Networking Index

  1. Start with Networking Basics
  2. Media types : What moves the data
  3. Layers: Seperate parts within the network
  4. Important Concepts
  5. Networking QA: Hard Questions, clear answers
  6. Using RFCs: Standard Documentation
  7. Sepcific Protocols: How the data is moved
  8. Internet Tutorial
  9. Wireless
  10. Security
  11. Links

What is a Network?
A network is system of devices that provide, deliver or receive services. Examples of networks are:
Places where services reach their end points are called terminals. The above examples, a kitchen sink, your telephone or a lamp would be terminals.

What is a Computer Network?
Information processing devices connected in order to provide, move or receive data trasmission services. In computer networks we are concerned with how data is packaged and moved through a wide variety of computers, networks and transmission media.

What is Transmission Media?
Transmission media is the way that data is moved between computers and networks. Examples of media are:
Although it is listed as media type, we will ignore magnetic media since it does not help us in understanding how networks function. In general the manual moving of magnetic media is called "sneaker-net." Radio and infared will also receive little attention because of various environmental problems that prevent their widespread use.

The focus of networking will be on the various wire types and the more advanced wireless media.

What are Network Layers?
Network services are divided into layers that do different things with and to our data. For most people seeing a network as a single function is enough, but to understand its true nature it must be broken up into pieces just as the digestive system is comprised of many organs with distinct functions.

What are the Network Layers?
There are different layer models. The OSI model has 7 layers and is a bit more complex. Here, I'll be using the Internet layers of which there are 5.

  1. Application(5)
    • Protocols: HTTP, FTP, SMTP, TELNET
    • Provide services to the network applications
    • Ensure that the other party is identified and can be reached
    • Authenticate the message sender, receiver or both
    • Make sure the communication recources exist
    • Ensure agreement at both ends about error recovery, procedures, integity and privacy
    • Determine protocol and data sintax rules at the application level
    Application Layer software schema
    | FTP | HTTP | SMTP |
    | TCP | UDP |
    | IP LAYER |
    | Ethernet |
  2. Transport(4)
    • Protocols: TCP, UDP
    • Ensure the reliable arrival of messages and provide error checking and flow control
    • Provide services for both connection oriented and connectionless trasmissions
    • Transmissions may arrive in the form of packets that need reconstruction
  3. Network(3)
    • Protocols: IP
    • Know the addresses of local nodes in the network
    • Package output with correct network address information
    • Select routes based on QoS(Quality of Service)
    • Recognize and forward to the Transport layer messages for local host domains
  4. Link(2)
    • Protocols: PPP, Ethernet
    • Initilization, transfer, error handling and disconnect
    • There are two sublayers here: MAC(Media Access Control) and LLC(Link Layer Control)
    • Divide output into frames
    • Handles Acknowledgements from a receiver that data arrived successfully
  5. Physical(1)
    • A combination of hardware and software, not the physical media per se
    • Determines how to put the data into a stream that is formatted for the pins, fiber, radio or whatever media is available
    • Supports the electrical or mechanical interface
    More on Physical Layer details

Data Link Level Functions

Data Link Layer Services: Can be either: Unreliable, unacknowledged, connectionless OR Reliable, acknowledged, sequenced, connection oriented(LAP-B).

Important Concepts

Circuit V. Packet Switching

Circuit switching is a connection-oriented, dedicated communication that reserves and holds a physical or logical path for the duration of transmission. No one may use the connection or path until it has been terminated. Packet switching is a connectionless, packet based communication which uses shared paths. The internet in general is set up this way as are x25 networks.

Sliding Window

A method of flow control used in TCP that places a buffer between the application and the data flow. Data is stored in the buffer and the application pulls it at its own pace. As the data is read, more space is freed in the buffer. The “window” is the amount of data that can be read ahead, i.e. stored in the buffer. “window announcements” are used to inform the remote host of the current window size. If the application cant process data at the rate being sent, the window size drops to zero and the remote host stops transmission. More Slidding Window.


