Chapter 1

Network Protocols and Standards

IN THIS CHAPTER

Discovering protocols

Deciphering the layers of the OSI Reference Model

Understanding an Ethernet

Getting the inside scoop on TCP/IP and IPX/SPX

Finding out about other important protocols

Protocols and standards make networks work together. Protocols make it possible for the various components of a network to communicate with each other, and standards make it possible for different manufacturers’ network components to work together. This chapter introduces you to the protocols and standards that you’re most likely to encounter when building and maintaining a network.

Understanding Protocols

A protocol is simply a set of rules that enable effective communications to occur. You encounter protocols every day and probably don’t even realize it. When you pay for groceries with a debit card, the clerk tells you how much the groceries cost, and then you swipe your debit card in the card reader, punch in your security code, indicate whether you want cash back, enter the amount of the cash back if you so indicated, and verify the total amount. You then cross your fingers behind your back and say a quiet prayer while the machine authorizes the purchase. Assuming the amount is authorized, the machine prints out your receipt.

Here’s another example of an everyday protocol: making a phone call. You probably take most of the details of the phone-calling protocol for granted, but it’s pretty complicated if you think about it:

• When you pick up a phone, you listen for a dial tone before dialing the number (unless you’re using a cellphone). If you don’t hear a dial tone, you know that someone else in your family is talking on the phone, or something is wrong with your phone.
• When you hear the dial tone, you dial the number of the party you want to reach. If the person you want to call is in the same area code, you simply dial that person’s seven-digit phone number. If the person is in a different area code, you dial 1, the three-digit area code, and the person’s seven-digit phone number.
• If you hear a series of long ringing tones, you wait until the other person answers the phone. If the phone rings a certain number of times with no answer, you hang up and try again later. If you hear a voice say, “Hello,” you begin a conversation with the other party. If the person on the other end of the phone has never heard of you, you say, “Sorry, wrong number,” hang up, and try again.
• If you hear a voice that rambles on about how they’re not home but they want to return your call, you wait for a beep and leave a message.
• If you hear a series of short tones, you know the other person is talking to someone else on the phone. So you hang up and try again later.
• If you hear a sequence of three tones that increase in pitch, followed by a recorded voice that says “We’re sorry …” you know that the number you dialed is invalid. Either you dialed the number incorrectly, or the number has been disconnected.

You get the point. Exchanges — using a debit card or making a phone call — follow the same rules every time they happen.

Computer networks depend upon many different types of protocols. These protocols are very rigidly defined, and for good reason. Network cards must know how to talk to other network cards to exchange information, operating systems must know how to talk to network cards to send and receive data on the network, and application programs must know how to talk to operating systems to know how to retrieve a file from a network server.

Protocols come in many different types. At the lowest level, protocols define exactly what type of electrical signal represents a 1 and what type of signal represents a 0. At the highest level, protocols allow (say) a computer user in the United States to send an email to another computer user in New Zealand — and in between are many other levels of protocols. You find out more about these levels of protocols (often called “layers”) in the upcoming section, “Seeing the Seven Layers of the OSI Reference Model.”

Protocols tend to be used together in matched sets called protocol suites. The two most popular protocol suites for networking are TCP/IP and Ethernet. TCP/IP, originally developed for Unix networks, is the protocol of the Internet and most local area networks (LANs). Ethernet is a low-level protocol that spells out the electrical characteristics of the network hardware used by most LANs. A third important protocol is IPX/SPX, which is an alternative to TCP/IP, and originally developed for NetWare networks. In the early days of networking, IPX/SPX was widely used in LANs, but TCP/IP is now the preferred protocol.

Understanding Standards

As I mention earlier, a standard is an agreed-upon definition of a protocol. In the early days of computer networking, each computer manufacturer developed its own networking protocols. As a result, you couldn’t easily mix equipment from different manufacturers on a single network.

Then along came standards to save the day. Hurrah! Because standards are industry-wide protocol definitions not tied to a particular manufacturer, you can mix and match equipment from different vendors. As long as the equipment implements the standard protocols, it should be able to coexist on the same network.

