This chapter introduces important technologies as essential media, with which communication protocols traverse. Communication mediums make up the infrastructure that connect stations into LANs, LANs into wide area networks (WANs), and WANs into Internets. During our journey through Part 2 we will discuss topologies such as Ethernet, Token Ring, and FDDI. We'll explore wide area mediums, including analog, ISDN/xDSL, point-to-point links, and frame relay, as well. This primer will be the basis for the next layer in the technology foundation.
Ethernet Technology
The first Ethernet, Ethernet DIX, was named after the companies that proposed it: Digital, Intel, and Xerox. During this time, the Institute of Electrical and Electronics Engineers (IEEE) had been working on Ethernet standardization, which became known as Project 802. Upon its success, the Ethernet plan evolved into the IEEE 802.3 standard. Based on carrier sensing, as originally developed by Robert Metcalfe, David Boggs, and their team of engineers, Ethernet became a major player in communication mediums, competing head-to-head with IBM's proposed Token Ring, or
IEEE 802.5.
Carrier Transmissions
When a station on an Ethernet network is ready to transmit, it must first listen for transmissions on the channel. If another station is transmitting, it is said to be ''producing activity." This activity, or transmission, is called a carrier. In a nutshell, this is how Ethernet became known as the carrier-sensing communication medium. With multiple stations, all sensing carriers, on an Ethernet network, this mechanism was called Carrier Sense with Multiple Access, or CSMA.
If a carrier is detected, the station will wait for at least 9.6 microseconds, after the last frame passes, before transmitting its own frame. When two stations transmit simultaneously, a fused signal bombardment, otherwise known as a collision, occurs. Ethernet stations detect collisions to minimize problems. This technology was added to CSMA to become Carrier Sense with Multiple Access and Collision Detection or CSMA/CD.
Stations that participated in the collision immediately abort their transmissions. The first station to detect the collision sends out an alert to all stations. At this point, all stations execute a random collision timer to force a delay before attempting to transmit their frames. This timing delay mechanism is termed the back-off algorithm. And, if multiple collisions are detected, the random delay timer is doubled.
\ After 10 consecutive collisions and multiple double random delay times, network performance will not improve significantly. This is a good example of an Ethernet flooding method.
Ethernet Design, Cabling, Adapters
Ethernet comes in various flavors. The actual physical arrangement of nodes in a structure is termed
the network topology. Ethernet topology examples include bus, star, and point-to-point (see Figure
3.1).
Ethernet options also come in many variations, some of which are shown in Figure 3.2 and Ethernet, 10Base5. Ethernet with thick coaxial (coax) wire uses cable type RG08. Connectivity from the NIC travels through a transceiver cable to an external transceiver and finally through the thick coax cable (see Figure 3.3). Due to signal degradation, a segment is limited to fewer than 500 meters, with a maximum of 100 stations per segment of 1,024 stations total.
• 10Base2. Thin-wire Ethernet, or thinnet, uses cable type RG-58. With 10Base2, the transceiver functionality is processed in the NIC. BNC T connectors link the cable to the NIC (see Figure 3.4). As with every media type, due to signal degradation, a thinnet segment is limited to fewer than 185 meters, with a maximum of 30 stations per segment of 1,024 stations total.
• 10BaseT. Unshielded twisted pair (UTP) wire uses cable type RJ-45 for 10BaseT specifications. Twisted pair Ethernet broke away from the electric shielding of coaxial cable, using conventional unshielded copper wire. Using the star topology, each station is connected via RJ-45 with UTP wire to a unique port in a hub or switch (see Figure 3.5). The hub simulates the signals on the Ethernet cable. Due to signal degradation,
• the cable between a station and a hub is limited to fewer than 100 meters.
• Fast Ethernet, 100BaseT. To accommodate bandwidth-intensive applications and network expansion, the Fast Ethernet Alliance promoted 100 Mbps technology. This alliance consists of 3Com Corporation, DAVID Systems, Digital Equipment Corporation, Grand Junction Networks, Inc., Intel Corporation, National Semiconductor, SUN Microsystems, and Synoptics Communications.
To understand the difference in transmission speed between 10BaseT and 100BaseT, let's look at the formula:
Station-to-Hub Diameter (meters) = 25,000/Transmission Rate (Mbps).
