INTRODUCTION TO PROTOCOL

protocol is the set of standard rules for data representation, signaling, authentication and error detection required to send information over a communications channel. An example of a simple communications protocol adapted to voice communication is the case of a radio dispatcher talking to mobile stations. The communication protocols for digital computer network communication have many features intended to ensure reliable interchange of data over an imperfect communication channel. Communication protocol is basically following certain rules so that the system works properly.

Network protocol design principles:-

Systems engineering principles have been applied to create a set of common network protocol design principles.These principles include effectiveness, reliability, and resiliency.

Effectiveness

A communications protocol needs to be specified in such a way that engineers, designers, and in some cases software developers can implement and/or use it. In human-machine systems, its design needs to facilitate routine usage by humans. Protocol layering accomplishes these objectives by dividing the protocol design into a number of smaller parts, each of which performs closely related sub-tasks, and interacts with other layers of the protocol only in a small number of well-defined ways.

Protocol layering allows the parts of a protocol to be designed and tested without a combinatorial explosion of cases, keeping each design relatively simple. The implementation of a sub-task on one layer can make assumptions about the behavior and services offered by the layers beneath it. Thus, layering enables a "mix-and-match" of protocols that permit familiar protocols to be adapted to unusual circumstances.

Reliability

Assuring reliability of data transmission involves error detection and correction, or some means of requesting retransmission. It is a truism that communication media are always faulty. The conventional measure of quality is the number of failed bits per bits transmitted. This has the useful feature of being a dimensionless figure of merit that can be compared across any speed or type of communication media.

Data transmission often requires bit error rates below 10-12. Computer data transmissions are so frequent that larger error rates would affect operations of customers like banks and stock exchanges. Since most transmissions use networks with telephonic error rates, the errors caused by these networks must be detected and then corrected.

Communications systems detect errors by transmitting a summary of the data with the data. In TCP ( Transmission Control Protocol), the sum of the data bytes of packet is sent in each packet's header. Simple arithmetic sums do not detect out-of-order data, or cancelling errors. A bit-wise binary polynomial, a cyclic redundancy check, can detect these errors and more, but is slightly more expensive to calculate.


Resiliency

Re addresses a form of network failure known as topological failure in which a communications link is cut, or degrades below usable quality. Most modern communication protocols periodically send messages to test a link. In phones, a framing bit is sent every 24 bits on T1 lines. In phone systems, when "sync is lost", fail-safe mechanisms reroute the signals around the failing equipment.

In packet switched networks, the equivalent functions are performed using router update messages to detect loss of connectivity.

Read More......

IP Fragmentation - Q&A

1. What is meant by IP fragmentation?
   The breaking up of a single IP datagram into two or more IP datagrams of smaller size is called IP fragmentation.

2. Why is an IP datagram fragmented?
   Every transmission medium has a limit on the maximum size of a frame (MTU) it can transmit. As IP datagrams are encapsulated in frames, the size of IP datagram is also restricted. If the size of An IP datagram is greater than this limit, then it must be fragmented.

3. Which RFCs discuss IP fragmentation?
   RFC 791 & RFC 815 discusses about IP datagrams, fragmentation and reassembly.

4. Is it possible to select an IP datagram size to always avoid fragmentation?
   It is not possible to select a particular IP datagram size to always avoid fragmentation, as the MTU for different transmission It is possible, though, for a given path to choose a size that will not lead to fragmentation. This is called Path MTU Discovery and is discussed in the RFC 1191. The TCP transport protocol tries to avoid fragmentation using the Maximum Segment Size (MSS) option.

5. Where an IP datagram may get fragmented?
   An IP datagram may get fragmented either at the sending host or at one of the intermediate routers.

6. Where are the IP datagram fragments reassembled?
   The IP fragments are reassembled only at the destination host.

7. How to prevent an IP datagram from being fragmented?
   A IP datagram can be prevented from fragmentation, by setting the "don't fragment" flag in the IP header.

8. What happens when a datagram must be fragmented to traverse a network, but the "don't fragment" flag in the datagram is set?
   The datagram whose "don't fragment" flag is set is discarded, if it must be fragmented to traverse a network. Also, a ICMP error message is sent back to the sender of the datagram.

9. Will all the fragments of a datagram reach the destination using the same path?
   The different fragments of the same IP datagram can travel in either in the same path or in different paths to the destination.

10. Will all the fragments of a datagram arrive at the destination system in the correct order?
    The different fragments of a single IP datagram can arrive in any order to the destination system.

11. What happens to the original IP datagram when one or more fragments are lost?
    When one or more fragments of an IP datagram are lost, then the entire IP datagram is discarded after a timeout period.

12. What is the minimum size of an IP fragment?
    The minimum size of an IP fragment is the minimum size of an IP header plus eight data bytes. Most firewall-type devices will drop an initial IP fragment (offset 0) that does not contain enough data to hold the transport headers. In other words, the IP fragment normally need 20 octets of data in addition to the IP header in order to get through a firewall if offset is 0.

13. What are the limitations on the size of a fragment?
    The size of an IP datagram fragment is limited by
    1. The amount of remaining data in the original IP datagram
    2. The MTU of the network and
    3. Must be a multiple of 8, except for the final fragment.

14. How is an IP datagram fragment differentiated from a non-fragmented IP datagram?
    A complete IP datagram is differentiated from an IP fragment using the offset field and the "more fragments" flags. For a non-fragmented IP datagram, the fragment offset will be zero and the "more fragments" flag will be set to zero.

15. How are the fragments of a single IP datagram identified?
    The "identification" field in the IP header is used to identify the fragments of a single IP datagram. The value of this field is set by the originating system. It is unique for that source-destination pair and protocol for the duration in which the datagram will be active.

16. How is the last fragment of an IP datagram identified?
    The last fragment of an IP datagram is identified using the "more fragments" flag. The "more fragment" flag is set to zero for the last fragment.

17. How is the length of a complete IP datagram calculated from the received IP fragments?
    Using the fragment offset field and the length of the last fragment, the length of a complete IP datagram is calculated.

18. How is an IP datagram fragmented?
    In the following example, an IP datagram is fragmented into two. This same algorithm can be used to fragment the datagram into 'n' fragments.
    1. The IP layer creates two new IP datagrams, whose length satisfies the requirements of the network in which the original datagram is going to be sent.
    2. The IP header from the original IP datagram is copied to the two new datagrams.
    3. The data in the original IP datagram is divided into two on an 8 byte boundary. The number of 8 byte blocks in the first portion is called Number of Fragment Blocks (NFB).
    4. The first portion of the data is placed in the first new IP datagram.
    5. The length field in the first new IP datagram is set to the length of the first datagram.
    6. The fragment offset field in the first IP datagram is set to the value of that field in the original datagram.
    7. The "more fragments" field in the first IP datagram is set to one.
    8. The second portion of the data is placed in the second new IP datagram.
    9. The length field in the second new IP datagram is set to the length of the second datagram.
    10. The "more fragments" field in the second IP datagram is set to the same value as the original IP datagram.
    11. The fragment offset field in the second IP datagram is set to the value of that field in the original datagram plus NFB.

19. How a destination system reassembles the fragments of an IP datagram?
    
    1. When a host receives an IP fragment, it stores the fragment in a reassembly buffer based on its fragment offset field.
    2. Once all the fragments of the original IP datagram are received, the datagram is processed.
    3. Upon receiving the first fragment, a reassembly timer is started.
    4. If the reassembly timer expires before all the fragments are received, the datagram is discarded.

20. What fields are changed in an IP header due to fragmentation?
    The following IP header fields are changed due to IP fragmentation:
    1. Total Length
    2. Header Length
    3. More Fragments Flag
    4. Fragment Offset
    5. Header Checksum
    6. Options

21. What happens to the IP options field when an IP datagram is fragmented?
    Depending on the option, either it is copied to all the fragments or to only the first fragment.

