Network Hardware Layer
Network layer (also called Layer 3) manages devices addressing, tracks the location of devices on the network, and determines the best way to move data, which means that the Network layer must transport traffic between devices that aren’t locally attached.
Routers (layer-3 devices) are specified at the Network layer and provide the routing services within an internetwork.
Device addressing
Tracks locations of devices on the network
Determines the best way to move data
PDU at the Network layer is called “Packet”.
The Network layer sends Packets between peer network layers.
(certificationkits.com, N.A.)
OSI reference model (Open Systems Interconnection) definition
The Presentation layer (also called Layer 6) gets its name from its purpose: It presents data to the Application layer and is responsible for data translation and code formatting.
This layer is essentially a translator and provides coding and conversion functions. A successful data-transfer technique is to adapt the data into a standard format before transmission.
The Session layer (also called Layer 5) is responsible for setting up, managing, and then tearing down sessions between Presentation layer entities.
This layer also provides dialogue control between devices, or nodes.
The Transport layer (also called Layer 4) segments and reassembles data into a data stream.
Services located in the Transport layer both segment and reassemble data from upper-layer applications and unite it onto the same data stream.
They provide end-to-end data transport services and can establish a logical connection between the sending host and destination host on an internetwork.
Provides mechanisms for the establishment, maintenance, and termination of virtual circuits.
The Transport layer can use positive acknowledgement and retransmission to ensure reliable delivery.
Information flow control.
The Transport Layer sends Segments between peer transport layers.
(www.certificationkits.com, N.A.)
Application (Layer 7)
This layer supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers,e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.
(www.certificationkits.com, N.A.)
If you feel the need to always know what your IP address is then you need a Static IP address, because it is constant. Static IP addresses are more reliable for Voice over Internet Protocol (VOIP), more reliable to host a gaming website or to play X-Box, Play Station, use Virtual Private Network for secure access to files from your company network computer, etc. Static IP addresses are also great if you use your computer as a server, as it should give your file server faster file uploads and downloads. Another plus with Static IP's, when hosting a website you are not sharing your IP with another company who sends out a lot of E-mail SPAM and not only has their website been shut down but in turn gets your IP address blacklisted.
In contrast a static IP address can become a security risk, because the address is always the same. Static IP's are easier to track for data mining companies. Static IP addressing is less cost effective than Dynamic IP Addressing.
(http://whatismyipaddress.com 2015)
The biggest advantages of Dynamic IP Addressing are less security risk as the computer is assigned a new IP address each time the customer logs on, they are cost effective and there is automatic network configuration (the less human intervention with network configuration the better). Dynamic addressing is usually used by ISP's so that one IP address can be assigned to several users, however some ISP's use Sticky Dynamic IP Addressing and do not change the IP address very often. Dynamic IP Addressing can be used by families with several computers or by a small business owner who has a home office. The software that comes with a router allows for Dynamic Host Configuration Protocol (DHCP) setup and assigns each computer attached to the router an IP address automatically.
In contrast, Dynamic IP addressing should not be used for VOIP, VPN, playing online games or game hosting because Dynamic IP addressing is less reliable then Static IP addressing and could cause the service to disconnect while you are on a VOIP, VPN or gaming.
(http://whatismyipaddress.com 2015)
Class A addresses are IP addresses that are assigned to network devices, such as computers, and include all addresses in which the first bit of the first octet is set to 0 (zero). This includes all values from 00000001 to 01111111, or 1 to 127. For Class A networks, the first octet represents a network ID that is defined in the address by a subnet mask.
The network ID is not allowed to have all its bits set to 0 or all bits set to 1. The 127 network ID is excluded from this address class.
Thus, 126 possible Class A networks are available to organizations around the world. With only 126 Class A networks, owning one puts you in an exclusive club. You can no longer acquire a network block of addresses, and when possible, IANA gets them back from the registered owners. Getting addresses back allows IANA to redistribute addresses in a more efficient and temporary manner.
