Appendix A: Internetworking Basics | Citrix Access Suite 4 for Windows Server 2003: The Official Guide, Third Edition

The on-demand access paradigm is heavily dependent upon the capacity and performance of the internetwork that connects client nodes to the Citrix server farm. In larger companies and enterprise environments, workload and associated technical expertise is typically divided among a number of "experts" or teams of specialists (network, database, mail server, Web servers, and so on), while at smaller companies one or two "experts" may be responsible for all aspects of the organization's IT infrastructure. In either case, the focus of IT staff members charged with making the Citrix network work is usually server-centric, in spite of the dependence on network services. Those same system administrators still need a clear understanding of networking to be able to plan and design as discussed in the second section of this book and then implement, operate , maintain, and troubleshoot as discussed in the final section. This appendix provides a low-level networking introduction to provide common ground for discussing issues and concepts with other IT staff members , vendors , and service providers.

THE OSI MODEL

The Open Systems Interconnection (OSI) model was originally developed by the International Organization for Standardization (http://www.iso.org) in 1974 to establish a standardized model for interconnecting networks and computers using multivendor networks and applications. Although originally envisioned as a formal standard, it has become less an implementation standard and more a benchmark model. The principles applied when creating the OSI model were:

– A layer should be created where a different level of abstraction is needed.
– Each layer should perform a well-defined function.
– The function of each layer should be chosen with an eye toward defining internationally standardized protocols.
– The layer boundaries should be chosen to minimize the information flow across the interfaces.
– The number of layers should be large enough that distinct functions need not be thrown together in the same layer out of necessity, and small enough that the architecture does not become unwieldy.

The resulting effort defined a seven-layer model (Figure A-1) that allows information to be passed up and down through the hierarchy, layer-to-layer, such that each layer need only provide a standards-based interface to adjacent layers and has no dependence on nonadjacent layers. In simple terms, the network layer does not need to know anything about the physical media or the application data being transported; it only needs to know how to pass the information down to the data link layer or up to the transport layer.

Figure A-1: Data flow and the OSI model

OSI Model Layers

Each of the layers defined by the OSI model (keep repeatingit's only a model, it's only a model) performs specific functions to allow applications to ultimately transmit data over the physical media. The model's seven layers (commonly a protocol stack) are used extensively to define equivalency of function in other protocol stacks such as the Internet Protocol suite. Although most other protocol stacks do not have a one-to-one mapping to the OSI model's layers, the actual protocols are referred to by their OSI equivalent function. For example, Novell's Sequenced Packet Exchange (SPX) protocol does not fully map to the OSI model transport layer, but it is still functionally referred to as a transport layer protocol. Within the model, Layers 1-4 (the "lower" layers) support data transport between end nodes or devices while Layers 5-7 (the "upper" layers) deal with application support.

Application Layer

At the top of the "stack" is the application layer. It supports application and end- user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered , and any constraints on data syntax are identified. Everything at this layer is application specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level.

Presentation Layer

The presentation layer provides independence from differences in data representation by translating from application to network format, and vice versa. The presentation layer works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.

Session Layer

The session layer establishes, manages , and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end.

Transport Layer

The transport layer provides transparent transfer of data between end systems, or hosts , and is responsible for end-to-end error recovery and flow control. It ensures complete data transfer. The OSI model defines different transport services, four connection-oriented and one connectionless.

Network Layer

The network layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control, and packet sequencing. Note that the term "switching" refers to path switching and has nothing to do with Ethernet switches. For any protocol stack to be viable in an enterprise environment, it must have a routable address at this layer.

Data Link Layer

At the data link layer, data frame are encoded and decoded into bits for the physical media. This layer furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control, and frame synchronization. The data link layer is divided into two sublayers : the Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sublayer controls how a computer on the network gains access to the data and permission to transmit it (CSMA/CD for Ethernet) as well as logical addressing (MAC address). The LLC layer controls frame synchronization, flow control, and error-checking.

Physical Layer

The physical layer conveys the bit streamelectrical impulse, light, or radio signalthrough the network at the electrical and mechanical levels. It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards, and physical aspects. Fast Ethernet, RS-232, and ATM are protocols with physical-layer components .

OSI Model Data Flow

Understanding data flow through the OSI model, particularly the lower layers, is key to understanding network design, performance, and troubleshooting. Figure A-2 shows the process of data encapsulation from Layer 7 down to transmission on the wire at Layer 1. The original application message is encapsulated at each successive layer by appending and in some cases prepending the lower layer's protocol information to the payload. This layered functionality is what allows a single workstation to log on to a Novell server over IPX and a Windows server over TCP/IP.

Figure A-2: Data encapsulation in the OSI model

Referring back to Figure A-1, the logical communication is peer-to-peer at the same layer. The telnet client application on one host communicates to the telnet server application on another host. The data link layer on one device communicates with the data link layer on another device. The physical data flow is up and down the protocol stack.

Intermediate nodes (the three-layer stack in the middle of Figure A-1) may only need functionality at the three lowest layers, as they need not be aware of communication at the upper layers. As an example, a telnet session from Dallas to Chicago may transit many intermediate nodes over the Internet. At each of those sites, data needs to be de-encapsulated only as far as the network layer to allow path selection and forwarding.

From a LAN standpoint, a Layer 1 device refers to a device that functions at the physical layer. Repeaters and multiport repeaters (LAN hubs) are Layer 1 devices. They regenerate and retransmit an electrical signal consisting of ones and zeros.

A Layer 2 LAN device works at the data link layer, meaning it is protocol-aware at Layer 2 and recognizes Layer 2 frame formats and addresses (MAC addresses). LAN switches are Layer 2 devices: they forward (directed) or flood (broadcast) frames on the network, but each port is independent of the electrical signal and physical media on any other port.

To classify a device as a Layer 3 device means the device works at the network layer and recognizes network-layer addressing and protocol. Routers and Layer 3 LAN switches are at this layer. Communication between dissimilar LAN technologies such as between Token Ring and Ethernet requires Layer 3 functionality. For example: In a network with a Token Ring segment and an Ethernet segment, the Layer 2 frame formats are incompatible. To communicate from one segment to the other, the frame formats and media access control methods from one segment must be "stripped away" to allow the data to be re-encapsulated in the correct format for the other segment.

The OSI Model as a Benchmark

Figure A-3 shows a greatly simplified correlation of the OSI model to common protocol stacks. Note that the Internet Protocol stack defines only four layers and that common network operating systems consistently have a clear separation between Layers 5-7 functions and Layer 4, primarily driven by the ubiquitous nature of TCP/IP.

Figure A-3: Common protocol suites versus the OSI model