List of Figures | Lan Tutorial With Glossary of Terms: A Complete Introduction to Local Area Networks (Lan Networking Library)

Section I: Understanding Networks Layers and Protocols

The OSI model is not a single definition of how data communications takes place. It states how the processes should be divided and offers several options. In addition to the OSI protocols, as defined by ISO, networks can use the TCP/IP protocol suite, the IBM Systems Network Architecture (SNA) suite, and others. TCP/IP and SNA roughly follow the OSI structure.
ISO has specified many different protocols at each layer of the OSI model. Some of the options are shown here.
The TCP/IP stack includes protocols that provide services equivalent to the OSI stack.

Section II: Physical Layer Protocols

Figure 1: A large number of digital encoding techniques are available to design Physical-Layer implementations . Five of the most common are illustrated here.
Figure 2: There are three possible basic techniques for modulating an analog signal with digital data. In practice, combinations of these methods are often employed.
Figure 1: With unipolar signaling, the mark signal, usually representing a 1, is indicated by a positive voltage or current, while zero voltage or current represents a space or 0. Polar signaling represents marks (or1s) with a positive voltage or current, while spaces (or 0s) are represented by a negative value. Return to zero signaling requires that each mark signal start and finish at zero within the alloted time for a bit.
Figure 2: Bipolar signaling indicates a mark or 1 with alternating positive and negative valves alternate mark inversion (AMI)and spaces or Os are indicated by zero values. Two successive marks with the same polarity constitute a bipolar violation, or BPV.
An ISDN network terminator (NT1) must be placed between the telco's network and customer equipment. Customer equipment (also called terminal equipment or TE) is shown on the left side of the figure. TE1 represents ISDN-capable terminal equipment, while TE2 is non-ISDN equipment, for which an ISDN terminal adapter (TA) is required. Some sites will have a PBX switch on the premises, as shown in NT2.
Figure 1: An inverse multiplexer makes multiple lower-speed (and lower-cost) lines look like a single higher-speed (but still lower-cost) line to the applications at either end.
Figure 2: An inverse multiplexer aggregates different data streams over higher-speed lines. The seperate channels take diverse paths through the network and arrive at their destination but not necessarily at the same time or in the right order. The inverse mux puts the packets back in the proper order and adjusts for any delay.
Figure 1: Asymmetric Digital Subscriber Line (ADSL) sends data at frequencies of 26KHz to 1100KHz, maintaining analog voice service on the same copper wire in the 0KHz to 3.4KHz range. Symmetric DSL (SDSL) uses the entire frequency of the line for data and does not coexist with analog voice service.
Figure 2: Symmetric Digital Subscriber Line (SDSL) speeds depend on the distance from the Central Office (CO); they also vary depending on the vendor. SDSL lines are provisioned at a fixed data rate, while ADSL can adapt dynamically to line conditions.
Figure 1: Wavelength Routing. A network of optical fibers, each of which carries multiple wavelengths (or lambdas), can be used much more effectively if data paths can be switched from one lambda to another at each node. Today's wavelength routers require an optical-to-electronic-to-optical conversion in order to switch to a different node.
Figure 1: All waves that strike the cladding beyond 82 degrees from the perpendicular propagate down the fiber. Waves that fall within 82 degrees go into the cladding.
Figure 2: Optical transmission occurs in four windows at varying wavelengths. Except for a small fluctuation around 1.38 microns (1,380 nanometers), the longer the wavelength, the lower the attenuation.
Figure 1: PONs consist of four key elements: An OLT sits in the central office controlling the PON network. Splitters sit at various fiber junctions dividing the signal into multiple channels. ONU or ONTs terminate the signals at or just before the customer premises.
Figure 2: PONs use a complex frame structure for relegating access to the network.
Direct to the Mainline Connecting the ATM and IP traffic directly to an optical-based network such as Dense Wave Division Multiplexing (DWDM) can reduce costs and work around potential WAN traffic bottlenecks.
Figure 1: In an ideal cellular network, hexagonal cells are arranged in a honeycomb structure, each using a third of the available spectrum to prevent interference.
Figure 2: The Global System for Mobile Communications (GSM) multiplexing scheme uses eight time slots, compared to Digital-American Mobile Phone System's (D-AMPS) three.
Figure 1: Intel has calculated the spatial capacity (or throughput over an area) for several potentially popular wireless technologies. Ultra Wideband systems display a tremendous relative advantage based on this metric.
Figure 2: An amplitude-modulated signal might look like 2a on an oscilloscope, the most common tool for observing the time-domain elements of a signal. The same signal might look like 2b on a spectrum analyzer, the most common tool for observing the frequency-domain characteristics of a signal. The mathematical functions that describe time-domain signals can be converted to their frequency-domain functions by means of Fourier transforms. The time-domain function in 2c was generated by an Ultra Wideband device, while the frequency-domain graph in 2d was produced by Fast-Fourier transforms operating on 2c. The spread-out frequencies in 2d resemble ordinary noise, unlike the narrowband signals in 2b.

