The OSI Model s Lower Layers

The OSI Model’s Lower Layers

Now that you have a broad overview of the OSI model and its seven layers, you will now learn about the functions of each layer in a little more detail, starting with the lower layers. In addition to the concepts, you’ll read about some of the devices that operate at those layers and some of their installation concepts.

The Physical Layer

The easiest way to think about the Physical layer is that it deals with measurable, physical entities. Any protocol or device that operates at the Physical layer deals with the physical concepts of a network.

Physical Layer Concepts

Generally speaking, Physical layer concepts deal with a network component that is tangible or measurable. For example, when a protocol at the Physical layer receives information from the upper layers, it translates all the data into signals that can be transmitted on a transmission medium. This process is known as signal encoding (or encoding , for short). With cable media (also called bounded media ), the protocols that operate at the Physical layer translate the ones and zeros of the data into electrical ons and offs.

Additionally, the Physical layer specifies how much of the media will be used (in other words, its signaling method ) during data transmission. If a network signal uses all available signal frequencies (or, to put it differently, the entire bandwidth), the technology is said to use baseband signaling. Most LAN technologies, such as Ethernet, use baseband signaling. On the other hand, if a signal uses only one frequency (or only part of the bandwidth), the technology is said to use broadband signaling. This means multiple signals can be transmitted on the media simultaneously. Television signals use broadband signaling .

Finally, the Physical layer specifies the layout of the transmission media (its topology, in other words). A physical topology describes the way the cabling is physically laid out (as opposed to a logical topology, discussed later in the section titled “The Data Link Layer”). The physical topologies include the following:

• Bus

• Star

• Ring

• Mesh

The Bus Topology

In a physical bus topology, every computer is directly connected to a common medium. A physical bus network uses one network cable that runs from one end of the network to the other. Workstations connect at various points along this cable. The main advantage to this topology is simplicity: Only one cable is used, and a physical bus topology typically requires less cable than other physical topologies. However, a cable fault can bring down the entire network, thus making a physical bus topology the least fault tolerant of all the physical topologies. Figure 2.3 shows a sample physical bus network.

Figure 2.3: A sample physical bus topology

The Star Topology

In a physical star topology, a cable runs from each network entity to a central device. This central device (called a hub ) allows all devices to communicate as if they were all directly connected. The main advantage to a physical star topology is its fault tolerance. If one node or cable malfunctions, the rest of the network is not affected. The hub simply won’t be able to communicate with the station attached to that port. An Ethernet 10BaseT network is one example of a network type that requires a physical star topology. Figure 2.4 shows a sample network that uses a physical star topology.

Figure 2.4: A physical star topology

The Ring Topology

A physical ring topology isn’t seen much in the computer-networking world. If you do see it, it’s usually in a wide area network (WAN) environment. In a physical ring topology, every network entity connects directly to only two other network entities (the one immediately preceding it and the one immediately following it). The complexity of the ring topology makes it a poor choice in most network environments. Figure 2.5 shows a physical ring network.

Figure 2.5: A physical ring topology

The Mesh Topology

A physical mesh topology is another physical topology that isn’t widely used in computer networks (except in special WAN cases). In a physical mesh topology, every computer is directly connected to every other computer in the network. The more computers that are on a mesh network, the more cables that make up the network. If a mesh network has n computers, there will be n (n– 1)/2 cables. With 10 computers, there would be 10(10–1)/2, or 45 cables. As you can see, this topology quickly becomes unmanageable with only a few computers. Figure 2.6 shows a sample mesh network.

Figure 2.6: A physical mesh topology

Physical Layer Devices

Several devices operate primarily at the Physical layer of the OSI model. These devices manipulate mainly the physical aspects of a network data stream (such as the voltages, signal direction, and signal strength). Let’s take a quick look at some of the most popular:

• NIC

• Transceivers

• Repeaters

• Hubs

• MAUs

The Network Interface Card (NIC)

Probably the most common component on any network is the network interface card (NIC). A NIC is the component that provides the connection between a computer’s internal bus and the network media. NICs come in many shapes and sizes. They vary by the type of bus connection they employ and their network media connection ports. Figure 2.7 shows an example of a network interface card.

