Discover millions of ebooks, audiobooks, and so much more with a free trial

From $11.99/month after trial. Cancel anytime.

CCNA Certification All-in-One For Dummies
CCNA Certification All-in-One For Dummies
CCNA Certification All-in-One For Dummies
Ebook1,330 pages18 hours

CCNA Certification All-in-One For Dummies

Rating: 5 out of 5 stars

5/5

()

Read preview

About this ebook

A complete preparation guide for the entry-level networking CCNA certification

If you're planning to advance your career by taking the all-important Cisco Certified Network Associate (CCNA), this is the study guide you need! Seven minibooks cover all the concepts and topics on which you'll be tested, covering the latest version of the exam.

Each part of the exam is covered thoroughly in its own section, so you can readily find the information you want to study. Plenty of review questions help you prepare, and the companion CD-ROM includes the highly rated Dummies Test Engine so you can test your progress with questions based on exam content.

  • The Cisco Certified Network Associate (CCNA) is the entry-level certification for network professionals
  • Seven minibooks in this guide cover Secure Device Manager, Virtual Private Networks, IPv6, 2960 Switches, Cisco Network Assistant, Advanced EIGRP and OSPF, and Introduction to Wireless Networks
  • Covers the latest version of the exam, including the new voice, security and wireless components added in 2008
  • Packed with review questions to help you prepare
  • Includes more security and troubleshooting information
  • CD-ROM includes the popular Dummies Test Engine, an exclusive, fully customizable test-prep software package that features twice as many sample questions as the previous version

CCNA Certification All-In-One For Dummies is the preparation guide you need to earn your CCNA certification.

Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

LanguageEnglish
PublisherWiley
Release dateMar 16, 2010
ISBN9780470635926
CCNA Certification All-in-One For Dummies

Related to CCNA Certification All-in-One For Dummies

Related ebooks

Certification Guides For You

View More

Related articles

Reviews for CCNA Certification All-in-One For Dummies

Rating: 5 out of 5 stars
5/5

1 rating0 reviews

What did you think?

Tap to rate

Review must be at least 10 words

    Book preview

    CCNA Certification All-in-One For Dummies - Silviu Angelescu

    Chapter 1: Introducing Computer Networks

    Exam Objectives

    Describing the purpose and functions of computer networks

    Describing common network applications

    Describing common networking devices

    Describing the operation flow of computer networks and seeing how networking devices control the operation flow

    Describing the impact of applications (Voice over IP and Video over IP) on a network

    Describing the components required for network and Internet communications

    Describing the topologies of computer networks

    CCNA certification not only attests your knowledge about Cisco networking, but it also attests your knowledge about networking technologies in general. This is one of the reasons why CCNA certification is the gold-standard certification in the networking industry.

    Purpose of Computer Networks

    You link computers in a network for the same reason that people network. People networks are necessary to accomplish tasks that cannot be accomplished by a single individual. The same applies to computers. Computer networks were developed to aggregate the computing power of several individual computers into initially local networks, then campus networks, then metropolitan networks, then countrywide networks, and finally, global networks.

    A computer network is a group of computer host devices that communicate with each other. To enable this communication, the computer host devices are connected using wired or wireless connections. The communication is controlled by network software running on the computer host devices and on network devices.

    Computer host devices can be any other devices used to access the network, including servers, workstations, personal computers, smart phones, and laptops.

    Network devices can be any devices that stand between computer host devices, including switches, routers, hubs, repeaters, and firewalls

    Network devices control and optimize communication between host devices.

    Network applications

    What’s the purpose? Here are just a few network application examples:

    World Wide Web: Technically, this is a network application that allows the exchange of text pages coded in Hypertext Markup Language (HTML) using the Hypertext Transfer Protocol (HTTP). Initially, these HTML pages only supported hyperlinks to jump from one page to another. Now, HTTP and HTML have been augmented with dynamic extensions to allow a much more advanced, rich, multimedia Web experience than just jumping from one page to another.

    Electronic mail: I am sure that you have extensively used this one. This is a network application that allows the exchange of messages between two hosts. In fact, studies show that e-mail is by far the most commonly used network application.

    File transfer and file sharing: This network application allows the transfer of files from one computer host device to another. Several variations of this application exist, such as File Transfer Protocol (FTP), Secure FTP (SFTP), Network File System (NFS), and Server Message Block (SMB), but all versions serve the same purpose: to transfer files from one network host to another.

    Remote control: This network application allows you to control a computer host remotely from another host in the network. As with file transfer, several remote control applications exist, such as Windows Remote Desktop, Virtual Network Computing (VNC), and remote shell (rsh).

    Voice over IP (VoIP) and Video over IP: This network application allows the transfer of voice and video signals over the Internet Protocol. Many Web sites stream video over the Internet today. These sites use some VoIP network application to wrap their video content in IP packets and send them over the network to the computer host that requested the streamed video content. Another example of VoIP is Cisco IP phones, which are being adopted today by many organizations to save costs by concentrating their phone and data traffic over the same IP infrastructure.

    Shared network storage: This network application connects advanced specialized storage devices to a storage network, making them accessible to any computer host connected to that storage network. Storage networks can be either

    • Isolated, that is, connecting only to a few computer hosts locally

    • Connected to other data networks

    High availability (HA) and parallel processing: This network application enables computer hosts to act as a single logical host, sometimes also called a computer cluster. The hosts use clustering software that manages the logical supercomputer. The clustering software needs to have those physical computers interconnected in a network.

    Computer clusters are used for the following:

    High availability: Several levels of high availability exist, but generally speaking, HA implies that whenever one of the physical computers in the cluster fails, the remaining computer(s) takes over the load of the failed computer.

    Parallel processing: In parallel processing, all physical computers in the cluster can process data at the same time, thereby improving processing speed and reliability.

    Both HA and parallel processing require a network connection between the physical computer hosts involved.

    Operation Flow of Computer Networks

    A simple network can be three hosts connected to a hub. A hub works very much like a multiplexer, or a multiple socket power bar: Hosts connect to the hub, and they can speak and hear each other.

    To initiate a communication, a host needs information about another host on the network:

    ♦ Logical (IP) address, to establish a connection between upper-layer network protocols and applications of the hosts.

    ♦ NIC physical (MAC) address to establish a connection between his network interface card and John’s to transmit electrical signals between the NICs, over the network.

