The Ultimate CCNA Study Package - ICND 1

Chris Bryant, CCIE #12933 http://www.thebryantadvantage.com Back To Index

An Introduction To Networking And The OSI And TCP/IP Network Models

Don't miss the "Recommended Video Viewing" section at the end of this chapter! Overview
What Is Networking? The OSI Networking Model The Data Transmission Process The TCP/IP Networking Model Why Use Networking Models? The Basics Of TCP And UDP TCP's Three-Way Handshake TCP's Error Detection And Recovery TCP's Windowing Feature What's The Benefit To Using UDP? Introduction To Ports, Sockets, And Port Numbers

This is what networking all comes down to: We need to get data from one point to another in the most effective manner possible. Seems pretty simple, right? And much of the time, it is pretty simple! After all, the network only has a few PCs on it...

... well, we better connect them with something. A switch, perhaps! (If you don't know what a switch does, don't worry, you will by the end of this course!)

Those hosts are going to want to print, so we better add a print server.

And we'll need an email server. And these PCs are going to want Internet access and connectivity to other networks in the company, so we'll need a router. And we need an e-commerce server. And....

...well, you get the idea. We build networks to allow devices such as the ones you see here to communicate with each other, and as different devices are added to the network, this communication becomes more challenging to allow. And it's not just allowing communication that's challenging - there are communications that we do not want to allow as well. Perhaps we only want one of those PCs to have access to the e-commerce server, and we don't want any other PCs to even know about that server. We also have to be wary of intruder attacks, because there are all kinds of bad guys who want to get into our network, and we've got to keep them out! The thought of learning all of this can be intimidating at first. Having worked my way from entry-level certifications all the way to the CCIE, and having taught thousands of CCNAs and CCNPs worldwide, I can tell you that the key to networking success in both the exam room and working with real-world networks can be summed up in five words: Know And Understand The Fundamentals. Nothing fancy, right? Right! Learning and understanding the fundamentals of networking are what this course is all about. Most of you will go on to more advanced studies, and that's great - because in this business, we're always learning new skills. The key to mastering intermediate and advanced networking is to master the fundamentals because if you don't understand how networks operate, you can't fix them! In this section, we're going to start with the most fundamental of all fundamentals - the OSI and TCP/IP networking models. These models will help you gain an understanding of what's actually going on when two devices are communicating over a network, and frankly, entry-level certification exams love asking about these models. Why Are These Models Important? When it comes to the OSI and TCP/IP networking models, a common question is "Beyond passing the exam, why do I have to learn this?" I freely admit that I had that thought more than once when I began studying

networking. It's particularly tough because this is usually the first material presented to networking students, and to be frank, it's not the most exciting material in the world. I can tell you from personal experience that you are going to use the material in this chapter throughout your networking career, so it's not just something that you have to learn to pass the CCENT and CCNA exams. I've personally found networking models to be helpful in developing an effective troubleshooting process, and I'll talk more about that in the Troubleshooting section of this course. I just want to let you know that this really is useful information, not just something to memorize. We'll begin with a look at the Open System Interconnection networking model, then compare this model to the TCP/IP model. After that, we're going to carefully analyze the differences and similarities between TCP and UDP, our two Transport-layer protocols. I strongly urge you to know all of these differences before taking your CCENT and CCNA exams. The OSI Networking Model

As network admins, we're going to be primarily concerned with the bottom three layers. For the CCENT and CCNA exam, we need to be concerned with all seven! First, we'll take a brief look at what happens at each layer. Then, we'll see how the OSI model illustrates the gradual process of taking the data that end users are inputting into the network and changing that data into electrical signals that can be transmitted across the network media. The OSI layers are often referred to by numbers, with the Application layer being Layer 7 ("L7"), the Presentation layer being Layer 6, and so forth all the way down to Layer 1, the Physical layer. To get you used to that, I'll refer to the layers by their names and numbers throughout the course. The Application Layer This is the layer where the end users themselves interact with the

network. Authentication services also run at Layer 7, but encryption runs at the next layer down. The Application layer ensures that the remote communication partner is available, that the needed communication resources exist (a modem, for example), and that both ends of the communication agree on procedures involving data integrity, privacy, and error recovery. When trying to decide if a protocol is an Application layer protocol, just remember that protocols that require the end user to enter a request are Application layer protocols. Firewalls, devices intended to keep network intruders out, operate at L7. Protocols and services that run at L7 include:

