by Mark Sportack
An internetworking protocol stack is a suite of related communications protocols that offers users the mechanisms and services required to communicate with other network-connected machines. From the users' perspective, the protocol stack is what makes a network usable.
The previous chapters examined the first and second layers of a protocol stack: the physical and data link layers. A protocol stack should offer mechanisms that either provide these two layers' functionality, or interface with existing, standardized network access vehicles. The next layer of the OSI Reference Model is Layer 3, the network layer. This layer provides the mechanisms that enable the transfer of information between source and destination machines across a communications network. This layer is formed by converting Layer 2 frames and addressing into Layer 3 packets with addressing that is recognizable outside the LAN. These packets are then routed to their destination. An example of a Layer 3 routed protocol is the Internet Protocol (IP).
Whereas Layer 3 provides internetwork data transfers, Layer 4 (the transport layer) provides Layer 3 network mechanisms with end-to-end reliability and integrity. The transport layer may be required to guarantee error-free delivery of packets sequencing of delivered packets, and quality of service. An example of a Layer 4 protocol is the Transmission Control Protocol (TCP). TCP is almost always referred to in combination with its Layer 3 counterpart as TCP/IP.
The use of Layers 3 and 4 implies that the source and destination computers are not connected to the same LAN, regardless of how close or distant they are. Thus, internetworking two different networks is required to support the requested transmission. Consequently, the communications mechanisms of Layer 2 are inadequate. Conversely, these layers are not always required. For example, if both the source and destination computers are connected to the same LAN, they may communicate satisfactorily using only Layer 2 network frames and protocols.
There are two types of networking protocols that operate at Layer 3: routed protocols and routing protocols. Routed protocols are those that encapsulate user information and data into packets, and are responsible for transporting them to their destination. Routing protocols are used between routers to determine available routes, communicate what is known about available routes, and forward routed protocol packets along those routes. This chapter focuses on the most common routed protocols. For more information on routing protocols, please see Chapter 9, "Routers."
The Internet Protocol (IP) was developed approximately 20 years ago for the Department of Defense (DoD). The DoD needed a way to interconnect various brands of proprietary computers, and their equally proprietary support networks, across a common internetwork. This was achieved through a layered protocol that insulated applications from networking hardware.
Unlike the OSI Reference Model, the TCP/IP model focuses more on delivering interconnectivity than on rigidly adhering to functional layers. It does this by acknowledging the importance of a hierarchical arrangement of functions but still leaving protocol designers ample flexibility for implementation. Consequently, the OSI Reference Model is significantly better at explaining the mechanics of inter-computer communications, but TCP/IP has become the internetworking protocol of choice in the marketplace.
The flexibility of the TCP/IP Reference Model is shown in Figure 4.1 through a comparison to the OSI Reference Model.
FIGURE 4.1. Comparison of OSI and TCP/IP Reference Models.
The TCP/IP Reference Model, developed long after the protocol it explains, offers significantly more flexibility than its OSI counterpart by emphasizing the hierarchical arrangement of functions, rather than strict functional layering.
The TCP/IP protocol stack includes four functional layers: process/application, host-to-host, Internet, and network access. These four layers, starting at the top and working downward, loosely correlate to the seven layers of the OSI Reference Model without compromising functionality.
The process/application layer provides protocols for remote access and resource sharing. Familiar applications such as Telnet, FTP, SMTP, HTTP, and many others all reside and operate in this layer and depend upon the functionality of the underlying layers.
The IP host-to-host layer correlates loosely to the OSI Reference Model's session and transport layers. It consists of two protocol entities: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). A third entity is being defined to accommodate the increasingly transaction-oriented nature of the Internet. This protocol entity is tentatively called Transaction Transmission Control Protocol (T/TCP).
TCP provides a connection-oriented data transmission between two or more hosts, can support multiple data streams, and provides for flow and error control, and even for the reordering of packets that may have been received out of order.
The TCP protocol header is a minimum of 20 octets and contains the following fields:
The User Datagram Protocol (UDP) is IP's other host-to-host (or transport) layer protocol. UDP provides a basic, low-overhead, data transmission mechanism known as a datagram. The simplicity of datagrams makes UDP inappropriate for some applications, but perfect for more sophisticated applications that can provide their own connection-oriented functionality.
