Networking Basics

-
Q.What is Network?
Ans: A network is simply a collection of computers or other hardware devices that are connected together, either physically or logically, using special hardware and software, to allow them to exchange information and cooperate. Networking is the term that describes the processes involved in designing, implementing, upgrading, managing and otherwise working with networks and network technologies.

Q.What are The Advantages (Benefits) and Disadvantages (Costs) of Networking?
Ans: Most of the benefits of networking can be divided into two generic categories: connectivity and sharing. Networks allow computers, and hence their users, to be connected together. They also allow for the easy sharing of information and resources, and cooperation between the devices in other ways. Since modern business depends so much on the intelligent flow and management of information, this tells you a lot about why networking is so valuable.
Here, in no particular order, are some of the specific advantages generally associated with networking:
a) Connectivity and Communication
b) Data Sharing
c) Hardware Sharing
d) Internet Access
e) Internet Access Sharing
f) Data Security and Management
g) Performance Enhancement and Balancing
h) Entertainment.

The Disadvantages (Costs) of Networking
Here are a few of the items that balance against the advantages of networking
a) Network Hardware, Software and Setup Costs
b) Hardware and Software Management and Administration Costs
c) Undesirable Sharing
d) Illegal or Undesirable Behavior
f) Data Security Concerns:
Q.Explain Circuit Switching and Packet Switching Networks ?.
Ans:  
Circuit Switching :-  In this networking method, a connection called a circuit is set up between two devices, which is used for the whole communication. Information about the nature of the circuit is maintained by the network. The circuit may either be a fixed one that is always present, or it may be a circuit that is created on an as-needed basis. Even if many potential paths through intermediate devices may exist between the two devices communicating.
The classic example of a circuit-switched network is the telephone system. When you call someone and they answer, you establish a circuit connection and can pass data between you. The next time you call, you get a new circuit, which may (probably will) use different hardware than the first circuit did, depending on what's available at that time in the network.
Packet Switching:-  In this network type, no specific path is used for data transfer. Instead, the data is chopped up into small pieces called packets and sent over the network. The packets can be routed, combined or fragmented, as required to get them to their eventual destination. On the receiving end, the process is reversed—the data is read from the packets and re-assembled into the form of the original data. A packet-switched network is more analogous to the postal system than it is to the telephone system (though the comparison isn't perfect.)

Q.Explain Common Names For Messages ?
 Ans: The most common terms that are used for messages are the following:
Packet: This term is considered by many to most correctly refer to a message sent by protocols operating at the network layer of the OSI Reference Model. So, you will commonly see people refer to “IP packets”. However, this term is commonly also used to refer generically to any type of message.
Datagram: This term is basically synonymous with “packet” and is also used to refer to network layer technologies. It is also often used to refer to a message that is sent at a higher level of the OSI Reference Model.
Frame: This term is most commonly associated with messages that travel at low levels of the OSI Reference Model. In particular, it is most commonly seen used in reference to data link layer messages. It is occasionally also used to refer to physical layer messages, when message formatting is performed by a layer one technology. A frame gets its name from the fact that it is created by taking higher-level packets or datagrams and “framing” them with additional header information needed at the lower level.
Cell: Frames and packets, in general, can be of variable length, depending on their contents; in contrast, a cell is most often a message that is fixed in size. For example, the fixed-length, 53-byte messages sent in Asynchronous Transfer Mode (ATM) are called cells. Like frames, cells usually are used by technologies operating at the lower layers of the OSI model.
Protocol Data Unit (PDU) and Service Data Unit (SDU): These are the formal terms used in the OSI Reference to describe protocol messages. A PDU at layer N is a message sent between protocols at layer N. It consists of layer N header information and an encapsulated message from layer N+1, which is called both the layer N SDU and the layer N+1 PDU.
Q.Explain Headers, Payloads and Footers ?
Ans: Messages are the structures used to send information over networks.Every protocol uses a special formatting method that determines the structure of the messages it employs. Obviously, a message that is intended to connect a Web server and a Web browser is going to be quite different from one that connects two Ethernet cards at a low level.
In generic terms, each message contains the following three basic elements.
Header: Information that is placed before the actual data. The header normally contains a small number of bytes of control information, which is used to communicate important facts about the data that the message contains and how it is to be interpreted and used. It serves as the communication and control link between protocol elements on different devices.
Data: The actual data to be transmitted, often called the payload of the message (metaphorically borrowing a term from the space industry!) Most messages contain some data of one form or another, but some actually contain none: they are used only for control and communication purposes. For example, these may be used to set up or terminate a logical connection before data is sent.
Footer: Information that is placed after the data. There is no real difference between the header and the footer, as both generally contain control fields. The term trailer is also sometimes used.

