Study Guide of Networking Terms and Concepts

CTS 1305 (Introduction to Networking)

©2003 by Wayne Pollock, Hillsborough Community College,
Tampa Florida USA.  All Rights Reserved.

This study guide is a work in progress!  It is intended to show students which terms and concepts from the book are considered the most important ones to study, and indicates the most likely parts of the assigned readings that will appear on quizzes and tests.

The terms and concepts are roughly in the order encountered in the book.  Many of the terms and concepts don't have accompanying definitions (yet).  Students are advised to look up these items in the text or other resources.

Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6

      Term Meaning

          Chapter 1
This chapter describes networking in general and introduces basic networking uses, terms, and concepts.  It also describes the career of a networking professional, organizations you can join, how to seek a networking related job (including where to look and certifications you can get), and the soft skills needed to get and keep a good job.
Network Two or more computers connected together that can share resources and pass data
Sneakernet Sharing data on computers by running around (in sneakers) with removable media (such as floppies) to and from each standalone computer
Transmission Media The connection between computers in a network.  Examples include various types of (copper) cables, fiber-optic cables, radio signals (wireless), and infra-red signals.
NIC Network Interface Card.  (Also Network Board.)
Local Computer The computer in front of you, the one you are physically interacting with now.
Remote Computer The computer you are working on via a network.
Host Another term for computer.
Node Any networked device (usually a host).
Peer-to-peer
Network
A network of computers (peers) that each can communicate with each other, and make and respond to requests for data and access to shard devices.  (Also referred to as p2p networks.)
Client-Server Also referred to as server based networking, the more common type of network today.
Client Any node that makes requests of servers.  The term may also refer to any user or software that makes requests of a server, it doesn't have to be a separate piece of hardware.
Server A node that responds to requests made by clients.  (A server may not be a separate piece of hardware.)
NOS Network Operating System, refers to an operating system (OS) that supports networking.
Network Model Also the Network Architecture.
LAN Local Area Network
WAN Wide Area network
MAN Metropolitan Area Network
internet A collection of related, connected networks
Enterprise
network
A network that spans an entire organization regardless of size, but often multiple sites.
Internet A global internet that grew from the ARPANET
Address A number given to a NIC (not a host, although since most hosts have a single NIC it often comes to the same thing) to uniquely identify it on a network.
Addressing A scheme used to assign addresses to nodes on a network.
Topology The shape of a network: star, ring, bus (hub), mesh, partial mess, and cell(ular) are common topologies.
Protocol The rules used between nodes to communicate.
Protocol Stack (Also Protocol Suite.)  A hierarchical group of protocols designed to work together.  Examples include Ethernet, Netware, and TCP/IP.
Gateway A combination of hardware and software that allows different kinds of networks to exchange data.
Packet A bundle of data bits, used to send data (and headers) when there is more data than can be sent in a single bundle.  Used in packet switched networks (as opposed to circuit switched).  A packet may be also called: data packet, datagram, segment, protocol data unit (PDU), frame, or cell.
Segment (1) A section of a network, typically a single cable or hub.  (2) A packet of data.
Bridge A Layer 2 device that connects 2 (or more) segments into a single network.  A bridge looks at the layer 2 packet header to determine which port (NIC) or ports to send a packet out.
Repeater A layer 1 device that is used to extend a LAN.  A repeater simply sends all received packets out all ports.
Hub The center of a star network topology, a layer 1 device that have replaced the cable segment in a bus topology.  A hub may be thought of as a multi-port repeater.
Network Services The common services provided by a network are: file/application, database, print, remote access (a.k.a. communication, RAS, NAS), e-mail, Internet (www, FTP, email, ...), security, and management services (traffic monitoring, load balancing, fault alerting, assess management, license tracking, security, patches, configuration, address management, and backup and restore).
Load Balancing Splitting the workload over several servers.
Traffic A term that refers to the data flowing through a network.
Workstation A host connected to a network primarily used for a single user at a time.

          Chapter 2
This chapter describes organizations, standards, and the OSI reference model.  An important concept to understand is the relationship between models, standards, protocols, software, and hardware: A model describes and defines the standards for various parts of communications.  Protocols are the set of rules that fulfill those standards, and software and hardware in turn implement the protocols.  For two hosts to exchange information, they must agree on which protocols to use but they may use different vendor's products to implement the protocols.

Although the ISO model is used as a networking standard reference, the US DoD model's TCP/IP protocols are more commonly used in networking products today.
Standards Standards are documented agreements containing technical specifications or other precise criteria that stipulate how a particular product or service should be designed or performed.
Standards
Organizations
ANSI, EIA (and TIA), IEEE, ISO, ITU, IAB
RFC "Request for Comments", a public repository of networking standards.  The official source is www.rfc-editor.org
Network Architect A title of a person who designs networks.
OSI Model ISO's Open Systems Interconnection network reference model.  This model has seven layers, some of which are divided into sublayers.  The upper layers (Application, Presentation, and Session) are usually application/service specific.  The lower layers (Physical and Data link) are closely related to a single technology (e.g., Ethernet).  The middle three layers (Data link, Network, and Transport) are the ones that most concern a networking professional.
Layers TCP/IP is based upon a four layer model, which can be related to the OSI model's seven layers: Physical (1), Data link, Network, Transport, Session, Presentation, and Application (7).  These layers are also known as L1, L2, ..., L7.