Class B addresses are IP addresses that are assigned to network devices, such as computers, and include all addresses in which the first two bits of the first octet are 10. This includes all values from 10000000 to 10111111, or 128 to 191.
The definition of the Class B network is represented with a subnet mask, but the Class B network ID is made up of the values in the first two octets. Unlike Class A networks, all network IDs in this range are available for use.
Class C addresses are IP addresses that are assigned to network devices, such as computers, and include all addresses in which the first three bits of the first octet are set to 110. This includes all values from 11000000 to 11011111, or 192 to 223.
The default subnet mask for Class C networks defines the first three octets as the network ID for these networks. Like with Class B networks, all the network IDs are available for use on networks. This is the last of the network classes that will be used for network devices on a TCP/IP network.
Class D network addresses are not assigned to devices on a network. These addresses are used for special-purpose, multicast applications (such as video- and audio-streaming applications).
These addresses all need to be registered with IANA to be used globally. Addresses in this class have the first bits of the first octet set to 1110, yielding addresses in the first octet ranging from 11100000 to 11101111, or 224 to 239. These addresses are not defined by a normal subnet mask; instead, each address is used for a specific purpose. And because each address is individually used, it uses a 255.255.255.255 mask.
If Class D is special, Class E addresses are even more special. There is no defined use for this address class. Officially, it is listed as reserved for usage and testing by IANA and the Internet Research Task Force (IRTF). In fact, as of RFC3330 in 2002, Class E was updated to “reserved for future use.”
Class E comprises absolutely all valid addresses with 240 or higher in the first octet. The first bits of the first octet is 1111, which yields addresses from 11110000 to 11111110 — or technically, 11111111 — which, in decimals, are 240 to 254 — or 255.
Because this address class is not being used for address allocation, you cannot know what the network ID, which defines the valid addresses in a range, is. So the inclusion of 255 at the end of the range is moot because this address range is not available for you to use. All you need to know is that by definition Class E includes all valid addresses higher than Class D.
(Edward Tetz, 2015)
Let’s first talk about classful routing, which is sometimes called a classful network. If you are using a classful routing protocol then all of your networks are in different classes and are separated by a router. Remember that the useable IPv4 address ranges are dived into classes. Class A 1-126, Class B 128-191, and Class C 192-223. So when we talk about a classful routing protocol it will only look at the IP address class and not the subnet mask. This is the problem; if you are using a classful routing protocol you cannot change the subnet mask in any of these networks. You have to use the default subnet mask, so an example is if you have a 172.16.X.X network the default subnet mask is a /16 or 255.255.0.0. So in short you can’t have different size networks when using the same IP address class and a classful routing protocol. Remember
that classful routing does not support subnet information, and therefore lacking support for VLSM (variable length subnet masks).
(http://ciscoskills.net, 2011)
Private IP Addresses
N
Network Address Translation (NAT)
IPV6
When looking at an IP address, the left-most portion of the address identifies which network the mahcine (host) belongs to. The right-most portion is used as the address of the host itself. A large number of addresses in use (but not all of them) look something like this:
In the example above, the network address is 199.232.66 and the host portion of the address is 20, the complete IP address is 199.221.66.10. All the computers on the same local network would have the same network number in their address. Thus, two computers on the same network might be 199.221.66.10 and 199.221.66.44.
When two hosts with IP addresses communicate, they send IP datagrams. IP datagrams contain the source and destination addresses of the hosts communicating. Only the addresses are recorded in the packet. There is no information stored in the packet to tell us which part of the address is network and which is host. If this is true, then how would we figure out which part of the address is the network portion, and which is the host portion?
First, you must remember that all hosts on the same network will have the same network address (the network portion of the IP address will be the same for all hosts). Only the host portion will be different and unique for each host on the network.
Different networks also have different network addresses. Network A would have a different address from Network B. From the perspective of determining the correct network, the individual host address is irrelevant. We will need it later to find the host itself ON the network, but we don't need to look at it yet, since we need to find the correct network first.
