This networking tutorial is primarily about TCP/IP network protocols and ethernet network architectures, but also briefly describes other protocol suites, network architectures, and other significant areas of networking. This networking tutorial is written for all audiences, even those with little or no networking experience. It explains in simple terms the way networks are put together, and how data packages are sent between networks and subnets along with how data is routed to the internet. This networking tutorial is broken into five main areas which are:

1. Basics - Explains the protocols and how they work together
2. Media - Describes the cabling and various media used to send data between multiple points of a network.
3. Architecture - Describes some popular network architectures. A network architecture refers to the physical layout (topology) of a network along with the physical transmission media (Type of wire, wireless, etc) and the data access method (OSI Layer 2). Includes ethernet, Token Ring, ARCnet, AppleTalk, and FDDI. This main area of the networking tutorial can and should be skipped by those learning networking and read later.
4. Other Transport Protocols - Describes IPX/SPX, NetBEUI, and more.
5. Functions - Explains some of the functionality of networking such as routing, firewalls and DNS.
6. Further Details - Gives information about some protocols not covered in the "Basics" section. In the future, it will include more information about packet fragmentation and re-assembly along with more details about UDP and especially TCP and TCP connections.
7. More Complex functions - Documents multicasting, dynamic routing, and network management
8. Applications - Documents how some of the applications work such as ping and traceroute. In the future, it will cover telnet, Rlogin, and FTP.
9. Other Concerns - Includes installing drivers, network operating systems, applications, wide area networks, backing up the network and troubleshooting the network.
10. References - Includes a reference list of terms, RFCs and recommended reading.

The reader may read this networking tutorial in any order, but for beginners, it would be best to read through from the beginning with the exception of sections 2 (media), 3 (architecture), and 4 (other). At some point, however, the reader should be able to break from the basics and read about routing and IP masquerading. There are no links to various reading material or software packages inside this networking tutorial, except under the references section. This is because it is more structured, and makes it easier to keep the networking tutorial current.

This networking tutorial will first talk about the network basics so the reader can get a good grasp of networking concepts. This should help the reader understand how each network protocol is used to perform networking. The reader will be able to understand why each protocol is needed, how it is used, and what other protocols it relies upon. This networking tutorial explains the data encapsulation techniques in preparation for transport along with some of the network protocols such as IP, TCP, UDP, ICMP, and IGMP. It explains how ARP and RARP support networking. In functional areas, such as routers, several examples are given so the user can get a grasp on how networking is done in their particular situation. This networking tutorial covers routing, IP masquerading, and firewalls and gives some explanation of how they work, how they are set up, and how and why they are used. Firewalls and the available packages are described, but how to set them up is left to other documentation specific to the operating system and the package. Application protocols such as FTP and Telnet are also briefly described. Networking terms are also explained and defined.

This networking tutorial explains the setup of networking functions using Linux Redhat version 6.1 as an operating system (OS) platform. This will apply to server functions such as routing and IP masquerading. For more documentation on setting up packages, read documentation on this web site and other locations specific to the operating system and the package. If you know how to set up other operating servers such as Windows NT, you can apply the information in this networking tutorial to help you understand how to configure services on that OS platform.

This networking tutorial was written because I perceived a need for a basic networking document to explain how these networking services work and how to set them up, with examples. It will help a novice to learn networking more quickly by explaining the big picture concerning how the system works together. I have seen much good networking documentation, but little that explains the theory along with practical setup and applications.

A network consists of multiple computers connected using some type of interface, each having one or more interface devices such as a Network Interface Card (NIC) and/or a serial device for PPP networking. Each computer is supported by network software that provides the server or client functionality. The hardware used to transmit data across the network is called the media. It may include copper cable, fiber optic, or wireless transmission. The standard cabling used for the purposes of this document is 10Base-T category 5 ethernet cable. This is twisted copper cabling which appears at the surface to look similar to TV coaxial cable. It is terminated on each end by a connector that looks much like a phone connector. Its maximum segment length is 100 meters.

Network Categories

There are two main types of network categories which are:

• Server based
• Peer-to-peer

In a server based network, there are computers set up to be primary providers of services such as file service or mail service. The computers providing the service are are called servers and the computers that request and use the service are called client computers.