One way help to remember the layers is All People Seem To Need Data Processing, or Phyllis Did Networking Till She Passed Away.
Service Access Point (SAP) The name given to the service that layer N provides to layer N+1.  (Essentially the name of some API function.)
Service Primitives The data (or parameters) passed to a SAP.
OSI Layers
OSI Layer Description and Functions
7Application Transfers information from program to program.  Everything at this layer is application-specific.  This layer provides application services (API) to applications for file transfers, e-mail/messaging, and other network software services.  Packets at this layer are often referred to as messages.  (ex: Telnet, FTP, HTTP)
6Presentation Handles text format (e.g., Windows to Unix) and display code (ASCII to Unicode) conversions, encryption, and compression.
5Session Establishes, maintains, and coordinates communication between applications: login/authentication, session timeouts, auto reconnection, synchronizing dialogs (transaction-ACK, username-password, ...).  (ex: connection to ISP, RPC, SQL, NFS, ASP)
4Transport Ensures accurate delivery of data end to end (e.g., client on one host to server on another), handles end-to-end flow control and error recovery (via ACKs, sequence numbering, and retransmissions).  Or not.  Sequencing also involves segmenting and reassembly.  Name service is logically at this level.  Protocols: TCP (connection-oriented services/protocols, segments), UDP (connectionless, datagrams), DNS, LDAP, SPX
3Network Transmits packets host to host across an internet, determines routes, handles the transfer of data (segmenting and reassembling packets as needed), translate network addresses (L3) into MAC (L2) addresses, gateway services.  (Modern systems may also handle some security at L3).  Devices: routers, L3 switch.  Protocols: IP, ARP, RIP, IPX
2Data Link Encodes data, builds and addresses frames, and transmits packets across a LAN.  (ex: IEEE 802.x, HDLC, ATM, PPP, FDDI, Frame Relay)
2 LLCLogical Link control Controls frame synchronization, flow control and error checking (ACK and re-transmission).  Devices: Bridges, switches.  Protocol suites: Ethernet, Token-ring)
2 MACMedia Access Control Controls how a host on the network gains access to the data (is network busy now?), permission to transmit it (includes addressing), logical topology.  Devices: NICs
1Physical Manages hardware connections: NICs, cables, repeaters, hubs.  Data units are bits.  Topics addressed in this layer: connection type (point-to-point or multipoint), physical topology, signaling (encoding), bandwidth use, multiplexing.  (ex: EIA/TIA-232 (formally RS-232), V.90, Ethernet)
Baseband Uses entire bandwidth of transmission medium for a single data channel.
Broadband split bandwidth into several channels, allowing multiple simultaneous conversations.  (Today also used as a marketing term meaning fast.)
MAC Address Also known as L2 address, hardware address, physical address, LAN address, NIC address, Ethernet/Token Ring address, card address, or BIA (Burned In Address).  This address is in two parts: the 3 byte IEEE manufacturer's ID (block ID, or Organizationally Unique Identifier (OUI)) and the 3 byte device ID.  The IEEE MAC address is thus 6 bytes and usually written as 12 hex digits.  An all-ones ("FFFF.FFFF.FFFF") IEEE MAC address is a broadcast address.
Token A special frame that circulates around a token ring network.  When a host wants to transmit a frame, it must wait until it sees (and grabs) the token.
Headers (and trailers), the control data that is pre-pended (appended in the case of a trailer) by some layer to the data to be transmitted.  Understanding the headers, especially at L2-L4, is key to understanding how these protocols work and to troubleshooting problems.
Encapsulation Each layer adds it's layer header (information destined for the peer layer at the destination), and possibly a trailer too, to the data it received from a higher layer.  The whole packet is passed as a service primitive to the next lower layer.
Peer Layer The layer N software on the destination, that the same layer N software on the source communicates with.  (That is layer 3 protocols are designed to talk to layer 3 protocols on another host.)
ACK Acknowledgement.  Usually sent by a peer layer back to the source to indicate successful receipt of a packet or packets.
Collision When two hosts try to send data at the same time over the same media.
Contention When hosts must compete to use a shared medium.  Ethernet uses contention, but Token Ring does not.
Switch A layer 2 device that connects segments of a LAN.  A switch may be considered like a multi-port bridge, only smarter and more efficient.  A switch sends packets out a particular port (NIC) based on the information in the layer 2 packet headers.  (A repeater simply sends all packets out all ports.)
Ethernet A sent of standards and protocols at layers 1 and 2 for communicating across LANs.  Ethernet is the most popular LAN technology in use today.  There are actually four different types of Ethernet defined.  All nodes on the same LAN should use the same type of Ethernet or communication may not be possible.
Token Ring A LAN technology invented by IBM, in which all nodes are connected in a ring.  All packets flow in one direction around the ring.  Although token ring type networks (such as FDDI) are often used, for LANs Ethernet is usually used instead.
Router A layer 3 device used to connect LANs (intranets) together in an internet.  Routers provide gateway services, perform route selection, and often provide other services such as security (firewall).
Route A path through an internet.  Often a router contains a table of routes, which only indicates the next hop router to sent the packet to.
Network Address A layer 3 address that can be administratively assigned, and contains a network number and a host number.  Only such addresses are considered routable.
Layer 3 Switch Similar to a normal layer 2 switch, an L3 switch can forward packets based on layer 3 packet header information, similar to a router.
Segmentation Refers to the process of splitting up a large packet into several smaller ones.  Such packets are referred to as segments or sometimes fragments. At the destination the small packets are reassembled.
Flow Control Any of several techniques to prevent a host from sending too many packets too quickly for the media or destination to handle.  At layer 4 (transport) this refers to end-to-end flow control.
IP Internet Protocol, the core TCP/IP protocol at layer 3.
sequencing A technique to number packets, to ensure they arrive in order at the destination.  This is used when segmenting packets.
Datagram A term for a packet, often used for a layer 4 UDP packet or a layer 3 packet (sometimes known as an IP datagram).
Connection-oriented
Services
Provides end-to-end flow control and re-ordering of packets that arrive out of order.  Often this term also is used to indicate a reliable service, which means error recovery is used.  A reliable connection oriented service appears to the user as a virtual circuit, which must be set up, used, then torn down when done.
Connectionless
Services
A service that doesn't provide connection-oriented services.
TCP (Transmission Control Protocol)  A layer 4 protocol that provides a reliable connection-oriented service.
UDP (User Datagram Protocol)  A layer 4 protocol that provides connectionless service.
Name Service A service that translates names to addresses.  Most common is DNS, used to translate Internet domain names and hostnames into IP addresses.
DNS (Domain Name Service)  Used to translate hostnames (and domain names) into IP (layer 3 network) addresses, and vice-versa.
LDAP (Lightweight Directory Access Protocol)  A protocol used to access information stored in a hierarchical database called a directory.  LDAP can be used as a name service.
ISP (Internet Service Provider)  Provides connections to the Internet, IP addresses, and other services.
Login As a verb, "to login" means to authenticate yourself to the host (or network).  Once authenticated the system will assume all further commands from that connection are issued from the authenticated user.  Authentication is often proved using a password.

As a noun, "login" is often used to refer to a user's ID, sometimes called a login name or user name.
Encryption The process of "scrambling" the data in a packet (or even the packet headers, or sometimes just a file on a disk) so that it appears random to anyone who doesn't know how to "de-scramble" the data.  To decode (un-encrypt) the data a password (or key) is needed.
Compression A technique used to store or transmit less data without losing any information.  That is, a compressed file or packet can be "de-compressed" to restore it as it was.
API (Application Programming Interface)  A set of service access points (or functions) provided by an OS to application programmers.  for networking this means the functions an application can use to access networks, such as sockets or MAPI
FCS (Frame Check Sequence)  A checksum or CRC put into a frame (layer 2 packet) trailer.  Used to provide some error detection (corrupted packets).
Checksum A simple method of adding up all the bytes in a packet.  Used to detect errors.
CRC (Cyclic Redundancy Check)  A more complex type of FCS that catches many more errors than a simple checksum.  This is actually more common.
IEEE 802
Standards
IEEE 802 Series of Standards
802.1Standards related to network management
802.2General standard for the data link layer in the OSI Reference Model.  The IEEE divides this layer into two sublayers -- the logical link control (LLC) layer and the media access control (MAC) layer.  The MAC layer varies for different network types and is defined by standards IEEE 802.3 through IEEE 802.5.
802.3Defines the MAC layer for bus networks that use CSMA/CD.  This is the basis of the Ethernet standard.
802.4Defines the MAC layer for bus networks that use a token-passing mechanism (token bus networks).
802.5Defines the MAC layer for token-ring networks.
802.6Standard for Metropolitan Area Networks (MANs).
802.7Broadband standards (media, interfaces, and other equipment).
802.8Fiber-optic media and technologies.
802.9Standards for transmitting both voice and data over a single medium (VoIP).
802.10Various security topics: access control, encryption, certificates, etc.
802.11Wireless standards, including the popular 802.11b (WiFi).
802.12High speed networking standards (>100 MBPS).

