Chapter 1. Networking and the OSI Model

Chapter 1 Networking and the OSI Model 3

4 Nortel Networks: The Complete Reference Although many aspects of networking change as time goes by, some things remain constant. In order for different local area network (LAN) and wide area network (WAN) technologies to interact together, standards need to be in place to ensure interoperability. Vendors of different networking technologies must adhere to these standards so that the multitude of networking equipment functions together correctly. A wide variety of standards are already in place for technologies such as Ethernet, token ring, Fiber Distributed Data Interface (FDDI), and Asynchronous Transfer Mode (ATM), and new standards are being created continually as technology advances. The Seven-Layer OSI Model The Open Systems Interconnection (OSI) model, formulated by the International Organization for Standardization (ISO), defines the seven different networking layers (see Figure 1-1). The purpose of this model is to define how information from a user application, such as e-mail or a web browser, should be converted into a physical signal for transport across the LAN or WAN, and then converted back again for use at the application layer on the receiving side. Although sometimes thought of as a standard, the OSI model is really more of a guideline indicating how data is to be converted from a user application, transmitted over a physical medium, and then converted back again. The OSI model describes the seven networking layers and the functions of each, but it doesn t define the specific manner in which these layer functions work, because that varies depending on the networking architecture being used. This is a flexible model, as not every technology (ATM most notably) will fit the model exactly. Figure 1-1. The seven-layer OSI model

Chapter 1: Networking and the OSI Model 5 Physical Layer (Layer 1) The first layer of the OSI model is the physical layer, which defines how data should pass over the physical medium and how that data should be encoded at the bit level. Included in the physical layer are the physical medium, including cabling types and pinouts, voltage levels, and physical transmitters and receivers. Physical mediums include coaxial cable, twisted-pair cable, fiber optics, and wireless. As shown in Figure 1-1, the physical layer is divided into four sections: AN OVERVIEW OF NETWORKING Physical layer signaling (PLS) Defines how the signaling should be performed Attachment unit interface (AUI) Defines the transceiver cable specifications Physical medium attachment (PMA) Defines the actual transceiver specifications Medium-dependent interface (MDI) Specifies the actual connection between the transceiver and the specific cable type the transceiver is designed for An example of a physical layer device is a repeater, which simply refreshes the incoming signal and repeats it, increasing the overall distance that the signal can travel before degrading beyond use. Data-Link Layer (Layer 2) The data-link layer is responsible for transmission, flow control, and error detection, so that data received by the lower layers is screened for potential problems before being passed to the higher layers. The data-link layer is broken into two sublayers (see Figure 1-1): Logical Link Control (LLC) Handles the interface between the upper layers, and connection to the physical media type. The LLC, which is defined in the Institute of Electrical and Electronics Engineers (IEEE) 802.2 standard, provides a common interface between the upper layers and the particular network architecture. Media Access Control (MAC) Responsible for receiving data from the LLC and actually encapsulating the data into the correct packet format for transmission onto the physical media. The MAC layer first determines whether the physical media is available for transmission, and then determines whether retransmission is necessary due to a collision or other failure. The receiving MAC is responsible for error checking and passing the data to the LLC. Network Layer (Layer 3) The network layer is responsible for logical addressing, which involves mapping logical addresses to MAC-layer addresses so that devices can intercommunicate. Layer 3 also is responsible for determining a packet s destination and making sure that packets are

6 Nortel Networks: The Complete Reference correctly routed through the network. The Internet Protocol (IP) is an example of a protocol that exists at the network layer. Transport Layer (Layer 4) The transport layer is responsible for repackaging long messages into a series of smaller packages (if necessary), and then sequencing these packages so that they can be reassembled at the receiving end. Layer 4 also is responsible for determining the packet size, based on the amount of data being sent, as well as the network architecture being used (Ethernet, FDDI, and so forth). When the transport layer receives data from the network layer, it makes sure that the frame sequence is in order and that the sequence doesn t have any duplicate or missing frames. Other transport layer responsibilities include error recognition, error recovery, and sending receipt acknowledgements. Session Layer (Layer 5) The session layer is responsible for allowing two remote applications to establish a session between them. This includes setting up, maintaining, and ending such a session, as well as regulating data flow for the sending and receiving sides. The session layer defines the rules associated with any such session, as well as determining and monitoring the service type (best effort, required acknowledgements, handshaking, and so forth). Presentation Layer (Layer 6) The presentation layer receives information from the application layer and provides intermediary services, such as data compression and data encryption. It also handles the translation between different file formats. Application Layer (Layer 7) The highest layer, the application layer, involves the actual applications used across the LAN, which can include e-mail systems and database applications. The application layer represents the actual application manipulated by the user. Networking Architectures A variety of LAN and WAN architectures have been developed over the years to transport network data. Some of the common LAN types include Ethernet, token ring, FDDI, and ATM. Some of the popular WAN methods include frame relay, T-1 lines, Integrated Services Digital Network (ISDN), and Digital Subscriber Line (DSL). Each network type has its own advantages and disadvantages; Ethernet, token ring, and ATM are covered in this book, along with managing LAN traffic with switches and bridges, and internetworking these technologies with routers and routing switches.

