lOMoARcPSD|32559332

Network Design And Management

 lOMoARcPSD|32559332

Networks Design and management Notes

A computer network, often simply referred to as a network, is a collection of

computers and devices interconnected by communications channels that facilitate
communications and allow sharing of resources and information among interconnected
devices.

Computer network design refers to the planning of the implementation of a computer

network infrastructure. Network design is generally performed by network designers,
engineers, IT administrators and other related staff. It is done before the implementation of
a network infrastructure.

The objective of network design is to satisfy data communication requirements while

minimizing expense. Requirement scope can vary widely from one network design
project to another based on geographic particularities and the nature of the data requiring
transport.

There are a number of details your network infrastructure design should show,
these include:

• A clear map of the network.

• The structure and layout of the cabling required.
• The quantity, type and location of all devices on the network.
• Your IP addressing structure.
• Details of your network security architecture and processes.

Five Things to Be Considered in Designing a Network.

Important things to consider include balancing security issues with the desire for easy
access to information; building redundancy into the network in anticipation of
breakdowns; and standardizing hardware and software to keep maintenance costs in
check.

Connectivity and Security

Network connectivity today means more than Ethernet cables and wireless access
points. People today are more connected while mobile than ever before and many of
them want access to company email and data while they are out of the office. Balancing
those needs while maintaining security is a challenge that needs to be addressed in the
design phase of any network.

This includes where data is stored, either in-house or offsite with cloud-based solutions,
what types of information should be accessible, who should be able to access it, and
which types of devices should be included. Firewalls and access servers need to be
secure without slowing down operations.
 lOMoARcPSD|32559332

Redundancy and Backing Up

Redundancy means having backup devices in place for any mission-critical components
in the network. Even small organizations should consider using two servers. Two
identical servers, for example, can be configured with fail-safes so that one will take
over if the other fails or requires maintenance. A good rule of thumb is to have
redundant components and services in place for any part of a network that cannot be
down for more than an hour.

If an organization hosts it own Web servers, or cannot be without Internet connectivity,

a second connection should be in place. Having an extra switch, wireless router, and a
spare laptop onsite is a good practice for ensuring that downtime is kept to a minimum.

Standardization of Hardware and Software

Standardization of the hardware and software used in a network is important for

ensuring the network runs smoothly. It also reduces costs associated with maintenance,
updates and repairs. Conducting a full audit of the current computer systems, software
and peripherals will help to determine which should be standardized.

A CEO or director may require special consideration, but if 90 percent of the employees
use the same notebooks, with the same word processing and email programs, a software
or hardware patch across the organization can be conducted much less expensively than
if everyone used a different computer model with different software installed on each.

Disaster Recovery Plan

A detailed disaster recovery plan should be a part of any network design. This includes,
but is not limited to, provisions for back-up power and what procedures should be
followed if the network or server crashes. It should also include when data is backed
up, how it is backed up and where copies of the data are stored. A comprehensive
disaster recovery plan includes office disasters, building disasters, and metropolitan-
wide disasters.

In most cases, important data should be backed up daily. Many organizations do a full
weekly backup, with daily incremental backups that copy any files that have been
modified since the last weekly backup. Backup files should be stored in a secure
location off-site in the event of a building disaster, such as a fire.

Future Growth of the Organization

While it is not always possible to anticipate how large an organization may be five
years in the future, some allowances for future growth must be built into the network
design. For example, Microsoft Small Business Server can be an excellent choice for
many small organizations. However, if your office already has sixty employees, Small
Business Server could soon be a wasted investment, as it has a limit of only 75 users.
 lOMoARcPSD|32559332

Network design should factor in at least 20 percent growth per year, including
everything from switch ports to data backup systems.

Analysis and Design Principles.

There are two common approaches to analyze and design networks:

The top-down approach:

The top-down design approach simplifies the design process by splitting the design tasks
to make it more focused on the design scope and performed in a more controlled manner,
which can ultimately help network designers to view network design solutions from a
business-driven approach.

The bottom-up approach:

In contrast, the bottom-up approach focuses on selecting network technologies and

design models first. This can impose a high potential for design failures, because the
network will not meet the business or applications’ requirements.

Network management and administration refers to the processes, tools and

applications used to administer, operate and maintain a network infrastructure.
Performance management and fault analysis are also included in network
management.

The International Organization for Standardization (ISO) network management model

defines five functional areas of network management.

• Fault Management—Detect, isolate, notify, and correct faults encountered in the

network.
• Performance Management—Monitor and measure various aspects of
performance so that overall performance can be maintained at an acceptable level.
• Security Management—Provide access to network devices and corporate
resources to authorized individuals.
• Accounting Management—Usage information of network resources.
• Configuration Management—Configuration aspects of network devices such as
configuration file management, inventory management, and software
management.
 lOMoARcPSD|32559332

Computer networking or Data communications (Datacom) is

the engineering discipline concerned with the computer networks. Computer
networking is sometimes considered a sub-discipline of electrical
engineering, telecommunications, computer science, information technology and/or
computer engineering since it relies heavily upon the theoretical and practical
application of these scientific and engineering disciplines.

Network Hardware

At least two computers (Server or Client workstation).

Networking Interface Card's (NIC)

Network Adapters
A network adapter, more commonly known as Network Interface Card (NIC), is an
expansion board that makes it possible to connect a PC to a network. Network
adapters are needed for Ethernet and Token Ring networks, but not for online services
which use modems to make the connection. The adapters in a network are connected
to each other by cable.
Network adapters are available in different types such as desktop adapters, mobile
adapters, server adapters, and handheld adapters.
Hub
• An unintelligent network device that sends one signal to all of the stations
connected to it.
• All computers/devices are competing for attention because it takes the data
that comes into a port and sends it out to all the other ports in the hub.
• Traditionally, hubs are used for star topology networks, but they are often used
with other configurations to make it easy to add and remove computers
without bringing down the network.
• Resides on Layer 1 of the OSI model
Switch
• Split large networks into small segments, decreasing the number of users
sharing the same network resources and bandwidth.
• Understands when two devices want to talk to each other, and gives them a
switched connection
• Helps prevent data collisions and reduces network congestion, increasing
network performance.
• Most home users get very little, if any, advantage from switches, even when
sharing a broadband connection.
• Resides on Layer 2 of the OSI model.
Bridge
• Connects two LANs and forwards or filters data packets between them.
• Creates an extended network in which any two workstations on the linked LANs
can share data.
• Transparent to protocols and to higher level devices like routers.
 lOMoARcPSD|32559332

• Forward data depending on the Hardware (MAC) address, not the Network
address (IP).
• Resides on Layer 2 of the OSI model.
Repeater
• Used to boost the signal between two cable segments or wireless access points.
• Can not connect different network architecture.
• Does not simply amplify the signal, it regenerates the packets and retimes them.
• Resides on Layer 1 of the OSI model.
Router
• A device that connects any number of LANs.
• Uses standardized protocols to move packets efficiently to their destination.
• More sophisticated than bridges, connecting networks of different types (for
example, star and token ring)
• Forwards data depending on the Network address (IP), not the Hardware
(MAC) address.
• Routers are the only one of these four devices that will allow you to share a
single IP address among multiple network clients.
• Resides on Layer 3 of the OSI model.
Additional Network Hardware Devices
Network Interface Cards (NICs)
1. Puts the data into packets and transmits packet onto the network.
2. May be wired or wireless.
Gateway
3. Connects networks with different protocols like TCP/IP network and
IPX/SPX networks.
4. Routers and Gateways often refer to the same device.
Proxy server
5. Isolates internal network computers from the internet.
6. The user first access the proxy server and the proxy server accesses the
internet and retrieves the requested web page or document. The user
then gets a copy of that page from the proxy server.
A connection medium, usually a wire or cable, although wireless communication
between networked computers and peripherals is also possible.
Coaxial Cable, Twisted pair,
Fiber-optic,
Atmosphere/Wireless –
Choose Media based on :
• Wiring configurations
• Distance and location limitations
• Speed
• Reliability
• Security
• Budget
Dialup over telephone line.
DSL (Digital Subscriber Line)
• High-speed (256 Kbps – 55 Mbps), Full-duplex.
 lOMoARcPSD|32559332

Connectors
• RJ-45 - Standard connectors used for unshielded twisted-pair cable.
• 

Network Softwares.

Operating Systems: In order to transmit signals across a network, it is necessary for

the computer to communicate with its modem or Network Interface Card.
Network Operating Systems (NOS) provide the protocols necessary to achieve this goal,
but each different type of modem or NIC needs to be able to communicate with the
particular NOS. It is therefore necessary to install the special software that comes with
the interface device. This software is often referred to as a driver. Computers made
today usually come with both the interface and necessary drivers installed.
Occasionally, you must install the modem or NIC yourself. It is necessary to install the
correct driver for that interface device. Failure to so install the driver means that the
device will be unable to communicate over the network or with the computer it is
installed in.
Network Operating Systems not only allow communication across a network, they also
allow a network administrator to organize resources, control access, and ensure that
the network is operating efficiently.
• Operating System – Unix, Windows, Linux, OSx, Solairs
–System Software
• Application Software – Used to perform specific tasks

Purpose

Computer networks can be used for a variety of purposes:

Facilitating communications. Using a network, people can communicate efficiently

and easily via email, instant messaging, chat rooms, telephone, video telephone calls,
and video conferencing.

Sharing hardware. In a networked environment, each computer on a network may

access and use hardware resources on the network, such as printing a document on a
shared network printer

Sharing files, data, and information. In a network environment, authorized user

may access data and information stored on other computers on the network. The
capability of providing access to data and information on shared storage devices is an
important feature of many networks.

Sharing software. Users connected to a network may run application programs on

remote computers.

Network Topology.
 lOMoARcPSD|32559332

The topology defines how network devices (computers, printers..etc) are connected
and how the data flows from one device to another. There are two conventions while
representing the topologies. The physical topology defines how the devices are
physically wired. The logical topology defines how the data flows from one device to
another.

Network Topology.

The topology defines how the devices (computers, printers etc) are connected and how
the data flows from one device to another. There are two conventions while
representing the topologies. The physical topology defines how the devices are
physically wired. The logical topology defines how the data flows from one device to
another.

Broadly categorized into,

Bus topology:

Bus Topology is the simplest of network topologies. In this type of topology, all the
nodes (computers as well as servers) are connected to the single cable (called bus), by
the help of interface connectors. This central cable is the backbone of the network and
is known as Bus (thus the name). Every workstation communicates with the other
device through this Bus.

A signal from the source is broadcasted and it travels to all workstations connected to
bus cable. Although the message is broadcasted but only the intended recipient, whose
MAC address or IP address matches, accepts it. If the MAC /IP address of machine
doesn’t match with the intended address, machine discards the signal.

A terminator is added at the ends of the central cable, to prevent bouncing of signals. A
barrel connector can be used to extend it. Below I have given a basic diagram of a bus
topology and then have discussed advantages and disadvantages of Bus Network
Topology

Advantages (benefits) Bus Topology

1) It is easy to set-up and extend bus network.

2) Cable length required for this topology is the least compared to other networks.
3) Bus topology costs very less.
4) Linear Bus network is mostly used in small networks. Good for LAN.

Disadvantages (Drawbacks) of Bus Topology

1) There is a limit on central cable length and number of nodes that can be connected.
2) Dependency on central cable in this topology has its disadvantages. If the main
 lOMoARcPSD|32559332

cable (i.e. bus ) encounters some problem, whole network breaks down.
3) Proper termination is required to dump signals. Use of terminators is a must.
4) It is difficult to detect and troubleshoot fault at individual station.
5) Maintenance costs can go higher with time.
6) Efficiency of Bus network reduces as the number of devices connected to it
increases.
7) It is not suitable for networks with heavy traffic.
8) Security is very low because all the computers receive the sent signal from the
source.

Ring Topology

Ring topology was in the beginning of LAN area. In a ring topology, each system is
connected to the next system.

Each device has a transceiver which behaves like a repeater which moves the signal
around the ring; ideal for token passing access methods. In this topology signal
degeneration is low; only the device that holds the token can transmit which reduces
collisions.

Advantages of Ring Topology

1) This type of network topology is very organized. Each node gets to send the data
when it receives an empty token. This helps to reduces chances of collision. Also in ring
topology all the traffic flows in only one direction at very high speed.
2) Even when the load on the network increases, its performance is better than that of
Bus topology.
3) There is no need for network server to control the connectivity between
workstations.
4) Additional components do not affect the performance of network.
5) Each computer has equal access to resources.

Disadvantages of Ring Topology

1) Each packet of data must pass through all the computers between source and
destination. This makes it slower than Star topology.
2) If one workstation or port goes down, the entire network gets affected.
3) Network is highly dependent on the wire which connects different components.
4) Network cards are expensive as compared to Ethernet cards and hubs.
 lOMoARcPSD|32559332

Star topology

In Star topology, all the components of network are connected to the central device
called “hub” which may be a hub, a router or a switch. Unlike Bus topology (discussed
earlier), where nodes were connected to central cable, here all the workstations are
connected to central device with a point-to-point connection. So it can be said that
every computer is indirectly connected to every other node by the help of “hub”.

