[CCNA学习指南] 第一章 网络互联 Internetworking

网络 Network


@ZYX 写于2020年07月01日

第一章 网络互联 Internetworking



  • Describe how a network works>
  • Describe the purpose and functions of various network devices
  • Select the components required to meet a network specification
  • Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network
  • Describe common networked applications including web applications
  • Describe the purpose and basic operation of the protocols in the OSI and TCP models
  • Describe the impact of applications (Voice over IP and Video over IP) on a network
  • Interpret network diagrams
  • Describe the components required for network and Internet communications
  • Identify and correct common network problems at layers 1, 2, 3, and 7 using a layered model approach
  • Differentiate between LAN/WAN operation and features
  • Configure, verify, and troubleshoot a switch with VLANs and interswitch communications
  • Explain network segmentation and basic traffic management concepts
  • Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network
  • Explain the operation and benefits of using DHCP and DNS
  • Configure, verify, and troubleshoot basic router operation and routing on Cisco devices


  1. Internetworking basics
  2. Network segmentation
  3. How bridges, switches, and routers are used to physically and logically segment a network
  4. How routers are employed to create an internetwork

1.1 网络互联基础 Internetworking Basics

  1. 模拟一个交流场景 Bob -=- HUB -=- Sally
    1. This network is actually one collision domain and one broadcast domain
    2. they’re both on the same LAN connected with a multiport repeater (a hub).
    3. Bob is actually going to use Sally’s MAC address to get ahold of her.
    4. How to get MAC?

      1. Bob is going to start with name resolution (hostname to IP address resolution), using Domain Name Service (DNS).
        • if these two are on the same LAN, Bob can just broadcast to Sally asking her for the information (no DNS needed)
        • since the two hosts are on a local LAN, Bob will just broadcast to resolve the name Sally ( is a broadcast address)
||NBNS|Name query NB SALLY<00>
        • shows that Bob knows his own MAC address and source IP address
        • but not Sally’s IP address or MAC address
        • so Bob sends a broadcast address of
          • all fs for the MAC address (a Data Link layer broadcast)
          • and an IP LAN broadcast of
    5. Next, check out Sally’s response:
      Source Destination Protocol Info ARP is at 00:0b:db:99:d3:5e NBNS Name query response NB
  2. break up one large network into a bunch of smaller ones
    • because user response will have dwindled to a slow crawl as the network grew and grew
    • The answer breaking up a big network into a number of smaller ones—network segmentation
      • using devices like routers, switches, and bridges
  3. some causes of LAN traffic congestion:
    • Too many hosts in a broadcast or collision domain
    • Broadcast storms
    • Too much multicast traffic
    • Low bandwidth
    • Adding hubs for connectivity to the network
  4. hubs don’t segment a network; they just connect network segments together.
    1. an inexpensive way to connect a couple of PCs together, which is great for home use and troubleshooting
  5. routers
    1. are used to
      1. connect networks together
      2. and route packets of data from one network to another
    2. break up a broadcast domain
      1. broadcast domain: the set of all devices on a network segment that hear all the broadcasts sent on that segment
      2. Breaking up a broadcast domain is important
        1. because when a host or server sends a network broadcast, every device on the network must read and process that broadcast unless you’ve got a router
    3. when the router’s interface receives this broadcast, it can discard the broadcast without forwarding it on to other networks
    4. break up collision domains as well.
    5. Advantage of using router
      1. They don’t forward broadcasts by default.
      2. They can filter the network based on layer 3 (Network layer) information (e.g., IP address).
    6. function summary:
      1. Packet switching
      2. Packet filtering
      3. Internetwork communication
      4. Path selection
    7. routers are really switches: they’re actually what we call layer 3 switches
      1. router vs “switch”
        1. layer 2 switches, which forward or filter frames,
          1. they’re employed to add functionality to a network LAN
            1. The main purpose of a switch: to optimize its performance—providing morebandwidth for the LAN’s users
          2. switches only “switch” frames from one port to another within the switched network
          3. switches break up collision domains:
            • collision domains: a network scenario wherein one particular device sends a packet on a network segment, forcing every other device on that same segment to pay attention to it
            • If at the same time a different device tries to transmit, leading to a collision, both devices must retransmit, one at a time.
            • This situation is typically found in a hub environment
            • each and every port on a switch represents its own collision domain
        2. Every Switch port creates only 1 single broadcast domain
        3. routers (or layer 3 switches):
          1. use logical addressing
          2. and provide what is called packet switching.
          3. Routers can also provide packet filtering by using access lists,
    8. internetwork:
      1. when routers connect two or more networks together and use logical addressing (IP or IPv6), this is called an internetwork.
  6. bridging:
    1. bridges and switches basically do the same thing
      • break up collision domains on a LAN
    2. LAN switches use bridging technologies, so Cisco still refers to them as multiport bridges
    3. use a bridge in a network to
      1. reduce collisions within broadcast domains
      2. and to increase the number of collision domains in your network
        • Doing this provides more bandwidth for users