Section III: Data-Link Protocols

Figure 1: The three basic physical ntework topologies are the star, ring, and bus. The star is most often used in minicomputer networks. The ring was popularized by Token Ring, and the bus is used in Ethernet.
Figure 2: Twisted-pair Ethernets are often composed of cascaded stars, in which multiport repeaters (represented by boxes) are connected to one another and to a central repeater.
Figure 3: Although a physical star, IBM's Token Ring Implementation is logically or electronically a ring. The arrows represent a data packet as it moves from one station to another around the ring.
Figure 1: Ethernet II and 802.3 Raw packets have similar structures, except for Frame Type and Frame Length fields. The different fields can coexist because all assigned frame types are greater than 05FE.
Figure 2: IEEE 802.2 and 802.2 SNAP packets start with the basic 802.3 Physical-layer frame type and add 802.2 LLC headers.
Figure 1: In traditional 10Mbps Ethernet networks, the maximum distance between two end stations is 2,500 meters .
Figure 2: The maximum length limitation for 100BaseT is 250 meters, only 10 percent of the 2,500-meter maximum theoretical size of Ethernet.
Figure 3: Because of the increased throughput capabilities of 100BaseT, workstations A and B can be no farther than 250 meters apart.
Figure 1: Computer Data: Packets of computer data are chopped up into ATM cells for transit over the ATM virtual circuit, then reassembled at the receiving end. Source: ATM Forum.
MPLS Operation. With MPLS, the LER can decide on the optimal path by accounting for considerations other than routing hops, such as line speed (a). Once the LSP is established, the packet is then properly labeled (b) and sent through the network.
Figure 1: PPP frames are composed of six fields. The flag is a fixed pattern that delimits frames . The Address and Control fields are also fixed values. The Protocol field provides a layer of indirection so that the Data field can represent actions as well as user data. The Frame Check Sequence (FCS) field provides 16- or 32-bit error tracking.
Figure 2: Practically every Digital Subscriber Line (DSL) modem uses ATM to link to a DSL Access Multiplexer (DSLAM) at the central office of a Local Exchange Carrier (LEC). In many cases, ATM Permanent Virtual Circuits (PVC) will be provisioned all the way from an ISP or an enterprise network to the DSL modem at the customer premises.
Figure 1: Cable Architecture. Large cable providers typically have termination systems at distribution hubs, with centralized management and Operational Support Systems (OSS) servers.
Figure 1: Signaling System 7 (SS7) consists of Service Switching Points (SSPs), which originate or terminate calls; Switching Control Points (SCPs), which offer acess to databases; and Switching Transfer Points (STPs), which route SS7 information between SSPs and SCPs. Note the many redundant links, particularly between mated STPs.
Figure 2
Figure 3: The SS7 protocol stacks consists of four layers, which roughly correspond to the OSI model.
Remote Node Hardware: Self-contained remote node servers are a complete solution, with telephone and LAN interfaces built in. Remote routers and bridges often are supplied with a generic WAN port, which requires an external modem or, if ISDN lines are used, an external terminal adapter. Server-based remote nodes provide the ultimate in flexibilityeven the software must be configured.