22. Which IP options are copied to all the fragments of an IP datagram?
    If the most significant bit in the option type is set (i.e. value one), then that option is copied to all the fragments. If it is not set (i.e. value zero), it is copied only to the first fragment.

Read More......

CIDR - Q&A

1. What are the limitations of IPv4 address classes?
   The limitations of IPv4 address classes are:
   1. A large number of IP addresses are wasted because of using IP address classes.
   2. The routing tables will become large. A separate routing table entry is needed for each network resulting in a large number of routing table entries.

2. How a large number of IP addresses are wasted using IPv4 address classes?
   If a network has slightly more number of hosts than a particular class, then it needs either two IP addresses of that class or the next class of IP address. For example, let use say a network has 300 hosts, this network needs either a single class B IP address or two class C IP addresses. If class B address is allocated to this network, as the number of hosts that can be defined in a class B network is (2^16 - 2), a large number of host IP addresses are wasted. If two class C IP addresses are allocated, as the number of networks that can be defined using a class C address is only (2^21), the number of available class C networks will quickly exhaust. Because of the above two reasons, a lot of IP addresses are wasted and also the available IP address space is rapidly reduced.

3. What are the possible solutions to the limitations of IP addressing?
   The possible solutions to the limitation of IPv4 addressing are:
   1. IP version 6 (IPv6) or IP next generation (IPng). This is the latest version of IP. This solves a lot of problems in IPv4. This document doesn't discuss about IPv6.
   2. Classless Inter Domain Routing (CIDR).

4. What is CIDR?
   Classless Inter Domain Routing (CIDR) is a method for assigning IP addresses without using the standard IP address classes like Class A, Class B or Class C. In CIDR, depending on the number of hosts present in a network, IP addresses are assigned.

5. Which RFCs discuss about CIDR?
   RFCs 1517, 1518, and 1519 discusses about CIDR.

6. What is the difference between classful IP addressing and classless IP addressing?
   The difference between classful IP addressing and classless IP addressing is in selecting the number of bits used for the network ID portion of an IP address. In classful IP addressing, the network ID portion can take only the predefined number of bits 8, 16, or 24. In classless addressing, any number of bits can be assigned to the network ID.

7. How is a network ID assigned in a CIDR IP address?
   In CIDR IP addressing, the first 'n' bits of an IP address are assigned to identify the network and the remaining bits are used to identify the host, where the value of 'n' may be between 1 to 31. The value of 'n' depends on the number of hosts in the network.

8. How is an IP address represented in CIDR notation?
   In CIDR notation, an IP address is represented as A.B.C.D /n, where "/n" is called the IP prefix or network prefix. The IP prefix identifies the number of significant bits used to identify a network. For example, 192.9.205.22 /18 means, the first 18 bits are used to represent the network and the remaining 14 bits are used to identify hosts.

9. What are the advantages of CIDR?
   The advantages of CIDR over the classful IP addressing are:
   1. CIDR can be used to effectively manage the available IP address space.
   2. CIDR can reduce the number of routing table entries.

10. How CIDR can be used to effectively manage the IP address space?
    Using CIDR IP addressing, any number of contiguous bits can be assigned to identify networks, depending on the number of hosts it needs to support. This will greatly reduce the number of wasted IP addresses. For example, let us say a network has 900 hosts. If classful IP addressing is used, this network needs 4 class C IP addresses or one class B IP address. If a class B IP address is used, as the maximum number of hosts in a class B network is 65534, a very large number (65534 - 900) of host IP addresses will be wasted. As the number of class C IP networks is limited (2097152), it is not preferable to assign 4 class C IP addresses to this network. On the other hand, if CIDR is used, then this network can be assigned an IP address with a network prefix of 22 (i.e. /22). This means, 10 bits are available for hosts, resulting in 1024 available host IP addresses, satisfying the exact requirements of the network. So CIDR the IP address space can be effectively used.

11. How CIDR reduces the number of entries in a routing table?
    Using classful IP addressing, a separate entry is needed in the routing table of a router for each network. This results in a routing table with a large number of entries due to the existence of a large number of networks. As each router has its own limitation, this large routing table will lead to reduced performance and eventual breakdown of the router. If CIDR addressing is used, a single entry can be used to represent a group of networks. This will reduce the number of entries in the router. This is known as route aggregation. The routes for the individual networks will be present in another router down the path. Each entry in the router will have a network prefix associated with it. The network prefix is used to identify the correct network from the given IP address.

12. Will CIDR completely eliminate IP address crunch problem?
    No. Even using CIDR, all the available IP addresses will get used at some point in time. The final solution to this problem is to use the next version of IP (IPv6).

Read More......

IP Subnetting - Q&A

1. What is an IP sub-network?
   A single IP class A, B, or C network is further divided into a group of hosts to form an IP sub-network.

2. What is the use of sub-networks?
   Sub-networks are created for manageability, performance, and security of hosts and networks and to reduce network congestion.

3. Which RFC specifies IP subnetwork addressing?
   RFC 950 specifies IP subnetwork addressing protocol.

4. How sub-networks are formed?
   The host ID portion of an IP address is further divided into a sub-network ID part and a host ID part. The sub-network ID is used to uniquely identify the different sub-networks within a network.

5. What is a subnet mask?
   Subnet mask is a 4 byte (32 bit) number used to identify the sub-network ID and the host ID from an IP address. All the hosts in a sub-network will have the same subnet mask. E.g. 255.255.255.0, 255.255.127.0, 255.255.0.0

6. How a host determines its subnet mask?
   A host determines its subnet mask during the boot-up sequence either from a configuration file stored in the local hard disk or from a server in the network using a network protocol like BOOTP, ICMP.

7. How is a subnet mask formed?
   For all the bits in the IP address which are used to represent the network ID, and the sub-network ID, the corresponding bits in the subnet mask will be one. For all the bits in the IP address which are used to represent the host ID, the corresponding bit in the subnet mask will be zero. For example, if the first two bytes of the IP address are used to represent the network (class B address) and the third byte is used to represent the sub-network, and the last byte is used to represent the host, then the subnet mask will be 255.255.255.0

8. Why a host needs to know about its subnet mask?
   When a host "A" needs to communicate with another host "B", it must know whether host "B" is in the same network or in a different network. If the host "B" is in the same network then host "A" can send the datagram directly to host "B". But if the host B is in a different network, then host "A" must send the datagram to a proper router. By determining the network class of the IP address of host "B", host "A" can determine whether host "B" is in the same network or in a different network. By using the subnet mask host "A" can find out whether host "B" is in the same subnet or in a different subnet.

9. How to determine to the network ID, sub-network ID and the host ID, given the IP address and the subnet mask?
   The network class (A or B or C) of a given IP address can be easily determined by looking at the value of the first 4 bits of the first byte. From the network class, the number of bytes used to represent the network can be determined and hence the network ID can be determined. By performing a "AND" logical operation of the IP address and the subnet mask, the sub-network ID can be determined. In the value resulting from the "AND" operation, by removing the bytes used for the network ID, the remaining bits for which the corresponding bit in the subnet mask is one, represents the sub-network ID.

10. Is it possible to form a subnet mask by using bits in non-contiguous positions in the IP address?
    Yes. It is possible to use non-contiguous bits in the host portion of an IP address to form the subnet field according to the standard. Only contiguous fields are usually used to form a subnet field.

11. Is it possible to determine whether the network is subnetted by using the IP address of a host alone?
    No. It is not possible to determine whether a network is subnetted just by using the IP address alone. The subnet mask is needed to determine this.

12. Is it necessary for hosts in a network "M" to know about the subnetworks in another network "N" to communicate with hosts in that network?
    No. Subnetworks in one network are transparent to hosts in another network.
    
