Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Bachelor’s thesis
Degree Programme in Information Technology
2020
Toni Ryynänen
DESIGN AND IMPLEMENTATION OF A SMALL- AND MEDIUM-SIZED TCP/IP ENTERPRISE NETWORK
BACHELOR’S THESIS | ABSTRACT
TURKU UNIVERSITY OF APPLIED SCIENCES
Degree Programme in Information Technology
2020 | 28 pages
Toni Ryynänen
DESIGN AND IMPLEMENTATION OF A SMALL- AND MEDIUM-SIZED TCP/IP ENTERPRISE NETWORK
In the modern era we’re living in, a flawless functionality and security of the IP network are one of the largest concerns of any company that aims to maximize the productivity of their employees. These qualities are achieved surprisingly easily through a proper planning and design process for the internal network infrastructure.
TCP/IP protocol suite is the worldwide standard in networking in today’s world, as it possesses the ability to interconnect hardware and operating systems from different manufacturers and is established the worldwide standard for internetworking. TCP/IP is the foundation of the massive communications network that spreads around the whole earth, the Internet. The main focus of the thesis is to shed light on the functionality of TCP/IP protocol suite and on a few different aspects of designing a smaller scale company network and the solutions generally to be implemented in networks.
This thesis was done partially in conjunction of a project of designing and implementing the internal network of a medium-sized company in Southern Finland.
KEYWORDS:
TCP/IP, Network, Implementation, Design, Reliability, Scalability, Topology
OPINNÄYTETYÖ (AMK) | TIIVISTELMÄ
TURUN AMMATTIKORKEAKOULU
Koulutus
2020 | 28 sivua
Toni Ryynänen
PIENEN JA KESKIKOKOISEN TCP/IP-YRITYSVERKON SUUNNITTELU JA TOTEUTUS
Nykymaailmassa yritysten yksi suurimpia huolenaiheita on IP-verkon virheetön toiminnallisuus sekä turvallisuus. Ne ovat yksi yrityksen toiminnallisuuden ja tuottavuuden tukipilareista. Nämä arvot ovat yllättävän helppo saavuttaa asianmukaisen sisäverkon suunnittelu- sekä kaavoitusprosessin avulla.
TCP/IP protokollayhdistelmä on nykyajan tietoverkkojen perusta ja maailmanlaajuinen standardi, koska yksi sen tärkeimmistä ominaisuuksista on kyky yhdistää eri valmistajien laitteisto ja ohjelmisto tietoverkossa. Tämän opinnäytetyön tavoitteena on tähdentää TCP/IP:n ominaisuuksia ja toiminnallisuutta, sekä sisäverkon suunnittelun eri vaiheita mukaanlukien asioita, jotka suunnitteluprosessin aikana tulee ottaa huomioon.
Opinnäytetyö on tehty osittain asiakasprojektin yhteydessä, jossa Suomessa aloittavalle keskikokoiselle yritykselle suunniteltiin ja toteutettiin täysin uusi verkko.
ASIASANAT:
TCP/IP, IP-verkko, Sisäverkko, Suunnittelu, Toiminnallisuus, Toimintavarmuus, Topologia
CONTENT
LIST OF ABBREVIATIONS (OR) SYMBOLS 6
1 INTRODUCTION 1
2 NETWORK FOUNDATIONS 2
2.1 The OSI Model 2
2.1.1 Structure of the OSI Model 2
2.2 TCP/IP 3
2.2.1 History of TCP/IP 4
2.2.2 Features of TCP/IP 4
2.3 Network Hardware in TCP/IP networks 5
2.4 Functionality of 5-Layered TCP/IP stack 7
2.4.1 Data Encapsulation and Decapsulation Process 9
2.5 Transport Layer (Layer 4) 10
2.5.1 Three-way Handshake of TCP 11
2.6 Network Layer (Layer 3) 11
2.6.1 Internet Protocol Addressing 12
2.6.2 Routing 14
2.7 Data Link Layer (Layer 2) 15
2.8 Physical Layer (Layer 1) 16
3 PLANNING, DESIGN AND IMPLEMENTATION 18
3.1 Understanding the Customer’s Needs 18
3.2 Designing the Topology 18
3.2.1 Basic network topologies 19
3.2.2 Hierarchical network model 22
3.3 Documenting Details of the Network 25
3.3.1 How to Document Your Network with a Network Topology Diagram 25
3.4 Testing and Backing Up before launching Production Networks 26
4 CONCLUSION 27
REFERENCES 28
FIGURES
Figure 1. OSI Model layers and examples of the components contained in them. 3 Figure 2. Layers and Components of the original four-layered TCP/IP Model. 8 Figure 3. A five-layered TCP/IP Model. 8 Figure 4. Illustration of how devices on TCP/IP layers interact with each other 9 Figure 5. Bus topology 19 Figure 6. Star topology 20 Figure 7. Ring topology 20 Figure 8. Full mesh topology (left) and partial mesh topology (right). 21 Figure 9. Tree topology 22 Figure 10. Layers of Hierarchical Network Model 23 Figure 11. Collapsed core design 24 Figure 12. A network topology summary diagram of a Local Area Network 26
LIST OF ABBREVIATIONS (OR) SYMBOLS
Abbreviation Explanation of abbreviation (Source)
TCP/IP The Internet Protocol suite that consists of several different
communications protocols, most importantly TCP and IP.
TCP Transmission Control Protocol
IP Internet Protocol
ARPANET Advanced Research Projects Agency Network
UDP User Datagram Protocol
DCCP Datagram Congestion Control Protocol
ICMP Internet Control Message Protocol
IGMP Internet Group Management Protocol
IPsec Internet Protocol Security – a protocol that authenticates and
encrypts packets for secure communication over an IP
network.
ISP Internet Service Provider - A company supplying internet
connection through their infrastructure.
VoIP Voice over IP – Technologies for voice communication and
multimedia sessions over IP networks.
