Implementing Cisco Networking Solutions E-Book

BIRMINGHAM - MUMBAI

Implementing Cisco Networking Solutions

Copyright © 2017 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: September 2017

Production reference: 1260917

ISBN 978-1-78712-178-2

www.packtpub.com

Credits

Author

Harpreet Singh

Copy Editors

Laxmi Subramanian

Ulka Manjrekar

Reviewer

Amir Roknifard

Project Coordinator

Shweta H Birwatkar

Commissioning Editor

Pratik Shah

Proofreader

Safis Editing

Acquisition Editor

Prachi Bisht

Indexer

Pratik Shirodkar

ContentDevelopmentEditor

Dattatraya More

Graphics

Tania Dutta

Technical Editor

Sneha Hanchate

Production Coordinator

Deepti Naik

About the Author

Harpreet Singh has more than 20 years of experience in the data domain and has been designing and implementing networks and solutions across technologies from X.25, FR, ATM, TCP/IP, and MPLS-based networks. Harpreet is a gold medalist and earned his bachelor of engineering degree before completing his postgraduate diploma in business administration. He has been a part of the faculty at the Advanced Level Telecom Training Center, a premier institute under the UNDP program for the training of telecom officers, where he conducted training on data networks, including technologies such as X.25, Frame Relay, ATM, Siemens Switches, and IP/ MPLS networks.

About the Reviewer

Amir Roknifard is a self-educated cyber security Solutions Architect with a focus on web application, network, and mobile security. He leads research, development, and innovation at KPMG Malaysia and is a hobby coder and programmer that enjoy spending his time educating people about privacy and security, so that ordinary people have the knowledge to protect themselves. He likes automation and developed an integrated platform for Cyber Defense teams that could take care of their day-to-day workflow from request tickets to final reports. He has completed many projects in the governmental, military and public sectors in different countries, and worked for banks and other financial institutions, oil and gas and telecommunication companies. He also has hours of lecturing on IT and information security topics on his resume, and reviewed several books in realm of information technology and security. Amir also founded the Academician Journal, which aims to narrow the gap between academia and the information security industry. It tries to identify the reasons this gap occurs, analyse them and address them. He picks up new ideas that may be able to solve the problems of tomorrow and develops them. That is why like-minded people are always welcome to suggest their ideas for publication or co-authoring a piece of research through handle: @roknifard.

www.PacktPub.com

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www.packtpub.com/mapt

Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Customer Feedback

Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review.

If you'd like to join our team of regular reviewers, you can e-mail us at [email protected]. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products!

Table of Contents

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Downloading the color images of this book

Errata

Piracy

Questions

Network Building Essentials

Introduction to networks

The OSI model and the TCP/IP stack

Basic OSI reference model

Layer 1 - The physical layer

Layer 2 - The data link layer

Layer 3 - The network layer

Layer 4 - The transport layer

Layer 5 - The session layer

Layer 6 - The presentation layer

Layer 7 - The application layer

The TCP/IP model

Internet Protocol (IP)

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

IP version 6

Building a network

Purpose of networks

Network lifecycle

Advantages of network lifecycle approach

Prepare phase

Plan phase

Design phase

Implement phase

Operate phase

Optimize phase

Summary

Networks for Digital Enterprises

The impact of technology on business

Digitization as the key enabler

A digital-ready infrastructure

Enabling technologies

Input/output systems

IoT systems

Network

Software-defined networking

Network function virtualization

Network programmability

Processing centres

Edge computing

Cloud computing

Analytics

Network as the cornerstone

Network enabling new experiences

Network providing new Insights

Facets of a digital infrastructure

Functionality

Resiliency

Modularity

Flexibility

Scalability

Security

Agility

Manageability

Visibility and analytics

Cisco Digital Network Architecture

Summary

Components of the Enterprise Network

Networking devices and their functions

Switches

Wireless Access Points

Routers

Firewalls

Introduction to Cisco IOS

IOS command modes

Configuration files

Places in the network

Campus network

Wide Area Network (WAN)

Data center

Internet edge

Interdependency between the various components

Summary

Understanding and Configuring Campus Network Technologies

Campus network technologies

Layer 2 technologies

Ethernet

Ethernet switch and MAC-based forwarding

Virtual LANs

Access ports and trunk ports

Spanning Tree Protocols

Link aggregation

Address Resolution Protocol (ARP)

Configuring layer 2 protocols

Layer 3 technologies

IP addressing

IPv4 addresses

Routable and private addresses

Sample addressing

Configuring IP addresses

A note about WAN addresses

Secondary addresses

First Hop Redundancy Protocols (FHRP)

