Computer Network IIIB

Table of Contents
ACKNOWLEDGEMENT ............................................................................................................. vi
CHAPTER ONE ............................................................................................................................. 2
1.0 Transmission control protocol/internet protocol TCP/IP ...................................................... 2
1.1 Transmission control protocol (TCP) ................................................................................... 7
1.2 User Datagram Protocol (UDP) ............................................................................................ 9
1.3 UDP Segment Format ......................................................................................................... 10
1.4 Port Numbers ...................................................................................................................... 10
1.5 Data Encapsulation ............................................................................................................. 16
1.6 De-encapsulation : .............................................................................................................. 18
1.7 Addressing .......................................................................................................................... 20
1.8 Physical Addresses.............................................................................................................. 21
1.9 Logical Addresses ............................................................................................................... 22
1.10 Port Addresses .................................................................................................................. 24
1.11 Addresses .......................................................................................................................... 26
1.12 Logical Addressing ........................................................................................................... 27
1.13 IPv4 ADDRESSES ........................................................................................................... 27
1.14 Classful Addressing .......................................................................................................... 28
1.15 Network Addresses: Special Purpose ............................................................................... 30
1.16 Application of classes of IP address ................................................................................ 31
1.17 Disadvantages of Classful addressing ............................................................................... 32
1.18 IP terminology .................................................................................................................. 32
1.19 Classless Addressing. ........................................................................................................ 35
1.20 Network Addresses ........................................................................................................... 37
1.21 Subnetting ......................................................................................................................... 38
1.22 Advantages of subnetting a network ................................................................................. 43
1.23 Types of subnetting technique .......................................................................................... 43
1.24 VLSM Design ................................................................................................................... 51
1.25 Introduction to Network Address Translation (NAT) ...................................................... 57
i
1.26 Advantages of NAT .......................................................................................................... 58

1.27 Disadvantages of NAT ...................................................................................................... 58
1.28 Types of Network address Translation ............................................................................. 58
1.29 How NAT WORKS .......................................................................................................... 59
1.30 IP Configuration................................................................................................................ 60
1.31 Router Configuration ........................................................................................................ 61
CHAPTER TWO .......................................................................................................................... 63
2.0 Routing basics ..................................................................................................................... 63
2.1 Static Routing...................................................................................................................... 64
2.2 Advantages of configuring routing table by static Routing ................................................ 64
2.3 Disadvantages of configuring routing table by static routing ............................................. 64
2.4 Creating routing table for each router By static Routing .................................................... 68
2.5 Dynamic Routing ................................................................................................................ 70
2.6 Classes Dynamic routing protocols .................................................................................... 70
2.7 Types of dynamic routing protocols ................................................................................... 71
2.8 Routing information protocol (RIP).................................................................................... 72
2.9 Configuring RIP Routing .................................................................................................... 72
2.10 Holding Down RIP Propagations...................................................................................... 79
2.11 RIP Version 2 (RIPv2) ...................................................................................................... 80
2.12 Interior Gateway Routing Protocol (IGRP) ...................................................................... 80
2.13 Advantages of IGRIP over RIP......................................................................................... 81
2.14 Configuring IGRP Routing ............................................................................................... 81
2.15 Open Shortest Path First (OSPF) Basics ........................................................................... 81
CHAPTER THREE ...................................................................................................................... 83
3.0 Routing and switching ........................................................................................................ 83
3.1 Layer 2 Switching ............................................................................................................... 83
3.2 Differences between HUB and Switch as layer 2 switching devices ................................. 83
3.3 What is Network Segmentation? ........................................................................................ 83
3.4 Advantages of Network Segmentation ............................................................................... 83
3.5 What is collision Domains? ................................................................................................ 84
3.6 Advantages of using layer 2 switching (Switches) ............................................................. 85
ii
3.7 Bridges versus switching .................................................................................................... 85

3.8 Three function of switches at layer 2 .................................................................................. 86
3.9 Disadvantages of loop in LAN network ............................................................................. 87
3.11 What is broadcast Domains? ............................................................................................. 89
Broadcast domain...................................................................................................................... 89
3.12 Before Layer 2 Switching ................................................................................................. 89
3.13 Disadvantages of network before layer 2 switching (Flat network) ................................. 90
3.14 Virtual Local Area Network (VLANs) ............................................................................ 91
3.15 Advantages of layer 2 switched network .......................................................................... 92
3.16 Disadvantages of a layer 2 switched network ................................................................... 92
3.17 How layer 2 switched networks can be solved? ............................................................... 92
3.18 Advantages of VLANS ..................................................................................................... 93
3.19 VLANs Membership ....................................................................................................... 94
3.20 Types of VLAN configuration .......................................................................................... 95
3.21 Routing between VLANs ................................................................................................ 95
3.22 Configuring VLANS ......................................................................................................... 96
3.23 VLAN Trunking Protocol (VTP) .................................................................................... 106
3.24 Advantages of VTP ......................................................................................................... 106
3.25 VTP modes of operation ................................................................................................. 107
3.26 Configuring VTP on VLANs ........................................................................................ 108
3.27 Virtual private Networks (VPN) ..................................................................................... 115
3.28 Traditional Connectivity before VPN ............................................................................. 115
3.29 What is VPN? ................................................................................................................. 115
3.30 Brief Overview of How it Works.................................................................................... 116
3.31 Four Critical Functions of VPN ...................................................................................... 116
3.31 Tunneling in VPN ........................................................................................................... 117
3.32 Types of VPN ................................................................................................................. 118
3.33 Advantages of using VPN compared to traditional WAN links ..................................... 119
CHAPTER FOUR ....................................................................................................................... 120
4.0 Internet Data Centrers (IDCs).......................................................................................... 120
4.1 Plain old telephone service (POTS) .................................................................................. 120
iii
4.2 Characteristics of PSTN/POTS ......................................................................................... 122

4.3 Limitation of POTS........................................................................................................... 122
4.4 Common Channel signaling Network (CCSN)................................................................. 122
4.5 Services that are supported by SS7 ................................................................................... 123
4.6 SS7 Architecture ............................................................................................................... 124
4.7 Types of SS7 signaling points: ......................................................................................... 124
4.8 Types of SS7 Signaling Links........................................................................................... 126
4.9 Advantages of Using SS7 ................................................................................................ 126
4.10 SS7 Transport and Higher Layers ................................................................................... 128
4.11 Commonly Used ISUP Signals ....................................................................................... 129
4.12 What is SCCP?................................................................................................................ 130
4.13 Service Functions of SCCP Network .............................................................................. 131
4.14 Intelligent networks (INs) .............................................................................................. 132
4.15 Components of an Intelligent Network (IN) ................................................................... 132
4.16 Structure of the IN .......................................................................................................... 133
4.17 Benefits of Intelligent Networks ..................................................................................... 134
4.18 Web Caching ................................................................................................................... 135
4.19 Types of Web Caches ..................................................................................................... 135
4.20 Benefits of Web caching and suitability for the deployment in the environment .......... 136
CHAPTER FIVE ........................................................................................................................ 137
5.0 Network Management ....................................................................................................... 137
5.1 Function of the Network management system.................................................................. 137
5.2 Simple network management protocol (SNMP) ............................................................... 140
5.3 SNMP protocol Concept ................................................................................................... 141
5.4 Internet Management Components ................................................................................... 142
5.5 Network and Internet security........................................................................................... 144
5.6 Computer Security ............................................................................................................ 145
5.7 Challenges of computer security....................................................................................... 146
5.8 Important terms to understand .......................................................................................... 147
5.9 Division of security problems ........................................................................................... 147
5.10 Classical encryption Techniques..................................................................................... 149
iv
5.11 Types of cryptosystems................................................................................................... 149

5.12 Characteristics of cryptographic systems........................................................................ 152
5.13 Caesar Cipher Encryption technique .............................................................................. 152
References ................................................................................................................................... 154
ACKNOWLEDGEMENT
I, Mr. Kifaru J. Malale, would like to thank God, my Almighty for giving me the power and
strength to prepare this Study guide. This study guide, is aimed for guiding students at NTA
Level 7 who pursue Advanced Diploma in Telecommunications, on how to go through in order
to cover their syllabus for Computer Network IIIB
Nevertheless, many thanks should go directly to all staff members (Both Academic and
Management Part), who truly, by one way or another advised me, in order to come up with a
good Study guide, that covers what is supposed under the syllabus
vi
This page is intentionally left blank
vii
CHAPTER ONE
1.0 Transmission control protocol/internet protocol TCP/IP
TCP/IP suite, was created by the department of defense to ensure and preserve data integrity, as
well as maintain communications in the event of catastrophic war
TCP/IP and the DoD model
DoD model is a condensed version of the OSI model. It is composed of only four instead of
seven layers
A.
B.
C.
D.
Process/ application layers

Hosts to hosts layers
Internet layers
Network Access layers
Figure bellows shows the comparison between, DoD model and the OSI model
Figure 1.1 : Comparison of DOD and OSI model

When talking about different protocols in the IP stack, The layer of the OSI model and
DoD model, are interchangeable. In other words, the internet layer and the network
layers, describe the same thing, as do the Hosts to hosts layer and the transport layer
The process/ application layers define the protocols for a node to node
applications/process and also control the user interface specifications
Hosts to Hosts layer defines protocols, for setting up the level of transmission service
for application, creating reliable end to end communication, ensuring error free delivery
of data
Internet layer protocols, defines protocols, related to the logical transmission of packets
over the entire network, routing of packets among multiple networks
Network access layer, defines protocols that monitor the exchange of data between hosts
and network, it oversees hardware addressing, defines protocols for physical transmission
of data
Figure bellows, shows the TCP/IP protocols suite, together with how its protocols, are
related to the DoD layers model
Figure 1.2 : TCP/IP protocol suite stack

A. PROCESS/APPLICATION layers protocols
This is top most DoD layer model which corresponds to the top three layers models in the
OSI layer model. It includes Application layer, presentation layer and session layer. In
this section, different protocols and applications will be covered in details. This include,
TELNET, FTP, TFTP, NFS, SMTP, LPD, X WINDOW, SNMP, DNS, DHCP/BootP
TELNET (telephone network)
This protocol is specialized in terminal emulation. It allows a user on a remote client
machine called telnet client, to access the resources of another machine (telnet server).
Through this protocols, a telnet client will appear as though is being connected directly to
the local network of the telnet server.
This projection is actually a software image (a virtual terminal that can interact with the
chosen remote host)
These emulated terminals are of text mode type and can execute refined procedures, like
displaying menus that gives users the opportunity to choose option from them and aces
application of the telnet server
3
Examples of situations where this application protocols helps is, when accessing website,
logging into website of the college/ triumphant while seated home
FTP (File Transfer Protocols)
Is the protocol that helps us to transfer files between two machines, allows access to files
and directories (browsing of files) .But FTP isnt only a protocols, but also is a programs
or an applications that operates as a protocols. FTP can team up with TELNET to
transparently log you into the FTP server and therefore provides for the transfer of files
between those servers and your remote machines. In this case users must be subjected to
an authentication login, which is probably secured with password and user names
implemented by the system administrators to restrict access
As programs, its employed by users, to perform task manually (By hand),
TFTP (trivial file transfer protocols)
This is a compact little protocol that allows only file transfer and receiving between client
machine and server machines. It is different from FTP protocols, in the sense that it cant
provide more functions like FTP protocols, such as browsing of files capability, there is
no authentication when using these protocols, and therefore it is insecure. Few websites,
supports it because of its inherently insecurity
Other disadvantages of TFTP over FTP, is that TFTP can send smaller blocks of files
compared to FTP
NFS (Network File system)

This protocol is specialized in file sharing. It allows two different types of file system to
inter-operate. Examples, two users NT server, and Unix Client host, have different file
system, NT-file system and UNIX file system respectively. Besides that these two users
have different file system, i.e. file name lengths , different case sensitivity, securities and
so on, both UNIX USER and NT USER are allowed to share files in normal way with the
help of this protocol
SMTP (Simple mail transfer protocol)

This protocol is used to send emails through internet. It uses the queued or spooled
method of mail delivery. Once a message is sent to a destination machine (server),
usually a disk. The server at the destination posts a vigil regularly checking this queue for
messages. When it detects them, it proceed t6o deliver them to their destination
POP3 ()
It is a protocol used to receive emails. It operates in the same way as the SMTP protocol
HTTP (Hypertext Transfer protocol)
Are the protocols, used to access data on the World Wide Web (www?). HTTP function
as a combination of both SMTP, and FTP
LPD (Line printer daemon protocol)
This is a protocol that is designed for printer sharing. LPD along with the LPR (Line
printer) program, allows prints jobs to be spooled/ queued and sent to the network
printers using TCP/IP
X WINDOW
This protocol is designed for client server operations. It defines protocols for writing
client/ servers applications, based on Graphical User interface (GUI) . the Idea is to allow
a program called a client to run on one computer and have it , displays things through a
window server on another computer
SNMP (Simple network management protocol)
This is a protocol, whose function is to collects and manipulates valuable network
information and quickly notifying manager, about any sudden turn of events. Thus, this
protocol can stand as the watch Dog Over the network
It gathers data by polling the devices on the network from management station at fixed or
random intervals, requiring them to disclose certain information. When all is well SNMP
receives baseline report delimiting the operational traits of a health network
DNS (Domain Name Service protocol)
This is a protocol, whose function is to resolve Domain name of hosts to their
corresponding IP address. It resolves specifically, internet names such as
www.triumphantcollege.com to their corresponding IP address. DNS was designed to
make our life easier.
Think about this, What would happen if you want to move your web page, to different
service provider. The Ip address would change, and no one would know what the new
one was. DNS, allows us to use a domain name to specify an IP address. You can change
5
the IP address as often as you want, no one will know the difference provided the domain
name is not changed
Shows an example of how a DNS client/server program can support an e-mail program to
find the IP address of an e-mail recipient.
Figure 1.3: DNS server

A user of an e-mail program may know the e-mail address of the recipient; however, the
IP protocol needs the IP address. The DNS client program sends a request to a DNS
server to map the e-mail address to the corresponding IP address
DHCP (Dynamic Host configuration protocol)
This is a protocol that helps to give IP address to Hosts automatically. It allows easier
administration, and works well in small to even large scale sized network
Apart from that, with DHCP protocols, there is a lot of information a DHCP server can
provide automatically to hosts, especially when a host is requesting an IP address from
DHCP server. This information includes
IP address
Subnet Mask
Domain Name
Default Gateway (Routers)
DNS
DHCP is a connectionless, which uses User Datagram protocol for communication with
the Hosts
BootP (Bootstrap protocol)

This is a protocol that helps to give IP address to hosts automatically. BootP is the same
as DHCP but differs in the fact that, Hardware address of each hosts must be entered
manually in BootP table, while DHCP, hardware address will be added automatically in
the DHCP table
B. Host to Host Layer protocol
This is the second from top most DoD layer model which corresponds to transport layers
models in the OSI layer model. The main purpose of this layer is to shield the upper layer
applications from complexities of the networks.
In this layers, there are two protocols used
Transmission control protocol (TCP protocol)
User data gram protocol (UDP protocol)
1.1 Transmission control protocol (TCP)
This protocols, helps to take large block of information from application layer, and breaks them
into small blocks of information called segments. This process is called SEGMENTATION
Next, it numbers and sequences each segments, so that the destinations TCP protocol can put the
segment back into the order of the application/process intended
After these segments are sent, TCP (in transmitting side), waits for acknowledgement of the
receiving TCP (in the receiving Side). If no acknowledgement is received with in certain time
period, depending on the design, the TCP on the transmitting side will resend the segments
BEFORE TRSANSMISSION
Senders TCP protocol contact the destination TCP protocol to establish connection (also known
as Virtual circuit). This type of connection is known as connection oriented
During this initial handshake, two TCPs also agree on the amount of information to be sent
before receiving acknowledgement
TCP is a full duplex, connection oriented, reliable and accurate protocols.
TCP SEGEMNT FORMAT
Figure 1.4: TCP Segment format

Function of each section in the TCP segment
Destination port The port number of the application requested on the destination host.
Sequence number Puts the data back in the correct order or retransmits missing or damaged
data, a process called sequencing.
Acknowledgment number defines which TCP octet is expected next.
Header length the number of 32-bit words in the TCP header. This indicates where the data
Begins. The TCP header (even one including options) is an integral number of 32 bits in length.
Reserved Always set to zero.
Code bits Control functions used to set up and terminate a session.
Window The window size the sender is willing to accept, in octets.
Checksum The cyclic redundancy check (CRC), because TCP doesnt trust the lower layers
and checks everything. The CRC checks the header and data fields.
Urgent A valid field only if the Urgent pointer in the code bits is set. If so, this value indicates
the offset from the current sequence number, in octets, where the first segment of non-urgent
data begins.
8
Options May be 0 or a multiple of 32 bits, if any. What this means is that no options have to be
present (option size of 0). However, if any options are used that do not cause the option field to
total
a multiple of 32 bits, padding of 0s must be used to make sure the data begins on a 32-bit
boundary.
Data Handed down to the TCP protocol at the Transport layer, which includes the upper layer
headers.
1.2 User Datagram Protocol (UDP)
This is one of the protocols, that can also delivers informations from source to destinations in
unreliably way. It does this job by utilizing far few network resources (Bandwidth), as TCP does
There is some situation, where it would be wiser for developers to use UDP, instead of TCP.
Examples,
When reliability issues have already been handled in Process/Application layer

NFS protocol also can happen that, it has been designed to handle reliability issues, so
making use of TCP becomes, impractical and redundant
But ultimately, it is up to the application developers who decide whether to use UDP or TCP and
not the user who wants to transfer data faster
Why UDP protocol is called UNRELIABLE Protocol compared to TCP protocol
UDP doesnt sequence the segments and doesnt care about in which order the segments
arrive at the destination
UDP doesnt allows for an acknowledgement of safe arrival of each segment
UDP doesnt create virtual circuit, nor doesnt contact the destination before delivering
information to it (Because of this, its also considered a connectionless protocol)
Note:
This doesnt mean that UDP is ineffective, only that it doesnt handle issues of reliability
as TCP does
TCP for reliability or UDP for faster transfers.
1.3 UDP Segment Format

Figure below, clearly illustrates UDPs markedly low overhead as compared to TCPs hungry
usage. Look at the figure carefullycan you see that UDP doesnt use windowing or provide for
acknowledgments in the UDP header
Its important for you to understand what each field in the UDP segment is. The UDP segment
contains the following fields:
Figure 1.5 : UDP segment structure

Source port: Port number of the application on the host sending the data.
Destination port: Port number of the application requested on the destination host.
Length: Length of UDP header and UDP data.
Checksum; Checksum of both the UDP header and UDP data fields.
Data: Upper-layer data.
1.4 Port Numbers
These port numbers identify the source and destination application or process in the TCP
segment.
TCP and UDP must use port numbers to communicate with the upper layers, because theyre
what keep track of different conversations crossing the network simultaneously.
10
Figure below, illustrates how both TCP and UDP use port numbers.
Figure 1.6: TCP and UDP use port numbers

Keys protocols that uses TCP, UDP with their corresponding commonly known port
Numbers
C. The Internet Layer Protocols

This is the third from top most DoD layer model which corresponds to Network layers
models in the OSI layer model. The main purpose of this layer is to provide a single
network interface to the upper-layer protocols (routing, and providing a single network
interface to the upper layers.)
Common protocols, used in this layer are as follows
Internet Protocol (IP)
Internet Control Message Protocol (ICMP)
Address Resolution Protocol (ARP)
Reverse Address Resolution Protocol (RARP)
Proxy ARP
11
Internet Protocol (IP)
This is protocol, whose function is to know, or be aware of all interconnected networks. It can do
this because all the machines on the network have software, or logical, address called an IP
address
IP protocols, looks at the packets destination address, then by using its routing table, then it
decides where a packet is to be sent next by choosing the best path
IP protocol, receives segments from the Host-to-Host layer and fragments them into datagrams
(Packets) if necessary
IP protocol in the router, looks at each packets address. Then, using a routing table, it decides
where a packet is to be sent next, choosing the best path.
Each router (layer 3 device) that receives a datagram makes routing decisions based on the
packets destination IP address.
IP protocol in the router then reassembles datagrams/ packets back into segments on the
receiving side
Figure below, shows an IP header. This will give you an idea of what the IP protocol has to
go through every time user data is sent from the upper layers and is to be sent to a remote
Network.
Figure 1.7 : IP datagram structure
12
Version: IP version number.