OSI Model Open Systems Interconnection Model – A conceptual model
that standardizes telecommunication between computing
devices without considering the properties of the actual
techonogies.
PDU Protocol Data Unit – a generalized name for data packets on
different layers of the OSI Model.
Packet A generalized name for formatted unit of data which is carried
over a network.
VPN Virtual Private Network – A private encrypted connection
between points traversing through public ISP network.
L2L VPN LAN-to-LAN VPN – A Virtual private network traversing from
one site to another.
Telnet (TN) A protocol that allows accessing a computer virtually in a two-
way channel between two machines, allowing the creation of
remote sessions.
TCP Flags TCP flags indicate state of connection or provide details
about the transferred packets.
TCP SYN TCP Synchronization flag, used in establishing a reliable
connection between devices in three-way handshake
method.
TCP ACK TCP Acknowledgment flag, used to acknowledge packets
received.
NIC Network Interface Controller – hardware component that
connects a device to a network.
MAC Address Media Access Control address – unique and permanent 48-
bit identifier that each NIC has which is presented in
hexadecimal.
LAN Local Area Network – a group of devices on the same
physical network
WAN Wide Area Network – a network that spans a large
geographical area
VLAN Virtual LAN – A logical group of devices possibly on separate
physical LANs.
LSA Link State Advertisement – A packet used in OSPF routing
protocol to advertise link states to neighboring routers.
NGFW Next Generation Firewall – A common term for a modern
firewall that performs layer 7 application control
IPv4 Internet Protocol version 4
IPv6 Internet Protocol version 6
DHCP Dynamic Host Configuration Protocol – a network
management protocol used on IP networks where a DHCP
server assigns end devices network configurations such as
IP addresses.
IoT Internet of Things – concept of connecting all possible
devices in a household to the internet
1
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
1 INTRODUCTION
This thesis is inspired by a project of building a completely new network from scratch for
a medium-sized company in Southern Finland.
The thesis aims to objectively describe the basic functions of Transmission Control
Protocol and Internet Protocol, better known as TCP/IP protocol stack. The first chapter
of the thesis is laying foundation on the basic structure and functionality of a TCP/IP
network by expanding on some of the more important core concepts of TCP/IP
networking, as well as shortly about the history of TCP/IP networking. In the second
chapter I am examining the views I learned about planning and designing a network
during the project, as well as implementation and maintenance of a network. Best
practices and details of the planning, designing and implementation process of a TCP/IP
network are briefly covered in the second chapter of the thesis. These measures ease
explaining and helping any reader fully understand the reasoning behind some of the
decisions during the network planning and designing process without having previous
experience in networking topics.
2
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
2 NETWORK FOUNDATIONS
The first chapter is aiming to provide plentiful basic information of vital concepts in
TCP/IP networking to help the reader understand the overall complexity of an IP network
without any previous knowledge of the topic. This way it will be a lot easier to understand
the reasoning behind decisions made during the network planning, design and
implementation phases.
2.1 The OSI Model
The Open Systems Interconnection reference model, better known as the OSI Model, is
a seven-layered reference model that describes the operations of different components
and protocols in a communications network. Originally conceived in the late 1970s by
the International Organization for Standardization (ISO), the OSI model reached its final
form in 1984 when ISO published the “ISO 7498” standard (Shaw, 2018).
2.1.1 Structure of the OSI Model
The Open Systems Interconnection model is a seven-layered reference model. Each of
the layer is promptly named to describe its function in the overall picture. Each layer
transfers data to the next layer in order, and they do not operate in parallel to each other.
The OSI model can be referenced to top-down from Layer 7 towards Layer 1 or from
Layer 1 up towards Layer 7. In this thesis, it is referenced top-down because it represents
the flow of the communication from the end-user towards the network medium. Table 1
below presents a brief summary of the layers of the OSI model and examples of the
systems or protocols that each layer contains.
3
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
Layer Name Components and
Protocols
7 Application WebSocket, HTTP, FTP,
Telnet, SMTP
6 Presentation TLS, SSL, ASCII,
5 Session Sockets, NetBIOS, SAP
4 Transport TCP, UDP, DCCP
3 Network IP, IPsec, ICMP, IGMP,
OSPF, IS-IS
2 Data Link
PPP, ARP, NDP, Fibre
Channel, Frame Relay,
IEEE802.11
1 Physical Ethernet, RS-232, RJ45,
1000BASE-T,
Figure 1. OSI Model layers and examples of the components contained in them.
Each layer of the OSI Model represents a group of protocols that operate on the same
level of the network. It is often used as a quick reference to a certain point of the network
during a troubleshooting process when trying to trace the data transportation in the
network. It can also be utilized easily to pinpoint a certain section of the network
framework to any network professional when describing functions of devices and
protocols, because it’s a known standard worldwide.
2.2 TCP/IP
TCP/IP protocol suite is the backbone of modern networking. On different layers of
TCP/IP stack, application data is being packed, unpacked and repacked for smooth flow
of communication. It is a collection of communications protocols that enables devices to
communicate across networks regardless of the hardware or the operating system.
TCP/IP protocol suite consists of several different protocols, Transmission Control
Protocol and Internet Protocol being the main components.
4
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
2.2.1 History of TCP/IP
TCP/IP Protocol suite was designed by Robert Kahn and Vinton Cerf in the early 1970s
as a successor to ARPAnet protocol called Network Control Protocol. ARPAnet was the
precursor of the Internet. ARPAnet was created by Advanced Research Projects Agency
(ARPA) during the ‘Cold War’ -era as a secure network for military communications in a
possible nuclear warfare scenario (Thomas, TCP/IP Introduction 2020). The protocol to
direct traffic in the ARPAnet was called Network Control Protocol (NCP). As the ARPAnet
was growing larger and larger, the NCP couldn’t sustain the demands of the network.
