01.an introduction to networking and the osi and tcpip network models
DESCRIPTION
01.an Introduction to Networking and the OSI and TCPIP Network ModelsTRANSCRIPT
The Ultimate CCNA Study Package - ICND 1Chris Bryant, CCIE #12933 http://www.thebryantadvantage.com
Back To Index
An Introduction To Networking And
The OSI And TCP/IP Network ModelsDon't miss the "Recommended Video Viewing" section at the end of
this chapter!
Overview
This is what networking all comes down to:
We need to get data from one point to another in the most effectivemanner possible.
Seems pretty simple, right? And much of the time, it is pretty simple!After all, the network only has a few PCs on it...
What Is Networking?
The OSI Networking Model
The Data Transmission Process
The TCP/IP Networking Model
Why Use Networking Models?
The Basics Of TCP And UDP
TCP's Three-Way Handshake
TCP's Error Detection And Recovery
TCP's Windowing Feature
What's The Benefit To Using UDP?
Introduction To Ports, Sockets, And Port Numbers
... well, we better connect them with something. A switch, perhaps! (If youdon't know what a switch does, don't worry, you will by the end of thiscourse!)
Those hosts are going to want to print, so we better add a print server.
And we'll need an email server. And these PCs are going to want Internetaccess and connectivity to other networks in the company, so we'll need arouter. And we need an e-commerce server. And....
...well, you get the idea. We build networks to allow devices such as theones you see here to communicate with each other, and as differentdevices are added to the network, this communication becomes morechallenging to allow.
And it's not just allowing communication that's challenging - there arecommunications that we do not want to allow as well. Perhaps we onlywant one of those PCs to have access to the e-commerce server, and wedon't want any other PCs to even know about that server. We also haveto be wary of intruder attacks, because there are all kinds of bad guyswho want to get into our network, and we've got to keep them out!
The thought of learning all of this can be intimidating at first. Havingworked my way from entry-level certifications all the way to the CCIE, andhaving taught thousands of CCNAs and CCNPs worldwide, I can tell youthat the key to networking success in both the exam room and workingwith real-world networks can be summed up in five words:
Know And Understand The Fundamentals.
Nothing fancy, right? Right! Learning and understanding thefundamentals of networking are what this course is all about. Most of youwill go on to more advanced studies, and that's great - because in thisbusiness, we're always learning new skills. The key to masteringintermediate and advanced networking is to master the fundamentals -because if you don't understand how networks operate, you can't fix them!
In this section, we're going to start with the most fundamental of allfundamentals - the OSI and TCP/IP networking models. These modelswill help you gain an understanding of what's actually going on when twodevices are communicating over a network, and frankly, entry-levelcertification exams love asking about these models.
Why Are These Models Important?
When it comes to the OSI and TCP/IP networking models, a commonquestion is "Beyond passing the exam, why do I have to learn this?" Ifreely admit that I had that thought more than once when I began studying
networking. It's particularly tough because this is usually the first materialpresented to networking students, and to be frank, it's not the mostexciting material in the world.
I can tell you from personal experience that you are going to use thematerial in this chapter throughout your networking career, so it's not justsomething that you have to learn to pass the CCENT and CCNA exams.
I've personally found networking models to be helpful in developing aneffective troubleshooting process, and I'll talk more about that in theTroubleshooting section of this course. I just want to let you know thatthis really is useful information, not just something to memorize.
We'll begin with a look at the Open System Interconnection networkingmodel, then compare this model to the TCP/IP model. After that, we'regoing to carefully analyze the differences and similarities between TCPand UDP, our two Transport-layer protocols. I strongly urge you to knowall of these differences before taking your CCENT and CCNA exams.
The OSI Networking Model
As network admins, we're going to be primarily concerned with the bottomthree layers. For the CCENT and CCNA exam, we need to be concernedwith all seven! First, we'll take a brief look at what happens at eachlayer. Then, we'll see how the OSI model illustrates the gradual processof taking the data that end users are inputting into the network andchanging that data into electrical signals that can be transmitted acrossthe network media.
The OSI layers are often referred to by numbers, with the Applicationlayer being Layer 7 ("L7"), the Presentation layer being Layer 6, and soforth all the way down to Layer 1, the Physical layer. To get you used tothat, I'll refer to the layers by their names and numbers throughout thecourse.