Figure 2.7: A sample network interface card

The Transceiver

In the strictest definition, a transceiver is the part of any network interface that transmits and receives network signals (transmitter/receiver). Every network interface has a transceiver. The appearance and function of the transceiver vary with the type of network cable and topology in use.

Note

Some network interface cards have an Attachment Unit Interface (AUI) port (typically a 15-pin DIN connector) that allows a different, external transceiver type to be used, thus changing the media types to which the NIC can connect. For example, if you are using an Ethernet 10Base2 network interface card with an AUI port, you can connect to an Ethernet 10BaseT network by using an external transceiver attached to the AUI port. A DIN connector meets the specification of the German national standards body, Deutsche Industrie Norm, or DIN.

The Repeater

The simplest of all the Physical layer devices is the repeater, which simply amplifies the signals it receives on one port and resends (or “repeats”) them on another. Repeaters are used to extend the maximum length of a network segment. They are often used if a few network stations are located far from the rest of the network. Figure 2.8 shows a network that uses a repeater.

Figure 2.8: A repeater installed on a network

The main downfall of a repeater is that it repeats everything it receives on one port, including noise, to its other ports. This has the ultimate effect of limiting the number of repeaters that can practically be used on a network. The 5-4-3 Rule dictates how many repeaters can be used on a network and where they can be placed. According to this rule, a single network can have five network segments connected by four repeaters, with three of the segments populated. If this rule is violated, one station may not be able to see the rest of the network. Figure 2.9 illustrates the 5-4-3 Rule.

Figure 2.9: The 5-4-3 Rule for network repeaters

The Hub

After the NIC, a hub is probably the most common Physical layer device found on networks today. A hub (also called a concentrator) serves as a central connection point for several network devices. At its basic level, a hub is nothing more than a multiport repeater. A hub repeats what it receives on one port to all other ports. It is, therefore, also subject to the 5-4-3 Rule. Figure 2.10 shows an example of a hub.

Figure 2.10: A standard hub

There are many classifications of hubs, but two of the most important are active and passive:

• An active hub is usually powered and it actually amplifies and cleans up the signal it receives, thus doubling the effective segment distance limitation for the specific topology (for example, extending an Ethernet segment another 100 meters).

• A passive hub is typically unpowered and makes only physical, electrical connections. Typically, the maximum segment distance of a particular topology is shortened because the hub takes some power away from the signal strength in order to do its job.

The Multistation Access Unit (MAU)

This Physical layer device is unique to Token Ring networks. Token Ring networks use a physical star topology, yet they use a logical ring topology (discussed later). The central device on an Ethernet star topology network is a hub, but on a Token Ring network, the central device is a Multistation Access Unit (MAU, sometimes called MSAU). The functionality of the MAU is similar to that of a hub, but the MAU provides the data path that creates the logical “ring” in a Token Ring network. The data can travel in an endless loop between stations. MAUs are chained together by connecting the Ring Out port of one MAU to the Ring In port of another and connecting the last Ring Out port to the Ring In of the first MAU in the chain, thus forming a complete loop. In a Token Ring network, you can have up to 33 MAUs chained together. MAUs are shown in Figure 2.11.

Figure 2.11: MAUs in a Token Ring network

The Data Link Layer

The Data Link layer is actually made up of two sublayers:

• The Media Access Control (MAC)

• The Logical Link Control (LLC)

Figure 2.12 illustrates this arrangement.

Figure 2.12: Sublayers of the Data Link layer

Data Link Layer Concepts

Protocols that operate at the Data Link layer have several responsibilities, including creating, transmitting, and receiving frames. Additionally, the Data Link layer is responsible for physical (MAC) addressing and logical link control (LLC) processing, creating logical topologies, and controlling media access.

Packets

At the Data Link layer, data coming from upper-layer protocols are divided into logical chunks called packets. A packet is a unit of data transmission. The size and format of these packets depend on the transmission technology.

The Hardware (MAC) Address

Every network interface card has an address, typically assigned at the factory. This address is protocol-independent and is often called the hardware address. It’s technically accurate, however, to call it the MAC address because it exists at the MAC sublayer of the Data Link layer. This address is also called the Ethernet address or the physical address.

