vudevelopers

The Internet protocols introduce heavy overhead for some common types of network traffic. Probably the most extreme case is an interactive session with a user typing on a keyboard. With each keystroke, a packet is sent to the remote host and a reply is returned. Even though only a single byte of data is being sent, the addition of a TCP header (20 bytes) and an IP header (another 20 bytes) expand the resulting packet to at least 41 bytes. This represents 4000% overhead!

These problems are not apparent on Ethernet media, which enforces a 64-byte minimum size on all packets at the Data Link Layer. Other media may also be fast enough to disguise the problem, but dial-up modems can’t tolerate such inefficiencies. RFC 1144 documents Van Jacobson compression, a popular technique for compressing TCP/IP headers. Van Jacobson compression can reduce packet header overhead from 4000% to 300%, enough to yield acceptable interactive performance at 2400 bps. This is often used in conjunction with SLIP or PPP, and referred to as CSLIP or CPPP.

• Header, not data compression. Van Jacobson compression makes no attempt to compress the data portion of the packet.
• End-to-end checksum. The original TCP checksum is always preserved, transmitted unmodified, and used to check the validity of the reconstructed packet. A sound case (the so-called end-to-end argument) can be made on the inherent robustness of this approach. Of course, the robustness is only as good as the checksum algorithm itself.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Bridging is a method of path selection (contrast routing).

In a bridged network, no correspondence is required between addresses and paths. Put another way, addresses don’t imply anything about where hosts are physically attached to the network. Any address can appear at any location. In contrast, routing requires more thoughtful address assignment, corresponding to physical placement.

Bridging relies heavily on broadcasting. Since a packet may contain no information other than the destination address, and that implies nothing about the path that should be used, the only option may be to send the packet everywhere! This is one of bridging’s most severe limitations, since this is a very inefficient method of data delivery, and can trigger broadcast storms. In networks with low speed links, this can introduce crippling overhead.

IP, designed as a wide-area networking protocol, is rarely bridged because of the large networks it typically interconnects. The broadcast overhead of bridging would be prohibitive on such networks. However, the link layer protocols IP functions over, particularly Ethernet and Token Ring, are often bridged. Due to the pseudo-random fashion in which Ethernet and Token Ring addresses are assigned, bridging is usually the only option for switching among multiple networks at this level.

Bridging is most commonly used to separate high-traffic areas on a LAN. It is not very useful for disperse traffic patterns. Expect it to work best on networks with multiple servers, each with a distinct clientele that seldom communicate with any servers but their “home”.

Two types of bridging exists, corresponding to the distinction outlined earlier. Transparent bridging is used in Ethernet environments and relies on switching nodes. Token Ring networks use source-route bridging (SRB), in which end systems actively participate by finding paths to destinations, then including this path in data packets.

Transparent bridging

Transparent bridging, the type used in Ethernet and documented in IEEE 802.1, is based on the concept of a spanning tree. This is a tree of Ethernet links and bridges, spanning the entire bridged network. The tree originates at a root bridge, which is determined by election, based either on Ethernet addresses or engineer-defined preference. The tree expands outward from there. Any bridge interfaces that would cause loops to form are shut down. If several interfaces could be deactivated, the one farthest from the root is chosen. This process continues until the entire network has been transversed, and every bridge interface is either assigned a role in the tree, or deactivated.

Since the topology is now loop-free, we can broadcast across the entire network without too much worry, and any Ethernet broadcasts are flooded in this manner. All other packets are flood throughout the network, like broadcasts, until more definite information is determined about their destination. Each bridge finds such information by monitoring source addresses of packets, and matching them with the interfaces each was received on. This tells each bridge which of its interfaces leads to the source host. The bridge recalls this when it needs to bridge a packet sent to that address. Over time, the bridges build complete tables for forwarding packets along the tree without extraneous transmissions.