The Application Layer
This is the layer where the end users themselves interact with the
network. Authentication services also run at Layer 7, but encryption runsat the next layer down.
The Application layer ensures that the remote communication partner isavailable, that the needed communication resources exist (a modem, forexample), and that both ends of the communication agree on proceduresinvolving data integrity, privacy, and error recovery.
When trying to decide if a protocol is an Application layer protocol, justremember that protocols that require the end user to enter a request areApplication layer protocols. Firewalls, devices intended to keep networkintruders out, operate at L7.
Protocols and services that run at L7 include:
Email protocols SMTP and POP3 Telnet HTTP File Transfer Protocol (FTP) Simple Network Management Protocol (SNMP)
The Presentation Layer
This layer answers one simple question: "How should this data bepresented?" In addition to properly formatting data, encryption occurs atthis layer.
Have you ever opened a file in a word processing application, and you gotpages of unrecognizable characters? That’s a Presentation Layer issue.The applications have not agreed on how the data is to be presented.
There are four primary tasks that the Presentation Layer is concernedwith:
1. Compatibility with the operating system2. Proper encapsulation of data for network transmission.3. Data formatting (ascii, binary)4. Data encryption, compression, and translation.
You've probably seen some of the file types that are used at thePresentation layer - JPEG, ASCII, GIF, MPEG, MIDI, EBCDIC, and TIFF.
The Session Layer
Layer 5 is the "manager" of the two-way communication between tworemote hosts. This is the layer that handles the creation, maintenance,and teardown of communications between those two hosts. The overallcommunication itself is referred to as a session.
Some sessions last just long enough to send a unidirectional message,where other sessions will be of longer duration.
The Transport Layer
The Transport Layer’s purpose is to establish a logical end-to-endconnection between two systems, segment data received from the upperlayers of the OSI model, and to make sure the data gets to the destinationin the correct order and free of errors.
At the Transport Layer, there are two methods for transporting data:connection-oriented, referring to TCP, and connectionless, referring toUDP. We'll take a much more detailed look at TCP and UDP later in thissection.
Besides TCP and UDP, SPX (Sequenced Packet Exchange, a NovellNetWare protocol) is also a Transport Layer protocol.
The Network Layer
It's at Layer 3 of the OSI model that you and I as network admins begin tohave a great deal of interaction with the network. IP runs at this layer, andsince routers operate here at L3, this layer is often called "the routinglayer".
In a nutshell, routing is a two-question process:
What valid paths exist from the local router to a given destination? What is the best path (the "optimal path") to take to get there?
Lots more on this layer to come later in the course!
The Data Link Layer
The switches that we'll spend so much time with later in the courseoperate at Layer 2. Wireless Access Points (WAPs) also operate at thislayer - more on WAPs in the Wireless section. Devices that you may wellbe using right now to access the Internet, cable modems and DSLmodems, also run at L2.
We've got four major specifications that run here, some of which you mayalready be familiar with:
Ethernet High Data Link Control (HDLC) Point-to-Point Protocol (PPP) Frame Relay
A very important distinction: The data link layer does perform errordetection through something called the Frame Check Sequence (more onthat later), but this layer does not perform error recovery.
The Data Link Layer is generally referred to as Layer 2, and MACaddresses as Layer 2 addresses. If you're not familiar with MACaddresses, they will be discussed in more detail in the Ethernet and LANSwitching sections.
Another name for the MAC address is a little misleading, so let's nail thisdown. MAC addresses are sometimes called hardware addresses and
physical addresses. That's because a MAC address is physically burnedinto the Network Interface Card (NIC), which leads to another name forthis address - a burned-in address (BIA).
What's the misleading part? Remember that physical addresses are notused at the Physical layer of the OSI model - they're Data Link layeraddresses. That's right - a physical address is used to deliver a frame,but not a physical layer address.
And if you're wondering why we have multiple names for the sameaddress type - well, that won't be the only time you see that kind ofduplication during your studies! Welcome to networking. :)
Switches operate at L2, as do bridges. Layer 3 Switches do exist, butwhen operating at Layer 3, they’re not switching or bridging. They’rerouting. You don't need to know about L3 switches for the CCENT exam,but you should know they exist as they're becoming more and morepopular in today's networks.
I mentioned that the data link layer performs error detection, but not errorrecovery. They may sound like the same thing, but they're not. Errordetection is just that - detecting the error - while error recovery is actuallydoing something about the error!