Given: 10 Mbps 10BaseT Ethernet network:
Diameter (meters) = 25,000/10 (Mbps) Diameter = 2,500 meters
Given: 100 Mbps 100BaseT Fast Ethernet network:
Diameter (meters) = 25,000 / 100 (Mbps) Diameter = 250 meters
From these equations, we can deduce that 100 Mbps Fast Ethernet requires a station-to-hub diameter, in meters, that is one-tenth that of10 Mbps Ethernet. This speed versus distance ratio in Fast Ethernet allows for a tenfold scale increase in maximum transmitted bits. Other prerequisites for Fast
Ethernet include 100 Mbps station NICs, Fast Ethernet hub or switch, and Category 5 UTP (data grade) wire.
Hardware Addresses, Frame Formats
Having touched upon Ethernet design and cabling, we can address the underlying Ethernet addressing and formatting. We know that every station in an Ethernet network has a unique 48-bit address bound to each NIC (described in Chapter 1). These addresses not only specify a unique, single station, but also provide for transmission on an Ethernet network to three types of addresses:
Unicast Address. Transmission destination to a single station.
Multicast Address. Transmission destination to a subset or group of stations.
Broadcast Address. Transmission destination to all stations.
Hackers It doesn't necessarily matter whether the transmission destination is unicast, Note1** multicast, or broadcast, because each frame will subsequently pass by every interface.
The Ethernet frame is variable length, which is to say that no frame will be smaller than 64 octets or larger than 1,518 octets. Each frame consists of a preamble, a destination address, a source address, the frame type, frame data, and cyclic redundancy check (CRC) fields (see Figure 3.6). These fields are defined as follows:
Preamble. Aids in the synchronization between sender and receiver(s).
Destination Address. The address of the receiving station.
Source Address. The address of the sending station.
Frame Type. Specifies the type of data in the frame to determine which protocol
software module should be used for processing.
Frame Data. Indicates the data carried in the frame based on the type latent in the
Frame Type field.
Cyclic Redundancy Helps detect transmission errors. The sending station computes a
Check (CRC). frame value before transmission. Upon frame retrieval, the receiving
station must compute the same value based on a complete, successful transmission.
Token Ring Technology
Token Ring technology, originally developed by IBM, is standardized as IEEE 802.5. In its first release, Token Ring was capable of a transmission rate of 4 Mbps. Later, improvements and new technologies increased transmissions to 16 Mbps.
Preamble
Destination
Source
Frame
Frame Data
CRC
Address
Address
Type
Figure 3.6 The six fields of an Ethernet frame.
To help understand Token Ring networking, imagine a series of point-to-point stations forming a circle (see Figure 3.7). Each station repeats, and properly amplifies, the signal as it passes by, ultimately to the destination station. A device called a Multistation Access Unit (MAU) connects stations. Each MAU is connected to form a circular ring. Token Ring cabling may consist of coax, twisted pair, or fiber optic types.
Token Ring functionality starts with a 24-bit token that is passed from station to station, circulating continuously, even when no frames are ready for transmission. When a station is ready to transmit a frame, it waits for the token. Upon interfacing the token, the station submits the frame with the destination address. The token is then passed from station to station until it reaches the destination, where the receiving station retains a copy of the frame for processing. Each connection may retain the token for a maximum period of time.
This may seem arduous, but consider that the propagation velocity in twisted pair is .59 times the speed of light. Also, because each station must wait for the passing token to submit a frame, collisions do not occur in Token Ring.
Token Ring Design, Cabling
Type 1 and 2 cabling is used for 16 Mbps data transfer rates. To avoid jitter, a maximum of 180 devices per ring is recommended. The maximum distance between stations and MAU on a single MAU LAN is 300 meters. The maximum advisable distance between stations and MAUs on a multiple MAU LAN is 100 meters. The maximum recommended distance between MAUs on a
multiple MAU LAN is 200 meters.
Type 3 cabling is primarily used for 4 Mbps data transfer rates. To avoid jitter, a maximum of 90 devices per ring is recommended. The maximum distance between stations and MAU on a single MAU LAN is 100 meters. The maximum advisable distance between stations and MAUs on a multiple MAU LAN is 45 meters. The maximum recommended distance between MAUs on a multiple MAU LAN is 120 meters.
