2012 by Elbit Systems | Elbit Systems Proprietary

Module 01 Operating Systems and

Networks

Networks, OSI Model and TCP/IP
Topics
Computer Networks
OSI Model (7-Layers)
TCP/IP
UDP
LAN Standards
Standards are required so that different manufacturers can
create equipment that will interoperate without special
configuration.

Standards groups include:
ISO. International Organization for Standardization
establishes standards for networking operation.

ANSI. American National Standards Institute is the US
representative to ISO.

EIA/TIA. Electronics Industries Alliance/Telecommunications
Industry Association is an industry based standards group.

IEEE. Institute of Electrical and Electronics Engineers is an
international professional organization that sets
communications standards. IEEE Project 802 sets standards
for cabling and data transmission on local area networks.

Physical Connectivity
Network Interface Card (NIC). Also known as Network
Card or Ethernet Adapter. Transmits and receives signals
to the LAN. Computers can not communicate on LAN
without this device.

Each Network Card has a Media Access Control (MAC)
address. This is also known as the physical address or
Ethernet address.

MAC address is a unique 12 digit hexadecimal number
that is hard coded into each network interface. The first
half of a MAC address is the manufacturers ID. The
second half a serial number.

-F3-1C-D4
Serial number
00-04-AC
Manufacturer ID
Cable and Wireless
Physical cabling is also known as bounded media.

Transmissions are bound to the physical media.
To communicate, hosts must be physically
connected to that media.

Physical cabling is usually located in a buildings
plenum.

Wireless network is known as unbounded media.

Transmissions are not bound to a physical
cable.
To communicate, hosts do not need to be
physically connected.
Coaxial Cable
Coaxial cable is often used in older LANs.

Known as RG58, Thinnet, and 10Base2.

Maximum bandwidth of 10 Mbps.

Maximum segment length of 185 meters (605
feet).

Maximum of 30 hosts per segment.
Coaxial Cable
Hosts on an RG58 network require a network card with
an RG58 adapter.

To add the host to the network, the cable section must
have an RG58 connector on both ends with a T piece
fitted between them.

Both ends of the segment should be terminated using a a
piece of equipment known as a terminator.

A terminator stops signals on the network echoing back
when they reach the end
of the segment.
Twisted Pair Cable
The most common cabling technology in use
today.

Consists of four pairs of copper wires twisted
around each other. Twists are used because they
reduce interference.

Maximum length:
100 meters (328 feet).

Maximum bandwidth:
1000 Mbps.
Twisted Pair Cable
Connect to networking devices such as network
interface cards and switches using RJ45
connectors.

One end must connect to a host, the other to a
networking device such as a switch. You can only
connect two computers together if you use a
crossover cable, which uses different wiring.

Fiber Optic Cable
Fiber optic cable has better data security than twisted pair
or RG58. You cant intercept the signals without breaking
the cable.

Fiber optic cable is immune to electromagnetic
interference, something that can cause problems for
twisted pair or RG58.

The disadvantages of fiber optic cable is that it is very
expensive and that it is not very flexible. Bend it too far
and it will break the core, rendering the cable useless.

Fiber optic cable is mostly use as a backbone to connect
LANs together, rather than connecting hosts together
on a LAN.
Wireless
Wireless networks do
not require physical
infrastructure like
cables.

Wireless networks have
short range.

Wireless networks have
limited bandwidth.

Transmissions can be
intercepted easily by a
person outside building
with a wireless access
device.
LAN Topologies
Physical topology is the actual location and
arrangement of physical connections between
devices on the network.

Logical topology is the path that a given
datagram travels between two devices. Often
there is more than one way to get from one host
to another.
Bus Topology
All network devices
connected to a
common cable in
logical linear fashion.

Transmissions are sent
along the length of the
bus segment.

Adding hosts to the network requires breaking
the network.

Failure of one host can cause failure of network.

Star Topology
Connection from
each device to a
central location,
usually a switch.

Most commonly
used physical
topology.

Failure of one
cable does not
bring down
network.
Ring Topology
Network is
connected in
an endless
loop.

