COMPUTER NETWORKS

Basics of Computer Networking

• Computer Network is an interconnection of different computers to share

resources through a communication medium between them.
• Computer Network is made up of end devices, intermediary devices, and
media, and it follows Protocols and Standards.
• An IP address is used to uniquely identify a host on a network.
• It is better to make the topology of your network before you implement it
physically.
• PAN, LAN, MAN, and WAN – are types of Computer networks.
• Fault tolerance, Scalability, Quality of Service, and Security are
characteristics of a Computer Network.
• Computer Network has many applications such as e-commerce, email,
VoIP, remote access, and instant messaging, etc.

Network Hardware & Network Software

• Network Hardware combines to perform require operations of computer

networks and become responsible for data communication.
• Network Software enables a network administrator to deploy or manage a
network, restrict access to a network.
• Examples of network hardware are routers, switches, firewalls, NICs,
bridges, cables, modems, etc. Operating systems and protocol suites are
examples of network software.
• There are mainly two dimensions of network hardware that helps to
describe the scope of the network. They are Transmission Technology and
Scale.
• To understand network software structure better, 5 main software
structuring techniques are used:
• Protocol Hierarchies
• Design Issues for the layers
• Connection-oriented and Connectionless
• Service primitives
• Relationship of Services to protocol
• Network hardware allows newly created computer networks to connect to
the Internet.
• Network Software provides reliability on a network to the users.
Network Devices

• Network devices operate in different layers, and they use different

information needed for communication.
• Repeater, Hub, Bridge, NIC, Switch, Router, Firewall, Gateway, Client,
and Server are the network devices used on a network for communication.
• Repeaters and hubs are physical layer devices. Repeaters are used to
regenerate weak signals. The hub is known as a multiport repeater.
• Bridge, NIC, and Switch are data link layer devices. The bridge device acts
as a bridge between two LANs and helps to connect them to transmit data
with each other.
• Switches can be classified in two ways, layer-2 switches, and layer-3
switches. Layer-2 and Layer-3 switches are used at the data link layer and
the network layer, respectively.
• A router is a hardware and software-based device, like a switch. It works
at the network layer and forwards the packets on the network based on the
IP address.
• A firewall protects the LAN by filtering out bad and good packets and
prevents unwanted packets from entering the LAN.
• Gateway works at Transport Layer and Application Layer. Devices using
different models for communication can be connected using gateways.

Network Performance Parameters

• The amount of time in which data is transmitted from sender to receiver,

the speed at which data travels along the communication path, and the
delay between communication devices over the network, is known as
performance.
• There are 4 types of network performance parameters as follows:
• Bandwidth
• Throughput
• Delay or Latency
• Jitter
• Bandwidth is the maximum capacity of data that can travel over a network
between communication devices at a specific time. We can measure
bandwidth in terms of Hertz (Hz) and bits per second (bps).
• Analog signal bandwidth and digital signal bandwidth can be measured as
follows:
• Analog signal bandwidth = Highest frequency signal – Lowest
frequency signal
• Digital signal bandwidth = Bits transmitted over a communication
channel in a second.
• Throughput tells you how much actual data travels over a communication
channel in a specific amount of time. It can be measured as follows:
• Throughput = (frames * average of bits) / seconds
• Delay is the total time taken by the entire data to reach the receiver from
the sender. Propagation time, Transmission time, Queuing time, and
Processing time are 4 types of Delays.
• Total Delay can be calculated as,
• Total Delay = Propagation time + Transmission time + Queuing time
+ Process delay
• Jitter is a kind of delay that describes the variation of time in the data
received at the receiver. Jitter can occur due to heavy traffic on a network
or due to a broken link

OSI

• OSI (Open System Interconnection) was developed by ISO which consists

of seven layers that cover all aspects of a computer network.
• The OSI model consists of the following seven layers:
1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
5. Network Layer
6. Data Link Layer
7. Physical Layer
• The application layer provides services and user interface to the user.
• The presentation layer is responsible for Translation, Encryption, and Data
compression.
• The session layer manages data exchange and dialog control. It also
providessynchronization of data.
• The transport layer is responsible for process-to-process delivery and
divides the data into smaller segments. It consists of two protocols to
transfer data which are TCP and UDP.
• The network layer is responsible for host-to-host delivery and converts
segments into packets received from the transport layer. It uses the IP
address to store and forward the packets using the router.
• The data link layer is responsible for hop-to-hop delivery. It converts
packets received from the network layer into frames.
• The physical layer is responsible for converting the frame into a stream of
bits.
TCP/IP Model

• TCP/IP was developed by the US DoD (Department of Defense) to provide

interoperability between devices.
• The TCP/IP model is practically implemented over the network, so
whenever a client or device makes a request over the network the TCP/IP
protocol model is used.
• The TCP/IP model has 4 layers as follows:
1. Application Layer
2. Transport/Host-to-Host Layer
3. Internet Layer
4. Network Access Layer
• In the TCP/IP model, the function of TCP is to establish a connection
between two devices using a three-way handshake. And the function of IP
is to define the path for communication.
• Internet Protocol (IP) address is used to provide logical transmission of
data over a network using best-effort delivery at the Internet layer.
• The network access layer is a combination of the data link layer and the
physical layer. The network access layer performs the functions of both the
data link layer and the physical layer.
• TCP/IP resolves network issues such as routing, addressing, DNS
resolution, flow and error control, and interoperability.