Header Length Header: length (HLEN) in 32-bit words.
ToS : with IP Precedence Bits Type of Service tells how the datagram should be handled. The
First 3 bits are the priority bits.
Total length: Length of the packet including header and data.
Identifier: Unique IP-packet value.
Flags: Specifies whether fragmentation should occur.
Frag offset Provides fragmentation and reassembly if the packet is too large to put in a frame.
It also allows different maximum transmission units (MTUs) on the Internet.
TTL The time to live (TTL) is set into a packet when it is originally generated. If it doesnt get
to where it wants to go before the TTL expires, boomits gone. This stops IP packets from
Continuously circling the network looking for a home.
Protocol Port of upper-layer protocol (TCP is port 6 or UDP is port 17 [hex]). Also supports
Network layer protocols.
Header checksum cyclic redundancy check (CRC) on header only.
Source IP address 32-bit IP address of sending station.
Destination IP address 32-bit IP address of the station this packet is destined for.
IP options Used for network testing, debugging, security, and more.
Data After the IP option field will be the upper-layer data.
Internet control Message protocol (ICMP)
This is also another protocol used at the internet layer for managing the network status in internet
Examples of these management functions, includes,
routes advertisement by the routers, (reporting IP address for the routers interface), All
hosts in the network listens to these advertisement from routers
Destination Unreachable If a router cant send an IP datagram any further; it uses ICMP
to send a message back to the sender, advising it of the situation. Examples check the
figure below, that shows the real situation
13
Figure 1.8: ICMP process

Buffer Full If a routers memory buffer for receiving incoming datagrams is full, it will
use ICMP to send out this message until the congestion abates.
Ping: Ping (Packet Internet Groper) uses ICMP echo messages to check the physical and
logical connectivity of machines on an internetwork.
Address Resolution Protocol (ARP)
This is also another protocol in the Internet layer, whose function is to

resolve/map/find/translates physical/MAC/NIC address of the host from a known IP address.
Here it works like this
When IP has a datagram to send, it must inform a Network Access protocol, such as Ethernet
or Token Ring, of the destinations hardware address on the local network. (It has already
been informed by upper-layer protocols of the destinations IP address.) If IP doesnt find the
destination hosts hardware address in the ARP cache, it uses ARP to find this information.
As IPs detective, ARP interrogates the local network by sending out a broadcast asking the
Machine with the specified IP address to reply with its hardware address. So basically, ARP
Translates the software (IP) address into a hardware address
Figure, bellows, shows how ARP protocol, operates in a local Network
14
Figure 1.9 : Address Resolution Protocol
Reverse address Resolution protocol (RARP)
This is also a protocol in the internet layers whose function is to resolve/find/map the
MAC/NIC/physical address of the diskless machine to its corresponding IP address.
Here is how it works
When an IP machine happens to be a diskless machine, it has no way of initially knowing its
IP address. But it does know its MAC address. Reverse Address Resolution Protocol (RARP)
Discovers the identity of the IP address for diskless machines by sending out a packet that
includes its MAC address and a request for the IP address assigned to that MAC address. A
designated machine, called a RARP server, responds with the answer, and the identity crisis is
over. RARP uses the information it does know about the machines MAC address to learn its IP
Address and complete the machines ID portrait.
Figure 1.10: Reverse address resolution protocol
15
Proxy Address Resolution Protocol (Proxy ARP)
This is also a protocol found in internet layer, whose function is to help hosts from one
subnet to send its packet to another remote subnet at the time when it happens that, the
default gateway configured in this host is down
One advantage of using Proxy ARP is that is can be added to a single router on a network
Without disturbing the routing tables of all the other routers that live there too
But theres a serious downside to using Proxy ARP. Using Proxy ARP will definitely
increase the amount of traffic on your network segment, and hosts will have a larger ARP
table than usual in order to handle all the IP-to-MAC address mappings
1.5 Data Encapsulation
Data Encapsulation is the process where data is wrapped with the protocol information, as it goes
down through each layer of the OSI model at the Sending side
Each layer in the OSI model, communicates with its peer layer on the receiving side by using
protocol Data units (PDU)
Protocol data Units (PDU) holds control information and they are attached to the data, at each
layer of the OSI model
They are usually attached at the header (In front of the data units), but can also be in the trailer.
This PDU information can only be read by the peer layer on the receiving device. After it is read,
the PDU is stripped off, and the data is handed to the next layer up. Figure below, shows PDUs,
and how they attach control information at each layer
Figure 1.11: Encapsulation process

Figure above, demonstrate how, user data form upper layer is being converted for
transmission on the network
16
At the TRANSPORT LAYER

The data streams, is the handed down to the transport layer, which set up virtual circuit to the
receiving device
Next this data stream is broken up into smaller pieces, and transport layer header, PDU is
appended to the header of the data field to form SEGMENT
This PDU contains information about the SOURCE and DESTINATION PORT ADDRESS
Each segment is sequenced, so data streams can be put back together on the receiving side
exactly as it was transmitted
At the NETWORK LAYER
Each segment is the handed down to the Network layer for network addressing and routing
through the internet. In this case, Logical addressing (IP addressing), is used to route each
segments to the correct destination network
Again the network layer protocol add/append a new Extra PDU or control information to
each segments to PACKETS/DATAGRAM
This PDU contains information about sources and destination IP ADDRESS
At the DATA LINK LAYER
Again, the data link add/append extra control information (PDU), to each packets to form
frames. This PDU added, contains Important information about Sources and destination
MAC/NIC/Physical address
Also it is the responsibility of the data link layer to place each frames on a physical medium
so that it can transported to the destination
The data link layer, encapsulates each packet in a frame, and the frames header carries
hardware address of the source and destination hosts
If the destination devices is on a remote network, then a frame is sent to the router to be
routed throughout and internetwork
At PHYSICAL LAYER
Physical layer is used to generated digital bits from frames bits, which can be read by the
device on the same local network
17
1.6 De-encapsulation :
is the opposite of the ENCAPSULATION, where the control information is removed from the
packet so that only, information/ data for the user remains
Data De-encapsulation, is usually done on the receiving side in the network
Summary of the data encapsulation at the transmitting device
Consider the figure below, so that to understand clearly the data encapsulation procedures
Figure 1.12: Encapsulation process
18
Before going further, consider the following explanation, in order to understand port numbers
Figure 1.13: Port numbers in virtual circuit
19
1.7 Addressing
Is the scheme is used in computer networks to locate specific destination in a networks
There are four levels of addresses that are used in an internet employing the TCP/IP protocols:
physical (link) addresses, logical (IP) addresses, port addresses, and specific addresses.
Consider the figure below
Figure 1.14 : Classification of addressing
Each address is related to a specific layer in the TCPIIP architecture, as shown in figure
below
Figure 1.15 : Classification of addresses basing on OSI layers
20
1.8 Physical Addresses

The physical address, also known as the link address, is the address of a node as defined
By its LAN or WAN. It is included in the frame used by the data link layer. It is the Lowest-level
address.
The physical addresses have authority over the network (LAN or WAN).The size
And format of these addresses vary depending on the network. For example, Ethernet
Uses a 6-byte (48-bit) physical address that is imprinted on the network interface card (NIC).
Consider the figure below
A node with physical address 10 sends a frame to a node with physical address 87. The two
nodes are connected by a link (bus topology LAN).
As the figure shows, the computer with physical addresses 10 is the sender, and the computer
with physical address 87 is the receiver. The data link layer at the sender receives data from an
upper layer. It encapsulates the data in a frame, adding a header and a trailer. The trailer usually
contains extra bits needed for error detection.
Figure 1.16 : communication with physical address

The header, among other pieces of information, carries the receiver and the sender physical (link)
addresses.
In a bus topology, the frame is propagated in both directions (left and right). The frame
propagated to the left dies when it reaches the end of the cable if the cable end is terminated
appropriately.
The frame propagated to the right is sent to every station on the network. Each station with a
physical addresses other than 87 drops the frame because the destination address in the frame
does not match its own physical address.
21
The intended destination computer, however, finds a match between the destination address in
the frame and its own physical address. The frame is checked, the header and trailer are dropped,
and the data part is de-encapsulated and delivered to the upper layer.
1.9 Logical Addresses
Logical addresses are necessary for routing packets through different networks interconnected
throughout world
Logical addresses are necessary for universal communications that are independent of
underlying physical networks. Physical addresses are not adequate in an internetwork
environment where different networks can have different address formats
A logical address in the Internet is currently a 32-bit address that can uniquely define a host
connected to the Internet. There are two versions of logical addresses
IP version 4 (IPV4) and IP version 6 (IPV6)
Consider the diagram below
It shows a part of an internet with two routers connecting three LANs. Each device (computer or
router) has a pair of addresses (logical and physical) for each connection.
In this case, each computer is connected to only one link and therefore has only one pair of
addresses. Each router, however, is connected to three networks (only two are shown in the
figure). So each router has three pairs of addresses, one for each connection.
22
Figure 1.17 : Communication with Logical addressing

The computer with logical address A and physical address 10 needs to send a packet to the
computer with logical address P and physical address 95. The sender encapsulates its data in a
packet at the network layer and adds two logical addresses (A and P).Note that in most
protocols, the logical source address comes before the logical destination address (contrary
to the order of physical addresses
The network layer, however, needs to find the physical address of the next hop before the packet
can be delivered. The network layer consults its routing table and finds the logical address of the
next hop (router I) to be F. The ARP discussed previously finds the physical address of router 1
that corresponds to the logical address of 20. Now the network layer passes this address to the
data link layer, which in tum encapsulates the packet with physical destination address 20 and
physical source address 10.
The frame is received by every device on LAN 1, but is discarded by all except router 1, which
finds that the destination physical address in the frame matches with its own physical address.
The router de-encapsulates the packet from the frame to read the logical destination address P.
23
Since the logical destination address does not match the router's logical address, the router knows
that the packet needs to be forwarded.
Router consults its routing table and ARP to find the physical destination address of the next hop
(router 2), creates a new frame, encapsulates the packet, and sends it to router 2.
Note the physical addresses in the frame. The source physical address changes from 10 to 99.
The destination physical address changes from 20 (router 1 physical address) to 33 (router 2
physical address). The logical source and destination addresses must remain the same; otherwise
the packet will be lost.
At router 2 we have a similar scenario. The physical addresses are changed, and a new frame is
sent to the destination computer. When the frame reaches the destination, the packet is deencapsulated
The destination logical address P matches the logical address of the computer. The data are deencapsulated from the packet and delivered to the upper layer.
1.10 Port Addresses
Is 16 bits in length address used for communication between source and destination processes
running in two Computers
The IP address and the physical address are necessary for a quantity of data to travel from a
source to the destination host. However, arrival at the destination host is not the final objective of
data communications on the Internet
Today, computers are devices that can run multiple processes at the same time. The end
objective of Internet communication is a process communicating with another process
For example, computer A can communicate with computer C by using TELNET. At the same
time, computer A communicates with computer B by using the File Transfer Protocol (FTP). For
these processes to receive data simultaneously, we need a method to label the different processes.
In other words, they need addresses. In the TCPI/IP architecture, the label assigned to a
process is called a port address.
Figure below, shows two computers communicating via the Internet. The sending computer is
running three processes at same time with port addresses a, b, and c. The receiving computer is
running two processes at same time with port addresses j and k.
24
Figure 1.18: Port address

Process a in the sending computer needs to communicate with process j in the receiving
computer. To show that data from process a need to be delivered to process j, and not k, the
transport layer encapsulates data from the application layer in a packet and adds two port
addresses (a and j), source and destination
The packet from the transport layer is then encapsulated in another packet at the network layer
with logical source and destination addresses (A and P). Finally, this packet is encapsulated in a
frame with the physical source and destination addresses of the next hop. We have not shown the
physical addresses because they change from hop to hop inside the cloud designated as the
Internet.
Note that although physical addresses change from hop to hop, logical and port addresses remain
the same from the source to destination.
25
1.11 Addresses
Some applications have user-friendly addresses that are designed for that specific address.
Examples include the e-mail address (for example, [email protected]) and the Universal
Resource Locator (URL) (for example, www.mhhe.com). The first defines the recipient of
an e-mail
26
1.12 Logical Addressing

Logical addressing is the communication at the network layer, and is the host-to-host (computerto-computer); a computer somewhere in the world needs to communicate with another computer
somewhere else in the world. Usually, computers communicate through the Internet. The packet
transmitted by the sending computer may pass through several LANs or WANs before reaching
the destination computer.
For this level of communication, we need a global addressing scheme; we called this logical
addressing. We use the term IP address to mean a logical address in the network layer of the
TCP/IP protocol suite.
The Internet addresses/Logical addresses/IP addresses are 32 bits in length; this gives us a
maximum of 232 addresses. These addresses are referred to as IPv4 (IP version 4) addresses or
simply IP addresses
1.13 IPv4 ADDRESSES
An IPv4 address is a 32-bit address that uniquely and universally defines the connection of a
device (for example, a computer or a router) to the Internet. IPv4 addresses are unique. They are
unique in the sense that each address defines one, and only one, connection to the Internet. Two
devices on the Internet can never have the same address at the same time
On the other hand, if a device operating at the network layer has m connections to the Internet, it
needs to have m addresses. We will see later that a router is such a device.
Notations
There are two prevalent notations to show an IPv4 address: binary notation and dotted decimal
notation.
Binary Notation
In binary notation, the IPv4 address is displayed as 32 bits. Each octet is often referred to as a
byte. So it is common to hear an IPv4 address referred to as a 32-bit address or a 4-byte address.
The following is an example of an IPv4 address in binary notation:
01110101 10010101 00011101 00000010
Dotted-Decimal Notation
To make the IPv4 address more compact and easier to read, Internet addresses are usually written
in decimal form with a decimal point (dot) separating the bytes. The following is the dotted
decimal notation of the above address:
117.149.29.2
27
1.14 Classful Addressing

This is IP addressing architecture, where the addresses are classified in terms of classes.
Although this scheme is becoming obsolete, we briefly discuss it here to show the rationale
behind classless addressing.
In Classful addressing scheme, the number of network bits, was fixed, Where by Class A has 8
bits for network, Class B has 16 bits for network part, and class C has 24 network bits
In Classful addressing, the address space is divided into five classes: A, B, C, D, and E. Each
class occupies some part of the address space.
We can find the class of an address when given the address in binary notation or dotted-decimal
notation. If the address is given in binary notation, the first few bits can immediately tell us the
class of the address.
If the address is given in decimal-dotted notation, the first byte defines the class.
Class A Addresses ranges
In a class A network address, the first byte is assigned to the network address, and the three
remaining bytes are used for host address. The class A format is as follows
Network. Host. Host. Host
The designers of the IP address scheme said that the first bit of the first byte in a Class A
network address must be reserved always be off, or 0. Consider first byte of the class A below
If we turn the other 7 bits all off and then turn them all on, well find the Class A range of
network addresses:
00000000 = 0
01111111 = 127
As the result number of class A networks that can be created is 128 given by 27 =128. This
means a Class A address must be between 0 and 127, inclusive.
So, a Class A network is defined in the first octet between 0 and 127
To complicate matters further, the network address of all 0s (00000000) is reserved to designate
the default route, and additionally the address 127 is reserved for diagnostics, cant be used
either, which means that you can really use the numbers 1-126 to designate class A network
addresses. This means that, the actual number of usable network address for class a is
28
N=27-2=126 addresses
Each class A addresses has 3 bytes (24 bits positions) for the host address of the machine. This
means that, there are total of different unique combinations of hosts addresses given by
N=224 =16,777,216 hosts addresses
But to find the maximum usable number of hosts address or valid hosts addresses, you must
subtract by 2
N=224-2=16,777,214 different hosts, because the hosts addresses with two patterns of either all
0s or of all 1s must be reserved for network address and broadcast address respectively
Class B addresses ranges
In a class B, the first two bytes are assigned to the network address and the remaining two bytes
are used for hosts addresses. The format is as follows
Network. Network. Host. Host
But the internet designers request for comments (RFCs), decided that all class B network
addresses should start with binary digit 1, and the second bit should be zero (0). This leaves 14
bit positions available to manipulate.
In reality we get total number of network address given by N=214 =16384 different unique
network addresses
If you turn the other 6 bits all off and then all on in the first byte, you will find the range for a
Class B network:
10000000=128
10111111=191
As you can see above, class B address range span form 128-191 in the first byte
A class B addresses uses 2 bytes for host address. To find total number of valid hosts for class B
N=216-2= 65,534 (we subtract 2 for the reserved patterns (all 0s for network address, all 1s for
broadcast))
Class C Address ranges
The first 3 bytes of a class C network address are dedicated to the network portion of the address,
with only 1 last byte remaining for host address. The format is as follows
Network. Network. Network. Host
29
But the internet designers request for comments (RFCs), decided that all class C network
addresses first three bits, should start with 110. The internet designers defined that the first 2
bits of the first octet as always turned ON, but the third bit can never be turned ON
The calculation is as follows: 3 bytes or 24 bits minus 3 reserved bits, leaves 21 bits position.
Therefore to find total different unique network address in class C, proceed as follows
N=221 = 2,097,152 different class C networks
Following the same process as the previous classes, convert from binary to decimal to find the
range. Heres the range for a Class C network:
11000000 = 192
11011111 = 223
So, if you see an IP address that starts at 192 and goes to 223, youll know it is a Class C IP
address.
Network Address Ranges: Classes D and E
The addresses between 224 and 255 are reserved for Class D and E networks.
Class D (224239)
is used for multicast addresses and
Class E (240255)
for scientific purposes, but Im not going
into these types of addresses in this book (and you dont need to know them).
1.15 Network Addresses: Special Purpose

Some IP addresses are reserved for special purposes, so network administrators cant ever assign
these addresses to nodes. Table below shows these IP addresses together with their function
30
Figure 1.19 : Special Ip addresses

CLASS Range
0-127
Bits for
Net
ID/Host
ID
8/24
B
C
128-191
192-223
16/16
24/8
Usable
Size/Networks Size/IP
NET ID bits
addresses
8-1=7
27-2=126
16-2=14
24-3=21
214-2=16384
2212=2097152
Hosts/network
(Valid IP
addresses)
224=16777216 2242=162787214
16
2 =65536
216-2=65534
28=256
28-2=254
1.16 Application of classes of IP address