Section IV: Network and Transport Layer Protocols

Figure 1: The TCP/IP body fits within a four-layer framework.
Figure 2: The TCP/IP network-access layer services correspond to those provided by the physical, data-link, and parts of the network layers in the OSI reference model.
Figure 1: This diagram illustrates the fields of a TCP segment.
Figure 2: The UDP Leader is much simpler than the TCP Leader.
Figure 1: End-user stations send RSVP requests on behalf of an application. These requests go through each RSVP-enabled router up to the source. A router that can't honor the request sends an error message to the end user.
Figure 1: A DHCP client negotiates IP address "lease" through this sequence of packet exchanges.
Figure 2: Unless there's a DHCP server on each subnet, intervening routers must be capable of being BOOTP relay agents , which can forward BOOTP and DHCP packets.
Figure 1: With Unicast Propagation Of A Stream, Data Must Be Wastefully Replicated.
Figure 2: With Multicasting, Data Is Simply Copied At Every Branch Of A Spanning Tree.
Figure 1: The IPv6 packet header has fewer fields than its predecessor for more efficient processing. (Field lengths are not drawn to scale.)
Figure 2: IPv6 uses extension headers to provide a host of options, such as fragmentation and source routing. The extension headers, which replace the Options field in IPv4, are inserted between the IP header and the Transport-layer header.
Figure 1: This sample network architecture shows roughly where the four major H323 components terminals, gateways, Multipoint Control Units (MCUs), and gatekeeperswould be installed, and how they would communicate with one another and with other network resources.
Figure 1: The time needed to set up a call is the key problem with H.323. Since the features of the call, such as whether or not to invoke video, are only negotiated after the call is established, setup times are much longer with H.323 than with SIP.
Figure 2: Session Initiation Protocol (SIP) speeds up call setup by bundling all of the configuration information in the request. The request is either sent directly or via the proxy server to the recipient, who accepts the call and immediately initiates the session.
Figure 1: Apple Computer's six-layer AppleTalk protocol suite, although not fully compliant with the seven-layer OSI reference model, provides many of the capabilities and functions defined by OSI. Here, the two protocol suites are compared side-by-side.
Figure 1: The RSVP message header includes various fields that denote characteristics such as the message's function, its time-to-live value, the protocol's version number, a TCP/IP checksum, and the total length of the common header.
Figure 2: This diagram represents the implementation of RSVP in hosts and routers. On each end of this equation, stringent policy control and admission control are crucial to deliver the desired level of service. Packets must be classified and scheduled, and queued in the packet scheduler as necessary.
Figure 1: In Differentiated Services (DiffServ), the DS field (or DS byte) shown in part A of this diagram replaces the 8-bit Type of Service (ToS) field in the IPv4 header (shown in part B). The DS field contains a 2-bit Currently Unused (CU) field and the Differentiated Services Code Point value, which triggers certain treatments of the packet in devices within the network.
Figure 2: In the DiffServ process flow, packets are classified and then conditioned to ensure that they conform to the classification's particular policy requirements. Classification is based on Traffic Conditioning Agreements (TCAs) between service providers and network subscribers. Conditioning, also called traffic shaping or policing, involves metering, marking, shaping, and dropping.

Section V: Application Layer Protocols

Figure 1: A typical corporate Internet connection. Everything behind the firewall is part of the corporate intranet which is the organization's private network. The dashed line encompasses this particular intranet.
Figure 1
Figure 1
Figure 1: SSL creates secure communications links across the Internet at a very basic level, making it possible for use in a variety of Internet sessions, including telnet, ftp, gopher, and SMTP.
Figure 2: SSL enabled sessions require server authorization, which consists of the server sending its public key to the client, which then generates a master key to be used to encrypt all communication for that particular session.
Figure 1: Megaco links the Media Gateway (MG) and Media Gateway Controller (MGC) for intradomain remote control of connection-aware or session-aware devices.
Figure 2: This figure is an example of terminations as they relate to contexts in a Megaco-based implementation.