Types of Addressing Modes in TCP/IP Model

• Addressing means assigning an address to a client or process or server or

any other device so that successful communication can be established and
devices can communicate with each other correctly.
• Physical (MAC) address, logical (IP) address, port address, and specific
address are types of addressing.
• The MAC address works at the network access layer of the TCP/IP model
to understand the frame. MAC addresses are also used to transmit data if
the sender and receiver are on the same network.
• The Logical or IP address operates at the Internet layer, which is used to
identify hosts uniquely on the network and is responsible for sending
packets from sender to receiver.
• The port address works at the transport layer and is used to identify the
processes running on the host machine.
• The MAC address is a 48-bit number, the IP address is a 32-bit number,
and the port number can be anything between 0 and 65,535.
• The specific address is a part of the application layer. It has some specific
meaning and can be easily understood by users. An email address such
as “abc@[Link]” is an example of a specific address.
Physical Layer in OSI Model

• The physical layer provides the media by which network devices can
physically connect to the network. The physical layer is also responsible
for converting the frame into a stream of bits.
• The physical layer has the following responsibilities:
• Representation and synchronization of bits
• Data rate and line configuration
• Physical topology
• Transmission mode and transmission media
• The physical layer provides the encoding method that is used to combine
bits to form a pattern that can be easily recognized by the sender and
receiver.
• The physical layer adds synchronization clocks to the data so that the data
encoded by the sender can be correctly decoded by the receiver.
• The data rate tells you how fast the sender sent bits per second over the
communication channel to the receiver. The data rate is measured in terms
of bandwidth.
• Point-to-point and multipoint connections are two types of line
configurations that establish a path for communication between
communication devices.
• Bus, Star, Ring, Mesh, and Tree are the 5 types of topologies used on a
network. Tree topology is the most commonly used topology in a network.
• Transmission media is a way to physically connect a device to a network.
Guided (wired) media and unguided (wireless) media are two types of
transmission media.
• Transmission mode defines the mode of transmission over the
communication channel, and the transmission mode can be simplex, half-
duplex or full-duplex.

Guided Media

• Connecting end devices to intermediary devices using cables on a network

is known as a guided network.
• Guided media uses Ethernet NICs to connect to the network, while
unguided media uses wireless LAN NICs to connect to the network.
• There are 3 types of guided media as follows:
1. Twisted-pair cable
2. Coaxial cable
 3. Fiber-optic cable
• Twisted pair cable is made up of two insulated copper cables that are
twisted together in a helical form to prevent crosstalk and physical damage.
It is used to transmit bits from the sender’s physical layer to the receiver’s
physical layer. UTP and STP are types of twisted pair cable.
• Coaxial cable has two conductors, the inner conductor and the outer
conductor. The inner conductor of the coaxial cable transmits electronic
signals, and the outer conductor is used to prevent noise on the channel.
• Fiber optic cables are made of glass and transmit bits in the form of light
over the communication channel. SMF and MMF are types of fiber optic
cables.
• Twisted pair cables are used to connect end devices to intermediary
devices, coaxial cables are used for radio frequency signals and voice
communication, and fiber optic cables are used for long-distance
transmissions.

Unguided Media

• The medium which transmits signals in the form of electromagnetic waves

without using any physical conductor is known as unguided media.
• Wireless NICs are used when unguided media is used to connect devices
to the network.
• Radio Waves, Microwaves, and Infrared waves are the types of unguided
media.
• Radio waves, microwaves, and infrared waves range from 3 kHz to 1 GHz,
1 GHz to 300 GHz, and 300 GHz to 400 THz, respectively.
• Radio waves are used for long-distance communications such as
broadcasting, microwaves are used for unicasting purposes such as voice
communication, and infrared waves are used for short-distance
communications such as controlling a TV with a remote.
• Radio waves can penetrate the wall, while microwaves and infrared waves
cannot penetrate the wall.
• Ground propagation, sky propagation, and line-of-sight propagation are
types of propagation used when the signal is traveling from sender to
receiver.
• Unguided media have no physical shield, like guided media, so there is a
possibility of unauthorized access to the communication channel, due to
which network administrators have to check the network regularly.
Data Link Layer

• The main purpose of the data link layer is to provide NIC-to-NIC or hop-
to-hop communication. It describes how access to the network is controlled
using access control mechanisms.
• The responsibilities of the data link layer are described as follows:
1. Framing
2. Addressing
3. Flow and Error control
4. Media access control
• Data Link Layer communicates with the network layer and receives IPv4
or IPv6 packets from the network layer. The data link layer then converts
the packet into a frame that reaches the physical layer.
• The data link layer uses physical (MAC) addresses to transmit frames from
sender to receiver. The MAC address is divided into two parts that are
“organization unique identifier” and the “unique part”.
• Multiple devices simultaneously attempt to access a communication
channel on a network for communication purposes, but which devices will
gain access to the channel is decided by the access control mechanism.
• In the data link layer, flow control and error control take place between
network devices.
• There are two types of sub-layers in the data link layer and they are:
1. Logical Link Control (LLC)
2. Media Access Control (MAC)
• Ethernet, 802.11 Wireless, High-Level Data Link Control (HDLC), Frame
Relay, Point-to-Point Protocol, and X.25 are the protocols of the data link
layer.

Framing in Data Link Layer

• The data link layer communicates with the network layer and receives IP
packets from it. After receiving the packets, the data link layer converts
them into frames and sends them to the physical layer.
• The frame consists of three parts, the header, data, and trailer. The frame
structure and size vary according to the protocol being used.
• Frame start, addressing, type, and control are the fields of the header. Error
detection and frame stop are the fields of the trailer.
• There are two types of frames as follows:
1. Fixed-Size Framing
2. Variable-Size Framing
• Four methods are used for dividing the frames. They are as follows:
1. Byte Count
2. Flag Bytes with Byte Stuffing
 3. Flag Bits with Bit Stuffing
4. Physical Layer Coding Violations.
• In the byte count method, when the frame reaches the receiver, the receiver
checks the byte count and based on that, it knows the number of bytes in
the frame and the start and end of the frame.
• In flag bytes with byte stuffing, the start flag describes the start of the
frame, and the end flag describes the end of the current frame and the start
of the next frame.
• In flag bytes with bit stuffing, framing is done with bits instead of bytes.
The flag byte starts and ends with a special sequence of bits which is
01111110 in a frame.
• In physical layer coding violations, High-High (11) and Low-Low (00) are
error codes used as escapes to differentiate data link layer frames.