Many organizations are involved in setting standards for networking. The five most important organizations are

• American National Standards Institute (ANSI): The official standards organization in the United States. ANSI is pronounced AN-see. www.ansi.org
• Institute of Electrical and Electronics Engineers (IEEE): An international organization that publishes several key networking standards — in particular, the official standard for the Ethernet networking system (known officially as IEEE 802.3). IEEE is pronounced eye-triple-E. www.ieee.org
• International Organization for Standardization (ISO): A federation of more than 100 standards organizations throughout the world. If I had studied French in high school, I’d probably understand why the acronym for International Organization for Standardization is ISO, and not IOS. www.iso.org
• Internet Engineering Task Force (IETF): The organization responsible for the protocols that drive the Internet. www.ietf.org
• World Wide Web Consortium (W3C): An international organization that handles the development of standards for the World Wide Web. www.w3.org

Seeing the Seven Layers of the OSI Reference Model

“OSI” sounds like the name of a top-secret government agency you hear about only in Tom Clancy novels. What it really stands for in the networking world is Open Systems Interconnection, as in the Open Systems Interconnection Reference Model, affectionately known as the OSI model.

The OSI model breaks the various aspects of a computer network into seven distinct layers. These layers are kind of like the layers of an onion: Each successive layer envelops the layer beneath it, hiding its details from the levels above. The OSI model is also like an onion in that if you start to peel it apart to have a look inside, you’re bound to shed a few tears.

The OSI model is not a networking standard in the same sense that Ethernet and TCP/IP are networking standards. Rather, the OSI model is a framework into which the various networking standards can fit. The OSI model specifies what aspects of a network’s operation can be addressed by various network standards. So, in a sense, the OSI model is sort of a standard of standards.

Table 1-1 summarizes the seven layers of the OSI model.

TABLE 1-1 The Seven Layers of the OSI Model

Layer	Name	Description
1	Physical	Governs the layout of cables and devices, such as repeaters and hubs.
2	Data Link	Provides MAC* addresses to uniquely identify network nodes and a means for data to be sent over the physical layer in the form of packets. Bridges and switches are layer 2 devices.
3	Network	Handles routing of data across network segments.
4	Transport	Provides for reliable delivery of packets.
5	Session	Establishes sessions between network applications.
6	Presentation	Converts data so that systems that use different data formats can exchange information.
7	Application	Allows applications to request network services.

* MAC = Media Access Control. Read more about MAC and bridges and switches in “The data link layer.”

The first three layers are sometimes called the lower layers. They deal with the mechanics of how information is sent from one computer to another over a network. Layers 4–7 are sometimes called the upper layers. They deal with how application software can relate to the network through application programming interfaces.

The following sections describe each of these layers in greater detail.

The seven layers of the OSI model are a somewhat idealized view of how networking protocols should work. In the real world, actual networking protocols don’t follow the OSI model to the letter. The real world is always messier. Still, the OSI model provides a convenient — if not completely accurate — conceptual picture of how networking works.

The physical layer

The bottom layer of the OSI model is the physical layer. It addresses the physical characteristics of the network, such as the types of cables used to connect devices, the types of connectors used, how long the cables can be, and so on. For example, the Ethernet standard for 10BaseT cable specifies the electrical characteristics of the twisted-pair cables, the size and shape of the connectors, the maximum length of the cables, and so on. The star, bus, ring, and mesh network topologies described in Chapter 1 of this minibook apply to the physical layer.

Another aspect of the physical layer is the electrical characteristics of the signals used to transmit data over the cables from one network node to another. The physical layer doesn’t define any meaning to those signals other than the basic binary values of 1 and 0. The higher levels of the OSI model must assign meanings to the bits that are transmitted at the physical layer.

One type of physical layer device commonly used in networks is a repeater, which is used to regenerate the signal whenever you need to exceed the cable length allowed by the physical layer standard. 10BaseT hubs are also physical layer devices. Technically, they’re known as multiport repeaters because the purpose of a hub is to regenerate every packet received on any port on all the hub’s other ports. Repeaters and hubs don’t examine the contents of the packets that they regenerate, though. If they did, they would be working at the data link layer, and not at the physical layer.

The network adapter (also called a network interface card; NIC) installed in each computer on the network is a physical layer device. You can display information about the network adapter (or adapters) installed in a Windows computer by displaying the adapter’s Properties dialog box, as shown in Figure 1-1. To access this dialog box in Windows, open the Control Panel, choose Network and Sharing Center, and then choose Change Adapter Settings. Then right-click the Local Area Connection icon and choose Properties from the menu that appears.

FIGURE 1-1: The Properties dialog box for a network adapter.