All the data on the star topology passes through the central device before reaching the
intended destination. Hub acts as a junction to connect different nodes present in Star
Network, and at the same time it manages and controls whole of the network.
Depending on which central device is used, “hub” can act as repeater or signal booster.
Central device can also communicate with other hubs of different network. Unshielded
Twisted Pair (UTP) Ethernet cable is used to connect workstations to central node.

Advantages of Star Topology

1) As compared to Bus topology it gives far much better performance, signals don’t
necessarily get transmitted to all the workstations. A sent signal reaches the intended
destination after passing through no more than 3-4 devices and 2-3 links. Performance
of the network is dependent on the capacity of central hub.
2) Easy to connect new nodes or devices. In star topology new nodes can be added
easily without affecting rest of the network. Similarly components can also be removed
easily.
3) Centralized management. It helps in monitoring the network.
4) Failure of one node or link doesn’t affect the rest of network. At the same time its
easy to detect the failure and troubleshoot it.

Disadvantages of Star Topology

1) Too much dependency on central device has its own drawbacks. If it fails whole
network goes down.
2) The use of hub, a router or a switch as central device increases the overall cost of
the network.
3) Performance and as well number of nodes which can be added in such topology is
depended on capacity of central device.
Mesh topology.

A mesh physical topology is when every device on the network is connected to every
device on the network; most commonly used in WAN configurations Helps find the
quickest route on the network; provides redundancy. Very expensive and not easy to set
up.

Advantages of Mesh topology

1) Data can be transmitted from different devices simultaneously. This topology can
withstand high traffic.
 lOMoARcPSD|32559332

2) Even if one of the components fails there is always an alternative present. So data
transfer doesn’t get affected.
3) Expansion and modification in topology can be done without disrupting other
nodes.

Disadvantages of Mesh topology

1) There are high chances of redundancy in many of the network connections.

2) Overall cost of this network is way too high as compared to other network
topologies.
3) Set-up and maintenance of this topology is very difficult. Even administration of the
network is tough.

Hybrid topology

Hybrid, as the name suggests, is mixture of two different things. Similarly in this type of
topology we integrate two or more different topologies to form a resultant topology
which has good points(as well as weaknesses) of all the constituent basic topologies
rather than having characteristics of one specific topology. This combination of
topologies is done according to the requirements of the organization.

For example, if there exists a ring topology in one office department while a bus
topology in another department, connecting these two will result in Hybrid topology.
Remember connecting two similar topologies cannot be termed as Hybrid topology.
Star-Ring and Star-Bus networks are most common examples of hybrid network.

Advantages of Hybrid Network Topology

1) Reliable : Unlike other networks, fault detection and troubleshooting is easy in this
type of topology. The part in which fault is detected can be isolated from the rest of
network and required corrective measures can be taken, WITHOUT affecting the
functioning of rest of the network.
2) Scalable: Its easy to increase the size of network by adding new components,
without disturbing existing architecture.
3) Flexible: Hybrid Network can be designed according to the requirements of the
organization and by optimizing the available resources. Special care can be given to
nodes where traffic is high as well as where chances of fault are high.
4) Effective: Hybrid topology is the combination of two or more topologies, so we can
design it in such a way that strengths of constituent topologies are maximized while
there weaknesses are neutralized. For example we saw Ring Topology has good data
reliability (achieved by use of tokens) and Star topology has high tolerance capability
(as each node is not directly connected to other but through central device), so these
two can be used effectively in hybrid star-ring topology.
 lOMoARcPSD|32559332

Disadvantages of Hybrid Topology

1) Complexity of Design: One of the biggest drawback of hybrid topology is its

design. Its not easy to design this type of architecture and its a tough job for
designers. Configuration and installation process needs to be very efficient.
2) Costly Hub: The hubs used to connect two distinct networks, are very expensive.
These hubs are different from usual hubs as they need to be intelligent enough to
work with different architectures and should be function even if a part of network
is down.
3) Costly Infrastructure: As hybrid architectures are usually larger in scale, they
require a lot of cables, cooling systems, sophisticate network devices, etc.

Types of Networks:

LANs (Local Area Networks)

LAN network is any collection of independent computers that communicate with one
another over a shared network medium. LANs are networks usually confined to a
geographic area, such as a single building or a college campus. LANs can be small,
linking as few as three computers, but often link hundreds of computers used by
thousands of people. The development of standard networking protocols and media
has resulted in worldwide proliferation of LANs throughout business and educational
organizations.

WANs (Wide Area Networks)

Wide area networking combines multiple LANs that are geographically separate. This
is accomplished by connecting the different LANs using services such as dedicated
leased phone lines, dial-up phone lines (both synchronous and asynchronous), satellite
links, and data packet carrier services. Wide area networking can be as simple as a
modem and remote access server for employees to dial into, or it can be as complex as
hundreds of branch offices globally linked using special routing protocols and filters to
minimize the expense of sending data sent over vast distances.

Internet

The Internet is a system of linked networks that are worldwide in scope and facilitate
data communication services such as remote login, file transfer, electronic mail, the
World Wide Web and newsgroups.
 lOMoARcPSD|32559332

With the meteoric rise in demand for connectivity, the Internet has become a
communications highway for millions of users. The Internet was initially restricted to
military and academic institutions, but now it is a full-fledged conduit for any and all
forms of information and commerce. Internet websites now provide personal,
educational, political and economic resources to every corner of the planet.

Intranet

With the advancements made in browser-based software for the Internet, many
private organizations are implementing intranets. An intranet is a private network
utilizing Internet-type tools, but available only within that organization. For large
organizations, an intranet provides an easy access mode to corporate information for
employees.

MAN (Metropolitan area Networks)

The refers to a network of computers within a City.

VPN (Virtual Private Network)

VPN uses a technique known as tunneling to transfer data securely on the Internet to a
remote access server on your workplace network. Using a VPN helps you save money
by using the public Internet instead of making long–distance phone calls to connect
securely with your private network. There are two ways to create a VPN connection, by
dialing an Internet service provider (ISP), or connecting directly to Internet.

Transmission Control Protocol/Internet Protocol

When computers communicate with one another, certain rules, or protocols, allow
them to transmit and receive data in an orderly fashion. Throughout the world, one of
the most routinely used sets of protocols is the Transmission Control
Protocol/Internet Protocol (TCP/IP). (Much of Europe, however, uses
the X.25 protocol.) Some common functions for using TCP/IP are electronic mail,
computer-to-computer file transfer, and remote login.

TCP/IP is a suite of protocols that specify communications standards between

computers and detail conventions for routing and interconnecting networks. It is used
extensively on the Internet and consequently allows research institutions, colleges and
universities, government, and industry to communicate with each other.

TCP/IP allows communication between a number of computers (called hosts)

connected on a network. Each network can be connected to another network to
communicate with hosts on that network. Although there are many types of network
 lOMoARcPSD|32559332

technologies, many of which operate with packet-switching and stream

transport, TCP/IP offers one major advantage: hardware independence.

Because Internet protocols define the unit of transmission and specify how to send
it, TCP/IP can hide the details of network hardware, allowing many types of network
technologies to connect and exchange information. Internet addresses allow any
machine on the network to communicate with any other machine on the
network. TCP/IP also provides standards for many of the communications services
that users need.

TCP/IP provides facilities that make the computer system an Internet host, which can
attach to a network and communicate with other Internet hosts. TCP/IP includes
commands and facilities that allow you to:
• Transfer files between systems
• Log in to remote systems
• Run commands on remote systems
• Print files on remote systems
• Send electronic mail to remote users
• Converse interactively with remote users
• Manage a network
Note: TCP/IP provides basic network management capability. The Simple Network
Management Protocol (SNMP) provides more network management commands and
functions.

Network Architecture.

A network architecture is a blueprint of the complete computer communication

network, which provides a framework and technology foundation for designing,
building and managing a communication network. It typically has a layered structure.
Layering is a modern network design principle, which divides the communication tasks
into a number of smaller parts, each part accomplishing a particular sub-task and
 lOMoARcPSD|32559332

interacting with the other parts in a small number of well-defined ways. Layering
allows the parts of a communication to be designed and tested without a
combinatorial explosion of cases, keeping each design relatively simple.

Open Systems Interconnection ( OSI ) Model.

The OSI model divides the complex task of computer-to-computer communications,

traditionally called internetworking, into a series of stages known as layers. Layers in
the OSI model are ordered from lowest level to highest. Together, these layers
comprise the OSI stack. The stack contains seven layers in two groups:

The Open Systems Interconnection model (OSI model) is a product of the Open Systems
Interconnection effort at the International Organization for Standardization. It is a
way of sub-dividing a communications system into smaller parts called layers.

A layer is a collection of similar functions that provide services to the layer above it
and receives services from the layer below it. On each layer, an instance provides
services to the instances at the layer above and requests service from the layer below.

Types of Layers

Physical Layer

The Physical Layer defines the electrical and physical specifications for devices. In
particular, it defines the relationship between a device and a transmission medium,
such as a copper or optical cable. This includes the layout of pins, voltages, cable
specifications, hubs, repeaters, network adapters, host bus adapters (HBA used in
storage area networks) and more. Its main task is the transmission of a stream of bits
over a communication channel.

Data Linking Layer

The Data Link Layer provides the functional and procedural means to transfer data
between network entities and to detect and possibly correct errors that may occur in
the Physical Layer. Originally, this layer was intended for point-to-point and point-to-
multipoint media, characteristic of wide area media in the telephone system. Local
area network architecture, which included broadcast-capable multiaccess media, was
developed independently of the ISO work in IEEE Project 802. IEEE work assumed
sublayering and management functions not required for WAN use. In modern practice,
only error detection, not flow control using sliding window, is present in data link
protocols such as Point-to-Point Protocol (PPP), and, on local area networks, the IEEE
 lOMoARcPSD|32559332

802.2 LLC layer is not used for most protocols on the Ethernet, and on other local area
networks, its flow control and acknowledgment mechanisms are rarely used. Sliding-
window flow control and acknowledgment is used at the Transport Layer by protocols
such as TCP, but is still used in niches where X.25 offers performance advantages.
Simply, its main job is to create and recognize the frame boundary. This can be done by
attaching special bit patterns to the beginning and the end of the frame. The input
data is broken up into frames.

Network Layer

The Network Layer provides the functional and procedural means of transferring
variable length data sequences from a source host on one network to a destination
host on a different network, while maintaining the quality of service requested by the
Transport Layer (in contrast to the data link layer which connects hosts within the
same network). The Network Layer performs network routing functions, and might
also perform fragmentation and reassembly, and report delivery errors. Routers
operate at this layer—sending data throughout the extended network and making the
Internet possible. This is a logical addressing scheme – values are chosen by the
network engineer. The addressing scheme is not hierarchical. It controls the operation
of the subnet and determine the routing strategies between IMP and insures that all
the packs are correctly received at the destination in the proper order.

Transport Layer

The Transport Layer provides transparent transfer of data between end users,
providing reliable data transfer services to the upper layers. The Transport Layer
controls the reliability of a given link through flow control,
segmentation/desegmentation, and error control. Some protocols are state and
connection oriented. This means that the Transport Layer can keep track of the
segments and retransmit those that fail. The Transport layer also provides the
acknowledgement of the successful data transmission and sends the next data if no
errors occurred. Some Transport Layer protocols, for example TCP, but not UDP,
support virtual circuits provideconnection oriented communication over an underlying
packet oriented datagram network .Where it assures the delivery of packets in the
order in which they were sent and assure that they are free of errors
.The datagram transportation deliver the packets randomly and broadcast it to
multiple nodes. Notes: The transport layer multiplexes several streams on to 1 physical
channel.The transport headers tells which message belongs to which connnection.

The Session Layer

This Layer provide a user interface to the network where the user negotiate to
establish a connection ,the user must provide the remote address in which he want to
contact. The operation of setting up a session between 2 process is called "Binding" in
some protocols it is merged with the transport layer.
 lOMoARcPSD|32559332

Presentation Layer

The Presentation Layer establishes context between Application Layer entities, in

which the higher-layer entities may use different syntax and semantics if the
presentation service provides a mapping between them. If a mapping is available,
presentation service data units are encapsulated into session protocol data units, and
passed down the stack.This layer provides independence from data representation
(e.g., encryption) by translating between application and network formats. The
presentation layer transforms data into the form that the application accepts. This
layer formats and encrypts data to be sent across a network. It is sometimes called the
syntax layer.[citation needed]The original presentation structure used the basic
encoding rules of Abstract Syntax Notation One (ASN.1), with capabilities such as
converting an EBCDIC-coded text file to an ASCII-coded file, or serialization of objects
and other data structures from and to XML.

Application Layer

The Application Layer is the OSI layer closest to the end user, which means that both
the OSI application layer and the user interact directly with the software application.
This layer interacts with software applications that implement a communicating
component. Such application programs fall outside the scope of the OSI model.
Application layer functions typically include identifying communication partners,
determining resource availability, and synchronizing communication. When
identifying communication partners, the application layer determines the identity and
availability of communication partners for an application with data to transmit.