Prioritization
In Token Ring, there are two prioritization fields to permit station priority over token utilization: the priority and reservation fields. Stations with priority equal to or greater than that set in a token can take that token by prioritization. After transmission completion, the priority station must reinstate the previous priority value so normal token passing operation may resume.
Hackers Hackers that set stations with priority equal to or greater than that in a token can Not**' control that token by prioritization.
Fault Management
Token Ring employs various methods for detecting and managing faults in a ring. One method includes active monitor technology, whereby one station acts as a timing node for transmissions on a ring. Among the active monitor station's responsibilities is the removal of continuously circulating frames from the ring. This is important, as a receiving station may lock up or be rendered temporarily out of service while a passing frame seeks it for processing. As such, the active monitor will remove the frame and generate a new token.
Another fault management mechanism includes station beaconing. When a station detects a problem with the network, such as a cable fault, it sends a beacon frame, which generates a failure domain. The domain is defined as the station reporting the error, its nearest neighbor, and everything in between. Stations that fall within the failure domain attempt to electronically reconfigure around the failed area.
Hacker's Beacon generation may render a ring defenseless and can essentially lock up the ring.
Addresses, Frame Format
Similar to the three address mechanisms in Ethernet (described earlier in this chapter), Token Ring address types include the following:
• Individual Address. Specifies a unique ring station.
• Group Address. Specifies a group of destination stations on a ring.
• All Stations Address. Specifies all stations as destinations on a ring.
Basically, Token Ring supports two frame types token frame and data/command frame, as illustrated in Figures 3.8 and 3.9, respectively.
A token frame's fields are defined as follows:
Start Delimiter. Announces the arrival of a token to each station. Access Control. The prioritization value field.
End Delimiter. Indicates the end of the token or data/command frame.
Start Delimiler
Access Control
End Delimiter
Figure 3.8 A token frame consists of a Start Delimiter, an Access Control Byte, and an End Delimiter field.
Stan
Access
Frame
Destination
Source
Frame
End
Frame
Delimiter
Control
Com rol
Address
Address
Dal a
Check
Delimiter
Stalus
Sequence
Figure 3.9 A data/command frame consists of the standard fields, including error checking. A data/command frame's fields are defined as follows:
• Start Delimiter. Announces the arrival of a token to each station
• Access Control. The prioritization value field.
• Frame Control. Indicates whether data or control information is carried in the frame.
• Destination Address. A 6-byte field of the destination node address.
• Source Address. A 6-byte field of the source node address.
• Data. Contains transmission data to be processed by receiving station.
• Frame Check Sequence (FCS). Similar to a CRC (described earlier in this chapter): the source station calculates a value based on the frame contents. The destination station must recalculate the value based on a successful frame transmission. The frame is discarded when the FCS of the source and destination do not match.
• End Delimiter. Indicates the end of the token or data/command frame.
• Frame Status. A 1-byte field specifying a data frame termination and address-recognized and frame-copied indicators.
Fiber Distributed Data Interface Technology
The American National Standards Institute (ANSI) developed the Fiber Distributed Data Interface (FDDI) around 1985. FDDI is like a high-speed Token Ring network with redundancy failover using fiber optic cable. FDDI operates at 100 Mbps and is primarily used as a backbone network, connecting several networks together. FDDI utilizes Token Ring token passing technology, when, when fully implemented, contains two counter-rotating fiber rings. The primary ring data travels clockwise, and is used for transmission; the secondary ring (traveling counterclockwise) is used for backup failover in case the primary goes down. During a failure, auto-sense technology causes a ring wrap for the transmission to divert to the secondary ring.
• Single-mode. One mode of laser light enters the fiber and is capable of giving high performance over long distances. This mode is recommended for connectivity between buildings or widely dispersed networks.
• Multi-mode. Multiple modes of LED lights enter the fiber at different angles and arrive at the end of the fiber at different times. Multi- mode reduces bandwidth and potential cable distance and is therefore recommended for connectivity within buildings or between closely dispersed networks.
