Reteaua, ce inseamna si cum se construieste?

Ce inseamna de fapt o retea? Ce inseamna un router? Ce este un switch, o placa de retea? Dar RJ45,

Mbps, ADSL, WiFi si multe alte denumiri de care ne lovim destul de des? Ce este acela un IP sau un MAC

(nu, aici nu vorbim despre produse Apple   ). Acestea sunt intrebari la care vom incerca sa le dam un

raspuns pe parcursul acestui articol.

In primul rand, pentru un utilizator obisnuit este necesar sa stie cateva lucruri inainte de a incepe sa isi

construiasca o retea acasa sau la birou. Pentru un numar de 4-5 calculatoare un router sau un switch cu

un pret pana in 200 de lei este suficient. Ce se intampla daca avem mai multe PC-uri ce trebuiesc

interconectate si care trebuie sa aiba acces la informatie rapid si eficient?

Switch-ul este capabil sa gestioneze traficul in cadrul unei retele interne, aici ne referim mai mult la

switch-urile pentru folosinta casnica. Acestea pot avea 4, 5 sau 8 porturi cu o viteza de 10/100/1000

Mbps.

Switch-urile performante pot gestiona accesul la retea al computerelor conectate, cele simple

functioneaza doar ca legatura intre PC-uri. Atentie, a nu se confunda switch-ul cu un HUB, un termen care

ati face bine sa il uitati pentru ca va iesi din curand din vocabularul administratorilor de retea. Spre

deosebire de un HUB, switch-ul tine minte adresele PC-urilor conectate si tipurile de informatii trimise la

si de la acestea. Astfel, acorda prioritate dinamica unor PC-uri cu flux mai mare de date in detrimentul

altora. HUB-ul a fost predecesorul switch-ului si, spre deosebire de acesta, cand primea o informatie din

retea incerca fiecare port in parte pentru a afla la care dintre ele trebuie sa ajunga informatia, un proces

foarte lent care pierdea o mare parte din timpul de transfer al datelor in retea.

Router-ul este un dispozitiv ce interconecteaza PC-urile dar ofera pe langa acest lucru si acces la

internet prin intermediul unui port aditional la care se conecteaza un modem. Acesta poate gestiona, de

asemenea, traficul sistemelor pe internet, poate oferi limitari la internet, sau la anumite site-uri. Aceasta

este, in principal, diferenta dintre router si switch, aici discutand bineinteles de echipamente mai ieftine,

cu un grad redus de cunostinte necesare pentru instalarea acestora. Routerul este principalul punct de

interes pentru un utilizator casnic si trebuie sa fie bine ales pentru a nu cauza apoi probleme legate de

disponibilitatea serviciului de internet (este binecunoscut ca exista anumite modele de routere pe piata

ce au diverse probleme cu tipul de semnal oferit de catre ISP – Internet Service Provider).

Modem-ul este device-ul ce face transformarea semnalului de internet pentru ca un computer sa il

poata intelege. In prezent la noi in tara se folosesc 3 tipuri de modem-uri:

Modemul de cablu (utilizatorii mai vechi de RDS stiu despre ce vorbesc, este acel dispozitiv in care

intra cablul coaxial, acela foarte asemanator cu cel pentru semnalul TV, iar pe alt port iese un cablu ce se

conecteaza la PC. Pentru utilizatorii ce locuiesc la bloc acesta a fost inlocuit direct cu cablul de retea ce

intra in PC. Pentru cei care sunt la distante mari unii de altii, de exemplu rezidentii de la case sau de la

marginea orasului, acest sistem s-a pastrat, fiind unul dintre cele mai ieftine si mai potrivite pentru a

transmite semnalul la o distanta mai mare. Cablul de retea permite transportul semnalului pe un maxim

de 100 metri teoretic, distanta care asigura functionarea optima a acestuia, atat din punct de vedere al

sigurantei datelor cat si din punct de vedere al vitezei de transfer.

Modemul ADSL (Asynchronous Digital Subscriber Line) folosit pentru conectarea abonatilor

Romtelecom ClickNet la Internet. Acesta primeste semnalul de internet direct prin linia telefonica fixa, da

cele 2 fire de telefon, si il converteste intr-un semnal compatibil cu computerul. Acest tip de sistem de

conectare la internet este unul mai nou si permite folosirea cu succes a liniilor telefonice gata instalate in

multe dintre casele utillizatorilor. Este, de asemenea, un procedeu de instalare foarte simplu, utilizatorul

cerand activarea la unul din sediile Romtelecom, iar echipamentul ii este livrat acasa unde instalarea nu

dureaza mai mult de 10 minute si este foarte usoara.

Modemul 3G este folosit pentru accesul la internet prin intermediul operatorului de telefonie mobila,

cred ca stiti stickurile acelea la care se face reclama de mai mult de 10 ori pe zi la TV, fiecare operator de

telefonie mobila are cate unul care mai de care mai scump si mai destept. Modelele difera de la an la an,

la fel si viteza acestora, care este in continua crestere la toti operatorii de telefonie mobila pe masura ce

sunt adoptate noi si noi standare de comunicatie de catre acestia.

Modem-ul CDMA apartine Cosmote-ului si Romtelecomului, ZAPP-ul dupa cum stiti a trecut sub

patronajul primei companii mentionate. Acestea folosesc banda de 450 MHz pentru a comunica, avantajul

acestora fiind aria de acoperire mai mare si implicit un nivel de semnal mai ridicat chiar si acolo unde

Vodafone si Orange nu ajunge cu antena. Unicul dezavantaj este viteza poate putin mai redusa decat

tehnologia 3G, cu un maxim de 2.4 Mbps download, un aspect mai putin semnificativ, pus in balanta cu

existenta semnalului atat in vai cat si pe varful muntelui. 3G, pe de alta parte, este promovat de

Vodafone, Orange si, mai nou, RDS. Tehnologia 3G se bazeaza pe o frecventa de lucru de 1900 MHz, mai

exact frecventa telefoanelor mobile de la noi din tara. Are o viteza de pana la 7.2 Mbps download, viteza

teoretica bineinteles care este atinsa rareori si doar in interiorul oraselor mari sau la margine acestora.

Odata ce ai iesit din oras telefonul sau modemul comuta pe EDGE care ofera aproximativ 384 Kbps

transfer, destul de putin fata de CDMA nu?. Traficul este relativ, in functie de cat de mult sunteti dispusi

sa platiti lunar, pleaca de la 1-2GB in cazul modemului gratuit oferit de RDS si poate ajunge si la 10-20

GB cu un cost de cel putin 20-30 de euro lunar pe abonament.

OK, am facut o prezentare demna de reclama operatorilor GSM asa ca voi trece mai departe la subiectul

principal al articolului

Suntem in anul 2010, deci nu mai aducem in discutie o serie de termeni folositi cand s-a descoperit

cuprul, de asemenea nici acele tipuri de produse care acum stau si se prafuiesc in depozite.