Q.Explain Unicast, Broadcast and Multicast Messages and Message Addressing Methods ?
Ans: In a networking technology that uses messages to send data, there are a number of tasks that must be undertaken in order to successfully transmit the data from one place to another. One is simply the addressing of the message—putting an address on it so that the system knows where it is supposed to go. Another is transmitting the message, which is of course sending it to its intended recipient.
There are several different ways of addressing and transmitting a message over a network, One way in which messages are differentiated is in how they are addressed, and to how many recipients. Which method is used depends on what the function of the message is, and also on whether or not the sender knows specifically whom they are trying to contact, or only generally.
Message Transmission Methods:- To help explain these different methods, I will use a real-world analogy. Consider a social function with 300 people that is being held in a large hall. These people are mingling and are having different conversations. There are different kinds of messages that may need to be sent in this setting, much as is the case with networks.
Bearing this analogy in mind, consider these three kinds of message transmissions.
Unicast Messages: These are messages that are sent from one device to another device; they are not intended for others. If you have a friend at this social event, this is the equivalent of pulling him or her aside for a private conversation. Of course, there is still the possibility of someone else at the event overhearing your conversation—or even eavesdropping on it. The same is true in networking as well—addressing a message to a particular computer doesn't guarantee that others won't also read it, just that they normally will not do so.
Broadcast Messages: As the name suggests, these messages are sent to every device on a network. They are used when a piece of information actually needs communicating to everyone on the network, or used when the sending station needs to send to just one recipient, but doesn't know its address.
 For example, suppose a new arrival at the social gathering saw a blue sedan with New Hampshire plates in the parking lot that had its lights left on. He of course does not know whose car this is. The best way to communicate this information is to broadcast it by having the host make an announcement that will be heard by all, including the vehicle’s owner. In networks, broadcast messages are used for a variety of purposes, including finding the locations of particular stations or the devices that manage different services.
Multicast Messages: These are a compromise between the previous two types: they are sent to a group of stations that meet a particular set of criteria. These stations are usually related to each other in some way, such as serving a common function, or being set up into a particular multicast group. (Note that one can also consider broadcast messages to be a special case of multicast, where the group is “everyone”.
  
Message Addressing Methods : Since the transmission methods above differ based on how many and which devices receive the transmission, they are tied directly to the methods used for addressing:
Unicast Addressing: Unicast delivery requires that a message be addressed to a specific recipient. This is the most common type of messaging, so this addressing capability is present in almost all protocols.
Broadcast Addressing: Broadcasts are normally implemented via a special address that is reserved for that function. Whenever devices see a message sent to that address, they all interprets it as meaning “this message goes to everyone”.
Multicast Addressing: Multicasts are the most complex type of message because they require a means of identifying a set of specific devices to receive a message. It is often necessary to create several such groups, which may or may not partially overlap in their membership. Some mechanism is needed to manage which devices are in which groups.
Q.Explain Connection-Oriented and Connectionless Protocols  ?
Ans: Protocols are divided into two categories based on their use of connections:
Connection-Oriented Protocols: These protocols require that a logical connection be established between two devices before transferring data. This is generally accomplished by following a specific set of rules that specify how a connection should be initiated, negotiated, managed and eventually terminated. Usually one device begins by sending a request to open a connection, and the other responds. They pass control information to determine if and how the connection should be set up. If this is successful, data is sent between the devices. When they are finished, the connection is broken.eg.TCP/IP
Connectionless Protocols: These protocols do not establish a connection between devices. As soon as a device has data to send to another, it just sends it.eg.UDB

Q.What Is the Difference Between Bits and Bytes?
 Ans: The terms bit and byte are common in computer networking. Both terms refer to digital data transmitted over a network connection. For example, bits and bytes both may represent network addresses or port numbers.
A bit is a single numeric value, either '1' or '0', that encodes a single unit of digital information. A byte is a sequence of bits; usually eight bits equal one byte.
 For example, in Internet Protocol (IP) networking, IP addresses contain 32 bits or 4 bytes. The bits encode the network address so that it can be shared on the network. The bytes divide the bits into groups.
The IP address 192.168.0.1, for instance, is encoded with the following bits and bytes:
    11000000 10101000 00000000 00000001
Bits are grouped into bytes to, generally speaking, increase the efficiency of computer hardware, including network equipment, disks and memory. 



Q.What is Packets and how packets travel?.

 Ans: The transfer of data from one place to another place in the form of digital signals and this data is broken into small data segment before being transmitted from one computer to another computer. These small data segments are called packets. Each packets contains the information about its source and destination (sender's and receiver's information). A normal packets size between 1000 to 1500 bytes. The packets  send to its destination using best possible path and this makes a network more efficient.The data transmission protocols perform the data sequencing, data routing, flow control and error controls functions for the efficient and error free transmission of data. A protocol set the long message size into suitable packets size for error free communication and find the most suitable path between the sender and receiver before sending. At the end function of protocol to detect and recover errors for successful data communication between both ends.


Normally a packets are divided into three main parts:


Payload: It is the part of the packet that contains the body of data or actual part of data.. This is the actual data that the packet is delivering to the destination. If a packet is fixed-length, then the payload may be padded with blank information to make it the right size.