Alternatively, UDP can be used for exchanges of data, such as broadcasting NetBIOS names, system messages, and so on, as these exchanges do not require flow control, acknowledgments, reordering, or any of the functionality that TCP provides.
The UDP protocol header has the following structure:
The major functional difference between TCP and UDP is reliability. TCP is highly reliable and UDP is a simple, "best effort" datagram delivery mechanism. This fundamental difference results in vastly different uses of the two host-to-host layer protocols.
The Internet, or network, layer of IPv4 consists of all the protocols and procedures necessary to allow data communications between hosts to traverse multiple networks. This means that the data-bearing packets must be routable. The Internet Protocol (IP) is responsible for making data packets routable.
The IP header is a minimum of 20 octets long, and has the following structure:
NOTE: IP packets are forwarded across different networks by devices known as routers. Each router that a packet passes through is considered a hop. Establishing a maximum hop count ensures that packets do not loop continuously in a dynamically routed network.
The IP header is illustrated in Figure 4.2.
FIGURE 4.2. The IP header structure.
These header fields reveal that IPv4's Internet layer is inherently connectionless: It lets packets "find" their own way through the networks. It also doesn't provide any of the acknowledgements, flow control, or sequencing functions of higher-level protocols such as TCP. It leaves such functions to those higher-level protocols.
The Internet layer must also support other route-management functions beyond just packet formatting. It must provide mechanisms for resolving Layer 2 addresses into Layer 3 addresses, Layer 3 addresses into Layer 2 addresses, and so on. These functions are provided by peer protocols to IP. These protocols include Interior Gateway Protocols (IGP), Exterior Gateway Protocols (EGP), Address Resolution Protocol (ARP), Reverse Address Resolution Protocol (RARP), and Internet Control Message Protocol (ICMP).
The application layer places a header on to the data packet, identifying the destination host and port. The host-to-host layer protocol (either TCP or UDP, depending on the application) breaks that block of data into smaller, more manageable pieces. Each piece has a TCP header prepended to it. This structure is known as a TCP segment.
The segment's header fields are populated appropriately, and the segment is passed to the Internet layer. The Internet layer adds the addressing, protocol type (TCP or UDP), and checksum information. If the segment is fragmented, this layer populates that field as well. Figure 4.3 depicts a TCP/IP packet in this state, just prior to being passed to the data link layer.
FIGURE 4.3. Structure of an 802.3 Ethernet frame with a TCP/IP payload.
This illustration shows the positioning of the TCP and IP headers within an 802.3 Ethernet frame. This is the structure used to pass data between the network access and Internet layers.
The destination machine performs the reverse of the operation just described. It receives the packets and passes them to its host-to-host layer protocol for reassembly. If necessary, the packets are reordered into data segments that are passed up to the appropriate application.
IPv4 uses a 32-bit binary addressing scheme to identify networks, network devices, and network-connected machines. These addresses, known as IP addresses, are strictly regulated by the Internet Network Information Center (InterNIC). It is entirely possible for a network administrator to arbitrarily select unregistered IP addresses; this practice should not be condoned. Computers having such spurious IP addresses will function properly only within the confines of their domain. Attempts to access the Internet will demonstrate the ramifications of this short-sighted act.
There are five classes of IP addresses, identified by a single alphabetic character--that is, Class A, Class B, Class C, and so on. Each address consists of two parts: a network address and a host address. The five classes represent different compromises between the number of supportable networks and hosts. Although these addresses are binary, they are normally identified with a dotted decimal format, for example, 135.65.121.6, to facilitate human usage. The dots are used to separate the address's four octets.
The large gaps between these address classes resulted in the wasting of potential addresses. For example, a medium-sized company might require 300 IP addresses. This means that a Class C address would be inadequate. Using two Class C addresses would provide more than enough addresses, but result in two separate domains within the company.
NOTE: Please note, this is no longer the case. A new inter-domain routing protocol known as Classless Interdomain Routing (CIDR) has been developed to enable multiple smaller address classes to function as a single routing domain.
Stepping up to a Class B address would provide all the needed addresses within a single domain, but would waste 65,234 addresses.
IP addressing requires each machine to have its own unique address. Subnet masks may optionally be used to compensate for the tremendous gaps between address classes by customizing the length of the host and/or network addresses. These two numbers are used to route any given IP datagram to its destination.