Email protocols SMTP and POP3 Telnet HTTP File Transfer Protocol (FTP) Simple Network Management Protocol (SNMP)

The Presentation Layer This layer answers one simple question: "How should this data be presented?" In addition to properly formatting data, encryption occurs at this layer. Have you ever opened a file in a word processing application, and you got pages of unrecognizable characters? Thats a Presentation Layer issue. The applications have not agreed on how the data is to be presented. There are four primary tasks that the Presentation Layer is concerned with: 1. Compatibility with the operating system 2. Proper encapsulation of data for network transmission. 3. Data formatting (ascii, binary) 4. Data encryption, compression, and translation. You've probably seen some of the file types that are used at the Presentation layer - JPEG, ASCII, GIF, MPEG, MIDI, EBCDIC, and TIFF. The Session Layer Layer 5 is the "manager" of the two-way communication between two remote hosts. This is the layer that handles the creation, maintenance, and teardown of communications between those two hosts. The overall communication itself is referred to as a session. Some sessions last just long enough to send a unidirectional message, where other sessions will be of longer duration. The Transport Layer

The Transport Layers purpose is to establish a logical end-to-end connection between two systems, segment data received from the upper layers of the OSI model, and to make sure the data gets to the destination in the correct order and free of errors. At the Transport Layer, there are two methods for transporting data: connection-oriented, referring to TCP, and connectionless, referring to UDP. We'll take a much more detailed look at TCP and UDP later in this section. Besides TCP and UDP, SPX (Sequenced Packet Exchange, a Novell NetWare protocol) is also a Transport Layer protocol. The Network Layer It's at Layer 3 of the OSI model that you and I as network admins begin to have a great deal of interaction with the network. IP runs at this layer, and since routers operate here at L3, this layer is often called "the routing layer". In a nutshell, routing is a two-question process:

What valid paths exist from the local router to a given destination? What is the best path (the "optimal path") to take to get there?

Lots more on this layer to come later in the course! The Data Link Layer The switches that we'll spend so much time with later in the course operate at Layer 2. Wireless Access Points (WAPs) also operate at this layer - more on WAPs in the Wireless section. Devices that you may well be using right now to access the Internet, cable modems and DSL modems, also run at L2. We've got four major specifications that run here, some of which you may already be familiar with:

Ethernet High Data Link Control (HDLC) Point-to-Point Protocol (PPP) Frame Relay

A very important distinction: The data link layer does perform error detection through something called the Frame Check Sequence (more on that later), but this layer does not perform error recovery. The Data Link Layer is generally referred to as Layer 2, and MAC addresses as Layer 2 addresses. If you're not familiar with MAC addresses, they will be discussed in more detail in the Ethernet and LAN Switching sections. Another name for the MAC address is a little misleading, so let's nail this down. MAC addresses are sometimes called hardware addresses and

physical addresses. That's because a MAC address is physically burned into the Network Interface Card (NIC), which leads to another name for this address - a burned-in address (BIA). What's the misleading part? Remember that physical addresses are not used at the Physical layer of the OSI model - they're Data Link layer addresses. That's right - a physical address is used to deliver a frame, but not a physical layer address. And if you're wondering why we have multiple names for the same address type - well, that won't be the only time you see that kind of duplication during your studies! Welcome to networking. :) Switches operate at L2, as do bridges. Layer 3 Switches do exist, but when operating at Layer 3, theyre not switching or bridging. Theyre routing. You don't need to know about L3 switches for the CCENT exam, but you should know they exist as they're becoming more and more popular in today's networks. I mentioned that the data link layer performs error detection, but not error recovery. They may sound like the same thing, but they're not. Error detection is just that - detecting the error - while error recovery is actually doing something about the error! The data link layer can use a Frame Check Sequence (FCS) to detect errors at this layer. The actual operation of the FCS is beyond the scope of the CCENT and CCNA exams, but here's the basic operation: 1. The sender runs a mathematical formula, or algorithm, against the data contained in the frame before sending the frame. 2. The sender places the result of that value into the FCS or CRC field of the frame, and then sends it. 3. The receiver runs the same algorithm against the contents of that frame. If the value matches that in the FCS or CRC field, the frame is fine; if there's no match, the frame is considered corrupt and is then discarded. There is no error recovery with the FCS or CRC because it's actually the recipient of the frame that detects the error. The Physical Layer When things get a little complicated in networking, I like to remind myself that "it's all ones and zeroes!" Whatever data our end users are creating, it's going to eventually be "translated" into a series of 1s and 0s. Once that is done, it's the Physical layer that handles the actual data transmission. Anything to do with a physical cable or the standards in use - the pins, the connectors, the electrical current itself - is running at the Physical layer.