Trailer: he trailer, sometimes called the footer, typically contains a couple of bits that tell the receiving device that it has reached the end of the packet. It may also have some type of error checking,in other words it is used to check the errors in packet at destination. The most common error checking used in packets is Cyclic Redundancy Check (CRC). CRC is pretty neat. Here is how it works in certain

computer networks: It takes the sum of all the 1s in the payload and adds them together. The result is stored as a hexadecimal value in the trailer. The receiving device adds up the 1s in the payload and compares the result to the value stored in the trailer. If the values match, the packet is good. But if the values do not match, the receiving device sends a request to the originating device to resend the packet.
Header: It contains the information about type of data, the sender and receiver of data, and the actual sequence of data so that at destination multiple packets can be assembled in proper order.
e.g. : As an example, let's look at how an e-mail message might get broken into packets. Let's say that you send an e-mail to a friend. The e-mail is about 3,500 bits (3.5 kilobits) in size. The network you send it over uses fixed-length packets of 1,024 bits (1 kilobit). The header of each packet is 96 bits long and the trailer is 32 bits long, leaving 896 bits for the payload. To break the 3,500 bits of message into packets, you will need four packets (divide 3,500 by 896). Three packets will contain 896 bits of payload and the fourth will have 812 bits. Here is what one of the four packets would contain:
Each packet's header will contain the proper protocols, the originating address (the IP address of your computer), the destination address (the IP address of the computer where you are sending the e-mail)
and the packet number (1, 2, 3 or 4 since there are 4 packets). Routers in the network will look at the destination address in the header and compare it to their lookup table to find out where to send the

packet. Once the packet arrives at its destination, your friend's computer will strip the header and trailer off each packet and reassemble the e-mail based on the numbered sequence of the packets.
Q.What are  Basic Communication Modes of Operation ?
 Ans:Let's begin with a look at the three basic modes of operation that can exist for any network connection, communications channel, or interface.
Simplex Operation :-  In simplex operation, a network cable or communications channel can only send information in one direction; it's a “one-way street”. This may seem counter-intuitive: what's the point of communications that only travel in one direction? In fact, there are at least two different places where simplex operation is encountered in modern networking.
The first is when two distinct channels are used for communication: one transmits from A to B and the other from B to A. This is surprisingly common, even though not always obvious. For example, most if not all fiber optic communication is simplex, using one strand to send data in each direction. But this may not be obvious if the pair of fiber strands are combined into one cable.
Simplex operation is also used in special types of technologies, especially ones that are asymmetric. For example, one type of satellite Internet access sends data over the satellite only for downloads, while a regular dial-up modem is used for upload to the service provider. In this case, both the satellite link and the dial-up connection are operating in a simplex mode.
Half-Duplex Operation:- Technologies that employ half-duplex operation are capable of sending information in both directions between two nodes, but only one direction or the other can be utilized at a time. This is a fairly common mode of operation when there is only a single network medium (cable, radio frequency and so forth) between devices.
While this term is often used to describe the behavior of a pair of devices, it can more generally refer to any number of connected devices that take turns transmitting. For example, in conventional Ethernet networks, any device can transmit, but only one may do so at a time. For this reason, regular (unswitched) Ethernet networks are often said to be “half-duplex”, even though it may seem strange to describe a LAN that way.
Full-Duplex Operation :-  In full-duplex operation, a connection between two devices is capable of sending data in both directions simultaneously. Full-duplex channels can be constructed either as a pair of simplex links (as described above) or using one channel designed to permit bidirectional simultaneous transmissions. A full-duplex link can only connect two devices, so many such links are required if multiple devices are to be connected together.
Note that the term “full-duplex” is somewhat redundant; “duplex” would suffice, but everyone still says “full-duplex” (likely, to differentiate this mode from half-duplex).

Q.Comparing Half-Duplex and Full-Duplex Operation?
Ans: Out Of these three options, full-duplex is obviously the one that yields the highest performance. Full-duplex operation doubles the theoretical bandwidth of the connection. If a link normally runs at 1 Mbps but can work in full-duplex mode, it really has 2 Mbps of bandwidth (1 Mbps in each direction). Remember the key word “theoretical” however—you do not really get double the performance in real life, because communications usually do not involve sending lots of data in both directions at once. However, you certainly get better throughput than in a half-duplex mode.
In some cases, the mode of operation is a function of the technology and cannot be changed. In others, however, full-duplex mode is a matter of the correct hardware settings, and also whether the software supports full-duplex operation or not. Thus, getting higher performance in this area is sometimes simply a matter of ensuring proper configuration.
Full-duplex operation has been pretty much taken for granted in communications for years. The more interesting development has been the rise in significance of full-duplex operation for local area networking. Traditionally, LANs have always used half-duplex operation on a shared access medium. As the use of switches has increased, allowing dedicated bandwidth to each computer, full-duplex operation has become very popular. Full-duplex operation in Ethernet not only allows the simultaneous transmission of data in both directions, it also eliminates contention for the formerly shared access medium—no more collisions. The combination of these two effects improves performance, sometimes substantially.