The data link layer can use a Frame Check Sequence (FCS) to detecterrors at this layer. The actual operation of the FCS is beyond the scopeof the CCENT and CCNA exams, but here's the basic operation:
1. The sender runs a mathematical formula, or algorithm, against thedata contained in the frame before sending the frame.
2. The sender places the result of that value into the FCS or CRC field ofthe frame, and then sends it.
3. The receiver runs the same algorithm against the contents of thatframe. If the value matches that in the FCS or CRC field, the frame isfine; if there's no match, the frame is considered corrupt and is thendiscarded.
There is no error recovery with the FCS or CRC because it's actually therecipient of the frame that detects the error.
The Physical Layer
When things get a little complicated in networking, I like to remind myselfthat "it's all ones and zeroes!" Whatever data our end users are creating,it's going to eventually be "translated" into a series of 1s and 0s. Oncethat is done, it's the Physical layer that handles the actual datatransmission. Anything to do with a physical cable or the standards in use- the pins, the connectors, the electrical current itself - is running at the
Physical layer.
The Data Transmission Process
When the end user sends data, that data will go through all seven layersof the OSI model. The data is broken up into smaller and smaller partsbeginning at Layer 4 (the Transport layer) until it's in the form of electricsignals that can be sent across the physical media.
As the data flows down the OSI model, it's referred to by different terms.You really have to master these and watch for them on your exams.There are four different terms you need to know:
At the Application, Presentation, and Session layers, data is simplycalled "data".
At the Transport layer, data is placed into segments. At the Network layer, data is placed into packets. At the Data Link layer, data is placed into frames. Finally, at the Physical layer, data takes the form of bits - and
remember, it's all ones and zeroes!
Those are very important terms for your career and especially for yourexams. If I mention "segments", you should know I'm discussing theTransport layer of the OSI model without any other hints, because youmight not get any other hints!
As data flows down the OSI model, each layer adds a header that will beremoved by the same layer on the other end of the session. Theseheaders are layer-specific in that the Network layer couldn't care lessabout the contents of any header except the Network layer on the otherend of the session.
As an end user enters data for transmission to a remote host, the first sixlayers of the OSI model will add a layer-specific header that containsinformation to be read by the same layer of the OSI model at the remotelocation. Note that Layer 2, the Data Link layer, adds both a trailer and aheader.
The combination of data and a layer-specific header is called a ProtocolData Unit (PDU). There's a PDU for each layer; that is, the combination ofdata and L7 header information is called an L7 PDU, the data and L6header information is called an L6 PDU, and so forth.
After the data is successfully transmitted by the Physical layer to theremote location, the data begins to travel back up the model. Each layerwill remove the header added by its counterpart - that is, Layer 3 removesthe L3 header and reads it, L4 removes the L4 header and reads it, and soforth.
The term same-layer interaction describes the process of a given OSIlayer removing the header placed on the data by the same layer on thesending side. For example, the Application layer on the receiving end willremove only the header placed onto the data by the Application layer onthe sending side, and so forth.
The term adjacent-layer interaction refers to the interaction betweenlayers of the OSI model on the same host. That is, the Application layerinteracts with the Presentation layer, the Presentation layer interacts withboth the Application layer (the one above it) and the Session layer (theone below it), and so forth.
These terms can also be applied to the TCP/IP networking model, whichwe'll take a look at right now!
The TCP/IP Networking Model
This model is another way to look at the overall data transport process,and it also uses layers to illustrate the process. However, the TCP/IPmodel uses only four layers to do so. For the CCENT, CCNA, and anyentry-level certification exam from another vendor, it's a very good idea toknow...
the layers of both the TCP/IP and OSI model the responsibilities of each layer how the layers map from one model to another
Here's the TCP/IP model:
The Application layer of the TCP/IP model maps to the top three layers ofthe OSI model (Application, Presentation, and Session). Everything thatthe top three layers of the OSI model do is performed by the TCP/IPmodel's Application layer.
The Transport layer of the TCP/IP model maps directly to the Transportlayer of the OSI model. TCP and UDP both operate at this layer, anddata takes the form of segments.
The Internet layer of the TCP/IP model maps to the Network layer of theOSI model. Both layers are responsible for routing through the use of IPaddresses, static routes, and dynamic routing protocols. (You willoccasionally see some non-Cisco documentation call this layer theInternetwork layer, but "Internet" is the name used in Ciscodocumentation.)
