We began this chapter with a look at the importance of network models, including the reasons for their modular nature. A look at the OSI model stressed the importance of understanding the concept of layered communication, protocol data units, and the functions of each layer. Do not underestimate the importance of remembering not only the various functions of each, but also the protocols, data units, services, and types of equipment found at each layer.
A look at the TCP/IP model provided a comparison with the OSI model, including the mappings between the layers of each. Examining the data encapsulation process helped to provide perspective on how a real network protocol goes about preparing data for network transmission.
Finally, an overview of the Cisco network design model provided insight into Cisco’s perspective on the proper design of hierarchical networks. Be sure to understand not only the layers but also the equipment and functional details of each.
When it comes to network design, you’re pretty much left with two options – a flat design, or one that involves some type of hierarchy. A flat design can be very limiting in terms of performance and scalability, and in all but the smallest networks would not be recommended. For example, on a flat network issues like broadcast traffic can quickly overwhelm network systems and negatively impact performance. In contrast, a hierarchical design will allow for unique divisions of responsibility to be created on the network. Thus a higher degree of performance, reliability, scalability and security can be achieved. The Cisco network design model is a reference model for creating hierarchical networks that attempts to account for these factors, while also providing an insight as to where different network elements should be deployed and why.
The Cisco network design model consists of three layers. These include:
- The Core Layer
- The Distribution Layer
- The Access Layer
Figure: Cisco Hierarchical Network Design Model
The core layer describes what is often referred to as the network backbone. Its main responsibility is ensuring that data is passed at high speeds between different sites. Because of this high-speed requirement, the backbone should usually make use of switching technologies instead of routing. While we’ll look at the differences between switching and routing in later chapters, for now it is sufficient to say that switching is significantly faster than routing.
The core layer should also provide a high degree of reliability and fault tolerance. This is usually implemented using higher-end equipment and redundant links. For the most part, the core layer should not be scaled to include additional equipment if performance is deteriorating. In such cases, backbone switches should be replaced with better performing models. By replacing equipment, the core layer maintains a constant diameter, helping to avoid the introduction of additional latency.
As a general rule, anything that slows down performance should be kept away from the core layer. Beyond routing, this also means avoiding features such as access lists, firewall and intrusion detection system (IDS) sensors – these inspect traffic based on network addresses and applications, and can negatively impact performance.
The primary reason for looking at any network model is to better understand how systems communicate. In real-life, network communication requires that data be encapsulated by the sender, transmitted over the network, and then de-encapsulated by the receiver. This is best illustrated by looking at what happens when one system running TCP/IP sends data to another. The list below outlines 5 simplified steps in a typical TCP/IP data transfer over an Ethernet network. Note that each layer considers whatever has been passed down to it from an upper layer as “data”. It doesn’t concern itself with what was added by the upper layers.
- Data is created by an application such an FTP client program. Let’s assume that a file transfer is being initiated with a local FTP server.
- The data is passed to the Host-to-host (Transport) layer, where it is encapsulated to include source and destination port numbers. These uniquely identify the applications that the data should be passed between. For example, if this data were being sent to an FTP server, the destination port would be TCP 21. The data is now considered to be a segment.
- The data is passed to the Internet (Network) layer, where it is again encapsulated to include information such as the source and destination IP addresses. The data is now considered to be a packet.
- The data is passed down to the Network Interface (Data Link) layer, where it is encapsulated for Ethernet to include source and destination MAC addresses, as well as the an error-checking mechanism known as a cyclic redundancy check (CRC). The data is now considered to be a frame.
- The data is converted to a series of bits, and transmitted across the network.
Tip: A CRC is also often referred to as a Frame Check Sequence (FCS).
Figure: TCP/IP Data Encapsulation Process
Note that upon reaching the destination host, the entire process happens in reverse, with each layer de-encapsulating the data by striping away the information that was added at each layer. Eventually, the required data is passed to the FTP server as intended by the FTP client application. Consider the frame captured below using Ethereal, a network protocol analyzer. Notice that each heading area directly corresponds to the encapsulation process just defined (with the exception that the program shows the layers in reverse order).
Internet Protocol, Src Addr: 192.168.0.1 (192.168.0.1), Dst Addr: 192.168.0.135 (192.168.0.135)
Transmission Control Protocol, Src Port: 4653 (4653), Dst Port: ftp (21), Seq: 2739356837, Ack: 204742999
File Transfer Protocol (FTP)
The Department of Defence TCP/IP model is a 4-layer model that defines areas of responsibility much like the OSI, while providing insight into the functions of the different protocols that make up the TCP/IP suite. The model provides an excellent point of reference when compared to the OSI. We won’t look at all the details of the TCP/IP model just yet – the majority will be covered in Chapter 4. My feeling is that the data encapsulation process is much better explained using a popular protocol suite.
To begin, let’s take a look at how the TCP/IP model maps to the OSI model. While the names of the TCP/IP layers are different, they generally encompass the same responsibilities as one or more OSI layers. Consider the diagram below.
Figure: Comparing the OSI and TCP/IP network models.
Tip: Although the layers of the TCP/IP model technically use different names, Cisco will still refer to protocols by their associated OSI layer name. For example, Cisco will describe TCP as being a Transport layer protocol.
For the sake of illustration, I’ve included some of the key protocols that make up the TCP/IP suite in the figure below. Be aware that the terms data, segment, packet, and frame still apply as data is encapsulated in the TCP/IP model.
Figure: TCP/IP protocol stack including common protocols and network technologies.