    A host’s logical (IP) address can be obtained through a name resolution, to resolve the host name (John) to his IP address. There are several options:

    ♦ Query a name server, also known as a Domain Name System (DNS) server to obtain the IP address for the name. DNS servers keep tables of host names and their corresponding IP addresses. Whenever they are queried for the IP address of a host, they search the host name in their table, and if they find it, they return the IP address.

    ♦ Use a hosts file that lists the host and its corresponding IP address. All hosts can have a local hosts file that lists the hosts in the network with their corresponding IP address.

    This is a simple method to resolve host names to IP addresses, but hosts files need to be maintained manually. Consequently, this method does not scale. DNS servers are typically used instead.

    The logical IP address can be used to obtain the physical (MAC) address to establish a connection between the NICs. In a small network, a host can simply broadcast a request to obtain another host’s MAC address. The broadcast is sent to the data link layer broadcast address, which is FF:FF:FF:FF:FF:FF. This is the standard broadcast address to query for MAC addresses.

    In larger networks, the amount of requests on the data link layer would harm performance. Thus, it is best to limit the size of the network.

    So, two basic issues are at hand:

    Noise generated by broadcast queries: One computer sends a broadcast query to every other device in the network to obtain an IP address or a MAC address, and eventually the target computer responds. Meanwhile, all computers in the broadcast domain have heard the broadcast request. They were disturbed by a request that does not concern them. If lots of broadcast requests are being sent on the network by hosts that just joined the network, for example, a broadcast storm can occur: Everyone is disturbed by everyone’s broadcast request, and the network performance is considerably impacted.

    Message collision: After two computers know about each other and they start to communicate, they send data frames on the link that is shared by all other computers in that network segment. If two computers try to send frames at the same time, on the same wire, the frames collide. In that case, both computers back off: They stop sending frames, they wait a little while, and they try to resend. You have no guarantee that the frames will not collide again when they are resent. Typically, there are few chances that they collide again, because the two computers wait random time periods that are likely different. However, collisions do happen, and they can slow a network considerably. Remember the meeting room example: The more people in the room, the more chances that everyone tries to speak at the same time. It’s the same with computers: The more hosts you add to a network segment, the more chances of having frame collisions. It’s best to keep network segments as small as possible.

    You can segment a network using a data link layer switch instead of a hub. Data-link switches are also called Layer 2 switches, because the data link layer is the second layer in the TCP/IP protocol stack. In fact, every time I talk about a switch in this book, I refer to a Layer 2 switch. Switches segment networks into one collision domain per port. A collision domain is a logical space where messages can collide.

    remember.eps You need to understand the following networking concepts for the CCNA test:

    ♦ A collision domain is a logical network space where frames can collide, because several hosts are sharing the bandwidth of the network medium and they can potentially send frames on the wire at the same time.

    It is best to segment networks into several smaller collision domains to reduce the chances of having frame collisions.

    Bandwidth is the maximum amount of information (in bits/second) that can be transmitted on a transmission medium.

    ♦ A hub is basically a multiplexed connection device: All devices connected to a hub can send frames to all other devices connected to the hub. A hub sends frames it receives on all ports, except on the port where the frame is received. Thus, even if a frame is only addressed to one of the six hosts plugged in to the hub, in reality, all five hosts, other than the sending host, will receive the frame. Four hosts will have to discard the frame because it is not addressed to them. Some hubs also amplify the electrical signal before sending it on all ports other than the originating port. Those hubs are also repeaters.

    ♦ A repeater is a hub that not only sends the frames on all ports other the originating port, but it also amplifies the electrical signal. Amplifying the electrical signal allows the hub to send over longer distances. Most hubs on the market today also amplify the electrical signal. Thereby, most hubs are also repeaters. However, do not assume this during the CCNA test.

    ♦ A switch is smarter (and more expensive) than a hub: It learns about devices that send frames into the switch. A switch builds a MAC address table that lists the MAC address of the host device that is sending on each port. Whenever a frame enters the switch, the switch looks at the destination MAC address of the frame. Then, the switch looks into its MAC address table and identifies the port that corresponds to the destination MAC address of the frame. It then sends the frame only on that port.

    ♦ A bridge works very similarly to a switch, except that it uses software instead of hardware application-specific integrated circuit (ASIC) processors to process the MAC address filtering and forwarding. Consequently, a bridge is typically slower and less expensive than a switch. Switches have become very affordable lately, however, and it is very rare to find bridges on the market anymore.

    Each port of a switch is a collision domain. Switches learn about MAC addresses connected to their ports, and they build an internal table that lists which MAC address is connected to each port. The switch identifies the port where the destination MAC address is connected and forwards the frame only on that port. Other hosts don’t receive it. This dramatically reduces collision chances and thereby improves network performance.

    Switches limit the collision domain, but they do not limit the broadcast domain. The switch broadcasts requests on all ports. Broadcast domains can be limited by either using virtual local-area networks (VLANs) on a switch or by using routers.

    Topologies of Computer Networks

    Networks can be arranged in various topologies, or layouts. The most common topologies are as follows:

    Point-to-point: Two hosts connect directly to each other, as shown in Figure 1-1. The sending end of one host is connected to the receiving end of the other host. In its simplest form, the two hosts are connected with a crossover cable. This is usually the case in serial connections.

    Figure 1-1: Point-to-point topology.

    489628-fg010101.eps

    Star: Hosts connect to a central device, as shown in Figure 1-2. All traffic flows through the central device. The star topology is also known as a hub-and-spoke topology. Ethernet networks using hubs or switches and twisted-pair cabling are star topologies.

    Ring: Hosts are connected sequentially in a daisy-chain fashion, as shown in Figure 1-3. Traffic flows around the ring. The last host in the ring is connected to the first host, thereby closing the ring. Token Ring is the typical ring topology example. Fiber Distributed Data Interface (FDDI) is also a ring topology.

    Bus: As shown in Figure 1-4, hosts are connected through a single cable, usually coaxial cable. Ethernet networks using coaxial cable are bus topologies.

    Figure 1-2: Star topology.

    489628-fg010102.eps

    Figure 1-3: Ring topology.

    489628-fg010103.eps

    Figure 1-4: Bus topology.