          Chapter 3
This chapter describes The TCP/IP suite of protocols and the concepts and headers used.  Many of the protocols (including some application layer protocols) are discussed briefly.  (chapter 11 covers TCP/IP in even more detail, consult it when in doubt.)  The chapter briefly describes IP addressing, port numbers, binary numbers, and domain names.  Some topics such as port numbers and binary number system will be covered in more detail than the book does here.  The chapter concludes by looking at other protocol suites such as IPX/SPX from Novell, NetBIOS/NetBEUI for Microsoft, and AppleTalk from Apple.

TCP/IP is by far the most common protocol suite used today.  Knowledge of the others is useful if you plan on getting certified, if you work in some environment that includes Novell or MS or Apple servers.  While you are free to study these (and ask me question on them) we will skip the details of these other protocol suites.
Protocol A set of rules that fulfill one or more standards (from a network model).  Typically protocols define communications with a peer layer.
Subprotocol When a protocol suite or stack is referred to just a protocol, the individual protocols of that suite are then referred to as subprotocols.
Core Protocol The most fundamental protocols in a suite (and that other protocols rely on).
Routable protocols Protocols that define and transmit L3 (network) addresses, because a router can understand the addresses.  Not all protocols are considered routable.
Multiprotocol
Network
Running multiple protocol suites on the same physical network.
Installing a
protocol
Enabling a suite of protocols on a host.  Of course what really gets installed is some software that implements a protocol.  A multiprotocol router can act as a gateway between the various protocols.
DoD Network
Reference Model
The four layer model that TCP/IP was designed to implement.  The four layers are Application (same as OSI L7-L5), Transport (same as OSI L5-L4), Internetwork (same as OSI L3) and Network Interface (same as OSI L2-L1).  The last later was originally named network but that was confusing with the OSI L3 layer name, so it was renamed to host-to-network and finally network interface.
TCP/IP The most popular protocol suite today, includes many protocols at different layers, including IP, ICMP, ARP (Layer 3), TCP, UDP (Layer 4), as well as various application layer protocols.
IP Internet Protocol, the TCP/IP core L3 protocol used to send IP datagrams across an internet.  The current version of IP is version 4 (or IPv4), the "next generation" will be version 6 (sometimes IPv6 is called "IPng").

The maximum size of an IP packet is 64k (65,535) bytes.

IP is considered unreliable (no error detection/correction) and provides connectionless service.

IP headers have fields to control fragmentation (when a single packet must be split into several smaller ones) which are identification, flags, and fragment offset.  Other important header fields are the TTL (the Time To Live, in seconds; often the number of "hops"), the (L4) protocol, and the source IP address and destination IP address.
TTL TTL (Time To Live) indicates the max time (in seconds) that a datagram will be allowed to remain on the network before it is discarded.  Although routers are fast it is required that each router decrement the TTL by at least one.  It is quite common to have each router subtract exactly one so the TTL field in practice indicates the number of hops (different networks) a packet can go through before the destination is so far away it is considered unreachable.  Because of this, the TTL is sometimes referred to as a hop count.  The TTL field prevents bad routes from looping a packet around an internet forever: when a network device receives a packet with a TTL of zero the packet is discarded.

The TCP specification [RFC-793] states that the TTL field for TCP packets should be set to 60 when first sent but many systems use smaller values such as 30 or even 15.  IP itself doesn't have streict requirements for this field.  All RFC-791 says is:
  • A host MUST NOT send a datagram with a Time-to-Live (TTL) value of zero.
  • A host MUST NOT discard a datagram just because it was received with TTL less than 2.
  • The IP layer MUST provide a means for the transport layer to set the TTL field of every datagram that is sent.  When a fixed TTL value is used, it MUST be configurable.
RRC-1812 adds this about TTL and routers:
  • ... a router MUST NOT check the TTL of a packet except when forwarding it.
  • A router MUST NOT originate or forward a datagram with a Time-to-Live (TTL) value of zero.
  • A router MUST NOT discard a datagram just because it was received with TTL equal to zero or one; if it is [sent] to the router and otherwise valid, the router MUST attempt to receive it.
  • When a router forwards a packet, it MUST reduce the TTL by at least one.  If it holds a packet for more than one second, it MAY decrement the TTL by one for each second.
  • If the TTL is reduced to zero (or less), the packet MUST be discarded, and ... the router MUST send an ICMP Time Exceeded message ... message to the source.
The maximum possible value of this field is 255, and many systems set the TTL field of ICMP ECHO_REQUEST packets (which are sent by ping) to 255 rather than 60.  This is why you will sometimes find you can ping some hosts but not reach them with telnet or ftp.

In normal operation ping prints the TTL value from the packet it receives from a remote system.  But remote systems set the TTL in the reply to different values: sometimes 255, sometimes 128 (the loopback address often uses this value), sometimes 60, 64, or some other value.  In some cases the remote end uses the TTL value from the request packet unchanged in the reply, so the TTL value you see will be 255 (or whatever initial value is used) minus the round-trip number of hops.

Here is a chart of the TTLs used by various operating systems.  (Posted on comp.os.linux newsgroup 8/9/05 by an anonymous source.)
TTL values by operating system
OS TCP TTL UDP TTL
AIX 60 30
DEC Pathworks V5 30 30
FreeBSD 2.1R 64 64
HP/UX 9.0x 30 30
HP/UX 10.01 64 64
Irix 5.3 60 60
Irix 6.x 60 60
Linux 64 64
MacOS/MacTCP 2.0.x 60 60
OS/2 TCP/IP 3.0 64 64
OSF/1 V3.2A 60 30
Solaris 2.x 255 255
SunOS 4.1.3/4.1.4 60 60
Ultrix V4.1/V4.2A 60 30
VMS/Multinet 64 64
VMS/TCPware 60 64
VMS/Wollongong 1.1.1.1 128 30
VMS/UCX (latest rel.) 128 128
MS WfW 32 32
MS Windows 95 32 32
MS Windows 98 128 128
MS Windows NT 3.51 32 32
MS Windows NT 4.0 128 128
MS Windows 2000 128 128
MS Windows XP 128 128
Fragmentation If possible large packets from an application are broken into smaller segments at L4, but if not the packet must be fragmented at L3.  Each fragment is sent in a different (L3) packet but all fragments have the same identification as well as a fragment offset so the receiving end can reassemble the fragments into a single L4 packet, the correct order.
TCP Transmission Control Protocol, the TCP/IP Layer 4 (transport layer) protocol that provides reliable (error detection and retransmission) connection-oriented services (flow control and packet reordering).  Layer 4 packets are sometimes called segments.  TCP requires that a connection be set up before any data can be sent using a process known as a three-way handshake.  Another handshake sequence is used when finished to take done the connection.  TCP uses port numbers to direct the data to the correct application on each host.

The fields in the TCP header include the Source and Destination port numbers, a Sequence number, Acknowledgement (ACK, which indicates the last byte of data correctly received), Offset (the TCP header length), Flags (codes), Window-size (used for the sliding window method of flow control), Checksum (entire packet), Urgent pointer, Options (this field may be omitted), Padding (if needed), and Data.
Flags The TCP Flags (codes) are: URG (the packet contains Urgent data), ACK (indicates the packet contains an acknowledgement), PSH (Push data), RST (Reset shows a problem with the connection, which is no longer up), SYN (synchronize, used during handshaking), and FIN (Finished, used to bring down the connection).
Port Numbers Each network application can define one or more data flows to other applications.  (For example, a web browser with multiple windows open, each to a different website.)  Two byte port numbers are used to identify data flows.  Servers on a network have well known port numbers (0-1023) or User (Registered) port numbers (1024-49151), assigned by the IANA or ICANN.  The remaining port numbers (through 65535) are known as dynamic or private ports.  (See services file for a current list.)