There are several disadvantages to transparent bridging. First, the spanning tree protocol must be fairly conservative about activating new links, or loops can develop. Also, all the forwarding tables must be cleared every time the spanning tree reconfigures, which triggers a broadcast storm as the tables are reconstructed. This limits the usefulness of transparent bridging in environments with fluid topologies. Redundant links can sit unused, unless careful attention is given to root bridge selection. In such a network (with loops), some bridges will always sit idle anyway. Finally, like all bridging schemes, the unnecessary broadcasting can affect overall performance. Its use is not recommended in conjunction with low-speed serial links.

On the pro side, transparent bridging gives the engineer a powerful tool to effectively isolate high-traffic areas such as local workgroups. It does this without any host reconfiguration or interaction, and without changes to packet format. It has no addressing requirements, and can provide a “quick fix” to certain network performance problems. As usual, careful analysis is needed by the network engineer, with particular attention given to bridge placement.

Again, note that for IP purposes the entire spanning tree is regarded as a single link. All bridging decisions are based on the 48-bit Ethernet address.

Source-route bridging (SRB)

Source-route bridging (SRB) is popular in Token Ring environments, and is documented in IEEE 802.5. Unlike transparent bridging, SRB puts most of the smarts in the hosts and uses fairly simple bridges. SRB bridges recognize a routing information field (RIF) in packet headers, essentially a list of bridges a packet should transverse to reach its destination. Each bridge/interface pair is represented by a Route Designator (RD), the two-byte number used in the RIF. An All Rings Broadcast (ARB) is forwarded through every path in the network. Bridges add their RDs to the end of an ARB’s RIF field, and use this information to prevent loops (by never crossing the same RD twice). When the ARB arrives at the destination (and several copies may arrive), the RIF contains an RD path through the bridges, from source to destination. Flipping the RIF’s Direction Bit (D) turns the RIF into a path from destination to source. See RFC 1042 for the format of the RIF field and a discussion of SRB’s use to transport IP packets.

Source-route bridging has its problems. It is even more broadcast-intensive than transparent bridging, since each host must broadcast to find paths, as opposed to each bridge having to broadcast. It requires support in host software for managing RIF fields. To take advantage of a redundant network, a host must remember multiple RIF paths for each remote host it communicates with, and have some method of retiring paths that appear to be failing. Since few SRB host implementations do this, SRB networks are notorious for requiring workstation reboots after a bridge failure.

On the other hand, if you want to bridge a Token Ring network, SRB is just about your only choice. Like transparent bridging, it does allow the savvy engineer to quickly improve network performance in situations where high-traffic areas can be segmented behind bridges.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

For some important aspects of Internet engineering, most notably IP Addressing, an understanding of binary arithmetic is critical. Many strange-looking decimal numbers can only be understood by converting them (at least mentally) to binary.

All digital computers represent data as a collection of bits. A bit is the smallest possible unit of information. It can be in one of two states – off or on, 0 or 1. The meaning of the bit, which can represent almost anything, is unimportant at this point. The thing to remember is that all computer data – a text file on disk, a program in memory, a packet on a network – is ultimately a collection of bits.

If one bit has two different states, how many states do two bits have? The answer is four. Likewise, three bits have eight states. For example, if a computer display had eight colors available, and you wished to select one of these to draw a diagram in, three bits would be sufficient to represent this information. Each of the eight colors would be assigned to one of the three-bit combinations. Then, you could pick one of the colors by picking the right three-bit combination.

A common and convenient grouping of bits is the byte or octet, composed of eight bits. If two bits have four combinations, and three bits have eight combinations, how many combinations do eight bits have? If you don’t want to write out all the possible byte patterns, just multiply eight twos together – one two for each bit. Two times two is four, so the number of combinations of two bits is four. Two times two times two is eight, so the number of combinations of three bits is eight. Do this eight times – or just compute two to the eighth power – and you discover that a byte has 256 possible states.