In a peer-to-peer network, various computers on the network can act both as clients and servers. For instance, many Microsoft Windows based computers will allow file and print sharing. These computers can act both as a client and a server and are also referred to as peers. Many networks are combination peer-to-peer and server based networks. The network operating system uses a network data protocol to communicate on the network to other computers. The network operating system supports the applications on that computer. A Network Operating System (NOS) includes Windows NT, Novell Netware, Linux, Unix and others.

Three Network Topologies

The network topology describes the method used to do the physical wiring of the network. The main ones are bus, star, and ring.

1. Bus - Both ends of the network must be terminated with a terminator. A barrel connector can be used to extend it.
2. Star - All devices revolve around a central hub, which is what controls the network communications, and can communicate with other hubs. Range limits are about 100 meters from the hub.
3. Ring - Devices are connected from one to another, as in a ring. A data token is used to grant permission for each computer to communicate.

There are also hybrid networks including a star-bus hybrid, star-ring network, and mesh networks with connections between various computers on the network. Mesh networks ideally allow each computer to have a direct connection to each of the other computers. The topology this documentation deals with most is star topology since that is what ethernet networks use.

Network Hardware Connections Ethernet uses star topology for the physical wiring layout. A diagram of a typical ethernet network layout is shown below.   On a network, a hub is basically a repeater which is used to re-time and amplify the network signals. In this diagram, please examine the hubs closely. On the left are 4 ports close to each other with an x above or below them. This means that these ports are crossover ports. This crossover is similar to the arrangement that was used for serial cables between two computers. Each serial port has a transmitter and receiver. Unless there was a null modem connection between two serial ports, or the cable was wired to cross transmit to receive and vice versa, the connection would not work. This is because the transmit port would be sending to the transmit port on the other side. Therefore note that you cannot connect two computers together with a straight network jumper cable between their network cards. You must use a special crossover cable that you can buy at most computer stores and some office supply stores for around 10 dollars. Otherwise, you must use a hub as shown here. The hub on the upper left is full, but it has an uplink port on the right which lets it connect to another hub. The uplink does not have a crossover connection and is designed to fit into a crossover connection on the next hub. This way you can keep linking hubs to put computers on a network. Because each hub introduces some delay onto the network signals, there is a limit to the number of hubs you can sequentially link. Also the computers that are connected to the two hubs are on the same network and can talk to each other. All network traffic including all broadcasts is passed through the hubs.

In the diagram, machine G has two network cards, eth0 and eth1. The cards eth1 and eth0 are on two different networks or subnetworks. Unless machine G is programmed as a router or bridge, traffic will not pass between the two networks. This means that machines X and Z cannot talk to machines A through F and vice versa. Machine X can talk to Z and G, and machines A though F can talk to each other and they can talk to machine G. All machines can talk to machine G. Therefore the machines are dependent on machine G to talk between the two networks or subnets.

Each network card, called a network interface card (NIC) has a built in hardware address programmed by its manufacturer. This is a 48 bit address and should be unique for each card. This address is called a media access control (MAC) address. The media, in our specific case will be the ethernet. Therefore when you refer to ethernet, you are referring to the type of network card, the cabling, the hubs, and the data packets being sent. You are talking about the hardware that makes it work, along with the data that is physically sent on the wires.

There are three types of networks that are commonly heard about. They are ethernet, token-ring, and ARCnet. Each one is described briefly here, although this document is mainly about ethernet.

Ethernet:

The network interface cards share a common cable. This cable structure does not need to form a structure, but must be essentially common to all cards on the network. Before a card transmits, it listens for a break in traffic. The cards have collision detection, and if the card detects a collision while trying to transmit, it will retry after some random time interval.

Token Ring:

Token ring networks form a complete electrical loop, or ring. Around the ring are computers, called stations. The cards, using their built in serial numbers, negotiate to determine what card will be the master interface card. This card will create what is called a token, that will allow other cards to send data. Essentially, when a card with data to send, receives a token, it sends its data to the next station up the ring to be relayed. The master interface will then create a new token and the process begins again.

ARCnet:

ARCnet networks designate a master card. The master card keeps a table of active cards, polling each one sequentially with transmit permission.