Finally, the Network Access layer of the TCP/IP model maps to the DataLink and Physical layers of the OSI model.
Here's a visual representation of the models and how they map to eachother. I expect you to see questions on your CCENT and CCNA examsregarding both models, so take your time during the exam and double-check which model you're being asked about before answering!
So Why Do We Go Through All Of This, Anyway?
It's natural to ask why we use networking models in the first place. It's agood question, and there are some good answers!
Networking models do help software vendors create products that areinteroperable. (At least, we hope they're interoperable.) That doesn'taffect us directly as network admins, but two uses of these models affectus directly both as admins and as students.
Breaking networking operations up into smaller parts make it easier tolearn networking in the first place. By using the OSI model in particular,you can take a structured approach to your learning:
First, learn about cables and physical specifications (L1) Then learn about switches and MAC addresses (L2) Then start on routing (L3)
Using the OSI model to structure your troubleshooting approach is a realhelp, too. I always tell students to "start troubleshooting at the physicallayer", and you'll see what I mean in the Troubleshooting section of thecourse. There are two kinds of troubleshooters in the world:
Those who have a structured approach Those who don't and are basically throwing stuff out there and
hoping something works
You want to be the one with a structured approach. :) Using the OSImodel can help you get there, and I'll show you how in theTroubleshooting section. I mention this here to let you know that thenetworking models aren't just something you have to memorize for yourCCENT and CCNA exams, they're truly helpful in your real-world career.
TCP And UDP: Same Layer, Big Differences
The Transmission Control Protocol (TCP) and User Datagram Protocol(UDP) both operate at the Transport layer, but that's pretty much wherethe similarities end. Here's a quick look at the differences between thetwo.
TCP:
Guaranteed delivery Error detection via sequence and ACK numbers Windowing "Connection-Oriented"
UDP:
"best-effort" delivery, but no guarantee of delivery No error detection No windowing "Connectionless"
Your reaction may well be what mine was the first time I saw thatcomparison: "Why in the world is UDP even used?" We'll discuss that atthe end of this particular section, but I do want to mention now that UDP isnot a poor choice for a Transport-layer protocol; many important networkservices use UDP rather than TCP. Why? Well, before we get into that,let's examine the operation of both of these protocols, beginning withTCP.
TCP's "Three-Way Handshake"
With TCP, there's work to be done before data is transmitted. The twodevices have to agree on some basic parameters before segments canbe sent - and this negotiation has the curious name three-way handshake.
If that's the first time you've heard this term, you're probably wonderinghow a handshake can be three-way! Then again, maybe you don't want toknow - but to pass the CCENT and CCNA exams, we gotta know! Let'stake a step-by-step look at this process.
The TCP examples will use two servers, one sending data and anotherreceiving that data.
Before the sender can start sending, there's going to be a negotiationbetween the two devices regarding rules for data transmission. Thatnegotiation is the three-way handshake itself, which begins with thesender transmitting a TCP segment with the Synchronization ("SYN") bitset. The primary value being negotiated here is the TCP sequencenumber, which we'll discuss in more detail in the next section. This is thefirst part of the three-way handshake.
The recipient responds with a TCP segment with both the synchronizationand acknowledgement bits set - a "SYN/ACK". This is part two of thethree-way handshake.
The sender responds with an ACK, and the three-way handshake iscomplete.
UDP does not use a three-way handshake.
In addition to the orderly construction of the communication channel, TCPuses the FIN ("finish") bit to bring the channel down when thecommunication is closed.
TCP's Error Detection / Error Recovery Feature
Before we take a look at how TCP performs both error detection and errorrecovery, we need to draw a very clear line between those two terms.They are not the same thing!
Error detection is finding an error Error recovery is doing something about the error
Watch that on your exam. :)
TCP does both, and it uses both a sequence number and anacknowledgement number ("ack") in the TCP header to do so. In thefollowing example, one host is sending four segments to another host.Each of the segments has a sequence number. That sequence numbertells the recipient in what order to reassemble the segments, and it's alsoa fundamental concept in error detection and recovery.
For simplicity's sake, we'll assume the first segment has a sequencenumber of 100, and we'll add 100 to the subsequent sequence numbers.(Remember, we're at the Transport layer - these are segments!)
