Virtual Private Networks (VPN)



1. what is VPN?
A virtual private network extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

Types of VPNs.
 WAN VPN: Branch offices
 Access VPN: Roaming Users

 Extranet VPNs: Suppliers and Customers.

What Makes a VPN?
There are two common types of VPNs.
Remote−Access-
Also called a Virtual Private Dial−up Network (VPDN), this is a user−to−LANconnection used by a company that has employees who need to connect to the private network from various remote locations. Typically, a corporation that wishes to set up a large remote−access VPN provides some form of Internet dial−up account to their users using an Internet service provider (ISP). The telecommuters can then dial a 1−800 number to reach the Internet and use their VPN client software to access the corporate network. A good example of a company that needs a remote−access VPN would be a large firm with hundreds of sales people in the field. Remote−access VPNs permit secure, encrypted connections between a company's private network and remote users through a third−party service provider.
• 
Site−to−Site-
Through the use of dedicated equipment and large−scale encryption, a company can connect multiple fixed sites over a public network such as the Internet. Each site needs only a local connection to the same public network, thereby saving money on long private leased−lines. Site−to−site VPNs can be further categorized into intranets or extranets. A site−to−site VPN built between offices of the same company is said to be an intranet VPN, while a VPN built to connect the company to its partner or customer is referred to as an extranet VPN.


Basic Computer Concept.

1. What is computer?
Computer is An electronic device that stores, retrieves, and processes data, and can be programmed with instructions. A computer is composed of hardware and software, and can exist in a variety of sizes and configurations.

2. Hardware and software
The term hardware refers to the physical components of your computer such as the system unit, mouse, keyboard, monitor etc. The software is the instructions that makes the computer work. Software is held either on your computers hard disk, CD-ROM, DVD or on a diskette (floppy disk) and is loaded (i.e. copied) from the disk into the computers RAM (Random Access Memory), as and when required.

3. Types of computer.
Mini and Mainframe Computers Very powerful, used by large organisations such an banks to control the entire business operation. Very expensive!

Personal Computers
Cheap and easy to use. Often used as stand-alone computers or in a network. May be connected to large mainframe computers within big companies.

4.Hardware components
Input Devices --
- A keyboard and mouse are the standard way to interact with the computer. Other devices include joysticks and game pads used primarily for games.

Output Devices -- 
- The monitor (the screen) is how the computer sends information back to you. A printer is also an output device.

5.INPUT DEVICES
The Mouse
Used to ‘drive’ Microsoft Windows

The Keyboard
The keyboard is still the commonest way of entering information into a computer

Tracker Balls
an alternative to the traditional mouse and often used by graphic designers.

Scanners
A scanner allows you to scan printed material and convert it into a file format that may be used within the PC.

6.OUTPUT DEVICES
Plotters
A plotter is an output device similar to a printer, but normally allows you to print larger images.

Speakers
Enhances the value of educational and presentation products.

Speech synthesisers
Gives you the ability to not only to display text on a monitor but also to read the text to you.

7.Storage Devices

Storage Devices --
- Hard disk 
drives are an internal, higher capacity drive which also stores the operating system which runs when you power on the computer.

- "Floppy"
disk drives allow you to save
work on small disks and take the data with
you.

Hard Disks
Speed:
Very fast!
The speed of a hard disk is often quoted as "average access time" speed, measured in milliseconds. The smaller this number the faster the disk. Capacity:  Enormous! Often 40/80 Gigabytes. A Gigabyte is equivalent to 1024 Megabytes. Cost:  Hard disks costs are falling rapidly and normally represent the cheapest way of storing data.

8. Main part of computer.
 RAM - Random Access Memory
The main 'working' memory used by the computer. When the operating system loads from disk when you first switch on the computer, it is copied into RAM.
As a rough rule, a Microsoft Windows based computer will operate faster if you install more RAM. Data and programs stored in RAM are volatile (i.e. the information is lost when you switch off the computer).

ROM – Read Only Memory
Read Only Memory (ROM) as the name suggests is a special type of memory chip that holds software that can be read
but not written to.  A good example is the ROM-BIOS chip, which contains read-
only software. Often network cards and video cards also contain ROM chips.

9.How Computer Memory Is Measured
Bit
All computers work on a binary numbering system, i.e. they process data in one's or zero's. This 1 or 0 level of storage is called a bit.
Byte
A byte consists of eight bits.
Kilobyte
A kilobyte (KB) consists of 1024 bytes.
Megabyte
A megabyte (MB) consists of 1024 kilobytes.
Gigabyte
A gigabyte (GB) consists of 1024 megabytes.



Morpho Icons- MSO-1300 E3 Biometric Fingerprint Scanner with RD Service & Latest Version

Morpho Icons- MSO-1300 E3 Biometric Fingerprint Scanner with RD Service & Latest Version.



Product details

  • Product Dimensions: 6.5 x 3.5 x 1.5 cm ; 118 g
  • Item model number: MSO1300 E3
  • ASIN: B07DHW5K44.

