USA: +1(669)289-8683 
Sign in
1. In the network, data are produced and exchanged according to meticulously defined rules of communication and engagement. These rules are codified in the _________.
Group of answer choices
intermediary device
protocols
message
signal
network link
2. The fiber optic cable uses _____ signal encoding.
Group of answer choices
two-level voltage
analog
electronic
multiple-level voltage
on and off
3. Which is an intermediary device designed to facilitate inter-networking?
Group of answer choices
switch
hub
network printer
router
bridge
access point
Question 8 pts
The ____ bit in the TCP header is used to request handshaking.
Group of answer choices
ACK
CON
FIN
SYN
SEQ
A Practical Introduction to Enterprise Network and
Security Management
A Practical Introduction to Enterprise
Network and Security Management
Bongsik Shin, Ph.D
CRC Press
Taylor & Francis Group
6000 Broken Sound Parkway NW, Suite 300
Boca Raton, FL 33487-2742
© 2017 by Taylor & Francis Group, LLC
CRC Press is an imprint of Taylor & Francis Group, an Informa business
No claim to original U.S. Government works
Printed on acid-free paper
International Standard Book Number-13: 978-1-4987-8797-0 (Hardback)
This book contains information obtained from authentic and highly regarded sources.
Reasonable efforts have been made to publish reliable data and information, but the
author and publisher cannot assume responsibility for the validity of all materials or
the consequences of their use. The authors and publishers have attempted to trace the
copyright holders of all material reproduced in this publication and apologize to
copyright holders if permission to publish in this form has not been obtained. If any
copyright material has not been acknowledged please write and let us know so we may
rectify in any future reprint.
Except as permitted under U.S. Copyright Law, no part of this book may be reprinted,
reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other
means, now known or hereafter invented, including photocopying, microfilming, and
recording, or in any information storage or retrieval system, without written
permission from the publishers.
For permission to photocopy or use material electronically from this work, please
access www.copyright.com (http://www.copyright.com/) or contact the Copyright
Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-7508400. CCC is a not-for-profit organization that provides licenses and registration for a
variety of users. For organizations that have been granted a photocopy license by the
CCC, a separate system of payment has been arranged.
Trademark Notice: Product or corporate names may be trademarks or registered
trademarks, and are used only for identification and explanation without intent to
infringe.
Visit the Taylor & Francis Web site at
http://www.taylorandfrancis.com
and the CRC Press Web site at
http://www.crcpress.com
Contents
Preface
Author
Chapter 1: Fundamental Concepts
1.1 Introduction
1.2 Network Elements
1.2.1 Host
1.2.1.1 Client–Server Mode
1.2.1.2 P2P Mode
1.2.1.3 Network Interface Card
1.2.2 Intermediary Device
1.2.3 Network Link
1.2.4 Application
1.2.5 Data/Message
1.2.6 Protocol
1.3 Modes of Communication
1.3.1 Methods of Data Distribution
1.3.1.1 Unicasting
1.3.1.2 Broadcasting
1.3.1.3 Multicasting
1.3.2 Directionality in Data Exchange
1.3.2.1 Simplex
1.3.2.2 Duplex
1.4 Network Topology
1.4.1 Point-to-Point Topology
1.4.2 Bus Topology
1.4.3 Ring Topology
1.4.4 Star (Hub-and-Spoke) Topology
1.4.5 Mesh Topology
1.4.6 Tree (or Hierarchical) Topology
1.5 Classification of Networks
1.5.1 Personal Area Network
1.5.2 Local Area Network
1.5.3 Metropolitan Area Network
1.5.4 Wide Area Network
1.5.5 Rise of Internet of Things
1.6 Subnetwork versus Inter-network
1.7 Measures of Network Performance
1.7.1 Capacity
1.7.1.1 Data Types and Data Rate
1.7.2 Delay
1.7.3 Reliability
1.7.4 Quality of Service
1.8 Numbering Systems
1.8.1 Binary versus Decimal
1.8.2 Binary versus Hexadecimal
1.9 Network Addressing
1.9.1 Characterizing Network Addressing
1.9.2 MAC Address
1.9.3 IP Address
1.9.4 Pairing of MAC and IP Addresses
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 2: Architectures and Standards
2.1 Introduction
2.2 TCP/IP versus OSI
2.2.1 Standard Architecture
2.2.2 Standard and Protocol
2.2.3 Protocol Data Unit
2.3 Layer Functions: An Analogy
2.4 Layer Processing
2.5 Application Layer (Layer 5)
2.5.1 HTTP Demonstration
2.5.2 Select Application Layer Protocols
2.6 Transport Layer (Layer 4)
2.6.1 Provision of Data Integrity
2.6.1.1 Error Control
2.6.1.2 Flow Control
2.6.1.3 TCP and Data Integrity
2.6.1.4 UDP and Data Integrity
2.6.2 Session Management
2.6.2.1 Session versus No Session
2.6.2.2 Session Management by TCP
2.6.2.3 TCP Session in Real Setting
2.6.2.4 Additional Notes
2.6.3 Port Management
2.6.3.1 Port Types and Ranges
2.6.3.2 Source versus Destination Port
2.6.3.3 Socket
2.7 Internet Layer (Layer 3)
2.7.1 Packet Creation and Routing Decision
2.7.1.1 Packet Creation
2.7.1.2 Packet Routing Decision
2.7.2 Performing Supervisory Functions
2.8 Data Link Layer (Layer 2)
2.8.1 LAN Data Link
2.8.1.1 Frame and Switching
2.8.1.2 Link Types
2.8.1.3 Technology Standard(s)
2.8.1.4 Single Active Delivery Path
2.8.1.5 Frame’s MAC Addresses
2.8.2 WAN Data Link
2.9 Physical Layer (Layer 1)
2.10 Layer Implementation
2.10.1 Application Layer
2.10.2 Transport and Internet Layers
2.10.3 Data Link and Physical Layers
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 3: Intermediary Devices
3.1 Introduction
3.2 Intermediary Devices
3.2.1 Operational Layers
3.2.2 Operating System
3.2.2.1 General Attributes
3.2.2.2 Access to Operating System
3.3 Hub (Multiport Repeater)
3.4 Bridge and Wireless Access Point
3.5 Switch
3.5.1 General Features
3.5.2 Switch Port
3.5.3 Switch Table
3.5.3.1 Switch Table Entries
3.5.3.2 Switch Learning
3.5.3.3 Aging of Entries
3.5.4 Switch Types
3.5.4.1 Nonmanaged versus Managed Switches
3.5.4.2 Store-and-Forward versus Cut-Through Switches
3.5.4.3 Symmetric versus Asymmetric Switches
3.5.4.4 Layer 2 versus Layer 3 Switches
3.5.4.5 Fixed, Stackable, and Modular Switches
3.5.4.6 Power over Ethernet
3.5.5 Security Issues
3.5.5.1 Safeguarding Switch Ports
3.5.5.2 Port Mirroring
3.6 Routers
3.6.1 Two Primary Functions
3.6.1.1 Routing Table Development and Its Update
3.6.1.2 Packet Forwarding
3.6.2 Router Components
3.6.3 Router Ports and Naming
3.6.4 Router Configuration
3.6.4.1 Basic Features
3.6.4.2 Advanced Features
3.7 Switching versus Routing
3.7.1 Data Link Layer versus Internet Layer
3.7.2 Connection-Oriented versus Connectionless
3.7.3 Single Delivery versus Multiple Delivery Paths
3.8 Address Resolution Protocol
3.8.1 Background
3.8.2 ARP Usage Scenarios
3.9 Choice of Intermediary Devices
3.10 Collision versus Broadcast Domains
3.10.1 Collision Domain
3.10.1.1 Collision Domain Types
3.10.1.2 Collision Domain and Network Design
3.10.1.3 CSMA/CD
3.10.2 Broadcast Domain
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 4: Elements of Data Transmissions
4.1 Introduction
4.2 Data Transmission Elements
4.2.1 Digital Signaling
4.2.1.1 On/Off Signaling
4.2.1.2 Voltage Signaling
4.2.2 Analog Signaling
4.2.2.1 Properties of Analog Signal
4.2.2.2 Modulation
4.2.3 Signaling Devices
4.2.3.1 Modem and Analog Signaling
4.2.3.2 CSU/DSU and Digital Signaling
4.2.4 Bandwidth and Related Concepts
4.2.4.1 Bandwidth
4.2.4.2 Baseband and Broadband
4.2.5 Synchronous versus Asynchronous Transmissions
4.2.5.1 Asynchronous Transmission
4.2.5.2 Synchronous Transmission
4.2.6 Multiplexing
4.2.6.1 Frequency Division Multiplexing
4.2.6.2 FDM Example: ADSL
4.2.6.3 Time Division Multiplexing
4.2.6.4 TDM Example: T-1 Line
4.2.6.5 Spread Spectrum
4.2.7 Digital Speed Hierarchies
4.2.7.1 Digital Signal
4.2.7.2 Optical Carrier/Synchronous Transport Module
4.3 Networking Media
4.3.1 Propagation Effects
4.3.1.1 Attenuation
4.3.1.2 Distortion
4.3.2 Twisted Pairs
4.3.2.1 UTP versus STP
4.3.2.2 Cable Structure and Categories
4.3.2.3 Twisted-Pair Patch Cable
4.3.3 Optical Fibers
4.3.3.1 Advantages
4.3.3.2 Physical Structure
4.3.3.3 Single Mode versus Multimode
4.3.3.4 Fiber Patch Cable
4.3.4 LAN Cabling Standards
4.4 Structured Cabling
4.4.1 Background
4.4.2 Structured Cabling System
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 5: IP Address Planning and Management
5.1 Introduction
5.2 Governance of IP Address Space
5.3 Structure of the IP Address
5.3.1 Binary versus Decimal Value Conversion
5.3.2 Structure of the IP Address
5.4 Classful IP: Legacy
5.4.1 Class A Network
5.4.2 Class B Network
5.4.3 Class C Network
5.5 Classless IP: Today
5.6 Special IP Address Ranges
5.6.1 Loopback
5.6.1.1 Internal Testing of TCP/IP Stack
5.6.1.2 Off-Line Testing of an Application
5.6.2 Broadcasting
5.6.2.1 Limited Broadcasting
5.6.2.2 Directed Broadcasting
5.6.2.3 Security Risk of Directed Broadcasting
5.6.3 Multicasting
5.6.4 Private IP and NAT
5.6.4.1 NAT: One-to-One IP Mapping
5.6.4.2 NAT: Many-to-One IP Mapping
5.6.4.3 Pros and Cons of NAT
5.7 Subnetting
5.7.1 Defining Subnet Boundary (Review)
5.7.2 Subnetwork Addressing
5.8 Subnet Mask
5.8.1 Subnet Mask
5.8.2 Subnetting Address Space
5.8.3 Broadcasting within a Subnet
5.9 Supernetting
5.10 Managing IP Address SPACE
5.10.1 Determining Number of Nodes
5.10.2 Determining Subnets
5.10.2.1 Managing Security with DMZ Subnet
5.10.2.2 Developing IP Assignment Policy
Chapter Summary
Key Terms
Chapter Review Questions
Hands-On Exercise: Enterprise IP Management at Atlas Co.