To find a particular host, you first find the network that host is on, then ask that network to find the host host. There are two solutions to handling this network vs. host address problem, and they are similar but separate addressing types: classful, and classless.
Classful Addressing was the first addressing scheme developed. It helped manage the IP space and make organization of networks and hosts possible, but it could not support the growing complexity of the Internet, and wasted a lot of address space, so an new scheme was developed called Classless Addressing. Classless Addressing was more efficient by allowing the assignment of smaller blocks of addresses.
The Subnet Mask is a value that is stored in the configuration of a computer along with the IP address. The Subnet Mask gives the computer a simple way to figure out whether the IP address of another computer is on the same local network, or on a different local network. Bear in mind that for this definition of a mask, a 'local network' is defined as a group of computers with IP addresses in a limited range.
(www.inetdaemon.com N.A.)
(Marco Cardazzi, N.A.)
Network Address Translation (NAT) is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. The main use of NAT is to limit the number of public IP addresses an organization or company must use, for both economy and security purposes.
IPv6 has 128 bit and provides approximately 4.3 billion addresses. IPv6 addresses are represented as eight groups of four hexadecimal digits with the groups being separated by colons:
0000:0000:0000:0000:0000:0000:0000:0000
If you remember the lessons learned in IPv4 lessons, the types of network communication in IPv4 are Unicast, Multicast and Broadcast. There is no broadcast in IPv6. The types of network communication in IPv6 are Unicast, Multicast and Anycast. Read the below contents to know more about Unicast, Multicast and Anycast.
Unicast is a type of communication where data is sent from one computer to another computer. Unicast is a one-to-one type of network communication. Different data streams are generated for each Unicast connection. This type of communication is the option when clients need different data from network server.
In Unicast type of communication, there is only one sender, and only one receiver.
Example for IPv6 Unicast type of network communication:
1) Browsing a website. (Webserver is the sender and your computer is the receiver.)
2) Downloading a file from a FTP Server. (FTP Server is the sender and your computer is the receiver.)
IPv6 Unicast Network Communication
As you can see from the above picture, different data streams are created for different clients in IPv6 Unicast type of communication.
Multicast is a type of communication where multicast traffic addressed for a group of devices on the network. IPv6 multicast traffic are sent to a group and only members of that group receive the Multicast traffic.
Devices which are interested in a particular Multicast traffic must join to that Multicast group to receive the traffic. IPv6 Multicast Groups are identified by IPv6 Multicast Addresses.
In Multicast, the sender transmit only one copy of data and it is delivered to many devices (Not all devices as in IPv4 Broadcast) who are interested in that traffic.
IPv6 Unicast Network Communication
As you can see from the above picture, when multiple clients require same data at the same instance (for example, online TV) we can use multicast instead of unicast. The multicast server generate only one stream of data and that stream is replicated to different devices, who are interested in that data traffic.
Multicast type of network communication can save precious network bandwidth and also network device processor utilization. Refer the below link to know more about IPv6 multicast addresses.
Anycast is a type of IPv6 network communication in which IPv6 datagrams from a source are routed to the nearest device (in terms of routing distance) from a group servers which provide the same service. Every nodes which provide the same service are configured with same Anycast destination address.
IPv6 Anycast Network Communication
Refer the above image. Here we have three servers providing the same network service, but located at different routing distances from the source network. With the help of routing protocols, IPv6 Anycast network communication can identify the near node from a group of server nodes, which provides the same service and avail the service from the near server.
(http://www.omnisecu.com, N.A.)
(http://www.omnisecu.com, N.A.)
Tunneling Protocols
IPCONFIG command
Character-based (name) Identification on a network
OSI Model
TCP/IP Application Protocols
IPIP tunneling - Tunneling IP packets in IP packets.
