NETWORKS ARE COMPLICATED structures with many interrelated parts. To better understand how the various parts fit together, it is useful to have a network model. A network model is like a generic car: just as every car has wheels, a drive-train, an engine, and suspension, every network has a physical layer, a data link layer, a network layer, and so on. 3One car may have an automatic transmission and another a manual one;
one car may have disk brakes and another drums. Likewise, one network may implement the physical or data link layer differently than another, but they both are networks, and they both have the layers in one form or another. The first part of this section introduces you to the OSI and IEEE networking models. These models will help you identify the various parts that make up networks and understand how the parts work together.
The OSI and IEEE theoretical definition of networking technology helps to explain networking
concepts; but just as a theoretical car will not get you to the grocery store, a theoretical network will not get your data to the server.
The International Organization for Standardization (ISO) began developing the Open Systems Interconnection (OSI) reference model in 1977. It has since become the most widely accepted model for understanding network communication. As you know, in order for computers to communicate, there must be accepted rules of communication. For communication to take place on a net-work composed of a variety of network devices, these rules must be clearly defined. The OSI model (and networking models developed by other organizations) attempts to define rules that apply to the following issues:
n How network devices contact each other and, if they have different languages, how they communicate with each other
| Methods by which a device on a network knows when to transmit data and when not to |
| Methods to ensure that network transmissions are received correctly and by the right recipient |
| How the physical transmission media are arranged and connected |
| How to ensure that network devices maintain a proper rate of data flow |
| How bits are represented on the network media |
The OSI model is nothing tangible; it is simply a conceptual framework you can use to better understand the complex interactions taking place among the various devices on a network. The OSI model does not perform any functions in the communication process. The actual work is done by the appropriate software and hardware. The OSI model simply defines which tasks need to be done and which protocols will handle those tasks, at each of the seven layers of the model.
1. Physical
2. Data link
3. Network
4. Transport
5. Session
6. Presentation
7. Application
The OSI model divides communication tasks into smaller pieces called sub-tasks. Protocol implementations are computer processes that relate to these sub-tasks. Specific protocols fulfill subtasks at specific layers of the OSI model. When these protocols are grouped together to complete a whole task, you have what is
called a protocol stack. The following sections examine how protocol stacks work and how they communicate with protocol stacks on other computers.
A protocol stack is a group of protocols arranged on top of each other as part of a communication process. Each layer of the OSI model has different protocols associated with it. When more than one protocol is needed to complete a communication process, the protocols are grouped together in a stack. An example
of a protocol stack is TCP/IP, which is widely used for Unix and the Internet. Each layer in the protocol stack receives services from the layer below it and provides services to the layer above it. Novell explains the relationship like this: layer N uses the services of the layer below it (layer N–1) and pro-vides services to the layer above it (layer N+1). For two computers to communicate, the same protocol stacks must be running on each computer. Each layer of the protocol stack on one computer communicates with its equivalent, or peer, on the other computer. The computers can have different operating systems and still be able to communicate if they are running the same protocol stacks. For example, a DOS machine running
TCP/IP can communicate with a Macintosh machine running TCP/IP.
When a message is sent from one machine to another, it travels down the layers on one machine and then up the layers on the other machine.
As the message travels down the first stack, each layer it passes through (except the physical layer) adds a header. These headers contain pieces of control information that are read and processed by the corresponding layer on the receiving stack. As the message travels up the stack of the other machine, each
layer strips the header added by its peer layer.
As an example, suppose you are using two networked applications based on the DOS and Macintosh operating systems. At layer 7, the DOS application requests something from the Macintosh application. This request is sent to the DOS application’s layer 6. This layer receives the request as a data packet, adds its own header, and passes the packet down to layer 5, where the process is repeated. As the request travels down the layers, headers are added until the request reaches the physical layer (which does not add a header), loaded down with headers.
Next, this request packet travels across the network transmission media and begins its journey up the layers on the Macintosh. The header that was put on at the data link layer of the DOS application is stripped at the data link layer of the Macintosh application. The Macintosh data link layer performs the tasks requested in the header and passes the requests to the next higher layer. This process is repeated until the Macintosh application’s layer 7 receives the packet and interprets the request inside.
At each layer, the data packages, called service data units, are made up of data and headers from the layers above. For this reason they are commonly referred to by different names when they are at different layers. The term packet is applicable to a service data unit at any layer.
The physical layer is simply responsible for sending bits (bits are the binary 1’s and 0’s of digital communication) from one computer to another. The physical layer is not concerned with the meaning of
the bits; instead it deals with the physical connection to the network and with transmission and reception of signals.
This level defines physical and electrical details, such as what will represent a 1 or a 0, how many pins a network connector will have, how data will be synchronized, and when the network adapter may or may not transmit the data .
The physical layer makes a physical circuit with electrical, optical, or radio signals.
Passive hubs, simple active hubs, terminators, couplers, cables and cabling, connectors, repeaters, multiplexers, transmitters, receivers, and transceivers are devices associated with the physical layer.
