Local Area Networking Notes

This article describes local area networking protocols and APIs, including NetBEUI, NETBios, TCP, IP, IPX, SPX, ARP, RARP, RIP, SNMP, DLC, IPX/SPX, NDIS, ODI, AND TDI.

Part 10: Local Area Networking Protocols and APIs

(McFrederies, p.998,1000; Andrews, p.917)

Summary of Networking Protocols

Acronym Protocol Purpose/OSI Layer
NetBEUI Net Bios Extended User Interface Transport
TCP Transmission Control Protocol Transport
IP Internet protocol Network layer
IPX Internet Packet Exchange Network layer
SPX Sequenced Packed Exchange Transport layer
ARP Address Resolution Protocol Maps Network layer (3) addresses to data link layer (2), or IPS addresses to MAC addresses, or Logical addresses to physical addresses
RARP Reverse Address Resolution Protocol Maps Data-link layer (2) to network layer (3), or MAC addresses to IP addresses, or Physical addresses to logical addresses
RIP Routing Information Protocol Updates entries in a routing table
SNMP Simple Network Management Protocol Provides performance, error, and other analysis and trouble-shooting information (Network Management [and switches]

(Sportack, p.152)



Descriptions of Network Protocols

NetBeui/NetBios

(Sportack, pp 380-81; Minasi, p.80)

IBM originally created NetBIOS as a network protocol. Then they added functionality (extended it) and renamed it NetBEUI (NetBIOS Extended User Interface).

In the late 1980's NetBEUI was split, with NetBIOS becoming a generic networking API and NetBEUI becoming a transport protocol.

NetBEUI is a fast and efficient transport protocol - an excellent choice for small workgroups using peer-to-peer or small client/server networks.

NetBEUI is a subnet-only protocol - it cannot be routed (has no network protocol).

Considered a native protocol for NT.

TCP/IP

(Minasi, Chapter 14; Andrews,pp.939-955)

Intro

TCP Suite - an internetworking protocol designed to inter-connect both similar and dissimilar networks (Minasi, p.81) into WANs.

Design goals (in addition to Host Independence) Minasi, p.835):

  • Good failure recovery
  • Handle High Error rates
  • Subnetworks added on the fly
  • Low Overhead (small and simple)

TCP/IP is now used increasingly for smaller networks as well, partly because it enjoys widespread support.

Compare TCP/IP with non-routable protocols such as NetBEUI. On each segment of Ethernet and Token LANs, every station hears every message.

Well, but doesn't every station running tcp/ip hear every message from all the other stations on their "segment"? but perhaps not on their "subnet"?

However, TCP/IP is a routable protocol (as are ipx/spx, x.25, and TP4).

Which protocol does this? It must be IP?:

On a router, the IP protocol unpacks the (Ethernet/Token Ring/ArcNet) packet and re-packages it in the IP it's own format (fixed 20-byte header at the front - up to 40 more header bits after the data, which is compressed for transport. At the destination - NO, at the router, not the destination - data is decompressed and "repackatized" for the destination architecture.

Do the source and the destination need to have the same architecture? I.e. ethernet-ethernet and never token ring-ethernet?

No, TCP/IP suite of protocols is designed to be independent of any specific media, topology, or network architecture.

IP Addresses

32-bit numbers, arranged into 4 groups of 8 bits. Thus, it is a quad of octets, sometimes called simply a quad number because it is also a quad of up to 3-digit decimal numbers.

00000000 00000000 00000000 00000001 Up to 256 combo's of 8 bits
0 0 0 1  
11111111 11111111 11111111 11111111  
255 255 255 255 256 to 4th power, or 2 to 32nd power=4.3 billion combo's
Network Classes and IP Addresses

(Minasi, p.844, Figure 14.6)

First Quad Second Quad Third Quad Fourth Quad Use
0XXXXXXX AAAAAAAA LLLLLLLL LLLLLLLL LLLLLLLL Class A [0-126] 127 Class A Networks. Each with possible 16 million host addresses (224)
01111111       Reserved [127], Loopback address. Only one, which wasted 24 million addresses
10XXXXXX AAAAAAAA AAAAAAAA LLLLLLLL LLLLLLLL Class B [128-191] Each of 16,384 Class B Networks get 60%,535 host addresses
110XXXXX AAAAAAAA AAAAAAAA AAAAAAAA LLLLLLLL Class C (192-223) Up to 254 hosts on 2,097,152 Class C Networks
1110XXXX       Reserved multicast addresses [224-239]
1111XXXX       Reserved, experimental addresses [240-255]