TCP/IP Ports and Addresses Each machine in the network shown below, has one or more network cards. The part of the network that does the job of transporting and managing the data across the network is called TCP/IP which stands for Transmission Control Protocol (TCP) and Internet Protocol (IP). There are other alternative mechanisms for managing network traffic, but most, such as IPX/SPX for Netware, will not be described here in much detail. The IP layer requires a 4 (IPv4) or 6 (IPv6) byte address to be assigned to each network interface card on each computer. This can be done automatically using network software such as dynamic host configuration protocol (DHCP) or by manually entering static addresses into the computer. Ports The TCP layer requires what is called a port number to be assigned to each message. This way it can determine the type of service being provided. Please be aware here, that when we are talking about "ports" we are not talking about ports that are used for serial and parallel devices, or ports used for computer hardware control. These ports are merely reference numbers used to define a service. For instance, port 23 is used for telnet services, and HTTP uses port 80 for providing web browsing service. There is a group called the IANA (Internet Assigned Numbers Authority) that controls the assigning of ports for specific services. There are some ports that are assigned, some reserved and many unassigned which may be utilized by application programs. Port numbers are straight unsigned integer values which range up to a value of 65535. Addresses Addresses are used to locate computers. It works almost like a house address. There is a numbering system to help the mailman locate the proper house to deliver customer's mail to. Without an IP numbering system, it would not be possible to determine where network data packets should go. IPv4, which means internet protocol version 4, is described here. Each IP address is denoted by what is called dotted decimal notation. This means there are four numbers, each separated by a dot. Each number represents a one byte value with a possible mathematical range of 0-255. Briefly, the first one or two bytes, depending on the class of network, generally will indicate the number of the network, the third byte indicates the number of the subnet, and the fourth number indicates the host number. This numbering scheme will vary depending on the network and the numbering method used such as Classless Inter-Domain Routing (CIDR) which is described later. The host number cannot be 0 or 255. None of the numbers can be 255 and the first number cannot be 0. This is because broadcasting is done with all bits set in some bytes. Broadcasting is a form of communication that all hosts on a network can read, and is normally used for performing various network queries. An address of all 0's is not used, because when a machine is booted that does not have a hardware address assigned, it provides 0.0.0.0 as its address until it receives its assignment. This would occur for machines that are remote booted or those that boot using the dynamic host configuration protocol (DHCP). The part of the IP address that defines the network is referred to as the network ID, and the latter part of the IP address that defines the host address is referred to as the host ID.

IPv6 is an enhancement to the IPv4 standard due to the shortage of internet addresses. The dotted notation values are increased to 12 bit values rather than byte (8 bit) values. This increases the effective range of each possible decimal value to 4095. Of course the values of 0 and 4095 (all bits set) are generally reserved the same as with the IPv4 standard.

An Example Network

In the diagram below, the earlier hardware wiring example is modified to show the network without the hubs. It also shows IP addresses assigned to each interface card. As you can see there are two networks which are 192.168.1.x and 192.168.2.x. Machines A through F are on network 192.168.1.x. The machines X and Z are on network 192.168.2.x, and machine G has access to both networks.

NIC	A	B	C	D	E	F	G	X	Z
eth0	192.168.1.7	192.168.1.6	192.168.1.5	192.168.1.4	192.168.1.3	192.168.1.2	192.168.1.1	192.168.2.2	192.168.2.3
eth1	-	-	-	-	-	-	192.168.2.1	-	-

Using this port and addressing scheme, the networking system can pass data, addressing information, and type of service information through the hardware, from one computer to another. The reason, there is an address for the hardware card (ethernet address, also called MAC address), and another assigned address for that same card (IP address), is to keep the parts of the network system that deal with the hardware and the software, independent of each other. This is required in order to be able to configure the IP addressing dynamically. Otherwise, all computers would have a static address and this would be very difficult to manage. Also, if a modification needs to be made to the hardware addressing scheme for any reason, in ethernet, it will be transparent to the rest of the system. Conversely if a change is made to the software addressing scheme in the IP part of the system, the ethernet and TCP protocols will be unaffected.

In the example above, machine F will send a telnet data packet to machine A. Roughly, the following steps occur.

1. The Telnet program in machine F prepares the data packet. This occurs in the application (Telnet), presentation, and session layers of the OSI network model.
2. The TCP software adds a header with the port number, 23, to the packet. This occurs in the transport (TCP) layer.
3. The IP software adds a header with the sender's and recipient's IP address, 192.168.1.2 to the packet. This occurs in the network (IP) layer.
4. The ethernet header is added to the packet with the hardware address of the network card and the packet is transmitted. This occurs in the link (Ethernet) layer.
5. Machine A's network card detects it's address in the packet, retrieves the data, and strips its header data and sends it to the IP layer.
6. The IP layer looks at the IP header, and determines if the sender's IP address is acceptable to provide service to (hosts.allow, hosts.deny, etc), and if so, strips the IP header and sends it to the TCP layer.
7. The TCP Layer reads the port number in it's header, determines if service is provided for that port, and what application program is servicing that port. It strips the TCP header and passes the remainder of the data to the telnet program on machine A.