The data link layer

The data link layer is the lowest layer at which meaning is assigned to the bits that are transmitted over the network. Data link protocols address things, such as the size of each packet of data to be sent, a means of addressing each packet so that it’s delivered to the intended recipient, and a way to ensure that two or more nodes don’t try to transmit data on the network at the same time.

The data link layer also provides basic error detection and correction to ensure that the data sent is the same as the data received. If an uncorrectable error occurs, the data link standard must specify how the node is to be informed of the error so that it can retransmit the data.

At the data link layer, each device on the network has an address: the Media Access Control (MAC). This address is hard-wired into every network device by the manufacturer. MAC addresses are unique; no two network devices made by any manufacturer anywhere in the world can have the same MAC address.

You can see the MAC address for a computer’s network adapter by opening a command window and running the ipconfig /all command, as shown in Figure 1-2. In this example, the MAC address of the network card is 00-40-F4-CD-A9-50. (The ipconfig command refers to the MAC address as the physical address.)

FIGURE 1-2: Display the MAC address of a network adapter.

One of the most import functions of the data link layer is to provide a way for packets to be sent safely over the physical media without interference from other nodes attempting to send packets at the same time. The two most popular ways to do this are CSMA/CD and token passing. (Take a deep breath. CSMA/CD stands for Carrier Sense Multiple Access/Collision Detection.) Ethernet networks use CSMA/CD, and token ring networks use token passing.

Two types of data link layer devices are commonly used on networks:

• Bridge: An intelligent repeater that's aware of the MAC addresses of the nodes on either side of the bridge and can forward packets accordingly.
• Switch: An intelligent hub that examines the MAC address of arriving packets to determine which port to forward the packet to.

CSMA/CD IS A MOUTHFUL!

An important function of the data link layer is to make sure that two computers don’t try to send packets over the network at the same time. If they do, the signals will collide with each other, and the transmission will be garbled. Ethernet accomplishes this feat by using CSMA/CD. This phrase is a mouthful, but if you take it apart piece by piece, you’ll get an idea of how it works.

• Carrier Sense means that whenever a device wants to send a packet over the network media, it first listens to the network media to see whether anyone else is already sending a packet. If it doesn’t hear any other signals on the media, the computer assumes that the network is free, so it sends the packet.
• Multiple Access means that nothing prevents two or more devices from trying to send a message at the same time. Sure, each device listens before sending. However, suppose that two devices listen, hear nothing, and then proceed to send their packets at the same time? Picture what happens when you and someone else arrive at a four-way stop sign at the same time. You wave the other driver on, he or she waves you on, you wave, he or she waves, you both wave, and then you both go at the same time.
• Collision Detection means that after a device sends a packet, it listens carefully to see whether the packet crashes into another packet. This is kind of like listening for the screeching of brakes at the four-way stop. If the device hears the screeching of brakes, it waits a random period of time and then tries to send the packet again. Because the delay is random, two packets that collide are sent again after different delay periods, so a second collision is unlikely.

CSMA/CD works pretty well for smaller networks. After a network hits about 30 computers, however, packets start to collide like crazy, and the network slows to a crawl. When that happens, the network should be divided into two or more separate sections that are sometimes called collision domains.

The network layer

The network layer handles the task of routing network messages from one computer to another. The two most popular layer 3 protocols are IP (which is usually paired with TCP) and IPX (typically paired with SPX for use with Novell and Windows networks).

Network layer protocols provide two important functions: logical addressing and routing. The following sections describe these functions.

Logical addressing

As I mention earlier, every network device has a physical address — a MAC address — assigned to the device at the factory. When you buy a network interface card to install into a computer, the MAC address of that card is fixed and can’t be changed. So what happens if you want to use some other addressing scheme to refer to the computers and other devices on your network? This is where the concept of logical addressing comes in; with a logical address, you can access a network device by using an address that you assign.

Logical addresses are created and used by network layer protocols, such as IP or IPX. The network layer protocol translates logical addresses to MAC addresses. For example, if you use IP as the network layer protocol, devices on the network are assigned IP addresses, such as 207.120.67.30. Because the IP protocol must use a data link layer protocol to send packets to devices, IP must know how to translate the IP address of a device to the device’s MAC address.