Sending multiple signals or streams of information on a carrier at the same time in the form of a single, complex single and then recovering the separate signals at the receiving end. Analog signals are done with FDM, bandwidth is divided into sub-channels Digital signals are done with TDM, bandwidth is accessed at alternating time slots

Ethernet Frame Headers

Preamble | Destination | Source | Type | Data | Pad | Checksum |


A collection of user submitted “notes” on various subject. There are multiple topics and groups. NNTP is used to submit and post notes.

New TLD’s

A program to expand the domain types by adding .info, .biz, .museum, .coop, .name, .pro, and .areo. At present these are the only new ones proposed by ICANN


Basic Data transfer; Connections; Reliability; Flow Control; Multiplexing; Precedence and Security

TCP/IP protocol stack

In this model the work is broken into many layers that have a virtual connection with a similar layer on the receiving end but are really being passed through various complex layers.

IP Services

Connectionless datagram service; No delivery acks; Used with t-layer connection oriented TCP; T-layer makes up for deficiencies


The MTA has five main functions:

  1. Message Routing and Flow: Routing mail based on the header information
  2. Distribution list expansion: Each object is examined and delivered to either the public or private information store
  3. Loop detection: Make sure no messages are repeated
  4. Message Fan-out: Decide which connectors and copies of messages are placed on the connector
  5. Format conversion: Different connectors sometimes require different formats

Frame Relay

In a frame relay network each station has a connection known as a port which has a designated unique address. Data is organized in frames that have two parts: the Data and the Control Block. The frames are sent over virtual connections. Each access port is connected to the “frame cloud.” Inside the cloud are a series of Frame Switches. The switches determine the routes which the frames are moved through. The network establishes “virtual connections” and each connection is designated by a Data Link Connection Identifier(DCLI). Unlike Static Connections, a single frame relay port may have multiple virtual connections without increasing physical links. Frame relay lies on the Data Level of connections between routers.

Frame relay frame
| Flag | DLCI(high order) | C/R | EA | DLCI | FECN | BECN | DE | EA | Payload | FCS | Flag |

DLCI within frame relay: A 10-bit field which identifies the data link and its service parameters, including frame size and CIR

Frame relay & error handling: Frame relay uses Cyclical Redundancy Check. This is detection rather than checking since it is assumed the underlying network is reliable. Error correction is left up to TCP at the upper layers.

CIR: A frame relay bandwidth associated with a PVC.

FECN/BECN: Used in frame relay for congestion control. Notifications are sent to slow down traffic.

LMI: Frame Relay management protocol, an added extension to provide maintenance for complex networks.

PVC: A software defined logical connection with a committed bandwidth

Tariff: Pricing based on the parameters of a frame relay set up

MIME types

The MIME header is placed at the beginning of a web transmission to associate an attached file type. These are used to indicate text, audio, video, and image attachments

Synchronization and Framing

Insert checkpoints in a data stream to pick up where errors left off rather than from the beginning again. Since data stream is not error free, schemes are used to detect and handle errors. Using checksums to calculate the headers.

ARP caches

Instead of broadcasting, recently acquired IP-to-Physical address bindings are maintained so ARP is not used repeatedly. PCs look in ARP cache before sending an ARP request.

Data Transparency

Handling data transfer in a way that makes the user oblivious to the underlying complexity of the network.

Router Forwarding Table

Routers have a list of networks(prefixes) and “next hop” addresses

Error Control

Ability of a protocol to handle errors or loss of data. Allows data that is being read or transmitted to be checked for errors, and when possible, corrected on the fly.

Flow Control

The management of data flow between computers or devices or between nodes in a network so the data can be handled at an efficient pace. More Flow Control.

Fragmentation and Reassembly

A data file over a certain size is stored in several chunks or fragments rather than in a single contiguous sequence of bits in one place. The pieces are put back together with sequence numbers placed in the headers.


A method for finding the best route for delivery by sending table updates


Started by DARPA after the internet worm incident to handle network emergencies


Handles the management and issuing of IP addresses on the Internet

Hubs, routers, switches, repeaters

Hub – where data arrives from one or more directions and is forwarded out in one or more other directions. Typically includes a switch. Switch – A network device that selects a path or circuit for sending a unit of data to its next destination. Router – device or in some cases software in a computer that determines the next network point to which a packet should be forwarded. Repeater – a device that receives a signal on an electric or optical media, amplifies the signal and then retransmits to the next media.