The MAC address itself is a 12-digit hexadecimal number. As you may remember, a hexadecimal uses all digits from 0 through 9 and A through F. Each two-digit set is separated by colons, like so:

07:57:AC:1F:B2:76

Normally, the MAC address of a network interface card is set at the factory and cannot be changed. For this purpose, all NIC manufacturers keep track of the MAC addresses they use so they don’t duplicate addresses between vendors. As of late, however, some manufacturers have started reusing their blocks of MAC addresses. This makes it necessary for administrators to be able to change the MAC addresses of the cards they receive (using a factorysupplied program), so if they discover a duplicated MAC address, they can resolve the conflict.

Logical Topology

In addition to these responsibilities, the Data Link layer can also dictate the logical topology of a network, or the way the packets move through a network. A logical topology differs from a physical topology in that the physical topology dictates the way the cables are laid out; the logical topology dictates the way the information flows. The types of logical topologies are the same as the physical topologies, except that the information flow specifies the type of topology to use.

Finally, the Data Link layer can describe the method of media access. The three main methods of media access are:

• Contention, in which every station “competes” with other stations for the opportunity to transmit, and each has an equal chance at transmitting. If two stations transmit at the same time, an error, referred to as a collision, occurs, and the stations try again.

• Polling, in which a central device, called a controller, polls each device, in turn, and asks if it has data to transmit. This type of media access virtually eliminates collisions.

• Token passing, which uses a special data packet called a token. When a station has the token, it can transmit. If it doesn’t have the token, it can’t transmit. This media access technology also eliminates collision problems.

Media Access

With many stations on the same piece of network media, there has to be a way of vying for time on the cable. This process is called media access, and there are three main methods: CSMA/CD, token passing, and CSMA/CA.

CARRIER SENSE/MULTIPLE ACCESS WITH COLLISION DETECTION (CSMA/CD)

This media access technology with the extremely long acronym is probably the most common. When a protocol that uses CSMA/CD has data to transmit, it first senses if a signal is already on the wire (a carrier), indicating that someone is transmitting currently. That’s the “Carrier Sense” part. If no one else is transmitting, it attempts a transmission and then listens to hear if someone else tried to transmit at the same time. If someone else transmits at the exact same time, a collision occurs. Both senders “back off” and don’t transmit until some random period of time has passed. Then they both retry. That’s the “Collision Detection” part. The final part (“Multiple Access”) just means that more than one station can be on the network at the same time. CSMA/CD is the access method used in Ethernet and wireless Ethernet networks.

TOKEN PASSING

This media access method uses a special packet called a token. The first computer that is turned on creates the token. It then passes on the token to the next computer. The token passes around the network until a computer that has data to send takes the token off the network, modifies it, and puts it back on the network along with the data it has to send. Each station between the sender and the receiver along the network reads the destination address in the token. If the destination address doesn’t match its own, the station simply sends the package on its way. When the destination station recognizes its address in the destination address of the token, the NIC copies the data into the station’s memory and modifies the token, indicating it has received the data. The token continues around the network until the original sender receives the token again. If the original sender has more data to send, the process repeats itself. If not, the sender modifies the token to indicate that the token is “free” for anyone else to use. With this method, there are no collisions (as in CSMA/CD networks) because everyone has to have “permission” to transmit (via the token).

CARRIER SENSE/MULTIPLE ACCESS WITH COLLISION AVOIDANCE (CSMA/CA)

This technology works almost identically to CSMA/CD, but instead of sending the whole data chunk and then listening to hear if it was transmitted, the sender transmits a request to send (RTS) packet and waits for a clear to send (CTS) before sending. When it receives the CTS, the sender sends the chunk. AppleTalk networks use this method of media access. The difference between CSMA/CD and CSMA/CA has been described like this: Say you want to cross a busy street and you want to use one of these protocols to cross it. If you are using CSMA/CD, you just cross the street. If you get hit, you go back to the curb and try again. If you’re using CSMA/CA, you send your little brother across. If he makes it, it’s probably OK for you to go.