HSRP

VRRP

GLBP

Routing protocols

Routing table

Static routing

Dynamic routing

Distance vector routing

Link-state routing

External routing

Route redistribution

Routing table segmentation

Campus LAN design considerations

Topology choices

Ring and star topologies

Physical versus logical topology

Naming convention

Layer 2 versus layer 3 boundaries

Sizing the campus network

Stacking switches

A sample network

Summary

Understanding and Configuring Wireless Access Technologies

Benefits of wireless networks

Wireless fundamentals

An RF signal

Signal strength

Modulation

Signal to Noise Ratio (SNR)

Frequency bands

Channels

MIMO

Channel bonding

Antenna characteristics

Wireless standards

IEEE 802.11

IEEE 802.11a

IEEE 802.11b

IEEE 802.11g

IEEE 802.11n

IEEE 802.11ac

Mixed mode operation/interoperability

Configuring the WLAN

Cisco mobility express

Wireless LAN controller and CAPWAP

Configuring AP using Cisco Mobility Express

Configuration using the WLC

WLC redundancy

HA stateful switchover

Configuring the WLC deployment

FlexConnect mode

Configuring the APs in FlexConnect mode

Summary

Understanding and Configuring WAN Technologies

Considerations for a WAN design

WAN technology choices

Configuring WAN serial links

Serial links with PPP/HDLC encapsulation

FR encapsulation

Multilink PPP

Configuring overlay P2P links

Virtual private networks

Layer 2 VPNs

Layer 3 VPNs

VRF-Lite

Remote access VPNs

Managed versus unmanaged services

Connecting to the internet

Routing at the internet edge

Static routing

BGP

Encrypting and securing the WAN

Optimizing the WAN

Summary

Understanding and Configuring Data Center Technologies

Functions of a data center

Evolution of the DC

Network

Computers

Virtualization

Storage

Cloud computing

Management systems

Design of a DC

Application hierarchy

Zoning of the data center

Types of networks in a DC

Introduction to firewalls

Firewall inspection

Basic access control

Protecting from IP fragments

Application inspection

Applying connection limits and TCP normalization

Enabling threat detection

Firewall security context

Scaling the firewall

Connecting the DC to the internet

Network Address Translation

Designing a sample DC

Network design

Firewall design

Firewall redundancy

Server redundancy

NIC teaming

Virtualization

Server load balancers

Planning a disaster recovery

Providing remote access to the DC

Summary

Understanding and Configuring Network Security

Security landscape

Elements of enterprise security

Securing network infrastructure

Data plane security

Controlling network access

Password protection on wireless networks

Network access control (NAC)

Port security and MAC limiting

Preventing spoofed attacks

ARP spoofing

Unicast RPF

IP source guard

Limiting punting to CPU

IP options and source routing

ICMP attacks

Controlling user traffic

Rate limiting and storm control

Controlling user to user traffic

Access control lists

Preventing denial of service attacks

Control plane security

Disable unused services

Disabling unused global services

Disabling interface services

Layer 2 control plane security

STP security

DHCP snooping

Dynamic ARP Inspection (DAI)

Control plane policing

Protocol security

Management plane security

Security beyond the network devices

Securing the network perimeter

Firewalls

Securing services

Email services

Web security

Advanced Malware Protection (AMP)

Securing the endpoints

DNS-based security

Securing data in transit

Network behavioral analysis

Summary

Understanding and Configuring Quality of Service

The need for QoS

Network impact on traffic

Packet loss

Latency

Jitter

QoS models

The integrated services model

The differentiated services model

QoS tools

Traffic conditioning

Policing

Shaping

Markdown

Packet classification

Packet marking

Congestion management

Queuing

Scheduling

Low latency queueing (LLQ)

Class-based weighted fair queueing (CBWFQ)

Congestion avoidance

Tail drop

Random early detection

Weighted random early detection (WRED)

Modular QoS command-line interface

QoS design for an enterprise

Defining the trust boundary

Defining traffic types

Assigning bandwidths

Assessing hardware and assigning classes to queues

Implementing configurations

The ingress policy

The egress policy

QoS in a hybrid model with service provider WAN

Summary

A Systematic Approach to Network Management

Frameworks related to network management

Network management planning

Pillars of network management

People

Processes

Tools and technologies

The importance of metrics

Network operations systems components

Simple Network Management Protocol (SNMP)

SNMP traps

SNMP polling

Syslog

Network Time Protocol (NTP)

Controlling device access using RADIUS

Role-based user access

IP Service Level Assurance (IP-SLA)

Management network

Cisco Prime Infrastructure

Implementing the network management strategy

Summary

Basic Troubleshooting Skills and Techniques

A framework for structured troubleshooting

Establishing the normal and detecting deviations

The network baseline

Application baseline

Network troubleshooting commands

IOS commands

The ping command

The traceroute command

The debug commands

Troubleshooting the network

Troubleshooting user connectivity

Troubleshooting layer 2 issues

Troubleshooting the first hop connectivity

Troubleshooting routing issues

Troubleshooting forwarding plane issues

Troubleshooting performance issues

Troubleshooting the management plane

Troubleshooting device level issues

Hardware issues

Software issues

Summary

Preface

Most enterprises use Cisco networking equipment to design and implement their networks. However, some networks outperform the networks in other enterprises in terms of performance and meeting new business demands, because they were designed for the present, keeping the future in mind. This book talks about how to design and implement enterprise networks for small-to-midsize organizations efficiently and effectively, so that the network design can accommodate the newer demands from the users in a seamless manner from adding more branches/users, to adding new services, and evaluating and implementing new technologies to optimize costs or enhance user experience.