Error Detection and Error Correction

• Data loss or corruption that occurs during transmission on a channel is

known as error. There are 2 types of errors:
1. Single-bit error
2. Burst error
• In a single-bit error, only one bit is changed during transmission, whereas
in a burst error, several bits are changed./li>
• Error detection is the situation when the message received does not match
the message sent by the sender.
• Three types of error-detection codes are used to detect errors in
communication:
1. Parity Bit
2. Checksum
3. Cyclic Redundancy Check (CRC)
• In the Parity bit method, an additional bit is added to each word to make
error detection possible on the communication channel.
• The checksum is the complement of the total of all the code-words. The
checksum is placed at the end of the message.
• Error correction can be done in two ways:
1. Backward Error Correction
2. Forward Error Correction
• There are four main methods of Forward-Error correction:
1. Hamming Codes
2. Binary Convolution Codes
3. Reed-Solomon Codes
4. Low-Density Parity-Check Codes
Elementary Data Link Protocols

• The Elementary data link protocols help the data link layer solve problems
such as frame loss or damage and flow control.
• Since the Elementary data link protocol is used at the data link layer, the
data link layer also controls access to the network layer. The data link layer
decides when to enable the network layer to send packets to prevent it from
swamping packets with them.
• There are 3 Elementary data link protocols as follows.
1. Utopian Simplex Protocol
2. Simplex Stop-and-Wait Protocol for a Noiseless Channel
3. Simplex Stop-and-Wait Protocol for a Noisy channel
• In the utopian simplex protocol, data transmission is unidirectional and has
no flow control and error control restrictions. Frames are not lost during
transmission in the utopian simplex protocol.
• In a stop-and-wait protocol, the sender stops after sending a frame to the
receiver and waits for an acknowledgment before sending another frame.
For a noiseless channel, the channel is error-free but does not control the
flow of data.
• Frames can be transmitted to or received from the sender or receiver, so
the simplex stop-and-wait protocol is bidirectional.
• On the noisy channel, the simplex stop-and-wait is in the general situation,
in which flow control and error control mechanisms functioning.

Sliding Window Protocols

• In the sliding window protocol, the sender and receiver use the same link
to send frames and acknowledgements for data in both directions.
• The sender has a sending window, and the receiver has a receiving window.
On the sender and receiver side, frames are stored in the sending and
receiving windows, respectively.
• There are total 6 types of acknowledgement as follows:
1. Positive Acknowledgement
2. Negative Acknowledgement
3. Lost Acknowledgement
4. Independent Acknowledgement
5. Cumulative Acknowledgement
6. Delayed Acknowledgement
• There are 3 types of sliding window protocols used for flow control.
1. Stop-and-Wait ARQ Protocol
2. Go-Back-N ARQ Protocol
3. Selective Repeat ARQ Protocol
 • In the Stop-and-Wait ARQ protocol, the sender transmits one frame and
waits for an acknowledgement from the receiver before sending the next
one.
• The Go-Back-N ARQ protocol does not accept corrupted and out-of-order
frames and silently discards them.
• Similar to the Go-Back-N ARQ protocol, the Selective ARQ protocol also
does not accept corrupted frames. But, the selective repeat ARQ protocol
does not silently discard corrupted frames.
• Sending and Receiving window sizes are 1, N and 1, and N in Stop-and-
Wait ARQ Protocol, Go-Back-N ARQ Protocol, and Selective Repeat ARQ
Protocol, respectively.

High-Level Data Link Control Protocol

• HDLC is the protocol of the data link layer. It organizes the data in the form
of frames. HDLC is a bit-oriented protocol and is applicable for point-to-
point and multipoint connections.
• The HDLC protocol can be used in wide area networks. Similar to
Ethernet, PPP, and frame relay protocols, HDLC also transmits frames
from sender to receiver.
• Two types of transfer modes are provided by HDLC that can be used in
various configurations:
1. Normal Response Mode (NRM)
2. Asynchronous Balanced Mode (ABM)
• In NRM and ABM, the station configuration is unbalanced and balanced,
respectively.
• Flag, Address, Control, Payload/Data, and Frame Check Sequence (FCS)
are the fields of HDLC Frame.
• To support all possible options of NRM and ABM, 3 types of HDLC frames
provide flexibility between devices.
1. Information Frames (I-Frames)
2. Supervisory Frames (S-Frames)
3. Unnumbered Frames (U-Frames)
• I-Frames, S-Frames, and U-Frames are used for carrying user data,
transmitting control information, and exchanging session management and
control information, respectively.
• If the first bit of the control field is set to 0, it is an I-frame. If the first two
bits of the control fields are 10 and 11, these are S-frames and U-frames,
respectively.
Network Layer

