ptg
A Quick Look at TCP/IP Networking
29
2. The data segment passes to the Internet level, where the IP protocol provides
logical-addressing information and encloses the data into a datagram.
3. The IP datagram enters the Network Access layer, where it passes to software
components designed to interface with the physical network. The Network
Access layer creates one or more data frames designed for entry onto the phys-
ical network. In the case of a LAN system such as ethernet, the frame may
contain physical address information obtained from lookup tables maintained
Application
Layer
Transport
Layer
Internet
Layer
Network Access
Layer
TCP
Application
Application
Program
Interface
Network
Services
Network
Applications
and Utilities
UDP
IP
ARP

those layers interrelate. You also learned how the classic TCP/IP model relates to the
seven-layer OSI networking model. At each layer in the protocol stack, data is pack-
aged into the form that is most useful to the corresponding layer on the receiving
end. This hour discusses the process of encapsulating header information at each
protocol layer and outlines the different terms used at each layer to describe the
data package. Finally, you got a quick look at how the TCP/IP protocol system oper-
ates from the viewpoint of some of its most important protocols: TCP, UDP, IP, ARP,
and RARP.
Q&A
Q. What is the principle advantage of TCP/IP’s modular design?
A. Because of TCP/IP’s modular design, the TCP/IP protocol stack can adapt eas-
ily to specific hardware and operating environments.
Q. What functions are provided at the Network Access layer?
A. The Network Access layer provides services related to the specific physical net-
work. These services include preparing, transmitting, and receiving the frame
over a particular transmission medium, such as an ethernet cable.
From the Library of Athicom Parinayakosol
ptg
Key Terms
31
Q. Which OSI layer corresponds to the TCP/IP Internet layer?
A. TCP/IP’s Internet layer corresponds to the OSI Network layer.
Q. Why is header information enclosed at each layer of the TCP/IP protocol
stack?
A. Because each protocol layer on the receiving machine needs different informa-
tion to process the incoming data, each layer on the sending machine
encloses header information.
Key Terms
Review the following list of key terms:
.

32
HOUR 2: How TCP/IP Works
.
TCP (Transmission Control Protocol)—A reliable, connection-oriented
protocol of the Transport layer.
.
Transport layer—The layer of the TCP/IP stack that provides error control and
acknowledgment and serves as an interface for network applications.
.
UDP (User Datagram Protocol)—An unreliable, connectionless protocol of
the Transport layer.
From the Library of Athicom Parinayakosol
ptg
PART II
The TCP/IP Protocol System
HOUR 3 The Network Access Layer 35
HOUR 4
The Internet Layer 47
HOUR 5
Subnetting and CIDR 69
HOUR 6
The Transport Layer 83
HOUR 7
The Application Layer 107
From the Library of Athicom Parinayakosol
ptg
This page intentionally left blank
From the Library of Athicom Parinayakosol
ptg
HOUR 3

access method
From the Library of Athicom Parinayakosol
ptg
36
HOUR 3: The Network Access Layer
.
Converting the data into a format that will be transmitted into the stream of
electric or analog pulses across the transmission medium
.
Checking for errors in incoming data
.
Adding error-checking information to outgoing data so that the receiving
computer can check the data for errors
Of course, any formatting tasks performed on outgoing data must occur in reverse
when the data reaches its destination and is received by the computer to which it is
addressed.
The Network Access layer defines the procedures for interfacing with the network
hardware and accessing the transmission medium. Below the surface of TCP/IP’s
Network Access layer, you’ll find an intricate interplay of hardware, software, and
transmission-medium specifications. Unfortunately, at least for the purposes of a
concise description, there are many different types of physical networks that all have
their own conventions, and any one of these physical networks can form the basis
for the Network Access layer.
The good news is that the Network Access layer is almost totally invisible to the
everyday user. The network adapter driver, coupled with key low-level components
of the operating system and protocol software, manages most of the tasks relegated
to the Network Access layer, and a few short configuration steps are usually all that
is required of a user. These steps are becoming simpler with the improved plug-and-
play and auto-configuration features of desktop operating systems.
As you read through this hour, remember that the logical, IP-style addressing dis-