The following items are addressed at the physical layer:
| Network connection types, including multipoint and point-to-point connections |
| Physical topologies, which are physical layouts of networks, such as bus, star, or ring |
| Analog and digital signaling, which include several methods for encoding data in analog and digital signals |
| Bit synchronization, which deals with synchronization between sender and receiver |
| Baseband and broadband transmissions, which are different methods for using media bandwidth |
| Multiplexing, which involves combining several data channels into one |
| Termination, which prevents signals from reflecting back through the cable and causing signal and packets errors. It also indicates the last node in a network segment. |
The data link layer provides for the flow of data over a single link from one device to another. It accepts packets from the network layer and packages the information into data units called frames to be presented to the physical layer for transmission. The data link layer adds control information, such as frame type, routing, and segmentation information, to the data being sent.
This layer provides for the error-free transfer of frames from one computer to another. A Cyclic Redundancy Check (CRC) added to the data frame can detect damaged frames, and the data link layer in the receiving computer can request that the information be present. The data link layer can also detect
when frames are lost and request that those frames be sent again.
In broadcast networks such as Ethernet, all devices on the LAN receive the data that any device transmits.
(Whether a network is broadcast or point-to-point [only the destination computer receives the information] is a matter of the network protocols, which were introduced in previous section.) The data link layer recognizes frames for which the destination ID matches the computer and discards other packets.
The data link layer establishes an error-free connection between two devices.
Bridges, intelligent hubs, and network interface cards are devices typically associated with
the data link layer.
The IEEE committee felt that the data link layer needed to be defined in greater detail, so they split it into two sub-layers:
| Logical Link Control (LLC), which establishes and maintains links between the communicating devices |
| Media Access Control (MAC), which controls the way multiple devices share the same media channel |
The logical link control sub-layer provides Service Access Points (SAPs) that other computers can refer to and use to transfer information from the logical link control sub-layer to the upper ISO layers. This is defined in the 802.2 standard.
The IEEE split the ISO data link layer into the logical link control sublayer and the media access control sublayer.
The media access control sub-layer, the lower of the two sub-layers, pro-vides for shared access to the network adapter and communicates directly with network interface cards. Network interface cards have a unique 12-digit hexadecimal MAC Address assigned before they leave the factory where they are made (although there have been rare cases of adapters having the same addresses). These MAC addresses are used to establish the logical link between computers on the same LAN.
The network layer makes routing decisions and forwards packets for devices that are farther away than a single link. (A link connects two network devices and is implemented by the data link layer. Two devices connected by a link communicate directly with each other and not through a third device.) In larger networks there may be intermediate systems between any two end systems, and the network layer makes it
possible for the transport layer and layers above it to send packets without being concerned about whether the end system is immediately adjacent or several hops away. The network layer translates logical network addresses into physical machine addresses (the numbers used as destination IDs in the physical network
cards). This layer also determines the quality of service (such as the priority of the message) and the route a message will take if there are several ways a message can get to its destination.
Several IEEE categories define the logical link control and media access control sublayers of the OSI data link layer.
The network layer also may break large packets into smaller chunks if the packet is larger than the largest data frame the data link layer will accept. The network reassembles the chunks into packets at the receiving end. Intermediate systems that perform only routing and relaying functions and do not provide an environment for executing user programs can implement just the first three OSI network layers.
The network layer moves packets across multiple links.
The network layer performs several important functions that enable data to arrive at its destination. The protocols at this layer may choose a specific route through an internetwork to avoid the excess traffic caused by sending data over networks and segments that don’t need access to it.
Routers and gateways operate in the network layer.
The network layer serves to support communications between logically separate networks. This layer is concerned with the following:
| Addressing, including logical network addresses and services addresses |
| Circuit, message, and packet switching |
| Route discovery and route selection |
| Connection services, including network layer flow control, network layer error control, and packet sequence control |
| Gateway services |
The transport layer ensures that packets are delivered error free, in sequence, and with no losses or duplications. The transport layer breaks large messages from the session layer (which we’ll look at next) into packets to be sent to the destination computer and reassembles packets into messages to be presented to the session layer. The transport layer typically sends an acknowledgment to the originator for messages received. The transport layer provides end-to-end communication with integrity and performance guarantees
The session layer allows applications on separate computers to share a connection called a session. This layer provides services such as name lookup and security to allow two programs to find each other and establish the communications link. The session layer also provides for data synchronization and Check-pointing so that in the event of a network failure, only the data sent after the point of failure need be re-sent. This layer also controls the dialog between two processes, determining who can transmit and who can receive at what point during the communication.
The session layer provides for dialog between application programs.
The presentation layer translates data between the formats the network requires and the formats the computer expects. The presentation layer does protocol conversion, data translation, compression and encryption, character set conversion, and the interpretation of graphics commands.
The network redirector operates at this level. The network redirector is what makes the files on a file server
visible to the client computer. The network redirector also makes remote printers act as though they are attached to the local computer. The network redirector is an important part of networking.
The presentation layer adapts information to the local environment.
The application layer is the topmost layer of the OSI model, and it provides services that directly support user applications, such as database access, e-mail, and file transfers. It also allows applications to communicate with applications on other computers as though they were on the same computer. When a programmer writes an application program that uses network services, this is the layer the application program will access
The application layer provides for the connection of application programs on separate machines.
The IEEE 802 Categories
The Institute for Electrical and Electronic Engineers, Inc. (IEEE) in February 1980 formed a project called Project 802 (after the year and month the project started) to help define certain LAN standards.