• The network layer (layer-3) is one of the seven layers of the OSI reference
model. The main purpose of the network layer is to transmit packets from
one device to another.
• Encapsulation and de-encapsulation, IP Addressing, Connectionless
services, and Routing Decision are the services and responsibilities of the
network layer.
• The network layer converts the segments into packets by adding an IP
header, which is known as encapsulation. The network layer converts the
frame into packets by removing the frame header and trailer, a process
known as de-encapsulation.
• The network layer understands IP addresses, so packets travel over a
network through several routers to reach the receiver, depending on the
receiver’s IP address.
• In the network layer, IP uses a connectionless service which means there
is no need to establish a dedicated path between the sender and the receiver
before sending the data.
• The network layer communicates with the transport layer and uses the TCP
protocol to track the information of packets sent to the receiver.
• The routing decision is made by the router, in which the router decides the
best and optimal path to send the packets from sender to receiver.
• The protocols of the network layer are as follows:
1. Internet Protocols
2. Routing Protocols
3. Address Mapping Protocols
4. Error Reporting Protocols

Connectionless and Connection-Oriented Services

• The network layer provides a connectionless and connection-oriented

service to the transport layer for communication.
• In a connectionless service, packets sent by the sender are individually
injected into the network that travels through different routes. There is no
need for an advanced path setup in a connectionless service to transmit the
packets.
• In connectionless service, packets are called datagrams, and the network
used to transmit packets is known as datagram networks.
• In connection-oriented service, a predetermined path for communication is
established before communication takes place between devices.
• The path established between sender and receiver is known as a virtual
circuit, and the network used to transmit packets is known as a virtual-
circuit network.
 • In a virtual-circuit network, resources (buffers, bandwidth, and CPU) are
reserved when a connection is established between devices. In datagram
networks, there are no reserved resources.
• IP protocol at the network layer and UDP protocol at the transport layer
uses connectionless service. TCP, X.25, and Frame Relay use the
connection-oriented service.

Optimality Principle in Computer Networks

• If the optimal and shortest path technique is chosen for sending the packets,
the delay will be reduced, increasing the quality of services on the network.
• Optimality, Shortest Path, and Flooding are techniques used by routers
before using routing protocols.
• In optimality principle, the router creates a routing table, lists the optimal
routes, and selects the best optimal path to send the packets.
• The shortest path is the path that has the minimum number of edges. Labels
on the edges can be calculated as a function of distance, bandwidth, traffic,
cost, delay, etc.
• In Dijkstra, no path is known at the beginning, so all nodes have an infinite
value. As the algorithm works, paths are found, the value of the link
changes, indicating better paths.
• In the flooding technique, each packet has a hop counter in the header field.
The hop counter is decremented on each hop. As soon as the hop counter
reaches zero, the packet is discarded on a network.
• Flooding ensures that the packet sent by the router reaches every node of
the network. In simple words, flooding is effective if the router wants to
broadcast information.

Congestion Control

• The congestion is a condition where the packet load is more than the load
the network can handle.
• The congestion affects the performance of the network, so in the
congestion control mechanism, delay and throughput are used to measure
the performance of the network.
• Network provisioning, Traffic-aware routing, Admission control, Traffic
Throttling, and Load Shedding are the approaches to congestion control.
• In network provisioning, the network is constructed in such a way that it
can handle pre-determined traffic.
• Admission control is a mechanism used to prevent congestion in
connection-oriented networks. Leaky bucket and Token bucket are
techniques of admission control.
 • The traffic throttling approach is used on both datagram networks and
virtual-circuit networks. To respond to congestion, routers use different
schemes. They are as follows:
o Choke Packets
o Explicit Congestion Notification
o Hop-by-Hop Backpressure
• When none of the above methods work to prevent congestion on the
network, the router starts discarding packets to balance the network. This
is known as load shedding.
• Random Early Detection (RED) is the load shedding method used to
determine when to discard packets.

Internet Protocol (IP)

• Internet Protocol is the primary protocol of the network layer. It uses a best-
effort mechanism to transport packets from source to destination.
• IP does not track and maintain the flow of packets. There are two versions
of IP, one is IPv4 (IP version-4), and the other is IPv6 (IP version-6).
• An IPv4 address is 32 bit number which means that there are a total of
232 (4,294,967,296) IPv4 addresses. IPv4 consists of a network portion and
a host portion.
• When a device receives a unique IPv4 address, it has a subnet mask that
separates the network and host portions of the IPv4 address. Using the
subnet mask, the router determines the network address of the device.
• There are three types of IP addresses: network address, host address, and
broadcast address.
• IPv4 addresses are divided into five classes that are A, B, C, D, and E. Each
class has a different number of IPv4 addresses. By looking at the first byte
of the IP address, we can determine the class of the IP address.
• The IETF (Internet Engineering Task Force) developed IPv6 to correct the
limitations of IPv4 because there are not enough IPv4 addresses to
accommodate the development.
• Global unicast, link-local, loopback, unspecified and unique local
addresses are IPv6 unicast addresses.

Internetworking

• Internetworking is the concept where different types of networks are

interconnected so that users on the network can communicate with other
users on different networks.
• When a sender sent the packet to the receiver, it travels through various
networks known as foreign networks to reach the receiver.
 • To connect different types of networks, we can build devices that convert
packets from one type of network to another. The devices that convert the
packets are placed at the boundaries of the network.
• The tunneling process is used when the source and destination hosts have
the same type of network, but a different type of network exists between
them. Tunneling is the process widely used to connect different networks
or isolated hosts.
• Different networks use different routing algorithms to process packets. For
example, one network use link-state routing, and another network use a
distance vector routing algorithm.
• The payload or data size in an Ethernet, 802.11, and IP is 1500 bytes, 2272
bytes, and 65,1515 bytes, respectively.
• When the packet is broken into smaller fragments, two strategies are used
to recombining the fragments to the original packet. They are transparent
and non-transparent fragmentation.