For that reason, the development of TCP/IP began and in 1974 Robert Kahn and Vinton
Cerf first published a paper “A Protocol for Packet Network Interconnection”, which
introduced the idea of Transmission Control Protocol (TCP). Kahn and Cerf took after a
French research network CYCLADES which utilized the concept of packet switching.
They took the core concepts from project CYCLADES and baked it into their own
protocol. (“Complete History of the TCP/IP Protocol Suite”, 2020). After more
development and testing, TCP/IP eventually ended up replacing the Network Control
Protocol altogether in 1983 (Thomas, 2020). After pioneering its way through ARPANET
era, TCP/IP has become one of the most widely used protocols in the world (Tim Keary,
The Ultimate Guide to TCP/IP 2018). Vinton Cerf and Robert Kahn went on to win the
Turing award in 2004 for their pioneering work on internetworking and the development
of TCP/IP (Association for Computing Machinery, A.M. Turing Award Recipients, 2020).
2.2.2 Features of TCP/IP
Some of the key features of the TCP/IP protocol suite are the reason why it grew so
popular over the years. As it has grown to be a standard of the industry, it is utilized by
most of the hardware and software vendors. This multi-vendor support enables fluent
interoperability between devices using distinct hardware or operating systems, meaning
i.e. that using TCP/IP a user on a Windows -device can just as easily connect with a
Unix-server as to a Windows-server. (Thomas, TCP/IP Introduction, 2020). Craig Hunt
(2002) states that “Because it is so widely supported, TCP/IP is ideal for uniting different
hardware and software components, even if you don’t communicate over the internet”.
5
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
The logical addressing in TCP/IP protocol stack is better known as the IP Address. This
feature is a cornerstone of dividing large networks into smaller networks by subnetting.
Subnetting is a key element of connecting a vast number of networks together and still
being able to have messages traverse fluently through the entire network.
The data transfer of Transmission Control Protocol is considered a reliable way of
transferring the data. The recipient of TCP packets always confirms that the data has
been reliably transferred by checking the checksum of a TCP header. If the packet
doesn’t pass the check, the recipient will not return the sender an acknowledgement of
receiving the packet. This way the sender has to assume, that the recipient has not
received the packet and will resend the packet that was lost on the way. If not receiving
the acknowledgment message after several attempts, TCP assumes that the recipient is
unreachable (Kowalczyk, TCP/IP Protocols 2020).
2.3 Network Hardware in TCP/IP networks
An entirety of a network consists of a wide variety of different types of physical network
hardware. Their functions are shortly summarized in this subchapter and are further
described layer-specifically in later subchapters.
Routers
Routers are layer 3 devices utilized at network edges to direct packets from one network
to another. Routers utilize routing tables to determine the most efficient ways to route
packets into their destination networks. Static routes can be configured in routers, but
routers also utilize various dynamic routing protocols to determine the most efficient
routes. This is due to the continuously changing network infrastructures and certain
connections being unavailable at times. Dynamic routing protocols can maintain up-to-
date routing information to be able to choose the most efficient paths to destination
networks even when a previously used path becomes unavailable.
6
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
Switches
Switches are generally utilized within a local area network performing layer 2 packet
switching, directing packets to correct end devices within the network. Switches utilize
the Media Access Control (MAC) addresses of the end devices connected to the switch
to determine which host the specific switchport is connected to. Switches keep a
database of these combinations of MAC addresses and switchport and direct incoming
packets based on the information in these MAC address tables.
Since modern switches combine and enhance the functions of older layer 2 devices,
switches have replaced deprecated layer 2 devices such as hubs and bridges completely
in modern networks.
Access Points
Access points are devices that are used to create a wireless entry point to the network
for end devices such as laptops or mobile devices. This is called a wireless LAN (WLAN).
Standard wireless access points are usually directly connected to a switch or a router in
the network. To optimize wireless coverage, several wireless access points are often
required to blanket a larger area with wireless coverage. In many cases several wireless
access point across a building can be clustered into a single entity for easier
configuration and deployment.
Firewalls
Firewalls are devices that are utilized to manage the access and communications in an
out of networks. Firewalls are traditionally used for layer 3 packet filtering based on IP
addressing, port numbering and protocols used for communications. These are
commonly called network firewalls. Layer 4 firewalls add the capability of tracking active
connections and deciding whether to allow traffic based on the states of connections.
More modern iterations of firewalls, also commonly known as New Generation Firewalls
(NGFW), are applying policies to also layer 7 regarding communications of specific,
defined applications through the network. This type of approach is generally called
application firewall. Layer 7 firewalls address issues that layer 3 firewalls have regarding
7
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
lack of protocol awareness (Morello, 2020). As an example, because HTTP is a universal
web application protocol, a layer 3 firewall might just allow all traffic to port 80, leaving
the network open to vulnerabilities and exploitations within the application layer. A layer
7 firewall can address these issues by investigating the app layer and allowing traffic on
further information regarding the requests, not just port information (Morello, 2020). For
maximum security to counteract as many threats as possible, a network should be
utilizing both layer 3 and layer 7 firewall functionalities.
End Devices
End devices are a broad category of devices that are connected to the network through
the access layer of the network. End devices are either the end or the starting point of
data transmission in a network, connected to the network either wired or wireless.
Examples of end devices would be all computers, workstations, servers, laptops, mobile
phones, VoIP phones, security cameras, handheld devices such as scanners or credit
card readers. The list of end devices is long, with the concept of Internet of Things
constantly expanding the category.
2.4 Functionality of 5-Layered TCP/IP stack
The functionality of TCP/IP is best described by chopping it into several layers. Referring
to the OSI Model, TCP/IP protocol suite condenses the seven layers into four of the
layers, thus it was originally considered to be a 4-layer system (Stevens & Wright, 1994).
In a modern TCP/IP model, the bottom-most layer is divided into separate physical (layer
1) and datalink layers (layer 2), making it a 5-layer model. The OSI reference model has
been utilised to a great extent when developing TCP/IP protocol suite which is partial
reason to why a lot of the terms associated with OSI Model are also associated with
TCP/IP (Thomas, 2020).