1.2 网络互联模型 Internetworking Models

  • The OSI model was meant to create interoperable network devices and software
    • in the form of protocols
    • so that different vendor networks could work with each other
      1. binding: at a particular layer, the communication processes that are related to each other are bound
      2. The OSI model:
      3. is hierarchical
      4. Advantage:
      5. divides the process into smaller and simpler components
        1. aiding component development, design, and troubleshooting
      6. allows multiple-vendor development through standardization of network components
      7. encourages industry standardization by defining what functions occur at each layer of the model
      8. allows various types of network hardware and software to communicate.
      9. prevents changes in one layer from affecting other layers
      10. One of the greatest functions is to assist in data transfer between disparate hosts
      11. The OSI has 7 different layers, divided into 2 groups:
      12. The top three layers define how the applications within the end stations will communicate with each other and with users:
      13. Application 应用层
        • Provides a user interface
          • File, print, message, database, and application services
      14. Presentation 表示层
        • Presents data
        • handles processing such as encryption
          • Data encryption, compression, and translation services
      15. Session 会话层
        • Keeps different applications’ data seperate
          • Dialog control
        • none of the upper layers knows anything about networking or network
      16. the four bottom layers define 1 how data is transferred through a physical wire or through switches and routers 2 how to rebuild a data stream from a transmitting host to a destination host’s application
      17. Transport 传输层:
        1. Provides reliable or unreliable delivery
        2. Perofrms error correction before retransmit
          • End-to-end connection
      18. Network 网络层:
        1. Provides logical addressing which routers use for path determination
          • Routing
      19. Data Link 数据链路层
        1. Combines packets -> bytes -> frames
        2. Provides access to media using MAC
        3. Performs error detection (not correction)
          • Framing
      20. Physical 物理层
        1. Moves bits between devices
        2. Specifies volage, wire speed, and pin-out of cables(电缆针脚)
          • Physical topology
      21. The following network devices operate at all seven layers of the OSI model:
      22. Network Management Stations (NMSs)
      23. Web and application servers
      24. Gateways (not default gateways)
      25. Network hosts

1.3.1 Application Layer 应用层

  1. marks the spot where users actually communicate to the computer
  2. This layer acts only when access to the network is going to be needed
    • 若不涉及网络应用,不会用到应用层。比如浏览本地网页
  3. Application layer is acting as an interface between the actual application program and the next layer down
    • by providing ways to send information down through the protocol stack
    • this means that Microsoft Word, for example, does not reside at the Application layer but instead interfaces with the Application layer protocols
  4. is also responsible for identifying and establishing the availability of the intended communication partner and determining whether sufficient resources for the intended communication exist.
  5. often unites communicating components from more than one network application

1.3.2 Presentation Layer 表示层

  1. presents data to the Application layer
  2. is responsible for
    1. data translation
    2. code formatting.
      • essentially a translator and provides coding and conversion functions
  3. ensures that data transferred from the Application layer of one system can be read by the Application layer of another one.
  4. Tasks like data compression, decompression, encryption, decryption, and some multimedia operations are associated

1.3.3 Session Layer 会话层

  1. is responsible for setting up, managing, and then tearing down sessions between Presentation layer entities
  2. provides dialog control between devices, or nodes
  3. coordinates communication between systems and serves to organize their communication by:
    1. simplex 单工
    2. half duplex 半双工
    3. and full duplex 全双工
      • keeps different applications’ data separate