TCP/IP Protocol Architecture

Network Interface Layer

The Network Interface layer (also called the Network Access layer) is responsible for
placing TCP/IP packets on the network medium and receiving TCP/IP packets off the
network medium. TCP/IP was designed to be independent of the network access
method, frame format, and medium. In this way, TCP/IP can be used to connect
differing network types. These include LAN technologies such as Ethernet and Token
Ring and WAN technologies such as X.25 and Frame Relay. Independence from any
specific network technology gives TCP/IP the ability to be adapted to new technologies
such as Asynchronous Transfer Mode (ATM).

The Network Interface layer encompasses the Data Link and Physical layers of the OSI
model. Note that the Internet layer does not take advantage of sequencing and
 lOMoARcPSD|32559332

acknowledgment services that might be present in the Data-Link layer. An unreliable

Network Interface layer is assumed, and reliable communications through session
establishment and the sequencing and acknowledgment of packets is the responsibility
of the Transport layer.

Internet Layer
The Internet layer is responsible for addressing, packaging, and routing functions. The
core protocols of the Internet layer are IP, ARP, ICMP, and IGMP.
• The Internet Protocol (IP) is a routable protocol responsible for IP addressing,
routing, and the fragmentation and reassembly of packets.
• The Address Resolution Protocol (ARP) is responsible for the resolution of the
Internet layer address to the Network Interface layer address such as a
hardware address.
• The Internet Control Message Protocol (ICMP) is responsible for providing
diagnostic functions and reporting errors due to the unsuccessful delivery of IP
packets.
• The Internet Group Management Protocol (IGMP) is responsible for the
management of IP multicast groups.

The Internet layer is analogous to the Network layer of the OSI model.

Transport Layer
The Transport layer (also known as the Host-to-Host Transport layer) is responsible
for providing the Application layer with session and datagram communication
services. The core protocols of the Transport layer are Transmission Control
Protocol (TCP) and the User Datagram Protocol (UDP).
• TCP provides a one-to-one, connection-oriented, reliable communications
service. TCP is responsible for the establishment of a TCP connection, the
sequencing and acknowledgment of packets sent, and the recovery of packets
lost during transmission.
• UDP provides a one-to-one or one-to-many, connectionless, unreliable
communications service. UDP is used when the amount of data to be
transferred is small (such as the data that would fit into a single packet), when
the overhead of establishing a TCP connection is not desired or when the
applications or upper layer protocols provide reliable delivery.
 lOMoARcPSD|32559332

The Transport layer encompasses the responsibilities of the OSI Transport layer and
some of the responsibilities of the OSI Session layer.

Application Layer
The Application layer provides applications the ability to access the services of the
other layers and defines the protocols that applications use to exchange data. There
are many Application layer protocols and new protocols are always being developed.

The most widely-known Application layer protocols are those used for the exchange of
user information:
• The Hypertext Transfer Protocol (HTTP) is used to transfer files that make up
the Web pages of the World Wide Web.
• The File Transfer Protocol (FTP) is used for interactive file transfer.
• The Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail
messages and attachments.
• Telnet, a terminal emulation protocol, is used for logging on remotely to
network hosts.

Additionally, the following Application layer protocols help facilitate the use and
management of TCP/IP networks:
• The Domain Name System (DNS) is used to resolve a host name to an IP
address.
• The Routing Information Protocol (RIP) is a routing protocol that routers use to
exchange routing information on an IP internetwork.
• The Simple Network Management Protocol (SNMP) is used between a network
management console and network devices (routers, bridges, intelligent hubs) to
collect and exchange network management information.

Examples of Application layer interfaces for TCP/IP applications are Windows Sockets
and NetBIOS. Windows Sockets provides a standard application programming
interface (API) under Windows 2000. NetBIOS is an industry standard interface for
accessing protocol services such as sessions, datagrams, and name resolution. More
information on Windows Sockets and NetBIOS is provided later in this chapter.

OSI Layers Vs TCP/IP Architecture

 lOMoARcPSD|32559332

Local Area Network (LAN).

LAN network is any collection of independent computers that communicate with one
another over a shared network medium.

LAN is used to interconnect computers in a single room, rooms within a building or

buildings on one site a. LAN transmits data with a speed of several megabits per
second (106 bits per second). The transmission medium is normally coaxial cables.

LAN links computers, i.e., software and hardware, in the same area for the purpose of
sharing information. Usually LAN links computers within a limited geographical area
because they must be connected by a cable, which is quite expensive. People working in
LAN get more capabilities in data processing, work processing and other information
exchange compared to stand-alone computers. Because of this information exchange
most of the business and government organisations are using LAN.

LAN Hardware.

The hardware part of the network consist of,

• Workstation
• File server

Gateways

• Hubs/Switches
 lOMoARcPSD|32559332

• Cables

• Network interface cards ( LAN card, Ethernet card .. )

Components of LAN

• Workstation -A powerful, single-user computer. A workstation is like a

personal computer, but it has a more powerful microprocessor and a higher
quality monitor. A typical workstation has a graphic terminal, central
processor, digitizer, graphics tablet (optional), and a mouse. The term
"workstation" is the computer at which an office worker stations himself. In
some circles, the term "workstation" is reserved for a PC that is connected to a
network server. Because the server is often also a PC, the term "PC" doesn’t
distinguish the two machines from one another. Consequently, people often
refer to a PC that functions as a network node as a workstation, and the
machine linking the workstations together is the server. (The term "node" can’t
substitute for workstation because devices other than PCs can also be nodes).
• The other application of the term "workstation" refers to powerful, specialized
computers still meant to be worked upon by a single individual. For instance, a
graphic workstation typically is a powerful computer designed to manipulate
technical drawings or video images at high speed. Although this sort of
workstation has all the characteristics of a PC, engineers distinguish these
machines with the workstation term because the machines do not use the Intel-
based microprocessor architecture typical of PCs.

• File Server-A file server is a computer responsible for the central storage and
management of data files so that other computers on the same network can
access the files. A file server allows users to share information over a network
without having to physically transfer files by floppy diskette or some other
external storage device.
• FTP Servers -File Transfer Protocol makes it possible to move one or more files
securely between computers while providing file security and organization as
well as transfer control.

• Mail Servers-Mail servers move and store mail over corporate networks (via
LANs and WANs )and across the Internet.

• Proxy Servers-Proxy servers sit between a client program (typically a Web

browser) and an external server (typically another server on the Web) to filter
requests, improve performance, and share connections.
 lOMoARcPSD|32559332

• Telnet Servers-A Telnet server enables users to log on to a host computer and
perform tasks as if they're working on the remote computer itself.

• Web Servers-At its core, a Web server serves static content to a Web browser
by loading a file from a disk and serving it across the network to a user's Web
browser. The browser and server talking to each other using HTTP.

• Gateways-The Internet is the collection of heterogeneous computers with

different hardware and software platforms. Without gateways computers will
never be able to understand and communicate with each other. Essentially,
gateways perform protocol translation between networks. Gateways are
generally designed and used for LAN-WAN connections and not for inter LAN
communications. Gateways function is to do any necessary conversion of
protocols between networks. Gateways are customized and designed to
perform a specific function and are used on a case-by-case basis. Gateways may
do anything from converting protocols to converting application data.
Gateways make a connection between two totally different networks
• Transform the packet format

• Transform the address format

• Transform the protocol

• Network interface cards -Network interface cards (NIC), also called network
cards and network adapters include a cable socket allowing computers to be
connected to the network. All NICs have a unique address (sometimes called a
MAC address), placed in them by their manufacturer. Before sending data onto
the network, the network card also organizes data into frames and then sends
them out on the network. Notebook computers often use NICs that are plugged
into the PCMCIA port. Wireless LAN adapters are needed for WLANs.

• Hubs/Switches -Hubs acts as junction boxes, linking cables from several

computers on a network. Hubs are usually sold with 4, 8, 16 or 24 ports. Some
hubs allow connection of more than one kind of cabling, such as UTP and coax.
Hubs also repeat (reconstruct and strengthen) incoming signals. This is
important since all signals become weaker with distance. The maximum LAN
segment distance for a cable can therefore be extended using hubs.

• LAN Cables -One of the biggest problems faced by network system designers is
keeping radiation and interference under control. All wires act as antenna,
sending and receiving signals. As frequencies increase and wire lengths
increase, the radiation increases. The pressure is on network designers to
increase both the speed (with higher frequencies) and reach of networks (with
longer cables) to keep up with the increasing demands of industry.
 lOMoARcPSD|32559332

Major Characteristics of LAN

• Every computer has the potential to communicate with any other computers in
the network.
• High degree of interconnection between computers.

• Easy physical connection of computers in a network.

• Inexpensive medium of data transmission.

• High data transmission rate.

Advantages

• The reliability of network is high because the failure of one computer in the
network does not effect the functioning for other computers.
• Addition of new computer to network is easy.

• High rate of data transmission is possible.

• Peripheral devices like magnetic disk and printer can be shared by other
computers.

Disadvantages

• If the communication line fails, the entire network system breaks down.

Use of LAN

Followings are the major areas where LAN is normally used

• File transfers and Access
• Word and text processing

• Electronic message handling

• Remote database access

• Personal computing

• Digital voice transmission and storage

 lOMoARcPSD|32559332

Wide Area Network (WAN).

The term Wide Area Network (WAN) is used to describe a computer network spanning
a regional, national or global area. For example, for a large company the head
quarters might be at Nairobi and regional branches at mombasa, Nakuru, New york
and Calcutta. Here regional centers are connected to head quarters through WAN. The
distance between computers connected to WAN is larger. Therefore the transmission
medium used are normally telephone lines, microwaves and satellite links.

Characteristics of WAN

• Communication Facility: For a big company spanning over different parts of

the country the employees can save long distance phone calls and it overcomes
the time lag in overseas communications. Computer conferencing is another use
of WAN where users communicate with each other through their computer
system located in other cities. For example, suppose you are sitting at Nairobi
and want to see some data of a computer located in New York, you can do it
through WAN.
• Centralised Information: In modern computerised environment you will find
that big organisations go for centralised data storage. This means if the
organisation is spread over many cities, they keep their important business
data in a single place. As the data are generated at different sites, WAN permits
collection of this data from different sites and save at a single site.

Examples of WAN

• Ethernet: Ethernet developed by Xerox Corporation is a famous example of

WAN. This network uses coaxial cables for data transmission. Special integrated
circuit chips called controllers are used to connect equipment to the cable.
• Aparnet: The Aparnet is another example of WAN. It was developed at
Advanced Research Projects Agency of a U. S. Department. This Network
connects more than 40 universities and institutions throughout USA and
Europe.

Remote Data Entry: Remote data entry is possible in WAN. It means sitting at any
location you can enter data, update data and query other information of any computer
attached to the WAN but Difference between LAN and WAN

• LAN is restricted to limited geographical area of few kilometers. But WAN

covers great distance and operate nationwide or even worldwide.
• In LAN, the computer terminals and peripheral devices are connected with
wires and coaxial cables. In WAN there is no physical connection.
Communication is done through telephone lines and satellite links.
 lOMoARcPSD|32559332

• Cost of data transmission in LAN is less because the transmission medium is

owned by a single organization. In case of WAN the cost of data transmission is
very high because the transmission medium used are hired, either telephone
lines or satellite links.

• The speed of data transmission is much higher in LAN than in WAN. The
transmission speed in LAN varies from 0.1 to 100 megabits per second. In case
of WAN the speed ranges from 1800 to 9600 bits per second (bps).

• Few data transmission errors occur in LAN compared to WAN. It is because in

LAN the distance covered is negligible.

Network Design: An organizational network requires many types of design, each

focusing on a specific characteristic of the network. For example, one design can
detail network traffic flows, while another illustrates the physical location of each
network device.
Functional Design Process
• Functional design is also referred to as top-down design. In this process, the
network designer begins with an assessment of the types of users and
applications likely to be supported by the proposed network.
• Other factors, including the proposed network operating system (NOS) and the
expected volume of data to be generated by users, are also evaluated.
• Upon analysis of the information gathered, the designer can generate
preliminary requirements for network processing and storage, expected traffic
patterns and levels, and the administrative infrastructure,

Physical Design Process

• Physical design is also referred to as bottom-up design. In this process, the
network designer begins with an assessment of the site(s) where the proposed
network is to be deployed. Details such as the physical characteristics of the
premises, security requirements, and expected distances between network
devices are assessed.
• Upon analysis of the information gathered, appropriate selections can be made
for the types of network connectivity and products required at the site(s).
• NOTE: The physical design process is used in cases where detailed network
characteristics are not available (e.g., new multi-tenant commercial buildings).