Ethernet

• Ethernet is a technology that works at the data link layer and the physical
layer. Ethernet is defined by the protocols used at the data link layer and
the physical layer.
• There are two types of Ethernet in today’s networks, Classic Ethernet and
Switched Ethernet. Classic Ethernet solves the multiple access problem. In
switched Ethernet, the switch connects different computers.
• IEEE 802.3, 802.11, and 802.15, etc., are the standards used in the MAC
sub-layer, the MAC sub-layer implemented in the device’s hardware.
• Preamble, destination and source address, type, payload, padding, and error
detection mechanism are the fields of the Ethernet frame.
• With the help of Switched Ethernet, one can deal with network congestion.
The switch looks like a hub and has 4 to 48 ports, each with a standard RJ-
45 connector for twisted-pair cables.
• The switch advertises the frame, learns the MAC addresses of the devices,
and dynamically builds a MAC address table.
• IEEE 802.3u standard is known as Fast Ethernet. Fast Ethernet provides 10
– 100 Mbps speed for transmission.
• Fast Ethernet can be used in UTP or STP category 5, UTP category 4, and
fiber. It can travel up to 100 meters in twisted pairs and up to 2000 meters
in fiber optic cables.
• IEEE 802.3z, 802.3ab, and 802.3ae are the Gigabit standards. Fiber-short
wave, fiber long-wave, STP, Category 5 UTP Gigabit Ethernet cables are
used for travel up to 550m, 5000m, 25m, and 100m, respectively.
Distance Vector Routing & Link State Routing

• Routing algorithms ensure correctness, simplicity, robustness, consistency,

fairness, and efficiency when a route is chosen to send packets.
• Several routing protocols are used to make routing decisions. In this, we
have seen two dynamic routing algorithms, distance vector routing, and
link-state routing.
• In the DVR algorithm, the routing table has two entries, the outgoing line
used for the destination and the estimated distance to the destination.
• If the DVR is using the delay metric and each router knows the delay it
takes to reach each of its neighbors, each router sends a list of its estimated
delays to each destination after every t milli-second. Based on the delay,
the router finds the best path to send packets.
• The count-to-infinity problem often takes a long time to converge once the
network topology is changed. Consequently, the DVR algorithm is
replaced by link-state routing.
• The link-state routing algorithm performs the four steps as follows:
1. Learning about the neighbors
2. Setting Link Costs
3. Building Link State Packets
4. Distributing the Link State Packets

OSPF & BGP

• OSPF is an Interior Gateway Protocol (IGP) used within Autonomous

Systems (AS) to find the shortest path based on link-state updates and cost
metrics.
• BGP is an Exterior Gateway Protocol (EGP) used between ASes on the
Internet, employing a path vector algorithm and TCP for reliable
communication.
• OSPF uses the Shortest Path First (SPF) algorithm for path calculation,
while BGP uses the Path Vector Algorithm.
• OSPF operates within an AS, while BGP operates between ASes.
• OSPF supports areas and a backbone area for hierarchical network design,
whereas BGP has a hierarchical structure without the concept of areas.

OSPF

• On the Internet, many networks exist, and all of them are independent in
nature. An independent network is known as an autonomous system (AS
or ASes).
 • The OSPF algorithm supports a variety of distance metrics, including
physical distance, delay, hop, etc. It is a dynamic algorithm so that it can
automatically update its routing tables when the network topology changes.
• HELLO, LINK STATE UPDATE, LINK STATE ACK, DATABASE
DESCRIPTION, and LINK STATE REQUEST are the five types of OSPF
messages.
• OSPF creates the set of shortest paths, and when a packet is forwarded by
the sender, OSPF divides the traffic into shortest paths, which balances the
load of the network. This process is known as Equal Cost Multipath
(ECMP).

OSPF and BGP

• BGP is an interdomain routing protocol, designed to allow a variety of

routing policies to be implemented between autonomous systems.
• BGP keeps track of the path used along with the cost of the route to each
destination. This is known as path-vector routing.
• BGP routers select routes based on various criteria, including AS path
length, origin type (e.g., customer, peer, provider), and route cost. These
criteria are specified in routing policies to optimize network performance
and efficiency.
• Many organizations connect to multiple ISPs to improve reliability. If one
path fails, traffic can automatically reroute through another ISP, ensuring
continuous connectivity. This is known as multihoming and is supported
by BGP.

Transport Layer

• The logical communication between the sender’s applications and the

receiver’s applications is the responsibility of the transport layer. Its main
objective is process-to-process delivery.
• The transport layer communicates with the network layer and uses the
services provided by the network layer to achieve efficient, reliable, and
cost-effective data transmission service.
• The transport layer has the following responsibilities.
• Process-to-process delivery
• Tracking Individual Conversions
• Segmentation and Reassemble
• Reliable and Unreliable Communication
• Error Control and Flow Control
• The port address helps the transport layer to choose a process among
multiple processes running on the destination device.
 • In the transport layer, the data that flows from the sender process to the
receiver process is known as conversation. The conversion is tracked
separately by the transport layer.
• The transport layer provides two types of communication, reliable and
unreliable. Reliable communications are slow and complex, while
unreliable communications are faster and not overly complicated.
• The error control mechanism is used to check whether the sent data has
successfully reached the destination. The flow control mechanism manages
the flow of data sent to the network.
Multiplexing and Demultiplexing

• Multiplexing is a mechanism in which multiple conversations are shared

over a connection, a virtual circuit. Multiplexing is important in the
transport layer.
• Multiplexing mechanisms are used when a host has multiple network paths
that it can use. Partitioning allows the transport layer to multiplex.
• De-multiplexing is used when more bandwidth or reliability is needed to
send packets to the user. It split the traffic into multiple network paths based
on a multiplexing round-robin algorithm.
• De-Multiplexing in TCP uses a four-tuple to identify connections and
allows multiple applications to run simultaneously.
• Stream Control Transmission Protocol (SCTP) exemplifies de-
multiplexing or inverse multiplexing, splitting traffic into multiple network
paths.