Morpho Personal identification is essential for a wide range of desktop applications from access to workstations to cashless payment, etc. The MSO 1300 Series draws on IDEMIA’s patented optical technology and fingerprint algorithms – recognized worldwide for their high levels of performance and exceptional robustness – to enhance client security with the power of biometrics.
These compact USB sensors offer a reliable, ergonomic and cost-effective solution for enrollment, identity verification and user identification. Their match-on-device (up to 1:10,000 users) or match-on-card (for variants equipped with a smartcard reader) functions, enhanced with extensive security features, guarantee the faultless protection of information.
The most advanced models in the series deliver a fingerprint image that is certified by the FBI (PIV IQS*) and the STQC**, and detect a large panel of counterfeit fingerprints. Micro-USB connection is also available for smartphone applications.
The MSO SDK enables a swift integration into Windows, Linux and Android platforms.
*Image Quality Specifications
**Standardisation Testing and Quality Certification Directorate: an office of the Government of India providing quality assurance services in the area of Electronics and IT.

OnePlus 6T (Midnight Black, 8GB RAM, 128GB Storage).


                                 OnePlus 6T (Midnight Black, 8GB RAM, 128GB Storage).

                                                                   Price: 41,999.00

                                                                        BUY NOW

  • Camera: 16+20 MP Dual rear camera with Optical Image Stabilization, Super slow motion, Nightscape and Studio Lighting | 16 MP front camera
  • Display: 6.41-inch(16.2 cms) Full HD+ Optic AMOLED display with 2340 x 1080 pixels resolution and an 86% screen-to-body ratio
  • Memory, Storage & SIM: 8GB RAM | 128GB storage | Dual nano SIM with dual standby (4G+4G)
  • Screen Unlock: In-screen fingerprint sensor. The OnePlus 6T unlocks in 0.34s for a seamless and intuitive unlock experience
  • Operating System and Processor: OxygenOS based on Android 9.0 Pie with 2.8GHz Qualcomm Snapdragon 845 octa-core processor
  • Battery : 3700 mAh lithium-polymer battery with Fast Charge technology
  • Included in the Box: Screen Protector (pre-applied); Translucent Case; OnePlus Fast Charge Type-C Cable; OnePlus Fast Charge Power Adapter; SIM Tray Ejector; Quick Start Guide; Safety Information; OnePlus Type-C to 3.5mm Audio Jack Adapte.

     
 
Technical Details
OS Android
RAM 8 GB
Item Weight186 g
Product Dimensions15.8 x 0.8 x 7.5 cm
Batteries:1 Lithium Polymer batteries required. (included)
Item model numberA6010
Wireless communication technologies Bluetooth;WiFi Hotspot
Connectivity technologies 2G;3G;GPS;GLONASS;Galileo;BeiDou;USB 2.0;OTG;WiFi 802.11 a/b/g/n/ac
Special features Dual SIM;GPS;Music Player;Video Player;;;E-mail
Display technology AMOLED
Other camera features 20+16 MP Dual rear camera, 16 MP front camera
Form factorTouchscreen Phone
Weight 186 Grams
Colour Midnight Black
Battery Power Rating 3700
Whats in the box Handset, Screen Protector (pre-applied), Translucent Case, OnePlus Fast Charge Type-C Cable, OnePlus Fast Charge Power Adapter, SIM Tray Ejector, Quick Start Guide, Safety Information and Type-C to 3.5mm Audio Jack Adapter.

Mi A2 (Gold, 4GB RAM, 64GB Storage)



                         MRP-17490.00
                          PRICE-13999.00 
                          (YOU SAVE 20%)

Futures




  • Camera: 12+20 MP Dual rear camera | 20 MP front camera
  • Display: 15.21 centimetres (5.99-inch) Full HD+ capacitive touchscreen display with 2160x1080 pixels and 403 ppi pixel density | 2.5D Corning Gorilla Glass 5
  • Memory, Storage & SIM: 4GB RAM | 64GB storage | Dual nano SIM with dual-standby (4G+4G)
  • Operating System and Processor: Android v8.1 Oreo operating system with 2.2GHz Qualcomm snapdragon 660 octa core processor
  • Battery: 3010 mAH lithium Polymer battery
  • Warranty: 1 year manufacturer warranty for device and 6 months manufacturer warranty for in-box accessories including batteries from the date of purchase
  • Included in box: Type-C to Audio adapter, Power adapter, USB Cable, Clear soft case
  • Customer Support Number: 1800 103 6286


Technical Details
OSAndroid
RAM4 GB
Item Weight168 g
Product Dimensions15.9 x 0.7 x 7.5 cm
Batteries:1 Lithium Polymer batteries required. (included)
Item model numberMi A2
Wireless communication technologiesBluetooth, WiFi Hotspot
Connectivity technologiesBluetooth v5.0 wireless technology, 802.11 a/b/g/n/ac wifi, GPS/AGPS, GLONASS, BeiDou, Type C USB 2.0 OTG, IR blaster
Special featuresDual SIM, GPS, Music Player, Video Player, FM Radio, Gyroscope, Infrared sensor, Proximity sensor, Accelerometer, Ambient light sensor, eCompass, E-mail
Other camera features20MP
Form factorTouchscreen Phone
Weight168 Grams
ColourGold
Battery Power Rating3010
Whats in the boxMi A2,Type-C to Audio adapter, Power adapter, USB cable, SIM eject tool, Warranty card, User guide, Clear soft case