You can use the ipconfig command (shown earlier in Figure 1-2) to see the IP address of your computer. The IP address shown in that figure is 172.16.0.19. Another way to display this information is to use the System Information command, found on the Start menu under Start⇒  All Programs⇒  Accessories⇒  System Tools⇒  System Information. The IP address is highlighted in Figure 1-3. Notice that the System Information program displays a lot of other useful information about the network besides the IP address. For example, you can also see the MAC address and what protocols are being used.

FIGURE 1-3: Find network information from System Information.

Although the exact format of logical addresses varies depending on the protocol being used, most protocols divide the logical address into two parts:

• Network address: Identifies which network the device resides on
• Device address: Identifies the device on that network

In a typical IP address — say, 192.168.1.102 — the network address is 192.168.1, and the device address (called a host address in IP) is 102.

Similarly, IPX addresses consist of two parts: a network address and a node address. In an IPX address, the node address is the same as the MAC address. As a result, IPX doesn’t have to translate between layer 2 and layer 3 addresses.

Routing

Routing comes into play when a computer on one network needs to send a packet to a computer on another network. In this case, a router is used to forward the packet to the destination network. In some cases, a packet may have to travel through several intermediate networks in order to reach its final destination network. You can find out more about routers in Chapter 4 of this minibook.

An important feature of routers is that you can use them to connect networks that use different layer 2 protocols. For example, a router can be used to send a packet from an Ethernet to a token ring network. As long as both networks support the same layer 3 protocol, it doesn’t matter whether their layer 1 and layer 2 protocols are different.

A protocol is considered routable if it uses addresses that include a network part and a host part. Any protocol that uses physical addresses isn’t routable because physical addresses don’t indicate to which network a device belongs.

The transport layer

The transport layer is where you find two of the most well-known networking protocols: TCP (typically paired with IP) and SPX (typically paired with IPX). As its name implies, the transport layer is concerned with the transportation of information from one computer to another.

The main purpose of the transport layer is to ensure that packets are transported reliably and without errors. The transport layer does this task by establishing connections between network devices, acknowledging the receipt of packets, and resending packets that aren’t received or are corrupted when they arrive.

In many cases, the transport layer protocol divides large messages into smaller packets that can be sent over the network efficiently. The transport layer protocol reassembles the message on the receiving end, making sure that all the packets that make up a single transmission are received so that no data is lost.

For some applications, speed and efficiency are more important than reliability. In such cases, a connectionless protocol can be used. As you can likely guess, a connectionless protocol doesn’t go to the trouble of establishing a connection before sending a packet: It simply sends the packet. TCP is a connection-oriented transport layer protocol. The connectionless protocol that works alongside TCP is User Datagram Protocol (UDP).

You can view information about the status of TCP and UDP connections by running the Netstat command from a command window, as Figure 1-4 shows. In the figure, you can see that several TCP connections are established.

FIGURE 1-4: See TCP and UDP connections.

In fact, you can use the command Netstat /N to see the numeric network addresses instead of the names. With the /N switch, the output in Figure 1-4 would look like this:

Active Connections

Proto Local Address Foreign Address State

TCP 127.0.0.1:2869 127.0.0.1:54170 ESTABLISHED

TCP 127.0.0.1:5357 127.0.0.1:54172 TIME_WAIT

TCP 127.0.0.1:27015 127.0.0.1:49301 ESTABLISHED

TCP 127.0.0.1:49301 127.0.0.1:27015 ESTABLISHED

TCP 127.0.0.1:54170 127.0.0.1:2869 ESTABLISHED

TCP  192.168.1.100:49300 192.168.1.101:445  ESTABLISHED

TCP is a connection-oriented transport layer protocol. UDP is a connectionless transport layer protocol.

The session layer

The session layer establishes conversations — sessions — between networked devices. A session is an exchange of connection-oriented transmissions between two network devices. Each transmission is handled by the transport layer protocol. The session itself is managed by the session layer protocol.

A single session can include many exchanges of data between the two computers involved in the session. After a session between two computers has been established, it's maintained until the computers agree to terminate the session.

The session layer allows three types of transmission modes:

• Simplex: Data flows in only one direction.
• Half-duplex: Data flows in both directions, but only in one direction at a time.
• Full-duplex: Data flows in both directions at the same time.

In actual practice, the distinctions in the session, presentation, and application layers are often blurred, and some commonly used protocols actually span all three layers. For example, SMB — the protocol that is the basis of file sharing in Windows networks — functions at all three layers.