Application
Transport
Internet
Network Access
TCP/IP
Upper
OSI
Layers
Data Link
Physical
OSI
Media Access
Control Sublayer
Logical Link
Control Sublayer
Data Link
FIGURE 3.1
OSI and the
Network Access
layer.
The OSI Data Link layer performs two separate functions and is accordingly sub-
divided into the following two sublayers:
.
Media Access Control (MAC)—This sublayer provides an interface with the
network adapter. The network adapter driver, in fact, is often called the MAC
driver, and the hardware address burned into the card at the factory is often
referred to as the MAC address.
.
Logical Link Control (LLC)—This sublayer performs error-checking functions
for frames delivered over the subnet and manages links between devices com-

Access method—An access method is a set of rules defining how the computers
will share the transmission medium. To avoid data collisions, computers must
follow these rules when they transmit data.
.
Data frame format—The IP-level datagram from the Internet layer is encap-
sulated in a data frame with a predefined format. The data enclosed in the
header must supply the information necessary to deliver data on the physical
network. You’ll learn more about data frames later in this hour.
.
Cabling type—The type of cable used for a network has an effect on certain
other design parameters, such as the electrical properties of the bitstream
transmitted by the adapter.
By the
Way
From the Library of Athicom Parinayakosol
ptg
Network Architecture
39
.
Cabling rules—The protocols, cable type, and electrical properties of the
transmission have an effect on the maximum and minimum lengths for the
cable and for the cable connector specifications.
Details such as cable type and connector type are not the direct responsibility of the
Network Access layer, but to design the software components of the Network Access
layer, developers must assume a specific set of characteristics for the physical net-
work. Thus, the network access software must come with a specific hardware design.
The important point is that the layers above the Network Access layer don’t have to
worry about the hardware design. The TCP/IP stack is designed so that all the details
of interacting with the hardware occur at the Network Access layer. This design lets
TCP/IP operate over a great variety of different transmission media.

gies in later hours. As an example of the types of problems and solutions that occur
within the Network Access layer, the following sections take a closer look at the
important and ubiquitous architecture known as ethernet.
Physical Addressing
As you learned in earlier chapters, the Network Access layer is necessary to relate
the logical IP address, which is configured through the protocol software, with the
actual permanent physical address of the network adapter. This physical address is
often called the MAC address because, within the OSI model, physical addressing is
the responsibility of the Media Access Control (MAC) sublayer. Because the physical
Application
Transport
Internet
802.11
Wireless
Ethernet Modem
Network
Access
Layer
FIGURE 3.2
Because the
Network Access
layer encapsu-
lates the details
of the transmis-
sion medium,
the upper layers
of the stack can
operate inde-
pendently of the
hardware.

As you read the following description of ethernet, keep in mind that the address
used by the ethernet software is not the same as the logical IP address, but this
address maps to an IP address at the interface with the Internet layer.
Ethernet
Ethernet is undoubtedly the most popular LAN technology in use today. The ether-
net architecture has become popular because of its modest price; ethernet cable is
inexpensive and easily installed. Ethernet network adapters and ethernet hardware
components are also relatively inexpensive. You are probably familiar with the
appearance of a typical ethernet port and cable if you have ever looked at the back
of a computer. The rise of wireless networking has not diminished the importance of
ethernet. An important form of wireless LAN networking is sometimes called “wire-
less ethernet” because it incorporates many of the principles of the original ethernet
specification.
On a classic ethernet network, all computers share a common transmission
medium. Ethernet uses an access method called Carrier Sense Multiple Access with
Collision Detect (CSMA/CD) for determining when a computer is free to transmit
data on to the access medium. Using CSMA/CD, all computers monitor the trans-
mission medium and wait until the line is available before transmitting. If two
From the Library of Athicom Parinayakosol
ptg
42
HOUR 3: The Network Access Layer
computers try to transmit at the same time, a collision occurs. The computers then
stop, wait for a random time interval, and attempt to transmit again.
CSMA/CD can be compared to the protocol followed by a room full of polite people.
Someone who wants to speak first listens to determine whether anybody else is cur-
rently speaking (this is the Carrier Sense). If two people start speaking at the same
moment, both people will detect the problem, stop speaking, and wait before speak-
ing again. (This is Collision Detect.)
Traditional ethernet works well under light-to-moderate use but suffers from high

