CompTIA Network+ Rapid Review: Network Concepts

  • 12/15/2012
Contents

Objective 1.2: Classify how applications, devices, and protocols relate to the OSI model layers

One of the primary functions of the OSI model is to organize and separate the various elements of the networking process. When defining the function of a network element, such as a protocol, device, or application, it is common to begin by specifying the OSI model layer at which the element operates. This helps to categorize the function of the element and provides a basic idea of its purpose.

For example, a data-link layer device is generally understood to be involved in local network communications, while the network and transport layers are devoted to end-to-end communications that can span multiple networks. The Network+ exam requires you to understand the functions of many different applications, devices, and protocols, and classifying those elements using the OSI model is the first step to achieving that understanding.

Exam need to know

  • Classify how MAC addresses relate to the OSI model layers.

    For example: At which layer of the OSI model are network nodes identified using MAC addresses?

  • Classify how IP addresses relate to the OSI model layers.

    For example: At which layer of the OSI model are network nodes identified using IP addresses?

  • Classify how EUI-64 relates to the OSI model layers.

    For example: In what layer of the OSI reference model do you find an EUI-64?

  • Classify how frames relate to the OSI model layers.

    For example: Which layer of the OSI model uses the term “frame” to refer to the protocol data unit generated by a networking protocol?

  • Classify how packets relate to the OSI model layers.

    For example: At which layer of the OSI reference model are data structures called packets?

  • Classify how switches relate to the OSI model layers.

    For example: At which layer of the OSI model do switches perform their basic functions?

  • Classify how routers relate to the OSI model layers.

    For example: At which layer of the OSI model do routers perform their basic functions?

  • Classify how multilayer switches relate to the OSI model layers.

    For example: At which layers of the OSI model do multilayer switches perform their functions?

  • Classify how hubs relate to the OSI model layers.

    For example: At which layer of the OSI model do hubs perform their basic functions?

  • Classify how encryption devices relate to the OSI model layers.

    For example: Which layer of the OSI model is responsible for encrypting data?

  • Classify how cables relate to the OSI model layers.

    For example: Which layer of the OSI model defines the properties of network cables?

  • Classify how NICs relate to the OSI model layers.

    For example: At which layer of the OSI model do NICs operate?

  • Classify how bridges relate to the OSI model layers.

    For example: At which layer of the OSI model do bridges perform their basic functions?

MAC addresses

A media access control (MAC) address, also known as a hardware address, is a six-byte hexadecimal value that local area networking (LAN) protocols at the data-link layer use to identify systems on a shared network medium. Manufacturers of network interface adapters permanently assign a unique MAC address to each adapter, so that there can be no address duplication on any network.

True or false: Ethernet devices use MAC addresses to identify the source and the destination of each frame they transmit over the network.

Answer: True. The Ethernet frame format contains a six-byte Source Address field and a six-byte Destination Address field, which together function like the addresses on a postal envelope.

More Info

Data-link layer protocols are concerned only with LAN communications, so the values in the Destination Address and Source Address fields must identify systems on the local network. If a computer on the LAN is transmitting to another computer on the same LAN, then its packets contain the address of that target computer in their Destination Address fields. If a computer is transmitting to another computer on a different network, then the value in the Destination Address field must be the address of a router on the LAN.

True or false: Internet transmissions use a MAC address to identify the final recipient of a message.

Answer: False. Internet transmissions use an Internet Protocol (IP) address to identify the final recipient of a message, not a MAC address. This is because MAC addresses are local. A packet might pass through multiple LANs on the way to a destination on the Internet, and have different destination MAC addresses as it does so.

Exam Tip

For the Network+ exam, you must be able to distinguish MAC addresses from IP addresses. A MAC address is a six-byte hexadecimal value, such as 60-EB-69-93-5E-E4. An IP version 4 address is 32 bits, generally expressed in four octets of dotted decimal notation, as in 192.168.76.3. An IP version 6 address is 128 bits long, and generally expressed in 8 groups of 16-bit hexadecimal values separated by colons, such as fe80::7441:4473:f204:ec1d.

IP addresses

The Internet Protocol (IP) is the primary end-to-end protocol in the TCP/IP networking stack. Operating at the network layer of the OSI model (and the internet layer of the TCP/IP model), IP has its own addressing system, which it uses to identify systems on the network.