Chapter 1: Networking and the OSI Model 7 Ethernet The Ethernet 802.3 standard, which is perhaps the most common networking architecture, began to be developed by Xerox in 1973 as a bus topology data-passing system. Later, in 1980, the first version of Ethernet (as we know it today) was released by a partnership of Digital, Intel, and Xerox (DIX), although the current 802.3 standard wasn t approved until 1983. The original Ethernet network consisted of physical segments of 10Base5 coaxial cable fitted with transceiver taps, which provided connectivity to individual stations, as well as to devices such as repeaters, bridges, and routers in a bus-type architecture. Since its conception, Ethernet has evolved from the thick-coax backbone to the chassis-based, stand-alone, hub-and-switch implementations that are commonly used today. Ethernet has also grown from its original 10 Mbps capacity to include 100 Mbps, as well as 1,000 Mbps, with support for both half-duplex communications (in which data is transmitted and received in turn) and full-duplex communications (in which data is received and transmitted simultaneously). Ethernet has also evolved to run over a very wide variety of media types, such as thin-coax, twisted-pair, fiber optics, and microwave. Ethernet supports a theoretical maximum of 1,024 end stations per segment. However, depending on the types of network traffic and their bandwidth requirements, you generally are advised to use a more conservative number. You can manage Ethernet traffic by separating individual segments with devices such as bridges, switches, and routers. AN OVERVIEW OF NETWORKING Token Ring First established in the 1970s, token ring became the network architecture of choice for IBM s Systems Network Architecture (SNA) protocol. As its name implies, token ring is a token-passing, ring-based system in which an individual station must have possession of a MAC frame, called the token, before it can transmit data. Token ring is designed to run at speeds of 4 or 16 Mbps, with full-duplex token ring designed to run at speeds up to 32 Mbps. Token ring is rated to run over a variety of different media types, including shielded twisted-pair (STP), unshielded twisted-pair (UTP), and fiber optics. Token ring supports a maximum of approximately 250 stations per ring, and, as with Ethernet, rings (segments) can be separated by bridges, switches, or routers to manage network traffic more efficiently. Fiber Distributed Data Interface (FDDI) The Fiber Distributed Data Interface is described in the XT39.5 American National Standards Institute (ANSI) specification. Like token ring, FDDI is a ring-based, token-passing system consisting of a dual-ring system in which one ring is primary and the other ring is secondary. Stations in an FDDI network are either single-attached, to the primary or secondary ring only, or dual-attached, to both rings simultaneously.