No termination
required.

Uncommon
topology today,
more common
in 1980s.
CSMA/CD
Stands for Carrier Sense Multiple Access with
Collision Detection.
Each device listens to media for transmissions.
When media is clear, initiates transmission and
listens for collision.
If collision occurs, device waits for random
amount of time before attempting transmission
again.
Commonly used on physical networks.
Wait for network
silence
Wait for network
silence
0011010001010001001000111001
0011010001010001001000111001
Begin Transmission
Begin Transmission
COLLISION!
Wait random amount
of time
Wait random
amount
of time
0011010001010001001000111001
Begin Transmission
CSMA/CA
Stands for Carrier Sense Multiple Access with
Collision Avoidance.

Each device listens to media for transmissions.
When media is clear, device sends an intent to
transmit signal. As this signal is small, chances
of collision are minimized.

Used often in wireless networking.
Wait for network silence
Wait for network silence
Signal Intent to Transmit
1010111011101110111011101101
ISO OSI networks
International Organization for
Standardization (ISO)

Open Systems Interconnection (OSI)
1979 - 7 layer reference model defined
1982 ISO begins deliberations on
specific protocols for each layer
1990 U.S. mandates all gov.
purchased computers must be GOSIP
compliant
1995 GOSIP requirement rescinded

7 Layer Reference Model
Physical
Data Link
Network
Transport
Session
Presentation
Application
L1
L2
L3
L4
L5
L6
L7
Host to Host Communications
Physical
Data Link
Network
Transport
Session
Presentatio
n
Application
Physical
Data Link
Network
Transport
Session
Presentatio
n
Application
Ethernet WiFi
Physical
Network
Data Link
Layer 1 - Physical
Defines the physical, electrical/optical
specifications for each network device
Pin layout
Voltages
Optical levels
Modulation scheme

Examples:
Ethernet, SONET, FDDI, IEEE 802.11

Layer 2 Data Link Layer
Functions and procedures to
transmit/receive bits over the physical
media.
Media specific addressing
Physical media error
detection/recovery
Bridge, Hub, Switch equipment

Examples:
Ethernet CSMA/CD, HDLC, SDLC

Layer 3 Network Layer
Functions and procedures needed to
transmit data throughout a global
network
Routing functions
Segmentation / reassembly
Global addressing

Example:
IP addresses

Layer 4 Transport Layer
Functions to support the transparent
transfer of data between end users
Reliability
Error detection and recovery
Flow control

Examples:
TCP, UDP, SCTP

Layer 5 Session Layer
Control sessions between computers
Establish, maintain, terminate
connections
Duplex operation (full or half)
Checkpointing and restart procedures

Layer 6 Presentation Layer
Transforms data to/from a common
format
Encoding
Compression
Encryption

Examples:
MIME, XML

Layer 7 Application Layer
Program used to interact with computer
and data
Specific application for each task
GUI or command line interface

Examples:
SSH, SCP, HTTP, email

OSI Quick Summary
OSI reference model defines modular
stack that allows multi-vendor
interoperations.

Input/output details specified

Internal details left up to individual
vendors

Usually implemented by a series of
function calls

TCP/P Internet
Direct descendant of ARPAnet

Provides Global packet switched network
services

Standard protocol shipped by most
vendors

Still under active development
IPv6
TCP modifications

TCP/IP Architecture
Copper, Fiber, Radio
Ethernet, Sonet, ATM
IP
TCP, UDP
Network
Based
Applications
L1
L2
L3
L4
TCP/IP Architecture
Copper, Fiber, Radio
Ethernet, Sonet, ATM
IP
TCP, UDP
Network
Based
Applications
L1
L2
L3
L4
TCP/IP Quick Summary
Grew out of ARPA funded research
program

Free wide spread deployment in BSD 4.2
OS

TCP/IP protocols form the Internet

Architecture Comparison
Physical
Data Link
Network
Transport
Session
Presentation
Application
L1
L2
L3
L4
L5
L6
L7
Copper, Fiber,
Radio
Ethernet,
Sonet, ATM
IP
TCP, UDP
Network
Based
Applications
IP Protocol
IP is a connectionless datagram delivery
service
Unreliable Delivery
No concept of order
No concept of loss
No concept of late
TTL field to Kill Off packets
Each packet treated separately
Operates over numerous data-link and
physical networks

