Today’s computers, tablets and smartphones can communicate with the University’s systems and virtually any device on the Internet thanks to a well-defined set of devices and protocols that have evolved over the years, coordinated by the Internet Engineering Task Force (IETF). This discussion describes the role of each of the devices that are used in modern digital communications.
In this first portion of the discussion, we will focus on basic “wired” connections where the computer sending the communication message and the computer receiving it are both physically connected to their respective networks via an “ethernet cable”, i.e., copper or fiber optic cable that is capable of exchanging data using the “ethernet” communications protocol.
The Ethernet protocol
The term “protocol” refers to the customary sequence of communication messages exchanged among devices that they use to get each other’s attention, to indicate that they are ready to communicate, to pass data between them and to provide the status of the messages exchanged. In modern networking, there are many protocols at many levels, each with its own specific purpose. In casual conversation, you may hear the term "handshake" used as a synonym for the term "protocol”.
The ethernet protocol is one where devices get each other’s attention by sending communications messages or “packets” onto the network whenever they need to. Since one device on a network could send a packet at exactly the same time as another, packet “collisions” can occur which nullify the packets of both senders, delaying the transmission and requiring them to send their packets again, hopefully not at the same time.
In ethernet’s early years all devices in an organizational group typically were connected to a “hub”. A hub is a device to which all devices sharing a physical network can be a physically connected to form a “Local Area Network” or “LAN”. Hubs do little more than enable the electrical currents from a computer sending a packet to pass to all other devices connected to it. Since a hub was the electronic equivalent of shouting in a room as necessary, as the number of devices increased, the number of collisions increased and LAN performance ground to a halt. In a hub-centric environment, the message packets being sent by each device that is connected to the hub can be “seen” by every other device on the hub whether they are involved in the conversation or not. So, hubs can facilitate message eavesdropping.
To remedy the performance and privacy issues of hub technology, "switch” technology was developed which greatly improved on the hub functionality by adding logic to:
- Pace the packets being transmitted onto the network,
- Direct messages only to the devices that are involved in the communication resulting in:
- A significant reduction in packet collisions and the communication burden for all connected devices,
- Improved network performance, and
- Enhanced security since message data packets are not broadcast to all devices, limiting their ability to “eavesdrop”.
Local Area Networks (LANs) and the Address Routing Protocol (ARP)
A local area network or "LAN" is a collection of devices that are physically connected to the same hub, switch or group of interconnected switches. To function properly, LANs are configured so that any device can send a broadcast message that can be seen by all devices on the LAN. For this reason, LANs are often referred to as "broadcast domains".
The ability of each device to send broadcast messages to all devices on the LAN is important because when a device needs to initiate a communication session with another device on the LAN, the sending device usually only knows the logical Internet Protocol (IP) address of the intended target system. However, the way networks function, any message being sent must ultimately be directed not to the target system's logical IP address, but to an address that is built into the target computer's physical network interface known as the MAC address.
To obtain a MAC address for the target system, the sending computer must broadcast, the equivalent of shouting out, a message to all devices on the LAN asking the device that has been assigned the target IP address to reply with its built-in hardware MAC address. After the device assigned to that IP address responds to the sending system, the sending device then directs the communication message that it wants to send to the MAC address of the target system. This protocol that resolves the MAC address among LAN-based devices is called the Address Resolution Protocol or "ARP". As each device obtains IP address/MAC addresses pairs for devices on the LAN with which it has communicated, it caches the address values so that it does not need to send the same broadcast requests over and over again.
In the past, if a device needed to determine an IP address for a known MAC address, it would use a protocol called Reverse ARP or "RARP", but that protocol is now rarely used and is considered obsolete.
Another characteristic of a LAN is that all devices on the LAN have the same value in the portion of their IP addresses that identifies their network or subnet. By comparing the network identifying portion of its IP address with that of the target device, the sending system knows whether or not the target device is on the same LAN.
Note - Please visit the web page entitled "Network fundamentals - Internet protocol and IP addressing" for more details about IP addressing.
Virtual LANs (VLANs) and Trunking
As stated earlier, physical LANs include all devices on a hub, on a switch or on a group of interconnected switches. When using physical LANs exclusively, you would need at least as many switches as you have LANs that you want to implement. Virtual LAN or "VLAN" technology enables an organization to use one physical switch to serve multiple VLANs, in many cases saving hardware costs by enabling the organization to buy one large switch instead of many small ones.