Schema principala a unei retele este cea de tip stea. Adica in centrul retelei se afla un switch sau un

router, care interconecteaza PC-urile intre ele si, in unele cazuri, le ofera si acces la internet. Routerul

poate sa aiba inclus unul dintre cele trei modemuri prezentate mai sus. Cele mai cautate sunt cele pentru

retea direct si cele ADSL. Sunt cateva lucruri pe care trebuie sa le stiti in achizitionarea unui router. In

primul rand, trebuie sa fiti atenti la cate PC-uri aveti acasa sau la birou si care este modalitatea de

conectare a acestora, cu fir sau wireless. 99.90% din sistemele existente detin un port de retea RJ45

pentru conectarea la un router. Wireless-ul este prezent pe toate laptopurile sau netbook-urile

momentului, de asemenea si pe o mare parte din telefoanele mobile, asa ca de ce sa renuntam la el in

favoarea unei economii de 30 de lei? Viteza de transfer pe cablu este de 10/100/1000 Mbps. Adica un

maxim teoretic intre doua sisteme cu acelasi tip de conexiune de 100 MB/s. Viteza in retea si pe internet

se exprima in Megabiti (Mbps) pe secunda sau Kilobiti (Kbps) pe secunda. Multa lume face confuzia

intre aceasta si viteza de transfer a unui sitck USB sau a unui HDD. Pentru a intelege mai bine acest lucru

aveti mai jos un tabel cu informatiile care se invata la orice curs de computere sau in scoala/liceu cei care

sunteti dintr-o generatie mai noua.bit b 0 or 1byte B 8 bitskilobit kb 1000 bitskilobyte (binary) KB 1024 byteskilobyte (decimal) KB 1000 bytesMegabit Mb 1000 kilobitsMegabyte (binary) MB 1024 KilobytesMegabyte (decimal) MB 1000 KilobytesGigabit Gb 1000 MegabitsGigabyte (binary) GB 1024 MegabytesGigabyte (decimal) GB 1000 Megabytes

Sistemul de conexiune wireless este prezent pe aproape toate laptopurile si netbook-urile, cat si pe o

multime de sisteme desktop sau home theater, de asemenea si pe media playerele externe si, nu in

ultimul rand, pe o multime de modele de telefoane mobile. Acesta este un sistem de conectare la o retea

ce foloseste banda de 2.4 GHz in principal. O alta frecventa folosita mai nou este cea de 5 GHz si este

benefica mai ales spatiilor aglomerate, urbane, unde o simpla scanare a retelor wireless ofera chiar si 10-

15 rezultate. In blocuri sau sedii de firme folosirea unei frecvente de 5 GHz ofera o securitate sporita si,

nu in ultimul rand, o viteza de transfer mai buna, neexistand interferente de la alte retele pe aceeasi

frecventa. O alta interferenta negativa este cea a telefoanelor fixe fara fir care folosesc o frecventa

asemanatoare celei de 2.4 GHz. In astfel de locuri cu multe retele wireless semnalul este mai dificil de

procesat, astfel eficienta unui transfer scade, putand fi cu mult redus fata de performantele specificate

de producator.

Poate ati auzit de denumiri gen 802.11b, 802.11g sau 802.11n, acestea reprezinta standarde de viteza

care au fost concepute pentru retelele wireless. Primul 802.11b are o viteza de transfer maxim teoretica

de 11Mbps, 802.11g o viteza de 54 sau 108 Mbps, aceasta din urma fiind una dintre cele mai folosite

pana de curand, iar 802.11n cea mai noua si cea mai rapida poate atinge chiar si 300Mbps, in mod

teoretic desigur. 802.11n a avut o perioada de testare de aproximativ 7 ani, pana anul trecut, cand

standardul a fost finalizat, probabil ca ati vazut pe multe routere sau dispozitive wireless pentru PC fiind

inscriptionata notatia N-Draft. Mai exista si 802.11a, care a fost prezent de multa vreme pe piata si care

este de fapt inceputul wireless-ului pe frecventa de 5 GHz.

Exista echipamente capabile sa lucreze in ambele benzi de frecventa sau doar intr-una din ele. Primul tip

de echipamente este cel mai recomandat, acesta putand avea 2 retele wireless simultan, una pe fiecare

frecventa, pe cea de 2.4 GHz putandu-se face conectarea unor sisteme de calcul ce au nevoie de o viteza

mai redusa de transfer, iar pe cea de-a doua alte laptopuri sau desktopuri cu cerinte mai mari de la retea,

de exemplu un media player extern care va fi ferit astfel de interferentele din jur si va permite o viteza

maxima de transfer a continutului HD de pe PC catre un televizor. De asemenea, se pot folosi intr-o

companie doua tipuri de securizari diferite. Pe una din frecvente se poate face comunicarea interna a PC-

urilor, iar pe cealalta se pot conecta echipamente wireless venita din afara, adica o retea de tip Guest.

Pentru un router wireless este bine sa stiti aceste lucruri inainte de achizitionarea unuia. De asemenea,

dupa ce ati facut acest lucru, pozitionarea acestuia este cruciala pentru calitatea semnalului si implicit

viteza maxima de transfer obtinuta. Routerul este bine sa se afle in centrul spatiului de lucru sau al celui

de locuit, cat si in centrul incaperii in care este pozitionat, asta inseamna la o inaltime de 1-1.5 metri de

sol, si cat mai aproape de centrul camerei, lucru mai putin posibil de multe ori. De evitat pozitionarea

acestuia pe dulap sau sub biroul PC-ului si, de asemenea, la o distanta de preferat semnificativa de

obiecte metalice de mari dimensiuni. Distanta dintre un computer si Acces Point nu trebuie sa fie mai

mica de 1,5 metri, pentru a evita problemele de conectare la reteaua wireless precum si cele de transfer.

OK, acum ca am discutat despre o multime de tipuri de conectare este vremea sa incheiem acest articol

cu promisiunea ca vor urma altele mai detaliate ce vor trata multe dintre aceste aspecte, pentru aceia ce

doresc sa isi configureze o retea acasa fara nici un fel de ajutor.

Hub

Lucreaza pe psyhical layer. Este un fel de repetor. Cand primeste semnal pe unul din porturi amplifica

semnalul si il repeta pe celelalte porturi. Dezavantaj: cand unul din calculatoare transmite, toate celelalte

trebuie sa asculte, altfel se produce o "coliziune". In termneni "stiintifico-fantastici" se spune ca toate

dispozitivele conectate la un hub sunt in acelasi "domeniu de coliziune".

2. Switch

Lucreaza la un nivel mai inalt, nivelul "data link". Switch-ul nu repeta pur si simplu ceea ce primeste pe un

port ci "intelege" datele la nivel de frame. Un mic exemplu: sa presupunem ca avem conectate la un switch

trei calculatoare A, B, C si D, conectate la porturile 1, 2, 3 si respectiv 4. Prima data cand A transmite ceva, in

"mintea" switch-ului se aprinde un beculet. Are deja o bucatica de informatie: A este conectat pe portul 1. De

acum inainte, cand primeste date pentru calculatorul A, nu o sa repete semnaul pe toate porturile ci o sa il

trimita direct pe portul 1. Swith-ul invata ce calculatoare (identificate prin adresele MAC are interfetelor) sunt

pe ce porturi, si in felul asta, A si B pot comunica in timp ce D comunica cu C, fara sa apara coliziuni. Tabela

in care tine MAC-urile si porturile se numeste "filter table" .Exista totusi cazuri, cand switch-ul este "nevoit"

sa repete pe toate porturile a) cand nu stie la ce port este conectat calculatorul destinatie (asta ar trebui sa

stii deja daca ai urmarit cu atentie explicatia) si B) cand calculatorul sursa vrea sa trimita date catre adresa

MAC FF-FF-FF-FF-FF-FF (numita adresa "broadcast"). Mai multe protocoale trimit astfel de mesaje, unul din

exemplele clasice fiind ARP (Address Resolution Protocol). ARP se foloseste pentru a afla adresa MAC a

calculatorului din retea cand se stie adresa IP. Ex: tu esti pe 192.168.0.1 si vrei sa trimiti un mesaj catre

192.168.0.3. Ai nevoie de adresa MAC ca sa poti trimite via Ethernet. Ce faci? Trimiti un pachet ARP catre

toate calculatoarelele (deci catre FF-FF-FF-FF-FF-FF) de forma "Cine are adresa 192.168.0.3? Raspundeti

catre 192.168.0.1". Calculatorul care are IP-ul 192.168.0.3 o sa iti raspunda cu adresa lui MAC. Se spune ca

dispozitivele conectate la un switch sunt in domenii de coliziune diferite, dar sunt in acelasi domeniu

broadcast. Imbunatatirea fata de hub-uri este evidenta.