The published IEEE 802 standards predate the OSI standards, but both were developed simultaneously and in cooperation, so the two standards share many features and interoperate well. Project 802 defines aspects of the network relating to physical cabling and data transmission, corresponding to the physical and data link layers of the OSI model. The 802 specifications fall into 12 categories that are identified by
the 802 numbers listed in the table below;
Categories of 802 Specifications
NUMBER CATEGORY
802.1 Internetworking
802.2 Logical Link Control
802.3 Carrier Sense with Multiple Access and Collision Detection CMSA/CD, or Ethernet)
802.4 Token Bus LAN
802.5 Token Ring LAN
802.6 Metropolitan Area Network (MAN)
802.7 Broadband Technical Advisory Group
802.8 Fiber-Optic Technical Advisory Group
802.9 Integrated Voice/Data Networks
802.10 Network Security
802.11 Wireless Networks
802.12 Demand Priority Access LAN, 100baseVG-AnyLAN
Microsoft Networking Components within the OSI Framework
THIS SECTION DISCUSSES the networking components found in Microsoft Windows NT and Windows 95 networks in the context of what you learned in the preceding section about the OSI model. Specifically, this section is concerned with the drivers and protocols you will encounter in common networking environments today.
Every device in a computer requires a driver to operate. Some drivers—for instance, the driver for an IDE hard disk or for the keyboard—are built into the operating system. Other devices require that drivers be installed separately when the device is attached or installed in the computer. Network adapter cards are of the second type; driver software must be provided by the manufacturer and installed in the computer so that the computer will be able to access the network adapter card. Installable device drivers make a computer more flexible because the range of options and capabilities in devices is wide and it would be difficult or impossible for the writers of operating systems to foresee every possible feature a device might allow the computer to use. Rather than even attempt such a feat of programming, the operating systems writers provide a generic device driver interface and allow the manufacturers to write device drivers that will exploit the special capabilities of their devices.
The network redirector in the client operating system uses the driver for the network adapter card to provide services such as file storage and printing to the users’ applications. The driver must reside on the computer’s hard disk or on a boot ROM because the computer cannot access the card until it loads the driver for that card.
In the early days of networking, drivers could be bound only to a unique instance of a protocol stack. For most computers this was okay because a single card needed only a single protocol stack. Servers, however, often needed to respond to more than one protocol and often used more than one card.
Explain the purpose of NDIS and Novell ODI network standards.
The solution to this problem is driver interfaces, which allow multiple cards to be bound to multiple transport protocols. Two incompatible driver interfaces exist:
| Open Driver Interface (ODI), developed by Apple, Novell, and other major networking companies |
| Network Driver Interface Specification (NDIS), developed by Microsoft |
The driver interface you use is determined by the network operating system you select. Windows NT networking products use NDIS rather than ODI. For most other network products, such as Novell NetWare, you will be using ODI. NDIS and ODI were created to allow multiple network drivers to be bound to multiple transports. This allows you to use both TCP/IP and IPX on a single network adapter or to use four network adapters all with the same TCP/IP stack.
The Place of Drivers in the OSI Model
Network adapter cards and drivers provide the services corresponding to the data link layer in OSI model. In the IEEE model, the data link is split into the Logical Link Control (LLC) sublayer, which corresponds to the software drivers and the Media Access Control (MAC) sublayer, which corresponds to the network adapter.
Installing and Configuring Drivers
Device drivers usually come on a disk with the device. Many common device drivers are included with the operating system software, and some-times device drivers are made available for download from a service, such as the Microsoft Network or CompuServe, or from the Internet. The driver must match both the network adapter and the computer’s operating system. For instance, the same driver for a network interface card cannot be used in both Windows 95 and Windows NT Workstation. It is common for manufacturers to ship several drivers on a disk with the network interface card; it is up to you when you install the card to select the right driver for your operating system.
Make sure when you select a network interface card that there is a driver for the operating system you will use. You can check the Hardware Compatibility List (HCL) for your operating system (the HCL should come with the operating system documentation, but you can also get it by contacting the operating system vendor) or examine the vendor’s product information to determine which operating systems a card will support.
Most drivers come with a setup program that helps the network administrator install the driver on the computer. To install and configure or remove driver software, you must be familiar with the installation and configuration process in the operating system. This process is different for each operating system and is explained in the documentation for that operating system. Many network interface cards also explain how to install the card in the context of each of the operating systems that card supports. The network driver software must be configured to match the settings used to configure the network adapter card. If the adapter card is configured to use interrupt 5, for example, and the driver is expecting interrupt 3, the computer
will not be able to communicate with the network card and will therefore be isolated from the rest of the network.
Network Protocols
As discussed in previous sections, protocols are the agreed-upon ways in which computers exchange information. Computers need to communicate at many levels and in many different ways, so there are many corresponding network protocols.
Select the appropriate network and transport protocol or protocols for various token-ring and Ethernet networks. Protocol choices include:
• DLC
• AppleTalk®
• IPX
• TCP/IP
• NFS
• SMB
There are protocols at various levels in the OSI model. In fact, it is the protocols at a level in the OSI model that provide the functionality of that level. Protocols that work together to provide a layer or layers of the OSI model are known as a protocol stack, or suite.
