1 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ 2 Networking Theory Terms you’ll need to understand: ✓ Open Systems Interconnection (OSI) model ✓ Peer-to-peer communication ✓ Transmission Control Protocol (TCP) ✓ Internetwork Packet Exchange (IPX) ✓ Split horizon ✓ Holddowns ✓ Triggered updates ✓ Poison reverse ✓ Routing table ✓ Convergence ✓ Routing loop ✓ Distance vector ✓ Link state ✓ Windowing ✓ Acknowledgment ✓ Fragmentation ✓ Maximum transmission unit (MTU) ✓ Handshaking ✓ Termination Techniques you’ll need to master: ✓ Identifying and describing the functions of each layer of the OSI model ✓ Comparing IP and IPX, and explaining the protocols’ functions ✓ Comparing TCP and UDP, and explaining the protocols’ functions ✓ Using common routing commands on Cisco routers ✓ Understanding frame formats for IP, TCP, UDP, and IPX 2 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 2 This chapter addresses the CCIE blueprint objectives as laid out by the Cisco Systems CCIE program. Specifically, the chapter reviews the following topics: ➤ OSI model—Encompasses understanding the functions of the OSI model’s layers and how each layer compares to the other layers. ➤ General routing concepts—Includes reviewing split horizon, poison reverse, rec- ognizing the differences between switching and routing, the importance and techniques of route summarization, comparing link state versus distance vec- tor protocols, discussing routing loops, understanding tunneling, and review- ing IP routing tables. ➤ Protocol operation—Includes understanding Windowing/Acknowledgments (ACK), fragmentation, maximum transmission units (MTU), handshaking, and termination. ➤ Protocol descriptions and use—Reviews Internet Protocol (IP), IP fragmenta- tion, Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internetwork Packet Exchange (IPX). ➤ IEEE 802.x standards—Reviews the various 802.x protocol descriptions. Open Systems Interconnect (OSI) Model Before discussing any protocols, you need to have a thorough understanding of the OSI model. This chapter focuses on the function of each layer of the OSI model. By working through this chapter, you will obtain an understanding of the functions performed by each layer. If you can understand how each layer per- forms, then you will be able to understand how a protocol functions. Therefore, this section focuses on the OSI model and what you, as a potential CCIE profes- sional, need to know. OSI Model Structure The OSI model consists of seven layers and is an international standard that enables vendors, such as Cisco, to adhere to certain criteria. This will enable, for example, a Windows PC to communicate with a Unix workstation. Table 2.1 displays the framework of the OSI reference model. Peer-to-Peer Communication Each layer of the OSI model has its own function and interaction with the layers above and below it. Furthermore, there is also peer-to-peer communication be- tween end devices through each corresponding layer of the OSI model. Peer-to- peer communication means that each layer of the OSI model uses its own protocol to communicate with its equivalent peer layer in another system. For example, 3 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Networking Theory the Transport layer of Device A in Figure 2.1 will communicate with the Trans- port layer in Device B, assuming there are no intermediate devices. The layers between the two end stations communicate via protocol data units (PDUs). In other words, each layer communicates to the corresponding layer above and below it and also exchanges protocol data units (PDU is an OSI term for a packet) between end systems. Figure 2.1 shows how each layer of the OSI model pro- vides services to the layers above and below. The PDU exchanges are represented by the horizontal lines in Figure 2.1. Note: Layers 1 and 2 of the OSI model are implemented with hardware. Layers 3 through 7 are implemented in software. Table 2.1 The OSI reference model. Layer Service Layer 7 Application Layer 6 Presentation Layer 5 Session Layer 4 Transport Layer 3 Network Layer 2 Data Link Layer 1 Physical Figure 2.1 OSI layer peer-to-peer communication. Layer Communication Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical Peer Communication Device A Device B 4 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 2 OSI Model Layers The following sections provide descriptions and typical examples of each OSI layer. Furthermore, examples of communication methods and functions follow each layer description. Layer 1: Physical Layer The Physical layer consists of standards that describe bit ordering, bit transmis- sion rates, connector types, and electrical specifications. Information is transmit- ted as binary bits (ones and zeros). Examples of Physical layer standards include the following: ➤ RS-232 ➤ V.24 ➤ V.35 ➤ RJ-45 ➤ RJ-12 Layer 2: Data Link Layer The Data Link layer will focus on getting data reliably across any particular kind of link. Flow control and error notifications are other functions of the Data Link layer, as well. The Data Link layer applies to all access methods whether they are LAN or WAN methods. Information being processed at this layer is commonly known as frames. Examples of data link frame types include the following: ➤ ISDN ➤ SDLC ➤ HDLC ➤ PPP ➤ Frame Relay Layer 3: Network Layer The Network layer is used to determine the best path to a destination. Device addressing, packet fragmentation, and routing all occur at the Network layer. Information being processed at this layer is commonly known as packets. Ex- amples of Network layer protocols include the following: ➤ Internet Protocol (IP) ➤ Internetwork Packet Exchange (IPX) 5 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Networking Theory At the Network layer, a packet is associated with a connection-oriented protocol, while a datagram is associated with a connectionless protocol. Layer 4: Transport Layer The Transport layer is responsible for segmenting upper-layer applications and establishing end-to-end connections between devices. Other functions of the Transport layer include providing data reliability and error-free delivery mecha- nisms. Information being processed at this layer is commonly known as segments. Examples of Transport layer protocols include the following: ➤ Transmission Control Protocol (TCP) ➤ Novell’s Sequenced Packet Exchange (SPX) ➤ User Datagram Protocol (UDP) Layer 5: Session Layer The Session layer performs several major functions, including managing sessions between devices, and establishing and maintaining sessions. Examples of Session layer protocols include the following: ➤ Database SQL ➤ NetBIOS Name Queries ➤ NetBEUI Layer 6: Presentation Layer The Presentation layer handles data formats and code formatting. The functions of this layer are normally transparent to the end user, because this layer will take care of code formats and present them to the Application layer (layer 7) where the end user can examine the data. Examples of Presentation layer protocols in- clude the following: ➤ GIF ➤ JPEG ➤ ASCII ➤ MPEG 6 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 2 Layer 7: Application Layer The Application layer is closest to the end user, which means that the application is being accessed by the end user. The major function of this layer is to provide services to end users. Examples of Application layer services include the following: ➤ File Transfer Protocol (FTP) ➤ Telnet ➤ SMTP ➤ HTML browsers How Data Flows through the OSI Layers To get a better understanding of how the OSI layers function, it is important to know how data flows between the layers. In this section, we’ll trace the data as it flows through the layers of the OSI model. As you will see in this section, each layer adds (or encapsulates) some form of header or trailer. (Layer 2, the Data Link layer, is responsible for adding a trailer.) Figure 2.2 shows the data flow from Device A to Device B. Note: The example in Figure 2.2 demonstrates how end user packets (header and data) flow through the OSI model. The figure assumes there are no intermediate devices. When the end system receives the unstructured bit stream from the physical wire, each layer removes the header information applicable to it until the applica- tion receives the data. The following depicts what occurs in the OSI model’s layers when an email is sent from Device A to Device B: 1. An application, such as an email program, creates data that will be sent by an end user, such as an email message. The Application layer (layer 7) places a header (encapsulation) field that contains information such as screen size and fonts, and passes the data to the Presentation layer (layer 6). 2. The Presentation layer places layer 6 header information. For example, the text in the message might be converted to ASCII. The Presentation layer will then pass the new data to the Session layer (layer 5). 3. The Session layer follows the same process by adding layer 5 header in- formation, such as information that the Session layer will manage the data flow, and passes this data to the Transport layer (layer 4). 4. The Transport layer places layer 4 information, such as an acknowledg- ment that the segment was received in the header, and passes it to the Network layer (layer 3). 5. The Network layer places layer 3 header information, such as the source and destination address so the Network layer can determine the best 7 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Networking Theory delivery path for the packets, and passes this data to the Data Link layer (layer 2). 6. The Data Link layer places layer 2 header and trailer information, such as a Frame Check Sequence (FCS) to ensure that the information is not corrupt, and passes this new data to the Physical layer (layer 1) for trans- mission across the media. 