As TCP/IP is capable of supporting multiple sessions from a single host, it must then provide a way of addressing specific communications programs that may operate on each host. This is done through port numbers. Some of the more common applications are assigned their own "well-known" port numbers. These numbers are reliably constant, per application, from host to host. Other applications are simply assigned an available port number.
IPv4 is almost 20 years old. Since its inception, the Internet has experienced several significant changes that have diminished IP's effectiveness as a universal interconnectivity protocol. Perhaps the most significant of these changes has been the commercialization of the Internet. This has brought with it an unprecedented growth in the Internet's user population and a shift in its demographics. This, in turn, has created the tandem need for more addresses and network layer support for new types of service. IPv4's limitations have been driving the development of a completely new version of the protocol. This new version is called IP version 6 (IPv6) but was also commonly referred to as the "next generation" of Internet Protocol (IPng).
IPv6 is designed to be a simple, forward-compatible upgrade to the existing version of IP. This upgrade is also intended to resolve all of the weaknesses that IPv4 is currently manifesting, including the shortage of available IP addresses, the inability to accommodate time-sensitive traffic, and its lack of network layer security.
In addition to these issues, routing is also driving the development and deployment of the new IP protocol. IPv4 is hampered by its 32-bit address, its two-level addressing hierarchy, and its address classes. This two-level addressing hierarchy (host and domain name) simply does not allow construction of efficient address hierarchies that can be aggregated by routers on the scale that today's global Internet requires.
The next generation of IP, commonly known as IPng but more correctly identified as IPv6, resolves all of these issues. It offers a vastly expanded addressing scheme to support the continued expansion of the Internet, and an improved ability to aggregate routes on a large scale.
IPv6 also supports numerous other features, such as real-time audio or video transmissions, host mobility, end-to-end security through network layer encryption and authentication, as well as auto-configuration and auto-reconfiguration. It is expected that these services will provide ample incentive for migration as soon as IPv6-capable products become available. Many of these features still require additional standardization. Therefore, it would be premature to expound upon them at any great length.
The one aspect of IPv6 that can, and should, be expounded upon is its addressing. IPv4's 32-bit address length gave the protocol a theoretical capability to address 2 to the 32nd power, or about 4 billion devices. Inefficient subnet masking techniques, among other wasteful practices, has squandered this resource.
IPv6 uses a 128-bit address and is theoretically capable of 2 to the 96th power times the size of the IPv4 address space. This equals 340,282,366,920,938,463,463,374,607,431,768,211,456 mathematically possible addresses. Only about 15 percent of this potential address space is currently allocated. The remainder is reserved for unspecified future use.
In reality, the assignment and routing of addresses requires the creation of hierarchies. This reduces the number of potential addresses, but increases the efficiency of IPv6-capable routing protocols. One practical implication of the IPv6 address length is that DNS becomes an absolute necessity and not the luxury that it had been in the IPv4 network environment.
As significant as the increased potential address space is, even greater flexibility is afforded through IPv6's new address structures. IPv6 dispenses with the previous class-based addressing. Instead, it recognizes three kinds of unicast address, replaces the former Class D address with a new multicast address format, and introduces a new "anycast" address. These new addressing structures must be understood prior to undertaking an IPv6 migration.
Unicast addressing provides connectivity from one endpoint to one endpoint. IPv6 supports several forms of unicasting addresses. They are described in the following sections.
Whereas IPv4 pre-assumed clusters of users requiring connectivity, IPv6 provides a unicast address format designed specifically for use by Internet service providers (ISPs) to connect individual users to the Internet. These provider-based unicast addresses offer unique addresses for individuals or small groups that access the Internet via a provider. The architecture of the address provides for efficient aggregation of routes in an environment characterized by individual users, as opposed to large concentrations of users.
The ISP unicast address format is: 3 bits n bits m bits o bits p bits 125 - (n+m+o+p) bits 010 Registry ID Provider ID Subscriber ID Subnet ID Interface ID An example of this address would be 010:0:0:0:0:x, where x can be any number. Given that much of the new address space has yet to be allocated, these addresses will contain lots of 0s. Therefore, groups of 0s may be shortened with a double "::". This shorthand notation would be 010::x.
The other unicast address types are designed for local use. These addresses can be assigned to networked devices within a standalone intranet or to devices on an intranet that access the Internet.