    489628-fg010104.eps

    Mesh: Multiple hosts are connected point to point to each other in a mesh topology, as shown in Figure 1-5. These are multiple point-to-point connections that typically link every host in the network with every other host in the network. You find two types of mesh topologies:

    Full-mesh topologies provide several connections between hosts in the network, thereby improving reliability. The cost is high, though.

    Partial-mesh topologies are a good compromise because they can offer multiple connections for certain mission-critical hosts, yet they present cost savings over full-mesh configurations.

    Figure 1-5: Mesh topology.

    489628-fg010105.eps
    Prep Test
    1 Computer networks do which of the following?
    A Allow computer hosts to communicate data between each other
    B Provide a user interface to control computer hosts
    C Provide a user interface to control networking devices
    D Operate solar power stations
    2 Networking devices do which of the following?
    A Provide an operating system for the Internet
    B Allow users to use more than one computer at once
    C Control and optimize communication between host devices
    D Allow users to use more than one user interface at once
    3 A hub does which of the following?
    A Modifies the MAC address of a data-link frame to allow transmission over longer distances
    B Sends frames it receives on all ports, except on the port where the frame is received
    C Amplifies the electrical signal to allow transmission over longer distances
    D Sends frames it receives only on the port that corresponds to the destination MAC address of the data-link frame
    4 A switch does which of the following?
    A Modifies the MAC address of a data-link frame to allow transmission over longer distances
    B Sends frames it receives on all ports, except on the port where the frame is received
    C Amplifies the electrical signal to allow transmission over longer distances
    D Sends frames it receives only on the port that corresponds to the destination MAC address of the data-link frame
    Answers
    1 A. Allow computer hosts to communicate data between each other. Networks allow computers to communicate. See Purpose of Computer Networks.
    2 C. Control and optimize communication between host devices. Network devices manage the communication between host devices. Review Purpose of Computer Networks.
    3 B. Sends frames it receives out on all ports, except on the port where the frame is received. Hubs send out frames on all ports except on the incoming port. Read Operation Flow of Computer Networks.
    4 D. Sends frames it receives only on the port corresponding to the destination MAC address of the data-link frame. Switches send frames only on the destination port. Check out Operation Flow of Computer Networks.

    Chapter 2: The OSI Reference Model

    Exam Objectives

    Describing the OSI reference model

    Describing the purpose and basic operation of each layer in the OSI reference model

    Describing the benefits of the OSI reference model

    Describing the purpose and basic operation of the protocols in the OSI and TCP/IP models

    Associating network devices to each layer in the OSI reference model

    This chapter covers the Open Systems Interconnection (OSI) networking reference model. You discover the seven layers, their purpose, and how they relate to each other. The data encapsulation concept is also introduced.

    Introduction to the OSI Reference Model

    The International Organization for Standardization (ISO) defined the Open Systems Interconnection (OSI) reference model to standardize networking of devices from different vendors. The OSI reference model is mostly an architecture blueprint that networking and computer device manufacturers implement. The OSI model has never been implemented exactly as defined. The TCP/IP protocol stack is the closest implementation available today.

    Seven Layers

    The OSI reference model is designed in seven functional layers. Each layer has a precise mission, and each layer works fairly independently of the upper and lower layers. Upper layers use the services provided by lower layers, but the internal workings of each layer are not visible to other layers.

    This independence is achieved through encapsulation and very clearly defined interfaces between layers. Here are the layers in a nutshell:

    ♦ Top layers build an application data payload that is divided by the lower transport layer into several small data chunks called segments. Each segment is numbered so that the receiving host can reassemble the application data.

    ♦ The transport segments are then forwarded down to the network layer, which tags each segment with logical source and destination addresses and some control information, and hands over the resulting shippable data packet to the lower data link layer.

    ♦ The data link layer adds the physical source address of the sender and the physical destination address of the receiver if the receiver is located in the same local network as the sender. If the receiver is not located in the same local network as the sender, the data link layer adds the physical destination address of the gateway in the local network. The gateway of a local network is usually a router that connects the local network to other networks.

    Here are the basic ideas behind encapsulation:

    ♦ Each layer encapsulates the data and controls the data of upper layers within its own control data.

    ♦ The data chunk encapsulated within the control data of each layer travels from the sending host to the receiving host.

    ♦ The receiving host unwraps the successive control information layers that encapsulate the data.

    ♦ Top layers on the sending host hand off the data to the transport layer and trust the transport layer (and the layers beneath transport) to ship it to the receiving host.

    ♦ The data ends up being sliced into smaller chunks. The data is also augmented with control information at each layer. The control information added by each layer is wrapped around by the control data of the lower layers on the sending host.

    ♦ The data is unwrapped on the receiving host.

    Layer 7: Application

    This layer represents the various network applications such as e-mail reader, Web browser, Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Network File System (NFS).

    ♦ The application layer provides a user interface and processes network data.

    ♦ The application layer on the sending host produces the network data to be transmitted from the sender host.

    ♦ The application layer on the receiving host consumes the network data produced and transmitted by the sender host.

    Layer 6: Presentation

    This layer is mostly concerned with data format. It converts the data between different formats so that both the sender and the receiver can use heterogeneous data. For example, mail messages contain various data formats: text, application attachments, video, audio, and graphical signature.

    ♦ The presentation layer on the sending host receives the data payload from the application layer.

    ♦ The presentation layer on the sending host converts the data into a format that is easily transportable over the network.

    ♦ The presentation layer on the receiving host converts the data from the network format back to its native format that can be easily interpreted, used, and displayed by the application layer above.

    Layer 5: Session

    Some applications need to open logical communication channels between the computer hosts. Logical communication channels (sessions) maintain data about the communication established between the network application running on the sending host and the network application running on the receiving host. The session layer does the following:

    ♦ Opens and maintains logical communication channels between network applications running on the sending host and network applications running on the receiving host.

    ♦ Handles authentication: Some network applications use authentication mechanisms before they open a logical communication channel (session) with a remote host.

    Layer 4: Transport

    The transport layer manages the transport of data between two hosts over a network. In a nutshell, the transport layer does the following:

    ♦ Slices the data to be transmitted into small chunks called data segments that can be easily sent over the network medium.

    ♦ Reassembles the data in order on the receiving host: Data segments are not guaranteed to arrive in order at destination since they may use different routes to reach the destination host. The transport layer is responsible to reassemble the data in order on the receiving host..