Class A Addresses
31
Class A addresses were designed for large organizations with a large number of attached hosts or
routers.
Class B Addresses
Class B addresses was designed for midsize organizations with tens of thousands of attached
hosts or routers.
Class C addresses
Class C addresses were designed for small organizations with a small number of attached hosts
or routers.
1.17 Disadvantages of Classful addressing
One problem with Classful addressing is that each class is divided into a fixed number of blocks
with each block having a fixed size.
We can see the flaw in this design. A block in class A address is too large for almost any
organization. This means most of the addresses in class A were wasted and were not used.
A block in class B is also very large, probably too large for many of the organizations that
received a class B block
A block in class C is probably too small for many organizations.
Class D addresses were designed for multicasting as we will see in a later chapter. Each address
in this class is used to define one group of hosts on the Internet. The Internet authorities wrongly
predicted a need for 268,435,456 groups. This never happened and many addresses were wasted
here too.
And lastly, the class E addresses were reserved for future use; only a few were used, resulting in
another waste of addresses.
1.18 IP terminology
Netid and Hostid
32
In Classful addressing, an IP address in class A, B, or C is divided into netid and hostid. These
parts are of varying lengths, depending on the class of the address. Figure below, shows some
netid and hostid bytes.
In class A, one byte defines the netid and three bytes define the hostid. In class B, two bytes
define the netid and two bytes define the hostid. In class C, three bytes define the netid and one
byte defines the hostid.
Default Mask address
Is a 32 bit number made of contiguous 1s followed by contagious 0s. Mask address is being
used by computer to identify NET ID and HOST ID in a given IP address. The default masks
address for classes A, B, and C are shown in Table below. The concept does not apply to classes
D and E.
There are two main ways through which the default mask address can be presented as shown above in the
table, Dotted decimal notation and CIDR notation
CIDR-stands for classless interdomain Routing notation, and it tells us the number of 1s in the
given default masks address. This notation is also called slash notation or Classless Interdomain
Routing (CIDR) notation.
The notation is used in classless addressing, which we will discuss later. We introduce it here
because it can also be applied to Classful addressing
Subnetting
33
Is the process of borrowing bits from the HOST portion of the IP Address (HOST ID),
and reserve them to define the subnet address
Or it means, a process of dividing large network into smaller number of networks, called
subnets
Subnetting increases the number of 1s in the mask, as we will see later when we discuss
classless addressing.
Custom/ subnet mask Address

Is a 32 bit number made of contiguous 1s followed by contagious 0s obtained after
subnetting
Supernetting
Is the process where by several networks are combined to create a super network or a
supemet
The time came when most of the class A and class B addresses were depleted; however,
there was still a huge demand for midsize blocks. The size of a class C block with a
maximum number of 256 addresses did not satisfy the needs of most organizations
One solution was Supernetting.
In Supernetting, an organization can combine several class C blocks to create a larger
range of addresses.
An organization can apply for a set of class C blocks instead of just one. For example, an
organization that needs 1000 addresses can be granted four contiguous class C blocks.
The organization can then use these addresses to create one super network
Supernetting decreases the number of Is in the mask. For example, if an organization is
given four class C addresses, the mask changes from /24 to /22. We will see that classless
addressing eliminated the need for Supernetting
34
1.19 Classless Addressing.

This is addressing scheme that was discovered by allowing number of network bits to vary by
doing subnetting / borrowing bits from hosts part to network part of the IP address.
Using a Classful IP addressing format worked well when the Internet was relatively small. But as
the number of networks on the Internet grew, the limitations of Classful addresses became
apparent. The Class A address space contains only 125 usable networks in the range 0127
because networks 0 and 127 are reserved
To overcome address depletion and give more organizations access to the Internet,
classless addressing was designed and implemented. In this scheme, there are no
classes, but the addresses are still granted in blocks.
In classless addressing, when an entity, small or large, needs to be connected to the
Internet, it is granted a block (range) of addresses. The size of the block (the number of
addresses) varies based on the nature and size of the entity.
For example, a household may be given only two addresses; a large organization may be given
thousands of addresses. An ISP, as the Internet service provider, may be given thousands or
hundreds of thousands based on the number of customers it may serve.
Restriction To simplify the handling of addresses, the Internet authorities impose three
restrictions on classless address blocks:

1. The addresses in a block must be contiguous, one after another.
2. The number of addresses in a block must be a power of 2 (I, 2, 4, 8 ...).
3. The first address must be evenly divisible by the number of addresses.
Example, figure below shows a block of addresses, in both binary and dotted-decimal notation,
granted to a small business that needs 16 addresses.
We can see that the restrictions are applied to this block. The addresses are contiguous.
The number of addresses is a power of 2 (16 = 24 ), and the first address is divisible by 16.
35
A better way to define a block of addresses is to select any address in the block and the mask
address. As we discussed before, a mask is a 32-bit number in which the n leftmost bits are 1s
and the 32 n rightmost bits are 0s. However it is a convenient way to express mask address in
CIDR notation
To define the whole block of address given any IP address and Mask Address in CIDR
notation
The IP address and the CIDR notation completely define the whole block (the first address, the
last address, and the number of addresses).
First Address
The first address in the block can be found by setting the 32 - n rightmost bits in the binary
notation of the address to 0s.
Last Address
The last address in the block can be found by setting the 32 - n rightmost bits in the binary
notation of the address to 1s.
Number of Addresses
The number of addresses in the block is the difference between the last and first address. It can
easily be found using the formula 232-n, where n stands for number in CIDR notation
Example
A block of addresses is granted to a small organization. We know that one of the addresses is
205.16.37.39/28. What is the first address and Last address in the block?
Solution
To find first address in the block
The binary representation of the given address is 11001101 00010000 00100101 00100 I 11.
If we set 32 - 28 rightmost bits to 0, we get 11001101 000100000100101 0010000 or
205.16.37.32
36
To find Last address in the block

Solution
The binary representation of the given address is 11001101 000100000010010100100111. If we
set 32 - 28 rightmost bits to 1, we get 11001101 00010000 001001010010 1111 or 205.16.37.47.
The Last address will be 205.16.37.47.
To find the number of address
Solution
the value of n is 28, which means that number of addresses is 232-28=24 = 16.
1.20 Network Addresses
A network address serves as a unique identifier for a computer on a network. When set up
correctly, computers can determine the addresses of other computers on the network and use
these addresses to send messages to each other.
Network address is the first address form the list of IP address given to the Organization by the
ISP. When an organization is given a block of addresses, the organization is free to allocate the
addresses to the devices that need to be connected to the Internet. The first address in the class,
however, is normally (not always) treated as a special address. The first address is called the
network address and defines the organization network. It defines the organization itself to the
rest of the world
Network address is the one that is used by routers to direct the message sent to the organization
from the outside.
37
1.21 Subnetting
Is the process of borrowing bits from the HOST portion of the IP Address (HOST ID), and
reserve them to define the subnet address
Or it means, a process of dividing large network into smaller number of networks
Important terms to understand
Broadcast Address
Is the logical addressing (IP addressing) at which all devices connected to a network are able to
receive data gram or information
Subnets
These refers to small networks that obtained as the result of breaking down a large
network by subnetting
Number of subnets
Refers to the total number of smaller networks in a large network. It can be calculated
from the following formula
N=2S , where s stands for number of bits borrowed form hosts portion to Network Portion
Number of valid subnet is obtained by subtracting 2 form total subnets
N=2S -2
Subnet ID
This refers to IP address reserved for defining or identifying a particular subnet among
other subnets in a large network
Custom Mask address/ Subnet mask address

This refers 32 bit in length address made of contagious 1s followed by contagious 0s,
obtained after subnetting
If no bits is borrowed from HOST ID. The Mask address will be a default Mask Address
38
11111111
NET ID
8 bits
00000000
HOST ID
00000000
00000000
24 bits
Default mask address=
CIDR=/8
Decimal Notation 255.0.0.0

Assume 2 bits are borrowed from HOST PART to NET PART
11111111
11 000000 00000000 00000000
NET ID
HOST ID
10 bits
22 bits
Subnet Mask Address

CIDR notation /10
Number of subnetworks
s 2 bits
N 2s
N 22 4
Number of Hosts per subnetwork
N 222 2 4194302
To find The Network ID for each subnet (4 subnets)
Take 256(28)-192=64, then networks ID should have a fixed Block size of 64, starting with
0, keep adding until you reaches value of a subnet mask address i.e. 192
Sub-nets
Subnet ID
1
255.0.0.0
2
255.64.0.0
3
255.128.0.0
4
255.192.0.0
Assume 4 bits are borrowed from HOST PART to Network part
39
11111111
1111
0000
00000000
NET ID
HOST ID
12 bits
20 bits
00000000
Subnet Mask Address

CIDR notation /12
N 2s
s 4 bits
N 24 16
N 2h 2
N 220 2 1048574
To find Subnet ID for each 16 subnets
Take 256(28)-240=16, then keep adding 16 starting from 0 in the second octet until you reach
240
16.Subnets
SUBNET ID
1.
255.0.0.0
2.
255.16.0.0
3.
255.32.0.0
4.
255.48.0.0
5.
255.64.0.0
6.
255.80.0.0
40
15
255.224.0.0
16.
255.240.0.0
For Class B IP address default mask address 255.255.0.0

11111111 11111111
00000000
NET ID
HOST ID
16 bits
Default Mask Address
00000000
16 bits
CIDR Notation =/16

Decimal notation 255.255.0.0
Assume 1 bits is borrowed from the HOST PART to NET PART
11111111
11111111
NET ID
17 bits
Subnet Mask Address
0000000
00000000
HOST ID
15 bits
CIDR Notation /17

41
N 2s
s 1 bits
N 21 2
N 2h 2
N 215 2 32766
To find Subnet ID for each 2 subnets
Take 256-128=128, then keep adding 128 starting from 0 in the third octet until you reach 128
Subnets
1.
2.
Subnet ID
255.255.0.0
255.255.128.0
Block Size
Block size is the size of subnet including network address, hosts addresses and broadcast
address.
Block size can be calculated using formula below
Block size N=2h , where h represent number of host bit available in given address
Octet /byte
Refers to portion of the IP address that contains 8 bits, each bits can have decimal
equivalent, as shown in the following table, with the highest decimal number starting
form most significant bit (MSB), and the lowest decimal number to the least significant
bit (LSB)
Bit Position
Decimal equivalent
1st
2nd 3rd
bit
bit bit
128 64 32
4th 5th
bitt bit
16 8
6th
bit
4
7th
bit
2
8th
bit
1
42
Hosts bit
Refers to the number of bit reserved in a hosts part of an IP address. Maximum number of
host/computers according to the number of hosts bit, can be calculated as shown from the
following table
Number of host bits
(h)
2
3
4
5
6
And so on
Total number of Hosts 2h (include valid and invalid )

22 =4
23 =8
24 =16
25 =32
26 =64
And so on
Total Number of hosts per subnet
This refers to the total number of IP addresses to be assigned to in a given subnet. It can
calculated using the formula below
N=2h , where h stands for number of hosts bit in a given IP address
Number of valid host is obtained by also subtracting 2 from total number of host per subnet
N=2h - 2
1.22 Advantages of subnetting a network
Subnetting breaks large network in smaller networks and smaller networks are easier to
manage.
Subnetting reduces network traffic by reducing collision domains and broadcast
Domains, that overall improve performance.
Subnetting allows you to apply network security polices at the interconnection between
subnets.
Subnetting allows you to save money by reducing requirement for IP range.
1.23 Types of subnetting technique

Basically there are two main technique of subnetting
a) Traditional subnetting
This is subnetting procedures where all subnets are given constant or same subnet mask
address to use
43
It was the first technique to be used in subnetting procedures, but it had the disadvantages
of not providing efficient use of IP addresses. This was due to the fact that, same block
size of network address was allocated to all subnets regardless of the individual subnets
size
A critical issue when borrowing bits from the host ID to create the subnet ID is to accurately
determines the following information:
1. How many subnets are needed
2. How many bits must be borrowed from the host ID field for the new subnet ID field to
accommodate the required number of subnets
3. What is the largest number of hosts that will ever be on a given subnet
4. How many bits must be retained in the host ID field to accommodate the maximum
number of hosts needed
These considerations mandate that careful planning should be carried out before the subnetting
process is begun. It is obviously prudent to plan for future as well as for current needs. Once preplanning is complete, the actual subnetting process involves the following steps:
1.
2.
3.
4.
Determine how many subnets are needed

Determine the maximum number of hosts that will be on any given subnet
Determine how many bits to borrow from the host ID field for the subnet ID field
Determine how many bits must remain in the host ID field (and therefore cannot be
borrowed for the subnet ID)
5. Determine how many bits are in the original network ID and host ID fields
6. Check to ensure that the number of bits to be borrowed from the host ID does not
exceed the number of bits to be retained for the host ID (i.e., check that the subnetting
problem is solvable)
7. Set an optimal length for the subnet ID field, including room for future growth
8. Create a modified (custom) subnet mask for the network
9. Determine the valid subnet IDs for the network
10. Determine the valid ranges of IP addresses for each subnet on the network
SUBNETTING CLASS C
Suppose an ISP assigns a Class C network address of 193.200.35.0/24 to a triumphant
college. After meeting with relevant personnel. ISP realized that currently college, needs 2
subnets with each to have a maximum of 30 hosts.
1. As a telecom student, third year show step by step how you can construct LAN
networks, with proper IP Address schemes
2. Construct the packet tracer for the LANs Above
44
Steps 1:
Identify the class of the IP address
This is a class C, with 24 network bits, and 8 Hosts bits
Find the number of bits to be borrowed from host part (smalls) in order to have 2 subnets
using the following formula below
N 2s 2, N 2
2 2s 2
2s 4
2 s 22
s 2 bits
Step 2:
Find total number Host bits to remain in host part (small h), in order to have maximum of
30 hosts/subnet, using the following formula
N 2h 2, N 30
30 2h 2
2h 32
2 h 25
h 5 bits
But for class C, we have total of 8 bits, but s+h=2+5=7-bits, there is extra of 8-7=1 unused
bit, this unused bit should be added to the borrowed bitss, because in any organization is
more likely to run short of subnets rather than hosts on a subnet, therefore we allocate the
extra bit to s, incrementing s=2+1=3 borrowed bits
In this case the number of sub networks will change to
N 2s 2, s 3
N 23 2 8 2 6
But the number of hosts per sub networks will remain constant as before
45
N 2h 2, h 5 bits
N 25 2 30 hosts
Since we had three bits borrowed from the host part to network part, therefore the default
mask address change to custom mask address/subnet mask address as shown below in a table
Default Mask address

Custom Mask Address
Decimal notation
255.255.255.0
255.255.255.224
CIDR Notation
/24
/27
Step 3
Determine the block size and hence Subnet ID and Valid IP address for each of 6 Subnets
Block size=256-224=32, then keep adding 32 to the left most zero octet until you reaches 224
(customer mask address)
Or To find block size, use N=2h , where h represent number of host bit remained after borrowing
Original Network ID (not a valid subnet
address since subnet ID is all 0s)
Address for subnet 1
193.200.35.0
First Valid IP address
193.200.35.33
Last Valid IP address
193.200.35.62
Broadcast Address
193.200.35.63
193.200.35.64
First valid IP address
193.200.35.65
Last Valid IP Address
193.200.35.94
Broadcast Address
193.200.35.95
193.200.35.96
193.200.35.97
Last valid IP address
193.200.35.126
Broadcast IP address
193.200.35.127
193.200.35.128
193.200.35.32
46
193.200.35.129
Last valid IP address
193.200.35.158
193.200.35.159
193.200.35.160
First Valid IP address
193.200.35.161
Last Valid IP address
193.200.35.190
193.200.35.191
193.200.35.192
Valid first IP address
193.200.35.193
Valid Last IP address
193.200.35.222
193.200.35.223
Custom Subnet Mask (not a valid subnet

address since subnet ID is all 1s)
193.200.35.224
Step 4:
Draw the network above in a packet tracer, and simulate to see the network performance
In this case we are going to select use DHCP protocol; where by each subnets we will select
three Hosts only in order to save space
Figure 1.19 : Packet tracer diagram

47
CLI commands For router0

R1>en
R1#config t
R1(config)#interface fa 0/0
R1(config-if)#ip address 193.200.35.33 255.255.255.224
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#ip dhcp pool Subnet1
R1(dhcp-config)#network 193.200.35.32 255.255.255.224
R1(dhcp-config)#default-router 193.200.35.33
R1(dhcp-config)#exit
R1(config-if)#exit
R1(config)#ip dhcp pool Subnet2
R1(config)#interface serial 0/0/0
48
R1(config-if)#clock rate 64000

R1(config-if)#bandwidth 64
R1(config-if)#exit
R1(config)#exit
R1#exit
CLI commands for Router2

Router>en
Router#config t
Router(config)#hostname R2
R2(config)#interface serial 0/0/0
R2(config-if)#clock rate 64000
R2(config-if)#bandwidth 64
R2(config-if)#exit
R2(config-if)#exit
R2(config)#ip dhcp pool subnet4
49

R2(config-if)#exit
R2(config)#interface Eth 0/1/0
R2(config-if)#exit
R2(config)#exit
R2#exit
50
b) Variable length subnet mask (VLSM) subnetting

This is a new technique of subnetting large network into smaller number of networks by using
different mask address to each of the subnets obtained
It is more efficient method of subnetting compared to Traditional subnetting, whereby this
method provide efficient use of available IP addresses
VLSM is the current technique used to split large network into smaller networks according to
the Host requirements of each subnet
In order to use VLSM technique, it is a must to identify total number of subnets
These subnets will include all LANs and WANs Links in a given network
LANs include all network attached to a router through interface. The router interface usually is
called Fast Ethernet. There are two types of router fast Ethernet interface, shortened as fa 0/0,
and fa 0/1
WANs links, these are used to interconnect two routers so that they can communicate each
other. Two router can be made to communicate each other through WANs links attached to a
router through serial interface, different form fast Ethernet interface. In router, there are also two
types serial interface, shortened as s 0/0 and s 0/1
1.24 VLSM Design
Its time to jump into how to design and implement VLSM networks. First, lets take a look at a
Classful network, and then redesign the IP address scheme to work with VLSM. Check out
Example Use VLSM technique to subnet the following network topology, Use Network IP
address 192.168.10.0/24
Figure 1.20 : VLSM designing

51
From the Network above, it is required to be broken down into the following smaller subnets
Network A : 14 hosts
Network B : 30 Hosts
Network C ;20 Hosts
Network D : 6 hosts
For WAN link, each has maximum of two hosts
Network E: 2 hosts
Network F: 2 hosts
Network G: 2 Hosts
Network H ; 2 Hosts
Therefore we have total of 8 subnets, each with its own hosts requirement
When subnetting, start with subnet having largest number of hosts going down to subnet having
lower number of hosts
Given Network address 192.168.10.0/24
Start with Network B; 30 hosts
To accommodate 30 Hosts for network B
Find number of bits to be retained in the HOST ID is
N 2h 2, N 30 Hosts
30 2h 2
2h 32
2h 25 , h 5 bits
Then for class C, 8 bits-5-bits=3 extra bits, must be transferred to NET PART, making total of
24-bits+3-extra bits=27 network Bits
The Network Address for this network will be 192.168.10.0/27 or 192.168.10.0 255.255.255.224
Subnet Mask: 255.255.255.224
52
Network Address: 192.168.10.0