For example a web browser sends a request packet to a web server using a destination port number of 80 (the well-known port number for web servers), and a private source port number indicating which browser window should receive the reply.  The private port number is assigned randomly.
Socket A combination of a port number and an IP address.  A pair of sockets will uniquely identify a network connection from a client on one host to a server on another.  Sockets are usually part of the application program interface.
UDP User Datagram Protocol.  This layer 4 (transport) protocol is part of the TCP/IP protocol suite and provides connectionless (best effort delivery) service.  UDP packets are often referred to as datagrams.

The UDP header only has 4 fields: source and destination port numbers, Length (of the whole packet), and a Checksum.
ICMP Internet Control Message Protocol is used to send control messages rather than data.  These are typically error messages, but ICMP is also used for programs such as ping (ICMP ECHO packets).
TCP/IP Application
Layer Protocols
These include telnet, ssh, FTP, SMTP, SNMP, and many others.
Subnet (or subnetwork) is the name used to refer to one of the networks of an internet.
IP Addressing Layer 3 (network) addresses must be hierarchical (to allow hosts to be grouped into networks) and assignable by an administrator (so they can be managed).  Such addresses are considered routable addresses, and a protocol which uses them is considered a routable protocol.  IP address are four byte numbers (32 bits) and is divided into a network and host portion.  (sometimes a subnetwork portion too.)

IP addresses are assigned to NICs, not to hosts.  It is possible to assign multiple IP addresses to a single NIC (which is known as IP aliasing).  Before one host can send a packet to another, the layer 2 address of the destination must be determined so the frame can be correctly constructed.  This is done by ARP.

IP addresses are usually written in dotted-decimal notation: four numbers in the range 0-255, separated by periods.  (Example: 120.17.0.22.)  The network number part of an IP address is assigned by IANA or ICANN (actually by a registrar approved by these agencies) and is represented by the leftmost bits in the address  The rightmost bits represent the host number.
ARP Address Resolution Protocol, used to translate layer 3 (network) addresses into layer 2 (MAC) addresses.  A host can sent an ARP broadcast packet and the destination host only will respond, with its MAC address in an ARP reply packet.  (See the arp command to view the ARP cache on your computer.)
Classful
Addressing
IP addresses historically are divided into classes, Class A, Class B, and Class C.  (Other classes exist but such addresses are used for special purposes.  The class of an IP address can be determined from the value of the first byte:

ClassRange Description
A1.0.0.0 - 126.0.0.0 Up to 24 million hosts per network, these are assigned to countries or very large companies (such as ISPs).  Only the first byte indicates the network number, the other three are used for the host number.
B128.0.0.0 - 191.0.0.0 Up to 65K networks with 65K hosts each.  The first two bytes are network, the last two are the host number.
C192.0.0.0 - 223.0.0.0 Up to 254 hosts per network but 24 million such networks.  These addresses have three bytes for the network number and the last byte only for the host.
Subnet Mask With classful IP addresses the first octet (byte) determines how may bits of the 32 bits indicate the network.  Within an organization's internet the single network is often subdivided into subnets.  This is done by splitting the host portion of the IP address into a subnet number and the rest remains the host number.  To determine which bits of the address indicate network information and which bits indicate host information, and additional 32 bit value known as the subnet mask is used on the organization's routers.  This value is sometimes just known as the mask.  The subnet mask is a string of one bits, followed by a string of zero bits.  The one bits indicate the portion of the IP address used for networking (network number and subnet number) and the zero bits indicate the host portion of the IP address:
    IP Address:   0000 1010 . 0010 1001 . 0000 0000 . 0000 0001
    Subnet Mask:  1111 1111 . 1111 1111 . 0000 0000 . 0000 0000
(In dotted decimal the above IP address is 10.41.0.1 and the subnet mask is 255.255.0.0.)  This corresponds to a network number of 10, a subnet number of 41, and a host number of 1.
Classless
Addressing
Classless Internet Domain Routing (or CIDR) is a technique used to eliminate the classful distinctions and limitations from IP addressing.  With CIDR the IP address is split into a network portion and a host portion using a mask (sometimes still referred to as the subnet mask).  The mask is an additional 32 bit value that is all one bits on the left (to indicate the network part of the address) and all zero bits on the right (to indicate the host part).  The mask may be specified in dotted-decimal notation but is more commonly given as the number of one bits in the address, separated from the IP address with a slash.  (For example a mask of 255.255.0.0 would look like this:  10.41.0.1/16.)
localhost The special IP address 127.0.0.1 is used to refer to the current host, which is also known by the name localhost.
Network Address An IP address in which the host portion is all zero bits.
Directed Broadcast An IP address in which the host portion is all one bits.  A local broadcast is an IP address of all ones (255.255.255.255) and indicates a broadcast for the current LAN.  (Note that to support network numbering and broadcasts, no host is allowed to use all zeroes or all ones for its host number.)
Private network To permit organizations to use large numbers of hosts with a few (or just a single) official IP addresses, the IANA established several network numbers that could be used internally by an organization but that would never be routable across the Internet.  The private network numbers are 10.0.0.0, 172.16.0.0, and 192.168.any.0.
Dynamic Address An IP address assigned automatically.  Many organizations uses dynamic addressing on the workstations, to permit simpler configuration.  The protocol DHCP is often used for this.
Static Address Addresses assigned manually by an administrator.
DHCP Dynamic Host Control Protocol, used to assign IP addresses to hosts (and to configure other information on the hosts, including DNS and gateway information).  DHCP, like BOOTP, is built around RARP (Reverse ARP).  A DHCP configured host broadcasts a Layer 2 (MAC) address, and a DHCP server responds with the host's IP address and other information.
hostname An IP address may be associated with a name.  By using a naming service the names can be used in place of the IP addresses (the applications will use the naming service to translate the names to addresses).  Since most hosts have a single NIC (and thus a single IP address), the name that corresponds to that address is known as a hostname.
Domain Names To help organize and manage hostnames, a hierarchical scheme is used known as the domain name system (or DNS).  Such domain names are leased from an accredited (by the IANA or ICANN) registrar for a fee by anyone who wants one.  A domain name may include zero or more subdomains and hostnames, which are not paid for and are administered locally.  (That is, each organization with a domain name is responsible for managing all the subdomains and hostnames within that domain.  You can either have some ISP do this for your or run your own DNS server.)  The global database of domain names is known as the whois database.  This database is distributed across the Internet on many DNS servers.  (A file named hosts can be used on any host to supplement the DNS system.)  Microsoft defines a similar naming service just for Windows called WINS, but most hosts including MS Windows systems use DNS.
TLD Top Level Domain.  A domain name may consist of subdomains, then the domain name which ends in a standard TLD such as .com or .edu.  There are two types of TLDs: gTLDs (generic TLDs such as .org) and ccTLDs (country code TLDs such as .us).  The IANA or ICANN regulate which TLDs are legal, and license various domain name registrars to sell domain names.
FQDN Fully qualified Domain Name.  A hostname plus its domain name form a FQDN.  For example a web server might (and usually does) have the hostname of www, and an organization might have been assigned the domain name foobar in the TLD of com.  Then the FQDN would be:  www.foobar.com.
IPX/SPX The name of Novell's protocol suite.  IPX is similar to UDP and IP, SPX is similar to TCP and IP.  Novell uses standard Ethernet frames but defines the L3 network address as a 32 bit network number and a 48 bit host number (the MAC address is often used for the host number).  IPX packets can be encapsulated within IP packets, so Novell servers can communicate over the Internet.
NetBIOS/NetBEUI Network Basic Input Output System was designed by Microsoft for small, Microsoft-only peer-to-peer networks.  An application layer protocol NetBEUI (pronounced as "net boo-ee", and which stands for NetBIOS Enhanced User Interface) was added later.  This works well for small, isolated Microsoft-only P2P networks (such as "Windows for Workgroups") but doesn't scale up well:  With more than a few dozen hosts NetBIOS is inefficient, the maximum number of hosts is 256, and the protocol has poor security.  NetBIOS uses L2 addresses are is thus non-routable, however NetBIOS packets can be encapsulated in TCP/IP packets.
AppleTalk AppleTalk is a protocol suite designed by Apple for small P2P networks.  It was designed to not need any administration at all.  As the networks got bigger, Apple added subnets known as zones.  AppleTalk is inefficient and not very secure.