When data is broken up, sequence numbers are applied to the packets so the data can be reassembled in the correct order at the destination.


Layer responsible for data transfer across a single physical connector or a series of bridged connections. Provide reliable data transmission from one node to another and shield higher layers from any concerns about the physical transmission medium. Concerned with error free transmission of frames data. Divided into two sub-layers: LLC – allows above layers to access LAN resources regardless of how the network is implemented, MAC – determines how the physical medium is accessed. Principle service is transferring data from the network layer on the sender side to the network layer on the receiver side. Breaks data into frames and computes a checksum. Error control and flow control.

Network Prefixes

Digit that follows a “/” after an IP address

Generic Router Functionality

Routers exchange path information to maintain levels of delivery service Routers use either Vector-Distance or SFP to achieve QoS

Planning and net management required for routers. Runs at Layer 3. Specific protocols supported. Multiple collision and broadcast domains. Services requested explicitly. Supports fragmentation and other protocol specific net layer functionality. Access lists and other security features. Supports complex net topology. Forwards packets based on “next best hop”. Trades with other routers to update tables. Implement management and control functions.

Closed Listen
SYS Sent---> *SEQ 100* *SYN* ----> SYN RECEIVED
ESTABLISHED --->*SEQ 101* *ACK 301* *ACK* --------> ESTABLISHED

Using RFCs: Standard Documentation

RFC stands for "Request For Comments" and is standard public documentation for networking protocols, topics and standards. Each RFC is assigned a number. For example: #2822 concerns internet message formatting, #1983 is an Internet user's glossary. These are public, free and widely availible on the Internet on multiple sites.

Some RFC libraries:
Important RFCs

Internet Protocols

SMTP & Email

UDP - User Datagram Protocol

A communications protocol with less service that TCP, but works with the IP protocol in a similar way. Unlike TCP, UDP does not break transmissions into packets. UDP can be used in situations where the messages are known to be small and resources do not need to be spent using TCP. Provides port numbers to help distinguish between different user requests. Computers may have multiple programs running at once. UDP will distinguish between the various processes via port numbers. UDP lies in the Transport Layer.

You may view your UDP settings by openning a DOS prompt and typing "NETSTAT -A" at the command line.

UDP Packet format:

| Source Port | Destination Port | Message Length | Checksum | Data |

Simple t-layer protocol; Datagram delivery service; Multiplexing via abstract destination Checksum violates strict protocol layering concept; Port assignment mechanism uses well-known ports and dynamic binding

TCP/IP - Tranfer Control Protocol/Internet Protocol

These are two seperate protocols that are used together to form the basis of most network and Internet data. The term TCP/IP is also used to generically refer to the 100 or more protocols available for networking.

Information passed over the Internet is broken up into packets. This helps data move more quickly as the lines are shared by many users rather than dominated by a few users moving large files.The TCP protocol devides your e-mail, web pages and downloads into packets and inserts error control to make sure the packets arrive intact.

The IP protocol actually does the heavy lifting. IP moves the data from place to place.

A good analogy is a package delivery company. The loading dock worker sorts the packages and places them on the the truck. The truck driver moves the packages from place to place. TCP is the loading dock worker, IP is the truck driver. TCP provides reliable stream delivery. Provides full-duplex connection. Uses Sliding window for flow control.

What is your IP address?
Open a DOS prompt and type PING LOCALHOST

What open TCP connections do you have?
Open a DOS prompt and type NETSTAT -A

Controls packet delivery, connection-oriented, exists on “layer 4” the Transport layer of the OSI model. Works with IP and UDP. TCP/IP connectionless, unreliable, best effort packet delivery. TCP connection establishment: Uses the three-way handshake. Initiated by one TCP and responded to by another.

TCP/IP provides three sets of services:

  1. Application Services
  2. Reliable Transport Service
  3. Connectionless Packet Delivery

TCP code bits URG - Urgent
SYN – Synchronize sequence numbers
FIN – End of data from sender
PSH - Push
RST – Reset
ACK – Acknowledgement for flow control

IP formally specifies the format of internet packets and data areas. Fragmentation control and checksum

IP’s Three definitions:

  1. The basic unit of data transfer
  2. Routing function
  3. Rules about unreliable packet delivery

IP routing is a decision of where to send a datagram based on its destination IP address. When IP software looks up a route the algorithm provides the IP address of the next machine that the datagram should be sent to. Internet routing algorithm is table driven and and uses only IP addresses.