Click on this link to buy directly https://amzn.to/2SGW1sq

Realme U1 (Brave Blue, 3GB RAM, 32GB Storage)



  • AI 25MP Selfie Camera with SONY Flagship IMX 576 Sensor | 13MP+2MP AI Dual Rear Camera | Supports Portrait Lighting, Slo-Mo Video and Bokeh Effect
  • 16.002 centimeters (6.3-inch) Full HD+ LTPS IPS (In-Cell) display with 2340 x 1080 pixels resolution with broad 90.8% screen-to-body ratio and 19.5:9 aspect ratio, protected by 2.5D Gorilla Glass 3 | 409 ppi pixel density
  • Memory, Storage & SIM: 3GB RAM | 32GB storage, expandable up to 256GB using MicroSD Card | Dual nano SIM with dual standby (4G+4G)
  • Screen Unlock: Finger Print Sensor and AI Face Unlock (unlocks in 0.1s)
  • Android v8.1 based on Color OS 5.2 operating system with 2.1GHz MediaTek Helio P70 Octa Core CPU and Mali-G72 GPU
  • 3500mAH Li-ion Polymer battery with AI Power Master
  • 1 year manufacturer warranty for device and 6 months manufacturer warranty for in-box accessories including batteries from the date of purchase.


                                        
M.R.P.:   12,999.00 
Deal Price:   11,999.00
                   
                             Click     https://amzn.to/2VxYdnT

SEMPLE NETWORK GUIDE..


1.    Network links
The communication media used to link devices to form a computer network include:
1)      Electrical cable : Home PNA, power line communication, optical fiber (Wired  technology), and
2)       Radio waves (wireless technology).
In the OSI model, these are defined at layers 1 and 2 — the physical layer and the data link layer.
A widely adopted family of communication media used in local area network (LAN) technology is collectively known as Ethernet. The media and protocol standards that enable communication between networked devices over Ethernet are defined by IEEE 802.3. Ethernet transmit data over both copper and fiber cables. Wireless LAN standards (e.g. those defined by IEEE 802.11) use radio waves, or others use infrared signals as a transmission medium. Power line communication uses a building's power cabling to transmit data.

3.1 Wired technologies

The orders of the following wired technologies are, roughly, from slowest to fastest transmission speed.
  • Twisted pair wire is the most widely used medium for all telecommunication. Twisted-pair cabling consist of copper wires that are twisted into pairs. Ordinary telephone wires consist of two insulated copper wires twisted into pairs. Computer network cabling (wired Ethernet as defined by IEEE 802.3) consists of 4 pairs of copper cabling that can be utilized for both voice and data transmission. The use of two wires twisted together helps to reduce crosstalk and electromagnetic induction. The transmission speed ranges from 2 million bits per second to 10 billion bits per second. Twisted pair cabling comes in two forms: unshielded twisted pair (UTP) and shielded twisted-pair (STP). Each form comes in several category ratings, designed for use in various scenarios.
  • Coaxial cable is widely used for cable television systems, office buildings, and other work-sites for local area networks. The cables consist of copper or aluminium wire surrounded by an insulating layer (typically a flexible material with a high dielectric constant), which itself is surrounded by a conductive layer. The insulation helps minimize interference and distortion. Transmission speed ranges from 200 million bits per second to more than 500 million bits per second.
  • An optical fiber is a glass fiber. It uses pulses of light to transmit data. Some advantages of optical fibers over metal wires are very low transmission loss and immunity from electrical interference. Optical fibers can simultaneously carry multiple wavelengths of light which greatly increases the rate that data can be sent, and helps enable data rates of up to trillions of bits per second. Optic fibers can be used for long runs of cable carrying very high data rates, and are used for undersea cables to interconnect continents.

3.2 Wireless technologies

  • Terrestrial microwave – Terrestrial microwave communication uses Earth-based transmitters and receivers resembling satellite dishes. Terrestrial microwaves are in the low-gigahertz range, which limits all communications to line-of-sight. Relay stations are spaced approximately 48 km (30 mi) apart.
  • Communications satellites – Satellites communicate via microwave radio waves, which are not deflected by the Earth's atmosphere. The satellites are stationed in space, typically in geosynchronous orbit 35,400 km (22,000 mi) above the equator. These Earth-orbiting systems are capable of receiving and relaying voice, data, and TV signals.
  • Cellular and PCS systems use several radio communications technologies. The systems divide the region covered into multiple geographic areas. Each area has a low-power transmitter or radio relay antenna device to relay calls from one area to the next area.
  • Radio and spread spectrum technologies – Wireless local area networks use a high-frequency radio technology similar to digital cellular and a low-frequency radio technology. Wireless LANs use spread spectrum technology to enable communication between multiple devices in a limited area. IEEE 802.11 defines a common flavor of open-standards wireless radio-wave technology known as Wifi.

