Briefly about networks

This material continues a series of articles devoted to internal training seminars that are held at the IT company Nauka and serve to develop the horizons of its employees. We hope that the information presented in it can be useful for high school students, junior university students, and employees of IT companies who are not involved in their work with IT infrastructure.

1. OSI network model

Open systems interaction model (Open Ssystem Interconnection model) was developed in the late 1970s to describe the architecture and principles of operation of data networks and is a reference model. A little later it became a working product of the Open Systems Interaction Group International Organization for Standardization (ISO).

This model has seven hierarchical levels and is presented in Figure 1. The top level is the seventh (application), and the bottom is the first (physical).

In the simplest case, the Sender, the Receiver (devices) and the actual transmitted data interact in the network. Everything that should happen when transmitting and receiving data is described by the OSI model.

At the top level, information is represented in the form of data, at the bottom – in the form of bits. The process of sending data and translating it into a sequence of bits is called encapsulation (Figure 2). The reverse process of converting a sequence of bits received at the lower level into data at the upper level is called decapsulation (Fig. 2). During encapsulation and decapsulation, data, turning into a sequence of bits and a sequence of bits, turning into data, passes sequentially through all seven levels of the model. Moreover, on each of them, information is presented in the form of protocol data units – PDU (Protocol Data Unit).

Rice. 2 – Encapsulation and decapsulation of data

First level is responsible for the exchange of physical signals between devices, such as computers, in the form of a set of bits. Each layer has its own PDU, which is presented in a form that is understandable at that layer. Only at levels 5 to 7 work directly with data. At the first level, bits are transmitted over copper cables, optical fiber or over the air (Bluetooth, Wi-Fi, GSM).

Second level (channel, Data Link Layer, L2) deals with addressing during data transfer. It forms frames from bits with the addresses of the sender and recipient and transmits them to the first level for sending to the recipient over the network. This level has two sublevels: MAC (Media Aaccess Control – medium access control) and LLC (Logical Link Control – control of logical connection). MAC assigns physical 48-bit MAC addresses to the sender and recipient. LLC checks the data, corrects it if necessary and handles its transfer. At the data link layer, the ARP protocol is actively used (Address Resolution Protocol – address determination protocol). With its help, MAC addresses are mapped to 32-bit IP addresses operating at layer 3, and vice versa, thereby encapsulating and decapsulating data.

Third level (network, Network Layer, L3) is responsible for the data transmission path. It converts logical addresses and names into physical ones, determines the shortest routes, and monitors problems and congestion in the network. The network layer protocols are: IP(Internet Protocol)v4/IPv6, IPX (Internetwork Packet Exchange – internetworking protocol), X.25 (partially this protocol is implemented at layer 2), IPsec (Internet Protocol Security). In addition, many routing protocols operate at this layer, which will be discussed later.

The layers of the OSI model (Figure 1) can be divided into two groups:

Media layers (environment levels),
Host layers.

The media layers (L1 – L3) deal with the transfer of information (via cable or air) and are used by network devices such as switches, routers, etc. The host layers (L4 – L7) are used directly on devices such as desktop computers or mobile devices.

Fourth level (transport, Transport Layer, L4) is a kind of intermediary between the environment and host levels. Its main tasks are transporting packets and monitoring the integrity or speed of transmitted data. Protocols used at this level TCP (Trelease Ccontrol Protocol – transmission control protocol) and UDP (User Datagram Protocol) and many other protocols.

TCP provides reliable continuous transmission of data, excluding its loss or disruption of the order of its receipt or duplication; it can redistribute data, breaking large portions of data into fragments and vice versa, merging fragments into one packet. When transmitted over TCP, data is divided into segments. A segment is part of a package. If a data packet arrives that exceeds the network capacity, it is divided into segments of an acceptable size. Packet segmentation is also required on unreliable networks when there is a high probability that a large packet will be lost.

UDP is limited to monitoring the integrity of data within one datagram and does not exclude the possibility of losing an entire packet or duplicating packets. This protocol is used to transmit data that is most sensitive to delays, such as multimedia data. When transmitting data over the UDP protocol, data packets are divided into datagrams, which are also part of the packet. The main difference between datagrams and segments is their autonomy. Each datagram contains all the necessary headers to reach its final destination. They do not depend on the network state and can be delivered via different routes and in different orders. When datagrams or segments are lost, you end up with “broken” pieces of data that cannot be processed correctly. But for multimedia data this is often not so important.

The first four levels are the domain of network engineers, and levels 5–7 are the domain of developers.