1.3.4 Transport Layer 传输层

  1. segments data from upper-layer applications and unite it into the same data stream.
  2. provide end-to-end data transport services
  3. establish a logical connection between the sending host and destination host on an internetwork.
  4. TCP UDP
    • is responsible for:
      1. providing mechanisms for multiplexing upper-layer applications
      2. establishing sessions
      3. tearing downvirtual circuits
      4. hides details of any network-dependent information from the higher layers by providing transparent data transfer
    • reliable networking:
      acknowledgments, sequencing, and flow control will be used.
  5. The Transport layer can be connectionless or connection oriented
  6. Flow Control
    • Data integrity is ensured at the Transport layer by maintaining flow control
      1. prevents a sending host from overflowing the buffers in the receiving host
      2. Reliable data transport employs a connection-oriented communications session, and the protocols involved ensure that the following will be achieved:
      3. The segments delivered are acknowledged back to the sender upon their reception.
      4. Any segments not acknowledged are retransmitted.
      5. Segments are sequenced back into their proper order upon arrival at their destination.
      6. A manageable data flow is maintained in order to avoid congestion, overloading, and data loss.
  7. Connection-Oriented Communication 面向连接的通信
    1. In reliable transport operation, a device that wants to transmit sets up a connection-oriented communication session with a remote device by creating a session:
      1. first establishes a session with its peer system, which is called a call setup or a three-way handshake
      2. Data is then transferred
      3. Finally a call termination takes place to tear down the virtual circuit
    2. While the information is being transferred, the two machines periodically check in with each other to ensure that the data is being received properly
    3. summary of the steps in the connection-oriented session—the three-way handshake:
      1. The first “connection agreement” segment is a request for synchronization.
      2. The next segments acknowledge the request and establish connection parameters. These segments request that the receiver’s sequencing is synchronized here as well so that a bidirectional connection is formed.
      3. The final segment is also an acknowledgment. It notifies the destination host that the connection agreement has been accepted and that the actual connection has been established. Data transfer can now begin.
    4. Buffer: when a machine receives a flood of datagrams too quickly for it to process, it stores them in a memory section called a buffer:
      • 如果缓存已满,之后的数据将被丢弃
    5. Instead of dumping data and allowing data to be lost, the transport can issue a “not ready” indicator to the sender.
    6. In connection-oriented data transfer, datagrams are delivered to the receiving host in the same sequence they’re transmitted:
      • the transmission fails if:
        1. this order is breached
        2. any data segments are lost, duplicated, or damaged along the wa
      • solved by having the receiving host acknowledge that it has received each and every data segment.
    7. A service is considered connection oriented if it has the following characteristics:
      1. A virtual circuit is set up (e.g., a three-way handshake).
      2. It uses sequencing.
      3. It uses acknowledgments.
      4. It uses flow control.
        • The types of flow control are buffering, windowing, and congestion avoidance
  8. Windowing 窗口技术
    • the sender uses the break as an opportunity to transmit more data
      • because there’s time available before it finishes processing acknowledgments from the receiving machine,
    • The quantity of data segments (measured in bytes) that the transmitting machine is allowed to send without receiving an acknowledgment is called a window.
      1. Windows are used to control the amount of outstanding, unacknowledged data segments.
        • So the size of the window controls how much information is transferred
    • If a receiving host fails to receive all data, the host can decrease the window size.
  9. Acknowledgments 确认
    • through something called positive acknowledgment with retransmission
      • Reliable data delivery guarantees that the data won’t be duplicated or lost
        1. requires a receiving machine send an acknowledgment message back to the sender when it receives data
        2. When sending a segment, the transmitting machine starts a timer and retransmits if it expires before an acknowledgment is returned

1.3.5 Network Layer 网络层

  1. manages device addressing
  2. tracks the location of devices on the network
  3. and determines the best way to move data
    • must transport traffic between devices that aren’t locally attached (Router)
  4. 步骤:
    1. when a packet is received on a router interface, the destination IP address is checked
    2. 2 Conditions:
      1. If the packet isn’t destined for that particular router
        1. it will look up the destination network address in the routing table
        2. nce the router chooses an exit interface, the packet will be sent to that interface to be framed and sent out on the local network
      2. If the router can’t find an entry for the packet’s destination network in the routingtable
        • the router drops the packet
  5. Two types of packets are used at the Network layer: data and route updates:
    1. Data packets: Used to transport user data through the internetwork
      • Protocols used to support data traffic are called routed protocols
        • IPv4 IPv6
    2. Route update packets: Used to update neighboring routers about the networks connected to all routers within the internetwork.
      • Protocols that send route update packets are called routing protocols
        • RIP EIGRP OSPF
  6. The routing table includes the following information:
    1. Network addresses 网络地址: Protocol-specific network addresses
      • must maintain a routing table for individual routed protocol
        • because each routed protocol keeps a network with a different addressing scheme
    2. Interface 接口: The exit interface a packet will take when destined
    3. Metric 度量值: The distance to the remote network
  7. Because each interface in a router represents a separate network, it must be assigned unique network identification numbers, and each host on the network connected to that router must use the same network number.
    • Here are some points about routers that you should really commit to memory:
      1. Routers, by default, will not forward any broadcast or multicast packets.
      2. Routers use the logical address in a Network layer header to determine the next hop router to forward the packet to.
      3. Routers can use access lists, created by an administrator, to control security on the types of packets that are allowed to enter or exit an interface.
      4. Routers can provide layer 2 bridging functions if needed and can simultaneously route through the same interface.
      5. Layer 3 devices (routers in this case) provide connections between virtual LANs (VLANs).
      6. Routers can provide quality of service (QoS) for specific types of network traffic.

