This lecture is based on Wu chapter 4, with lots of supplementary material included in these notes.
There's a LAN (probably wireless) in your future. The appliances in your household, from electric toothbrush to automatic vacuum cleaner robot, all want to talk to each other. The toothbrush wants to remind you that it needs recharging, but it doesn't have a voice, so it wants the radio to speak for it. The robot is the only one who knows where you left your pager, because you accidentally kicked it under the bed last night. Etc., etc.... my house has five up-and-running PCs, five Macs, three printers and three Ethernet hubs.
The ISO Reference Model
This chapter of Wu cites this standard model but doesn't define it. Here we go.
Network layers in the OSI Model are organized as above. Vertical communications
are procedures being
called from above; the data formats used by calls TO a given layer
are the protocols of that layer.
Horizontal correspondences are between "peer processes". Each layer
uses different units of data. 7..4:
messages. 3: packets. 2: frames; 1: bits.
OSI layers were designed to
* provide a conceptual location for each well defined function
* minimize communication between layers
* respect the famous "rule of seven" - people can think about at most 7 things at once.
The following concepts are relevant to multiple layers of the OSI Model.
Services are provided by each layer to the layer above it. Each layer
adds functionality to the ones below
it. Modes of service are alternative tools or implementations, providing
the same service.
Two important classes are
Connection-oriented, or point-to-point: a virtual circuit is created.
Connectionless: "delivery service", like Fed Ex.
Sequencing defines the order your packets arrive
at the other end. Some protocols guarantee
sequencing, others don't.
Error Controls detect and correct corruptions and losses of data. Protocols
with error control are
reliable protocols. Checksums are quick ways of catching some errors;
CRC (cyclic redundency checks)
are higher powered equivalents.
Checksum: One way to do this is to add up all the 16-bit words in a packet of data (throw away overflow), keep the modulo sum & transmit it along with the data. If the recipient does the same and it matches the transmitted checksum, then you probably didn't lose anything.
CRC: usually computed by hardware, e. g. in Ethernet cards.
Acknowledgements - "hand shaking" - are also used.
MESSAGE 1 is sent; receive returns MESSAGE 1 ACK. If sender doesn't
receive the ACK within a
given time, it will retransmit. If sender finds a bad checksum, it
could wait & not send ACK but that's the
slow way. So it sends a NAK (not acknowledged) msg, meaning "retransmit
now. It was bad."
Flow Control means handshaking to keep sender from sending more
than receiver can digest. Internet
tools usually provide this.
End-to-End and Hop-by-Hop are two alternative ways of applying
services such as error control. If a
packet is only checksummed at end of path, and the ACK or NAK goes
all the way back to sender,
that's end to end. If each link recomputes checksums and receipts the
transmission, that is hop by hop.
Understanding the Design Issues
Managing Connections. Each layer must establish connection with
a peer process in another host.
Process ID is important.
Transferring data. Most systems have two parallel channels: data channel and control information/ urgent data channel. This urgent data might include a stop-process command such as ESC, and is referred to as out-of-band data.
Handling Errors. Get it from your provider (next layer below you in the stack) if you can. Lost data might include information about other lost data!
Preserving Sequence. Either preserve sequence, or reconstruct the proper sequence.
Fragmenting Data. If user packets are larger than physical
packets (for example) they gotta be sliced
up. Understanding fragmenting can greatly improve your applications'
performance.
Defining Network Layers
1. Physical layer: hardware, obviously. It's the network cable & repeaters & gateways etc.
Parallel vs. serial, net topology, voltages & currents.
2. Data-Link layer: network interface card.
Frames of data, expressed in physical layer's
format such as FM signals. Frames are the "boxes" of
data over which error checking takes place.
Ethernet Frame:
64 bits - preamble
48 bits - destination
address
48 bits - source
address
16 bits - frame
type
368 - 12,000
bits - frame data
32 bits - CRC
value
3. Network layer: Best example is the Internet Protocol (IP); software usually implements this.
Managing routing tables; accounting (costs)
4. Transport layer: Delivers data to the correct application within the destination host.
Communicates with peer transport-layer processes
on an end-to-end basis-regardless of how
lower layers are handling it. Thus it must
deal with fragmentation (and reassembly) for the use of the
communication sub-net which links the transport
layer peers together.