The Link-local is for use on a single link, for purposes such as auto-address configuration, neighbor discovery, or when no routers are present. Link-local addresses have the following format:
| 10 bits | n bits | 118 - n bits |
| 1111111011 | 0 | interface ID |
Site-local addresses are designed for use in a single site. They may be used for sites or organizations that are not connected to the global Internet. They do not need to request or "steal" an address prefix from the global Internet address space. IPv6 Site-local addresses can be used instead. When the organization connects to the global Internet, it can then form unique global addresses by replacing the Site-local prefix with a subscriber prefix that contains a Registry, Provider, and Subscriber Identification.
Site-local addresses have the following format:
| 10 bits | n bits | m bits | 118 - (n + m) bits |
| 1111111011 | 0 | subnet ID | interface ID |
Two special IPv6 unicast addresses have been defined as transition mechanisms to allow hosts and routers to dynamically route IPv6 packets over an IPv4 network infrastructure and vice versa.
The first is called an IPv4-compatible IPv6 address. This transitional unicast address can be assigned to IPv6 nodes and contain an IPv4 address in the last 32 bits. These addresses have the following format:
| 80 bits | 16 bits | 32 bits |
| 000.............................................0000 | 00............00 | IPv4 address |
A second, similar, type of IPv6 address that also contains an IPv4 address in its last 32 bits is known as an IPv4-mapped IPv6 address. This address is constructed by a dual protocol router and permits IPv4-only nodes to tunnel through IPv6 network infrastructure. The only difference between IPv4-mapped IPv6 addresses and IPv4-compatible IPv6 addresses is that IPv4-mapped addresses are constructs only. They are built automatically by dual protocol routers and cannot be assigned to any nodes! This address is formatted as follows:
| 80 bits | 16 bits | 32 bits |
| 000.......................................0000 | FF.........FF | IPv4 address |
The anycast address, introduced in IPv6, is a single value assigned to more than one interface. Typically, these interfaces belong to different devices. A packet sent to an anycast address is routed to only one device. It is sent to the "nearest" interface having that address, as defined by the routing protocols' measure of distance. For example, a World Wide Web (WWW) site may be mirrored on several servers. By assigning an anycast address to these servers, requests for connectivity to that WWW site are automatically routed to only one server: the server nearest the user.
Anycast addresses are formed from the unicast address space and may take the form of any unicast address type. Anycast addresses are formed simply by assigning the same unicast address to more than one interface.
Multicasting was previously supported in IPv4, but required the use of obscure Class D addressing. IPv6 eliminates Class D addresses in favor of a new address format that permits trillions of possible multicast group codes. Each group code identifies two or more packet recipients. The scope of a particular multicast address is flexible. Each address can be confined to a single system, restricted within a specific site, associated with a particular network link, or distributed globally.
It should be noted that IP broadcasts, too, have been eliminated in favor of the new multicasting address format.
Despite the potential benefits of IPv6, the migration from IPv4 is not risk free. The extension of the address length from 32 to 128 bits automatically limits interoperability between IPv4 and IPv6. IPv4-only nodes cannot interoperate with IPv6-only nodes as the address architectures are not forward compatible. This business risk, in combination with the ongoing evolution of IPv4, will likely forestall the acceptance of IPv6 in the marketplace.
The Novell protocol suite is named after its two primary protocols: Internet Packet Exchange (IPX) and Sequenced Packet Exchange (SPX). This proprietary protocol stack is based on Xerox's Network Systems (XNS) protocol, used with first generation Ethernets. IPX/SPX became prominent during the early 1980s as an integral part of Novell, Inc.'s NetWare. NetWare became the de facto standard network operating system (NOS) of first generation LANs. Novell complemented its NOS with a business-oriented application suite and client-side connection utilities.
IPX is much like IP. It is a connectionless datagram protocol that does not require, nor provide, an acknowledgment for each packet transmitted. IPX also relies upon SPX in the same way that IP relies upon TCP for sequencing and other Layer 4 connection-oriented services. The relationship between the OSI Reference Model and the IPX/SPX protocol suite is illustrated in Figure 4.4.
FIGURE 4.4. Comparison of the OSI Reference Model and IPX/SPX.
Novell's IPX and SPX protocols provide functionality equivalent to the OSI Layers 3 and 4, respectively. The full suite of IPX/SPX protocols provides the functionality of the other OSI layers in four layers.
