HDLC: Protocol for half-duplex and full duplex data link communication. There are three kinds of frames--1.

Information: user data and control; 2. Supervisory: transport control info; 3. unnumbered: for link management. A frame can have up to 6 fields. Point-to-Point Access(PPP): Except the form and establishment of the frames of data, this also gives the way to negotiate and above all how the network layer data encapsulates in the data-link layer frame; ways of mutual authentication too is involved. No sequence numbering is there. Address field has the broad cast address of the HDLC. Three protocols are used make PPP a powerful protocol: Link control Protocol, Authentication protocol, Network control protocol.

LCP: establishing, maintaining, configuring and eliminating the link. It's only during establishing or terminating state when LCP is needed as no user data is carried in this. Value C021 is set for LCP in protocol field.

Types of packets: configuration packets, link termination packets, link monitoring and debugging packets. Echo-request: sent to monitor the link; to see whether it's functioning. Sender expects a echo-reply packet. The endpoints negotiate through these packets for options

Authentication Protocol: Plays important role in PPP because it works on dial-up networks and authentication plays an important there. There are two protocols for authentication in PPP: 1. Password Authentication protocol(PAP) and Challenge Handshake Authentication Protocol(CHAP), both work during authentication state when no user data is exchanged. PAP: one looking for the access to the resources sends a username and password which needs to be authenticated. Protocol field value is C023.

CHAP: more secure--three way handshaking; password is never sent online. There are four packets, a predefined function.

NCP(Network Control Protocol): After the link has been established and authenticated, link moves to networking state and NCP(a set of control protocols) comes into play to encapsulate the data coming from Networking layer. Before the data could be sent, there has to be authentication at Network layer too which is

done by IPCP packet. The IPCP packet is encapsulated in PPP stack with the protocol field entry 8021

IPCP packet also have configure, terminate and code-reject options. IP data packet is carried with Protocol field entry 0021.

Multiple Access A broadcast link is a link which has many users connected to it. Issues: all don't speak at same time, don't monopolize etc.

CSMA: Station senses the medium before transmitting. MA(Multiple Access): uploading to a base station is at 407 MHz and downloading from base station to the destination at 413 MHz. The acknowledgement time is 2 times the propagation delay. Even when the sender sense the medium, there are chances of collision due to the propagation delay. Persistent Strategies: 1. 1-persistent and 2. ppersistent. The station generates a random probability and sends only if it's <=0.2. CSMA/CD: csma was never implemented because it didn't give any criteria in case of a collision. Collision Detection is implemented using the exponential method and jam signal generation. A station after sensing the collision waits for 2^N*(maximum_propagation_delay), where N is the number of attempt usually varying from 0 to 15. A jam signal is broadcasted to let all stations know that they

need to discard part of frame they have received. Medium is repeatedly sensed using one of the persistence strategies. CSMA/CA: Collision Avoidance is implemented by use of persistence strategies and random back-off timers. There is no transmission until there is an acknowledgement before timer goes off. LAN--Ethernet:

Access method for the traditional ethernet is 1-persistent CSMA/CD

Preamble: first 7 bytes of alternate 0s and 1s--help synchronizing, actually added at Physical layer. Destination and Source Addresses are both 6 bytes of physical address. Length Field gives the length of packet if its value is less than 1518, and gives the type of PDU following if it's greater than 1536. Data Field contains data encapsulated from the upper layers; 46 to 1500 bytes long. CRC is CRC-32. Minimum length restriction is kept for proper working of CSMA/CD--whenever there is a collision, it must be heard by all stations before the packet is out; once packet is out, it'll be too late. Source address is always Unicast for the data comes from only one destination. DA can, however, be multicast or broadcast.

