1

COS 441 Advanced Computer Networks (3 Units)

Course Contents: --- Delivered By Prof F. S. Bakpo

Computer networks, LANs, WAN, MANs, SAN, CNs, Intranets, Extranets and Internets, network
topologies, communication protocol, OSI reference model and protocols, network technologies
(Ethernet, Token ring, FDDI), Internetworking devices (bridges, routers, repeaters, hub, gateways,
switches, etc); Data switching principles (circuit, message, packet), Design of a wide area network
infrastructure; Analysis of quality of service, congestion, bandwidth, performance trade-off;
LAN/WAN design issues, wireless technologies: narrow band, spread spectrum, infra red, Bluetooth,
etc; Architecture of VSAT and GSM networks, VPNs, network security.

INTRODUCTION

What is Computer Network?

A network consists of two or more computers that are linked in order to share resources (such as
printers and CDs), exchange files, or allow electronic communications via any medium. The
computers on a wave, satellite, infrared light or Bluetooth beam are in a network.
Characteristics of Network?
A network must be able to meet a certain number of criteria. The most important of these are
performance, reliability, and security.
Performance:
Performance can be measured in many ways, including transit time and response time.
Transit time is the amount of time required for a message to travel from one device to another.
Response time is the elapsed time between an inquiry and a response.
The performance of a network depends on a number of factors, including the number of users, the
type of transmission medium, the capabilities of the connected hardware, and the efficiency of the
software.
Reliability
In addition to accuracy of delivery, network reliability is measured by the frequency of failure, the
time it takes a link to recover from a failure, and the network's robustness in a catastrophe.
Security
Network security issues include protecting data from unauthorized access, protecting data from
damage and development, and implementing policies and procedures for recovery from breaches and
data losses.
Types of Networks: LAN, MAN, WAN, PAN, SAN, EPN, VPN, CN, INTERNET, INTRANET
and EXTRANET

Network allows computers to connect and communicate with different computers via any medium.
LAN, MAN, and WAN are the three major types of networks designed to operate over the area they
cover. Other recent types include: PAN (Personal area networks), SAN (Storage area networks) EPN
(Enterprise area networks), VPN (Virtual Private networks), CN (Core backbone networks), Internet,
Intranet and Extranet.

Local Area Network (LAN)

 2
A Local Area Network (LAN) is a network that is confined to a relatively small area. It is generally
limited to a geographic area such as a lab, school, or building. LAN connects network devices in
such a way that personal computers and workstations can share data, tools, and programs. The group
of computers and devices are connected together by a switch, or stack of switches, using a private
addressing scheme as defined by the TCP/IP protocol. Private addresses are unique in relation to
other computers on the local network. Routers are found at the boundary of a LAN, connecting them
to the larger WAN.
Data transmits at a very fast rate as the number of computers linked is limited. LANs cover a smaller
geographical area (Size is limited to a few kilometres) and are privately owned. One can use it for an
office building, home, hospital, school, etc. LAN is easy to design and maintain. A Communication
medium used for LAN has twisted-pair cables and coaxial cables. It covers a short distance, and so
the error and noise are minimized.
Early LANs had data rates in the 4 to 16 Mbps range. Today, speeds are normally 100 or 1000 Mbps.
Propagation delay is very short in a LAN. The smallest LAN may only use two computers, while
larger LANs can accommodate thousands of computers. LAN has a range up to 2km. A LAN
typically relies mostly on wired connections for increased speed and security, but wireless
connections can also be part of a LAN. The fault tolerance of a LAN is more and there is less
congestion in this network. For example A bunch of students playing Counter-Strike in the same
room (without internet).
Advantages:
 Provides fast data transfer rates and high-speed communication.
 Easy to set up and manage.
 Can be used to share peripheral devices such as printers and scanners.
 Provides increased security and fault tolerance compared to WANs.
Disadvantages:
 Limited geographical coverage.
 Limited scalability and may require significant infrastructure upgrades to accommodate growth.
 May experience congestion and network performance issues with increased usage.

Metropolitan Area Network (MAN)

MAN or Metropolitan area Network covers a larger area than that covered by a LAN and a smaller
area as compared to WAN. MAN has a range of 5-50km. It connects two or more computers that are
apart but reside in the same or different cities. It covers a large geographical area and may serve as
an ISP (Internet Service Provider). MAN is designed for customers who need high-speed
connectivity. Speeds of MAN range in terms of Mbps. It is hard to design and maintain a
Metropolitan Area Network.

The fault tolerance of a MAN is less and also there is more congestion in the network. It is costly and
may or may not be owned by a single organization. The data transfer rate and the propagation delay
of MAN are moderate. Devices used for transmission of data through MAN are Modem and
 3
Wire/Cable. Examples of a MAN are part of the telephone company network that can provide a high-
speed DSL line to the customer or the cable TV network in a city.
Advantages:
 Provides high-speed connectivity over a larger geographical area than LAN.
 Can be used as an ISP for multiple customers.
 Offers higher data transfer rates than WAN in some cases.
Disadvantages:
 Can be expensive to set up and maintain.
 May experience congestion and network performance issues with increased usage.
 May have limited fault tolerance and security compared to LANs.

Wide Area Network (WAN)

Wide Area Network (WAN) is a computer network that extends over a large geographical area,
although it might be confined within the bounds of a state or country. WAN has a range of above 50
km. A WAN could be a connection of LAN connecting to other LANs via telephone lines and radio
waves and may be limited to an enterprise (a corporation or an organization) or accessible to the
public. The technology is high-speed and relatively expensive.
There are two types of WAN: Switched WAN and Point-to-Point WAN. WAN is difficult to design
and maintain. Similar to a MAN, the fault tolerance of a WAN is less and there is more congestion in
the network. A popular communication medium used for WAN is PSTN or Satellite Link. Due to
long-distance transmission, the noise and error tend to be more in WAN.
WAN‘s data rate is slow about a 10th LAN‘s speed since it involves increased distance and increased
number of servers and terminals etc. The speed of WAN ranges from a few kilobits per second
(Kbps) to megabits per second (Mbps). Propagation delay is one of the biggest problems faced here.
Devices used for the transmission of data through WAN are Optic wires, Microwaves, and Satellites.
An example of a Switched WAN is the asynchronous transfer mode (ATM) network and Point-to-
Point WAN is a dial-up line that connects a home computer to the Internet.
Advantages:
 Covers large geographical areas and can connect remote locations.
 Provides connectivity to the internet.
 Offers remote access to resources and applications.
 Can be used to support multiple users and applications simultaneously.
Disadvantages:
 Can be expensive to set up and maintain.
 Offers slower data transfer rates than LAN or MAN.
 May experience higher latency and longer propagation delays due to longer distances and
multiple network hops.
 May have lower fault tolerance and security compared to LANs.

Personal Area Network (PAN)

PAN is a personal area network having an interconnection of personal technology devices to
communicate over a short distance. It covers only less than 10 meters or 33 feet of area. PAN has
fewer users as compared to other networks such as LAN, WAN, etc. PAN typically uses some form
of wireless technology. PAN involves the transmission of data between information devices such as
smartphones, personal computers, tablet computers, etc.
Advantages:
 Allows for easy communication between personal devices in close proximity.
 Can be set up easily and quickly.
 Uses wireless technology, which eliminates the need for wires and cables.
 PANs are designed to be energy efficient, which means that devices can communicate with
each other without draining their batteries quickly.
 4
 PANs are typically secured using encryption and authentication protocols, which helps to
prevent unauthorized access to data and resources.
Disadvantages:
 Limited coverage area.
 May not be suitable for large-scale data transfer or communication. PANs typically have
limited bandwidth, which means that they may not be able to handle large amounts of data or
high-speed communication.
 May experience interference from other wireless devices.

SAN (Storage Area Network)

A Storage Area Network (SAN) is a specialized, high-speed network that provides network access to
storage devices. Storage area network (SAN) is a dedicated high-speed network or subnetwork that
interconnects and presents shared pools of storage devices to multiple servers.
SANs are typically composed of hosts, switches, storage elements, and storage devices that are
interconnected using a variety of technologies, topologies, and protocols. SANs may span multiple
sites. A SAN presents storage devices to a host such that the storage appears to be locally attached.
This simplified presentation of storage to a host is accomplished through the use of different types
of virtualization. SANs are often used to:

 Improve application availability (e.g., multiple data paths),

 Enhance application performance (e.g., off-load storage functions, segregate or zone
networks, etc.),
 Increase storage utilization and effectiveness (e.g., consolidate storage resources, provide
tiered storage, etc.), and improve data protection and security.

Enterprise Private Network (EPN)

Enterprise networking refers to the creation and management of a group of interconnected computer
systems that serve the needs of a large business. It involves the use of local area networks (LANs)
that connect to wide area networks (WANs) and the cloud to facilitate data exchange, business
processes, and analysis of network activity.
In an enterprise environment, various components, including data centers, branch offices, public and
private clouds, Internet of Things (IoT) devices, and employees, require reliable network
connections. Unlike the open nature of the internet, enterprise networks are restricted to specific
users, devices, and facilities, and often use encryption techniques such as virtual private networks
(VPNs) or Transport Layer Security (TLS) encryption to secure data transmission.
What sets enterprise networking apart from other types of networking is its scale. Unlike a home
LAN that connects a few devices to the internet via a single router, enterprise networks connect
thousands of devices to each other and to the internet. Some enterprise networks are even assigned
an autonomous system number (ASN).
EPN is a powerful tool for organizations that need a private and secure network to connect their
different components and ensure reliable and high-performance connectivity.
Purpose of EPN
 Providing high speed uninterrupted internet service to an organization/enterprise.
 Providing secure transfer/sharing of data among computers.
 Making a centralized controlled system for organizations.
 Providing cloud storage facility to the businesses.
 5
 Provides secure data transmission to multiple offices located at various places with low cost.
 Disruption at any office located at any place will not affect other place offcies/branches.
 It is a perfect network system for business users.

VPN
VPN stands for the Virtual Private Network. A virtual private network (VPN) is a technology
that creates a safe and encrypted connection over a less secure network, such as the internet. A
Virtual Private Network is a way to extend a private network using a public network such as the
internet. The name only suggests that it is a Virtual ―private network‖ i.e. user can be part of a
local network sitting at a remote location. It makes use of tunneling protocols to establish a secure
connection

Internet: The Internet is often known as the World wide web. The Internet is a network built by the
cooperative connectivity of millions of computers that are linked together. The Internet is made up
of:

 People: The network is used and developed by people.

 Resources: A group of resources that can be accessed through those networks.
 A setup for collaboration: It is a collaborative arrangement that comprises members of the
research and education committees from all around the world.

Intranet: An intranet is a private network that only employees of a company may access. It's the
most restrictive of the three networks. Intranets, like the Internet, employ the HTTP protocol over
TCP/IP protocol, web servers, and web clients. Intranets differ from the Internet in that private
servers are not accessible to the general public. The users' limitations are implemented through the
usage of an internet firewall.est

Companies use intranet so that they can store and share important documents and lets teams use
private messages and threads to communicate better and collaborate on projects over a secure
network. It is only accessible to a small group of people. Intranets are mostly used to offer access to
data and programs on networked computers and servers within enterprises and organizations.

Extranet: An extranet is a type of network that allows external users to access an organization's
intranet. An extranet is similar to an intranet, except that it is accessed through a Web portal. An
intranet is a private network that is only available to members of the same group, corporation, or
organization. Extranets are quickly becoming a popular way for business partners to securely
communicate information.

Difference between Internet, Intranet and Extranet

The difference between the Internet, Intranet and Extranet is often misunderstood. Part of the
solution may be found in the prefixes of each of the words: inter means between, intra means
inside, and extra implies outside or beyond. The difference between the internet, intranet and
extranet is based on various parameters.

The major difference between the internet, intranet and extranet is that the internet, also known as the
world wide web, is a global network of computer networks, and intranet, on the other hand, is an
internet network that only corporate workers have access to. However, the extranet is an extension of
the intranet.

The differences between internet, intranet and extranet are listed in the table below based on various
parameters.
 6
Internet Intranet Extranet
An intranet may be accessed Extranets are mostly used by
Internet is open to the
via the Internet, although its businesses and organizations
public, but the other two
authentication requires to limit access to secret
are heavily censored.
logging in. information.
It is owned by a particular It is owned by single/ multiple
It is owned by no one.
company/ organization. organizations.
Only members of the
Only members of the
Everyone who is linked organization and external
organization have access to
has access to it. members with logins have
it.
access.
Its goal is to provide Its goal is to communicate Its goal is to allow members
information all across the information within the and external members to share
world. company. information.
It is used by employees of It is used by the members
It is used by the public.
the organization. having login information.
It is more cost-effective to It is less cost-effective. It is also less cost-effective.
utilize.

Basic Types of LANs

There are two basic types of LAN, namely: peer to peer and server- based. We shall briefly examine
each in turn.
i) Peer- to- peer LAN (P2P)

Peer-to-peer network operating systems allow users to share resources and files located on their
computers and to access shared resources found on other computers. However, they do not have a
file server or a centralized management source (See fig. below). In a peer-to-peer network, all
computers are considered equal; they all have the same abilities to use the resources available on the
network. In a p2p each computer must be configured with individual user identification (userids) and
passwords. Peer-to-peer networks are designed primarily for small to medium local area networks.
AppleShare and Windows for Workgroups are examples of programs that can function as peer-to-
peer network operating systems.

Fig.. Peer-to-peer network

 7

L
P
Workstation WS2 W WS3
1
User1: User2:S User3:
Okafor Ngozi 2 Israel
Word folder: Excel folder: Access folder
WORDDOCS WORKBOOKS DATABOOK
Password: Password: Password:
boy ngh Isout

There are three people in this company, Okafor, Ngozi and Israel, respectively for workstations
WS1, WS2 and WS3. Israel and Okafor can access the documents located in Excel folder from their
own WS as long as they know the password of Ngozi is <ngh>. If any of them changes password on
his computer, to make his system accessible to others the person must make his password known to
others/or any one who needs access.
A peer-to-peer network password is only effective across the network. The password is not effective
if someone sits down at the workstation. An immediate disadvantage of P2P is anyone who has the
password can access the folder across the networks.
Advantages of a peer-to-peer network:

 Less initial expense - No need for a dedicated server.

 Setup - An operating system (such as Windows XP) already in place may only need to
be reconfigured for peer-to-peer operations.

Disadvantages of a peer-to-peer network:

 Decentralized - No central repository for files and applications.

 Security - Does not provide the security available on a client/server network.

ii) Server based LAN or Client/server network

Client/server network operating systems allow the network to centralize functions and applications in
one or more dedicated file servers (See fig. below). The file servers become the heart of the system,
providing access to resources and providing security. Individual workstations (clients) have access to
the resources available on the file servers. The network operating system provides the mechanism to
integrate all the components of the network and allow multiple users to simultaneously share the
same resources irrespective of physical location. Novell Netware and Windows 2000 Server are
examples of client/server network operating systems.
 8

Fig. Client/server network

In a server-based LAN, a user can sit down at any workstation, login to the server with his or her
userid and password, and have access to all of the network resources. A server-based network is
much secured and expensive system. Server-based are more secured because (i) passwords are
managed centrally at the server ii) the server is normally locked in a wiring closet.
Userid: pasword: Application Permission: Printer:
Ngozi ngh Excel R/W LP1
Word R/W LP2
Okafor boy Excel R
Project R/W LP2
Word R
Fig. Server based LAN

Advantages of a client/server network:

 Centralized - Resources and data security are controlled through the server.
 Scalability - Any or all elements can be replaced individually as needs increase.
 Flexibility - New technology can be easily integrated into system.
 Interoperability - All components (client/network/server) work together.
 Accessibility - Server can be accessed remotely and across multiple platforms.

Disadvantages of a client/server network:

 Expense - Requires initial investment in dedicated server.

 Maintenance - Large networks will require a staff to ensure efficient operation.
 Dependence - When server goes down, operations will cease across the network.