    Example 1:
    For example, let us say the IP address is 100.24.124.27 and the subnet mask is 255.255.0.0. As the most significant bit in the first byte of the IP address is zero, this is a Class A IP address. Therefore, the first byte represents the network ID. In this case, the network ID is 100. The result of a logical AND operation between the IP address and the subnet mask is 100.24.0.0. In this value, the first byte represents the network ID. For all the remaining one bit in the subnet mask, the corresponding bit in the IP address, represents the sub-network ID. In this case it is 24. The remaining bits in the IP address represent the host ID. In this case it is 124.27.

    Example 2:
       IP Address: 187.199.127.5
       Sub-net mask: 255.255.255.0
    
       Network Class: B
       Network ID: 187.199
       Result of logical AND operation: 187.199.127
       Sub-network ID: 127
       Host ID: 5
    
    Example 3:
       IP Address: 187.199.127.5
       Sub-net mask: 255.255.240.0
    
       Network Class: B
       Network ID: 187.199
       Result of logical AND operation: 187.199.112.0
       Sub-network ID: 112
       Host ID: 15.5
    
    Example 4:
       IP Address: 187.199.127.5
       Sub-net mask: 255.255.128.0
    
       Network Class: B
       Network ID: 187.199
       Result of logical AND operation: 187.199.0.0
       Sub-network ID: 0
       Host ID: 127.5
    

13. What are the possible values for a sub-net mask?
    All the possible values for a sub-net mask are shown below:
    

            255.128.0.0
           255.192.0.0
           255.224.0.0
           255.240.0.0
           255.248.0.0
           255.252.0.0
           255.254.0.0
           255.255.0.0
           255.255.128.0
           255.255.192.0
           255.255.224.0
           255.255.240.0
           255.255.248.0
           255.255.252.0
           255.255.254.0
           255.255.255.0
           255.255.255.128
           255.255.255.192
           255.255.255.224
           255.255.255.240
           255.255.255.248
           255.255.255.252
    

14. What are the two types of subnetting?
    The two types of subnetting are:
    1. Static length
    2. Variable length

15. What is 'Static Length' subnetting?
    If all the subnetworks in a single network use the same subnet mask, it is called as 'Static Length' subnetting.

16. What is 'Variable Length' subnetting?
    If the different subnetworks in a single network use different subnet masks, it is called as 'Variable Length' subnetting.

17. What is the disadvantage in using 'Static Length' subnetting?
    In the case of a 'Static Length' subnetwork, irrespective of the number of hosts in the subnetwork, a single subnet mask is used for all the subnetworks. Because of this, a large number of IP addresses will be wasted. For example, let us say, we have a class C IP network address 192.9.205.0 subnetted using a subnet mask 255.255.255.192. The total number of possible subnetworks is 4 and the total number of possible hosts per subnetwork is 32. Even if a subnetwork has just 4 hosts, it will be allocated the above subnetwork IP address, in this case 28 host IP addresses will be wasted.

18. What is the advantage in using 'Static Length' subnetting?
    It is easy to configure a network using 'Static Length' subnetting. In addition, native IP routing understands only static subnetting.

19. What is the advantage is using 'Variable Length' subnetting?
    In the case of 'Variable Length' subnetwork, IP addresses are allocated depending on the number of hosts present in the subnetwork. So available host IP addresses are efficiently used and are not wasted.

20. What is the disadvantage in using 'Variable Length' subnetting?
    All the routers in a 'Variable Length' subnetted network must understand this type of subnetting.

21. What are the special subnetwork IP addresses?
    The subnet addresses in which all the bits are zero or one are special subnet IP addresses. The subnet address in which all the bits are zero, represents the local subnetwork in which the datagram originated. The subnet address in which all the bits are one represents a subnet broadcast address. In the broadcast address, all the other bits including the network and host ID must be one.

Read More......

IP Addressing - Q&A

1. What is an IP address?
   IP address is an network layer protocol address for a host in a TCP/IP network.

2. What is the use of an IP address?
   IP address is used to uniquely identify each host in a network. IP address is needed in order to communicate with other hosts in the network using the TCP/IP suite of protocols.

3. Which version of IP is covered by this document?
   This document covers IP version 4.

4. Which RFC specifies the IP address standard?
   RFC 1166 specifies the IP Version 4 address format.

5. How a host determines its IP address?
   A host determines its IP address during the boot-up process either from a configuration file stored in the local hard disk of the system or using a network protocol like RARP, DHCP, BOOTP from the servers in the network.

6. Is there any relation between the MAC address and IP address of a host?
   No. There is no relation between the MAC address and the IP address of a host.

7. Can a single network interface have more than one IP address associated with it?
   Yes. It is possible to associate more than one IP address to a single network interface. This is discussed in detail in RFC 1122.

8. What is the difference between a host name and an IP address?
   A host name is used to identify a host by human beings and higher level user applications. But IP protocol uses only IP addresses to identify a host in the network. A host-name is provided just as a convenience for users of the network and higher level applications.

9. How a host name is resolved to the corresponding IP address?
   A host name is resolved to the corresponding IP address either from a configuration file stored in the local machine or using a network protocol like DNS or WINS from a server in the network.

10. What is the size of an IP address?
    The size of an IP address is 32 bits (4 bytes).

11. How an IP address is represented?
    The following notation is used to represent an IP address. This notation is called the dotted decimal format: M.N.O.P, where M, N, O and P represent the first, second, third and fourth bytes of an IP address respectively. The size of each byte is 8 bits and the value of each byte can be from 0 to 255. For example, 192.9.205.21 is an IP address.

12. What are the components of an IP address?
    A IP address consists of the following components: Network ID and Host ID. For example, in the IP address 192.9.205.21, the network ID is 192.9.205 and the host ID is 21.

13. What is a network ID?
    A network ID uniquely identifies a network. All the hosts in a single network will have the same network ID. For example, in the IP address 192.9.205.21, the network ID is 192.9.205. A router analyses only the network ID portion of an IP address for datagram forwarding.

14. What is a host ID?
    A host ID uniquely identifies a host in a network. Two hosts in two different networks can have the same host ID. For example, in the IP address 192.9.205.21, the host ID is 21.

15. What is a unicast IP address?
    A unicast IP address is an IP address uniquely identifying a host in a network. The datagram with a unicast IP address is received and processed by only a single host. For example, the IP address 192.9.205.21 is a unicast IP address.

16. What is a multicast IP address?
    A multicast address is an IP address identifying a particular group of hosts in network. This group of hosts is called a multicast group. For example, the IP address 225.2.100.1 is a multicast IP address.

17. What is a broadcast IP address?
    The datagram with a broadcast IP address is received and processed by all the hosts in the local network. For example, the IP addresses 255.255.255.255, 192.9.205.255, 180.10.255.255, 10.255.255.255 are broadcast IP addresses.

18. How IP addresses are classified?
    IP addresses are classified based on the number of bytes allocated to the Network ID and the Host ID in an IP address.

19. What is the use of classifying IP addresses?
    IP addresses are classified so that networks and hosts can be easily managed.

20. What are the different classes of IP addresses?
    IP addresses are classified into the following classes:
    1. Class A
    2. Class B
    3. Class C
    4. Class D
    5. Class E

21. How to determine the class of an IP address?
    The class of an IP address can be determined from the first four bits of the first byte of the IP address.