Physical Layer

Physical Layer Signaling sub-layer: Ethernet uses Manchester Coding at 10Mbps which needs 20MBaud. AUI was developed to make PLS independent of MAU. Bridged Ethernet: Bridges help increase the bandwidth and separate collision domain. Bandwidth is not widened as such; it's just that sharing of it is reduced as each network now has it's own 10Mbps. Moreover, Bridge itself acts as a station to the network. Switched Ethernet: From the very concept of creating two- or four LANs in a networks using 2-, 4- port bridges, N- port LAN evolved where N is the number of the stations connected to the LAN. Layer-2 Switch is a N port bridge with little more sophistication in faster packet handling. To provide for Flow and error control in this switched full-duplex ethernet one more layer called MAC control is pushed between LLC and MAC sub-layer. Fast Ethernet(100Mbps): Reconciliation layer replaced PLS; encoding/decoding moved to PHY for it is medium dependent in Fast Ethernet; AUI replaced with Medium Independent Interface(MII) which operates at a nibble at a time, also management features were added. Encoder first performs the Block coding and needs a 125Mbps BW, which is then operated with MLT-3. Can you think how gigabit ethernet could operate so fast even using halfduplex? Gigabit ethernet uses optic waves. Wireless LAN IEEE 802.11 covers physical and data link layers in two services Basic Service Set(BSS) and Extended Services Set(ESS) which are units of a WLAN--e.g. a stationary or mobile wireless station and a possible central station(Axis Point). A BSS without AP is an ad hoc architecture. Two or more BSS connected using a distribution system makes an ESS. Distribution systems connect Aps with LAN.

Communication between two stations in different BSS is through AP only. A mobile station can belong to more than one BSS at a time. 802.11 doesn't guarantee continuous communication in case of ESS-transition mobility. FHSS: sender sends a carrier frequency for a while(called dwell time usually 400ms or more) and then switches to another and after that fixed while to yet another and keeps doing this until a cycle of frequencies is once completed only to be repeated again. If the bandwidth of the signal originally is B, spread spectrum BW is N*B, where N is the number of hops. The band is from 2.4 GHz to 2.48 GHz; further divided in 79 sub-bands. Modulation technique is FSK--allowing 1 or 2 bit/baud giving a 1 or 2 Mbps; 1 Mbaud/s. DSSS(Direct sequence spread spectrum): a chip code is sent for each data bit. Although to avoid buffering, the data rate is N times for an N-bit chip code. QAM and PSK are used. IEEE 802.11 defines 2 MAC sublayers--Distributed Coordination Function(DCF) and Point Coordination Function(PCF). Network Allocation Vector(NAV): when the stations send Request-to-Send(RTS) packet, other stations create a timer named NAV giving them an idea of how long they need to wait.

Frame Control(FC): 2 bytes long with different meanings given to groups of bits.

There are two types of frames: Management frames and control frames. Bluetooth: IEEE 802.15 defines this as a LAN technology. A piconet can have up to 8 stations with one master and other slaves--there can be 8 more slaves in what it is called as a parked state--which synchronize their clocks and hops according master. Communication can be 1-to-1 or 1-to-many between master and slaves. A slave in one piconet can act as a master in another piconet.

Bluetooth works at a frequency of 2.4 GHz with 79 Channels. It uses FHSS where each station hops for 1600 times in a second. Modulation technique is Gaussian BW Filtering FSK. First channel carrier frequency is 2402 MHz, second is 2043 MHz and so on. Bit 1 is frequency deviation above carrier and bit 0 is deviation below. Channel is accessed using TDD-TDMA where TDD(time division duplexing) lets slaves have a half duplex communication with master on different hops. Links in Bluetooth Physical Layer: Synchronous Connection Oriented(SCO) is when the avoiding latency(delay in data delivery) is more important than error free delivery. A physical connection is maintained by allotting specific slots at regular intervals. A damaged packet is never sent again. Slave can make up to three SCO links with Master all sending digital audio at 64 Kbps. Asynchronous Connectionless Link has a data rate of 72 kbps and slave responds in next odd slot. Data is encapsulated in a frame which can be retransmitted. Frame It cab be 1 slot, 3 slot or 5 slot. 1 slot is 632 - 259 microsecond, because 259 microsec are required for hop and control mechanisms. With 1 MHz BW, 1 slot is 366 bits wide.