A single transport layer can also use multiple
network layers, to increase bandwidth. Then it must
multiplex and demux the data.
5. Session layer: Handles details such as account names, passwords,
authorizations. Each "logging in"
event is a session.
Seems like Transport &Session should be
reversed. But - no, the user is ABOVE all this, so
Session layer is appropriately protecting
the Transport layer from being accessed by unauthorized
folks.
Session layer also has to protect US from IT
(transport layer) if it's broken; e. g. by reporting a
problem and asking if we want to re start.
Finally, if Transport doesn't provide sequencing, Session must do so.
Some environments eliminate Session. In particular, Internet seems to
do most ID verification at the
Application layer.
6. Presentation layer: interface between network & printers,
file formats, etc. "How the net presents
itself to your hdw & softw."
Typically includes many data conversion routines.
Often implemented in user-callable routine
libraries. Example Windows Sockets (Winsock)
Application Program Interface (API) is a
session/presentation layer.
Provides "useful but non-essential" net services; e. g. encryption, compression.
Deals with differing interpretation of character sets, cr/lf issues,
tabs, cursor positioning. Often this is
handled by a virtual terminal protocol such as X-windows. Telnet is
somewhat similar.
7. Application layer: net-wide user functionalities such as e-mail, distributed databases.
We usually write code at Levels 6 and 7. Presentation
layer code is anything that is a network problem
vs. an application problem. This separation
increases reusability.
The Client/Server Model
Client programs request service or information from the server, which,
naturally, provides it. A virtual
circuit allows designers to act as though a point-to-point connection
exists between client and server.
Server usually inits and then goes to sleep, wasiting for a request
for service. Clients will usually transmit a
request for connection, followed by a request for service.
Iterative and Concurrent servers. Iterative servers handle each
request individually, completing one
before starting another. Concurrent servers create separate processes
to handle each request. Thus a
concurrent server has to run on top of an operating server with multitasking
capabilities.
****************
Connectionless and Connection-Based Communications
Connectionless means "fire and forget", like a bullet. You shoot it and then go on to something else. The guy you shoot at may feel obliged to shoot back at you, a receipt as it were. But he's not technically bound to do so. Connectionless communications end at the end of every transmission and have to be re-started if you want to say something else. HTTP is a perfect example. Your browser grabs some HTML, and that's it. The server doesn't wait for, or expect any more communications and neither does your browser.
Connection-based means we're tied together in a continuous dialog, like
a phone call. When you say something, if I don't say "uh huh" or "yeah"
pretty often, you conclude that the link has been broken. You have to explicitly
end a connection, by saying "goodbye" and hanging up the phone. (Nobody
has actually said "goodbye" since 1956, but "bye" or "later" works too.)
The classic example of connection based communcations is 'sockets' which
are discussed below in the Unix section.
Like many things, networks have gotten simpler over the years. Ethernet is based on these principles:
a) Every Ethernet interface card is born with a unique serial number, which is its Ethernet protocol address.
b) Ethernet devices use a shared bus, with no central access control. Every device can read and write to the bus. Only one message at a time can occupy the bus. Most buses in use today are 10 megabit/second (nominal), but they are being replaced by 100 mb/s.
c) Messages are sliced into multiple "frames" of uniform size. Each contains a destination and source address, and error detection information.
d) Ethernet uses a random timing protocol called CSMA/CD (Carrier sense multiple access with collision detection.) When a device wishes to talk to another, it looks to see if the bus is in use. If not, it fires a frame of a message onto the bus. If the bus is busy, it waits a random interval and tries again. This random interval is very important, since two devices using a fixed interval could potentially but heads forever, or until their clocks drifted apart (months or years later.)
Ethernet frames look like this:
64 bits - preamble
48 bits - destination
address
48 bits - source
address
16 bits - frame
type
368 - 12,000
bits - frame data
32 bits - CRC
value (That's a checksum for error detection.)
All cards listen for their own address, and also for FF FF FF FF FF
FF which is a broadcast message.