L=local assignation

A=Assigned by NIC

Networking Addresses For Exercises
Address Purpose
127.0.0.1 Loopback to current host
192.168.10.0 Network Number
192.168.10.1 Default Gateway (Router)
192.168.10.2 Server, A_Domain
192.168.10.3 -192.168.10.10 Manually or dynamically assigned to workstations in A_Domain
192.168.10.12 Server, B_Domain
192.168.10.13 -192.168.10.30 Manually or dynamically assigned to workstations in B_Domain
192.168.10.255 IP Broadcast Address (all binary one's)
Subnet

A network segment is a physical division, set off by switches/routers. All it means is it's a broadcast area, i.e. broadcasts will go to an entire network segment.

A subnet is a logical organization method for IP networking (also IPX, I believe). You can have multiple subnets running on a single hub even.

Example: In Newport, all the PCs are on 155.42.140.x and all the Macs are on 155.42.139.x. Doesn't matter that a Mac and a PC can sit next to each other and be plugged into the exact same hub. The router in the closet knows that these two subnets are local, and handles the interchange between the two.

A subnet mask is a number that defines what part of an IP address refers to the network (subnet), and which part refers to the host (node).

Assigning IP Addresses

IP addresses can be manually assigned to machines using the Networking Applet in Win9x and NT.

When addresses are assigned manually, they are called static IP addresses.

On larger networks, the 254 addresses available to a class C license are inadequate to provide an IP to every seat, so hosts which are not actually connected to the Internet use private network IP addresses.

The standard private network addresses (which are not passed along by routers) are standard ranges of addresses which any network can assign to hosts which are not being connected to the Internet.

Reasons for using private network addresses on our networks:

  • Hardware and software know about them and facilitate transactions
  • Probably not possible to let stray information wander onto the Internet.

Private Network Addresses

From To
10.0.0.0 10.255.255.255
172.16.0.0 172.31.255.255
192.168.0.0 192.168.255.255

Dynamically assigned IP addresses (DHCP)

(Minasi, pp.912-938)

Dynamically assigned IP addresses offer two advantages over static addresses:

  • They are more convenient to administer
  • They maximize an organization's usage of its Internet IP address pool

A server running the Dynamic Host Configuration Protocol (DHCP) dynamically assigns IP addresses to clients.

DHCP does NOT relate host names to IP addresses. This is the job of DNS and WINS

Setting up DHCP on NT Server

  • Control Panel > Network > Services > Add > Select Microsoft DHCP > OK
  • (Give it the NT CD to read files)
  • OK to "Change any IP addresses on your NICs to static addresses
  • Close
  • Create Scope (multiple scopes can created to correspond with subnets)
  • Make reservations for machines which need fixed ip's (like pdc,bdc, mail and http servers)
  • DHCP Global Options
    Set up WINS
    044 WINS/NBNS Servers (192.168.10.2) - (NBNS - ??)
    046 WINS/NBT Node Type (0x8) - (NBT, or NetBT - NetBIOS atop TCP/IP)
  • DHCP Scope Options
    Set up local Gateway
    Router (IP Address for local Gateway)

Settings needed on the workstation

  • TCP/IP > Properties > IP Address > Obtain an IP Address Automatically
  • TCP/IP > Properties > WINS Configuration > Instead of static IP for WINS server, DHCP can provide the workstation with the IP address for its WIN server (Use DHCP for WINS checkbox).

How does it work? See Minasi, p.933.

Four steps in client getting an IP Address from a DHCP server:

  1. Client broadcasts DHCPDISCOVER (using UDP - User Datagram Protol - socketless connection because client doesn't yet have an IP address for a socket connection)
  2. Server(s) respond with DHCPOFFERS (IP Addresses and lease time)
  3. Client picks most appealing and broadcasts back a DHCPREQUEST to confirm
  4. Server sends a DCHPACK (ACK - acknowledgement)

Service Pack 4 makes at least 6 improvements to the DCHP service.

The DCHP database should be backed up so that if the DCHP machine buys the farm another one can be put up and running.