2.      Network nodes and Network interfaces

Ø  In data communication, a physical network node may either be a data communication equipment (DCE) such as a modem, hub, bridge or switch; or a data terminal equipment (DTE) such as a digital telephone handset, a printer or a host computer, for example a router, a workstation or a server.
If the network in question is a LAN or WAN, every LAN or WAN node (that are at least data link layer devices) must have a MAC address, typically one for each network interface controller it possesses. Examples are computers, packet switches, xDSL modems (with Ethernet interface) and wireless LAN access points. Note that a hub constitutes a physical network node, but does not constitute a LAN network node, since a hubed network logically is a bus network. Analogously, a repeater or PSTN modem (with serial interface) is a physical network node but not a LAN node in this sense.
If the network in question is the Internet or an Intranet, many physical network nodes are host computers, also known as Internet nodes, identified by an IP address, and all hosts are physical network nodes. However, some data link layer devices such as switches, bridges and WLAN access points do not have an IP host address (except sometimes for administrative purposes), and are not considered to be Internet nodes or hosts, but as physical network nodes and LAN nodes.
Ø  A network interface controller (NIC) is computer hardware that provides a computer with the ability to access the transmission media, and has the ability to process low-level network information. For example the NIC may have a connector for accepting a cable, or an aerial for wireless transmission and reception, and the associated circuitry.
In addition, the NIC will have access to an identifier for either the NIC or the computer as a whole.
v  In Ethernet networks, each network interface controller has a unique Media Access Control (MAC) address which is usually stored in the controller's permanent memory. MAC address uniqueness is maintained and administered by the Institute of Electrical and Electronics Engineers (IEEE) in order to avoid address conflicts between devices on a network. The size of an Ethernet MAC address is six octets. The 3 most significant octets are reserved to identify NIC manufacturers. These manufacturers, using only their assigned prefixes, uniquely assign the 3 least-significant octets of every Ethernet interface they produce.

4.1 Repeaters and hubs
A repeater is an electronic device that receives a network signal, cleans it of unnecessary noise, and regenerates it. The signal is retransmitted at a higher power level, or to the other side of an obstruction, so that the signal can cover longer distances without degradation. In most twisted pair Ethernet configurations, repeaters are required for cable that runs longer than 100 meters. With fiber optics, repeaters can be tens of even hundreds of kilo-meters apart.
A repeater with multiple ports is known as a hub. Repeaters work on the physical layer of the OSI model. Repeaters require a small amount of time to regenerate the signal. This can cause a propagation delay which can affect network performance. As a result, many network architectures limit the number of repeaters that can be used in a row, e.g., the Ethernet 5-4-3 rule.
Hubs have been mostly obsoleted by modern switches; but repeaters are used for long distance links, notably undersea cabling.

  4.2 Bridges

A network bridge connects and filters traffic between two network segments at the data link layer (layer 2) of the OSI model to form a single network. This breaks the network's collision domain but maintains a unified broadcast domain. Network segmentation breaks down a large, congested network into an aggregation of smaller, more efficient networks.
Bridges come in three basic types:
  • Local bridges: Directly connect LANs
  • Remote bridges: Can be used to create a wide area network (WAN) link between LANs. Remote bridges, where the connecting link is slower than the end networks, largely have been replaced with routers.
  • Wireless bridges: Can be used to join LANs or connect remote devices to LANs.

  4.3 Switches

A network switch is a device that forwards and filters OSI layer 2 data grams between ports based on the MAC addresses in the packets.  A switch is distinct from a hub in that it only forwards the frames to the physical ports involved in the communication rather than all ports connected. It can be thought of as a multi-port bridge.  It learns to associate physical ports to MAC addresses by examining the source addresses of received frames. If an unknown destination is targeted, the switch broadcasts to all ports but the source. Switches normally have numerous ports, facilitating a star topology for devices, and cascading additional switches.
Multi-layer switches are capable of routing based on layer 3 addressing or additional logical levels. The term switch is often used loosely to include devices such as routers and bridges, as well as devices that may distribute traffic based on load or based on application content (e.g., a Web URL identifier).

4.4  Modems

A modem (modulator-demodulator) is a device that modulates an analog carrier signal to encode digital information and demodulates the signal to decode the transmitted information. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data. Modems can be used with any means of transmitting analog signals, from light emitting diodes to radio. The most familiar type is a voice band modem that turns the digital data of a computer into modulated electrical signals in the voice frequency range of a telephone channel. These signals can be transmitted over telephone lines and demodulated by another modem at the receiver side to recover the digital data.
Modems are generally classified by the amount of data they can send in a given unit of time, usually expressed in bits per second (bit/s or bps), or bytes per second (B/s). Modems can also be classified by their symbol rate, measured in baud. The baud unit denotes symbols per second, or the number of times per second the modem sends a new signal. For example, the ITU V.21 standard used audio frequency shift keying with two possible frequencies, corresponding to two distinct symbols (or one bit per symbol), to carry 300 bits per second using 300 baud. By contrast, the original ITU V.22 standard, which could transmit and receive four distinct symbols (two bits per symbol), transmitted 1,200 bits by sending 600 symbols per second (600 baud) using phase shift keying.
4.5  Routers
A router is an internetworking device that forwards packets between networks by processing the routing information included in the packet or datagram (Internet protocol information from layer 3). The routing information is often processed in conjunction with the routing table (or forwarding table). A router uses its routing table to determine where to forward packets. (A destination in a routing table can include a "null" interface, also known as the "black hole" interface because data can go into it, however, no further processing is done for said data.)

