The OSI model is the very heart of networking with every layer performing a specific task in order to facilitate

data communications. In the world of networking the first four (4) layers are the focus. They define the following:

What type and speed of LAN and WAN media to be implemented How data is sent across the media What type of addressing schemes will be used. How data will be reliably sent across the network and how flow control will be accomplished What type of routing protocol will be implemented

Why a Layered Network Model ?

Reduces complexity Standardizes interfaces Facilitates modular engineering Ensures interoperable technology Accelerates evolution Simplifies teaching and learning

The OSI model - seven numbered layers indicate distinct functions. In the Transmission Control Protocol/Internet Protocol (TCP/IP), the distinct functions fit into five named layers. This separation of networking functions is called "layering".
OSI Layer Functions: 7. APPLICATION (Network processes to applications) The application layer provides network services to user applications. For example, a word processing application is serviced by file transfer services at this layer. 6. PRESENTATION (Data representation) This layer provides data representation and code formatting. It ensures that the data that arrives from the network can be used by the application, and it ensures that information sent by the application can be transmitted on the network. 5. SESSION (Interhost communication)

This layer establishes, maintains, and manages sessions between applications. 4. TRANSPORT (End-to-end connections) This layer segments and reassembles data into a data stream. This layer uses the TCP protocol. 3. NETWORK (Addresses and best path) This layer determines the best way to move data from one place to another. The router operates at this layer. This layer uses the IP addressing scheme. 2. DATA LINK (Access to media) This layer provides physical transmission across the medium. It handles error notification, network topology, and flow control. This layer uses the Media Access Control (MAC) address. 1. PHYSICAL (Binary transmission) This layer provides the electrical, mechanical, procedural, and functional means for activating and maintaining the physical link between systems. This layer uses the physical media like twisted pair, coaxial, and fiber-optic cable. [Host Layers] (layers 7, 6, 5, & 4) Provide for accurate data delivery between computers [Media Layers] (layers 3, 2, & 1) Control physical delivery of messages over the network Each layer uses its own 'layer protocol' to communicate with its peer layer in the other system. Each layer's protocol exchanges information, called protocol data units (PDUs), between peer layers. A given layer can use a more specific name for its "PDU".
7, 4. 3. 2. 1. 6, 5. -----Transport--Network----Data Link--Physical---[data] segments [segment header][data] packets [network header][data segment] frames [frame header][network packet][frame trailer] bits [binary 1's & 0's]

This peer-layer protocol communication is achieved by using the services of the layers below it. The layer below any current layer provides its services to the current layer. Each lower-layer service takes upper-layer information as part of the lower-layer PDUs it exchanges with its layer peer.

[1-Physical Layer] (bits) The Ethernet and IEEE 802.3 standards define a bus-topology LAN that operates at a baseband signaling rate of 10 Mbps. 1. 10Base2 - Known as 'thin Ethernet', allows network segments up to 185 meters on coaxial cable. 2. 10Base5 - Known as 'thick Ethernet', allows network segments up to 500 meters on coaxial cable. 3. 10Base-T - Carries Ethernet frames on inexpensive twisted-pair wiring. The 10Base5 and 10Base2 standards provide access for several stations on the same LAN segment. Stations are attached to the segment by a cable that runs from an attachment unit interface (AUI) in the station to a transceiver that is directly attached to the Ethernet coaxial cable. Because the 10Base-T standard provides access for a single station only, stations attached to an Ethernet LAN by 10BaseT are almost always connected to a hub or a LAN switch. In this arrangement, the hub or LAN switch is the same as an Ethernet segment. [2-Data Link Layer] (physical addressing) The Ethernet and 802.3 data links provide data transport across the physical link joining two devices. Devices can be directly attached to each other over the Ethernet LAN. Computers have MAC addresses used by the data-link layer. The router also uses MAC addresses for each of its LAN side interfaces. For indicating the 802.3 interface on the router, you will use the Cisco IOS interface type abbreviation E followed by an interface number (for example, E0). [3-Network Layer] (Path determination) Which path should traffic take through the cloud of networks? Path determination occurs at Layer 3, the 'Network layer'. The path determination function enables a router to evaluate the available paths to a destination and to establish the preferred handling of a packet. Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI Network layer:

IP (Internet Protocol) provides connectionless, best-effort delivery routing of datagrams. It is not concerned with the content of the datagrams. Instead, it looks for a way to move the datagrams to their destination. ICMP (Internet Control Messages Protocol) provides control and messaging capabilities. ICMP - Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing. ARP (Address Resolution Protocol) determines the data link layer address for known IP addresses. Internet protocol used to map an IP address to a MAC address. RARP (Reverse Address Resolution Protocol) determines network addresses when data link layer addresses are known. Protocol in the TCP/IP stack that provides a method for finding IP addresses based on MAC addresses.

