Hello dear readers,
In today’s post we will continue talking about the TCP/IP and OSI stacks layers, the next one is the Network layer:
Remember that Transport layer was used for end to end communication between processes. Network layer which is under the Transport layer, is used to send data over a network. Network layer provides some features that enables it to communicate over the network:
Encapsulation – when a segment/datagram (Transport layer PDU) arrives at the Network layer, it is encapsulated into a packet and source and destination are added. We are talking here about the layer 3 address which is usually an IPv4 or IPv6 address.
Addressing – layer 3 provides a unique address for source and destination. This is used to uniquely identify the sender and receiver so that the routing process can occur.
Routing – this feature allows network devices to forward packets from source to destination
Decapsulation – when a packet arrives at destination the layer 3 information is stripped and the packet is sent to the Transport layer.
IPv4 also known as Internet Protocol, is used by network devices to communicate with each other. In our days almost all systems use the IP protocol to connect to the Internet. Because Internet evolved so fast, the public IPs got fewer so the IPv6 protocol was invented. Other Network protocols are AppleTalk or Novell Internetwork Packet Exchange (IPX).
Best Effort or unreliable – does not have mechanisms to trace or acknowledge packets and does not guarantee data delivery.
Connectionless – no connection is established before packets are sent.
Media Independent – does not depend by the medium in which communications are made
IP has several advantages:
You can divide a huge network that spans more geographic areas into several smaller networks, or you can use IP to separate each department in a company. There are a lot of benefits for separating networks, one would be that the broadcast domain has a smaller size. A broadcast domain
is a network in which broadcast messages are sent. A broadcast
is a message that is sent by one host to all devices in a network. To divide networks, routers or layer3 devices are used. Routers divide the broadcast domain, so broadcast messages do not pass them. One protocol that uses broadcast is ARP (Address Resolution Protocol http://en.wikipedia.org/wiki/Address_Resolution_Protocol
) now imagine what would happen if broadcast messages were sent to all hosts in a huge network, performance were highly affected.
Another advantage is that security is increased when you divide networks in smaller ones because they become more manageable. When we will talk about NAT overload (Network Address Translation http://en.wikipedia.org/wiki/Network_address_translation
) you will understand that you can group several IP into a single one by using a router. Imagine the scenario below:
You can see that there are several devices behind the router. The router acts like a gateway for the hosts (a gateway a router that is used to get outside the network) and servers and from outside the computers are accessed through one IP (126.96.36.199).
The IPv4 address has 32 bits (4 Octets. An Octet is a group of 8 bits) and is made up of two parts. One part is the network portion and the other one is the host portion. The first part is used by routers to identify the network that includes a certain host. The host portion is used to identify a device from a certain network.
To separate the network portion and the host portion, the network mask was introduced (also known as the prefix length). Let’s take the following example:
192.168.0.1 with 255.255.255.0 mask.
By using this combination the first 24 bits from this address will be used to identify the network portion and the last 8 bits for the host portion. In the next post we will start subnetting and you will understand more.
When a host wants to send a message to another device but that device doesn’t belong to the same network, the host will forward the message to the default gateway. This is done by checking the destination IP address. The same thing happens when you want to access a website. Because the website is hosted on a server on a remote network, your computer sends the request to the default gateway. When a packet arrives at the gateway, the router checks if the network, that the packet is destined to, is directly connected. If it’s directly connected than the packet is forwarded to the destination host, if it’s not then the router sends the packet to the next router and so on. This is where I have to tell you about hop count
: “In computer networking, hop count refers to the intermediate devices (like routers) through which data must pass between source and destination, rather than flowing directly over a single wire” from wikipedia: http://en.wikipedia.org/wiki/Hop_count.
A router is also called a layer3 device because it takes decisions based on the IP addresses. A router holds a routing table (“routing information base (RIB), is a data table stored in a router or a networked computer that lists the routes to particular network destinations, and in some cases, metrics (distances) associated with those routes” http://en.wikipedia.org/wiki/Routing_table)
and from the records contained here, the router forwards packages to remote or directly connected networks. The routing information can be added manually (static record) or dynamically by using dynamic routing protocols.
On a Windows operating system to view the available routes type netstat -r:
type netstat ? or get-help netstat if your using powershell, to see additional information. You can also view routing information by typing route print:
To add a static route on a Windows OS: route add destination mask subnetmask gatewayip metric metric if interface
an example route add 172.16.1.0 mask 255.255.255.0 192.168.0.2 metric 5
To delete a route use route delete destination mask subnetmask gatewayip metric metric if interface
To modify a route use route change destination mask subnetmask gatewayip metric metric if interface
On a Cisco router type show route to see routing information:
Now let’s talk about the things that are displayed in this picture:
You can see that above the routing information are some Codes.
C – stands for directly connected
so the 192.168.1.0/24 network is directly connected with the router on interface FastEthernet0/0
the 192.168.2.0/24 network is directly connected with the router on interface FastEthernet0/1
if the C was replaced with O for example, it meant that the network was learned using a dynamic routing protocol (OSPF)
S stands for static route which means that it was entered by the administrator manually.
We will talk more about router configuration in a future post, for now I’ve only described you some of the basic terminology used in networking. That’s it for this post, if you have any questions don’t hesitate to contact me. Have a wonderful day.