22. How many bytes does each Class of IP address use to represent network and host IDs?
    The number of bytes used by each network Class to represent the network and host are shown below:

        +----------+----------------+----------------+
      |IP Address| Bytes used for | Bytes used for |
      |Class     | Network ID     | Host ID        |
      +----------+----------------+----------------+
      | Class A  |       1        |       3        |
      | Class B  |       2        |       2        |
      | Class C  |       3        |       1        |
      | Class D  |       -        |       -        |
      | Class E  |       -        |       -        |
      +----------+----------------+----------------+
    

23. What is the format of the various IP address classes?
    The format of the different IP address classes is shown below:

        +----------+-------------------------------------+
      |IP Address| IP Address format                   |
      |Class     |                                     |
      +----------+-------------------------------------+
      | Class A  | 0NNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH |
      | Class B  | 10NNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH |
      | Class C  | 110NNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH |
      | Class D  | 1110MMMM.MMMMMMMM.MMMMMMMM.MMMMMMMM |
      | Class E  | 1111RRRR.RRRRRRRR.RRRRRRRR.RRRRRRRR |
      +----------+-------------------------------------+
    

    In the above table,
    N denotes the network ID bits,
    H denotes the host ID bits,
    M denotes the multicast address bits and
    R denotes reserved bits.
    

24. How many number of networks and hosts can be represented using the IP address classes?
    The maximum number of networks and hosts that can be represented using the various IP address classes is shown below in the table:

        +----------+----------------+---------------------+
      |IP Address| Maximum number | Maximum number of   |
      |Class     | of networks    | hosts per network   |
      +----------+----------------+---------------------+
      | Class A  | 126 (2^7 - 2)  | 16777214 (2^24 - 2) |
      | Class B  | 16384 (2^14)   | 65534 (2^16 - 2)    |
      | Class C  | 2097152 (2^21) | 254 (2^8 - 2)       |
      | Class D  |     -          |         -           |
      | Class E  |     -          |         -           |
      +----------+----------------+---------------------+
    

    In the above table,
    1. The numbers are calculated using the number of bits used to represent the network ID and host ID.
    2. The maximum number of networks for Class A IP address is reduced by 2 to account for the reserved network IP address 0.xxx.xxx.xxx and 127.xxx.xxx.xxx
    3. The maximum number of hosts for all the classes is reduced by 2 to account for the reserved host IP address in which all the host ID address bits are either one or zero.

25. What is the possible range of IP addresses for the different classes?
    

        +----------+-----------------------------------+
      |IP Address| Possible range of IP address      |
      |Class     |                                   |
      +----------+-----------------------------------+
      | Class A  | 0.0.0.0   through 127.255.255.255 |
      | Class B  | 128.0.0.0 through 191.255.255.255 |
      | Class C  | 192.0.0.0 through 223.255.255.255 |
      | Class D  | 224.0.0.0 through 239.255.255.255 |
      | Class E  | 240.0.0.0 through 247.255.255.255 |
      +----------+-----------------------------------+
    

26. What kind of networks use a Class A or Class B or Class C IP address typically?
    Class A IP address is used for a network with large number of hosts. Class C IP address is used for a network with less number of hosts. Class B IP address is used for a network with medium number of hosts.

27. What is the use of Class D IP addresses?
    The Class D IP addresses are used for multicasting.

28. What is the use of Class E IP addresses?
    The Class E IP addresses are reserved for experimental purpose.

29. How to decide which class of IP address to use for a particular network?
    The class of IP address to use for a particular network depends on the maximum number of hosts in the network. For example, if the maximum number of hosts in a network will be less than 254 hosts, then a Class C IP address can be used for the network. If the maximum number of hosts in a network will be greater than 254 hosts but less than 65534, then a Class B network can be used.

30. Does the maximum number of hosts in a network, restrict the class of IP address that can be used for the network?
    No. Any possible class of IP address can be used to represent a network. For example, if a network has 200 hosts, it can use either a class A or class B or class C IP address.

Read More......

Internet Protocol - Q&A

1. What is IP?
   Internet Protocol (IP) is an unreliable, best effort delivery, connection-less protocol used for transmitting and receiving data between hosts in a TCP/IP network.

2. To which OSI layer does IP belong?
   IP belongs to the Network Layer (layer 3) in the OSI model.

3. Which RFC discusses IP?
   RFC 791 discusses about the IP protocol version 4.

4. Which version of IP is discussed in this document?
   IP version 4 (IPv4) is discussed in this document.

5. What do you mean by IP is an unreliable protocol?
   IP is a unreliable protocol because it does not guarantee the delivery of a datagram to its destination. The reliability must be provided by the upper layer protocols like TCP. IP does not support flow control, retransmission, acknowledgement and error recovery.

6. What do you mean by IP is a best-effort protocol?
   IP is a best-effort protocol, because it will make every effort to always transmit a datagram and also datagrams will not be just discarded. However, the delivery of the datagram to the destination is not guaranteed.

7. What do you mean by IP is a connection-less protocol?
   IP is a connection-less protocol because it does not maintain state information about the connection to a destination host. Each datagram is handled independent of other datagrams and also each datagram may reach the destination through different network routes.

8. What is the role of IP in the TCP/IP protocol suite?
   IP is used for
   1. Transmitting data from higher-level protocols like TCP, UDP in IP datagrams, from one host to another host in the network.
   2. Identifying individual hosts in a network using an IP address.
   3. Routing datagrams through gateways and
   4. Fragmenting and reassembling datagrams based on the MTU of the underlying network.

9. What is an IP Datagram?
   An IP datagram is a basic unit of information used by the IP layer to exchange data between two hosts. A IP datagram consists of an IP header and data.

10. How higher-level data is carried by IP to a destination host?
    The data from higher-level protocols like TCP, UDP is encapsulated in an IP datagram and transmitted to the destination host. IP will not modify the higher-level data.

11. What is the minimum and maximum size of an IP datagram?
    The minimum size of an IP datagram is 576 bytes and the maximum size is 65535 bytes.

12. What is the minimum and maximum size of an IP datagram header?
    The minimum size of an IP datagram header is 20 bytes. The maximum IP datagram header size is 60 bytes.

13. Is there a limitation on the minimum size of a IP datagram a network can handle?
    Yes. All IP networks must be able to handle datagrams of at least 576 bytes in length.
14. What is the byte order used for transmitting datagram headers in the TCP/IP protocol suite?
    All the datagram headers in the TCP/IP protocol suite are transmitted in the "big endian" byte order. i.e. The most significant byte is transmitted first. This is also called as "network byte order".

15. Why there are two length fields (IP header length, IP datagram length) in the IP header?
    The size of the IP header is not fixed. Depending on the IP options present, the size of the IP header will vary. A separate field for the IP header length is added, so that the destination system can separate the IP datagram header from the payload.

16. How is the value for datagram identifier calculated?
    The IP datagram identifier is just a sequence number assigned by the transmitting host. The algorithm for assigning value to this field is not specified by the IP protocol.

17. What is the use of datagram identifier field?
    The IP datagram identifier field is used to uniquely identify and assemble the different fragments of an IP datagram.

18. Is the datagram identifier field unique for each IP datagram?
    Yes. The IP datagram identifier field is different for each IP datagram transmitted. The fragments of an IP datagram will have the same identifier value.

19. What is the use of Type Of Service field in the IP header?
    The Type Of Service (TOS) field is used TCP to describe the desired quality of service for an IP datagram by upper layer protocols like TCP. This field can be used to specify the nature and priority of a IP datagram (like Network Control, Immediate, Critical, etc) and the criteria for selecting a path for forwarding a datagram by a gateway.

20. What are the different types of criteria can be specified using the TOS field?
    The different types of criteria that can be specified by the TOS field in an IP datagram are:
    1. Minimize delay,
    2. Maximize throughput
    3. Maximize reliability
    4. Minimize cost and
    5. Normal service.

21. Which RFC discusses the Type Of Service (TOS) field?
    RFC 1349 discusses the Type Of Service (TOS) field.

22. What is the use of the Time To Live (TTL) field in the IP header?
    The TTL field is used to limit the lifetime of a IP datagram and to prevent indefinite looping of IP datagrams.

23. How is the TTL field used to prevent indefinite looping of IP datagrams?
    The TTL field contains a counter value set by the source host. Each gateway that processes this datagram, decreases the TTL value by one. When the TTL value reaches zero, the datagram is discarded.