Two forms of routing:

  1. Direct
  2. Indirect

Extending & Conserving IP addresses by:

ICMP - Message control and error reporting between a host and gateway using IP datagrams and invisible to the user. ICMP is used to report communication problems between routers and hosts. ICMP is part of IP.

Regional IP addresses: 194 – Europe, 198 - N. America, 200 - Ct. & S. America, 201 – Asia & Pacific

Private IP addresses: A range of addresses typically used inside networks

Special IP addresses: 0 – this host, 127 – loop-back, 255 - Broadcast

IP addresses are assigned independent of a machine’s physical address

Classiful Addressing: Division of internet addresses into classes

Subnet Addressing: Extension of IP scheme that allows a site to use a single network address for multiple physical networks.

IP Packet

| Version | HLEN | Service Type | Total Length | Identification | Flags | Fragment Offset | TTL | Protocol | IPSource | IP Destination | IPOption | Padding | Data |

DNS - Domain Name System

The system that turns domain names into machine readable IP addresses and the computers that make up this system. This is DNS address resolution.

Every website, host and machine on a network has a TCP/IP address. This is a four-part code number that is the "address" of the machine. No one would be able to remember all of those code numbers, so websites and machines are given "human" names that can be remembered. For example, the TCP/IP address of is To see this, open a DOS prompt(while connected to the Internet) and type: PING AMAZON.COM. The response should reveal the IP address in number form. To see the address of your own machine open a DOS prompt and type PING LOCALHOST. Also, if you are running Windows 95, you may also type WINIPCFG, IPCONFIG in NT.

Mapping between host names and IP numbers:

DNS queries

PCs request the addresses of other hosts, the DNS is queried and will in turn query other DNS until the information is found and returned to the machine that sent the query

DNS files

“database” that contains the needed information for turning names into IP addresses and vice-versa

DNS root server query

Root servers are master DNS servers that have data on all TLDs. Root servers are queried when the local DNS does not have the information.

DNS MX Query

Mail exchange query used specifically for mail handling. A DNS system must have at least one MX record in order for mail to be handled. The MX query will produce the domain based name of the mail server. Example: Query:, MX reply


Application layer protocol for sending and receiving text messages, “email”

SMTP headers

HELO - Greet the mail server. Used once per session - at the beginning of the session
MAIL FROM: - Announce who the sender is. Used once per mail, before specifying any recipients for each mail, or after a RSET
RCPT TO: - Announce who the mail is to. Multiple recipients are allowed, each must have its own RCPT TO: entered immediately after a MAIL FROM:
DATA - Starts mail entry mode. Everything entered on the line following DATA is treated as the body of the message and is sent to the recipients. The DATA terminates with a . (period) on a line by itself. A mail may be queued or sent immediately when the . is entered. It cannot however be reset at this stage.
RSET - Reset the state of the current transaction. The MAIL FROM: and RCPT TO: for the current transaction are cleared.
QUIT - End the session. No commits happen here.

SMTP reply codes

200 Range – ok, transmission free of errors, delivery success, etc..
300 Range - ?
400 Range – Errors or problems at remote host
500 Range – data, transaction and process errors


ARP performs dynamic address resolution using only the lowest level network communication system. Machine uses ARP to find the hardware address to another machine by broadcasting an ARP request. The request has the IP of the machine for which it needs the MAC address. ARP has low overhead.

PPP - Point to Point Protocol

Useful for connectiong to computers through serial ports, when a network server is unavailable or impractical. When you dial-up an ISP you are using a kind of PPP even though it getting you access to a larger network. PPP is "full-duplex" and can be used with various media. Infared, microwave and fiber optic can all use PPP to pass data.

Used for communication between two machines using a serial interface. Typically a personal computer with a telephone modem. PPP works at the data link layer, has error detection, can handle synchronous and asynchronous communication, full-duplex and can be used on various media.
All about modems.