The Data Transmission Process When the end user sends data, that data will go through all seven layers of the OSI model. The data is broken up into smaller and smaller parts beginning at Layer 4 (the Transport layer) until it's in the form of electric signals that can be sent across the physical media. As the data flows down the OSI model, it's referred to by different terms. You really have to master these and watch for them on your exams. There are four different terms you need to know:

At the Application, Presentation, and Session layers, data is simply called "data". At the Transport layer, data is placed into segments. At the Network layer, data is placed into packets. At the Data Link layer, data is placed into frames. Finally, at the Physical layer, data takes the form of bits - and remember, it's all ones and zeroes!

Those are very important terms for your career and especially for your exams. If I mention "segments", you should know I'm discussing the Transport layer of the OSI model without any other hints, because you might not get any other hints! As data flows down the OSI model, each layer adds a header that will be removed by the same layer on the other end of the session. These headers are layer-specific in that the Network layer couldn't care less about the contents of any header except the Network layer on the other end of the session. As an end user enters data for transmission to a remote host, the first six layers of the OSI model will add a layer-specific header that contains information to be read by the same layer of the OSI model at the remote location. Note that Layer 2, the Data Link layer, adds both a trailer and a header.

The combination of data and a layer-specific header is called a Protocol Data Unit (PDU). There's a PDU for each layer; that is, the combination of data and L7 header information is called an L7 PDU, the data and L6 header information is called an L6 PDU, and so forth. After the data is successfully transmitted by the Physical layer to the remote location, the data begins to travel back up the model. Each layer will remove the header added by its counterpart - that is, Layer 3 removes the L3 header and reads it, L4 removes the L4 header and reads it, and so forth.

The term same-layer interaction describes the process of a given OSI layer removing the header placed on the data by the same layer on the sending side. For example, the Application layer on the receiving end will remove only the header placed onto the data by the Application layer on the sending side, and so forth.

The term adjacent-layer interaction refers to the interaction between layers of the OSI model on the same host. That is, the Application layer interacts with the Presentation layer, the Presentation layer interacts with both the Application layer (the one above it) and the Session layer (the one below it), and so forth. These terms can also be applied to the TCP/IP networking model, which we'll take a look at right now! The TCP/IP Networking Model This model is another way to look at the overall data transport process, and it also uses layers to illustrate the process. However, the TCP/IP model uses only four layers to do so. For the CCENT, CCNA, and any entry-level certification exam from another vendor, it's a very good idea to know...

the layers of both the TCP/IP and OSI model the responsibilities of each layer how the layers map from one model to another

Here's the TCP/IP model:

The Application layer of the TCP/IP model maps to the top three layers of the OSI model (Application, Presentation, and Session). Everything that the top three layers of the OSI model do is performed by the TCP/IP model's Application layer.

The Transport layer of the TCP/IP model maps directly to the Transport layer of the OSI model. TCP and UDP both operate at this layer, and data takes the form of segments. The Internet layer of the TCP/IP model maps to the Network layer of the OSI model. Both layers are responsible for routing through the use of IP addresses, static routes, and dynamic routing protocols. (You will occasionally see some non-Cisco documentation call this layer the Internetwork layer, but "Internet" is the name used in Cisco documentation.) Finally, the Network Access layer of the TCP/IP model maps to the Data Link and Physical layers of the OSI model. Here's a visual representation of the models and how they map to each other. I expect you to see questions on your CCENT and CCNA exams regarding both models, so take your time during the exam and doublecheck which model you're being asked about before answering!