It is often said that if anyone were to send a postcard with minimal address information such as “Mahatma Gandhi, India” or “Albert Einstein, USA,” it would be routed to them due to their fame; no listing of the street address or the city name would be necessary. The postal system can do such routing to famous personalities usually on a case-by-case basis, relying on the name alone. In an electronic communication network, a similar phenomenon is possible to reach any website or to contact person by telephone anywhere in the world without knowing where the site or the person is currently located. Not only that, it is possible to do so very efficiently, within a matter of a few seconds. How is this possible in a communication network, and how can it be done so quickly? At the heart of the answer to this question lies network routing . Network routing refers to the ability of an electronic communication network to send a unit of information from point A to point B by determining a path through the network, and by doing so efficiently and quickly. The determination of an efficient path depends on a number of factors, as we will be discussing in detail throughout this book.
First, we start with a key and necessary factor, known as addressing. In a communication network, addressing and how it is structured and used plays a critical role. In many ways, addressing in a communication network has similarities to postal addressing in the postal system. Thus, we will start with a brief discussion of the postal addressing system to provide an analogy.
            A typical postal address that we write on a postcard has several components the name of the person, followed by the street address with the house number (“house address”), followed by the city, the state name, and the postal code. If we, on the other hand, take the processing view to route the postcard to the right person, we essentially need to consider this address in the reverse order of listing, i.e., start with the postal code, then the city or the state name, then the house address, and finally the name of the person. You may notice that we can reduce this information somewhat; that is, you can just use the postal code and leave out the name of the city or the name of the state, since this is redundant information. This means that the information needed in a postal address consists of three main parts: the postal code, the street address (with the house number), and the name.
            A basic routing problem in the postal network, then, is as follows: the postcard is first routed to the city or the geographical region where the postal code is located. Once the card reaches the postal code, the appropriate delivery post office for the address specified is identified and delivered to. Next, the postman or post-woman delivers the postcard at the address, without giving much consideration to the name listed on the card. Rather, once the card arrives at the destination address, the residents at this address take the responsibility of handing it to the person addressed.
            You may note that at a very high-level view, the routing process in the postal system is broken down to three components: how to get the card to the specific postal code (and sub-sequently the post office), how the card is delivered to the destination address, and finally, how it is delivered to the actual person at the address. If we look at it in another way, the place where the postcard originated in fact does not need to know the detailed information of the street or the name to start with; the postal code is sufficient to determine to which geographical area or city to send the card. Thus, we can see that postal routing uses address for routing decisions. An advantage of this approach is the decoupling of the routing decision to multiple levels such as the postal code at the top, then the street address, and so on. An important requirement of this hierarchical view is that there must be a way to divide the complete address into multiple distinguishable parts to help with the routing decision.
           
Now consider an electronic communication network; for example, a critical communication network of the modern age is the Internet. Naturally, the first question that arises is: how does addressing work for routing a unit of information from one point to another, and is there any relation to the postal addressing hierarchy that we have just discussed? Second, how is service delivery provided?

4.5.1 Addressing and Internet Service
In many ways, Internet addressing has similarities to the postal addressing system. The ad dressing in the Internet is referred to as Internet Protocol (IP) addressing. An IP address defines two parts: one part that is similar to the postal code and the other part that is similar to the house address; in Internet terminology, they are known as the net-id and the host-id, to identify a network and a host address, respectively. Thus, a host is the end point of communication in the Internet and where a communication starts. A host is a generic term used for indicating many different entities; the most common ones are a web-server, an email server, and certainly the desktop, laptop, or any computer we use for accessing the Internet. A net-id identifies a contiguous block of addresses Like any service delivery system, we also need a delivery model for the Internet. For example, in the postal system, one can request guaranteed delivery for an additional fee. The Internet’s conceptual framework, known as TCP/IP Transmission Control Protocol /Internet Protocol), relies on a delivery model in which TCP is in charge of the reliable delivery of information, while IP is in charge of routing, using the IP addressing mechanism. IP, however, does not worry about whether the information is reliably delivered to the address or is lost during transit. This is somewhat similar to saying that the postal system will route a postcard to the house address, while residents at this address (not the postal authority) are responsible for ensuring that the person named on the card receives it. While this may seem odd at first, this paradigm has been found to work well in practice, as the success of the Internet shows. A key difference in the Internet as opposed to the postal system is that the sending host first sends a beacon to the destination address (host) to see if it is reachable, and waits for an acknowledgment before sending the actual message. Since the beacon also uses the same transmission mechanism, i.e., IP, it is possible that it may not reach the destination. In order to allow for this uncertainty to be factored in, another mechanism known as a timer is used. That is, the sending host sends the beacon, then waits for a certain amount of time to see if it receives any response. If it does not hear back, it tries to send the beacon a few more times, waiting for a certain amount of time before each attempt, until it stops trying after reaching the limit on the maximum number of attempts. The basic idea, then, requires that the receiving host should also know the address of the sender so that it can acknowledge the receipt of the beacon. As you can see, this means that when the sending host sends its beacon, it must also include its source IP address.