          Chapter 4
This chapter describes the concepts behind transmission of data and common transmission media you need to know.  Much of this detail is important if you plan to pursue certification, if you plan to design LANs, or if you need to troubleshoot layer 1 problems (which are by far the most common problems in networking.)

There are many different media choices you can make, with many trade-offs between cost and features.  This chapter provides an introduction to the concepts needed to understand these features, and a discussion of various media choices that exist today.

Coax cabling is rarely used anymore.  For our class you can skip this material (but certification exams will require you to know it).

Analog Signal A continuously varying signal.
Digital Signal A signal that switches sharply on and off (that is, between two different values).
Voltage The strength of a signal.  Voltage is to electricity what pressure is to water in a hose: the more pressure you have the faster the water flows.  Similarly the more voltage you have, the more electricity (electrons) will flow through a wire.
Ampere Ampere (or current) is the amount of electricity (electrons) that flow past a given point in an interval of time.  (Specifically 1 amp = 6.24 x 10E18 electrons (one coulomb in one second.)
AC and DC AC (alternating current) is the type of current that first flows in one direction, then reverses and flows in the opposite direction.  DC (direct current) is the type of current that flows in one direction only. 
Resistance Opposition to the flow of current.  (A narrow hose has more resistance to the flow of water than a wide hose.)
Amplitude The height of a signal (such as a voltage signal).
Wavelength The distance between similar points in two successive waves of some signal.
Frequency The number of wave per second.  Frequency is measured in Hertz, where 1 Hz = 1 wave per second.  Note that the frequency = 1 / wavelength.
Phase The position of a point on a wave, measured as a number of degrees, with the (arbitrary) beginning of the wave = 0 degrees and the end of the wave = 360 degrees.  More commonly the phase is a measure of the difference of the phase of the same point on two similar waves.
Bit A single binary digit, which is one of two possible values.  Binary numbers are used because it is cheaper to make reliable equipment with binary (just detect if the signal is above or below some threshold) than with decimal numbers (10 different signals must be reliably detected).
Byte A group of eight bits is one byte or octet.
Noise A type of interference:  lightning, strong cell phone or radio signals, electric motors, florescent lights, etc.
Overhead The non-data bits that must be sent for communication to occur.  This includes packet headers and trailers and extra non-data packets (such as TCP/IP hand-shake).
Modem A device that converts digital signals to analog for transmission over analog transmission media (such as telephone lines).  A matching modem at the other end converts the analog signal back to digital.  The data signal is combined with a carrier wave to form the actual analog signal to be sent.  This can be done in several ways, such as AM (Amplitude Modulation) or FM (Frequency Modulation).
AM Amplitude Modulation in which the carrier wave isn't modulated at all but nearby frequencies called sidebands have their amplitude modulated by the signal.  By comparing the amplitude of the carrier with the sideband, the signal can be detected.
FM Frequency Modulation in which the frequency of the carrier wave is modulated within a band (or range) of frequencies.  By comparing the frequency of the signal received with the frequency the carrier is supposed to be, the signal can be detected.
PM Phase Modulation in which the phase of the carrier wave is modulated in response to the amplitude of the input signal.  The resulting carrier wave thus changes frequency a little as its phase changes.  These changes allow the signal to be detected.  (PM is somewhat similar to FM but they are different.)
Channel A distinct communication path.  A given transmission medium may support one or more channels.
Simplex A one-way channel (one end sends only and the other receives only).
Half-duplex A one-way at a time channel (one end sends and the other receives, but then the channel can be turned around with data going the other way).
Full-duplex Data can be sent and received simultaneously.  This requires at least two channels.  (This is sometimes just called duplex.)
Baseband All the frequencies of some transmission medium are used for a single channel.  (Example is Ethernet.)  The more frequencies allocated to a channel, the more data per second that can be sent over that channel.  (The term narrowband is related, meaning just enough capacity for voice, or "not broadband", or sometimes specifically less than 64 Kbps.)
Broadband When a wide (large) band of frequencies is available of some transmission medium, typically used for multiple channels.  (Another term for this is wideband.)  The channels can carry different data streams, or multiplexing can be used to carry data over several channels.  (Example is PPP.)  A For example, a reliable voice signal requires a 3KHz band of frequencies.  If some transmission medium (say a cable) was capable of transmission over 3MHz, then 1,000 voice signals could be sent simultaneously over 1,000 channels.  This is sometimes also known as FDM or frequency division multiplexing.  (Today Broadband is a marketing term that just means high-speed; "AOL Broadband" today merely means a 56k dial-up line.)
Multiplexing When multiple signals travel over a single medium, the transmissions are logically separated into channels (or subchannels), sent across the medium, and then separated back into the individual signals.  There are several ways to accomplish this, such as FDM (Frequency Division Multiplexing) or TDM.
Multiplexer (or mux) is a physical layer (L1) device that combines multiple data streams into one or more output channels at the source, and demultiplexes the channels back into multiple data streams at the remote end.  Sometimes the remote end device is called a demultiplexer or demux.
TDM Time Division Multiplexing assigns one time slot per data stream (or source).  For example if you wanted to use TDM for 10 signals, then data from signal 1 is sent during slot 1, data from signal 2 is sent during slot 2, etc.
STDM Statistical Time Division Multiplexing is similar to TDM except that the different data sources are not assigned fixed slots.  Instead any data signal may be sent in any given slot.  Although this method requires extra overhead (so the source of each packet can be identified) compared with TDM, overall STDM is more efficient since if some data source is not ready to send, with TDM its slot can't be used.
WDM Wavelength Division Multiplexing (and the related DWDM or Dense Wavelength Division Multiplexing) uses different frequencies of light over the same fiber cable to transmit many signals at once.
Point-to-point Point-to-point transmission is between one source and one destination.  The communications may be either one-way or two-way.
Broadcast (or point-to-multipoint) transmission is between one source and many destinations.  The source only sends while the destinations can only receive.
Multicast One sender (the source), many receivers.  The difference between this and a broadcast is that the receivers must subscribe (or tune into) the transmission, otherwise it isn't sent to them.
Throughput How much data (including overhead) is transmitted past a single point in a given interval of time.  Throughput is a measure of capacity and is usually measured in bps (or bits per second).  Sometimes the related term bandwidth is used interchangeably (but mistakenly) with throughput.
Bandwidth The difference between the high and low frequencies that a medium (or channel) can use for data transmission.  The higher the bandwidth, the greater the possible throughput is.
SI Prefixes
SI (Standard International) Prefixes
Prefix Meaning Example
kilo1,000 (but often used to imply 1,024 instead,
especially in computer or networking terms)
64K usually means 65,536, not 64,000
mega1,000,000 (or 1,048,576)10 mbs = 10 megabits per second
giga1,000,000,000 (or 1,073,741,824)80GB = 80 gigabytes
milli a thousandth 3 msec (or 3 ms) is 3 thousandths of a second
micro a millionth 10 µs (or 10 us) is 10 microseconds
nanoa billionth 10 ns is 10 nanoseconds
picoa trillionth 10 ps is 10 picoseconds
EMI Electro-Magnetic Interference is a source of noise, such as from motors, florescent lights, lightning, etc.
RFI Radio-Frequency Interference is a source of noise, such as from cell phones or radios.  (The FCC requires electronic devices to be rated based on how much RFI they emit.  Each electronic component often has an FCC number which can be used to look up the type of device on-line.)
Attenuation Loss of signal strength (actually both loss and spread).  (Attenuation is often the limiting factor of a network segment's maximum length.)
Amplifier A device used to boost a signal's amplitude, including any noise.
Repeater A device used to regenerate a signal: detect the input signal and then send out a new, clean (free of noise) signal.
Latency The delay measured from when a bit is sent to when that bit is received.  Every network device and transmission medium has some latency.
Media
Comparison
Due to continually changing technology, the costs and other data in the chart below may be out of date.  Factors in the cost include cost of: installation, modification, maintenance and support, having a lower throughput (affects productivity), obsolescence, and the type of connectors required.  Factors in the capacity include the maximum size and scalability, the maximum nodes per segment, the maximum number of segments, maximum segment length, etc.

