Posts Tagged ‘layer’

Switching Logic

June 8, 2012

If you are a junior admin in a small to medium organization then building campus network is simple. Buy several switches, connect desktops and switches together and that’s it. You don’t need any additional configuration, all switches work right out of the box. However, it’s important to understand how packet switching work to troubleshoot problems that can show up later in your work.

Switching works on TCP/IP Layer 2. It means that networking hardware logic operates with MAC addresses. Each time switch receives a packet from any workstation or server it remembers its MAC address and port it was received from. It’s called MAC address or switching table. When somebody wants to send a packet to an other host with particular IP address he sends an ARP request packet. Like tell me who has 12.34.56.78 IP address. Host replies with its MAC address and sender can form a package to it.

Initially switch has empty switching table and does not know where to send packets. When switch doesn’t have particular MAC address in its table it forwards (floods) the packet to all ports. If the next switch doesn’t know this MAC, it further forwards the packet. When packet finally reaches its destination, host answers and switch adds its MAC address into the table.

If you don’t use VLANs, all switches in your network form a broadcast domain. It means that when host sends a broadcast message, ARP request for example, and host with this IP address is powered off then this ARP request will traverse the whole network. It’s important to bear in mind that if you have many hosts in your network, broadcast messages can eventually slow it down. VLANs are usually a solution here.

TCP/IP layers in a nutshell

June 5, 2012

In contrast to the reference OSI networking model (which is not used in any contemporary OS), TCP/IP in its modern updated version has five layers: Application, Transport, Internet, Data Link and Physical.

Application layer deals with everything in regards to high level protocols, like HTTP for example. Say HTTP header with code 200 which means “OK” is a part of the Application layer. This layer is implemented as standard APIs, like WinHTTP API in Windows for example.

Next layer is the Transport Layer. TCP is the most obvious implementation of it and is responsible for error detection. TCP adds a number to each segment, which allows simple packet loss detection on the other end. I believe Unix Socket is an implementation of Transport Layer (as well as Internet Layer, probably) in Unix/Linux.

Internet Layer adds IP addressing and routing to the TCP/IP Networking Model and includes numerous protocols.

Data Link Layer is the Ethernet. It implements MAC addressing, framing and error detection in terms of corrupted data inside a frame.

Physical Layer is focused mostly on transferring data across media. Examples of Physical Layer for Ethernet are: 10BASE-T (ancient coaxial cabling), 100BASE-TX, 1000BASE-T, etc. I guess it is implemented on the NIC driver level.