Please note, that the network layers mentioned here are described in the next section. Also there are many types of support at each of the four TCP/IP network system layers, but that issue is addressed in the next section.

Network Protocol Levels You should be aware of the fact, that when talking about networking you will hear the word "protocol" all the time. This is because protocols are sets of standards that define all operations within a network. They define how various operations are to be performed. They may even define how devices outside the network can interact with the network. Protocols define everything from basic networking data structures, to higher level application programs. They define various services and utility programs. Protocols operate at many layers of the network models described below. There are protocols considered to be transport protocols such as TCP and UDP. Other protocols work at the network layer of the OSI network model shown below, and some protocols work at several of the network layers. RFCs Protocols are outlined in Request for Comments (RFCs). At the end of this document is a list of protocols and associated RFC numbers.Protocols. Although RFCs define protocols not all RFCs define protocols but may define other requirements for the internet such as RFC 1543 which provides information about the preparation of RFCs. The following RFCs are very central to the TCP/IP protocol. RFC 1122 - Defines host requirements of the TCP/IP suite of protocols covering the link, network (IP), and transport (TCP, UDP) layers. RFC 1123 - The companion RFC to 1122 covering requirements for internet hosts at the application layer RFC 1812 - Defines requirements for internet gateways which are IPv4 routers Network Models There are several network models which you may hear about but the one you will hear about most is the ISO network model described below. You should realize, however that there are others such as: The internet layered protocol The TCP/IP 4 layered protocol The Microsoft networking protocol

If you don't like any of these models, feel free to invent your own along with your own networking scheme of course, and add it to the list above. You can call it "The MyName Protocol". Ever wonder why networking can be so complex and confusing? Welcome to the world of free enterprise!

The ISO Network Model Standard

The International Standards Organization (ISO) has defined a standard called the Open Systems Interconnection (OSI) reference model. This is a seven layer architecture listed below. Each layer is considered to be responsible for a different part of the communications. This concept was developed to accommodate changes in technology. The layers are arranged here from the lower levels starting with the physical (hardware) to the higher levels.

1. Physical Layer - The actual hardware.
2. Data Link Layer - Data transfer method (802x ethernet). Puts data in frames and ensures error free transmission. Also controls the timing of the network transmission. Adds frame type, address, and error control information. IEEE divided this layer into the two following sublayers.
   1. Logical Link control (LLC) - Maintains the Link between two computers by establishing Service Access Points (SAPs) which are a series of interface points. IEEE 802.2.
   2. Media Access Control (MAC) - Used to coordinate the sending of data between computers. The 802.3, 4, 5, and 12 standards apply to this layer. If you hear someone talking about the MAC address of a network card, they are referring to the hardware address of the card.
3. Network Layer - IP network protocol. Routes messages using the best path available.
4. Transport Layer - TCP, UDP. Ensures properly sequenced and error free transmission.
5. Session Layer - The user's interface to the network. Determines when the session is begun or opened, how long it is used, and when it is closed. Controls the transmission of data during the session. Supports security and name lookup enabling computers to locate each other.
6. Presentation Layer - ASCII or EBCDEC data syntax. Makes the type of data transparent to the layers around it. Used to translate date to computer specific format such as byte ordering. It may include compression. It prepares the data, either for the network or the application depending on the direction it is going.
7. Application Layer - Provides services software applications need. Provides the ability for user applications to interact with the network.

Many protocol stacks overlap the borders of the seven layer model by operating at multiple layers of the model. File Transport Protocol (FTP) and telnet both work at the application, presentation, and the session layers.

The Internet, TCP/IP, DOD Model

This model is sometimes called the DOD model since it was designed for the department of defense It is also called the TCP/IP four layer protocol, or the internet protocol. It has the following layers:

1. Link - Device driver and interface card which maps to the data link and physical layer of the OSI model.
2. Network - Corresponds to the network layer of the OSI model and includes the IP, ICMP, and IGMP protocols.
3. Transport - Corresponds to the transport layer and includes the TCP and UDP protocols.
4. Application - Corresponds to the OSI Session, Presentation and Application layers and includes FTP, Telnet, ping, Rlogin, rsh, TFTP, SMTP, SNMP, DNS, your program, etc.