[TCP/IP Network Layers]

-[DoD TCP/IP Model]4. Application 3. Transport 2. Internet 1. Network Interface -[OSI 7-Layer Model](7-Application, 6-Presentation, & 5-Session) (4-Transport) (3-Network) (2-Data Link & 1-Physical)

Best-effort delivery - Describes a network system that does not use a sophisticated acknowledgment system to guarantee reliable delivery of information. [TCP/IP addresses]

Unique addressing allows communication between 'end stations' Path choice is based on location Location is represented by an 32-bit address (IP address)

Each company listed on the internetwork is seen as a single unique network that must be reached before an individual host within that company can be contacted. Each company network has an address; the hosts that live on that network share that same network address, but each host is identified by the unique host address on the network.

[Addressing with subnets] With subnets, the network address use is more efficient. There is no change to how the outside world sees the network, but within the organization, there is additional structure. Routers determine the destination network using the 'subnet address', limiting the amount of traffic on the other network segments. "Routing services" use network topology information when evaluating network paths. This information can be configured by the network administrator or collected through dynamic processes running in the network. The 3-Network layer interfaces to networks and provides best effort endto-end packet delivery services to its user, the 4-Transport layer. The 3Network layer sends packets from the source network to the destination network based on 'IP routing table' (contains: 'Destination network' addresses & 'Next Hop' (outgoing interface) pairs). After the router determines which path to use, it can proceed with "switching the packet"; taking the packet it accepted on one interface and forwarding it to another interface or port that reflects the best path to the packet's destination. Using IP addresses, the 3-Network layer can provide a 'relay connection' that interconnects independent networks. By using 'consistent end-to-end addressing' to represent the path of media connections, the 3-Network layer can find a path to the destination without unnecessarily burdening the devices or links on the internetwork with broadcasts. The Network address identifies a path part used by the router within the network cloud. The router uses the network address to identify the source or destination network of a packet within an internetwork. For some network-layer protocols, this relationship is established by a network administrator who assigns network addresses according to some preconceived internetwork addressing plan. For other network-layer protocols, assigning addresses is partially or completely dynamic.

Network address - Path part used by the router Host address - Specific port or device on the network

ICMP - Internet Control Messages Protocol The ICMP is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams and are used to send error and control messages. ICMP uses the following types of defined messages. Others exist that are not included on this list:

Destination Unreachable Time Exceeded Parameter Problem Source Quench Redirect Echo Echo Reply Timestamp Timestamp Reply Information Request Information Reply Address Request Address Reply

If a router receives a packet that it is unable to deliver to its ultimate destination, the router sends an ICMP host unreachable message to the source. The message might be undeliverable because there is no known route to the destination. An ICMP 'echo reply' is a successful reply to a "ping" command (ICMP echo request); however, results could include other ICMP messages, such as unreachable and timeouts. ARP - Address Resolution Protocol ARP is used to resolve or map a known IP address to a MAC sublayer address to allow communication on a multiaccess medium such as Ethernet. To determine a destination address for a datagram, FIRST, the ARP cache table is checked. If the address is not in the table, ARP sends a broadcast (ARP request) looking for the destination station. Every station on the network receives the broadcast (ARP request). When the destination station

replies (ARP reply) only the original station (now the destination) receives the ARP replay and updates it's ARP cache. The term "local ARP" is used to describe resolving an address when both \ the requesting host and the destination host share the same media or wire. Prior to issuing the ARP, the subnet mask was consulted. The mask determined that the nodes are on the same subnet. [4-Transport Layer] (End-to-end connections)

segments upper-layer applications establishes an end-to-end connection sends segments from one end host to another optionally, ensures data reliability

Services located in the 4-Transport layer allow users to break apart or 'segment' several upper-layer application data onto the same Layer 4 data stream. These same services allow users to reassemble the same upper-layer applications data. The Layer 4 data stream provides transport services from the host to the destination. Services such as these are sometimes referred to as "end-to-end services". The Layer 4 data stream is a 'logical connection' between the endpoints of a network. As the Transport layer sends its data segments, it can also ensure the integrity of the data. One method of doing this is called "flow control". Flow control avoids the problem of a host at one side of the connection overflowing the buffers in the host at the other side. Transport layer services also allow users to request reliable data transport between hosts and destinations. To obtain such reliable transport of data, a connectionoriented relationship is used between the communicating end systems. Reliable transport can accomplish the following:

Ensure that segments delivered will be acknowledged back to the sender. Provide for retransmission of any segments that are not acknowledged. Put segments back into their correct sequence at the destination. Provide congestion avoidance and control.