IPSec - Internet protocol security, developed by IETF, implemented at layer 3. it is a collection of security measures that address data privacy, integrity, authentication, and key management, in addition to tunneling. Does not cover key management. A VPN tunneling Protocol.
L2F - Layer2 Forwarding, works at the link layer of the OSI model. It has no encryption. It is being replaced by L2TP. A VPN tunneling Protocol.
L2TP - Layer2 Tunneling Protocol. (RFC 2661) Combines features of L2F and PPTP and works at the link layer. No encryption or key management is included in specifications. A VPN tunneling Protocol. It uses IPSec for encryption.
PPTP - Point-to-Point Tunneling Protocol (RFC 2637) works at the link layer. No encryption or key management included in specifications. A VPN tunneling Protocol used to send secure communications from point to point.
Socks - handled at the application layer.
Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Used without parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters.
ipconfig [/all] [/renew [Adapter]] [/release [Adapter]] [/flushdns] [/displaydns] [/registerdns] [/showclassid Adapter] [/setclassid Adapter [ClassID]]
/all : Displays the full TCP/IP configuration for all adapters. Without this parameter, ipconfig displays only the IP address, subnet mask, and default gateway values for each adapter. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections.
/renew [ Adapter ] : Renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
/release [ Adapter ] : Sends a DHCPRELEASE message to the DHCP server to release the current DHCP configuration and discard the IP address configuration for either all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter disables TCP/IP for adapters configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
/flushdns : Flushes and resets the contents of the DNS client resolver cache. During DNS troubleshooting, you can use this procedure to discard negative cache entries from the cache, as well as any other entries that have been added dynamically.
/displaydns : Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS Client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers.
/registerdns : Initiates manual dynamic registration for the DNS names and IP addresses that are configured at a computer. You can use this parameter to troubleshoot a failed DNS name registration or resolve a dynamic update problem between a client and the DNS server without rehttps://sites.google.com/site/tvcccs140sj2000/tcpipbooting the client computer. The DNS settings in the advanced properties of the TCP/IP protocol determine which names are registered in DNS.
/showclassid Adapter : Displays the DHCP class ID for a specified adapter. To see the DHCP class ID for all adapters, use the asterisk (*) wildcard character in place of Adapter. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically.
/setclassid Adapter [ ClassID ] : Configures the DHCP class ID for a specified adapter. To set the DHCP class ID for all adapters, use the asterisk (*) wildcard character in place of Adapter. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. If a DHCP class ID is not specified, the current class ID is removed.
/? : Displays help at the command prompt.
(technet.microsoft.com, N.A.)
Since IP addresses are rather difficult to remember (and are not particularly descriptive), the Internet also allows you to specify a computer by a name rather than a number string. For example, the machine at MIT with the IP address 18.72.0.3 can also be referred to as: bitsy.mit.edu.
This whole string is known as the computer's host name. In this string, the first part ("bitsy") is the name of the machine itself, while everything else ("mit.edu") is the domain name.
The domain name is the name of a network associated with an organization. For sites in the United States, domain names typically take the form: org-name.org-type
The org-type is usually one of the following:
com indicates a commercial organization (e.g., a company)
edu indicates an educational organization
org indicates a general (often non-commercial) organization
gov indicates a U.S. government agency
mil indicates a U.S. military site
For example, the hostname www.toyota.com refers to a World Wide Web server named "www" in the toyota.com domain (the network associated with the Toyota automotive company). The hostname ftp.stanford.edu refers to an FTP server named "ftp" on Stanford University's local network (the domain stanford.edu).
MIT actually has several separate networks in operation, so several domain names are associated with MIT. In addition to the main mit.edu domain, there is, for example, a domain associated with the Artificial Intelligence Laboratory at MIT, called ai.mit.edu. (These two domain names at MIT are not interchangeable "aliases": the machine with the host name www.ai.mit.edu is not the same machine -- nor even in the same Internet domain -- as the machine with the host name www.mit.edu; rather, www.ai.mit.edu is a machine named "www" in the domain ai.mit.edu, while www.mit.edu is a machine named "www" in the different domain mit.edu.)