Project 802

One of the major components of the Data Link layer is the result of the Institute of Electrical and Electronics Engineers’ (IEEE) 802 subcommittees and their work on standards for local area and metropolitan area networks (LANs/MANs). The committee met in February 1980, so they used the “80” from 1980 and the “2” from the second month to create the name Project 802. The designation for an 802 standard always includes a dot (.) followed by either a single or a double digit. These numeric digits specify particular categories within the 802 standard. Currently, there are 12 standards. These standards, shown in Figure 2.13, are listed in Table 2.1 and described in more detail in the following sections.

Figure 2.13: The IEEE standards’ relationship to the OSI model

Table 2.1: IEEE 802 Networking Standards

Standard	Topic
802.1	LAN/MAN Management (and Media Access Control Bridges)
802.2	Logical Link Control
802.3	CSMA/CD
802.4	Token Bus
802.5	Token Ring
802.6	Distributed Queue Dual Bus (DQDB) Metropolitan Area Network (MAN)
802.7	Broadband Local Area Networks
802.8	Fiber-Optic LANs and MANs
802.9	Integrated Services (IS) LAN Interface
802.10	LAN/MAN Security
802.11b	Wireless LAN
802.12	Demand Priority Access Method

Note

Some standards have a letter to further distinguish the standard (e.g., 802.11b). The letters usually refer to different versions or interpretations of the standard.

The 802.1 LAN/MAN Management (and Media Access Control Bridges)

IEEE 802.1 discusses standards for LAN and MAN management, as well as for MAC bridges. One of the derivatives of 802.1 is the spanning tree algorithm for network bridges (bridges are discussed later in this chapter). The spanning tree algorithm helps to prevent bridge loops in a multibridge network.

The 802.2 Logical Link Control

This standard specifies the operation of the Logical Link Control (LLC) sublayer of the Data Link layer of the OSI model. The LLC sublayer provides an interface between the MAC sublayer and the Network layer. The 802.2 standard is used by the IEEE 802.3 Ethernet specification (discussed next), but not by the earlier Ethernet 2 specifications (used in early implementations of Ethernet).

The 802.3 CSMA/CD

This standard specifies a network that uses a bus topology, baseband signaling, and a CSMA/CD network access method. This standard was developed to match the Digital, Intel, and Xerox (DIX) Ethernet networking technology. So many people implemented the 802.3 standard, which resembles the DIX Ethernet, that people just started calling it Ethernet. It is the most widely implemented of all the 802 standards because of its simplicity and low cost.

Recently the 802.3u working group updated 802.3 to include Ethernet 100BaseT implementations.

The 802.4 Token Bus

This standard specifies a physical and a logical bus topology that uses coaxial or fiber-optic cable and a token-passing media access method. It is used mainly for factory automation and is seldom used in computer networking. It most closely resembles the Manufacturing Automation Protocol (MAP), developed by General Motors and used by many manufacturing companies. Some people think that the IEEE 802.4 standard is for a technology known as the Attached Resource Computer Network (ARCnet). That is an incorrect assumption. Although the technologies are similar, the IEEE 802.4 standard more closely resembles MAP, not ARCnet.

The 802.5 Token Ring

This standard is one example of a commonly used product becoming a documented standard. Typically, a standard is developed and then products are written to conform to the standard. Token Ring was developed by IBM in 1984, and the 802.5 standard soon followed. The 802.5 standard and Token Ring are almost identical.

Like Ethernet, Token Ring can use several cable types. Most often, it is installed using twisted-pair cabling, which can be either shielded or unshielded. Shielding adds to the cable investment but offers the advantage of resistance to unwanted electrical signals that could impair the network signal.

Possible transmission rates for Token Ring have increased with time; after 4Mbps Token Ring came 16Mbps Token Ring. Token Ring uses a physical star, logical ring topology with token-passing media access. If you install 4Mbps NICs on a network that otherwise uses 16Mbps NICs, your entire ring speed is reduced to 4Mbps. Unlike Ethernet, a computer cannot talk unless it has a token. This can cause some grief if a token gets “stuck.”

Unlike ARCnet, Token Ring is still used in a number of locations for two reasons:

• IBM made sure that Token Ring did a fine job of talking to IBM mainframes, which are still commonly used.