    Layer 3: Network

    The network layer routes data packets across networks that link the sending and the receiving host. In a nutshell, the network layer does the following:

    ♦ Chooses the best route to send packets between hosts.

    ♦ Assigns logical addresses to all devices in the network to be able to identify each source host and each destination host, as well as each network through which packets need to be routed.

    Logical addresses are assigned at the network protocol level. Physical addresses are assigned on a physical device, such as a network card.

    ♦ Receives each data segment from the transport layer on the sending host and wraps it in a data packet along with routing data. The packet is sent down to the data link layer to send it over the network physical medium.

    ♦ On the receiving host, the network layer unwraps the packet received to extract the data segment and sends it up to the transport layer.

    Several protocols operate at the network layer, such as IP, IPX, AppleTalk, and SNA, but the CCNA test is only concerned with IP.

    The Internet Protocol (IP) is the TCP/IP implementation of the network layer. IP addresses are logical addresses provided by the IP in TCP/IP.

    Cisco routers are Layer 3 (network layer) devices. You read more about Cisco routers in Book IV.

    Layer 2: Data link

    The data link layer does the following:

    ♦ Transmits the data on the physical medium.

    ♦ Routes the data locally on the physical network medium. The data link layer uses physical addresses assigned to each physical network device in the local network to route data from one physical device to another.

    ♦ The data link layer receives each packet from the network layer on the sending host and wraps it in a data frame along with local routing data.

    ♦ The data link layer sends each data frame down to the physical layer to code an electrical or optical signal to transmit the data frame over a wire or over the air (wireless transmission).

    ♦ On the receiving host, the data link layer unwraps the data frame received to extract the packet and sends it to the network layer.

    Cisco switches are Layer 2 (data link layer) devices. You read more about Cisco switches in Book III.

    Layer 1: Physical

    The physical layer provides the electrical, optical, or over-the-air connection between the sending host device and the receiving host device. This typically involves copper or fiber-optic cabling, or wireless radio connections, patch panels, signal repeaters, submarine cables, or satellites.

    CCNA certification does not require you to be a space science expert. However, you do need to understand that data is always converted into bits that can be transmitted over a medium using electrical current or optical signals that simulate a 1 (signal) or a 0 (no signal).

    In a nutshell, the physical layer defines mechanical, electrical, optical, radio, procedural, and functional standards to enable the transmission of data-link (Layer 2) frames over a certain transmission medium.

    These standards define how a physical link is built, activated, maintained, and deactivated to enable transmissions between DTE (data terminal equipment) and DCE (data communications equipment).

    DTEs are host devices. DCEs are network devices, that is, any device that stands between two host devices.

    Most hubs amplify the electrical signal; therefore, they are really repeaters with several ports. Hubs and repeaters are Layer 1 (physical layer) devices.

    Benefits of the OSI Reference Model

    A layered network model, such as the OSI reference model, has several advantages:

    ♦ Independently operating layers with clearly defined interlayer interfaces allow layers to evolve internally without impact on other layers. As long as a layer continues to interact the same way with upper and lower layers, it can change internally to adapt to new technologies and needs.

    ♦ The network communication problem is divided into smaller problems. By dividing the network communication process into several precise tasks and by assigning a specific layer to each task, it’s easier to manage the whole process. It also allows each layer to specialize to specific network communication contexts. For example, the physical layer constantly changes to support new transmission media. However, other layers do not need to change because the physical layer interacts using the same interfaces with upper layers, even if a new transmission medium is added to the support list. Thus, the network model as a whole can adapt to support new media with localized change at the physical layer only.

    ♦ A network reference model provides a blueprint for all manufacturers, guaranteeing compatibility of varied devices from various manufacturers.

    Prep Test

    1 What is the Open Systems Interconnection (OSI) reference model?

    A A cabling standard that phone and networking companies implement

    B A computer host architecture blueprint that computer device manufacturers implement

    C A network architecture blueprint that network and computer device manufacturers implement

    D A network device architecture blueprint that network device manufacturers implement

    2 How does the OSI reference model guarantee independence of layer functionality?

    A By encapsulating data at each layer and by defining clear interfaces between each layer

    B By allowing network and computer device manufacturers to implement proprietary layers

    C By allowing communication between computer hosts over a network

    D By optimizing the network route between computer hosts

    3 What is the function of the application layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Opens and maintains communication channels, authenticating data communications

    C Converts data, encrypts data, and translates data

    D Manages the user interface and processes data before handing it off to the user

    4 What is the function of the presentation layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Opens and maintains communication channels, authenticating data communications

    C Converts data, encrypts data, and translates data

    D Manages the user interface and processes data before handing it off to the user

    5 What is the function of the session layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Opens and maintains communication channels, authenticating data communications

    C Converts data, encrypts data, and translates data

    D Manages the user interface and processes data before handing it off to the user

    6 What is the function of the transport layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Opens and maintains communication channels, authenticating data communications

    C Converts data, encrypts data, and translates data

    D Manages the user interface and processes data before handing it off to the user

    7 What is the function of the network layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Manages electrical, optical, and over-the-air transmission of data bits

    C Routes data frames locally and manages local physical addressing

    D Routes data packets between networks and manages global logical addressing

    8 What is the function of the data link layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Manages electrical, optical, and over-the-air transmission of data bits

    C Routes data frames locally and manages local physical addressing

    D Routes data packets between networks and manages global logical addressing

    9 What is the function of the physical layer of the OSI reference model?

    A Segments and delivers data, correcting transmission errors

    B Manages electrical, optical, and over-the-air transmission of data bits

    C Routes data frames locally and manages local physical addressing

    D Routes data packets between networks and manages global logical addressing

    Answers

    1 C. A network architecture blueprint that network and computer device manufacturers implement. The Open Systems Interconnection (OSI) reference model is a network architecture blueprint that network and computer device manufacturers implement. Review Introduction to the OSI Reference Model.

    2 A. Encapsulating data at each layer and by defining clear interfaces between each layer. The OSI reference model guarantee independence of layer functionality by encapsulating data at each layer and by defining clear interfaces between each layer. Check the Seven Layers section.

    3 D. Managing the user interface, and processing data before handing it off to the user. The application layer of the OSI reference model manages the user interface, and processes the data before handing it off to the user. Review the Layer 7: Application section.