As with Ethernet, IP has header fields that contain the IP addresses of the source and destination systems involved in a network transaction. The difference between the two is that IP uses IP addresses instead of MAC addresses, and the Destination IP Address field identifies the final recipient of the transmission.

True or false: Ethernet systems on a TCP/IP network have a protocol that converts network layer IP addresses to data-link layer MAC addresses.

Answer: True. Address Resolution Protocol (ARP) converts IP addresses into MAC addresses by broadcasting request packets containing the IP address on the local network and waiting for the holder of that IP address to respond with a reply containing the equivalent MAC address.

More Info

IP is currently in transition from version 4 to version 6, and the two versions have different address formats. For more information, see “Objective 1.3: Explain the purpose and properties of IP addressing.”

True or false: Packets on a TCP/IP network can have two destination addresses pointing to different systems.

Answer: True. The IP header at the network layer has a Destination IP Address field that always specifies the ultimate destination of the packet. At the same time, the Ethernet header at the data-link layer will have a changing Destination Address field that points to the next intermediary system on the local network, until it finally reaches the ultimate destination network, at which point both addresses will point to the same ultimate destination.

EUI-64

The extended unique identifier-64 (EUI-64) is a 64-bit value that some TCP/IP systems use to form the second half of a 128-bit IPv6 address. The IPv6 address is a network layer structure, but the EUI-64 value for a system is derived from its data-link layer MAC address.

True or false: No two computers can legitimately have the same EUI-64 value in their IPv6 addresses.

Answer: True. The EUI-64 value that makes up the second half of some IPv6 addresses is taken from the system’s MAC address, which, by definition, is unique. Therefore, no two EUI-64 values on different systems can be identical, unless an individual is making a deliberate attempt to spoof the IPv6 address.

More Info

To derive the 64-bit EUI-64 value for an interface, an IPv6 implementation splits the 48-bit MAC address into two 24-bit halves, and takes the two 24-bit values and adds a 16-bit value between them: 11111111 11111110 in binary or ff fe in hexadecimal. Finally, it changes the seventh bit in the OUI—called the universal/local bit—from a 0 to a 1. This changes the hexadecimal value of the first byte in the address from 00 to 02. Therefore, a computer with a network adapter that has a MAC address of 00-1a-6b-3c-ba-1f would have an IPv6 global unicast address with the following EUI-64 value: 021a:6bff:fe3c:ba1f.

True or false: All IPv6 addresses include the system’s EUI-64 value.

Answer: False. Some IPv6 implementations avoid using the EUI-64 value, for fear that it might be possible to track the physical location of a computer based on its IPv6 address.

Frames

The data structures created by the protocols at the various layers of the OSI reference model have different names. At the data-link layer, the structure that a protocol creates when it encapsulates a network layer message is called a frame. The term frame is not used at any other layer.

Unlike the protocols at the upper layers, a data-link layer frame consists of both a header and a footer, which the protocol adds to the data it receives from the network layer. The resulting frame is the final element added to the data packet, which is then ready for transmission over the network.

True or false: A data-link layer frame includes an error detection mechanism.

Answer: True. The frame check sequence (FCS) field in the data-link layer footer contains a checksum calculated by the source computer. Once the frame reaches its destination, the receiving computer performs the same calculation and compares the results to the FCS value. If the two fail to match, then the frame has been corrupted or modified in transit.

Exam Tip

Candidates for the Network+ exam should be familiar with the terminology used for the data units created by the various protocols in the TCP/IP stack. Data-link layer protocols create “frames.” IP, at the network layer, creates “packets.” Connectionless protocols such as UDP, at the transport layer, create units called “datagrams.” Because IP is a connectionless protocol, the term datagram can apply to those data units as well. The TCP protocol at the transport layer creates individual messages called “segments,” which are part of a “sequence.”

True or false: All data-link layer frames include source and destination MAC addresses.

Answer: False. Ethernet frames always include source and destination MAC addresses, but there are data-link layer protocols other than Ethernet that do not. The Point-to-Point Protocol (PPP) is designed for use on wide area network (WAN) connections between systems. Because there are only two systems involved in a WAN connection, there is no need to include addresses in every frame.

Exam Tip

There are several different variants of the Ethernet frame format, the selection of which depends on the version of the Ethernet standard the system is configured to use. The formats are functionally the same, but for systems on the network to communicate, they must all be using the same frame format.