IP Header Field
Fixed size header field (20 Bytes),
Variable length options

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL | DSCP |ECN| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IP Address
32 bit unsigned number
Network portion used for global routing
Host portion used to identify specific
host

Usually expressed in dot quad format
192.168.1.1 specifics specific host
192.168.1.0/24 specifies subnet of
hosts

What is a Network Address?
Convert the following to binary using 8 bit
positions:

00000010
00010000
00001111
10000000
11111111
11111110
01100011
00000000
Cannot be done with 8 bits!
2
16
15
128
255
254
99
0
300
What is a Network Address? (cont)
Rules for IP addresses:
32 bits
4 sections called octets
Dotted decimal format
Divided into a network portion and a host
portion
IP addresses range from 0 to 255
(128+64+32+16+8+4+2+1=255)
Network addresses may look like this to us . . .
128.32.15.22
. . . but they look like this to a computer:
10000000.0010000.00001111.00010110

What is a Network Address? (cont)

128 64 32 16 8 4 2 1
I 0 0 0 0 0 0 0
128 64 32 16 8 4 2 1
0 0 0 I 0 I I 0

128 64 32 16 8 4 2 1
0 0 1 0 0 0 0 0
128 64 32 16 8 4 2 1
0 0 0 0 I I I I
128
32
15
22
128 + 0 = 128
32 + 0 = 32
8 + 4 + 2 + 1 = 15
16 + 4 + 2 = 22
Given the address of 128.32.15.22 . . . . .
This is why 128.32.15.22 = 10000000.00100000.00001111.00010110
Counting IP addresses
120.19.0.12
130.15.16.17
10.0.0.0
15.255.255.0
11.254.254.255

Note: Binary counting ALWAYS starts
with a 0, not a 1. Also, counting like
this does NOT apply to subnet masks
120.19.0.13
130.15.16.18
10.0.0.1
15.255.255.1
11.254.255.0
120.19.0.11
130.15.16.16
9.255.255.255
15.255.254.255
11.254.254.254
Network addresses are grouped into classes.
Class Network Range Binary Representation
Class A 0-127 00000000 - 01111111
Class B 128-191 10000000 - 10111111
Class C 192-224 11000000 - 11011111
1 byte 1 byte 1 byte 1 byte
(8 bits) (8 bits) (8 bits) (8 bits)
Class A Network Host Host Host
Class B Network Network Host Host
Class C Network Network Network Host
What class of address is 128.32.15.22?
What is a Network Address? (cont)
What is a Network Address? (cont)
Network addresses consist of two parts
Network address
Host or node address
Similar to an address for your home/business




Networks are like this; we have a few big cities
with lots of homes and lots of small cities with
few homes.


128.32 .15.22
Network Address
Host Address
12050 Main Street
Anytown, MI 48300
Regional Address
Street Address
What is a Network Address? (cont)
Within each class there are are two ranges of IP address
types (RFC 1918)
Public range
Allowed on the internet addresses must be
registered
Private range
Not allowed on the internet unregistered for
private use only

Class Private IP Addresses (RFC 1918)
A 10.0.0.0 to 10.255.255.255
B 172.16.0.0 to 172.31.255.255
C 192.168.0.0 to 192.168.255.255
IP Version 4
209.46.18.195
11010001.00101110.00010010.11000011
In common use today on the Internet and LANs. Packet
Header varies in size

Uses 32-bit address as shown above in blue or 2^32

When represented in decimal form, an IP address has four
numbers, one for each byte. This notation is dotted quad and
takes the form shown above in red. The decimal value of each
quad is between 0 and 255.

Certain address spaces are reserved for private and multicast
networks. These addresses can not be used on the Internet,
but can be used on LANs.