Implementation of LANs
There exist two major implementations of LANs namely:
1) Token-passing LAN and
2) Ethernet LAN
1) Token-passing LAN
A token-passing LAN uses an access protocol that involves the continuous circulation of a 24-bit long unique
data frame or pattern called ―token‖ around a logical loop. The token is an access-granting message that
circulates around the ring. Only one station can gain control of the token at a time. There is no central
controller and all the stations are of equal status.
In a token passing LAN, a station with data to transmit must first gain control of the token. A token may be
free or busy. If the token is free, a station with data to send will capture the token, transmit its data into the
LAN complete with the address of both the sender and the destination station, and marks the token as busy.
 9
The token is then allowed to continue its passage around the LAN. As the data circulates around the network
its destination address is read by each station in turn until the destination station recognizes its own address;
this station copies the data and then returns the (still full) packet to the LAN. When the packet has traveled
right around the logical loop and has returned to the originating station, the data is removed from the packet
and the token is marked as free before it is passed on to the next station. Figure below depicts the logical
connections between the stations in a Token-passing LAN.

MA1
NA2

7 2

MA7 MA2
NA1 NA3

3
MA3
MA6 NA4
NA7

MA5 MA4
NA6 NA5
5 4
Fig. Token - passing LAN.
Each station has its own address, labeled as MA1, MA2 etc and it is programmed with the address of
the next station to which the token is to be passed called ―Next-station Address‖ NA2, NA3, etc.
In a ring LAN it is often the case that the token is passed from each station to the next station
physically in the ring, in which case, the labeling of the stations will go clockwise around the ring as
shown. If some stations are to be given preferential service this is easily arranged by suitable NA
addressing. If a station is non-operative passing the token to it is a waste of time and so the station
passing the token will automatically pass the token to the next active station. This action by-passes
the non-operative station and re-establishes the logical loop. The token is periodically offered to a
non-operative station so that if it should become active again it will automatically become on line.
This idea is shown in figure below.

MA 1 MA 2 MA 3
NA 2 NA 3 NA 5

MA 5 MA 4
NA 1 NAXX Inoperative
Station
 10
Fig. Token- Passing Bus LAN.
The logical loop is completed in figure 4.4 by station 3 having a next address of NA5 that will ensure
that the token is passed from station 3 to station 5.
In order to prevent any one station to monopolize the system, each repeater that is serving a station
that is able to both transmit and receive has two modes of operation known as the LISTEN and the
TRANSMIT modes. When a repeater is in the listen mode it checks the destination address of each
packet to see if it matches the address of its associated station. When a match is found the data in the
packet is copied and sent to the station.
When a station has data to send the repeater must seize the token; it then enters the transmit mode
and the token is marked ―busy‖.
In this way, a station that has just transmitted data cannot re-use the packet immediately but must
wait for a short time before it can again seize the token.

2) Ethernet LAN
What is contention? Contention means that the computers are contending for use of the transmission
media. In pure contention-based access control, any computer can transmit at a time. This system
breaks down when two computers attempt to transmit at the same time, in which case a collision
occurs.
Mechanisms are therefore, usually put into place to minimize the effects of collisions. One such
mechanism is carrier sensing. Another is carrier detection. The Ethernet LAN uses these access
techniques, and is formally called carrier sense multiple-access with collision detection
(CSMA/CD). Each computer listens to the network before attempting to transmit and if the network
is busy the computer refrains from transmitting until the network quiets down. This is known as
carrier sensing.
With ‗Carrier Detection‘ computers continue to listen to the network as they transmit. If a computer
detects another signal that interferes with the signal it‘s sending, it stops transmitting. Both
computers then wait a random amount of time and attempt to retransmit.
Multiple Accesses means that any station or computer on the LAN is able to try to transmit data over
the LAN at any time. CSMA/CD is used to deal with the simultaneous attempt by two or more
stations to transmit data into the LAN. Ethernet usually employs a baseband bus system. In
baseband the entire cable bandwidth is used to transmit a digital signal. The cable is called the ether
and each station is connected to it via an interface cable, to a transceiver, which is, in turn, connected
to the LAN. The basic arrangement of an Ethernet LAN is shown in figure below.
A broadband LAN – uses frequency division multiplex (FDM) techniques to divide the bandwidth
of a coaxial cable into a number of 6MHz channels so channels can transmit simultaneously.

STATION STATION

TRANSCEIVER TRANSCEIVER

TRANSCEIVER TRANSCEIVER

STATION STATION
 11
Fig. 4.5: Ethernet LAN.
A segment may have up to 100 stations connected to it and it may be up to 500m long.
The different varieties of Ethernet networks are commonly called Ethernet topologies. Typically;
Ethernet networks use a bus topology, although some use a star topology and a bus logical topology.
Microsoft uses the term ―star bus‖ topology to describe 10 BASE-T. Ethernet networks, depending
on the specification, operate at 10 or 100 Mbps using baseband transmission. Other Ethernet
topologies include:
10 BASE 2
10 BASE 5
10 BASE-T
10 BASE-FL
100 VG-ANYLAN
100 BASE-X
Note that the name of each Ethernet topology begins with a number (10 or 100). That number
specifies the transmission speed for the network. For instance, 10 BASE 5 is designed to operate at
10Mbps and so on.
Ethernet networks transmit data in small units called frames, usually between 64-1,518 bytes.
A typical Ethernet II frame has the following section:
1) Preamble – a field that signifies the beginning of the frame.
2) Address – source and destination addresses for the frame.
3) Type – a field that designates the network layer protocol.
4) Data – the data being transmitted.
5) CRC – Cyclical Redundancy Check for error checking.

Architecture of Wide Area Network

Wide Area Networks (WANs) connect networks in larger geographic areas, such as Nigeria, India,
or the world Dedicated transoceanic cabling or satellite uplinks may be used to connect this type of
global network.
Figure below illustrates a typical architecture of a wide-area network (WAN).

H
IMP IMP
COMMUNICATION H
Interface Message SUBNET
Processor

IMP IMP
H

Fig. Architecture of a WAN.

As indicated, the communication subnet itself consists of a number of communication processors

connected by physical communication lines. Dedicated communication processors act as switching
elements between two or more communication lines (also called transmission lines, trunks, circuits
or channels). After the original ARPANET implementation, the communication processors are often
called interface message processors, (or IMPs). A host processor wishing to communicate with
 12
another host typically presents its request to the designated IMP, although a single IMP may serve
several hosts. The IMP- to – IMP communication channels may be one of the two broad types.
i) Point-to-point
ii) Broadcast.

i) Point-to-point links are dedicated physical lines used to connect a specific pair of IMP
ii) Broadcast: To send a message to all stations or an entire class of stations connected to the
networks.
Using a WAN, schools in Nigeria can communicate with places like Tokyo in a matter of seconds,
without paying enormous phone bills. Two users a half-world apart with workstations equipped with
microphones and a webcams might teleconference in real time. A WAN is complicated. It uses
multiplexes, bridges, and routers to connect local and metropolitan networks to global
communications networks like the Internet. To users, however, a WAN will not appear to be much
different than a LAN.
Advantages of Installing a Network
User Access Control
Modern networks almost always have one or more servers to which they have access. User
credentials on a privately-owned and operated network may be as simple as a user name and
password, but with ever-increasing attention to computing security issues, these servers are critical to
ensuring that sensitive information is only available to authorized users.

Information Storing and Sharing

Computers allow users to create and manipulate information. Information takes on a life of its own
on a network. The network provides both a place to store the information and mechanisms to share
that information with other network users.
Connections
Administrators, instructors, and even students and guests can be connected using the campus
network.
Services
The institution can provide services, such as registration, college directories, course schedules,
access to research, and email accounts, and many others. (Remembers, network services are
generally provided by servers).
Internet
The institution can provide network users with access to the internet, via an internet gateway.
Computing resources
The institution can provide access to special purpose computing devices which individual users
would not normally own. For example, an institution network might have high-speed high quality
printers strategically located around a campus for instructor or student use.

Flexible Access
Institution networks allow students to access their information from connected devices throughout
the school. Students can begin an assignment in their classroom, save part of it on a public access
area of the network, then go to the media center after school to finish their work. Students can also
work cooperatively through the network.

Workgroup Computing
Wide Area Networks (WANs) connect networks in larger geographic areas, such as Maharashtra,
India, or the world Dedicated transoceanic cabling or satellite uplinks may be used to connect this
type of global network.
 13
Collaborative software allows many users to work on a document or project concurrently. For
example, educators located at various institution within a country could simultaneously contribute
their ideas about new curriculum standards to the same document, spreadsheets, or website.

Disadvantages of Installing a Network

Expensive to Install
Large campus networks can carry hefty price tags. Cabling, network cards, routers, bridges,
firewalls, wireless access points, and software can get expensive, and the installation would certainly
require the services of technicians. But, with the ease of setup of home networks, a simple network
with internet access can be setup for a small campus in an afternoon.
Requires Administrative Time
Proper maintenance of a network requires considerable time and expertise. Many schools have
installed a network, only to find that they did not budget for the necessary administrative support.

Servers Fail
Although a network server is no more susceptible to failure than any other computer, when the files
server ―goes down‖ the entire network may come to a halt. Good network design practices say that
critical network services (provided by servers) should be redundant on the network whenever
possible.

Cables May Break

The Topology chapter presents information about the various configurations of cables. Some of the
configurations are designed to minimize the inconvenience of a broken cable, with other
configurations, one broken cable can stop the entire network.

Security and Compliance

Network security is expensive. It is also very important. An institution network would possibly be
subject to more stringent security requirements than a similarly-sized corporate network, because of
its likelihood of storing personal and confidential information of network users, the danger of which
can be compounded if any network users are minors. A great deal of attention must be paid to
network services to ensure all network content is appropriate for the network community it serves.
What is a Topology?
A topology is a description of the layout of a specific region or area. A network topology is a
description of the layout of the region or area covered by that network.
There are two types of connections that describe how many devices connect to a single cable or
segment of transmission media. They are: point-to-point and multi-point.
Point-to-point connections provide a direct link between two devices; for example, a computer
connected directly to a printer, or a modem to a mainframe.
Multi-point connections provide a link between three or more devices on a network. All computer
networks rely upon point-to-point and multi-point connections.

The Technical Connotation of Topology

The virtual shape or structure of a network is referred as topology.

The pattern or layout of interconnections of different elements or nodes of a computer network is a
network topology that might be logical or physical.
However, the complete physical structure of the cable (or transmission media) is called the physical
topology. The physical topology of a network refers to the configuration of cables, computers and
other peripherals.
The way data flows through the network (or transmission media) is called the logical topology. A
logical topology is the method used to pass information between workstations.
 14
What are the Basic Types of Topology?
There are seven basic topologies in the study of network topology:
1. Point-to-point topology
2. Bus (point-to-multipoint) topology
3. Ring topology
4. Star topology
5. Hybrid topology
6. Mesh topology and
7. Tree topology
The interconnections between computers whether logical or physical are the foundation of this
classification.
Logical topology is the way a computer in a given network transmits information, not the way it
looks or connected, along with the varying speeds of cables used from one network to another.
On the other hand the physical topology that is, (cabling methodology) is affected by a number of
factors:
Troubleshooting technique
Installation cost,
Office layout and
Cables‘ types.
The physical topology is figured out on the basis of a network‘s capability to access media and
devices, the fault tolerance desired and the cost of telecommunications circuits.

What are the types of Physical Topologies?

Point-to-Point Network Topology

It is the basic model of typical telephony. The simplest topology is a permanent connection between
two points. The value of a demanding point-to-point network is proportionate to the number of
subscribers‘ potential pairs. It is possible to establish a permanent circuit within many switched
telecommunication systems: the telephone present in a lobby would always connect to the same port,
no matter what number is being dialed. A switch connection would save the cost between two points
where the resources could be released when no longer required.

Bus Network Topology

LAN that makes use of bus topology connects each node to a single cable. Some connector connects
each computer or server to the bus cable. For avoiding the bouncing of signal a terminator is used at
each end of the bus cable. The source transmits a signal that travels in both directions and passes all
machines unless it finds the system with IP address, the intended recipient. The data is ignored in
case the address is unmatched. The installation of one cable makes bus topology an inexpensive
solution as compared to other topologies: however the maintenance cost is high. If the cable is
broken all systems would collapse.

Linear Bus: If all network nodes are connected to a combine transmission medium that has two
endpoints, the Bus is Linear. The data transmitted between these nodes is transmitted over the
combine medium and received by all nodes simultaneously.

Distributed Bus: if all network nodes are connected to a combine transmission medium that has
more than two endpoints created by branching the main section of the transmitting medium.
 15

Bus Network Topology

A linear bus topology consists of a main run of cable with a terminator at each end (See fig. 1). All
nodes (file server, workstations, and peripherals) are connected to the linear cable. A bus topology
uses one long cable (backbone) to which network devices are either directly attached or are attached
by using short drop cables. Because all workstations share this bus, a workstation checks for any
information that might be coming down the backbone before sending their messages. All messages
pass the other workstations on the way to their destinations. Each workstation then checks the
address of each message to see if it matches its own. Note that bus network topologies, the backbone
must be terminated at both ends to remove the signal from the wire after it has passed all devices on
the network.
terminator

or

file server

terminator terminator

terminator

file server

Advantages of a Linear Bus Topology

Easy to connect a computer or peripheral to a linear bus. Requires less cable length than a star
topology.
Disadvantages of a Linear Bus Topology
Entire network shuts down if there is a break in the main cable.
Terminators are required at both ends of the backbone cable.
Difficult to identify the problem if the entire network shuts down.
Not meant to be used a stand-alone solution in a large building.
Star Network Topology
The topology when each network host is connected to a central hub in LAN is called Star. Each
node is connected to the hub with a point-to-point connection. All traffic passes through the hub that
serves as a repeater or signal booster. The easiest topology to install is hailed for its simplicity to add
more nodes but criticized for making hub the single point of failure. The network could be BMA
(broadcast multi-access) or NBMA (non-broadcast multi-access) depending on whether the signal is
automatically propagated at the hub to all spokes or individually spokes with those who are
addressed.
Extended Star: A network that keeps one or more than one repeaters between the central node or
hub and the peripheral or the spoke node, supported by the transmitter power of the hub and beyond
that supported by the standard of the physical layer of the network.
 16
Distributed Star: The topology is based on the linear connectivity that is Daisy Chained with no top
or centre level connection points.

Advantages of a Star Topology

Easy to install and wire.
No disruptions to the network when connecting or removing devices.
Easy to detect faults and to remove parts.

Disadvantages of a Star Topology

Requires more cable length than a linear topology.
If the hub, switch, or concentrator fails, nodes attached are disabled.
More expensive than linear bus topologies because of the cost of the hubs, etc.

Ring Network Topology

Ring topology is one of the old ways of building computer network design and it is pretty much
obsolete. FDDI, SONET or Token Ring technologies are used to build ring technology. It is not
widely popular in terms of usability but incase if you find it anywhere it will mostly be in schools or
office buildings. Such physical setting sets up nodes in a circular manner where the data could travel
in one direction where each device on the right serves as a repeater to strengthen the signal as it
moves ahead.

Ring

Mesh Network Topology

The exponent of the number of subscribers is proportionate to the value of the fully meshed
networks.
Fully Connected: For practical networks such topology is too complex and costly but highly
recommended for small number of interconnected nodes.

Mesh (or fully interconnected) network

A mesh network has a number of fully interconnected nodes as shown in figure below and this
allows it to provide a multiplicity of possible paths for any required inter-terminal connection. The
multiple message paths reduce the effects of any link and/or node failures and congestion since any
desired connection can always be rerouted.
 17

Fig. Mesh Network

Mesh or fully connected systems are fast and reliable but expensive since the number of links grows
as the square of the number of hosts. If there is N nodes in the network, mesh requires NP = N(N –
1)/2 physical channels to link them. Similarly, the number of ports per device equals N – 1.

Advantages
i) No traffic problem
ii) Better security as each message travels on a dedicated line, only the intended recipient can
receive it.
iii) Roboust to link failures: If one link fails, the data can be transmitted in alternate path.
iv) Fault identification/isolation is easy due to point to point link.

Disadvantages
i) Cost of network is very high
ii) Required complex installation and reconfiguration
iii) Bulk of wire requires large space to accommodate it
iv) Bulk of wire and large number of ports leads to complex troubleshooting.

 Partially Connected: This set up involves the connection of some nodes to more than one
nodes in the network via point-to-point link. In such connection it is possible to take
advantage of the redundancy without any complexity or expense of establishing a connection
between each node.

Partially connected network

In a partially connected Network all the nodes are not fully connected, see figure below:
 18

Lowering the number of physical connections reduces costs. On the negative side, it requires routing
of messages exchanged between hosts that are not directly connected.

