Networking Q&A

Sliding window and HDLC

Sliding Window places a buffer between the applications and the network data flow. The data received from the network is stored in the buffer so the application can read it at it’s own pace. Each frame has a sequence number which helps in reassembling and error detection. As the application reads data, space is freed up in the buffer for more data. The window is the size or amount that can be “read ahead”, the window sends “window announcements” to the remote host with updates of the window size so the data transfer can be managed on the fly. If the application can’t take all the data, the window will be “closed” by sending out a window size of “0” and the remote sender will stop transmission. If the application can handle data quickly, the window can store multiple packets at once. This is great for flow control as it can adjust automatically depending on the situation. For error control, ACK or acknowledgement frames are sent back to the sender when packets are received correctly and “NAKs”, negative acknowledgements if the packet is received with errors. Also, a timeout is in play, if an ACK or NACK is not received after a certain period of time the packet is resent.

In HDLC data is divided into frames. An HDLC frame will typically have 5 or 6 fields. The two fields on either end of the frame are “flags” which indicate where each frame stops and starts. The second field is the address field, the control field which indicates the type of frame being sent(meaning is it an ACK, NAK, etc.?). The next one, alternatively called Data or Information field will contain the actual data being transmitted(or nothing at all). Before the end flag field is the frame check sequence field which is used for detecting errors in the frame.

Switching - Types of switching

Circuit switching is similar to a telephone connection, a dedicated, end-to-end connection is established for the whole transmission. No one else my use the connections while these two end users are controlling them. This is more expensive than packet or cell switching since the line cannot be accessed by other users.

Packet switching, data is broken up into smaller units , packets. Each packet holds its destination information and is delivered independent of all the other pieces even though they may be part of the same file. Often called “connectionless” this makes it possible for many users to access the same network for various transmissions. The packets are reassembled into their original format based on the information they hold in their headers. It similar to a jig-saw puzzle sent through the mail a piece at a time. When all the pieces have arrived, they can be placed in the proper order. Unlike circuit switching, multiple users can access the same connection.

Cell switching, this is typically wireless. Cells are areas of access control, often owned by various companies. Data is moved from one cell to another until it reaches its destination. There may be gaps in service, places where a user can “roam” into where connections cannot be found. Cell switching is used in ATM(asynchronous transfer mode). In ATM the “cell” is 53 bytes long(kind of like a packet except that packets are not set to a specific limit) the cells are reassembled at the destination in their original format. Once thought to be the up-and-coming technology, ATM has fallen to the wayside slightly.

Virtual Circuits

A virtual circuit is a way of emulating a dedicated, circuit-based connection within a network of shared resources. As opposed to a “real circuit” where the connection is physical. Portions of virtual circuits may in fact be real circuits. Maintaining real circuits over long distances is expensive and prohibits other users from accessing the resource. There are two main types of virtual connections: permanent virtual connections(PVC) and switched virtual circuits(SVC)

PVC is a logical connection that is always available to the user as if it were a single line. This often works by assigning a user a section of bandwidth. This connection type of connection is typically maintained and removed by an administrator, rather than automatically by software. SVC is a connection that is established while data is being transmitted and then disappears. The next time data is sent a new SVC is created. SVCs can be found in X.25 networks. This way while data is being transmitted the connection does not have to be shared. The connection is destroyed when released and a new connection would have to created in the future if needed.

Standard 56k Modems

So the speedometer in your car goes up to 120, but do you ever really get to drive that fast? Kind of like that, the 56k is the limit(or theoretical limit. The software for my modem displays the current connection speed, at this time it is 53,333 bits per second(and this may not be the actual level). Sometimes it is slower, sometimes faster, but never 56. In fact, it is different in each direction, slower in sending than in receiving(around 30k when I’m uploading). If it runs bellow 50, I usually hang up and call back. The actual transmission level has a lot to do with the quality of the line, line noise and electricity. Since telephone service is part digital and part analog, there is a lot of conversion, signal changes and power adjustments. Generally, local telephone service is analog and the longer distance lines are digital. The modem takes the digital signals from my PC and turns them into analog signals to be sent on the local lines. This signal could be re-converted a few times before reaching its destination. The analog lines require electricity(provided by the phone company) to transmit. Increasing the electrical current can cause “cross-talk” where other signals interfere with your transmission. The phone companies will typically keep the electrical current low to limit the cross talk interference which reduces the transmission speed. This limitation was put in place by the FCC which sets a 53k limit on the modem. The end of this limitation was proposed in 1998(see the FCC report:

Cable Modems v. xDSL

In an effort to provide consumers with choice and to foster market competition, the federal government passed the Communication’s Act of 1996. This has helped to bring about a variety of services. However, most consumers probably do not know the difference between them or are aware of the options available. It also hasn’t helped that the companies keep changing hands.