Section VI: Network Hardware

Figure 1: Coaxial cable, also called coax, is the oldest network cable. It is proven, easy to use. It has a large bandwidth and can support transmission over long distances.
Figure 2: Shielded twisted-pair's shield increases its immunity to electromagnetic interference which allows it to transmit data over longer distances than unshielded twisted pair.
Figure 3: Unshielded twisted-pair is installed nearly everywhere. Besides being inexpensive and readily available, it is flexible and familiar to cable installers . It has become the cable of choice for the departmental network.
Figure 4: Fiber- optic cable offers tremendous bandwidth, tight security, immunity to electromagnetic interference, and can carry data over long distances. It is mostly used in backbones.
Figure 1: UTP cabling typically has four pairs of wire in one sheath, which connects to an RJ-45 modular jack. For 10BaseT, only the 1-2 pair and the 3-6 pair are wired, but not used with Ethernet.
Figure 2: In Token Ring networks, packets are forwarded from station until they arrive at the correct address. Although Token Ring uses a star configuration, each station is still connected, via the MAU, to the next station on the ring.
Figure 3: Token Ring initially used IBM Type 1 STP wiring. Now it typically uses a 9-pin D-subminiature (DB-9) connector, although it also has been implemented over UTP using RJ-45 connectors. As shown, wiring configurations depend on which type of cabling you're using.
Figure 1: Simple Circuitry: When two devices communicate over a network, they form an electrical circuit. Cables serve as the transfer medium and are bound to the same electrical properties as normal conductors.
Figure 1: To generate electrical power, a coil is mounted close to a magnet that is spinning on a shaft. As the poles of the magnet sweep past the coil, voltages of alternating polarity are induced in the coil.
Figure 2: A 120-volt, 60-Hz generator produces power output that cyclically varies from 169.7V to -169.7V.
Figure 3: In a transformer, two coils (usually referred to as windings) are electrically insulated from each other. The left-hand winding, which is connected to the utility AC power grid, is called the primary winding. The secondary winding, on the right, is connected to a load.
Figure 4: Power-using devices such as computers are connected to "ground" through the facility wiring.
Figure 1: Lan travels along a fiber-optic light guide (or cable) from a special LED light source to a photoreceptor. The cladding layer reflects back any stray light waves traveling along the core .
Figure 2: A fiber-optic cable consists of several layersan inner glass core of extremely high optical clarity, a wider glass cladding layer, and an encasing jacket.
Figure 1: The IEEE 802.11 protocol covers the MAC and Physical (PHY) layer specifications of wireless networking. The standard consists of one MAC that works with three PHYs: two radio frequency and one infrared.
Figure 2: Unlike Ethernet, which includes a Collision Detection (CD) feature, WLANs use Collision Avoidance (CA). Before sending packets, the sending station transmits a Request to Send (RTS); the destination station then sends a Clear to Send (CTS) packet. Only when this occurs will the medium be reserved for the duration of the transmission.
Figure 1: Bridges can be used to connect one PCI bus to another. Other bridges can link a PCI bus to an EISA or ISA bus. But how systems designers use these bridges can impact overall performance. In this example, Approach B offers higher total I/O throughout than Approach A, due to the peer-level arrangement of the two PCI buses in Approach B.
Figure 2: System designers can create "shared" I/O slots, which can be used for either of two types of expansion boards . The shared slot illustrated here will accept either a PCI or EISA card.
Figure 1: Generation I/O: By combining a point-to-point switched fabric with a channel architecture, Next Generation I/O offers a more scalable and efficient method of connecting hosts with peripheral devices.
Striping, Mirroring, and Parity. RAID uses a variety of methods to organize data on a disk.
Figure 1: In a Network Attached Storage (NAS) scenario, storage devices such as RAID and tape drives are part of the LAN, making them accessible to any other network resource. Drawbacks of this model include bandwidth limitations, because NAS implementations are dependent on the underlying network topology.
Figure 2: With a Storage Area Network (SAN), a high-speed interface such as Fibre Channel connects storage devices to servers and the rest of the network. A Fibre Channel switch or hub lets servers access any storage device on the loop.