There are flow control and error controls, Stop-and-wait ARQ and sequencing of packets. Payload is 0 to 2740 bits. Backbone Devices of LAN Bridge: transparent bridge meets these 3 criteria according IEEE 802.1d - a) frames must be forwarded from station to station; b) tables should be made themselves my moving of packets; c) Loops must be avoided. BPDU(Bridge Protocol data Unit): these are the packets sent by bridges to each other for the software(dynamic) implementation of spanning tree algorithm. NO PROTOCOL AT DATA LINK LAYER ALLOWS FRAGMENTATION AND REASSEMBLY OF FRAMES. Virtual LANs It's a software created LAN--establishes broadcast domains. Port numbers, MAC Addresses, IP addresses, Multicast IPs or a combination can be used as membership characteristic. Configuration of VLANs can be manual, semiautomatic, or automatic. MANUAL: GSM:

used two duplex bands each of 25 MHz divided in 124 channels of 200 Khz. The channels are compressed to 13 kbps and each slot carries 156.25 bits. Then 8 slots are multiplexed together to form a TDM frame; 26 such frames are put together to form a multiframe of data rate 270.8 kbps. This channel modulates a carrier using GMSK(A kind of FSK) giving a 200Khz analog signal; 124 such signals then are subjected to FDMA. Result is 25Mbaud channel.

Virtual Circuit Identifier: This a small number which switches use for identificationit can be one number while entering a switch and another while leaving it. There are three phases of data communicationset up, data transfer, tear down. In set up, the source and destination tell switches to make table entries for their global addresses; in tear down they delete it. Set-up phase: there are two approaches1. Permanent VC and Switched Virtual Circuit. There is this setup request frame which passes through the switches that fill 3 of the 4 table entries for incoming port, VCI, outgoing port; the outgoing VCI is filled after there is acknowledgment from destination. The tables here are more like routing tablesswitch knows which outgoing port to assign. Acknowledgment frame from the destination gives the outgoing VCI. Default Mask & Subnet Mask.: Default mask when ANDed with any IP gives the network address. Dynamic Address configuration: 4 information which are must for a station to communicate over internet: IP address, Subnet Mask, IP address of the router, IP address of the domain name server. These are stored in a config file and is accessed during bootstrap. DHCP has 2 database-first statistically bind the physical addresses with IP and second makes DHCP dynamic. Routing

Routing requires a host or a router to have a routing table. Techniques to reduce the size of routing table: next hop routing, network specific routing. Dynamic routing protocols : RIP, OSPF and BGP; update all the tables in the router in network dynamically whenever there is any change in the links.

Network Layer Protocols:

IP is responsible for host-to-host delivery. IP needs ARP to find MAC address of the next hop and this is inserted in IP datagram to be passed to the data link layer. ARP: MAC address jurisdiction is local, not necessarily universal like an IP address. Two levels of addressing--IP and MAC--requires mapping of addresses: Static address mapping means entering MAC addresses corresponding to each IP manually. Dynamic address Mapping introduces and used ARP and RARP to map IP to MAC and vice-versa. ARP request packet is multi-cast, response is unicast.

IP datagram is variable length--header can be 20 to 60 bytes.

IP datagram checksum only includes the header and not the data because all the packets from higher layers include complete packet and the IP header changes on every hop while the data remains same. Maximum Transfer Unit(MTU) is 65,535 bytes. When this is fragmented to fit the datagram in different hardware requirements, there is a 13-bit fragmentation offset which is used. ICMP data is first encapsulated in an IP packet and then passed to data link layer. It includes: Time stamp request and reply packets; Echo request and reply; address mask request to router and reply from router. Unicast and Multicast Routing: Routing Protocols In unicast, the router forwards the packets through only one of its ports(which it finds optimum using table); it might as well drop the packet if there in no entry for the destination. Metric is the cost of passing of packet through a network. Different protocols assign metrics to networks differently. OSPF and BGP let the administrator decide metric. Autonomous System(AS) is the set of routers and systems which an administrator governs. Routing inside an AS is interior routing; between AS is exterior routing.