Domain Names and WINS (Windows Internet Naming Service)

Because IP addresses are not the easiest things to remember, and, indeed, because they may always be changing, we associate a word-like naming system with the actual IP addresses needed by the network protocols to create communications between computers and networks.

Name Resolution

Before WINS

  • HOSTS file
  • Broadcasts
  • LMHOSTS file (see Minasi, pp.948)

    DNS Server

    WINS (Windows Internet Naming Service)

    WINS is only recognized by MS software, so it works for resolution inside your network/intranet (Minasi, p. 939), but, contrary to its name, it does not work for addresses outside your network/intranet - on the Internet, for example. For that you need DNS.

    WINS provides name resolution for NetBIOS names in a routed environment, while DNS's job is provide name resolution for WinSock names in a routed environment. (Minasi p.939).

    See Minasi pp.938-955 for full discussion of WINS.

    Diagram of TCP/IP Protocol Suite

    See Andrews, p.944).

    Sockets

    Sockets relate to the OSI Application Layer.

    (See Diagram of TCP/IP Protocol Suite, Andrews p.944).

    Sockets are connections made between programs on one computer and those on another computer. They have three parts to them:

  • IP Address of the receiver
  • Port Number for the receiving program on the receiver
  • Whether it's a TCP or a UDP port

    UDP is a connectionless protocol, it is used to broadcast messages when no response is required. Example of an application for UDP is mapping network drives. Error correction is not done by UDP, it must be provided by the application using it.

    Error Correction

    Error correction maps to the OSI Transport Layer)

    (See Diagram of TCP/IP Protocol Suite, Andrews p.944).

    IP is a routing protocol, TCP is a connection protocol, which means that it is there to provide end-to-end integrity.

    TCP uses AKS's and NAK's to ensure that all packets are delivered and delivered in an undamaged state. It uses the IP's header checksum to determine if a packet is a good one.

    Address Resolution

    Address Resolution relates to the OSI Network Layer)

    (See Diagram of TCP/IP Protocol Suite, Andrews p.944).

    Abbreviation Protocol Purpose
    ARP Address Resolution Protocol Converts (logical) IP addresses into physical network addresses, i.e. MAC addresses.
    RARP Reverse Address Resolution Protocol Converts physical addresses (MAC) to (logical) IP addresses.

    DLC (Data Link Control)

    (Minasi, p.81)

    Often used by Token-Ring networks to make their PC workstations talk to mainframe gateways, many (but not all) of which require DLC.

    Also used to communicate with network printers. Eg. Use DLC to control a laser printer attached directly to the network with a JetDirect print server (network interface) card.

    Supported by NT.

    IPX/SPX (Internetwork Packet Exchange/Sequenced Packet Exchange)

    (Minasi, p.81)

    "The most popular local area network type in the world is Novell Netware". (Minasi, p.81)

    Supported by NT beginning with NT 4.(as part of the NetWare Compatible Services.

    Like TCP/IP, IPX is routable and enjoys widespread support, but TCP/IP provides Internet connectivity.

    Multiple transport stacks

    Loading more than one protocol at a time permits connecting with diverse servers (Novell/MS), mainframe gateways, and routers (internet mail).

    Example: the NT Network Stack:

    Networking API's


    NetBIOS Windows Sockets


    Transport Driver Interface (TDI)


    NetBEUI
    Streams Interface
    TCP/IP IPX/SPX


    NDIS Interface


    Network Board Driver


    Network Card


    (Sportack, Figure 21.10, p.380)

    Network Binding Interfaces

    Acronym Protocol Purpose Notes
    NDIS Network Driver Interface Specification Interfaces data-link layer to (Network) (Transport) layer Microsoft
    ODI Open Data-Link Interface Interfaces data-link layer to (Network) (Transport) layer Novell
    Most available
    Will not load high
    TDI Transport Driver Interface Makes API's such as Winsock and NetBios protocol independent  

    Bindings interface the NIC software driver with a network transport protocol.

    This way one driver can be written to the interface's standard and can then communicate with any higher-level transport protocol.

    Network APIs

    (Minasi, p.84)

    Application Programming Interface. Primitive commands which are used by programmers to access (network) operating system services. Examples:
    API Description
    NetBIOS Microsoft "native" network API. A set of 18 commands.
    TCP/IP Sockets The preferred API for working over the Internet. On PC's and in NT the standard used is called WinSock.
    Novell Sockets Novell's API



    Bruce Miller, 2002, 2014