    4 C. Converting data, encrypting data, and translating data. The presentation layer of the OSI reference model converts, encrypts and translates the data. Review the Layer 6: Presentation section.

    5 B. Opening and maintaining communication channels, authenticating data communications. The session layer of the OSI reference model opens and maintains communication channels, and authenticates data communications. Check Layer 5: Session.

    6 A. Segmenting and delivering data, correcting transmission errors. The transport layer of the OSI reference model segments and delivers the data, and corrects any transmission errors. Review Layer 4: Transport.

    7 D. Routing data packets between networks and managing global logical addressing. The network layer of the OSI reference model routes data packets between networks and manages global logical addressing. Review the Layer 3: Network section.

    8 C. Routing data frames locally and managing local physical addressing. The data link layer of the OSI reference model routes data frames locally and manages local physical addressing. Check out the Layer 2: Data Link section.

    9 B. Managing electrical, optical and over the air transmission of data bits. The physical layer of the OSI reference model manages electrical, optical and over the air transmission of data bits. Review the Layer 1: Physical section.

    Chapter 3: Introducing the TCP/IP Protocol Suite

    Exam Objectives

    Describing the TCP/IP network protocol family

    Describing the purpose and basic operation of each layer in the TCP/IP network protocol family

    Describing the benefits of the TCP/IP network protocol family

    Describing the purpose and basic operation of the protocols in the TCP/IP network protocol family

    Associating network devices to each layer in the TCP/IP network protocol family

    Describing how TCP/IP protocols relate to each layer in the OSI reference model

    Describing connection-oriented and connectionless data transport

    Demonstrating TCP flow control features, such as sequencing, acknowledgments, and the TCP sliding window

    Demonstrating the TCP three-way handshake process

    Describing the purpose and basic operation of TCP ports

    Describing the difference and the relationship between MAC addresses and IP addresses

    Demonstrating the Address Resolution Protocol (ARP)

    Read this chapter to find out about the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. TCP/IP is one of the most important topics on the CCNA test.

    You first look at a diagram of the TCP/IP protocol suite that illustrates how TCP/IP relates to the OSI network reference model. Next, you review each TCP/IP layer and the most common protocols and applications that operate at each layer.

    Introduction to the TCP/IP Protocol Suite

    The Open Systems Interconnection (OSI) reference model is mostly an architecture blueprint for networking and computer device manufacturers. The OSI model has never been implemented exactly as defined. The TCP/IP protocol family is the closest implementation available today. Read the following sections to get acquainted with the TCP/IP protocol stack.

    TCP/IP implements almost the same networking layers as the OSI reference model. However, some TCP/IP protocols work at more than one level.

    Layer 7: Application

    The application layer represents the various network applications such as e-mail reader and Web browser.

    It is important to distinguish between Layer 7 protocols and Layer 7 software applications. For example, you use Web-browsing software to view Web pages that are transferred to your computer using the Hypertext Transfer Protocol (HTTP). Web pages are coded in Hypertext Markup Language (HTML) text format. The Web browser is a Layer 7 network application. The HTTP protocol is a Layer 7 protocol.

    Some TCP/IP protocols at Layer 7

    The following TCP/IP protocols are found at Layer 7:

    SMTP: Simple Mail Transfer Protocol is used to transfer, edit, and display e-mail messages.

    HTTP: Hypertext Transfer Protocol is used to transfer text in HTML format from one host to another. HTML is the Hypertext Markup Language that marks up text with hyperlinks to allow jumping from one text document to another. The Web is based on HTTP and HTML.

    FTP: File Transfer Protocol is used to transfer files between hosts.

    NFS: Network File System is used to share file systems over the network.

    SNMP: Simple Network Management Protocol is used to provide a distributed network management framework to monitor and manage host and network devices over the network.

    DNS: Domain Name System is a protocol that helps keep track of host names and logical (IP) addresses in a network.

    DHCP: Dynamic Host Configuration Protocol is used to assign dynamic logical addresses (IP addresses) to hosts in a network.

    Some TCP/IP software applications at Layer 7

    The following TCP/IP software applications are found at Layer 7:

    E-mail application: This application is used to read, edit, archive, and otherwise manage e-mail messages. E-mail applications typically use SMTP to send and receive e-mails to and from remote hosts. E-mail applications also work at Layer 6, the presentation layer. For example, e-mail applications use the Multipurpose Internet Mail Extensions (MIME) protocol to convert audio, video, picture, graphical, and even software application contents in e-mail messages into a format that can be displayed, rendered, or played on the receiving host. Whenever you send audio or video, your e-mail application also uses MIME to code the audio/video contents within the e-mail message in a format that is easily transferable over the network. Remember that Layer 6 is doing the data conversion.

    Web browser: A browser is used to view Web pages. Web browsers use HTTP to transfer Web pages to and from your computer. Web browsers also work at the presentation layer because they need to convert and render non-HTML format that may be embedded in an HTML Web page. For instance, when you browse a Web page that contains a video-streaming window, the Web page contains code embedded into the HTML text to instruct the Web browser on how to play that video stream. Remember that Layer 6 is doing the data conversion.

    Layer 6: Presentation

    The presentation layer is mostly concerned with data format. It converts the data between different formats so that both the sender and the receiver can use heterogeneous data. Layer 6 protocols and Layer 6 software applications exist. For example, MIME is a Layer 6 protocol that is used by e-mail software programs and Web browsers (Layer 6 applications) to convert e-mail contents that are not text into a data format that can be viewed, rendered, or otherwise processed on the computer host.

    Some TCP/IP protocols at Layer 6

    The following TCP/IP protocols are found at Layer 6:

    MIME: Multipurpose Internet Mail Extensions are used to allow e-mail applications to convert e-mail message contents other than text into a data format that is supported on the receiving host. MIME is also used to code nontext data into an outgoing mail message.

    Unicode: Modern e-mail applications and Web browsers use Unicode at the presentation layer to convert characters between the character set of the sender and the character set of the receiver. Unicode provides a standard way to code characters in different character sets, including multi byte characters for some languages.

    Some TCP/IP software applications at Layer 6

    The following TCP/IP software applications are found at Layer 6:

    E-mail application: E-mail applications use the MIME protocol to convert audio, video, picture, graphical, and even software application contents in e-mail messages.