Setting Up a Simple LAN

Imagine that an ISP has just set up an Internet connection for your telecentre. What’s
next? Probably the telecentre manager will want to set up a simple LAN and then use it
to connect the computers to the Internet. This is can be done simply, as explained
 lOMoARcPSD|32559332

below, and does not need to involve a server computer since the router can direct
Internet traffic.
The telecentre manager will need to determine in advance whether to make the
network wired, wireless or a combination of the two. Wireless networks are simpler to
set up but more attention needs to be paid to security with wireless networks. In
addition, not all desktop computers come with wireless adapters.
Imagine that a broadband Internet connection has just been installed at your
telecentre. Here are the steps for setting up a small LAN to connect computers to the
Internet.
Step 1: Install a router. This is as simple as plugging it into an electrical outlet, and
then using a CAT-5 cable to connect it to the Internet source. The Internet source will
vary with the type of connection. For a WiMax connection, for example, you might be
connecting directly to an antenna or to a modem connected to the antenna.
Step 2: Connect wired computers to the router. If the router has enough ports on the
back for all of the computers on your network, you can attach them directly using CAT-
5 cable. The router will act as the center of a star network. If the router does not have
enough ports, move on to step 3. You may also need to install the software that came
with the router onto one of the networked computers and use it to complete the initial
setup for the router.
Step 3: Connect a switch to the router. This should be done if the router does not have
enough ports for all the computers on your network, or if a group of computers is in
another room. The switch connects to one of the ports in the router via a CAT-5 cable,
and also will require an electrical outlet. Computers then connect to the switch,
forming a star network.
Step 4: Connect wireless computers to the router. If you have a wireless router and
computers with wireless adapters, connect each computer individually to the router by
using the tools in their operating systems for network connections (for Windows
computers these can be found in the control panel). If the router (or the switch) is not
wireless or if wireless access is needed in a different location, move on to step 5.
Step 5: Connect a wireless access point to the router. If additional wireless access is
needed, scout out the best location for this access (so that as many computers as
possible are in range). Then connect the wireless access point to one of the ports in the
router via a CAT-5 cable.
Working with CAT-5 Cable
In the above section for setting up a simple LAN, CAT-5 (or the faster CAT-5e) cable
plays a major role. It is needed to make connections to and from the router as well as
any switches, wireless access points and wired computers in the LAN. While CAT-5e
patch cables in various lengths can be purchased, it will be more economical for a
telecentre manager to buy a spool of CAT-5 cable and cut it into patch cables of the
desired length. The telecentre manager will need to attach RJ-45 connectors to each
end of the cables cut (a process called terminating). A crimping tool is required for this
procedure. It is important to note that CAT-5 cables should not be more than 100
meters in length, or the signals they carry become degraded. In addition, a telecentre
manager should be aware that after repeated handling some cables or RJ-45
connectors will fail. The tip box here shows the steps for terminating a CAT-5 cable.
Tips for Terminating a Cable
 lOMoARcPSD|32559332

1. Take a segment of CAT-5 (or CAT-5e) cable and cut it to the desired length. If you
aren’t sure the length you need – always err on the side of extra length. You can
shorten a cable later but you can’t make it longer again!
2. Gently cut around the outer plastic covering of the wire, 1.2 cm from one end of the
wire. You can use the cutting blade on the crimping tool to do this (see Figure 2). Make
sure, however that you do not cut the plastic coating on the inner wires. Strip away the
end section of the outer plastic cover and inspect the inner wires to make sure they are
in good condition. If they are not, cut off the damaged section of cable and start over.
3. Spread out the individual wires and order them according to colors as shown below
(from left to right): White/Orange, Orange, White/Green, Blue, White/Blue, Green,
White/Brown, Brown
4. Once the wires are properly aligned, keep them neatly aligned and close together
while you cut off the uneven ends of the wires using the cutting blade on the crimping
tool (see Figure 3).
5. While keeping the wires properly aligned, insert them into an RJ-45 connector. There
are 8 small canals in the connector and one wire will fit into each canal. Make sure
that wires are aligned with the white/orange wire on the left and the golden pins of
the RJ-45 connector on top. The plastic tab will be on the bottom.
6. Insert the assembled connector into the crimping tool (there is only one way it fits)
and then press down firmly. This causes the pins to be pushed into the wires, making
electrical connections.
7. Repeat steps 2 - 6 on the other end of the cable.
8. Test the cable. The easiest way to do this is to use it to connect a computer to the
Internet. Use it to replace a cable in a set-up that you know works perfectly.
Working with IP Addresses
For most telecentre managers, the simple network set up should be ‘plug and play’. This
means that after the telecentre manager completes the physical set up, the network
works automatically. The most important factor that allows this to happen is that the
router acts as a DHCP server. This means that the router assigns IP addresses to the
computers on the network, thus allowing these computers to share information
amongst themselves and with other computers on the Internet.
In most cases the IP addresses that the router assigns will be dynamic, which means
that they change after some time. The router leases out a particular IP address for a
specific period of time, often 24 hours. Since there are a limited number of IP addresses
available for the router to use, this system prevents the IP addresses from being used
up by computers that are not often on the network. The telecentre manager can view
the IP address for a computer using a variety of methods, described in the tip box here.
Note that IP addresses for computers on a LAN will always begin with 192.168. This is
the range of addresses allotted for use on private networks. When a computer on the
LAN sends information out to the internet, it passes through a firewall (usually part of
the router) and the firewall attaches a different (public) IP address to that
information.
Tips for Finding a Computer’s IP Address
Several methods are shown below. Which you choose depends on your computer’s
operating system.
 lOMoARcPSD|32559332

Method A: On a Windows computer, choose Start → Control Panel → Network and

Internet. On a Windows XP computer then choose Network Connections and double
click on the active Internet connection shown. On a Windows Vista computer then
choose Network and Sharing Center and click view status on the active Internet
connection shown. Then click on Details to see the IP address.
Method B: Open up the Command Prompt window on your computer. Command
Prompt is a way of entering in commands directly (not through the typical graphic
interface). On a Windows computer the command prompt line can be found in Start →
All Programs → Accessories → Command Prompt. In the Command Prompt window
enter the text “ipconfig/all”.
Method C: On an Ubuntu or Linux computer, open the Command Line by holding down
the Ctrl and Alt keys while pressing down the F1 key. Then enter your username and
password if prompted to do so. You can also access the Command Line by selecting
Applications → Accessories → Terminal. Then enter in the text “ifconfig”.
Setting Up a Network or Shared Printer
As mentioned previously, one advantage of having a LAN is to allow for shared
printers. Buying and networking a single printer for shared use is much more cost
effective than buying printers for each computer (or requiring users to transfer
documents to the computer with the attached printer). It is also more efficient than
having a single non-networked printer and requiring all users to bring their
documents (via flash drive, disk or email) to the attached computer.
Equipment. There are several equipment options for setting up a networked printer.
The simplest of these is to buy a network printer. Network printers are available in
both wired and wireless models. The wired network printer would be connected via
CAT-5 cable to the router or switch. If a network printer is not available or affordable,
a second option is to purchase a print server. This small device attaches to a printer
and then attaches to the network as above. Print servers are available in both wired
and wireless models. Before purchasing a print server, a telecentre manager should
make sure that it has ports (such as USB or parallel) that are compatible with the
existing printer. A third option for networking a printer is to attach a printer to a com-
puter that is attached to the network. This computer then can share that printer on the
network and manage the print queue for that printer. The methods for sharing a
printer and printing to a shared printer depend on the computer operating system in
use. Information can be found by searching a computer’s help file for ‘share printer’.
Communication. Once a computer has been attached to the LAN (via the first or second
options above), it should automatically be assigned an IP address by the router. With
this IP address, a computer user can print directly to the printer from any computer on
the LAN. Before printing the first time, each computer will need to add the printer to its
list of available printers. For Windows computers this can be done through the “Add a
Printer” wizard. This tool can be found through Start → Control Panel → Hardware and
Sound (or Printers and Other Hardware) → Printers. In most cases, this wizard will
help the user find the printer through browsing. If the printer is not automatically
found, however, the user may need to enter the IP address for the printer. If this is
necessary, the IP address can be found by printing a configuration page at the printer.
Troubleshooting a Network Failure
 lOMoARcPSD|32559332

One of the more frustrating experiences for a telecentre user is to get set up to check
email or search for information on the Internet, only to discover that there is no
Internet service. Network failures like this can be external (due to a problem with the
ISP or the connection to the ISP) or internal (due to a problem with the LAN). A user
can also experience network problems that are due to hardware or software issues
with an individual computer. Once it is determined whether the problem is with a
particular computer (can other users reach the network?) or network-wide, then
troubleshooting can begin.
Failures with a Particular Computer
If a particular computer cannot connect to a LAN or the Internet when other
computers in the same area can, the first step is to determine if the specific location is
the cause of the problem. For example, if the computer is connecting wirelessly – is the
signal particularly weak there? Moving the computer to a different location where
another computer connected successfully would test this theory.
If connected by cables, the telecentre manager could try swapping patch cables with
one that is known to work. Once a problem with the patch cable has been eliminated,
the next step would be to swap the troubled computer with one that connected
successfully in another location. If the new computer cannot connect in this location,
then the problem could be with connectors, switches or router ports that the computer
work station ultimately connects to. If the swapped computer can connect, however,
the telecentre manager has determined that the problem is with the individual
computer and not with the location.
Tips for Troubleshooting a Computer that Won’t Connect to a Network
1. If the operating system has network diagnostic tools, run these to see if the computer
can fix the problem itself. For a Windows computer, follow the steps in the tip box
above (Method A) to view a network connection and then click on the ‘Diagnose’ box.
Also notice whether or not the computer is sending or receiving any packets from the
network. If the network diagram shows some packets being received gradually, then
the connection is just working slowly.
2. Try getting a new IP address. For a Windows computer go to the command prompt
line and type and Enter ‘ipconfig/release’ and then ‘ipconfig/renew’.
3. Restart the computer. This often will fix temporary problems with hardware or
software.
4. Use the Device Manager, which can found on many Windows computers (for
Windows XP go to Start → Control Panel → System → Device Manager). If a network
device has a (hardware) problem, a warning symbol will be displayed next to it, and
double clicking on that device would give details and suggested remedies for the
problem.
Failures with an Entire Network
In some situations, no computer on a LAN can access either the local intranet or the
Internet. In these cases, it is helpful to try and distinguish between the two problems.
For a Windows computer, the Network Connections or Network and Sharing Center
(see the tip box) shows the status of a connection, including whether it is local only or
local and Internet. The lights on the front of a router can also be used to indicate
whether or not it is connected to the Internet. Another useful diagnostic tool is to use a
computer on the LAN to ping various devices on the LAN and see which ones can be
 lOMoARcPSD|32559332

reached. Pinging means sending a packet of information and requesting a packet in

reply. The tip box here describes how to ping.
Tips for Pinging Networked Devices
Pinging is the process of sending a packet of information over a network and
requesting a reply. The main requirement for pinging is that you know the IP address
(or web address) of the device you are going to ping. Below are the steps to take when
using pinging as a part of troubleshooting.
1. Open up the Command Prompt (or Command Line for Ubuntu) window on your
computer.
2. To ping any device from a Windows computer you type “ping” then a space then the
IP address for that device. For computers with the Ubuntu operating system, you type
“ping -c 4” then a space then the IP address for that device. The standard address
(127.0.0.1) is used for a computer to refer to itself. So you would type “ping 127.0.0.1”
or “ping –c 4 127.0.0.1” to ping your own computer. Once you enter the command, the
computer will send packets and report on whether replies were received and how much
time elapsed.
3. Next try to ping the router for your LAN using the procedure above. Usually the IP
address for a router is 192.168.0.1. If this is not correct, check your router’s user’s
manual.
4. Next try to ping the server computer or another computer on the LAN. Use the tip
box in section 3.1.3 to find the IP addresses for these computers.
5. Finally try to ping an external website. You can use the IP address for that website if
you know it, or just enter the web address. For example: “ping www.google.com” or
“ping –c 4 www.google.com”.
Once it has been determined that the problem is not with the LAN but with the Internet
or the Internet connection to the router, the telecentre manager now has a narrower
range of possibilities to address. The first step to take in these instances is to make sure
the router is functioning properly.
The telecentre manager should reboot the router (turn it off or unplug electricity to
the router, wait a few seconds then turn it on again) first to see if that solves the
problem. If not, the lights on the front of the router (along with the router user’s guide)
can be used to indicate whether or not it is functioning properly. The telecentre
manager can also try rebooting the modem, WiFi receiver or any other devices used for
receiving the Internet signal. A telecentre manager may also have some software for
diagnosing network problems that is installed on the server or another computer.
If none of the above steps solve the problem, the next step is for the telecentre manager
to contact the ISP and ask for assistance. The customer support desk at an ISP should
be able to diagnose some problems and help troubleshoot others. The tip box here
includes some suggestions for a telecentre manager to use when calling an ISP for
support.

Network management
 lOMoARcPSD|32559332

Network management refers to the activities, methods, procedures, and tools that
pertain to the operation, administration, maintenance, and provisioning of networked
systems..

▪ Operation deals with keeping the network (and the services that the network
provides) up and running smoothly. It includes monitoring the network to spot
problems as soon as possible, ideally before users are affected.
▪ Administration deals with keeping track of resources in the network and how
they are assigned. It includes all the "housekeeping" that is necessary to keep the
network under control.
▪ Maintenance is concerned with performing repairs and upgrades—for example,
when equipment must be replaced, when a router needs a patch for an operating
system image, when a new switch is added to a network. Maintenance also involves
corrective and preventive measures to make the managed network run "better",
such as adjusting device configuration parameters.
▪ Provisioning is concerned with configuring resources in the network to support
a given service. For example, this might include setting up the network so that a
new customer can receive voice service.