8 Nortel Networks: The Complete Reference In the event of a ring failure, the primary and secondary rings may be wrapped together, ensuring the ring s integrity. FDDI utilizes a token-passing system that is more efficient than token ring and that has greater bandwidth: 100 Mbps compared to token ring s 4, 16, or 32 Mbps. For these reasons, as well as the additional cost associated with it, FDDI is generally considered to be a backbone technology. Despite its name, FDDI is also rated to run over copper (sometimes referred to as CDDI, or FDDI over copper). FDDI rings can be separated by bridges, switches, or routers. Asynchronous Transfer Mode (ATM) ATM is a connection-oriented network architecture, in which point-to-point or point-to-multipoint circuits are built end to end throughout the network to pass data between two end systems. These circuits consist of pairings of virtual paths and virtual circuits that identify data flows uniquely throughout the ATM mesh. Unlike Ethernet, token ring, and FDDI, ATM doesn t use varying sized frames, but instead uses fixed-sized 53-byte cells to transmit data. ATM connections provide a bandwidth of 155 Mbps (OC3), 622 Mbps (OC12), 100 Mbps (TAXI Transparent Asynchronous Transmitter/Receiver Interface), and 45 Mbps (DS3). Other implementations are being developed to provide even greater bandwidth. ATM is rated to run over fiber optics and twisted-pair, and the possibility of wireless ATM is currently being studied. ATM functions in a variety of different ways, including the following: Native ATM Devices utilize ATM addresses to route data throughout the switched network. LAN Emulation (LANE) If ATM is being used in conjunction with legacy LAN technologies, such as Ethernet or token ring, LANE may be used to handle the broadcast and multicast functions, which aren t inherent in ATM. LANE currently doesn t support FDDI networks. Wide Area Inevitably, it becomes necessary to interconnect enterprise LANs at different sites, and a wide array of technologies have been developed over the years to accomplish this. From the enterprise perspective, this typically involves a connection to a public provider that is responsible for carrying the data from a myriad of customers. Passing data from one location to another geographically remote location can be accomplished in a variety of ways: leased T-1 or fractional T-1, T-3, leased 56 Kbps or 128 Kbps lines, frame relay, DSL, ISDN, E-1 (in Europe), and cable modems, to name a few. ATM can also often be found in the carrier class network, and a direct ATM connection can also be utilized as a wide area technology. While T-1 and T-3 connections to the public carrier are still common, they provide somewhat limited bandwidth; for instance, a T-1 connection provides a 1.544 Mbps

Chapter 1: Networking and the OSI Model 9 channel. Given the capabilities of more recent technologies such as ATM and gigabit Ethernet, which are capable of offering up to gigabit rates and beyond as well as the soaring bandwidth demands of web applications such as streaming video, wide area technologies can be expected to remain as dynamic as those in the enterprise arena. Networking Components In keeping with the OSI model, different networking components function at different layers. For instance, repeaters operate at the physical layer (Layer 1) of the OSI model, switches operate at the MAC or bridging layer (Layer 2), and routers operate at the network layer (Layer 3). Some hybrids, such as the routing switch, have the capability of operating at different levels simultaneously. Each networking component has a unique purpose, and each has its own circumstances in which it is best used. In general, devices such as bridges, switches, and routers are used not only for the transport of network data, but also for the organization and management of LAN and WAN traffic. Each technology has a limited bandwidth; thus, in practice, limiting the scope of network traffic is a good idea so that it goes only where it specifically needs to go. This reduces unnecessary overhead and prevents bandwidth from being wasted on data that will never be used. Some of the devices used to manage traffic and limit the scope of network traffic are discussed in the following sections. AN OVERVIEW OF NETWORKING Repeaters A repeater is a Layer 1 device whose only purpose is to revitalize incoming signals and then repeat the signal out one or more ports. Each data impulse can travel only a certain distance before the signal degrades to the point where it can no longer be interpreted at the receiving side; the exact distance depends on the technology being used (Ethernet, token ring, FDDI, and so forth) and the media type over which the signal is traveling (twisted-pair, coaxial cable, fiber optics, and so forth). This distance can be increased, in most cases, by positioning a repeater device to clean up and boost the signal, and then send it off again. The maximum distance that the signal can travel is generally defined by the protocols used by the technology. For instance, an Ethernet impulse must make its round trip (from sender to receiver, and then back to sender) in 51.2 ms. This is the window that the Ethernet specification allots for the sender to determine whether a collision has taken place. A collision requires retransmission of the lost frame, so the sender must be able to determine whether the last frame transmitted was received before it sends the next frame. Initially, repeaters were generally stand-alone devices, used to increase the distance of transmissions over traditional 10Base5 coaxial backbones, connecting them via unpopulated links known as inter-repeater links (IRL). Today, repeater functionality exists in hubs, switches, and other networking devices.