            Once the connectivity is established through the beacon process, the actual transmission of the content transpires. This is where a good analogy is not available in the postal system; rather, the road transportation network is a better fit to describe an analogy. If we imagine a group of 100 friends wanting to go to a game, then we can easily see that not all can fit in one car. If we consider that a car can hold five people, we will need twenty cars to transport this entire group. The Internet transfer model also operates in this fashion. Suppose that a document that we want to download from a host (web-server) is 2 MB. Actually, it cannot be accommodated entirely into a single fundamental unit of IP, known as packet datagram or datagram due to a limitation imposed by the underlying transmission system. This limitation is known as the Maximum Transmission Unit (MTU). MTU is similar to the limitation on how many
people can fit into a single car. Thus, the document would need to be broken down into smaller units that fit into packets. Each packet is then labelled with both the destination and the source address, which is then routed through the Internet toward the destination. Since the IP delivery mechanism is assumed to be unreliable, any such packet can possibly get lost during transit, and thus would need to be retransmitted if the timer associated with this packet expires. Thus another important component is that content that has been broken down into smaller packets, once it arrives at the destination, needs to be reassembled in the proper order before delivering the document. We conclude this section by pointing out that the acknowledgment and retransmission mechanism is used for most well-known applications on the Internet such as web or email. A slightly different model is used for applications that do not require reliable delivery; this will be discussed later in the chapter.

4.5.2 Network Routing
In the previous section, we provided a broad overview of addressing and transfer mechanisms for data in Internet communication services. we can see that eventually packets are to be routed from a source to a destination. Such packets may need to traverse many cross-points, similar to traffic intersections in a road transportation network. Cross-points in the Internet are known as router. A router’s functions are to read the destination address marked in an incoming IP packet, to consult its internal information to identify an outgoing link to which the packet is to be forwarded, and then to forward the packet. Similar to the number of lanes and the speed limit on a road, a network link that connects two routers is limited by how much data it can transfer per unit of time, commonly referred to as the bandwidth or capacity of a link; it is generally represented by a data rate, such as 1.54 megabits per second (Mbps). A network then carries TRAFFIC on its links and through its routers to the eventual destination; traffic in a network refers to packets generated by different applications, such as web or email. Suppose that traffic suddenly increases, for example, because of many users trying to download from the same website; then, packets that are generated can possibly be queued at routers or even dropped. Since a router maintains a finite amount of space, known as a buffer, to temporarily store backlogged packets, it is possible to reach the buffer limit. Since the basic principle of TCP/IP allows the possibility of an IP packet not being delivered or being dropped enroute, the finite buffer at a router is not a problem. On the other hand, from an efficient delivery point of view, it is desirable not to have any packet loss (or at least, minimize it) during transit. This is because the reliable delivery notion works on the principle of retransmission and acknowledgment and any drop would mean an increase in delay due to the need for retransmission. In addition, during transit, it is also possible that the content enclosed in a data packet is possibly corrupted due to, for example, an electrical signalling problem on a communication link. This then results in garbling of a packet. From an end-to- end communication point of view, a garbled packet is the same as a lost packet.

            Thus, for efficient delivery of packets, there are several key factors to consider: (1) routers with a reasonable amount of buffer space, (2) links with adequate bandwidth, (3) actual transmission with minimal error (to minimize packets being garbled), and (4) the routers’ efficiency in switching a packet to the appropriate outgoing link. We have already briey discussed why the first two factors are important. The third factor, an important issue, is outside the scope of this book since encoding or development of an error-free transmission system is an enormous subject by itself; interested readers may consult books such as [666]. Thus, we next move to the fourth factor.

            Why is the fourth factor important? A packet is to be routed based on the IP address of the destination host; however, much like street address information in a postal address, there are far too many possible hosts; it is impossible and impractical to store all host addresses at any router. For example, for a 32-bit address, theoretically a maximum of 2^32 hosts are possible a very large number (more about IP addressing in the next section). Rather, a router needs to consider a coarser level of address information, i.e., the net-id associated with a host, so that an outgoing link can be identified quickly just by looking up the net-id. Recall that a net-id is very much like a postal code. There is, however, a key difference—net-ids do not have any geographical proximity association as with postal codes. For example, postal codes in the Assam States are Six digits long and are known as PIN (Postal Index Number) codes. Consider now Guwahati City, Silchar, where a PIN code starts with 78 such as 781015, 788001, and so on. Thus, a postcard can be routed to Guwahati City, AS (“78”) which in turn then can take care of routing to the specific PIN code. This idea is not possible with IP addressing since net-Ids do not have any geographical proximity. In fact, an IP net-id address such 134.193.0.0 can be geographically far away from the immediately preceding IP net-id address 134.192.0.0. Thus, at the net-id level, IP addressing is at; there is no hierarchy.

            You might be wondering why IP address numbering is not geographic. To give a short answer, an advantage of a non-geographic address is that an organization that has been as- signed an IP address block can keep its address block even if it moves to a different location or if it wants to use a different provider for connectivity to the Internet. A geographically based address system usually has limitations in regard to providing location-independent flexibility.

            In order to provide the flexibility that two net-ids that appear close in terms of their actual numbering can be geographically far away, core routers in the Internet need to maintain an explicit list of all valid net-ids along with an identified outgoing link so that when a packet arrives the router knows which way to direct the packet. The list of valid net-ids is quite large, currently at 196,000 entries. Thus, to minimize switching time at a router, efficient mechanisms are needed that can look up an address, identify the appropriate outgoing link (direction), and process the packet quickly so that the processing delay can be as minimal as possible.

            There is, however, another important phase that works in tandem with the lookup process at a router. This is the updating of a table in the router, known as the routing table that contains the identifier for the next router, known as the next hop , for a given destination net-id. The routing table is in fact updated ahead of time. In order to update such a table, the router would need to store all net-ids it has learned about so far; second, if a link downstream is down or congested or a net-id is not reachable for some reason, it needs to know so that an alternate path can be determined as soon as possible. This means that a mechanism is required for communicating congestion or a failure of a link or non-reach ability of a net-id. This mechanism is known as the routing protocol mechanism. The information learned through a routing protocol is used for generating the routing table ahead of time.

            If new information is learned about the status of links or nodes, or the reach ability of a net id through a routing protocol, a routing algorithm is then invoked at a router to determine the best possible next hop for each destination net id in order to update the routing table. For efficient packet processing, another table, known as the forwarding table, is derived from the routing table that identifies the outgoing link interfaces. The forwarding table is also known as the Forwarding Information Base (FIB). We will use the terms forwarding table and FIB interchangeably.

            It should be noted that a routing algorithm may need to take into account one or more factors about a link, such as the delay incurred to traverse the link, or its available bandwidth, in order to determine the best possible path among a number of possible paths. If a link along a path does not have adequate bandwidth, congestion or delay might occur. To minimize delay, an important function, called traffic engineering, is performed. Traffic engineering is concerned with ways to improve the operational performance of a network and identifies procedures or controls to be put in place ahead of time to obtain good network performance. Finally, there is another important term associated with networking in general and network routing in particular, labeled as architecture. There are two broad ways the term architecture from the architecture of a building is applicable here: (1) a  floor inside a building may be organized so that it can be partitioned efficiently for creating office spaces of different sizes by putting in flexible partitions without having to tear down any concrete walls, (2) it provides standardized interfaces, such as electrical sockets, so that equipment that requires power can be easily connected using a standardized socket without requiring modification to the building or the floor or the equipment. Similarly, there are several ways we use the architecting a network: for example, from the protocol point of view, various functions are divided so that each function can be done separately, and one function can depend on another through a well-defined relationship. From a router’s perspective, architecting a network refers to how it is organized internally for a variety of functions, from routing protocol handling to packet processing. From a network perspective, this means how the network topology architecture should be organized, where routers are to be located and bandwidth of links determined for efficient traffic engineering, and so on. Later, we will elaborate more on architectures.
           
            To summarize, we can say that the broad scope of network routing is to address routing algorithms, routing protocols, and architectures, with architectures encompassing several different aspects for efficient routing. In this book, we will delve into these aspects in depth. With the above overview, we now present IP addressing in detail.

4.5.3  IP Addressing
If one has to send data to any host in the Internet, there is a need to uniquely identify all the hosts in the Internet. Thus, there is a need for a global addressing scheme in which no two hosts have the same address. Global uniqueness is the first property that should be provided in an addressing scheme.


Ø  Class full Addressing Scheme: An IP address assigned to a host is 32 bits long and should be unique. This addressing, known as IPv4 addressing, is written in the bit format, from left to right, where the left-most bit is considered the most significant bit. The hierarchy in IP addressing, similar to the postal code and the street address, is reflected through two parts, a network part and a host part referred as the pair (net-id, host-id). Thus, we can think of the Internet as the interconnection of networks identified through net-ids where each netid has a collection of hosts. The network part (netid) identifies the network to which the host is attached, and the host part (host-id) identifies a host on that network. The network part is also referred as the IP prefix. All hosts attached to the same network share the network part of their IP addresses but must have a unique host parts. To support different sizes for the (netid, hostid) part, a good rule on how to partition the total IP address space of 2^32 addresses was needed, i.e., how many network addresses will be allowed and how many hosts each of them will support. Thus, the IP address space was originally divided into three different classes, Class A, Class B, and Class C, as shown in Figure 1.1 for networks and hosts. Each class was distinguished by the first few initial bits of a 32-bit address.

For  readability, IP addresses are expressed as four decimal numbers, with a dot between them. This format is called the dotted decimal notation. The notation divides the 32-bit IP ad- dress into 4 groups of 8 bits and specifies the value of each group independently as a decimal number separated by dots. Because of 8-bit breakpoints, there can be at most 256 (= 2^8) decimal values in each part. Since 0 is an assignable value, no decimal values can be more than 255. Thus, an example of an IP address is 10.5.21.90 consisting of the four decimal values, separated by a dot or period.