Private IP address space is most commonly used on LANs.
Private address space includes the following ranges.
10.0.0.0 to 10.255.255.255 Class A
172.16.0.0 to 172.31.255.255 Class B
192.168.0.0 to 192.168.255.255 Class C
IPv6
bits 16 16 16 16 16 16 16 16 = 128
IPv6 2001:0db8:85a3:08d3:1319:8a2e:0370:7344
In limited use today, is likely to be in common use by the end of
the decade. Being tested on Internet II

Uses a 128-bit address, represented as a 32-digit hexadecimal
address. Normally written as eight groups of 4 hex digits as
shown above in red.

Will allow every network device in the world to have a unique
address.

Supported by modern operating systems.

Different IPv6 forms of expression
1080:0000:0000:0000:0000:7435:192.168.100.1
1080:0:0:0:0:7435:192.168.100.1
1080:0:7435:192.168.100.1
1080::7435:192.168.100.1
IP Version 6
The next generation of the IP protocol is IPv6. 2^128
340 undecillion or 340 trillion, trillion, trillion addresses
It uses a fixed packet header size of 40 bytes so that
information always appears in the same place.
Goals of IPv6

To provide for transition from IPv4
Simplify the header fields of IP
Provide for authentication and privacy
To expand routing capabilities
To expand addressing capabilities
To expand quality of service capabilities
To improve support for options
Subnet Mask
255.255.240.0
11111111.11111111.11110000.00000000
Like an IPv4 address, a 32-bit number.

Used with IPv4 addresses to logically segment networks.

A host uses its IP address and the subnet mask to
determine which addresses are on the local network and
which are on remote networks.

Traffic destined for hosts on the local network is sent
directly to that host.

Traffic destined for remote networks is sent to the router.
Network Address Translation
Where one public IP address (one that
is unique to the Internet) is shared by
hosts on the private network.

Hosts on the Internet can not initiate
contact with a host on the private
network.

Hosts on the private network can initiate
contact with hosts on the Internet.

Once contact is established, bi-
directional communication is possible.
Address Assignment
Addresses must be unique to the network.

Two hosts on the Internet cannot have
the same IP address.

Two hosts on an organizations private
network cannot have the same IP
address.

Two hosts on different organizations
private networks can have the same IP
address.

DHCP Address Assignment
Addresses can be assigned manually or
dynamically.

DHCP is commonly used to assign
TCP/IP addresses automatically.
Computer boots up and is assigned
TCP/IP configuration via network.
Addresses can be assigned on a first
come, first serve basis from a pool or
reserved on the basis of MAC
address.
Dynamic Host Configuration Protocol
(DHCP) Bootstrap Protocol (BOOTP)
DHCP assigns addresses from a poll, then removes it from
pool
Host sends DHCPDISCOVER message on local IP
subnet to find the DHCP server, using IP broadcast
address
DHCP server response with DHCPOFFER message
Host sends DHCPREQUEST message to identify the
server to be used
Server response with DHCPACK message with the
assigned IP for client
Host sends on port 67 UDP
Server sends on port 68 UDP

Address can be reserved for a specific MAC

DHCP Relay Agents can help cross subnets for server
Dynamic Host Configuration Protocol
(DHCP) Bootstrap Protocol (BOOTP)
Parameters a DHCP can automatically set
IP address
Subnet mask
Gateway (router) address
DNS address
WINS address
Wins client mode

BOOTP diskless operating systems,
automatically configure host during bootup on a
TCP/IP network
DNS (Domain Name System)
Used to translate friendly names such as
www.emcp.com into IP Addresses such as
209.46.18.195.

DNS is distributed. No single server hosts all
DNS records.

Records are segmented into zones. A zone is a
common namespace.

DNS servers that host zones near the top of the
DNS hierarchy can refer requests to DNS
servers that host zone towards the bottom of
the DNS hierarchy.
DNS Addresses
DNS addresses, also known as Fully Qualified Domain
Name (FQDN), are a collection of zone information
proceeded by a host name.

Each element is separated by a period.

