Task 2
‘Movie Magic Ltd’ have asked you to prepare and provide a technical review and summary that explains the purpose, difference and relationship between the following:
a. Physical addresses (MAC),
b. Network addresses (IP)
c. DNS
d. DHCP
e. TCP
Physical Address
Every device connected to a network needs to have a unique address so that information knows where its destination is located. In the real world, we make use of a postal service to send letters and packages to a street address. In the I.T. world, that address is a Physical Address or Mac Address (Media Access Control). Every networked device has a unique Mac Address which is usually never duplicated with any other device. Each Mac address is comprised of six octets (48-bits), the first three Octets are called OUI (Organisationally Unique Identifier) and the last three are called Extension Identifier. The OUI is assigned directly by the IEEE to the requesting organisation, the extension identifier is assigned by the organisation. Mac Addresses are displayed in the following format xx:xx:xx:xx:xx:xx .Each Octet consists of two hexadecimal numbers which make up the binary value of the octet for each mac address.
The Mac Address operates on Layer 2 of the OSI model, this layer is shared with the Address Resolution Protocol (ARP). ARP is what is used to link a network address (IP) to the MAC Address. Unlike the MAC Address, devices can have the same Network Address, but they cannot be within the same network otherwise a conflict will occur.
Except for very rare circumstances, each Mac address is a unique location that information can travel to and from. Every packet will carry the receiver mac address and the sender mac to help network traffic get to the right destination and for a response get to the original sender of the information. A Mac Address is not identifiable over the internet as the location of a receiver mac address is not routable, each device can only see its directly connected Mac Address, this limitation has been overcome using a Network Address and the Internet Protocol.
Network Addresses
Network Addresses, or specifically IP Addresses, are another form of identifier for network connected devices, which assigns an easy to identify numerical address to each machine. An IP address is usually unique to a specific network that it resides in, it identifies a network attached device to enable it to send and receive information, much like a MAC Address. However, they differ as an IP address is located on Layer 3 of the OSI model, and is a non-permanent address that can be changed on each device, whereas a Mac Address lives and dies with the device.
As an IP Address is unique to the network it belongs to, the use of a subnetwork allows them to be logically split from one another. This enables an IP address to communicate with all other IP based devices on its subnetwork and with the use of a routing device, it would enable Addresses to communicate over a subnetwork. The data of an IP packet is located inside an Ethernet Packet. The size of the packet is how each protocol identifies what type of packet is being received. Should an Ethernet frame exceed 1522 bytes, it identifies that the Ethernet frame is holding another protocol. An Ethernet packet already consists of Sender and Reader Mac Address, the part of data from an IP Packet will also list the sender and receiver IP address. The destination for a packet is first identified by an ARP request which will identify the MAC Address of each Network Address within the current network.
Network Addresses are the foundation of the internet, it allows networked devices to easily identify and locate a route to their appointed destination. It is a logical address that can be changed within a computers operating system and makes it possible to route between networks. Upon the Internet Protocol more protocols are built that will improve reliability and usability of network connected devices.
DNS
DNS, Domain Naming System, is a means of naming a network attached device to give it an easily remembered name which is mapped to its IP address, without having to resort to remembering the numerical IP address. A Domain can be split up into levels. .com; .org; .co.uk; are all examples of Top Level domains whose addresses are stored by “Root Servers”. From there the root servers will direct traffic to the top-level domain servers which will direct the request to “Authoritative” servers. Finally, the Authoritative sever will send the response back to your local DNS Server which will hand over the IP Address of the server you have requested. No data is shared via the DNS, only the information which corresponds to the IP address of your request. Once a hostname has been resolved to an IP address, data communications will be done directly between devices using IP without calling upon the DNS again. Local machines will cache the DNS records to help speed up the communications between one another.
DNS was originally invented as part of ARPANET, but has since found a home on the Internet and is one of the most used services today, even if most don’t know that they are using it.
DHCP
DHCP is an acronym for Dynamic Host Configuration Protocol. It is a client/server protocol that is used to automatically assign an IP address to a networked device. A server within a Local Area Network is nominated as the DHCP server. Once a server has been assigned as the DHCP server and configured with the correct IP Ranges, it will begin to distribute an IP address to all devices which request it. A DHCP server will keep all the information on what IP addresses have been distributed and which as still available.
When a new networked device is connected to a network and is configured for DHCP, it will send a “discover” broadcast message to all connected devices. A DHCP server will receive this communication and will respond with an “offer” of an address direct to the client. The client will then respond with a request message back to the sever which the server will then acknowledge and it will update its records so show that the IP address has been assigned. Each assigned network address is given a lease time in which it will keep the IP addresses provided, once this leave time expires it will then again request a new IP address from the server. DHCP requests will only be requested and distributed on the same subnetwork unless specifically configured on network equipment due to the broadcast address being limited to a single subnetwork.