Fiber does not emit electrical signals and therefore cannot be tapped nor permit Nater*J unauthorized access.
Frame Format
Remember that FDDI frames can be up to 4,500 bytes. As stated, this size makes FDDI a feasible medium for large graphic and data transfers. Not surprisingly, Token Ring and FDDI formats are very similar; they both function as token-passing network rings, and therefore contain similar frames, as shown in Figure 3.11, whose fields are defined in the following list:
Start
Frame
Destination
Scone
Fr?me
End
Frame
Preamble
Dehmrter
Control
Address
Address
Check
Delimiter
Status
Sequence
Figure 3.11 FDDI data frame.
• Preamble. A sequence that prepares a station for upcoming frames.
• Start Delimiter. Announces the arrival of a token to each station.
• Frame Control. Indicates whether data or control information is carried in the frame.
• Destination Address. A 6-byte field of the destination node address.
• Source Address. A 6-byte field of the source node address.
• Data. Contains transmission data to be processed by the receiving station.
• Frame Check Sequence (FCS). Similar to a CRC (described earlier in this chapter): the source station calculates a value based on the frame contents. The destination station must recalculate the value based on a successful frame transmission. The frame is discarded if the FCS of the source and destination do not match.
• End Delimiter. Indicates the end of the frame.
• Frame Status. Specifies whether an error occurred and whether the receiving station copied the frame.
Analog Technology
Analog communication has been around for many years, spanning the globe with longer, older cabling and switching equipment. However, the problems inherent to analog communication now seem to be surpassing its effective usefulness. Fortunately, other means of communication now exist to address the complications of analog transmission. Some of the newer engineering is digital and ISDN/xDSL technologies (covered in the next section).
Dial-up analog transmission transpires through a single channel, where the analog signal is created and handled in the electrical circuits. A modem provides communication emulation, in the form of an analog stream on both the dialing and answering networks. Telephone system functionality derives from analog transmissions through equipment switching, to locate the destination and open an active circuit of communication. The cabling, microwaves, switching equipment, and hardware involved in analog transmission, by numerous vendors, is very complex and inefficient. These issues are exacerbated by the many problems relating to analog communication.
Problem Areas and Remedies
Some of the problems encountered in analog transmission include noise and attenuation. Noise is considered to be any transmissions outside of your communication stream, and that interferes with the signal. Noise interference can cause bandwidth degradation and, potentially, render complete signal loss. The five primary causes for noisy lines are:
• Heat exposure
• Parallel signals, or cross-talk
• Electrical power interference
• Magnetic fields
• Electrical surges or disturbances
There are some remediations for certain types of noise found in lines. Telephone companies have techniques and equipment to measure the strength of the signal and noise to effectively extract the signal and provide a better line of communication.
Attenuation derives from resistance, as electrical energy travels through conductors, while transmission lines grow longer. One result of attenuation is a weak signal or signal distortion. An obvious remedy for degradation caused by attenuation is the use of an amplifier. Consequently, however, any existing noise will be increased in amplitude along with the desired communication signal.
Hacker's Placing a signal-to-noise ratio service call with your local telephone company is highly recommended for optimal signal strength and bandwidth allocation.
Public telephone networks were primarily designed for voice communications. To utilize this technology, modems were developed to exchange data over these networks. Due to the problems just mentioned in typical phone lines, without some form of error correction, modem connections are unreliable. Although many of the public networks have been upgraded to digital infrastructures, users are still plagued by the effects of low-speed connections, caused by error detection and correction mechanisms that have been incorporated to new modems.
The most recent trick used to avoid upgrading available bandwidth by adding an ISDN line to achieve dial-up access, is to incorporate larger data transfers during the communication process. But before we explore the fundamentals of this new initiative, let's review the maximum transfer unit
(MTU).
Maximum Transfer Unit
The MTU is the largest IP datagram that may be transferred using a data link connection, during the communication sequences between systems. The MTU is a mutually acceptable value, whereby both ends of a link agree to use the same specific value. Because TCP and/or UDP are unaware of the particular path taken by a packet as it travels through a network such as the Internet, they do not know what size of packet to generate. Moreover, because small packets are quite common, these become inefficient, as there may be very little data as compared to large headers. Clearly then, a larger packet is much more efficient.