How Protocols Work
A protocol is a set of basic steps that both parties (or computers) must perform in the right order. For instance, for one computer to send a message to another computer, the first computer must perform the following steps. (This is a general example; the actual steps are much more detailed.)
1. Break the data into small sections called packets.
2. Add addressing information to the packets identifying the destination computer.
3. Deliver the data to the network card for transmission over the network.
The receiving computer must perform the same steps, but in reverse order:
1. Accept the data from the network adapter card.
2. Remove the transmitting information that was added by the transmitting computer.
3. Reassemble the packets of data into the original message.
Each computer needs to perform the same steps the same way so that the data will arrive and reassemble properly. If one computer uses a protocol with different steps or even the same steps with different parameters (such as different sequencing, timing, or error correction), the two computers will not be able to communicate with each other.
Network Packets
Networks primarily send and receive the small chunks of data called packets. Network protocols (which we discuss in the sections "Protocol Stacks" and "Standard Protocol Stacks" later in this chapter) at various
levels of the OSI model construct, modify, and disassemble packets as they move data down the sending stack, across the network, and back up the OSI stack of the receiving computer.
PACKET STRUCTURE Packets have the following components:
| A source address specifying the sending computer |
| A destination address |
| Instructions that tell the computer how to pass the data along |
| Reassembly information for when the packet is part of a longer message |
| The data to be transmitted to the remote computer |
| Error-checking information to ensure that the data arrives intact |
The components are combined into three sections:
| Header: A typical header includes an alert signal to indicate that the data is being transmitted, source and destination addresses, and clock information to synchronize the transmission. |
| Data: The actual data being sent. This can vary (depending on the network type) from 48 bytes to 4K. |
| Trailer: The contents of the trailer (or even the existence of a trailer) varies among network types, but it typically includes a Cyclic Redundancy Check (CRC). The CRC helps the network determine whether a packet has been damaged in transmission. |
A packet consists of a header, the data, and a trailer.
ASSEMBLING PACKETS Each layer of the OSI model adds some information to the packet. The information at each level is meant to be read by the OSI layer at the same level in the destination computer. For example, the network will read information added at the network layer of one computer layer of the next computer.
Information is added to packets as they descend through the OSI stack and read from them as they ascend the OSI stack in the destination computer.
Early LANs were seldom connected to one another, but after the mid-1980s businesses began to realize the benefits of connecting LANs together into larger networks. The process of moving information from one LAN to another over one or more paths between LANs is called routing. Protocols that support multi-path
LAN-to-LAN communication is called routable protocols. As more and more LANs are integrated into larger networks, it is becoming increasingly important that the protocols used to implement those LANs are routable.
Protocols that work together to provide a layer or layers of the OSI model are known as a protocol stack, or suite. Each layer handles a different part of the communications process and has its own rules and requirements. The higher in the stack a protocol resides, the more sophisticated the protocol must be.
LAYER DESCRIPTION
7. Application Provides services that directly support user applications
6. Presentation Translates data formats and adds encryption
5. Session Sets up and tears down connections, or sessions. Administers sessions
4. Transport Adds identifiers to processes and deals with error-handling information
3. Network Handles internetwork sequencing, addressing, and routing
2. Data link Adds error-checking information and organizes bits into frames
1. Physical Transmits and receives bits over the physical media
Many different protocol stacks can perform network functions, and many different types of network interface cards can be installed in a computer. A computer may have more than one card, and a computer may use more than one protocol stack.
The binding process is what links the protocol stack to the network device driver for the network interface adapter. Several protocols can be bound to the same card; for instance, both TCP/IP and IPX/SPX can be bound to the same Ethernet adapter. In addition, one computer with several interface adapters—for instance, a server that must be able to communicate with both a local area network and a network backbone—can have the same protocol bound to two or more network cards.
The binding process can be used throughout the OSI layers to link one protocol stack to another. The device driver (implementing the data link layer) is bound to the network interface card (implementing the physical layer). TCP/IP can be bound to the device driver, and the NetBIOS session layer can be bound
to TCP/IP.
There are two ways that communications between computers can be arranged: connectionless and connection oriented.
Compare the implications of using connection-oriented communications with connectionless communications.
Connectionless systems optimistically assume that all data will get through, so there’s no protocol overhead for guaranteed delivery or sequential packet ordering. This makes them fast. User Datagram Protocol (UDP/IP) is an example of a connectionless Internet transport protocol. Connection oriented systems pessimistically presume that some data will be lost or disordered in most transmissions. Connection oriented protocols guarantee that transmitted data will reach its destination in sequential order by retaining the data and negotiating for retransmission until sequential data can be handed to higher level protocols. This means that any application can rely upon a connection oriented transport to reliably deliver data as it was transmitted. Transmission Control Protocol (TCP/IP) is an example of a connection oriented Internet protocol.
Connectionless systems, on the other hand, simply transmit data and assume that it reaches its destination. While this normally works in a local area network environment, it breaks down quickly in a large area networks where packets can be dropped due to line noise or router congestion. All is not lost for connectionless transports, however, since higher-level protocols will know what data has not reached its destination after some time and request retransmission.