The DHCP will also keep track of the Physical address of the device requesting an IP Address, this is used to assist the DHCP server to assign the same IP address if possible to each requesting device.
DHCP is a solution to having to provide each networked device an IP address, it simplifies the management of networks regardless of size by automating the assignment of IP Addresses.
TCP
The Transmission Control Protocol (TCP) is a Layer 4 protocol that is used in many network communications. It was introduced with the Internet Protocol and together they are known as TCP/IP. TCP is used to reliably provide a means of communication over IP using multiple error checking methods and controls, this increases the size of each packet by a small margin, but decreases overall network traffic and collisions.
TCP can operate independently from the network access type used and can operate successfully on Ethernet, X25 and Token Ring. This allows TCP to continue to operate even as new transmission types become available.
TCP will establish a connection between hosts before it begins to transfer data, once the connection has been established the protocol will attached a sequence number to each segment transmitted. After every segment is transmitted, the destination host will send an acknowledgement to confirm receipt of the information, if an acknowledgement is not received within a specified period to time, the sending host will retransmit the missing information. The TCP Header consists of Source Port, Destination Port, Sequence Number, Acknowledgement Number, Window and TCP Checksum. Notably missing from the header is the destination address and source address, this information is handled by the Internet Protocol and is why TCP relies so heavily upon IP. Once a transmission is completed, both hosts will perform a similar handshake process to confirm that both hosts completed the transmission successfully. As TCP is reliant on a response from the receiving host it can be susceptible to high latency on the network. This will cause the acknowledgement to be delayed between the two hosts and can result in packets being delayed while waiting for a response, the result is the perception that the network is slow.
TCP built upon the foundations of IP by providing a means to check the success of a transmission between hosts. It enables reliable, error correcting and flow controlled transmission of data between hosts.
Task 3
’Movie Magic Ltd’ require you to prepare referenced material that explains network performance and the factors that can affect it. They have also asked you to include details regarding the use of key performance indicators (KPIs) and how they could be used to actively measure, analyse and identify the potential performance issues associated with networked applications.
Network Performance and KPI’s
The network of an organisation is the heart of the I.T. Infrastructure that is usually overlooked as a key part to monitor and maintain. As all communications within an organisation are transmitted via the LAN, WAN and Internet, it is in important that the proper metrics and controls are in place to ensure a stable and reliable connection within your organisation.
Factors Affecting Network Performance
Networks can be negatively affected by distance, transmission medium, bandwidth and network errors within the environment. Each one must be addressed individually and measured against a different set of KPI’s.
Distance
Distance is one of the factors that any organisation, which operates out of multiple countries, will face and is the most difficult to address. National network connections that are fibre based are restricted by the speed of light. Couple this with the latency added by network devices and you soon hit a high enough latency that the TCP throughput is severely diminished and user experience is affected. The maximum possible TCP throughput can be calculated with the following formula:
(TCP Window Size)/(Latency In Seconds)=Bits Per Second Throughput
The round-trip time for a TCP packet from London to Dallas is +/-100ms, this number is limited mostly by the delay in light travelling between the destinations. You can expect a small amount of latency to be added by the routing equipment between the sites. Using the formula above and with a 100Mbit/s link between Dallas and London you can expect a maximum of throughput of 5.24Mbit/s. This can be alleviated by implementing multiple types of WAN optimisation. WAN Optimisation “is the category of technologies and techniques used to maximize the efficiency of data flow across a wide area network“ (Rouse 2010). It comes in the form of deduplication, compression, caching, increasing the TCP Window size and traffic shaping. Single appliance devices can be implemented at both ends of the network called WAN Accelerators which will perform some, if not all the above WAN optimisation techniques.
Transmission Medium
Within networking you get multiple types of transmission mediums, each can be categorised into two groups, Guided and Unguided. Guided mediums “are those that provide a conduit from one device to another, include Twisted-Pair Cable, Coaxial Cable, and Fibre-Optic Cable”(Studytonight n.d.). Unguided is usually a form of wireless communication that does not have any physical connections and “are normally broadcast through free space and thus are available to anyone who has a device capable of receiving them” (Studytonight n.d.). Guided media will generally provide a more reliable connection which provides higher throughput and lower errors, however, it is not as flexible as unguided communications. Unguided communication is usually lower in bandwidth and a higher chance of errors between the communication equipment.