A common way of characterizing network management functions is FCAPS—Fault,

onfiguration, Accounting, Performance and Security.

Functions that are performed as part of network management accordingly include

controlling, planning, allocating, deploying, coordinating, and monitoring the
resources of a network, network planning, frequency allocation,
predetermined traffic routing to support load balancing, cryptographic
key distribution authorization, configuration management, fault management,security
management, performance management, bandwidth management, Route
analytics and accounting management.

Data for network management is collected through several mechanisms,

ncluding agents installed on infrastructure, synthetic monitoring that simulates
transactions, logs of activity,sniffers and real user monitoring. In the past network
management mainly consisted of monitoring whether devices were up or down; today
performance management has become a crucial part of the IT team's role which brings
about a host of challenges—especially for global organizations.
Note: Network management does not include user terminal equipment.
 lOMoARcPSD|32559332

Network Administration
Installation and configuration of the network is just the beginning of the job for the
network administrator. Once the network is in place, there are many maintenance
tasks involved in network administration. Users come and go, and new network
resources are added, involving network reconfiguration. Other tasks involve providing
a fault-tolerant network that can survive the inevitable device failure.
Performance
Windows provides a performance tool that consists of two parts, the System Monitor
and Performance Logs and Alerts.
The System Monitor part allows us to collect and view real-time data about memory,
disk, processor, network, and other activities in a graph, histogram, or report form.
The Performance Logs and Alerts part enables us to configure logs to record
performance data and system alerts to notify us when a counter’s value is above or
below a predefined threshold.
Third-party software products are also available to aid us in performance monitoring.
The Simple Network Management Protocol (SNMP) can be a very useful tool for doing
performance monitoring on our network. Most network devices now include SNMP as
a support protocol. With a good SNMP management software system, we can obtain
almost any statistical information we desire.
Event Viewer
In Windows XP includes the Event Viewer that maintains logs about program, security,
and events on our network. To open the Event Viewer, we click on Control Panel,
Administrative Tools, and the Event Viewer. We can get help about using the Event
Viewer from the Action drop menu and clicking Help.
The Event Viewer allows us to view, manage event logs, and gather information about
each user’s activity, monitor security events, and to view hardware and software
problems.
Quality of Service (QoS)
This is an effort to provide different prioritization levels for different types of traffic
over a network.
Various methods are used to achieve quality of service, including the Resource
ReSerVation Protocol (RSVP).* For example, streaming† video may have a higher
priority than Internet Control Message Protocol (ICMP)‡ traffic, as the consequences of
interrupting streaming video are more obvious than slowing down ICMP traffic.
On the Internet and in other networks, with QoS the transmission rates, error rates,
and other characteristics can be measured, improved, and, to some extent, guaranteed
in advance. QoS is of particular concern for the continuous transmission of high-
bandwidth video and multimedia information. Transmitting this kind of content
dependably is difficult in public networks using ordinary "best effort" protocols.

Network Monitoring and Analysis Tools for System Administration.

Microsoft Network Monitor

Microsoft Network Monitor is a packet analyzer that allows you to capture, view and
analyze network traffic. This tool is handy for troubleshooting network problems and
 lOMoARcPSD|32559332

applications on the network. Main features include support for over 300 public and
Microsoft proprietary protocols, simultaneous capture sessions, a Wireless Monitor
Mode and sniffing of promiscuous mode traffic, amongst others.

When you launch Microsoft Network Monitor, choose which adapter to bind to from
the main window and then click “New Capture” to initiate a new capture tab. Within
the Capture tab, click “Capture Settings” to change filter options, adapter options, or
global settings accordingly and then hit “Start” to initiate the packet capture process.

Nagios

Nagios is a powerful network monitoring tool that helps you to ensure that your
critical systems, applications and services are always up and running. It provides
features such as alerting, event handling and reporting. The Nagios Core is the heart of
the application that contains the core monitoring engine and a basic web UI. On top of
the Nagios Core, you are able to implement plugins that will allow you to monitor
services, applications, and metrics, a chosen frontend as well as add-ons for data
visualisation, graphs, load distribution, and MySQL database support, amongst others.

Once you’ve installed and configured Nagios, launch the Web UI and begin to configure
host groups and service groups. Once Nagios has had some time to monitor the status
of the specified hosts and services, it can start to paint a picture of what the health of
your systems look like.

BandwidthD

BandwidthD monitors TCP/IP network usage and displays the data it has gathered in
the form of graphs and tables over different time periods. Each protocol (HTTP, UDP,
ICMP, etc) is color-coded for easier reading. BandwidthD runs discretely as a
background service.Installation is easy. Download and install Winpcap version 3.0 or
above (you’ll already have this installed if you have Wireshark on the same box), unzip
BandwidthD to a specified folder, edit the ../etc/bandwidthd.conf file accordingly,
double click on the “Install Service” batch file and then start the BandwidthD services
from the services.msc console. Once the service is running, give it some time to monitor
network traffic and load the index.html page to start viewing bandwidth statistics.

EasyNetMonitor

EasyNetMonitor is a super lightweight tool for monitoring local and remote hosts to
determine if they are alive or not. It is useful for monitoring critical servers from your
desktop, allowing you to get immediate notification (via a balloon popup and/or log
file) if a host does not respond to a periodic ping.

Once you launch EasyNetMonitor, it will appear as an icon in the notification area on
your desktop where the IP addresses / host names of the machines you want to
 lOMoARcPSD|32559332

monitor can be added. Once you’ve added the machines you wish to monitor, be sure to
configure the ping delay time and notification setting.

Capsa Free

Capsa Free is a network analyzer that allows you to monitor network traffic,
troubleshoot network issues and analyze packets. Features include support for over
300 network protocols (including the ability to create and customize protocols), MSN
and Yahoo Messenger filters, email monitor and auto-save, and customizable reports
and dashboards.

When you launch Capsa, choose the adapter you want it to bind to and click “Start” to
initiate the capture process. Use the tabs in the main window to view the dashboard, a
summary of the traffic statistics, the TCP/UDP conversations, as well as packet
analysis.Fiddler

Fiddler is a web debugging tool that captures HTTP traffic between chosen computers
and the Internet. It allows you to analyze incoming and outgoing data to monitor and
modify requests and responses before they hit the browser. Fiddler gives you extremely
detailed information about HTTP traffic and can be used for testing the performance
of your websites or security testing of your web applications (e.g. Fiddler can decrypt
HTTPS traffic).

When you launch Fiddler, HTTP traffic will start to be captured automatically. To
toggle traffic capturing, hit F12. You can choose which processes you wish to capture
HTTP traffic for by clicking on “All Processes” in the bottom status bar, or by dragging
the “Any Process” icon from the top menu bar onto an open application.

NetworkMiner

NetworkMiner captures network packets and then parses the data to extract files and
images, helping you to reconstruct events that a user has taken on the network – it can
also do this by parsing a pre-captured PCAP file. You can enter keywords which will be
highlighted as network packets are being captured. NetworkMiner is classed as a
Network Forensic Analysis Tool (NFAT) that can obtain information such as hostname,
operating system and open ports from hosts. When you load NetworkMiner, choose a
network adapter to bind to and hit the “Start” button to initiate the packet capture
process.

Pandora FMS

Pandora FMS is a performance monitoring, network monitoring and availability

management tool that keeps an eye on servers, applications and communications. It
has an advanced event correlation system that allows you to create alerts based on
events from different sources and notify administrators before an issue escalates. When
 lOMoARcPSD|32559332

you login to the Pandora FMS Web UI, start by going to the ‘Agent detail’ and ‘Services’
node from the left hand navigation pane. From here, you can configure monitoring
agents and services.

Zenoss Core

Zenoss Core is a powerful open source IT monitoring platform that monitors

applications, servers, storage, networking and virtualization to provide availability
and performance statistics. It also has a high performance event handling system and
an advanced notification system.Once you login to Zenoss Core Web UI for the first
time, you are presented with a two-step wizard that asks you to create user accounts
and add your first few devices / hosts to monitor. You are then taken directly to the
Dashboard tab. Use the Dashboard, Events, Infrastructure, Reports and Advanced tabs
to configure Zenoss Core and review reports and events that need attention.

PRTG Network Monitor Freeware

PRTG Network Monitor monitors network availability and network usage using a
variety of protocols including SNMP, Netflow and WMI. It is a powerful tool that offers
an easy to use web-based interface and apps for iOS and Android. Amongst others,
PRTG Network Monitor’s key features include:

(1) Comprehensive Network Monitoring which offers more than 170 sensor types for
application monitoring, virtual server monitoring, SLA monitoring, QoS monitoring

(2) Flexible Alerting, including 9 different notification methods, status alerts, limit
alerts, threshold alerts, conditional alerts, and alert scheduling

(3) In-Depth Reporting, including the ability to create reports in HTML/PDF format,
scheduled reports, as well as pre-defined reports (e.g. Top 100 Ping Times) and report
templates.When you launch PRTG Network Monitor, head straight to the configuration
wizard to get started. This wizard will run you through the main configuration settings
required to get the application up and running, including the adding of servers to
monitors and which sensors to use.

The Dude

The Dude is a network monitoring tool that monitors devices and alerts you when
there is a problem. It can also automatically scan all devices on a given subnet and
then draw and layout a map of your network.When you launch The Dude, you first
choose to connect to a local or remote network and specify credentials accordingly.
Click ‘Settings’ to configure options for SNMP, Polling, Syslog and Reports.

Splunk
 lOMoARcPSD|32559332

Splunk is a data collection and analysis platform that allows you to monitor, gather
and analyze data from different sources on your network (e.g. event logs, devices,
services, TCP/UDP traffic, etc). You can set up alerts to notify you when something is
wrong or use Splunk’s extensive search, reporting and dashboard features to make the
most of the collected data. Splunk also allows you to install ‘Apps’ to extend system
functionality.

Note: When you first download and install Splunk, it automatically installs the
Enterprise version for you to trial for 60 days before switching to the Free version. To
switch to the Free version straight away, go to Manager > Licensing.When you login to
the Splunk web UI for the first time, add a data source and configure your indexes to
get started. Once you do this you can then create reports, build dashboards, and search
and analyze data.

Angry IP Scanner

Angry IP Scanner is standalone application that facilitates IP address and port

scanning. It is used to scan a range of IP addresses to find hosts that are alive and
obtain information about them (including MAC address, open ports, hostname, ping
time, NetBios information, etc).When you execute the application, go to Tools >
Preferences to configure Scanning and Port options, then go to Tools > Fetchers to
choose what information to gather from each scanned IP address.

ntopng

ntopng (‘ng’ meaning ‘next generation’) is the latest version of the popular network
traffic analyzer called ntop. ntopng will sit in the background and gather network
traffic, then display network usage information and statistics within a Web UI.

Note: Although originally aimed for use on Unix-based systems, there is a Windows
version available for a small fee, or a demo version limited to 2000 packets. If you are
comfortable running ntopng on a Unix-based box then you can get the full version for
free.

Total Network Monitor

Total Network Monitor continuously monitors hosts and services on the local network,
notifying you of any issues that require attention via a detailed report of the problem.
The result of each probe is classified using green, red, or black colors to quickly show
whether the probe was successful, had a negative result or wasn’t able to
complete.When you launch Total Network Monitor, go to Tools > Scan Wizard to have
the wizard scan a specified network range automatically and assign the discovered
hosts to a group. Alternatively, create a new group manually to start adding
devices/hosts individually.
 lOMoARcPSD|32559332

NetXMS

NetXMS is a multi-platform network management and monitoring system that offers

event management, performance monitoring, alerting, reporting and graphing for the
entire IT infrastructure model. NetXMS’s main features include support for multiple
operating systems and database engines, distributed network monitoring, auto-
discovery, and business impact analysis tools, amongst others. NetXMS gives you the
option to run a web-based interface or a management console.

Once you login to NetXMS you need to first go to the “Server Configuration” window to
change a few settings that are dependent on your network requirements (e.g. changing
the number of data collection handlers or enabling network discovery). You can then
run the Network Discovery option for NetXMS to automatically discover devices on
your network, or add new nodes by right clicking on “Infrastructure Services” and
selecting Tools > Create Node.

Xymon

Xymon is a web-based system – designed to run on Unix-based systems – that allows

you to dive deep into the configuration, performance and real-time statistics of your
networking environment. It offers monitoring capabilities with historical data,
reporting and performance graphs.Once you’ve installed Xymon, the first place you
need to go is the hosts.cfg file to add the hosts that you are going to monitor. Here, you
add information such as the host IP address, the network services to be monitored,
what URLs to check, and so on.

When you launch the Xymon Web UI, the main page lists the systems and services being
monitored by Xymon. Clicking on each system or service allows you to bring up status
information about a particular host and then drill down to view specific information
such as CPU utilization, memory consumption, RAID status, etc.