So Why Do We Go Through All Of This, Anyway? It's natural to ask why we use networking models in the first place. It's a good question, and there are some good answers! Networking models do help software vendors create products that are interoperable. (At least, we hope they're interoperable.) That doesn't affect us directly as network admins, but two uses of these models affect us directly both as admins and as students. Breaking networking operations up into smaller parts make it easier to learn networking in the first place. By using the OSI model in particular, you can take a structured approach to your learning:

First, learn about cables and physical specifications (L1) Then learn about switches and MAC addresses (L2) Then start on routing (L3)

Using the OSI model to structure your troubleshooting approach is a real help, too. I always tell students to "start troubleshooting at the physical layer", and you'll see what I mean in the Troubleshooting section of the course. There are two kinds of troubleshooters in the world:

Those who have a structured approach Those who don't and are basically throwing stuff out there and hoping something works

You want to be the one with a structured approach. :) Using the OSI model can help you get there, and I'll show you how in the Troubleshooting section. I mention this here to let you know that the networking models aren't just something you have to memorize for your CCENT and CCNA exams, they're truly helpful in your real-world career. TCP And UDP: Same Layer, Big Differences The Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) both operate at the Transport layer, but that's pretty much where the similarities end. Here's a quick look at the differences between the two. TCP:

Guaranteed delivery Error detection via sequence and ACK numbers Windowing "Connection-Oriented"

UDP:

"best-effort" delivery, but no guarantee of delivery No error detection No windowing "Connectionless"

Your reaction may well be what mine was the first time I saw that comparison: "Why in the world is UDP even used?" We'll discuss that at the end of this particular section, but I do want to mention now that UDP is not a poor choice for a Transport-layer protocol; many important network services use UDP rather than TCP. Why? Well, before we get into that, let's examine the operation of both of these protocols, beginning with TCP. TCP's "Three-Way Handshake" With TCP, there's work to be done before data is transmitted. The two devices have to agree on some basic parameters before segments can be sent - and this negotiation has the curious name three-way handshake.

If that's the first time you've heard this term, you're probably wondering how a handshake can be three-way! Then again, maybe you don't want to know - but to pass the CCENT and CCNA exams, we gotta know! Let's take a step-by-step look at this process. The TCP examples will use two servers, one sending data and another receiving that data.

Before the sender can start sending, there's going to be a negotiation between the two devices regarding rules for data transmission. That negotiation is the three-way handshake itself, which begins with the sender transmitting a TCP segment with the Synchronization ("SYN") bit set. The primary value being negotiated here is the TCP sequence number, which we'll discuss in more detail in the next section. This is the first part of the three-way handshake.

The recipient responds with a TCP segment with both the synchronization and acknowledgement bits set - a "SYN/ACK". This is part two of the three-way handshake.

The sender responds with an ACK, and the three-way handshake is complete.

UDP does not use a three-way handshake. In addition to the orderly construction of the communication channel, TCP uses the FIN ("finish") bit to bring the channel down when the communication is closed.

TCP's Error Detection / Error Recovery Feature Before we take a look at how TCP performs both error detection and error recovery, we need to draw a very clear line between those two terms. They are not the same thing!

Error detection is finding an error Error recovery is doing something about the error

Watch that on your exam. :) TCP does both, and it uses both a sequence number and an acknowledgement number ("ack") in the TCP header to do so. In the following example, one host is sending four segments to another host. Each of the segments has a sequence number. That sequence number tells the recipient in what order to reassemble the segments, and it's also a fundamental concept in error detection and recovery. For simplicity's sake, we'll assume the first segment has a sequence number of 100, and we'll add 100 to the subsequent sequence numbers. (Remember, we're at the Transport layer - these are segments!)

The recipient will now send a segment back that contains no data, but does have an ack number set. You might think that the ack number would reflect the last sequence number received, but that's not quite right. The ack number will actually indicate the next sequence number the data recipient expects to see!

A natural question here is "Why is the ACK number set that way?" Because that's how TCP detects lost segments. What if that second segment didn't get to the recipient?