Section VII: Network Software

Figure 1: As the dotted lines imply, a directory tree is extensible in breadth and depth.
Figure 2: The relationship between various object types.
Figure 3: A portion of the NDS directory tree for Acme Auto Co.
Figure 1: Here is an NDS directory tree with two partitions. The first NetWare 4.x server to be installed is the one on the left, so the installation creates the partition on the left. When a second server is installed later, a new partition is created.
Figure 1: When printing from a standalone application, the path from the PC to the printer is fairly direct. Using networked printers requires a more circuitous path. More opportunity for glitches exists, and they frequently occur
Figure 1: The Simple Mail Transfer Protocol (SMTP) allows e-mail-enabled client systems, or user agents (UAs), to send messages in ASCII text to other UAs. Internet mail servers act as message transfer agents (MTAs), relying on SMTP, conventional e-mail addresses, and the domain name service database to relay the e-mail message from server to server, until it reaches the mail server that services the recipient UA.
Figure 1: A basic local e-mail system consists of a message transport that transmits outgoing mail and delivers incoming mail to the message store, which stores mail in the appropriate user's mailbox. Users can then access their messages from their desktops using a client program that is running a message access protocol, such as POP-3, IMAP-4, or a proprietary protocol.
Figure 2: The message access transaction can be divided into three models: offline, online, and disconnected. The main difference between the three revolves around where the mail is actually read or processed and where the mail is stored.
The Message Backbone: The next generation of workgroup software, which includes scheduling, intelligent mail, electronic forms, and workflow, will be built on a messaging infrastructure.
Figure 1: There are two types of cache servers on the market today. Transparent cache servers require no changes to the client. They sift through the Internet-bound traffic and either deliver stored content from cache or send the request on to the content server. Proxy caches require changing the client to receive all Internet requests. Content that is not stored in the cache is then retrieved for the user from the originating content server.
Figure 2: By writing custom APIs, applications such as video retrieval can be more intelligent, improving the user experience. First, the personal cache server shares the user's movie preferences with the video server (1). Then, during off-hours, the video server transfers movies likely to be watched by the user into the user's personal cache (2).
Pushing Content Delivery to the Edge. Here's a look at how Edge Side Includes (ESI) moves content from the database and Web application server in the data center core and pushes it towards the end user at the Content Delivery Network (CDN) edge.

Section VIII: Internetworking

Figure 1: Repeaters operate at the lowest OSI layer. They regenerate electrical signals.
Figure 2: Bridges operate at the MAC sublayer and are capable of modest traffic control and network partitioning.
Figure 3: Routers operate at the network layer and are capable of stringent traffic control and network partitioning.
Figure 4: Gateways provide translations between two dissimilar computer systems, such as a PC_LAN and an SNA network.
Figure 1: Cut-Through Vs. Store-and-Forward: A cut-through switch begins forwarding frames as soon as it reads the destination address. To perform the CRC data integrity function, a store-and-forward switch must read the entire frame before forwarding it.
Figure 2: Scaling for Power Users: Each of the 125 nodes has a private Ethernet connection. Each server receives 100Mbps of bandwidth. The connection between switches is a shared 100Mbps link. Aggregate forwarding bandwidth is 850Mbps.
A Practical VLAN: The two VLANs in this diagram have been defined to prevent AppleTalk broadcasts on the Macintosh hosts from congesting the IPX-based VLAN, and vice versa. One server is a member of both VLANs. If the link to the shared server is a high-speed one, it will be less likely to become a bottleneck.
Figure 1: The TCP/IP routing scheme used in the Internet relies on interior gateways, or routers, (noted with "I" in the illustration), to move data packets within an autonomous system, such as the network at a university campus. Exterior gateways, or routers, (noted with "E"), pass data packets between these autonomous systems.
Figure 1: Dial-up internetworking can be more cost effective than leased 56Kpbs lines for users who require a part-time connection between two sites.