What this book covers

We divided the book into three broad sections as follows:

Network design fundamentals, where we review the fundamentals of TCP/ IP and discuss the network life cycle. We will also cover the business relevance of the network, and how networks are keeping up with the challenges of evolving businesses.

The second part focuses on the various functional areas in the enterprise network, and covers the technologies and design choices within each functional area.

The third section discusses an approach on managing and operating the network, and provide best practices for network management, and finally provide tips on troubleshooting the network.

Chapter 1, Network Building Essentials, provides a quick review the OSI and the TCP/IP stack, talks about the network life cycle, and covers the various life stages of the network from preparing to build the network, planning the network, designing the network, implementing the network, operating it, and finally optimizing the network.

Chapter 2, Networks for Digital Enterprises, talks about the emerging trends in enterprise IT networks, and talks about how changing business models are changing network designs. We will discuss desirable network traits in this section, which will then be used in the design sections.

Chapter 3, Components of the Enterprise Network, discusses the different parts of the enterprise network and lays down the reference architecture to be used throughout the book. This section consists of outlining the different parts of the network, for example, LAN, WAN, DC, and a internet connectivity, and defines the functional requirements from each part of the network. This chapter also introduces the reader to the various networking equipment such as switches and routers, and introduce IOS.

Chapter 4, Understanding and Configuring Campus Network Technologies, reviews IP addressing and basic layer 2 and layer 3 protocols, and discusses the complete design of the local area network in a floor of the building and extends it to the campus. The chapter discusses the design choices for a layer 2/layer 3 boundary, the various protocols used at layer 2, and the various routing protocols.

Chapter 5, Understanding and Configuring Wireless Access Technologies, discusses the various terminologies used in wireless networks, and provides a quick overview of the various wireless standards. The chapter then details on how to configure a wireless network within the enterprise in centralized and flexconnect modes of operation.

Chapter 6, Understanding and Configuring WAN Technologies, discusses the various types of options available for connecting different networks over wide area networks. The chapter describes technologies such as packet switched networks, leased lines, and MPLS VPNs, covering the pros and cons of each approach, and provides guidelines on how to use public networks to build overlay WAN using tunnels.

Chapter 7, Understanding and Configuring Data Center Technologies, describes the functions of a data center, and presents a sample design for how to segment the data center into various segments to ensure the security of the network. 

Chapter 8, Understanding and Configuring Network Security, deals with the security aspects of the network infrastructure and provides guidelines on securing the control plane, the management plane, and the data plane in the network. This chapter also provides an overview of technologies involved in securing the network beyond routers and switches.

Chapter 9, Understanding and Configuring Quality of Service, talks about the importance of Quality of Service (QoS), discusses the impact of network degradation on various types of applications, and  provides guidance on how to deploy QoS on the network to prioritize business-critical applications.

Chapter 10, A Systematic Approach to Network Operations, provides an introduction to the various models used for network life cycle and discusses an approach that helps to manage the network in a structured manner. The chapter also provides guidelines and best practices for network management.

Chapter 11, Basic Troubleshooting Skills and Techniques, provides an overview of the various issues on the network and provides an approach to troubleshooting the IP network.

What you need for this book

You will need an open mind and a lot of discussions with stakeholders to capture the user requirements, after which the technologies and design choices in this book will help you build a robust network. Most of the configurations shown in this book are for iOS release 15.

Who this book is for

This book is meant for network designers and IT engineers who are involved in designing the enterprise network and are involved in taking decisions to make network changes in order to meet newer business needs, such as evaluating new technology choices, enterprise growth, and adding new services on the network. The reader is expected to have a general understanding of the fundamentals of networking, including the OSI stack and IP addressing. This book will build upon these basic concepts and talk about the entire network life cycle, from designing the network to configuring the various Cisco devices to be used on the network.

Conventions

In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows:

"To save or write an image, we can use the imsave() function."

A block of code is set as follows:

Router(config)# interface GigabitEthernet 0/1Router(config-if)# description To_Switch_Gig_0/1Router(config-if)# ip addr 10.1.1.1 255.255.255.0Router(config-if)# ip local-proxy arp

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

Switch(config)# interface GigabitEthernet 0/1Switch(config-if)# description User_facing_port

Switch(config-if)# storm-control broadcast level 5.00

Switch(config-if)# storm-control unicast level 80.00Switch(config-if)# storm-control action trap

New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes, for example, appear in the text like this: "Clicking the Next button moves you to the next screen."