• Token Ring network performance “degrades with grace.”

The latter means that as network traffic increases, the network slowly gets slower, because the single token, which can travel in only one direction, gets busy carrying all that traffic. Ethernet, on the other hand, can become so flooded as network traffic increases that the entire network fails. Now, suppose you were wiring a computerized fire alarm system for a large building. Which would you rather use: Ethernet or Token Ring? To increase performance, some Token Ring technologies implement early token release, whereby the sending station doesn’t hog the token. It simply grabs the token, sends its data, and frees the token.

In Token Ring, just as in all ARCnet and most Ethernet schemes, there is a central device to which stations connect. It isn’t, however, called a hub. IBM calls it a MAU. IBM often has a different name for things. Even their name for Token Ring cabling is different. In telephone and computer networks, twisted cable is rated by categories. IBM rates Token Ring cable by type.

One final difference between Token Ring and the others is the regeneration process. Data signals are read, amplified, and repeated by every device on the network, to reduce degradation. This includes MAUs and NICs and is one reason that Token Ring is fairly expensive. An average Token Ring NIC is upward of $200, whereas a similar Ethernet card can be less than $20.

The 802.6 Distributed Queue Dual Bus (DQDB) Metropolitan Area Network

In some ways, asking what defines a metropolitan area network (MAN) is like asking how long a rope is. We can safely say that a MAN reaches beyond the area of a LAN. The interesting question is “When does a MAN become a WAN?” Sorry to say, there is no easy answer. Like a WAN, a MAN can support many computers. How many miles a MAN can cover has more to do with regulations than with geography. For example, from a geographical standpoint, Portland, Oregon, and Vancouver, Washington, are separated by nothing more than several hundred feet of water. From a political standpoint, they are in different states, and, therefore, different telecommunication regulations apply to each city. This could mean that no MANs can connect Portland and Vancouver. For our purposes, we need to know only that a MAN generally encompasses a city-sized area and can support many-to-many connections. Transmission speeds vary with the size of an enterprise’s bank account. The standard recommends the use of Distributed Queue Dual Bus (DQDB) technologies for MANs.

The 802.7 Broadband Local Area Networks

Don’t let the fancy phrasing fool you. You have already used broadband if you have seen cable TV. When one cable carries multiple signals, that is broadband. The most common method for separating signals is to have them on different frequencies, which is called Frequency Division Multiplexing (FDM). For example, each channel on a TV uses a different frequency. It is as simple as that. Maybe you can win a beer from some friends by seeing if they can explain Frequency Division Multiplexing. If they can’t, collect your reward and tell them that is how all those TV channels get into their TV from one cable. The alternative to sending a set of signals this way is to use the entire cable for one signal. This is known as baseband and is used by standards such as Ethernet.

The 802.8 Fiber-Optic LANs and MANs

As the name implies, this working group handed down guidelines for fiberoptic usage on networks defined by 802.3 through 802.6, which includes Fiber Distributed Data Interface (FDDI) as well as 10BaseFL. 10BaseFL defines Ethernet over fiber-optic cable. As you can see, some of the 802 definitions have more to do with your day-to-day work than others do.

The 802.9 Integrated Services (IS) LAN Interface

For a while, it seemed that this definition would have a profound effect on daily networking, because it laid out how Integrated Services Digital Network (ISDN) behaves. Late in 1998, however, many industry watchers began to call for the slow death of ISDN, because both cable modems and asymmetrical digital subscriber line (ADSL) had overtaken ISDN with lesscomplicated setup, higher performance, and lower cost.

The 802.10 LAN/MAN Security

This standard provides a secure pathway for data across a shared path. An implementation of this standard is using the public Internet as a backbone for a private interconnection between locations. The term for this form of connecting is known as virtual private networking (VPN). Because VPN costs less than direct private connections, VPN is likely to become popular in the near future.

The 802.11 Wireless LAN

Wireless networking usually requires a higher up-front investment than cable-based networking. Still, the cost can be justified if an office is rearranged with any regularity or must be moved from location to location to satisfy business requirements. A famous example of this is the Red Cross. This agency would not be effective if it had to wire computers together before assisting at each disaster area.