Connectionless systems also do not return data in sequential order necessarily, so the higher-level protocol must sort out the data packets. For local area systems where data isn’t likely to be dropped, it makes sense to push serialization and guaranteed delivery up to higher level protocols that are less efficient, since it won’t be used often anyway. But in wide area networks like the Internet, it would simply take too much time for higher-level protocols to sort out what data had been sent and what was missing, so the transport protocol simply takes measures that guarantee that all data gets through in order.
Several standard protocol stacks are commonly used in networks today:
| The ISO/OSI protocol suite |
| IBM Systems Network Architecture (SNA) |
| Digital DECnet |
| Novell NetWare |
| Apple AppleTalk |
| The Internet protocol suite, TCP/IP Protocols within the stacks exist at all levels of the seven-layer OSI model, but they may be divided roughly into three types: |
| Application protocols provide for application-to-application interaction and data exchange. |
| Transport protocols establish the communications sessions between computers. |
| Network protocols handle issues such as routing and addressing information, error checking, and retransmission requests. |
Protocols within the OSI stack can be broken into three groups.
Microsoft-Supplied Network Protocols
Microsoft networking products come with three network transports, each intended for networks of different sizes with different requirements. They are
| NetBEUI |
| NWLink |
| TCP/IP |
Each network transport has different strengths and weaknesses. In general, NetBEUI is intended for small, single-server networks. NWLink is intended for medium-sized networks (in a single facility, perhaps) or for networks that require access to Novell NetWare file servers. TCP/IP is a complex transport sufficient for globe-spanning networks such as the Internet. These protocols are covered in detail in the following sections.
NetBEUI stands for NetBIOS Extended User Interface. (NetBIOS stands for Network Basic Input/Output System.) NetBEUI implements the NetBIOS Frame (NBF) transport protocol, which was developed by IBM in the mid 1980s to support LAN workgroups under OS/2 and LAN Manager.
When IBM developed NetBEUI, they did not target networked PCs for enterprise-wide connectivity. Rather, NetBEUI was developed for workgroups of 2 to 200 computers. NetBEUI cannot be routed between networks, so it is constrained to small local area networks consisting of Microsoft and IBM clients and servers. NetBEUI 3.0 is the Microsoft update of IBM’s NetBEUI protocol, included with
Windows NT. NetBEUI has a number of advantages, including:
| High speed on small networks |
| Ability to handle more than 254 sessions (a limitation of earlier versions) |
| Better performance over slow serial links than previous versions |
| Ease of implementation |
| Self-tuning features |
| Good error protection |
| Small memory overhead |
NetBEUI can be thought of as the sports car of transport protocols. You can’t rely on it for long trips (routing), but it’s faster than any other TDI-compliant transport protocol for small networks that do not need to take advantage of routing to other networks. NetBEUI has these disadvantages:
| It cannot be routed between networks. |
| There are few tools for NetBEUI such as protocol analyzers. |
| It offers very little cross-platform support. |
The disadvantages of NetBEUI are similar to those of a sports car. It’s not suitable for long trips because it can’t be routed. Because it’s not widely used, there is, outside the realm of Microsoft operating systems, very little software available to help you analyze NetBEUI problems.
NWLink is Microsoft’s implementation of Novell’s IPX/SPX protocol stack, used in Novell NetWare. IPX is an outgrowth of the XNS protocol stack developed by Xerox in the late 1970s.
NWLink is IPX for Windows NT. IPX is the protocol; NWLink is the networking component that provides the protocol.
IPX is included with Microsoft Windows NT primarily to support inter-connection to Novell NetWare servers. Microsoft clients and servers can then be added to existing network installations, over time, easing the migration between platforms and obviating the need for a complete cut-over from one networking standard to another. NWLink does not by itself allow file and print sharing to and from Net-Ware
clients or servers. Those functions are performed by the Client Services for NetWare (CSNW) redirector that also comes with Windows NT. NWLink also includes enhancements to Novell’s version of the NetBIOS programming interface. NWLink will allow Windows NT to act as either the client or server in Novell IPX/NetBIOS client-server applications.
The advantages of NWLink include the following:
| Ease of setup |
| Support for routing between networks |
| Speeds greater than the current Windows NT implementation of TCP/IP |
| Ease of connection to installed NetWare servers and clients |
Think of NWLink as the sedan of network protocols. NWLink provides a reasonable middle ground between the simple, non-routable NetBEUI transport protocol and the complex, routable TCP/IP protocol. Like NetBEUI, IPX has many self-tuning characteristics, and it does not require much administrative
burden to set up. The disadvantages of NWLink include the following:
| Lack of an effective centralized network numbering agency stymies interconnection between independent organizations |
| Slower than NetBEUI over slow serial connections |
| Doesn’t support standard network management protocols |
Truly large networks (networks that connect many organizations) may find it difficult to work over IPX because there is no effective central IPX addressing scheme to ensure that two networks don’t use the same address numbers, as there is with TCP/IP. IPX does not support the wide range of network management tools available for TCP/IP.
TCP/IP is the Transmission Control Protocol and the Internet Protocol, as well as a suite of related protocols developed by the Department of Defense’s Advanced Projects Research Agency (ARPA; later DARPA) under its project on network interconnection, started in 1969. TCP/IP is by far the most widely used protocol for interconnecting computers, and it is the protocol of the Internet. ARPA originally created TCP/IP to connect military networks together, but it provided the protocol standards to government agencies and universities free of charge. Universities quickly adopted the protocol to interconnect their networks. Many academicians collaborated to create higher-level protocols for every-thing from news groups, mail transfer, file transfer, printing, remote booting, and even document browsing.