ISDN - Intergrated Services Digital Network

Broadband ISDN, or B-ISDN, or simply "Broadband." This technology promises a variety of services on media intended for only one type of service, namely telephone wires. The analog public-switched telephone system, using copper wires, was/is insufficent for the transmition of digital data, video and other modern technologies. As the telephone system was developed and installed years before digital computers ans television there was no need forseen for a system that could handle high speed data transmission. At the moment the telephone system is part analog and part digital. Much of the long ditance lines and switching have been replaced by digital lines, but the local lines and local "trunks" are often still analog. The general plan is to replace the entire telephone system with an fully digital service capable of handling multiple types of transmisions.

The present phone system is often called POTS, for "Plain-Old Telephone Service," meaning voice transmission only. Now many parts of the global communication system are fiber optic, satelite, microwave and celular. Since the old telephone switching was done through the direction of a master clock, a new method of transmission had to be created to handle the different types. The underlying technology of B-ISDN is ATM, Asynchronus Transfer Mode. This has nothing to do with bank ATMs(Automated Teller Machines). ATM is not tied to a master clock. ATM transmits data in small cells. These cells may be transmitted by themselves or "wrapped" in another media. The idea being flexabilty, the ability to be carried over any type of transmition method. The beauty of this method is that it may also be applied to private internal networks, allowing hosts and clients to communicate over various types of transmission media.

Part of the idea for ISDN came from a very basic need. The telephone company was running out of copper wire(copper is very expensive) and places to put the wires in large urban areas. Someone came up with the idea of finding a way to put more than one telephone call on a single wire. The solution was to send the calls at different frequencies or wavelengths.

IGP - Interior Gateway Protocol

IGP exchanges routing information. IGP either uses vector distance or SFP


For managing router information within a self contained network/LAN. RIP is an interior routing protocol and a distance vector protocol. RIP uses a hop count as its metric. RIP is widely used in the global Internet as an IGP. RIP sends routing messages at regular intervals and when the network topology changes. RIP maintains only the best route.

RIP packets
Command | Version | Zero | Address Family Identifier | Route Tag | IP Address | Subnet Mask | Next Hop | Metric



WAIS (wide-area information servers or service)

Wide-area information servers (WAIS) is an Internet system in which specialized subject databases are created at multiple server locations, kept track of by a directory of servers at one location, and made accessible for searching by users with WAIS client programs. The user of WAIS is provided with or obtains a list of distributed databases. The user enters a search argument for a selected database and the client then accesses all the servers on which the database is distributed. The results provide a description of each text that meets the search requirements. The user can then retrieve the full text.

WAIS (pronounced "ways") uses its own Internet protocol, an extension of the Z39.50 standard (Information Retrieval Service Definition and Protocol Specification for Library Applications) of the National Information Standards Organization. Web users can use WAIS by either downloading a WAIS client and a "gateway" to the Web browser or by using Telnet to connect to a public WAIS client.

Most Web users will find that the abundance of server files and search engines already available on the Web will make WAIS superfluous. However, librarians, medical researchers, and others may find some specialized information available through WAIS that is not currently available on the Web.

For background, download a paper by Brewster Kahle of the Thinking Machines Corporation, a company that helped originate WAIS. Try ( to obtain a WAIS client and WWWAIS ( for a gateway program to the WAIS client.

LDAP, more
RFC 2251


Digial Subscriber Line. Fast Guide to DSL
AT&T DSL Guide.


Maps internal IP addresses to external IP addresses when communication extends beyond the network and into the Internet. NAT table lists of local(or private) addresses and the global(public) addresses.


Application layer protocol for transferring files


Rules for exchanging files via the web. HTTP methods: GET – Request for a resource, POST – Send data to a server, HEAD – Search header for a resource


RIP is a distance vector protocol. IETF standard for multi-media data formats. Runs at the Application Layer and requests can be made through TCP and UDP.

Important RFCs

768 UDP

Provide a procedure for application programs to send messages to other programs with minimum protocol mechanism. Transaction oriented, delivery and duplication checks not guaranteed.

791 IP Specification

The DoD standard for IP. IP is designed for use in interconnected systems of packet switched networks. Provides for transmitting blocks of data called datagrams between hosts designated by fixed length addresses. Provides for fragmentation and reassembly. Two basic functions: Addressing and Fragmentation. Uses header fields to fragment and reassemble. Each datagram is treated as an independent entity. No connections or logical circuits.