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important to us as it helps us develop titles that you will really get the most out of. To send us general feedback, simply email [email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register to our website using your email address and password.

Hover the mouse pointer on the

SUPPORT

tab at the top.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box.

Select the book for which you're looking to download the code files.

Choose from the drop-down menu where you purchased this book from.

Click on

Code Download

.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR / 7-Zip for Windows

Zipeg / iZip / UnRarX for Mac

7-Zip / PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Implementing-Cisco-Networking-Solutions. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Downloading the color images of this book

We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/ImplementingCiscoNetworkingSolutions_ColorImages.pdf.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at [email protected] with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.

Network Building Essentials

Information technology (IT) has become an integral part of any modern business. This reliance on the use of technology has led to a lot of successful new businesses, and even a small delay in adopting new technology, not to mention a lack of willingness to adopt new technologies, has led to the elimination of so many businesses around the world.

Networks are the foundation for IT, as they help connect multiple elements in the technological landscape of any organization. In this chapter, we will discuss the basic concepts that the reader will find useful in their goal of learning how to build IT networks. We will cover the following topics in this chapter:

The need for networking and an introduction to IT networks

A standard reference model for a network called the Open Systems Interconnection (OSI) model

The TCP/IP protocol stack

The various stages in building a network

Introduction to networks

The advent of computers has had a profound impact on society. These mechanical brains can carry out most jobs today in almost all sectors from medicine, education, aviation, retail, manufacturing, entertainment, communication, science and technology, research, aerospace, banking, space exploration, weather forecasting, and business transactions—the list is endless.

Computers have evolved a long way from the machine that Charles Babbage invented to the machines we see today. Much of it has been possible by the technological advances in semiconductor technology, which has made computers sleek, faster, and cost-effective. However, computers would not be as useful as they are today, if they were "egoist machines" not talking to one another, creating islands of excellence.

Businesses felt the need to leverage computing power across domains, and had a strong desire to automate the process to reduce manual dependencies. This acted as the driver for the evolution of communication networks that would enable communication between standalone computers. This ability to network computers has made them much more effective and acceptable in modern business.

As businesses evolved, and became more competitive, information and communication were regarded as among the most important factors that define the success of an organization, and hence the channels of carrying this information and communication became the lifelines of the organization. With the ever-increasing use of computers for carrying out most of the tasks in an organization, the information flow and communication between computers is becoming as important, if not more so, than between humans.

Early computer networks used different protocols such as DECnet, SNA, NetBIOS, and IPX to make computers communicate with each other. Although this facilitated networking, most of the protocols were proprietary, thereby limiting connectivity between machines from different vendors. Computer networking was fraught with cost inefficiencies, and interoperability issues because of the lack of a standard networking protocol that could be used across all vendors. Fortunately, the success of the ARPANET and the internet gave a big impetus to TCP/IP protocol, and the wide acceptance of the TCP/IP protocol stack among home and enterprise users forced many vendors to implement the stack on their devices. This changed computer networking and brought it to the levels of standardization and plug and play nature that exists today.

The OSI model and the TCP/IP stack

In communication, it is critical to have a common language and semantics that both parties can understand for the communication to be effective. This can be thought of as having a common language when talking of human communication, and as a protocol while talking of computer networking/communications. As discussed in the previous section, with the advent of computer networking, many vendors came out with their own proprietary protocols for computers to talk to each other, leading to interoperability issues between computer systems and networking was limited to devices from the same vendor. You can't get a person who knows only Chinese to effectively communicate with a person who knows only Russian!

International bodies involved in standardization were making efforts to evolve an open common framework, which could be used by all devices that needed to communicate with each other. These efforts led to the development of a framework called the Basic Reference Model for Open Systems Interconnections (OSI) reference model. This was jointly developed by the International Organization for Standardization (ISO) and International Telegraph and Telephone Consultative Committee (CCITT) (abbreviated from the Comité Consultatif International Téléphonique et Télégraphique), which later became the ITU-T.

We will broadly define the OSI model in the subsequent section, and then dive deeper into the TCP/IP model that will help clarify some of the concepts that might appear vague in the OSI discussion, as the OSI model is only a reference model without any standardization of interfaces or protocols, and was developed before the TCP/IP protocols were developed.

OSI had two major components as defined in the ISO/IEC 7498-1 standard:

An abstract model of networking, called the Basic Reference Model or seven-layer model

A set of specific protocols defined by other specifications within ISO

Basic OSI reference model

The communication entities perform a variety of different functions during the communication process. These functions range from creating a message, formatting the message, adding information that can help detect errors during transmission, sending the data on the physical medium, and so on.

The OSI reference model defines a layered model for interconnecting systems, with seven layers. The layered approach allows the model to group similar functions within a single layer, and provides standard interfaces allowing the various layers to talk to each other.