The server on the right will actually send an ACK number of 200 back to the data sender.

When the data sender sees that ACK number, it knows that the segment with the sequence number 200 was never seen by the intended recipient. That's the error detection part of this process; error recovery comes in when the data sender retransmits that segment.

Now the data recipient has all of the segments up through 400, and now sends an ack indicating that it expects to see sequence number 500 next.

UDP does not use sequence numbers or acknowledgement numbers, and therefore has no error detection or recovery capabilities. What Happens If The ACK Is Lost? There is always the chance that segments are arriving, but the ack of those segments somehow gets lost. We certainly don't want our data sender just sitting there doing nothing while waiting for an ack!

When the data sender transmits segments, it sets an acknowledgement timer. If that timer expires and no ack is received, the sender will retransmit the segment(s) in question.

This entire process revolves around two things:

The sender is waiting for a positive message from the recipient that the data was received If that message isn't received, the data is retransmitted

That's why we call this entire process Positive Acknowledgement with Retransmission (PAR).

TCP's Windowing Feature At the beginning of the previous example, the data sender transmitted four segments before the recipient sent an ack. For the windowing example, we'll assume that each data segment is 600 bytes in size.

"Windowing" refers to the amount of data that a data sender is allowed to transmit without waiting for an ack. In this case, the size of the window is 2400 bytes, meaning that the data sender can transmit 2400 bytes before it has to stop and wait for an ack. The data recipient decides the size of the window, not the sender. This gives the recipient some control over how much data is sent ("flow control").

If the data recipient sees that there are no errors occurring with that window size, the recipient will increase the size of the window.

As the window size increases, some errors are going to creep in - most likely dropped segments as the recipient's buffer fills. As that happens, the recipient will dynamically adjust the window size downward.

The term sliding window refers to this dynamic adjustment of the window size. UDP does not have windowing capabilities.

So Why Do We Use UDP If TCP's So Great? All of the features we've looked at here - the three-way handshake, windowing, sequence numbering, error detection and recovery - are all TCP features. UDP doesn't use any of them. Two questions come to mind:

Why doesn't UDP offer these features? Why in the world do we use UDP for anything?

A look at the TCP and UDP headers will answer both of those questions! Here's the TCP header...

.. and the UDP header.

Quite a difference! Take a few moments to compare the two and you'll see that UDP can't perform any of those TCP features because UDP

literally can't offer them. The UDP header has no sequence number field, no ack number field, no ACK bit, no SYN bit, and no window field. The TCP and UDP headers have only three values in common:

Source port Destination port Checksum

If you don't know what ports are, you soon will! For now it's enough to note the three fields that TCP and UDP headers have in common. Now that we've answered the question about why UDP doesn't offer the features that TCP does, let's answer the second question regarding why UDP is used in the first place. That question can really be answered with one word... overhead. The TCP header is much larger than the UDP header. That header is being applied to every segment, and that adds up! UDP's advantage over TCP is that its header is much smaller than TCP's. We've done a lot of talking here about the differences between TCP and UDP, so let's move to a similarity! Both TCP and UDP headers contain port numbers, and those port numbers are a very important part of network communications. There are also some well-known port numbers that you'll need to know for your CCENT and CCNA exams - and these port numbers come up often in production network operations as well! TCP And UDP Port Numbers If you're not familiar with MAC or IP addressing, we're going to cover that in another section, but for now it's enough to know that when two hosts communicate on a network, they're using these MAC and IP addresses as the destination when the data is sent.

So far, so good. But what if one host is sending multiple flows of information to the remote host? Let's say that the PC at 10.1.1.1 is sending three different kinds of information to the PC at 10.1.1.2:

transferring a file via Trivial File Transfer Protocol (TFTP) email via Simple Mail Transfer Protocol (SMTP) opening a remote connection via Telnet

If you're not familiar with those three protocols, don't worry about it - you will be before you're done with this course. For now, it's enough to know that one PC is sending three different types of information to the other, and the MAC and IP source and destination addresses for all three transmissions is going to be the same. How can the receiving host tell

TFTP from SMTP if that's the case?