Please note the four layer TCP/IP protocol. Each layer has a set of data that it generates.

1. The Link layer corresponds to the hardware, including the device driver and interface card. The link layer has data packets associated with it depending on the type of network being used such as ARCnet, Token ring or ethernet. In our case, we will be talking about ethernet.
2. The network layer manages the movement of packets around the network and includes IP, ICMP, and IGMP. It is responsible for making sure that packages reach their destinations, and if they don't, reporting errors.
3. The transport layer is the mechanism used for two computers to exchange data with regards to software. The two types of protocols that are the transport mechanisms are TCP and UDP. There are also other types of protocols for systems other than TCP/IP but we will talk about TCP and UDP in this document.
4. The application layer refers to networking protocols that are used to support various services such as FTP, Telnet, BOOTP, etc. Note here to avoid confusion, that the application layer is generally referring to protocols such as FTP, telnet, ping, and other programs designed for specific purposes which are governed by a specific set of protocols defined with RFC's (request for comments). However a program that you may write can define its own data structure to send between your client and server program so long as the program you run on both the client and server machine understand your protocol. For example when your program opens a socket to another machine, it is using TCP protocol, but the data you send depends on how you structure it.

Data Encapsulation, a Critical concept to be understood

When starting with protocols that work at the upper layers of the network models, each set of data is wrapped inside the next lower layer protocol, similar to wrapping letters inside an envelope. The application creates the data, then the transport layer wraps that data inside its format, then the network layer wraps the data, and finally the link (ethernet) layer encapsulates the data and transmits it.

To continue, you should understand the definition of a client and server with regards to networking. If you are a server, you will provide services to a client, in much the same way as a private investigator would provide services to their clients. A client will contact the server, and ask for service, which the server will then provide. The service may be as simple as sending a single block of data back to the client. Since there are many clients, a server must be constantly ready to receive client requests, even though it may already be working with other clients. Usually the client program will operate on one computer, while the server program will operate on another computer, although programs can be written to be both a client and a server.

Lets say you write a client chat program and a server chat program to be used by two people to send messages between their machines. You run the server program on machine B, and the client program on machine A. Tom is on machine A and George is on machine B. George's machine is always ready to be contacted, but cannot initiate a contact. Therefore if George wants to talk to Tom, he cannot, until Tom contacts him. Tom, of course can initiate contact at any time. Now you decide to solve the problem and merge the functionality of the two programs into one, so both parties may contact the other. This program is now a client/server program which operates both as a client and a server. You write your code so when one side initiates contact, he will get a dialog box, and a dialog box will pop up on the other side. At the time contact is initiated, a socket is opened between the two machines and a virtual connection is established. The program will let the user (Tom) type text into the dialog window, and hit send. When the user hits send, roughly the following will happen.

1. Your program will pass Tom's typed text in a buffer, to the socket. This happens on machine A.
2. The underlying software (Code in a library called by a function your program used to send the data) supporting the socket puts the data inside a TCP data packet. This means that a TCP header will be added to the data. This header contains a source and destination port number along with some other information and a checksum. Deamon programs (Daemon definition at the bottom of this page) may also work at this level to sort packages based on port number (hence the TCP wrapper program in UNIX and Linux).
3. The TCP packet will be placed inside an IP data packet with a source and destination IP address along with some other data for network management. This may be done by a combination of your library function, the operating system and supporting programs.
4. The IP data packet is placed inside an ethernet data packet. This data packet includes the destination and source address of the network interface cards (NIC) on the two computers. The address here is the hardware address of the respective cards and is called the MAC address.
5. The ethernet packet is transmitted over the network line.
6. Assuming there is a direct connection between the two computers, the network interface card on machine B, will recognize its MAC address and grab the data.
7. The IP data packet will be extracted from the ethernet data packet. A combination of deamons and the operating system will perform this operation.
8. The TCP data packet will be extracted from the IP data packet. A combination of deamons, the operating system, and libraries called by your program will perform this function.
9. The data will be extracted from the TCP packet. Your program will then display the retrieved data (text) in the text display window for George to read.

Be aware that for the sake of simplicity, we are excluding details such as error management, routing, and identifying the hardware address of the NIC on the computer intended to receive the data. Also we are not mentioning the possible rejection of service based on a packet's port number or sender's IP address.

A deamon program is a program that runs in the background on a computer operating system. It is used to perform various tasks including server functions. It is usually started when the operating system is booted, but a user or administrator may be able to start or stop a daemon at any time.

IEEE 802 Standard The Data Link Layer and IEEE When we talk about Local Area Network (LAN) technology the IEEE 802 standard may be heard. This standard defines networking connections for the interface card and the physical connections, describing how they are done. The 802 standards were published by the Institute of Electrical and Electronics Engineers (IEEE). The 802.3 standard is called ethernet, but the IEEE standards do not define the exact original true ethernet standard that is common today. There is a great deal of confusion caused by this. There are several types of common ethernet frames. Many network cards support more than one type. The ethernet standard data encapsulation method is defined by RFC 894. RFC 1042 defines the IP to link layer data encapsulation for networks using the IEEE 802 standards. The 802 standards define the two lowest levels of the seven layer network model and primarily deal with the control of access to the network media. The network media is the physical means of carrying the data such as network cable. The control of access to the media is called media access control (MAC). The 802 standards are listed below: 802.1 - Internetworking 802.2 - Logical Link Control * 802.3 - Ethernet or CSMA/CD, Carrier-Sense Multiple Access with Collision detection LAN * 802.4 - Token-Bus LAN * 802.5 - Token Ring LAN * 802.6 - Metropolitan Area Network (MAN) 802.7 - Broadband Technical Advisory Group 802.8 - Fiber-Optic Technical Advisory Group 802.9 - Integrated Voice/Data Networks 802.10 - Network Security 802.11 - Wireless Networks 802.12 - Demand Priority Access LAN, 100 Base VG-AnyLAN *The Ones with stars should be remembered in order for network certification testing.

Network Access Methods

There are various methods of managing access to a network. If all network stations tried to talk at once, the messages would become unintelligible, and no communication could occur. Therefore a method of being sure that stations coordinate the sending of messages must be achieved. There are several methods listed below which have various advantages and disadvantages.

• Contention
  • Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) - Used by Ethernet
  • Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)
• Token Passing - A token is passed from one computer to another, which provides transmission permission.
• Demand Priority - Describes a method where intelligent hubs control data transmission. A computer will send a demand signal to the hub indicating that it wants to transmit. The hub sill respond with an acknowledgement that will allow the computer to transmit. The hub will allow computers to transmit in turn. An example of a demand priority network is 100VG-AnyLAN (IEEE 802.12). It uses a star-bus topology.
• Polling - A central controller, also called the primary device will poll computers, called secondary devices, to find out if they have data to transmit. Of so the central controller will allow them to transmit for a limited time, then the next device is polled.

Token passing performs better when the network has a lot of traffic, while ethernet which uses CSMA/CD is generally faster but loses performance when the network has a lot of traffic. CSMA/CD is basically a method that allows network stations to transmit any time they want. They, however, sense the network line and detect if another station has transmitted at the same time they did. This is called a collision. If a collision happened, the stations involved will retransmit at a later, randomly set time in hopes of avoiding another collision.

IP to link layer encapsulation

The requirements for IP to link layer encapsulation for hosts on a Ethernet network are:

• All hosts must be able to send and receive packets defined by RFC 894.
• All hosts should be able to receive a mix of packets defined by RFC 894 and RFC 1042.
• All hosts may be able to send RDC 1042 defined packets.

Hosts that support both must provide a means to configure the type of packet sent and the default must be packets defined by RFC 894.

Ethernet and IEEE 802 Encapsulation formats

Ethernet (RFC 894) message format consists of:

1. 6 bytes of destination address.
2. 6 bytes of source address.
3. 2 bytes of message type which indicates the type of data being sent.
4. 46 to 1500 bytes of data.
5. 4 bytes of cyclic redundancy check (CRC) information.

IEEE 802 (RFC 1042) Message format consists of 3 sections plus data and CRC as follows:

1. 802.3 Media Access Control section used to coordinate the sending of data between computers.
   1. 6 bytes of destination address.
   2. 6 bytes of source address.
   3. 2 bytes of length - The number of bytes that follow not including the CRC.
2. 802.2 Logical Link control establishes service access points (SAPs) between computers.
   1. 1 byte destination service access point (DSAP).
   2. 1 byte source service access point (SSAP).
   3. 1 byte of control.
3. Sub Network Access Protocol (SNAP).
   1. 3 bytes of org code.
   2. 2 bytes of message type which indicates the type of data being sent.
4. 38 to 1492 bytes of data.
5. 4 bytes of cyclic redundancy check (CRC) information.

Some ethernet message types include:

• 0800 - IP datagram with length of 38 to 1492 bytes.
• 0806 - ARP request or reply with 28 bytes and pad bytes that are used to make the frame long enough for the minimum length.
• 8035 - RARP request or reply of 28 bytes and pad bytes that are used to make the frame long enough for the minimum length.

These message types are the same for both formats above with the exception of the pad bytes. The pad bytes for the RFC 894 and RFC 1042 datagrams are of different lengths between the two message formats because the RFC 894 minimum message length is 46 bytes and the RFC 1042 minimum message length is 38 bytes. Also the two message formats above are distinguishable from each other. This is because the RFC 894 possible length values are exclusive of RFC 1042 possible type values.

Trailor Encapsulation

This is described in RFC 1122 and RFC 892, but this scheme is not used very often today. The trailer protocol [LINK:1] is a link-layer encapsulation method that rearranges the data contents of packets sent on the physical network. It may be used but only after it is verified that both the sending and receiving hosts support trailers. The verification is done for each host that is communicated with.

RFC 1122 states: "Only packets with specific size attributes are encapsulated using trailers, and typically only a small fraction of the packets being exchanged have these attributes. Thus, if a system using trailers exchanges packets with a system that does not, some packets disappear into a black hole while others are delivered successfully."

Trailer negotiation is performed when ARP is used to discover the media access control (MAC) address of the destination host. RFC 1122 states: "a host that wants to speak trailers will send an additional "trailer ARP reply" packet, i.e., an ARP reply that specifies the trailer encapsulation protocol type but otherwise has the format of a normal ARP reply. If a host configured to use trailers receives a trailer ARP reply message from a remote machine, it can add that machine to the list of machines that understand trailers, e.g., by marking the corresponding entry in the ARP cache."

Network Categories TDP/IP includes a wide range of protocols which are used for a variety of purposes on the network. The set of protocols that are a part of TCP/IP is called the TCP/IP protocol stack or the TCP/IP suite of protocols. Considering the many protocols, message types, levels, and services that TCP/IP networking supports, I believe it would be very helpful to categorize the various protocols that support TCP/IP networking and define their respective contribution to the operation of networking. Unfortunately I have never seen this done to any real extent, but believe it would be worthwhile to help those learning networking understand it faster and better. I cannot guarantee that experts will agree with the categorizations that will be provided here, but they should help the reader get the big picture on the various protocols, and thus clarify what the reason or need is for each protocol. As mentioned previously, there are four TCP/IP layers. They are link, network, transport, and application. The link layer is the hardware layer that provides ability to send messages between multiple locations. In the case of this document, ethernet provides this capability. Below I define several categories some of which fit into the 4 layer protocol levels described earlier. I also define a relative fundamental importance to the ability of the network to function at all. Importance includes essential, critical, important, advanced, useful. Essential - Without this all other categories are irrelevant. Critical - The network, as designed, is useless without this ability. Important - The network could function, but would be difficult to use and manage. Advanced - Includes enhancements that make the network easier to use and manage. Useful - Functionality that you would like to be able to use as a network user. Applications or some functionality is supported here. Without this, why build a network? The categories are:

Name(layer)	Importance	Names of protocols	What it does
Hardware(link)	Essential	ethernet, SLIP, PPP, Token Ring, ARCnet	Allows messages to be packaged and sent between physical locations.
Package management(network)	Essential	IP, ICMP	Manages movement of messages and reports errors. It uses message protocols and software to manage this process. (includes routing)
Inter layer communication	Essential	ARP	Communicates between layers to allow one layer to get information to support another layer. This includes broadcasting
Service control(transport)	Critical	TCP, UDP	Controls the management of service between computers. Based on values in TCP and UDP messages a server knows what service is being requested.
Application and user support	Important	DNS, RPC	DNS provides address to name translation for locations and network cards. RPC allows remote computer to perform functions on other computers.
Network Management	Advanced	RARP, BOOTP, DHCP, IGMP, SNMP,RIP, OSPF, BGP, CIDR	Enhances network management and increases functionality
Utility(Application)	Useful	FTP, TFTP, SMTP, Telnet, NFS, ping, Rlogin	Provides direct services to the user.

There are exceptions to my categorizations that don't fit into the normal layering scheme, such as IGMP is normally part of the link layer, but I have tried to list these categorizations according to network functions and their relative importance to the operation of the network. Also note that ethernet, which is not really a protocol, but an IEEE standard along with PPP, SLIP, TokenRing, and ArcNet are not TCP/IP protocols but may support TCP/IP at the hardware or link layer, depending on the network topology.

The list below gives a brief description of each protocol

• ethernet - Provides for transport of information between physical locations on ethernet cable. Data is passed in ethernet packets
• SLIP - Serial line IP (SLIP), a form of data encapsulation for serial lines.
• PPP - Point to point protocol (PPP). A form of serial line data encapsulation that is an improvement over SLIP.
• IP - Internet Protocol (IP). Except for ARP and RARP all protocols' data packets will be packaged into an IP data packet. Provides the mechanism to use software to address and manage data packets being sent to computers.
• ICMP - Internet control message protocol (ICMP) provides management and error reporting to help manage the process of sending data between computers.
• ARP - Address resolution protocol (ARP) enables the packaging of IP data into ethernet packages. It is the system and messaging protocol that is used to find the ethernet (hardware) address from a specific IP number. Without this protocol, the ethernet package could not be generated from the IP package, because the ethernet address could not be determined.
• TCP - A reliable connection oriented protocol used to control the management of application level services between computers.
• UDP - An unreliable connection less protocol used to control the management of application level services between computers.
• DNS - Domain Name Service, allows the network to determine IP addresses from names and vice versa.
• RARP - Reverse address resolution protocol (RARP) is used to allow a computer without a local permanent data storage media to determine its IP address from its ethernet address.
• BOOTP - Bootstrap protocol is used to assign an IP address to diskless computers and tell it what server and file to load which will provide it with an operating system.
• DHCP - Dynamic host configuration protocol (DHCP) is a method of assigning and controlling the IP addresses of computers on a given network. It is a server based service that automatically assigns IP numbers when a computer boots. This way the IP address of a computer does not need to be assigned manually. This makes changing networks easier to manage. DHCP can perform all the functions of BOOTP.
• IGMP - Internet Group Management Protocol used to support multicasting.
• SNMP - Simple Network Management Protocol (SNMP). Used to manage all types of network elements based on various data sent and received.
• RIP - Routing Information Protocol (RIP), used to dynamically update router tables on WANs or the internet.
• OSPF - Open Shortest Path First (OSPF) dynamic routing protocol.
• BGP - Border Gateway Protocol (BGP). A dynamic router protocol to communicate between routers on different systems.
• CIDR - Classless Interdomain Routing (CIDR).
• FTP - File Transfer Protocol (FTP). Allows file transfer between two computers with login required.
• TFTP - Trivial File Transfer Protocol (TFTP). Allows file transfer between two computers with no login required. It is limited, and is intended for diskless stations.
• SMTP - Simple Mail Transfer Protocol (SMTP).
• NFS - Network File System (NFS). A protocol that allows UNIX and Linux systems remotely mount each other's file systems.
• Telnet - A method of opening a user session on a remote host.
• Ping - A program that uses ICMP to send diagnostic messages to other computers to tell if they are reachable over the network.
• Rlogin - Remote login between UNIX hosts. This is outdated and is replaced by Telnet.

Each protocol ultimately has it's data packets wrapped in an ethernet, SLIP, or PPP packet (at the link level) in order to be sent over the ethernet cable. Some protocol data packets are wrapped sequentially multiple times before being sent. For example FTP data is wrapped in a TCP packet which is wrapped in a IP packet which is wrapped in a link packet (normally ethernet). The diagram below shows the relationship between the protocols' sequential wrapping of data packets.

Network Devices Repeaters, Bridges, Routers, and Gateways Network Repeater A repeater connects two segments of your network cable. It retimes and regenerates the signals to proper amplitudes and sends them to the other segments. When talking about, ethernet topology, you are probably talking about using a hub as a repeater. Repeaters require a small amount of time to regenerate the signal. This can cause a propagation delay which can affect network communication when there are several repeaters in a row. Many network architectures limit the number of repeaters that can be used in a row. Repeaters work only at the physical layer of the OSI network model. Bridge A bridge reads the outermost section of data on the data packet, to tell where the message is going. It reduces the traffic on other network segments, since it does not send all packets. Bridges can be programmed to reject packet