Chapter 6: Fundamentals of Packet Routing
6.1 Introduction
6.2 Routing Mechanism
6.3 Routing Table
6.3.1 Background
6.3.2 Routing Table Elements
6.4 Packet Forwarding Decision
6.5 Entry Types of Routing Table
6.5.1 Directly Connected Routes
6.5.2 Static Routes
6.5.2.1 Static Routes of a Router
6.5.2.2 Static Routes of a Host
6.5.3 Dynamic Routes
6.6 Dynamic Routing Protocols
6.6.1 Protocol Categories
6.6.1.1 Interior Gateway Protocols
6.6.1.2 Exterior Gateway Protocols
6.6.2 Delivery of Advertisement
6.6.3 Determination of Dynamic Routes
6.6.4 Security Management
6.6.5 Static versus Dynamic Routing
6.7 Inter-domain Routing
6.8 Perspectives on Packet Routing
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 7: Ethernet LAN
7.1 Introduction
7.2 Standard Layers
7.3 Ethernet Frame
7.3.1 Frame Structure
7.3.2 Addressing Modes
7.4 Ethernet LAN Design
7.4.1 Flat versus Hierarchical Design
7.4.2 Access Layer
7.4.3 Distribution and Core Layers
7.4.4 Benefits of Hierarchical Design
7.5 Spanning Tree Protocol
7.5.1 Link Redundancy
7.5.2 Protocols and Mechanism
7.6 Link Aggregation
Review Questions
7.7 Virtual LANs (VLANs)
7.7.1 Background: Without VLANs
7.7.2 VLAN Concept
7.8 VLAN Scenarios
7.8.1 Without VLANs
7.8.2 With VLANs
7.8.2.1 Define VLANs on Switches
7.8.2.2 Plan the Range of Trunk and Access Ports
7.8.2.3 Assign Access Ports to VLANs
7.8.3 How VLANs Work
7.8.4 VLAN ID versus Subnet Addressing
7.9 VLAN Tagging/Trunking (IEEE802.1Q)
7.9.1 Background
7.9.2 VLAN Tagging
7.9.3 VLAN Tagging/Untagging Process
7.10 VLAN Types
7.10.1 Default VLAN
7.10.2 Data VLAN
7.10.2.1 Data VLAN and Security
7.10.3 Voice VLAN
7.11 Inter-VLAN Routing
7.11.1 A Router Interface per VLAN
7.11.1.1 Scenario 1
7.11.1.2 Scenario 2
7.11.2 Sub-Interfaces/Ports (Advanced)
7.12 VLANS and Network Management
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 8: Wireless LAN (WiFi)
8.1 Introduction
8.2 Standard Layers and Wireless Cards
8.3 WiFi Setup Modes
8.3.1 Ad Hoc Mode
8.3.2 Infrastructure Mode
8.4 Wireless Access Points
8.4.1 AP in Infrastructure Mode
8.4.2 AP in Non-infrastructure Modes
8.4.2.1 Repeater Mode
8.4.2.2 Bridge Mode
8.5 SSID, BSS, and ESS
8.5.1 Service Set Identifier
8.5.2 BSS versus ESS
8.5.2.1 Basic Service Set
8.5.2.2 Extended Service Set
8.6 Media Access Control
8.6.1 CSMA/CA
8.6.2 RTS/CTS
8.7 WiFi Frames
8.7.1 Data Frame
8.7.2 Management Frame
8.7.3 Control Frame
8.8 WiFi and Radio Frequency
8.8.1 Radio Spectrum
8.8.1.1 Low versus High Radio Frequency
8.8.1.2 Governance
8.8.1.3 Licensed versus Unlicensed Radio
8.8.2 WiFi Channels
8.8.3 Planning Basic Service Sets
8.9 Authentication and Association
8.9.1 Three-Stage Process
8.9.2 Authentication Methods of a Station
8.9.2.1 Open Authentication
8.9.2.2 Pre-shared Key Authentication
8.9.2.3 Authentication Server
8.9.2.4 Additional Notes on Security
8.10 WiFi Standards
8.10.1 IEEE802.11n
8.10.1.1 Throughput Modes
8.10.1.2 2.4/5.0 GHz Bands
8.10.1.3 Single-User MIMO
8.10.1.4 QoS Support
8.10.2 IEEE802.11ac
8.10.2.1 5.0 GHz Band
8.10.2.2 Throughput Modes
8.10.2.3 Multi-user MIMO
8.11 WiFi Mesh Network (IEEE802.11s)
8.12 WiFi Home/SOHO Network
8.12.1 DSL/Cable Modem
8.12.2 Wireless Access Router
8.12.3 IP Configuration
8.12.4 Case: Wireless Access Router Configuration
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 9: Wide Area Network
9.1 Introduction
9.2 WAN and Enterprise Networks
9.2.1 WAN Connection Scenarios
9.2.2 Service-Level Agreement
9.2.3 CPE versus SPF
9.2.3.1 Demarcation Point
9.2.4 WAN Design Considerations
9.3 Layers of WAN Standards
9.3.1 Physical Layer
9.3.2 Data Link Layer
9.3.2.1 Circuit Switching
9.3.2.2 Packet Switching
9.3.3 Comparison: WAN versus LAN
9.4 IP Addressing for WAN Links
9.4.1 Leased Lines
9.4.2 Packet Switched Data Network
9.4.2.1 One Subnet between Two Locations
9.4.2.2 One Subnet for All Locations
9.5 Physical Layer Options: Leased Lines
9.5.1 T-Carrier/E-Carrier
9.5.1.1 T1 and T3 Circuits
9.5.2 SONET/SDH
9.6 Data Link Standard: Leased Lines
9.6.1 PPP Frame Structure
9.6.2 Router Authentication
9.6.2.1 PAP versus CHAP
9.7 Data Link Standards: PSDN
9.7.1 General Attributes
9.7.2 Virtual Circuits
9.7.2.1 WAN Switch Table
9.7.2.2 PVC versus SVC
9.7.2.3 Access Link Speeds
9.8 Frame Relay
9.8.1 General Characteristics
9.8.2 Frame Structure
9.8.3 Data Link Connection Identifier
9.8.3.1 How DLCI Works
9.8.3.2 FR Switch Table
9.8.3.3 Multiple VCs and DLCIs
9.8.4 Mapping IP Addresses
9.9 Asynchronous Transfer Mode
9.9.1 Background
9.9.2 Cell Switching
9.9.3 Quality of Service
9.10 Carrier Ethernet
9.10.1 Background
9.10.2 Strengths
9.10.3 Service Transport
9.11 Multi-Protocol Label Switching
9.11.1 Labels and Label Information Base
9.11.2 Benefits of MPLS
9.12 Wireless WAN: Cellular Network
9.12.1 General Architecture
9.12.1.1 Cell
9.12.1.2 Base Station
9.12.1.3 Mobile Terminal Switching Office
9.12.1.4 Call Channels
9.12.2 Multiple Access Technologies
9.12.2.1 Frequency Division Multiple Access
9.12.2.2 Time Division Multiple Access
9.12.2.3 Code Division Multiple Access
9.12.2.4 Orthogonal Frequency Division Multiple Access
9.12.3 Generations of Cellular Standards
9.12.4 LTE and Future
9.12.4.1 Long-Term Evolution
9.12.4.2 What Does the Future Hold?
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 10: The Internet and Client–Server Systems
10.1 Introduction
10.2 Internet Architecture
10.2.1 Internet Service Provider
10.2.1.1 National ISPs
10.2.1.2 Regional/Local ISPs
10.2.1.3 ISP Network Architecture
10.2.2 Internet Exchange Point
10.2.3 Autonomous System
10.2.4 World Wide Web and Search Engine
10.2.4.1 World Wide Web
10.2.4.2 Deep Web
10.3 VPN for Secure Communications
10.3.1 Technology
10.3.1.1 Background
10.3.1.2 VPN Technology
10.3.2 Benefits of VPN
10.3.2.1 Cost-Effectiveness
10.3.2.2 Accessibility and Scalability
10.3.2.3 Flexibility
10.3.3 Risks of VPN
10.3.3.1 Reliability
10.3.3.2 Security
10.3.4 Types of VPN
10.3.4.1 Remote-Access VPN
10.3.4.2 Site-to-Site VPN
10.3.5 VPN Standards
10.3.6 IP Security
10.3.6.1 Tunnel Mode
10.3.6.2 Transport Mode
10.3.7 Secure Socket Layer
10.3.7.1 Broad Acceptance
10.3.7.2 VPN Implementation
10.3.7.3 SSL and Internet Commerce
10.3.8 IPSec versus SSL
10.4 IPv6 (IP Next Generation)
10.4.1 Background
10.4.2 IP Packet Structure
10.4.3 IP Addressing
10.4.3.1 Subnet Address Bits
10.4.3.2 Host Address Bits
10.4.4 Address Abbreviation
10.4.5 IPv6 versus IPv4 Standards
10.4.6 Transition Approaches
10.4.6.1 Dual IP Stacks within a Node
10.4.6.2 Direct Address Conversion
10.4.6.3 Packet Tunneling
10.5 Client–Server Applications
10.5.1 Domain Name System
10.5.1.1 Domain and Name Resolution
10.5.1.2 Domain Hierarchy
10.5.1.3 DNS Architecture
10.5.1.4 Host DNS File
10.5.2 Dynamic Host Configuration Protocol
10.5.2.1 The Process View
10.6 Server Virtualization
10.6.1 Traditional Computing Model
10.6.2 Virtualization Concept
10.6.3 Virtualization Approaches
10.6.3.1 Hosted Virtualization
10.6.3.2 Hypervisor-Based Virtualization
10.6.4 Shared Infrastructure
10.6.5 Summary: Benefits Realized
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 11: Cybersecurity: Threats
11.1 Introduction
11.2 Malicious Codes: Malware
11.2.1 Virus
11.2.2 Worm
11.2.3 Trojan
11.2.4 Bot
11.2.5 Other Malware Types
11.2.6 Malware Issues
11.3 Password Cracking
11.3.1 Brute Force Method
11.3.2 Dictionary Method
11.4 Spoofing
11.4.1 Source Address Spoofing
11.4.1.1 IP Spoofing
11.4.1.2 MAC Spoofing
11.4.2 Email Spoofing
11.4.3 Web (or HTTP) Spoofing
11.5 Denial of Service
11.5.1 Pinging and SYN Requests
11.5.1.1 Pinging
11.5.1.2 SYN Requests
11.5.2 Distributed DOS
11.5.3 MAC Address Flooding
11.6 Packet Sniffing
11.6.1 Packet Sniffing with Wireshark
11.7 Port Scanning
11.7.1 Port Scanning with Zenmap
11.8 Social Engineering
11.9 Man-in-the-Middle
11.9.1 MITM with Bogus DHCP Server
11.10 Spam
11.11 Poisoning
11.11.1 ARP Poisoning (ARP Spoofing)
11.11.2 DNS Poisoning (DNS Spoofing)
11.12 Zero-Day Attack
11.13 WiFi Threats
11.13.1 Wardriving
11.13.2 Denial of Service
11.13.3 Rogue AP
11.13.4 MITM
Chapter Summary
Key Terms
Chapter Review Questions
Chapter 12: Cybersecurity: Defenses
12.1 Introduction
12.2 Security Requirements and Solutions
12.2.1 Security Requirements
12.2.1.1 Confidentiality (Privacy)
12.2.1.2 Data Integrity
12.2.1.3 Authentication
12.2.1.4 Access Control/Authorization
12.2.1.5 Availability
12.2.2 Technology Solutions
12.3 Principles in Architecting Defense
12.3.1 Layering
12.3.2 Limiting
12.3.3 Simplicity
12.4 Firewall
12.4.1 Firewall and DMZ
12.4.1.1 Separating Firewall and Border Router
12.4.2 Firewall Functions and Management
12.4.2.1 Firewall Functions
12.4.2.2 Managing Firewall
12.4.3 Stateless versus Stateful Filtering
12.4.3.1 Stateless Filtering
12.4.3.2 Stateful Filtering
12.5 Access Control List
12.5.1 How Many ACLs?
12.5.2 ACL Filtering versus Packet Routing
12.6 Cryptography
12.6.1 Cryptography System
12.6.1.1 Basic Components
12.6.1.2 How It Works
12.6.2 Symmetric-Key Cryptography
12.6.3 Asymmetric-Key Cryptography
12.6.3.1 How It Works
12.6.3.2 Pros and Cons
12.6.4 Hybrid Approach
12.6.5 Hashing Cryptography
12.7 Digital Signature
12.8 Digital Certificate
12.8.1 Digital Certificate
12.8.2 Certificate Authority
12.9 Security Protocol
12.9.1 WiFi Security Standards
12.9.1.1 Wired Equivalent Privacy
12.9.1.2 WiFi Protected Access (WPA and WPA2)
12.9.1.3 Enterprise Mode versus Personal Mode
Chapter Summary
Key Terms
Chapter Review Questions
Glossary
Acronyms
Index
Preface
This book is written for those who study or practice information technology,
management information systems (MIS), accounting information systems (AIS), or
computer science (CS). It is assumed that readers are exposed to computer networking
and security subjects for the first time. Computer networking and cybersecurity are
challenging subjects, partly because of the constant rise and fall of related technologies
and IT paradigms. As the title implies, much focus of this book is on providing the
audience with practical, as well as, theoretical knowledge necessary to build a solid
ground for a successful professional career.