The four above-mentioned layers are Application Layer, Transport Layer, Network Layer
and Data-link layer. Below table shows which protocols and components operate on
which layer of the TCP/IP model.
8
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
Layer Name Notes
4 Application layer DNS, HTTP, Telnet, SSH, FTP,
TFTP, SNMP, SMTP, DHCP
3 Transport layer TCP, UDP
2 Internet layer IP, ICMP, IGMP, ARP
1 Network Interface layer Ethernet, X.25, Frame Relay
Figure 2. Layers and Components of the original four-layered TCP/IP Model.
The newer, more modern 5-layered version of the TCP/IP model divides the network
interface layer into separate physical (layer 1) and datalink (layer 2) layers, where the
layer 1 is purely responsible for the transfer of bits from an end device to another in the
network as streams of bits (Thomas, 2020).
Layer Name Short Description
5 Application layer
Provides the protocols and interfaces for end
users. Data from application layer is passed
down to transport layer.
4 Transport layer
Encapsulates data from Application layer for
outgoing transmission, using primarily TDP and
UDP as transmission protocols.
3 Network layer Encapsulation of IP addressing and delivery of IP
datagrams over a network.
2 Data Link layer Encapsulates outgoing IP datagrams into
Ethernet frames
1 Physical layer
Converts an Ethernet frame into stream of bits
over a transmission medium as electrical signals,
radio waves or light signals.
Figure 3. A five-layered TCP/IP Model.
In the following subchapters the functions of each layer of the TCP/IP model are
described to pinpoint specify each layer’s function in data transfer and the components
and protocols that they populate. The five-layered model is nowadays the standard
9
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
model for TCP/IP and is being used here to better describe the functions of the TCP/IP
-stack because it provides a more accurate overall picture of the operation of the protocol
stack as a whole.
2.4.1 Data Encapsulation and Decapsulation Process
The basis of the layered model of the TCP/IP stack is encapsulation and decapsulation
of the data while traversing the layers of the protocol stack. Generally, when moving data
from a higher layer to a lower layer, each layer adds something new to the pre-existing
data by encapsulating the original protocol data unit (PDU) with a header or a trailer that
includes new data and forms a new type of PDU. At the recipient device the process is
done in reversed order, decapsulating the headers one by one to access the data stored
in the packet.
Figure 4. Illustration of how devices on TCP/IP layers interact with each other
Application Layer (Layer 5)
The application layer is the top-most layer of the TCP/IP stack model which facilitates
the user interface for sending data between devices and applications. It includes all the
functions of the OSI Model’s layers 5 to 7; application, presentation and session layers.
10
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
The application layer facilitates all the applications in addition to the protocols that are
being used in conjunction to them (Thomas, 2020). Some of the most common protocols
that function on the application layer are Telnet, HTTP, FTP, DNS, DHCP and SMTP.
While the application layer protocols are very important for multiple reasons, there is not
much to be considered regarding the application layer while designing a network.
2.5 Transport Layer (Layer 4)
Transport layer is the second-uppermost layer of the TCP/IP model. It is the layer that
facilitates the protocols that are responsible for initially encapsulating data from the
application layer for outgoing transmission and decapsulating data for incoming
transmission. The protocols that encapsulate data on the transport layer are
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). These two
protocols perform the same operation; they transfer the data through the network to
another device. They perform the operation in different ways, therefore one or the other
is the preferred method of data transfer for certain applications and services. TCP is
considered a reliable protocol, because it establishes a virtual end-to-end connection to
the endpoint by performing a three-way handshake. Before passing the data to the
network layer, TCP divides the data into smaller, more easily transferable data units
called segments, which are transferred separately to the destination and reassembled
into readable form. UDP is a connectionless protocol that encapsulates the data into
UDP datagrams that contain a source and destination ports, datagram length and a
checksum, then passes the datagrams to the network layer for transfer without any error-
checking or assurances that the data was received. Both of these protocols utilize ports,
which is a concept that allows to differentiate network communications between different
applications and protocols. A network port is a certain 16-bit numerical value that is
assigned to an application or a service running on the computer. The values of these
ports range from 0 to 65535. Port numbers 0 to 1023 are called well known ports, which
means that they have been assigned to specific services by Internet Assigned Numbers
Authority (Cotton et al., 2011). In addition, ports 1024 to 49151, also assigned by IANA,
are called registered ports, which means that they can be registered for a specific
application or service at the IANA (Cotton et al., 2011). The remainder of the ports, 49152
through 65535 are called dynamic ports (also known as Ephemeral ports), which are
temporary ports and can be freely used by any application.
11
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
2.5.1 Three-way Handshake of TCP
The three-way handshake of Transmission Control Protocol (also known generally as
TCP-handshake) is a method performed by TCP to establish a reliable connection
between devices for transferring data. In this method the initiating client sends a TCP
segment to the destination with a SYN flag (Synchronization) set to 1 and all the other
TCP flags set to 0. Other contents that the TCP SYN-request includes are the sequence
number, source and destination IP addresses, and source and destination TCP port
numbers (Thomas, 2020). By receiving this TCP segment, the destination device
recognizes that the initiator wants to establish a connection to the destination. The
second step after receiving the SYN request from initiator, the destination device replies
with a TCP SYN-ACK (synchronization-acknowledgement) packet. This means that in
addition to the TCP SYN flag being set to 1, the ACK flag (Acknowledgment) is also set
to 1. In addition to the contents of the SYN packet, SYN-ACK packet includes an
acknowledgement number. In the final third step of the three-way handshake, the initiator
sends an ACK-packet to the destination with the previously established sequence and
acknowledgement numbers. The SYN flag in this packet is set to 0 and the ACK flag to
1. Once the destination device receives the ACK-packet, the TCP connection between
these two devices is established and they can communicate with each other reliably for
data transfer.