Hybrid Topology
Hybrid topologies are combination of two or more different topologies. WANs sometimes have
hybrid topologies because they connect a variety of LAN topologies. The big advantage of hybrid
topologies is that they connect disparate topologies. However, the disadvantage of hybrid topologies
is that they are potentially complex to establish and manage.

Tree Network Topology

The top level of the hierarchy, the central root node is connected to some nodes that are a level lower
in the hierarchy by a point-to-point link where the second level nodes that are already connected to
central root would be connected to the nodes in the third level by a point-to-point link. The central
root would be the only node having no higher node in the hierarchy. The tree hierarchy is
symmetrical. The BRANCHING FACTOR is the fixed number of nodes connected to the next level
in the hierarchy. Such network must have at least three levels. Physical Linear Tree Topology
would be of a network whose Branching Factor is one.

Nodes

Nodes

Concentrato
r (Hub)

Backbone Cable

Advantages of a Tree Topology

Point-to-point wiring for individual segments.
Supported by several hardware and software venders.
Disadvantages of a Tree Topology
Overall length of each segment is limited by the type of cabling used.
If the backbone line breaks, the entire segment goes down.
More difficult to configure and wire than other topologies.

Considerations When Choosing a Topology

 19
Money. A linear bus network may be the least expensive way to install a network; you do not have
to purchase concentrations.
Length of cable needed. The linear bus network uses shorter lengths of cable.
Future growth. With a star topology, expanding a network is easily done by adding another
concentrator.
Cable type. The most common cable in schools is unshielded twisted pair.

INTER-NETWORKING DEVICES
The interconnection of LANs is known as inter-networking. Internetworking gives a user access to
additional facilities, data and stations.
The following list details some common internet work connectivity devices:
a) Routers
b) Bridges
c) Brouters
d) Switches
e) Repeaters
f) Gateways

a) Routers (resides in layer 3)

A router is an intermediate system used to connect two LANs that use similar or dissimilar LAN
protocols. A router routes packets of data between different LANs as well as undertaking various
network management tasks such as network traffic control.
A router must be able to integrate differing LAN protocols, for example, NetWare and DECnet, and
interface to a host computer. A router may employ the Transmission Control Protocol/ Internet
protocol (TCP/IP) to integrate LAN of different protocols.
A router normally has access to a routing table, which holds information about the network. The
router can use this information to select a path through the network to link a station in one LAN to its
required destination in another LAN.
When a data packet is received the router looks up the internal routing table to determine possible
routes to the destination LAN.

The router can then select the best route to be used; best depend upon such factors as speed, cost and
availability. A router usually resides in network layer 3.
If a link should become faulty the router should be able to choose an alternative routing. Most router
support the internet protocol (IP), which is a subset of the Transmission Control Protocol/Internet
Protocol (TCP/IP) and Internet Packet Exchange (IPX).
These protocols make it possible for servers using different software to be inter-connected.

b) Bridges (resides in layer 2)

Circuits known as bridges are employed to connect two LANs together and allow packets of data to
travel from one LAN to another, with each network unaware that the other network is, in fact,
remote.
Bridges operate on layer 2 (i.e., data link layer) of the OSI model. A bridge provides a link between
two similar types of LAN, e.g. Two Ethernet or two token-passing LANs. It extends a LAN over
wider area, making the entire interconnected segment appear to be part of one much larger LAN.
A bridge can make this determination because each device on the network is identified by a unique
address. Each packet that is transmitted bears the address of the device to which it should be
delivered. The process works as follows.
1) The bridge receives every packet on LAN A and LAN B.
2) The bridge learns from the packets which device addresses are located on LAN A and which
on LAN B.
 20
3) Packets on LAN A that are addressed to devices on LAN A are ignored or discarded, as are
packets on LAN B that are addressed to devices on LAN B. These packets can be delivered
without the help of the bridge.
4) Packets on LAN A addressed to devices on LAN B are retransmitted to LAN B for delivery;
similarly, the appropriate packets on LAN B are retransmitted to LAN A.
Bridges, however, have certain limitations that become more significant in complex network
situations:
i) Bridges cannot join dissimilar types of LANs. This is because bridges depend on the
physical device addresses which are functions of the Data link layer, and different data link
layer protocols are used for each type of network.
ii) A network with bridges generally cannot include redundant paths. (Redundant paths are
desirable because they enable the network to continue functioning when one path goes
down.)
iii) Bridges cannot analyze the network to determine the fastest route over which to forward a
packet. When multiple routes exist. This is a desirable capability, particularly in wide area
network (WANs), where some routes are often considerably slower than other.

c) Broutes
A brouter is a router that also can act as a bridge. A brouter attempts to deliver packets based
on network protocol information, but if a particular network layer protocol isn‘t supported,
the brouter bridges the packet using device addresses.

d) Switches: A switch is like a bridge with multiple connections, allowing connection of several
buses rather than just two like in bridge. A switch usually resides in network layer 2.
e) Repeaters: Is a device that connects two buses to form a single long or extended bus. The
repeater simply passes signal back and forth between the two buses (with amplification)
without considering the meaning of the signals. A repeater usually resides in network layer 1.
f) Gateways: Is used for connecting two or more LANs through an intermediate Public data
network (PDN).

It is the most complex form of connection between two LANs. A gateway is used to inter-connect
two LANs that employ different protocol, systems, such as a PC network and a mainframe computer.
Often a gateway is a PC supplied with controller emulation software.
The gateway generally runs software that emulates a cluster controller to enable a number of PCs to
be given access to the mainframe. The PCs must each be fitted with terminal emulation software.
Most mainframe computers require terminals to act in a specified manner with regard to such things
as their response to commands to:
i) Update the screen
ii) Position the cursor and
iii) Read the keyboard.
Terminal emulation software allows a PC to act as though it were a mainframe terminal.
Gateways commonly function at the OSI Application layer.

Introduction to Routing
What is Routing?
Routing is the act of moving information across an internet from a source to a destination. Along the
way, at least one intermediate node typically is encountered. Routing is often contrasted with
bridging, which might seem to accomplish precisely the same thing to the casual observer. The
primary difference between the two is that bridging occurs at Layer 2 (the data link layer) of the OSI
reference model, whereas routing occurs at Layer 3 (the network layer). This distinction provides
 21
routing and bridging with different information to use in the process of moving information from
source to destination, so the two functions accomplish their tasks in different ways.
Routing Components
Routing involves two basic activities: determining optimal routing paths and transporting
information groups (typically called packets) through an internet work. In the context of the routing
process, the latter of these is referred to as packet switching. Although packet switching is relatively
straightforward, path determination can be very complex.
Path Determination
Routing protocols use metrics to evaluate what path will be the best for a packet to travel. A metric
is a standard of measurement, such as path bandwidth, that is used by routing algorithms to
determine the optimal path to a destination. To aid the process of path determination, routing
algorithms initialize and maintain routing tables, which contain route information. Route
information varies depending on the routing algorithm used.

Routing algorithms fill routing tables with a variety of information. Destination/next hop
associations tell a router that a particular destination can be reached optimally by sending the packet
to a particular router representing the ―next hop‖ on the way to the final destination. When a router
receives an incoming packet, it checks the destination address and attempts to associate this address
with a next hop.
Router 1 Router 2

Packet to
router x

11 11
Routing table Routing table
Dest Send to Dest Send to
X R2 X R1

Already update Not yet updated

Fig. Destination/Next Hop Associations Determine the Data’s Optimal Path

Routing tables also can contain other information, such as data about the desirability of a path.
Routers compare metrics to determine optimal routes, and the metrics differ depending on the design
of the routing algorithm used. Routers communicate with one another and maintain their routing
tables through the transmission of a variety of messages. The routing update message is one such
message that generally consists of all or a portion of a routing table. By analyzing routing updates
from all other routers, a router can build a detailed picture of network topology. A link-state
advertisement, another example of a message sent between routers, informs other routers of the state
of the sender‘s links. Link information also can be used to build a complete picture of network
topology to enable routers to determine optimal routes to network destinations.

Routing Algorithms – Introduction

Routing algorithms can be differentiated based on several key characteristics. First, the particular
goals of the algorithm designer affect the operation of the resulting routing protocol. Second,
various types of routing algorithms exist, and each algorithm has a different impact on network and
router resources.
Finally, routing algorithms use a variety of metrics that affect calculation of optimal routes.
Dijkstra’s algorithm (DA)
 22
DA can be stated as: Find the shortest paths from a given source node to all other nodes, by
developing the paths in order of increasing path length. The algorithm proceeds in stages. By the
kth stage, the shortest paths to the k nodes closest to (least cost away from) the source node have
been determined; these nodes are in a set T. At stage (k+1), the node not in T that has the shortest
path from the source node is added to T.
As each node is added to T, its path from the source is defined. The algorithm can be
formally described as follows:

Define
N = set of node in the graph
S = source node
T = set of nodes so far incorporated by the algorithm
w(i,j) = link cost from node i to node j, w(i,j) = 0; w(i,j) =  if the two nodes are not directly connected; w(i,j)  0 if the
two nodes are directly connected.

L((n) = cost of the least-cost path from node S to node n that is currently known to the algorithm; at termination, this is
the cost of the least-cost path in the graph from S to n.

The algorithm has three steps; step 2 and 3 are repeated until T=N. That is, step 2 and 3 are repeated until final paths
have been assigned to all nodes in the graph.

Step 1. [Initialization]
T= {S}, i.e., the set of nodes so far incorporated consists of only the source node
L(n) = w(s,n) for ns, i.e., the initial path costs to neighboring nodes are
simply the link costs.

Step2: [Get Next node] Find the neighboring node not in T that has the least-cost path from node S and incorporate
that node into T; Also incorporate the edge that is incident on that node and a node in T that contributes to the
path. This can be expressed as:
Find xT such that L(x) = Min L(j)
jT
Step3: [update Least-Cost Paths]
L(n) = min[L(n), L(x) + w(x,n)] for all nT

If the latter term is the minimum, the path from S to n is now the path from S to x concatenated with the edge
from x to n.
The algorithm terminates when all nodes have been added to T. At termination, the value L(x) associated with each node
x is the cost (Length) of the Least-cost path from S to x. In addition, T defines the Least-cost path from S to each other
node.
8
5 3
2
2
6 3
3 5
1 2 2 8
3
3 1 1 6
1
7 2
1 4
4 5
1

(S=I) L(2) Path L(3) Path L(4) Path L(5) Path L(6) Path
Iteration[T]
1 [1] 2 1-2 5 1-3 1 1–4  -  -
2 [1, 4] 2 1-2 4 1-4-3 1 1–4 2 1-4-5  -
3 [1, 2, 4] 2 1-2 4 1-4-3 1 1–4 2 1-4-5  -
 23
4 [1,2,4,5] 2 1-2 3 1-4-5-3 1 1–4 2 1-4-5 4 1-4-5-6
5 [1,2,3,4,5] 2 1-2 3 1-4-5-3 1 1–4 2 1-4-5 4 1-4-5-6
6 [1,2,3,4,5,6] 2 1-2 3 1-4-5-3 1 1–4 2 1-4-5 4 1-4-5-6

The shortest path (fewest hops) from node 1 to node 6 is 1-3-6 (cost = 5 + 5 = 10), but the Least-cost
path is 1-4-5-6 (cost = 1 + 1 + 2 = 4).

Bellman-Ford Algorithm (BFA)

The BFA can be stated as follows: Find the shortest paths from a given source node subject to the
constraint that the paths contain at most one link, then find the shortest paths with a constraint of
paths of at most two links, and so on. This algorithm also proceeds in stages. The algorithm can be
formally described as follows Define

S = Source code
w(i,j)= Link cost from node i to node j; w(i,i) = 0; w(i,j) = 
if the two nodes are not directly connected;
w(i,j)  0 if the two nodes are directly connected.

h = maximum number of links in a path at the current stage of the algorithm.

Lh(n)= cost of the Least-cost path from node S to node n under the constraint of no more than h links

Algorithm:
1. [Initialization]
L0(n) = , for all no  S
Lh(S) = 0, for all h

2. [Update]
For each successive h  0;
For each n  S, compute
Lh+1(n) = min[Lh(j) + w(j,n)
j
Connect n with the predecessor node j that achieves the minimum and eliminate any connection of n with a
different predecessor node formed during an earlier iteration. The path from S to n terminates with the link from j to n.

For the iteration of step 2 with h = k, and for each destination node n, the algorithm compares potential paths
from S to n of length K+1 with the path that existed at the end of the previous iteration. If the previous, shorter path has
less cost, then that path is retained. Otherwise, a new path with length K+1 is defined from S to n; this path consists of a
path of length K from S to some node j, plus a direct hop from node j to node n. In this case, the path from S to j that is
used is the k-hop path for j defined in the previous iteration.
The Bellman-Ford Algorithm is displayed in the table below:

H Lh(2) Path Lh(3) Path Lh(4) Path Lh(5) Path Lh(6) Path
0  -  -  -  -  -
1 2 1-2 5 1–3 1 1–4  -  -
2 2 1-2 4 1-4-3 1 1–4 2 1-4-5 10 1-3-6
3 2 1-2 3 1-4-5-3 1 1–4 2 1-4-5 4 1-4-5-6
4 2 1-2 3 1-4-5-3 1 1–4 2 1-4-5 4 1-4-5-6

STANDARDS ORGANIZATIONS AND THE ISO

The development and implementation of de jure standards is regulated by standards organizations.
For example, the International Telecommunication Union (ITU) and the Institute of Electrical and
Electronic Engineers (IEEE), among others are responsible for several prominent network standards
that support the International Standards Organization‘s objective of network interoperability.
 24
The International Standards Organization (ISO) was derived from the Greek Prefix ISO,
meaning ―same‖.
ISO develops and publishes standards and coordinates the activities of all national
standardization bodies. In 1977, the ISO initiated efforts to design a communication standard based
on the open systems architecture theory from which computer networks would be designed. This
model came to be known as the Open Systems Interconnected (OSI) Model. A system is open if it
employs agreed (i.e., standardized) protocols when it communicates with the outside world.

CONCEPT OF LAYERED TASK

i. The main objective of a computer network is to be able to transfer the data from sender to
receiver. This task can be done by breaking it into small sub tasks, each of which are well
defined.

ii. Each subtask will have its own process or processes to do and will take specific inputs and
give specific outputs to the subtask before or after it. In more technical terms we can call
these sub tasks as layers.

iii. In general, every task or job can be done by dividing it into sub task or layers. Consider the
example of sending a letter where the sender is in City A and receiver is in city B.

iv. The process of sending letter is shown below:

A letter is written, put in an Higher The letter is picked up,

envelope, dropped in the Layer envelop removed and then
mail box read

Post man collects the letter Post man carries the letter
from mail box and delivers Middle from post office to
to post office Layer receivers’ mail box

At the post office all the The letter is delivered to the

letters are sorted area-wise Lower destination post office
and is now ready to be Layer through the carrier
carried to the destination
post office

Letter carried from source to Destination

Fig: Concept of layer task: sending a letter

v. The above figure shows

a. Sender, Receiver & Carrier
b. Hierarchy of layers
vi. At the sender site, the activities take place in the following descending order:
 25
a. Higher Layer: The sender writes the letter along with the sender and receivers address
and put it in an envelop and drops it in the mailbox.
b. Middle Layer: The letter is picked up by the post man and delivered to the post office.
c. Lower Layer: The letters at the post office are sorted and are ready to be transported
through a carrier.

vii. During transition the letter may be by truck, plane or ship or a combination of transport
modes before it reaches the destination post office.
viii. At the Receiver site, the activities take place in the following ascending order:
a. Lower Layer: The carrier delivers the letter to the destination post office.
b. Middle Layer: After sorting, the letter is delivered to the receivers mail box.
c. Higher Layer: The receiver picks up the letter, opens the envelop and reads it.
ix. Hierarchy of Layers: The activities in the entire task are organized into three layers. Each
activity at the sender or receiver side occurs in a particular order at the hierarchy.
x. The important and complex activities are organized into the Higher Layer and the simpler
ones into middle and lower layer.
OPEN SYSTEMS INTERCONNECTION REFERENCE MODEL
(OSI)
Introduction to OSI Model & Its Layers
The Open Systems Interconnection (OSI) Model was developed by International Organization for
Standardization (ISO).
ISO is the organization, OSI is the model.
It was developed to allow systems with different platforms to communicate with each other.
Platform could mean hardware, software or operating system.
It is a network model that defines the protocols for network communications.
It is a hierarchical model that groups its processes into layers. It has 7 layers as follows: (Top to
Bottom)
1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
5. Network Layer
6. Data Link Layer
7. Physical Layer
Each layer has specific duties to perform and has to cooperate with the layers above and below it.
Description of Layers in the OSI Model
Physical Layer
i. The Physical Layer provides a standardized interface to physical transmission media,
including:
a. Mechanical specification of electrical connectors and cables,
for example maximum cable length
b. Electrical specification of transmission line
c. Bit-by-bit or symbol-by-symbol delivery.

ii. On the sender side, the physical layer receives the data from Data Link Layer and
encodes it into signals to be transmitted onto the medium. On the receiver side, the
 26
physical layer receives the signals from the transmission medium decodes it back into
data and sends it to the Data Link Layer as shown in the figure below.