If used for a class, the book of 12 chapters contains just about right amount of
coverage for a semester or quarter. It balances introductory and fairly advanced
subjects on computer networking and cybersecurity to effectively deliver technical and
managerial knowledge. Although the writing is moderately dense, utmost attempts
have been made on explaining sometimes challenging concepts in a manner that
readers can follow through, with careful reading.
The book is designed to offer impactful, hands-on learning experience without
relying on a computer lab. First, each chapter comes with practical exercise questions.
In the class setting, they are good as individual or group assignments. Many of them
are based on simulated or real cases, and take advantage of actual industry products
and systems for a reader to better relate theories to practice. Second, there are a
number of information-rich screen shots, figures, and tables in each chapter carefully
constructed to solidify concepts and thus enhance visual learning.
In addition to the thorough technical details, managerial issues including, enterprise
network planning, design, and management are embedded throughout the book from
the practitioner’s perspective to assist balanced learning. Besides, bearing in mind of
the critical importance of security in today’s enterprise networks, implications of
network design and management on enterprise security are discussed whenever
appropriate. Lastly, to further reinforce knowledge in security management, two
chapters are dedicated to introduce fundamentals of cybersecurity in terms of threat
types and defense techniques.
Author
Bongsik Shin is a professor of management information systems at San Diego State
University. He earned a Ph.D. from the University of Arizona and was an assistant
professor at the University of Nebraska at Omaha before joining San Diego State
University. He has taught computer network & cybersecurity management, business
intelligence (data warehousing & data mining, statistics), decision support systems,
electronic commerce, and IT management & strategy. Especially, he has been teaching
computer networking and cybersecurity continuously over 20 years.
His academic activities in pursuit of teaching and research excellence have been
funded by more than 25 internal and external grants. His recent research efforts have
been all about cybersecurity on subjects related to cyber threat intelligence,
ransomware, authentication & access control and countermeasures of phishing.
Recently, his team, he as the principal investigator, has been awarded a grant by the
US Department of Defense to conduct research on “Actionable Intelligence-Oriented
Cyber Threat Modeling.”
He has published more than 30 articles in such high impact journals as MIS
Quarterly; IEEE Transactions on Engineering Management; IEEE Transactions on
Systems, Man, and Cybernetics; Communications of the ACM; Journal of Association
for Information Systems; European Journal of Information Systems; Journal of
Management Information Systems; Information Systems Journal; Information &
Management; and Decision Support Systems. In 2016, he served as a conference cochair of the Americas Conference on Information Systems, one of the three largest
MIS conferences with attendees from 40+ countries.
1 Fundamental Concepts
1.1 Introduction
By definition, the computer network represents a collection of wired and wireless
communication links through which computers and other hardware devices exchange
data (or messages). A network can be either as small as the one installed in a house or
as big as the Internet that literally covers the entire planet. The size of a particular
network, thus, reflects the size of the place (e.g., building, campus) where it is
installed. In recent days, the wireless and wired network links have become the arteries
of organizations (e.g., companies, universities) and the society, revolutionizing every
facet of our life by facilitating resource (e.g., storage) sharing and exchange of data
(e.g., texts, videos, music) in an unprecedented manner. Throughout this book, the two
terms “data” and “message” are used synonymously.
Because of the rapid advancement of information and communication technologies
(ICTs), more electronic and mobile devices are being attached to the computer
network. Among them are digital smart phones, high-definition Internet protocol
televisions (IPTVs), music and video game players, tablets such as iPads, electronic
appliances, and control and monitoring systems (e.g., security cameras, closed-circuit
televisions (CCTVs), traffic signals). The rapid increase of various digital devices is
transforming the network into a more dynamic, diversified, and, at the same time,
more vulnerable platform.
Besides the digital computer network, there are also other traditional network
platforms that existed long before the digital revolution. They include radio/TV
broadcasting networks and public switched telephone networks. The traditional
networks are, however, not the focus of this book.
Although traditional networks and digital computer networks started off on separate
platforms, their convergence has been taking place. For instance, nowadays, more
voice calls are digitized and transported over the Internet. Think of the popularity of
Internet call services such as Skype, Vonage, and Google Voice. The convergence is
accelerating as the computer network has become stable in handling both non-realtime (e.g., email, web browsing) and real-time (e.g., voice, live video) traffic.
The prevalence of computer networks, meanwhile, poses a great deal of
cybersecurity threats to individuals, organizations (e.g., businesses, universities), and
governments. The threats are getting stealthier and sophisticated, inflicting more grave
consequences on victims than ever before. Aggressors and organized crimes have
mounted various cybersecurity attacks, and numerous ill-prepared individuals and
public/private organizations have suffered dearly. Amid the constant news of
cybersecurity breaches, adequate preparations including threat monitoring and
prevention have become essential in the design and operation of computer networks.
This chapter covers the fundamental concepts of computer networking.
Main objectives of this chapter are to learn the following:
Key elements of a computer network
Methods used by network nodes to distribute data
Directionality in data propagation
Network topologies focusing on physical layouts
Classification of networks in terms of their scope
Subnetwork versus inter-network
Key measures of network performance
Binary, decimal, and hexadecimal numbering systems
Addressing methods: Internet protocol (IP) and media access control (MAC)
1.2 Network Elements
A computer network is made up of various hardware and software components
including hosts, intermediary devices, network links (or communication links),
applications, data, and protocols. Figure 1.1 demonstrates a simple network in which
two hosts (i.e., a personal computer (PC) and a server) exchange data produced by
applications (e.g., web browser, web server) in accordance with a protocol over the
two network links joined by an intermediary device. Each of the constituents is briefly
explained.
1.2.1 Host
In this book, the host is defined as a data-producing entity attached to a network, and it
has been primarily a computer. Oftentimes, hosts are also called end devices, end
systems, or end stations. They are capable of accepting user inputs (e.g., keyboarding,
video feeds from a camera), processing them, generating outputs in the form of 1s and
0s, and storing them. The outputs can be digitized texts, sounds, images, videos, or any
other multimedia contents that can be transported over the computer network.
Figure 1.1 Key elements of a computer network.
The host is generally a source or a destination of data in transit, and it has been
predominantly a general-purpose or high-performance computer (e.g., PC, laptop,
mainframe, supercomputer). Because of continuous addition of nontraditional
computing and communication devices to the network, host types are much more
diversified these days. They include smart phones, personal digital assistants (PDAs),
video game consoles, home electronics and appliances, and other peripheral devices,
such as, network-enabled printers, copiers, and fax machines. When hosts exchange
data over a network, their relationship is in one of two modes: client–server or peer-topeer (P2P) (see Figure 1.2).
Figure 1.2 Client–server versus P2P networking.
1.2.1.1 Client–Server Mode
In the client–server mode, a host acts as a dedicated client or server. The client host
takes advantage of resources (e.g., files, storage space, databases, web pages, central
processing unit (CPU) processing) offered by servers. The server host generally has
high-performance capacity to quickly respond to resource requests from client hosts.
In the early days, many programs (e.g., Microsoft Outlook for email) installed in the
client host were tailored to a particular server application (e.g., Microsoft Exchange).
However, the web browser (e.g., Firefox, Google Chrome) has changed it all. The
browser has become an application that allows a client host to communicate with many
different server applications (e.g., email, database, web servers) over the network. This
one client (web browser) to many server applications has benefitted individuals and
organizations tremendously. Above all, using the “thin” client in which a client host
only needs a web browser to take advantage of resources available from various
servers, organizations can control IT spending and save efforts necessary to maintain
programs on client hosts.
1.2.1.2 P2P Mode
In P2P networking, each participating host on a network behaves as both a client and a
server in sharing resources with other hosts. As an example, by joining P2P filesharing sites such as BitTorrent.com, anyone can download multimedia files available
from other participating computers (client mode) and, at the same time, allow others to
copy files available in his/her hard drive (server mode) over the Internet. As another
example of the P2P technology, today’s operating systems such as Windows support
P2P networking among nearby computers, especially through the WiFi technology
called WiFi Direct.
Exercise 1.1
1. It is generally agreed that the client–server approach has several advantages
over P2P computing. Explain why in terms of the following aspects. Search the
Internet if necessary.
a. Easier to protect server resources such as data
b. Better accessibility to server resources
c. Easier to back up server resources
d. More cost-effective in maintaining and upgrading server programs (or
applications)
e. Easier to add server resources to meet growing demands
2. Create a simple private P2P network and conduct file swapping. For this, form
a team of two students each with his/her own computer. Then, create a P2P
network by connecting the two computers on WiFi. P2P requires additional
configuration (e.g., creation of a workgroup on Windows). Once the
configuration is complete, exchange files over the P2P network. If necessary,
conduct Internet search to learn the setup procedure.
1.2.1.3 Network Interface Card
To access a network, the host should be equipped with at least one network interface
card (NIC), which is an electronic circuit board. Also called an adaptor or a local area
network (LAN) card, the NIC is generally built into a computer these days, and it
converts host-generated binary data (e.g., emails) into signals (e.g., electronic currents,
lights, radio signals) and releases them to the network. The NIC also accepts signals
arriving over the network, restores original data, and forwards them to the host’s CPU
for processing.
Figure 1.3 NIC cards for (a) Ethernet and (b) WiFi. (From Amazon.com.)
Many user computers have two NICs these days: one for cabled Ethernet LAN and
the other for Wireless (or WiFi) LAN to enable both wired and wireless networking as
needed. Figure 1.3 illustrates NIC cards for Ethernet and WiFi. It can be observed that
an Ethernet NIC has one or more ports that allow physical connectivity of a computer
to the wired network, but the wireless NIC (WNIC) has one or more antennas for radio
communications. Wireless NICs in universal serial bus (USB) are also popular. Each
NIC comes with a unique address, called a physical or MAC address (to be explained).