24. What is the typical value for the TTL field?
    The typical value for a TTL field is 32 or 64.

25. When is a datagram considered undeliverable?
    If a datagram cannot be delivered to the destination host due to some reason, it is considered an undeliverable datagram.

26. How a datagram becomes an undeliverable datagram?
    A datagram may become undeliverable, if
    1. The destination host is down.
    2. The route for the destination host is not found.
    3. A network in the route to the destination host is down.
    4. The Time To Live (TTL) value of the datagram becomes zero.

27. What happens to an undeliverable datagram?
    An undeliverable datagram is discarded and an ICMP error message is sent to the source host.

28. Is it possible for an IP datagram to be duplicated?
    Yes. A host may receive the same copy of an IP datagram twice. It is upto the higher layer protocols to discard the duplicate copy of the datagram.

29. Which part of the IP datagram is used for calculating the checksum?
    The checksum field in the IP header covers only the IP header. The payload data is not used for calculating this checksum.

Read More......

ARP - Q&A

# What is ARP?
Address Resolution Protocol (ARP) is a network protocol, which maps a network layer protocol address to a data link layer hardware address. For example, ARP is used to resolve IP address to the corresponding Ethernet address.

# To which OSI layer does ARP belong?
ARP belongs to the OSI data link layer (Layer 2). ARP protocol is implemented by the network protocol driver. ARP packets are encapsulated by Ethernet headers and transmitted.

# Which RFC specify the requirements for ARP?
RFC 826 specifies the ARP packet format and other details.

# What is the use of ARP?
A host in an Ethernet network can communicate with another host, only if it knows the Ethernet address (MAC address) of that host. The higher level protocols like IP use a different kind of addressing scheme (like IP address) from the lower level hardware addressing scheme like MAC address. ARP is used to get the Ethernet address of a host from its IP address. ARP is extensively used by all the hosts in an Ethernet network.

# Why a IP address needs to be mapped to a MAC address, why can't the MAC address itself is represented using the IP address?
The length of a MAC address is 6 bytes and the length of an IP address is 4 bytes. Obviously, the MAC address cannot be represented using the IP address. So an IP address must be mapped to the corresponding MAC address.

# Can ARP be used in a network other than Ethernet?
ARP is a general protocol, which can be used in any type of broadcast network. The fields in the ARP packet specifies the type of the MAC address and the type of the protocol address. ARP is used with most IEEE 802.x LAN media. In particular, it is also used with FDDI, Token Ring, and Fast Ethernet, in precisely the same way as it is with Ethernet.

# How does ARP resolve an IP address to an Ethernet MAC address?
When ARP needs to resolve a given IP address to Ethernet address, it broadcasts an ARP request packet. The ARP request packet contains the source MAC address and the source IP address and the destination IP address. Each host in the local network receives this packet. The host with the specified destination IP address, sends an ARP reply packet to the originating host with its IP address.

# What is an ARP cache?
ARP maintains the mapping between IP address and MAC address in a table in memory called ARP cache. The entries in this table are dynamically added and removed.

# When is an ARP request packet generated?
The following steps results in the generation of an ARP request packet:

1. The IP module sends a packet, destined for another host in the network, to the ARP module.
2. The ARP module looks up the ARP table (cache) to resolve the IP address.
3. If the supplied IP address is present in the ARP cache, it is resolved into its Ethernet address.
4. If the ARP module is not able to find an entry for this IP address in the ARP cache, then it sends an ARP request packet to the Ethernet driver, to resolve the IP address to the Ethernet address.
5. After the IP address is resolved by the ARP module, the packet is sent to the Ethernet driver for transmission.

# What happens when a host receives an ARP request packet?
The ARP request is received and processed by all the hosts in the network, since it is a broadcast packet. The following steps are carried out when a ARP request packet is received by a host:

1. If the IP address to be resolved is for this host, then the ARP module sends an ARP reply packet with its Ethernet MAC address.
2. If the IP address to be resolved is for this host, then the ARP module updates its ARP cache with the source Ethernet MAC address to source IP address mapping present in the ARP request packet. If the entry is already present in the cache, it is overwritten. If it is not present, it is added.
3. If the IP address to be resolved is not for this host, then the ARP module discards the ARP request packet.

# Will a host update its ARP cache upon receiving any ARP request?
A host will update its ARP cache, only if the ARP request is for its IP address. Otherwise, it will discard the ARP request.

# What is the disadvantage if a host updates its ARP cache upon receiving any ARP request?
The host will exhaust the ARP cache with a lot of unused ARP entries, if it updates the ARP cache for any ARP request.

# What happens when a host receives an ARP reply packet?
The ARP reply packet is received only by the host, which transmitted the ARP request packet. The ARP module adds the Ethernet hardware address to IP address mapping present in the ARP reply packet to the ARP cache.

# Is there a separate packet format for ARP request and ARP reply?
No. Both the ARP request and ARP reply packets use the same format.

# Which MAC address is an ARP request directed to?
All ARP request packets are transmitted with the Ethernet broadcast address, so that all hosts in the network will receive the request.

# To which MAC address is an ARP reply packet directed to?
ARP reply packet is directed to the host, which transmitted the ARP request packet.

# If a host is not able to get the MAC address of a host, how it knows about its IP address?
A host will either use a static file like /etc/hosts or DNS protocol to get the IP address of another host.

# What will happen if an ARP reply is not received for an ARP request?
If an ARP reply is not received, then that IP address cannot be resolved to an Ethernet address. Without a Ethernet address, the packets cannot be transmitted.

# When is an entry added to the ARP cache?
A new entry is added to the ARP cache when an IP address is successfully mapped to a MAC address. Usually, entries are added dynamically to the ARP cache. Static entries can also be added.

# What will happen if a new ARP request packet is received, but the MAC address to IP address is already present in the ARP cache?
If a ARP request packet is received and the mapping already exists in the ARP cache, it will be overwritten with the values present in the request.

# When is an entry removed from an ARP cache?
An entry in an ARP cache is removed after a pre-determined timeout period (e.g. 20 minutes).

# What is the size of an ARP request and reply packet?
The size of an ARP request or reply packet is 28 bytes.

# How to differentiate between a ARP request packet and a ARP reply packet, as the Ethernet type field is same on both the packets?
An ARP request packet can be differentiated from an ARP reply packet using the 'operation' field in the ARP packet. For a ARP request it is 1 and for an ARP reply it is 2.

# Why is the hardware MAC address present in both the Ethernet header and the ARP packet (request and reply)?
The Ethernet header is processed by the data link driver and removed from the packet. When the ARP layer gets the packet, it needs to know the hardware and protocol addresses in order to update the table. That is why the hardware MAC address is present in both the Ethernet header and the ARP packet.

# What is proxy ARP?
Proxy ARP is the process in which one system responds to the ARP request for another system. For example, host A sends an ARP request to resolve the IP address of host B. Instead of Host B, Host C responds to this ARP request.

# What is the use of proxy ARP?
When routers receive ARP requests from one network for hosts on the network, they will respond with a ARP reply packet with their MAC address. For example, let us say host A is in one network, host B is in another network and router C connects these two networks. When host A sends an ARP request to resolve the IP address of host B, the router C receives this packet. The router C sends an ARP reply with its MAC address. So host A will send all the packets destined for host B to the router C. Router C will then forward those packets to host B. Proxy ARP is also used if a host in a network is not able to understand subnet addressing. For example, if host A and host B are actually in two different subnets, but host A cannot understand subnet addressing. So host A assumes that host B is present in the same network. In this case a router, host C, can use proxy ARP to route packets between host A and host B.

# What is gratuitous ARP?
When a host sends an ARP request to resolve its own IP address, it is called gratuitous ARP. In the ARP request packet, the source IP address and destination IP address are filled with the same source IP address itself. The destination MAC address is the Ethernet broadcast address (FF:FF:FF:FF:FF:FF).