Media Cost Ease of Installation Capacity Attenuation (Range) EMI/Eavesdropping Susceptibility
UTPvery lowvery easy 100 Mbpshigh (100s of meters)high
STPmediumeasy 155 Mbpshigh (100s of meters)medium to high
Coaxlow to mediumeasy 1 Gbpsmedium (kilometers)medium
Fibermedium to highhard2 Gbps low (10s of kilometers)low
Low Power Wirelessmediumeasy 10 Mbpshighvery high
High Power Wirelessmedium to highhard 10 Mbpslowvery high
Spread Spectrum Radiomedium to highmedium 6 Mbpshighmedium
Terrestrial Microwavemedium to highhard 10 Mbpsvarieshigh
Satellite Microwavehighvery hard 10 Mbpsvarieshard
P2P Infraredlow to mediummedium 10 Mbpsvariesmedium
Broadcast Infraredlowsimple <1 Mbpshighhigh
Noise Immunity Common ways to improve network noise immunity are to use better transmission media: coax, STP, or fiber (best).  Move cables away from noise sources.  Use a metal conduit.  Use anti-noise algorithms.
Crosstalk When a signal from one pair in a cable puts a signal (i.e., noise) on another.  Crosstalk is measured in decibels (dB).  Using twisted pairs reduces crosstalk, the more twists per foot the better.
Twist ratio The number of twists per foot in twisted pair (TP) cables.  When there is more than a single wire pair in a cable, it is common to have the different pairs use slightly different twist ratios.  (So the exact twist ratio per pair in say cat 5 cable varies between manufacturers.)
Alien crosstalk Noise from adjacent cables.  This can be a problem when UTP cables are bundled closely together in a conduit.
Twisted pair
cable
Twisted pair (TP) cabling is the most commonly used transmission media today.  There are two broad types:  Shielded Twisted Pair (or STP) has metal foil or braiding surrounding each pair, and the whole cable as well.  Unshielded Twisted Pair (or UTP) has no shielding but is cheaper and popular (since in many situations extra shielding is not needed).

Twisted pair cables can be classified into categories by EIA/TIA (as shown in the chart below).  Note that CAT 6 and CAT 7 probably cost as much as fiber optic cables and have no real use (since CAT 5e supports Gigabit Ethernet).

A series of new standards are in the works to include power over some of the unused wire pairs in CAT 1-6.  This would eliminate the need for separate power cables to some network devices, and will likely be very popular.

Category Description
CAT 1 Unshielded, un-twisted cable with 2 pairs, usually used for voice but can support up to 128 Kbps
CAT 2 UTP or STP with 4 pairs; can support up to 4 Mbps
CAT 3 UTP or STP with 4 pairs; can support up to 10 Mbps and was common in older installations that only supported 4 Mbps token ring or 10 Mbps Ethernet.  Has 3 to 4 twists per foot.
CAT 4 UTP with 4 pairs; can support up to 20 Mbps and was common to support 16 Mbps token ring.  Has about 10 twists per foot.
CAT 5UTP or STP with 4 pairs; can support 100 Mbps.  Has 36 to 48 twists per foot.  (Very common today.)
CAT 5eUTP or STP with 4 pairs; can support 250 MHz.  Has 48+ twists per foot.  When adding connectors, you must not untwist more than 1/2 inch of cable at each end, and strip no more than 1 inch of insulation.  (Note that even one inch of untwisted wires can reduce throughput to less than 30 Mbps!)  This is the current standard in new construction and will support Gigabit Ethernet.
CAT 6STP with 4 pairs; can support 100 Mbps.  This is rarely used.
CAT 7STP with 4 pairs; will support 750 MHz.  This category of cable is not currently standardized (3/2003).  This cable will use different connectors than CAT 3-6 (i.e., not RJ-45 connectors).
Fiber optic
cable
Fiber optic cables carry laser light signals in glass wires called fibers.  Each cable consists of a single fiber known as the core, surrounded by another type of glass known as the cladding.  The light signal bounces off the cladding as it travels through the core.  The cladding in turn is surrounded by an (opaque to light) insulator.  The core is such pure glass that about the same amount of light is lost traveling through a mile of fiber as through a quarter-inch of window pane glass!  There are two types of fiber cables:

single mode has a 10 micron diameter core and can be used for distances up to 3 kilometers.