1.2.2 Intermediary Device
Depending on the size, a network can have many different intermediary devices that
conduct functions necessary to relay data between the source and destination hosts.
Intermediary devices do not produce user data, but transport them in an effective,
reliable, and secure manner. Among the frequently used intermediary devices are
modems, firewalls, multiplexers, channel service unit (CSU)/data service unit (DSU),
hubs (or multiport repeaters), switches, routers, bridges, and wireless access points.
Their functional details are explained in other chapters, mainly in Chapter 3.
Hubs, bridges, wireless access points, and switches provide hosts (e.g., clients,
servers) with inter-connectivity “within” a network segment called a subnetwork (or
subnet). In contrast, the router is used to tie different network segments (or
subnetworks). The data-forwarding activity (e.g., email delivery between two nodes)
taking place within a subnetwork boundary is termed as intra-networking and that
across two or more subnetworks joined by routers is called inter-networking (see
Figure 1.4). In other words, hubs, bridges, wireless access points, and switches are
intra-networking devices, and routers are inter-networking devices. More on intra-
networking versus inter-networking is explained in Section 1.6.
Figure 1.4 Intra-networking and inter-networking devices.
Intermediary devices are distinct from each other in many different ways. For
example, some devices (e.g., hubs) transmit data in the half-duplex mode, whereas
others (e.g., switches, routers) transmit data in the full-duplex mode (for more details,
see Section 1.3.2). Some devices are hardware-driven in performing their primary
functions, while others rely more on their software capability. Software-enabled
devices generally use a higher level of intelligence to conduct networking functions
than their hardware-enabled counterparts. Intermediary devices are also different in
their processing speeds, in their capacity of data filtering and security provision, and in
the addressing mechanism used to move data.
As with the host, an intermediary device also has one or more internal network cards
with built-in ports (or interfaces) to tie wireless or wired network segments. Because
of the critical importance of intermediary devices in computer networking, Chapter 3
is dedicated to cover their structural and functional features in detail. The term
“network node” is used throughout the book as an inclusive concept that refers to an
intermediary device or a host.
Network nodes = Intermediary devices + Hosts (end devices).
1.2.3 Network Link
The network link is a wired (or guided) or wireless (or unguided) connection that
enables data exchange between network nodes. Various communication media have
been used to form a link. Copper wires (e.g., twisted pairs, coaxial cables) and optical
fibers made of extremely pure glass or plastic are the predominant wired transmission
media these days. The earth’s atmosphere becomes the medium of wireless
communications. Data are transported in the form of various signals through the
guided and unguided media: electronic signals through copper wires and coaxial
cables, light signals through optical fibers, and radio/microwave signals in the
atmosphere. Details on the media and communication signals are explained in Chapter
4.
The network link can be either an access link or a trunk link. While the access link
provides direct connectivity between a host (end station) and an intermediary device,
the trunk link interconnects intermediary devices (e.g., router–router, router–switch,
switch–switch), resulting in the extension of network span. The trunk link is a point-topoint connection, and it generally carries traffic that comes from multiple access links.
When two hosts exchange data through two or more intermediary devices, they take
one or more trunk links to complete the end-to-end data delivery (see Figure 1.5).
Although trunk links are not necessary to create a small-scale network such as the one
shown in Figure 1.1, most organizations rely on them to create an enterprise network.
Figure 1.5 Access links versus trunk links.
Exercise 1.2
The hypothetical enterprise network of an organization shown in Figure 1.6 covers
one main office and two remotely located branch offices. Each office has its own
LAN, and the three LANs are interconnected by routers (R1, R2, and R3) over the
three wide area network (WAN) links leased from a WAN service provider.
Figure 1.6 A hypothetical enterprise network.
1.
2.
3.
4.
5.
6.
7.
How many hosts does each LAN contain?
How many intermediary devices does each LAN contain?
How many access links and trunk links are there in each LAN?
What is the total number of access links and trunk links?
How many network nodes are there in the enterprise network?
What intermediary devices are used for intra-networking in each LAN?
What intermediary device is used for inter-networking?
1.2.4 Application
The application (e.g., MS Outlook, web browser) represents a software program
developed to support a specialized user task (e.g., email exchange, web surfing).
Numerous applications have been introduced to support various tasks over the
computer network. Many of them are designed to improve communications, which
include those of email (e.g., Outlook, Thunderbird), instant messaging (e.g., Yahoo
Messenger), and voice & video (e.g., Skype, Google Voice). Also, the web browser
has become an extremely popular application on which countless online services (e.g.,
social networking, online banking, e-commerce, cloud computing) are offered over the
Internet.
Applications can be characterized from different angles, and their individual and
organizational usage has important implications on the design of computer networks
because of the close relevance between application types and requirements of network
performance. For instance, the majority of user applications need to be supported by
the following:
Predictable or guaranteed network reliability (e.g., financial transactions)
Predictable or guaranteed network capacity/speed (e.g., videoconferencing)
Little or no network delay/latency (e.g., audio conferencing, video streaming)
Reasonable network responsiveness (though not real time) (e.g., web browsing,
instant messaging)
Figure 1.7 Transmission of discrete data units over a computer network.
1.2.5 Data/Message
Applications produce data (or messages) that need to be transported over the network.
The data may be real-time or interactive audios/videos, or such static contents as web
pages and emails. In computer networking, data produced are packaged in discrete
data units and are delivered to the destination one by one. As a simple demonstration,
imagine a network-enabled conversation between two persons and observe how their
dialog is packaged into discrete data units and gets delivered (see Figure 1.7).
The general name of each data unit is packet. Each packet contains source data and
additional overhead information necessary for its delivery, such as source and
destination addresses. To better visualize the relationship between source data and a
packet, think of a letter (as source data) contained in an envelope with mailing
addresses (as a packet).
1.2.6 Protocol
A host application (e.g., web browser, email program) produces and exchanges
data/messages according to a protocol, which contains a collection of detailed
communication rules. For this, an application has a particular protocol built into it
(e.g., Hypertext Transfer Protocol [HTTP] embedded in the browser). The application
produces outgoing data and interprets incoming data strictly based on the set of
communication rules defined by the built-in protocol. There are two types of
communication rules:
Syntactic rules: Rules regarding the format of a message in its construction
Semantic rules: Rules concerned with the meaning or interpretation of a message
For example, if a computer user enters http://www.facebook.com into a web browser’s
Uniform Resource Locator (URL), the browser produces a simple request message
according to the built-in HTTP. Here, the request message has syntax similar to
GET/HTTP/1.1
Host: www.facebook.com
so that the target host (www.facebook.com server) can understand/interpret its
meaning (or semantics). The semantics of the above statements is “Please send me the
main page of www.facebook.com using HTTP, version 1.1.” The request message thus
produced is then dispatched to the target server.
Certain protocols are standardized so that hardware and software vendors can
incorporate them into their own products. For example, HTTP is a standard protocol
adopted by all web browsers (e.g., Firefox, Internet Explorer, Chrome) and web
servers (e.g., Apache, Microsoft IIS). There are also numerous proprietary protocols
developed by vendors exclusively for their own commercial products (e.g., the
protocol embedded in Skype or Yahoo Messenger). Important standard protocols are
introduced throughout the book.
1.3 Modes of Communication
This section explains methods utilized by network nodes to distribute data and the
directionality of data exchanges.
1.3.1 Methods of Data Distribution
The methods of data distribution between network nodes are primarily unicasting,
broadcasting, and multicasting (see Figure 1.8).
1.3.1.1 Unicasting
In unicasting, data exchange takes place between a single source and a single
destination node identified by their unique addresses. The destination may be located
within the same network of the source or separated from the source across multiple
networks. It was explained that the co-location of the source and the destination within
a subnetwork takes intra-networking for data delivery. When the source and the
destination are in different subnetworks, data delivery requires inter-networking (for
more details, see Section 1.6). Normally, the majority of messages produced by a user
application are exchanged in this mode.
Figure 1.8 Multicasting, broadcasting, and unicasting.
1.3.1.2 Broadcasting
Broadcasting results in the flooding of data from one node to all the other nodes within
a network. In fact, we have been enjoying the broadcasting service daily by tuning into
radio or TV channels. From satellites or earth stations, radio and TV companies
broadcast signals that carry various contents (e.g., music, drama, reality shows). Such
broadcasting is also widely used by computer networks for various reasons. A
prevalent example is WiFi.
1.3.1.3 Multicasting
Multicasting from a data source results in its concurrent delivery to a selected group of
destinations. We have been using multicasting services extensively. For example,
numerous online sites provide multimedia streaming for live news, music, TV
programs, movies, online gaming, and SNS videos over the Internet. These services
rely on a multicasting protocol so that a server can stream multimedia contents to
requesting clients concurrently. With the growing popularity of such on-demand
multimedia services, usage of multicasting will only grow.
Although the demonstration in Figure 1.8 is only between hosts, intermediary nodes
including switches and routers also take advantage of them to advertise supervisory
information or to exchange information necessary to perform scheduled and
unscheduled network control functions.
1.3.2 Directionality in Data Exchange
Data flows between two network nodes can be one of the three types in directionality:
simplex, half-duplex, and full-duplex (see Figure 1.9).
1.3.2.1 Simplex
In simplex transmission, data flow is in only one direction. Radio and TV broadcasting
services are good examples. This mode of communications also exists between
computers and their input devices (e.g., keyboard, mouse). The simplex transmission,
however, is not a prevalent mode in the computer network.
1.3.2.2 Duplex
In the duplex mode, data flows both ways between two network nodes, and thus each
node has the capability of sending and receiving data. Duplex transmissions are either
half-duplex or full-duplex.
Figure 1.9 (a) Simplex, (b) half-duplex, and (c) full-duplex transmissions.
Half-duplex: In this mode, only one party is allowed to transmit data at a time, and
the other party should wait until its turn. For a good analogy, imagine the two-way
traffic flow on a single-lane railway. Another well-known example is the walkietalkie, a portable radio device that communicators take turns for speaking.
Although used in the early generation of computer networking (e.g., hubs), it has
been largely replaced by more effective full-duplex communications these days.
Full-duplex: In full-duplex mode, data flows in both directions simultaneously
between two network nodes. For this, there are generally two separate channels
established for a link (or circuit): one channel for each direction. It is like having
double lanes for two-way traffic. The traditional telephone system has been using
full duplex, so that two communicators on a circuit can talk and listen
simultaneously. Most computer networks take advantage of the full-duplex
technology these days.
1.4 Network Topology
Network topology is defined as the physical layout of a network, a design approach
utilized to interconnect network nodes (i.e., intermediary devices and hosts). The
logical layout concept also exists, but here we focus more on the physical arrangement
of network nodes and links. The physical layout of a network can be understood in
terms of relationships between intermediary devices and hosts, between hosts, or
between intermediary devices.
Many different topologies including bus, star, ring, mesh, tree (or hierarchy), and
hybrid (e.g., bus–star) have been in use to arrange network nodes. Each topology has
its own strengths and weaknesses, and the design process of an enterprise network
should factor in various elements unique to its organizational circumstance. These
include characteristics of locations (e.g., number of locations, degree of their
distribution), users (e.g., number of users), hosts (e.g., type and number of on-site
hosts), applications (e.g., importance of reliability in message delivery), and security
conditions.