One reason for different layers in the OSI model is so that multiple applications can share the same transport connection. Transport functionality is accomplished segment by segment. This means that different applications can send data segments on a first-come, first-served basis. Such segments can be intended for the same destination or for many different destinations One user of the 4-Transport layer must establish a connection-oriented session with its peer system.
Sender Sender Sender Sender --- synchronize ------------------> <------ negotiate connection -----> <------------------ synchronize ----- acknowledge ------------------> ----- connection established ----Sender <- data transfer (send segments) -> Receiver Receiver Receiver Receiver Receiver

TCP/IP 3-way Handshake

(1) Send SYN(seq=x) -----\ (2) Receive SYN(seq=y) <-/ ACK(x+1) (3) Send ACK(ack=y+1) ---\ \--> Receive SYN(seq=x) /--- Send SYN(seq=x, ack=y+1)

\--> Receive ACK(ack=y+1)

When datagrams arrive too quickly for a host or gateway to process, they are stored in memory temporarily (buffer). If the traffic continues, the host or gateway eventually exhausts its memory and must discard additional datagrams that arrive. Instead of allowing data to be lost, the transport function can issue a 'not ready' (Window size=0) indicator to the sender. Acting like a stop sign, this indicator signals the sender to stop sending data. When the receiver can handle additional data, the receiver sends a 'ready' (Window size >0) transport indicator, which is like a go signal. If the sender has to wait for an acknowledgment after sending each segment, throughput will be low. Because time is available after the sender finishes transmitting the data packet and before the sender finishes processing any received acknowledgment, the interval is used for transmitting more data. The number of data packets the sender is allowed to

have outstanding - without yet receiving an acknowledgment - is known as the "window" or window size. Windowing is a method to control the amount of information transferred end-to-end. Some protocols measure information in terms of the number of packets; TCP/IP measures information in terms of the number of bytes. Windowing is an end-to-end agreement between sender and receiver. Reliable delivery guarantees that a stream of data sent from one machine will be delivered through a data link to another machine without duplication or data loss. (PAR) "Positive Acknowledgment with Retransmission" is one technique that guarantees reliable delivery of data streams. Positive acknowledgment requires a recipient to communicate with the source, sending back an acknowledgment (ACK x+1) message when it receives data. The sender keeps a record of each data packet it sends and waits for an acknowledgment before sending the next data packet. The sender also starts a timer when it sends a segment, and it retransmits a segment if the timer expires before an acknowledgment arrives. Routing Routers generally relay a packet from one data link to another. To relay a packet, a router uses two basic functions: 1. a path determination function, and 2. a switching function. A router is responsible for passing the packet to the next network along the path. The router uses the 'network portion' of the address to make 'path selections'. The 'switching function' allows a router to accept a packet on one interface and forward it on a second interface. The 'path determination' function enables the router to select the most appropriate interface for forwarding a packet. The 'node portion' of the address refers to a specific port on the router that leads to an adjacent router in that direction.

Network portion of address used to make path selections Node portion of address refers to router port to the path

'Routed protocol' - Protocol that can be routed by a router. A router must be able to interpret the logical internetwork as specified by that routed protocol. Any network protocol that provides enough information in its network layer address to allow a packet to be forwarded from host to host based on the addressing scheme. Routed protocols define the format and use of the fields within a packet. Examples of routed protocols include AppleTalk, DECnet, and IP. 'Routing protocol' - Protocol that accomplishes routing through the implementation of a specific routing algorithm. Supports a routed protocol by providing mechanisms for sharing routing information. Routing protocol messages move between the routers. A routing protocol allows the routers to communicate with other routers to update and maintain tables. Examples of routing protocols include IGRP, OSPF, and RIP. RIP - Routing Information Protocol IGP (Interior Gateway Routing Protocol) supplied with UNIX BSD systems. The most common IGP in the Internet. RIP uses hop count as a routing metric. Key characteristics of RIP include the following: It is a distance vector routing protocol. Hop count is used as the metric for path selection. The maximum allowable hop count is 15. Routing updates are broadcast every 30 seconds by default.

IGRP - Interior Gateway Routing Protocol IGP developed by Cisco to address the problems associated with routing in large, heterogeneous networks. EIGRP - Enhanced Interior Gateway Routing Protocol Advanced version of IGRP developed by Cisco. A 'balanced hybrid' routing protocol. Provides superior convergence properties and operating efficiency, and combines the advantages of link state protocols with those of distance vector protocols.

OSPF - Open Shortest Path First Link-state, hierarchical IGP routing protocol proposed as a successor to RIP in the Internet community. OSPF features include least-cost routing, multipath routing, and load balancing. OSPF was derived from an early version of the ISIS protocol. [Network-Layer Protocol Operations] When a host application needs to send a packet to a destination on a different network, a 2-Data-link frame is received on one of a router's interfaces. The 3-Network layer process examines the header to determine the destination network and then references the routing table that associates networks to outgoing interfaces. The packet is again encapsulated in the 2-Data-link frame for the selected interface and queued for delivery to the next hop in the path. This process occurs each time the packet switches through another router. At the router connected to the network containing the destination host, the packet is again encapsulated in the destination LAN's 2-Data-link frame type and delivered to the destination host. "Static Route" - uses a protocol route that a network administrator enters into the router. Route that is explicitly configured and entered into the routing table. Static routes take precedence over routes chosen by dynamic routing protocols.