Section IX: Network and Systems Management

MIB Structure: Like many hierarchical name spaces, the MIB begins with an unnamed root node. The node "mib-2" can be uniquely identified with the object identifier notation 1.3.6.1.2.1, and the node "sun" has the object ID 1.3.6.1.4.1.4.2. Administrative responsibility follows the tree structure. Thus Sun can assign the nodes beneath "sun" though it must register the names with the IANA.
Figure 1: Protocol analyzers capture network traffic, parse each frame to identify the protocol that defines it, and pass the decoded traffic along for display or for further analysis.
Connections: Most 10BaseT and 100BaseT Ethernet installations connect a network interface adapter to a hub or switch via a series of copper cables that total less than 100 meters in length.
Figure 1: A management application can access and configure the managed components via the DMI Management Interface (MI). It can also respond to events occurring in its managed components. The local agent provides the services for managing the individual components. The Management Information Format (MIF) file describes the component's manageable aspects.

Section X: Network Security and Backup Systems

Figure 1: The Authentication Header (AH) resides between the IP header and the Encapsulating Security Payload (ESP), or other higher-level protocols, such as UDP or TCP. The chief goal of the AH is to let the sending and receiving parties know that the data came from where it says it did, and that it was not changed during transit.
Figure 2: The Encapsulating Security Payload (ESP) protocol follows a standard IP header (or the Authentication Header, or AH, if (used) and provides encryption and authentication of the packet.
Figure 1: Electronic Eyes. An Intrusion Detection System (IDS) monitors network traffic or file activity on a host for attacks, anomalous behavior, and misuse. An IDS logs intrusions, sends real-time alerts, and in some situations can halt the attack.
Figure 1: Secret key, or symmetrical cryptosystems, rely on a single key for all encryption and decryption between parties, which means these systems are fast, but can be easily compromised if the key is lost.
Figure 2: The use of two mathematically related keys, public key, or asymmetrical cryptosystems, makes messages very hard to crack. The public key can be posted at a central location, while the corresponding private key is kept by the individual at all times.
Figure 1: Proxy servers offer many features, but they are most commonly associated with caching. Caching gets the most out of any Internet connection by converting random, intermittent HTTP requests into an efficient, rule-based stream.
Figure 2: The Internet Cache Protocol (ICP) links multiple cache servers together in a sibling-parent hierarchy. The local cache can retrieve hits from sibling caches, hits and misses from parent caches, and misses from origin servers directly.
Potential Vulnerablity of VPN. An external attacker with remote control access to a residential client may be able to access the enterprise network with the employee's access rights.
How Tunneling Works: When a VPN device receives instructions to transmit a packet over the Internet, it negotiates encryption with the VPN device on the destination network, then encrypts the packet accordingly . Next, it encapsulates the encrypted packet in an IP packet and sends it over the Internet to the destination network. Once the packet arrives, the receiving VPN termination device reverses the process and lets the packet continue to its destination on the internal network.
ESP Tunnel Mode. In ESP tunnel mode, the header data is neither encrypted nor authenticated, so traffic can traverse a Network Adress Translation (NAT) device.
Figure 1: While Kompella and Martini may differ in their signaling, their generalized packet configuration is very similar. The L1 encapsulation is the additional L1 information, most likely Sonet or SDH, needed to move data across the carrier's infrastructure. The Transport Label is the MPLS label that identifies the MPLS tunnel transporting the encapsulated L2 frames or cells through the MPLS network. The VC label is an MPLS label that identifies the particular L2 virtual connection, such as a Frame Relay DLCI, that is being transported through the MPLS tunnel. The control word contains information about the connection. It may be optional or mandatory depending on the network configuration. The L2 frame or cell is the L2 frame presented to the provider's edge router.
Figure 2: With L2 VPNs, the provider's edge router encapsulates the L2 packet within an MPLS frame and adds a a special MPLS label, the VPN Label, that designates the destined port and virtual circuit (1). The packet traverses the MPLS network, with each MPLS router swapping labels (2). The final router removes the VPN Label exposing the L2 packet to the customer edge (CE) router (3).
Zoned Out. In Fibre Channel SANs, one way to partition storage resources for additional security is through zoning. Switch zoning involves dividing systems such as servers, storage devices, subsystems, and host bus adapters into groups, or zones. These zones can be based on switch port connectivity (hard zoning), or the switch can read incoming frames to ensure that source and destination addresses are within the same zone (soft zoning).