Figure 1 shows the seven layers of the OSI model. It is important to note that the reference model defines only the functions of each layer, and the interfaces with the adjoining layers. The OSI model neither standardizes the interfaces between the various layers within the system (subsequently standardized by other protocol standards) nor delves into the internals of the layer, as to how the functions are implemented in each layer.

The OSI model describes the communication flow between two entities as follows:

The layers have a strict peering relationship, which means that layers at a particular level would communicate with its peer layers on the other nodes through a peering protocol, for example, data generated at layer 3 of one node would be received by the layer 3 at the other node, with which it has a peering relationship.

The peering relationship can be between two adjacent devices, or across multiple hops. As an example, the intermediate node in figure 1, that has only layers 1 through 3, the peering relationship at layer 7 will be between the layer 7 at the transmitting and receiving nodes, which are not directly connected but are multiple hops away.

The data to be transmitted is composed at the application layer of the transmitting node and will be received at the application layer of the receiving node.

The data will flow down the OSI-layered hierarchy from layer 7 to layer 1 at the transmitting node, traverse the intermediate network, and flow up the layered hierarchy from layer 1 to layer 7 at the receiving node. This implies that within a node, the data can be handed over by a layer to its adjacent layer only. Each layer will perform its designated functions and then pass on the processed data to the next layer:

The high-level functions of each layer are described as follows:

Layer 1 - The physical layer

The primary function of this layer is to convert the bit stream onto the physical medium by converting it into electrical/optical impulses or radio signals. This layer provides the physical connection to the underlying medium and also provides the hardware means to activate, maintain, and de-activate physical connections between data link entities. This includes sequencing of the bit stream, identifying channels on the underlying medium, and optionally multiplexing. This should not be confused with the actual medium itself.

Some of the protocols that have a layer 1 component are Ethernet, G.703, FDDI, V.35, RJ45, RS232, SDH, DWDM, OTN, and so on.

Layer 2 - The data link layer

The data link layer acts as the driver of the physical layer and controls its functioning. The data link layer sends data to the physical layer at the transmitting end and receives data from the physical layer at the receiving node. It also provides error detection and correction that might have occurred during transmission/reception at the physical medium, and also defines the process for flow control between the two nodes to avoid any buffer overruns on either side of the data link connection. This can happen using PAUSE frames in Ethernet, and should not be confused with flow control in higher layers.

Some of the protocols that operate at the data link layer are LAPB, 802.3 Ethernet, 802.11 WiFi and 802.15.4 ZigBee, X.25, Point to Point (PPP) protocol, HDLC, SLIP, ATM, Frame Relay, and so on.

Layer 3 - The network layer

The basic service of the network layer is to provide the transparent transfer of datagrams between the transport layers at the two nodes. This layer is also responsible for finding the right intermediate nodes that might be required to send data to the destination node, if the destination node is not on the same network as the source node. This layer also breaks down datagrams into smaller fragments, if the underlying datalink layer is not capable of handling the datagram that is offered to the network layer for transport on the network.

A fundamental concept in the OSI stack is that data should be passed to a higher layer at the receiving node as it was handed over to the lower layers by the transmitting peer. As an example, the TCP layer passes TCP segments to the IP layer, and the IP layer might use the services of the lower layers, leading to fragment packets on the way to the destination, but when the IP layer passes the data to the TCP layer at the receiving node, the data should be in the form of TCP segments that were handed down to the IP layer at the transmitting end. To ensure this transparent transfer of datagrams to the receiving node TCP layer, the network layer at the receiving node reassembles all the fragments of a single datagram before handing it over to the transport layer.

The OSI model describes both connection-oriented and connectionless modes of the OSI network layer.

Connection- oriented and connectionless modes are used to describe the readiness of the communicating nodes before the process of actual data transfer between the two nodes. In the connection-oriented mode, a connection is established between the source and the destination, and a path is defined along the network through which actual data transfer would happen. A telephone call is a typical example of this mode, where you cannot talk until a connection has been established between the calling number and the called number.

In the connectionless mode of data transfer, the transmitting node just sends the data on the network without first establishing a connection, or verifying whether the receiving end is ready to accept data, or even if the receiving node is up or not. In this mode, there is no connection or path established between the source and the destination, and data generally flows in a hop by hop manner, with a decision being taken on the best path towards the destination at every hop. Since, data is sent without any validation of the receiving node status, there is no acknowledgement of data in a connectionless mode of data transfer. This is unlike the connection-oriented mode, where the path is defined the moment a connection is established, and all data flows along that path, with the data transfer being acknowledged between the two communicating nodes.

Since data packets in a connection-oriented mode follow a fixed path to the destination, the packets arrive in the same sequence at the receiver in which they were transmitted. On the other hand, packets in the case of a connectionless network might reach the receiver out of sequence if the packets are routed on different links on the network, as decisions are taken at every hop.