A wide variety of optimization software that allow you to optimize settings, such as MTU, that affect data transfer over analog and digital lines is available for download on the Internet. Most of these settings are not easily adjustable without directly editing the System Registry (described next). Some of these software packages include NetSonic (www.NetSonic.com), TweakAll (www.abtons-shed.com) and MTUSpeed (www.mjs.u-net.com). These utility suites optimize online system performance by increasing MTU data transfer sizes, Time-to-live (TTL) specifications detail the number of hops a packet can take before it expires, and provide frequent Web page caching by using available system hard drive space.
System Registry
The System Registry is a hierarchical database within later versions of Windows (95/98, Millennium, NT4, NT5, and 2000) where all the system settings are stored. It replaced all of the initialization (.ini) files that controlled Windows 3.x. All system configuration information from system.ini, win.ini and control.ini, are all contained within the Registry. All Windows program initialization and configuration data are stored within the Registry as well.
It is important to note that the Registry should not be viewed or edited with any standard editor; you must use a program that is included with Windows, called RegEdit for Windows 95 and 98 and RegEdit32 for Windows NT4 and NT5. This program isn't listed on the Start Menu and in fact is well hidden in your Windows directory. To run this program, click Start, then Run, then type regedit (for Win9x) or regedit32 (for WinNT) in the input field. This will start the Registry Editor.
It is very important to back up the System Registry before attempting to implement these methods or software suites. Registry backup software is available for download at TuCows (www.tucows.com) and Download (www.download.com). An example of the Windows Registry subtree is illustrated in Figure 3.12. The contents of its folders are described in the following list:
HKEY_CLASSES_ROOT. Contains software settings about drag-and-drop operations; handles shortcut information and other user interface information. A subkey is included for every file association that has been defined.
HKEY_CURRENT_USER. Contains information regarding the currently logged-on user, including:
• AppEvents: Contains settings for assigned sounds to play for system and applications sound events.
• Control Panel: Contains settings similar to those defined in system.ini, win.ini, and control.ini in Windows 3.xx.
• InstallLocationsMRU: Contains the paths for the Startup folder programs.
• Keyboard Layout: Specifies current keyboard layout.
• Network: Gives network connection information.
• RemoteAccess: Lists current log-on location information, if using dial-up networking.
• Software: Displays software configuration settings for the currently logged-on user.
• HKEY_LOCAL_MACHINE. Contains information about the hardware and software settings that are generic to all users of this particular computer, including:
• Config: Lists configuration information/settings.
• Enum: Lists hardware device information/settings.
• Hardware: Displays serial communication port(s) information/settings.
• Network: Gives information about network(s) to which the user is currently logged on.
• Security: Lists network security settings.
• Software: Displays software-specific information/settings.
• System: Lists system startup and device driver information and operating system settings.
• HKEY_USERS. Contains information about desktop and user settings for each user who logs on to the same Windows 95 system. Each user will have a subkey under this heading. If there is only one user, the subkey is .default.
• HKEY_CURRENT_CONFIG. Contains information about the current hardware
configuration, pointing to HKEY_LOCAL_MACHINE.
• HKEY_DYN_DATA. Contains dynamic information about the plug-and-play devices installed on the system. The data here changes when devices are added or removed on the fly.
Integrated Services Digital Network Technology
Integrated Services Digital Network (ISDN) is a digital version of the switched analog communication, as described in the previous section. Digitization enables transmissions to include voice, data, graphics, video, and other services. As just explained, analog signals are carried over a single channel. A channel can be described as a conduit through which information flows. In ISDN communication, a channel is a bidirectional or full-duplex time slot in a telephone company's facilitation equipment.
ISDN Devices
ISDN communication transmits through a variety of devices, including:
• Terminals. These come in type 1 (TE1) and type 2 (TE2). TE1s are specialized ISDN terminals (i.e., computers or ISDN telephones) that connect to an ISDN network via four-wire twisted-pair digital links. TE2s are non-ISDN terminals (i.e., standard telephones) that require terminal adapters for connectivity to ISDN networks.
• Network Termination Devices. These come in type 1 (NT1) and type 2 (NT2). Basically, network termination devices connect TE1s and TE2s (just described) to conventional two-wire local- loop wiring used by a telephone company.