            Each Class A address has the first bit set to 0 and is followed by 7 bits for the network part, resulting in a maximum of 128 (= 2^7) ) networks; this is then followed by a 24-bit host part. Thus, Class A supports a maximum of 2^24-2 hosts per network. This calculation subtracts 2 because 0s and 1s in the host part of a Class A address may not be assigned to individual hosts; rather, all 0s that follows a net-id such as 10.0.0.0 identify the network, while all 1s that follow a net-id such as 10.255.255.255 are used as the broadcast address for this network. Each Class B network address has the first two bits set to “10,” followed by a 14-bit network part, which is then followed by a 16-bit host part. A maximum of 2^14 networks can be defined with UP TO 2^16-2 hosts per network. Finally, a Class C network address has the first three bits set as “110” and followed by a 21-bit network part, with the last 8 bits to identify the host part. Class C provides support for a maximum of 2^21(-2, 097, 152) part. Class C provides support for a maximum of 254 (2^8-2) hosts. In each class, a set of network addresses is reserved for a variety of purposes;

            Three address classes discussed so far are used for unicasting in the Internet, that is, for a host-to-host communication. There is another class of IP addresses, known as Class D\ addressing, that is used for multicasting in the Internet; in this case, the first four bits of the 32-bit address are set to “1110” to indicate that it is a multicast address. A host can use a multicast address as the destination address for a packet generated to indicate that the packet is meant for any hosts on the Internet; in order for any hosts to avail this feature, they must use another mechanism to tune into this address. Multicast address on the Internet can be thought of as similar to a radio station frequency; a radio station transmits on a particular frequency any listener who wants to listen to this radio station must tune the radio dial to this frequency.

Ø  Sub-netting/ Net-mask : Consider the IP address 192.168.40.3 that is part of Class C network 192.168.40.0. A subnet or sub-network is defined through a network mask boundary using the specified number of significant bits as 1s. Since Class C defines networks with a 24-bit boundary, we can then consider that the most significant 24 bits are 1s, and the lower 8 bits are 0s. This translates to the dotted decimal notation 255.255.255.0, which is also compactly written as “/24” to indicate how many most significant bits are 1s. We can then do a bit-wise logical “AND” operation between the host address and the net mask to obtain the Class C network address as shown below:

11000000 10101000 00101000 00000011                  >192.168.40.3
AND     11111111 11111111 11111111 00000000                 > net mask (/24)
11000000 10101000 00101000 00000000                  >192.168.40.0

As you can see, both the host address and the net mask have 1s in the first two positions from the left; thus, the “AND” operation results in 1s for these two positions. For the third position from left, the host has 0 while the net mask has 1; thus, the result of the “AND” operation is zero; and so on. Note that for network addresses such as Class C address, the net-mask is implicit and it is on a /24 subnet boundary. Now consider that we want to change the net-mask explicitly to /21 to identify a network larger than a 24-bit subnet boundary. If we now do the bit-wise operation

 11000000 10101000 00101000 00000011                > 192.168.40.3
AND      11111111 11111111 11111000 00000000                > net mask (/21)
 11000000 10101000 00101000 00000000                >192.168.40.0

we note that the network address is again 192.168.40.0. However, in the latter case, the network boundary is 21 bits. Thus, to be able to clearly distinguish between the first and the second one, it is necessary to explicitly mention the net-mask. This is commonly written for the second example as 192.168.40.0/21, where the first part is the net-id and the second part is the mask boundary indicator. In this notation, we could write the original Class C address as 192.168.40.0/24 and thus, there is no ambiguity with 192.168.40.0/21.

4.5.4 Classless Inter-domain Routing
Classless Inter-domain Routing (CIDR) uses an explicit net-mask with an IPv4 address block to identify a network, such as 192.168.40.0/21. An advantage of explicit masking is that an address block can be assigned at any bit boundaries, be it /15 or /20; most important, the assignment of Class C level addresses for networks that can show up in the global routing table can be avoided or minimized. For example, a contiguous address block can be assigned at the /21 boundary which can be thought of as an aggregation of subnets at the /24 boundary. Because of this, the term Super netting or variable-length subnet masking (VLSM) is also used in reference to the explicit announcement of the net mask.

            Through such a process, and because of address block assignment at boundaries such as 21, the routing table growth at core routers can be delayed. In the above example, only then net-id 192.168.40.0/21 needs to be listed in the routing table entry, instead of listing eight entries from 192.168.40.0/24 to 192.168.47.0/24. Thus, you can see how the routing table growth can be curtailed. CIDR was introduced around the mid-1990s; the current global routing table size, as of this writing, is about 196,000 entries. The routing table growth over time, along with projection, is shown later in Figure 9.10. In order for CIDR to take effect, any network address reach ability announcement that is communicated with a routing protocol such as the Border Gateway Protocol must also carry the mask information explicitly.






















Virtual Private Networks (VPN)

1. what is VPN? A virtual private network extends a private network across a public network, and enables users to send and receive data ...