Fifth level (session, Session Layer, L5) is responsible for maintaining a session (communication session): manages the interaction between applications, opens up the possibility of synchronizing tasks, ending a session, and exchanging information. An example of how the fifth level works is a video call over a network. During video communication, synchronous transmission of two data streams (audio and video) is required. If a third person is added to a conversation between two people, then it becomes a conference. In this case, the task of the fifth level is to make sure that the interlocutors can understand who is speaking now.

Sixth level (data presentation, Presentation Layer, L6) is responsible for:

Fourth level (transport, Transport Layer, L4) is a kind of intermediary between the levels of the environment and the host. Its main tasks are transporting packets and monitoring the integrity or speed of transmitted data. Protocols used at this level TCP (Trelease Ccontrol Protocol – transmission control protocol) and UDP (User Datagram Protocol) and many other protocols.

TCP provides reliable continuous transmission of data, excluding its loss or disruption of the order of its receipt or duplication; it can redistribute data, breaking large portions of data into fragments and vice versa, merging fragments into one packet. When transmitted over TCP, data is divided into segments. A segment is a part of a package. If a data packet arrives that exceeds the network capacity, it is divided into segments of an acceptable size. Packet segmentation is also required on unreliable networks when there is a high probability that a large packet will be lost.

The first four levels are the domain of network engineers, and levels 5–7 are the domain of developers.

Sixth level (data presentation, Presentation Layer, L6) is responsible for:

· protocol conversion and data encoding/decoding;

· presentation of pictures (in JPEG, GIF, PNG, etc.);

· video-audio presentation (MPEG, QuickTime);

· encryption of data if it needs to be protected during transmission.

Seventh level (application, Application Layer, L7) is what users directly interact with, a kind of graphical interface of the entire OSI model. Users practically do not interact with other levels. The main task of the seventh level is to use its protocols so that the user can see the data in a form that is understandable to him.

IT companies actively use the OSI model as a standard. It is used, in particular, as a tool for network diagnostics. If something is not working on the network, it is much easier to determine the level at which the problem occurred than to try to rebuild the entire network from scratch.

2. What is Ethernet

Ethernet is a family of technologies batch transfer data between devices for computer And industrial networks. Today it is the most common protocol in the world used to build local area networks (LANs) and metropolitan area networks (MANs). Ethernet protocols operate at the data link and physical layers of the OSI model, providing a means for transferring data between devices.

There are several versions of the Ethernet protocol, but they all work on the same principle. Ethernet uses a cable connection to transmit data and uses MAC addressing to identify the sender and receiver of the data.

Ethernet technology, to put it simply, works as follows:

1. The sender creates a data frame containing the information to be sent.

2. The data frame is sent to the Sender's network adapter, which converts it into an electrical or optical signal suitable for transmission over the appropriate cable.

3. The network adapter sends a signal through a cable to a switch or router that is on the same local network as the Sender.

4. The switch or router receives the signal, checks the destination MAC address, and forwards the data frame to the appropriate Recipient.

5. The recipient receives the data frame, checks the check amount (FCS) and processes it.

Ethernet standards define wire connections and electrical signals on physical levelformat personnel And protocols control access to the environment – on link level OSI models. Ethernet is mainly described by standards IEEE 802.3 groups. Ethernet has become one of the most common technologies LAN in the middle 1990sdisplacing such outdated technologies as Token Ring, FDDI And ARCNET.

Further, all the material in the article will be presented for Ethernet networks.

3. Collision domain

Collision in an Ethernet network, it is a distortion of transmitted data that occurs when it is simultaneously transmitted by several workstations.

Collision domain is a network segment in which collisions may occur.

The simplest collision domain is a local network based on a hub (Fig. 3). A hub (Fig. 4) is essentially a repeater that distributes packets transmitted by one computer to other computers on the network. The disadvantage of such a network is that only one computer must transmit data, and the rest must listen to it. If several computers transmit data at the same time, a collision occurs. The entire hub-based network is a collision domain. If there are few computers in such a network, then it works quite well. But as the number of computers on the network increases, its performance deteriorates (slows down).

Figure 4 – Hub from Bay Networks

In a collision domain, one computer transmits data, and the rest receive it and can either respond or not respond, depending on the traffic (type of packets transmitted). Possible traffic types are:

· Unicast – one computer transmits data to only one other computer;

· Broadcast – one computer transmits data to all computers on the network;

· Multicast – one computer transmits data to several specific computers on the network.

In this network, the type of traffic is Broadcast. Therefore, the network needs to be segmented, i.e. break a large collision domain into a number of small ones. To divide the collision domain into two, Bridge was initially used, which had two ports, each of which was part of its own collision domain, and worked at the second level of the model OSI. Collisions did not propagate across the bridge. But very quickly the idea that a bridge could have many ports appeared and was embodied in hardware. This is how switches appeared, operating at the second level of the model OSI.