ptg
Anatomy of an Ethernet Frame
43
Anatomy of an Ethernet Frame
The Network Access layer software accepts a datagram from the Internet layer and
converts that data to a form that is consistent with the specifications of the physical
network (see Figure 3.6). In the case of ethernet, the software of the Network Access
layer must prepare the data for transmission through the hardware of the network
adapter card.
Internet
Layer
Data
Network
Access
Layer
••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••
••••••••
••••••••
••••••••
••••••••
FIGURE 3.6
The Network
Access layer
formats data
for the physical
network.
When the ethernet software receives a datagram from the Internet layer, it performs
the following steps:
1. Breaks Internet layer data into smaller chunks, if necessary, which will be sent
in the data field of the ethernet frames. The total size of the ethernet frame

destination address. If the destination address matches the address of the network
adapter, the adapter software processes the incoming frame and passes the data to
higher layers of the protocol stack.
Summary
This hour discussed the Network Access layer, the most diverse and arguably the
most complex layer in the TCP/IP protocol stack. The Network Access layer defines
the procedures for interfacing with the network hardware and accessing the trans-
mission medium. There are many types of LAN architectures and, therefore, many
different specifications for the Network Access layer. As an example of how the
Network Access layer handles data transmission, this hour took a close look at
ethernet.
Ethernet technology is common throughout the mechanized world, but there are
many other ways to connect computers. Any networking technology must have
some means of preparing data for the physical network; therefore, any TCP/IP tech-
nology must have a Network Access layer. You learn more about other physical net-
work scenarios, such as modems, wireless LANs, mobile networking, and WAN
technologies in later hours.
Q&A
Q. What types of services are defined at the Network Access layer?
A. The Network Access layer includes services and specifications that manage the
process of accessing the physical network.
From the Library of Athicom Parinayakosol
ptg
Key Terms
45
Q. Which OSI layers correspond to the TCP/IP Network Access layer?
A. The Network Access layer roughly corresponds with the OSI Data Link layer
and Physical layer.
Q. What is the most common LAN architecture?
A. The most common LAN architecture is ethernet, although wireless LAN tech-

.
Network architecture—A complete specification for a physical network,
including specifications for access method, data frame, and network cabling.
From the Library of Athicom Parinayakosol
ptg
46
HOUR 3: The Network Access Layer
.
Physical address—A permanent network address, burned into the adapter
card by the manufacturer, that is used to deliver data across the physical
network.
.
Physical layer—The first OSI layer, responsible for translating the data frame
into a bitstream suitable for the transmission medium.
.
Preamble—A series of bits marking the beginning of a data frame
transmission.
From the Library of Athicom Parinayakosol
ptg
HOUR 4
The Internet Layer
What You’ll Learn in This Hour:
.
IP addresses
.
The IP header
.
ARP
.
ICMP