Packets

Although it is often mistakenly used to refer to the entire data structure transmitted over the network, the term packet actually refers to the unit of data carried inside a data-link layer frame. A packet is therefore a network layer structure.

On a packet-switching internetwork, such as the Internet, packets might travel through dozens of networks, with the router for each network stripping off the previous frame and applying its own frame to the data. The packet inside these many different frames remains intact, however.

True or false: Every TCP/IP packet contains a frame.

Answer: False. The packet is the network-layer data carried within the data-link layer frame. Therefore, every frame contains a packet.

Exam Tip

The Network+ exam might also refer to the network layer data unit as a datagram. Technically, a datagram is the data unit created by a connectionless protocol. This is why both IP and UDP generate datagrams. However, because there is no connection-oriented protocol at the network layer, the terms datagram and packet are synonymous in TCP/IP networking.

True or false: Every TCP/IP packet must contain a transport layer datagram or segment.

Answer: False. Packets carrying transport layer data must contain a UDP datagram or a TCP segment, but there are also packets that carry Internet Control Message Protocol (ICMP) data directly within the IP datagram, which do not use UDP or TCP.

Switches

A switch is a data-link layer device that connects computers and other systems together into a LAN. Basic switches consist of a box or a rack-mounted module with one or more rows of female cable connectors. Plugging devices into the connectors enables them to communicate with each other by transmitting packets.

Unlike hubs, switches have intelligence that enables them to determine the address of the device connected to each port. When a unicast packet arrives through any of the switch’s ports, the switch reads its destination addresses and forwards the packet out through the port providing access to the destination system.

True or false: Switches have almost completely replaced hubs on today’s local area networks.

Answer: True. Switches conserve network bandwidth by delivering packets only to their intended recipients. On a hub-based network, every computer must receive and process every packet received by the hub.

More Info

In addition to functioning at the data-link layer, switches can also have network layer capabilities as well. For more information, see “Objective 1.4: Explain the purpose and properties of routing and switching,” and “Objective 2.1: Given a scenario, install and configure routers and switches.”

True or false: All switched networks use a bus topology.

Answer: False. A switch functions as the cabling nexus for a LAN. Each computer has its own cable connecting it to the switch. Switched networks can therefore be said to use a star topology.

Exam Tip

The Network+ exam has, at times, referred to the relatively simple switching devices used in home and small-to-medium office networks as “basic switches.” These are strictly data-link layer devices that do not have advanced features, such as VLANs.

Routers

A router is a network layer component that connects two networks together, selectively forwarding only the traffic that is destined for the other network. Because most large networks today are switched internally, the primary function of routers is to connect LANs to WAN connections.

Routers also have tables containing information about other networks, which enable them to direct incoming packets to their ultimate destinations.

True or false: Splitting a network with a router reduces the amount of broadcast traffic on the network.

Answer: True. Unlike switches, hubs, and bridges, routers do not forward broadcast traffic.

More Info

For more information on routing, see “Objective 1.4: Explain the purpose and properties of routing and switching,” and “Objective 2.1: Given a scenario, install and configure routers and switches.”

True or false: A router must have at least two network interfaces.

Answer: False. By the traditional definition, a router must be connected to two or more networks, so it must have at least two network interfaces. These interfaces can be standard LAN adapters, or any type of WAN equipment. However, with the advent of virtual LANs, there are now routers available with a single interface. Called stub routers or one-armed routers, these devices connect to a switch and route traffic between VLANs.

Multilayer switches

A multilayer switch is an advanced networking device that, in addition to functioning as a standard data-link layer switch, also supports functions associated with other OSI model layers, most particularly network layer routing.

True or false: In addition to the data-link layer, switches can also operate at the network layer.

Answer: True. Advanced switches have the ability to create virtual LANs (VLANs), which are subnets that exist only in the switch. To enable VLANs to communicate with each other, these switches also support virtual routing, which is a network layer process.

More Info

For more information on VLANs and advanced switching techniques, see “Objective 2.1: Given a scenario, install and configure routers and switches.”

Hubs

A hub is a cabling nexus for a LAN using a star topology. Unlike a switch, which is often similar in appearance, a hub is a purely physical layer device. The hub amplifies the signals entering through any of its ports and forwards them out through all of the other ports, creating a shared network medium.

True or false: Hubs can read the destination addresses from the frames arriving through its ports.