multi-mode has a core diameter of 50 to 100 microns.  This causes the signal to bounce around more, which causes greater attenuation, and this limits the distance to about 2 kilometers.  (However this is cheaper than single mode fiber.)
Plenum cable Most cables have an outer insulation made of PVC (poly-vinyl chloride), which is cheap and works well.  Unfortunately when heated (such as in a building fire), PVC gives off deadly Chlorine gas.  Building codes require that in any space where people are usually found (known as a plenum), special cables that use non-toxic insulation must be used.  These plenum cables are often insulated using Teflon.
Patch cable Common cabling today has 4 pairs or eight wires in the cable.  These wires are connected at each end to an RJ-45 connector.  In a patch cable or straight-through cable, pin 1 at one end is connected to pin 1 at the other, pin 2 to pin 2, and so on.  (Holding the two connectors side by side, the color-coded wires will appear in the same left-to-right order in both connectors.)
Cross-over
cable
This type of cable is the same as a regular patch cable, except that two of the pairs of wires are reversed (or crossed).  It is also known as a null-modem cable.  Such a cable is required when connecting two of the same type of device (DTE or DCE), since otherwise both devices will try to transmit on the same pair and both will listen on the same pair.  By crossing the pairs, one device listens on the pair the other device transmits over and vice-versa.
Roll-over
cable
The same as a regular patch cable, except that the wires at one end are a mirror image of the other end.  (That is, pin 1 to pin 8, pin 2 to pin 7, etc.)  This type of cable is sometimes used to connect to the console port of network devices such as Cisco routers.
Physical Layer
Standards
These standards are all named "speed Base|Broad distance", where speed is the capacity in megabits per second, "Base" indicates baseband transmission, "Broad" indicates broadband transmission, and distance is approximately the maximum distance.  (If the distance includes the letter "T" then the maximum distance is 100 meters.  The letter "X" here indicates full duplex capability and faster signaling.  The letter "F" indicates fiber optic cabling is used.)

Name Description
10Base2 (also thinnet), a (thin) coax cable with a maximum distance of 185 meters.
10Base5 (also thicknet), a (thicker) coax cable with a maximum distance of 500 meters.
10BaseT UTP or STP cable with a maximum distance of 100 meters.  Commonly used for Ethernet.
100BaseT UTP or STP cable with a maximum distance of 100 meters.
100BaseTX  UTP or STP cable, a maximum distance of 100 meters, and full duplex capability.  Commonly used for Fast Ethernet.
10BaseF Fiber cable with a maximum distance of 2 or 3 kilometers (depends on type of fiber used).
100BaseFX Fiber cable with a maximum distance of 2 or 3 kilometers.
EIA/TIA-568 Commercial building wiring standards.  Also called structured cabling.
MDF Main Distribution Facility, the central wiring closet.  This should be located close to the POP.
IDF Intermediary Distribution Facility refers to wiring closets other than the MDF.  May also be called a telecommunications closet or telco room.  (EIA/TIA-568 requires at least one IDF or MDF per floor.)
CPE Customer Premises Equipment, sometimes called the subscriber wiring.
Demarcation
point
(or demarc) is the protected, grounded, physical connection point where the private network (the subscriber wiring or CPE) connects to a public network (the local loop or ISP's wiring).
POP Point of presence is the connection point to the Internet.  This includes routers and possibly other network devices.  The POP may reside in space owned or rented by the ISP or may be located on the customer premises.  (The POP and demarc are often located in the MDF.)
Vertical wiring Connects wiring closets together.  Also called backbone wiring or risers, this includes cabling between the MDF and IDFs, and cabling between buildings.  (This term should not be confused with the backbone network.)
Horizontal
wiring
Connects workstations (and servers and printers not in a wiring closet) to a wiring closet.  The maximum distance allowed by EIA/TIA-568 is 100 meters.  This includes 3 meters from workstation (or server) to wall jack, 90 meters from a wall jack to the wiring closet, and 6 meters of patch cabling inside the wiring closet.  Although the text has incorrect information on this, in practice it is acceptable to exceed the 3 meters from the workstation to the wall jack provided the overall distance remains less than 100 meters.
Catchment area An area on one floor of a building that is served by a wiring closet.  Under ideal circumstances a centrally located wiring closet may serve a catchment area with a 100 meter radius.  (Often each catchment area is associated with a LAN segment.)

          Chapter 5
This chapter describes and compares basic topologies, switching, and transmission methods for LAN and WAN technologies, including Ethernet and FDDI.
Physical Topology The way (or shape of) the nodes on a network are wired together.
Bus A single cable or trunk with a single channel, that all nodes connect to.  Often coax cable was used for this (thicknet or thinnet).  Such networks are considered peer-to-peer since all nodes can talk with each other.  On a bus each node is always listening for any packets addressed to it.  To send a packet, a broadcast is sent on the bus and all nodes except the destination are supposed to ignore it.

A bus must be terminated (with 50 ohm resistors) at either end or the signal will "bounce" after hitting the end of the cable.  The bus should also be grounded but only at a single point (as many commercial buildings have multiple grounds).

Buses can be cheap, but difficult to install, don't scale well (up to about 200 nodes but performance degrades after one or two dozen nodes), and are difficult to troubleshoot (fault isolation is difficult).  A bus is not fault tolerant since a problem with any part of the cable usually brings down the whole network.
Ring Each node connects with a cable to an adjacent node (so each node connects to two other nodes), with the last node connected back to the first to complete a circle.  Packets are passed in one direction only around the ring using a technique called token passing.  Every node retransmits any packets they receive on one interface out the other, and are supposed to ignore any packets not addressed to them.  A special packet called the token is passed around the ring continuously.  When a node has a packet to send it waits until it is passed the token.  Then it adds the headers and data to the token (to form a valid data packet) and sends it out.  The packet travels around the ring until it reaches the destination, which may substitute an acknowledgement packet, modify the headers to indicate receipt, or do nothing at all.  When the original sender receives the reply, it just sends out the token.  Since all the nodes participate in sending the packet around the ring (acting as repeaters), a ring is sometimes referred to as an active topology.

Rings are slower than buses since each node adds latency, are not scalable, and are not fault tolerant since a break in the ring can bring down the whole network (although many real-world ring networks use double rings or special algorithms to handle a single break).
Star All nodes connect to a single device at the center, such as a hub or switch.  The central device and all attached nodes are considered part of a single LAN segment.  Although stars require more cabling than bus or ring networks, often the cables are cheaper.  A star is fault tolerant in that a break in a single cable affects a single node only, however if the central device breaks the whole network fails.  Stars scale well, with a maximum of 1,024 nodes (in practice performance will be poor and management difficult after a few hundred nodes).  Stars or the most common physical topology used today.
Mesh In a mesh every node has a direct connection to every other node.  This is very fault-tolerant but very costly and doesn't scale, and is rarely used except in military applications.  A mesh or more likely a partial mesh may be used in WANs.
Cell or cellular topology is used in wireless applications.  A wireless access point (or WAP) covers a fixed geographical area, such as a single classroom, office suite, or lab.
Hybrid topologies A mix of basic types.  In the 1980s isolated networks were common.  Today an organization will want to connect many LANs into an internet, which will usually have a complex topology.
Star-wired ring Uses token passing along a star (the cables have two channels).
Star-wired bus A network where stars are connected to a bus (that is the hubs or switches are connected together).  This is commonly used when you need to have more nodes than a single device can support.  (See also daisy-chain topology.)
Daisy-chained
topology
Similar to a star-wired bus but with cumulative hub latencies.  Both topologies have limits according to the type of network: five segments connected through up to four devices (such as hubs), with nodes attached to no more than three of the segments.  The two segments without any nodes attached are called transit network segments and are usually fiber.