The Physical layer of the OSI model is concerned with the electrical, optical, and mechanical properties of the network, including elements such as voltage, media, connector types, signal regeneration, and so forth. The physical layer doesn’t actually alter packets, but rather acts as the transmission facility over which the actual bits (1’s and 0’s) are sent. This isn’t limited to plain old copper wire – it can include optical signals, radio waves, and infrared transmissions to name but a few. Examples of equipment found at the Physical layer include network cabling, hubs, and repeaters. A number of popular Physical layer standards are listed below.
Examples of Physical layer standards:
- High Speed Serial Interface (HSSI): High speed serial communications
- EIA/TIA-232: Low speed serial transmissions
- V.35: ITU-T serial transmission standard
The Data Link Layer of the OSI model acts as an interface between the Network and Physical layers. The main responsibilities of the Data Link layer include:
- Data framing and physical addressing. When data is passed to the Data Link layer, it is framed for transmission using various LAN and WAN protocols. This allows network protocols to be transmitted over different network technologies including Ethernet, Token Ring, and Frame Relay as examples. Hardware or Media Access Control (MAC) addressing is used to uniquely identify hosts at the Data Link layer. Since they make forwarding decisions based on MAC addresses, bridges and switches are examples of equipment found at this layer.
- Flow control, error checking, and frame sequencing. Data Link layer devices are capable of transmitting flow control codes that identify whether upper layer protocols are capable of receiving data at the current rate. Error checking is provided in the form of a Cyclic Redundancy Check (CRC), a simple mathematical calculation performed on each frame to ensure it hasn’t been corrupted in transit. Frame sequencing reorders frames that were received in a different order than they were sent.
Interacting with Network layer protocols. When a host receives a frame, the frame header contains information on which Network layer protocol the data will be passed to. The Data Link layer helps to make network technologies independent of the upper layer protocols in use.
Examples of Data Link layer protocols:
- Ethernet (802.3): Contention-based LAN technology
- Token Ring (802.5): Token-passing LAN technology
- Wireless LAN (802.11): Wireless LANs
- Frame Relay: Packet-switched WAN technology
- ISDN: Digital dial-up connections
Tip: Remember that the protocol data unit (PDU) of the Data Link layer is referred to as a frame.
The Data Link layer is actually comprised of two sub-layers (defined by the Institute of Electronics and Electrical Engineers – the IEEE), called Media Access Control (MAC) and Logical Link Control (LLC).
The Network layer of the OSI model is commonly referred to as Layer 3, and has the following responsibilities:
- Routing. When a host on one network wishes to exchange data with a host on another, packets will be sent to a router interface. After determining where the packet should be forwarded next using information found in its routing table, a router will switch the packets out of the optimal interface. This process will take place at each router encountered on a packet’s journey to the destination host. Routing protocols are used to allow routers to exchange information with one another.
- Network Addressing. Each host on a routed internetwork will have at least one network address. A network address is made up of two parts – the first part identifies the network, while the second identifies a unique host on that network. These addresses have different formats depending on the routed protocol in use – we’ll look at examples shortly.
Examples of Network-layer protocols:
Internet Protocol (IP): TCP/IP addressing and routing
Internetwork Packet Exchange (IPX): IPX/SPX addressing and routing
Internet Control Message Protocol (ICMP): Diagnostics and error notification
Internet Group Management Protocol (IGMP): Multicast group management
Tip: Remember that the protocol data unit (PDU) of the Network layer is referred to as a packet. In some cases, you may also see this PDU referred to as a datagram.
The Transport layer has three main responsibilities in terms of the exchange of data between systems. These include:
- Data segmentation.
- Establishment of end-to-end connections between hosts.
- Using flow-control mechanisms to ensure that data is sent at rates that the receiver can handle.
At any given point in time there may be many applications passing data down to the Transport layer. Data segmentation is the process by which the Transport layer uniquely handles all data passed to and from different upper-level applications. This is usually implemented in the form of source and destination port numbers that are defined within a particular application. For example, if a user is browsing the web and checking email at the same time, each program would be passing data and waiting for a reply on a unique port number. The Transport layer ensures that data is passed to the correct application.
The Session layer is responsible for the creation, management, and termination of sessions between systems. A session is best described as a type of managed connection between systems for the purpose of a specific type of communication. For example, a session might be created for the purpose of user authentication, or to initiate a file transfer.
The Session layer is also responsible for coordinating how the communication between systems takes place, which is known as dialog control. In some sessions, only a single system is allowed to communicate at any point in time, referred to as half-duplex. The Session layer would be responsible for determining whose turn it is in these situations, and for how long each system is allowed to communicate. In other cases, both systems can communicate at once, which is also known as full duplex. If the communication stream were somehow interrupted, the Session layer would be responsible for recognizing this and re-establishing the session.
Examples of Session layer protocols:
- Network File System (NFS): Unix file system access
- Structured Query Language (SQL): Local or remote database queries
- Remote Procedure Call (RPC): Client-server communication mechanism
- AppleTalk Session Protocol (ASP): AppleTalk client-server communication mechanism
- X Windows: Remote desktop sessions
Tip: Remember that the protocol data unit (PDU) of the Application, Presentation, and Session layers is “data”.
The Presentation layer is primarily responsible for data representation and formatting, ensuring that data can be viewed correctly. These formats are sometimes referred to as the “data syntax” of the applications in use. For example, different systems may use different schemes to represent data. While one system might use ASCII or EBCIDC, another might use UNICODE. Since these schemes contain different character possibilities, it is the responsibility of the Presentation layer to make sure they are displayed in the correct or common format between the client and the server. Further to this, the Presentation layer is also where data compression and encryption are generally considered to take place.
Examples of common Presentation layer formats:
- ASCII, EBCIDC, UNICODE, RTF: Text encoding formats
- MPEG, AVI, QuickTime: Video encoding formats
- JPEG, PNG, TIFF: Graphics formats
- MIDI: Sound format