Recently, 802.11 was updated to include the 802.11b standard, which specifies higher wireless speeds (11Mbps instead of 1Mbps for the original 802.11 standard). This demonstrates that the 802 standards have not been static for 20 years; instead, they’ve been a dynamic set of rules that continue to be updated as technology moves forward.

The 802.12 Demand Priority Access Method

First developed by Hewlett-Packard, this standard combines the concepts of Ethernet and ATM. The communication scheme used is called Demand Priority (thus, the name of the standard). It uses “intelligent” hubs that allocate more bandwidth to frames that have been assigned a higher priority by the sending computer. The hub scans its ports and then allocates bandwidth according to each frame’s priority. This is extremely valuable for real-time audio and video transmissions.

The 802.12 standard is also known as 100VG (Voice Grade), 100VGAnyLAN, 100BaseVG, and AnyLAN. The 100 is short for 100Mbps, or 10 times faster than the original Ethernet speeds. Other manufacturers didn’t buy into the ideas of 100VG, perhaps in part because of the higher overhead of demand priority due to port scanning. Instead, they updated the original Ethernet to Fast Ethernet, which also supports 100Mbps while maintaining the 802.3 standards.

Table 2.2 summarizes the main features—including speed, access method, topology, and media—of various network technologies, such as 802 standards and FDDI.

Table 2.2: Main Features of Various Network Technologies

Technology	Speed(s)	Access Method	Topologies	Media
IEEE 802.3	10, 100, or 1000 Mbps	CSMA/CD	Logical bus	Coax or UTP
IEEE 802.5	4 or 16Mbps	Token Passing	Physical star, Logical ring	STP
IEEE 802.11b	1 or 11Mbps	CSMA/CA	Cellular	None (Wireless)
FDDI	100Mbps	Token Passing	Physical star, Logical ring	Fiberoptic (UTP implemented as CDDI)

Data Link Layer Devices

Two main devices manipulate data at the Data Link layer:

• Bridges

• Switches

They are more complex than their Physical layer counterparts and thus are more expensive and more difficult to implement. But they each bring unique advantages to the network.

The Bridge

A bridge is a network device, operating at the Data Link layer, that logically separates a single network into two segments, but it lets the two segments appear to be one network to higher layer protocols. The primary use for a bridge is to keep traffic meant for stations on one side of the bridge and not let it pass to the other side. For example, if you have a group of workstations that constantly exchange data on the same network segment as a group of workstations that don’t use the network much at all, the busy group will slow down the performance of the network for the other users. If you put in a bridge to separate the two groups, however, only traffic destined for a workstation on the other side of the bridge will pass to the other side. All other traffic stays local. Figure 2.14 shows a network before and after bridging.

Figure 2.14: A sample network before and after bridging

Tip

Bridges can connect dissimilar network types (for example, Token Ring and Ethernet) as long as the bridge operates at the LLC sublayer of the Data Link layer. If the bridge operates only at the lower sublayer (the MAC sublayer), the bridge can connect only similar network types (Token Ring to Token Ring and Ethernet to Ethernet).

The Switching Hub

In the past few years, the switching hub has received a lot of attention as a replacement for the standard hub. The switching hub is more intelligent than a standard hub in that it can actually understand some of the traffic that passes through it. A switching hub (or switch for short) operates at the Data Link layer and is also known as a Layer 2 Switch. Layer 2 switches build a table of the MAC addresses of all the connected stations (see Figure 2.15).

Figure 2.15: A switch builds a table of all MAC addresses of all connected stations

When two stations attached to the switch want to communicate, the sending station sends its data to the switch. This part of the process is similar to the way a standard hub functions. However, when the switch receives the data, rather than broadcasting it over all its other ports as a hub would, the switch examines the Data Link header for the MAC address of the receiving station and forwards it to the correct port. This opens a virtual pipe between ports that can use the full bandwidth of the topology.

Switches have received a lot of attention because of this ability. If a server and several workstations were connected to the same 100Mbps Ethernet switch, each workstation would need a dedicated 100Mbps channel to the server, and there would never be any collisions.