The OSI standard defined the network layer to provide both modes. However, most of the services were implemented in practice as the connectionless mode at layer 3, and the connection-oriented aspects were left to layer 4. We will discuss this further during our discussion on TCP/IP.

Some of the protocols that operate at the network layer are AppleTalk, DDP, IP, IPX, CLNP, IS-IS, and so on.

Layer 4 - The transport layer

The transport layer provides the functional and procedural means of transferring variable-length data sequences from a source to a destination host via one or more networks. This layer has end-to-end significance and provides a connectionless or connection-oriented service to the session layer. This layer is responsible for connection establishment, management, and release.

The transport layer controls the reliability of a given link through end-to-end flow control, segmentation/de-segmentation, and error control. This layer also provides multiplexing functions of multiplexing various data connections over a single network layer.

Some protocols operating at the transport layer are TCP, UDP, SCTP, NBF, and so on.

Layer 5 - The session layer

The primary purpose of the session layer is to coordinate and synchronize the dialog between the presentation layers at the two end points and to manage their data exchange. This layer establishes, manages, and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end.

Some of the protocols operating at the session layer are sockets, NetBIOS, SAP, SOCKS, RPC, and so on.

Layer 6 - The presentation layer

The presentation layer provides a common representation of the data transferred between application entities, and provides independence from differences in data representation/syntax. This layer is also sometimes referred to as the syntax layer. The presentation layer works to transform data into the form that the application layer can accept. This layer is also responsible for encryption and decryption for the application data.

Some examples of protocols at the presentation layer are MIME, ASCII, GIF, JPEG, MPEG, MIDI, SSL, and so on.

Layer 7 - The application layer

The application layer is the topmost layer of the OSI model, and has no upper-layer protocols. The software applications that need communication with other systems interact directly with the OSI application layer. This layer is not to be confused with the application software, which is the program that implements the software; for example, HTTP is an application layer protocol, while Google Chrome is a software application.

The application layer provides services directly to user applications. It enables the users and software applications to access the network and provides user interfaces and support for services such as email, remote file access and transfer, shared database management, and other types of distributed information services.

Some examples of application layer protocols are HTTP, SMTP, SNMP, FTP, DNS, LDAP, Telnet, and so on.

The TCP/IP model

The Advanced Research Projects Agency Network (ARPANET), which was initially funded by the US Department of Defense (DoD) was an early packet-switching network and the first network to implement the protocol suite TCP/IP. ARPANET was the test bed of the TCP/IP protocol suite which resulted in the TCP/IP model also known as the DoD model.

The TCP/IP model is a simplified model of the OSI model and has only four broad layers instead of the seven layers of the OSI model. Figure 2 shows the comparison between the two models. As can be seen from the following figure, the TCP/IP model is a much more simplified model, where the top three layers of the OSI model have been combined into a single application layer, and the physical and data link layers have been combined into a network access layer:

Some of the major differences between the two models are as follows:

The functions of the application layer in the TCP/IP model include the functions of the application, presentation and session layer of the OSI model

The OSI session layer function of graceful close/end-to-end connection setup, management, and release is taken over by the TCP/IP transport layer (

Transmission Control Protocol

)

The network access layer combines the functions of the OSI data link and the physical layers

The network layer in the OSI mode can be connection oriented or connectionless, while the

Internet Protocol

(

IP

) is a connectionless protocol

The transport layer in the OSI model is connection oriented, whereas, different protocols at the transport layer in the TCP/IP model provide different types of services; for example, TCP provides a connection oriented service, while UDP provides a connectionless service

Let's explore what happens when data moves from one layer to another in the TCP/IP model taking Figure 3 as an example. When data is given to the software application, for example, a web browser, the browser sends this data to the application layer, which adds a HTTP header to the data. This is known as application data. This application data is then passed on to the TCP layer, which adds a TCP header to it, thus creating a TCP segment. This segment is then passed on to the network layer (IP layer) where the IP header is added to the segment creating an IP packet or IP datagram. This IP header is then encapsulated by the data link adding a data link header and trailer, creating a Frame. This frame is then transmitted onto the transmission medium as a bit stream in the form of electrical/optical/radio signals depending upon the physical media used for communication:

A simplified stack showing some protocols in the TCP/ IP stack is shown in the following figure:

Let's delve deeper into the TCP/IP model by looking at the TCP/IP headers in some more detail.

Internet Protocol (IP)

Internet Protocol (IP) as it is commonly known, was developed by Bob Kahn and Vinton Cerf, and is a protocol operating at layer 3 (network layer) of the OSI model. The primary function of the IP is to transfer datagrams from source to destination and provide a network transport service. As noted in the preceding section, IP as defined in the TCP/IP model operates in a connectionless mode, and hence is sometimes referred to as Send and Pray protocol, as there is no acknowledgement/guarantee that the IP datagrams sent by the source have been received by the destination. This function is left to the upper layers of the protocol stack.