There are benefits and drawbacks to both technologies. To start, cable is always connected, there is no need to dial up and wait for a connection to be established. This also frees up the household telephone line, eliminating the need to call waiting or a second phone line. The connection is pretty fast, about 1.5 Mbps, much faster than traditional dial modems. For those who don’t have home computers, many cable providers supply boxes for television sets that allow users to access the Internet from their TV. There are some drawbacks. One is that the connection is shared with other users in the neighborhood and connection speed can depend on who is using it and for what. Also, security issues are created by the constant connection(this would apply to the PC connections not the TV ones). Since the connection is always open, your PC is vulnerable to attacks and personal information can be accessed. Beyond the constant connection, the IP address of your PC remains the same ”static”(unlike a typical modem where it changes each time you connect) and this is a kind of beacon to hackers. Users will need install and configure their own firewall software and many people do not have the knowledge or time to deal with this.

The cable connection uses a type of multiplexing called "time division multiplexing" where several signals can be sent on the same line at different time increments. The media is the same coaxial cable used to deliver television and can carry lots of information.

DSL(Digital Subscriber Line) uses the phone co.’s twisted pair copper analog lines already in place. DSL Eliminates the analog-digital conversion which allows data to be transmitted above the typical 56k modem limit. In some cases, the connection can be split allowing users to access the internet and normal voice communications on the same line. Unlike the cable connection, you are not sharing your DSL connection with users in your neighborhood. Using cable is kind of like being on a office LAN. DLS uses using frequency division multiplexing, one line will have several sub-channels similar to the way many stations on the FM band share the frequency range from 87.9 to 180.00. With DLS we can run into the similar security problems experienced by cable, with connections always being open, but not the security problems of “sharing” the network with users in the area.

The framework of the Link Control Procol of PPP

LCP(Link Layer Protocol) establishes, configures and tests data-linked Internet Connections.


Both ends of a PPP(Point to Point Protocol) connection must send LCP packets before a complete point-to-point connection can be established. LCP can accept or reject the identity of a peer, and then it will agree on a packet size limit and look for configuration errors.


The packet usually has four fields:
| Code | Identifier | Length | Data |
There are three types of LCP packets: 1. Packets used to establish a link, 2. packets used to terminate a link and 3. debugging packets.
The type of packet is specified in the code field.
The identifier field helps reduce duplicate packets being sent and received.
Length indicates the size of the packet.
The format of the data field is determined by the code field above.


For example, on a telephone line LCP will check the connection to determine if it is good enough to transmit at an acceptable rate. Once the connection is deemed acceptable, transmission begins. If LCP finds that the link is not functioning properly, the link will be terminated.

RFC 1548
RFC 1661

The Frame Type or Protocol Type usually follows the two fields holding the destination and source address. This field has a code which indicates what higher level protocol is used to create the packet(it also may contain some information on length).

Not all protocols have this kind of field in the header, but SRP-MAC, PPP and IP also have Protocol Fields

Classes, types of addresses

The original scheme for assigning Internet addresses divided the addresses in to 5 classes. The whole range runs from to The addresses are divided up into 4 “octets” which are 8 bit numbers separated by periods(or decimal points). The first number can be used to quickly identify which class(designated by the letters A - E) owns the number. This is a table of the 5 classes: - Class A - Class B - Class C - Class D - Class E

(127 is missing because it is used for loop back testing. The D and E classes are often left out of the discussion because they are planned for future use or have a special purpose)

Therefore it is rather easy to tell which class an address belongs to by examining the first number. For example, would be Class A and would be class B.

Explain Traceroute

Traceroute(or tracert) is a great utility for measuring the distance(in hops or router stops). Records and displays the path a packet takes from the source PC and a designated destination host. It is often used for troubleshooting or debugging network applications or connections.

Traceroute uses IMCP(Internet Control Protocol Message Protocol) and the TTL(time to live) frame in an IP packet. Time To Live is a decremented counter that decreases with each hop. If the value is zero, the frame is dropped, but a notice is also sent alerting the event(this is the IMCP error message). TTL was designed to keep a packet from hanging around the Internet indefinitely, but in this situation it is always set to 1 so the packet is dropped between each host generating the information in the error message and the repeated errors are used to create a timeline and path of the packet’s route.

If I were to issue a traceroute between points A and G. A packet would have to pass through B,C,D,E, and F to get there. A packet would be sent out to with a value of 1 and only make it to B. The information would be returned and another packet would be sent out with a value of 2 which only makes it to C, and so on until a proper map is created.

Ethernet switches, frame delivery and self-learning

It depends. If the address is in the switch table it will send it directly to the port that device is on or to the device. Otherwise it may take a moment to verify the device and then write it in the switch table.

When packets are passed through a switch, the switch creates a table of the various packet destinations. In essence this table is a “map” of the network which helps the switch move data more efficiently.

Link state or distance vector algorithm

The first issue is the type of transmission media. Distance Vectoring was made for 56k. Therefore, it can’t handle more bandwidth. Link State would be better at handling faster media with multiple channels. Another issue, of course, is the size of the network. In general, a distance vector method is not practical on a large network, since Link State makes a much better “map” of a network by discovering the neighbors and their addresses, measuring the delay(or cost) and forwards this info to all the members. Distance Vectoring uses “echo packets” for obtaining information about routes and distances. This is great for small networks but are totally impractical for large networks. By the same token, Link State is not practical for smaller networks since any benefit from the constant network information would be lost in the overhead created by the passing of this information.