# What is the use of gratuitous ARP?
Gratuitous ARP is used for the following:

1. In a properly configured network, there will not be an ARP reply for a gratuitous ARP request. But if another host in the network is also configured with the same IP address as the source host, then the source host will get an ARP reply. In this way, a host can determine whether another host is also configured with its IP address.
2. When the network interface card in a system is changed, the MAC address to its IP address mapping is changed. In this case, when the host is rebooted, it will send an ARP request packet for its own IP address. As this is a broadcast packet, all the hosts in the network will receive and process this packet. They will update their old mapping in the ARP cache with this new mapping.

Read More......

Ethernet - Q&A

# What is Ethernet?
Ethernet is a Local Area Network (LAN) cabling and signaling specification for baseband networks. Ethernet uses a bus or star topology for connecting different nodes in a network.

# To which OSI layer does Ethernet belong?
Ethernet belongs to both the Physical Layer (Layer 1) and the Data Link layer (Layer 2) in the OSI architecture.

# What are the standard data rates for Ethernet?
The standard data rates for Ethernet are 10 Mbps, 100 Mbps, and 1 Gbps

# How two systems in an Ethernet network communicate?
In a Ethernet network, a system broadcasts the data using a Ethernet frame. The destination system is specified in the Ethernet frame using its Ethernet address. All the systems in the network listen for an Ethernet frame with their Ethernet address in it. When a system receives an Ethernet frame with its address in it, it processes the frame and sends it to the higher layers (like IP) for further processing.

# What is a "collision"?
At any one instance, in an Ethernet network, only one device can transmit. If two devices transmit at the same instance, then the signals from both devices will collide and a "collision" will occur. When a "collision" occurs, the signals will get distorted and the frame will be lost. Collisions are very common in a Ethernet network.

# How is "collision" handled in Ethernet networks?
Ethernet uses the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) media access control mechanism to detect and recover from a collision.

# What is CSMA/CD?
CSMA/CD is a media access control mechanism used in Ethernet to recover from frame collision. The following steps are followed to recover from a collision.

Step 1: Before an Ethernet device sends a frame on the Ethernet cable, it listens to find if another device is already transmitting a frame (Carrier Sense).
Step 2: Once the device finds that other devices are not transmitting any frame, it starts transmitting the frame. If two devices detect that the Ethernet cable is free at the same time, then both will start transmitting the frames (Multiple Access). This will result in collision.
Step 3: The Ethernet devices while transmitting the frames, also listen for the collision. (Collision Detect).
Step 4: If they detect a collision, both the devices stop sending the frame (back off).
Step 5: They retry the transmission after a logarithmic time-out period. This process is repeated till the frame is transmitted successfully, for a maximum of 16 times. The frame is discarded after the 16th retry.

# What is "late collision"?
An Ethernet device will detect a collision, while it is transmitting, only if the collision reaches it before it completes transmitting the entire frame. If the collision reaches the transmitter, after it completed sending the entire frame, then the transmitter will not detect the collision, it will assume the collision occurred because of some other frame. This is called "late collision". Late collision will occur, if the length of the Ethernet network segment is greater than the standard allowed length.

# How "late collision" is avoided in Ethernet?
Late collision can be avoided, if the maximum length of the Ethernet network segment is restricted, such that if a collision occurs, it will reach the transmitter before the transmitter completed transmitting the entire frame. In a typical 10 Mbps network, the minimum length of an Ethernet frame is 576 bits (72 bytes) and the maximum length of a single Ethernet network segment is 2.5 kms.

# What is an Ethernet address?
Each device in an Ethernet network is uniquely identified by a 48 bit (6 bytes) address called Ethernet address. Ethernet address is also known as Media Access Control (MAC) address. Ethernet addresses are represented as six pairs of hexadecimal digits separated by a colon. Ethernet address are buried in the network adapter by the manufacturer. A Ethernet address of a device cannot be changed. Example: 00:60:08:11:B1:AB, 00:00:c0:5e:83:0e

# What is a broadcast address?
The Ethernet address in which all the bits are 1 is known as a broadcast address. It is represented as FF:FF:FF:FF:FF:FF. A frame with this address is received and processed by all the nodes in the network.

# What are the different Ethernet frame formats?
The different Ethernet frame formats are listed below: Ethernet II and IEEE 802.3

# Why there are different Ethernet frame formats?
Xerox developed the first version of Ethernet, Ethernet I. The second version of Ethernet, Ethernet II, was developed by DEC, Intel and Xerox. After this the Ethernet was standardized by IEEE and the new format is known as 802.3 format. To provide backward compatibility with Ethernet II, 802.2 SNAP format was developed.

# How is the length of an Ethernet II frame calculated?
The length of an Ethernet II frame is not present in the frame itself. It depends on the Ethernet network interface used. When the interface sends a frame to the network device driver, it supplies the length of the received frame.

# What is the minimum and maximum size of an Ethernet frame?
The minimum size of an Ethernet frame is 64 bytes. The breakup of this size between the fields is: Destination Address (6 bytes) + Source Address (6 bytes) + Frame Type (2 bytes) + Data (46 bytes) + CRC Checksum (4 bytes). The minimum number of bytes passed as data in a frame must be 46 bytes. If the size of the data to be passed is less than this, then padding bytes are added. The maximum size of an Ethernet frame is 1518 bytes. The breakup of this size between the fields is: Destination Address (6 bytes) + Source Address (6 bytes) + Frame Type (2 bytes) + Data (1500 bytes) + CRC Checksum (4 bytes). The maximum number of bytes of data that can be passed in a single frame is 1500 bytes.

# What is a SAP?
SAP, Service Access Point, is the logical point at which services are provided by an OSI layer. Typically, the protocols in the network layer (like IP) bind at specific SAP in the Logical Link Control Layer( LLC) for accessing the services provided by it.

# Why Sub Network Access Protocol (SNAP) header is required?
The 802.2 LLC header replaces the 'protocol type' of the Ethernet II format with two SAP fields, Source SAP and Destination SAP. The value of the SAP field in the 802.2 header is equivalent to the 'protocol type' field in the Ethernet II header. The value of the SAP field will be between 1 and 255, since it is an 8 bit field. On the other hand, the 'protocol type' value for the standard protocols like IP, ARP, etc is grater than 1500. Obviosuly, these values cannot be represented in the SAP fields. So to provide compatibility with Ethernet II, SNAP header was added to the 802.2 LLC header. In a SNAP frame, both the SAP values will be 0xAA and the first 5 bytes of the data will give the protocol ID. Out of the 5 bytes of data, the last 2 bytes are same as the protocol type field of the Ethernet II frame. The first 3 bytes are called as 'Organizationally Unique Identifer' (OUI) and are allocated as a vendor identifier. Typically, OUI will be zero.

# What are the values for SSAP, DSAP, control and org fields in a 802.2 SNAP frame?

+-------+-----+
|Field |Value|
+-------+-----+
|SSAP |0xAA |
|DSAP |0xAA |
|Control|3 |
|OUI |0 |
+-------+-----+

# How to differentiate between an 802.3 frame and an Ethernet II frame?
The value of 'length' field in an 802.3 frame must be less than 1500 and in a Ethernet II frame the value of 'type' field must be more than 1500. Since the 802.3 frame 'length' field and the Ethernet II frame 'type' field are at the same offset from the header, depending on the value present, the frame can be differentiated.

# What is promiscuous mode?
Normally, a Ethernet network interface will pass a frame to the above network layers only if it is addressed to that interface. If the network interface is put in the promiscuous mode, the Ethernet network interface will send all the frames (frames addressed to any host in the network), regardless of their destination address to the above network layers. This mode is used by network analyzers to capture all the frames.