1.4.1 Point-to-Point Topology
As the simplest topology, point-to-point establishes a direct connection between two
nodes. There may be only two end nodes directly linked or more than two nodes
between two end nodes making it an extended point-to-point connection (see Figure
1.10). A point-to-point link can have permanent and dedicated capacity as in the case
of the phone line between a house and a telephone company. Or, it can be dynamically
constructed and dismantled as needed. This dynamic formation occurs more often in
the form of extended point-to-point topology. For example, a long-distance or an
international call between two remote locations requires dynamic circuit formation
through multiple telephone switches.
Figure 1.10 (a) Point-to-point and (b) extended point-to-point topologies.
1.4.2 Bus Topology
In the bus topology, end stations are directly connected to a half-duplex common line,
with a terminator device at each end of the line absorbing data remaining in the
network (see Figure 1.11). Communications between any two stations, therefore,
should be made via the backbone medium. Using the common-line approach
practically results in broadcasting of data in which transmissions from a station reach
all the other stations on the network, although there is only one intended receiver. This
topology therefore allows only a single station to release data at a time to avoid
transmission collisions.
Figure 1.11 Bus topology (LAN example).
Because of its structural simplicity, the bus topology works well for small networks.
However, it is subject to traffic congestions when a network grows with more stations
attached. The early generation of Ethernet LAN was running on bus, but its usage has
mostly disappeared these days due to inherent limitations including unnecessary data
broadcasting and difficulties in cabling (e.g., installing a main line inside the ceiling).
Figure 1.12 Ring topology: (a) LAN and (b) WAN.
1.4.3 Ring Topology
In the ring topology, nodes are attached to a backbone ring that may be a copper wire
or an optical fiber. Depending on the technology standard, a network can have a
single-ring or a dual-ring architecture that affords redundancy and thus higher
survivability from link failures (see Figure 1.12). The ring network has technological
advantages in handling high-volume traffic in a reliable manner. This topology is also
adequate in constructing long-haul networks.
Despite the technological advancement and availability of ring-based standards for
LANs such as token ring and fiber distributed data interface (FDDI), their acceptance
has been dwarfed by more cost-effective Ethernet that runs on star (or extended star)
topology. Ring topology, however, remains a popular choice in creating a high-speed
WAN backbone with fiber optics (for more details, see Chapter 9).
1.4.4 Star (Hub-and-Spoke) Topology
In the star topology, host stations are connected to a central intermediary device (see
Figure 1.13). The topology has several advantages. Above all, the topology makes it
easy to add and remove a host station from a network and also to locate node or cable
problems. It is also relatively simple to add more stations to a network. Ethernet LANs
mostly run on this topology these days. With Ethernet being a dominant wired LAN
standard, there are many equipment options (e.g., cabling, ports, connection speeds)
with competitive pricing. As a disadvantage, the intermediary device becomes a single
point of failure that can bring down a network.
Figure 1.13 Star (hub-and-spoke) topology: (a) LAN and (b) WAN.
An enterprise can also adopt a star to interconnect distributed LANs with WAN
connections. In this case, the network node placed at the hub location (e.g., main
office) mediates traffic between any other locations. Observe that the WAN topology
is determined by the relationship among intermediary devices, such as, routers rather
than those between hosts and an intermediary device.
1.4.5 Mesh Topology
Figure 1.14 (a) Full mesh and (b) partial mesh topology (WAN examples).
The mesh topology is an arrangement in which all possible connections between
network nodes are directly linked (see Figure 1.14). This makes a mesh network very
reliable through extra redundancies in which one inoperable node does not drag down
the entire network. The mesh network can be a sound option when the number of
nodes is relatively small. For example, for three network nodes, only three connections
are required, but if there are four nodes, it will take six direct links.
As more devices or locations are attached to a network, the number of direct
connections increases exponentially, making full mesh less practical in terms of
operational costs. The partial-mesh topology uses less links (thus less cost burden)
than full-mesh topology but more links than star (hub-and-spoke), making a network
less vulnerable to link failures with the redundancy.
1.4.6 Tree (or Hierarchical) Topology
In the tree topology, nodes are joined in a hierarchical fashion in which the one on top
becomes a root node (see Figure 1.15). There are two or more levels in the hierarchy
with the number of nodes increasing at the lower level, making the overall structure
like a Christmas tree. The tree structure is highly effective when many nodes (or
locations) have to be interconnected using reduced direct links. This topology has been
a popular choice among telephone service providers in constructing a backbone
network to cover a large geographical area.
Figure 1.15 Tree/hierarchical topology: (a) LAN and (b) WAN.
The tree approach is also frequently used for an enterprise network in which a large
number of end stations are interconnected through a hierarchy of intermediary devices.
For example, the LAN of a building may be star-based on each floor. Then, the
multiple star networks from different floors can be linked to higher-speed devices to
form a bigger LAN that covers the entire building. This topology shares strengths
inherent to the star network such as ease of network management and expansion.
When a network has a tree structure, intermediary devices (e.g., switches) located at
the higher level generally handle more traffic and thus should be more powerful (e.g.,
faster forwarding rate) than those at the lower level.
When it comes to actual implementations, many corporate networks adopt a hybrid
solution that combines more than one topology. Taking a simple example, each direct
link between two nodes in star, mesh, or tree topology becomes an instance of the
point-to-point connection.
1.5 Classification of Networks
In terms of coverage scope, computer networks are generally classified into four
different types: personal area networks (PANs), LANs, metropolitan area networks
(MANs), and WANs. Each type has widely accepted standard technologies.
1.5.1 Personal Area Network
The PAN represents a small network whose coverage is typically a few meters or less.
It has been popularized by the introduction of such wireless standards as Bluetooth,
WiFi Direct, Zigbee, and more recently near-field communication (NFC). For instance,
NFC represents a set of short-range—generally up to 2 in. (or 4 cm)—networking
technologies for small data sharing. NFC-enabled portable devices read tags or do
credit card transactions through such tap-and-pay systems as Apple Pay and Google
Wallet.
As another popular standard of the short-range PAN, Bluetooth builds a network
organized around an individual and thus allows devices located in close proximity
(e.g., generally up to 10 m) to exchange data without hard wiring. Figure 1.16
illustrates the usage of Bluetooth to interconnect computing and electronic devices in a
wireless setting.
1.5.2 Local Area Network
The LAN, in general, covers a relatively confined area to interconnect hosts located
within the physical boundary of an organization or a company, making it larger than
the personal area network in coverage. Size of the LAN varies considerably as it is
determined by the size of an organization. For example, if a company occupies only a
single floor of a building, the firm’s LAN is limited to that floor. If an organization
uses all floors of a building, its LAN covers the entire building.
Figure 1.16 Bluetooth-enabled personal area networks.
A bigger network that interconnects multiple buildings within a university or a
corporate campus is also a LAN. The oversized LAN is generally termed as a campus
LAN or a campus area network. The campus LAN’s extended scale makes its design
and operations more challenging than smaller LANs. To create a campus LAN,
smaller networks (e.g., one in a building) are joined by high-speed intermediary
devices (e.g., core routers or switches) in a hierarchical structure of multiple layers
(see the tree topology in Figure 1.15).
As a simple example, imagine a relatively small-scale campus LAN of two
buildings, each with a fast core switch and two workgroup switches that attach
computers to the LAN (see Figure 1.17). The actual campus LAN can be significantly
more complex than the example. Details of LAN technologies are covered in Chapters
7 and 8 focusing on the dominant Ethernet and WiFi standards. As said, there is no
one-size-fits-all definition of the LAN especially in its size, and therefore, readers
should interpret the term in its usage context. Lastly, as a LAN is installed within an
organization’s boundary, the organization fully controls it, making any changes (e.g.,
updates, maintenance) as needed.
Figure 1.17 An illustration of campus LAN.
1.5.3 Metropolitan Area Network
The MAN is generally designed to cover a good-sized city, being considerably larger
in its geographical span than the LAN. The MAN is used to interconnect LANs
through land-based or wireless standards within a metropolitan area. In general,
common carriers (or telecom carriers) such as telephone service providers (telcos) and
Internet service providers (ISPs) have the ownership of the MAN infrastructure, and
corporate clients subscribe to the MAN service to access the Internet and other WANs.
Figure 1.18 An illustration of MAN.
Figure 1.18 demonstrates a hypothetical MAN of a common carrier around the
Boston metropolitan area, with high-speed cabling (e.g., 10 Gb/s) and fast intermediary
devices. It shows that through the MAN, the three client-site LANs are interconnected
and also send data to the Internet and to the carrier’s WAN platform.
In the past, WAN standards (e.g., Frame Relay) were technology choices for the
MAN infrastructure. However, because of the popularity of Ethernet as a LAN
standard, the Ethernet-based technology called Metro-Ethernet has become a preferred
choice for the MAN platform. Besides, WiMax (or WirelessMAN) has been
introduced as a broadband standard for wireless MAN service.
1.5.4 Wide Area Network
The WAN is designed to cover a state, a nation, or an international territory (see
Figure 1.19). It interlinks LANs including campus networks, MANs, and even smaller
WANs. To tie its geographically distributed LANs, a client organization (e.g.,
university, company) creates its own private WAN connections by subscribing to the
WAN service available from telecom carriers (e.g., China Telecom, Verizon,
Vodafone). These companies install and maintain their private WAN infrastructure to
commercially offer WAN services to individual and organizational clients.
Figure 1.19 WAN links and an enterprise network.
Separate from the carrier-owned private WAN infrastructure, the Internet has
become an extremely popular platform for WAN connections as well. The Internet
itself is the largest global network that no single company or nation has an exclusive
ownership on. For example, a telecom carrier has its own Internet infrastructure, but it
makes up just a small fraction of the global Internet backbone. With its ubiquity
(covers the entire planet), flexibility (connect any time and any place), and cost
advantage (substantially cheaper than the private WAN service), the Internet has
become an extremely popular option for WAN connections these days.
The enterprise network spans an organization to facilitate communications among
employees, departments, workgroups, and other entities. An organization’s units may
be housed in one building or several buildings at a location, distributed in multiple
locations throughout a region, or dispersed nationally or globally. Reflecting the
structural diversity of organizations, an enterprise network can be of any combination
of one or more PANs, LANs, and MAN/WAN connections (see Figure 1.19). Chapter
9 explains popular WAN services available from telecom carriers, and Chapter 10
covers the architectural details of the Internet, another extremely popular WAN
platform these days.
1.5.5 Rise of Internet of Things
Because of the prevalence of PANs, LANs, MANs, and WANs, a new paradigm called
Internet of things (IoT) is unfolding. IoT is not a type of network/networking
technology, but it represents a new development (or paradigm) in which numerous
devices (e.g., cars, appliances, gadgets, electronics, mobile devices, security
monitoring devices, health devices) automatically detect each other and communicate
seamlessly to perform a host of tasks over wired/wireless networks and the Internet.
Surely, the various network types explained earlier are keys that will bring IoT to
reality, although its full-swing may be years away.
The following scenario demonstrates how the emerging IoT paradigm is going to
fundamentally transform the society through transparent and automated connectivity
among numerous computing and non-computing devices.
Exercise 1.3
Year 2025 in San Diego: Laura is a marketing manager of a large business insurance
firm. Her daily schedule is loaded with both personal routines and job-related
activities. Today, she has to wake up at 6 am. There is an early morning meeting at
downtown, and also a business flight to Los Angeles is scheduled at 12 pm. While
her car self-drives to the downtown location, it warns that the brake pads are
wearing thin and the tire pressure is low. Her car transmits the information to her
maintenance shop for a biannual assessment and report. At one point, her car
cautions that the shortest path originally suggested has a sudden traffic jam caused
by an accident and chooses an alternative path. It also senses weather conditions,
adjusts internal temperature and humidity, activates the sun blind, and controls
influx of polluted air.