10 Nortel Networks: The Complete Reference If a repeater detects 32 consecutive collisions, it partitions the port upon which the collisions were received. This is done to protect the rest of the network from the problems occurring on a single port, because a straight repeater normally forwards all traffic, including collisions. If a port enters a partitioned state, it is separated from the rest of the network, and no signal will pass through it. Each time a transmission is destined for the partitioned port, the repeater attempts to send; if a collision occurs on that port, the port remains in a partitioned state. If the transmission is successful, the port automatically unpartitions and rejoins the network. The following are the two basic repeater types: Class I repeaters Incur a 168-bit time delay between the input and output ports; generally used when varying physical types are being used, such as 10BaseT in combination with 100BaseT or 100BaseFL. Class II repeaters Incur a 92-bit time delay (maximum) between the input and output ports; generally used when a single physical type is used. Bridges Bridges provide a way to expand a LAN beyond the scope of its local limitations. For instance, a token ring may support a maximum of 250 stations. A bridge placed between two such rings enables the maximum number of stations in the network to be doubled to 500 stations, while still allowing communication between the two rings. Likewise, in an Ethernet network, bridges can be used to establish intercommunication between separate segments. For example, 200 users on a single segment works much less efficiently than four segments of 50 users each, interconnected by Ethernet bridges. The specifics of how bridges make their forwarding or filtering decisions, as well as the specifics of the Spanning Tree Protocol (STP) used to prevent network loops in bridged networks, are covered in Chapter 2 for Ethernet and in Chapter 23 for token ring. Store-and-Forward Bridges Store-and-forward bridges receive and store the entire packet before forwarding, if the packet is to be forwarded. After the store-and-forward bridge receives a packet in its entirety, it checks the frame for errors before sending it out to the appropriate interface. Consequently, by examining each packet, store-and-forward bridges add an increased propagation delay, but they prevent the possible propagation of errors and corrupted frames. Cut-Through Bridges Cut-through bridges forward frames the instant that the filter or forward decision can be made. If the proper entries already exist in the bridge s forwarding table, a cut-through bridge begins forwarding the frame as soon as the destination address is known, without performing any error checking. Cut-through bridges are faster for this reason, but they don t prevent the propagation of potentially corrupt frames.

Chapter 1: Networking and the OSI Model 11 Translational Bridges Translational bridges can be used to interconnect LANs of different types, such as Ethernet and token ring. Translational bridges perform frame conversion between the different LAN types, and make filter or forwarding decisions for bridges, performing these actions in such a way that the bridging functions and the translations are invisible to the end stations on either LAN. Switches In concept, switches are very similar to bridges; each uses a forwarding table of MAC addresses to determine where each address is located and, based on that information, whether incoming frames should be filtered or forwarded. Switches can be regarded in many ways as multiport bridges, although they are often now positioned more as a concentrator would be. Switches employ the same filter-or-forward method as bridges do, on a port-by-port basis. Although a switch port usually is similar in appearance to a shared-media hub or concentrator, each switch port acts as a bridge port, and collisions aren t propagated beyond the local bridged port. This places each individual port in its own collision domain, whereas the switch as a whole remains in a single broadcast domain (provided virtual LANs, or VLANs, aren t being used). Each switch port also participates in the Spanning Tree Protocol (if enabled), which means that redundant connections may exist between switches. Switches have traditionally been positioned as core devices, hosting a series of separate hubs (segments). However, as the per-port cost of switches continually declines, switches more commonly are being used to host individual users, replacing shared-media hubs altogether. Virtual LANs (VLANs) Another innovation of switching technology is the concept of the virtual LAN. VLANs provide a way of logically, rather than physically, separating groups of users in a common network, and they can be user-configured to allow a single physical switch to be divided into several logical broadcast domains. As with any separate broadcast domains, communicating from one VLAN to another requires the use of a router. VLANs have become very common since their inception some years ago; they provide a very valuable function in the network, since keeping broadcast domains reasonably small cuts down on overhead and increases performance without having to necessarily purchase additional equipment. In conjunction with multicast protocols, such as DVMRP (Distance Vector Multicast Routing Protocol) and IGMP (Internet Group Management Protocol), VLANs can help keep departments traffic isolated to only those who need to see it, and increase network efficiency considerably. VLANs have gone through different iterations, particularly in the early days of the technology when no standard had yet been arrived at. Typically, these early VLANs were port based, and they used proprietary protocols (such as Nortel Networks AN OVERVIEW OF NETWORKING