Valid address range: 192.168.10.1 to 192.168.10.30
Broadcast Address: 192.168.10.31
Next IP address 192.168.10.32/27
Network C: 20 Hosts
Find number of bits to be retained in the HOST ID, proceed as follows
N 2h 2, N 20 Hosts
20 2h 2
2h 22
22 cannot be exp ressed in power of 2, proceed below
Since 2h=22 hosts, is not in the table, take the next higher number from the table which is 2h=32
2h =25
H=5-host-bits to be retained in the Host part
This require 5 number of host bits to be retained In the hosts part, since from the beginning
number of hosts bit retained is still 5, no extra bits to be transferred to the NET part . Then we
will continue to use the next IP address without changing anything in this NETWORK C
The Network Address for this network C will be 192.168.10.32/27 or 192.168.10.32
255.255.255.224
Therefore valid Hosts will be N=2h -2=25-2=32-2=30 Valid Hosts
Custom Subnet Mask Address: 255.255.255.224
53
Network A : 14 hosts
N 2h 2, N 14 Hosts
14 2h 2
2h 16
2h 24 , h 4 bits
Therefore, 4 bits must be retained in the host part, therefore 5 bits-4 retained bits =1 extra bits,
to be transferred to NET PART, making total of 27-bits+1-extra bit=28 network Bits
The Network Address for this network will be 192.168.10.64/28 or 192.168.10.64

255.255.255.240
Subnet Mask/ custom subnet Mask address: 255.255.255.240
Network D : 6 Hosts
N 2h 2, N 6 Hosts
6 2h 2
2h 8
2h 23 , h 3 bits

255.255.255.248
54

Network E : 2 Hosts
N 2h 2, N 2 Hosts
2 2h 2
2h 4
2h 22 , h 2 bits
255.255.255.252
Network F : 2 Hosts
N 2h 2, N 2 Hosts
2 2h 2
2h 4
2h 22 , h 2 bits
Therefore, 2 bits must be retained in the host part, since the Host PART is having 2 Bits; there
are no extra bits to be transferred to the Net PART
55

255.255.255.252
Network G : 2 Hosts
N 2h 2, N 2 Hosts
2 2h 2
2h 4
2h 22 , h 2 bits
Therefore, 2 bits must be retained in the host part, since the Host PART is still having 2 Bits;
there are no extra bits to be transferred to the Net PART
255.255.255.252
Next IP address 192.168.10.100/30
56
Network G : 2 Hosts
N 2h 2, N 2 Hosts
2 2h 2
2h 4
2h 22 , h 2 bits
Therefore, 2 bits must be retained in the host part, since the Host PART is still having 2 Bits;
there are no extra bits to be transferred to the Net PART
255.255.255.252
1.25 Introduction to Network Address Translation (NAT)
This was the technique established to conserve Internet global address space by translating your
private inside network addresses to a global outside address.
In NAT terminology, the inside network is the set of networks that are subject to translation. The
outside network refers to all other addressesusually those located on the Internet
NAT operates on a Cisco routergenerally only connecting two networks togetherand

translates your private (inside local) addresses within the internal network, into public (inside
global) addresses before any packets are forwarded to another network. This functionality gives
you the option to configure NAT so that it will advertise only a single address for your entire
network to the outside world.
You typically use NAT on a border router. For illustration consider the diagram below, where
NAT should be applied on a corporate router
57
Figure 1.21 : NAT

1.26 Advantages of NAT
It conserve Internet global address space
it also increases network security by hiding internal IP addresses from external network
1.27 Disadvantages of NAT
NAT introduces delay in a router
1.28 Types of Network address Translation

Static NAT
Designed to allow one-to-one mapping between local and global addresses. This
flavor requires you to have one real Internet IP address for every host on your network.
Dynamic NAT
Designed to map an unregistered IP address to a registered IP address from out
of a pool of registered IP addresses. You dont have to statically configure your router to
map an inside to an outside address as in static NAT, but you do have to have enough real
IP addresses for everyone who wants to send packets to and from the Internet.
Overloading NAT
Overloading is a form of dynamic NAT that maps multiple unregistered IP addresses to a
single registered IP address (many-to-one) by using different ports. Therefore, its also
known as port address translation (PAT).
58
1.29 How NAT WORKS

Consider the following diagram
Figure 1.22 : NAT operation

In the figure above, the host 10.1.1.1 send an outbound packet to the border router configured
with NAT
The router identify the IP address as an inside Local IP address, destined for the outside network.
The router translated the IP address and documents the translation in the NAT table
The packets is sent to an outside interface with the new translated IP source address
The external hosts returns the packets to the destination hosts and the NAT router translates the
inside global IP address back to the inside local IP address using NAT table
59
1.30 IP Configuration
Is the process of assigning IP addresses to each computer in a network? Basically, there are two
ways of assigning IP addresses to a computer network
i.
Static IP configuration
Is the Type of IP configuration, where by an IT personnel is responsible to physically assign an

IP address to each hosts in a computer network. This is a method where an IP addresses is
assigned permanently to a computer, and doesnt change with time, and it is this reason, as to
why this method is called STATIC, because once an IP address is assigned to each computer, IP
address will not change, it will be permanent
ii.
Dynamic IP configuration
This is a type of IP configuration. Where IP addresses are dynamically assigned to each
host in a computer network using DHCP server. IT personnel is only required to create
Dynamic Host Configuration protocol (DHCP) server in a Router or DNS Server, where
a pool of IP addresses will be defined. Once a host wants to connect to an internet, it will
request an IP addresses from the server in a router or DNS server, depending on where
the server has been defined
Configuration of DHCP protocol server in a CISCO router
Consider the network address 192.160.120.0/24, being subnetted into two subnets. Each subnets
has the host requirements shown in figure below.
Figure 1.23: DHCP protocol server with cisco packet tracer
60
1.31 Router Configuration

Router>en
Router#config t
Router(config)#interface fa 0/0
Router(config-if)#ip address 192.160.120.1 255.255.255.224
Router(config-if)#no shutdown
Router(config-if)#exit
Configuring the DHCP server protocol on subnet1

Router(config)#ip dhcp pool subnet1
Router(dhcp-config)#network 192.160.120.0 255.255.255.224
Router(dhcp-config)#default-router 192.160.120.1
Router(dhcp-config)#ip dhcp excluded-address 192.160.120.2 192.160.120.6
Router(config)#exit
Router#
Router#config t
Router(config-if)#
61
Configuring the DHCP server protocol on subnet2

Router(config)#ip dhcp pool subnet2
Router(dhcp-config)#ip dhcp excluded-address 192.160.120.34 192.160.120.36
Router(config)#exit
Router#
Router con0 is now available
62
CHAPTER TWO
2.0 Routing basics
The term routing is used for taking a packet from one device and sending it through the network
to another device on a different remote network. Routers dont really care about hoststhey
only care about networks and the best path to each network.
The router learns about remote networks from neighbor routers or from an administrator. The
router then builds a routing table that describes how to find the remote networks. If a network is
directly connected, then the router already knows how to get to it. If a network isnt connected,
the router must learn how to get to the remote network in two ways:
i.
By using static routing

Meaning that someone must hand-type all network locations into the routing table.
If a change occurs in the network, the administrator is responsible for updating all
changes by hand into all routers.
ii.
By using dynamic routing

In dynamic routing, a protocol on one router communicates with the same protocol
running on neighbor routers. The routers then update each other about all the networks
they know about and place this information into the routing table.
If a change occurs in the network, the dynamic routing protocols automatically inform all
routers about the event.
Typically, in a large network, a combination of both dynamic and static routing is used.
Figure 2.1: Types of Routing configuration
63
2.1 Static Routing

Static routing occurs when you manually add routes in each routers routing table. There are pros
and cons to static routing, but thats true for all routing processes.
2.2 Advantages of configuring routing table by static Routing
i. There is no overhead on the router CPU, which means you could possibly buy a cheaper
router than if you were using dynamic routing.
ii. There is no bandwidth usage between routers, which means you could possibly save
money on WAN links.
iii.
It adds security, because the administrator can choose to allow routing access to certain
networks only.
2.3 Disadvantages of configuring routing table by static routing
i. The administrator must really understand the internetwork and how each router is
connected in order to configure routes correctly.
ii.
If a network is added to the internetwork, the administrator has to add a route to it on all
routersby hand.
iii.
Its not feasible in large networks because maintaining it would be a full-time job in
itself.
Static Routing Syntax
ip route [destination network] [mask] [next-hop address or exit interface]

[administrative distance ] [permanent]
This list describes each command in the string:
ip route The command used to create the static route.
Destination network The network youre placing in the routing table.
Mask The subnet mask being used on the network.
Next-hop address The address of the next-hop router that will receive the packet and
forward it to the remote network.
Administrative distance Is used to measure the trustworthiness of routing information
received on one router from its neighboring router . An AD is an integer from 0-255,
where 0 equals the most trusted route and 255 the least trusted route. A value of 255
means, no traffic is allowed to pass via this route
If a router receives two updates listing same about a remote network, the first thing a
router check is the AD, if one of the advertised routes has lower AD than the other, the
route with lower AD is the one which will be placed in routing table
64
If both advertised routes has the same value of AD, then routing protocols metrics like
hop-count or bandwidth will be used to evaluate the best route
Consider the following table, that indicate default administrative distance
Examples on how to add route by static routing
The 150 at the end changes the default administrative distance (AD) of 1 to 150. No
worries Ill talk much more about AD when we get into dynamic routing. For now, just
remember that the AD is the trustworthiness of a route, where 0 is best and 255 is worst.
Example:
Create routing tables in each router in the following network, use network address
192.160.120.0/24
Note that:
Each routing table automatically includes directly connected networks. To be able to
route to all networks in the internetwork, the routing table must include information that
describes where these other networks are located and how to get there.
65
Figure 2.2: Static routing table configuration

Router configuration in router0
Router>en
Router#config t
Router(config-if)#
Router(config)#ip dhcp pool subnetA
Router(dhcp-config)#exit
Router(config)#ip dhcp pool subnetB
Router(config)#interface serial 0/0/0
66

Router(config-if)#clock rate 64000
Router(config-if)#bandwidth 64
Router(config)#exit
Router#
Exit
Configuration in router1
Router>en
Router#config t
Router(config)#ip dhcp pool subnetC
ip dhcp pool subnetD
67
Router(config)#
Router(config)#exit
Router#exit
2.4 Creating routing table for each router By static Routing

By default, each outer includes directly connected networks in its routing table, except remote
networks
Example for a router0, use the CLI command show ip route, the router will contains only
directly connected subnets, A and B only as shown below
Figure 2.3 : Verifying directly connected routes in a router

Now to add the two remote sub networks C and D in routing table of a router0 by static
routing, proceed as follows
Router>en
Router#config t
Router(config)#ip route 192.160.120.64 255.255.255.240 192.160.120.90
Router(config)#exit
In this case, two remotes subnets will be automatically added to the routing table. By
using again sh ip route command, you will see the routes has been automatically added
to the routing table as shown below
68
Figure 2.4 : Verifying directly connected routes in router

Configuring the routing table in Router1
For a router1, use the CLI command show ip route, the router will contains only
directly connected subnets, C and D only as shown below
Figure 2.5: Verifying routing table in a routers

Now to add the two remote sub networks A and B in routing table of a router0 by static
routing, proceed as follows
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
69
Router(config)#exit
In this case, two remotes subnets will be automatically added to the routing table. By
using again sh ip route command, you will see the routes has been automatically added
to the routing table as shown below
Figure 2.6 : Verifying routing table in a router

2.5 Dynamic Routing
Dynamic routing is when protocols are used to find networks and update routing tables on
routers. Truethis is easier than using static, but itll cost you in terms of router CPU processes
and bandwidth on the network links.
A routing protocol defines the set of rules used by a router
when it communicates routing information
between neighbor routers.

2.6 Classes Dynamic routing protocols
There are three classes of routing protocols:
a) Distance vector
The distance-vector protocols find the best path to a remote network by judging distance. Each
time a packet goes through a router, thats called a hop. The route with the least number of hops
to the network is determined to be the best route
b) Link state
In link-state protocols, also called shortest-path-first protocols, the routers each
create three separate tables. One of these tables keeps track of directly attached
neighbors, one determines the topology of the entire internetwork, and one is used as the
routing table
70
Link state routers know more about the internetwork than any distance-vector routing protocol.
OSPF is an IP routing protocol that is completely link state. Link state protocols send updates
containing the state of their own links to all other routers on the network.
c) Hybrid
Hybrid protocols use aspects of both distance vector and link state
2.7 Types of dynamic routing protocols

Dynamic routing protocols used in today internet are divided into following ways according to
the figure below
Figure 2.3 : Types of dynamic routing protocol

Keys:
IGP: Interior gateway protocol
EGP: exterior gateway protocol
RIPV1&2: Routing information protocol Version 1 & 2
IGRP: Interior gateway routing protocols
OSPF; open shortest path first
71
INTERIOR GATEWAY PROTOCOLS (IGP)

These are used to exchange routing information between routers that are under same
Autonomous system
Autonomous system is a collection of networks that are under same Administrative domains
All routers in same Autonomous system, will have same routing table
EXTERIOR GATEWAY PROTOCOLS (EGP)

These are used to communicate routing information that are under multiple Autonomous system
2.8 Routing information protocol (RIP)
Routing Information Protocol (RIP) is a true distance-vector routing protocol. It sends the
complete routing table out to all active interfaces every 30 seconds. RIP only uses hop count to
determine the best way to a remote network, but it has a maximum allowable hop count of 15 by
default, meaning that 16 is deemed unreachable
RIP works well in small networks, but its inefficient on large networks with slow WAN links or
on networks with a large number of routers installed.
There are two type of RIP protocol
i.
RIPV1
RIP version 1 uses only classful routing, which means that all devices in the
network must use the same subnet mask.
This is because RIP version 1 doesnt send updates with subnet mask information
in tow.
ii.
RIPV2
RIP version 2 provides something called prefix routing, and does send subnet
mask information with the route updates. This is called classless routing.
2.9 Configuring RIP Routing
To configure RIP routing, just turn on the protocol with the router rip command and tell the RIP
routing protocol which networks to advertise. Thats it. Lets configure our previous computer
network
Note: remember RIPV1 is a Classful IP routing, so whenever is applied, remember all network
should have same subnet mask
Now construct the following network in a packet tracer, the configure the whole network,
the at last configure the routing table using RIPV1 protocol
72
Figure 2.4 :Configuring RIP protocol

Configuration In Router0
Router>en
Router#config t
Router(config-if)#
Router(config)#exit
73
Router>en
Router#config t
Router(config)#router rip
Router(config-router)#network 192.160.120.0
Router(config-router)#exit
Router(config)#exit
Router>en
Router#config t
Router(config-if)# exit
Router(config)#exit
Router#exit
Router>en
Router#config t
Router(config)#exit
Router# exit
74
Configuration in Router2
Router>en
Router#config t
Router(config)#exit
Router#exit
Router>en
Router#config t
Router(config)#exit
Router#exit
Router>en
Router#config t
75
Router(config)#interface
Router(config)#interface fa 192.160.124.1 255.255.255.0
^
Router(config-if)#
Router(config)#ip dhcp pool SubnetE
Router(config)#exit
Router#
Router#exit
Router>en
Router#config t
Router(config)#exit
Router#exit
76
Applying RIP routing protocol in a network that has been subnetted in a Classful
Given the following computer network, with network address 192.160.120.0/27,
subnetted as shown below
Figure 2.5 : Applying RIP in Classful addressing

Router>en
Router#config t
77
Router(config)#ip dhcp pool subnetB
Router(config)#exit
Router#exit
Note that, in a Classful subnetting, You would only need to type in the Classful network
address of 192.160.120.0 and let RIP find the subnets and place them in the routing table.
As shown below
Router>en
Router#config t
Router(config)#exit
Router configuration in router1
Router>en
Router#config t
Router(config)#ip dhcp pool subnetE
78
Router(config-if)#
Router(config)#ip dhcp pool subnetD
Router(config)#exit
Remember again, in a Classful subnetting, You would only need to type in the Classful
network address of 192.160.120.0 and let RIP find the subnets and place them in the
routing table. As shown below
Router>en
Router#config t
Router(config)#exit
So while yes, its true that RIP has worked really well in our little internetwork, its not the
solution for every enterprise. Thats because this technique has a maximum hop count of only 15
(16 is deemed unreachable) and it performs full routing-table updates every 30 seconds, both
things that can wreak havoc in a larger internetwork.
2.10 Holding Down RIP Propagations
You probably dont want your RIP network advertised everywhere on your LAN and WAN.
Theres not a whole lot to be gained by advertising your RIP network to the Internet, here are a
few different ways to stop unwanted RIP updates from propagating across your LANs and
WANs. The easiest one is through the passive-interface command.
This command prevents RIP update broadcasts from being sent out a defined interface, but that
same interface can still receive RIP updates.
Heres an example of how to configure a passive-interface on a router:
Lab_A#config t
Lab_A(config)#router rip
Lab_A(config-router)#network 192.168.10.0
Lab_A(config-router)#passive-interface serial 0/0
This command will stop RIP updates from being propagated out serial interface 0, but serial
interface 0 can still receive RIP updates.
79
2.11 RIP Version 2 (RIPv2)

RIP version 2 is mostly the same as RIP version 1. Both RIPv1 and RIPv2 are distance-vector
protocols, which means that each router running RIP sends its complete routing tables out all
active interfaces at periodic time intervals.
But RIPV1 is a Classful protocol while RIPV2 is a classless routing, because it support VLSM.
Both versions are Open standard because they can be used by any brand of router.
Disadvantages of rip, as a routing protocol
RIP just requires too much bandwidth, making it pretty intensive to use in your network.
Configuring RIPv2 is pretty straightforward. Heres an example:

Lab_C(config)#router rip
Lab_C(config-router)#network 192.168.40.0
Lab_C(config-router)#network 192.168.50.0
Lab_C(config-router)#version 2
2.12 Interior Gateway Routing Protocol (IGRP)
Interior Gateway Routing Protocol (IGRP) is a Cisco-proprietary distance-vector routing
protocol. This means that to use IGRP in your network, all your routers must be Cisco routers.
Cisco created this routing protocol to overcome the problems associated with RIP. We can say
that IGRIP is not open standard as RIPV1 & RIPV2
80
2.13 Advantages of IGRIP over RIP
IGRP has a maximum hop count of 255 with a default of 100. This is helpful in larger
networks and solves the problem of 15 hops being the maximum possible in a RIP
network
IGRP also uses a different metric than RIP. IGRP uses bandwidth and delay of the line as
a metric for determining the best route to an internetwork.
2.14 Configuring IGRP Routing

The command used to configure IGRP is the same as the one used to configure RIP routing with
one important difference: you use an autonomous system (AS) number. All routers within an
autonomous system must use the same AS number, or they wont communicate with routing
information.
Heres how to turn on IGRP routing:
Lab_A#config t
Lab_A(config)#router igrp 10
Lab_A(config-router)#network 192.168.10.0
Notice that the configuration in the above router commands is as simple as in RIP routing
except that IGRP uses an AS number. This number advertises only to the specific routers you
want to share routing information with.
2.15 Open Shortest Path First (OSPF) Basics
Open Shortest Path First (OSPF) is an open standards routing protocol thats been implemented
by a wide variety of network vendors, including Cisco. if you have multiple routers
and not all of them are Cisco, then only remaining options for configuring routing table in
routers are basically RIPv1, RIPv2, or OSPF. If its a large network, then, really, your only
options are OSPF
OSPF is the first link-state routing protocol that most people are introduced to
OSPF provides the following features:
Consists of areas and autonomous systems