4. Switches

On switches, each port is part of its own collision domain. The switch-based network (Figure 6) is shown in Figure 5.

The switch converts the bit stream received by the port from the Sender into an Ethernet frame (Fig. 7), which contains the MAC address (Fig. 8) of the Recipient and redirects this frame to the port to which the Receiver is connected. To do this, the switch contains a table of MAC addresses of devices connected to its ports (Fig. 9).

The Ethernet frame contains the following fields:

· Header (Headline):

o DST MAC (6 bytes) – MAC – Recipient address;

o SRC MAC (6 bytes) – MAC – Sender address;

o TYPE/LENGTH (2 bytes) – type of upper-level protocol that receives data for subsequent processing after Ethernet shutdown/length (number) in bytes of data following this field and preceding the FCS field;

o LLC (Logical Link Control) protocol fields:

– DSAP (Destination Service Access Point, 1 byte) – address of the destination service entry point;

– SSAP (Source Service Access Point, 1 byte) – address of the source service entry point;

– Control (1 byte for LLC1 mode or 2 bytes for LLC2 mode);

· Data – data field with a length of 46 to 1500 bytes;

· FCS (Frame Check Sequence, 4 bytes) – “frame check sequence” is a special value added to the end of the frame to detect transmission errors on the receiving side (CRC is most often used).

The LLC protocol provides local network technologies with the required quality of transport service by transmitting its frames either in a datagram manner or using connection establishment and frame recovery procedures. LLC transmits its frame along with address information about the destination node to the appropriate protocol layer MACwhich packs the LLC frame into its own frame (for example, an Ethernet frame, see Figure 7). According to the IEEE 802.2 standard, the logical link control layer provides three types of procedures to upper layers:

1. LLC1, Type1, connectionless – service without connection establishment and without confirmation.

2. LLC2, Type2, connection-oriented – service with connection establishment and confirmation.

3. LLC3, Type3 – service without connection establishment, but with confirmation.

A MAC address is a unique and inimitable identifier of a device connected to a network, which can be compared, for example, with a person’s passport.

An example of a MAC address is shown in Fig. 8. The address is 48 bits long, of which:

·22 bits is the network device manufacturer identifier (OUI – Organizationally Unique Identifier),

· 24 bits – unique device number determined by the manufacturer,

· BC – a bit indicating which recipient the frame is intended for – single (0) or group (1),

· Local – a bit indicating the principle of MAC address administration:

o 0 – global;

o 1 – local.

An example of a switch's MAC address table is shown in Fig. 9. This table contains static and dynamic addresses. Static addresses belong to the switch itself, and dynamic addresses belong to devices connected to its ports.

Figure 9 – Example of a switch MAC address table

The switch does not pass Unicast packets, but must pass Broadcast packets, so all network devices (hosts) in the switched network are one Broadcast domain. An example of a Broadcast request is a DHCP request, which is used to obtain a dynamic IP address for a host from a DHCP server (Figure 10).

When a host connects to an unconfigured network, it begins sending broadcast packets of a certain type in order to reach a DHCP server that it does not yet know exists. The DHCP server, having received such a packet, responds to it with an offer to take the IP address it generated. The host receives this IP address and then communicates using Unicast packets.

In addition to DHCP, there are a sufficient number of other protocols that use broadcast traffic. Because of this, serious problems may arise in the network that affect its performance, for example, a broadcast storm (if the Spanning Tree protocol is not configured). An example of the occurrence of this phenomenon is shown in Fig. 11.

Figure 11 – Example of a broadcast storm

Host A forwards the broadcast packet to switch A. Switch A broadcasts it to switches B and C. Switch C broadcasts it to switch B, and switch B broadcasts it to switch C. Then switch A receives this packet back from switches B and C and the process repeats again and again . If host A continues to send broadcast packets to the network, then soon the network will “choke.”

Spanning Tree Protocol is a Link Layer (L2) protocol whose primary purpose is to eliminate loops in the topology of an arbitrary Ethernet network that has one or more network bridges or switches connected by redundant connections.

In addition, a broadcast storm can be eliminated by introducing into the network a device operating at the third level of the OSI model – a router (Router, see Fig. 12), through which broadcast packets cannot spontaneously pass.

If a switch splits a collision domain into multiple domains, a router does the same with a broadcast domain. But quite a long time ago, a large number of different switches appeared that support operation at the third level of the OSI model. First of all, we are talking about backbone switches, and not about workgroup switches.