The presentation layer

The presentation layer is responsible for how data is represented to applications. The most common representation for representing character data today is called UTF-8, which uses 8-bit sets to represent most characters found in western alphabets. UTF-8 is compatible with an older standard called ASCII.

UTF-8 is sometimes called Unicode, which is a standard for representing the characters found in most of the world’s writing systems. Technically, UTF-8 is a particular method of implementing Unicode, so although the two terms are related, they are not identical.

Some computers, in particular IBM mainframe computers, use a different code called Extended Binary Coded Decimal Interchange Code (EBCDIC). ASCII and EBCDIC aren’t compatible. To exchange information between a mainframe computer and a Windows computer, the presentation layer must convert the data from ASCII to EBCDIC, and vice versa.

Besides simply converting data from one code to another, the presentation layer can also apply sophisticated compression techniques so that fewer bytes of data are required to represent the information when it’s sent over the network. At the other end of the transmission, the presentation layer then uncompresses the data.

The presentation layer can also scramble the data before it’s transmitted and then unscramble it at the other end by using a sophisticated encryption technique that even Sherlock Holmes would have trouble breaking.

The application layer

The highest layer of the OSI model, the application layer deals with the techniques that application programs use to communicate with the network. The name of this layer is a little confusing. Application programs (such as Microsoft Office or QuickBooks) aren’t a part of the application layer. Rather, the application layer represents the programming interfaces that application programs use to request network services.

Some of the better-known application layer protocols are

• Domain Name System (DNS): For resolving Internet domain names
• File Transfer Protocol (FTP): For file transfers
• Simple Mail Transfer Protocol (SMTP): For email
• Server Message Block (SMB): For file sharing in Windows networks
• Network File System (NFS): For file sharing in Unix networks
• Telnet: For terminal emulation

Following a Packet through the Layers

Figure 1-5 shows how a packet of information flows through the seven layers as it travels from one computer to another on the network. The data begins its journey when an end-user application sends data to another network computer. The data enters the network through an application layer interface, such as SMB. The data then works its way down through the protocol stack. Along the way, the protocol at each layer manipulates the data by adding header information, converting the data into different formats, combining packets to form larger packets, and so on. When the data reaches the physical layer protocol, it’s placed on the network media (in other words, the cable) and sent to the receiving computer.

FIGURE 1-5: How data travels through the seven layers.

When the receiving computer receives the data, the data works its way up through the protocol stack. Then, the protocol at each layer reverses the processing that was done by the corresponding layer on the sending computer. Headers are removed, data is converted back to its original format, packets that were split into smaller packets are recombined into larger messages, and so on. When the packet reaches the application layer protocol, it’s delivered to an application that can process the data.

The Ethernet Protocol

As I mention earlier, the first two layers of the OSI model deal with the physical structure of the network and the means by which network devices can send information from one device on a network to another. By far, Ethernet is the most popular set of protocols for the physical and data link layers.

Ethernet has been around in various forms since the early 1970s. (For a brief history of Ethernet, see the sidebar, “Ethernet folklore and mythology.”) The current incarnation of Ethernet is defined by the 802.3 IEEE standard. Various flavors of Ethernet operate at different speeds and use different types of media. However, all the versions of Ethernet are compatible with each other, so you can mix and match them on the same network by using devices such as bridges, hubs, and switches to link network segments that use different types of media.

The actual transmission speed of Ethernet is measured in millions of bits per second (Mbps) or billions of bits per second (Gbps). Ethernet comes in several different speed versions:

• Standard Ethernet: 10 Mbps; rarely (if ever) used today.
• Fast Ethernet: 100 Mbps; still used for devices where speed is not particularly important, such as printers or fax machines.
• Gigabit Ethernet and beyond: 1,000 Mbps; the most common speed used to connect user computers to a network. Faster speeds, such as 10 Gbps, 100 Gbps, and even faster, are sometimes used in high-speed networks to connect servers and other critical devices to the network.

Network transmission speed refers to the maximum speed that can be achieved over the network under ideal conditions. In reality, the actual throughput of an Ethernet network rarely reaches this maximum speed.

Ethernet operates at the first two layers of the OSI model — the physical and the data link layers. However, Ethernet divides the data link layer into two separate layers: the Logical Link Control (LLC) layer and the Medium Access Control (MAC) layer. Figure 1-6 shows how the various elements of Ethernet match up to the OSI model.

FIGURE 1-6: Ethernet and the OSI model.

The following sections describe Standard Ethernet, Fast Ethernet, and Gigabit Ethernet in more detail.