    Web browser: Browsers also use the MIME protocol to convert non-HTML contents in Web pages.

    Layer 5: Session

    The session layer maintains a logical communication channel between a network application running on the sending host and a network application running on the receiving host. Sometimes the session layer also provides authentication services when sessions are established.

    The following TCP/IP protocols are found at Layer 5:

    Telnet: A protocol used to open login sessions on a computer host.

    RPC: Remote-procedure call protocol is used to allow the execution of procedures (programs) on remote hosts.

    iSCSI: The Internet small computer system interface protocol allows you to send SCSI commands over a TCP/IP network. iSCSI is used to interconnect specialized storage devices and computer hosts using a TCP/IP network.

    Layer 4: Transport

    The transport layer slices up the data to be transmitted into small chunks called data segments that can be easily sent over the network medium. The segments may end up taking different routes to get to their destination. Consequently, they may arrive in different order. The transport layer on the receiving host reorders the data segments. The transport layer also provides some error-detection mechanisms. It also insulates the upper layers from network implementation details below, by providing a generic data transfer protocol to upper layers, no matter how the network is implemented underneath.

    For example, the network layer can be implemented with the Internet Protocol (IP), the AppleTalk protocol, or the Novell Netware IPX protocol. In all cases, the transport layer presents the same interface up to the session layer while using the appropriate network layer protocol underneath.

    Connectionless transport

    Data can be sent between two hosts without establishing a logical connection between sending and receiving hosts. Connectionless transport protocols do not guarantee reliable delivery of data segments. However, they are a bit faster than connection-oriented transport protocols, because they do not need to spend time to establish and maintain connections. User Datagram Protocol (UDP) is a connectionless transport protocol.

    Connection-oriented transport

    A transport protocol that establishes a logical connection between the sending and the receiving hosts is called a connection-oriented transport protocol. Connection-oriented transport protocols usually guarantee reliable delivery of data segments. However, they are a bit slower than connectionless transport protocols, because they need to spend some time to establish and maintain the connection. Transmission Control Protocol (TCP) is a connection-oriented transport protocol.

    Connection-oriented transport involves both creating a logical connection between the sending and the receiving hosts, and an exchange of acknowledgments between the hosts. Data segments are sequenced, allowing them to be sent in any order and reassembled on the receiving host.

    Flow control is also part of connection-oriented reliable data transport. Flow control involves the sender and the receiver coordinating to sustain an optimal data transfer flow: As the receiver processes the data segments, it acknowledges reception to the sender. The sender then sends more segments.

    The most common TCP/IP protocols at Layer 4

    Common TCP/IP protocols at Layer 4 are as follows:

    TCP: Transport Control Protocol is a connection-oriented transport protocol. TCP guarantees reliable transmission.

    UDP: User Datagram Protocol is a connectionless transport protocol. UDP does not guarantee reliable transmission.

    TCP flow control

    The TCP transport protocol is a connection-oriented protocol that can control the flow of data transmission to guarantee reliable transmissions.

    TCP on the sending host establishes a logical connection to TCP on the receiving host. This step is called three-way handshake, call setup, or virtual circuit setup. The sending host and the receiving host use this connection, or virtual circuit, to coordinate their data transfer. The connection is terminated when no more data needs to be transferred. Any host can initiate TCP connections. The host that initiates the TCP connection becomes the sending host. The other host is the receiving host. However, TCP connections allow both hosts to send and receive TCP segments. TCP controls the flow of segments in each direction of a connection independently using sender and receiver sequence numbers.

    Three-way handshake

    The first step to establish a TCP connection involves a three-way handshake. You may also hear the term call setup or virtual circuit setup. These are synonyms. Here is how the three-way handshake process works:

    1. The host that initiates the network communication sends a TCP Synchronize (SYN) message to the receiving host to notify it that it wants to establish a TCP connection. This message contains, among other things, the sender starting sequence number for the TCP transmission.

    2. The starting sequence number is the sequence number of the first TCP segment to transfer from sender to receiver. The sending and the receiving host then negotiate connection parameters.

    3. The receiving host replies with a TCP Synchronize (SYN) message that contains the receiver starting sequence number. This message also sends an acknowledgment (ACK) to the sending host, indicating that the receiving host did receive the first TCP Synchronize message.

    4. The sending host sends back an acknowledgment (ACK) to the receiving host to let it know that it did receive the receiver starting sequence number and that it is ready to send.

    At this point, the bidirectional TCP connection is established. TCP connections are bidirectional, because both hosts send SYN and ACK messages to each other to synchronize and guarantee a reliable data transfer.

    Sequencing and acknowledgments

    TCP connections are bidirectional: They allow both hosts to send and receive TCP segments. TCP controls the flow of segments in each direction of a connection independently using sender and receiver sequence numbers. Thus, TCP connections maintain two sets of sequence numbers: sender sequence numbers and receiver sequence numbers. The sender sequence numbers control the flow of segments sent by the sending host, host Alex in the previous example. The receiver sequence numbers control the flow of segments sent by the receiving host. Each segment that needs to be sent in either direction is sequenced (numbered) within the sender or receiver sequencing set, depending in which direction the segment travels.

    Sequencing is also used to determine the order of the data segments. Data segments need to be reassembled in the correct order when they arrive at the destination on the receiving host, because they can get there in any order, depending on network conditions. TCP on the receiving host uses the sequence number of each data segment to determine its order during reassembly.

    During transmission, errors can occur due to electrical interference, collisions, or link failure. TCP’s use of sequencing and acknowledgments allows not only the control of the bidirectional transfer flow but also the correction of transmission errors by retransmitting segments that are lost or damaged. After a TCP connection is established using the three-way handshake process, TCP uses the positive acknowledgment and retransmission (PAR) process to ensure that all segments are received within a certain time period. Here’s how PAR works:

    1. Sending host starts a timer when it sends a segment. The sending host retransmits the segment if it does not receive a reception acknowledgment after a certain timeout period.

    2. Sending host keeps track of the sequence number of each segment it transmits and expects reception acknowledgments for each one of them.

    3. Receiving host sends acknowledgments back to the sending host for each segment it receives. The acknowledgment contains the sequence number of the next segment expected by the receiving host.

    TCP sliding window

    The TCP sliding window enables hosts to send data segments instead of waiting for acknowledgments before sending the next segment. The TCP sliding window specifies how many segments can be sent before waiting for acknowledgment.