From data link layer To data link layer

Physical Physical
layer 10101000000010111 10101000000010111 layer

Transmission medium

Fig: Transmission of data to and from Physical Layer

iii. Interface
The Physical Layer defines the characteristics of interfaces between the devices &
transmission medium.
iv. Representation of bits
The physical layer is concerned with transmission of signals from one device to
another which involves converting data (1‘s & 0‘s) into signals and vice versa. It is
not concerned with the meaning or interpretation of bits.
v. Data rate or Bit rate
The physical layer defines the data transmission rate i.e. number of bits sent per
second. It is the responsibility of the physical layer to maintain the defined data rate.
vi. Synchronization of bits
To interpret correct and accurate data the sender and receiver have to maintain the
same bit rate and also have synchronized clocks.
vii. Line configuration
The physical layer defines the nature of the connection i.e. a point to point link, or a
multi point link.
viii. Physical Topology
The physical layer defines the type of topology in which the device is connected to
the network. In a mesh topology it uses a multipoint connection and other topologies
it uses a point to point connection to send data.
ix. Transmission mode
The physical layer defines the direction of data transfer between the sender and
receiver. Two devices can transfer the data in simplex, half duplex or full duplex
mode.
x. Main responsibility of the physical layer
Transmission of bits from one hop to the next.
Data Link Layer
i. The Data Link layer adds reliability to the physical layer by providing error detection
and correction mechanisms.
 27
ii. On the sender side, the Data Link layer receives the data from Network Layer and
divides the stream of bits into fixed size manageable units called as Frames and sends
it to the physical layer. On the receiver side, the data link layer receives the stream of
bits from the physical layer and regroups them into frames and sends them to the
Network layer. This process is called Framing. It is shown in the figure below:

From network layer To network layer

Data T2 Frame Data T2 Frame

Data link layer

To physical layer From physical layer

Fig: Data Link Layer: The process of Framing

iii. Physical Addressing (inside / outside senders network)

a. The Data link layer appends the physical address in the header of the frame
before sending it to physical layer.
b. The physical address contains the address of the sender and receiver.
c. In case the receiver happens to be on the same physical network as the sender,
the receiver is at only one hop from the sender and the receiver address
contains the receiver‘s physical address.
d. In case the receiver is not directly connected to the sender, the physical
address is the address of the next node where the data is supposed to be
delivered.
iv. Flow control
a. The data link layer makes sure that the sender sends the data at a speed at
which the receiver can receive it else if there is an overflow at the receiver
side, the data will be lost.
b. The data link layer imposes flow control mechanism over the sender and
receiver to avoid overwhelming of the receiver.
v. Error control
a. The data link layer imposes error control mechanism to identify lost or
damaged frames, duplicate frames and then retransmit them.
b. Error control information is present in the trailer of a frame.
vi. Access Control
a. The data link layer imposes access control mechanism to determine which
device has right to send data in an multipoint connection scenario.
vii. Main Responsibility
i. The main responsibility of the data link layer is hop to hop transmission of
frames.
Network Layer
 28
i. The network layer makes sure that the data is delivered to the receiver despite
multiple intermediate devices.
ii. The network layer at the sending side accepts data from the transport layer, divides it
into packets, adds addressing information in the header and passes it to the data link
layer. At the receiving end the network layer receives the frames sent by data link
layer, converts them back into packets, verifies the physical address (verifies if the
receiver address matches with its own address) and then sends the packets to the
transport layer.
From transport layer To transport layer

Data Packet Data Packet

Network Network
layer layer

To data link layer From data link layer

Fig: Network Layer

iii. The network layer is responsible for source to destination of delivery of data. Hence it may
have to route the data through multiple networks via multiple intermediate devices. In order
to achieve this the network relies on two things:
a. Logical Addressing
b. Routing
iv. Logical Addressing
The network layer uses logical address commonly known as IP address to recognize devices
on the network.
An IP address is a universally unique address which enables the network layer to identify
devices outside the sender‘s network.
The header appended by the network layer contains the actual sender and receiver IP address.
At every hop the network layer of the intermediate node check the IP address in the header, if
its own IP address does not match with the IP address of the receiver found in the header, the
intermediate node concludes that it is not the final node but an intermediate node and passes
the packet to the data link layer where the data is forwarded to the next node.
v. Routing
The network layer divides data into units called packets of equal size and bears a sequence
number for rearranging on the receiving end.
Each packet is independent of the other and may travel using different routes to reach the
receiver hence may arrive out of turn at the receiver.
Hence every intermediate node which encounters a packet tries to compute the best possible
path for the packet. The best possible path may depend on several factors such as congestion,
number of hops, etc.

This process of finding the best path is called as Routing. It is done using routing algorithms.
 29
vi. The Network layer does not perform any flow control or error control.

vii. Main Responsibility

The main responsibility of Network Layer is transmission of packets from source to
destination.

Transport Layer
i. A logical address at network layer facilitates the transmission of data from source to
destination device. But the source and the destination both may be having multiple processes
communicating with each other. Hence it is important to deliver the data not only from the
sender to the receiver but from the correct process on the sender to the correct process on the
receiver. The transport layer takes care of process to process delivery of data and makes sure
that it is intact and in order.
ii. At the sending side, the transport layer receivers data from the session layer, divides it
into units called segments and sends it to the network layer. At the receiving side, the
transport layer receives packets from the network layer, converts and arranges into
proper sequence of segments and sends it to the session layer.
From session layer To session layer

Data Data Data Data Data Data

Segments

Transport
layer To network layer From network layer

Fig: Transport Layer

iii. To ensure process to process delivery the transport layer makes us of port address to
identify the data from the sending and receiving process. A Port Address is the name
or label given to a process. It is a 16 bit address. Ex. TELNET uses port address 23,
HTTP uses port address 80. Port address is also known as Service Point Address
(SPA).

iv. The data can be transported in a connection oriented or connectionless manner. If the
connection is connection oriented, then all segments are received in order else they
are independent of each other and are received out of order and have to be rearranged.

v. The Transport layer is responsible for segmentation and reassembly of the message
into segments which bear sequence numbers. This numbering enables the receiving
transport layer to rearrange the segments in proper order.

vi. Flow Control & Error control:

The transport layer also carries out flow control and error control functions; but unlike
data link layer these are end to end rather than node to node.
 30

vii. Main Responsibility:

The main responsibility of the transport layer is process to process delivery of the
entire message.

Session Layer

i. The session layer establishes a session between the communicating devices called
dialog and synchronizes their interaction. It is the responsibility of the session layer
to establish and synchronize the dialogs. It is also called the network dialog
controller.
ii. The session layer at the sending side accepts data from the presentation layer adds
checkpoints to it called syn bits and passes the data to the transport layer. At the
receiving end, the session layer receives data from the transport layer removes the
checkpoints inserted previously and passes the data to the presentation layer.

iii. The checkpoints or synchronization points is a way of informing the status of the data
transfer. Ex. A checkpoint after first 500 bits of data will ensure that those 500 bits
are not sent again in case of retransmission at 650th bit.

From presentation layer To presentation layer

syn syn syn syn syn syn

Session Session
layer layer

To transport layer From transport layer

iv. Main responsibility of session layer is dialog control and synchronization

Presentation Layer
i. The communicating devices may be having different platforms. The presentation
layer performs translation, encryption and compression of data.

ii. The presentation layer at sending side receives the data from the application layer
adds header which contains information related to encryption and compression and
sends it to the session layer. At the receiving side, the presentation layer receives data
from the session layer decompresses and decrypts the data as required and translates it
back as per the encoding scheme used at the receiver.
 31

From application layer To application layer

Data Data

Presentation Presentation
layer layer
To session layer From session layer

Fig: Presentation Layer

iii. Translation
The sending and receiving devices may run on different platforms (hardware,
software and operating system). Hence it is important that they understand the
messages that are used for communicating. Hence a translation service may be
required which is provided by the Presentation layers.

iv. Compression
Compression ensures faster data transfer. The data compressed at sender has to be
decompressed at the receiving end, both performed by the Presentation layer.

v. Encryption
It is the process of transforming the original message to change its meaning before
sending it. The reverse process called decryption has to be performed at the receiving
end to recover the original message from the encrypted message.

vi. Main responsibility

The main responsibility of the Presentation layer is translation, compression and
encryption.

4.3.5.7 Application Layer

i. The application layer enables the user to communicate its data to the receiver by
providing certain services. For ex. Email is sent using X.400 service.
 32
User User
(Human or program) (Human or program)

x.500 FTAM … x.400 x.500 FTAM … x.400

Data Message Data Message

Application Application
layer layer
To presentation layer From presentation layer

Fig: Application Layer

ii. X500 is a directory service used to provide information and access to distributed
objects.

iii. X400 is services that provides basis for mail storage and forwarding

iv. FTAM (File transfer, access and management)

provides access to files stored on remote computers and mechanism for transfer and
manage them locally.

v. Main Responsibility
Main Responsibility of Application layer is to provide access to network resources.

The OSI Reference Model and Protocols

Figure below, illustrates the layers of the OSI model and corresponding protocols.

LAYER PROTOCOL
APPLICATION All NFS, FTP, Telnets, SMTP, SNMP, POP
PRESENTATION People XDRI, ASN.1 etc
SESSION Seem RPC, NetBIOS, TCP
TRANSPORT To TCP, UDP, SPX
NETWORK Need IP, IPX, PIR, OOPR, X.25
IP, IPX, RIP, X.25, etc
DATA LINK Data SDLC, HDLC, 802.3 (Ethernet), 802.5 (Token)
PHYSICAL Processin 10
10 BASET, 10 BASE2,
Base T, 10Base2, RS10 BASE
232, 5
V. STANDARDS
g

NETWORK MEDIUM
Fig The OSI Reference Model and a mapping of some industry protocols.
 33
TCP/IP MODEL, ADDRESSING IN TCP/IP – IPV4

INTRODUCTION
After an understanding of the concept of layered task and then understanding the OSI model, we
introduce the TCP/IP model. This model is currently being used on our systems. TCP/IP model is a
collection of protocols often called a protocol suite. It offers a rich variety of protocols from which
we can choose from.

TCP/IP MODEL
 It is also called as the TCP/IP protocol suite. It is a collection of protocols.
 It is a hierarchical model, i.e., there are multiple layers and higher layer protocols are
supported by lower layer protocols.
 It existed even before the OSI model was developed. Originally had four layers (bottom to
top):
1. Host of Network Layer
2. Internet Layer
3. Transport Layer
4. Application Layer
The figure for TCP/IP model is as follows:

Application
Transport
Network or IP
Host to Network

Fig: Layers of TCP/IP Reference Model

The structure TCP/IP model is very similar to the structure of the OSI reference model. The
OSI model has seven layers where the TCP/IP model has four layers.
The Application layer of TCP/IP model corresponds to the Application Layer, Session and
Presentation Layer of OSI model.
The Transport layer of TCP/IP model corresponds to the Transport Layer of OSI model.
The Network layer of TCP/IP model corresponds to the Network Layer of OSI model.
The Host to network layer of TCP/IP model corresponds to the Physical and Datalink Layer
of OSI model.
The diagram showing the comparison of OSI model and TCP/IP model along with the
protocols is as shown below:
 34

Application

Presentation FTP TELNET HTTP DNS SMTP Application

Session

Transport TCP UDP SCTP Transport

ICMP ICMP

Network IP Network or IP

RARP ARP

Data link
PROTOCOLS OF UNDERLYING NETWORK Host to Network
Physical

LAYERS OF OSI MODEL LAYERS OF TCP/IP MODEL

Fig: Comparison of OSI model and TCP/IP model

Functions of the Layers of TCP/IP model:

A. Host to Network Layer
This layer is a combination of protocols at the physical and data link layers.
It supports all standard protocols used at these layers.
B. Network Layer or IP
Also known as the Internet work Layer (IP). It holds the IP protocol which is a network layer
protocol and is responsible for source to destination transmission of data.
The Internetworking Protocol (IP) is a connection-less and unreliable protocol.

It is a best effort delivery service, i.e. there is no error checking in IP, it simply sends the data and
relies on its underlying layers to get the data transmitted to the destination.
IP transports data by dividing it into packets or datagrams of same size. Each packet is
independent of the other and can be transported across different routes and can arrive out of order at
the receiver.
In other words, since there is no connection set up between the sender and the receiver the packets
find the best possible path and reach the destination. Hence, the word connection-less.
 35
The packets may get dropped during transmission along various routes. Since IP does not make any
guarantee about the delivery of the data, its call an unreliable protocol.

Even if it is unreliable, IP cannot be considered weak and useless; since it provides only the
functionality that is required for transmitting data thereby giving maximum efficiency. Since there is
no mechanism of error detection or correction in IP, there will be no delay introduced on a medium
where there is no error at all.

IP is a combination of four protocols:

1. ARP
2. RARP
3. ICMP
4. IGMP

1. ARP – Address Resolution Protocol

i. It is used to resolve the physical address of a device on a network, where its
logical address is known.
ii. Physical address is the 48- bit address that is imprinted on the NIC or LAN
card, Logical address is the Internet Address or commonly known as IP
address that is used to uniquely and universally identify a device.
2. RARP-Reverse Address Resolution Protocol
i. It is used by a device on the network to find its Internet address when it knows
its physical address.

3. ICMP – Internet Control Message Protocol

i. It is a signaling mechanism used to inform the sender about datagram
problems that occur during transit.
ii. It is used by intermediate devices.
iii. In case and intermediate device like a gateway encounters any
problem like a corrupt datagram it may use ICMP to send a message to the
sender of the datagram.
4. IGMP-Internet Group Message Protocol
i. It is a mechanism that allows to send the same message to a group of
recipients.

C. Transport Layer
Transport layer protocols are responsible for transmission of data running on a process of one
machine to the correct process running on another machine.
The transport layer contains three protocols
1. TCP
2. UDP
3. SCTP
1. TCP – Transmission Control Protocol
i. TCP is a reliable connection-oriented, reliable protocol i.e. a connection is
established between the sender and receiver before the data can be transmitted.
 36
ii. It divides the data it receives from the upper layer into segments and tags a
sequence number to each segment which is used at the receiving end for
reordering of data.

2. UDP – User Datagram Protocol

i. UDP is a simple protocol used for process to process transmission.
ii. It is an unreliable, connectionless protocol for applications that do not require
flow control or error control.
iii. It simply adds port address, checksum and length information to the data it
receives from the upper layer.
3. SCTP – Stream Control Transmission Protocol
i. SCTP is a relatively new protocol added to the transport layer of TCP/IP
protocol suite.
ii. It combines the features of TCP and UDP.
iii. It is used in applications like voice over Internet and has a
much broader range of applications.