Initializing Routing Table: whenever a router is put in a network, it initializes a routing table using its configuration file--there are entries only for directly connected networks, hop count is 1 and next hop field is empty. They are updated according RIP messages. OSPF: Divides AS into further areas which can consist of routers, stations and hence networks; routers inside an area flood it with information for which there are special boundary routers at ends of such areas which summarize the information and send to other areas. There is also a primary area network called backbone made up of backbone routers. A router can have multiple routing tables depending upon the services. It uses link state routing which is in contrast with distance vector routing and helps reducing traffic. It involves three kinds of sharing: 1. Sharing knowledge about neighbours; 2. sharing knowledge with every other router--done by flooding; 3. Sharing information when there is any change in network. Links are based upon the basic fact that all the routers have exact idea of topology--the graph representing edges and nodes.

Point to Point: Connects two routers and metric is mentioned at the end of a bidirectional line; no need to give a network address. Stub link is a network which is connected to only one router.

Link State Advertisements(LSAs)

Boundary router floods an AS with the cost of available networks outside it. In OSPF all routers have same link state database. Each router applies Dijkstra's Algorithm to find the shortest path. It makes nodes tentative first which when pass the criteria become permanent.

When a host has membership, it means that one of it's processes(any application program) receives multicast packets from some group. When a router has membership, network connected to one of its interfaces receives multicast packets. Host or router maintains list of processes which have membership. TRANSPORT LAYER IANA divides ports into well known, registered, dynamic. Data link layer provides flow and error control between two nodes only; transport layer flow and error control is needed to implement end to end reliability.

Finite State Diagram of TCP

Based upon following table of signals

CCNA, Tod Lemle, John Wiley

VPN The devices at each end must be capable of establishing this service independent and platform independent way of secure(encrypted) and reliable communication. Ipsec(Diffie-Hellman authentication and 128-bit 3DES--triple data encryption standard) is needed. The receiving router has to configured with 3DES, something which is called remote encryption domain. VPN offers encryption only for one subnet, one encryption domain. Although the traffic over internet would need then need you to define multiple VPNs. The Method is called tunneling: the two routers give all the packets their own IP protecting, hereby, the IP of host and destinations. And since the private tunneling is in place, private address space can be used to communicate over internet--no network address translation(NAT) is required. One more benefit is SMTP, which is transmitted in clear, is also encrypted. A DMZ segment holds your web server and mail relay. RIP is not a secure protocol. There has to be an additional network card at firewall. Performing a DNS lookup for those using NAT gives a public IP, not the private one. 3DES is a long key algorithm, looks for a faster encryption hardware. TCP/IP Model: Network access layer--> Internet layer --> Host-to-host layer --> Process/ application layer. First comes the task, then the complications involved and finally the protocol. Tcp/ip stack is built inside the OS--the set of instructions is given to the network card or the way its buffer is to be processed. TCP Data Pushing: When any application doesn't go with TCP's buffering way of operation, it asks for a push bit and pleads for immediate sending rather than window creation. TCP Urgent Data: The sending TCP is programmed with an URG bit by the sending program. This puts the Urgent data to the start of otherwise being streamed rest of the data. CONGESTION CONTROL AND QUALITY OF SERVICE Congestion control is just about avoiding the congestion of traffic; quality of service is about creating an optimum environment. So, we need Data descriptors. Average Data Rate: number of bits sent in a particular period divided by the seconds in that period. It gives the bandwidth, clock rate requirements etc. Congestion is basically due to buffers--packets having to wait at both input and output interface. But this is only a catch--the actual issue is input rate to router being more than it can process or process rate being slower than it can output. Delay and the throughput measure performance of the network.

When the source sends the frame but doesn't receive the ack due to the delay in buffer queues, it retransmits and hence creates the congestion. On the other hab\nd, throughput is number of packets passing through some network area in unit time.

Techniques to improve QoS: Scheduling, traffic shaping, admission control and resource reservation. Subnetting: the secret lies in knowing which host IP to put the subnetwork address. Telnet can be used to connect to any active interface(serial or ethernet) on the router. Security Device manager(SDM) is wed based console for accessing and monitoring router security settings.