Crash Recovery in Transport Layer

• No matter how well the client and the server are programmed, there are
situations in which the transport layer’s protocols fail to fine-tune.
• On the server, three events are possible that are sending an
acknowledgment (A), writing to an output process (W), and crashing (C).
• If the higher layer has sufficient status information of the crashed server,
then the status information is used to restore where the server was before
the problem occurred.

User Datagram Protocol

• UDP sends packets from sender to receiver and the path between sender
and receiver is not established. UDP does not guarantee packet delivery.
• Generally, when UDP is used for communication, there is less interaction
between sender and receiver, which increases the transmit data rate.
 • UDP Header has only four fields so it is simpler than the TCP header. The
fixed-size of UDP header is 8 bytes. In UDP, a block of communication is
known as a datagram or segment.
• The source and destination port numbers, total length, and checksum are
the fields of the UDP header.
• UDP does not have a flow control mechanism and therefore does not use
any algorithms to control overflow.
• Incoming and outgoing queues are created in client and server machines
when client and server mechanisms are used.
• When RPC is used, the client machine process calls a procedure on the
server by sending a UDP packet. Then the client process is suspended, and
the server process executes.
• DHCP, DNS, TFTP, SNMP, VoIP, and RIP can use UDP service for
communication.

Transmission Control Protocol (TCP)

• TCP is one of the protocols of the transport layer. It is a reliable and

connection-oriented protocol. Originally, it is designed to provide reliable
communication over an unreliable network.
• TCP has the functionality to establish a session between sender and
receiver. It provides reliable communication, same-order delivery, and
flow control.
• The source and destination ports, sequence and acknowledgment numbers,
header length, reserved and control bits, window, checksum, urgent,
options, and application layer data are the fields of TCP headers.
• On the network, when the client and the server want to communicate, they
use a three-way handshake mechanism.
• To terminate a TCP connection, there is a two-way handshake mechanism
in which the FIN and ACK flags are used.
• When two devices want to communicate, they create endpoints for
communication and transmission of data, known as sockets. A socket has
an IP address and a port address.
• If the client does not have a flow and error control mechanism, it can use
the TCP protocol because TCP handles flow and error control.

TCP Flow Control

• Flow control is the major problem on networks, but TCP provides a way to
manage the flow of data so that devices don’t overload.
• When a segment is lost on a network, the sequence number and the
acknowledgment number are used for retransmission.
 • If we use exceptional acknowledgment, the duplicate segment may be
received by the receiver. To solve this problem, we use selective
acknowledgment.
• Flow control is used to maintain the reliability of TCP transmissions by
adjusting the flow of data. To achieve flow control, the window size field
of the TCP header is used, which is 16-bit.
• If TCP segment acknowledgment is not received, the sender reduces the
flow of data.
• Checksum, acknowledgment, and time-out are used for error detection and
correction in TCP.
Application Layer

• Services like electronic mail, file transfer, web access, system resource
access, and remote login, etc., are provided by the application layer.
• The application layer is the layer that interacts with end-user closely and
provides interfaces between applications.
• HTTP, HTTPS, FTP, TFTP, DNS, DHCP, SSH, TELNET, IMAP, SMTP,
POP, etc. are protocols of the application layer.
• The presentation layer and session layer are part of the application layer.
When the application layer runs, the presentation layer and session layer
activities are also involved in the process.
• In a peer-to-peer connection, the devices do not require a dedicated server.
A peer-to-peer network has two parts, a P2P network, and a P2P
application.
• HTTP and HTTPS are used for web services, FTP and TFTP are used for
file-sharing services, SMTP, POP, and IMAP are used for mail services,
and TELNET and SSH are used for remote login.

Domain Name System (DNS)

• DNS is designed to convert 32-bit numeric IP address into a simple, easy,

and recognizable name.
• When a user types a website name, the DNS server finds the IP address of
that website and displays the result of the query.
• Flat Name Space and Hierarchical Name Space are the two types of Name
Spaces.
• To have a hierarchical namespace, the domain namespace is used. We can
define the name as an inverted tree structure with a root. The tree has a
maximum of 128 levels.
• The domain name that ends with a null string is known as FQDN, and the
domain name, which does not end with a null string is known as PQDN.
• The primary server loads all the information from its local disk, and the
secondary server receives all the information from the primary server.
 • The domain namespace on the network is divided into generic domains,
country domains, and inverse domains.
• Query and response are two types of DNS messages, and both are of the
same format. Query and response both contain some information.

Network Security

• Network security comes about to ensure that unwanted users or

unauthorized users cannot read or modify messages during transmission,
which are intended for other receivers.
• Adversaries can be students, crackers, professional hackers, terrorists,
stockbrokers, ex-employees of the company, etc., which can cause security
problems.
• When an attacker gains access to the network, security threats such as
information theft, identity theft, and denial of service can arise.
• Media security, link encryption, packet filtering, end-to-end security, and
authentication are performed in the physical layer, data link layer, network
layer, transport layer, and application layer, respectively.
• The most effective way to prevent data loss of the network and keep it
working is to regularly backup device configurations.
• When a new malware or virus is released, the organization needs to update
all tools, to resolve bugs and protect against network attacks.
• When security is configured on all end devices, employees using those end
devices to interact with the network should also be aware of the security
policy rules.