These internal Ethernet addresses are (I believe) the Ethernet version
of the MAC (Medium Access Control) addresses referred to in the text.
Query 11.1: Assume you have an Ethernet with ten computers on it. Is it possible that the first nine computers to start sending traffic could make the net so busy that the tenth one could never get a word in edgewise?
Topology. Originally people implemented Ethernet with a literal bus architecture. That is, a coaxial cable with round connectors ran from computer to computer, all around the room. This was very easy to set up, but a single failed cable (very common) would cut the entire network into two pieces. This technology was called Thickwire or Thinwire (10base2) where the 2 stands for 2 conductors (coaxial cable, actually.)
Thickwire Ethernet included a neat device called a vampire tap which could be used to chomp right into the middle of a thickwire cable, to add a computer. They were a serious source of unreliable connections, but the concept was intriguing.
TCP: Transport Control Protocol. IP: Internet Protocol. But TCP/IP is
more than two protocols. It's a
suite including TCP, IP and other protocols. Other common tools include
UDP and ICMP. Another
name is "Internet protocol suite."
IP is a network-layer protocol that moves data between host computers.
TCP is a transport-layer protocol that moves data between applications
(which are usually on different computers.)
UDP, the User Datagram Protocol, is another transport-layer protocol,
more simply (and thus faster) but
less reliably than TCP. UDP is the transport layer protocol used in
the SIMNET simulator system for
instance. Unlike TCP, UDP is not 'receipted' - there is no guarantee
of delivery. Think of it as being like ordinary U. S. post office mail,
whereas TCP is somewhat like registered mail with return receipt requested.
But the application program doesn't have to know if a failure occurs, because
TCP just tries again until it gets the job done.
ICMP, the Internet Control Message Protocol, carries network error messages and other control info.
You can bypass the Transport Layer (see thin arrows above) but it's
difficult programming; not
recommended.
The Link Layer. ARP=Address Resolution Protocol; RARP=Reverse
ARP. ARP translates network
layer addresses into link layer addresses, and vice versa. Link "hides"
the network technology (Ethernet,
Token Ring, Carrier Pigeon) from the Network Layer.
The Big Picture
Each successive layer "encapsulates" the message provided by higher layers. Imagine putting things inside envelopes, which go into other envelopes. The outermost envelope is the Ethernet Frame; then an IP Packet, then a TCP Segment, then an Application Message, then finally the User Data block.
Address Protocols: Address Resolution Protocol and RARP.
ARP translates 32 bit Internet (IP) addresses into 48 bit Ethernet (or other "link layer") addresses; RARP does the reverse. ARP uses the link layer's broadcast capability to query the net and identify who's currently linked up. It asks them what they think their IP address is, and caches the information for later use. Namely, when an IP datagram arrives, the router translates its address into a link layer address and sends it on along.
The IP Datagram
Also Known as the IP Packet. Technically, a packet is a bunch of data where as a datagram is a delivery service.
Data enroute from the application layer to the transport layer is called an application message. It is probably embodied as a parameter value or an array of data being pointed to in a procedure-call.
When it's flowing from TCP into the network layer it's called
a TCP segment (because TCP is a byte-stream delivery
service) or sometimes a transport message. If using UDP, we'd encounter
a UDP datagram.
When it comes out of IP headed for the hardware, it's an IP Packet.
The IP Header. Almost always 20 bytes wide. It contains the following information.
VERS: Version number. 4 bits. Whew! But we're only up to version 4, so I guess 4 bits will be enough for a while.
HLEN: Header length. 4 bits. Normally this says '5' for 5 32 bit words.
TOS: Type of Service. 8 bits, defining service performance.
| Bits 0-2 | 3 | 4 | 5 | 6 | 7 |
| Precedence | Delay | Throughput | Reliability | Cost | Unused |
Precedence is usually ignored. Someday it may be used to distinguish control information from data. The rest are also usually ignored, but could be important when realt-time systems are being designed - IF you can be sure that the routers in between, attend to these bits!
Delay=1: minimize delays. e. g. Telnet.
Throughput=1: maximize throughput. e. g. FTP.