TCP/IP became the standard for interoperating Unix computers, especially in military and university environments. With the development of the Hyper-text Transfer Protocol (HTTP) for sharing Hypertext Markup Language (HTML) documents freely on the large global network that interconnected universities and government agencies, the World Wide Web (WWW) was born, and Internet use exploded into the private sector. TCP/IP rode this wave of expansion to quickly eclipse IPX as the commercial protocol of choice among all network operating systems.
To support NetBIOS over TCP/IP, Microsoft has included NetBT (Net-BIOS over TCP/IP) in accordance with Internet Protocol Request for Comments (RFC) 1001 and 1002.
TCP/IP protocol definitions are called Requests for Comments (RFC). They are freely available on the World Wide Web.
The advantages of TCP/IP include the following:
| Broad connectivity among all types of computers and servers |
| Direct access to the global Internet |
| Strong support for routing |
| Simple Network Management Protocol support (SNMP) |
| Support for Dynamic Host Configuration Protocol (DHCP) to dynamically assign client IP addresses |
| Support for the Windows Internet Name Service (WINS) to allow name browsing among Microsoft clients and servers |
| Support for most other Internet protocols, such as Post Office Protocol, Hypertext Transfer Protocol, and any other protocol acronym ending in P |
| Centralized TCP/IP domain assignment, which allows internetworking between organizations |
If you have a network that spans more than one metropolitan area, you will probably need to use TCP/IP. Think of TCP/IP as the truck of transport protocols. It’s not fast or easy to use, but it is routable over wide, complex networks and provides more error correction than any other protocol. TCP/IP is supported on every modern computer and operating system. Like a truck, TCP/IP has some disadvantages:
| Centralized TCP/IP domain assignment, which requires registration effort and cost |
| Global expansion of the Internet, which has seriously limited availability of unique domain numbers. A new version of IP will be able to correct this problem when it is implemented. |
| Difficulty of setup |
| Relatively high overhead to support seamless connectivity and routing |
| Slower speed than IPX and NetBEUI |
TCP/IP is the slowest of all the protocols included with Windows NT. It is also relatively difficult to administer correctly, although new tools, such as DHCP, make it a little easier. Sometimes it seems that every computer company in the history of computers has created a protocol or two. Many of these protocols are no longer in widespread use, or they only apply to a certain brand of mini or mainframe computers. Some protocols, like those described in previous sections, have attained widespread use.
Other protocols you may encounter as you connect computers in your network to other computing systems are:
| DLC: IBM uses this protocol to link computers together in its SNA mainframe networks. You may need to use this protocol if you must connect your PCs to IBM equipment that does not support a more |
common network protocol such as TCP/IP.
| SMB: Server Message Block is a protocol that can be used to share resources such as files and devices. NetBIOS is based on the SMB format. Windows NT uses SMB, as do a number of other products. Samba, for example, is a product that uses SMB to enable UNIX and Windows machines to share directories and files. |
| X Windows: This is the networked windowing protocol of most UNIX workstations. You may need to use this protocol if you will be connecting desktop computers running client programs to server programs running on UNIX workstations. |
| X.25: This protocol is commonly used in wide area communications with multiple communicating devices. TCP/IP has grown much more popular as a wide area networking standard, but you may need to interface to equipment or networks that use this simpler protocol. |
| NFS: Many UNIX computers use NFS (Network File System) to share file storage over a TCP/IP network. You may need to use the NFS protocol if you are using a UNIX workstation as a file server or if you need to give your UNIX workstations access to your PC-based file server. |
| SMTP: This is the mail protocol of the Internet. If you are integrating your LAN e-mail system with the Internet, you will most likely interface with the Simple Mail Transport Protocol. |
| SNMP: The Simple Network Management Protocol is widely used to control network communications devices using TCP/IP. Most network analyzer software can interface to SNMP, and an SNMP monitor is a very useful tool in a network of more than moderate complexity. |
The IEEE protocols that map to the physical layer are
| 802.3 (Ethernet) |
| 802.4 (Token Passing Bus) |
| 802.5 (Token Ring) |
The Ethernet protocol implements a logical bus network that can transmit at 10Mbps. Every computer receives the information, but only the intended destination acknowledges the transmission. Ethernet uses CSMA/CD to share the network media.
The Token Passing Bus protocol implements a bus network where each computer receives the information, but only the addressed computer responds. This protocol uses token passing to determine which computer may transmit at any one moment.
Token Ring is a logical ring network that looks like a star network because the ring is actually formed inside a central hub. Token Ring devices can transmit at 4- or 16Mbps, and token passing is used to determine who may transmit at any one moment.
TCP/IP IS THE name given to a collection (or suite) of protocols developed in conjunction with the Internet. The predecessor to today’s Internet was the ARPANET (Advanced Research Projects Agency
Network), which was developed by the United States Department of Defense Advanced Research Projects Agency, or DARPA. In 1984, the ARPANET was split into two separate networks, ARPANET and MILNET (Military Net-work).