We need a way for the recipient to differentiate one data flow from the other, and since the source and destination MAC and IP addresses will be the same for all three flows, that won't do. What will do is the TCP or UDP port number. While these three data flows will have the same Layer 2 (MAC) and Layer 3 (IP) source and destination addresses, they'll have different, pre-assigned port numbers.

These port numbers allow the host at 10.1.1.1 to mix these three data streams when sending to 10.1.1.2, rather than sending all the SMTP data, then the Telnet data, then the TFTP data. The PC at 10.1.1.2 will use the port numbers to drive the three different data streams to the appropriate application. This mixing of data streams is called multiplexing.

A socket may sound like something physical on the PC, but it's not. The socket is simply a combination of IP address and port number. For example, the socket on 10.1.1.2 for port 69 is 10.1.1.2:69. That socket can also be expressed with this format: (IP address, transport protocol, port number) That would make the TFTP socket on that PC (10.1.1.2, UDP, 69). The port number system works beautifully, but naturally the hosts need to

agree on what port is used for a given protocol. In the previous example, if 10.1.1.1 used TCP port 45 for Telnet and 10.1.1.2 used TCP port 55, we'd have some serious problems. That's why most protocols use the same port number at all times, and these port numbers are referred to as well-known port numbers. All port numbers below 1024 are reserved, well-known port numbers -- but you don't have to memorize 1024 numbers for the exams! I do strongly recommend you have the following port numbers memorized, however. These numbers will become second nature to you as you progress in your networking studies and your career, but for now we gotta memorize these! After this list, I'll show you a little trick you can use on a Cisco router to see a list of well-known port numbers. Since you won't be allowed to carry a router into the exam room, though, know this list cold! Don't worry if there are services or protocols on here you're not yet familiar with - you will be before the end of this course. Some Common TCP Ports:

FTP - File Transfer Protocol - Uses TCP ports 20 and 21. SSH - Secure Shell - Uses TCP port 22. Telnet uses TCP port 23. SMTP - Simple Mail Transfer Protocol - uses TCP port 25. HTTP - HyperText Transfer Protocol - uses TCP port 80. POP3 - Post Office Protocol 3 - uses TCP port 110. SSL - Secure Socket Layer - uses TCP port 443.

Some Common UDP Ports:

DHCP - Dynamic Host Control Protocol - uses UDP ports 67 and 68. TFTP - Trivial File Transfer Protocol - uses UDP port 69. SNMP - Simple Network Management Protocol - uses UDP port 161.

Protocols Using Both TCP And UDP Ports

DNS - Domain Name Service - uses UDP and TCP port 53. The port number 24 is reserved in both UDP and TCP for private mail systems

With Voice over IP (VoIP) becoming more and more commonplace in today's networks, it couldn't hurt to know that the entire range of UDP ports from 16384 - 32767 are reserved for voice traffic. By the way, here's a handy little trick that can jog your memory regarding port numbers. You'll be introduced to access lists in your CCNA studies, and I'll mention this again there as well - but if you write an access list and use IOS Help when you get to the port number part of the line, IOS Help will show you a list of common and not-so-common port numbers. Again, you won't see this on your CCENT exam, but I want to plant the seed now so you'll remember it on your CCNA exam and when you work with ACLs in your job!

Rout er 1( c onf i g) #ac c es s - l i s t 101 per m i t t c p any any eq ? <0- 65535> Por t num ber bgp Bor der Gat eway Pr ot oc ol ( 179) c har gen Char ac t er gener at or ( 19) cm d Rem ot e c om m ands ( r c m d, 514) day t i m e Day t i m e ( 13) di s c ar d Di s c ar d ( 9) dom ai n Dom ai n Nam e Ser v i c e ( 53) ec ho Ec ho ( 7) ex ec Ex ec ( r s h, 512) f i nger Fi nger ( 79) ftp Fi l e Tr ans f er Pr ot oc ol ( 21) f t p- dat a FTP dat a c onnec t i ons ( us ed i nf r equent l y , 20) gopher Gopher ( 70) hos t nam e NI C hos t nam e s er v er ( 101) i dent I dent Pr ot oc ol ( 113) i rc I nt er net Rel ay Chat ( 194) k l ogi n Ker ber os l ogi n ( 543)