After the brief meeting at downtown, she is on the road again for a short trip to
Los Angeles to meet a key business partner. The electronic ticket purchased days
ago is in her Apple watch. When she enters the Lindberg airport, the watch initiates
communications with the airport’s customer support system by sending the ticket
information. It suggests the nearest entrance gate as well as a close parking lot for
the flight. At the boarding gate, she taps her watch to the kiosk for boarding.
While flying, she checks the delivery status of the Xbox game she ordered 2 days
ago. Her son has been asking for it for his birthday gift. Tracking the postal office
database indicates that the game has been delivered to her office. Using her watch,
she also checks her son’s current location and health conditions. Although he is with
a caring nanny, Laura worries about her son who suffers from asthma. He wears a
wrist device for remote diagnosis and monitoring by her family doctor. On arriving
in Los Angeles, she is directed by her watch to pick a reserved rental car equipped
with a smart chip that records usage time, location, travel distance, and other
information for automated billing to the corporate account. After a short meeting
with her boss to report the outcome of the Los Angeles trip, she heads back home
with her son’s Xbox game.
It has been a long day for Laura. On the way home, she drops by a nearby grocery
store. When she grabs a shopping cart, its attached display greets her recognizing
her membership and shows special discount items of the day. She also picks up an
advertisement paper that has a full list of products in promotion. By placing her
watch close to a particular product code, more details are displayed. Prior to
shopping, she connects her home network to check the availability of food items and
their condition. Using the check, the watch automatically develops a recommended
shopping list. As the watch knows Laura’s precise location in the store, it plots ideal
routing through the store, saving her precious time in searching for shopping items.
With her busy schedule, she realizes that she might have to sign up for the grocery
store’s auto-replenishment service that links her home network to the store’s
tracking system.
When Laura arrives home, information and data stored in her watch and the
notebook computer are auto-synchronized with the home network’s central server.
Laura’s health information (e.g., pulse rates) gathered by the watch’s smart sensors
is also synchronized with the home server’s health assistant. Tonight, the health
assistant analyzes gathered data and recommends her to see a doctor after spotting
abnormality in her pulsation for the past 3 days. With Laura’s nodding, the health
assistant makes an appointment with her family doctor’s reservation system and
transmits health data for the doctor’s review. When she replenishes groceries in the
refrigerator, product information including their expirations is passed on to the
central server. It is already 10 o’clock. Before going to bed, she reads arrived
messages including automatic diagnosis of her son’s condition and an electronic
report from the auto maintenance shop.
Class Discussion
1. Discuss where and how PAN, LAN, MAN, and WAN technologies are used to
realize IoT.
2. In the scenario, can you identify new business opportunities (called business
models) that do not exist today? What about existing business models that may
become less relevant or even obsolete in the future because of technology
advancement?
1.6 Subnetwork versus Inter-network
Building on the explanation of intermediary devices in Section 1.2.2, the relationship
among network, subnetwork (or subnet), and inter-network (or internet) is further
clarified. The network is a loosely defined term whose scope covers a variety of
settings (e.g., personal surrounding, house, university campus, country). Section 1.5
classified it in terms of PAN, LAN, MAN, and WAN. Depending on how it is
designed, a network can be a subnetwork or an inter-network (i as a lowercase letter)
with multiple subnetworks joined by one or more routers. Remember that the internetwork is a generic term and thus differs from the Internet (I as an uppercase letter),
the largest network on the planet (the architectural details of which are explained in
Chapter 10).
Figure 1.20 is a simple demonstration of a LAN in which two subnetworks are tied
by a router to become an inter-network. When two computers exchange data across the
two subnetworks, the data-forwarding process (or activity) is called “internetworking.” As related, the difference between intra-networking and inter-networking
was explained in Figure 1.4 in which a subnetwork contains several intermediary
devices (e.g., switches, wireless access points) for intra-networking. In summary,
Figure 1.20 is a scenario in which the network is a LAN that is also an inter-network
with two subnetworks.
Figure 1.20 Scenario 1: A company’s network.
Figure 1.21 Scenario 2: A company’s network.
Figure 1.21 is another scenario of a company network composed of two remotely
located office LANs joined by a WAN link. In that setup, each LAN is a subnetwork
because delivering messages within the LAN boundary does not need router’s help.
This differs from Figure 1.20 in which one LAN consists of two subnetworks.
Additionally, the WAN connection is considered a subnetwork, although it may be
3000 miles long! As a result, the company’s enterprise network becomes an internetwork with three subnetworks. These two simple scenarios highlight fluid
relationships among the boundaries of the LAN/WAN, subnetwork, and inter-network.
Exercise 1.4
1. Refer to Figure 1.6 and answer the following questions:
a. How many subnetworks are there in each LAN?
b. If PC1 in LAN1 sends a file to a printer in LAN1, is this internetworking?
c. If PC1 in LAN1 sends a request message to a server in LAN3, is this
inter-networking?
d. If PC1 in LAN1 connects to an IP Phone in LAN1, is this internetworking?
e. If PC2 and a server in LAN3 exchange messages, is this inter-networking?
2. Figure 1.22 is a small corporate network installed in a building. It has three
switches connected to the border router with built-in firewall capability to
prevent intrusions from the Internet. Disregarding the connection between the
firewall router and the Internet:
a. How many LANs are there?
b. How many subnetworks are there?
c. If PC1 sends a message to the email server, is this inter-networking?
Figure 1.22 A hypothetical corporate network.
d. If PC1 sends a message to the file server, is this inter-networking?
e. What is the intermediary device used for intra-networking?
1.7 Measures of Network Performance
Network performance to effectively propagate host-produced data is a critical issue,
and much consideration should be given to optimize it during the stages of network
planning, design, implementation, maintenance, and upgrade. There is no shortage of
stories that underscore the importance of adequate network performance, especially as
networks move more real-time (e.g., voice calls, video streaming, online gaming) and
mission-critical (e.g., financial transactions, electronic commerce) data these days.
Many of the applications demand a certain degree of “guaranteed” performance
regardless of circumstances (e.g., traffic congestion). A number of measures are being
used to reflect such network performance from different angles, and those of capacity
(or speed), delay (or latency), and reliability are among the most important ones.
1.7.1 Capacity
Table 1.1 Metrics of Storage versus Network Capacity
Storage/Memory Capacity
KB (Kilobyte) = 1000 bytes
Network Capacity in Data Rate
Kbps (kilobits/s) = 1000 bits/s
MB (Megabyte) = 1 million bytes
Mbps (Megabits/s) = 1 million bits/s
GB (Gigabyte) = 1 billion bytes
Gbps (Gigabits/s) = 1 billion bits/s
TB (Terabyte) = 1 trillion bytes
Tbps (Terabits/s) = 1 trillion bits/s
PB (Petabyte) = 1 quadrillion bytes Pbps (Petabits/s) = 1 quadrillion bits/s
Network capacity (or speed) is gauged by the metrics of data rate. Data rate is about
how fast data flow in one direction from point A to point B (not the combined speed of
both directions). Not to confuse between byte and bit metrics (1 byte is generally 8
bits) in which byte metrics are primarily for data storage or memory capacity, not
network capacity. Table 1.1 summarizes metrics of data storage/memory capacity and
network capacity as increasing factors of bits per second (bps).
Table 1.2 Data Rates for Audio and Video Contents
Type of Content
Audio (MP3 encoding)
Quality Level
Data Rate
Telephone sound quality 8 Kbps
AM sound quality
32 Kbps
FM sound quality
96 Kbps
CD sound quality
224–320 Kbps
Video (MPEC2 encoding) DVD quality
HDTV quality
5 Mbps
15 Mbps
1.7.1.1 Data Types and Data Rate
Depending on the type of data to be propagated, required data rate differs considerably
in which plain texts take up the smallest capacity followed by audio and video. Much
of the network traffic these days is in the multimedia format that combines text, sound,
image, and video. To put things in perspective, Table 1.2 summarizes data rate
necessary to transport audio and video data at different quality levels. MP3 and
MPEC2 are popular compression standards used to encode audio and video data.
Exercise 1.5
Refer to Table 1.2. The data rate (in each direction) necessary for a digitized
telephone call is 8 Kbps. This means that a two-way full-duplex call between two
parties takes 16 Kbps. How many calls can be made concurrently with the data rate
necessary to transport just one HDTV channel?
Channel Capacity and Throughput: A network’s transmission capacity can be
measured in terms of both Channel Capacity and Throughput.
Channel Capacity: It is the maximum theoretical data rate of a link and is
oftentimes referred to as bandwidth or rated speed. Strictly speaking, channel
capacity in data rate is a digital concept, and bandwidth is an analog concept
(more accurate technical definition of bandwidth is explained in Chapter 4).
However, they are directly correlated—the bigger the bandwidth of a link, the
bigger the channel capacity; thus, practitioners use them interchangeably.
Throughput: It refers to actual data rate of a link. As a more realistic speed of a
network link, it is usually slower than channel capacity due to a number of
technical and circumstantial reasons including the effect of link distance,
transmission interferences, and internal/external noises. For instance, popular
WiFi standards such as 802.11n and 802.11ac can transmit at several hundred
Mbps (see Chapter 8). However, its actual throughput gets substantially lower as
the distance between two communicating nodes is increased.
1.7.2 Delay
Delay (or latency) represents the amount of time a network link takes to deliver data
between any two nodes and is usually in milliseconds (or 1000th of a second). Delay
can be measured in both one-way trip and round trip (e.g., a request and response
cycle) between two points. For example, as shown in Figure 2.13 in Chapter 2, the
ping utility program that tests if a particular target node is reachable gauges latency
based on a round trip. In the figure, the ping request was issued four times by the
source host, and all of them were replied by the target host (209.131.36.158) with a
round-trip latency of 26–29 ms.
When computers exchange data, there are various delay sources. Imagine a
hypothetical situation in which a person downloads the main page of
www.facebook.com. She/he will certainly experience delay until the web page is
displayed on the browser. Among the sources of delay are
Propagation delay: It takes time for the signal carrying the web page to travel
between two remotely located hosts.
Delay at hosts: The source host should internally process the user request before
releasing it to the Internet. This includes conversion of the request into a packet
(to be explained in Chapter 2) and then to an electronic signal (to be explained in
Chapter 4) for propagation. When the request arrives at the destination host (i.e.,
www.facebook.com server), it also performs similar internal processing to
ultimately produce a response packet and convert it to a signal for delivery.
Delay at intermediary devices: An intermediary device (e.g., router, switch)
mediates data transmissions between hosts, and the message forwarding requires
its own internal processing including the lookup of a reference table (e.g., routing
table, switch table) and subsequent forwarding path decision. Also, when
messages arrive at a port continuously, they are temporarily placed in a queue
before processing, inevitably resulting in queuing delay.
Delay is especially a sensitive issue when a network is used by time-sensitive
applications. In fact, because of the ever-growing popularity of real-time or near-realtime multimedia applications such as video-on-demand, videoconferencing, and online
gaming, more messages need to be propagated with little delay and oftentimes with
guaranteed performance.
1.7.3 Reliability
This performance dimension is about a network’s capacity to convey data in a stable
manner. The reliability of data delivery is mildly or severely affected (1) when there
are corrupted or lost data in the middle of their transmissions and (2) when a network
experiences interruptions (e.g., node failures, link failures).