For security when appropriate to hide parts of an internetwork Point-to-point or circuit-switched connection Stub network (network that has only a single connection to a router) Only a single network connection with no need for routing updates (Fixed route to address reflects administrators knowledge)

"Dynamic Route" - uses a route that a network routing protocol adjusts automatically for topology or traffic changes. Routing that adjusts automatically to network topology or traffic changes. Also called adaptive routing. The success of "dynamic routing" depends on two basic router functions: 1. Maintenance of a routing table, and

2. Timely distribution of knowledge in the form of routing updates to other routers. Dynamic routing relies on a 'routing protocol' to share knowledge. A 'routing protocol' defines the set of rules used by a router when it communicates with neighboring routers. "Default route" - Routing table entry that is used to direct frames for which a next hop is not explicitly listed in the routing table. "Distance vector" routing algorithm - Class of routing algorithms that iterate on the 'number of hops' in a route to find a shortest-path spanning tree. Distance vector routing algorithms call for each router to send its entire 'routing table' in each periodic update, but only to its neighbors and in the process accumulate 'distance vectors'. Distance vector routing algorithms can be prone to routing loops, but are computationally simpler than 'link state' routing algorithms. Also called Bellman-Ford routing algorithm. Distance vector algorithms do not allow a router to know the exact topology of an internetwork. "Link state" (also called shortest path first) routing algorithm - Routing algorithm in which each router broadcasts or multicasts information regarding the 'cost of reaching each of its neighbors' to all nodes in the internetwork. 'Link state' algorithms create a consistent view of the network (they maintain a complex database of topology information) and are therefore not prone to routing loops, but they achieve this at the cost of relatively greater computational difficulty and more widespread traffic (compared with distance vector routing algorithms). Link-state routing uses link-state advertisements (LSAs), a topological database, the SPF algorithm, the resulting SPF tree, and finally, a routing table of paths and ports to each network. 'LSA' - Link-state advertisement. Broadcast packet used by 'link-state' protocols that contains information about neighbors and path costs. LSAs are used by the receiving routers to maintain their routing tables. Sometimes called a link-state packet (LSP). The "Balanced hybrid" approach combines aspects of the 'link-state' and 'distance vector' algorithms.

'Convergence' - The speed and ability of a group of internetworking devices running a specific routing protocol to agree on the topology of an internetwork after a change in that topology. (The knowledge needs to reflect an accurate, consistent view of the new topology.) When all routers in an internetwork are operating with the same knowledge, the internetwork is said to have 'converged'.
[ Distance Vector Routing ] [ Link-State (SPF) Routing ] * Views net topology from * Gets common view of entire neighbor's perspective network topology * Adds distance vectors from router to router * Frequent, periodic updates: slow convergence * Calculates the shortest path to other routers * Event-triggered updates: faster convergence

* Passes copies of routing * Pass link-state routing table to neighbor routers updates to other routers

"Exterior routing protocols" are used to communicate between autonomous systems. "Interior routing protocols" are used within a single autonomous system.

Router Configuration IP routing configuration tasks: 1. Global Configuration o Select routing protocols (RIP, IGRP) o Specify network(s) (assign IP network numbers) 2. Interface Configutation o assign network/subnet addresses & subnet masks Use the "ip address" command to establish the logical network address of this interface.
Router(config-if)# ip address ip-address subnet-mask

assigns an address and subnet mask starts IP processing on an interface

Use the "term ip netmask-format" command to specify the format of network masks for the current session. Format options are: - Bit count - Dotted decimal (the default) - Hexadecimal Router(config)# term ip netmask-format

sets format of network mask as seen in show commands

The "router" command starts a routing process. Router(config)# router protocol [keyword]

defines an IP routing protocol

Router(config-router)# network network-number

the network subcommand is a mandatory configuration command for each IP routing process

The "router rip" command that selects RIP as the routing protocol. Router(config)# router rip

starts the RIP routing process

Router(config-router)# network network-number

selects participating attached networks

The "network" command assigns a NIC-based address to which the router is directly connected. The routing process will associate interfaces with the proper addresses and will begin packet processing on the specified networks.
Example: router rip network 1.0.0.0 network 2.0.0.0

Selects RIP as the routing protocol. Specifies a directly connected network. Specifies a directly connected network.

The Cisco router interfaces connected to networks 1.0.0.0 and 2.0.0.0 will send and receive RIP updates. These routing updates allow the router to learn the network topology.