For sites outside the United States, domain names typically take the form: org-name.country-id (E.g., ca for Canada, de for Germany/Deutschland)
Although every machine has only one IP address at any given time, a machine may have several host names (the additional host names are known as "aliases"). For example, MIT's official web service is run on a machine with the host name "arachnophobia.mit.edu" (IP address 18.69.0.27), but users refer to the machine by the alias host name "web.mit.edu".
The use of host name aliases makes it easier for service providers to migrate services to new machines without interrupting service. For example, if the maintainers of the MIT web service moved it to a new faster machine, the host name "web.mit.edu" could be changed to point to the new machine, and removed as an alias for 18.69.0.27 ("arachnophobia.mit.edu" could remain as the host name of the old machine); users would not be burdened with having to learn the new IP address or host name, since the alias points to the new machine.
On the Internet, many communications programs deal only with IP addresses, yet allow their users to specify machines in terms of their host names (or alias host names). Or a program which already knows the IP address must determine the domain name for the network to which the machine is connected. Such programs must somehow convert the host names into IP addresses (or vice versa) behind the scenes. How do they achieve this translation between IP addresses and host names?
The mapping of host names to IP addresses is handled through a service called Domain Name Service (DNS). Rather than require individual machines, applications, or users to keep up with the constant changes in host names and IP addresses, a series of special DNS servers across the world (known as "name servers") keep track of the name/address information for all the computers on the Internet. Applications that need to determine an IP address from a host name (or vice versa) contact the local "name server" to supply this information.
For instance, if you use a web browser to check out the site "web.mit.edu", the program actually first contacts your local DNS machine to obtain the IP-address that matches the host name you provided; then the program uses that IP address to complete your request.
DNS is used much more frequently than is usually supposed: virtually every activity that moves information across the network (getting web documents, transferring files, sending or receiving electronic mail) relies on DNS.
(http://ist.mit.edu, N.A.)
This layer conveys the bit stream - electrical impulse, light or radio signal — through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards and physical aspects. Fast Ethernet, RS232, and ATM are protocols with physical layer components.
Layer 1 Physical examples include Ethernet, FDDI, B8ZS, V.35, V.24, RJ45.
At this layer, data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls how a computer on the network gains access to the data and permission to transmit it. The LLC layer controls frame synchronization, flow control and error checking.
Layer 2 Data Link examples include PPP, FDDI, ATM, IEEE 802.5/ 802.2, IEEE 802.3/802.2, HDLC, Frame Relay.
This layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.
Layer 3 Network examples include AppleTalk DDP, IP, IPX.
This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. It ensures complete data transfer.
Layer 4 Transport examples include SPX, TCP, UDP.
This layer establishes, manages and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end. It deals with session and connection coordination.
Layer 5 Session examples include NFS, NetBios names, RPC, SQL.
This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. The presentation layer works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.
Layer 6 Presentation examples include encryption, ASCII, EBCDIC, TIFF, GIF, PICT, JPEG, MPEG, MIDI.
This layer supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.
Layer 7 Application examples include WWW browsers, NFS, SNMP, Telnet, HTTP, FTP
(http://www.webopedia.com N.A.)
Application Protocols include:
Telnet, FTP, SMTP, DNS, RIP, SNMP, HTTP, HTTPS
(http://computernetworkingnotes.com, 2015)
A port number is part of the addressing information used to identify the senders and receivers of messages.
Port numbers are associated with network addresses. For example, in TCP/IP networking, both TCP and UDP utilize their own set of ports that work together with IP addresses.
Port Numbers
Port numbers work like telephone extensions. Just as a business telephone switchboard can use a main phone number and assign each employee an extension number (like x100, x101, etc.), so a computer has a main address and a set of port numbers to handle incoming and outgoing connections.
(ozccna.blogspot.com, N.A.)