1.3.6 Data Link Layer 数据链路层

  1. provides the physical transmission of the data
  2. handles error notification, network topology, and flow control
    • This means that the Data Link layer will
      1. ensure that messages are delivered to the proper device on a LAN using hardware addresses
      2. will translate messages from the Network layer into bits for the Physical layer to transmit
  3. Data Frame:
    • The Data Link layer formats the message into pieces, each called a data frame,
    • and adds a customized header containing the hardware destination and source address
  4. For a host to send packets to hosts on a local network as well as transmit packets between routers, the Data Link layer uses hardware addressing.
  5. Each time a packet is sent between routers,
    1. it’s framed with control information at the Data Link layer,
    2. but that information is stripped off at the receiving router and only the original packet is left.
      • This framing of the packet continues for each hop until the packet is finally delivered to the correct receiving host.
      • the packet itself is never altered along the route;
      • only encapsulated with the type of control information.
  6. The IEEE Ethernet Data Link layer has two sublayers:
    1. Media Access Control (MAC) 802.3 Layer:
      • Defines how packets are placed on the media
      • Contention media access is “first come/first served” access where everyone shares the same bandwidth
        1. Physical addressing, logical topologies is defined:
          • logical topology: the signal path through a physical topology
        2. Line discipline, error notification (not correction), ordered delivery of frames, and optional flow control can also be used at this sublayer
    2. Logical Link Control (LLC) 802.2 Layer:
      • Responsible for identifying Network layer protocols and then encapsulating them
      • LLC header tells the Data Link layer what to do with a packet once a frame is received
        • A host look in the header to find out where the packet is destined, 比如网络层的IP协议
      • The LLC can also provide flow control and sequencing of control bits.
  7. switches and bridges both work at the Data Link layer and filter the network using hardware (MAC) addresses:
    1. Layer 2 switching is considered hardware-based bridging because it uses specialized hardware called an application-specific integrated circuit (ASIC).
      • can run up to gigabit speeds with very low latency rates
        • Latency is the time measured from when a frame enters a port to when it exits a port.
    2. Bridges and switches read each frame as it passes through the network.
    3. The layer 2 device then puts the source hardware address in a filter table and keeps track of which port the frame was received on
      • to determine the location of the specific sending device
    4. LOCATION is important
    5. After a filter table is built, it will forward frames only to the segment where the destination hardware address is located:
      1. If the destination device is on the same segment as the frame, the layer 2 device will block the frame from going to any other segments
      2. If the destination is on a different segment, the frame can be transmitted only to that segment. This is called transparent bridging.
    6. When a switch interface receives a frame with a destination hardware address that isn’t in the filter table, it will forward the frame to all connected segments:
      1. If the unknown device replies to this forwarding action, the switch updates its filter table
        • But in the event the destination address of the transmitting frame is a broadcast address, the switch will forward all broadcasts to every connected segment by default
        • All devices that the broadcast is forwarded to are considered to be in the same broadcast domain. This can be a problem: layer 2 broadcast storms

1.3.7 Physical Layer 物理层

  1. It sends bits and receives bits
  2. The Physical layer communicates directly with the various types of actual communication media(介质)
    • Different kinds of media represent these bit values in different ways
  3. specifies the electrical, mechanical, procedural, and functional requirements for activating, maintaining, and deactivating a physical link between end systems
  4. This layer is also where you identify the interface between the data terminal equipment (DTE) and the data communication equipment (DCE)
    • The DCE is usually located at the service provider, while the DTE is the attached device
  5. Hubs at the Physical Layer
    1. a hub is really a multiple-port repeater:
      • receives a digital signal
      • reamplifies or regenerates that signal
      • and then forwards the digital signal out all active ports
    2. This means all devices plugged into a hub are in the same collision domain as well as in the same broadcast domain
    3. Every device connected to the hub, or hubs, must listen if a device transmits