D. Application Layer
i. The Application Layer is a combination of Session. Presentation and
Application Layers of OSI models and define high level protocols like File
Transfer (FTP). Electronic Mail (SMTP). Virtual Terminal (TELNET).
Domain Name Service (DNS), etc.
ADDRESSING IN TCP/IP

The TCP/IP protocol suited involves 4 different types of addressing:

1. Physical Address
2. Logical Address
3. Port Address
4. Specific Address
 37

APPLICATION APPLICATION
Processes
LAYER LAYER

TRANSPORT PORT
TCP UDP SCTP
LAYER ADDRESS

IP and other
NETWORK LOGICAL
associated
LAYER ADDRESS
protocols

HOST TO Protocols of underlying network PHYSICAL

NETWORK used at physical & data link ADDRESS
LAYER layer

Fig: Addressing in TCP/IP model

Each of these addresses is described below:

1. Physical Address
i. Physical Address is the lowest level of addressing, also known as link address.
ii. It is local to the network to which the device is connected and unique inside it.
iii. The physical address is usually included in the frame and is used at the data
link layer.
iv. MAC is a type of physical address that is 6 byte (48 bit) in
size and is imprinted on the Network Interface Card (NIC) of the device.
v. The size of physical address may change depending on the type of network.
Ex. An Ethernet network uses a 6 byte MAC address.
2. Logical Address
i. Logical Addresses are used for universal communication (.ie, for log device to
logical device identification)
ii. Most of the times the data has to pass through different
networks; since physical addresses are local to the network there is a
possibility that they may be duplicated across multiples networks, also the
 38
type of physical address being used may change with the type of network
encountered. For example; Ethernet to wireless, to fiber optic. Hence
physical addresses are inadequate for source to destination delivery of data in
an internet work environment.
iii. Logical Address is also called as IP Address (Internet Protocol address).
iv. At the network layer, device i.e. computers and routers are identified
universally by their IP Address.
v. IP addresses are universally unique.
vi. Currently there are two versions of IP addresses being used:
a. IPv4: 32 bit address, capable of supporting 232 nodes
b. IPv6: 128 bit address, capable of supporting 2128 nodes.
3. Port Address
viii. A logical address facilitates the transmission of data from source to destination
device. But the source and the destination both may be having multiple
processes communicating with each other.
Ex. Users A & B are chatting with each other using Google Talk. Users B & C
are exchanging emails using Hotmail. The IP address will enable transmitting
data from A to B, but still the data needs to be delivered to the correct process.
The data from A cannot be given to B on yahoo messenger since A & B are
communicating using Google Talk.
ix. Since the responsibility of the IP address is over here there is a need of
addressing that helps identify the source and destination processes. In other
words, data needs to be delivered not only on the correct device but also on the
correct process on the correct device.
x. A Port Address is the name or label given to a process. It is a 16 bit address.
xi. Ex. TELNET uses port address 23. HTTP uses port address 80.

4. Specific Address
i. Port addresses address facilitates the transmission of data from process to
process but still there may be a problem with data delivery.

For Ex: Consider users A, B & C chatting with each other using Google Talk.
Every user has two windows open, user A has two chat windows for B & C,
user B has two chat windows for A & C and so on for user C.

Now a port address will enable delivery of data from user A to the correct
process (in this case Google Talk) on user B but now there are two windows
of Google Talk for user A & C available on B where the data can be delivered.

ii. Again the responsibility of the port address is over here and there is a need of
addressing that helps identify the different instances of the same process.
iii. Such address are user friendly addresses and are called specific addresses.
iv. Other Examples: Multiple Tabs or windows of a web browser work under the
same process that is HTTP but are identified using Uniform Resource
Locators (URL). Emails addresses.
 39
IP PROTOCOL – IPV4
Packets in the IPv4 format are called datagram. An IP datagram consists of a header part and a text
part (payload). The header has a 20-byte fixed part and a variable length optional part. It is
transmitted in big-endian order: from left to right, with the high-order bit of the Version field going
first.
IPv4 can be explained with the help of the following points:
1. IP addresses
2. Address Space
3. Notations used to express IP address
4. Classfull Addressing
5. Subnetting
6. CIDR
7. NAT
8. IPv4 Header Format

IP addresses
Every host and router on the Internet has an IP address, which encodes its network number and host
number. The combination is unique: in principle, no two machines on the Internet have the same IP
address. An IPv4 address is 32 bits long
They are used in the Source address and Destination address fields of IP packets.
An IP address does not refer to a host but it refers to a network interface.

Address Space
An address space is the total number of addresses used by the protocol. If a protocol uses N bits to
define an address, the address space is 2N because each bit can have type different values (0 or 1) and
N bits can have 2N values.
IPv4 uses 32-bit addresses, which means that the address space is 232 or 4,294,967,296 (more than 4
billion).
Notations
There are two notations to show an IPv4 address:
1. Binary notation
The IPv4 address is displayed as 32 bits.
Ex. 11000001 10000011 00011011 11111111
2. Dotted decimal notation
To make the IPv4 address easier to read, Internet addresses are usually written in decimal form with
a decimal point (dot) separating the bytes.
Each byte (octet) is 8 bits hence each number in dotted-decimal notation is a value ranging from 0 to
255.
Ex. 129.11.11.239

Classful addressing
In classful addressing, the address space is divided into five classes: A, B, C, D, and E.
 40

32 Bits

Range of host
Class address

1.0.0.0 to
A 0 Network Host 127.255.255.255

128.0.0.0 to
B 10 Network Host 191.255.255.255

192.0.0.0 to
C 110 Network Host

224.0.0.0 to
D 1110 Multicast address 239.255.255.255

240.0.020 to
E 1111 Reserved for future use 255.255.255.255

Figure: Classful addressing : IPv4

Netid and Hostid

In classful addressing, an IP address in class A, B, or C is divided into netid and hosted.
These parts are of varying lengths, depending on the class of the address as shown above.
Information on the Number of networks and host in each class is given below:

Class Number of Networks Number of Hosts Application

A 128 16,777,216 Unicast
B 16,384 65,536 Unicast
C 2,097,152 256 Unicast
D 1 268,435,456 Multicast
E 1 268,435,456 Reserved

The IP address 0.0.0.0 is used by hosts when they are being booted.
All addresses of the form 127.xx.yy.zz are reserved for loopback testing, they are processed locally
and treated as incoming packets.

Subnetting
It allows a network to be split into several parts for internal use but still act like a single network to
the outside world.
To implement subnetting, the router needs a subnet mask that indicates the split between network +
subnet number and host. Ex. 255.255.252.0/22. A‖/22‖ to indicate that the subnet mask is 22 bits
long.

Consider a class B address with 14 bits for the network number and 16 bits for the host number
where some bits are taken away from the host number to create a subnect number.
 41

32 Bits

10 Network Subnet Host

Subnet
mask 1111111111111111111111000000000
0

Fig: A Class B network subnetted into 64 subnets

If 6 bits from the host Id are taken for subnet then available bits are:
14 bits for network + 6 bits for subnet + 10 bits for host
With 6 bits for subnet the number of possible subnets is 26 which is 64.
With 10 bits for host the number of possible host are 210 which is 1022 (0 & 1 are not available)

CIDR
A class B address is far too large for most organizations and a class C network, with 256 addresses is
too small. This leads to granting Class B address to organizations who do not require all the address
in the address space wasting most of it.

This is resulting in depletion of Address space.

A solution is CIDR (Classless InterDomain Routing). The basic idea behind CIDR, is to
allocate the remaining IP addresses in variable-sized blocks, without regard to the classes.

NAT (Network Address Translation)

The scarcity of network addresses in IPv4 led to the development of IPv6.
IPv6 uses a 128 bit address, hence it has 2128 addresses in its address space which is larger than 232
addresses provided by IPv4.
Transition from IPv4 to IPv6 is slowly occurring, but will take years to complete, because of legacy
hardware and its incompatibility to process IPv6 address.

NAT (Network Address Translation) was used to speed up the transition process.

The only rule is that no packets containing these addresses may appear on the Internet itself. The
three reserved ranges are:

10.0.0.0 – 10.255.255.255/8 (16,777,216 hosts)

172.16.0.0 – 172.31.255.255/12 (1,048,576 hosts)
192.16 8.0.0 – 192.168.255.255/16 (65,536 hosts)

Operation:
Within the Organization, every computer has a unique address of the form 10.x.y.x. However, when
a packet leaves the organization, it passes through a NAT box that converts the internal IP source
address, 10.x.y.z to the organization through IP address, 198.60.42.12 for example.
 42

32
bits
Version IHL Type of Service Total Length

Identification
DM Fragment Offset
F F
Time to live Protocol Header checksum

Source Address

Destination Address

Options (0 or more)

Figure: The IPv4 (Internet Protocol) header

The description of the fields shown in the diagram is as follows:

No Field Name Description

1 Version Keeps track of the version of the protocol the datagram
belongs to (IPv4 or IPv6)
2 IHL Used to indicate the length of the Header. Minimum value
is 5 Maximum value is 15
3 Type of service Used to distinguish between different classes of service
4 Total length It includes everything in the datagram – both header and
data. The maximum length is 65,535 bytes
5 Identification Used to allow the destination host to identify which
datagram a newly arrived fragment belongs to. All the
fragments of a datagram contain the same identification
value
6 DF 1 bit field. It stands for Don‘t Fragment Signals the routers
not to fragment the datagram because the destination is
incapable of putting the pieces back together again
7 MF MG stands for More Fragments. All fragments except the
last one have this bit set. It is needed to know when all
fragments of a datagram have arrived.
8 Fragment offset Used to determine the position of the fragment in the current
datagram.
9 Time to live It is a counter used to limit packet lifetimes. It must be
decremented on each hop. When it hits zero, the packet is
discarded and a warning packet is sent back to the source
host.
10 Header checksum It verifies Header for errors
11 Source address IP address of the source
 43
12 Destination address IP address of the destination
13 Options The options are variable length. Originally, five options
were defined:
1. Security : specifies how secret the datagram is
2. Strict source routing : Gives complete path to be
followed
3. Loose source routing : Gives a list of routes not to
be missed
4. Record route : Makes each router append its IP
address
5. Timestamp : Makes each router append its IP
address and timestamp

DATA SWITCHING PRINCIPLES

A data switched network consists of a series of interlinked nodes, called switches. Switches are
devices capable of creating temporary connections between two or more devices linked to the switch.
In a switched network, some of these nodes are connected to the end systems (computers or
telephones, for example). Others are used only for routing. The following Figure shows a switched
network.

The end systems (communicating devices) are labeled A, B, C, D, and so on, and the switches are
labeled I, II, III, IV, and V. Each switch is connected to multiple links.

These are three different types of data switching principles that are employed, namely
a) circuit switching
b) message switching
c) packet switching

Circuit Switching: A circuit-switched network consists of a set of switches connected by physical

links. A connection between two stations is a dedicated path made of one or more links. However,
each connection uses only one dedicated channel on each link. Each link is normally divided into n
channels by using FDM or TDM.
The following figure shows a trivial circuit-switched network with four switches and four links. Each
link is divided into n (n is 3 in the figure) channels by using FDM or TDM.
 44

Fig. 9 Circuit switching establishes a path between two devices.

The end systems, such as computers or telephones, are directly connected to a switch. When end
system A needs to communicate with end system M, system A needs to request a connection to M
that must be accepted by all switches as well as by M itself. This is called the setup phase. A circuit
(channel) is reserved on each link, and the combination of circuits or channels defines the dedicated
path. After the dedicated path made of connected circuits (channels) is established, data transfer can
take place. After all data have been transferred, the circuits are tom down. Circuit switching takes
place at the physical layer.
The actual communication in a circuit-switched network requires three phases:
Connection setup
Data transfer and
Connection teardown

Much as telephone system using circuit switching equipment establishes a route between two
telephones, circuit-switching networks establish a path through the Internet work when the device
initiates a conversation.

The advantages of circuit switching are transparency and very low transmission delays, and it is
attractive for networks that carry a constant traffic.

Disadvantages of Circuit Switching:

1. Individual circuits are established and maintained that have a permanently allocated
transmission capacity. This gives very inefficient usage of the line capacity for burst-like data
applications, since sometimes no data is being transferred over the circuit.
2. Error control is not provided
3. Both terminals must be operative at the same time in order to be able to communicate.
4. Both terminals must operate at the same transmission speed.
5. Establishing a connection between devices can be time-consuming.
6. Because other traffic cannot share the dedicated media path, bandwidth might be inefficiently
utilized.
7. Circuit switching networks must have a surplus of bandwidth, so these type of switched tend
to be expensive to construct.

a) Message Switching (based on store and forward principles)

In a message-switching system a message is transmitted by a terminal to its nearest switching centre
(switch) without any need to wait until a link has been set up with the destination terminal. The
 45
message is stored at this switching centre that is nearer to the destination terminal; here it will be
stored until the terminal is ready to accept the message.
Message switching treats each message as an independent entity. Each message carries address
information that describes the message‘s destination, and this information are used at each switching
centre to transfer the message to the next switching centre in the route.
Message switches are programmed with information concerning other switches in the network that
can be used to forward messages to their destinations. Message switches also may be programmed
with information about the most efficient routes.
Depending on network conditions, different message may be sent through the network by different
route, as shown in figure 10.

S2 S4

A S1 S6 B

S3 S5

Figure. 10: Message switching forwards the complete message one switch at a time.

Message switching transfers the complete message from one switch to the next, where the message
stored before being forwarded again. Because each message is stored before being sent on to the next
switch, this type of network frequently is called a store-and-forward network. The message switches
often are general-purpose computers and must be equipped with sufficient storage (usually hard
drives) to enable them to store message until forwarding is possible. Message switching commonly is
used in e-mail because some delay is permissible when two computers exchange data in real time.
Message switching uses relatively low-cost devices to forward messages and can function well with
relatively slow communication channels.
Message switching offers the following advantages:
1) Data channels are shared among communicating devices, improving the efficiency of using
available bandwidth i.e. No dedicated path is required.
2) Message switches can store messages until a channel becomes available, reducing sensitivity
to network congestion.
3) Message priorities can be used to manage network traffic.
4) Broadcast addressing uses network bandwidth more efficiently by delivering message to
multiple destinations.
5) If the traffic flow is heavy calls are not blocked but merely delayed.
The chief disadvantage of message switching is that message switching is not suited for real-time
applications, including data communication, video, and audio.

b) Packet Switching
Packet switching attempts to further increase line utilization, system throughput, and some aspects of
IMP buffer management by dividing longer messages into fixed-size chunks called packets.
Different packets may then be sent via different routes and reassembled at the destination for
delivery to the recipient. Figure 4.11a, show the packet switching principle.
 46
1

S2 S4 2 2
4 1

1 2 3 4 4 4 3 2 1
A S1 2
S6 B

3 2 4 3
4 3
S3 S5

Fig. 4.11a Packet switching breaks up the message into smaller pieces that are routed independently.

A packet-switched network consists of a number of packet-switching exchanges (PSE) that are

interconnected by time-division multiplexed high-speed lines. Each user of the network can have a
wide variety of terminals, including dumb terminals, front-end processors, routers, and PAD (Packet
Assembler/Disassembler), and is connected to the nearest PSE by a data line. Each message that is
transmitted into the packet-switched network must first be divided into a number of packets before it
enters the network.
Each packet has specified format and may be up to 1024 bits in length, and it is transmitted
separately through the network. When a packet reaches the local PSE it is enveloped with a header
and a trailer as shown in figure 4.11b.

Eight-bit 16-bit Message 24-bit 8-bit 8-bit 8-bit flag

flag CRC Max. 1024 Packet Control address
bits Header field

Frame Trailer Frame Header

Fig. 4.11b Packet Format

Example of packet switching protocol is the X.25. The packet header follows the X.25
recommendations and the frame header and trailer follow the HDLC protocol. The two start flags
define the beginning and the end of the frame within which the error detection process is applied.
The flag sequence is 0111 1110 and must not be allowed to appear anywhere else inside the packet.
As each terminal transmits a message it monitors the transmitted packets and if five consecutive 1‘s
should be detected, other in a flag, in will immediately bit stuff a 0. At the receiving end the
incoming packets are again monitored and whenever five 1‘s followed by a 0 arrived, the 0 will be
discarded or bit stripped.
The eight – bit address field does not give the address of either the source or the destination
terminal (this is given in the packet header). Instead, the address is a code that is used to indicate
whether a frame is one that just been originated; known as a command frame or whether it is an
acknowledgement, known as a response frame. This makes is possible for the network to
distinguish between a frame that contains data that must be passed on to another PSE, or to a
terminal, and a frame that can be discarded. There are just two possible addresses:
00000011 is address A, while 00000001 is address B.
Each bit in the eight -bit control field has a separate function among them are:

The first bit transmitted is set to 0 to indicate an information frame, and is set to 1 to indicate either
a supervisory frame (i.e., one used in the setting up of virtual circuit) or an unnumbered frame (i.e.,
one concerned with the acknowledgement involved with setting-up and with error control). There are
 47
three types of supervisory frame: the receive ready frame (RR), the receive not ready frame (RNR),
and the reject frame (REJ).
If a frame is transmitted but is not acknowledged it will after a certain time retransmitted.