The way VLANs are identified is simple: each switch port that will be used to serve one VLAN is configured to have the same VLAN number assigned. So if I have a switch with twenty ports, I might configure the switch ports so that six switch ports are assigned to VLAN "1", five others to VLAN "2" and nine switch ports to VLAN "3". The functioning of VLANs and LANs are identical as far as the computers connected to the switch are concerned.
VLANs can span across multiple interconnected switches through a function called "trunking". With trunking configured, all physical ports on the multiple switches that have the same VLAN number are considered one VLAN.
Port mirroring and span ports
Network security devices often need to evaluate all traffic that is passing through its LAN from any device to any device to determine if there is a possible attack in progress, to collect statistics, etc. Since switches only send communication messages to the identified target device (except broadcasts), the network security device cannot effectively perform its intended purpose on a normal switch port. For this reason, a switch can be configured so that a certain physical switch port "mirrors" all communication traffic on an entire LAN or VLAN. This "span port" will receive a copy of every communication message that is initiated by or directed to every device that is connected to its LAN or VLAN.
When a device in a Local Area Network needs to communicate with a device on another LAN, it must send that traffic to a specialized device connected to the LAN called a “router” whose purpose is to find the best path for the message to take to arrive at the intended target device, and to send the message along its way following that path.
In order to allow the billions of devices on the Internet to find each other, routers regularly need to communicate among themselves using protocols that enable them to share routing information so that, when a device needs to send a communication message to a target device, the routers work together to determine the best path for the message packet to use to arrive at the intended target device.
Each router port is configured with a specific routing protocol that is associated with that port's function. For example, a router port that connects to the Internet must learn how to efficiently route communication messages to destinations around the world. Protocols that facilitate this are called "gateway routing protocols" and have names such as the Border Gateway Protocol ("BGP") or Exterior Gateway Protocol ("EGP"). A router port that connects to an organization's internal networks must learn the how the organization's network is configured to efficiently route traffic throughout the organization. Protocols that serve this purpose are called "interior routing protocols" and have names such as Enhanced Interior Gateway Routing Protocol ("EIGRP"), Interior Gateway Routing Protocol ("IGRP"), Open Shortest Path First ("OSPF"), Routing Information Protocol I and II ("RIP"/"RIP II").
Other devices involved in network communications
Dynamic Host Configuration Protocol or "DHCP" servers
There are two ways to assign an IP address to a device joining the network:
- One method is to have the device’s administrator manually type in an unused IP address from the appropriate address range that he or she received from the network administrator into the device’s configuration.
- The other method, is to configure each device so that when it connects to the network, it asks a specialized computer on the network running “DHCP server” software to assign it an IP address from the address range associated with the network.
The use of DHCP servers significantly reduces the amount of administrative effort associated with assigning, unassigning and keeping track of IP addresses, and it is very rare these days for organizations not to use DHCP.
Domain Name Service or “DNS” servers
Earlier, we had mentioned that a target device could be located by its IP address or by its device or “host” name. If a device needs to connect to a device, but only knows its name, e.g., www.uhcl.edu, it can ask a computer configured with Domain Name Service ("DNS") software to find the IP address of the intended target device by its host name.
Each DNS server holds information about the devices that are part of an organization’s network. It also keeps track of the addresses of specialty devices that the world needs to find, e.g., the e-mail servers. The DNS server is not merely a standalone directory service. In cases where a sending device needs to find the address of a device that belongs to a different organization, the DNS will locate the appropriate DNS server anywhere on the Internet to give you the appropriate target device’s IP address information.
Wireless access points
Wireless access points are devices that have both switch and router functionality. The devices that connect wirelessly to the access point all behave as if they were on a single wired LAN, even though there are no wires involved. When a wirelessly-connected device sends a message to a device on the organization’s wired network, the wireless access point assumes router functionality, helping its wireless client find and direct traffic to the target device.