Reliability=1: maximize reliability. e. g. SNMP (network management)
Cost=1: minimize cost. e. g. Usenet news groups.
Packet Length, including the packet header, in bytes.
Identification and Flags and Fragment Offset are used to reassemble fragements of datagrams.
Time-to-Live (TTL) tells how long the packet can live on the network; i. e. when it becomes 'stale' and useless. Every router decrements TTL by one, plus the number of seconds the packet waited inside the router's buffer. If TTL reaches zero, TCP/IP destroys the packet and notifies the sending host, via ICMP.
Most folks set TTL to 30 before shipping them.
Protocol is an 8 bit field which indicates which protocol generated
the data within the packet. This guides the choice of transport module
at the network layer.
| Protocol | Decimal | Binary |
| ICMP | 1 | 00000001 |
| IGMP | 2 | 00000010 |
| TCP | 6 | 00000110 |
| UDP | 17 | 00010001 |
Header Checksum performs the obvious function. It's a 16 bit number for the IP header fields only. TCP/IP stores the 1's complement of the sum of the header viewed as 16 bit numbers, excluding the checksum (which is treated as containing 0.) Upon receipt this is recalculated including the checksum; the total should add to all 1's. If an invalid packet is received, it is discarded.
Source and Destination IP addresses (each 32 bits) never change, no matter how many hops the packet takes.
IP Options - this field of 8 bits is for testing and debugging. They are rarely used.
Fragmentation
Technologies such as Ethernet specify a Maximum Transfer Unit (MTU) which is the largest packet size the physical network will be asked to transmit. Anything larger must be broken down.
Consequences of Fragmentation. Because multiple packets are involved, the probability of failure increases. Also some time cost is incurred by fragmentation.
Avoiding fragmentation. The default MTU used by TCP is 576 bytes, allowing for 512 bytes of data plus the TCP and IP headers, etc.
To get information to a destination, a given router can either perform Direct Delivery (if it knows that the host is in an immediately connected network) or Indirect Delivery (if it knows which adjacent net is best able to pass the information onward.)
Each entry in a routing table contains three fields: Network destination, Gateway and Flags. The Network field is the "input" - this is the field which must match the destination address. The Gateway and Flags fields are the "output" - the answer to the question "what do I do next?"
Direct Delivery. If the Flags field indicates a direct connection, then the network will translate the destination IP address into a link layer address (e. g. Ethernet), using the Address Resolution Protocol; encapsulate the data into a data frame and transmit it directly to its destination.
At the end of every journey is a direct delivery. The mailman puts the letter in your box.
Indirect Delivery. If an indirect connection was indicated
by the routing table, the link layer translation still has to occur but
the destination will be the next direct connection along the pathway -
i. e. the address of the next router in the chain.
Query 11.2: Briefly summarize the essential differences between TCP and IP.
Query 11.3: Describe how successive layers "encapsulate" data from higher layers. Why does every layer add a header, but only Ethernet adds a trailer? The answer is not explicitly stated in these Notes, but you can deduce it from information you have so far.
Query 11.4: Internet addresses are 32 bits long. Does this mean that the Internet can have essentially 2**32 computers on it before we run out of usable address space? If not, why not?
Query 11.5: Explain "Time to Live." Does Live rhyme with Jive in this sentence?
Hubs. Nowadays we use simple repeater devices called hubs and implement a star topology using fat telephone style RJ45 connectors. This is referred to as 10baseT (T stands for Twisted Pairs, which are cheaper than coaxial cable.) This simple technology works well for small setups like my house.LAN Technology
Switches or switched hubs are the next higher class of connecting device. A switch, unlike a hub, can form direct links between devices that want to talk, and can support multiple simultaneous conversations. Level 2 (ISO Level 2, that is) switches can "learn" by watching the source addresses of incoming packets, to know who they're dealing with - and thus, where to send output packets. They also learn when somebody falls off the net.
Bridges connect multiple LANs together. You could use a hub to connect multiple LANs, but then each LAN would contain all the traffic from both LANS (making them into one big LAN.) A bridge only passes through the data which has addresses outside the local LAN.