Bits 2, 3 and 4 indicate the number of a frame (0 to 7) using binary arithmetic, and bits 6, 7 and 8
indicate the number of the next frame that is expected in the opposite direction.
The fifth bit is the poll/final bit and it is normally set at 0. When it is at 1, either the retransmission of
the packet is requested, or the packet is one that has been retransmitted.
The 24 bit packet header field holds the address of the source and destination terminals. The 16-bit
CRC field is used for detection of transmission error.
Advantages of Packet Switching
1) Packet switching optimizes the use of bandwidth by enabling many devices to route packets
through the same network channels. At any given time, a switch can route packets to several
different destination devices, adjusting the routes as required to achieve the best efficiency.
2) Because entire messages are not stored at the switches prior to forwarding, transmission
delays are significantly shorter than delays encountered with message switching.
Several methods of packet switching exist. Two common methods, which are supported by the
transport layer are: virtual circuit and datagram. These are called connection- oriented and
connectionless services, respectively.
(a) Virtual circuit: A virtual circuit is modeled after the phone system. In a virtual circuit a
logical communication channel is established and remained fixed between two hosts for the
purposes of a conversation. A virtual circuit reliably delivers messages in the order they were
sent. The mode of communication that uses virtual circuits is called connection oriented
service, because it requires the interested parties to explicitly establish a communication link
in order to exchange message.

(b) Datagram: Datagram service is modeled after the postal service, where individual messages
are sent independently and without prior handshaking. A datagram is regarded as an
unreliable message delivery mechanism because receipt of messages is not acknowledged. In
most cases messages sent as datagrams may be lost or received out of order.

Quality of service (QoS)

Quality of service (QoS) is a set of technologies that work on a network to guarantee its ability to
dependably run high-priority applications and traffic under limited network capacity. QoS
technologies accomplish this by providing differentiated handling and capacity allocation to specific
flows in network traffic. This enables the network administrator to assign the order in which packets
are handled and the amount of bandwidth afforded to that application or traffic flow.

Types of Traffic on the Network

To understand QoS, you must understand the traffic types it measures. Measurements of concern to
QoS are:
1. Bandwidth (maximum rate of transfer) — the speed of a link
2. Throughput (actual rate of transfer)
3. Latency (delay) — the amount of time it takes for a packet to traverse the network, from
source to destination
4. Jitter (variance in latency) — when packets don‘t arrive in the same order they were sent
QoS is key to:
 Voice and video applications
 Email
 Interactive applications
 Batch applications
 48
 Online purchasing
For example, high-bandwidth, real-time data traffic such as voice over IP (VoIP), video conferencing
and video-on-demand have high sensitivity to latency and jitter. These applications, with minimum
bandwidth requirements and maximum latency limits, are called ―inelastic.‖
How QoS Technologies Work
 As businesses depend on the network to transmit information between endpoints, that data is
formatted into packets. Network packets allow computers to organize the data similarly to
envelopes packed with letters sent through the postal service.
 Essentially, the job of QoS software is to prioritize network packets to maximize the fixed
amount of network bandwidth. The network can only transmit a limited amount of data at
once. Therefore, QoS gives priority to the appropriate packets. Bandwidth is strategically
allocated to deliver the highest service levels in a limited amount of time.

For example, video call packets are priority over email download packets because video
conferences occur in real time. Should a packet drop or be delayed, meeting participants
could suffer a degraded end-user experience. When it comes to emails, packet loss will not
cause service lapses for end users.
 The QoS networking mechanisms for ordering packets and allotting bandwidth are queuing
and bandwidth management, respectively. Before they can be implemented, however, traffic
must be differentiated using classification tools.
 The classification of traffic according to policy ensures consistency and adequate availability
of network resources for the most important applications.

The QoS tool views packet headers in order to successfully prioritize. The packet header
contains information about the packet like where it came from, and where it‘s going. If the
QoS tool determines it is a packet for a video call, it will give the packet priority over less
time-sensitive packets.

Traffic can be classified crudely by port or IP, or using a more sophisticated approach such as
by application or user. The latter parameters allow for more meaningful identification and
consequently classification of the data.
 Next, queuing and bandwidth management tools are assigned rules to handle traffic and data
flows. Rules are specific to the classification they received upon entering the network.

The queuing mechanism allows for packets within traffic flows to be stored until the network
is ready to process it. Priority queuing (PQ) ensures necessary availability and minimal
latency of network performance. The most important applications and traffic are assigned
priority and bandwidth based on their classification.

This ensures the most important activities on a network are not starved of bandwidth by
activities of lower priority. Applications, users and traffic can be batched in up to eight
differentiated queues.
Bandwidth management mechanisms measure and control traffic flows on the network. Preventing
exceeding its capacity allows for network congestion avoidance that occurs.
Mechanisms for bandwidth management include:
1. Traffic shaping — a rate limiting technique used to optimize or guarantee performance and
increase usable bandwidth where necessary.
2. Scheduling algorithms — algorithms that offer varied methods for providing bandwidth to
specific traffic flows.
 49

Why QoS Is Important

In the absence of QoS, network data becomes disorganized and congests the network. This often
leads to severe network performance degradation or even a complete network shutdown.
Businesses face the need to provide reliable, consistent services for both staff and customers. Since
QoS shapes the user experience, reputation can be negatively impacted when services are unstable.
Moreover, when QoS is low, security and data integrity can be jeopardized. People depend on the
communication services to work, and poor QoS leads to poor work quality.
Ultimately, QoS mechanisms give network administrators the power to prioritize applications as
determined by the needs of the business. This makes it easy to assign higher importance to
particularly data delivery types over others.
Live video meetings, media streaming, online training and more are essential to business operations.
QoS is necessary to prevent compromised data delivery due to high network traffic levels.

Benefits of QoS
Historically, business networks functioned separately. Computers and servers were usually
connected to one network, and phone calls another. The only exception was if a computer relied on a
telephone line to access the internet. Consequently, networks were only transmitting data, making
speed less critical.
Today businesses rely on applications designed to carry audio and video content for meetings,
presentations and even virtual conferences. These types of applications must be delivered at high
speed.
QoS ensures critical applications requiring high bandwidth for real-time traffic can perform at high
levels:
 It ensures the availability of the network as well as the applications that run on it.
 Critical applications have access to the resources they require to run successfully.
 User experience is improved as data is transported through the network efficiently and
securely without disruption.
 Bandwidth is used more efficiently, which reduces costs by eliminating the need to upgrade
bandwidth.
 Administrators can more effectively manage traffic.

QoS Use Cases

QoS can be used to achieve outcomes such as the following:
 Prioritize network and application traffic, guaranteeing high priority to important traffic or
limiting non-essential traffic.
 Achieve equal bandwidth sharing among different subnets, classes or users in a network.
 Allocate bandwidth externally or internally or both, applying QoS to both upload and
download traffic or to only upload or download traffic.
 Ensure low latency for customer- and revenue-generating traffic in an enterprise
environment.
 Perform traffic profiling of applications to ensure bandwidth usage.

How to Implement QoS

A successful QoS implementation includes three main stages:
1. Strategically define business objectives to be achieved using QoS.
2. Determine service-level requirements of traffic classes.
3. Design and test QoS policies.
Ongoing service level monitoring, adjustments and tuning of QoS policies should always follow a
successful QoS policy deployment. Business conditions are always changing, so organizations must
adapt the QoS deployment cycle accordingly. This can include:
 Starting the QoS deployment cycle over
 50
 Redefining objectives
 Testing and tuning designs
 Deployment of new designs
 Monitoring

Wireless Local Area Network (WLAN)

A wireless local area network (WLAN) is a flexible data communications system implemented as an
extension to, or as an alternative for, a wired LAN. Using radio frequency (RF) technology,
Wireless LANs transmit and receive data over the air, minimizing the need for wired connectivity
with user mobility.

Wireless in the Last Century

In the past quarter century, advances in wireless technology have provided an insatiable demand for
mass-market peer-to-peer voice communication. Consider the citizen-band radio craze, the walkie-
talkie market, the interconnection between radios and the public telephone system, and the cellular
phones. This huge demand has precipitated a compelling impetus for improving wireless systems
just within the past two decades. First there was the transmission of exact time over radio waves,
then the ability to determine where you were to within a few meters, anywhere on the globe, via the
global positioning system (GPS). Benefits of wireless LAN (WLAN) over traditional wired
networks, include:
(i) Productivity
(ii) Convenience and
(iii) Cost effective

Characteristics of WLAN: Basic characteristics of WLAN include the following:

(i) Mobility: WLAN systems can provide LAN users with access to real-time information
anywhere in their organization. This mobility supports productivity and service opportunities
not possible with wired networks.
(ii) Installation Speed and Simplicity: Installing a wireless LAN system can be fast and easy
and can eliminate the need to pull cable through walls and ceilings.
(iii) Installation Flexibility: Wireless technology allows the network to go where wire cannot go.
This is rooted in the old adage of the real estate business, location, location, and location.
Individuals and industries choose wireless because it allows flexibility of location.
(v) Reduced Cost-of-Ownership: While the initial investment required for WLAN hardware
can be higher than the cost of wired LAN hardware, overall installation expenses and life-
cycle costs can be significantly lower. Long-term cost benefits are greater in dynamic
environments requiring frequent moves and changes.
(v) Scalability: WLAN systems can be configured in a variety of topologies to meet the needs
of specific applications and installations. Configurations are easily changed and range from
peer-to-peer networks suitable for a small number of users to full infrastructure networks of
thousands of user that enable roaming over a broad area.

Wireless LAN Technologies

Manufacturers of wireless LANs have a range of technologies to choose from when designing a
wireless LAN solution. Each technology comes with its own set of advantages and limitations.
1. Narrowband Microwave Technology: A narrowband radio system transmits and receives
user information on a specific radio frequency. Narrowband radio keeps the radio signal
frequency as narrow as possible just to pass the information. Undesirable crosstalk between
communications channels is avoided by carefully coordinating different users on different
channel frequencies. A private telephone line is much like a radio frequency. When each
home in a neighborhood has its own private telephone line, people in one home cannot listen
to calls made to other homes. In a radio system, privacy and noninterference are
 51
accomplished by the use of separate radio frequencies. The radio receiver filters out all radio
signals except the ones on its designated frequency.
From a customer standpoint, one drawback of narrowband technology is that the end-
user must obtain an FCC license for each site where it is employed.
2. Spread Spectrum Technology (SST): Most wireless LAN systems use spread spectrum
technology; a wireband radio frequency technique developed by the military for use in
reliable, secure, mission-critical communications systems. Spread-spectrum is designed to
trade off bandwidth efficiency for reliability, integrity, and security. In other words, more
bandwidth is consumed than in the case of narrowband transmission, but the tradeoff
produces a signal that is, in effect, louder and thus easier to detect, provided that the receiver
knows the parameters of the spread-spectrum signal being broadcast. If a receiver is not
tuned to the right frequency, a spread-spectrum signal looks like background noise. There are
two types of spread spectrum radio: frequency hopping and direct sequence.
(a) Frequency-Hopping Spread Spectrum Technology (FHSS): Frequency-hopping spread-
spectrum (FHSS) uses a narrowband carrier that changes frequency in a pattern known to
both transmitter and receiver. Properly synchronized, the net effect is to main a single logical
channel. To an unintended receiver, FHSS appears to be short-duration impulse.
(b) Direct-Sequence Spread Spectrum Technology: Direct-sequence spread-spectrum (DSSS)
generates a redundant bit pattern for each bit to be transmitted. This bit pattern is called a
chip (or chipping code). The longer the chip, the greater the probability that the original data
can be recovered (and, of course, the more bandwidth required). Even if one or more bits in
the chip are damaged during transmission, statistical techniques embedded in the ratio can
recover the original data without the need for retransmission. To an unintended receiver.
DSSS appears as low-power wideband noise and is rejected (ignored) by most narrowband
receivers.
3. Infrared Technology: A third technology, little used in commercial wireless LANs, is
infrared. Infrared (IR) systems use very high frequencies, just below visible light in the
electromagnetic spectrum, to carry data. An individual cell of an IR LAN is limited to a
single room because IR light does not penetrate opaque walls. Like light, IR cannot penetrate
opaque objects; Three transmission techniques are used: i) Directed beam IR; (ii)
omnidirectional configuration and (iii) Diffused configuration. Inexpensive directed systems
provide very limited range (3ft) and typically are used for personal area networks but
occasionally are used in specific wireless LAN applications. High performance directed IR is
impractical for mobile users and is therefore used only to implement fixed sub-networks.
Diffuse (or reflective) IR wireless LAN systems do not require line-of-sight, but cells are
limited to individual rooms.

4. Bluetooth: Developed by engineers at Ericsson in the late 1990s, Bluetooth is an

increasingly popular technology that enables short-range wireless communication between a
variety of electronic devices. Its most significant feature is that it allows devices to "talk"
(transfer and synchronize data) wirelessly with one another, eliminating the need for the
seemingly endless tangle of cords, cables, and adapters necessary for a lot of today's
technology.

The Bluetooth Special Interest Group (SIG) was founded in 1998 to oversee the development
and introduction of Bluetooth technology. Intel, IBM, Nokia, and Toshiba joined Ericsson as
the founding members of the SIG, and more than 8,000 companies have signed on since.

The Bluetooth wireless specification got its name from Harald Blaatand (translates to
"Bluetooth"), a 10th-century Danish king who used diplomacy to negotiate a truce between
two feuding factions. In fact, the Bluetooth logo is an overlay of the Danish characters for the
king's initials: H.B.
 52
Typically, devices with Bluetooth technology have a range of 10 meters (about 30 feet), and
data transfer rates up to 3 megabits (375 kilobytes) per second. That makes Bluetooth
technology suitable for transferring smaller files such as text documents and cell phone
contacts, as well as lower-quality images and audio. At these transfer speeds, Bluetooth can't
really handle streaming video or high-quality images and audio at this point, but this may
change in the future when new Bluetooth standards are introduced.

5. Wifi -based on IEEE802.11

Wifi is the name of a popular wireless networking technology that uses radio waves to
provide wireless high-speed internet and network connections. Wifi is a trade marked phrase
that means IEEE 802.11x such as IEEE802.11b, IEEE802.11a, etc.
How it Works?
Wifi works with no physical wired connection between sender and receiver by using radio
frequency (RF) technology using 2.4GHz and 5 GHz. When an RF current or signal is
supplied to an antenna, an electromagnetic field is created that then is able to propagate
through space. The corner stone of any wireless network is an access point (AP) or Hotspot.
The primary job of an AP is to broadcast a wireless signal that computers can detect and
―tune into‖. In order to connect to an AP and join a wireless network, computers and devices
must be equipped with wireless adapter (NIC).

Example and Design Considerations of a Network System

As a network administrator, assuming you are tasked with the responsibility of setting up a network
for the department with the following features: ability to share files within the department, ability to
send emails within the department intranet, a robust internet connection link with a considerable
speed able to serve all staff and student, and designed to allow for easy management and expansion.
Write a comprehensive proposal for the network under the following headings with clear reasons for
your choice where applicable: network topology, network architecture, networking devices to be
integrated and their specifications, proposed network diagram and a bill of engineering quantity for
the Job.

Solution:
a. The features to be considered while setting up the network will involve deploying specific servers on the
network to perform those tasks and other facilities. The server/facilities to be integrated include:
1. File server: the file server will handle the file sharing need of the network
2. Email server: the email server will manage the protocols that will enable mails to be shared locally by
the departmental staff/student
3. Broadband internet link: a broadband link with considerable speed is required to provide internet
access for close to 500 users.

The proposal
Topology description:
Conventional topology for this kind of network will be the hybrid (star-star). The department has
three floors (ground, first and second floor).
 Each floor will have between 2-4 access point depending on the coverage ability of the particular
equipment deployed
 Each floor will be connected to a central switch which is located at the network operating centre
(NOC)
 The switch is then connected to the edge router that connects the entire network to the broadband
internet link
 All servers are located at the NOC and connected to the switch.