ISDN Service Types
ISDN provides two types of services, Basic Rate Interface (BRI) and Primary Rate Interface (PRI). BRI consists of three channels, one D-channel and two B-channels, for transmission streaming. Under normal circumstances, the D-channel provides signal information for an ISDN interface. Operating at 16 Kbps, the D-channel typically includes excess bandwidth of approximately 9.6 Kbps, to be used for additional data transfer.
The dual B-channels operate at 64 Kbps, and are primarily used to carry data, voice, audio, and video signals. Basically, the relationship between the D-channel and B-channels is that the D-channel is used to transmit the message signals necessary for service requests on the B-channels. The total bandwidth available with BRI service is 144 Kbps (2 x 64 Kbps + 16 Kbps; see Figure 3.13).
In the United States, the PRI service type offers 23 B-channels and one D-channel, operating at 64 Kbps, totaling 1.54 Mbps available for transmission bandwidth.
ISDN versus Analog
The drawbacks described earlier that are inherent to analog transmission have been addressed by ISDN digital technologies. For example, in the case of the noise issue, ISDN inherently operates with 80 percent less noise than analog. ISDN speed rates operate up to four times faster on a single IB-channel than an analog 56 Kbps compressed transmission. Furthermore, an ISDN call and connection handshake takes approximately two seconds, as compared to a 45-second analog call. Finally, the icing on the cake is that ISDN technology supports load balancing, as well as bandwidth-on-demand, if more bandwidth is required, with the second B-channel. This automated process is enabled by the telephone company and transparently managed by the D-channel.
Figure 3.13 Basic Rate Interface (BRI) cable specifications. Digital Subscriber Line
Technically, a digital subscriber line (DSL) matches up to an ISDN BRI line. And, theoretically, DSL is a high-speed connection to the Internet that can provide from 6 times to 30 times the speed of current ISDN and analog technology, at a fraction of the cost of comparable services. In addition, DSL uses telephone lines already existing in your home. In fact, you can talk on the same phone line while you are connected to the Internet. These are dedicated, online connections, 24 hours a day, so you never have to be without your connection to the Internet. And, unlike other technologies, such as cable modems, with DSL you do not share your line with anyone else. All that said, currently, where it is available, DSL service can be delivered only within approximately a 2.5-mile radius of the telephone company.
The various flavors of DS L, collectively referred to as xDSL, include:
• Asymmetric Digital Subscriber Line (ADSL). One-way T1 transmission of signals to the home over the plain old, single, twisted-pair wiring already going to homes. ADSL modems attach to twisted-pair copper wiring. ADSL is often provisioned with greater downstream rates than upstream rates (asymmetric). These rates are dependent on the distance a user is from the central office (CO) and may vary from as high as 9 Mbps to as low as 384 Kbps.
• High Bit-Rate Digital Subscriber Line (HDSL). The oldest of the DSL technologies, HDSL continues to be used by telephone companies deploying T1 lines at 1.5 Mbps. HDSL requires two twisted pairs.
• ISDN Digital Subscriber Line (IDSL). Enables up to 144 Kbps transfer rates in each direction, and can be provisioned on any ISDN-capable phone line. IDSL can be deployed regardless of the distance the user is from the CO.
• Rate-Adaptive Digital Subscriber Line (RADSL). Using modified ADSL software, RADSL makes it possible for modems to automatically and dynamically adjust their transmission speeds. This often allows for good data rates for customers at greater distances.
• Single-Line Digital Subscriber Line, or Symmetric Digital Subscriber Line (SDSL). A modified HDSL software technology; SDSL is intended to provide 1.5 Mbps in both directions over a single twisted pair over fewer than 8,000 feet from the CO.
• Very High-Rate Digital Subscriber Line (VDSL). Also called broadband digital subscriber line (BDSL), VDSL is the newest of the DSL technologies. It can offer speeds up to 25 Mbps downstream and 3 Mbps upstream. This gain in speed can be achieved only at short distances, up to 1,000 feet.