A DNS address is read from back to front or right to left.
au, edu, and unimelb are all separate zones, hosted on
separate DNS servers. Host name library is part of the
unimelb zone.
.au
Country Code
.edu .unimelb library
Top level
domain
Organization
domain name
Host name
Local DNS Servers
Almost all LANs have a local DNS server.

Clients on the LAN address all DNS requests to the local
DNS server.

The local DNS server either returns the answer to the
request from its own database, or it will query other DNS
servers to locate the answer.

In the past, DNS information was entered manually by
administrators.

Today, many DNS servers can be automatically updated,
so that hosts that have different IP addresses can be easily
contacted via DNS name.
DNS Resolution
DNS client host1.emcp.com queries its preferred DNS server.
The DNS server in turn queries a series of DNS servers,
beginning at the top of the DNS hierarchy until it returns a
result from the server that holds the zone that the target host is
located in.
CIDR Rules
IP address is ANDed with bit mask to
extract network portion

Classless Inter-domain Routing (CIDR)
Specifies length of bit mask

Example 192.168.2.10/23
C0A8020A + FFFFFE00 = C0A80100
Range is 192.168.1.0 192.168.2.255
First and last addresses in subnet are
reserved

Network Infrastructure
S
w
i
t
c
h

1

Switch 2
Switch 3
R1
R3
R4
R2
R7
R6
R9
R8
R5
Switch 4
IP Fragmentation
Routers may break packets into smaller
chunks (fragmentation)

Destination host is responsible for
reassembling all fragments into original
packet

Performance impact on modern (ASIC
based) routers

IP Dont Fragment
Flag in header to indicate that packet
should be discarded instead of
fragmented

Basis for Path MTU Discovery protocol
Find the largest packet that can transit
the entire end-to-end path
Router may return an ICMP error
message when it discards the packet
PMTU black holes can occur

TCP Protocol
TCP provides connection orientated
delivery service
Reliable Delivery
In-order guarantee
Loss detection and recovery
Flow control
Error detection
Hides network details from
applications

TCP Header
Fixed size header field (20 Bytes),
Variable length options

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |C|E|U|A|P|R|S|F| |
| Offset|Reserve|W|C|R|C|S|S|Y|I| Window |
| | |R|E|G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

TCP Connection Setup
Host in Listen state does passive open
Host in Connect state does active open
Hosts complete a 3-way handshake to
complete open (move to Established
state
Full Duplex connection established,
hosts can transfer data in either direction

TCP Flow Control
Original design relied on TCP Window size to
control number of packets entering the network

Real world experience showed that network
could experience congestion collapse and new
mechanisms were needed
Slow Start after connection is opened
Exponential Growth algorithm
Congestion Avoidance once loss is detected
Linear Growth algorithm

TCP Reno
Most common version of TCP today

Loss based detection to switch from
Slow Start to Congestion Avoidance flow
control

Transmit and Receive windows to
guarantee reliability

TCP modifications
Most changes to TCPs Congestion Avoidance
growth algorithm
Recognized that linear growth is not efficient
for Fast Long-Distance Paths

Delay Based
Detection
Vegas
Fast

Loss Based
Detection
Reno
High Speed
BIC, Cubic
UDP Protocol
UDP User Datagram Protocol
Application must provide
Reliability
Flow Control
Useful for short messages
DNS
Real Time audio/video

UDP Header

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data Octets
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


Real-time Transport Protocol
RTP Real-time Transport Protocol
Carries data with real-time properties
Used for Audio and Video streams
Header contains sequence number
and timestamp to provide receiver with
pkt info

RTCP RTP Control Protocol
Carries control information about the
stream from receiver back to sender

Unicast vs Multicast
Unicast packets - 1 source & 1 destination

Multicast packets
IP addresses (224.0.0.0 239.255.255.255)
Single source, multiple receivers
Multiple sources, multiple receivers
Routers and Switches must support multicast
to prevent unwanted packets from flooding
the network

Multiple unicast streams can be used to emulate
a multicast session

Multicast Traffic
Source starts sending packets using a
multicast IP address

Local router/switch uses control
messages to advertise traffics availability

Receivers send request-to-join
messages

New path from receiver to merge point
is created and traffic flow begins