MILNET was for unclassified military traffic and the ARPANET, or the ARPA Internet, was designated for nonmilitary communication and research. Universities and corporations evolved beyond just using the network for research, using the Internet for everyday communications. As the Internet has become more popular, the TCP/IP protocol suite has also gained popularity. Microsoft provides full TCP/IP protocol stack support through core proto-cols, programming interfaces, connectivity utilities, and diagnostic utilities.
TCP and IP are only two of the protocols developed in the early seventies to tie the Internet together. The TCP/IP protocol suite is actually made up of many protocols that together are referred to as the TCP/IP protocol suite. NT supports many of these protocols including TCP, IP, Address Resolution Protocol (ARP), Internet Control Message Protocol (ICMP), and User Datagram Protocol (UDP).
In order to understand how these protocols work, it helps to have a simple understanding of the Open Systems Interconnection (OSI) model to which these protocols can be mapped. The OSI model is a conceptual model consisting of seven layers. Each layer is responsible for managing different portions of a network’s task.
LAYER DESCRIPTION
7. Application Provides services that directly support user applications
6. Presentation Translates data formats and adds encryption
5. Session Sets up and tears down connections, or sessions. Administers sessions
4. Transport Adds identifiers to processes and deals with error-handling information
3. Network Handles internetwork sequencing, addressing, and routing
2. Data link Adds error-checking information and organizes bits into frames
1. Physical Transmits and receives bits over the physical media
At the Transport layer of the OSI model, programmers can specify either TCP or UDP. TCP is used for connection-oriented, reliable network service. UDP provides connectionless datagram service and provides no built-in reliability. When developing a TCP/IP based application, the choice to use TCP or UDP is determined by two main factors. The factors that are used in protocol selection are reliability and speed. If reliability is more important—for example, in domain logons—then programmers will use TCP. If speed and performance are more important—for example, in domain broadcasts—then they will use UDP with its minimal overhead.
IP is the Network layer protocol that is used to route packets across an internet-work. IP works by determining the source and destination network addresses. If the destination address is not on the same network segment as the source address, IP routes the packet on a best-try delivery system. If your packet requires reliable service, IP should be used in conjunction with TCP.
A common analogy for TCP and IP is that TCP provides connection-oriented services like a telephone connection and IP provides connectionless services like the post office.
The ARP protocol works by mapping the IP address, which is a logical, software address, to the Media Access Control (MAC) address, which is the physical address on a network interface card (NIC).
ICMP is used to detect errors in IP transmissions. As previously noted the IP protocol is connectionless and is like mail delivery. If an IP packet encounters a problem—for instance, if its destination is unreachable, or if the packet has timed-out—ICMP is used to provide the sender with some form of error message. ICMP is also used by a popular TCP/IP utility called PING (which stands for Packet InterNet Groper). PING is usually used to test an IP address to make sure it is working.
The Microsoft TCP/IP protocol suite can use two different network application-programming interfaces (API), Windows Sockets and NetBIOS (Network Basic Input Output System), to access the Transport layer. Windows Sockets is the more traditional programming interface; it is a two-way interface, used to transport incoming and outgoing application data. By implementing Windows Sockets, you are able to use dynamic-link libraries to bind and run applications and to run transport services at the same time. Connectivity over the Sockets interface is established using an IP address or an optional name called a Host name. TCP/IP utilities like FTP and Telnet use Windows Sockets. FTP and Telnet are covered in the next subsection. NetBIOS is an API that is used by application programs. The function of NetBIOS is to provide a uniform set of commands to application programs in order to provide lower-level services with transmission services.
In NT, all resources on the network are identified by a NetBIOS name. NetBIOS names can be up to 15 characters long. A computer’s NetBIOS name is registered each time the computer starts, services start, or a user logs on.
Don’t confuse Host names with NetBIOS names. Host names are a convenient substitute for tedious numeric addresses but are not required for connecting sockets-based applications.
NetBIOS names are mandatory unique names used for most Microsoft network functions. By default, NT uses the NetBIOS name as the Host name.
The TCP/IP connectivity utilities that are supported by NT are finger, ftp, lpr, rcp, rexec, rsh, telnet, and tftp. The purpose of these utilities is to allow NT users to access resources on non-Microsoft hosts, like UNIX. These utilities are only available if the TCP/IP protocol stack has been installed.
T C P /I P CONNECTIVITY UTILITY DESCRIPTION
finger Allows you to retrieve information from a remote computer.
ftp File Transfer Protocol. This is one of the most widely used TCP/IP utilities. FTP uses TCP to provide connection-oriented file transfer capabilities.
lpr Line Printer. Used to print to a computer running the Line Printer Daemon (LPD) service.
Rcp Remote Copy Program. Used to copy files between an NTcomputer and a UNIX computer running the Remote Shell Daemon (RSHD).
rexec Remote Execution. Used to execute commands on a remote computer.
rsh Remote Shell. Invokes a command interpreter on a remote UNIX host.
telnet Used to provide remote terminal service, or terminal emulation.
tftp Trivial File Transfer Protocol. This is similar to FTP in that it provides file transfer capabilities. However, while FTP is connection oriented, TFTP is connectionless and uses the UDP transport protocol.