2.6 Network Layer (Layer 3)
The network layer of the TCP/IP stack is the layer where Internet Protocol, IPv4 and
IPv6, operate on. Along with Internet Protocol the important protocols operating on the
Network layer are Internet Control Message Protocol (ICMP), Internet Group
Management Protocol (IGMP), Address Resolution Protocol (ARP) and Reverse
Address Resolution Protocol (RARP).
As data encapsulated by a transport protocol (TCP or UDP) is passed to the network
layer as a TCP segment or an UDP datagram, the IPv4 or IPv6 protocols are
encapsulating the segments or datagrams respectively with IPv4 headers or IPv6
headers into network packets that contain the previously added TCP/UDP headers and
the newly added source and destination IP addresses. These addresses enable an
12
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
important network function called routing, which means that layer 3 networking devices
such as routers direct the packets to correct recipients in a remote network.
2.6.1 Internet Protocol Addressing
Internet Protocol addressing is one of the cornerstones of communicating outside of the
local network and layer 3 routing would not be possible to accomplish without proper
addressing. IP addressing is a logical addressing system utilized by Internet Protocol on
layer 3 communications, assigning a unique identifier for a device on a network. These
unique addresses are utilized by the layer 3 network devices for routing traffic from one
network to another. IP addresses are manually configurable or automatically assigned
to end devices by a network management protocol called Dynamic Host Configuration
Protocol (DHCP).
Since its publishing in 1981, IPv4 (Internet Protocol version 4) has set the standard for
Internet Protocol addressing. It is followed by its successor, the most recent version of
Internet Protocol, IPv6 (Internet Protocol version 6) which was developed in the mid-
1990s due to the inevitable global exhaustion of IPv4 addresses. In modern networks,
IPv4 and IPv6 are often both utilized, and devices can simultaneously have both IPv4
and IPv6 addresses.
Internet Protocol version 4
While IPv4 is already nearly a forty-year-old technology, it still routes majority of today’s
global internet traffic. IPv4 addresses are 32-bit binary addresses that are most
commonly expressed in a dotted decimal format, x.x.x.x, in which each x represents an
eight-bit binary number known as an octet, each of them having a value between 0 and
255. As example, 192.168.178.1 is an IPv4 address expressed in it’s dotted decimal
format, while it in binary form actually is 11000000.10101000.10110010.00000001. The
dotted decimal format is used mainly for simplicity, for humans to read and configure
while all the actual interactions in the network are happening in the binary format. The
address has two dynamic parts, network part and host part. A subnet mask is a value
that defines which bits of the 32-bit address belong to the network part and the host part
of the IP address, i.e. an address with subnet mask 24 has 8 bits left in the host part.
Subnet mask is often indicated as a prefix after an IP address, such as 192.168.178.1/24.
13
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
IPv4 addresses are assigned to each NIC in a network including links on layer 3 devices
such as routers. These addresses are used to deliver packets over networks by layer 3
protocols that are discussed in chapter 2.7.2.
IP addresses are divided in classes depending on their capability of containing host
addresses. These are called Class A, Class B, Class C and Class D addresses. Class A
addresses are big chunks of networks where only 8 bits belong to the network part,
leaving 24 bits in the network part, resulting in 127 networks with over 16 million available
addresses within the Class A network. Class B addresses have 16 host address bits,
producing 16,384 different networks with 65,534 hosts in them. Class C addresses are
commonly used for small scale networks, having only 8 host address bits, producing
about 2 million networks with 254 possible host addresses within them. Class D
addresses are mainly reserved for multicasting, which is a technique of sending packets
from one device to many destination devices. Class D IPv4 addresses cannot be
assigned to be successfully used in end devices.
Internet Protocol version 6
IPv6 was developed in the mid-90s because it came to common understanding that the
IPv4 address range is inevitably going to exhaust eventually, leaving future devices
without any viable IP addresses. While IPv4 addresses have a 32-bit address space,
IPv6 has a 128-bit address space, making it virtually impossible to exhaust. IPv6 also
specified a new packet format that helps to minimize packet header processing by
routers (Thomas, 2020).
IPv6 are expressed in hexadecimal numbers because they are so much longer than IPv4
addresses. One hexadecimal number represents 4 bits and they are grouped in 8 blocks
of 4, so an example of an IPv6 address looks like
2001:0000:9d38:6ab8:1c48:3a1c:a95a:b1c2. Since IPv6 addresses are so long, there
are a few methods to shorten them. Long series of 0s can be omitted as a single 0, in
the above-mentioned address being 2001:0:9d38:6ab8:1c48:3a1c:a95a:b1c2. If there
are several subsequent blocks of only series of 0s, they can be replaced with a double
colon. An address 2001:0db8:0000:0000:0022:f472:ff2a:ab99 would be
2001:0db8::0022:f472:ff2a:ab99.
14
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
IPv6 has several functions distinct from IPv4, but the usage of IPv6 addresses works
practically in the same way as IPv4 addresses.
Subnetting
Subnetting is a concept of preventing the waste of IP addresses and reducing network
congestion by chopping IP address spaces into smaller sections. Subnet is plainly a
smaller set of addresses within a Class A, B or C address. Subnetting is performed by
converting the decimal value of the address into binary and then “borrowing” bits from
the host portion to create subnets. Borrowing bits from the host portion into the network
portion reduces the amount of IP addresses within the subnet, allowing less of them
going into waste. This way for example an address block of 254 IP addresses can easily
be split into several smaller blocks with less hosts, leaving the rest of the addresses
easily usable for other parts of the network.