Obviously, if a byte has 256 possible states, its exact state can be represented by a number from 1 to 256. However, since zero is a very important number, a byte is more typically represented by a number from 0 to 255. This is very common, and with bit pattern 00000000 representing zero, and bit pattern 11111111 representing 255. The numbers matching these two patterns, and everything in between, can be computed by assigning a weight to each bit, multiplying each bit’s value (0 or 1) by its weight, and then adding the totals.

To convert a number from decimal to binary, begin at leftmost bit position (128). If the number is larger than or equal to the bit’s weight, write a 1 in the bit position, subtract the bit’s weight from the number, and continue with the difference. If the number is less than the bit’s weight, write a 0 in the bit position and continue without any subtraction.

There is a simpler way to convert bytes back and forth between binary and decimal; akin to memorizing multiplication tables. The byte can split into two four-bit halves, each half called a nibble. Memorize the decimal values for the high nibble (they’re just the multiples of 16). The low nibble is trivial. Every number between 0 and 255 is the sum of one of the high nibble values and one of the low nibble values. Write the high nibble next to the low nibble, and you have the byte value in binary. Conversely, an eight-bit binary byte can be split in half, each nibble converted to decimal and two decimal numbers added together.

The most common bit patterns in Internet engineering are those with a string of one bits, followed by a string of zero bits. Here are all such bytes, along with their decimal representation, computed just like the example using 217.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Network management stems from the realization that hosts, routers, and other networking devices often require maintenance operations, and the network is a communications medium, so why not use the network to perform the maintenance?

The oldest and simplest form of network management is the remote login. In fact, most fancy routers support TELNET access to some sort of command prompt. Many operations can be performed in no other way.

However, more sophisticated network management tools have been developed, for a variety of reasons. Remote logins are designed for human interaction, and use command style and syntax that varies between different hardware and software platforms. A more specialized and standardized approach allows automated software tools to easily perform management operations on a variety of platforms. Also useful is a standard method of reporting network failures and error conditions to a centralized location.

For Internet engineers, the SNMP Protocol is currently the most popular vehicle for network management.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Several types of names exist in the Internet design model. An understanding of each is critical to the engineer.

• Domain Names are alphanumeric strings used by users to identify Internet hosts. www.FreeSoft.org is a domain name. Domain names are converted into IP addresses by DNS.
• IP Addresses are 32-bit numbers used to identify Internet hosts by the IP Protocol. Sometimes IP addresses must be written in a human-readable format; dotted quad notation is used, with each of the four bytes written as a decimal number, separated by periods. 205.216.34.7 is a dotted quad IP address.
• Service Names are short strings that identify particular services on an Internet host. They must be converted to port numbers before use, which is commonly done using a services table, /etc/services on UN*X machines. Examples of service names are telnet, smtp, and http.
• Port Numbers identify particular services on an Internet host to the TCP and UDP Protocols. They are 16-bit numbers, usually written in decimal, and known by convention. For example, port 25 is used for SMTP mail transfers, and port 80 for HTTP Web transfers.
• Universal Resource Locators (URLs) are used by the World Wide Web to locate and identify Web documents and other resources. URLs typically contain service names, domain names and sometimes port numbers. URLs also include a string, usually a filesystem path, to distinguish between different documents available through a single server.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Local Area Networks (LANs) and Wide Area Networks(WANs) are generic terms referring to two important basic types of networks. Let me try to summarize the characteristics of each, and then discuss their importance to the network engineer.

LAN/WAN Comparison

The Internet can be thought of as a bunch of LANs interconnected by WANs. An average packet will run across a company’s local Ethernet (LAN), up an ISDN or leased line or PPP link (WAN) to an Internet Service Provider. The ISP has Ethernet too (LAN), that transports the packet to the right router for delivery to a cross-country provider (WAN). The packet begins bouncing from one LAN site to another over WAN links.