Figure 5 shows the structure and fields of an IPv4 header. The IPv4 header is defined in the IETF standard, RFC 791. The header is appended by the network layer to the TCP/UDP segments handed to the network layer. The length of the header is always a multiple of 4 bytes. The section consists of multiple fields that are outlined in the following figure.

The length of each part of the IPv4 header in bits is highlighted in Figure 5 within parenthesis after the name of the field:

We will now talk about the fields in brief:

Version (4)

: This is a 4-bit field and is used to decode the IP address version being used by the IP system. The version for the header depicted in

Figure 5

is version 4. There is a newer version of IP called IP version 6 or IPv6, which has a different header format and is discussed later.

Header Length

: This is again a 4-bit field, and encodes the length of the IP header in 4-byte words. This means that if the IPv4 header has no options, the header would be 20 bytes long, and hence would consist of five 4-byte words. Hence, the value of the header length field in the IP header would be 5. This field cannot have a value less than 5 as the fields in the first 20 bytes of the IPv4 header are mandatory.

DSCP

:

Differentiated Services Code Point

(

DSCP

) is a 6-bit field in the IPv4 header and is used to encode the

Quality of Service

(

QoS

) required by the IP datagram on the network. This field will define if the packet will be treated as a priority packet on the network, or should be discarded if there is congestion on the network. This field was not in the original RFC for IP, but was added later by RFC 2474 to support differentiated models for QoS on IP networks. We will discuss this in detail in the chapter on QoS implementation.

ECN

:

Explicit Congestion Notification

(

ECN

) is a 2-bit field defined by RFC 2481, and the latest standard for this at the time of writing is RFC3168. This field is used to explicitly notify the end hosts if the intermediate devices have encountered congestion so that the end devices can slow down the traffic being sent on the network, by lowering the TCP window. This helps in managing congestion on the network even before the intermediate devices start to drop packets due to queue overruns.

Total Length

: This is a 16-bit field that encodes the total length of the IP datagram in bytes. The total length of the IP datagram is the length of the TCP segment plus the length of the IP header. Since this is a 16-bit field, the total length of a single IP datagram can be 65535 bytes (216-1). The most commonly used length for the IP datagram on the network is 1500 bytes. We will delve deeper into the impact of the IP datagram size in the later chapters while discussing the impact on the WAN.

Identification (ID)

: This 16-bit value uniquely identifies an IP datagram for a given source address, destination address, and protocol, such that it does not repeat within the maximum datagram lifetime, which is set to 2 minutes by the TCP specification (RFC 793). RFC 6864 has made some changes to the original fields that are relevant only at high data rates, and in networks that undergo fragmentation. These issues will be discussed in the later chapters.

Flags

: These are three different flags in the IPv4 header as shown in

Figure 6

. Each flag is one bit in length. The flags are used when the IP layer needs to send a datagram of a length that cannot be handled by the underlying data link layer. In this case, the intermediate nodes can fragment the datagram into smaller ones, which are reassembled by the IP layer at the receiving node, before passing on to the TCP layer. The flags are meant to control the fragmentation behavior:

MBZ

: This stands for

Must be Zero

(

MBZ

), where bits are always sent as 0 on the network.

DF

: This stands for

Do Not Fragment

(

DF

) bit, which if set to 1 means that this packet should not be fragmented by the intermediate nodes. Such packets are discarded by the intermediate nodes, if there is a need to fragment these packets, and an error message is sent to the transmitting node using

Internet Control Message Protocol

(

ICMP

).

MF

: This stands for

More Fragments

(

MF

) bit, which if set to 1 signifies that this is a fragmented packet and there are more fragments of the original datagram. The last fragment and an unfragmented packet will have the MF bit as 0:

Fragment Offset

: This field is 13 bits long and is used only by the fragmented packets to denote where in the original datagram the fragment belongs. The first fragment will have the offset as 0 and the subsequent fragments will have the fragment offset value that defines the length of all fragments before this fragment in the original datagram as a number, where each number is 8 bytes.

Time To Live/TTL

: This 8-bit field is used to denote the maximum number of intermediate nodes that can process the packet at the IP layer. Each intermediate node decrements the value by 1 to ensure that the IP packet does not get caught in an infinite routing loop and keeps on going back and forth between nodes. The packet is discarded when the field reaches a zero value, and is discarded by the node, and an error message sent to the source of the datagram as an ICMP message.

Protocol

: This 8-bit field is used to denote what upper layer protocol is being encapsulated in the IP packet. Since the IP layer multiplexes multiple transport layers, for example, UDP, TCP, OSPF, ICMP, IGMP, and so on, this field acts as a demultiplexing identifier to identify which upper layer should the payload be handed to at the receiving node. The values for this field were originally defined in RFC 1700, which is now obsolete, and is replaced by an online database. Some of the common values for the protocol field are shown in the following figure:

Header Checksum

: This 16-byte field is used for checking the integrity of the received IP datagram. This value is calculated using an algorithm covering all the fields in the header (assuming this field to be zero for the purposes of calculating the header checksum). This value is calculated and stored in the header when the IP datagram is sent from source to destination and at the destination side this checksum is again calculated and verified against the checksum present in header. If the value is the same, then the datagram was not corrupted, else it's assumed that datagram was received corrupted.