3. Routere

Evident, ARP nu functioneaza decat daca sursa si destinatia sunt in acelasi segment de retea. Ce se intampla

in momentul in care vrei sa trimiti ceva catre un IP extern? Fiecare device are configurat un asa-numit

"default gateway". In momentul in care (folosind netmask-ul propriu) iti dai seama ca IP-ul catre care vrei sa

trimiti nu se afla pe acelasi segment de retea cu tine, trimiti datele catre default gateway. Asta este un router.

Un router lucreaza pe un nivel si mai inalt ("network layer") si din punctul lui de vedere, el nu conecteaza

calculatoare, cu retele. De exemplu. Sa zicem ca tu esti in reteaua 192.168.0.0/24 si vrei sa trimiti un pachet

catre 193.231.237.2. Evident, IP-ul ala nu are cum sa se afle in acelasi segment de retea, asa ca nu are nici un

sens sa te chinui cu ARP. Trimiti pachetul catre router (evident, MAC-ul router-ului in afli cu ARP, pentru ca

router-ul este la tine in retea -- de fapt, un port al router-ului este la tine in retea). Router-ul foloseste intern o

asa numita "tabela de routare". Princpiul este asemanator cu cel de "filter table" de la switch-uri, dar la un

nivel mai inalt. De exemplu, in cazul nostru, el stie ca reteaua 192.168.0.0/24 este conectata la (sa zicem)

portul 1, iar reteaua 193.231.237.0/24 este conectata la portul 2. Cand primeste de la tine pachetul pentru

193.231.237.2 (care face parte din blocul 193.231.237.0/24) stie catre ce port sa le trimita. Abia acum urmeaza

partea frumoasa. Rutele alea (combinatiile retea-port) pot fi statice (introduse de administrator) sau dinamice

(aflate din vecini). Routerele comunica cu alte routere din vecinatate pentru a afla rute noi. De exemplu, daca

router-ul A afla ca router-ul B stie ruta catre o anumita retea, el adauga aceasta informatie in tabela lui de

rutare, si o foloseste pe viitor (pe viitor, daca i se cere sa trimita informatii catre reteaua aia apeleaza la

router-ul B). La un moment dat este posibil ca o anumita retea sa fie disponibila folosind mai multe routere

(cu alte cuvinte este posibil sa existe mai multe rute catre aceeasi destinatie). Router-ele ataseaza la fiecare

ruta din tabel o valoare care reprezinta costul (metric-ul) rutei respective. Cu cat ruta este mai lunga cu atat

metric-ul creste. Rutele cele mai bune sunt alese pentru a trimite datele. Pentru a schimba intre ele

informatiile astea despre rute, folosesc diverse protocoale perecum RIP, OSPF, IGRP, BGP, etc.

Application layerFrom Wikipedia, the free encyclopedia

In computer network programming, the application layer is an abstraction layer reserved for communications protocols and

methods designed for process-to-process communications across an Internet Protocol (IP) computer network. Application layer

protocols use the underlying transport layer protocols to establish host-to-host connections.

In the OSI model, the definition of its application layer is narrower in scope. The OSI model defines the application layer as being

the user interface. The OSI application layer is responsible for displaying data and images to the user in a human-recognizable

format and to interface with the presentation layer below it.[1]

It separates functionality above the transport layer at two additional levels, the session layer and the presentation layer. OSI

specifies strict modular separation of functionality at these layers and provides protocol implementations for each layer.

The OSI model

7 Application layer

6 Presentation layer

5 Session layer

4 Transport layer

3 Network layer

2 Data link layer

LLC sublayer

MAC sublayer

1 Physical layer

Contents

1 TCP/IP protocols

2 Other protocol examples

3 References

4 External links

[edit]TCP/IP protocols

The following protocols are explicitly mentioned in RFC 1123 (1989), describing the application layer of the Internet protocol suite.[2]

Remote login category

Telnet

File transfer category

FTP

TFTP

Electronic mail category

SMTP

IMAP

POP

Support services category

DNS

RARP

BOOTP

SNMP

CMOT

Remote login category

Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented

communication facility using a virtualterminal connection. User data is interspersed in-band with Telnet control information in an 8-

bit byte oriented data connection over the Transmission Control Protocol(TCP).

Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized as Internet Engineering

Task Force (IETF) Internet Standard STD 8, one of the first Internet standards.

Historically, Telnet provided access to a command-line interface (usually, of an operating system) on a remote host. Most

network equipment and operating systemswith a TCP/IP stack support a Telnet service for remote configuration (including

systems based on Windows NT). However, because of serious security issues when using Telnet over an open network

such as the Internet, its use for this purpose has waned significantly[citation needed] in favor of SSH.

The term telnet may also refer to the software that implements the client part of the protocol. Telnet client applications are

available for virtually all computer platforms.Telnet is also used as a verb. To telnet means to establish a connection with

the Telnet protocol, either with command line client or with a programmatic interface. For example, a common directive

might be: "To change your password, telnet to the server, log in and run the passwd command." Most often, a user will

be telnetting to aUnix-like server system or a network device (such as a router) and obtain a login prompt to a command

line text interface or a character-based full-screen manager.

History and standards

Telnet is a client-server protocol, based on a reliable connection-oriented transport. Typically this protocol is used to establish a

connection to Transmission Control Protocol (TCP) port number 23, where a Telnet server application (telnetd) is listening. Telnet,

however, predates TCP/IP and was originally run over Network Control Program (NCP) protocols.

Before March 5, 1973, Telnet was an ad-hoc protocol with no official definition.[1] Essentially, it used an 8-bit channel to exchange 7-

bit ASCII data. Any byte with the high bit set was a special Telnet character. On March 5, 1973, a Telnet protocol standard was

defined at UCLA [2]  with the publication of two NIC documents: Telnet Protocol Specification, NIC #15372, and Telnet Option

Specifications, NIC #15373.

Because of negotiable options protocol architecture, many extensions were made for it, some of which have been adopted

as Internet standards, IETF documents STD 27 through STD 32. Some extensions have been widely implemented and others are

proposed standards on the IETF standards track (see below)

[edit]Security

This section does not cite any references or sources. Please help improve this section by adding

citations to reliable sources. Unsourced material may be challenged and removed. (April 2010)

When Telnet was initially developed in 1969, most users of networked computers were in the computer departments of academic

institutions, or at large private and government research facilities. In this environment, security was not nearly as much a concern as

it became after the bandwidth explosion of the 1990s. The rise in the number of people with access to the Internet, and by extension

the number of people attempting to hack other people's servers, made encrypted alternatives much more necessary.

Experts in computer security, such as SANS Institute, recommend that the use of Telnet for remote logins should be discontinued

under all normal circumstances, for the following reasons:

Telnet, by default, does not encrypt any data sent over the connection (including passwords), and so it is often practical to

eavesdrop on the communications and use the password later for malicious purposes; anybody who has access to

a router, switch, hub or gateway located on the network between the two hosts where Telnet is being used can intercept the

packets passing by and obtain login, password and whatever else is typed with a packet analyzer.

Most implementations of Telnet have no authentication that would ensure communication is carried out between the two

desired hosts and not intercepted in the middle.

Several vulnerabilities have been discovered over the years in commonly used Telnet daemons.