A good networking design must answer both the LAN and WAN needs of its users. WAN links tend to operate with tight bandwidth margins, but many LAN applications depend on lots of surplus bandwidth. This is especially true of Ethernet, which begins to show performance degradation once you exceed about 20% “theoretical capacity”, don’t expect standard Ethernet to carry more than about 2 Mbps. A network’s biggest startup cost is the labor needed to install it. So don’t just install two-pair cable; install eight-pair and leave six unused. Don’t just install one Ethernet cable; install two or three, and maybe run some fiber alongside it. Be ready to expand your LAN capacity as this becomes needed.

On the other hand, consider your WAN needs. Do you want global email and Web access? If so, you’ll need some form of WAN connection, but what kind? Probably the best advice here is the same – plan for expansion, but in a different way. Plan so that you can upgrade your WAN service without changing your LAN configuration. Dialup SLIP or PPP is fine for one or two computers. Once you have a half dozen computers in regular use, I suggest shifting to a router configuration, even if the router is still using PPP. It much easier to track six LAN links and one WAN link than track six LAN links and six WAN links. As much as possible, I suggest static IP address assignment, and intelligent inverse nameserver entries.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Faced with exhaustion of class B address space and the explosion of routing table growth triggered by a flood of new class Cs, IETF began implementing Classless Interdomain Routing (CIDR), in the early 1990s. CIDR is documented in RFC 1518 and RFC 1519. The primary requirement for CIDR is the use of routing protocols that support it, such as RIP Version 2, OSPF Version 2, and BGP Version 4.

CIDR can be thought of as “subnetting on steroids”. The subnetting mask, previously a magic number set in a computer’s boot sequence, becomes an integral part of routing tables and protocols. A route is no longer an IP address, broken down into network and host bits according to its class. A route is now a combination of address and mask. Not only can we break networks into “subnets”, but we can combine networks into “supernets”, so long as they have a common network prefix. CIDR defines address assignment and aggregation strategies designed to minimize the size of top-level Internet routing tables.

For more information about CIDR, see the Subnetting and CIDR section of the Encyclopedia’s Programmed Instruction Course.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Subnetting, documented in RFC 950, originally referred to the subdivision of a class-based network into subnetworks, but now refers more generally to the subdivision of a CIDR block into smaller CIDR blocks. Subnetting allows single routing entries to refer either to the larger block or to its individual constituents. This permits a single, general routing entry to be used through most of the Internet, more specific routes only being required for routers in the subnetted block.

A subnet mask is a 32-bit number that determines how an IP address is split into network and host portions, on a bitwise basis. For example, 255.255.0.0 is a standard class B subnet mask, since the first two bytes are all ones (network), and the last two bytes are all zeros (host). In a subnetted network, the network portion is extended. For example, a subnet mask of 255.255.255.0 would subnet a class B address space using its third byte. Using this scheme, the first two bytes of an IP address would identify the class B network, the next byte would identify the subnet within that network, and the final byte would select an individual host. Since subnet masks are used on a bit-by-bit basis, masks like 255.255.240.0 (4 bits of subnet; 12 bits of host) are perfectly normal.

In a traditional subnetted network, several restrictions apply, which have been lifted by CIDR. However, if older, non-CIDR routing protocols (such as RIP version 1) are in use, these restrictions must still be observed.

1. Identical subnet masks. Since non-CIDR routing updates do not include subnet masks, a router must assume that the subnet mask it has been configured with is valid for all subnets. Therefore, a single mask must be used for all subnets with a network. Different masks can be used for different networks.Based on this assumption, a router can exchange subnet routes with other routers within the network. Since the subnet masks are identical across the network, the routers will interpret these routes in the same manner. However, routers not attached to the subnetted network can’t interpret these subnet routes, since they lack the subnet mask. Therefore, subnet routes are not relayed to routers on other networks. This leads to our second restriction.
2. Contiguous subnets. A subnetted network can’t be split into isolated portions. All the subnets must be contiguous, since routing information can’t be passed to non-members. Within a network, all subnets must be able to reach all other subnets without passing traffic through other networks.