    So far, I’ve talked about TCP window size being measured in segments to keep things simple, but in reality, the TCP window size is measured in bytes.

    remember.eps TCP connection-oriented data transfer involves the following:

    ♦ Performing a three-way handshake to set up the connection, also called a virtual circuit

    ♦ Using sequencing to identify each data segment and its order

    ♦ Using acknowledgments to guarantee data delivery

    ♦ Using bidirectional flow control to coordinate the sending and receiving of segments for optimal data transfer

    UDP simplicity

    The User Datagram Protocol (UDP) is a connectionless transport protocol that does not guarantee reliable transmission. UDP is not as chatty as TCP: Hosts that transfer data using TCP need to exchange many segments just to open a connection during the three-way handshake process. They need to exchange many more segments to acknowledge reception of every single data segment. These flow control data segments add some overhead to TCP transmissions.

    UDP does not add flow control overhead because

    ♦ UDP is connectionless, so there’s no need to send segments to do a three-way handshake to establish a connection.

    ♦ UDP makes no use of sequencing.

    ♦ UDP does not send acknowledgments.

    ♦ UDP does not guarantee reception of data segments.

    Consequently, UDP is faster than TCP and can be good enough in some data-transfer scenarios such as DNS lookups and TFTP transfers. However, despite being chatty, TCP is by far the most widely used transport protocol in TCP/IP networks. It’s nice to have warranty even if it costs a little more.

    TCP/IP ports

    Both TCP and UDP use ports to identify the source and destination network applications that are involved in data transmission.

    Every host has a logical (IP) address and a physical (MAC) address. On the other hand, more than one network application may be running on each host. For example, you can have an e-mail program and a Web browser open at the same time on your host. So, how does your Web browser connect to a Web server, considering that the Web server host has only one IP address and may also be running an e-mail server application? Answer: By using standard TCP/IP ports. A standard TCP/IP port exists for HTTP (the protocol used by Web browsers), a standard TCP/IP port exists for SMTP (the protocol used by some e-mail readers), and so on. All network applications use a TCP/IP port to allow the sending application to connect to the receiving application. Hence, even if you run multiple network applications on the same host, as long as each network application has its own TCP/IP port, a TCP or UDP data transmission can be accomplished.

    TCP/IP ports are defined by the IANA (Internet Assigned Numbers Authority). Here are the port number ranges currently defined:

    0–1023: Well-known TCP/IP ports. These ports are reserved for standard TCP/IP network applications and protocols.

    1024–49151: Registered TCP/IP ports. These ports are reserved for applications that are registered by various corporations. However, many companies today are using the private TCP/IP ports range instead.

    49152–65535: Private TCP/IP ports. These ports are available for anyone to use. Companies that write network applications typically allow the users to configure the TCP/IP ports manually in this port number range. This is a flexible and reliable solution for most network applications.

    Table 3-1 lists some well-known reserved TCP/IP ports.

    Layer 3: Network

    One of the most important functions of network layer devices and protocols is choosing the best route to send packets between hosts. This is called routing. The CCNA certification tests routing knowledge extensively because Cisco routers are the de facto standard today for routing packets at the network level. Consequently, you need to have a good understanding of routing. Routing and Cisco routers are covered in detail in Book IV.

    The network layer also assigns logical addresses (IP addresses) to all devices in the network to be able to identify each source host, each destination host, and each network through which packets need to be routed. Logical addresses are assigned at the network protocol level as opposed to physical addresses, which are assigned on a physical device, such as network card.

    Some TCP/IP protocols at Layer 3

    The following TCP/IP protocols are found at Layer 3:

    IP: Internet Protocol is used to deliver data packets over a packet-switched network from a source host to a destination host based on their respective IP addresses. IP comes in two versions: IP version 4 (IPv4) and IP version 6 (IPv6). IPv4 is currently the most widely used version.

    ICMP: Internet Control Message Protocol is used to send error and status messages about network operations and available services, mostly by host and network devices. The most typical use of ICMP is the ping command, which allows you to verify whether a host or network device is reachable over the IP network from another host or network device.

    IPsec: Internet Protocol Security is used to secure IP data packet deliveries.

    The Internet Protocol (IP) is the most important TCP/IP protocol that operates at the network layer. IP addresses are logical addresses provided by the IP in TCP/IP.

    Hierarchy of IP addresses

    Logical addressing at the network layer is hierarchical:

    ♦ A limited range of IP addresses identifies a few global networks.

    ♦ Global networks interconnect large and medium networks that use another specific range of IP addresses.

    ♦ Large and medium networks interconnect smaller networks that use yet another specific range of IP addresses.

    The hierarchical IP addressing scheme facilitates routing.

    To understand this, think about a real street address, which is composed of the following:

    ♦ Street number

    ♦ Street name

    ♦ Neighborhood name for larger cities

    ♦ City name

    ♦ State name

    ♦ Country name

    Routing at the network layer in computer networks works similarly to courier services:

    ♦ A few extremely large global networks (think countries) interconnect other large networks.

    ♦ Large-sized networks (think states or provinces) interconnect medium-sized networks (think cities).

    ♦ Medium-sized networks interconnect smaller networks (think neighborhoods).

    ♦ Small-size networks interconnect mini-networks (think streets).

    ♦ Finally, computer hosts are found within each of the mini-networks (think street numbers).

    Computer hosts embed the sender and receiver IP address in each data packet they send to another computer:

    ♦ If the receiving computer host is in the same network as the sender (living on the same street), the packet is simply routed locally at the data link layer using the physical address (the MAC address).

    ♦ If the receiving computer host is not in the same network as the sender, the packet is handed off to a gateway to be routed outside the network. A gateway is a router that links a network to another network.

    ♦ The gateway looks at the logical address (IP address) of the receiving computer host and determines in which network it is located (on which street).

    ♦ If the gateway knows about the network of the receiving computer host (it knows the street; it’s in the same city), it sends the data packet to that network.

    ♦ If the gateway does not know the destination network, it hands the packet to the higher-up gateway.