Q.What is IP Addresses ?
Ans:To keep all of these machines straight, each machine on the Internet is assigned a unique address called an IP address. IP stands for Internet protocol, and these addresses are 32-bit numbers, normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this:
216.27.61.137
The four numbers in an IP address are called octets because they can have values between 0 and 255, which is 28 possibilities per octet.
Every machine on the Internet has a unique IP address. A server has a static IP address that does not change very often. A home machine that is dialing up through a modem often has an IP address that is  assigned by the ISP when the machine dials in. That IP address is unique for that session -- it may be different the next time the machine dials in. This way, an ISP only needs one IP address for each modem it supports, rather than for each customer.
On a UNIX machine, type nslookup at the command prompt, along with a machine name, like www.eduinkerala.com -- e.g. "nslookup www.eduinkerala.com" -- to display the IP address of the machine, and you can use the command hostname to learn the name of your machine. (For more information on IP addresses, see IANA.) As far as the Internet's machines are concerned, an IP address is all you need to talk to a server. For example, in your browser, you can type the URL http://182.18.135.36 and arrive at the machine that contains the Web server for www.eduinkerala.com. On some servers, the IP address alone is not sufficient, but on most large servers it is.

Q: What Is a Default Gateway?.
Ans: In computer networking, a default gateway is the device that passes traffic from the local subnet to devices on other subnets. The default gateway often connects a local network to the Internet, although internal gateways for local networks also exist.

Internet default gateways are typically one of two types:
On home or small business networks with abroadband router  to share the Internet connection, the home router serves as the default gateway.
 On home or small business networks without a router, such as for residences with dialup Internet access, a router at the Internet Service Provider location serves as the default gateway.
Default network gateways can also be configured using an ordinary computer instead of a router. These gateways use two network adapters, one connected to the local subnet and one to the outside network. Either routers or gateway computers can be used to network local subnets such as those in larger businesses.  


Q.What is Subnet Mask? 
Ans:  An IP address has two components, the network address and the host address. A subnet mask separates the IP address into the network and host addresses (<network><host>). Subnetting further divides the host part of an IP address into a subnet and host address (<network><subnet><host>). It is called a subnet mask because it is used to identify network address of an IP address by perfoming bitwise AND operation on the netmask.
A Subnet mask is a 32-bit number that tells the IP  belongs to which subnet. Subnet Mask is made by setting network bits to all "1"s and setting host bits to all "0"s. Within a given network, two host addresses are reserved for special purpose. The "0" address is assigned a network address and "255" is assigned to a broadcast address, and they cannot be assigned to a host.
Examples of commonly used netmasks for classed networks are 8-bits (Class A), 16-bits (Class B) and 24-bits (Class C), and classless networks are as follows:

Class
Address
# of Hosts
Netmask (Binary)
Netmask (Decimal)