TCP/IP Diagnostic Utilities
In addition to the TCP/IP connectivity utilities, you also get the TCP/IP diagnostic utilities when you install the TCP/IP protocol. These utilities include
arp, hostname, ipconfig, lpq, nbtstat, netstat, ping, route, and
tracert. These utilities can be used to troubleshoot TCP/IP problems.
T C P /I P DIAGNOSTIC UTILITY DESCRIPTION
arp Address Resolution Protocol. ARP displays the results of the ARP protocol’s work which is an IP address mapped to the MAC node address.
hostname Displays the current computer’s host name.
ipconfig Displays the computer’s current IP configuration.
lpq Shows the status of a print queue on a computer running the LPD service.
nbtstat NBT is NetBIOS over TCP/IP. NBTSTAT shows NBT statistics.
netstat Used to show current TCP/IP status and statistics.
ping Packet Internet Groper. PING is used to test Used to test and verify network connections.
route Displays current local routing tables.
tracert Traces routes used by TCP/IP by using ICMP packets.
At the Internet layer, IP uses a numeric address to deliver data to its intended destination. Every device, or host, on a TCP/IP network must be given an IP address that contains the network number on which the host resides, and the unique number assigned to that host on that network. The binary number is composed of 32 ones and zeroes, for example:
10000011 01101011 00000010 11001000
For ease of use, this number is usually divided into four groups of eight bits and converted to its base-10 decimal equivalent. The decimal equivalent is called dotted decimal notation, with four decimal numbers ranging from 0 to 255 separated by periods. For example, 131.107.2.200 would be the decimal equivalent of the above address.
10000011 01101011 00000010 11001000
131 107 2 200
In order to identify which part of the above address is the network number and which part is the host number, the IP address also requires a subnet mask, which is also a 32-bit binary number displayed in dotted decimal notation. Every time a one appears in the subnet mask it means that binary place is part of the network number. A zero means that number is part of the host address. A typical subnet mask for the above address might be
11111111 11111111 11111111 00000000
which would translate to 255.255.255.0. In this example, the first 24 places are all ones, which translates to 131.107.2, so this would be the network number. The last eight places are all zeroes, which translate to 200. 200 would be the host number on the network 131.107.2.0. (Zero in the last place means we don’t care what the host number is; all we are looking at is the network number.)
If you are not connecting to the public Internet, you can make up any addresses as long as all the hosts on the same physical network segment get the same network number and each host on that segment gets a unique host number. If you are connecting to the Internet, you will need to get a registered IP address from the InterNIC, the agency that governs IP addresses, or from an Internet Service Provider who has already obtained a block of addresses from the InterNIC. Usually just a few people at each organization are responsible for deciding what IP addresses and subnet masks to use. If you choose your addresses and subnet masks properly, neither will need to be changed for a long time.
You can contact InterNIC regarding IP addressing at: http://rs.internic.net/rs-internic.html.
| How can you fix it without spending any more money? |
You are evaluating a new connectionless protocol that works with Windows NT. The advertising brochure claims that the protocol is much faster than TCP/IP and that it can be used in almost every case where TCP/IP is used.
| Is the connectionless protocol likely to be faster than TCP/IP? |
| Under which circumstances will the connectionless protocol fail? |
You have just purchased a "packet sniffer" network troubleshooting device that can show you Ethernet frames and TCP/IP numbers. You notice that about 25 percent of all the Ethernet frames have the same "from" address. These frames contain TCP/IP packets that have the same IP "from" address.
| Which device is most likely to be transmitting these packets? |
Using your trusty packet sniffer, you notice that about 25 percent of all the Ethernet frames in your network have the same "from" address but that the TCP/IP packets contained in these Ethernet frames have many different IP "from" addresses.
| Which device is the most likely to be transmitting these packets? |
You are trying to attach an Ethernet network used by Marketing to a Token Ring net-work used in Engineering.
| Should you use a bridge or a router? Explain. |
You need to connect two Ethernet networks in a small office.
| Should you use a bridge or a router? Explain. |
You want to use both TCP/IP and IPX in your local area network because you have both Windows NT servers and Novell NetWare servers.
| Which device driver standard allows this on the Windows NT server? |
| Which device driver standard allows this on the Novell NetWare server? |
REAL WORLD PROBLEM
Your company wants to use data link layer encryption devices to send private data
over a public wide area network.
n What effect will this have on devices in other layers?
When troubleshooting your network with a packet sniffer, you find a device generating
spurious TCP/IP packets.
n Which devices are suspect?
When troubleshooting your network, you determine that some device is creating an
Ethernet broadcast storm.
| Which devices are suspect? |
You’ve heard that UDP/IP is a faster transport protocol than TCP/IP, and you want to use it on your network.
| Will your routers be able to handle UDP/IP traffic? |
You need to connect a building on the other side of your campus, but the distance involved is too far for twisted-pair or coaxial cable to work with Ethernet. You’d like to use optical fiber, but you don’t want to have to use FDDI or another fiber-specific protocol because the routers are too expensive.
| Can you use Ethernet over fiber-optic cable? If so, which layer would a device that converts Ethernet/twisted-pair to Ethernet/optical fiber operate in? |
You are currently using IPX as your transport protocol in a Windows NT network. You want to switch to TCP/IP to allow Internet access.
| What effect will this have on user applications and the way clients |