Standard Ethernet

Standard Ethernet is the original Ethernet. It runs at 10 Mbps, which was considered fast in the 1970s but is excruciatingly slow by today’s standards. Although plenty of existing Standard Ethernet is still in use, it’s considered obsolete and should be replaced by Gigabit Ethernet as soon as possible.

Standard Ethernet came in three incarnations, depending on the type of cable used to string the network together:

• 10Base5: This original Ethernet cable was thick (about as thick as your thumb), heavy, and difficult to work with. It’s seen today only in museum exhibits.
• 10Base2: This thinner type of coaxial cable (it resembles television cable) became popular in the 1980s and lingered into the early 1990s. Plenty of 10Base2 cable is still in use, but it’s rarely installed in new networks. 10Base2 (like 10Base5) uses a bus topology, so wiring a 10Base2 network involves running cable from one computer to the next until all the computers are connected in a segment.

• 10BaseT: Unshielded twisted-pair (UTP) cable became popular in the 1990s because it’s easier to install, lighter, and more reliable, and also it offers more flexibility in how networks are designed. 10BaseT networks use a star topology with hubs at the center of each star. Although the maximum length of 10BaseT cable is only 100 meters, hubs can be chained to extend networks well beyond the 100-meter limit.

  10BaseT cable has four pairs of wires twisted together throughout the entire span of the cable. However, 10BaseT uses only two of these wire pairs, so the unused pairs are spares.

If you find yourself working with 10 Mbps Ethernet, spend a few moments enjoying your historical find. Then, as quickly as you can, update the entire network to Gigabit Ethernet.

ETHERNET FOLKLORE AND MYTHOLOGY

Here’s how Ethernet came to be so popular. The original idea for the Ethernet was hatched in the mind of Robert Metcalfe, a graduate computer science student at Harvard University. Looking for a thesis idea in 1970, he refined a networking technique used in Hawaii — the AlohaNet (actually a wireless network) — and developed a technique that would enable a network to efficiently use as much as 90 percent of its capacity. By 1973, he had his first Ethernet network up and running at the famous Xerox Palo Alto Research Center (PARC). Bob dubbed his network “Ethernet” in honor of the thick network cable, which he called “the ether.” (Xerox PARC was busy in 1973. In addition to Ethernet, PARC developed the first personal computer that used a graphical user interface (GUI) complete with icons, windows, and menus, and the world’s first laser printer.)

In 1979, Xerox began working with Intel and DEC (a once-popular computer company) to make Ethernet an industry standard networking product. Along the way, they enlisted the help of the IEEE, which formed committee number 802.3 and began the process of standardizing Ethernet in 1981. The 802.3 committee released the first official Ethernet standard in 1983.

Meanwhile, Bob Metcalfe left Xerox, turned down a job offer from Steve Jobs to work at Apple computers, and started a company called the Computer, Communication, and Compatibility Corporation — now known as 3Com. 3Com has since become one of the largest manufacturers of Ethernet equipment in the world.

Fast Ethernet

Fast Ethernet refers to Ethernet that runs at 100 Mbps, which is ten times the speed of Standard Ethernet. Although there are several varieties of Fast Ethernet, the most common is 100BaseTX, which transmits at 100 Mbps over just two pairs of a UTP cable. 100 Mbps Ethernet requires at least Cat-5 cable, but most networks are now wired with Cat-5e or Cat-6 cable, both of which are capable of gigabit speeds.

Gigabit Ethernet

Gigabit Ethernet is Ethernet running at a 1,000 Mbps, or 1 Gbps. Gigabit Ethernet was once considerably more expensive than Fast Ethernet, so it was used only when the improved performance justified the extra cost. However, today Gigabit Ethernet is the standard for nearly all desktop and laptop PCs. Two grades of cable are commonly used: Cat-5e and Cat-6; Cat-6 is preferred because it can be used for even faster networks.

Beyond gigabit

Several varieties of Ethernet faster than 1 Gbps are available:

• 2.5GBase-T: 2.5 Gbps speed that can operate on Cat-5e cable.
• 5GBase-T: 5 Gbps speed that requires Cat-6 cable.
• 10GBase-T: 10 Gbps speed that requires Cat-6A cable. This is the fastest Ethernet variety commonly available that runs on copper cable; faster speeds typically require fiber cable.
• 10GBase-LR and 10GBase-ER: 10 Gbps speeds commonly used for wide-area networks on fiber cable, with distances of up to 10 km (10GBase-LR) and 40km (10Gbase-ER)
• Terabit Ethernet: Speeds above 10 Gbps are still largely experimental; eventually, it is hoped that terabyte speeds — that is, 1,000 Gbps — can be achieved.

Speeds higher than 10 Gbps can be achieved by combining several 10 Gbps circuits to form a single link. For example, 40 Gbps speed can be achieved using a connection called QSFP+, which combines four 10 Gbps connections to create a single 40 Gbps link.

The TCP/IP Protocol Suite

TCP/IP, the protocol on which the Internet is built, is not a single protocol but rather an entire suite of related protocols. TCP is even older than Ethernet. It was first conceived in 1969 by the Department of Defense. For more on the history of TCP/IP, see the sidebar, “The fascinating story of TCP/IP,” later in this chapter. Currently, the Internet Engineering Task Force (IETF) manages the TCP/IP protocol suite.

The TCP/IP suite is based on a four-layer model of networking similar to the seven-layer OSI model. Figure 1-7 shows how the TCP/IP model matches up with the OSI model and where some of the key TCP/IP protocols fit into the model. As you can see, the lowest layer of the model, the network interface layer, corresponds to the OSI model’s physical and data link layers. TCP/IP can run over a wide variety of network interface layer protocols, including Ethernet, as well as other protocols, such as token ring and FDDI (an older standard for fiber optic networks).

FIGURE 1-7: TCP/IP and the OSI model.

The application layer of the TCP/IP model corresponds to the upper three layers of the OSI model — the session, presentation, and application layers. Many protocols can be used at this level. A few of the most popular are HTTP, FTP, Telnet, SMTP, DNS, and SNMP.

In the following sections, I point out a few more details of the three most important protocols in the TCP/IP suite: IP, TCP, and UDP.

IP

Internet Protocol (IP) is a network layer protocol responsible for delivering packets to network devices. The IP protocol uses logical IP addresses to refer to individual devices rather than physical (MAC) addresses. Address Resolution Protocol (ARP) handles the task of converting IP addresses to MAC addresses.

10BASE WHAT?

The names of Ethernet cable standards resemble the audible signals a quarterback might shout at the line of scrimmage. In reality, the cable designations consist of three parts:

• The first number is the speed of the network in Mbps. So, 10BaseT is for 10 Mbps networks (Standard Ethernet), 100BaseTX is for 100 Mbps networks (Fast Ethernet), and 1000BaseT is for 1,000 Mbps networks (Gigabit Ethernet).
• “Base” (short for “baseband”) indicates the type of network transmission that the cable uses. Baseband transmissions carry one signal at a time and are relatively simple to implement. The alternative to baseband is broadband, which can carry more than one signal at a time but is more difficult to implement. At one time, broadband incarnations of the 802.x networking standards existed, but they have all but fizzled due to lack of use.
• The tail end of the designation indicates the cable type. For coaxial cables, a number is used that roughly indicates the maximum length of the cable in hundreds of meters. 10Base5 cables can run up to 500 meters. 10Base2 cables can run up to 185 meters. (The IEEE rounded 185 up to 200 to come up with the name 10Base2.) If the designation ends with a T, twisted-pair cable is used. Other letters are used for other types of cables.

Because IP addresses consist of a network part and a host part, IP is a routable protocol. As a result, IP can forward a packet to another network if the host isn’t on the current network. After all, the capability to route packets across networks is where IP gets its name. An Internet is a just a series of two or more connected TCP/IP networks that can be reached by routing.

TCP

Transmission Control Protocol (TCP) is a connection-oriented transport layer protocol. TCP lets a device reliably send a packet to another device on the same network or on a different network. TCP ensures that each packet is delivered, if at all possible, by establishing a connection with the receiving device and then sending the packets. If a packet doesn’t arrive, TCP resends the packet. The connection is closed only after the packet has been successfully delivered or an unrecoverable error condition has occurred.

One key aspect of TCP is that it’s always used for one-to-one communications. In other words, TCP allows a single network device to exchange data with another single network device. TCP isn’t used to broadcast messages to multiple network recipients. Instead, UDP is used for that purpose.

Many well-known application layer protocols rely on TCP. For example, when a user running a web browser requests a page, the browser uses HTTP (HyperText Transfer Protocol) to send a request via TCP to a web server. When that web server receives the request, it uses HTTP to send the requested web page back to the browser, again via TCP. Other application layer protocols that use TCP include Telnet (for terminal emulation), FTP (for file exchange), and SMTP (for email).

UDP

User Datagram Protocol (UDP) is a connectionless transport layer protocol used when the overhead of a connection isn’t required. After UDP has placed a packet on the network (via the IP protocol), it forgets about it. UDP doesn’t guarantee that the packet arrives at its destination. Most applications that use UDP simply wait for any replies expected as a result of packets sent via UDP. If a reply doesn’t arrive within a certain period of time, the application either sends the packet again or gives up.

Probably the best-known application layer protocol that uses UDP is the Domain Name System (DNS). When an application needs to access a domain name (such as www.wiley.com), DNS sends a UDP packet to a DNS server to look up the domain. When the server finds the domain, it returns the domain’s IP address in another UDP packet.

THE FASCINATING STORY OF TCP/IP

Some people are fascinated by history. They subscribe to cable TV just to get the History Channel. If you’re one of those history buffs, you may be interested in the following chronicle of TCP/IP’s humble origins. (For maximum effect, play some melancholy violin music in the background as you read the rest of this sidebar.)

In the summer of 1969, the four mop-topped singers from Liverpool were breaking up. The war in Vietnam was escalating. Astronauts Neil Armstrong and Buzz Aldrin walked on the moon. And the Department of Defense built a computer network called ARPANET to link its defense installations with several major universities throughout the United States.

By the early 1970s, ARPANET was becoming difficult to manage. So it was split into two networks: one for military use, called MILNET; and the other for nonmilitary use. The nonmilitary network retained the name ARPANET. To link MILNET with ARPANET, a new method of connecting networks — Internet Protocol (IP) — was invented.

The whole purpose of IP was to enable these two networks to communicate with each other. Fortunately, the designers of IP realized that it wouldn’t be too long before other networks wanted to join in the fun, so they designed IP to allow for more than two networks. In fact, their ingenious design allowed for tens of thousands of networks to communicate via IP.

The decision was a fortuitous one, as the Internet quickly began to grow. By the mid-1980s, the original ARPANET reached its limits. Just in time, the National Science Foundation (NSF) decided to get into the game. NSF had built a network called NSFNET to link its huge supercomputers. NSFNET replaced ARPANET as the new background for the Internet. Around that time, such magazines as Time and Newsweek began writing articles about this new phenomenon called the Internet, and the Net (as it became nicknamed) began to grow like wildfire. Soon NSFNET couldn’t keep up with the growth, so several private commercial networks took over management of the Internet backbone. The Internet has grown at a dizzying rate ever since, and nobody knows how long this frenetic growth rate will continue. One thing is sure: TCP/IP is now the most popular networking protocol in the world.

Other Protocols Worth Knowing About

Although the vast majority of networks now use Ethernet and TCP/IP, a few other networking protocols are still in use and are therefore worth knowing about. In particular:

• Network Basic Input/Output System (NetBIOS): The basic application programming interface for network services on Windows computers. It’s installed automatically when you install TCP/IP, but doesn’t show up as a separate protocol when you view the network connection properties. (Refer to Figure 1-1.) NetBIOS is a session layer protocol that can work with transport layer protocols, such as TCP, SPX, or NetBEUI.
• Network BIOS Extended User Interface (NetBEUI): A transport layer protocol designed for early IBM and Microsoft networks. NetBEUI is now considered obsolete.
• IPX/SPX: A protocol suite made popular in the 1980s by Novell for use with its NetWare servers. TCP/IP has become so dominant that IPX/SPX is rarely used now.
• AppleTalk: An obsolete suite of network protocols introduced by Apple in the 1980s and finally abandoned in 2009. The AppleTalk suite included a physical and data link layer protocol called LocalTalk, but could also work with standard lower-level protocols, including Ethernet and token ring.
• Systems Network Architecture (SNA): An IBM networking architecture dating back to the 1970s, when mainframe computers roamed the earth and PCs had barely emerged from the primordial computer soup. SNA was designed primarily to support huge terminals such as airline reservations and banking systems, with tens of thousands of terminals attached to central host computers. Now that IBM mainframes support TCP/IP and mainframe terminal systems have all but vanished, SNA is beginning to fade away. Still, many networks that incorporate mainframe computers have to contend with SNA.