CIDR
/4
240,435,456
11110000 00000000 00000000 00000000
240.0.0.0

CIDR
/5
134,217,728
11111000 00000000 00000000 00000000
248.0.0.0

CIDR
/6
67,108,864
11111100 00000000 00000000 00000000
252.0.0.0

CIDR
/7
33,554,432
11111110 00000000 00000000 00000000
254.0.0.0

A
/8
16,777,216
11111111 00000000 00000000 00000000
255.0.0.0

CIDR
/9
8,388,608
11111111 10000000 00000000 00000000
255.128.0.0

CIDR
/10
4,194,304
11111111 11000000 00000000 00000000
255.192.0.0

CIDR
/11
2,097,152
11111111 11100000 00000000 00000000
255.224.0.0

CIDR
/12
1,048,576
11111111 11110000 00000000 00000000
255.240.0.0

CIDR
/13
524,288
11111111 11111000 00000000 00000000
255.248.0.0

CIDR
/14
262,144
11111111 11111100 00000000 00000000
255.252.0.0

CIDR
/15
131,072
11111111 11111110 00000000 00000000
255.254.0.0

B
/16
65,534
11111111 11111111 00000000 00000000
255.255.0.0

CIDR
/17
32,768
11111111 11111111 10000000 00000000
255.255.128.0

CIDR
/18
16,384
11111111 11111111 11000000 00000000
255.255.192.0

CIDR
/19
8,192
11111111 11111111 11100000 00000000
255.255.224.0

CIDR
/20
4,096
11111111 11111111 11110000 00000000
255.255.240.0

CIDR
/21
2,048
11111111 11111111 11111000 00000000
255.255.248.0

CIDR
/22
1,024
11111111 11111111 11111100 00000000
255.255.252.0

CIDR
/23
512
11111111 11111111 11111110 00000000
255.255.254.0

C
/24
256
11111111 11111111 11111111 00000000
255.255.255.0

CIDR
/25
128
11111111 11111111 11111111 10000000
255.255.255.128

CIDR
/26
64
11111111 11111111 11111111 11000000
255.255.255.192

CIDR
/27
32
11111111 11111111 11111111 11100000
255.255.255.224

CIDR
/28
16
11111111 11111111 11111111 11110000
255.255.255.240

CIDR
/29
8
11111111 11111111 11111111 11111000
255.255.255.248

CIDR
/30
4
11111111 11111111 11111111 11111100
255.255.255.252


Subnetting an IP network is to separate a big network into smaller multiple networks for reorganization and security purposes. All nodes (hosts) in a subnetwork see all packets transmitted by any node in a network. Performance of a network is adversely affected under heavy traffic load due to collisions and retransmissions.
Applying a subnet mask to an IP address separates network address from host address. The network bits are represented by the 1's in the mask, and the host bits are represented by 0's. Performing a bitwise logical AND operation on the IP address with the subnet mask produces the network address. For example, applying the Class C subnet mask to our IP address 216.3.128.12 produces the following network address:
IP:   1101 1000 . 0000 0011 . 1000 0000 . 0000 1100  (216.003.128.012)
Mask: 1111 1111 . 1111 1111 . 1111 1111 . 0000 0000  (255.255.255.000)
      ---------------------------------------------
      1101 1000 . 0000 0011 . 1000 0000 . 0000 0000  (216.003.128.000)

Subnetting Network 
Here is another scenario where subnetting is needed. Pretend that a web host with a Class C network needs to divide the network so that parts of the network can be leased to its customers. Let's assume that a host has a network address of 216.3.128.0 (as shown in the example above). Let's say that we're going to divide the network into 2 and dedicate the first half to itself, and the other half to its customers.
   216 .   3 . 128 . (0000 0000)  (1st half assigned to the web host)
   216 .   3 . 128 . (1000 0000)  (2nd half assigned to the customers)
The web host will have the subnet mask of 216.3.128.128 (/25). Now, we'll further divide the 2nd half into eight block of 16 IP addresses.
   216 .   3 . 128 . (1000 0000)  Customer 1 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1001 0000)  Customer 2 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1010 0000)  Customer 3 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1011 0000)  Customer 4 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1100 0000)  Customer 5 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1101 0000)  Customer 6 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1110 0000)  Customer 7 -- Gets 16 IPs (14 usable)
   216 .   3 . 128 . (1111 0000)  Customer 8 -- Gets 16 IPs (14 usable)
   -----------------------------
   255 . 255 . 255 . (1111 0000)  (Subnet mask of 255.255.255.240)

CIDR - Classless Inter Domain Routing 
Classless InterDomain Routing (CIDR) was invented to keep the Internet from running out of IP Addresses. The IPv4, a 32-bit, addresses have a limit of 4,294,967,296 (232) unique IP addresses. The classful address scheme (Class A, B and C) of allocating IP addresses in 8-bit increments can be very wasteful. With classful addressing scheme, a minimum number of IP addresses allocated to an organization is 256 (Class C). Giving 256 IP addresses to an organization only requiring 15 IP addresses is wasteful. Also, an organization requiring more than 256 IP addresses (let's say 1,000 IP addresses) is assigned a Class B, which allocates 65,536 IP addresses. Similarly, an organization requiring more than 65,636 (65,634 usable IPs) is assigned a Class A network, which allocates 16,777,216 (16.7 Million) IP addresses. This type of address allocation is very wasteful.
With CIDR, a network of IP addresses is allocated in 1-bit increments as opposed to 8-bits in classful network. The use of a CIDR notated address can easily represent classful addresses (Class A = /8, Class B = /16, and Class C = /24). The number next to the slash (i.e. /8) represents the number of bits assigned to the network address. The example shown above can be illustrated with CIDR as follows:
   216.3.128.12, with subnet mask of 255.255.255.128 is written as
   216.3.128.12/25
 
   Similarly, the 8 customers with the block of 16 IP addresses can be
   written as:
 
   216.3.128.129/28, 216.3.128.130/28, and etc.
With an introduction of CIDR addressing scheme, IP addresses are more efficiently allocated to ISPs and customers; and hence there is less risk of IP addresses running out anytime soon. For detailed specification on CIDR, please review RFC 1519. With introduction of additional gaming, medical, applicance and telecom devices requiring static IP addresses in addition to more than 6.5 billion (July 2006 est.) world population, the IPv4 addresses with CIDR addressing scheme will eventually run out. To solve shortage of IPv4 addresses, the IPv6 (128-bit) address scheme was introduced in 1993.


Q.Explain Open Systems Interconnection (OSI) model?
 Ans: The OSI Reference Model provides the basis for understanding how technologies like Ethernet and HomePNA have some important similarities; it explains how a PC can  communicate using any of several different sets of protocols, even simultaneously; it is an important part of understanding the differences between interconnection devices such as repeaters, hubs, bridges, switches and routers; and it also explains how many WAN technologies interoperate.