Type of Guided mediums are UTP(Unshielded Twisted Pair), STP(Shielded Twisted Pair), Coaxial Cable and Optical Fibre. UTP and STP cables have a maximum recommended length of 100m and Coaxial cable has a recommended length of 500m. Optical Fibre has a transmission range of up to 240Km. Unguided media can consist of Radio Transmission, Microwave and Satellite, and is generally governed by the strength of the transmission equipment on what range it can reach. Collisions, discards, incorrect frame sizes and alignment errors can cause errors over a network, but when these distance limitations of transmission mediums are reached there is a higher change of signal degradation and the possibility of errors on the line will start to present themselves.
Bandwidth
Bandwidth is the most visible metrics for measuring network performance and is where most would turn to when the demands of an organisation are not met. When measuring bandwidth, you need to consider both the Mathis Equation and the TCP Receiver Window throughput equation into consideration. Should the bandwidth exceed either of those equations then the bandwidth upgrade will have a negligible effect with TCP communications. However, TCP is not the only protocol that can operate upon a network, you will also have situations where UDP connections are utilised and these operate differently to TCP. UDP is an acronym for User Datagram Protocol and is generally used for streaming voice or video over a network. UDP has no error checking or flow control and will send as much data as quick as it can without checking that it is being received by the destination server. It is considered an unreliable protocol but it is not limited by the network latency and is able to overcome the high latency bandwidth limitations that TCP inherits. UDP will make use of the full bandwidth provided should it be required to and this is one of the times when more bandwidth would assist with network performance.
The number of clients using the network at any one time is the other factor to consider when assessing network bandwidth. Bandwidth can be described as a pipe with flowing water, should the demand for water exceed its capacity then degraded water pressure can be expected. The same is applied to bandwidth, if a network is over utilised you will see lower performance for all connections currently utilising it.
Errors
Network errors are an unavoidable issue with networks of all sizes, therefore the IEEE 802.3 standards allow for a margin of errors within their networking standards. These errors can be caused by FCS Errors (Frame Check Sequence), Collisions, Protocol Errors, Alignment Errors, MTU Errors and Discards. Each of these will have a specific cause and steps that can be taken to resolve or reduce the likelihood of additional errors.
A Frame Check Sequence “refers to the extra bits and characters added to data packets for error detection and control” (TechnoPedia n.d.). When the destination received the frame, the FCS is recalculated to check that the number is identical to the source FCS. Should the numbers not match then the frame is discarded. This information can be used by other protocols built upon the Ethernet frame and it can be used to start an error recovery on the packet.
Collisions occur on a network when two devices attempt to send information across the same circuit at the same time. CSMA/CD (Carrier sense multiple access / collision detection) is a protocol that is used on Ethernet networks to assist with reducing the number of network collisions. It works by first checking if the network medium is available for transmission, it will only send the frame once the line is available. Under some situations, two devices may both observe the line as available and transmit data at the same time, during this situation the collision is detected and both devices will wait a random time before traying to send the frame again. Should they both transmit at the same time slot, they will stop their transmission and extend the number of time slots until they are successfully able to transmit.
Protocol Errors are caused when a switching or routing device is unable to parse the protocol is it receiving. This will occur mostly during new installations and is resolved with either a configuration change or update to the networking equipment.
Alignment Errors will occur when a frame is received that ends with an uneven number of octets, these are considered to have a bad CRC. This is usually indicative of a physical layer problem which could be caused by faulty cabling or transmission equipment.
MTU (Maximum Transmission Unit) Errors occur when a frame sent between two hosts is larger or smaller than the configured MTU allocation. Some routers are able to fragment the packets to reduce the size to fix the MTU, but it is generally more acceptable to configure the equipment to transmit with the same MTU size.
Discards are caused by the policies which are configured on networking equipment, either Security Policies or Quality of Service Policies. The security policy of a device can involve a packet being dropped due to not communicating on the correct vlan or by an access control list blocking communication. Quality of Service will cause non-critical packets to be dropped during high utilisation scenarios.
The number of errors on a line for a TCP transmission has a knock-on effect that will severely affect network performance. The IEEE802.3ab standards allow for an error rate of 1 bit loss in 10-10, this is a very small number, but it is safe to assume that an error rate of .0001% is acceptable. Calculating the throughput of a TCP transmission can be done with the Mathis Equation shown below:
((Maximum Segment Size)/(Rount Trip Time))*1/√(Probability Of PacketLoss)=Transfer Rate
With an assumed Maximum Segment Size of 1460, a Round Trip Time of 100ms and a Probable Packet Loss of .0001% you can expect a maximum throughput of 35.9Mbit/s. This is above what we saw previously when calculating the TCP Receiver Window throughput, in which case you can only expect a maximum of 5.24Mbits. However, when you increase the packet loss to 0.1% (1 packet loss in 1000) you get a result of 3.59Mbit/s. This number gets exponentially worse as you increase the RTT and the Packet Loss Percentage.
