the data is called segmentation. This is done by the sending NIC. The segments must be small enough to be contained in a packet which is then encapsulated in a frame. Reassembly is done by the receiving system. It must be able to identify the packets as being from the same data source and verify that all packets have arrived. The segments get sequence numbers but another type of data section called a datagram does not. The transport layer verifies the integrity of the received data and requests a new segment when one is damaged.
How does the Destination Device Know it is the Destination?
On most networks today, an address called an IP address is used to identify the destination device.
Layer 5 the Session Layer - Talking on a Network
One system may be talking to many other systems simultaneously. Session software handles processes of connecting applications to applications. Layer 5, the Session layer initiates sessions, accepts incoming sessions, and opens and closes existing sessions. How many sessions does a typical system have running at one time? Well, if you have a TCP/IP network (and who doesn't these days), you can run the netstat program from a command prompt to see all of them. Open a command prompt and type the following: netstat -a Then press the ENTER key to see your sessions. Don't worry about trying to interpret what you see—Chapter 9, "TCP/IP Applications," covers netstat in detail. For now, simply appreciate that each line in the netstat output is a session. Count them!
Managing Cable Use
Since the cable is shared, only one system may speak at a time. Networks use frames to restrict the amount of data any one NIC can send at once. NICs handle these and other issues on their own without our help. Usually two devices have talked before, so the destination MAC address is already known to the sending NIC. If the MAC address is not known, a broadcast message is sent over the network. The destination device will respond by sending its MAC address. The MAC broadcast address is FF-FF-FF-FF-FF-FF.
The NIC (No not where you serve a life sentence)
Some people conceive of the NIC as being part of the second layer the data link layer. Others see it in the first layer. Each system on the network must have a unique identifier. It is a unique address burned into a ROM chip on the NIC. It can be a Media Access Control address or MAC address. NICs create, send, receive and read frames.
TCP/IP Types of Communications Protocols
Some protocols (e.g., Post Office Protocol or POP) require good, established connections to function. Some TCP/IP protocols (e.g., Voice over IP) simply send data without first waiting to verify that the receiving system is ready. Does the second correspond to datagrams and the first to segments?
TCP/IP Versions
TCP/IP does not have a standards body and this has led to there being in a number of variations on the TCP/IP model •Version 1 (four layers) is used by Cisco, Microsoft, and other major companies
TCP/IP The Transport Layer
TCP/IP transport layer equates with the OSI Transport layer. Session layer, and some of the Application layer. It is involved with the assembly and disassembly of data. Provides both connection-oriented and connectionless communications. The connection-oriented protocol is the Transmission Control Protocol (TCP) while the connectionless protocol is the User Datagram Protocol (UDP). In the first (I think) the protocol verifies a solid connection exists between sender and receiver before dispatching any data. In the second (I think) it is just bombs away!
Exam Tip
The Data Link layer provides a service called Data Link Control (DLC). The only reason to mention this is there's an ancient printing protocol with the same name. DLC might show up as an incorrect answer on the exam.
The TCP/IP Model
The OSI model was developed as a reaction to a world of hundreds, if not thousands, of different protocols made by different manufacturers that needed to play together. The OSI model is extremely popular and very well known to all networking techs. Today's world, however, is a TCP/IP world. The complexity of the OSI model doesn't always make sense in a world with one protocol suite. Given its dominance, the aptly named TCP/IP model shares some popularity with the venerable OSI model.
Two Advantages of Network Models
The OSI seven-layer and TCP/IP models provide: 1. A powerful tool for diagnosing problems 2. A common language to describe networks
NICS and MAC addresses
The sending system usually knows the MAC of the intended receiving system because they have communicated before. If it does not know it, the sending NIC will send a broadcast address along the network. The broadcast uses a destination MAC of FF-FF-FF-FF-FF-FF. Every system on the network will process the frame. The frame will contain a request for the missing MAC address. The frame will also use the IP address to pick the computer out of the crowd.
Switches
These replaced hubs and were able to send frames to only the addressee. A frame is sent only to the correct recipient MAC address. Switches maintain a table that maps MAC addresses to switch ports. Switches send unicast frames to the destination address and sends broadcast frames to every system on the network when the addressee is not known to the switch.
TCP/IP Layer 1 - Link
This corresponds to OSI model Layers 1 and 2 It includes "physical" elements (cabling, hubs, physical addresses, and NICs) Any part of the network that deals with complete frames is in the Link layer. Once the frame information is stripped away from an IP packet, we move into the Internet layer. The TCP/IP protocol suite really begins at Layer 3 of the OSI model. In essence, TCP/IP techs count on other techs to handle the physical connections in their networks.
IP Address
This is also known as the logical address. It uses a dotted decimal notation based on four eight bit numbers, each of which ranges from 0 to 255. No two systems on the same network share the same IP address. They are configured by the network administrator. IPs are read by routers which use them to direct a message to its destination. Each TCP/IP network has two unique identifiers the MAC and the IP. The first is physical and burned into the NIC. The second is logical and stored in the system software.