2.6.2 Routing
Routing is a layer 3 function which is responsible for forwarding packets from one
network to another as IP packets. Routing is performed by layer 3 network devices,
primarily on routers and occasionally on multilayer switches. Simply explained the
process of routing has one objective, which is getting a packet from source point to a
destination point. Routers are the gateway devices on edges of local area networks and
their purpose is to direct packets towards their destination. Routers maintain a routing
table, which is a dynamic data storage containing information about all the known
destination networks, the next hops towards the specific network destinations and
metrics that determine the quality of the route towards the network. Static routes can be
configured into the router by system administrators to add specific routes to the table. In
addition, routers gather and share information about routes to different networks between
each other by utilizing routing protocols, for example such as OSPF, EIGRP, BGP or IS-
IS. Routers usually always have also a default route configured to them, so they can
direct packets towards the default route if the destination network for a packet is not
included in the routing table of the router.
15
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
Routing Protocols
The objective of different routing protocols is collectively the same. The goal is to have
every router in the network have an up-to-date information concerning the routes to all
the destinations available. Routing protocols are divided in two primary categories,
distance vector protocols and link-state protocols. Distance vector protocols share their
routing table to all of the directly connected routers at intervals to update information
about routes being available or unavailable (Wilson, 2010). Examples of widely used
distance-vector protocols are EIGRP and BGP.
Open Shortest Path First, better known as OSPF, is one of the most widely used link-
state routing protocols. Link state protocols allow a router to observe the states of links
in the whole network by sharing information about the router itself and its directly
connected links to its peers. This information is passed along the network in packets
called Link State Advertisements (LSAs). This way all the routers in the network have
an up-to-date image of the route map in the whole network and can calculate the best
paths towards a destination network.
2.7 Data Link Layer (Layer 2)
The data-link layer is theoretically divided into two sublayers; Logical Link Control (LLC)
and Media Access Control (MAC). Logical link control is considered the upper sublayer
of the data link layer as it functions as a software-implemented interface between the
network layer and physical data link medium. The data link layer is responsible for
converting the IP datagrams arriving from the network layer into ethernet frames. In the
encapsulation process, the pre-existing IP header, TCP header, and the data from upper
layer protocols are encapsulated most importantly with source and destination Media
Access Control (MAC) addresses. These addresses are used by layer 2 network devices
such as switches to determine which device to deliver packets to in a Local Area
Network. In addition to the MAC addresses, ethernet frames consist of a preamble (7
bytes), start of frame delimiter (SFD, 1 byte), a type indicator (2 bytes), payload data
(minimum of 46 bytes and up to 1500 bytes), and a frame check sequence (FCS, 4
bytes). The preamble and start of frame delimiter are a sequence in format of
16
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
1010…10101011, which is used for synchronization between the frame sender and
receiver and to recognize a new incoming frame by the receiving device.
Data Link Layer Switching
Data link layer switching is a layer 2-equivalent function of routing. Data link layer
switching is primarily carried out by layer 2 or multilayer switches in modern networks.
The difference is that whereas routers route packets based on IP addressing, in layer 2
switching the devices do not examine nor utilize the IP addresses of the packets. In data
link layer switching forwarding frames from a switchport to another happens only within
a Local Area Network, using the device-specific MAC addresses to determine which port
to forward the ethernet frames to.
Layer 2 and multilayer switches generate tables that contain information about the MAC
addresses of the devices connected to them in the network. The table includes also
information about the type of the link (whether it’s an assigned static MAC or a dynamic),
which switchport the mac address is associated with and the Virtual Local Area Network
(VLAN) associated with the MAC. The same MAC address may have several entries in
the MAC address table indicating that it exists in several different VLANs in the network.
Whenever the switch receives frames, it examines the source MAC address information
of the frame to add new information to add to the table. By populating the MAC address
table, the switch learns which ports to forward frames to. If the destination MAC address
of the frame is not in the MAC table, the switch will forward the frame into every port
except the port where the frame arrived from.
2.8 Physical Layer (Layer 1)
Physical layer is the concrete layer of medium that is responsible for transferring the
stream of bits passed from data layer as electric signals from the sending computer to
the destination computer. Common ways of transferring the data between the computers
are twisted cable pairs or optic fibre connections. Twisted pair cables have several
internal twisted pair wires wrapped into a coating and a RJ45 (Registered Jack 45)
connector attached in both of the ends of the cable, making them capable of being
plugged into the ethernet network interface card’s ports. RJ45 is a common standard
used widely in almost all network devices. Ethernet cables are categorized based on
17
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
their performance into several categories, the current highest performing category being
Category 8 ethernet cable.
Fibre optic cables are data transferring medium that utilize pulses of light instead of
electric signals to transfer data through the cable. Each side of the cable has a
transceiver and a receiver attached to send and receive the lights (Thomas, 2020). Fibre
optic cables allow the highest possible bandwidth compared to twisted copper pairs and
allow a longer cable length. Usage of optic fibre also eliminates electrical interference
and noise that can disturb data transfer on twisted pairs from the electric signals. The
limiting factor on using optic fibre cables for all data transferring is that it can be damaged
rather easily, and it cannot be bent much, causing it to be difficult to install into certain
structures inside buildings. Optic fibre is also still rather expensive to install compared to
copper cables and requires training to install. All in all in this category, all ethernet and
serial connections and physical network interface cards are a part of the physical layer.
In addition, wireless connections that transfer data as radio wave signals are a part of
the physical layer.
18
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
3 PLANNING, DESIGN AND IMPLEMENTATION
The design process is the most crucial part of planning the structure of a network. Most
of the pitfalls of a flawed network can be avoided with proper design, planning and
documentation of the network.
3.1 Understanding the Customer’s Needs
The design for the structure of a network should always be based on the needs. It is at
utmost importance to set up meetings with the customer to get immediately on the same
page about the requirements for their network. Predetermining a floor plan for the
network’s destined building will ease the implementation process by far by being able to
determine optimal spots for switching cabinets and figuring out where to place access
points for optimizing wireless coverage throughout the building. Seeing the dimensions
and materials of the building is also helpful in determining the cabling requirements for
implementing the network and seeing which links are viable for fiber optics for faster data
transfer.
It is important to discuss approximately how many end devices the network needs to be
able to house initially and how likely it is for the network to need upscaling soon. In
addition to the capacity of the devices, different services such as internal VoIP usage,
surveillance systems or control systems might require special consideration when
constructing the IP network.