Minimizes routing update traffic
Allows scalability
Supports VLSM/CIDR
Has unlimited hop count
Allows multi-vendor deployment (open standard)
OSPF is supposed to be designed in a hierarchical fashion, which basically means that you
can separate the larger internetwork into smaller internetworks called areas. This is the best
design for OSPF.
81
The reasons for creating OSPF in a hierarchical design include:
To decrease routing overhead

To speed up convergence
To confine network instability to single areas of the network
This does not make configuring OSPF easier, but more elaborate and difficult. Figure below
shows a typical OSPF simple design.
Notice how each router connects to the backbonecalled area 0, or the backbone area. OSPF
must have an area 0, and all routers should connect to this area if at all possible, but routers that
connect other areas to the backbone within an AS are called Area Border Routers
Figure 2.6 : OSPF System

OSPF runs inside an autonomous system, but can also connect multiple autonomous systems
together. The router that connects these ASes together is called an Autonomous System
Boundary Router (ASBR).
82
CHAPTER THREE
3.0 Routing and switching
3.1 Layer 2 Switching
When we discuss switching, were talking about layer 2switching unless we say otherwise. Layer
2 switching is the process of using the hardware address of devices on a LAN to segment a
network. Switching breaks up large collision domains into smaller ones, and that a collision
domain is a network segment with two or more devices sharing the same bandwidth. A hub
network is a typical example of this type of technology
3.2 Differences between HUB and Switch as layer 2 switching devices
HUB
This refers to the device that connects all the segments in the star topology Ethernet network
Every device in the network connects to the HUB through a single port, and is used to connects
multiple devices without segmenting the network
3.3 What is Network Segmentation?
Network segmentation in computer networking is the act or profession of splitting a

computer network into sub networks, each being a network segment. Advantages of such
splitting are primarily for boosting performance and improving security.
3.4 Advantages of Network Segmentation
Reduced congestion: Improved performance is achieved because on a segmented

network there are fewer hosts per sub network, thus minimizing local traffic
Improved security: Broadcasts will be contained to local network. Internal network
structure will not be visible from outside
Containing network problems: Limiting the effect of local failures on other parts of
network
Therefore, for the HUB as the networking devices, any transmission received on one port,
will be sent out to the all other ports in the HUB, including the receiving pair of the
transmitting devices, so that carrier sense multiple access with collision detection
(CSMA/CD), on the transmitter can monitor the collision
A collision domain is a section of a network where data packets can collide with one another
when being sent on a shared medium or through repeaters, particularly when using early
versions of Ethernet. A network collision occurs when more than one device attempts to send
a packet on a network segment at the same time. Collisions are resolved using carrier sense
multiple access with collision detection (CSMA/CD) in which the competing packets are
discarded and re-sent one at a time. This becomes a source of inefficiency in the network.[1]
83
It is important to note that, HUBS are just like the repeaters, which lack the intelligence
because, a broadcast sent out by any device on the HUB will be propagated to all other
devices connected to the HUB and this phenomena leads to the potential increasing of
collision in the LAN network. Hence HUBS are not suggested in todays networks for this
reason
A switch
Switch connects multiple segments together, much like the HUBS do, but with three
significant differences. A is more intelligent by recognizing the frame and pay attention to
the source and destination MAC address of the incoming frame as well as the port in which
the frame was received
HUBS dont do these things, they simply send out anything they receive on one port to all
other ports including the receiving port
So if a switch determines that, a frame final destination happens to be on one segment thats
connected via a different port than the one on which the frame was received , the switch will
only forward the frame out form the specific port on which the destination MAC address is
located
If the switch cant figure out the location of the frame destination, it will flood the frame out
every port except the one on which the frame port was received
Switches are layer 2 devices, which mean they segment the network with MAC address. IF
you see the term layer 3 switch, that means you are talking about the router, not a layer 2
switch. Consider the figure below, it shows , the differences between HUBS and switches in
segmenting the network
3.5 What is collision Domains?
A collision domain is, as the name implies, a part of a network where packet collisions can
occur. A collision occurs when two devices send a packet at the same time on the shared network
segment. The packets collide and both devices must send the packets again, which reduces
network efficiency. Collisions are often in a hub environment, because each port on a hub is in
the same collision domain. By contrast, each port on a bridge, a switch or a router is in a separate
collision domain.
84
The following example illustrates collision domains.
Figure 3.1 : Collision Domains

Unlike bridges which uses software to create and manage filter table (routing table for a switch),
switches use hardware called ASIC (Application specific integrated circuit), to accomplish this.
Layer 2 switches and bridges are faster than routers because they dont take up time to look up at
the network layer header informations, instead they look at the frames hardwares addresses
before deciding to forward, flood or drop the frame
Switches create private, dedicated collisions domains and provide independent bandwidth on
each port, unlike hubs
3.6 Advantages of using layer 2 switching (Switches)
Hardware based bridging (ASIC)
Wire speed
Low latency
Low cost
3.7 Bridges versus switching
Here are some significant similarities and difference between Bridges and switches
Bridges are software based while switches are hardware based switching devices
A switch can be viewed as a multiport bridges
Switches have higher number of ports than bridges
Both switches and bridges forward layer 2 broadcasts
85
3.8 Three function of switches at layer 2

There are three basic function of switches at layer 2
Address learning
Layer 2 devices, such as bridges and switches have the ability of learning addresses, i.e. they
remember source MAC addresses (Physical address) of each frame received on an interface and
enter this information into a MAC database known as forward filter table. But when the switch is
at first switched ON, always the forward filter table is empty as shown below
Figure 3.2 : Addressing learning

When a computer in a network transmit , and an interface of the switch receives the frame, the
switch place the frames source MAC address forward or filter table, which allows it to
remember which interface the sending device is located on. The switch then has no choice but to
flood the network with this frame out of every port except the source port, because it has no idea
where the destination device is actually located
If a device answer to this flooded frame and sends a frame back , then the switch will take the
sources address from that frame and place the MAC address in its database as well, thereby
associating the newly discovered address with the interface that received the frame. Because now
the switch has both of relevant MAC address in its filtering table. The two devices can now make
point to point connection. The switch doesnt need to flood the frame as it did the first time
because now the frame can and will be forwarded only between the two devices recorded in the
table. This is exactly the thing that makes layer two switches better than HUBS, because in
HUBS networks, all the frame are forwarded out to all ports every time no matter what
The above procedures, a switch have to go through in order to learn the other MAC address of
the remain HOST attached to the remaining interface
86
Forward filter decision

When a frame arrives at a switch interface, the destination address is compared to the forward /
filter MAC database and a switches makes a forward/filter decision. In other words, if the
destination hardware address is known (Listed in the database), the frame will be sent out only to
the specified exit interface. The switch will not transmit the frame out any exit interface except
the destination interface
The process of not transmitting frame to other interface except the destination interface is called
FRAME FILTERING.
Frame filtering has advantages of preserving bandwidth to the interfaces through which the
frame is not sent
So by default, if a host or server sends out the broadcast on the LAN, the switch will flood the
frame out all active ports except the source port. Remember, switch creates small collision
domains, but still one large broadcast domain by default
Loop avoidance
Redundant links between switches are very wise thing to implement because they help prevent
complete network failure in the event that one link stop working. But these redundant links have
disadvantages , because the frame can be flooded down all redundant links simultaneous
creating loops. Here are the few problems caused by these loops, especially when no mechanism
to avoid these loop has been placed
3.9 Disadvantages of loop in LAN network
i.
Broadcast Storm
This is a process where The switch will flood the broadcast endlessly throughout the
internetwork. In real life, it is often referred to as , something that were to permitted to repeat in
print. The figure below illustrate how broadcast can be propagated throughout the internetwork
Figure 3.3 : Broadcast storms

Pay attention to how a frame is continuously being flooded through the internetwork physical
network media
87
ii.
Slowing down the network
What you see here, is that a device receives, multiple copies of the same frame, because that
frame can arrive from different segments at the same time. Figure below demonstrates how a
bunch of frame can arrive from multiple segments simultaneously
A server from a router in the figure, sends a unicast frame to router C. because it is a unicast
frame, switch A forward the frame, and switch B provides the same services by forwarding this
unicast frame
This is really bad, because the router C, receives the unicast frame twice, causing additional
overhead in the network
Figure 3.4 : Loop slows down the network

iii. Thrashing The MAC address filter table
This is a phenomenon where the switch is cough up in constantly updating the MAC address
filter table with the source hardware address locations that it might fail to forward the frame.
This happens because, the switch can receive the frame from more than one link.
iv.
Multiple loops propagating in the network can leads to the failure of the switch to
perform its frame switching task especially when the broadcast storms happens
3.10 How to remove Network loops on layer 2 switching networks

In order to stop loop from keep occurring across layer 2 switching network (network that
involves bridges and switches), a special protocol, called spanning tree protocol (STP) must be
employed. It achieves this feat, by vigilantly monitoring the network to find all links and making
sure that, no loops occur by shutting down any redundant one
STP uses spanning tree algorithm (STA), to first create a topology database, and the search out
and destroys redundant links. With STP running, frames will be forwarded only on the premium
STP picked links
88
3.11 What is broadcast Domains?

Broadcast domain
A broadcast domain is a domain in which a broadcast is forwarded. A broadcast domain contains
all devices that can reach each other at the data link layer (OSI layer 2) by using broadcast. All
ports on a hub or a switch are by default in the same broadcast domain. All ports on a router are
in the different broadcast domains and routers don't forward broadcasts from one broadcast
domain to another.
The following example clarifies the concept.
Figure 3.5 : Broadcast domains

Switches truly have changed the way networks are designed and implemented. If a pure switched
design is properly implemented, it absolutely will result in a clean, cost-effective, and resilient
internetwork. In this chapter, well survey and compare network design before and after
switching technologies were introduced.
3.12 Before Layer 2 Switching
Lets go back in time a bit and take a look at the condition of networks before switches and how
switches have helped segment the corporate LAN
Before LAN switching, the typical network design looked like the network as shown in figure
below
89
Figure 3.6 : Hub Network

Here you can see that each network was attached with a hub port to the router (each segment also
had its own logical network number, though this is not obvious from the figure). Each node
attached to a particular physical network had to match that network number in order to be able to
communicate on the internetwork. Notice that each department had its own LAN, so if you
needed to add new users to Sales, for example, you would just plug them into the Sales LAN and
they would automatically be part of the Sales collision and broadcast domain. This design really
did work well for many years.
By default, switches break up collision domains and routers break up broadcast domains.
3.13 Disadvantages of network before layer 2 switching (Flat network)
A flat internetworks security used to be tackled by connecting hubs and switches together with
routers. So it was basically the routers job to maintain security. This arrangement was pretty
ineffective for several reasons
First, anyone connecting to the physical network could access the network resources
located on that physical LAN.
Second, all anyone had to do to observe any and all traffic happening in that network was
to simply plug a network analyzer into the hub.
Third, in that same vein, users could join a workgroup by just plugging their workstations
into the existing hub. So basically, this was non-security!
This is why VLANs are so cool. By building them and creating multiple broadcast groups,
administrators can now have control over each port and user! The days when users could just
plug their workstations into any switch port and gain access to network resources are history,
because the administrator is now awarded control over each port and whatever resources that
port can access.
But devices called bridges did, and they were first used in the network to break up collision
domains. Bridges were sorely limited by the amount of ports and other network services they
could provide, and thats when layer 2 switches came to the rescue. These switches saved the day
90
by breaking up collision domains on each and every portlike a bridge, and switches could
provide hundreds of ports!
3.14 Virtual Local Area Network (VLANs)
A VLAN is a logical grouping of network users and resources connected to administratively
defined ports on a switch. We can break up broadcast domains in a pure switched internetwork,
By creating a virtual local area network (VLAN).
When you create VLANs, you are given the ability to create smaller broadcast domains within a
layer 2 switched internetworks by assigning different ports on the switch to different sub
networks. A VLAN is treated like its own subnet or broadcast domain, which means that frames
broadcast onto the network are only switched between the ports logically grouped within the
same VLAN.
By default, no hosts in a specific VLAN can communicate with any other hosts that are members
of another VLAN, so if you want inter-VLAN communication, the router will be needed
VLAN Basics
As shown in Figure below, layer 2 switched networks are typically designed as flat networks.
Every broadcast packet transmitted is seen by every device on the network, regardless of whether
the device needs to receive that data. By default, routers allow broadcasts only within the
originating network, but switches forward broadcasts to all segments. The reason its called a flat
network is because its one broadcast domain, not because its actual design is physically flat.
Figure 3.7 : Layer 2 switching

We see Host A sending a broadcast and all ports on all switches forwarding this broadcast,
except the port that originally received it.
91
Now look at Figure below, which pictures a switched network. It shows Host A sending a frame
with Host D as its destination, and as you can see, that frame is only forwarded out the port
where Host D is located. This is a huge improvement over the old hub networks, unless having
one collision domain by default is what you really want.
Figure 3.8 : Layer 2 switching

3.15 Advantages of layer 2 switched network
It creates individual collision domain segments for each device plugged into each port on the
switch. This scenario frees us from the Ethernet distance constraints, so now larger networks can
be built.
3.16 Disadvantages of a layer 2 switched network
It creates the larger the number of users and devices, hence, the more broadcasts and packets
each switch must handle!
Also, the security issue is very little, because all users can see all devices by default. And you
cant stop devices from broadcasting, nor users from trying to respond to broadcasts
3.17 How layer 2 switched networks can be solved?
Layer2 switched network can disadvantages can only be solved by creating VLANS. You can
solve many of the problems associated with layer 2 switching with VLANs
92
3.18 Advantages of VLANS

Network adds, moves, and changes are achieved by configuring a port into the
appropriate VLAN.
A group of users needing high security can be put into a VLAN so that no users outside
of the VLAN can communicate with them.
As a logical grouping of users by function, VLANs can be considered independent from
their physical or geographic locations.
VLANs can enhance network security.
VLANs increase the number of broadcast domains while decreasing their size. This leads
to less bandwidth consumed in the network
Another advantage is that when a VLAN gets too big, you can create more VLANs to
keep the broadcasts from consuming too much bandwidththe fewer users in a VLAN,
the fewer users affected by broadcasts
VLANS removes physical boundary (Location), of the users in the same VLAN. i.e.
users can be physically located differently but they will still be under same VLAN
Since switches have become more cost-effective lately, many companies are replacing their flat
hub networks with a pure switched network and VLAN environment. All devices in a VLAN are
members of the same broadcast domain and receive all broadcasts. The broadcasts, by default,
are filtered from all ports on a switch that are not members of the same VLAN. This is great
because it offers all the benefits you gain with a switched design without the serious
anguish you would experience if all your users were in the same broadcast domain!
If you were paying attention to what youve read so far, you know that layer 2 switches only read
frames for filteringthey dont look at the Network layer protocol. And by default, switches
forward all broadcasts. But if you create and implement VLANs, youre essentially creating
smaller broadcast domains at layer 2.
This means that broadcasts sent out from a node in one VLAN wont be forwarded to ports
configured to be in a different VLAN. So by assigning switch ports or users to VLAN groups on
a switch or group of connected switches, you gain the flexibility to add only the users you want
into that broadcast domain regardless of their physical location.
Consider the figure below that is representing VLAN implementation in order to reduce
disadvantages of flat internetworks (HUB networks
93
Figure 3.9 : VLANs Implementation

Figure above shows how six VLANs (numbered 2 through 7) were used to create a broadcast
domain for each department. Each switch port is then administratively assigned a VLAN
membership, depending on the host and which broadcast domain it must be in.
So now, if I needed to add another user to the Sales VLAN (VLAN 7), I could just assign the
port used to VLAN 7, regardless of where the new Sales team member is physically located
nice! This illustrates one of the sweetest advantages to designing your network with VLANs over
the old collapsed backbone design. Now, cleanly and simply, each host that needs to be in the
Sales VLAN is merely assigned to VLAN 7.
Each VLAN is considered a broadcast domain, so it must also have its own subnet number, as
shown in Figure above. The nodes within each VLAN can communicate with each other, but not
with anything in a different VLAN, in order for a node to communicate to a node or host on a
different VLAN, a router (layer 3 switching device) must be used
3.19 VLANs Membership
VLANs are usually created by an administrator, who then assigns switch ports to each VLAN.
Such a VLAN is called a static VLAN. If the administrator wants to do a little more work up front
and assign all the host devices hardware addresses into a database, the switches can be
configured to assign VLANs dynamically whenever a host is plugged into a switch. This is
called a dynamic VLAN.
94
3.20 Types of VLAN configuration

Static VLAN
Static VLANs are the usual way of creating VLANs, and theyre also the most secure. The
switch port that you assign a VLAN association to always maintain that association until an
administrator manually changes that port assignment.
This type of VLAN configuration is comparatively easy to set up and monitor, and it works well
in a network where the movement of users within the network is controlled. And although it can
be helpful to use network management software to configure the ports, its not mandatory.
Remember that in VLAN network, each host must also have the correct IP address information.
For example, each host in VLAN 2 from previous figure must be configured into the
172.16.20.0/24 network. It is also important to remember that, if you plug a host into a switch,
you must verify the VLAN membership of that port. If the membership is different than what is
needed for that host, the host will not be able to reach the needed network services, such as a
workgroup server.
Dynamic VLAN
A dynamic VLAN determines a nodes VLAN assignment automatically. Using intelligent

management software, you can base VLAN assignments on hardware (MAC) addresses,
protocols, or even applications to create dynamic VLANs.
Its up to you! For example, suppose MAC addresses have been entered into a centralized VLAN
management application. If a node is then attached to an unassigned switch port, the VLAN
management database can look up the hardware address and assign and configure the switch port
to the correct VLAN.
3.21 Routing between VLANs
Hosts in a VLAN live in their own broadcast domain and can communicate freely. VLANs
create network partitioning and traffic separation at layer 2 of the OSI, and as I said when I told
you why we still need routers, if you want hosts or any other IP-addressable device to
communicate between VLANs, a layer 3 device is absolutely necessary.
For this, you can use a router that has an interface for each VLAN or a router that supports ISL
routing. The least expensive router that supports ISL routing is the 2600 series router. The 1600,
1700, and 2500 series dont support ISL routing.
95
Figure 3.10 : Routing between VLANs

As you can see from previous diagram, Router connecting three VLANs together for interVLAN communication, one interface for each VLAN.
3.22 Configuring VLANS
Configuring VLANs is actually pretty easy. Figuring out which users you want in each VLAN is
not. Its super time-consuming, but once youve decided on the number of VLANs you want to
create, and established the users you want to belong to each one, its time to bring your first
VLAN into existence!
Use packet tracer, with a cisco switch 2950, with 24 ports. Place a cisco switch 2950, on a
working window of a packet tracer, then using CLI commands, create three VLAN on the
switch, then name them sales, marketing and mis department
Switch>en
Switch#config t
Switch(config)#vlan 2
Switch(config-vlan)#name sales
Switch(config-vlan)#exit
Switch(config-vlan)#name marketing
96
Switch(config-vlan)#name mis
Switch(config)#exit
After you create the VLANs that you want, you can use the show vlan command to see them.
But notice that by default, all ports on the switch are in VLAN 1. To change the VLAN
associated with a port, you need to go to each interface and tell it which VLAN to be a part of.
Figure 3.11 Verifying VLANs in a switch