Layer 7 - The Application Layer
This is where the transferred data reaches the application software that requested/was sent/can make use of the data. The application layer refers not to these applications themselves but to the code that gets the data to the applications in usable form. All programs use APIs or Application Programming |Interfaces to make their programs network aware.
Two Types of Central Box
When a system sends a frame out on the network, the frame goes into the central box. The technology of the central box determines the next steps for the frame. Two different systems have been used. 1. Hubs: In the old days this was a hub which made a copy of the frame and sent to all systems except the one associated with the port from which it was received. Every NIC on the system read the frame - except the original sender which did not receive a copy - but only the one it was addressed to continued processing after it read the destination MAC. Only one system could send messages at a time because every systems had to read every sent frame. 2. Switches: These central boxes use the destination MAC in the frame to relay frames only to the destination NIC. Its output is either a unicast frame sent to the addressee or when the addressee is not known a broadcast frame is sent to all systems on the network.
Objectives
•Describe how models such as the OSI seven-layer model and the TCP/IP model help technicians understand and troubleshoot networks •Explain the major functions of network hardware with the OSI seven-layer model •Describe the major functions of networks with the TCP/IP model
TCP/IP Layers
1. Application 2. Transport 3. Internet 4. Link/Network Interface
What are the two models?
1. OSI - Open Systems Interconnection seven layer model. 2. TCP/IP - Transmission Control Protocol/Internet Protocol model.
What are Frames?
A frame is basically a container for a chunk of data moving across a network. It contains the recipient's MAC address, the sender's MAC address, the data itself, and a frame check sequence (FCS) for error checking. These parts are sometimes known as the header - receiving and sending addresses - the payload - data - and the trailer - the FCS which provides mathematical confirmation of the integrity of the transferal of the data. Note that the frame begins with the MAC address of the NIC to which the data is to be sent, followed by the MAC address of the sending NIC. Next comes the Type field, which indicates the specific network technology of the frame. Then comes the data (usually but not always 1500 bytes) , followed by a special bit of checking information called the frame check sequence (FCS). Breaking up data into these smaller chunks allows them to be sent without any member of the network monopolizing the cables/transmission resources. The FCS uses a type of binary math called a cyclic redundancy check (CRC) that the receiving NIC uses to verify that the data arrived intact.
MAC Addressing
CompTIA calls the use of the MAC address to get frames to the proper computer or node MAC addressing. This doesn't quite fit with the vast majority of networks where you don't implement or configure MAC addresses. Ethernet simply uses the MAC addresses assigned to devices by manufacturers. Be aware of the term on the exam.
Sending the Data
Data sent from one computer to another on a TCP/IP network can go through many routers. Each router strips off the incoming frame and creates a new frame needed for the connection (e.g., cable or DSL network) to the next router. Once the packet reaches the destination subnet's router, that router: -Strips off the incoming frame -Looks at the destination address -Adds a frame with the appropriate MAC address The NIC strips off the MAC header and hands the frame off to the network operating system. Keep in mind that not all networks are Ethernet networks. Ethernet may dominate, but IP packets fit in all sorts of other connectivity options. For example, cable modems use a type of frame called DOCSIS. The beauty of IP packets is that they can travel unchanged in many frame types. This last bit is confused. Does the NIC hand off to the host's OS or the network software.
Frame Size
Different types of networks use different sizes of frames. Many frames hold at most 1500 bytes of data. The sending software breaks up large amounts of data into smaller chunks. The receiving system's software must recombine the data chunks.
IP Packet
For a TCP/IP network to send data successfully, the data must be wrapped up in two distinct containers. In TCP/IP, that inner container is called a packet. The packet has three parts (at least for now, it is really more complicated). They are the receiving, sending IPs and the data. The packet is then placed inside a frame that contains the sending and receiving MAC addresses. Wired networks in homes and offices always use Ethernet but IP packets fit all kinds of connectivity options.
Layers 3-7
Large networks need logical addresses that reduce the number of possible destinations for a frame/interdevice comunication. A network protocol is required to use logical addresses. The protocol exist in each OS. They create unique identifiers for devices and rules for how to divide data into frames and how to coordinate the sending of frames from the same data file.
Network Layers 3 to 7 or Beyond the Single Wire or How Does Data Get from One System to Another in Large Networks?
MACs do not work well in large networks. Broadcasting to get addresses strains the network. Large networks use more than ethernet which I guess is the primary user of MACs So larger networks use a logical addressing method which ignores the hardware and enables breaking a large network into subnets. It has a network protocol which creates unique identifiers for each system and set of communication rules for issues, e.g. how to get packets from one subnet to another
Early Days of Network Models
Networks were sold as complete units with a single manufacturer producing the hardware and software for a network. These worked well but were often incompatible and so communication between networks was difficult. Thus the two above models were developed so that developers could be on the same page in terms of how their networks functioned.
Layer 5 Session Layer
The system must direct the received data to the appropriate software that will process it.