Routers are "strategic" devices which work at ISO Level 3, and can calculate the path (Route) from this LAN to some other LAN (subnet) that may be far away via WAN (Wide Area Network.) There are generally many ways to get from here to there. A Router will sense problems in a route, and substitute another. Routers also (obviously) perform the filtering function that Bridges do.
Gateway is a synonym for router; the term emphasizes its services to its own subnet. If a packet's subnet specifier is for the local subnet, that's as far as it goes.
Routers' other job (than supporting their own subnet) is passing along
Internet (or other WAN) traffic. They're the BIG GUYS who make it all happen.
They're the things that other routers have to worry about.
They can be implemented in two components:
Layer 3 switch (ASIC hardware)
route server (computer)
At this level we don't use a computer to ferry bytes from place to place (too slow.) We use switch hardware which is controlled by a computer off to the side.
The Cisco story Cisco is a formerly small company which essentially invented the router. They are the third leg of the Microsoft/Intel/Cisco triad of fantastically successful companies, the one you don't often hear about.
Jack <Winter?> is an entrepreneur who was one of Cisco's founders, cashed out and now travels the country in an RV promoting "long term thinking" as the solution of humankind's woes. He comes to see us every few years, a multimillionaire nomad.
Token Ring LAN: The Uptown Cousin
Token Ring is more sophisticated than Ethernet. It was developed concurrently with Ethernet and was IBM's darling while Ethernet spread among IBM's competitors. But token ring is dying out because Ethernet is getting faster. I get plaintive calls from TR salespeople: "You don't happen to use Token Ring, do you?"
Token Ring can be thought of as a railroad train going around a circular track. It picks up and drops off cargo where it is. Because there is no randomness, TR can run very fast, compared to Ethernet. But the hardware costs more.
FDDI: Fiber Distributed Data Interface
Dual counter-rotating rings provides marvelous reliability, for backbone applications. (Utilities like water and power systems are laid out in loops-on-loops for the same reason. A break can be isolated and repaired while the rest of the system keeps on providing services.
Fast Ethernet
"Category 5" is high class twisted pair wire for 100 mhz signals, which we have been installing for several years in anticipation of 100BaseT.
"Twisted pair" is very important! Two wires not twisted will pick up major amounts of noise, because one is closer to the source of some magnetic field than the other (e. g. your power wires.) Twisting averages out the noise so it cancels. Twisted telephone wire is radically better than straight pairs (which Radio Shack will nevertheless sell you!), so DON'T wire your house unless you use twisted pair phone wire. Modems in particular hate straight pairs.Hubs that can handle mixed 10 and 100 are called 10/100BaseT hubs.
100VG-ANYLAN is a priority based standard, specifically for multimedia. Priority and Standard are the two priority levels. Priority would be used for messages with tight latency requirements; standard for plain old data files. Uses same wires as 100BaseT, but hubs cost more. Can connect to Ethernet hubs at the "frontier" of the 100VG three level hierarchy of hubs.
Network Operating Systems
Basic service: peer-to-peer. Win95 supports a simple way of looking at others' disk files. Isn't that enough?
Nope. Graphical User Interfaces (GUI) connected to central servers provide some services that just can't be had any other way. E. G. airline reservation systems. Also maintainability of software is enhanced with a server (one place to fix things.) and login security depends on a central authority system. Three dominant NOS are discussed.
NetWare (Novell) was developed when DOS was all Microsoft had. It uses its own IPX/SPX protocol which does the job that TCP/IP does, but more efficiently. Netware dominated the PC networks of the 1980's, but Microsoft knew they were gonna come after it.
Unix migrated from an in-house AT&T environment to UC Berkeley, and was released to the public as the Berkeley Standard Distribution (BSD) in 1983. This was where Ethernet and TCP/IP started becoming the worldwide standards they are today.
Unix was the growing up place for TCP/IP. It remains the dominant Internet OS because of its high reliability and large base of skilled users. Linux is a free, reimplemented Unix.
Windows NT Server is actually built on top of a failed collaboration with IBM, around OS/2.
End of text
Back to previous lecture
Forward to next lecture
Back to the Index
Back to the Syllabus