The diagram below shows the topology ( Note: basic equipment like routers, switches and access
points are to be used and no particular order of arrangement as students view of the network will
defer)
 53
Network architecture:
Client server architecture will be ideal for the network.
 The network requires some servers (email, file, DHCP servers etc)
 Users should not have control of the network

Networking Devices
Unit Device Specification Remark
1 Router High end industrial routers Used for connecting the NOC to the internet
link. Can perform NAT
2 Switch High end industrial switches Connects the Access points and servers
together
6 Access Access points able carry 100 Each floor will have two access points each.
points users at a time

Network diagram

Note: network diagram will vary but should portray the basic concept of star-star topology
Bill of engineering quantity
Item Unit Cost per unit (N) Total cost
Router 1 450,000 450,000
Switch 2 250,000 250,000
Access points 6 150,000 900,000
Email server 1 1,200,000 1,200,000
File server 1 1,200,000 1,200,000
Internet link 1 2,000,000 2,000,000
Cabling cat 6 I caton cat 6 45,000 45,000
Cabling fiber 1500m fiber cable 2,500,000 2,500,000
Total
Note: cost and table structure are not necessarily going to follow same structure above.

Implementation of Wireless Local Area Network

We shall examine one example of Wireless Local Area Network Applications namely: GSM only.
Global System for Mobile-Communication (GSM)
The quest for GSM is the need to be accessible everywhere, whether at work or play, in the
office or at home. To meet this demand, the GSM standard (Global System for Mobile
 54
Communications) for mobile telephony was introduced in the mid-1980s. Today, GSM is the most
popular mobile radio standard in the world. A boom is also underway, in a way that many GSM
users will find life without their phone practically inconceivable.
Nowadays, when we speak of GSM, we usually mean ―original‖ GSM-also known as
GSM900 since 900MHZ was the original frequency band. To provide additional capacity and enable
higher subscriber densities, two other systems were added later: GSM1800 and GSM1900.
Compared to GSM900, GSM1800 and GSM1900 differ primarily in the air interface. Besides, using
another frequency band, they use a micro- cellular structure (i.e, a smaller coverage region for each
radio cell). This makes it possible to reuse frequencies at closer distances, enabling an increase in
subscriber density.
A disadvantage is the higher attenuation of the air interface due to the higher frequency. Let
us take a detailed study of the GSM900.
Generally, GSM became popular because it provided improved speech quality and through a uniform
international standard, made it possible to use a single telephone number and mobile unit around the
world. The European Telecommunications standardization Institute (ETSI) adopted the GSM
standard in 1991, and GSM is now used in over 135 countries.

Benefits of GSM: The benefits of GSM include:

 Support for international roaming;
 Distinction between user and device identification.
 Excellent speech quality;
 Wide range of services;
 Inter working with (e.g. with ISDN etc);
 Extensive security features

G.S.M. System Architecture

A GSM network can be divided into three groups as shown in figure 12 below.
OMC

MS BTS BSC MSC

HLR

VLR

EIR
AUC
Figure 12. GSM Architecture
These are the mobile station (MS), the base station subsystem (BSS) and the network subsystem.
(1) The Mobile Station: A mobile station (MS) may be referred to as a ―handset‖, a ―mobile‖, a
portable terminal or mobile equipment (ME). It also includes a subscriber identity module (SIM)
that is normally removable. Each SIM card has a unique identification number called IMSI
(International Mobile Subscriber Identity). In addition, each MS is assigned a unique hardware
identification called IMEI (for International Mobile Equipment Identity). In some of the newer
applications (e.g. Data communications) an MS can also be a terminal that acts as a GSM interface;
e.g. for a laptop computer. In this new application, the MS does not look like a normal GSM
telephone. The seemingly low price of a mobile phone can give the (false) impression that the
product is not of high quality. Besides providing a transceiver (TRX) for transmission and reception
 55
of voice and data, the MS also performs a number of very demanding tasks such as authentication,
handover, encoding and channel encoding.

(2) The Base Station Subsystem (BSS): The BSS is made up of the based station controller
(BSC) and the base transceiver station (BTS).
BSC: The primary function of the BSC is call maintenance. The mobile stations normally send a
report of their received signal strength to the BSC every 480ms. With this information the BSC
decides to initiate handovers to other cells, change the BTS transmitter power, etc.
BTS: GSM uses a series of radio transmitters called BTSs to connect the mobiles to a cellular
network. Their tasks include:
 Channel coding/decoding and
 Encryption/decryption.
A BTS is comprised of radio transmitters and receivers, antennas, the interface to the pulse code
modulation (PCM) facility, etc. The BTS may contain one or more transceivers to provide the
required call handling capacity. A cell site may be omni-directional or split into typical three
directional cells.

The Mobile Switching Center (MSC): The MSC acts like a standard exchange in a fixed network
and additionally provides all the functionally needed to handle a mobile subscriber.
The main functions are:
 Registration;
 Authentication;
 Location updating;
 Handovers and
 Call routing to a roaming subscriber.
If the MSC also has a gateway function for communicating with other networks, it is called Gateway
MSC (GMSC).
The home location register (HRL): The HLR is a database used for management of mobile
subscribers. It stores the international mobile subscriber identity (IMSI), mobile station ISDN
number (MSISDN) and current visitor location register (VLR) address. The main information stored
here concerns the location of each mobile station in order to be able to route calls to the mobile
subscribers managed by each HLR. The HLR also maintains the services associated with each MS.
One HLR can serve several MSCs.

The visitor location register (VLR): Contains the current location of the MS and selected
administrative information from the HLR, necessary for call control and provision of the subscribed
services, for each mobile currently located in the geographical area controlled by the VLR. A VLR
is connected to one MSC and is normally integrated into the MSC‘s hardware.
The Authentication Center (AuC): This is a protected database that holds a copy of the secret key
stored in each subscriber‘s SIM card which is used for authentication and encryption over the radio
channel. The AuC provides additional security against fraud. It is normally located close to each
HLR within a GSM network.

The Equipment Identity Register (EIR): The EIR is a database that contains a list of all valid
mobile station equipment within the network, where each mobile station is identified by its
international mobile equipment identity (IMEI). The EIR has three databases:
(i) White list: for all known good IMEIs,
(ii) Black list: for bad or stolen handset,
(iii) Grey list: for handsets/IMEIs that are uncertain.

Operation and Maintenance Center (OMC): The OMC is a management system that oversees the
GSM functional blocks. The OMC assists the network operator in maintaining satisfactory operation
 56
of the GSM network. The OMC is responsible for controlling and maintaining the MSC, BSC and
BTS. It can be in charge of an entire public land mobile network (PLMN) or just some parts of the
PLMN.
Figure 13 illustrates a hierarchy for an overlaying cellular network. Each unit object is associated
with a parent cell object, which represents a geographical area serviced by one base station (BS).
Each cell object is associated with a parent base station controller (BSC) object, which is also
associated with a parent mobile systems controller (MSC) object. Finally, each MSC object is
Cell object
associated with a parent central office (CO) object.

Cell Cell Cell BSc object

MSc object CO

BSc1

Unit object

Cells

BSc2

Cell Cell Cell

Fig. 13: Object hierarchy

GSM protocols are divided into three layers as follows:
Layer 1: Physical layer
 Enables physical transmission (TDMA, FDMA);
 Assessment of channel quality;
 Except on the air interface.
Layer 2: Data Link layer
 Multiplexing of one or more layer 2 connections;
 Error detection (based on HDLC);
 Flow control;
 Transmission quality assurance;
 Routing.
Layer 3: Network layer
 Connection management (air interface)
 Management of location data;
 Subscriber identification;
 Management of added services (call forwarding).

PROTECTION AND SECURITY

Security refers to providing a protection system to computer system resources such as CPU, memory,
disk, software programs and most importantly data/information stored in the computer system. If a
computer program is run by an unauthorized user, then he/she may cause severe damage to computer
or data stored in it. So a computer system must be protected against unauthorized access, malicious
access to system memory, viruses, worms etc. We're going to discuss the following topics in this
section.
 57

 Authentication
 One Time passwords
 Program Threats
 System Threats
 Computer Security Classifications

Authentication

Authentication refers to identifying each user of the system and associating the executing programs
with those users. It is the responsibility of the Operating System to create a protection system which
ensures that a user who is running a particular program is authentic. Operating Systems generally
identifies/authenticates users using following three ways:
 Username/Password − User need to enter a registered username and password with
Operating system to login into the system.
 User card/key − User need to punch card in card slot, or enter key generated by key
generator in option provided by operating system to login into the system.
 User attribute - fingerprint/ eye retina pattern/ signature − User need to pass his/her
attribute via designated input device used by operating system to login into the system.

One Time passwords

One-time passwords (OTPs) provide additional security along with normal authentication. In One-
Time Password system, a unique password is required every time a user tries to login into the
system. Once a one-time password is used, then it cannot be used again. One-time password are
implemented in various ways.
 Random numbers − Users are provided cards having numbers printed along with
corresponding alphabets. System asks for numbers corresponding to few alphabets randomly
chosen.
 Secret key − User are provided a hardware device which can create a secret id mapped with
user id. System asks for such secret id which is to be generated every time prior to login.
 Network password − Some commercial applications send one-time passwords to user on
registered mobile/ email which is required to be entered prior to login.

Program Threats

Operating system's processes and kernel do the designated task as instructed. If a user program made
these process do malicious tasks, then it is known as Program Threats. One of the common
example of program threat is a program installed in a computer which can store and send user
credentials via network to some hacker. Following is the list of some well-known program threats.
 Trojan Horse − Such program traps user login credentials and stores them to send to
malicious user who can later on login to computer and can access system resources.
 Trap Door − If a program which is designed to work as required, have a security hole in its
code and perform illegal action without knowledge of user then it is called to have a trap door.
 Logic Bomb − Logic bomb is a situation when a program misbehaves only when certain
conditions met otherwise it works as a genuine program. It is harder to detect.
 Virus − Virus as name suggest can replicate themselves on computer system. They are highly
dangerous and can modify/delete user files, crash systems. A virus is generatlly a small code
embedded in a program. As user accesses the program, the virus starts getting embedded in
other files/ programs and can make system unusable for user
 58
System Threats

System threats refers to misuse of system services and network connections to put user in trouble.
System threats can be used to launch program threats on a complete network called as program
attack. System threats creates such an environment that operating system resources/ user files are
misused. Following is the list of some well-known system threats.
 Worm − Worm is a process which can choked down a system performance by using system
resources to extreme levels. A Worm process generates its multiple copies where each copy
uses system resources, prevents all other processes to get required resources. Worms
processes can even shut down an entire network.
 Port Scanning − Port scanning is a mechanism or means by which a hacker can detects
system vulnerabilities to make an attack on the system.
 Denial of Service − Denial of service attacks normally prevents user to make legitimate use
of the system. For example, a user may not be able to use internet if denial of service attacks
browser's content settings.

Computer Security Classifications

As per the U.S. Department of Defense Trusted Computer System's Evaluation Criteria there are four
security classifications in computer systems: A, B, C, and D. This is widely used specifications to
determine and model the security of systems and of security solutions. Following is the brief
description of each classification.

S.N. Classification Type & Description

1
Type A
Highest Level. Uses formal design specifications and verification techniques. Grants a
high degree of assurance of process security.

2
Type B
Provides mandatory protection system. Have all the properties of a class C2 system.
Attaches a sensitivity label to each object. It is of three types.
 B1 − Maintains the security label of each object in the system. Label is used for
making decisions to access control.
 B2 − Extends the sensitivity labels to each system resource, such as storage
objects, supports covert channels and auditing of events.
 B3 − Allows creating lists or user groups for access-control to grant access or
revoke access to a given named object.

3
Type C
Provides protection and user accountability using audit capabilities. It is of two types.
 C1 − Incorporates controls so that users can protect their private information and
keep other users from accidentally reading / deleting their data. UNIX versions are
mostly Cl class.
 C2 − Adds an individual-level access control to the capabilities of a Cl level
system.
 59

4
Type D
Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this category.

A MODEL OF NETWORK SECURITY

In order to provide more understand on security, let us discuss network security. A model for
network security is illustrated in figure (below).

Trusted third-party
(e.g., arbiter, distributer
Of secret Information)
Sourc Message

Sourc Message
Information Security
Security-related channel related
transformation transformation
Message

Message
Secret Opponent Secret
Information Information
Fig. Model for Network security

A message is to be transferred from one party to another across some sort of Internet. The two
parties, who are the principals in this transaction, must cooperate for the exchange to take place. A
logical information channel is established by defining a route through the Internet from source to
destination and by the cooperative use of communication protocols (e.g., TCP/ IP) by the two
principals.
Security aspects come into play when it is necessary or desirable to protect the information
transmission from an opponent who may present a threat to confidentiality, authenticity and so on.
All the techniques for providing security have two components:
(i) A security-related transformation on the information to be sent. Examples include the
encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be
used to verify the identity of the sender;
(ii) Some secret information shared by the two principals and it is hoped, unknown to the
opponent. An example is an encryption key used in conjunction with the transformation
to scramble the message before transmission and unscramble it on reception.
A trusted third party may be needed to achieve secure transmission. For example, a third party may
be responsible for distributing the secret information to the two principals while keeping it from any
opponent. Or a third party may be needed to arbitrate disputes between the two principals concerning
the authenticity of a message transmission.
 60
This general model shows that there are four basic tasks in designing a particular security service:
1. Design an algorithm for performing the security related transformation. The algorithm
should be such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security
algorithm and the secret information to achieve a particular security service.

Fundamental of Cryptography
One way to strengthen security in computer system is to encrypt sensitive records and messages
in transit and in storage. The basic model of cryptographic system is shown in figure below

Encryption Encryption
Method, E Method, D

P C P
C = Ek(P) P = D(C)
Plaintext Ciphertext Plaintext
Insure
Communication Decryption key
Encryption
Channel
key, k

Fig. Basic Model of a Cryptography System.

The original unenciphered text is called the plaintext or the clear text. It can be encrypted using
some encryption method parameterized by a key. The result is called ciphertext. The ciphertext may
be stored or transmitted via the communication medium such as wires and radio links, or by a
messenger.
Plaintext can be obtained by decrypting the enciphered message using the decryption key. The
process of converting from plaintext to ciphertext is known as enciphering or encryption. Restoring
the plaintext from the ciphertext is known as deciphering or decryption. The many schemes used
for encryption constitute the area of study known as cryptography. Such a scheme is known as a
cryptography system or a cipher.
A cryptographic system that uses the same key for both encryption and decryption is said to
be symmetric. In asymmetric schemes, different keys are used at the two ends. The increased
confidence in the integrity of systems that use encryption is based on the motion that ciphertext
should be very difficult to decipher without knowledge of the key. The art of breaking ciphers is
called cryptanalysis.

Encryption
Key technology: encryption. Store and transmit information in an encoded form that does not make
any sense.

The basic mechanism:

 Start with text to be protected. Initial readable text is called clear text.
 Encrypt the clear text so that it does not make any sense at all. The nonsense text is called
cipher text. The encryption is controlled by a secret password or number; this is called the
encryption key.
 61

 The encrypted text can be stored in a readable file, or transmitted over unprotected channels.
 To make sense of the cipher text, it must be decrypted back into clear text. This is done with
some other algorithm that uses another secret password or number, called the decryption key.

All of this only works under three conditions:

 The encryption function cannot easily be inverted (cannot get back to clear text unless you
know the decryption key).
 The encryption and decryption must be done in some safe place so the clear text cannot be
stolen.
 The keys must be protected. In most systems, can compute one key from the other
(sometimes the encryption and decryption keys are identical), so cannot afford to let either
key leak out.

Public key encryption: new mechanism for encryption where knowing the encryption key does not
help you to find decryption key, or vice versa.

 User provides a single password, system uses it to generate two keys (use a one-way
function, so cannot derive password from either key).
 In these systems, keys are inverses of each other: could just as easily encrypt with decryption
key and then use encryption key to recover clear text.
 Each user keeps one key secret, publicizes the other. Cannot derive private key from public.
Public keys are made available to everyone, in a phone book for example.

There are three basic types of code-breaking attacks: ciphertext attack, known plaintext and
chosen plaintext.
i) Ciphertext attact:- occurs when an adversary comes into possession of only the
ciphertext.
 62
ii) The ―known plaintext‖ problem occurs when the intruder has some matched portions
of the ciphertext and the plaintext.
iii) Chosen plaintext:- problem occurs when the attacker has the ability to encrypt
pieces of plain text.
Thus, in line with the principle of open design, the strength of an encryption scheme should rely on
the secrecy of the key and on the mathematical soundness of the algorithm.
One of the first known Ciphers is attributed to Julius Caesar. It is based on substitution of each letter
with a letter that comes three places later in the alphabetic system.