Corrupted or lost data: Data corruption or loss takes place in different
magnitudes. It can be as small as a bit change (e.g., from 0 to 1) or as big as the
moderation or loss of entire bit streams. There are a number of sources that
trigger the reliability problem. Among them are network node crash caused by
certain forces; physical damage or cut of cabling; overflow of a network node’s
buffer space; power interruption or surge; and internal and external noises
triggered by such factors as signal interference due to lightning, industrial noise,
and cross talk.
Network unavailability: A network becomes unavailable when there is a node or
link failure. Just as a computer crashes, an intermediary device can fail for several
reasons including overloading, a system bug in its built-in software, power
interruption, succumbing to a malicious attack (e.g., denial-of-service attack), and
operational mismanagement. Also, the network link can be a source of trouble
when it is accidentally damaged or when cabling between a node and a link is
unstable. When a network itself becomes unavailable either entirely or partially
due to the node or link fault, this limits network accessibility.
1.7.4 Quality of Service
A concept closely associated with the dimensions of network performance is quality of
service (QoS). QoS represents the capability of a network in guaranteeing
performance in terms of link capacity, latency, and reliability. It is particularly
germane to the carrier’s WAN (including the Internet) service offered to business
clients (e.g., e-commerce stores). In early days, QoS was not such a critical issue for
WAN connections as network applications were not that sophisticated and mission
critical. However, as more computer programs perform business functions vital to
organizations over the network, the ability of WAN to guarantee network performance
has become an essential requirement.
For example, Amazon.com and eBay.com entirely rely on the Internet for business
transactions, and even a few minutes of service disruption means millions of dollars in
lost revenue. When a carrier offers QoS to a client organization, its network should be
able to provide the client with the level of “promised” performance regardless of
circumstances (e.g., traffic congestion).
Of course, the QoS-guaranteed network service is costlier than the non-QoS service
to client organizations. A carrier can use such techniques as data prioritization and
dedication of link capacity to enhance service quality. Businesses, however, may not
need such QoS provision if their WAN links are used mainly for general applications
(e.g., emails, web surfing).
1.8 Numbering Systems
In this section, three different numbering systems (i.e., binary, decimal, and
hexadecimal) used to represent numeric values in networking are reviewed. Although
they are used altogether, there is a preference of one system over the others depending
on the usage context. As we are already aware of, network nodes process various data
types (e.g., texts, images, videos) in binary of 0s and 1s.
Table 1.3 Numbering Systems
Numbering
System
Number
of
Digits
Digits in Base
Binary
2
0 and 1
Decimal
10
0 through 9
Hexadecimal 16
0 through 9, A, B, C, D, E, and F (in which A = 10, B
= 11, C = 12, D = 13, E = 14, F = 15)
Note: Hexadecimal values are indicated by either 0x prefix or h suffix. For example,
0x3256 means that 3256 is hexadecimal.
Data in binary, however, are hard for human beings to comprehend, and thus both
decimal (with 10-base) and hexadecimal (with 16-base) numbering systems are also
utilized for better readability. With 16 base, hexadecimal is more efficient than
decimal in expressing binary combinations. As such, translation between binary and
decimal and that between binary and hexadecimal become the fundamental knowledge
in studying computer networking, especially network addressing. Table 1.3
summarizes three numbering systems and their base digits.
1.8.1 Binary versus Decimal
The translation between binary and decimal is explained based on the unit of 8 bits as
it becomes the building block of 32-bit IP addresses. For example, an IP address of
123.45.56.89 is equivalent to 01111011. 00101101. 00111000. 01011001. The binary–
decimal conversion is demonstrated using an example of 8-bit binary (01011010) and
its equivalent decimal (90) values.
1. Binary (01011010) to decimal (90) conversion
a. First, determine the decimal position value of each binary bit using the
power-of-two computation.
b. Once decimal position values are in place, add up the decimal values of
nonzero binary positions. In the example, the summation of 64, 16, 8, and 2
becomes 90.
Initial binary combination (8 bits)
0
1
Power of two
27
26 25 24
Decimal position values
128 64 32 16
Add decimal values of nonzero binary
positions
0
1
64
1
0 1
0
23 22 21 20
8
4 2
+16 +8
+2
1
=
90
2. Decimal (90) to binary (01011010) conversion
Decimal Position Values
128 64
32 16
a. Find the largest decimal position value
128 [64] 32 16
that is ≤90
b. Obtain the remainder value
1
4 2
1
32 [16] 8
4 2
1
Difference between 26 and 16 =
10
e. Find the largest decimal position value
that is less than or equal to the remainder 128 64
value 10
f. Obtain the remainder value
8
4 2
Difference between 90 and 64 =
26
c. Find the largest decimal position value
that is less than or equal to the remainder 128 64
value 26
d. Obtain the remainder value
8
32 16
[8] 4 2
1
Difference between 10 and 8 = 2
g. Find the largest decimal position value
that is less than or equal to the remainder 128 64
value 2
32 16
8
4 [2] 1
h. Obtain the remainder value. As the
Difference between 2 and 2 = 0
remainder becomes 0, stop here.
i. Binary numbers corresponding to the
parenthesis values above are 1s and the 0
others are 0s.
1
0
1
1
0 1
0
Notes: 01011010 (8 bits) is identical to 1011010 (7 bits). The demonstration is
based on the 8-bit combination.
Exercise 1.6
1. Convert decimal values 38, 110, 192, and 255 to their 8-bit binary counterparts.
2. Translate the following 8-bit binary blocks to their corresponding decimal
values.
01100001 11110110 11100011 10100010
1.8.2 Binary versus Hexadecimal
In computer networking, hexadecimal digits are used to represent MAC (or physical)
addresses (see Section 1.2.1). Each MAC address is 48 bits (see Section 1.9.2), and
they are converted to 12 hexadecimal digits (thus, each hex digit is equivalent to 4
bits). The following demonstration focuses on the conversion between a hexadecimal
digit and its equivalent 4 binary bits.
The conversion takes nothing but the translation between a hexadecimal’s decimal
value and its corresponding 4 bits. For example, the hexadecimal digit “A” is
equivalent to decimal “10,” which in turn translates into 1010 in binary using the same
conversion method in Section 1.8.1. The conversion is summarized as follows:
Hexadecimal
Decimal
Binary
A
→ 10
→ 1010
A
← 10
← 1010
To translate a binary bit “stream” into its corresponding hexadecimal values, the bit
stream should be divided into 4-bit blocks first. Then, convert each 4-bit unit into its
corresponding decimal value and subsequently find its hexadecimal equivalence.
Recall that A = 10, B = 11, C = 12, D = 13, E = 14, and F = 15. As an example, for the
binary bit stream of 10010110100010101101,
1. Creation
of
4-bit
blocks:
10010110100010101101
becomes
1001.0110.1000.1010.1101.
2. Conversion of each block into a decimal value: 1001.0110.1000.1010.1101
becomes 9.6.8.10.13.
3. Conversion of each decimal value into a hexadecimal equivalence: 9.6.8.10.13
becomes 0x968AD.
Exercise 1.7
1. Convert 0x17AB to its binary counterpart.
2. Convert the following hex digits to binary bits with each hex digit representing
4 binary bits.
0xABCDEF 0x34A57 0x12DF01 0x78ADC
3. Convert the binary stream “10110110100011100001” to hex with each hex
digit representing 4 binary bits.
4. If the physical address of a computer’s network card (NIC) is
001001100111100010101011010111000100100010001101, What is its
corresponding hexadecimal address?
1.9 Network Addressing
Just as postal addresses are necessary to deliver snail mails, network nodes transport
data relying on standardized address information. So, allocation of addresses to hosts
and intermediary devices, their configuration, and management are activities
fundamental to adequate operations of a computer network. In this section, network
addresses currently in use are characterized in terms of permanency, accessibility, and
privacy dimensions.
1.9.1 Characterizing Network Addressing
Permanency (temporary vs. permanent)
Network addresses can be either temporary (or dynamic) or permanent (or static).
The temporary address is dynamically assigned to a station, and it can be
reclaimed and reassigned to another station, if unused for a certain period of time
(e.g., 24 h). Such temporary address is typically allocated to a user device (as a
related concept, refer to the DHCP standard in Chapters 2 and 10). The permanent
address, meanwhile, is either printed on a node’s network card (e.g., MAC
address) by the device manufacturer or manually set up (e.g., IP address) on a
computer system. In general, server computers and intermediary devices are
given one or more permanent IP addresses.
Accessibility (local vs. global)
Addresses can be either locally or globally recognized. Locally recognized
addresses are only used within a subnetwork to move data for intra-networking.
The MAC address printed on a host’s network card (NIC) is an example. In
contrast, globally recognized addresses are used to transport data beyond the
subnetwork boundary, thus for inter-networking and global reach. The IP address
belongs to this type.
Privacy (public vs. private)
IP addresses are divided into public and private addresses. Packets containing
public addresses can be forwarded to the destination host over the Internet. In
contrast, the private address, as the term implies, is used only within an
organization or a home network. In other words, the packet with a private address
is deliverable to a destination node located within the same organizational or
home network boundary, but not outside. The usage of private addresses offers
heightened security as internal nodes are invisible from outside. Many
organizations rely on private IP addresses to protect their internal networks and
also to be flexible in address allocation to internal hosts and intermediary devices
(more details are given in Chapter 5).
The two different address schemes used concurrently for computer networking are
MAC and IP addresses.
1.9.2 MAC Address
The NIC of a computer has at least one MAC address assigned to it. The MAC address
is also known as a physical or hardware address because it is permanently printed on
an NIC and thus cannot be changed (although it can be spoofed or masked using
software). The NIC for Ethernet or WiFi as the two most dominant LAN standards
uses an MAC address of 48 bits, which is burned into the NIC’s read only memory
(ROM). When a node is started, its MAC address is copied into the NIC’s random
access memory (RAM) to enable the node’s networking function.
As stated, the 48-bit MAC address is presented to people as 12 hexadecimal digits,
each digit representing 4 binary bits. The MAC address in hex is generally written in
one of the three formats:
01-35-A7-BC-48-2D: (two hex digits separated by “-”)
01.35.A7.BC.48.2D: (two hex digits separated by “.”)
01A7BC.482D: (four hex digits separated by “.”)
Out of the 12 hexadecimal digits, the first 6 become an organizationally unique
identifier (OUI). The OUI indicates an NIC card’s manufacturer and is assigned by
Institute of Electrical and Electronics Engineers (IEEE), a leading standard-setting
organization responsible for LAN standards (e.g., Ethernet, WiFi). The remaining six
digits represent a combination uniquely allocated to each NIC. With this allocation
scheme, no two NICs should share the same MAC address.
Exercise 1.8
Conduct Internet search to locate OUIs of technology powerhouses including Cisco,
Apple, Intel, and Microsoft. Observe how many different OUIs are owned by each
company.
1.9.3 IP Address
The IP address is a global standard necessary for a network node to exchange data with
any other nodes. As explained, the temporary IP address is dynamically allocated to a
host station whenever it issues a request and therefore has an expiration. In contrast,
the permanent IP address allocated to a host (e.g., server) stays with it so that the host
performs the intended service functions without interruptions. Whereas, the MAC
address is a physical address, the IP address is a logical address because it is not bound
to a node physically.