Remember that a created VLAN is unused until it is assigned to a switch port or ports, and that
all ports are always assigned in VLAN 1 unless set otherwise.
You cant change, delete, or rename VLAN 1, because its the default VLAN and you just cant
change thatperiod. Its the native VLAN of all switches by default, and Cisco recommends
that you use this as your administrative VLAN. Native VLAN basically means that any packets
that arent specifically assigned to a different VLAN will be sent down the native VLAN.To see
the VLAN database, use the show vlan command or the show vlan brief command:
97
Assigning switch ports to VLANs

By using same type of cisco switch 2950, we can assign switch ports to three VLANs we
created before, i.e. sales, marketing and mis department as follows, using CLI commands
Switch#config t
Switch(config)#int f0/2
Switch(config-if)#switchport access vlan 2
Switch(config-if)#int f0/3
Switch(config-if)#int f0/4
Switch(config-if)#exit
Switch(config)#exit
Switch#
If you want to verify your configuration, just use the show vlan or show vlan brief command to
show you the VLANs with port assignments:
Figure 3.12 : Verifying VLANs in a Swicth
98
Trunk links Trunks can carry multiple VLANs and originally gained their name after the
telephone system trunks that carry multiple telephone conversations.
Configuring Trunk ports
On the 2950, you use the switchport command:
Switch#config t
Switch(config)#int f0/12
Switch(config-if)#switchport mode trunk
Switch(config-if)#exit
Switch(config)#exit
You can verify your configuration with the show running-config command:
Figure 3.13 : Verifying VLANs membership

Lets take a look at Figure below and see what we can determine by looking at it. This figure
shows three VLANs, with two hosts in each of them.
99
Figure 3.14 : VLAN network

The router in Figure above is connected to the fa0/1 switch port, and VLAN 2 is configured on
port f0/6. Looking at the diagram, these are the things that Cisco expects you to know:
1. The router is connected to the switch using sub interfaces.
2. The switch port connecting to the router is a trunk port.
3. The switch ports connecting to the clients and the hub are access ports, not trunk ports.
The configuration of the switch would look something like this:
Draw the above networks in packet tracer
Figure 3.15 : Packet tracer network
100
CLI commands for VLAN will be as follows

Switch>en
Switch#config t
Switch(config)#hostname 2950
2950(config)#int f0/1
2950(config-if)#switchport mode trunk //creating f0/1 as a trunk mode
// no need to create VLAN 1 because, it is already created by default
2950(config-if)#int f0/2
2950(config-if)#switchport access vlan 1
2950(config-if)#int f0/3
// VLAN 3, must be created before assigning it

2950(config-if)#vlan 3 //creating VLAN3
2950(config-vlan)#exit
// assigning switch port to VLAN3
// creating VLAN2 before assigning switch port to it

2950(config-if)#vlan 2
//assigning switch port to VLAN 2
101
2950(config-if)#exit
2950(config)#exit
2950#
Before we configure the router, we need to design our logical network for all the three VLANs
we created as follows. Use the network IP address 192.168.10.0/24
VLAN 1: 192.168.10.16/28
VLAN 2: 192.168.10.32/28
VLAN 3: 192.168.10.48/28
The configuration of the router would then look like this:

Router>en
Router#config t
Router(config)#int fa 0/0
Router(config-if)#no ip address
Router(config-if)#
//specifying subinterfaces/ default gateway of each VLAN in the router

Router(config-if)#int f0/0.1
Router(config-subif)#encapsulation dot1q 1
Router(config-subif)#ip address 192.168.10.17 255.255.255.240
Router(config-subif)#int f0/0.2
102

Router(config-subif)#int fa0/0.3
Router(config-subif)#exit
Router(config)#exit
Router#exit
The hosts in each VLAN would be assigned an address from their subnet range, and the default
gateway would be the IP address assigned to the routers sub interface in that VLAN.
Figure below shows a router connected to a 2950 switch with two VLANs. One host in each
VLAN is assigned an IP address. What are your router and switch configurations based on these
IP addresses?
Figure 3.16 : VLANs network

Since the hosts dont list a subnet mask, you have to look for the number of hosts used in each
VLAN to figure out the block size. VLAN 1 has 85 hosts and VLAN 2 has 115 hosts. Each of
these will fit in a block size of 128, which is a /25 mask or 255.255.255.128.
103
You should know by now that the subnets are 0 and 128, and the 0 subnet (VLAN 1) has a host
range of 1126 and the 128 subnet (VLAN 2) has a range of 129254. You can almost be fooled
since Host A has an IP address of 126, which makes it almost seem that Host A and B are in the
same subnet
Now, draw the above networks in cisco packet tracer
Figure 3.17 : VLAN network

Here is the switch configuration
Switch>en
Switch#config t
Switch(config)#hostname 2950
2950(config)#int fa0/1
2950(config-if)#switchport mode trunk
2950(config-if)#int fa0/2
2950(config-if)#vlan 2
2950(config)#int fa0/3
104

2950(config-if)#exit
2950(config)#exit
Here is the router configuration:
Router>en
Router#config t
Router(config)#int fa0/0
Router(config-if)#int fa0/0.1
Router(config-subif)#
Router(config-subif)#int fa0/0.2
Router(config-subif)#
Router(config)#exit
Router#
Router#exit
105
Setting IP address on a switch

Since VLAN 1 is typically the administrative VLAN, well use an IP address from that pool of
addresses. Heres how to set the IP address of the switch:
2950#config t
2950(config)#int vlan 1
2950(config-if)#ip address 172.16.10.2 255.255.255.128
2950(config-if)#no shutdown
Yes, you have to do a no shutdown on the VLAN interface.
3.23 VLAN Trunking Protocol (VTP)

The basic goals of VLAN Trunking Protocol (VTP) are to manage all configured VLANs across a
switched internetwork and to maintain consistency throughout that network. VTP allows an
administrator to add, delete, and rename VLANsinformation that is then propagated to all
other switches in the VTP domain.
3.24 Advantages of VTP
Consistent VLAN configuration across all switches in the network
VLAN Trunking over mixed networks, such as Ethernet to ATM LANE or even FDDI
Accurate tracking and monitoring of VLANs
Dynamic reporting of added VLANs to all switches in the VTP domain
Plug-and-Play VLAN adding
But before you can get VTP to manage your VLANs across the network, you have to create a
VTP server. All servers that need to share VLAN information must use the same domain name,
and a switch can be in only one domain at a time. So this means that a switch can only share
VTP domain information with other switches if theyre configured into the same VTP domain.
You can use a VTP domain if you have more than one switch connected in a network, but if
youve got all your switches in only one VLAN, you dont need to use VTP. VTP information is
sent between switches via a trunk port.
VTP information is sent between switches via a trunk port. Switches advertise VTP-management
domain information, as well as a configuration revision number and all known VLANs with any
specific parameters. And theres also something called VTP transparent mode. In it, you can
configure switches to forward VTP information through trunk ports, but not to accept
information updates or update their VTP databases.
106
Switches detect the additional VLANs within a VTP advertisement and then prepare to receive
information on their trunk ports with the newly defined VLAN in tow. Updates are sent out as
revision numbers that are the notification plus 1. Any time a switch sees a higher revision
number, it knows the information that its receiving is more current, and it will overwrite the
current database with that new information.
3.25 VTP modes of operation
There are three different modes of operation within a VTP domain. Figure below shows you all three:
Server This is the default for all Catalyst switches. You need at least one server in your VTP
domain to propagate VLAN information throughout the domain. The switch must be in server
mode to be able to create, add, or delete VLANs in a VTP domain. Changing VTP information
must also be done in server mode, and any change made to a switch in server mode will be
advertised to the entire VTP domain
Client In client mode, switches receive information from VTP servers, and they also send and
receive updates. But they cant make any changes. Plus, none of the ports on a client switch can
be added to a new VLAN before the VTP server notifies the client switch of the new VLAN.
Its also good to know that VLAN information sent from a VTP server is not stored in NVRAM.
This means that if the switch is reset or reloaded, the VLAN information will be deleted. Heres
a hint: If you want a switch to become a server, first make it a client so it receives all the correct
VLAN information, then change it to a servermuch easier!
Transparent Switches in transparent mode dont participate in the VTP domain, but theyll still
forward VTP advertisements through any configured trunk links. These switches cant add and
delete VLANs because they keep their own databaseone they do not share with other switches.
The purpose of Transparent mode is to allow remote switches to receive the VLAN database
from a VTP Server configured switch through a switch that is not participating in the same
VLAN assignments.
107
3.26 Configuring VTP on VLANs

You are a network administrator at Triumphant college. The college has three offices. Offices are
connected with each other via links. The college has two departments, Telecommunication and
Electrical. In each office we have one PC from each department. The college has one router.
You can use router's Ethernet port for inter VLAN communication.
LAB SET UP
To replicate given scenario create a topology in packet tracer, as shown in following diagram
Figure 3.18 : VLANs in cisco packet tracer

Configurations used in this topology are following
Note that, the first ip address of each network or VLAN is used as a default gate way for each
VLAN
From above data, we have two VLANs to be configured, as shown below
10.0.0.0/24 network as VLAN 10
20.0.0.0/24 network as VLAN 20
We may first start assigning ip address statically in a packet trace, then we can continue with
switch configuration
108
By default all switches work as VTP server so we only need few commands to configure it. In
following commands we will
Set hostname to S1
Set domain name to rt
Set password to kifaru. (Password is case sensitive)
Configure VTP Server on switch0

Switch>en
Switch#config t
Switch(config)#hostname S1
S1(config)#vtp mode server
Device mode already VTP SERVER.
S1(config)#vtp domain rt
S1(config)#vtp password kifaru
Configure VTP Client
We will configure Office 2 Switch and Office 3 Switch as VTP client switch
Switch>en
Switch#config t
S2(config)#vtp mode server
S2(config)#vtp mode client
In Switch2
Switch>en
Switch#config t
109
S3(config)#vtp mode client
We have configured VTP server and VTP client. At this moment VTP client will not receive
VTP messages from server. We need to configure DTP (Dynamic Trunk Protocol) between
switches.
Office switch0
Switch>en
Switch#config t
S1(config)#int fa0/4
S1(config-if)#switchport mode trunk
S1(config-if)#exit
S1(config)#int fa0/1
S1(config-if)#exit
Office switch1
Switch>en
Switch#config t
S2(config)#int fa 0/1
S2(config-if)#exit
S2(config-if)#exit
110
Office switch2
Switch>en
Switch#config t
S3(config-if)#exit
So far up to this point, we have configured VTP server and VTP clients. We have also changed
necessary links in trunk. Now we will configure VLANs on VTP server and that will
automatically propagate VLANs in network.
Configure VLAN
Now go to office switch0, which is our VTP server`
Switch>en
Switch#config t
S1(config)#vlan 10
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#exit
Then we must start assigning VLAN membership
Assign VLAN Membership
VLAN can be assigned statically or dynamically. But we will use static method to assign VLAN
membership. switchport access vlan [vlan number] command is used to assign VLAN to the
interface. Following commands will assign VLANs to the interfaces.
111
Office switch0
Switch>en
Switch#config t
S1(config-if)#switchport access vlan 10
S1(config-if)#int fa 0/3
S1(config-if)#exit
S1(config)#exit
Office switch1
Switch>en
Switch#config t
S2(config-if)#exit
S2(config)#exit
Office switch2
Switch>en
Switch#config t
S3(config)#interface fa 0/2
112
S3(config-if)#exit
S3(config)#exit
We have successfully assigned VLAN membership. It's time to test our configuration. To test
this configuration, we will use ping command. ping command is used to test connectivity
between two devices. As per our configuration, devices from same VLAN can communicate.
Devices from different VLANs must not be able to communicate with each other without router.
Configure Router on Stick
Typically routers are configured to receive data on one physical interface and forward that data
from another physical interface based on its configuration. Each VLAN has a layer 3 address that
should be configured as default gateway address on all its devices. In our scenario we reserved
IP address 10.0.0.1 for VLAN 10 and 20.0.0.1 for VLAN 20.
With default configuration we need two physical interfaces on router to make this intra VLAN
communication. Due to price of router, its not a cost effective solution to use a physical
interface of router for each VLAN. Usually a router has one or two Ethernet interface. For
example if we have 50 VLANs, we would need nearly 25 routers in order to make intra VLANs
communications. To deal with situation we use Router on Stick.
Router on Stick is router that supports trunk connection and has an ability to switch frames
between the VLANs on this trunk connection. On this router, single physical interface is
sufficient to make communication between our both VLANs.
Access command prompt of Router
Run following commands in same sequence to configure Router on Stick
Router>en
Router#config t
Router(config)#int fa 0/0
Router(config)#int fa 0/0.10
113
Router(config)#int fa 0/0.20
Router(config)#exit
Router#exit
In above configuration we broke up single physical interface [Fast Ethernet 0/0] into two
logical interfaces, known as sub-interfaces. Router supports up to 1000 interfaces
including both physical and logical.
By default interface link works as access link. We need to change it into trunk link.
Encapsulation commands specify the trunk type and associate VLAN with sub-interface.
In next step we assigned IP address to our sub-interface.
That's all configuration we need to switch VLANs. Now we can test different VLAN
communications. To test intra VLANs communication open command prompt of PC and ping
the PC of other VLAN.
114
3.27 Virtual private Networks (VPN)

3.28 Traditional Connectivity before VPN
Before VPN, most business entities from different parts were interconnected together with
traditional leased lines, ATM of frame relay as WAN links, this had disadvantages in the sense
that now most of entities started to expand to a large geographical area, Hence it came the
necessity of VPN that took in place the function of these wan links
Figure 3.19 : Traditional connectivity before VPN

3.29 What is VPN?
Virtual Private Network is a type of private network that uses public telecommunication,
such as the Internet, instead of leased lines to communicate.
Became popular as more employees worked in remote locations.
Employees can access the network (Intranet) from remote locations.
Secured networks.
The Internet is used as the backbone for VPNs
Saves cost tremendously from reduction of equipment and maintenance costs.
Scalability
115
Remote Access Virtual Private Network
Figure 3.20 : Structure of VPN

3.30 Brief Overview of How it Works
Two connections one is made to the Internet and the second is made to the VPN.
Datagrams contains data, destination and source information.
Firewalls VPNs allow authorized users to pass through the firewalls.
Protocols protocols create the VPN tunnels.
Data is encrypted (cannot be deciphered without the key)
Virtual Point to Point Connection
To the user, it acts like a point to point connection
Data is packaged with a header
3.31 Four Critical Functions of VPN
Authentication validates that the data was sent from the sender.
Access control limiting unauthorized users from accessing the network.
Confidentiality preventing the data to be read or copied as the data is being transported.
Data Integrity ensuring that the data has not been altered
A virtual private network (VPN) is the extension of a private network that encompasses links
across shared or public networks like the Internet. It provides LAN access to end systems not
physically located on the LAN
An alternative to WAN (Wide Area Networks) which use leased lines to connect
116
Figure 3.21: VPN structure

A typical VPN might have a main LAN at the corporate headquarters of a company, other LANs
at remote offices or facilities and individual users connecting from out in the field.
3.31 Tunneling in VPN
A virtual point-to-point connection made through a public network. It transports encapsulated
datagrams.
Figure 3.22 : VPN tunneling
117
3.32 Types of VPN

There are Two Types:
i.
Site to Site VPN

Connects two LANs over local ISP connections
Very useful if you need to connect a branch to a main hub (Big business)
Much less expensive than purchasing one dedicated line between the hub and branch
Intranet connects remote locations from one company
Extranet connects two companies (partners) into one shared Private Network
Figure 3.23 : Site to site VPN

ii.
Remote Access VPN
Essentially provides LAN access through dial-up connection
Typically done by purchasing a NAS (Network Access Server) with a toll free
number
Can instead be done through normal ISP connection using the VPN software to
make a virtual connection to the LAN
118
3.33 Advantages of using VPN compared to traditional WAN links

Expand Globally
Costs reduced
No dedicated lines necessary
Easier
Technology is on the end systems, which makes it more scalable
No single point of failure
Easier Network Management
119
CHAPTER FOUR
4.0 Internet Data Centrers (IDCs)
Telecommunication system is an important and integral part of modern society. In addition to
public switched telephone network (PSTN), it plays vital role in radio and television
networks, internet and Asynchronous transfer mode (ATM) networks. The switching system
provides various services to the subscribers
The switching system is a collection of switching elements arranged and controlled in such a
way as to setup a communication path between any two distant points.
Telecommunication is the communication of voice or data over long distances using public
switched telephone network (PSTN). PSTN consists of transmission component, switching
components and facilities for maintaining equipment, billing system and other internal
components.
PSTN also referred to as plain old telephone system (POTS). The switching technique used
in PSTN is circuit switching in general.
4.1 Plain old telephone service (POTS)
Is voice-grade telephone service employing analog signal transmission over copper loops . POTS
was the standard service offering from telephone companies from 1876 until 1988 when the
now-obsolete Integrated Services Digital Network (ISDN) Basic Rate Interface (BRI) was
introduced, followed by cellular telephone systems, and Voice over IP (VoIP). POTS remain the
basic form of residential and small business service connection to the telephone network in many
parts of the world. The term reflects the technology that has been available since the introduction
of the public telephone system in the late 19th century, in a form mostly unchanged despite the
introduction of Touch-Tone dialing, electronic telephone exchanges and fiber-optic
communication into the public switched telephone network (PSTN).
Prior to the mid-1960, the service logic as shown in figure below, was hardwired in the
switching systems. Typically network operators met with the switch vendors, discuss the type of
services the customers required, negotiate the switching features that provided the services, and
finally agreed upon the generic release date for feature availability
120
After this , the network operators planned for the deployment of the generic feature / service in
the switching fabric
Figure 4.1 : Plain Old telephone services

This process was compounded for the network operators with in the switching systems, from
multiple vendors. As the result, services were not offered ubiquitously across an operators
service area. So a customers in one end of the city, country or state, may not have had the same
service offering as a person in another part of the area
Also once, services were implemented, they were not easily modified to meet individual
customers requirement. Often the network operators negotiated the change with the switch
vendors. As the results of this process, it took years to plan and implement the services
This approach to new services deployment, required detailed management of calling patterns,
providing new trunks groups to handle calling patterns. As customers calling habits changed
(Longer call length , larger calling area, and multiple lines in business and residences). The
demand on Network operators increased
Stored program Control (SPC)
In the 1965, stored program control (SPC) switching systems were introduced. SPC were a major
step forward because service logic was programmable, where in the past , service logic was
hardwired. As the result it was now easier to introduce new services
The SPC concepts permits the features like abbreviated dialing, call forwarding, call
waiting etc.
The SPC provides significant advantages to end users.
121
The SPC enables easier number changes, automated call tracing message unit accounting
(for billing) etc.
All switching systems manufactured for use as public switching systems now use
computers and software programming to control the switching of calls.
4.2 Characteristics of PSTN/POTS
POTS is characterized by several aspect
Bi-directional (full duplex) communications.