There are a number of wireless protocols used in the communication between the wireless device and the wireless access point from the simplest, least secure Wireless Encryption Protocol ("WEP") to the more secure WiFi Protected Access 2 protocol ("WPA2"). Always use WPA2 if you have the chance to choose it for your environment, since wireless signals can be viewed by anyone using an inexpensive electronic eavesdropping device.
Cable modems, DSL modems, modems
Cable, DSL and telephone-based modems are functionally the same as routers as far as the communication of message packets is concerned. The primary difference is that the three modem protocols convert the ethernet signals into those that are compatible with the cable provider’s, DSL provider’s or telephone carrier’s transmission systems.
Bringing it all together – Sample network communication flow
Note - This example assumes that both the sending and target devices are both physically cabled to their LAN switches. Cases where one or both devices access the network wirelessly through a wireless router, or one or both of the devices are directly connected to a router without an intermediate switch, will be discussed in a subsequent section.
- If the sending device only knows the target device’s host name, it will send a message to the DNS server containing asking for the device’s IP address. The DNS will return the requested information from its own records, from its “cache” of previously looked up addresses, or by communicating with other DNS servers.
- Once the sending device knows the target device’s IP address, it will determine whether or not the devices are on the same LAN by comparing the network component of the sending and target device's IP address. If they are equal, they are on the same LAN. For more information about the IP address structure, visit the "Internet protocol and IP addressing" web page.
- If it is determined that the target device is on the same LAN
- If the sending device has already communicated with the target device and has the MAC address associated with the target device’s IP address in its cache, proceed to step 3.4.
- The sending device sends a broadcast message to all devices on the LAN asking for the network hardware address (MAC address) of the target system,
- The target device responds with its MAC address which the sending device adds to its cache,
- The sending device adds the target device’s MAC address to the message header,
- The sending device sends the message packet to the switch,
- The switch finds the target device on the LAN by its MAC address,
- The switch sends the message to the target device.
- If it is determined that the target device in NOT on the same LAN:
- If the sending device has already communicated with the LAN's router and has the MAC address associated with the LAN's router in its cache, proceed to step 4.4.
- The sending device sends a broadcast message to all devices on the LAN asking for the network hardware address (MAC address) of the LAN’s default router,
- The router responds with its MAC address which the sending device adds to its cache,
- The sending device adds the default router’s MAC address to the message header,
- The sending device sends the message packet to the switch,
- The switch finds the default router on the LAN by its MAC address,
- The switch sends the message to the default router.
- The default router checks its routing table (that it continually builds by communicating with other routers) to determine the adjacent router that provides the best path for the message to take ("next hop"). Routing decisions are based upon a number of factors, including line speeds, number of intermediate routers ("hops") that need to be involved in the transmission, etc.
- The default router then determines the physical port that connects it to the next hop,
- If the default router has already communicated with the next hop and has the MAC address associated with the next hop's IP address in its cache, proceed to step 4.13,
- The default router sends a broadcast message across the physical connection to the next hop asking for the next hop's network hardware address (MAC address),
- The next hop responds with its MAC address which is stored in the default router's cache,
- The default router adds the next hop’s MAC address to the message header,
- The default router sends the message packet to the next hop across their physical network connection,
- Steps 4.8 through 4.14 are repeated with each hop replacing the default router in each step for as times as is necessary to get to the destination router, i.e., the router on the target device’s LAN.
- If the destination router already “knows” the MAC address of the target device, proceed to step 4.19.
- The destination router sends a broadcast message to all devices on the LAN asking for the network hardware address (MAC address) of the target system,
- The target device responds with its MAC address which the destination router adds to its cache,
- The destination router adds the target device’s MAC address to the message header,
- The destination router sends the message packet to the destination switch,
- The destination switch finds the target device on the LAN by its MAC address,
- The destination switch sends the message to the target device.
What if the sending or the target device is connected directly to the router without a switch?
In cases where one or both of the devices are connected directly to a router without the benefit of a physical switch, the logical flow of the message packets are fundamentally the same as described in the sample. Just think of the router serving both roles, providing both the switch and the router functionality.
What if the sending or target device is communicating via a wireless access point?
While the physical differences between wired and WiFi connections are obviously very different, the logical flow of the message packets are fundamentally the same as described in the sample as well. Just as in case described in the previous paragraph, the wireless access point provides both the switch and router functionality.