Firewall

• Security is needed to prevent unauthorized access to resources and

information to company data, and this can be achieved by deploying a
firewall.
• A stateful firewall is a type of firewall that uses TCP/IP header fields to
manage and keep track of connections.
• Most firewalls and some common routers have VPN capability that
provides a secure tunnel for communication.
• Filtering techniques like packet, application, and URL filtering help control
network access.
• Next-Generation Firewalls (NGFWs) include advanced features like deep
packet inspection and intrusion prevention systems (IPS).
• Firewalls can introduce latency in network communications, especially
during deep packet inspection.
• Implementing a firewall is generally more cost-effective than dealing with
the aftermath of a security breach.
VPNs

• VPNs create secure, encrypted connections over less secure networks like
the internet to ensure online privacy and security.
• They enable individuals and organizations to protect sensitive data,
maintain privacy, and bypass geographical restrictions online.
• Virtual Private Networks (VPNs) evolved from the need for secure internet
connections similar to private networks.
• VPNs establish secure tunnels for communication, often managed by
firewalls or routers.
• When connected to a VPN, your data is transmitted in an encrypted format,
enhancing security.
• VPN servers act as intermediaries between your device and the internet,
masking your IP address and location.
• VPNs can help access geo-restricted content and bypass censorship in
some countries.
• Common VPN protocols include OpenVPN, IPsec, L2TP/IPsec, SSTP, and
WireGuard, each with unique features and strengths.

Wireless Security

• Wireless security protects networks, devices, and data from unauthorized

access and attacks using encryption, authentication, access control, and
network segmentation to ensure confidentiality, integrity, and availability.
• When a device transmits data to another device, encryption must be done
to protect the data from malicious attacks. The encryption in wireless
network can be done using WEP and WPA.
• WPA and WPA2 are advanced security protocols. WEP had serious security
issues, so WPA was introduced and replaced WEP.
• If you use WPA2 security for personal work, you can use WPA2-PSK
which is a pre-shared key.
• The session key is used for a particular amount of time, known as a session.
The session key is used as long as the user is communicating over a
wireless network.
• Bluetooth security is maintained in applications that require entering a PIN
code from the keyboard to complete a transaction.

Email Security

• Email security is crucial to protect email content as it traverses various

paths and machines, ensuring that only the intended recipient can read it.
 • Pretty Good Privacy (PGP) and S/MIME (Secure Multipurpose Internet
Mail Extensions) are cryptographic algorithms that provide email security.
• PGP is built for email security and provides privacy, authentication, digital
signature, and compression mechanisms.
• S/MIME provides authentication, data integrity, confidentiality, and non-
repudiation. Like PGP, S/MIME also supports various cryptographic
algorithms. Therefore, it is flexible.

Web Security

• Web security addresses how resources are named securely, how to establish
secure and authenticated connections, and the handling of executable code
sent by websites.
• The DNSsec (DNS Security) project is designed to provide security to
DNS servers. DNSsec is based on public-key cryptography, and each zone
has a public/private key pair.
• SSL creates an end-to-end secure connection between two sockets that
include parameters negotiated between the client and the server,
authentication of the server by the client, confidential communication, and
data integrity protection.
• Web pages today contain small executable programs such as Java applets,
ActiveX controls, and JavaScript. Running these codes on mobile is a
security risk. Java Applet Security, ActiveX, and Browser Extensions are
used to prevent security risk.

Active Attack and Passive Attacks

• In a passive attack, the attacker can only read the data and cannot modify
it.
• In an active attack, the attacker can modify and send the data to the
receiver.
• Message content release and traffic analysis are passive attacks, while
replay attacks, message modification, denial of service (DoS), and
masquerade are active attacks.
• The attacker can view the confidential information of the hosts in a
message content release attack, whereas, in traffic analysis, he cannot see
the data but can analyze the traffic.
• The attacker can enable a replay attack by using ARP spoofing or by
sending malicious code to the end device.
 • In message modification, the attacker modifies the message by flipping bits
or adding malicious code or generating noise. Message modification
compromises the Message Confidentiality and Message Integrity.
• In DoS attack, the attacker floods the server with the fake IP addresses,
gains access to all of the server’s resources, and the server denies all other
users access to the resources.
• In Masquerade attack, the attacker gains access to an authorized user and
uses it to pretend that he is an authorized user.

Cryptography

• Cryptography prevents data from reaching an intruder, since the data is

encrypted, the intruder will not be able to decipher the data because he does
not have the key.
• Encryption means converting human-readable data into ciphertext.
Decryption means decrypting the ciphertext into the original message.
• Symmetric key (secret key) and asymmetric key (private key and public
key) cryptography algorithms are categories of cryptography algorithms.
• Substitution ciphers are encryption methods, used to encrypt data. In this
method, each letter or group of letters in the plain text is replaced by
another letter or group of letters.
• In a transposition cipher, the plaintext is rearranged and forms the
ciphertext. Here, we have not replaced the plaintext letters with other
letters, we are only replacing them key-wise.
• In One Time Padding, the plaintext is converted to a bitstream, and the
XOR operation is performed between the plaintext bit string and the key
bit string, bit-by-bit. As a result, we get a ciphertext that cannot be broken.

Block Cipher Modes of Operation

• Electronic Code Book Mode, Cipher Block Chaining Mode, Cipher

Feedback Mode, Stream Cipher Mode, and Counter Mode are the five
types of cipher modes.
• In ECB, large plaintext is divided into consecutive 64 bit or 8 bytes blocks,
and the same key is used to encrypt them one after the other. This is known
as Electronic Code Book Mode (ECB).
• In Cipher Block Chaining mode, the XOR operation is performed between
the plaintext block and the previous ciphertext block that has been
encrypted.
• Cipher Feedback Mode, Stream Cipher Mode, and Counter Mode are used
to convert the block cipher into stream cipher and to eliminate the padding
operations.
Security Services

• The message confidentiality, message integrity, message authentication,

nonrepudiation, and entity authentication are security services.
• We can achieve confidentiality in two ways: symmetric-key cryptography
and asymmetric-key cryptography.
• Neither document nor fingerprint needs to be secret, whereas message and
message digest are separate, and message digest must be secret.
• Message Authentication Code (MAC) and Hashed-MAC (HMAC) are
used for message authentication.
• The signature of one message cannot be used in another message, it is a
one-to-one relationship.
• A digital signature can be obtained by signing the document or by signing
the message digest of the document.
• An entity can be a person, client, server, process, or any end device. The
terms verifier and claimant are used in entity authentication.