often called the MAC address) is burned into the card when it is manufactured.
A device such as an ethernet card does not know any of the details of the upper
protocol layers. It does not know its IP address or whether an incoming frame is
being sent to Telnet or FTP. It just listens to incoming frames, waits for a frame
addressed to its own physical address, and passes that frame up the protocol stack.
This physical addressing scheme works well on an individual LAN segment. A net-
work that consists of only a few computers on an uninterrupted medium can func-
tion with nothing more than physical addresses. Data can pass directly from
network adapter to network adapter using the low-level protocols associated with
the Network Access layer.
Unfortunately, on a routed network, it is not possible to deliver data by physical
address. The discovery procedures required for delivering by physical address do not
work across a router interface. Even if they did work, delivery by physical address
would be cumbersome because the permanent physical address built into a network
card does not allow you to impose a logical structure on the address space.
TCP/IP therefore makes the physical address invisible and instead organizes the net-
work around a logical, hierarchical addressing scheme. This logical addressing
scheme is maintained by the IP protocol at the Internet layer. The logical address is
called the IP address. Another Internet layer protocol called Address Resolution
Protocol (ARP) assembles a table that maps IP addresses to physical addresses. This
ARP table is the link between the IP address and the physical address burned into
the network adapter card.
On a routed network (see Figure 4.1), the TCP/IP software uses the following strategy
for sending data on the network:
1. If the destination address is on the same network segment as the source com-
puter, the source computer sends the packet directly to the destination. The IP
address is resolved to a physical address using ARP, and the data is directed to
the destination network adapter.
2. If the destination address is on a different segment from the source computer,
the following process begins:

195.121.131.8
To
Destination
Message to
195.18.16.8
To
Gateway
FIGURE 4.1
The gateway
receives
datagrams
addressed to
other networks.
To deliver data on a complex routed network, the Internet layer protocols must
therefore be able to
.
Identify any computer on the network.
.
Provide a means for determining when a message must be sent through the
gateway.
.
Provide a hardware-independent means of identifying the destination network
segment so that the datagram will pass efficiently through the routers to the
correct segment.
From the Library of Athicom Parinayakosol
ptg
50
HOUR 4: The Internet Layer
.
Provide a means for converting the logical IP address of the destination com-

By the
Way
By the
Way
From the Library of Athicom Parinayakosol
ptg
Internet Protocol (IP)
51
It is easy for a person to look at Figure 4.2 and say, “Every address that starts with
192.132.134 must be in Building C.” A computer, though, requires a bit more
hand-holding. The IP address is therefore divided into two parts:
.
The network ID
.
The host ID
192.132.134.10211.14.16.99
211.14.16.6211.14.16.42
201.201.16.9
201.201.16.3201.201.16.8
192.132.134.100192.132.134.6
Building B Building C
Building A
FIGURE 4.2
You can tell
the network by
looking at the
address.
The network must provide a means for determining which part of the IP address is
the network ID and which part is the host ID. Unfortunately, the variety and com-
plexity of networks in the real world precludes a simple, one-size-fits-all solution to

instructions to routers.
For additional information about IP headers, see RFC 791.
The minimum size for an IP header is 20 bytes. Figure 4.3 shows the contents on the
IP header.
The header fields in Figure 4.3 are as follows:
.
Version—This 4-bit field indicates which version of IP is being used. The cur-
rent version of IP is 4. The binary pattern for 4 is 0100.
.
IHL (Internet Header Length)—This 4-bit field gives length of the IP header
in 32-bit words. The minimum header length is five 32-bit words. The binary
pattern for 5 is 0101.
By the
Way
By the
Way
From the Library of Athicom Parinayakosol
ptg
Internet Protocol (IP)
53
.
Type of Service—The source IP can designate special routing information.
Some routers ignore the Type of Service field, although this field recently has
received more attention with the emergence of Quality of Service (QoS) tech-
nologies. The primary purpose of this 8-bit field is to provide a means of
prioritizing datagrams that are waiting to pass through a router. Most imple-
mentations of IP today simply put all zeros in this field.
.
Total Length—This 16-bit field identifies the length, in octets, of the IP data-
gram. This length includes the IP header and the data payload.

Flags Fragment Offset
Total Length
0Bit Position: 8 24 31416
FIGURE 4.3
IP header field.
From the Library of Athicom Parinayakosol