This topology is also known as an extended star (a star of stars) under EIA/TIA-568.  These limits are known as the 5-4-3 rule.  Although large networks can be supported with this topology, a designer must be careful to not exceed the maximum size or number of nodes allowed under EIA/TIA-568.  If larger networks are desired, separate networks must be interconnected in an internet with a device such as a router.
Server farm Once it was common to attach workgroup servers in different locations on an internet, to be close to the users who needed the most access to them.  Today most servers have heavy access from all over the enterprise internet, and it has become common to place most servers in a single location known as a server farm.  This allows easy physical access by IT personnel and allows greater physical security, but usually requires greater throughput and reliability to that LAN.
Hierarchical
topology
Large enterprise internets often have server farms that need extra capacity and reliability (compared to user workstations), multiple sites connected by a WAN that requires higher capacity, reliability, and scalability between sites, and a large number of nodes (over 1,000, 10,000, or even 100,000).  To support these requirements a hierarchical network design is used, with one topology used for each of many LANs and another topology (or level in the hierarchy) used for the WAN.  In very large internets there may be more than two levels in the hierarchy.
Backbone network A common hierarchical design is to use a backbone network to connect various LANs (sometimes this term is used to describe the vertical wiring used to connect various LAN segments).  The backbone has no nodes attached (and thus is a transit network) but instead connects various network devices such as routers or switches.  Fiber is often used for backbone wiring.  (A bus LAN technically has a backbone, but enterprise backbone networks are usually far more complex.)  Backbone networks have variations such as distributed or parallel backbone networks.
Serial backbone In this topology multiple hubs (or switches) are connected to a single backbone cable.
Distributed backbone This topology consists of several hubs or switches (plus the cabling between) that connect hierarchically to other hubs, which in turn connect to the nodes.  (This bottom layer of hubs or switches is known as the access layer and the devices are called access hubs or access switches.)

A common distributed backbone topology uses routers in the backbone instead of hubs or switches, and thus connects LANs rather than segments of a single large LAN.  This design is very scalable; for very large internets you can use several layers in the hierarchical backbone.  It also allows an administrator to put different workgroups in different LANs or use higher capacity to some LANs (such as for a server farm).  Thus this design is very manageable, simple to design and implement, and relatively cheap.  However when using a distributed backbone with a single LAN size and distance may limit its usefulness, and when using routers to connect LANs there is an increase of latency and cost.  Finally the central network device at the top of the hierarchy is a single point of failure.
Collapsed backbone This topology is the same as a distributed backbone topology, only all the access hubs/switches connect to a single switch or router.  The differences are that if the device in the center fails the whole network is down, but the advantages are that this design is cheaper and easier to manage (only one device to configure).
Parallel backbone This topology is the same as the collapsed backbone only using multiple cables between the access layer devices and the central switch/router.  The extra cabling provides extra capacity in normal operation (via multiplexing), while providing redundancy in the event one of the parallel links fails for any reason.  The extra cabling is expensive so a common design is to use the parallel cables to only some access layer devices, such as to a server farm.

The central device is also a single point of failure.  With some modern routers, a hot standby router can be used to provide redundancy.  The standby router monitors the main router and transparently takes over if it fails.
Mesh network The most scalable and robust design involves a multi-level hierarchy of switches and routers.  The access layer devices are connected to a pair of switches, which connect to each other.  (This is just a parallel, distributed backbone with two switches in the backbone.)  This system is called a switch block.  The switch blocks are in turn connected to a set of routers connected in a mesh or a partial mesh to each other.  Each switch block uses parallel cabling to connect to two routers.  In this three level hierarchy you have no single point of failure, and the design can easily scale up to millions of nodes.  (You expand the network by adding additional switch blocks.)  The disadvantages of this topology are the cost and difficulty of management (of so many devices and links).
WAN topologies WAN topologies are more complex than LAN topologies, in part because they tend to evolve over time (rather than be planned), and in part because the large distances involved means that different technologies must be used than for LANs (such as SONET or DSL), and that management and troubleshooting remotely can be difficult.

The topologies for WANs are the same as for LANs: ring, star, mesh (and partial mesh), and hierarchical (also known as tiered or multi-tiered).  A peer-to-peer WAN topology is also common, often using dedicated circuits (such as T1 lines) or a public network with special access software that ensures privacy (VPN or virtual private network).
Logical topology Also called the network transport system, the logical topology describes how the network functions at layers 1 and 2 of the OSI model.  (Note the physical topologies don't correspond to any OSI layers, just EIA/TIA (and other) standards.  For LANs, Ethernet technology is so common that other solutions (such as token ring) are rarely considered at all.  For WANs the technology of choice changes frequently as prices and performance change.  Some common choices are FDDI and ATM.  All technologies use some form of switching to shunt the packets through the network.
Circuit switching is used to establish a (possibly virtual) circuit between the source and destination before any packets are sent.  The network dedicates capacity to this circuit which is unavailable to other packets (even when the circuit is not being used).  The circuit establishes a path through the network that all packets traveling this circuit will use. 
Message switching In message switching the sender establishes a connection, transfers the data, then tears down the connection.  When the sender can’t directly reach the destination, a series of transfers take place over intermediary sites.  This is why this type of communication is referred to as store and forward.  (Email is a common example.)
Packet switching Packet switching breaks data into packets before sending.  Each packet contains headers that allow the intermediary sites to forward the packet.  Packets travel any path through a network (so different packets may travel different paths, and may even arrive out of order).  At the destination the packets are re-assembled into the original data.  Although packet switching is thus not suitable for live audio (or other streaming data), it is often used anyway.
CSMA/CD The "type" of an Ethernet: Carrier Sensing (means it listens in on the media before attempting to transmit anything), Multiple Access (means the transmission medium is shared), Collision Detection (means packet collisions, which result from two stations transmitting simultaneously over a shared medium, are detected).  The algorithm used is this: listen;  If media not in use then start transmitting;  If collision is detected then send a jam signal, wait a random interval, and attempt transmission again.  (Part of the reason for the 100m length limit of an Ethernet LAN segment is due to the data propagation delay from one end to the other end.  If this distance is exceeded than some collisions may not be detected at all.)
Jam signal The jam signal is send when one station detects a collision during its packet transmission.  Also called jamming.
Collision
Domain
The part of a network where packets can collide.  This is typically a single segment of a LAN.
Switched
Ethernet
Every node has its own segment or collision domain  One way to think of a switch is as a multi-port bridge, whereas a hub might be considered a multiport repeater.  The original Ethernet (which might be called shared Ethernet as opposed to switched Ethernet) used hubs, which meant the whole LAN was one big collision domain (and security was poor).  In contrast switched Ethernet has many small collision domains (one per node) even though all the nodes are still part of a single LAN segment (i.e., a single broadcast domain).  Switched Ethernet has replaced demand priority systems.
Gigabit
Ethernet
IEEE standard 802.z, still 100m distance, may run on UDP, STP, or fiber (in which case the max distance increases to 550m).  Someday 10G Ethernet may be possible.
Ethernet
Frame
Types
X
X X
X X

          Chapter 6
This chapter describes network devices, how to install and configure NICs, and how to identify common problems with network devices.  You should also understand the purpose and uses of the different types of network devices and how to choose an appropriate network device for a given situation.
X X

 


Send comments and questions to pollock@acm.org.
Valid HTML 4.01!   Valid CSS!   CAST: Bobby WorldWide Approved 508   CAST: Bobby WorldWide Approved AAA