7. The bit stream is then transmitted as ones and zeros on the Physical layer. It is at this point that the Physical layer ensures bit synchroniza- tion. Bit synchronization will ensure the end user data is assembled in the correct order it was sent. 8. Steps 1 through 7 occur in reverse order on the destination device. De- vice B collects the raw bits from the physical wire and passes them up the Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical Data Link header (DH) Data (Bits) DH Data NH Data TH Data SH Data PH Data AH Data Network header Transport header (TH) Session header (SH) Presentation header (PH) Application header (AH) Device A (Sending Device) Data Device B (Receiving Device) Path to Device B Bits received by Device B Data link trailer Figure 2.2 End user header and trailer flow. 8 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 2 Data Link layer. The Data Link layer removes the headers and trailers and passes the remaining information to the Network layer and so forth until data is received by the Application layer. Eventually, Device B will receive an email notification displaying a message to indicate that a new email message has been received. Familiarize yourself with the OSI model and each layer’s responsibility. You should be able to recognize a function of each layer of the OSI model. The seven layers of the OSI reference model are typically divided into two categories: upper layers (layers 4 through 7) and lower layers (layers 1 through 3). As you can determine from the example of encapsulation, the OSI model pro- vides a service that allows information to flow smoothly from one layer to an- other. Eventually, the information will be presented to the end device in a readable format. Now that we’ve reviewed the OSI model, the next section takes a look at how packets are sent across a network using a routing algorithm. General Routing Concepts Routing simply means moving a packet from one location to another. Routing uses best-effort delivery and occurs at layer 3 (the Network layer) of the OSI model. An example of a routing protocol that routes IP is Routing Information Protocol (RIP). Routing protocols provide the information required to determine the to- pology of the internetwork and the best path to a destination. A routed protocol is one that is routed by a routing protocol such as RIP. IP is an example of a routed protocol. The following sections discuss the differences between a routed and routing protocol and provide some common examples. In contrast to routing, switching is the moving of a frame or frames from one location to another. Switching occurs at layer 2 in the OSI model. An example of a switching protocol is transparent bridging. Note: Chapter 3 describes the available bridging and switching modes available on a Cisco router. Routing Vs. Routed Protocols Routing protocols apply a set of rules to a network topology to determine the best path to a destination from a given reference point. They also communicate net- work topology information to other routers in their networks. Routing protocols build routing tables from the gathered information. Examples of routing proto- 9 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Networking Theory cols are Open Short Path First (OSPF) and IPX’s Routing Information Protocol (IPX RIP). In contrast, a routed protocol is a protocol that contains layer 3 information that allows it to be moved from one destination to another. Examples of a routed protocol include IP and IPX. Routing protocols can be divided into three types—distance vector, link state, and hybrid. These three routing protocol classifications are discussed in the fol- lowing sections. Distance Vector Protocols Distance vector protocols, such as RIP, determine a path to a network using hop count as the metric. A hop count is a number that increments each time a packet traverses a router. Convergence—the process that ensures all routers in a network have the same network information as quickly as possible—of distance vector protocols is con- siderably slower, and periodic updates are sent at set intervals. Figure 2.3 shows how networks are discovered when using a distance vector protocol. Each router in Figure 2.3 will have the same IP routing table and will send and receive periodic updates. Not every routing protocol sends out periodic updates at the same interval. The distance vector protocol IP RIP sends a periodic update every 30 seconds. Link State Protocols Link state protocols, such as IS-IS and OSPF, create a topology of the network with each router running that protocol as the root of the tree. Link state proto- cols implement the shortest path first (SPF) algorithm to determine the path to a network. The metric used by these protocols is cost, which is determined by an administrator or calculated by the routing protocol based on a mathematical for- mula. A network with the lowest cost is chosen as the preferred path to a remote network. Link state protocols have no concept of hop count. The speed of con- vergence with link state protocols is much faster when a network change occurs. This is because a faster algorithm is used and the CPU is heavily utilized to compute changes rapidly. When using link state protocols, updates are only sent when a topological change occurs or at an interval set by an administrator. Link state protocols use hello packets to discover neighbors. A hello packet is an IP packet sent at regular intervals. When a topology change occurs, a link state packet is sent to all neighbors with information regarding any new neighbors, metric changes, or down networks. When a router receives a link state packet, it records the information in its local database and reconstructs a path to the new network. If a remote network goes down, the routing table entry will be removed. 