    How does the router know where to send the data packet? Routers keep a routing table in memory. Routing tables keep track of the following:

    ♦ Each network known

    ♦ Router interface through which each network can be reached

    ♦ Metrics associated with each route

    Routers keep one routing table for each protocol, because each protocol has its own addressing scheme and metrics. If you run IP (IPv4), IPv6, and AppleTalk on the same router, that router will keep a routing table for IPv4, a routing table for IPv6, and a routing table for AppleTalk.

    Two types of protocols operate at the network layer: routed protocols and routing protocols:

    Routed protocols are used to route data packets. For example, IP (IPv4) is a routed protocol, and so are IPv6, AppleTalk, IPX, and SNA.

    Routing protocols are used to send route update packets. Route update packets carry information about new networks and new routes. Routers send each other route update packets whenever a new network is created or a new route is enabled. Some of the most common routing protocols are Routing Information Protocol (RIP), RIPv2, Enhanced Interior Gateway Routing Protocol (EIGRP), and Open Shortest Path First (OSPF). Different routing protocols use different metrics to decide which routes are better than others. To keep things simple, in the example, I just show one metric in the routing tables: the number of hop counts. The number of hop counts is the number of networks a data packet has to go through before reaching the destination network. In this case, to reach network 67 from network 25, a data packet needs to go through network 51, thus one hop.

    Layer 2: Data Link

    The data link layer transmits data on a physical medium. This layer also routes data locally to the next hop on the physical network medium. The data link layer uses physical addresses (MAC addresses) assigned to each physical network device in the local network to route data from one physical device to another. These addresses are called Media Access Control (MAC) addresses in TCP/IP. MAC addresses uniquely identify a specific network device, such as a switch or a router, or a network interface card (NIC) in a computer host device.

    The data link layer is defined in TCP/IP by the IEEE 802.X (Ethernet) standard.

    The data link layer receives each packet from the network layer on the sending host and wraps it up in a data frame along with local routing data. The data frame is sent down to the physical layer to code an electrical or optical signal to transmit it over a wire, or over the air (wireless transmission). On the receiving host, the data link layer unwraps the data frame received to extract the packet and sends it up to the network layer.

    Some TCP/IP protocols at Layer 2

    You find the following TCP/IP protocols at Layer 2:

    ARP: Address Resolution Protocol is used to resolve (find) the physical (MAC) address of a host or network device, when only its logical (IP) address is known.

    RARP: Reverse Address Resolution Protocol is used to resolve (find) the logical (IP) address of a host or network device, when only its physical (MAC) address is known.

    CSMA/CD: Carrier sense multiple access collision detect protocol is used to allow the host and network device to share the bandwidth of a given interconnection medium. You find out more about CSMA/CD in Book I.

    Address resolution

    The Address Resolution Protocol (ARP) is used to resolve (find) a physical (MAC) address for a host or network device, when only its logical (IP) address is known.

    Cisco switches are Layer 2 (data link layer) devices.

    Layer 1: Physical

    The physical layer provides the electrical, optical, or over-the-air connection between the sending host device and the receiving host device. This typically involves copper or fiber-optic cabling, or wireless radio connections, patch panels, signal repeaters, submarine cables, or satellites. The physical layer defines the mechanical, electrical, optical, radio, procedural, and functional standards to enable the transmission of data-link (Layer 2) data frames over a certain transmission medium.

    The physical layer is defined in TCP/IP by the IEEE 802.X (Ethernet) standard.

    Prep Test

    1 Which of the following describes a Web browser?

    A Layer 7 (application) protocol

    B Layer 7 software application

    C Layer 6 (presentation) software application

    D All of the above

    2 In connection-oriented transport, which of the following occurs?

    A Sending and receiving hosts exchange TCP acknowledgments.

    B Sending and receiving hosts sequence their TCP segments.

    C Sending and receiving hosts perform a three-way handshake.

    D All of the above.

    3 What does the three-way handshake process allow two hosts to do?

    A Open a bidirectional TCP connection

    B Open a bidirectional IP channel

    C Open a bidirectional UDP session

    D All of the above

    4 What happens whenever a TCP segment is missing at destination?

    A The receiving computer host aborts transmission.

    B The sending computer host aborts transmission.

    C The receiving computer host requests a retransmission.

    D The sending computer host requests a retransmission.

    5 What does the positive acknowledgment and retransmission (PAR) TCP process ensure?

    A That all TCP segments are received within a certain time period

    B That all UDP segments are received within a certain time period

    C That all TCP/IP segments are received within a certain time period

    D That all IP segments are received within a certain time period

    6 What do TCP and UDP ports allow multiple network applications to do?

    A Resolve the MAC address of the computer host they run on

    B Connect to network interface card (NIC) drivers

    C Connect their sending and receiving counterparts on the same sending and receiving computer hosts

    D Resolve the IP address of the computer host they run on

    7 Name one of the main functions of Layer 3 (network layer) TCP/IP protocols.

    A Manage the electrical aspect of network links

    B Choose the best route to send data packets between hosts, even when the hosts are separated by several networks

    C Choose the best route to send data frames between hosts, only when the hosts are located within the same local network

    D All of the above

    8 IP addresses are hierarchical to facilitate which of the following?

    A Counting the number of hosts in a network

    B Counting the number of networks in a network

    C Routing of data packets in local and global networks

    D Routing of data frames in local networks

    9 A routed protocol is a Layer 2 (network layer) protocol that does which of the following?

    A Route data packets

    B Send route update packets

    C Route data packets and send route update packets

    D All of the above

    10 A routing protocol is a Layer 2 (network layer) protocol that does which of the following?

    A Route data packets

    B Send route update packets

    C Route data packets and send route update packets

    D All of the above

    11 What do Media Access Control (MAC) addresses uniquely identify?

    A A specific wide-area network (WAN)

    B A specific local-area network (LAN)

    C A specific network device, such as a switch or a router, or a network interface card (NIC) in a computer host device

    D All of the above

    Answers

    1 B. Layer 7 software application. A Web browser is a Layer 7 software application. Review the Layer 7: Application section.

    2 D. All of the above. In connection-oriented transport, sending and receiving hosts exchange TCP acknowledgments, sequence their TCP segments, and perform a three-way handshake to establish a connection before they start their communication. See TCP flow control.

    3 A. Open a bi-directional TCP connection. The three-way handshake process allows two hosts to open a bi-directional TCP connection. See Three-way handshake.

    4 C. The receiving computer host requests a re-transmission.

    Enjoying the preview?
    Page 1 of 1