Using balanced signaling of voltage analogs of sound pressure waves on a two-wire
copper loop
Restricted to a narrow frequency range of 300 to 3300 Hz, called the voice band,
which is much less than the human hearing range of 20 - 20,000 Hz
Call-progress tones, such as dial tone and ringing signal.
Dial pulse signaling of addresses.
4.3 Limitation of POTS

In the old days, a human operator performed the switching process manually on a switchboard. If
an operator knew that the called party was presently visiting his neighbor, she might connect the
call directly to the neighbors phone. There was some intelligence in the network that
improved accessibility. In a modern telecommunications network this intelligence is
implemented with help of IN technology.
Plain old telephone service is a voice grade telephone service. It continues to be the basic
form of home and small business service connection to telephone networks around the globe.
Most of switching devices were not computerized

4.4 Common Channel signaling Network (CCSN)
Another aspect of traditional services offering was the call set up information. That is the
signaling and call supervision that take place between switching systems and the actual call.
When a call was set up , a signal and talk path used the same common trunk from originating
switching systems to the terminating switching systems. Often there were multiple of offices that
were involved in routing of a call. This process seized the trunks in all of the switching systems
involved. Hence if the terminating end was busy all of the trunks were set up unnecessary
The network took a major leap forward in the mid-1970, with the introduction of common
channel signaling network or SS7 in short
Signaling system number 7 (SS7) is a protocol that runs over CCS. The SS7 network consists of
packet data links and packet data switching systems, called signaling transfer points
122
The SS7 network shown in figure below, separate the call set up information and talk path from
common trunks that runs between switching systems. The call set up information travel outside
the common trunk over SS7 network . The type of information transferred included permission
for the call set up , and whether or not the called party was busy
Figure 4.2 : Common channel signaling

The SS7 network was designed, before the intelligent network (IN) concept was introduced.
However telephone operators realized that, there were many advantages to implement and using
SS7 network capabilities
4.5 Services that are supported by SS7
The SS7 network enables enhanced services such as:
Call setup, management and teardown
CallerID, call forwarding, 3-way calling, ...
Toll-free (800/888) and toll (900) services
Wireless roaming
Wireless subscriber authentication
123
4.6 SS7 Architecture

SS7 signaling is out-of-band, meaning that a signaling link is not in a voice channel. Outof-band signaling enables:
Faster call setup than would be possible with in-band signaling using
multifrequency tones
Support for intelligent network features such as database systems
4.7 Types of SS7 signaling points:
Service Switching Points (SSPs)
Signal Transfer Points (STPs)
Service Control Points (SCPs)
Addressing and routing
Signaling points are addressed by unique point codes
Message routing uses the source and destination point codes and routing tables at
each signaling point
Signaling Points
Figure 4.3 : Signaling points
124
Service Switching Points (SSPs)

SSPs are PSTN switches that originate or terminate calls, or route calls to other
switches (tandem switches)
SSPs exchange SS7 messages to set up, manage and release voice circuits
Service Control Points (SCPs)
SCPs are database servers that respond to requests from SSPs for call routing
information
Signal Transfer Points (STPs)
STPs are packet switches that serve as routers in the SS7 network Incoming SS7
messages are switched to outgoing links based on routing
information contained in the messages (not just based on the destination numbers)
A Signaling Point (SP) is a switching or, processing node in a signaling network, with the
functions of SS7 implemented.
All Signaling Points in a SS7 Signaling Network are identified by a unique code (14 bits
0r 24 bits) known as a Signaling Point Code.
A signaling point, at which a signaling message is generated, is called the Originating
Point.
A signaling point, to which a signaling message is destined, is called a Destination Point.
A signaling point, at which a message is received on one signaling link and then
transferred to another link, without processing the contents of the message, is called a
Signaling Transfer Point (STP).
Signaling Links
Figure 4.4 : Signaling Links
125
4.8 Types of SS7 Signaling Links

A (access) link
Connects end nodes to STPs
B (bridge) link
Interconnects primary STPs from different networks
C (cross) link
Connects STPs performing identical functions into a mated pair
D (diagonal) link
Interconnects secondary STPs
E (extended) link
Connects an SSP to a secondary STP; alternate access link
F (fully associated) link
Interconnects two end nodes
4.9 Advantages of Using SS7
SS7 has several advantages compared with traditional signaling systems. Some obvious
advantages are the following:
FAST - the time for call set up is reduced to less than one second in most cases.
HIGH CAPACITY - each signaling link can handle the signaling for several thousand
simultaneous calls.
ECONOMICAL - much less signaling equipment is required, compared to traditional
signaling systems.
RELIABLE - by using alternate signaling routes, the signaling network can be made
very secure.
FLEXIBLE - the system can contain many more signals, for example, and can be used
for other purposes than telephony.
126
Protocol Stack
Figure 4.5 :The OSI Reference Model and the SS7 Protocol Stack
Message Transfer Part (MTP)
The Message Transfer Part (MTP) is divided into three levels.
MTP Level 1
Physical and electrical interfaces of SS7 digital signaling links
E-1 (2048kb/s), DS-1 (1544 kb/s), DS-0 (64 kb/s), V.35 (64 kb/s),
DS-0A (56 kb/s)
MTP Level 2
Handles message transmission over a physical link
Includes flow control, packet sequencing, error detection, retransmission
MTP Level 3
Handles message routing between SSPs
127
Provides congestion control

4.10 SS7 Transport and Higher Layers
Telephone User Part (TUP)
Analog call circuit setup/teardown
ISDN User Part (ISUP)
Setup, management & release of trunk circuits
Signaling Connection Control Part (SCCP)
Transport layer for TCAP-based services such as 800/888 numbers, wireless
roaming, etc.
Provides subsystem numbers (like port numbers in TCP/UDP), which enable
addressing to specific applications at destination signaling points
Transaction Capabilities Application Part (TCAP)
Used for SCP-SSP communications concerning routing of 800/888/900 calls, to
encapsulate Mobile Application Part (MAP) messages containing customer profile
information for roving mobile subscribers, and for calling card calls
Telephone User Part (TUP)
Overview of Telephone User Part (TUP)
The Telephone User Part defines the necessary telephone signaling functions in SS7 for
international as well as national telephone traffic. It provides the same features for
telephone signaling as other ITU-T signaling systems.
The telephone signals are transferred in the signaling network as the form of signaling
messages, which are the contents in the SIF field in the Message Signal Units (MSUs).
ISDN User Part (ISUP)
Overview of ISUP
The ISDN User Part (ISUP) defines the protocol and procedures used to set-up, manage,
and release trunk circuits that carry voice and data calls over the public switched
telephone network (PSTN) or ISDN network. ISUP is capable of processing ISDN
specific information which is more complex than telephony signaling.
ISUP is used for both ISDN and non-ISDN calls. Calls that originate and terminate at the
same switch do not use ISUP signaling.
128
4.11 Commonly Used ISUP Signals

Initial Address Message (IAM)
An IAM is sent in the "forward" direction by each switch needed to complete the circuit
between the calling party and called party until the circuit connects to the destination switch. An
IAM contains the called party number in the mandatory variable part and may contain the calling
party name and number in the optional part.
Address Complete Message (ACM)
An ACM is sent in the "backward" direction to indicate that the remote end of a trunk circuit has
been reserved. The originating switch responds to an ACM message by connecting the calling
party's line to the trunk to complete the voice circuit from the calling party to the called party.
The originating switch also sends a ringing tone to the calling party's line.
Answer Message (ANM)
When the called party answers, the destination switch terminates the ringing tone and sends an
ANM to the originating switch. The originating switch initiates billing after verifying that the
calling party's line is connected to the reserved trunk.
Release Message (REL)
A REL is sent in either direction indicating that the circuit is being released due to the cause
indicator specified. An REL is sent when either the calling or called party "hangs up" the call
(cause = 16). An REL is also sent in the backward direction if the called party line is busy (cause
= 17).
Release Complete Message (RLC)
A RLC is sent in the opposite direction of the REL to acknowledge the release of the remote end
of a trunk circuit and end the billing cycle as appropriate.
129
Signaling Connection Control Part (SCCP)

Where is SCCP?
Figure 4.6 :Signal connection Control Part (SCCP)
4.12 What is SCCP?

In SS7 signaling system, SCCP and MTP layer three together are responsible for
signaling network layer function. SCCP expands the MTP functions in the following
points:
Enable to convey various non-circuit-related signaling messages.
Provide enhanced addressing and routing function, and enable to achieve the direct global
transmission between different SS7 networks by using GT (Global Title) addressing.
Expand the user part of MTP. SCCP supports up to 256 kinds of sub systems instead of
16 in MTP.
Enable to provide connectionless service and connection-oriented service.
130
4.13 Service Functions of SCCP Network

According to the various service requirements, SCCP provides four classes of service: two
connectionless services and two connection-oriented services.
The four classes are:
Class 0: Basic connectionless class.
Class 1: In-sequence delivery connectionless class.
Class 2: Basic connection-oriented class.
Class 3: Flow control connection-oriented class.
Transaction Capabilities Application Part (TCAP)
The main purpose of TCAP is to provide support for interactive applications in a
distributed environment.
TCAP is a general protocol which makes it easy to introduce new features in
telecommunication networks. It reduces the need for development of new protocols
whenever new features are introduced.
Applications of TCAP
Applications of TCAP:
Data Exchange between switching systems
Switching systems access network database center
Network databases establish remote operation dialogue
Examples of TCAP applications:
Mobile service applications
Free phone service (800-service)
Credit Card calling
Operation & Maintenance applications
131
Intelligent Network Application Part (INAP)

The functions of INAP
INAP defines operation criterion among the IN functional entities SSF, SCF, SRF and
SDF.
INAP is transmitted by SCCP UDT data, using connectionless services.
4.14 Intelligent networks (INs)
An intelligent network (IN), is a service independent telecommunication network. Its intelligence
is taken out of the switch and placed in a computer Nodes that are distributed throughout the
network. This provides the network operators with the means to develop and control services
more efficiently. New capabilities can be rapidly introduced into the network. Once introduced,
services are easily customized to meet individual customer needs.
4.15 Components of an Intelligent Network (IN)
The basic structure of an IN, illustrated in Figure below, is based on centralized intelligence
with central intelligence, control information is stored in a central place and the same
information is available for all exchanges in the network. Exchanges request information
when they need it for call handling
The great advantage of the IN concept is that when a new service is introduced or a service is
updated, all exchanges in the network are able to provide the modified service immediately.
Figure 4.7: Components of Intelligent Network
132
4.16 Structure of the IN

IN technology makes provision of new services efficient with the help of control data that are
centralized and available to all switches. Otherwise, service information would need to be
updated to all exchanges when a change is made. Figure above shows the main network
elements of an IN.
The service management system (SMS)
It provides tools for introduction of new services and service updates
The database (DB)
It contains control information, such as emergency numbers and corresponding
physical numbers, for the service control point (SCP), which controls service switching
point (SSP) exchanges.
The intelligent peripheral (IP)
Is a system that provides voice notifications when required
service transfer point (STP
Is an intermediate exchange, which routes signaling messages between the SSP and
STP.
A certain range of telephone numbers is reserved for IN services only. When a SSP, which
performs the functions of an exchange, detects an IN service number, it requests routing
information from the SCP. The SCP then provides information about how that call should be
handled.
In principle, we could implement all intelligence in the SCP and its database could store all the
routing information. This would require heavy signaling between the switching points and the
SCP. In practice, the services that do not require a centralized database are implemented in
switching points to reduce the load on the SCP and the signaling connections between and SSPs.
Some examples of IN services follow
Universal access number: A company with several offices in different parts of a country may
have the same number throughout the country. Each call is automatically connected to the office
closest to the calling subscriber (SSP transfers callers number to SCP). The cost of the call is the
same no matter to which office the call is connected.
Premium rate services: Information provision over the phone, for instance, doctor and layer
services. The service provider charges subscribers via the telephone bill. The charge is dependent
on the called service number.
133
Free phone: Companies that want to provide free customer service use this service in which the receiver
pays for the call.
Credit card call: A service user can pay with his or her credit card by dialing his or her account number
and identity code.
The modern telecommunications networks using IN technology provide many other services and
a few new ones appear annually. An example of these is inexpensive home-to-mobile and
mobile-to-home calls for which you dial a specific number given by an operator.
Another example is a card service for which a serviceperson dials a specific service number and
security code and the network operator charges his or her employer instead of the telephone from
which he or she is calling.
One category of services implemented with the help of IN technology is value-added services.
This term refers to the services that give additional value, not just point-to-point telephone
conversation. Separate service providers, not the telecommunications service provider, often
provide these services.
Examples of value-added services are telebanking, telephone doctor or lawyer services, and
participation to TV games. IN technology provides flexible routing and service-specific charging
for these services.
4.17 Benefits of Intelligent Networks
The main benefits of IN, is the ability to improve existing services and develop new source of
revenue. To meet these objectives, providers requires to accomplish the following
Introduces new services rapidly IN provide the capability to provision new services
or modify existing services throughout the network with physical intervention
Provide service customization Service providers, requires the ability to change the
service logic rapidly and efficiently. Customers are also demanding control of their own
services to meet their individual needs
Establish vendor independence- A major criterion for the service providers, is that the
software must be developed quickly and inexpensively. To accomplish this, suppliers
must integrate commercially available softwares to create the application required by the
service providers
Create open interface- Open interface allow the service providers to introduce network
element quickly for individualized customers services. The softwares must interface with
other vendors products while still maintain stringent network operation standards.
Services providers, are no longer relying on one or two vendors to provide equipments
and softwares to meet customers requirements
134
4.18 Web Caching

A web cache (or HTTP cache) is an information technology for the temporary storage (caching)
of web documents, such as HTML pages and images, to reduce bandwidth usage, server load,
and perceived lag. A web cache system stores copies of documents passing through it;
subsequent requests may be satisfied from the cache if certain conditions are met. A web cache
system can refer either to an appliance, or to a computer program.
A Web cache sits between one or more Web servers (also known as origin servers) and a client
or many clients, and watches requests come by, saving copies of the responses like HTML
pages, images and files (collectively known as representations) for itself. Then, if there is
another request for the same URL, it can use the response that it has, instead of asking the origin
server for it again.
A client, such as a web browser, can also store web content for reuse. For example, if the back
button is pressed, the local cached version of a page may be displayed instead of a new request
being sent to the web server.
4.19 Types of Web Caches
There are two types of Web caches a browser cache and a proxy cache
Browser Caches
A browser cache is part of all popular Web browsers. The browser keeps a local copy of all
recently displayed pages, and when the user returns to one of these pages, the local copy is
reused.
If you examine the preferences dialog of any modern Web browser (like Internet Explorer, Safari
or Mozilla), youll probably notice a cache setting. This lets you set aside a section of your
computers hard disk to store representations that youve seen, just for you. The browser cache
works according to fairly simple rules. It will check to make sure that the representations are
fresh, usually once a session (that is, the once in the current invocation of the browser).
Proxy Caches
A proxy cache is a shared network device that can undertake Web transactions on behalf of a
client, and, like the browser, the proxy cache stores the content. Subsequent requests for this
content, by this or any other client of the cache will trigger the cache to deliver the locally stored
copy of the content, avoiding a repeat of the download from the original content source.
Consider the diagram below that shows how proxy caches working principles
When a browser wishes to retrieve a URL, it takes the host name component and translates that
name to an IP address. A HTTP session is opened against that address, and the client requests the
URL from the server.
135
When using a proxy cache, not much is altered in the transaction. The client opens a HTTP
session with the proxy cache, and directs the URL request to the proxy cache instead.
Figure 4.8 : Proxy caches

If the cache contains the referenced URL it is checked for freshness by comparing with the
"Expires:" date field of the content, if it exists, or by some locally defined freshness factor. Stale
objects are revalidated with the server, and if the server revalidates the content, the object is
remarked as fresh. Fresh objects are delivered to the client as a cache hit. If the cache does not
have a local copy of the URL, or the object is stale, this is a cache miss. In this case the cache
acts as an agent for the client, opens its own session to the server named in the URL, and
attempts a direct transfer to the cache.
4.20 Benefits of Web caching and suitability for the deployment in the environment
Caches can help your Web site load faster, and save load on your server and Internet link.
The difference can be dramatic; a site that is difficult to cache may take several seconds
to load, while one that takes advantage of caching can seem instantaneous in comparison.
Users will appreciate a fast-loading site, and will visit more often.
Caches help the users from utilizing large internet bandwidth. Best of all, you dont have
to pay for them.
136
CHAPTER FIVE
5.0 Network Management
We can define network management as monitoring, testing, configuring, and troubleshooting
network components to meet a set of requirements defined by an organization. These
requirements include the smooth, efficient operation of the network that provides the predefined
quality of service for users. To accomplish this task, a network management system uses
hardware, software, and humans.
5.1 Function of the Network management system
We can say that the functions performed by a network management system can be divided into
five broad categories:
fault management,
configuration management,
accounting management
performance management,
security management
As shown in the figure below, you just need to remember the word FCAPS, where by each letter
represents the function of Network Management system
Figure 5.1 Function of Network Management
Configuration Management
A large network is usually made up of hundreds of entities that are physically or logically
connected to one another. These entities have an initial configuration when the network is set up,
but can change with time. Desktop computers may be replaced by others; application software
may be updated to a newer version; and users may move from one group to another. The
137
configuration management system must know, at any time, the status of each entity and its
relation to other entities.
Configuration Management monitors network and system configuration information and
stores it in a configuration management database.
The maintenance of this database allows network administrators to track hardware,
software, and other network resources
Configuration management can be divided into two subsystems: reconfiguration and
documentation.
i.
Reconfiguration
Reconfiguration, which means adjusting the network components and features, can be a daily
occurrence in a large network. There are three types of reconfiguration: hardware
reconfiguration, software reconfiguration, and user-account reconfiguration.
Hardware reconfiguration covers all changes to the hardware. For example, a desktop
computer may need to be replaced. A router may need to be moved to another part of the
network. A subnetwork may be added or removed from the network. All these need the time
and attention of network management
Software reconfiguration covers all changes to the software. For example, new software
may need to be installed on servers or clients. An operating system may need updating.
Fortunately, most software reconfiguration can be automated. For example, updating an
application on some or all clients can be electronically downloaded from the server.
Documentation
ii.
The original network configuration and each subsequent change must be recorded meticulously.
This means that there must be documentation for hardware, software, and user accounts.
Fault Management
Manages network problems to keep the network running reliably and efficiently.Fault
management process involves the following steps
o Detecting the problem symptoms.
o Isolating the problem.
o Fixing the problem automatically (if possible) or manually.
o Testing the fix on all important subsystems.
138
o Logging the detection and resolution of the problem.
Performance Management
Performance management, which is closely related to fault management, tries to monitor and
control the network to ensure that it is running as efficiently as possible. Performance
management tries to quantify performance by using some measurable quantity such as capacity,
traffic, throughput, or response time.
Performance management involves three basic steps:
1. Gathering data relating to key performance variables.
2. Analyzing data to determine the normal (baseline) performance levels.
3. Determining appropriate performance thresholds for each variable so that
exceeding these thresholds indicates a network problem worthy of attention.
Figure 5.2 : Network analyzers
139
Security Management
Security management is responsible for controlling access to the network based on the
predefined policy
Aids administrators in creating a secure network environment. This includes:
partitioning network resources into authorized and unauthorized areas,
mapping groups of users to those areas, and
Monitoring, policing, and logging user access to resources in those areas.
Security monitoring
Security event collection
Event analysis, correlation and alert generation
Alert handling
Accounting Management
Accounting management is the control of users' access to network resources through charges.
Under accounting management, individual users, departments, divisions, or even projects are
charged for the services they receive from the network. Charging does not necessarily mean cash
transfer; it may mean debiting the departments or divisions for budgeting purposes.
o
o
o
o
Today, organizations use an accounting management system for the following reasons:
It prevents users from monopolizing limited network resources.
It prevents users from using the system inefficiently.
Network managers can do short- and long-term planning based on the demand for
network use.
5.2 Simple network management protocol (SNMP)