3.2 Designing the Topology
When designing the topology, one should know the basics of network topologies to begin
with. The network topology means the way the network devices are sorted within the
network, and it can be presented in two ways: a physical topology or a logical topology.
The difference between physical and logical topology is quite distinct. The purpose of
physical topology is to illustrate the pattern how the physical devices are interconnected
and placed, including cablings between devices. Having a physical topology gives a
rough image of the actual placement of the devices and the distance of the cabling
19
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
between them. Logical topology is a construct that reflects the communication between
the devices and the data flow within the network. While logical topology does not
consider the physical distance of the devices, it gives more attention to the device details
and the protocols that control the flow of the data in the network.
3.2.1 Basic network topologies
Basic network topologies include topologies such as bus topology, star topology, ring
topology, mesh topology, tree topology or hybrid topology.
A bus topology is a topology that consists of a main cable, where all nodes are linearly
connected to. While bus topology is rather easy to install and maintain, it is susceptible
to collisions if the computers connected try to communicate simultaneously. Also, the
entire network will be unable to operate if there are any issues on the main cable.
Figure 5. Bus topology
A star topology is a topology where all the nodes are connected to a centralized network
device such as a switch. It requires more cabling than a bus topology, but as an
advantage it is a lot easier to pinpoint the point of fault when having network issues on a
certain end device. Also when the connection of one device fails, the rest of the network
is unaffected by the issue.
20
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
Figure 6. Star topology
In a ring topology all the devices of the network are connected in a circular loop, where
each device in the network is connected to two others to form the full loop. The data
travels through all devices in the network but in only one direction. Adding devices to a
ring topology is not burdensome and the data transmission speed between nodes can
be optimized well. While the chance of data collision in ring topology is very low, the
whole network is impacted if one node shuts down.
Figure 7. Ring topology
Mesh topology is a redundant type of topology where the network devices are
interconnected to each other. A mesh topology can be either a full mesh topology, where
every single device in the network is connected to all the others. Mesh topology can also
21
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
be partial mesh topology meaning that not every single device is connected to each
other, but interconnectivity exists in the network. The main purpose of a mesh topology
is the redundancy and fault tolerance. If a single point of the network fails, there are still
multiple paths for the data to travel through and it is ultimately rare to have the whole
network fail. Managing a full mesh topology in a large network can be very troublesome
and gets expensive quickly in cabling costs when several devices are added to the
network. In addition, in a large full mesh topology, troubleshooting an issue is often a
very long and tedious process. A partial mesh topology is a good way of reducing costs
of the network but still maintaining some of the redundancy provided by mesh topology.
Figure 8. Full mesh topology (left) and partial mesh topology (right).
Tree topology is a type of hybrid, hierarchical network structure that looks like a tree,
starting from a backbone device that splits into several branches that eventually facilitate
the end devices. A tree topology is great for scalability for larger networks because it is
easy to add new devices into branches to make space for more hosts. While a tree
topology upscales very easily, it is also very expensive to implement especially when
taking redundancy solutions into consideration. Without proper redundancy measures,
the backbone node poses a great risk as a point of failure, because the whole network
depends on it. A tree topology should rarely or never be considered for any smaller scale
networks because of the building costs and because it is in most cases not necessary if
there are not several branches required for the network.
22
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
A tree topology consists of a combination of a star topology and a bus topology; thus, it
can be considered a hybrid topology.
Figure 9. Tree topology
A hybrid topology is a topology that has several types of topologies combined within one.
Common examples of a hybrid topology are a Star-Bus topology or a Star-Ring topology,
but a hybrid topology can be implemented using any of the existing topologies. Building
a hybrid topology is a great way to improve the network’s efficiency, make it more reliable
and redundant and to boost the network’s scalability. Designing a hybrid topology takes
substantially more effort and time and the implementation, such as installation and
configuration needs to be precisely planned. Hybrid network topologies often turn out to
be larger scale networks, so managing the costs of the network is a crucial part of the
design process as well.
3.2.2 Hierarchical network model
The hierarchical network model is a conceptual model for designing modern networks
while keeping in mind qualities such as scalability and costs of implementing the network.
Hierarchical network model is one of the core concepts of modern enterprise network
design, because utilizing it is the best way to reach crucial network qualities such as
23
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
hierarchy, modularity, resiliency and flexibility, defined by Cisco (Cisco Networking
Academy, 2016).
The base principle of hierarchical network model is that there are three separate
functional layers: core layer, distribution layer and access layer. The model follows a
strict hierarchy, beginning from the core layer on the top of the model.
Figure 10. Layers of Hierarchical Network Model
24
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
The core layer is considered the backbone of the network, as it is connecting the network
WAN edge routers to distribution devices on site. The core layer consists mainly of fast
layer 2 or multilayer switches that are designed to provide a rapid data transmission
within the network. The core layer is a critical point of failure for the network, so
redundancy measures must be in place to redirect traffic in case of a link failure to ensure
the continuity of the data transmission. Distribution layer acts as the separation point of
access and core layers, providing redundancy for both, the core and the access layer
devices. Distribution layer devices can also provide services to both core and access
layers such as route summarization and route filtering. The access layer is the entry point
into the network, allowing network access for all end devices. The access layer is most
commonly implemented as a layer 2 switching environment that can use virtual local
area networks to segment the local area network.
In many cases when the network is not projected to grow large over time a two-tier
collapsed core design is implemented. Two-tier collapsed core means practically that the
distribution and the core layers are merged. The main purpose of using a collapsed core
design is to minimize the costs of the network in exchange of the redundancy and
services provided by the separate collapsed core layer.