Four Key Mechanisms:

RFC 791

793 TCP

Highly reliable host-to-host protocol between hosts in a packet switched network. Primary purpose of TCP is to provide reliable securable logical circuit or connection service between pairs of processes. To provide services on top of less reliable internet communication layers by providing:

RFC 793

1034 DNS names

Domain names, three major components:

  1. Domain Name Space & Resource Records
  2. Name Servers
  3. Resolvers
RFC 1034

1591 TLD domain names, Domain Name System Structure and Delegation

Hierarchy of names: EDU, COM, MIL, ORG, NET, GOV, INT. RFC 1591

1661 PPP

RFC 1661

1662 PPP in HDLC-like Framing

RFC 1662

1983 Internet User's Glossary

RFC 1983

1984 - IAB and IESG Statement on Cryptographic Technology

RFC 1984

2026 Net Standards Process

IETF is a loosely organized international collaboration of autonomous, interconnected networks, supports host-to-host communications through voluntary adherence to open protocols and procedures defined by Internet standards. Concerned with protocols, procedures and conventions An Internet standard is a specification that is stable and well understood, is technologically competent, has multiple independent implementations and enjoys public support.

Specifications undergo periods of development, several iterations of review and are adopted as standards and published.

Goals of the process are:

Specifications have two categories: Technical Specification and Applicability Statement
RFC 2026

2182 Secondary DNS

DNS requires redundant secondary servers to exist for each domain. Helps spread name resolution load. RFC 2182

2418 IETF guidelines

IETF working groups. IEFT has responsibility for developing and reviewing specifications. WGs are the primary mechanism for development of IETF specifications. RFC 2418

2481 - Explicit Congestion Notification

RFC 2481

2804 IEFT policy on wiretapping

IEFT policy on wiretapping, IEFT is not considering wiretapping as a part of the process for maintaining IETF standards. RFC 2804

2870 Root servers

12 or so servers run by volunteers to manage the “.” Zone. Must not provide any other services but the root service. RFC 2870

3113 Frame Relay Specification

Frame relay signaling. Important functions:
Access Rate(AR) – Data rate of the user access channel
BECN – Set by a congested network to slow transmission
Burst Excess(BE) – Maximum amount of uncommitted data
Burst Size(BC) – Maximum bits network can transmit under normal conditions
CIR – Transport speed maintained when data is presented
CRC – Computational that ensures the accuracy of frames
DLCI – A unique number assigned to a PVC end point
FECN – Set by congested network to slow requests for frames
FCS – Frame checks only bits between flags, not whole header

RFC 3113



S-HTTP is a secure web protocol that uses either encryption, digital signatures or both SSH uses RSA public key for securing terminal emulation connections and logins SSL sits between the application layer and transport layer for securing web traffic

SSH Secure Socket Shell. Unix-based interface for accessing remote hosts, like telnet.


A secure method for authenticating a request for service in a computer network. Used multiple, encrypted “ticket” exchanges to verify a user requesting access.


Applies security at the network/packet level rather than the application level using Authentication Headers or Encapsulating Security Payload. AH allows the sender to be authenticated, ESP uses authentication and encryption.


A system of programs and servers that protect resources and users on a private network from dangerous transmissions on other networks. Examines each packet and compares it to a set of rules or conditions before passing it on.

Public & Private keys

Uses password based RSA encryption. A public key is issued by an authority as an encryption method. The private key is kept by the sender and the public key is used by authorized receivers to decrypt. The public key cannot be used to encrypt or vise versa. This is known as asymmetric cryptography.


A method of extracting a coded string from a word string to create a digital signature or some other kind of verification

Digital Signatures

A method of verifying the source of a document. Using an encrypted hash code, a DS can be placed on an encrypted or plain text document.

Denial of service

A type of hack or attack that prevents normal network connectivity

Cryptography & Data Encryption

A method of turning text or data into an unreadable format for security and privacy purposes.

Backdoor Programs
Buliding Good Security Policy

Links on Networking
Demystifying and Decyphering the Internet