The recipient will now send a segment back that contains no data, butdoes have an ack number set. You might think that the ack numberwould reflect the last sequence number received, but that's not quiteright. The ack number will actually indicate the next sequence numberthe data recipient expects to see!
A natural question here is "Why is the ACK number set that way?"Because that's how TCP detects lost segments. What if that secondsegment didn't get to the recipient?
The server on the right will actually send an ACK number of 200 back tothe data sender.
When the data sender sees that ACK number, it knows that the segmentwith the sequence number 200 was never seen by the intended recipient.That's the error detection part of this process; error recovery comes inwhen the data sender retransmits that segment.
Now the data recipient has all of the segments up through 400, and nowsends an ack indicating that it expects to see sequence number 500 next.
UDP does not use sequence numbers or acknowledgement numbers, andtherefore has no error detection or recovery capabilities.
What Happens If The ACK Is Lost?
There is always the chance that segments are arriving, but the ack ofthose segments somehow gets lost. We certainly don't want our datasender just sitting there doing nothing while waiting for an ack!
When the data sender transmits segments, it sets an acknowledgementtimer. If that timer expires and no ack is received, the sender willretransmit the segment(s) in question.
This entire process revolves around two things:
The sender is waiting for a positive message from the recipient thatthe data was received
If that message isn't received, the data is retransmitted
That's why we call this entire process Positive Acknowledgement withRetransmission (PAR).
TCP's Windowing Feature
At the beginning of the previous example, the data sender transmitted foursegments before the recipient sent an ack. For the windowing example,we'll assume that each data segment is 600 bytes in size.
"Windowing" refers to the amount of data that a data sender is allowed totransmit without waiting for an ack. In this case, the size of the window is2400 bytes, meaning that the data sender can transmit 2400 bytes beforeit has to stop and wait for an ack.
The data recipient decides the size of the window, not the sender. Thisgives the recipient some control over how much data is sent ("flowcontrol").
If the data recipient sees that there are no errors occurring with thatwindow size, the recipient will increase the size of the window.
As the window size increases, some errors are going to creep in - mostlikely dropped segments as the recipient's buffer fills. As that happens,the recipient will dynamically adjust the window size downward.
The term sliding window refers to this dynamic adjustment of the windowsize.
UDP does not have windowing capabilities.
So Why Do We Use UDP If TCP's So Great?
All of the features we've looked at here - the three-way handshake,windowing, sequence numbering, error detection and recovery - are allTCP features. UDP doesn't use any of them. Two questions come tomind:
Why doesn't UDP offer these features? Why in the world do we use UDP for anything?
A look at the TCP and UDP headers will answer both of those questions!Here's the TCP header...
.. and the UDP header.
Quite a difference! Take a few moments to compare the two and you'llsee that UDP can't perform any of those TCP features because UDP
literally can't offer them. The UDP header has no sequence number field,no ack number field, no ACK bit, no SYN bit, and no window field.
The TCP and UDP headers have only three values in common:
Source port Destination port Checksum
If you don't know what ports are, you soon will! For now it's enough tonote the three fields that TCP and UDP headers have in common.
Now that we've answered the question about why UDP doesn't offer thefeatures that TCP does, let's answer the second question regarding whyUDP is used in the first place. That question can really be answered withone word... overhead.
The TCP header is much larger than the UDP header. That header isbeing applied to every segment, and that adds up! UDP's advantage overTCP is that its header is much smaller than TCP's.
We've done a lot of talking here about the differences between TCP andUDP, so let's move to a similarity! Both TCP and UDP headers containport numbers, and those port numbers are a very important part ofnetwork communications. There are also some well-known port numbersthat you'll need to know for your CCENT and CCNA exams - and theseport numbers come up often in production network operations as well!
TCP And UDP Port Numbers
If you're not familiar with MAC or IP addressing, we're going to cover thatin another section, but for now it's enough to know that when two hostscommunicate on a network, they're using these MAC and IP addresses asthe destination when the data is sent.
So far, so good. But what if one host is sending multiple flows ofinformation to the remote host? Let's say that the PC at 10.1.1.1 issending three different kinds of information to the PC at 10.1.1.2:
transferring a file via Trivial File Transfer Protocol (TFTP) email via Simple Mail Transfer Protocol (SMTP) opening a remote connection via Telnet
If you're not familiar with those three protocols, don't worry about it - youwill be before you're done with this course. For now, it's enough to knowthat one PC is sending three different types of information to the other,and the MAC and IP source and destination addresses for all threetransmissions is going to be the same. How can the receiving host tell
TFTP from SMTP if that's the case?