Two different IP standards are used concurrently: IPv4 (version 4) and IPv6 (also
known as IP next generation or IPng). The IPv4 address consists of 32 bits that are
translated into a combination of 4 decimal values (e.g., 127.232.53.8). The IP address
is composed of network and host identity parts. For example, in 172.232.53.8, 172.232
and 53.8 may represent the network and host identities, respectively. Chapter 5 covers
IPv4 addressing. The adoption of more advanced IPv6 addressing, with 128 bits for an
address, is growing, and the future clearly belongs to it. Some of the fundamentals of
the IPv6 addressing scheme are explained in Chapter 10.
1.9.4 Pairing of MAC and IP Addresses
To be able to exchange data over the network, a host station (e.g., PC, tablet,
smartphone) needs a pair of MAC and IP addresses. Figure 1.23 illustrates the one-toone pairing (or binding) of MAC and IP addresses. In the case of intermediary devices,
the pairing relationship is a little different and will be explained in Chapter 3.
Figure 1.23 Pairing of MAC and IP addresses.
It is natural to raise a question of why a host needs the pairing of an MAC and an IP.
A rather simple answer is that MAC is for intra-networking and IP is for inter-
networking. In other words, within a subnetwork, the MAC address of a destination
host is all it takes in delivering a message from a source station. When a packet has to
cross multiple subnetworks (for inter-networking) before reaching the ultimate
destination, its IP address needs to be continuously referenced by the router(s) on the
way. The somewhat complex logic behind the concurrent usage of both addressing
systems is explained in Chapters 2 and 3.
Exercise 1.9
1. Search the MAC and IP addresses of your smartphone. It might have two
MACs: one for WiFi and the other for Bluetooth.
2. Smartphones come with a unique International Mobile Equipment Identifier
(IMEI). Search the IMEI of your smartphone. What is it and how is it different
from the MAC/IP address? What can you do with the IMEI in protecting the
device? (Search the Internet for answers.)
3. Find out the MAC and IP addresses of your computer by typing ipconfig/all for
Windows and ifconfig for Linux/Unix at the command prompt.
Figure 1.24 IP configuration of a host station (MS Windows).
As shown in Figure 1.24, today’s computers are generally equipped with two MAC
addresses, one for Ethernet NIC and the other for WiFi NIC. At one point, only the
MAC address in usage is associated with the host’s IP address. On the basis of Figure
1.24, answer the following questions:
a.
b.
c.
d.
e.
What is the computer’s current IP address?
How many NICs and MAC addresses the host station has?
What are their MAC addresses and why there is more than one MAC address?
Who are the manufacturers of the NICs?
It shows that the WiFi LAN’s MAC address is bound to the IP address
192.128.1.2. What does that mean?
Other items shown in Figure 1.24 including auto-configuration, subnet masks, default
gateway, DHCP servers, and DNS servers are explained throughout the book.
Chapter Summary
A computer network is made up of various hardware and software components
including hosts, intermediary devices, network links (or communication links),
applications, data (or messages), and network protocols.
Data communications between network nodes are primarily in the forms of
unicasting, broadcasting, and multicasting.
Data flows between two network nodes can be simplex (i.e., one-way only), halfduplex (i.e., two ways but one way at a time), and full-duplex (i.e., two ways
concurrently).
Network topology refers to the layout of network nodes and links, a design
approach utilized to interconnect intermediary devices and hosts. Among the
different topologies are point-to-point, bus, star (or hub-and-spoke), ring, mesh,
and tree (or hierarchy).
Computer networks are generally classified into four types in terms of their
coverage scope: PANs, LANs, MANs, and WANs.
The subnetwork is a network segment formed when intermediary devices
including hubs, bridges, wireless access points, and switches interconnect host
computers. The router is used to tie different subnetworks to form an internet.
The primary dimensions of network performance include capacity (or speed),
delay (or latency), and reliability. As related, QoS represents a network’s ability
in guaranteeing such performance.
Three different numbering systems (i.e., binary, decimal, and hexadecimal) are
used in networking, and a particular numbering system is preferred over the
others depending on the usage context.
Network nodes transport data relying on standardized address information, and
MAC and IP addresses are used concurrently.
Key Terms
access link
application
binary
bits per second (bps)
Bluetooth
broadcasting
bus topology
campus network
capacity
channel capacity
circuit switching
client–server computing
command-line interface
data rate
decimal
delay
duplex
end device
end station
end system
enterprise network
full-duplex
half-duplex
hexadecimal (HEX)
hierarchical topology
host
hub-and-spoke topology
ifconfig
intermediary device
internet
internet
Internet of Things (IoT)
inter-networking
intra-networking
IP address
ipconfig
IPv4
IPv6
latency
local area network (LAN)
logical address
MAC address
mesh topology
message
metropolitan area network (MAN)
multicasting
near-field communication (NFC)
network
network interface card (NIC)
network link
network node
networking device
organizationally unique identifier (OUI)
peer-to-peer computing
permanent (or static) address
personal area network (PAN)
physical address
point-to-point topology
protocol
quality of service (QoS)
random access memory (RAM)
read only memory (ROM)
reliability
ring topology
semantic rule
simplex
star topology
subnetwork (subnet)
syntactic rule
temporary (or dynamic) address
throughput
topology
tree topology
trunk link
unicasting
wide area network (WAN)
WiFi
WiFi Direct
wireless NIC (WNIC)
Zigbee
Chapter Review Questions
1. The ________ represents the layout of network nodes and links.
A. network node
B. network domain
C. network topology
D. network architecture
E. network blueprint
2. Choose an ACCURATE statement regarding the relationship between hosts,
intermediary devices, and network nodes.
A. Hosts are intermediary devices.
B. Hosts are also called networking devices.
C. Intermediary devices include network nodes and hosts.
D. An intermediary device is either a network node or a host.
E. Network nodes include intermediary devices and hosts.
3. Which topology is used widely when network redundancy is important to prepare
for node or link failures?
A. point-to-point
B. partial mesh
C. star
D. bus
E. hub-and-spoke
4. Star topology is also known as
A. ring
B. partial mesh
C. full mesh
D. bus
E. hub-and-spoke
5. Which is an access link?
A. router–router link
B. switch–switch link
C. switch–router link
D. web server–switch link
E. hub–switch link
6. The organizationally unique identifier (OUI) is an element of ________.
A. MAC addresses
B. public addresses
C. IP addresses
D. global addresses
E. local addresses
7. The throughput of a network
A. represents the speed guaranteed by a service provider.
B. describes the strength of a signal.
8.
9.
10.
11.
12.
13.
C. is interchangeably used with rated speed.
D. represents the maximum capacity of its cabling.
E. represents its actual speed.
Messages (or data) are produced and exchanged according to meticulously
defined rules of communication. These rules are implemented in ________.
A. protocols
B. messages
C. network links
D. applications
E. data
Choose an INCORRECT statement regarding the network link.
A. Copper wires and optical fibers are popular wired media these days.
B. Network links are divided into access and trunk links.
C. Creating a computer network needs to have at least one trunk link.
D. The access link provides connectivity between a host and an intermediary
device.
E. The trunk link interconnects intermediary devices.
The campus network is a type of ________.
A. local area network
B. metropolitan area network
C. personal area network
D. wide area network
E. wireless network
What is the binary correspondence of hex digits “B301”?
A. 1110001100000001
B. 1011001100000001
C. 1001001100010001
D. 1011001100101001
E. 1011001100100101
Select an ACCURATE statement on network addressing.
A. MAC addresses of a university’s PCs are the same in their first six hex
digits.
B. The primary usage of the MAC address is for inter-networking.
C. The IPv4 address is longer in its length than the MAC address.
D. An IP address should be permanently assigned to a host station.
E. A host station should have an MAC and an IP address for networking.
Which is TRUE regarding the MAC address?
A. It is a permanent address.
B. It is stored in a computer’s RAM in eight hex digits.
C. It is dynamically provided by a designated server to requesting stations.
D. It is determined by a computer’s operating system.
14.
15.
16.
17.
18.
19.
20.
E. Two computers can own the same MAC address.
Which three terms are used interchangeably as metrics of network performance?
A. channel capacity, bandwidth, throughput
B. channel capacity, throughput, flow
C. reliability, accuracy, availability
D. channel capacity, bandwidth, rated speed
E. reliability, accuracy, latency
When the nearby laptop, wireless mouse and keyboard, smart phone, and digital
camera exchange data, a ________ standard is used:
A. WAN (wide area network)
B. PAN (personal area network)
C. NFC (near-field communication)
D. LAN (local area network)
E. MAN (metropolitan area network)
Which is a legitimate MAC address?
A. ab-01-cd-ef-23-45
B. ab-01-cd-ef-23-4
C. ab-01-cd-ef-23
D. ab-01-cd-ef-2
E. ab-01-cd-ef
Switches within a network are interconnected by ________.
A. access links
B. peer-to-peer links
C. trunk links
D. channel links
E. internet links
Network nodes include ________.
A. intra-networking and inter-networking devices
B. intermediary devices and end stations
C. intermediary devices and network links
D. intermediary devices and networking devices
E. end devices and network links
Which is NOT NECESSARILY an accurate description of the intermediary
device?
A. It has at least one built-in network card.
B. It also becomes a network node.
C. It always operates in the full-duplex mode.
D. It relies on network addressing to exchange data.
E. It operates for either intra-networking or inter-networking.
Which is a right sequence of data rate metrics from the smallest to the largest?
A. Kbps—Mbps—Pbps—Gbps—Tbps
21.
22.
23.
24.
25.
B. Tbps—Pbps—Kbps—Mbps—Gbps
C. Kbps—Gbps—Mbps—Tbps—Pbps
D. Kbps—Mbps—Gbps—Tbps—Pbps
E. Kbps—Mbps—Gbps—Pbps—Tbps
There are many websites that offer audio or video streaming of TV programs and
movies over the Internet. These services generally rely on the ________
technology.
A. unicasting
B. anycasting
C. multicasting
D. broadcasting
E. dualcasting
The three main sources of network latency (or delay) include
A. propagation delay, delay at hosts, and delay of server processing.
B. propagation delay, delay at hosts, and delay at intermediary devices.
C. delay at intermediary devices, delay at hosts, and delay of client processing.
D. delay of application processing, propagation delay, and delay at hosts.
E. delay of server processing, delay at intermediary devices, and delay at hosts.
The primary dimensions of network performance include ________.
A. delay, cost, and reliability
B. capacity, reliability, and accessibility
C. capacity, reliability, and cost
D. delay, capacity, and reliability
E. reliability, delay, and accessibility
The following message is produced by the web browser according to the
________.
“GET/HTTP/1.1
Host: www.google.com”
A. semantic rule
B. lexicon rule
C. syntactic rule
D. message rule
E. link rule
Which statement CORRECTLY describes network topology?
A. Tree: All network nodes are either a hub or a spoke.
B. Bus: All network nodes are directly connected.
C. Hierarchy: Host stations are linked to a main transmission line.
D. Star: All locations connect to a central site, and thus the network is
susceptible to a single point of failure.
E. Full mesh: It is a cost-effective approach in creating a highly reliable
network with redundancy.
2 Architectures and Standards
2.1 Introduction
This chapter explains network architecture, layers, standard and protocol, and their
relationships. These concepts are highly abstract and can pose a considerable challenge
to comprehension. Nonetheless, they are fundamental to computer networking and
hence have been introduced in the early part of this book. You are encouraged to go
through an entire chapter several times to get a better grasp of the concepts and their
relationships.
First of all, communications between network nodes demand the precise execution
of a number of predefined functions (or activities). If just one of the functions is not
properly performed, nodes will either misunderstand or be unable to understand each
other. These functions can be grouped by their similarities. The standard architecture
in comput…