The Simple Network Management Protocol (SNMP) is a framework for managing devices in an
internet using the TCPIIP protocol suite. It provides a set of fundamental operations for
monitoring and maintaining an internet.
140
5.3 SNMP protocol Concept

SNMP uses the concept of manager and agent. That is, a manager, usually a host, controls and
monitors a set of agents, usually routers. Consider the diagram below
Figure 5.3 : SNMP protocol concept

SNMP is an application-level protocol in which a few manager stations control a set of agents.
The protocol is designed at the application level so that it can monitor devices made by different
manufacturers and installed on different physical networks.
In other words, SNMP frees management tasks from both the physical characteristics of the
managed devices and the underlying networking technology. It can be used in a heterogeneous
internet made of different LANs and WANs connected by routers made by different
manufacturers.
Managers and Agents
A management station, called a manager, is a host that runs the SNMP client program. A
managed station, called an agent, is a router (or a host) that runs the SNMP server program.
Management is achieved through simple interaction between a manager and an agent.
The agent keeps performance information in a database. The manager has access to the values in
the database. For example, a router can store in appropriate variables the number of packets
received and forwarded. The manager can fetch and compare the values of these two variables to
see if the router is congested or not.
The manager can also make the router perform certain actions. For example, a router periodically
checks the value of a reboot counter to see when it should reboot itself. It reboots itself, for
example, if the value of the counter is O. The manager can use this feature to reboot the agent
remotely at any time. It simply sends a packet to force a 0 value in the counter
141
Agents can also contribute to the management process. The server program running on the agent
can check the environment, and if it notices something unusual, it can send a warning message,
called a trap, to the manager.
In other words, management with SNMP is based on three basic ideas:
1. A manager checks an agent by requesting information that reflects the behavior of
the agent.
2. A manager forces an agent to perform a task by resetting values in the agent database.
3. An agent contributes to the management process by warning the manager of an
unusual situation.
5.4 Internet Management Components
To do management tasks, SNMP uses two other protocols: Structure of Management
Information (SMI) and Management Information Base (MIB). In other words, management
on the Internet is done through the cooperation of the three protocols SNMP, SMI, and MIB, as
shown in Figure below
Figure 5.5 : Internet management components

Let us elaborate on the interactions between these protocols.
Roles of SNMP
SNMP has some very specific roles in network management. It defines the format of
the packet to be sent from a manager to an agent and vice versa. It also interprets the result and
creates statistics (often with the help of other management software). The packets exchanged
contain the object (variable) names and their status (values). SNMP is responsible for reading
and changing these values.
SNMP defines the format of packets exchanged between a manager and an agent. It reads and
changes the status (values) of objects (variables) in SNMP packets.
142
Roles of SMI
SMI is a protocol that defines these rules. However, we must understand that SMI only defines
the rules; it does not define how many objects are managed in an entity or which object uses
which type. SMI is a collection of general rules to name objects and to list their types. The
association of an object with the type is not done by SMI.
SM1 does not define the number of objects an entity should manage or name the objects
to be managed or define the association between the objects and their values.
To use SNMP, we need rules. We need rules for naming objects. This is particularly important
because the objects in SNMP form a hierarchical structure (an object may have a parent object
and some children objects).
Part of a name can be inherited from the parent. We also need rules to define the type of the
objects. What types of objects are handled by SNMP? Can SNMP handle simple types or
structured types? How many simple types are available? What are the sizes of these types? What
is the range of these types? In addition, how are each of these types encoded?
We need these universal rules because we do not know the architecture of the computers that
send, receive, or store these values. The sender may be a powerful computer in which an integer
is stored as 8-byte data; the receiver may be a small computer that stores an integer as 4-byte
data.
Role of MIB
MIB creates a collection of named objects, their types, and their relationships to each other in an
entity to be managed.
For each entity to be managed, this protocol must define the number of objects, name them
according to the rules defined by SMI, and associate a type to each named object. This protocol
is MIB. MIB creates a set of objects defined for each entity similar to a database (mostly
metadata in a database, names and types without values).
143
5.5 Network and Internet security

The field of network and Internet security consists of measures to deter, prevent, detect, and
correct security violations that involve the transmission of information. That is a broad statement
that covers a host of possibilities.
To give you a feel for the areas covered in this section, consider the following examples of
security violations:
User A transmits a file to user B. The file contains sensitive information (e.g., payroll records)
that is to be protected from disclosure. User C, who is not authorized to read the file, is able to
monitor the transmission and capture a copy of the file during its transmission.
Figure 5.6 :Security threats

A network manager, D, transmits a message to a computer, E, under its management. The
message instructs computer E to update an authorization file to include the identities of a number
of new users who are to be given access to that computer. User F intercepts the message, alters
its contents to add or delete entries, and then forwards the message to computer E, which accepts
the message as coming from manager D and updates its authorization file accordingly.
Figure 5.7 :Modification
144
Rather than intercept a message, user F constructs its own message with the desired entries and
transmits that message to computer E as if it had come from manager D. Computer E accepts the
message as coming from manager D and updates its authorization file accordingly.
An employee is fired without warning. The personnel manager sends a message to a server
system to invalidate the employees account. When the invalidation is accomplished, the server
is to post a notice to the employees file as confirmation of the action. The employee is able to
intercept the message and delay it long enough to make a final access to the server to retrieve
sensitive information. The message is then forwarded, the action taken, and the confirmation
posted. The employees action may go unnoticed for some considerable time.
A message is sent from a customer to a stockbroker with instructions for various transactions.
Subsequently, the investments lose value and the customer denies sending the message.
Although this list by no means exhausts the possible types of network security violations, it
illustrates the range of concerns of network security.
5.6 Computer Security
The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability, and confidentiality of information system
resources
This definition introduces three key objectives that are at the heart of computer security:
i.
Confidentiality: Preserving authorized restrictions on information access and disclosure,

including means for protecting personal privacy and proprietary information. A loss of
confidentiality is the unauthorized disclosure of information. This term covers two related
concepts:
Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information related to them
may be collected and stored and by whom and to whom that information may be
disclosed.
ii. Integrity: Guarding against improper information modification or destruction, including
ensuring information nonrepudiation and authenticity. A loss of integrity is the
unauthorized modification or destruction of information. This term covers two related
concepts:
Data integrity: Assures that information and programs are changed only in a
specified and authorized manner.
System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation
of the system.
145
iii.
Availability: Assures that systems work promptly and service is not denied to authorize
users.
5.7 Challenges of computer security

1. Security is not as simple as it might first appear to the novice. The requirements seem
to be straightforward; indeed, most of the major requirements for security services can
be given self-explanatory, one-word labels: confidentiality, authentication,
nonrepudiation, or integrity. But the mechanisms used to meet those requirements can
be quite complex, and understanding them may involve rather subtle reasoning.
2. In developing a particular security mechanism or algorithm, one must always consider
potential attacks on those security features. In many cases, successful attacks are
designed by looking at the problem in a completely different way, therefore exploiting
an unexpected weakness in the mechanism.
3. Having designed various security mechanisms, it is necessary to decide where to use
them. This is true both in terms of physical placement (e.g., at what points in a
network are certain security mechanisms needed) and in a logical sense [e.g., at what
layer or layers of an architecture such as TCP/IP (Transmission Control
Protocol/Internet Protocol) should mechanisms be placed].
4. Security mechanisms typically involve more than a particular algorithm or protocol.
They also require that participants be in possession of some secret information (e.g.,
an encryption key), which raises questions about the creation, distribution, and
protection of that secret information. There also may be a reliance on communications
protocols whose behavior may complicate the task of developing the security
mechanism. For example, if the proper functioning of the security mechanism requires
setting time limits on the transit time of a message from sender to receiver, then any
protocol or network that introduces variable, unpredictable delays may render such
time limits meaningless.
5. Computer and network security is essentially a battle of wits between a perpetrator
who tries to find holes and the designer or administrator who tries to close them. The
great advantage that the attacker has is that he or she need only find a single weakness,
while the designer must find and eliminate all weaknesses to achieve perfect security.
6. There is a natural tendency on the part of users and system managers to perceive little
benefit from security investment until a security failure occurs.
7. Security requires regular, even constant, monitoring, and this is difficult in todays
short-term, overloaded environment.
8. Security is still too often an afterthought to be incorporated into a system after the
design is complete rather than being an integral part of the design process.
9. Many users and even security administrators view strong security as an impediment to
efficient and user-friendly operation of an information system or use of information.
146
5.8 Important terms to understand

Threat
A potential for violation of security, which exists when there is a circumstance, capability,
action, or event that could breach security and cause harm. That is, a threat is a possible danger
that might exploit vulnerability.
Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act that
is a deliberate attempt (especially in the sense of a method or technique) to evade security
services and violate the security policy of a system.
Security attack: Any action that compromises the security of information owned by an
organization.
Security mechanism: A process (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.
Security service: A processing or communication service that enhances the security of the data
processing systems and the information transfers of an organization. The services are intended to
counter security attacks, and they
make use of one or more security mechanisms to provide the service.
Types of security attacks
A useful means of classifying security attacks, is in terms of passive attacks and active attacks
A passive attack attempts to learn or make use of information from the system but does not
affect system resources.
An active attack attempts to alter system resources or affect their operation.
5.9 Division of security problems
Security problem can be divided into following areas
ACCESS CONTROL
In the context of network security, access control is the ability to limit and control the
access to host systems and applications via communications links. To achieve this, each
entity trying to gain access must first be identified, or authenticated, so that access rights
can be tailored to the individual.
147
DATA CONFIDENTIALITY
Confidentiality is the protection of transmitted data from passive attacks (prevent a data
from being read by a third party). With respect to the content of a data transmission,
several levels of protection can be identified. The broadest service protects all user data
transmitted between two users over a period of time
For example, when a TCP connection is set up between two systems, this broad
protection prevents the release of any user data transmitted over the TCP connection.
AUTHENTICATION
The assurance that the communicating entity is the one that it claims to be
DATA INTEGRITY
The assurance that data received are exactly as sent by an authorized entity (i.e., contain
no modification, insertion, deletion, or replay).
A connection-oriented integrity service, one that deals with a stream of messages, assures
that messages are received as sent with no duplication, insertion, modification,
reordering, or replays. The destruction of data is also covered
under this service
NONREPUDIATION
Provides protection against denial by one of the entities involved in a communication of
having participated in all or part of the communication.
Nonrepudiation prevents either sender or receiver from denying a transmitted message.
Thus, when a message is sent, the receiver can prove that the alleged sender in fact sent
the message. Similarly, when a message is received, the sender can prove that the alleged
receiver in fact received the message.
148
5.10 Classical encryption Techniques

There are important terms to understand in encryption techniques
i.
ii.
iii.
iv.
v.
vi.
Cryptography
The art or science encompassing the principles and methods of transforming an intelligible
message into one that is unintelligible, and then retransforming that message back to its
original form
Plaintext,
This refers to an original message
Ciphertext
This refers to the encoded message
Enciphering or Encryption
The process of converting from plaintext to ciphertext
Deciphering or Decryption
This is a process of restoring the plaintext from the ciphertext
Cryptography.
This refers to the many schemes used for encryption
5.11 Types of cryptosystems

Basically there are two types of cryptosystems
Symmetric cryptosystems
Important terms to understand under symmetric cryptosystems
Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different
output depending on the specific key being used at the time. The exact substitutions and
transformations performed by the algorithm depend on the key.
Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes
the ciphertext and the secret key and produces the original plaintext.
There are two requirements for secure use of conventional encryption:
149
1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to be

such that an opponent who knows the algorithm and has access to one or more ciphertext
would be unable to decipher the ciphertext or figure out the key. This requirement is
usually stated in a stronger form:
Figure 5.8 Simplified model of symmetric encryption

The opponent should be unable to decrypt ciphertext or discover the key even if he or she is
in possession of a number of ciphertexts together with the plaintext that produced each
ciphertext.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion and
must keep the key secure. If someone can discover the key and knows the algorithm, all
communication using this key is readable.
In symmetrical cryptosystems it is assumed that it is impractical to decrypt a message on the
basis of the ciphertext plus knowledge of the encryption/decryption algorithm. In other words,
there is no need to keep the algorithm secret; we need to keep only the key secret. This feature
of symmetric encryption is what makes it feasible for widespread use.
If both sender and receiver use the same key, the system is referred to as symmetric, or
conventional encryption
The fact that the algorithm need not be kept secret means that manufacturers can and have
developed low-cost chip implementations of data encryption algorithms. These chips are
widely available and incorporated into a number of products. With the use of symmetric
encryption, the principal security problem is maintaining the secrecy of the key.
150
Let us take a closer look at the essential elements of a symmetric encryption scheme, using
Figure below
Figure 5.9 Model of Symmetric Cryptosystem

A source produces a message in plaintext, X=[X1 ,X2 ,X3 ,+XM ]. The elements of are
letters in some finite alphabet
Traditionally, the alphabet usually consisted of the 26 capital letters. Nowadays, the binary
alphabet {0, 1} is typically used. For encryption, a key of the form K=[K1 ,K2 ,K3 ,.Kj ] is
generated
If the key is generated at the message source, then it must also be provided to the destination
by means of some secure channel. Alternatively, a third party could generate the key and
securely deliver it to both source and destination.
With the message X and the encryption key K as input, the encryption algorithm forms the
ciphertext Y=[Y1,Y2 ,Y3 ,YN ]. We can write this as Y=E(K,X)
This notation indicates that Y is produced by using encryption algorithm E as a function of the
plaintext X, with the specific function determined by the value of the key K .
The intended receiver, in possession of the key K, and is able to invert the transformation:
X=D (K,Y)
151
Asymmetric cryptosystems
If the sender and receiver use different keys, the system is referred to as asymmetric, two-key,
or public-key encryption.
5.12 Characteristics of cryptographic systems
Cryptographic systems are characterized along three independent dimensions:
1. The type of operations used for transforming plaintext to ciphertext. All encryption
algorithms are based on two general principles: substitution, in which each element in the
plaintext (bit, letter, group of bits or letters) is mapped into another element, and
transposition, in which elements in the plaintext are rearranged. The fundamental
requirement is that no information be lost (that is, that all operations are reversible). Most
systems, referred to as product systems, involve multiple stages of substitutions and
transpositions.
2. The number of keys used. If both sender and receiver use the same key, the system is
referred to as symmetric, single-key, secret-key, or conventional encryption. If the sender
and receiver use different keys, the system is referred to as asymmetric, two-key, or publickey encryption.
3. The way in which the plaintext is processed. A block cipher processes the input one block
of elements at a time, producing an output block for each input block. A stream cipher
processes the input elements continuously, producing output one element at a time, as it
goes along.
5.13 Caesar Cipher Encryption technique
The earliest known, and the simplest, use of a substitution cipher was by Julius Caesar. The
Caesar cipher involves replacing each letter of the alphabet with the letter standing three places
further down the alphabet. For example,
Plaintext: meet me after the toga party
Ciphertext: PHHW PH DIWHU WKH WRJD SDUWB
A substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols.1 If the plaintext is viewed as a sequence of bits, then substitution involves
replacing plaintext bit patterns with ciphertext bit patterns.
Note that the alphabet is wrapped around, so that the letter following Z is A. We can define the
transformation by listing all possibilities, as follows:
Plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
ciphertext: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
152
Let us assign a numerical equivalent to each letter:
Then the algorithm can be expressed as follows. For each plaintext letter p , substitute the
ciphertext letter C :
C= E (3, p) = (p+3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is
C= E (k, p) = (p + k) mod 26
Where takes on a value in the range 1 to 25. The decryption algorithm is simply
P= D (k, C) = (C - k) mod 26
Rules when using Caesar Cipher Encryption technique
Plaintext is always in lowercase; ciphertext is in uppercase; key values are in italicized

lowercase.
We define a mod n to be the remainder when a is divided by n. For example, 11 mod 7 = 4
If it is known that a given ciphertext is a Caesar cipher, then a brute-force cryptanalysis is easily
performed: simply try all the 25 possible keys. Figure below shows the results of applying this
strategy to the example ciphertext. In this case, the plaintext leaps out as occupying the third line.
153
References
1) Forouzan A.B. (2007). Data Communication and Networking, Fourth Edition, Alan R.
Apt
2) Mark A.D & Antoon W.R (2008). Network Fundamentals, CCNA Exploration
Companion Guide, Second Edition, Cisco Press
3) Todd L. (2009). Network+ study Guide, Second Edition, Wiley publishing

4) Todd L. (2005). Cisco Certified Network Associate study guide. Fifth Edition, Neil
Edde
5) William S. (2009). Cryptography and Network Security, Fifth Edition, Academic

Authors Association
154

Computer Network IIIB

Uploaded by

Copyright:

Available Formats

Computer Network IIIB

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Computer Network IIIB

Uploaded by

Copyright:

Available Formats

Table of Contents

1.26 Advantages of NAT .......................................................................................................... 58

3.7 Bridges versus switching .................................................................................................... 85

4.2 Characteristics of PSTN/POTS ......................................................................................... 122

5.11 Types of cryptosystems................................................................................................... 149

This page is intentionally left blank

Process/ application layers

Figure 1.1 : Comparison of DOD and OSI model

Figure 1.2 : TCP/IP protocol suite stack

NFS (Network File system)

SMTP (Simple mail transfer protocol)

Figure 1.3: DNS server

BootP (Bootstrap protocol)

TCP SEGEMNT FORMAT

Figure 1.4: TCP Segment format

When reliability issues have already been handled in Process/Application layer

1.3 UDP Segment Format

Figure 1.5 : UDP segment structure

Figure 1.6: TCP and UDP use port numbers

C. The Internet Layer Protocols

Internet Protocol (IP)

Figure 1.7 : IP datagram structure

Version: IP version number.

Internet control Message protocol (ICMP)

Figure 1.8: ICMP process

Address Resolution Protocol (ARP)

This is also another protocol in the Internet layer, whose function is to

Figure 1.9 : Address Resolution Protocol

Reverse address Resolution protocol (RARP)

Figure 1.10: Reverse address resolution protocol

Proxy Address Resolution Protocol (Proxy ARP)

Figure 1.11: Encapsulation process

At the TRANSPORT LAYER

Figure 1.12: Encapsulation process

Figure 1.13: Port numbers in virtual circuit

Figure 1.14 : Classification of addressing

Figure 1.15 : Classification of addresses basing on OSI layers

1.8 Physical Addresses

Figure 1.16 : communication with physical address

Figure 1.17 : Communication with Logical addressing

Figure 1.18: Port address

1.12 Logical Addressing

1.14 Classful Addressing

1.15 Network Addresses: Special Purpose

Figure 1.19 : Special Ip addresses

1.16 Application of classes of IP address

Default Mask address

Custom/ subnet mask Address

1.19 Classless Addressing.

restrictions on classless address blocks:

To find Last address in the block

Custom Mask address/ Subnet mask address

Decimal Notation 255.0.0.0

11 000000 00000000 00000000

Subnet Mask Address

Subnet Mask Address

For Class B IP address default mask address 255.255.0.0

CIDR Notation =/16

CIDR Notation /17