These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly[citation needed], especially on the

public Internet, in favor of the Secure Shell (SSH) protocol, first released in 1995. SSH provides much of the functionality of telnet,

with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public

key authentication, to ensure that the remote computer is actually who it claims to be. As has happened with other early Internet

protocols, extensions to the Telnet protocol provide Transport Layer Security (TLS) security and Simple Authentication and Security

Layer (SASL) authentication that address the above issues. However, most Telnet implementations do not support these

extensions; and there has been relatively little interest in implementing these as SSH is adequate for most purposes.

[edit]Telnet 5250

IBM 5250 or 3270 workstation emulation is supported via custom telnet clients, TN5250/TN3270, and IBM servers. Clients and

servers designed to pass IBM 5250data streams over Telnet generally do support SSL encryption, as SSH does not include 5250

emulation. Under OS/400, port 992 is the default port for secured telnet.[citation needed]

[edit]Telnet data

All data octets except \377 are transmitted over the TCP transport as is. Therefore, a Telnet client application may also be used to

establish an interactive raw TCP session, and it is commonly believed that such session which does not use the IAC (\377

character, or 255 in decimal) is functionally identical.[citation needed] This is not the case, however, because there are other network

virtual terminal (NVT) rules, such as the requirement for a bare carriage return character (CR, ASCII 13) to be followed by a NULL

(ASCII 0) character, that distinguish the telnet protocol from raw TCP sessions.[clarification needed] On the other hand, many systems now

possess true raw TCP clients, such as netcat or socat on UNIX and PuTTY on Windows, which also can be used to manually "talk"

to other services without specialized client software. Nevertheless, Telnet is still sometimes used in debugging network services

such as SMTP, IRC, HTTP, FTP or POP3 servers, to issue commands to a server and examine the responses, but of all these

protocols only FTP really uses Telnet data format.

Another difference of Telnet from a raw TCP session is that Telnet is not 8-bit clean by default. 8-bit mode may be negotiated, but

high-bit-set octets may be garbled until this mode was requested, and it obviously will not be requested in non-Telnet connection.

The 8-bit mode (so named binary option) is intended to transmit binary data, not characters though. The standard suggests the

interpretation of codes \000–\176 as ASCII, but does not offer any meaning for high-bit-set data octets. There was an attempt to

introduce a switchable character encoding support like HTTP has,[3] but nothing is known about its actual software support.

File transfer category

File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over aTCP-based

network, such as the Internet.

FTP is built on a client-server architecture and uses separate control and data connections between the client and the server.[1] FTP

users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can

connect anonymously if the server is configured to allow it. For secure transmission that hides (encrypts) the username and

password, and encrypts the content, FTP is often secured with SSL/TLS ("FTPS"). SSH File Transfer Protocol ("SFTP") is

sometimes also used instead, but is technologically different.

The first FTP client applications were command-line applications developed before operating systems had graphical user interfaces,

and are still shipped with most Windows, Unix, and Linux operating systems.[2][3] Dozens of FTP clients and automation utilities have

since been developed for desktops, servers, mobile devices, and hardware, and FTP has been incorporated into hundreds of

productivity applications, such as Web page editors.

Electronic mail category

Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP)

networks. SMTP was first defined by RFC 821 (1982, eventually declared STD 10),[1] and last updated byRFC 5321 (2008)[2] which

includes the Extended SMTP (ESMTP) additions, and is the protocol in widespread use today. SMTP uses TCP port 25. The

protocol for new submissions (MSA) is effectively the same as SMTP, but it uses port 587 instead. SMTP connections secured

by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol in its own right.

While electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages, user-level client mail

applications typically use SMTP only for sending messages to a mail server for relaying. For receiving messages, client applications

usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system (such

as Microsoft Exchange or Lotus Notes/Domino) to access their mail box accounts on a mail server.

Protocol overview

SMTP is a connection-oriented, text-based protocol in which a mail sender communicates with a mail receiver by issuing command

strings and supplying necessary data over a reliable ordered data stream channel, typically a Transmission Control Protocol (TCP)

connection. An SMTP session consists of commands originated by an SMTP client (the initiating agent, sender, or transmitter) and

corresponding responses from the SMTP server (the listening agent, or receiver) so that the session is opened, and session

parameters are exchanged. A session may include zero or more SMTP transactions. An SMTP transaction consists of three

command/reply sequences (see example below.) They are:

1. MAIL command, to establish the return address, a.k.a. Return-Path,[citation needed], mfrom, or envelope sender. This is the

address for bounce messages.

2. RCPT command, to establish a recipient of this message. This command can be issued multiple times, one for each

recipient. These addresses are also part of the envelope.

3. DATA to send the message text. This is the content of the message, as opposed to its envelope. It consists of a message

header and a message bodyseparated by an empty line. DATA is actually a group of commands, and the server replies

twice: once to the DATA command proper, to acknowledge that it is ready to receive the text, and the second time after

the end-of-data sequence, to either accept or reject the entire message.

Besides the intermediate reply for DATA, each server's reply can be either positive (2xx reply codes) or negative. Negative replies

can be permanent (5xx codes) or transient (4xx codes). A reject is a permanent failure by an SMTP server; in this case the SMTP

client should send a bounce message. A drop is a positive response followed by message discard rather than delivery.

The initiating host, the SMTP client, can be either an end-user's email client, functionally identified as a mail user agent (MUA), or a

relay server's mail transfer agent(MTA), that is an SMTP server acting as an SMTP client, in the relevant session, in order to relay

mail. Fully capable SMTP servers maintain queues of messages for retrying message transmissions that resulted in transient

failures.

A MUA knows the outgoing mail SMTP server from its configuration. An SMTP server acting as client, i.e. relaying, typically

determines which SMTP server to connect to by looking up the MX (Mail eXchange) DNS resource record for each

recipient's domain name. Conformant MTAs (not all) fall back to a simple A record in case no MX record can be found. Relaying

servers can also be configured to use a smart host.

An SMTP server acting as client initiates a TCP connection to the server on the "well-known port" designated for SMTP: port 25.

MUAs should use port 587 to connect to an MSA. The main difference between an MTA and an MSA is that SMTP Authentication is

mandatory for the latter only.

• Support services category

The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected

to the Internet or a private network. It associates various information with domain names assigned to each of the participating

entities. Most prominently, it translates easily memorised domain names to the numerical IP addressesneeded for the purpose of

locating computer services and devices worldwide. By providing a worldwide, distributedkeyword-based redirection service, the

Domain Name System is an essential component of the functionality of theInternet.

An often-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating

human-friendly computer hostnames into IP addresses. For example, the domain name www.example.comtranslates to the

addresses 192.0.43.10 (IPv4) and 2001:500:88:200::10 (IPv6). Unlike a phone book, the DNS can be quickly updated, allowing a

service's location on the network to change without affecting the end users, who continue to use the same host name. Users take

advantage of this when they use meaningful Uniform Resource Locators (URLs) and e-mail addresses without having to know how

the computer actually locates the services.

The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by

designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their

particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the

DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and

updated. Additionally, the responsibility for maintaining and updating the master record for the domains is spread among

many domain name registrars, who compete for the end-user's (the domain-owner's) business. Domains can be moved from

registrar to registrar at any time.

The Domain Name System also specifies the technical functionality of this database service. It defines the DNS protocol, a detailed

specification of the data structures and data communication exchanges used in DNS, as part of the Internet Protocol Suite.

The Internet maintains two principal namespaces, the domain name hierarchy[1] and the Internet Protocol (IP) address spaces.[2] The

Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces.

Internet name servers and a communication protocolimplement the Domain Name System.[3] A DNS name server is a server that

stores the DNS records for a domain name, such as address (A or AAAA) records, name server (NS) records, and mail exchanger

(MX) records (see also list of DNS record types); a DNS name server responds with answers to queries against its database.