Watch Your Soundalike Protocols There are two sets of protocols that are occasionally confused with each other, so let's draw a clear line between the following:

SNMP and SMTP NNTP and NTP

SNMP, the Simple Network Management Protocol, is just what it sounds like - it's a protocol used by many network management and monitoring programs. SNMP runs on UDP port 161. SMTP, the Simple Mail Transfer Protocol, is also just what it sounds like! SMTP and POP3 are your two email transport protocols, and they're good ports to leave open when you're writing access control lists later in the course. SMTP runs on TCP port 25. NNTP, the Network News Transfer Protocol, is used by Usenet servers and users to read and post articles on newsgroups. NNTP uses TCP port 119. NTP, the Network Time Protocol, is a very popular protocol that's used to synch the time clock on routers and/or servers to an external source or a reliable clock source on the local network. NTP uses UDP port 123.

"Hot Spots And Gotchas" OSI Model Review: Application layer : Telnet, FTP, the email protocols POP3 and SMTP, and SNMP all run at this layer. Basically, if an end user and/or data input is involved, it's an Application layer protocol. Presentation layer: Concerned primarily with - all together now! - the presentation of data. Session layer: The manager of the connection.

Transport layer: TCP and UDP operate here, as does "positive acknowledgement and retransmission". Data is placed into segments. Flow control, windowing, acks -- anything to do with TCP -- happens at the Transport layer. Speaking of flow control, this TCP feature allows the receiver to dictate how quickly data should be sent, not the sender. Network layer: IP addresses are added here, and it's these IP addresses that are used to create a logical path from Point A to Point B. The process of choosing the best of multiple logical paths, routing, occurs here, and it's packets that are routed. Data Link layer: MAC addresses are added here, as is the Frame Check Sequence value. The FCS is used for error detection, but not error correction. Frames are used at the Data Link layer. Physical layer: Hubs and repeaters both work at this layer, as do cables. Always start troubleshooting at this OSI layer! Data takes the form of bits here, since it's the bits that actually go across the cable. Data format from top to bottom:

data (Application, Presentation, Session) segment (Transport) packet (Network) frame (Data Link) bit (Physical)

TCP vs. UDP Protocols that use TCP include the following:

FTP, port 20 and 21 SMTP, port 25 Telnet, port 23 HTTP, port 80 DNS, port 53 POP3, port 110 NNTP, port 119

Protocols that use UDP include the following:

SNMP, port 161 TFTP, port 69 DNS, port 53 DHCP, ports 67 and 68 NTP, port 123

TCP offers windowing, error detection and correction through the use of sequence and ack numbers, and flow control. TCP also uses a threeway handshake between the involved parties before segments are transmitted and uses the FIN bit to bring the communication to an orderly conclusion.

UDP offers none of these, but UDP does have far less overhead due to its smaller header. DNS uses both TCP and UDP port 53. The common fields in TCP and UDP headers are the checksum and the source and destination port numbers (not IP addresses or MAC addresses!). Recommended Video Viewing: Free CCNA Video Boot Camp on OSPF (Hosted By Udemy.com) http://www.udemy.com/ccna-boot-camp/

My Full CCNA Video Boot Camp - Over 22 Hours Of Video - And A Secret Discount Link! See the course here, and watch an hour of the OSPF section for free! http://www.udemy.com/ccna-on-demand-video-boot-camp/

Get your $10 discount by enrolling at the following link - it's like getting this ebook for free! http://www.thebryantadvantage.com/CCNAStudyPackageUpgrade.htm

Recommended videos from my YouTube channel:

Video Practice Exam on the networking models: http://www.youtube.com/watch?v=9upzhy4x_F0

Video Boot Camp - TCP vs UDP http://www.youtube.com/watch?v=v-CmPz73Y8Q

Video Boot Camp - OSI Model Review (and much more!) http://www.youtube.com/watch?v=JsK6pqXkWHc

Main YouTube Channel Page - Come on out and join us today! It's 100% free to subscribe, and new videos are added 5 - 10 times a week!

http://www.youtube/com/user/ccie12933

Back To Index
Copyright 2012 The Bryant Advantage. All Rights Reserved.