Variable Length Subnet Masks (VLSM)

VLSM, conceptually a stepping stone from subnetting to CIDR, lifted the restrictions of subnetting by relaying subnet information through routing protocols. This idea leads us directly to CIDR.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

One of Internet’s earliest design decisions was that the fundamental transport protocol (the IP Protocol) would be based on an assumption of unreliable delivery. This means that an IP packet can be legally discarded at any time, without any notification to the sender or receiver. No guarantee is made that any particular packet will be delivered. Instead, network reachability takes a statistical form – there is a pretty good chance that any one packet will be delivered, and if a group of packets are transmitted, most of them should arrive at their destinations.

At first, this may somewhat silly. After all, what’s the point of a data communications network if you can’t count on the data getting to its destination? To understand this better, refer to the concept of protocol layering. Data delivery is unreliable at the Network Layer, where IP operates. If an application requires reliable data delivery, the Transport Layer must provide this, based upon the unreliable delivery facilities provided by the Network Layer. This is the main function of the TCP Protocol, which uses sequence numbers and timeouts to detect data loss, and then retransmits lost data until it is received and acknowledged.

So, why go through all this in the first place? Well, for one thing, if our network fails briefly at any point, in any way, there should be no serious problems. If a switching node becomes overloaded with traffic, it can simple discard some of the excess. If a link fails while a packet is being transfered, there’s no need for an elaborate recovery procedure. The assumption of unreliable delivery, and the consequent demand that software be able to handle intermittent failures, significantly reduces demands on hardware and low-level software design. Sporadic network outages might slow the tempo, but the show will go on.

\begin{soapbox}

Unreliable delivery has been a mixed blessing for the Internet. It certainly has lived up to its billing for producing a fault-tolerant network, but has created almost as many problems as it has solved.

TCP guarantees data delivery, but makes no guarantees about how long that delivery will take. In some applications, such as telephone calls, this is simply unacceptable. If the data arrives too late, it is useless. Worse, TCP will stop everything to ensure retransmission of the lost data, possibly disrupting other data that could have arrived on time. Some Internet protocols, such as ST, have been proposed to address this problem, but none have gained widespread acceptance and all are a far cry from the guaranteed bandwidth of a phone call.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Encapsulation, closely related to the concept of Protocol Layering, refers to the practice of enclosing data using one protocol within messages of another protocol.

To make use of encapsulation, the encapsulating protocol must be open-ended, allowing for arbitrary data to placed in its messages. Another protocol can then be used to define the format of that data.

Encapsulation Example

For example, consider an Internet host that requests a hypertext page over a dialup serial connection. The following scenario is likely:

First, the HyperText Transfer Protocol (HTTP) is used to construct a message requesting the page. The message, the exact format of which is unimportant at this time, is represented as follows:

Next, the Transmission Control Protocol (TCP) is used to provide the connection management and reliable delivery that HTTP requires, but does not provide itself. TCP defines a message header format, which can be followed by arbitrary data. So, a TCP message is constructed by attaching a TCP header to the HTTP message, as follows:

Now TCP does not provide any facilities for actually relaying a message from one machine to another in order to reach its destination. This feature is provided by the Internet Protocol (IP), which defines its own message header format. An IP message is constructed by attaching an IP header to the combined TCP/HTTP message:

Finally, although IP can direct messages between machines, it can not actually transmit the message from one machine to the next. This function is dependent on the actual communications hardware. In this example, we’re using a dialup modem connection, so it’s likely that the first step in transmitting the message will involve the Point-to-Point Protocol (PPP):

Note that I’v drawn the PPP encapsulation a little differently, by enclosing the entire message, not just attaching a header. This is because PPP may modify the message if it includes bytes that can’t be transmitted across the link. The receiving PPP reverses these changes, and the message emerges intact. The point to remember is that the encapsulating protocol can do anything it wants to the message – expand it, encrypt it, compress it – so long as the original message is extracted at the other end.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.