Figure 11. Collapsed core design
25
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
3.3 Documenting Details of the Network
From the very beginning, documenting every device added to the network in a network
diagram is massively beneficial for keeping the topology clear and untangled. It might
not feel impactful in a smaller scale networks with only a few devices on them. Scalability,
the ability to fluently increase the capacity of the network, is one of the biggest impact
factors in a company network, where sudden and rapid growth might be required at a
certain point in time. When this growth happens, having up-to-date network diagrams is
vital for keeping track of the flow of data in the network. This becomes especially handy
in any troubleshooting situations when something is not functioning as intended. Being
prepared for the worst-case scenario with your network documentation is almost always
a way to avoid ending up in the worst-case scenario altogether.
In addition to having a network diagram, it is always highly recommended to keep an up-
to-date document of the device models, IP addresses and used interfaces in the network
separately. Descriptions for each device’s used links and their destinations should be
included.
3.3.1 How to Document Your Network with a Network Topology Diagram
The network topology diagram illustrates the size, shape and structure of the network.
When documenting a network with a network diagram, two key features are clarity and
simplicity. A network diagram should be easy to read and the components should be
easily distinguishable from each other. The network diagram should always contain the
most important information about the devices included in the network, such as the host
name and the model of the device and the management IP address for remote access.
Including physical links between all devices in the network diagram can ease
troubleshooting when having network issues or issues with specific end devices.
Having all information on one diagram might be challenging and get messy very easily.
For that reason, it is advisable to split a network diagram into several pages including
layer 2 and layer 3 information separately, such as VLANs and routing protocol
information within the network.
26
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
Figure 12. A network topology summary diagram of a Local Area Network
When separating information into different diagrams in larger networks, the most useful
information to display about the network is are for example the DHCP address ranges,
and VLANs. In networks that spread out to multiple locations or branches, including
Layer routing protocol details such as autonomous systems or OSPF areas can prove
useful.
3.4 Testing and Backing Up before launching Production Networks
When the network design is nearing finalization and only small adjustments are required,
it is necessary to conduct network testing after configuring the devices. Initial tests should
include connectivity tests, assuring that connections are fluent from each device of the
network and that everything is working seamlessly together. In addition, in larger
enterprise networks it might be necessary to conduct network security auditing and
stress testing case-by-case.
Backing up device configurations are always necessary in case of a hardware failure or
a sudden need of a rollback after making changes in the network, and backups should
always be kept up to date after making any adjustments in the configurations of the
network devices.
27
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
4 CONCLUSION
TCP/IP protocol stack is the dominant standard in modern communications networks
and is utilized in majority of network implementations worldwide. The functionality of the
protocol stack can be expressed in a five-layer model called TCP/IP model. The
forementioned model illustrates how network devices interact with each other utilizing
the protocols on different layers in a TCP/IP network. On application layer the software
and application layer protocols determine the data to be transferred. On transport layer
the data is encapsulated by a transport protocol, such as TCP, for transmission. On
network layer the segment or datagram received is encapsulated with IP header into an
IP packet. On the data link layer the incoming packet is encapsulated with MAC
information into a data frame. On the physical layer the incoming data frame is
transferred as bits over a physical medium to the destination device. On the destination
device the whole process is reversed to unpack the data for application usage.
When implementing a network, apart from the TCP/IP basics, there are several core
concepts that should be taken into account. The most variable of these is the client
requirements, that changes in every scenario. Efficient, precise and professional design
of the topology by utilizing the standard-setting hierarchical network model ensures that
the network runs as reliably as possible and provides important quality of service and
scalability. Testing the network thoroughly before launching into production and properly
documenting the details of the network is crucial to ease maintenance and
troubleshooting. This is further aided by always keeping up-to-date backups of each
network device’s configurations. Following these steps is a basis for building a modern
enterprise network to facilitate the needs of a company that wants to meet the standard
of flawless and reliable network.
28
TURKU UNIVERSITY OF APPLIED SCIENCES THESIS | Toni Ryynänen
REFERENCES
Association for Computer Machinery (2020). A.M. Turing Award. Retrieved September 02, 2020, from https://amturing.acm.org/
CertificationKits. (2013). 1-4 TCP/IP Model. Free CCNA Study Guide. Retrieved December 17, 2020, from https://www.freeccnastudyguide.com/study-guides/ccna/ch1/1-4-tcpip-model/
Cisco Networking Academy. (2016). Hierarchical Network Model. Retrieved December 18, 2020, from https://www.ciscopress.com/articles/article.asp?p=2202410
Complete History of the TCP/IP Protocol Suite (2020). TCP/IP. Retrieved December 17, 2020, from https://history-computer.com/Internet/Maturing/TCPIP.html
Cotton, M., Eggert, L., Touch, J., Westerlund, M., & Cheshire, S. (2011, August). Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry. Retrieved September 16, 2020, from https://tools.ietf.org/html/rfc6335
Hunt, C. (2002). TCP/IP Network Administration. Sebastopol, CA: O'Reilly.
Keary, T. (2018). The Ultimate Guide to TCP/IP. Retrieved September 01, 2020, from https://www.itprc.com/tcpipfaq/
Kowalczyk, C. (2020). TCP/IP Protocols. Retrieved September 02, 2020, from http://www.crypto-it.net/eng/theory/tcp-ip-protocols.html
Morello, J. (2020). Know Your Firewall: Layer 3 vs. Layer 7. Retrieved November 22, 2020, from https://securityboulevard.com/2018/10/know-your-firewall-layer-3-vs-layer-7/
OSI-Model: Open Systems Interconnection model. Retrieved September 03, 2020, from https://osi-model.com/
Shaw, K. (2018). The OSI model explained: How to understand (and remember) the 7-layer network model. Retrieved September 03, 2020, from https://www.networkworld.com/article/3239677/the-osi-model-explained-how-to-understand-and-remember-the-7-layer-network-model.html
Stevens, W. R., & Wright, G. R. (1994). TCP/IP Illustrated. Addison-Wesley.
Thomas, J. (2020). TCP/IP Introduction. Retrieved September 02, 2020, from https://www.omnisecu.com/tcpip/tcpip-introduction.php