We need a way for the recipient to differentiate one data flow from theother, and since the source and destination MAC and IP addresses will bethe same for all three flows, that won't do. What will do is the TCP orUDP port number. While these three data flows will have the same Layer2 (MAC) and Layer 3 (IP) source and destination addresses, they'll havedifferent, pre-assigned port numbers.
These port numbers allow the host at 10.1.1.1 to mix these three datastreams when sending to 10.1.1.2, rather than sending all the SMTP data,then the Telnet data, then the TFTP data. The PC at 10.1.1.2 will use theport numbers to drive the three different data streams to the appropriateapplication. This mixing of data streams is called multiplexing.
A socket may sound like something physical on the PC, but it's not. Thesocket is simply a combination of IP address and port number. Forexample, the socket on 10.1.1.2 for port 69 is 10.1.1.2:69. That socketcan also be expressed with this format:
(IP address, transport protocol, port number)
That would make the TFTP socket on that PC (10.1.1.2, UDP, 69).
The port number system works beautifully, but naturally the hosts need to
agree on what port is used for a given protocol. In the previous example,if 10.1.1.1 used TCP port 45 for Telnet and 10.1.1.2 used TCP port 55,we'd have some serious problems.
That's why most protocols use the same port number at all times, andthese port numbers are referred to as well-known port numbers. All portnumbers below 1024 are reserved, well-known port numbers -- but youdon't have to memorize 1024 numbers for the exams!
I do strongly recommend you have the following port numbers memorized,however. These numbers will become second nature to you as youprogress in your networking studies and your career, but for now we gottamemorize these! After this list, I'll show you a little trick you can use on aCisco router to see a list of well-known port numbers.
Since you won't be allowed to carry a router into the exam room, though,know this list cold! Don't worry if there are services or protocols on hereyou're not yet familiar with - you will be before the end of this course.
Some Common TCP Ports:
FTP - File Transfer Protocol - Uses TCP ports 20 and 21. SSH - Secure Shell - Uses TCP port 22. Telnet uses TCP port 23. SMTP - Simple Mail Transfer Protocol - uses TCP port 25. HTTP - HyperText Transfer Protocol - uses TCP port 80. POP3 - Post Office Protocol 3 - uses TCP port 110. SSL - Secure Socket Layer - uses TCP port 443.
Some Common UDP Ports:
DHCP - Dynamic Host Control Protocol - uses UDP ports 67 and 68. TFTP - Trivial File Transfer Protocol - uses UDP port 69. SNMP - Simple Network Management Protocol - uses UDP port 161.
Protocols Using Both TCP And UDP Ports
DNS - Domain Name Service - uses UDP and TCP port 53. The port number 24 is reserved in both UDP and TCP for private mail
systems
With Voice over IP (VoIP) becoming more and more commonplace intoday's networks, it couldn't hurt to know that the entire range of UDPports from 16384 - 32767 are reserved for voice traffic.
By the way, here's a handy little trick that can jog your memory regardingport numbers. You'll be introduced to access lists in your CCNA studies,and I'll mention this again there as well - but if you write an access list anduse IOS Help when you get to the port number part of the line, IOS Helpwill show you a list of common and not-so-common port numbers.
Again, you won't see this on your CCENT exam, but I want to plant theseed now so you'll remember it on your CCNA exam and when you workwith ACLs in your job!
Rout er 1( conf i g) #access- l i s t 101 per mi t t cp any any eq ? <0- 65535> Por t number bgp Bor der Gat eway Pr ot ocol ( 179) char gen Char act er gener at or ( 19) cmd Remot e commands ( r cmd, 514) dayt i me Dayt i me ( 13) di scar d Di scar d ( 9) domai n Domai n Name Ser vi ce ( 53) echo Echo ( 7) exec Exec ( r sh, 512) f i nger Fi nger ( 79) f t p Fi l e Tr ansf er Pr ot ocol ( 21) f t p- dat a FTP dat a connect i ons ( used i nf r equent l y, 20) gopher Gopher ( 70) host name NI C host name ser ver ( 101) i dent I dent Pr ot ocol ( 113) i r c I nt er net Rel ay Chat ( 194) k l ogi n Ker ber os l ogi n ( 543)
Watch Your Soundalike Protocols
There are two sets of protocols that are occasionally confused with eachother, so let's draw a clear line between the following:
SNMP and SMTP NNTP and NTP
SNMP, the Simple Network Management Protocol, is just what it soundslike - it's a protocol used by many network management and monitoringprograms. SNMP runs on UDP port 161.