Answer: False. Hubs lack any ability to interpret incoming signals. They are electrical devices that manipulate signals at the physical level, but they cannot interpret them.

Exam Tip

Having been largely replaced by switches, hubs are all but obsolete in the networking world today, and are less likely to appear on the Network+ exam than they have on previous iterations of the test.

True or false: Replacing a hub with a switch increases the efficiency of a LAN.

Answer: True. While a hub forwards incoming signals out through all of its ports, switches only forward signals out through the destination port. This conserves bandwidth and provides each pair of computers with what amounts to a dedicated link.

NOTE

A repeater is a device that extends the maximum length of a network cable by amplifying the signals passing over it. Because hubs do essentially the same thing for all of their connected devices, they are sometimes referred to as multiport repeaters.

Encryption devices

The term encryption device refers to any mechanism that employs an algorithm to cryptographically encode data. Encryption devices can be as large as a server or as small as a USB flash drive. Whatever the form of the device, however, the encryption process is carried out at the presentation layer of the OSI model.

True or false: On TCP/IP systems, encryption algorithms are standalone protocols that run at the presentation layer of the OSI model.

Answer: False. There are no standalone presentation layer protocols in the TCP/IP suite. Presentation layer functions, including encryption, are typically incorporated into application layer protocols.

Exam Tip

Unlike the other hardware components mentioned in this objective, there are no dedicated networking components called encryption devices. Encryption is a function that is incorporated into other hardware and software components. Therefore, while the Network+ exam might refer to encryption devices, this is solely for the purpose of testing your knowledge that encryption is a presentation layer process.

Cables

Cables are the physical layer components that form the network medium on most LANs. Depending on the topology, distance, and environmental requirements for the network, LANs use one of the following three basic cable types: coaxial, twisted pair, or fiber optic.

True or false: Coaxial cables are no longer used to build new Ethernet LANs.

Answer: True. Coaxial Ethernet networks require a bus topology, and for various reasons, including cost and ease of installation, this type of cable is no longer used.

NICs

The network interface adapter, also known as a network interface card or NIC, is the hardware implementation of the data-link layer protocol. Virtually all of the NICs sold today are Ethernet, with models available that support various speeds, expansion buses, and cable types.

True or false: Most of the desktop computers manufactured today have an Ethernet network interface adapter integrated into the motherboard.

Answer: True. Ethernet network interface adapters are all but ubiquitous on the motherboards manufactured for desktop computers.

Exam Tip

The Network+ exam might persist in using the term NIC (pronounced as “nick”), even when referring to a network interface adapter that is not actually an expansion card.

True or false: Every NIC has a unique MAC address permanently assigned by the manufacturer.

Answer: True. It is the network interface adapter that has the MAC address assigned to it by the hardware manufacturer, whether the adapter is a separate card or integrated into the motherboard.

Bridges

A bridge is a data-link layer device that splits a LAN in half and selectively forwards traffic based on its destination address. When a packet arrives through one of the bridge’s interfaces, the bridge reads the destination hardware address from the Ethernet header. If the packet is destined for a computer on the other side of the bridge, it forwards the packet out through its other interface. If the packet is destined for a computer on the same side of the bridge from which it was received, the bridge simply discards the packet.

True or false: Installing a bridge on a LAN splits the network into two separate broadcast domains.

Answer: False. Bridges forward all broadcasts to the other side of the network. The address-based filtering they perform is limited to unicast transmissions.

Exam Tip

The Network+ exam objectives still mention bridges, even though the devices are rarely used on today’s networks.

NOTE

Bridges possess a degree of intelligence similar to that of switches. A basic switch is, in essence, nothing more than a multiport bridge.

Can you answer these questions?

Find the answers to these questions at the end of this chapter.

  1. Only one of the items listed in this objective is associated with an OSI model layer other than the physical, data-link, or network. Which is it?
  2. You can build a simple Ethernet LAN with nothing more than a NIC for each computer, a switch, and some cables. Which of those components are associated exclusively with the physical layer of the OSI model?
  3. A multilayer switch functions primarily at which two layers of the OSI reference model?
  4. Which of the devices listed in this objective can split a network into two broadcast domains?
  5. Which layer of the OSI model uses addresses that can be 32 or 128 bits long?
Save to your account

This chapter is from the book

Related resources

There are currently no related titles.