Structure

[edit]Domain name space

The domain name space consists of a tree of domain names. Each node or leaf in the tree has zero or more resource records,

which hold information associated with the domain name. The tree sub-divides into zones beginning at the root zone. A DNS

zone may consist of only one domain, or may consist of many domains and sub-domains, depending on the administrative authority

delegated to the manager.

The hierarchical Domain Name System, organized into zones, each served by a name server

Administrative responsibility over any zone may be divided by creating additional zones. Authority is said to be delegated for a

portion of the old space, usually in the form of sub-domains, to another name server and administrative entity. The old zone ceases

to be authoritative for the new zone.

[edit]Domain name syntax

The definitive descriptions of the rules for forming domain names appear in RFC 1035,RFC 1123, and RFC 2181. A domain

name consists of one or more parts, technically called labels, that are conventionally concatenated, and delimited by dots, such

asexample.com.

The right-most label conveys the top-level domain; for example, the domain namewww.example.com belongs to the top-level

domain com.

The hierarchy of domains descends from right to left; each label to the left specifies a subdivision, or subdomain of the domain

to the right. For example: the label examplespecifies a subdomain of the com domain, and www is a sub domain

of example.com. This tree of subdivisions may have up to 127 levels.

Each label may contain up to 63 characters. The full domain name may not exceed the length of 253 characters in its textual

representation.[1] In the internal binary representation of the DNS the maximum length requires 255 octets of storage, since it

also stores the length of the name.[3] In practice, some domain registries may have shorter limits.[citation needed]

DNS names may technically consist of any character representable in an octet. However, the allowed formulation of domain

names in the DNS root zone, and most other sub domains, uses a preferred format and character set. The characters allowed

in a label are a subset of the ASCII character set, and includes the characters a through z, A through Z, digits 0 through 9, and

the hyphen. This rule is known as the LDH rule (letters, digits, hyphen). Domain names are interpreted in case-independent

manner.[8] Labels may not start or end with a hyphen.[9] There is an additional rule that essentially requires that top-level

domain names not be all-numeric.[10]

A hostname is a domain name that has at least one IP address associated. For example, the domain

names www.example.com and example.com are also hostnames, whereas the com domain is not.

[edit]Internationalized domain names

The permitted character set of the DNS prevented the representation of names and words of many languages in their native

alphabets or scripts. ICANN has approved the Internationalizing Domain Names in Applications (IDNA) system, which

maps Unicode strings into the valid DNS character set using Punycode. In 2009 ICANN approved the installation of IDN country

code top-level domains. In addition, many registries of the existing top level domain names (TLD)s have adopted IDNA.

[edit]Name servers

Main article: Name server

The Domain Name System is maintained by a distributed database system, which uses the client-server model. The nodes of this

database are the name servers. Each domain has at least one authoritative DNS server that publishes information about that

domain and the name servers of any domains subordinate to it. The top of the hierarchy is served by the root name servers, the

servers to query when looking up (resolving) a TLD.

[edit]Authoritative name server

An authoritative name server is a name server that gives answers that have been configured by an original source, for example, the

domain administrator or by dynamic DNS methods, in contrast to answers that were obtained via a regular DNS query to another

name server. An authoritative-only name server only returns answers to queries about domain names that have been specifically

configured by the administrator.

An authoritative name server can either be a master server or a slave server. A master server is a server that stores the original

(master) copies of all zone records. A slave server uses an automatic updating mechanism of the DNS protocol in communication

with its master to maintain an identical copy of the master records.

A set of authoritative name servers has to be assigned for every DNS zone. An NS record about addresses of that set must be

stored in the parent zone and servers themselves (as self-reference).

When domain names are registered with a domain name registrar, their installation at the domain registry of a top level

domain requires the assignment of a primaryname server and at least one secondary name server. The requirement of multiple

name servers aims to make the domain still functional even if one name server becomes inaccessible or inoperable.[11] The

designation of a primary name server is solely determined by the priority given to the domain name registrar. For this purpose,

generally only the fully qualified domain name of the name server is required, unless the servers are contained in the registered

domain, in which case the corresponding IP address is needed as well.

Primary name servers are often master name servers, while secondary name servers may be implemented as slave servers.

An authoritative server indicates its status of supplying definitive answers, deemed authoritative, by setting a software flag (a

protocol structure bit), called theAuthoritative Answer (AA) bit in its responses.[3] This flag is usually reproduced prominently in the

output of DNS administration query tools (such as dig) to indicatethat the responding name server is an authority for the domain

name in question.[3]

The Reverse Address Resolution Protocol (RARP) is an obsolete computer networking protocol used by a host computer to

request its Internet Protocol (IPv4) address from an administrative host, when it has available its Link Layer or hardware address,

such as a MAC address.

RARP is described in Internet Engineering Task Force (IETF) publication RFC 903.[1] It has been rendered obsolete by theBootstrap

Protocol (BOOTP) and the modern Dynamic Host Configuration Protocol (DHCP), which both support a much greater feature set

than RARP.

RARP requires one or more server hosts to maintain a database of mappings of Link Layer addresses to their respective protocol

addresses. Media Access Control (MAC) addresses needed to be individually configured on the servers by an administrator. RARP

was limited to serving only IP addresses.

Reverse ARP differs from the Inverse Address Resolution Protocol (InARP) described in RFC 2390, which is designed to obtain the

IP address associated with a local Frame Relay data link connection identifier. InARP is not used in Ethernet.

Transport layerFrom Wikipedia, the free encyclopedia

In computer networking, the transport layer or layer 4 provides end-to-end communication services for applications[1] within a

layered architecture of network components and protocols. The transport layer provides convenient services such as connection-

oriented data stream support, reliability, flow control, and multiplexing.

Transport layers are contained in both the TCP/IP model (RFC 1122),[2] which is the foundation of the Internet, and the Open

Systems Interconnection (OSI) model of general networking. The definitions of the transport layer are slightly different in these two

models. This article primarily refers to the TCP/IP model, in which TCP is largely for a convenient application programming

interface to internet hosts, as opposed to the OSI-model definition of the transport layer.

The most well-known transport protocol is the Transmission Control Protocol (TCP). It lent its name to the title of the entire Internet

Protocol Suite, TCP/IP. It is used for connection-oriented transmissions, whereas the connectionless User Datagram Protocol (UDP)

is used for simpler messaging transmissions. TCP is the more complex protocol, due to its stateful design incorporating reliable

transmission and data stream services. Other prominent protocols in this group are the Datagram Congestion Control

Protocol (DCCP) and the Stream Control Transmission Protocol (SCTP).

Contents

[hide]

1 Services

2 Analysis

3 Protocols

4 Comparison of transport-layer protocols

5 Comparison of OSI transport protocols

6 References

[edit]Services

There are many services that can be optionally provided by a transport-layer protocol, and different protocols may or may not

implement them.

Connection-oriented communication : It is normally easier for an application to interpret a connection as a data streamrather

than having to deal with the underlying connection-less models, such as the datagram model of the User Datagram

Protocol (UDP) and of the Internet Protocol (IP).

Byte orientation : Rather than processing the messages in the underlying communication system format, it is often easier for an

application to process the data stream as a sequence of bytes. This simplification helps applications work with various

underlying message formats.

Same order delivery: The network layer doesn't generally guarantee that packets of data will arrive in the same order that they

were sent, but often this is a desirable feature. This is usually done through the use of segment numbering, with the receiver

passing them to the application in order. This can cause head-of-line blocking.

Reliability : Packets may be lost during transport due to network congestion and errors. By means of an error detection code,

such as a checksum, the transport protocol may check that the data is not corrupted, and verify correct receipt by sending

an ACK or NACK message to the sender. Automatic repeat requestschemes may be used to retransmit lost or corrupted data.