SMTP, the Simple Mail Transfer Protocol, is also just what it sounds like!SMTP and POP3 are your two email transport protocols, and they're goodports to leave open when you're writing access control lists later in thecourse. SMTP runs on TCP port 25.
NNTP, the Network News Transfer Protocol, is used by Usenet serversand users to read and post articles on newsgroups. NNTP uses TCP port119.
NTP, the Network Time Protocol, is a very popular protocol that's used tosynch the time clock on routers and/or servers to an external source or areliable clock source on the local network. NTP uses UDP port 123.
"Hot Spots And Gotchas"
OSI Model Review:
Application layer : Telnet, FTP, the email protocols POP3 and SMTP, andSNMP all run at this layer. Basically, if an end user and/or data input isinvolved, it's an Application layer protocol.
Presentation layer: Concerned primarily with - all together now! - thepresentation of data.
Session layer: The manager of the connection.
Transport layer: TCP and UDP operate here, as does "positiveacknowledgement and retransmission". Data is placed into segments.Flow control, windowing, acks -- anything to do with TCP -- happens atthe Transport layer.
Speaking of flow control, this TCP feature allows the receiver to dictatehow quickly data should be sent, not the sender.
Network layer: IP addresses are added here, and it's these IP addressesthat are used to create a logical path from Point A to Point B. Theprocess of choosing the best of multiple logical paths, routing, occurshere, and it's packets that are routed.
Data Link layer: MAC addresses are added here, as is the Frame CheckSequence value. The FCS is used for error detection, but not errorcorrection. Frames are used at the Data Link layer.
Physical layer: Hubs and repeaters both work at this layer, as do cables.Always start troubleshooting at this OSI layer! Data takes the form of bitshere, since it's the bits that actually go across the cable.
Data format from top to bottom:
data (Application, Presentation, Session) segment (Transport) packet (Network) frame (Data Link) bit (Physical)
TCP vs. UDP
Protocols that use TCP include the following:
FTP, port 20 and 21 SMTP, port 25 Telnet, port 23 HTTP, port 80 DNS, port 53 POP3, port 110 NNTP, port 119
Protocols that use UDP include the following:
SNMP, port 161 TFTP, port 69 DNS, port 53 DHCP, ports 67 and 68 NTP, port 123
TCP offers windowing, error detection and correction through the use ofsequence and ack numbers, and flow control. TCP also uses a three-way handshake between the involved parties before segments aretransmitted and uses the FIN bit to bring the communication to an orderlyconclusion.
UDP offers none of these, but UDP does have far less overhead due to itssmaller header.
DNS uses both TCP and UDP port 53.
The common fields in TCP and UDP headers are the checksum and thesource and destination port numbers (not IP addresses or MACaddresses!).
Recommended Video Viewing:
Free CCNA Video Boot Camp on OSPF (Hosted By Udemy.com)
http://www.udemy.com/ccna-boot-camp/
My Full CCNA Video Boot Camp - Over 22 Hours Of Video - And A SecretDiscount Link!
See the course here, and watch an hour of the OSPF section for free!
http://www.udemy.com/ccna-on-demand-video-boot-camp/
Get your $10 discount by enrolling at the following link - it's like gettingthis ebook for free!
http://www.thebryantadvantage.com/CCNAStudyPackageUpgrade.htm
Recommended videos from my YouTube channel:
Video Practice Exam on the networking models:
http://www.youtube.com/watch?v=9upzhy4x_F0
Video Boot Camp - TCP vs UDP
http://www.youtube.com/watch?v=v-CmPz73Y8Q
Video Boot Camp - OSI Model Review (and much more!)
http://www.youtube.com/watch?v=JsK6pqXkWHc
Main YouTube Channel Page - Come on out and join us today! It's 100%free to subscribe, and new videos are added 5 - 10 times a week!
http://www.youtube/com/user/ccie12933
Back To Index
Copyright © 2012 The Bryant Advantage. All Rights Reserved.