# What is MTU?
Maximum Transmission Unit (MTU) is the maximum number of bytes that can be transmitted in a single transmission unit. Every communication medium has a MTU. For Ethernet, the MTU of a frame is 1500.

Read More......

Reverse Address Resolution Protocol (RARP) - Q&A

What is RARP?
Reverse Address Resolution Protocol (RARP) is a network protocol used to resolve a data link layer address to the corresponding network layer address. For example, RARP is used to resolve a Ethernet MAC address to an IP address.

To which OSI layer does RARP belong?
RARP belongs to the OSI data link layer (layer 2).

Which RFC specifies the requirements for RARP?
RFC 903 specifies the RARP packet format and other details.

Why is RARP needed?
Normally, the IP address of a system is stored in a configuration file in the local disk. When the system is started, it determines its IP address from this file. In the case of a diskless workstation, its IP address cannot be stored in the system itself. In this case, RARP can be used to get the IP address from a RARP server.

What is a RARP server?
All the mappings between the hardware MAC addresses and the IP addresses of the hosts are stored in a configuration file in a host in the network. This host is called the RARP server. This host responds to all the RARP requests.

Where is the mapping between the MAC address and IP addresses stored in a RARP server?
The mapping between MAC addresses and IP addresses is usually stored in a configuration file in the local hard disk in the RARP server.

Can RARP be used in a network other than Ethernet?
Yes. RARP is a general protocol, which can be used to map any type of hardware MAC address to any type of network layer protocol address.

How does RARP resolve an Ethernet MAC address to an IP address?
When a diskless system is booted up, it broadcasts a RARP request packet with its MAC address. This packet is received by all the hosts in the network. When the RARP server receives this packet, it looks up this MAC address in the configuration file and determines the corresponding IP address. It then sends this IP address in the RARP reply packet. The diskless system receives this packet and gets its IP address.

When is a RARP request packet generated?
A RARP request packet is usually generated during the booting sequence of a host. A host must determines its IP address during the booting sequence. The IP address is needed to communicate with other hosts in the network.

What happens when a RARP server receives a RARP request packet?
When a RARP server receives a RARP request packet it performs the following steps:
The MAC address in the request packet is looked up in the configuration file and mapped to the corresponding IP address.
If the mapping is not found, the packet is discarded.
If the mapping is found, a RARP reply packet is generated with the MAC and IP address. This packet is sent to the host, which originated the RARP request.

What happens when a host receives a RARP reply packet?
When a host receives a RARP reply packet, it gets its IP address from the packet and completes the booting process. This IP address is used for communicating with other hosts, till it is rebooted.

What is the length of a RARP request and reply packet?
The length of a RARP request or a RARP reply packet is 28 bytes.



Does RARP use the same packet format as ARP?
Yes. RARP uses the same packet format as ARP.

How is a RARP packet differentiated from an ARP packet?
The frame type in the Ethernet header is used to differentiate a RARP packet from an ARP packet. The value of the opcode field in the RARP header can also be used.

Is the format of a RARP request packet the same as that of a RARP reply packet?
Yes. The packet format of a RARP request packet is same as that of a RARP reply packet.

How is a RARP request differentiated from a RARP reply packet?
The 'operation' field in the RARP packet is used to differentiate between a RARP request and a RARP reply packet.

What are the values for the source and destination IP address fields in a RARP request packet?
In an RARP request packet, the source and destination IP address values are undefined.

What are the values for the source and destination IP address values in a RARP reply packet?
In a RARP reply packet, the source IP address is the IP address of the RARP server responding to the RARP request and the destination IP address is the IP address of the host that sent the RARP request.

Do all the hosts in a network process a RARP packet?
Since a RARP request packet is a broadcast packet, it is received by all the hosts in the network. But only a RARP server processes a RARP request packet, all the other hosts discard the packet. The RARP reply packet is not broadcast, it is sent directly to the host, which sent the RARP request.

What will happen if more than one RARP server in a network responds to a RARP request?
If more than one RARP server respond to a RARP request, then only the first RARP reply received is used. All other replies are discarded.

What will happen if a RARP reply is not received for a RARP request?
If a RARP reply is not received within a reasonable amount of time, the host, which sent the RARP request, will not be able to complete its booting sequence. Usually the host will again retry sending the RARP request after a timeout period.

Are there any alternative protocols to RARP?
The BOOTP and DHCP protocols can be used instead of RARP to get the IP address from the MAC address.

Read More......

Reverse Address Resolution Protocol

Reverse Address Resolution Protocol (RARP) is a Link layer protocol used to obtain an IP address for a given link-layer address (such as an Ethernet address).It has been rendered obsolete by Bootstrap Protocol and the more modern Dynamic Host Configuration Protocol, which both support a much greater feature set than RARP.

The primary limitations of RARP are that each MAC address must be manually configured on a central server, and that the protocol only conveys an IP address. This leaves configuration of subnetting, gateways, and other information to other protocols or the user. Another limitation of RARP compared to BOOTP or DHCP is that it is a non-IP protocol. This means that like ARP it cannot be handled by the TCP/IP stack on the client, but is instead implemented separately.

Reverse ARP is the complement of the Address Resolution Protocol.

Protocol Structure - RARP (Reverse Address Resolution Protocol)RARP and ARP has the same structure:

16		32 bit
Hardware Type		Protocol Type
HLen	Plen	Operation
Sender Hardware Address
Sender Protocol Address
Target Hardware Address
Target Protocol Address

• Hardware type - Specifies a hardware interface type for which the sender requires a response.
• Protocol type - Specifies the type of high-level protocol address the sender has supplied.
• Hlen - Hardware address length.
• Plen - Protocol address length.
• Operation - The values are as follows:
• ARP request.
• ARP response.
• RARP request.
• RARP response.
• Dynamic RARP request.
• Dynamic RARP reply.
• Dynamic RARP error.
• InARP request.
• InARP reply.
• Sender hardware address -HLen bytes in length.
• Sender protocol address - PLen bytes in length.
• Target hardware address - HLen bytes in length.
• Target protocol address - PLen bytes in length.

Read More......

Address Resolution Protocol

In computer networking, the Address Resolution Protocol (ARP) is the method for finding a host's hardware address when only its Network Layer address is known.ARP is not an IP-only or Ethernet-only protocol; it can be used to resolve many different network-layer protocol addresses to hardware addresses, although, due to the overwhelming prevalence of IPv4 and Ethernet, ARP is primarily used to translate IP addresses to Ethernet MAC addresses. It is also used for IP over other LAN technologies, such as Token Ring, FDDI, or IEEE 802.11, and for IP over ATM.

ARP is used in four cases of two hosts communicating:

1. When two hosts are on the same network and one desires to send a packet to the other
2. When two hosts are on different networks and must use a gateway/router to reach the other host
3. When a router needs to forward a packet for one host through another router
4. When a router needs to forward a packet from one host to the destination host on the same network

In the first case, you would have two hosts, A and B, on the same LAN segment. If, for example, Host A wants to send an IPv4 packet to Host B, Host A must already have an IPv4 (Network Layer) address for Host B. However, in order to be able to send the packet on the LAN to Host B, Host A must also have a Link Layer address, e.g. a MAC address, for Host B. If it doesn't already know that MAC address, it would send an ARP request to ask for that MAC address, in hope of getting a reply from Host B, or another host on the network, returning the required MAC address.

In the second case, for the same example, hosts A and B would be on different network segments, but there would be a router on the same LAN segment as Host A, which is either on the same network segment as Host B, or on the same network segment as another router that is on the same network segment as Host B, or on the same network segment as another router that is on the same network segment as yet another router that is on the same segment as Host B, and so on. Host A would send the IPv4 packet not to Host B, but to the first of those routers; it would look up Host B in its routing table to determine the IPv4 address of the appropriate router. It would then, if it doesn't already know the MAC address of that router, use ARP to determine that MAC address.