Flow control : The rate of data transmission between two nodes must sometimes be managed to prevent a fast sender from

transmitting more data than can be supported by the receiving data buffer, causing a buffer overrun. This can also be used to

improve efficiency by reducing buffer underrun.

Congestion avoidance : Congestion control can control traffic entry into a telecommunications network, so as to

avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the

intermediate nodes and networks and taking resource reducing steps, such as reducing the rate of sending packets. For

example, automatic repeat requests may keep the network in a congested state; this situation can be avoided by adding

congestion avoidance to the flow control, including slow-start. This keeps the bandwidth consumption at a low level in the

beginning of the transmission, or after packet retransmission.

Multiplexing : Ports can provide multiple endpoints on a single node. For example, the name on a postal address is a kind of

multiplexing, and distinguishes between different recipients of the same location. Computer applications will each listen for

information on their own ports, which enables the use of more than onenetwork service at the same time. It is part of the

transport layer in the TCP/IP model, but of the session layer in the OSI model.

[edit]Analysis

The transport layer is responsible for delivering data to the appropriate application process on the host computers. This

involves statistical multiplexing of data from different application processes, i.e. forming data packets, and adding source and

destination port numbers in the header of each transport-layer data packet. Together with the source and destination IP address, the

port numbers constitutes a network socket, i.e. an identification address of the process-to-process communication. In the OSI

model, this function is supported by the session layer.

Some transport-layer protocols, for example TCP, but not UDP, support virtual circuits, i.e. provide connection

oriented communication over an underlying packet oriented datagram network. A byte-stream is delivered while hiding the packet

mode communication for the application processes. This involves connection establishment, dividing of the data stream into packets

called segments, segment numbering and reordering of out-of order data.

Finally, some transport-layer protocols, for example TCP, but not UDP, provide end-to-end reliable communication, i.e. error

recovery by means of error detecting codeand automatic repeat request (ARQ) protocol. The ARQ protocol also provides flow

control, which may be combined with congestion avoidance.

UDP is a very simple protocol, and does not provide virtual circuits, nor reliable communication, delegating these functions to

the application program. UDP packets are called datagrams, rather than segments.

TCP is used for many protocols, including HTTP web browsing and email transfer. UDP may be used

for multicasting and broadcasting, since retransmissions are not possible to a large amount of hosts. UDP typically gives

higher throughput and shorter latency, and is therefore often used for real-time multimedia communication where packet loss

occasionally can be accepted, for example IP-TV and IP-telephony, and for online computer games.

In many non-IP-based networks, for example X.25, Frame Relay and ATM, the connection oriented communication is implemented

at network layer or data link layer rather than the transport layer. In X.25, in telephone network modems and in wireless

communication systems, reliable node-to-node communication is implemented at lower protocol layers.

The OSI connection-mode transport layer protocol specification defines five classes of transport protocols: TP0, providing the least

error recovery, to TP4, which is designed for less reliable networks.

[edit]Protocols

The exact definition of what qualifies as a transport-layer protocol is not firm. The following is a short list:

ATP, AppleTalk Transaction Protocol

CUDP, Cyclic UDP

DCCP, Datagram Congestion Control Protocol

FCP, Fiber Channel Protocol

IL, IL Protocol

NBF, NetBIOS Frames protocol

RDP, Reliable Datagram Protocol

RUDP, Reliable User Datagram Protocol

SCTP, Stream Control Transmission Protocol

SPX, Sequenced Packet Exchange

SST, Structured Stream Transport

TCP, Transmission Control Protocol

UDP, User Datagram Protocol

UDP Lite

µTP, Micro Transport Protocol

[edit]Comparison of transport-layer protocols

Feature Name UDP UDP Lite TCP SCTP DCCP RUDP

Packet header size 8 bytes 8 bytes 20–60 bytes 12 bytes 12 or 16 bytes

Transport-layer packet entity DatagramDatagram

SegmentDatagram

DatagramDatagram

Connection oriented No No Yes Yes Yes Yes

Reliable transport No No Yes Yes No Yes

Unreliable transport Yes Yes No Yes Yes Yes

Preserve message boundary Yes Yes No Yes Yes Yes

Ordered delivery No No Yes Yes No Yes

Unordered delivery Yes Yes No Yes Yes Yes

Data checksum Optional Yes Yes Yes Yes Unsure

Checksum size (bits) 16 16 16 32 16 Unsure

Partial checksum No Yes No No Yes No

Path MTU No No Yes Yes Yes Unsure

Flow control No No Yes Yes No Yes

Congestion control No No Yes Yes Yes Unsure

ECN support No No Yes Yes Yes

Multiple streams No No No Yes No No

Multi-homing support No No No Yes No No

Bundling / Nagle No No Yes Yes No Unsure

NAT friendly[3] Yes Yes Yes Yes[4] Yes Yes

[edit]Comparison of OSI transport protocols

ISO/IEC 8073/ITU-T Recommendation X.224, "Information Technology - Open Systems Interconnection - Protocol for providing the

connection-mode transport service", defines five classes of connection-mode transport protocols designated class 0 (TP0) to class 4

(TP4). Class 0 contains no error recovery, and was designed for use on network layers that provide error-free connections. Class 4

is closest to TCP, although TCP contains functions, such as the graceful close, which OSI assigns to the session layer. All OSI

connection-mode protocol classes provide expedited data and preservation of record boundaries. Detailed characteristics of the

classes are shown in the following table:[5]

ServiceTP0

TP1 TP2TP3

TP4

Connection oriented network Yes Yes Yes Yes Yes

Connectionless network No No No No Yes

Concatenation and separation No Yes Yes Yes Yes

Segmentation and reassembly Yes Yes Yes Yes Yes

Error Recovery No Yes No Yes Yes

Reinitiate connection (if an excessive number of PDUs are unacknowledged) No Yes No Yes No

multiplexing and demultiplexing over a single virtual circuit No No Yes Yes Yes

Explicit flow control No No Yes Yes Yes

Retransmission on timeout No No No No Yes

Reliable Transport Service No Yes No Yes Yes

Link layerFrom Wikipedia, the free encyclopedia

In computer networking, the link layer is the lowest layer in the Internet Protocol Suite (commonly known as "TCP/IP"), the

networking architecture of the Internet(RFC 1122, RFC 1123). It is the group of methods or protocols that only operate on a host's

link. The link is the physical and logical network component used to interconnect hosts or nodes in the network and a link protocol is

a suite of methods and standards that operate only between adjacent network nodes of a Local area network segment or a wide

area network connection.

Despite the different semantics of layering in TCP/IP and OSI, the link layer is often described as a combination of the data link

layer (layer 2) and the physical layer(layer 1) in the Open Systems Interconnection (OSI) protocol stack. However, TCP/IP's layers

are descriptions of operating scopes (application, host-to-host, network, link) and not detailed prescriptions of operating procedures,

data semantics, or networking technologies.

RFC 1122 exemplifies that local area network protocols such as Ethernet and IEEE 802, and framing protocols such as Point-to-

Point Protocol (PPP) belong to the link layer.