Point-to-Point Technology
The Point-to-Point Protocol (PPP) is an encapsulation protocol providing the transportation of IP over serial or leased line point-to-point links. PPP is compatible with any Data Terminal Equipment/Data Communication Equipment (DTE/DCE) interface, whether internal (integrated in a router) or external (attached to an external data service unit (DSU). DTE is a device that acts as a data source or destination that connects to a network through a DCE device, such as a DSU or modem. The DCE provides clocking signals and forwards traffic to the DTE. A DSU is a high-speed modem that adapts the DTE to a leased line, such as a T1, and provides signal timing among other functions (see Figure 3.14 for illustration). Through four steps, PPP supports methods of establishing, configuring, maintaining, and terminating communication sessions over a point-to-point connection.
PPP Operation
The PPP communication process is based on transmitting datagrams over a direct link. The PPP datagram delivery process can be broken down into three primary areas including datagram encapsulation, Link Control Layer Protocol (LCP), and Network Control Protocol (NCP) initialization:
• Datagram Encapsulation. Datagram encapsulation during a PPP session is handled by the High-level Data-link Control (HDLC) protocol. HDLC supports synchronous, half and full-duplex transmission (see Chapter 1 for more information on duplexing). The primary function of HDLC is the link formulation between local and remote sites over a serial line.
Figure 3.14 The T1 line is attached to a DSU, which is attached to a router via DTE cable. The router is connected to a LAN switch or hub as it routes data between the LANs and WANs.
• Link Control Layer Protocol (LCP). As previously mentioned, through four steps, PPP supports establishing, configuring, maintaining and terminating communication sessions using LCP.
1. LCP opens a connection and negotiates configuration parameters through a configuration acknowledgment frame.
2. An optional link quality inspection takes place to determine sufficient resources for network protocol transmission.
3. NCP will negotiate network layer protocol configuration and transmissions.
4. LCP will initiate a link termination, assuming no carrier loss or user intervention occurred.
• Network Control Protocol (NCP). Initiated during Step 3 of the PPP communication process, NCP establishes, configures, and transmits multiple, simultaneous network layer protocols.
Frame Structure
Six fields make up the PPP frame structure as defined by the International Organization for Standardization (ISO) HDLC standards (shown in Figure 3.15).
• Flag. A 1-byte field specifying the beginning or end of a frame.
• Address. A 1-byte field containing the network broadcast address.
• Control. A 1-byte field initiating a user data transmission in an unsequenced frame.
• Protocol. A 2-byte field indicating the enclosed encapsulated protocol.
• Data. The datagram of the encapsulated protocol specified in the Protocol field.
• Frame Check Sequence (FCS). A 2 to 4-byte field containing the FCS negotiation information (see Chapter 1 for more information on FCS operation).
Frame Relay Technology
This section provides an overview of a popular packet-switched communication medium called Frame Relay. This section will also describe Frame Relay operation, devices, congestion control, Local Management Interface (LMI) and frame formats.
Packet-switching technology, as it pertains to Frame Relay, gives multiple networks the capability to share a WAN medium and available bandwidth. Frame Relay generally costs less than point-to-point leased lines. Direct leased lines involve a cost that is based on the distance between endpoints, whereas Frame Relay subscribers incur a cost based on desired bandwidth allocation. A Frame Relay subscriber will share a router, Data Service Unit (DSU), and backbone bandwidth with other subscribers, thereby reducing usage costs. If subscribers require dedicated bandwidth, called a committed information rate (CIR), they pay more to have guaranteed bandwidth during busy time slots.
Operation, Devices, Data-Link Connection Identifiers, and Virtual Circuits
Devices that participate in a Frame Relay WAN include data terminal equipment (DTE) and data circuit-terminating equipment (DCE). Customer-owned equipment such as routers and network stations are examples of DTE devices. Provider-owned equipment provides switching and clocking services, and is contained in the DCE device category. Figure 3.16 illustrates an example of a Frame
Relay WAN.
Data- link communication between devices is connected with an identifier and implemented as a Frame Relay virtual circuit. A virtual circuit is defined as the logical connection between two DTE devices through a Frame Relay WAN. These circuits support bidirectional communication; the identifiers from one end to another are termed data-link connection identifiers (DLCIs). Each frame that passes through a Frame Relay WAN contains the unique numbers that identify the owners of the virtual circuit to be routed to the proper destinations. Virtual circuits can pass through any number of DCE devices. As a result, there are many paths between a sending and receiving device over Frame Relay. For the purposes of this overview, Figure 3.16 illustrates only three packet switches within the Frame Relay WAN. In practice, there may be 10 or 20 routers assimilating a multitude of potential courses from one end to another.