The OSI Reference Model is comprised of seven conceptual layers, each assigned a “ranking” number from one to seven. The layer number represents the position of the layer in the model as a whole, and indicates how “close” the layer is to the actual hardware used to implement a network. The first and lowest layer is the physical layer, which is where low-level signaling and hardware are implemented. The seventh and highest layer is the application layer, which deals with high-level applications employed by users: both end users and the operating system software.

You can see that as we proceed from the first layer to the seventh, we move up the layer stack and in so doing, increase our level of abstraction. This means that the higher a layer is in the stack, the more it deals with logical concepts and software, and the less it deals with the hardware of a network and the “nuts and bolts” of making it work.

The first layer is the most concrete, as it deals with the actual hardware of networks, and the specific methods of sending bits from one device to another. It is the domain of hardware engineers and signaling experts. The second layer is a bit more abstract but still deals with signaling and hardware. As you proceed through the third, fourth and subsequent layers, the technologies at those layers become increasingly abstract. By the time you reach the seventh layer, you are no longer dealing with hardware or even operating system concepts very much; you are in the realm of the user and high-level programs that rely on lower levels to do the “heavy lifting” for them.

The OSI Reference Model does not formally assign any relationship between groups of adjacent layers. However, to help explain how the layers work, it is common to categorize them into two layer groupings:

  Lower Layers (Layers 1, 2, 3 and 4): The lower layers of the model—physical, data link, network and transport—are primarily concerned with the formatting, encoding and transmission of data over the network. They don't care that much about what the data is or what it is being used for, just about moving it around. They are implemented in both hardware and software, with the transition from hardware to software occurring as you proceed up from layer 1 to layer 4.

 Upper Layers (Layers 5, 6 and 7): The higher layers of the model—session, presentation and application—are the ones that are concerned primarily with interacting with the user, and implementing the applications that run over the network. The protocols that run at higher layers are less concerned with the low-level details of how data gets sent from one place to another; they rely on the lower layers to provide delivery of data. These layers are almost always implemented as software running on a computer or other hardware device.

 The OSI Reference Model divides networking functions into a stack of seven layers, numbered 1 through 7 from the bottom up. To help illustrate the differing levels of abstraction between layers near the top and those on the bottom, they are sometimes divided into two layer groupings—the lower layers and the upper layers. Of course, not everyone agrees on exactly how the division should be accomplished. In particular, the transport layer is sometimes considered an upper layer and sometimes a lower layer.



7) .Application Layer : The application layer provider different services to the application. Example of services provided by this layer are file transfer, electronic messaging e-mail, virtual terminal access and network management.

6) Presentation Layer : The Presentation layer is responsible for protocol conversion, date encryption/decryption, Expanding graphics command and the date compression.

This layer makes the communications between two host possible.

5) Session Layer : This layer is responsible for establishing the process-to-process communication between the host in the network. This layer is responsible for establishing and ending the sessions across the network. The interactive login is an example of services provided by this layer in which the connective are re-connected in care of any interruption.

4) Transport Layer : This layer is responsible for end-to-end delivers of messages between the networked hosts. It first divides the streams of data into chunks or packets before transmission and  then the receiving computer re-assembles the packets. It also guarantee error free data delivery without loss or duplications.

3) Network Layer : This layer is responsible for translating the logical network address and names into their physical address ( MAC address). This layer is also responsible for addressing, determining routes for sending and managing network problems such as packet switching, data congestion and routines.

2) Data Link Layer : Data link layer is responsible for controlling the error between adjacent nodes and transfer the frames to other computer via physical layer. Data link layer is used by hubs and switches for their operation.

1) Physical Layer : Physical  Layer is responsible for transmitting row bit stream over the physical cable. The physical layer defines the hardware items such as cables, cards, voltages etc.

Q.How to remember the layer of OSI model?
Ans:The easiest way to remember the different layers of OSI Model is to use the mnemonic "All people seem To need Data Processing":


Layer Name
Mnemonic
7 Application All
6 Presentation People
5 Session Seem
4 Transport To
3 Network Need
2 Data Link Data
1 Physical Processing


Q.How Trace Route Works: TTLs?
Ans: "Traceroute'' is a network debugging utility that attempts to trace the path a packet takes through the network - its route. A key word here is ``attempts'' - by no means does traceroute work in all cases

TTL stands for Time To Live. When a TCP packet is sent, its TTL is set, which is the number of routers (hops) it can pass through before the packet is discarded. As the packet passes through a router the TTL is decremented until, when the TTL reaches zero, the packet is destroyed and an ICMP "time exceeded" message is returned. The return message's TTL is set by the terminating router when it creates the packet, and decremented normally.

Trace Route works by setting the TTL for a packet to 1, sending it towards the requested destination host, and listening for the reply. When the initiating machine receives a "time exceeded" response, it examines the packet to determine where the packet came from - this identifies the machine one hop away. Then the tracing machine generates a new packet with TTL 2, and uses the response to determine the machine 2 hops away, and so on.

Unfortunately not all TCP stacks behave correctly. Some TCP stacks set the TTL for the ICMP "time exceeded" message to that of the message being killed. So if the TTL is 0, the packet will be killed by the next machine to which it is passed. This can have two effects on a trace. If the computer is an intermediate machine in the trace, the entry will remain blank. No information is returned to the machine conducting the trace because the "time exceeded" message never makes it back. If the machine you are doing a trace to has this bug in its TCP stack, return packets won't reach the originating machine unless the TTL is high enough to cover the round trip. So Trace Route will show a number of failed connections equal to n (the number of hops to the destination machine) minus 1.

Q.How Ping Works?
Ans:"Ping" (Packet INternet Groper) is without a doubt the best-known network administration tool. It is one of the simplest tools, because all it does is send packets to check if a remote machine is responding and, by extension, if it is accessible over the network.
PING is an application that makes use of the Internet Control Message Protocol (ICMP) protocol, and allows the user to test the reachability of another host:
Given a host A and a host B. The host B is reachable from host A, if (IP) packets send by host A arrive at host B and can/are being processed by host B.
If a host is unreachable, there can be either a problem with the communication path (i.e. there is no communication path) or the other host may be down. Further diagnostics is needed, one can use for instance TRACEROUTE for this purpose.
Ping relies on the ICMP protocol, which is used to diagnose transmission conditions. For this reason, it uses two types of protocol messages (out of the 18 offered by ICMP):

Type 0, which corresponds to an "echo request" command, sent by the source machine;

Type 8, which corresponds to an "echo reply" command, sent by the target machine.

At regular intervals (by default, every second), the source machine (the one running the ping command) sends an "echo request" to the target machine. When the "echo reply" packet is received, the source machine displays a line containing certain information. If the reply is not received, a line saying "request timed out" will be shown.
The Internet Ping program works much like a sonar echo-location, sending a small packet of information containing an ICMP ECHO_REQUEST to a specified computer, which then sends an ECHO_REPLY packet in return. The IP address 127.0.0.1 is set by convention to always indicate your own computer. Therefore, a ping to that address will always ping yourself and the delay should be very short. This provides the most basic test of your local communications.
The PING application uses ICMP messages to test the reachability, such ICMP messages are encapsulated in IP packets. The PING application uses two ICMP messages: the ICMP echo request message, and the ICMP echo reply message.
When a PING message is received by the receiving host, it sends back an echo reply message in which the identifier, sequence number and optional data field are left unchanged.  The identifier field in the ICMP echo reply message is used to allow identification of the PING process running at the sending host.  By the sequence number field the sending host can keep track of for which ICMP echo request messages a reply massage has been received. The optional data field is used to store the time at which the ICMP echo request message has been send. On receipt of the associated reply message the sending host can determine the time that was needed for the packet to traval through the Internet to the target host and back again: i.e. the round trip time (RTT).

Q.Explain  DIG command  with Example ?
 
Ans: dig is a command-line tool for querying DNS name servers for information about host addresses, mail exchanges, name servers, and related information.
 

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> www.eduinkerala.com;; global options:  printcmd
 
The opening section of dig’s output tells us a little about itself (version 9.2.3) and the global options that are set (in this case, printcmd). This part of the output can be quelled by using the +nocmd option, but only if it’s the very first argument on the command line (even preceding the host you’re querying).
 
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41369
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 4
 

Here, dig tells us some technical details about the answer received from the DNS server. This section of the output can be toggled using the +[no]comments option—but beware that disabling the comments also turns off many section headers.
 
;; QUESTION SECTION:
;www.eduinkerala.com.           IN      A
 
In the question section, dig reminds us of our query. The default query is for an Internet address (A). You can turn this output on or off using the +[no]question option.

;; ANSWER SECTION:www.eduinkerala.com.    14400   IN      CNAME   eduinkerala.com.
eduinkerala.com.        14386   IN      A       182.18.135.36
 

Finally, we get our answer: the address of www.eduinkerala.com  is 182.18.135.36. I don’t know why you’d ever want to turn off the answer, but you can toggle this section of the output using the +[no]answer option.
 
 
a.Get the address(es) for eduinkerala.com
 
#dig www.eduinkerala.com A +noall +answer
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> www.eduinkerala.com A +noall +answer
;; global options:  printcmdwww.eduinkerala.com.    13215   IN      CNAME   eduinkerala.com.
eduinkerala.com.        13201   IN      A       182.18.135.36
 
b.Get a list of eduinkerala.com mail servers.
 
#dig www.eduinkerala.com MX +noall +answer
 
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> www.eduinkerala.com MX +noall +answer
;; global options:  printcmdwww.eduinkerala.com.    13168   IN      CNAME   eduinkerala.com.
eduinkerala.com.        14400   IN      MX      0 mx.eduinkerala.com.
eduinkerala.com.        14400   IN      MX      0 eduinkerala.com.
 

c. get a list of DNS servers authoritative for eduinkerala.com.
 