Source IP address and Destination IP address

: These 32-bit fields contain the source and destination IP addresses respectively. Since the length of an IPv4 address is 32 bits, this field length was set to 32 bits. With the introduction of IPv6, which has a 128-bit address, this cannot fit in this format, and there is a different format for an IPv6 header.

Options

: This optional, variable-length field contains certain options that can be used by IP protocol. Some of these options can be used for Strict Source routing, Loose Source routing, Record route options, and so on that are used for troubleshooting and other protocols.

Padding

: This is a field that is used to pad the IP header to make the IPv4 header length a multiple of 4 bytes, as the definition of the Header Length field mandates that the IPv4 header length is a multiple of 4 bytes.

Data

: This variable length field contains the actual payload that is encapsulated at the IP layer, and consists of the data that is passed onto the upper layer transport protocols to the IP layer. The upper layer protocols attach their own headers as the data traverses down the protocol stack, as we saw in

Figure 3: Data flow across the TCP/IP layers

.

Transmission Control Protocol (TCP)

As discussed in the previous section, IP provides a connectionless service. There is no acknowledgement mechanism in the IP layer, and the IP packets are routed at every hop from the source to the destination. Hence, it is possible that some packets sent by the transmitting node are lost on the network due to errors, or are discarded by the intermediate devices due to congestion on the network. Hence the receiving node will never receive the lost packets in the absence of a feedback mechanism.

Further, if there are multiple paths on the network to reach the destination from the source, it is possible that packets will take different paths to reach the destination, depending upon the routing topology at a given time. This implies that packets can reach the receiving node out of sequence with respect to the sequence in which they were transmitted.

The TCP layer ensures that whatever was transmitted is correctly received. The purpose of the TCP layer is to ensure that the receiving host application layer sees a continuous stream of data as was transmitted by the transmitting node as though the two were connected through a direct wire. Since TCP provides that service to the application layer using the underlying services of the IP layer, TCP is called a connection-oriented protocol.

A typical TCP segment is shown in Figure 8, where the different fields of the TCP header are shown along with their lengths in bits in parentheses. A brief description of the functions of the various fields is shown in the following figure:

Source Port/Destination Port

: As discussed in the earlier sections, the transport layer provides the multiplexing function of multiplexing various data connections over a single network layer. The source port and destination port fields are 16-bit identifiers that are used to distinguish the upper layer protocols. Some of the common TCP port numbers are shown in the following figure:

Sequence Number

: This 16-bit field is used to number the starting byte of the payload data in this TCP segment with relation to the overall data stream that is being transmitted as a part of the TCP session.

Acknowledgement Number

: This 16-bit field is a part of the feedback mechanism to the sender and is used to acknowledge to the sender how many bytes of the stream have been received successfully, and in sequence. The acknowledgement number identifies the next byte that the receiving node is expecting on this TCP session.

Data Offset

: This 4-bit field is used to convey how far from the start of the TCP header the actual message starts. Hence, this value indicates the length of the TCP header in multiples of 32-bit words. The minimum value of this field is 5.

Reserved

: These are bits that are not to be used, and will be reserved for future use.

Control flags

: There are 9 bits reserved in the TCP header for control flags and there are 9 one-bit flags as shown in

Figure 10

. Although these flags are carried from left to right, we will describe them in the random order for ease of understanding:

SYN

: This 1-bit flag is used to initiate a TCP connection during the three-way handshake process.

FIN

: This 1-bit flag is used to signify that there is no more data to be sent on this TCP connection, and can be used to terminate the TCP session.

RST

: This 1-bit flag is used to reject the connection to maintain synchronization of the TCP session between two hosts.

PSH

:

Push

(

PSH

) is a 1-bit flag that tells the TCP receiver not to wait for the buffer to be full, but to send the data gathered so far to the upper layers.

ACK

: This 1-bit flag is used to signify that the Acknowledgement field in the header is significant.

URG

:

Urgent

(

URG

) is also a 1-bit flag, and when set signifies that this segment contains Urgent data and the urgent pointer defines the location of that urgent data.

ECE

: This 1-bit flag (ECN Echo) signals to the network layer that the host is capable of using Explicit Congestion techniques as defined in the ECN bit section of the IP header. This flag is not a part of the original TCP specification, but is added by RFC 3168.

CWR

: This is also a 1-bit flag added by RFC 3168. The Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment with the ECE flag set.

NS

(1 bit): This 1-bit flag is defined by an experimental RFC 3540, with the primary intention that the sender can verify the correct behavior of the ECN receiver.

Window Size