10 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 2 Link state packets are used to notify remote neighbors of available networks. The aim is to form a link state database that contains all the available networks. The steps needed to form the database are as follows (Figure 2.4 depicts these steps): 1. Send link state packets to describe the links in a network. 2. Combine link state packets to form a link state database. 3. Run the shortest path first (SPF) algorithm. 4. Create a link tree with the router running the SPF algorithm as the root. 5. Insert networks into the routing table. Hybrid Routing Protocols Cisco has created a routing protocol called Enhanced Interior Gateway Routing Protocol (EIGRP). EIGRP combines the characteristics of both link state and distance vector routing protocols. This protocol is called a hybrid protocol because of this combination. A hybrid routing protocol uses distance vector characteris- tics for choosing a routing path and link state characteristics for changes. EIGRP maintains neighbor and topology tables instead of a link state database. Routing Table show ip route 10.0.0.0/32 is subnetted, 1 subnets C 10.1.1.1 is directly connected, Loopback0 D 137.10.255.0/24 [90/2681856] via 137.10.253.2, 1w1d, S0 Routing Table . . Routing Table . . Updates sent and received Updates sent and received Updates sent and received Figure 2.3 Learning networks using distance vector protocols. [...].. .Networking Theory 11 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ S0 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ E0 Router R2 activates new Ethernet network R2 S0 ○ R1 1 Router R2 sends a link state packet advertising... Listing 2.1 shows what happens when RIP receives an update from another IP RIP router The IOS command show debug in Listing 2.1 also displays that IP RIP events and protocols updates have been enabled Networking Theory 13 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Listing 2.1 Debug IP RIP display R1#show debug IP routing: RIP protocol debugging is on RIP event debugging... locations Summarization is typically used in very large networks, such as the World Wide Web Note: Chapter 6 provides some common commands used on Cisco routers regarding summarization on IP networks Networking Theory 15 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Routing tables can be as large as the memory installed on the router For example, an IP RIP table consisting... finish the conversation, the call termination phase takes place Each of these phases in a telephone call are characteristics of connection-oriented services Connectionoriented services consist of: Networking Theory 17 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ➤ Setup stage ➤ Data transfer phase ➤ Termination phase In contrast, a connectionless service packages the... protocols, such as TCP, is fragmentation Fragmentation gives you the ability to send user information across a network regardless of what the minimum frame size between intermediate devices, such Networking Theory 19 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ as routers, might be Sometimes, a data frame might be larger than the allowable size to the outside world,... length, and the subnet mask is used to identify the network and host portion Typically, an IP client might be a PC or router An example of an IP address and a subnet mask is: 131.108.1.1 255.255.255.0 Networking Theory 21 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Figure 2.7 outlines the frame format on an IP packet, and it details where the IP source and destination... the destination in the same order in which they were fragmented The three fields in the IP header—Identification, Flags, and Fragment Offset— handle the fragmentation and reassembly of IP packets: Networking Theory 23 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ➤ Identification field—Sets the identity of the IP packet Usually increments by one as each packet is sent... Destination Network (32 bits) Destination Node (48 bits) Destination Socket (16 bits) Source Network (32 bits) Source Node (48 bits) Source Socket (16 bits) Data (Variable) Figure 2.9 IPX frame format Networking Theory 25 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ➤ Destination Network—Specifies the 32-bit destination network ➤ Destination Node—Identifies the MAC address... uses windowing and acknowledgments to ensure segments are sent as efficiently as possible Unlike IP, TCP will reorder segments that arrive at the destination Figure 2.10 shows the TCP frame format Networking Theory 27 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Bits Specified Source Port (16 bits) Destination Port (16 bits) Sequence Number (32 bits) Acknowledgment... guaranteed Higher layers of the OSI model are responsible for ensuring datagram delivery Therefore, UDP is a connectionless protocol UDP runs over the IP layer Figure 2.11 shows the format of a UDP Networking Theory 29 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ 32 bits Source Port Source Port (16 bits) (16 bits) Destination Port Destination Port (16 bits) (16 bits) . 1 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ 2 Networking Theory Terms you’ll need to understand: ✓ Open Systems Interconnection. another system. For example, 3 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Networking Theory the Transport layer of Device A in Figure 2.1 will communicate