WirelessNetView

WirelessNetView is a lightweight utility (available as a standalone executable or

installation package) that monitors the activity of reachable wireless networks and
displays information related to them, such as SSID, Signal Quality, MAC Address,
Channel Number, Cipher Algorithm, etc.As soon as you execute WirelessNetView, it
automatically populates a list of all reachable Wi-Fi networks in the area and displays
information relevant to them (all columns are enabled by default).

Note: Wireless Network Watcher is a small utility that goes hand in hand with
WirelessNetView. It scans your wireless network and displays a list of all computers
and devices that are currently connected, showing information such as IP adddress,
MAC address, computer name and NIC card manufacturer – all of which can be
exported to a html/xml/csv/txt file.
 lOMoARcPSD|32559332

Xirrus Wi-Fi Inspector

Xirrus Wi-Fi Inspector can be used to search for Wi-Fi networks, manage and
troubleshoot connections, verify Wi-Fi coverage, locate Wi-Fi devices and detect rogue
Access Points. Xirrus Wi-Fi Inspector comes with built-in connection, quality and speed
tests.

Once you launch Wi-Fi Inspector and choose an adapter, a list of available Wi-Fi
connections is displayed in the “Networks” pane. Details related to your current Wi-Fi
connection are displayed in the top right hand corner. Everything pretty much happens
from the top ribbon bar – you can run a test, change the layout, edit settings, refresh
connections, etc.

WireShark

This list wouldn’t be complete without the ever popular WireShark. WireShark is an
interactive network protocol analyzer and capture utility. It provides for in-depth
inspection of hundreds of protocols and runs on multiple platforms.

When you launch Wireshark, choose which interface you want to bind to and click the green shark fin
icon to get going. Packets will immediately start to be captured. Once you’ve collected what you need,
you can export the data to a file for analysis in another application or use the in-built filter to drill down and analyze
the captured packets at a deeper level from within Wireshark itself.
indicates the highest sequence number it can receive without overflowing its internal
buffers.

Communication Protocols

You may be wondering how do the computers send and receive data across
communication links. The answer is data communication software. It is this
software that enables us to communicate with other systems. The data communication
software instructs computer systems and devices as to how exactly data is to be
transferred from one place to another. The procedure of data transformation in the
form of software is commonly called protocol.

The data transmission software or protocols perform the following functions for the
efficient and error free transmission of data.

1. Data sequencing: A long message to be transmitted is broken into smaller

packets of fixed size for error free data transmission.
2. Data Routing: It is the process of finding the most efficient route between
source and destination before sending the data.
3. Flow control: All machines are not equally efficient in terms of speed. Hence
the flow control regulates the process of sending data between fast sender and
slow receiver.
 lOMoARcPSD|32559332

4. Error Control: Error detecting and recovering is the one of the main function
of communication software. It ensures that data are transmitted without any
error.

In the telecommunication, a protocol is set of rules for data representation,

authentication, and error detection. The communication protocols in the computer
networking are intended for the secure, fast and error free data delivery between two
communication devices. Communication protocols follow certain rules for the
transmission of the data.

Protocols Properties

Different protocols perform different functions so it is difficult to generalize the

properties of the protocols. There are some basic properties of most of the protocols.
• Detection of the physical (wired or wireless connection)
• Handshaking
• How to format a message.
• How to send and receive a message.
• Negotiation of the various connections
• Correction of the corrupted or improperly formatted messages.
• Termination of the session.

HTTP (Hyper Text Transfer Protocol)

Hypertext transfer protocol is a method of transmitting the information on the web.

HTTP basically publishes and retrieves the HTTP pages on the World Wide Web. HTTP
is a language that is used to communicate between the browser and web server. The
information that is transferred using HTTP can be plain text, audio, video, images, and
hypertext. HTTP is a request/response protocol between the client and server. Many
proxies, tunnels, and gateways can be existing between the web browser (client) and
server (web server). An HTTP client initializes a request by establishing a TCP
connection to a particular port on the remote host (typically 80 or 8080). An HTTP
server listens to that port and receives a request message from the client. Upon
receiving the request, server sends back 200 OK messages, its own message, an error
message or other message.

POP3 (Post Office Protocol)

In computing, e-mail clients such as (MS outlook, outlook express and thunderbird) use
Post office Protocol to retreive emails from the remote server over the TCP/IP
connection. Nearly all the users of the Internet service providers use POP 3 in the email
clients to retrieve the emails from the email servers. Most email applications use POP
protocol.

SMTP (Simple Mail Transfer Protocol)

 lOMoARcPSD|32559332

Simple Mail Transfer Protocol is a protocol that is used to send the email messages
between the servers. Most email systems and email clients use the SMTP protocol to
send messages to one server to another. In configuring an email application, you need
to configure POP, SMTP and IMAP protocols in your email software. SMTP is a simple,
text based protocol and one or more recipient of the message is specified and then the
message is transferred. SMTP connection is easily tested by the Telnet utility. SMTP
uses the by default TCP port number 25

FTP (File Transfer Protocol)

FTP or file transfer protocol is used to transfer (upload/download) data from one
computer to another over the internet or through or computer network. FTP is a most
commonly communication protocol for transferring the files over the internet.
Typically, there are two computers are involved in the transferring the files a server
and a client. The client computer that is running FTP client software such as Cuteftp
and AceFTP etc initiates a connection with the remote computer (server). After
successfully connected with the server, the client computer can perform a number of
the operations like downloading the files, uploading, renaming and deleting the files,
creating the new folders etc. Virtually operating system supports FTP protocols.

DHCP (Dynamic Host Configuration Protocol)

The DHCP or Dynamic Host Configuration Protocol is a set of rules used by a

communication device such as router, computer or network adapter to allow the
device to request and obtain and IP address from a server which has a list of the larger
number of addresses. DHCP is a protocol that is used by the network computers to
obtain the IP addresses and other settings such as gateway, DNS, subnet mask from the
DHCP server. DHCP ensures that all the IP addresses are unique and the IP address
management is done by the server and not by the human. The assignment of the IP
addresses is expires after the predetermined period of time. DHCP works in four phases
known as DORA such as Discover, Observe, Request and Authorize.

DNS: Domain Name Servers

This is a hierarchical naming system for identifying host computers on networks or the
Internet. Each host name is comprised of domain labels separated by periods. If your
machine is connected to the Internet, you assign local domain name host names only,
and your higher level domain
name is assigned to you. For example, the domain name assigned to Osmania
University is osmania.ac.in has the higher level domain names of ac (academic) and in
(India). Examples of the host computers at Osmania University are called staff, results,
and www. Their host names in the domain are
NAT: (Network Address Translation)

Basic Network Address Translation (Basic NAT) is a method by which IP addresses are
mapped from one group to another transparent to end users. Network Address Port
 lOMoARcPSD|32559332

Translation, or NAPT, is a method by which many network addresses and their

TCP/UDP ports are translated into a single network address and its TCP/UDP ports.
Together, these two operations, referred to as traditional NAT, provide a mechanism to
connect a realm with private addresses to an external realm with globally unique
registered addresses. The need for IP Address translation arises when a network’s
internal IP addresses cannot be used outside the network either for privacy reasons or
because they are invalid for use outside the network.

IMAP (Internet Message Access Protocol)

The Internet Message Access Protocol known as IMAP is an application layer protocol
that is used to access the emails on the remote servers. POP3 and IMAP are the two
most commonly used email retrieval protocols. Most of the email clients such as
outlook express, thunderbird and MS outlooks support POP3 and IMAP. The email
messages are generally stored on the email server and the users generally retreive
these messages whether by the web browser or email clients. IMAP is generally used in
the large networks. IMAP allows users to access their messages instantly on their
systems.

TELNET: (Terminal emulation protocol of TCP/IP)

TELNET is the terminal emulation protocol in a TCP/IP environment. TELNET uses the
TCP as the transport protocol to establish connection between server and client. After
connecting,TELNET server and client enter a phase of option negotiation that
determines the options that each side can support for the connection. Each connected
system can negotiate new options or renegotiate old options at any time. In general,
each end of the TELNET connection attempts to implement all options that maximize
performance for the systems involved. When a TELNET connection is first established,
each end is assumed to originate and terminate at a “Network Virtual Terminal”,or
NVT. An NVT is an imaginary device which provides a standard,network-wide,
intermediate representation of a canonical terminal. This eliminates the need for
“server” and “user” hosts to keep information about the characteristics of each other’s
terminals and terminal handling conventions.

FDDI (Fiber distributed data interface )

Fiber distributed data interface (FDDI) provides a standard for data transmission in a
local area network that can extend a range of 200 kilometers. The FDDI uses token
ring protocol as its basis. FDDI local area network can support a large number of users
and can cover a large geographical area. FDDI uses fiber optic as a standard
communication medium. FDDI uses dual attached token ring topology. A FDDI network
contains two token rings and the primary ring offers the capacity of 100 Mbits/s. FDDI
is an ANSI standard network and it can support 500 stations in 2 kilometers.

UDP
 lOMoARcPSD|32559332

The user datagram protocol is a most important protocol of the TCP/IP suite and is
used to send the short messages known as datagram. Common network applications
that uses UDP are DNS, online games, IPTV, TFTP and VOIP. UDP is very fast and light
weight. UDP is an unreliable connectionless protocol that operates on the transport
layer and it is sometimes called Universal Datagram Protocol.

TFTP

Trivial File Transfer Protocol (TFTP) is a very simple file transfer protocol with the
very basic features of the FTP. TFTP can be implemented in a very small amount of
memory. TFTP is useful for booting computers such as routers. TFTP is also used to
transfer the files over the network. TFPT uses UDP and provides no security features.

SNMP

The simple network management protocol (SNMP) forms the TCP/IP suite. SNMP is
used to manage the network attached devices of the complex network.

PPTP

The point to point tunneling protocol is used in the virtual private networks. PPP
works by sending regular PPP session. PPTP is a method of implementing VPN
networks.

URL: Uniform Resource Locator.

URL is the syntax and semantics for a compact string representation of a resource
available via the Internet. For example, we
use URL to locate web addresses and FTP site addresses. The generic syntax for URLs
provides a framework for new schemes to be established using protocols other than
those defined in this document. URLs are used to `locate’ resources, by providing an
abstract identification of the resource location. Having located a resource, a system
may perform a variety of operations on the resource, as might be characterized by
such words as `access’, `update’, `replace’, `find attributes’. In general, only the `access’
method needs to be specified for any URL scheme.

RIP: Routing Information Protocol

Routing Information Protocol (RIP) is a standard for exchange of routing information

among gateways and hosts. This protocol
is most useful as an “interior gateway protocol”. In a nationwide network such as the
current Internet, there are many routing
protocols used for the whole network. The network will be organized as a collection of
“autonomous systems”. Each autonomous system will have its own routing technology,
which may well be different for different autonomous systems. The routing protocol
used within an autonomous system is referred to as an interior gateway protocol, or
“IGP”. A separate protocol is used to interface among the autonomous systems. The
 lOMoARcPSD|32559332

earliest such protocol, still used in the Internet, is “EGP” (exterior gateway protocol).
Such protocols are now usually referred to as inter-AS routing protocols. RIP is
designed to work with moderate-size networks using reasonably homogeneous
technology. Thus it is suitable as an IGP for many campuses and for regional networks
using serial lines whose speeds do not vary widely. It is not intended for use in more
complex environments.

ARP and InARP: Address ResolutionProtocol and Inverse

ARP
Address Resolution Protocol (ARP) performs mapping of an IP address to a physical
machine address (MAC address for Ethernet) that is recognized in the local network.
For example, in IP Version 4, an address is 32 bits long. In an Ethernet local area
network, however, addresses for attached devices are 48 bits long. A table, usually
called the ARP cache, is used to maintain a correlation between each MAC address and
its corresponding IP address. ARP provides the rules for making this correlation and
providing address conversion in both directions.
Since protocol details differ for each type of local area network, there are separate ARP
specifications for Ethernet, Frame Relay, ATM, Fiber Distributed-Data Interface, HIPPI,
and other protocols. InARP is an addition to ARP to address ARP in Frame Relay
environment. There is a Reverse ARP (RARP) for host machines that don’t know their
IP. RARP enables them to request their IP address from the gateway’s ARP cache.

Connecting to other Networks

Internetwork Addressing
The role of an internetwork is to enable communications between devices connected to
two or more separate networks. An internetwork can span a small or large geographic
area, connecting LANs that belong to the same or different organizations.
A small internetwork can connect LANs on different floors of a building. The largest
internetwork in existence is the Internet, which is global in scope and serves as a
universal resource for message transfer between all types of networks
An internetwork like the Internet links all types of similar or dissimilar networks (e.g.,
Ethernet LANs, mobile telephone networks). In order to uniquely identify each device
on any network connected to the Internet in a consistent manner, an address called the
Internet protocol (IP) address is assigned to the network interface of each device. This
public IP address uniquely identifies both the device and the network to which the
device is connected.
NOTES: Non-unique private IP addresses may also be assigned to devices for internal use. Such
addresses cannot be used to send messages over the Internet.
 lOMoARcPSD|32559332

The terms network identification (netid) and host identification (hostid) can be used to
describe the two parts of an IP address. In such cases, netid identifies the LAN
broadcast domain and hostid identifies the device within the LAN broadcast domain.
Using the same format for all addresses on an internetwork makes it possible to link
together all types of devices and networks. If necessary, any device can be reconfigured
to take the place of any other (e.g., in the event of a breakdown or an upgrade) through
a reassignment of the IP address.
The term IP address is often used to describe the internetwork address of a device,
since IP is used globally to link to the Internet. Alternate terms used to describe IP
addresses include:
1
Internet address.