Channel Allocation Problem

• Allocating channels to specific devices for communication is known as

channel allocation. Data Link Layer is responsible for allocating a channel
among the devices.
• Static Channel Allocation and Dynamic Channel Allocation are the channel
allocation schemes.
• In static channel allocation, the bandwidth is divided into equal-sized
portions, with each user being assigned a portion of the bandwidth.
• In dynamic channel allocation, the frequency is allocated to the devices
when it is needed on the network.
• In single-channel allocation, most of the channels are idle most of the time.
To overcome this problem, we can use dynamic channel allocation, in
which the bandwidth is not allocated to the device permanently.
• Independent Traffic, Single Channel, Observable Collisions, Continuous
or Slotted Time, and Carrier Sense or No Carrier Sense are the five
assumptions of the Dynamic channel allocation.

Random Access Protocols

• In random access, no device is superior to any other device connected to a

channel, and no device has control over the other device.
• The two random access protocols are as follows:
1. ALOHA
2. CSMA
 • ALOHA is applicable for systems in which uncoordinated devices are
competing for access to a shared channel. There are two types of Aloha
methods as follows:
1. Pure ALOHA
2. Slotted ALOHA
• In a pure ALOHA system, devices can transmit data whenever they have
data to send. In slotted ALOHA, time is divided into Tfr slots, so the
device can only send at the beginning of the time slot.
• Pure ALOHA has maximum throughput S-max = 0.184 when G = (1/2).
Slotted ALOHA has maximum throughput S-max = 0.368 when G = 1.
• CSMA uses the “sense before transmit” or “listen before
talk” principle, allowing the device to sense the channel before using it.
• What the station will do when the channel is idle or busy can be solved by
persistence methods.
1. 1-Persistent method
2. Non-Persistent method
3. P-Persistent method
• CSMA/CD uses persistence methods to understand the channel.
Transmission and collision detection is a continuous process in CSMA/CD.
• Collision is avoided by using three strategies of CSMA/CA.
1. Inter-Frame Space (IFS)
2. Contention Window
3. Acknowledgments

Controlled Access Protocols

• Controlling access to a channel is known as controlled access. In controlled

access, a device cannot send a frame unless another device authorizes it.
• Primarily, 3 popular controlled-access methods are used as follows:
1. Reservation
2. Polling
3. Token Passing
• In the reservation method, the device makes a reservation before sending
data over a channel. Time is divided into intervals, and at a particular
interval, the device sends frames over a channel that has made the
reservation.
• In the polling system, one primary station and several secondary stations
are connected on a single channel. So that, all the data exchange is done
through the primary station by controlling the channel.
• When the primary station wants to communicate and receive data, it uses
the POLL function. If it wants to send data, it uses the SELECT (SEL)
function.
 • In token passing, a packet called a token passes through the ring, which
gives the station access to the channel.
• There are four physical topologies of a logical ring.
1. Physical ring (IFS)
2. Dual ring
3. Bus ring
4. Star ring

Channelization Protocols such as FDMA, TDMA, and CDMA

• Channelization is a multiple-access method used to divide the bandwidth

of a channel between devices so that signals avoid collisions with each
other.
• There are mainly three types of channelization protocols used on the
network.
1. Frequency-Division Multiple Access (FDMA)
2. Time-Division Multiple Access (TDMA)
3. Code-Division Multiple Access (CDMA)
• In FDMA, the channel’s available bandwidth is divided into the frequency
bands among the stations. Here, each band of bandwidth is reserved for a
specific station, and it is permanent.
• In time-division multiple access, the channel bandwidth is shared between
stations through time. Bandwidth is divided into time slots, meaning that
each station is allocated a time slot for sending data.
• In CDMA, one channel occupies the entire bandwidth of the link, and all
stations can send data simultaneously because there is no timesharing.
• CDMA is a coding-based principle in which a code is assigned to each
station. Codes are a sequence of numbers, known as chips.
• If the station sends a bit 0 and 1, the method encodes it as -1 and +1,
respectively. When a channel is idle, it does not send any signal displayed
as 0.

Quality of Service

• The quality of service provides reliability to the users by managing the

congestion on the network. It focuses on reliability, delay, jitter, and
bandwidth.
• Traffic shaping, admission control, resource reservation, scheduling are the
techniques used to improve the quality of service (QoS).
• The packets come from different networks to the router or switch, and they
have to be held by the router for further processing. So, three scheduling
 techniques are used to improve QoS. FIFO (First In First Out), Priority
Scheduling, and Weighted Fair Queuing.
• Integrated services (IntServ) are generally designed for Internet Protocol
(IP). Signaling, Flow Specifications, Admission, and Service classes are
integrated services.
• Resource Reservation Protocol (RSVP) is the signaling protocol, which
helps IP to form a flow such as virtual-circuit network, and consequently
make resource reservations.
• Differentiated services handle the problems of integrated services. It was
introduced by the IETF.
• Differentiated Services are also known as DiffServ in which, each packet
has a field named DS field. The DS field is determined by the router located
at the border of the network.
• The node uses traffic conditioners (meters, markers, shapers, and droppers)
to implement differentiated services.