An example of a cryptographic scheme is shown below:

JULIUSCAESAR plaintext
EFGEFGEFGEFG key, EFG repeated
Using English alphabet in sequence, starting with A = 01 and ending with Z = 26 and the three-letter
combination key, EFG, we can write:

10 21 12 09 21 19 03 01 05 19 01 18 plaintext (numeric)

05 06 07 05 06 07 05 06 07 05 06 07 key EFG

15 19 11 12 19 20 06 07 02 22 07 21 ciphertext (plain XOR key)

Giving,
OSKLSTFGBVGU Ciphertext, letter equivalent

The general Caeser algorithm is C = E(k,p) = (P + k) mod 26.

The Data Encryption Standard (DES)

Since computers can be used to quickly break naïve cryptosystem, one should use encryption
algorithms that are free from statistical and mathematical weaknesses and that are computationally
infeasible to break in order to make cracking prohibitively time-consuming. The DES is an example
of symmetric cipher.
The DES algorithm operates on 64-bit (8-byte) blocks of input at a time. The encryption process
is parameterized by a user-supplied 56-bit key. The key space thus contains 256 possible
combinations. Every bit of the output block is a complex function of every bit in the input block and
of every bit of the key.
DES is a symmetric cryptosystem, so the ciphertext is decrypted using the same key. The DES
algorithm is structured in such a way that the decryption process is the exact reverse of the
encryption. The steps of the DES encryption algorithm operation on a 64-bit input block are:
1. L0R0 = t (input)
2. Repeat for n = 1 to 16
Ln = Rn-1
Rn = Ln-1 f (Rn-1, Kn)
+
3. Output = t-1(L16R16 ).

The algorithm begins by performing an initial transposition, t, which is a permutation of the 64 –bit
input. The result is divided into two 32-bit halves denoted as Left, Lo and Right, Ro.
The result is subjected to 16 rounds of encipherment under the control of the key. After each round,
the left and right halves of the 64-bit intermediate result are swapped i.e, the left half for the next
round is the right half of the previous one. The new right half is obtained as the exclusive OR of the
 63
previous round‘s left half and the result of a fairly complex function of the previous round‘s right
half and the current round‘s key.
Each of the 16 different permutations uses a different key Ki . It is obtained by performing a
series of permutations and shifts on the user-supplied 56-bit key.
The inverse of the initial permutation is applied to the result of the last iteration to complete
the algorithm in step 3.
Decryption is performed by executing the described steps in reverse.

Public-Key Cryptography
An interesting and attractive alternative to key distribution in symmetric system is provided by
public-key cryptographic systems. Public-key cryptographic system is asymmetric i.e. it uses one
key for encryption and a different key for decryption.
Public-key algorithms are based on the use of a public enciphering transformation, E, and a private
deciphering transformation, D. For each user, A, the private transformation, DA, is described by a
private key. The public key, EA, is derived from the private key using a one-way transformation
whose inverse is exceedingly difficult to compute. The two transformations are related as follows:

DA (EA(P))= P
That is, decryption of an encrypted message yields the original plaintext, P.

Decryption is performed using the private key. Encryption, on the other hand, uses the public key.
Public keys are usually stored in commonly accessible areas, such as publicly readable files.
When two parties, A and B, wish to communicate securely over insecure channels, they proceed as
follows. The sender, A, looks up the receiver‘s public key and uses it to encipher the message, C =
EB (P). The recipient, B, decrypts the message using its private key. The result is:
DB (C) = DB (EB (P)) = P.
Secrecy is maintained because only B knows its private key and can decipher the message. In theory,
knowledge of EB cannot be used by an intruder to derive DB.

The RIVEST, SHAMIR, ADELMAN (RSA) Algorithm

One of the widely used public-key algorithms was invented by a group of researchers from MIT-
Rivest, Shamir, and Adelman- and named using their initials (RSA).
The algorithm is based on a combination of some principles from number theory that are
commonly used for public-key encryption algorithms.
The RSA algorithm prescribes determination of n, d, and e by means of the following steps:

1. Choose two large primes, p and q, each greater than 10100.

2. Compute n = pq and Φ (n) = (p-1)(q-1).
3. Choose a number d to be a large; random integer that is relatively prime to Φ(n), that is,
such that gcd(d, Φ(n)) = 1; 1< e < Φ (n)
4. Find e such that ed mod Φ(n) = 1.

These parameters may be used to encipher plaintext p where 0≤ p < n. If the plaintext is longer, it
must be broken into strings smaller than n. The ciphertext is obtained as C = Pe mod n. C may then
be decrypted as P = Cd mod n. Steps of the algorithm ensure that encryption and decryption are
inverses of each other.
The working of the RSA algorithm is illustrated in fig ( ) below.
 64

P P3 P3 mod 33 = C C7 C7 mod 33 = P
S 19 6859 28 28 13492928512 19 S
A 1 1 1 1 1 A
M 13 2197 19 19 893871739 13 M
P 16 4096 4 4 16384 16 P
L 12 1728 12 12 35831808 12 L
E 5 125 26 26 8031810176 5 E
Sender, A Receiver,
Encryptio B
Decryption
P Pe mod n P
Cd mod
n n
e=3 d=7
B’s public key B‘s private key
Public key PU ={e, n} = {3, 33} Private key PR {d, n} = {7, 33}
Fig. Example of RSA algorithm
In order to simplify computations, small values are chosen for p and q. In this example, P = 3 and q
= 11, yielding n = pq = 33 and Φ(n) = (3-1) (11-1) = 20.
The private key d is chosen as 7, which is relatively prime to 20 since the two have no common
factors.
The e is derived from 7e mod 20 = 1 as e = 3.
These parameters are used to encipher the plaintext SAMPLE. The value of n limits p to 33, which
allows only one character (letter) per plaintext block. The plaintext letter numbers are obtained using
the English alphabet in sequence i.e. A = 1.
Example Question:
With the aid of a well annotated diagram, describe a simple cryptographic system (3marks)
Solution:
Diagram of a cryptographic model

Example Question:
State the RSA/MIT (Rivest et al., 1978) algorithm.

The RSA/MIT algorithm

 65
a. Choose two large prime numbers, p and q. each greater than 10100
b. Compute and
c. Choose a number relatively prime to z and call it d
d. Find e such that
e. To encrypt message P, computer
f. To decrypt message C, computer
Example Question:
Using the MIT algorithm, encrypt the plain text ―SUZANNE‖ using p=3, q=11. and d=7 (tip: use
e=3)

We have chosen p = 3 and q= 11, giving n = 33 and z = 20. A suitable value for d is d = 7, since 7
and 20 have no common factors. With these choices, e can be found by solving the equation 7e = 1 (
mod20 ), which yields e = 3. The ciphertext, C, for a plaintext message, P , is given by C = P3( mod
33 ). The ciphertext is decrypted by the receiver according to the rule P = C7(mod 33). The
encryption of the plaintext ― SUZANNE‖ is as shown below

Network Performance

Network performance is defined by the overall quality of service provided by a network. This
encompasses numerous parameters and metrics that must be analyzed collectively to assess a given
network.

Network performance measurement is therefore defined as the overall set of processes and tools that
can be used to quantitatively and qualitatively assess network performance and provide actionable
data to remediate any network performance issues.

Why Measure Network Performance?

The demands on networks are increasing every day, and the need for proper network performance
measurement is more important than ever before. Effective network performance translates into
improved user satisfaction, whether that be internal employee efficiencies, or customer-facing
network components such as an e-commerce website, making the business rationale for performance
testing and monitoring self-evident.

When delivering services and applications to users, bandwidth issues, network down time, and
bottlenecks can quickly escalate into IT crisis mode. Proactive network performance management
solutions that detect and diagnose performance issues are the best way to guarantee ongoing user
satisfaction. The performance of a network can never be fully modeled, so measuring network
performance before, during, and after updates are made and monitoring performance on an ongoing
basis are the only valid methods to fully ensure network quality. While measuring and monitoring
 66
network performance parameters are essential, the interpretation and actions stemming from these
metrics are equally important.

Network Performance Measurement Tools

Network performance measurement tools can be broadly categorized into two types - passive and
active. Passive network measurement tools monitor (or measure) existing applications on the
network to gather data on performance metrics. This category of tool minimizes network disruption,
since no additional traffic is introduced by the tool itself. In addition, by measuring network
performance using actual applications, a realistic assessment of the user experience may be obtained.
Active networking performance measurement tools generate data that can be tailored to baseline
performance using pre-set routines. This testing requires an additive level of data traffic by nature, so
it must be scheduled appropriately to minimize impact on existing network traffic

The continuous improvement of network performance monitoring tools has enabled IT

professionals to stay one step ahead of the game. Advanced tools provide cutting edge data packet
capture analytics, software solutions that integrate user experience data into effective root cause
analysis and trending, and large-scale network performance measurement dashboards with remote
diagnostic capabilities.

Network Performance Measurement Parameters

To ensure optimized network performance, the most important metrics should be selected for
measurement. Many of the parameters included in a comprehensive network performance
management system focus on data speed and data quality. Both of these broad categories can
significantly impact end user experience and are influenced by several factors.

Latency

With regards to network performance measurement, latency is simply the amount of time it takes for
data to travel from one defined location to another. This parameter is sometimes referred to as delay.
Ideally, the latency of a network is as close to zero as possible. The absolute limit or governing factor
for latency is the speed of light, but packet queuing in switched networks and the refractive index of
fiber optic cabling are examples of variables that can increase latency.

Packet Loss

With regards to network performance measurement, packet loss refers to the number of packets
transmitted from one destination to another that fail to transmit. This metric can be quantified by
capturing traffic data on both ends, then identifying missing packets and/or retransmission of
packets. Packet loss can be caused by network congestion, router performance and software issues,
among other factors.

The end effects will be detected by users in the form of voice and streaming interruptions, or
incomplete transmission of files. Since retransmission is a method utilized by network protocols to
compensate for packet loss, the network congestion that initially led to the issue can sometimes be
exacerbated by the increased volume caused by retransmission.

To minimize the impact of packet loss and other network performance problems, it is important to
develop and utilize tools and processes that identify and alleviate the true source of problems
quickly. By analyzing response time to end user requests, the system or component that is at the
 67
root of the issue can be identified. Data packet capture analytics tools can be used to review response
time for TCP connections, which in turn can pinpoint which applications are contributing to the
bottleneck.

Transmission Control Protocol (TCP) is a standard for network conversation through which
applications exchange data, which works in conjunction with the Internet Protocol (IP) to define how
packets of data are sent from one computer to another. The successive steps in a TCP session
correspond to time intervals that can be analyzed to detect excessive latency in connection or round
trip times.

Throughput and Bandwidth

Throughput is a metric often associated with the manufacturing industry and is most commonly
defined as the amount of material or items passing through a particular system or process. A
common question in the manufacturing industry is how many of product X were produced today, and
did this number meet expectations. For network performance measurement, throughput is defined in
terms of the amount of data or number of data packets that can be delivered in a pre-defined time
frame.

Bandwidth, usually measured in bits per second, is a characterization of the amount of data that can
be transferred over a given time period. Bandwidth is therefore a measure of capacity rather than
speed. For example, a bus may be capable of carrying 100 passengers (bandwidth), but the bus may
actually only transport 85 passengers (throughput).

Jitter

Jitter is defined as the variation in time delay for the data packets sent over a network. This variable
represents an identified disruption in the normal sequencing of data packets. Jitter is related to
latency, since the jitter manifests itself in increased or uneven latency between data packets, which
can disrupt network performance and lead to packet loss and network congestion. Although some
level of jitter is to be expected and can usually be tolerated, quantifying network jitter is an important
aspect of comprehensive network performance measurement.

Latency vs Throughput

While the concepts of throughput and bandwidth are sometimes misunderstood, the same confusion
is common between the terms latency and throughput. Although these parameters are closely related,
it is important to understand the difference between the two.

In relation to network performance measurement, throughput is a measurement of actual system

performance, quantified in terms of data transfer over a given time.

Latency is a measurement of the delay in transfer time, meaning it will directly impact the
throughput, but is not synonymous with it. The latency might be thought of as an unavoidable
bottleneck on an assembly line, such as a test process, measured in units of time. Throughput, on the
other hand, is measured in units completed, which is inherently influenced by this latency.

Factors Affecting Network Performance

Network performance management includes monitoring and optimization practices for key network
performance metrics such as application down time and packet loss. Increased network availability
 68
and minimized response time when problems occur are two of the logical outputs for a successful
network management program. A holistic approach to network performance management must
consider all of the essential categories through which problems may be manifested.

Infrastructure

The overall network infrastructure includes network hardware, such as routers, switches and cables,
networking software, including security and operating systems as well as network services such as IP
addressing and wireless protocols. From the infrastructure perspective, it is important to characterize
the overall traffic and bandwidth patterns on the network. This network performance measurement
will provide insight into which flows are most congested over time and could become potential
problem areas.

Identifying the over-capacity elements of the infrastructure can lead to proactive corrections or
upgrades that can minimize future downtime rather than simply responding to any performance crisis
that may arise.

Network Issues

Performance limitations inherent to the network itself are often a source of significant emphasis.
Multiple facets of the network can contribute to performance, and deficiencies in any of these areas
can lead to systemic problems. Since hardware requirements are essential to capacity planning, these
elements should be designed to meet all anticipated system demands. For example, an inadequate bus
size on the network backplane or insufficient available memory might in turn lead to an increase in
packet loss or otherwise decreased network performance. Network congestion, on either the active
devices or physical links (cabling) of the network can lead to decreased speeds, if packets are
queued, or packet loss if no queuing system is in place.

Applications

While network hardware and infrastructure issues can directly impact user experience for a given
application, it is important to consider the impact of the applications themselves as important cogs in
the overall network architecture. Poor performing applications can over-consume bandwidth and
diminish user experience. As applications become more complex over time, diagnosing and
monitoring application performance gains importance. Window sizes and keep-alives are examples
of application characteristics that impact network performance and capacity.

Whenever possible, applications should be designed with their intended network environment in
mind, using real-world networks for testing rather than simulation labs. Ultimately, the variety of
network conditions an application is exposed to cannot be fully anticipated, but improvements in
development practices can lead to a decrease in network performance degradation due to application
issues. Applications contributing to poor network performance can be identified using analytics to
identify slow response time, while correcting these design limitations post-release can become a
formidable task.

Security Issues

Network security is intended to protect privacy, intellectual property, and data integrity. Thus, the
need for robust cyber security is never in question. Managing and mitigating network security issues
requires device scanning, data encryption, virus protection, authentication and intrusion detection, all
of which consume valuable network bandwidth and can impact performance.
 69
Security breaches and downtime due to viruses are among the most costly performance problems
encountered, so any degradation induced by security products should be carefully weighed against
the potential downtime or data integrity disasters they prevent. With these constraints in mind, an
invaluable element of network performance monitoring with respect to security is the strategic use of
network security forensics. By recording, capturing and analyzing network data, the source of
intrusions and anomalous traffic such as malware may be identified. Captured network traffic can
utilized retrospectively for investigative purposes by reassembling transferred files.

Full Packet Capture (FPC) is one such technique used for after-the-fact security investigations.
Rather than monitoring incoming traffic for known malicious signatures, FPC provides constant
storage of unmodified network traffic and the ability to replay previous traffic through new detection
signatures. Given the high volume of data packet transfer inherent to a modern network, the storage
requirements associated with FPC can be formidable. By defining the mean time to detect (MTTD)
based on previous incident metrics, a logical minimum time for packet data storage can be
established. In some cases, packet filtering may be a viable method to selectively monitor high risk
traffic and lessen the storage demands. To facilitate forensic analysis capabilities, FPC software must
enable accurate time and date stamping of stored packets for search and investigation purposes.

Calculating network performance metrics

A transaction is defined as a client request followed by a server reply, including both TCP and UDP
flows. With each read and write transaction between a client and a server, the following values are
measured and used to calculate how long the transaction takes to complete:

 Round Trip Time: The time taken for a very small packet to travel across the network and
return
 Network Delay: The overall time taken for data to cross from a client to a server, or from the
server to a client.
 Server Delay: The time taken for a server to respond to a request.
 Total Transaction Delay: The time taken for data to cross the network from a client to the
server and back. Unlike round trip time, this could include large packets and could result in
multiple packets being sent to the server, or received from the server.
 Network Jitter: Measures the variability of the network delay time. This is expressed as a
multiple of one standard deviation.
 Packet Loss: Measures when one or more packets within a transmission are successfully sent,
but fail to arrive at the destination.