Contents

[hide]

1 Definition in standards and text books

2 Link-layer protocols

3 Relation to OSI model

4 Examples of functions supported

5 RFC references

6 See also

7 References

8 External links

[edit]Definition in standards and text books

LAN standards such as Ethernet and IEEE 802 specifications use terminology from the seven-layer OSI model rather than the

TCP/IP reference model. The TCP/IP model in general does not consider physical specifications, rather it assumes a working

network infrastructure that can deliver media level frames on the link. Therefore RFC 1122 and RFC 1123, the definition of the

TCP/IP model, do not discuss hardware issues and physical data transmission and set no standards for those aspects, other than

broadly including them as link-layer components. Some textbook authors[1][2]have supported the interpretation that physical data

transmission aspects are part of the link layer. That position will be held in the rest of this article. Others [3][4]assumed that physical

data transmission standards are not considered as communication protocols, and are not part of the TCP/IP model. These authors

assume a hardware layer or physical layer below the link layer, and several of them adopt the OSI term data link layer instead of link

layer in a modified description of layering. In the predecessor to the TCP/IP model, the Arpanet Reference Model (RFC 908, 1982),

aspects of the link layer are referred to by several poorly defined terms, such as network-access layer, network-access protocol, as

well as network layer, while the next higher layer is called internetwork layer. In some modern text books,network-interface

layer, host-to-network layer and network-access layer occur as synonyms either to the link layer or the data link layer, often

including the physical layer.

[edit]Link-layer protocols

The core protocols specified by the Internet Engineering Task Force to be placed into this layer are the Address Resolution

Protocol (ARP), its cousin, the Reverse Address Resolution Protocol (RARP), and the Neighbor Discovery Protocol (NDP), which is

a facility delivering similar functionality as ARP for IPv6. Since the advent of IPv6, Open Shortest Path First (OSPF) can be

considered to operate on the link level as well, although the IPv4 version of the protocol was considered at theInternet layer.

IS-IS (RFC 1142) is another link-state routing protocol that fits into this layer when considering TCP/IP model, however it was

developed within the OSI reference stack (where it is a layer-3 protocol). It is not an Internet standard.

The link layer also contains all hardware specific interface methods, such as Ethernet and other IEEE 802 encapsulation schemes

(see References).

[edit]Relation to OSI model

The link layer of the TCP/IP model is often compared directly with the combination of the data link layer and the physical layer in

the Open Systems Interconnection (OSI) protocol  stack. Although they are congruent to some degree in technical coverage of

protocols, they are not identical. The link layer in TCP/IP is still wider in scope and in principle a different concept and terminology of

classification. This may be observed when certain protocols, such as the Address Resolution Protocol(ARP), which is confined to

the link layer in the TCP/IP model, is often said to fit between OSI's data link layer and the network layer. In general, direct or strict

comparisons should be avoided, because the layering in TCP/IP is not a principal design criterion and in general is considered to be

"harmful" (RFC 3439).

Another term sometimes encountered, "network-access layer", tries to suggest the closeness of this layer to the physical network.

However, this use is misleading and non-standard, since the link layer implies functions that are wider in scope than just network

access. Important link-layer protocols are used to probe the topology of the local network, discover routers and neighboring hosts,

i.e. functions that go well beyond network access.

[edit]Examples of functions supported

The link layer includes the following functionality:

Logical link-local networking methods

Encapsulation of IP packets into frames

Frame synchronization

Error detection  with removal of erroneous packets (Used in LANs and point-to-point fiber optical cables)

Logical link control  (LLC) sublayer: (Used in modem protocols and wireless protocols)

Node-to-node error detection and automatic repeat request of erroneous packets

Node-to-node flow control

Forward error correction  (however much more common at the physical layer)

Media access control  (MAC) sublayer:

Multiple access protocols , for example with collision detection or avoidance

Physical addressing  (MAC addressing)

LAN switching  (packet switching) including MAC filtering and spanning tree protocol

Store-and-forward  switching or cut-through switching

Data packet queueing or scheduling algorithms

Help protocols  not encapsulated in IP packets:

Some routing protocols

IP address to/from physical address resolution protocols

Physical networking aspects: (It is disputable if and to which extent these are included)

Bit-by-bit or symbol-by-symbol delivery

Net bit rate

Digital modulation

Line coding

Carrier sense  and collision detection utilized by some level 2 multiple-access protocols

Circuit switching , establishing circuit switched connections

Multiplexing

Forward error correction  codes

Serial  or parallel communication

Bit synchronization

Start-stop signalling  and flow control in asynchronous serial communication

Signal strength  (voltage and power levels), impedance

Forward error correction , bit-interleaving and other channel coding

Equalization  filtering, training sequences, pulse shaping and other signal processing of physical signals

Mechanical specification of electrical connectors and cables, for example maximum cable length

Electrical specification of transmission line signal level and impedance

Radio interface, including electromagnetic spectrum frequency allocation and specification of signal strength,

analog bandwidth, etc.

Specifications for IR over optical fiber or a wireless IR communication link

Address Resolution ProtocolFrom Wikipedia, the free encyclopedia

Address Resolution Protocol (ARP) is a telecommunications protocol used for resolution of network layer addresses into link

layer addresses, a critical function in multiple-access networks. ARP was defined by RFC 826 in 1982.[1] It is Internet Standard STD

37. It is also the name of the program for manipulating these addresses in most operating systems.

ARP has been implemented in many combinations of network and overlaying internetwork technologies, such

as IPv4, Chaosnet, DECnet and Xerox PARC Universal Packet (PUP) using IEEE 802 standards, FDDI, X.25, Frame

Relay and Asynchronous Transfer Mode (ATM), IPv4 over IEEE 802.3 and IEEE 802.11 being the most common cases.

In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP).

Contents

[hide]

1 Operating scope

2 Packet structure

3 Example

4 ARP probe

5 ARP announcements

6 ARP mediation

7 Inverse ARP and Reverse ARP

8 ARP spoofing and Proxy ARP

9 Alternatives to ARP

10 ARP Stuffing

11 See also

12 References

13 External links

[edit]Operating scope

The Address Resolution Protocol is a request and reply protocol that runs encapsulated by the line protocol. It is communicated

within the boundaries of a single network, never routed across internetwork nodes. This property places ARP into the Link Layer of

the Internet Protocol Suite,[2] while in the Open Systems Interconnection (OSI) model, it is often described as residing between

Layers 2 and 3, being encapsulated by Layer 2 protocols. However, ARP was not developed in the OSI framework.

[edit]Packet structure

The Address Resolution Protocol uses a simple message format that contains one address resolution request or response. The size

of the ARP message depends on the upper layer and lower layer address sizes, which are given by the type of networking protocol

(usually IPv4) in use and the type of hardware or virtual link layer that the upper layer protocol is running on. The message header

specifies these types, as

well as the size of

addresses of each. The

message header is

completed with the

operation code for request

(1) and reply (2). The

payload of the packet

consists of four addresses,

the hardware and protocol

address of the sender and

receiver hosts.

The principal packet

structure of ARP packets is

shown in the following table

which illustrates the case of

IPv4 networks running on

Ethernet. In this scenario,

the packet has 48-bit fields

for the sender hardware

address (SHA) and target

hardware address (THA), and 32-bit fields for the corresponding sender and target protocol addresses (SPA and TPA). Thus, the

ARP packet size in this case is 28 bytes. The EtherType for ARP is 0x0806.

Hardware type (HTYPE)

This field specifies the network protocol type. Example: Ethernet is 1.

Protocol type (PTYPE)

This field specifies the internetwork protocol for which the ARP request is intended. For IPv4, this has the value 0x0800.

The permitted PTYPE values share a numbering space with those for EtherType.[3][4][5]

Hardware length (HLEN)

Length (in octets) of a hardware address. Ethernet addresses size is 6.

Protocol length (PLEN)

Length (in octets) of addresses used in the upper layer protocol. (The upper layer protocol specified in PTYPE.) IPv4

address size is 4.

Operation 

Internet Protocol (IPv4) over Ethernet ARP packet

bit offset

0 – 7 8 – 15

0 Hardware type (HTYPE)

16 Protocol type (PTYPE)

32 Hardware address length (HLEN) Protocol address length (PLEN)

48 Operation (OPER)

64 Sender hardware address (SHA) (first 16 bits)

80 (next 16 bits)

96 (last 16 bits)

112 Sender protocol address (SPA) (first 16 bits)

128 (last 16 bits)

144 Target hardware address (THA) (first 16 bits)

160 (next 16 bits)

176 (last 16 bits)

192 Target protocol address (TPA) (first 16 bits)

208 (last 16 bits)

Specifies the operation that the sender is performing: 1 for request, 2 for reply.