#dig www.eduinkerala.com NS +noall +answer
 
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> www.eduinkerala.com NS +noall +answer
;; global options:  printcmdwww.eduinkerala.com.    13141   IN      CNAME   eduinkerala.com.
eduinkerala.com.        85142   IN      NS      ns2.quick2host.co.in.
eduinkerala.com.        85142   IN      NS      ns1.quick2host.co.in.
 
d.Get ANY

#dig www.eduinkerala.com ANY +noall +answer
 
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> www.eduinkerala.com ANY +noall +answer
;; global options:  printcmdwww.eduinkerala.com.    13098   IN      CNAME   eduinkerala.com.
 
 
e. More obscurely, for the present anyway, you can also poll for a host’s IPv6 address using the AAAA option.
 
 #dig www.eduinkerala.com AAAA +short
   eduinkerala.com.
 
f. Get a short answer
 
#dig www.eduinkerala.com MX  +short
eduinkerala.com.
0 eduinkerala.com.
0 mx.eduinkerala.com.
 
g.Get long answer.
 
According to its man page, the +multiline option will give you an answer with “the SOA records in a verbose multi-line format with human-readable comments.” In general, the answers retrieved using the +multiline option will appear more like BIND config files than they will without it.
 
#dig +nocmd eduinkerala.com any +multiline +noall +answer
eduinkerala.com.        84932 IN NS ns1.quick2host.co.in.
eduinkerala.com.        84932 IN NS ns2.quick2host.co.in.
eduinkerala.com.        14164 IN MX 0 mx.eduinkerala.com.
eduinkerala.com.        14164 IN MX 0 eduinkerala.com.
eduinkerala.com.        12917 IN A 182.18.135.36
 
h.Query a different nameserver.
 
#dig @ns1.quick2host.co.in. www.eduinkerala.com
 
If you want to look up a large number of hostnames, you can put them in a file (one name per line) and use the -f option to query each one in turn.
 
#dig -f /path/to/host-list.txt
 
# the same, with more focused output
dig -f /path/to/host-list.txt +noall +answer
 

i.Perhaps you’re a devotee of trace route and like to watch how to get from point A to point B. You can do a similar thing with dig’s +trace option.
 
#dig eduinkerala.com +trace
 
j.Use the -x option to lookup the main hostname associated with an IP address.
 
#dig -x 182.18.135.36 +short
ns1.quick2host.co.in.


Comments

Post a Comment

Popular posts from this blog

Docker ,MakeFile and Jenkins pipeline

-
How to create a re-usable MakeFile for build, push and deploy docker containers? and automate build using Jenkins pipeline.? Typing a long docker commands is always a pain.We can create a script to help us out. Bash can be used here, but using a Makefile for more convenient than script, as the syntax is easy to get started with. Clone below repo [ MakeFile_repo ] and go to the directory.  git clone git@github.com:Prashanth-Pullaikodi/Makefile_Docker_Build.git Repo contains below files and folders. 1. MakeFile: Contains make configuration to build, push and deploy containers. Inorder to run the make command you needs to have docker installed and docker hub account . 2. Nginx: Contains Dockerfile to build NGINX . 3. Jenkinsfile: Contains CD pipile line defintion of automating this build ,push deploy task. Inorder have to use this file you needs to have Jenkins installed and configured with pipeline ,Git plugins. You can use Makefile without Jenkins as well . Makefile
Read more

Continuous Deployment - Jenkins , Capistrano And Docker.

-
How to integrate Capistrano with Docker for deployment? Lets start with small introduction about 'Capistrano' . Capistrano is a framework for building automated deployment scripts on remote node.Its an open source tool which is written in Ruby, but it can easily be used to deploy any language. Basically capistrano installed to and runs from your working computer. When you command Capistrano to do something on a server, it connects to the server via SSH and works there using shell commands. Lets see how the directory structure of capistrano looks like.If you are running capistrano first time ,you run below commands to initialise it,Which will create directory structure for you. $ mkdir capistrano/ $ cd capistrano/ $ cap install - mkdir -p config/deploy - create config/deploy.rb - create config/deploy/staging.rb - create config/deploy/production.rb - mkdir -p lib/capistrano/tasks - create Capfile - Capified To understand m
Read more

Infrastructure As Code - Terraform and AWS.

-
Build AWS infrastructure using Terraform Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions. Here i use "AWS" provider to build the infrastructure using terraform but Terraform can manage many providers, including multiple providers in a single configuration, check here for list of providers  https://www.terraform.io/docs/providers/index.html  . If you don't have an AWS account, create one now. For the getting started guide, we'll only be using resources which qualify under the AWS free-tier, meaning it will be free.Make sure to select the free tier ami before building the infrastructure, which will be discussed later in this document. Terraform uses text files to describe infrastructure and to set variables. These text files are called Terraform configurations and end in .tf . Refer For more information about con
Read more