Layer 3 address.

Network layer address.

Subnet address.

Internetwork address.

Routing address.

NOTE: IP addresses are the most common—but not the only—means of

network/device identification. Other network address systems can also be used on non-
IP internetworks.

Message Transfer Using Addressing

MAC addresses are used to identify the source and destination of each message on
LANs. The stations, servers, and shared peripherals in the LAN broadcast domain
communicate with each other using MAC addressing.
When multiple LANs are connected to an internetwork using routers, both MAC and IP
addresses are used as follows:
All routers on an internetwork keep tables of the IP addresses of networks connected to
the internetwork.

A router connected to a network keeps a table of both the MAC address and the IP
address of each device on that network.

When a router receives a message intended for a device on a network connected to

itself, it uses the information in its table to forward the message to the appropriate
device, using the MAC address.
 lOMoARcPSD|32559332

When a router receives a message intended for a device on a network connected to

another router, it uses the IP address to place the message on a path to that router.
NOTE: On large internetworks, multiple router hops may be required to send a
message from one network to another. Different terms are used to distinguish between
the message format used on a LAN and the message format processed by routers when
directing traffic to and from an internetwork. The term:
1
Frame is used to describe Layer 2 or LAN
Messaging units (e.g., Ethernet frames).

Datagram or packet is used for Layer 3 or internetwork messaging units (e.g., IP

datagrams or IP packets).

Systems Performance Management

Networks and the servers that use them have never been more interdependent, in large
part because today’s complex and sophisticated online applications rely on multiple
components across many different systems. Networks must accommodate the critical
functions of network based servers (DNS, DHCP, gateways, etc.) as well as those of
database servers, application servers, file servers, and so on.

Being able to monitor and proactively manage each of these systems and their
applications is what differentiates a positive user experience from a negative one and
what, ultimately, leads to business success. The list of what today’s IT staff must
monitor and manage is incredibly long and complex:

• CPU and memory

• The number of instances of each process
• The initiation and end of the DNS process
• The amount of CPU being used by the database
• Correlation of the Java application’s JMX or Mbean metrics with bandwidth
utilization
• Monitoring page availability, thread utilization, session state and server cache
utilization for web applications
• Discovery and identification of new virtual machines
• Monitoring guest OSes and processes to ensure proper service levels
• And many, many more

Token Ring.

A Token Ring network is a local area network (LAN) in which all computers are
connected in a ring or star topology and a bit- or token-passing scheme is used in order
to prevent the collision of data between two computers that want to send messages at
the same time. The Token Ring protocol is the second most widely-used protocol on
local area networks after Ethernet. The IBM Token Ring protocol led to a standard
 lOMoARcPSD|32559332

version, specified as IEEE 802.5. Both protocols are used and are very similar. The IEEE
802.5 Token Ring technology provides for data transfer rates of either 4 or 16 megabits
per second.

Frame Formats
The basic format of a Token Ring data frame is shown in the Figure and described in
bellow. The sizes of the fields in the figure are not representative of the sizes of the
fields in an actual frame. The data field makes up the vast majority of the frame.

Components of a Token Ring Frame

Description

Start delimiter Indicates start of the frame

Access control Indicates the frame's priority and whether it is a token or a
data frame
Frame control Contains either Media Access Control information for all
computers or "end station" information for only one computer
Destination Indicates the address of the computer to receive the frame
address

Source address Indicates the computer that sent the frame

Information, or Contains the data being sent
data
 lOMoARcPSD|32559332

Contains CRC error-checking information

Frame check
sequence

End delimiter Indicates the end of the frame

Frame status Tells whether the frame was recognized, copied, or whether the
destination address was available

How Token Ring Networking Works

When the first Token Ring computer comes online, the network generates a token. The
token is a predetermined formation of bits (a stream of data) that permits a computer
to put data on the cables. The token travels around the ring polling each computer
until one of the computers signals that it wants to transmit data and takes control of
the token. A computer cannot transmit unless it has possession of the token; while the
token is in use by a computer, no other computer can transmit data.

After the computer captures the token, it sends a data frame (such as the one shown in
the figure out on the network. The frame proceeds around the ring until it reaches the
computer with the address that matches the destination address in the frame. The
destination computer copies the frame into its receive buffer and marks the frame in
the frame status field to indicate that the information was received.

The frame continues around the ring until it arrives at the sending computer, where
the transmission is acknowledged as successful. The sending computer then removes
the frame from the ring and transmits a new token back on the ring.

Hardware Components
Hardware for Token Ring networks is centered on the hub, which houses the actual
ring. A Token Ring network can have multiple hubs, as described later in this lesson.
 lOMoARcPSD|32559332

STP or UTP cabling connects the computers to the hubs; patch cables can further
extend the connections. Fiber-optic cable, "Basic Network Media," is especially well
suited to Token Ring networks. Together with repeaters, fiber-optic cable can greatly
extend the range of Token Ring networks. Cabling is joined to the components with
four kinds of connectors, discussed later in this section. Other Token Ring hardware
includes media filters, patch panels, and network interface cards.
The Hub
In a Token Ring network, the hub is known by several names that all mean the same
thing. These include:
• MAU (Multistation Access Unit).
• MSAU (MultiStation Access Unit).
• SMAU (stands for Smart Multistation Access Unit).

Cables attach the individual clients and servers to the MSAU, which works like other
passive hubs. Figure shows a hub in which the internal wiring circulates the token in a
clockwise direction. The internal ring automatically converts to an external ring at
each connection point when a computer is connected.

Hub showing the internal ring and clockwise token path

Hub Capacity

An IBM MSAU has 10 connection ports. It can connect up to eight computers. However,
a Token Ring network is not limited to one ring (hub). Each ring can have up to 33
hubs.

Each MSAU-based network can support as many as 72 computers that use unshielded
wire or up to 260 computers that use shielded wire.

Other vendors offer hubs with more capacity; the capacity depends on the vendor and
the hub model.
 lOMoARcPSD|32559332

When one Token Ring is full—that is, when every port on an MSAU has a computer
connected to it—adding another ring (MSAU) can enlarge the network.

The only rule that must be followed is that each MSAU must be connected in such a way
so that it becomes part of the ring. Figure 3.27 shows 1, 2, and 3 MSAU connected and
maintaining a logical ring. An MSAU's ring-in and ring-out connection points make use
of patch cables to connect many MSAUs on top of each other while still forming a
continuous ring inside the MSAUs.

Adding hubs while maintaining the logical ring

Built-in Fault Tolerance

In a pure token-passing network, a computer that fails stops the token from
continuing. This in turn brings down the network. MSAUs were designed to detect
when a NIC fails, and to disconnect from it. This procedure bypasses the failed
computer so that the token can continue on.

In IBM's MSAUs, bad MSAU connections or computers are automatically by-passed and
disconnected from the ring. Therefore, a faulty computer or connection will not affect
the rest of the Token Ring network.

Cabling
The STP or UTP cable to a hub connects computers on a Token Ring network. Figure
3.28 shows cable length limits for three types of cabling. Token Rings use IBM Type 1, 2,
and 3 cabling. Most networks use IBM Cabling System Type 3 UTP cabling.

Each computer can be no more than 101 meters (330 feet) from an MSAU when
connected with Type 1 cable. Each computer can be up to 100 meters (about 328 feet)
from the MSAU when STP cabling is used, or 45 meters (about 148 feet) when UTP
cabling is used. The minimum length for shielded or unshielded cable is 2.5 meters
(about 8 feet).
 lOMoARcPSD|32559332

Maximum hub to computer distances on Type 1, STP, and UTP cables

According to IBM, the maximum cabling distance from an MSAU to a computer or a file
server is 46 meters (150 feet) when Type 3 cabling is used. Some vendors, however,
claim that data transmission can be reliable for up to 152 meters (500 feet) between
an MSAU and a computer.

The maximum distance from one MSAU to another is limited to 152 meters (500 feet).
Each single Token Ring can accommodate only 260 computers with STP cable and 72
computers with UTP cable.

Patch Cables

Patch cables extend the connection between a computer and an MSAU. They can also
join two MSAUs together. In the IBM cabling system, these are Type 6 cables and can be
any length up to 46 meters (150 feet). Patch cable will allow only 46 meters between a
computer and an MSAU.

The IBM cabling system also specifies a Type 6 patch cable for:

• Increasing the length of Type 3 cables.

• Connecting computers to MSAUs directly.

Connectors

Token Ring networks usually join cables to components with the following types of
connectors:

• Media interface connectors (MICs) for connecting Types 1 and 2 cable. These
are IBM Type A connectors, known elsewhere as universal data connectors.
They are neither male nor female; you can connect one to another by flipping
either one over.
• RJ-45 telephone connectors (8-pin) for Type 3 cable.
 lOMoARcPSD|32559332

• RJ-11 telephone connectors (4-pin) for Type 3 cable.

• Media filters to make the connection between the Token Ring NIC and a
standard RJ-11/RJ-45 telephone jack (outlet).

Media Filters
Media filters are required in computers that use Type 3 telephone twisted-pair cabling,
because they convert cable connectors and reduce line noise.
Patch Panels
A patch panel is used to organize cable that runs between a MSAU and a telephone
punchdown block. (Patch panels are discussed further later in this chapter. A
punchdown block is a kind of hardware that provides terminal connections for bare
network cable ends.)
Repeaters
Using repeaters can increase all Token Ring cable distances. A repeater actively
regenerates and retimes the Token Ring signal to extend distances between MSAUs on
the network. Using one pair of repeaters, MSAUs can be located up to 365 meters (1200
feet) apart using Type 3 cable, or 730 meters (2400 feet) apart using Type 1 or 2 cable.
Network Interface Cards
Token Ring NICs are available in both 4-Mbps and 16-Mbps models. The 16-Mbps cards
accommodate an increased frame length that requires fewer transmissions for the
same amount of data.

Implementing Token Ring cards requires caution because a Token Ring network will
run at only one of two possible speeds: 4 Mbps or 16 Mbps. If the network is a 4-Mbps
network, the 16-Mbps cards can be used because they will revert back to 4-Mbps mode.
A 16-Mbps network, however, will not accept the slower 4-Mbps cards because they
cannot increase speed.

Although several manufacturers make Token Ring NICs and other Token Ring
components, IBM currently sells the majority of them.

Fiber-Optic Cable

Because of the mix of data streaming (streaming is an undifferentiated, byte-by-byte

flow of data), high speeds, and data traveling in one direction only, Token Ring
networks are well suited to fiber-optic cable. Though more expensive, fiber-optic cable
can greatly increase the range of a Token Ring network—up to 10 times what copper
cabling allows.

Token bus.

Token bus is a network implementing the token ring protocol over a "virtual ring" on
a coaxial cable. A token is passed around the network nodes and only the node
possessing the token may transmit. If a node doesn't have anything to send, the token is
passed on to the next node on the virtual ring. Each node must know the address of its
 lOMoARcPSD|32559332

neighbor in the ring, so a special protocol is needed to notify the other nodes of
connections to, and disconnections from, the ring.

Token bus was standardized by IEEE standard 802.4. It is mainly used for industrial
applications. Token bus was used by General Motors for their Manufacturing
Automation Protocol (MAP) standardization effort.[3] This is an application of the
concepts used in token ring networks. The main difference is that the endpoints of the
bus do not meet to form a physical ring.

Due to difficulties handling device failures and adding new stations to a network, token
bus gained a reputation for being unreliable and difficult to upgrade.[4]

In order to guarantee the packet delay and transmission in Token bus protocol, a
modified Token bus was proposed in Manufacturing Automation Systems and flexible
manufacturing system (FMS).

A means for carrying Internet Protocol over token bus was developed.

CSMA/CD

Short for Carrier Sense Multiple Access / Collision Detection is a set of rules
determining how network devices respond when two devices attempt to use a data
channel simultaneously (called a collision). Standard Ethernet networks use CSMA/CD
to physically monitor the traffic on the line at participating stations. If no transmission
is taking place at the time, the particular station can transmit. If two stations attempt
to transmit simultaneously, this causes a collision, which is detected by all
participating stations. After a random time interval, the stations that collided attempt
to transmit again. If another collision occurs, the time intervals from which the
random waiting time is selected are increased step by step. This is known as
exponential back off. CSMA/CD is a type of contention protocol. Networks using the
CSMA/CD procedure are simple to implement but do not have deterministic
transmission characteristics. The CSMA/CD method is internationally standardized in
IEEE 802.3 and ISO 8802.3.

Server.