Sender hardware address (SHA)

media address of the sender.

Sender protocol address (SPA)

internetwork address of the sender.

Target hardware address (THA)

media address of the intended receiver. This field is ignored in requests.

Target protocol address (TPA)

internetwork address of the intended receiver.

ARP protocol parameter values have been standardized and are maintained by

the Internet Assigned Numbers Authority (IANA).[6]

[edit]Example

For example, the computers Matterhorn and Washington are in an office,

connected to each other on the office local area network by Ethernet cables

and network switches, with no intervening gateways or routers. Matterhorn wants

to send a packet to Washington. Through other means, it determines that

Washington's IP address is 192.168.0.55. In order to send the message, it also

needs to know Washington's MAC address. First, Matterhorn uses a cached ARP

table to look up 192.168.0.55 for any existing records of Washington's MAC

address (00:eb:24:b2:05:ac). If the MAC address is found, it sends the IP packet

on the link layer to address 00:eb:24:b2:05:ac via the local network cabling. If the

cache did not produce a result for 192.168.0.55, Matterhorn has to send a

broadcast ARP message (destination FF:FF:FF:FF:FF:FF) requesting an answer

for 192.168.0.55. Washington responds with its MAC address (00:eb:24:b2:05:ac).

Washington may insert an entry for Matterhorn into its own ARP table for future

use. The response information is cached in Matterhorn's ARP table and the

message can now be sent.[7]

[edit]ARP probe

An ARP probe is an ARP request constructed with an all-zero sender IP address.

The term is used in the IPv4 Address Conflict Detection specification (RFC 5227).

Before beginning to use an IPv4 address (whether received from manual

configuration, DHCP, or some other means), a host implementing this specification

must test to see if the address is already in use, by broadcasting ARP probe

packets.[8]

[edit]ARP announcements

ARP may also be used as a simple announcement protocol. This is useful for

updating other hosts' mapping of a hardware address when the sender's IP

address or MAC address has changed. Such an announcement, also called

a gratuitous ARP message, is usually broadcast as an ARP request containing the

sender's protocol address (SPA) in the target field (TPA=SPA), with the target

hardware address (THA) set to zero. An alternative is to broadcast an ARP reply

with the sender's hardware and protocol addresses (SHA and SPA) duplicated in

the target fields (TPA=SPA, THA=SHA).

An ARP announcement is not intended to solicit a reply; instead it updates any

cached entries in the ARP tables of other hosts that receive the packet. The

operation code may indicate a request or a reply because the ARP standard

specifies that the opcode is only processed after the ARP table has been updated

from the address fields.[9][10][11]

Many operating systems perform gratuitous ARP during startup. That helps to

resolve problems which would otherwise occur if, for example, a network card was

recently changed (changing the IP-address-to-MAC-address mapping) and other

hosts still have the old mapping in their ARP caches.

Gratuitous ARP is also used by some interface drivers to provide load balancing for

incoming traffic. In a team of network cards, it is used to announce a different MAC

address within the team that should receive incoming packets.

ARP announcements can be used to defend link-local IP addresses in

the Zeroconf protocol (RFC 3927), and for IP address takeover within high-

availability clusters.

[edit]ARP mediation

ARP mediation refers to the process of resolving Layer 2 addresses through

a Virtual Private Wire Service (VPWS) when different resolution protocols are used

on the connected circuits, e.g., Ethernet on one end and Frame Relay on the other.

In IPv4, each Provider Edge (PE) device discovers the IP address of the locally

attached Customer Edge (CE) device and distributes that IP address to the

corresponding remote PE device. Then each PE device responds to local ARP

requests using the IP address of the remote CE device and the hardware address

of the local PE device. In IPv6, each PE device discovers the IP address of both

local and remote CE devices and then intercepts local Neighbor Discovery (ND)

and Inverse Neighbor Discovery (IND) packets and forwards them to the remote

PE device.[12]

[edit]Inverse ARP and Reverse ARP

Inverse Address Resolution Protocol (Inverse ARP or InARP) is used to

obtain Network Layer addresses (for example, IP addresses) of other nodes

from Data Link Layer (Layer 2) addresses. It is primarily used in Frame

Relay (DLCI) and ATM networks, in which Layer 2 addresses of virtual circuits are

sometimes obtained from Layer 2 signaling, and the corresponding Layer 3

addresses must be available before those virtual circuits can be used.[13]

Since ARP translates Layer 3 addresses to Layer 2 addresses, InARP may be

described as its inverse. In addition, InARP is implemented as a protocol extension

to ARP: it uses the same packet format as ARP, but different operation codes.

The Reverse Address Resolution Protocol (Reverse ARP or RARP), like InARP,

translates Layer 2 addresses to Layer 3 addresses. However, in InARP the

requesting station queries the Layer 3 address of another node, whereas RARP is

used to obtain the Layer 3 address of the requesting station itself for address

configuration purposes. RARP is obsolete; it was replaced by BOOTP, which was

later superseded by the Dynamic Host Configuration Protocol (DHCP).[14]

[edit]ARP spoofing and Proxy ARP

A successful ARP spoofing attack allows an attacker to perform a man-in-the-middle attack.

Main article: ARP spoofing

Main article: Proxy ARP

Because ARP does not provide methods for authenticating ARP replies on a

network, ARP replies can come from systems other than the one with the required

Layer 2 address. An ARP proxy is a system which answers the ARP request on

behalf of another system for which it will forward traffic, normally as a part of the

network's design, such as for a dialup internet service. By contrast, in

ARP spoofing the answering system, or spoofer, replies to a request for another

system's address with the aim of intercepting data bound for that system. A

malicious user may use ARP spoofing to perform a man-in-the-middle or denial-of-

service attack on other users on the network. Various software exists to both detect

and perform ARP spoofing attacks, though ARP itself does not provide any

methods of protection from such attacks.[15]

[edit]Alternatives to ARP

Each computer maintains its own table of the mapping from Layer 3 addresses

(e.g. IP addresses) to Layer 2 addresses (e.g.ethernet MAC addresses). In a

modern computer this is maintained almost entirely by ARP packets on the local

network and it thus often called the 'ARP cache' as opposed to 'Layer 2 address

table'. In older computers, where broadcast packets were considered an expensive

resource, other methods were used to maintain this table, such as static

configuration files,[16] or centrally maintained lists. Since at least the

1980s[17] networked computers have had a command called arp for interrogating or

manipulating this table, and practically all modern personal computers have a

variant of this.[18][19][20][21]

[edit]ARP Stuffing

Embedded systems such as networked cameras[22] and networked power

distribution devices,[23] which lack a user interface, can use so-called ARP

stuffing to make an initial network connection, although this is a misnomer as there

is no ARP protocol involved. This is a solution to an issue in network management

of consumer devices, specifically the allocation of IP addresses of ethernet devices

where 1) the user doesn't have the ability to control DHCP or similar address

allocation protocols, 2) the device doesn't have a user interface to configure it, and

3) the user's computer can't communicate with it because it has no suitable IP

address.

The solution adopted is as follows: the user's computer has an IP

address stuffed manually into its address table (normally with the arp command

with the MAC address taken from a label on the device) and then sends special

packets to the device, typically a ping packet with a non-default size. The device

then adopts this IP address, and the user then communicates with it

by telnet or web protocols to complete the configuration. Such devices typically

have a method to disable this process once the device is operating normally, as it

is open to Denial of Service attack.