The third case is similar to the second case; the router would look up Host B in its routing table to determine the IPv4 address of the next router to which it should send the packet and, if it doesn't already know the MAC address for the router, use ARP to determine that MAC address. The fourth case is similar to the first case; the router has determined that Host B is on the same LAN segment, and, if it doesn't already know Host B's MAC address, will use ARP to determine that MAC address.

ARP Packet structure













The following is the packet structure used for ARP requests and replies. On Ethernet networks, these packets use an EtherType of 0x0806, and are sent to the broadcast MAC address of FF:FF:FF:FF:FF:FF. Note that the EtherType (0x0806) is used in the Ethernet header, and should not be used as the PTYPE of the ARP packet. The ARP type (0x0806) should never be used in the PTYPE field of an ARP packet, since we never want to link a hardware ptotocol address to the ARP protocol.

Hardware type (HTYPE)
Each data link layer protocol is assigned a number used in this field. For example, Ethernet is 1.

Protocol type (PTYPE)
Each protocol is assigned a number used in this field. For example, IP is 0x0800.

Hardware length (HLEN)
Length in bytes of a hardware address. Ethernet addresses are 6 bytes long.

Protocol length (PLEN)
Length in bytes of a logical address. IPv4 address are 4 bytes long.

Operation
Specifies the operation the sender is performing: 1 for request, and 2 for reply.

Sender hardware address (SHA)
Hardware address of the sender.

Sender protocol address (SPA)
Protocol address of the sender.

Target hardware address (THA)
Hardware address of the intended receiver. This field is ignored in requests.

Target protocol address (TPA)
Protocol address of the intended receiver.

Read More......

Token Ring/IEEE 802.5

Token Ring technology was developed in the 1970s by IBM. Token-passing networks move a small frame, called a token, around the network. Possession of the token grants the right to transmit. If a node receiving the token has no information to send, it passes the token to the next end station. Each station can hold the token for a maximum period of time.

If a station possessing the token does have information to transmit, it seizes the token, alters 1 bit of the token (which turns the token into a start-of-frame sequence), appends the information that it wants to transmit, and sends this information to the next station on the ring.

Token Ring Frame Format
Token Ring and IEEE 802.5 support two basic frame types: tokens and data/command frames. Tokens are 3 bytes in length and consist of a start delimiter, an access control byte, and an end delimiter. Data/command frames vary in size, depending on the size of the Information field. Data frames carry information for upper-layer protocols, while command frames contain control information and have no data for upper-layer protocols. Both formats are shown in Figure .














Token Frame Fields

The three token frame fields illustrated in Figure are summarized in the descriptions that follow:

•Start delimiter—Alerts each station of the arrival of a token (or data/command frame). This field includes signals that distinguish the byte from the rest of the frame by violating the encoding scheme used elsewhere in the frame.

•Access-control byte—Contains the Priority field (the most significant 3 bits) and
the Reservation field (the least significant 3 bits), as well as a token bit (used to differentiate a token from a data/command frame) and a monitor bit (used by the active monitor to determine whether a frame is circling the ring endlessly).

•End delimiter—Signals the end of the token or data/command frame. This field also contains bits to indicate a damaged frame and identify the frame that is the last in a logical sequence.
Data/Command Frame Fields

Data/command frames have the same three fields as Token Frames, plus several others.The Data/command frame fields illustrated in Figure are described in the following summaries:

•Start delimiter—Alerts each station of the arrival of a token (or data/command frame). This field includes signals that distinguish the byte from the rest of the frame by violating the encoding scheme used elsewhere in the frame.

•Access-control byte—Contains the Priority field (the most significant 3 bits) and
the Reservation field (the least significant 3 bits), as well as a token bit (used to differentiate a token from a data/command frame) and a monitor bit (used by the active monitor to determine whether a frame is circling the ring endlessly).

•Frame-control bytes—Indicates whether the frame contains data or control information. In control frames, this byte specifies the type of control information.

•Destination and source addresses—Consists of two 6-byte address fields that identify the destination and source station addresses.

•Data—Indicates that the length of field is limited by the ring token holding time, which defines the maximum time a station can hold the token.

•Frame-check sequence (FCS)—Is filed by the source station with a calculated value dependent on the frame contents. The destination station recalculates the value to determine whether the frame was damaged in transit. If so, the frame is discarded.

•End Delimiter—Signals the end of the token or data/command frame. The end delimiter also contains bits to indicate a damaged frame and identify the frame that is the last in a logical sequence.

•Frame Status—Is a 1-byte field terminating a command/data frame. The Frame Status field includes the address-recognized indicator and frame-copied indicator.
Summary

Read More......

Fiber Distributed Data Interface (FDDI)

The Fiber Distributed Data Interface (FDDI) specifies a 100-Mbps token-passing, dual-ring LAN using fiber-optic cable. FDDI is frequently used as high-speed backbone technology because of its support for high bandwidth and greater distances than copper.

FDDI uses dual-ring architecture with traffic on each ring flowing in opposite directions (called counter-rotating). The dual rings consist of a primary and a secondary ring. During normal operation, the primary ring is used for data transmission, and the secondary ring remains idle. the primary purpose of the dual rings is to provide superior reliability and robustness. Figure shows the counter-rotating primary and secondary FDDI rings.



















FDDI defines two types of optical fiber:

1. single-mode
2. multimode.

A mode is a ray of light that enters the fiber at a particular angle. Multimode fiber uses LED as the light-generating device, while single-mode fiber generally uses lasers.

Multimode fiber allows multiple modes of light to propagate through the fiber. Because these modes of light enter the fiber at different angles, they will arrive at the end of the fiber at different times. This characteristic is known as modal dispersion. Modal dispersion limits the bandwidth and distances that can be accomplished using multimode fibers. For this reason, multimode fiber is generally used for connectivity within a building or a relatively geographically contained environment.

Single-mode fiber allows only one mode of light to propagate through the fiber. Because only a single mode of light is used, modal dispersion is not present with single-mode fiber. Therefore, single-mode fiber is capable of delivering considerably higher performance connectivity over much larger distances, which is why it generally is used for connectivity between buildings and within environments that are more geographically dispersed.

Figure depicts single-mode fiber using a laser light source and multimode fiber using a light emitting diode (LED) light source.



















FDDI Frame Format

The FDDI frame format is similar to the format of a Token Ring frame. This is one of the areas in which FDDI borrows heavily from earlier LAN technologies, such as Token Ring. FDDI frames can be as large as 4,500 bytes. Figure shows the frame format of an FDDI data frame and token.


















FDDI Frame Fields

The following descriptions summarize the FDDI data frame and token fields illustrated in Figure .

•Preamble—Gives a unique sequence that prepares each station for an upcoming frame.

•Start delimiter—Indicates the beginning of a frame by employing a signaling pattern that differentiates it from the rest of the frame.

•Frame control—Indicates the size of the address fields and whether the frame contains asynchronous or synchronous data, among other control information.

•Destination address—Contains a unicast (singular), multicast (group), or broadcast (every station) address. As with Ethernet and Token Ring addresses, FDDI destination addresses are 6 bytes long.

•Source address—Identifies the single station that sent the frame. As with Ethernet and Token Ring addresses, FDDI source addresses are 6 bytes long.

•Data—Contains either information destined for an upper-layer protocol or control information.

•Frame check sequence (FCS)—Is filed by the source station with a calculated cyclic redundancy check value dependent on frame contents (as with Token Ring and Ethernet). The destination address recalculates the value to determine whether the frame was damaged in transit. If so, the frame is discarded.

•End delimiter—Contains unique symbols; cannot be data symbols that indicate the end of the frame.

•Frame status—Allows the source station to determine whether an error occurred; identifies whether the frame was recognized and copied by a receiving station.

Read More......