Identifying the cause of network errors should be the first step in troubleshooting network performance issues and in each case a different solution may be sought.
Key Performance Indicators
Based on the problems that a network can experience, we can draw up a few conclusions that will assist with providing key performance indicators that the network can be measured by.
Availability
Network availability is the measurement of the total time that a network is operational without incidents that cause downtime for the organisation. It is calculated between a set time frame (Weekly, Monthly, Yearly) and is calculated with the below formula:
Uptime/(Downtime+Uptime)=Availability%
Most businesses aim for as little downtime as possible, however the risk associated to downtime will need to be weighed with the cost of additional redundancies on the network. The network availability should be aligned with the providers Service Level Agreements.
Performance
The performance of a network it the second metric that should be measured. This will be how a network performs during peak times of operation and will requirement the use of monitoring tools and user feedback to identify if the KPI’s are being met. Monitoring tools can include applications like PRTG, Nagios and Zabbix. These will identify high latency and bottlenecks on the network which will negatively impact the user experience. The second metric to monitor performance would be to make use of user feedback. Should there be a high rate of user complaints be due to the performance of the network then steps should be taken to address these.
Utilisation
Monitoring the utilisation of a network will ensure that the demands of the organisation are being met and user experience is not restricted by network throughput. The monitoring of network utilisation will again require the use of network monitoring tools as before. The general rule of thumb for a WAN connection is to aim for 70% utilisation average. This will ensure that the organisation is not over spending on an underutilised network and ensure that the connection can handle traffic peaks.
Packet Loss
The last important metric to measure a network on is packet loss. As described earlier, this can have a drastic effect on network performance. The tools to monitor packet loss are built into most modern-day switches and routers. These will identify how many packets are dropped per interface on a network. As defined by the IEEE 802.3 standards, a .0001% packet loss is acceptable and should be the benchmark that a network aims for.
References
Abbas, A. (2009). Mathis Equation and TCP performance [online]. Available at: https://alouche.net/2009/09/16/mathis-equation-and-tcp-performance/ [Accessed 2018/02/28].
Cisco Certified Expert, (2017). Optimum Network Utilization [online]. Available at: https://www.ccexpert.us/network-design-2/optimum-network-utilization.html [Accessed 2018/03/01].
CiscoNet, (2009). What is Alignment Errors ? [online]. Available at: http://cisconet.com/lanman/lan-general/399-what-is-alignment-errors-.html [Accessed 2018/02/27].
Ciscopress, (2003). CCNA: Network Media Types [online]. Available at: http://www.ciscopress.com/articles/article.asp?p=31276&seqNum=2 [Accessed 2018/02/26].
Gridelli, S. (2014). How to calculate network availability? [online]. Available at: https://netbeez.net/blog/how-to-calculate-network-availability/ [Accessed 2018/03/01].
Hedlund, B. (2008). How to Calculate TCP throughput for long distance WAN links [online]. Brad Hedlund. Available at: http://bradhedlund.com/2008/12/19/how-to-calculate-tcp-throughput-for-long-distance-links/ [Accessed 2018/02/25].
Hogg, S. (2013). MTU Size Issues [online]. Available at: https://www.networkworld.com/article/2224654/cisco-subnet/mtu-size-issues.html [Accessed 2018/02/28].
Juniper, (2016). Fast Ethernet 100BASE-T Copper Interface Specifications [online]. Available at: https://www.juniper.net/documentation/en_US/release-independent/junos/topics/reference/specifications/transceiver-m-mx-t-series-100base-t-copper-specifications.html [Accessed on 2018/02/26].
Rouse, M. (2010). WAN optimization (WAN acceleration) [online]. TechTarget. Available at: http://searchenterprisewan.techtarget.com/definition/WAN-optimization [Accessed 2018/02/25].
Studytonight, (n.d.). Bounded/Guided Transmission Media [online]. Available at: https://www.studytonight.com/computer-networks/bounded-transmission-media [Accessed 2018/02/25].
TechnoPedia, (n.d.). Frame Check Sequence [online]. Available at: https://www.techopedia.com/definition/24793/frame-check-sequence [Accessed 2018/02/27].
The Linux Information Project, (2005). Collision Definition [online]. Available at: http://www.linfo.org/collision.html [Accessed 2018/02/27].