There are two types of virtual circuits in Frame Relay, switched virtual circuits (SVCs) and permanent virtual circuits (PVCs), defined as fo llows:
Figure 3.16 Frame Relay WAN.
• Switched Virtual Circuits (SVCs). Periodic, temporary communication sessions for infrequent data transfers. A SVC connection requires four steps:
1. Call setup between DTE devices.
2. Data transfer over temporary virtual circuit.
3. Defined idle period before termination.
4. Switched virtual circuit termination.
SVCs can be compared to ISDN communication sessions, and as such, use the same signaling protocols.
• Permanent Virtual Circuits (PVCs). Permanent communication sessions for frequent data transfers between DTE devices over Frame Relay. A PVC connection requires only two steps:
1. Data transfer over permanent virtual circuit.
2. Idle period between data transfer sessions.
PVCs are currently the more popular communication connections in Frame Relay WANs. Congestion Notification and Error Checking
Frame Relay employs two mechanisms for congestion notification: forward-explicit congestion notification (FECN) and backward-explicit congestion notification (BECN). From a single bit in a Frame Relay header, FECN and BECN help control bandwidth degradation by reporting congestion areas. As data transfers from one DTE device to another, and congestion is experienced, a DCE device such as a switch, will set the FECN bit to 1. Upon arrival, the destination DTE device will be notified of congestion, and process this information to higher- level protocols to initiate flow control. If the data sent back to the originating sending device contains a BECN bit, notification is sent that a particular path through the network is congested.
During the data transfer process from source to destination, Frame Relay utilizes the common cyclic redundancy check (CRC) mechanism to verify data integrity, as explained in the Ethernet section earlier in this chapter.
Local Management Interface
The main function of Frame Relay's local management interface (LMI) is to manage DLCIs. As DTE devices poll the network, LMI reports when a PVC is active or inactive. When a DTE device becomes active in a Frame Relay WAN, LMI determines which DLCIs available to the DTE device are active. LMI status messages, between DTE and DCE devices, provide the necessary synchronization for communication.
The LMI frame format consists of nine fields as illustrated in Figure 3.17, and defined in the following list:
• Flag. Specifies the beginning of the frame.
• LMI DLCI. Specifies that the frame is a LMI frame, rather than a standard Frame Relay frame.
• Unnumbered Information Indicator (UII). Sets the poll bit to 0.
Flag
LMI
UII
PD
Call
Massage
VIFJ
FCS
Flag
DLCI
Reference
Type
Figure 3.17 Local Management Interface frame format.
Protocol Discriminator (PD). Always includes a value, marking frame as an LMI frame.
• Call Reference. Contains zeros, as field is not used at this time.
• Message Type. Specifies the following message types:
• Status-inquiry message. Allows devices to request a status.
• Status message. Supplies response to status-inquiry message.
• Variable Information Elements (VIE). Specifies two individual information elements:
• IE identifier. Identifies information element (IE).
• IE length Specifies the length of the IE.
• Frame Check Sequence (FCS). Verifies data integrity.
• Flag. Specifies the end of the frame.
Frame Relay Frame Format
The following descriptions explain the standard Frame Relay frame format and the fields therein (shown in Figure 3.18):
• Flag. Specifies the beginning of the frame.
• Address. Specifies the 10-bit DLCI value, 3-bit congestion control notification, and FECN
and BECN bits.
• Data. Contains encapsulated upper-layer data.
• Frame Check Sequence (FCS). Verifies data integrity.
• Flag. Specifies the end of the frame.
Looking Ahead
The primers in Parts 1 and 2 were designed to renovate and/or educate you with the technologies required to delve into hacking. First, let us review in some detail, the tools, techniques, and vulnerability exploits ruling hackerdom. The knowledge gained from the next part involves query processes by which to discover and survey a target network, and to prepare for vulnerability scanning and penetration attacking.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment