NET 102 - Networking Essentials II

Chapter 1, CompTIA Network+ in a Nutshell; Chapter 2, Network Models


This lesson introduces the student to networking concepts relating to models and testing. Objectives important to this lesson:

  1. Explain the purpose and function of the OSI model and the layers of the OSI model
  2. Describe specific networking services within each layer of the OSI model
Chapter 1

The author begins chapter 1 in a friendly, conversational tone that goes on for several pages before page 1. On the bottom of page 1 he informs us that this book complies with standards from CompTIA, the Computing Technology Industry Association. I don't know why someone chose to use four letters of the first word when they made that acronym. It is important to know that CompTIA is an industry association that is not affiliated with a particular company. CompTIA offers several certifications associated with computer careers. The text discusses the Network+ certification, and remarks that this book is meant to prepare you to take that test. Personally, I think this chapter about taking the test should be the last chapter, not the first one, because the author has not taught you anything yet. Review this chapter after you complete this course for ideas about how to study for the Network+ test, if you are planning to take it.

Chapter 2

Traffic on a network is broken into packets,smaller message units that are transmitted more easily on a network. Each packet must hold at least two addresses: that of the sender and that of the recipient. They also hold data, and numbers that tell the receiving device how to reassemble the pieces of the message. Chapter 2 is mainly about one network model, the ISO-OSI model, which is a logical (as opposed to physical) model that explains how networks handle their packets and perform other useful functions. The text only calls this the OSI, or Open Systems Interconnect model. ISO, the International Organization for Standardization, is another trade association that sets standards for the computer industry. Note that ISO is not an acronym. It is based on the Greek word isos, which means same, and stands for their goal of standardization.

The text says nothing useful for three pages. The author gets around to what I just told you on page 11. He wants to talk about the OSI model and another model he calls the TCP/IP model That may be one name for it. A better name is the Department of Defense, or DoD model. The Internet was created by the Advanced Research Projects Agency (ARPA) of the Department of Defense of the United States. The DoD model is the model that was used. Perhaps the author, and others, are trying to be politically sensitive. We can call it the TCP/IP model if he likes.

TCP, by the way, is Transmission Control Protocol, and IP is Internet Protocol. A protocol is a set of rules for how a program that runs on a network works. IP is for sending packets, TCP is for making sure they get there. The combination of the two, TCP/IP, is a large part of how the Internet works.

The OSI Model has seven layers, each of which has a name and a number.

  • 7 - Application
  • 6 - Presentation
  • 5 - Session
  • 4 - Transport
  • 3 - Network
  • 2 - Data Link
  • 1 - Physical

The author tells you the names of the seven layers, and mentions that some protocols operate only on one layer, but there are also protocols whose functions span two or more layers. What determines whether a protocol runs only on one layer? The things it does must fit the topics, the operational functions, of a layer for the protocol to belong/live/run on that layer. See the list of layers and topics in the chart below. The chart shows methods, too. A method is how you accomplish the goals of a topic.

So, the author starts explaining the model by telling you some of the things associated with it.

  1. In the Physical layer, we pick a communications medium, which is usually UTP (unshielded twisted pair) cable, because it is inexpensive, easy to use, and it works well. The author mentions hubs in this layer. A hub can also be called a concentrator, because it is where lots of wires come together (concentrate). The author confuses the description by saying that a hub is like a telephone switchboard, which most of you have probably never seen, but Wikipedia has decent pictures. A hub is like a switchboard in that lots of wires from different devices come together there. It is also NOT like a switchboard, in that any signal sent into a hub will come out on ALL the other wires. On a telephone switchboard, like those shown on Wikipedia, a telephone operator determined what circuit you needed to be connected to, made the connection, and your signal only went on that circuit. That's why we don't use hubs any more: we use switches, which do what the operator did.

    A lot of other topics are covered by the physical layer of the OSI model. In the chart below, you can see that this layer has more topics that any other. We will talk about them more as we go along.

  2. The author uses the Network Interface Card (NIC) as a reason to go to the Data-Link layer. Network cable connects to the NIC, which connects a computer to the network. NICs belong on the Data-Link layer because they have addresses that are hard coded (burned in) to them. This kind of address is also called a physical address, but that does not place the NIC on the Physical layer. A better name for the address is a MAC address, because the address is used for Media Access Control, which has to do with how devices share the medium. Before we can make them share, we have to tell them apart, so we use addresses. The text shows an example of a MAC address written two ways: as twelve hexadecimal characters with no breaks, and as six pairs of hexadecimal characters with hyphens between them. (Sometimes they use colons instead of hyphens.) The paired format is easier to read, and if you see a lot of them, it makes it easier to notice that the first six characters in a MAC address identify a manufacturer. (Large manufacturers have lots of six character sequences assigned to them.) I just checked my MAC address with the procedure on page 15, and saw that it begins 5C-26-0A. Google that, and tell me what kind of computer I am using.

    After remarking that computers and NICs may send signals with electricity, light, or radio waves, the author turns to a new idea: frames. I already said that we break signals into packets. Well, you should know that we also collect data into usable clumps or clusters. On the Data Link layer, where NICs live, those clusters are called frames. Many frame types have been created over the years. For any two devices on the same network to communicate, they must send and receive frames of the same type. (Devices that connect one network to another can translate frames from one type to another.) One year I ran into several new computers that were configured with a default frame type (802.3) that was not the type our network used. Guess what? Users could not log in to the network on those computers until they were reconfigured to use Ethernet II frames. Once I diagnosed the problem, I told my staff what to do, and it was a ten minute fix for every device that had the problem.

    At the top of page 17, there is a diagram of a generic frame, which shows four elements that you can expect a frame to hold: the destination MAC address, the source MAC address, the data being sent, and an FCS, which is a Frame Check Sequence, which is an error check for the data in the frame.

    The author mentions that different networks use different size frames. This is true. He then says that frames hold about 1500 bytes of data. That is not so true. Some frame types hold different amounts of data, some less than 1500 bytes. 1500 bytes is a typical limit on the data field size.

    The author also tells you that every device on a network can see every frame that is transmitted on it. There are exceptions, especially when we start breaking networks into subnets, but in his simple example the statement is true. His point is that a frame is usually addressed to a particular NIC, because frames use MAC addresses. (They hold the MAC address of the sender and the receiver.)  Because of this, only the device whose MAC address matches a frame will process that frame. There are two exceptions to this rule. First, as the author explains, a frame sent to the broadcast address (FF-FF-FF-FF-FF-FF) of a network. will be processed by all devices. That address, by the way, is the broadcast address for frames on any network, not just a particular one. In the second case, a network admin may set the NIC on device to work in promiscuous mode, which means that it processes all frames, which is useful in monitoring activity on a network.

    Regarding the broadcast MAC address, that address can be used to make a general request to all devices on a system, asking them to respond with their MAC addresses and some kind of device name. There are several systems of naming, which we will see in a later chapter.

    On page 21, the author mentions in a marginal note that the Data Link layer is the only OSI layer with sublayers. They are the MAC sublayer and the LLC sublayer. He describes some of the functions of each sublayer, and calls it good. There are other topics that belong there:
    • MAC sublayer
      • Logical Topology - 2 methods:
        • Bus - passes frames to all devices at once
        • Ring - passes frames from one device to the next in a circular path
      • Media Access - 3 methods:
        • Contention - devices transmit when they need to, if the line is clear
        • Token Passing - devices take turns transmitting
        • Polling - devices are asked if they need to transmit
      • Addressing - 1 method:
        • Physical Device Address - the MAC address
    • LLC sublayer
      • Transmission Synchronization - 3 methods:
        • Synchronous - devices send markers for signal timing in each conversation
        • Asynchronous - devices send markers for signal timing in each frame
        • Isochronous - devices use a common network timing signal
      • Connection Services - 3 methods:
        • Unacknowledged Connectionless - no guarantee of delivery
        • Connection Oriented - guaranteed delivery
        • Acknowledged Connectionless - usually point-to-point, so connection services not needed
    • Data cluster type: Frames

  3. When the world was new and there were only four computers that were about to be connected to what would become the Internet, the kind of networking that only used layers 1 and 2 may have been enough.

    When it was first turned on (1969), the ARPANET connected computer networks at only four locations: UCLA, Stanford University, UC Santa Barbara, and the University of Utah. When the first message was sent on it, the connection failed before the first word was completely sent. Things got better.

    As soon as it became a goal to connect separate networks together, the ARPANET planners knew it would be necessary to use a method that named networks as well as the devices on them. Several methods of accomplishing this have been devised by different vendors. The method that has become dominant is the one that is used on the Internet, IP addressing.

    In this section about the Network layer, the author tells us that TCP and IP are only two protocols out of a much larger suite of protocols. Internet Protocol (IP) is used for an addressing scheme that includes a reference to an individual device, and to the network it is on. IP lives on the Network layer, Layer 3. On an IP network, each device (node) is known as a host, and every host must have an address.

    The addresses we discuss first are actually IP version 4 addresses. (IPv6 addresses will be 16 bytes, or 128 bits long.) IP version 4 addresses are numeric addresses, stored as four bytes, which is equal to 32 bits. For example: an IP v.4 address might be Each of the four numbers is held on one byte, which means no number can be bigger than 255. IP addresses contain two parts: one part of the address identifies the network a host is on, and the other part identifies the host itself. Every network is assigned an address which could take up one, two, or three bytes, depending on the class of the network (A, B, or C). The remaining byte or bytes are typically used for hosts on networks. (It gets more complex: this is how we start.)

    In the example above, the 10 (in the first byte) might be the network identifier, or it might be the 10 and the 45 (in the first two bytes) or it could be the 10, the 45, and the 17 (in the first three bytes), depending whether we are treating this network as a class A, B, or C network. Or we could treat it as a classless network, in which case it gets messy. We'll worry about that later.

    IP addresses, and any addresses associated with the Network layer, are logical addresses. This means they are not permanently associated with a piece of hardware like a MAC address and a NIC. A logical address is assigned to a device, by an administrator, by a user, or by a network device assigned to do so. The text shows a picture of a router on page 24, which appears to be a typical consumer device you might buy from most electronic stores. This is an example of a device that would assign an IP address to any other device that is connected to one of its switch ports. It does so because it acts like a switch (connecting devices on a small network), like a router (connecting your network to your Internet Service Provider's network), and like a Dynamic Host Configuration Protocol (DHCP) server, which is a device or program that assigns IP addresses to devices on a network. The DHCP service makes note of the MAC address of each device it gives an IP address to, to make sure it does not give out the same IP address to two currently connected devices. Giving the same address to two devices would keep at least one of them from being able to use the network.

    The text finally mentions the word packet, and tells you that a packet is a message unit that is used on the Network layer. In fact, the correct word for the Network layer is datagram, but the author apologizes in a marginal note on page 27, stating that he is using the word packet in a generic way. His point is that there is a Network layer message unit inside each frame. He does not explain why. I am beginning to imagine our author, a deserted building, and a pair of pliers. Okay, I feel better now. Let me explain something.

    Imagine the diagram below as the stack of protocols being used to send a signal out onto the Internet.
    • As I prepare this signal to go, I start at the Application layer, where the message is packaged by Application layer rules, then passed down to the Presentation layer.
    • The Presentation layer receives the message,  repackages it as needed by its rules, keeping the information from the Application layer inside the packets it makes, then hands its packets off to the Session layer.
    • The Session layer negotiates a connection with the next machine it needs to send to, which it does while it takes the received Presentation packets and repackages them as Session packets. These are handed off to the Transport layer.
    • The Transport layer continues the pattern: add your magic, wrap it around the received packets, and put them all in your own message units called segments. The segments are handed off to the Network layer.
    • The Network layer continues: it does its thing, adds IP addresses for source and destination, rewraps the segments as datagrams, and hands them to the Data Link layer.
    • The Data Link layer does not change what is in the datagrams, but it adds MAC addresses for source and destination. (Some real magic happens here. If the author never gets to it, I will tell you later.) The datagrams are rewrapped as frames, and they are pushed to a network on the Physical layer.
    • The Physical layer takes the frames, which are perceived as a stream of bits, moves them as needed to the next device, again and again, until the stream is processed by a NIC on a receiving machine, which may be the final destination or a router along the way.

      That's what happens, from layers 7 through 1, in the machine sending a message. On the final destination machine, the received message is processed through the layers from layers 1 through 7, until the message is received by a program that knows what to do with it. That is why there are IP packets inside the frames that the Network layer opens. They were put there by the Network layer processes of the sending machine. And this is why we usually explain this process from the top down instead of from the bottom up.

  4. Layer 4 is the Transport layer. As I have mentioned, its data units are called segments, and one of the processes of this layer is called segment development. What that means is actually simple: large messages that won't fit in one segment are broken down and the pieces are placed in two or more segments. Sometimes a message is very small, in which case the segment it is placed into would not be full. Segments are required to be full, so extra bits are generated to be used as filler.

    The text tells us that the segments of a larger message are given numbers so they can be reassembled at their destination. This is not unique to this layer. Any layer that packages things into packet does the same thing.

    The text does not mention that the TCP protocol operates on the Transport layer, which makes this layer associated with the word reliable. The author almost says this in the last sentence in this section. What he means to say is that if a packet is lost or received in a damaged state, a replacement copy of the packet is requested. This is one aspect of reliable, guaranteed delivery.

  5. Layer 5 is the Session layer, which the text explains as being useful when any device is doing more than one thing at a time on the network. Have you ever had two browser windows open at once? When you click something in one of those windows (or tabs), how does the computer know where to put the response to that click? Each of those windows is assigned a different session ID, which is used in any requests that are sent from it. This assignment of session IDs takes place for other kinds of connections as well, for any program that establishes a connection to a service across a network.

  6. Layer 6 is the Presentation layer, which our author seems to think does nothing, since all files are stored in common formats in the 21st century. I think the author and I had different teachers for this course. Files can still be stored by different methods on mainframes as opposed to PC based servers, bytes can still be sent across a wire most significant digit first or last, and most importantly files can be encrypted. Encryption services live on the Presentation layer.

  7. The Application layer is layer 7, the top layer in the OSI model. The author makes the point that this layer is about the network interfaces that exist so that application programs can use network services, like file service, print services, and message services.
DoD layer name
(and TCP/IP name)
OSI Layer name
Topics & Methods
Process/Application layer
(Application layer)
(layer 7)

  • Network Services
    • File services
    • Print services
    • Message services
    • Application services
    • Database services
  • Service Advertisement - how services become known
  • Service Use - how services are obtained
  • Data cluster type: Messages
(layer 6)

  • Translation - bit translation, byte translation, character code translation, file translation
  • Encryption - cipher, private key, or public key
  • Data cluster type: Packets
(layer 5)
  • Dialog Control - simplex, half-duplex and duplex
  • Session Administration - connection establishment, data transfer, and connection release
  • Data cluster type: Packets
Host-to-Host layer
(Transport layer)
(layer 4)
  • Address/name Resolution
  • Addressing
  • Segment Development - breaking large messages into segments,
    combining small messages into segments
  • Connection Services
  • Data cluster type: Segments
Internet layer
(Internet layer)
(layer 3)
  • Addressing - network addresses. 2 methods:
    • Logical Network
    • Service
  • Switching - route creation for packets, messages and circuits. 3 methods:
    • Packet switching
    • Message switching
    • Circuit switching
  • Route Discovery - finding a route. 2 methods:
    • Distance vector
    • Link-state
  • Route Selection - choosing a route. 2 methods:
    • Static
    • Dynamic
  • Connection Services - flow control, error control and packet sequence control. 3 methods:
    • Network-layer flow control
    • Error control
    • Packet sequence control
  • Data cluster type: Datagrams
Network Access layer
(Link layer)
Data Link
(layer 2)

  • MAC sublayer
    • Logical Topology - 2 methods:
      • Bus
      • Ring
    • Media Access - 3 methods:
      • Contention
      • Token Passing
      • Polling
    • Addressing - 1 method:
      • Physical Device Address - the MAC address
  • LLC sublayer
    • Transmission Synchronization - 3 methods:
      • Synchronous
      • Asynchronous
      • Isochronous
    • Connection Services - 3 methods:
      • Unacknowledged Connectionless
      • Connection Oriented
      • Acknowledged Connectionless
  • Data cluster type: Frames
(layer 1)

  • Connection Type - 2 methods:
    • Point-to-Point
    • Multipoint
  • Physical Topology - 5 methods:
    • Bus
    • Ring
    • Star
    • Mesh
    • Cellular
  • Digital Signaling - 2 methods:
    • Current State
    • State Transition
  • Analog Signaling - 2 methods:
    • Current State
    • State Transition
  • Bit Synchronization - 2 methods:
    • Synchronous
    • Asynchronous
  • Bandwidth Usage - 2 methods:
    • Baseband
    • Broadband
  • Multiplexing - 3 methods:
    • Frequency Division
    • Time Division
    • Statistical Time Division
  • No data clusters, just bits

The text moves on to the TCP/IP model, which is not actually different from the OSI model, it is more like just being a different way of looking at the OSI model. In the introduction to this section, the text explains that this model's Link layer is also called the Network Interface Layer. Really, guys? Kind of like the DoD model? Then what was the point in pretending that this is a new model? Hand me the pliers, Finch. Somebody at CompTIA needs to answer some questions.

Bottom line, it appears that CompTIA will put some questions on its test about its own spin on the DoD model, so you will want to know about its version in order to pass the test.

  • Link (Network Interface) layer - this layer describes how networks are laid out, and how devices share access to the network medium
  • Internet layer - this layer finds routes from one network to another, addresses devices and networks, and provides access to gateways between networks. A short list of protocols that work on this layer: IP, ICMP, ARP, and RARP
  • Transport (Host-to-host) layer - Your book refers to this as the Transport layer, which is its name in the OSI model. Traditionally, it is called the Host-to-host layer in the DoD model. The purpose of this layer is to provide reliable delivery of packets across networks. The protocol that provides this function is TCP. Another protocol, UDP, also functions on this layer, but UDP is considered connectionless.
  • Application (Process/Application) layer - this layer provides access to network services for applications that run on a client workstation. Some protocols that function on this layer: HyperText Transfer Protocol (HTTP) for the World Wide Web, Simple Mail Transfer Protocol (SMTP) for e-mail, and File Transfer Protocol (FTP) for uploading and downloading files.

The text introduces a concept on page 34 that is important to understand. We have talked about several protocols that are used on most networks. One way of looking at these protocols is to determine whether they are connection-oriented or connectionless. Connection-oriented protocols make sure things are delivered. Connectionless protocols just send and hope for the best. You generally use connectionless protocols when you are transmitting a short distance over a known medium, like sending directly to a printer. Otherwise, connectionless protocols are used together with a connection-oriented protocol to make sure the packets are delivered.

  • Transmission Control Protocol (TCP), is connection-oriented. This is the protocol that makes the TCP/IP suite reliable. It operates in the Transport (Host-to-Host) layer.
  • User Datagram Protocol (UDP) operates in the Transport (Host-to-Host) layer, but it is connectionless, so it is faster than TCP. Connectionless protocols send their data but they do not check to see if the intended receiver got the data.
  • Internet Protocol (IP) is a connectionless protocol that supports routing (finding paths to networks), fragmentation (breaking data into numbered pieces) , and reassembly (reassembling the pieces into usable data). It operates in the Network (Internet) layer.

    Note: if you have to decide whether a protocol is connectionless (IP, IPX, UDP) or connection-oriented (TCP, SPX), it is connectionless if it starts with a vowel. This trick only applies to protocols that you need to categorize this way.

Assignment 1: Chapter 2 Terms and Multiple Choice

  1. Complete the Key Term quiz on page 41. You do not have to type the whole sentence, just the phrase that completes each question.
  2. Complete the Multiple Choice quiz on pages 41 and 42.