A server is a computer on a network that manages network resources. There are many
different types of servers. For example:

• File server: a computer and storage device dedicated to storing files. Any user
on the network can store files on the server.
• Print server: a computer that manages one or more printers, and a network
server is a computer that manages network traffic.
• Database server: a computer system that processes database queries.
 lOMoARcPSD|32559332

n a local area network (LAN), a domain is a subnetwork made up of a group of clients

and servers under the control of one central security database. Within a domain, users
authenticate once to a centralized server known as a domain controller, rather than
repeatedly authenticating to individual servers and services. Individual servers and
services accept the user based on the approval of the domain controller.

Indiana University's domain is ADS or ads.iu.edu. To be precise, IU runs an Active

Directory, the most advanced type of domain for domain controllers running Windows
2000 or later. There are many administrative differences between Active Directories
and earlier domain types, but for the user the experience is mostly the same.

Domain controller is a server on a Microsoft Windows network that is responsible for

allowing host access to Windows domain resources. The domain controllers in your
network are the centerpiece of your Active Directory directory service. It stores user
account information, authenticates users and enforces security policy

When you are on the internet or are working in an networked environment you may
think you have problems with your network connection. However it would be helpful if
you could diagnose whether there is a problem and what it is.

Tools and Scenarios

Below is a list of tools that can be used to diagnose or troubleshoot a network

Getting Help

When working with the tools you can get help by typing the command, then "/?" , e.g..
"ping /?" (minus the quotes).

Saving the Results

If you are running a command, or want to view the help then you can send the results
to a file for viewing elsewhere or to send to a friend, colleague or helpdesk for
diagnosis. Simply enter >c:\<filename>.txt after your command to send the results to a
file instead of the screen. To use ping as an example:

ping /? >c:\ping.txt
ping www.dosprompt.info >c:\ping.txt

Scenario list

To help you choose the tool you need to diagnose your problem, this handy chart
outlines some of the potential problems and which tool will help you diagnose where
the problem is.
 lOMoARcPSD|32559332

ping/pathping traceroute netstat net shell dns and dns lookup telnet
Cannot
connect to a
web site, ping/pathping trace route dns and dns lookup telnet
but can
connect to
others
Cannot
connect to
email, but ping/pathping trace route telnet
can browse
web sites
Suspect
malicious netstat dns and dns lookup
application
on machine
IP
networking
problems ping/pathping netstat net shell
on my local
machine

Ping / Path Ping

Ping is probably one of the most used Command Line tools and for good reason. it is a
quick and easy way to see whether the site or service you are trying to connect to is
actually alive. It is usually the first tool most network administrator use when faced
with any kind of problem. You can use results from other actions to carry out further
actions in Ping to discover where the problem may be.

Using Ping

To use ping, simply open a command prompt and enter ping then the name of the host
that you want to check, without the http, ftp etc or any directories, slashes or other
information.

ping www.dosprompt.info

You can also ping IP addresses:

ping 85.234.131.90
 lOMoARcPSD|32559332

After pressing enter you will get a number of responses:

Response returned Which means...

ping request could not find The address you have entered doesn't exist. Check your
host... spelling and try again.
The address that you have entered is alive and responding
reply from...
to pings
The address was found but it isn't responding to ping
request timed out...
requests

Getting the "Request timed out" doesn't always mean that the host you are pinging is
actually down. Some sites will block the "ping packets" from being returned as a
security measure, so they will never respond to a ping. There are other tests that you
can do to verify whether the host is alive or not, usingTelnet.

Infinite Ping

With an additional command you can ask your machine to keep pinging a machine
until you end it. This is useful if you are moving a cable that you think is a problem or
you have an intermittent fault.
To continuously ping a host, add the command "-t" to the end after the host. For
example:

ping www.dosprompt.info -t

To end the continuous ping, press Ctrl and C which sends a break to it.

Path Ping (Windows XP and Windows 2003 server and higher only)

Path ping is a new tool introduced by Microsoft which combines ping and Trace Route.
It analyzes the route in the same way that trace route does, but sends multiple pings to
each hop on the way. It then collects statistics on this route to tell you whether one
particular hop is being very slow, indicating a problem. This does make it a slower tool
than ping, but can provide more information useful for diagnosis.

Using Path Ping

Using pathping is very similar to the standard ping application. In a command prompt
enter the command "pathping" then the host or Ip address that you want to check. For
example:

pathping www.dosprompt.info
pathping 85.234.131.90
 lOMoARcPSD|32559332

After pressing enter you will get one of two results. Either "unable to resolve target"
which means that the name doesn't exist or the pathping will begin, only to end with a
successful or failure result code. Refer to the tracert results table below for information
on these result codes.

If the process seems to be going on too long, then press Ctrl and C to end it.

Netsh Ping

You can also ping through the Netshell interface, allowing you to ping certain servers
and settings that are configured on your machine.

Trace Route

When you browse the Internet, your machine doesn't not connect directly to the other
site, it goes through many hops. This can be as few as one or two if you are connecting
to the web servers internally or at your internet service provider, to as many as 30 if
you are browsing to a web site hosted on the other side of the world. In most cases you
don't need to worry about how many hops you go through. the ISP will be routing your
traffic to the required host, possible over a number of routes to ensure that your
request reaches it and the reply gets back.
What Trace Route does is show you the route that it is taking.
If you are getting a problem where you cannot connect to a certain site, trace route
can help you diagnose whether it is a local problem, an ISP problem or a wider issue.

Using Trace Route

The trace route command is "tracert" and as with ping, you can trace to either an
name or an IP address. In an open command prompt windows, enter the command
tracert followed by the host you want to connect to.

tracert www.dosprompt.info
tracert 85.234.131.90

After pressing enter, the trace will either fail immediately, or you will get one of the
following result codes:

Message Which means...

Unable to resolve
target system <site the name you entered doesn't exist
name>
Trace complete trace was successful, the results will be shown above
 lOMoARcPSD|32559332

either the host or one of the hops on the way didn't respond in the
Request timed out
timeout period. This usually indicates there is a problem.*
this means that a device that the rest of the Internet is sending
Destination network traffic to the host cannot connect to it or doesn't know where to
unreachable send the traffic. Again, usually indicates a problem that is often
outside of your control.**

* If you get this message more than two or three times together in a trace, you can
usually do the CTRL-C key combination to stop it. Waiting for the timeout to complete
is a waste of time.

** If you get this immediately then your internal routing is at fault. If it occurs after
three or four hops then it is probably outside of your control.

If the problem is a hop outside of your ISP, there is very little that you can do. Hopefully
the problem will be resolved or routers will find an alternative route around the
problematic machine.

Netstat

Net Stat is a tool that tells you what your machine is connected to at the moment the
command is run. This makes it a very useful tool to see if your machine is connecting to
servers that you don't know about - possibly via the so called "Spy Ware" or "Ad Ware".
By adjusting the switches after the command you can change the way the information
is presented.

This tool can display information about the active connections, as well as whether the
machine is listening for connections - i.e. ready to receive a connection from another
machine.

Command Displays
netstat Active connections only, with the full domain name
netstat -a Active connections and listening ports with full domain name
Active connections and listening ports with full domain name and
netstat -ao
PID of application using it*
Active connections and listening ports but in numeric form (no
netstart -an
domain names)
Active connections and listening ports but in numeric form (no
netstat -ano
domain names) and PID of application using it*
netstat -<any of Repeats the command, updating the statistics after the number of
 lOMoARcPSD|32559332

seconds indicated.
above> 30 Change the number to increase or decrease the frequency
Replace <any of the above> with either "a", "ao", "an" or "ano"

* By adding the PID (Process Identification) you can see which application or service
running on your machine is making the connection or is in a waiting state. To see the
lists of processes, start the Task Manger (CTRL - ALT - DELETE then press Task
manager, Right click on the taskbar and choose it from the options or press CTRL ALT
ESC).
Once Task manager is loaded, if you cannot see PID in the list of columns, add it from
the "View", "Select Columns" command.

Things to look for

If you have any of the following in a listening state on your machine and don't know
about running those type of applications then you may have an application on your
system that is waiting for a third party to connect

Port Information
25 SMTP Server - email server
80 Web server
110 POP3 Server - email server

If you see other ports that you want to check and the PID doesn't clarify their use then
you can look at the official list maintained by the IANA (Internet Assigned Numbers
Authority) here: http://www.iana.org/assignments/port-numbers . This lists the most
common port usage but is reliant on application providers registering the port use.
You could also do a search on Google for the word "port" and then the number to see if
anyone else has reported it or can tell you what it is.

Net Shell

With the latest versions of Windows, the TCP/IP component is core to the operating
system and therefore cannot be reinstalled, removed or disabled. This makes resolving
problems with it a little more complex than before. Microsoft introduced with Windows
2000 a new utility that runs from the command line to allow you to adjust and
diagnose the IP settings. This new command is called netsh (net shell). It takes preset
commands, looks at what is configured in the operating system for those settings then
uses them. Therefore you are testing the network settings as the operating system sees
them.
 lOMoARcPSD|32559332

There are two ways to operate the Netsh commands, both of which require a command
prompt.

1. By entering the full command string in the command prompt.

2. By enter "netsh" and pressing enter.

If you are going to be running lots of commands or want to look at the help files for
subcommands, then method 2 is the better choice.
When you are in the netsh command shell, the prompt changes from "c:\>" to "netsh>"

Sample Netsh Commands

Below are some of the commands that you can run in a Netsh session and what they do.
There are lots of commands available and these are just a sample of what is available.
In all cases, if you are running it outside of netsh (netsh>) then you need to prefix the
command with "netsh" e.g:

netsh diag gui

Action Command
Try to connect to the mail server configured in
diag connect mail
Outlook Express
Try to connect to the news server configured in
diag connect news
Outlook Express
Try to connect to the Internet Explorer Proxy server
diag connect ieproxy
(if configured)
diag connect iphost <name>
Try to connect to a specific port on an IP address or <port>
host name diag connect iphost <ip address>
<port>
Show network configuration diag show all
Ping servers configured on your machine
(run diag ping alone for the list of available server diag ping <server type>
types)
Show the graphical interface diag gui

Reset IP Configuration int ip reset

Show IP status int ip show config

DNS
 lOMoARcPSD|32559332

DNS is core to the operation of most networks and the Internet. It stands for Domain
Name Service and the best way to think of it is like a big phone book. Every machine on
the Internet has a unique IP address. DNS maps those addresses to friendly names. For
example www.bbc.co.uk is 212.58.224.125. Therefore if you are having problems with
DNS settings or DNS lookups, it can hinder your web browsing.

If you are getting errors when browsing about hosts not being found, especially of they
are popular sites like Microsoft, Yahoo or the BBC then your DNS could be at fault.

Flush DNS Cache

The first thing you should do is flush your DNS cache. This very simple, just start a
command prompt and enter the following text:

ipconfig /flushdns

This will clean out the cache held on your local machine forcing it to look to the servers
you have configured in your settings.

DNS Lookup

DNS lookups can be carried out from the command line using a tool called "nslookup".
This tool doesn't have online help without entering the main shell.
A name lookup will tell you whether:

a. The name or IP address exists

b. What the current address is or which name it is registered to

To do a DNS lookup from a command line, open a command prompt and enter the
following command:

nslookup <site address>

for example

nslookup www.bbc.co.uk

You can also do DNS lookups against other servers that don't belong to your ISP. This
can verify whether your ISP has a problem. If you are running internal DNS servers (for
example on a network) then using external DNS servers can be beneficial in
discovering if the problem is local or not. To do this you need to enter the "nslookup"
shell. Open a command prompt and just type "nslookup" (minus the quotes) and press
enter. You will be told what server you are currently using for DNS.
 lOMoARcPSD|32559332

To change server enter the command "server" then the IP address of the alternative
DNS server that you want to use.
Then, to look up a host, just enter the name, for example www.bbc.co.uk .

If you want to lookup MX records, then type

set type=mx

Then enter the domain name.

An example of using nslookup and telnet together to test MX records and an email
server is here.

When you have finished, type exit to leave the nslookup shell.

WHOIS

WHOIS, which allows you to lookup information about a domain name, is not native to
Windows.
Extract the files, then place them in to \windows\system32. The command will then be
available to you in a standard prompt.

The information can be easily dropped to a notepad:

whois dosprompt.info >dosprompt.info.txt

Telnet

Telnet is how everything on the Internet used to work. It is the way that you connect to
UNIX type servers and is very basic. Therefore it is an excellent way to test your
connectivity to hosts on and off your network.
With the more recent versions of Windows, telnet support from the command line has
been introduced. For older versions of Windows you will start the application from the
start menu.

You can telnet to any port on a machine to see if it is working correctly. The most
common telnet action is to connect to email servers. For example to connect to the
email servers for Microsoft you would enter the following command in a Command
Prompt:

telnet maila.microsoft.com 25

Note the spaces between the name and the number.

You can also telnet to port 80 (web), 110 (pop3 email). However unless you know the
 lOMoARcPSD|32559332

commands, actually navigating your way around is quite difficult. By telnetting to a

host you can verify whether the port is open and ready to receive connections. If you
cannot connect on the port, then that indicates a problem.