12 Nortel Networks: The Complete Reference LattisSpan technology). VLANs have now been standardized under the 802.1Q VLAN standard, and use a method known as frame tagging. More information on VLANs can be found in Chapter 9. Routers Routers operate at the network layer (Layer 3) of the OSI model. Routers are much more complex than bridges or switches and are used to separate broadcast domains within the network. In a traditional bridged or switched network, broadcasts are propagated out all ports; this is the method used initially to discover unknown destination address locations and to ensure that broadcast traffic is received by all stations in the broadcast domain. Broadcasts are not propagated by routers. A multiport router, upon receiving an Address Resolution Protocol (ARP) broadcast, for example, won t flood the packet. Instead, the multiport router first uses the Layer 3 protocol information (IP, in this case) to determine with which network the destination is associated, and then it initiates its own ARP broadcast if the destination network is associated with one of its local interfaces, or it forwards the packet to the next hop on the way to the destination network. This cuts down tremendously on the amount of broadcast traffic in the network as a whole and directs broadcasts only where they need to go (and no further). Routers support a variety of Layer 3 protocols, such as IP, Internetwork Packet Exchange (IPX), DECnet, and AppleTalk, and they provide a way to organize LAN traffic at the network layer. Routers also utilize their own Layer 3 routing protocols to communicate network information to one another, ensuring that data arrives at its proper destination in the most efficient manner. Such routing protocols include Open Shortest Path First (OSPF), the Routing Information Protocol (RIP), and RIPv2, which are covered in Chapters 32 and 33. Routers can also facilitate the translation between dissimilar network architectures, such as Ethernet, token ring, FDDI, and ATM. This translation can occur at the network layer or, if bridging services are supported on the router, at the data-link layer. Protocol-Based Traffic Management Different protocols operate in different ways, but each provides a logical addressing system that maps to the hardware address at the MAC layer. This allows packets to be routed through the network according to the logical addressing scheme, which, in turn, allows packets to be routed over greater distances while minimizing the amount of broadcast traffic within each domain. Wide Area Routing Routers are generally used for wide area connections, too. However, because wide area bandwidth is usually limited, only traffic that is destined for the remote network should be sent across the connection, which means that broadcast traffic associated with each domain should be excluded. There are a variety of wide area connections,

Chapter 1: Networking and the OSI Model 13 including point-to-point connections over T-1 lines or other leased lines such as 56 Kbps or 128 Kbps lines, frame relay connections, and ISDN. Layer 3 Switching Layer 3 switches, sometimes referred to as routing switches, are a relatively recent development in networking technology. As the name implies, the Layer 3 switch is a hybrid device, combining the functionality of a router and a Layer 2 switch. The Passport 1000 and 8000 series are examples of routing switches. The idea behind Layer 3 switching is to make the device Layer 3 protocol aware and capable of steering traffic correctly based on Layer 3 information, but to prevent it from actually going into the third layer of the packet, thus avoiding the overhead associated with true routing. The Passport product line also supports true routing and port-based VLANs. Layer 3 switches generally use the 802.1Q frame-tagging specification. Port-Based VLANs Layer 3 protocols can be kept separate by issuing them into port-based VLANs. A port-based VLAN is not protocol aware; but different protocols, or even different IP subnets, can be segmented into these separate broadcast domains, while a router may be used to route between them. By using frame tagging, the traffic can be kept separated, even when it is passed from switch to switch based on its tag, so that it can be distributed to the proper VLAN at the receiving switch. For example, this allows users on IP subnet 150.50.10.0 in VLAN 1 to communicate with other users on the same subnet as long as they are also in VLAN 1, even though they may be on different switches. Protocol-Based VLANs Protocol-based VLANs use Layer 3 information to route packets through the switched network. By examining the Protocol ID in each frame, the VLAN can determine which protocol the frame uses and, based on this Layer 3 information, perform frame distribution at Layer 2 of the OSI model. For example, a Layer 3 switch configured with an IP VLAN, an IPX VLAN, and an AppleTalk VLAN could be configured with a port that is a member of all three VLANs. If a segment containing groups of users (each of which utilizes one of these three protocols) is connected to this port, then incoming traffic on this port will be distributed to the appropriate VLAN based on Protocol ID. Layer 3 Switching by IP Subnet The Passport routing switch functionality enables traffic to be distributed both by IP Protocol ID (0800) and, after the protocol is identified as IP, by subnet. This allows incoming traffic to be distributed not only into different VLANs based on their different protocol types, but also within the IP protocol based on an even more specific designation. AN OVERVIEW OF NETWORKING

14 Nortel Networks: The Complete Reference For example, IP subnet 150.50.10.0 can be distributed into VLAN 1, and IP subnet 150.50.20.0 can be distributed into VLAN 2, without the use of a router to make that decision. The specifics of this function are covered in Chapter 7. Virtual Router Services The Passport product line also includes traditional routing services in the form of an internal virtual routing entity, capable of routing between VLANs, isolated routing ports, and any combination of the two. This entity supports protocol distribution at the second layer, for traffic management between switches, combined with true Layer 3 routing.