The IPX/SPX protocol stack includes four functional layers: application, internet, data link, and medium access. These four layers are presented from the highest to the lowest, and loosely correlate to the seven layers of the OSI Reference Model without compromising functionality.
Novell's application layer encompasses the application, presentation, and session layers of the OSI model, although some of its application protocols extend as far down the stack as the OSI network layer. The primary application layer protocol in this stack is the NetWare Core Protocol (NCP). NCP can interface directly with both SPX and IPX. NCP is used for printing, file sharing, e-mail, and directory access.
Other application layer protocols include Routing Information Protocol (RIP), a proprietary Service Advertisement Protocol (SAP), and NetWare Link Services Protocol (NLSP), among others.
RIP is the default routing protocol for NetWare. It is a distance-vector routing protocol that uses only two metrics: ticks and hops. A tick is a measure of time, and a hop, as explained earlier in this chapter, is the running tally of routers that have handled the routed packet. These two metrics are the basis for IPX routing path decisions. Ticks are the primary metric for determining paths. Hops are used only as "tie breakers" in the event of two or more paths having the same tick value.
RIP is a very simple and mature routing protocol. In addition to its limited number of distance-vector metrics, it suffers from a high level of network overhead incurred because RIP routing table updates are broadcast every 60 seconds. This can have adverse effects on large or very busy networks.
SAP is a unique and proprietary protocol that Novell has successfully used to enhance the client/server relationship. Servers use SAP to automatically broadcast their available services throughout the network immediately after becoming active on the network. They periodically broadcast SAPs to keep clients and other servers informed of their status and services.
SAP broadcasts include the server's name and type, operational status, and network, node, and socket numbers. Routers can store information from an SAP broadcast and propagate it to other network segments. Clients can also initiate SAP requests when they need a specific service. Their request is broadcast throughout the network segment. Hosts can then respond and provide the client with enough SAP information to determine whether or not the service is available within a reasonable distance.
Unfortunately, SAP is an extremely mature protocol that is becoming increasingly ill-suited to functioning in contemporary networks. As with RIP, service advertisements occur every 60 seconds. On today's large, flat, switched LANs, this degree of broadcasting can be problematic.
The newest application layer protocol is NetWare Link Services Protocol (NLSP). NLSP is a link-state routing protocol that Novell intends to use as a replacement for the aging RIP and SAP protocols. NLSP updates routes only when changes have been made.
The Internet layer of IPX/SPX maps loosely to both the network and transport layers of the OSI Reference Model. IPX is predominantly a Layer 3, or network layer, protocol although it is capable of directly interfacing with the application layer. SPX is distinctly a Layer 4, or transport layer, protocol and cannot directly interface with the data link layer's ODI. It must pass data through IPX and let IPX interface with the ODI. IPX and SPX function as sublayer protocols within a common Internet layer.
SPX is connection-oriented and can be used to transmit data between a client and server, two servers, or even two clients. As with TCP, SPX provides reliability to IPX transmissions by managing the connection, providing flow control, error checking, and packet sequencing.
The SPX header has the following size and structure:
Novell's other Internet layer protocol is IPX. IPX provides a connectionless, best-effort, datagram delivery service. It prepares SPX, or other protocols', packets for delivery across multiple networks by prepending an IPX header to them. This new structure is called an IPX datagram. This datagram's header contains all the information necessary to route the packets to their destination, regardless of where that might be.
The IPX header is 11 octets long and has the following structure:
SPX creates and maintains a connection-oriented bit stream between two networked devices. The protocol accepts large blocks of data from higher-level protocols and breaks them into more manageable pieces that are up to 534 octets long. The header just described is prepended to the data to create SPX packets. These packets are passed to the Internet sublayer protocol IPX.
The segment's header fields are populated appropriately, and the segment is passed to IPX. IPX adds the network addressing, length, checksum, and other header information before passing the packet on to the data link layer. Figure 4.5 depicts an IPX/SPX packet in this state, just prior to being passed to the data link layer.
FIGURE 4.5. Structure of an 802.3 Ethernet frame encap- sulating an IPX/SPX payload.
This illustration shows the positioning of the IPX and SPX headers within an 802.3 Ethernet frame. This is the structure used to pass data between the two sublayers of Novell's Internet layer.
The destination machine performs the reverse of the operation just described. It receives the packets and passes them to its SPX protocol for reassembly. If necessary, the packets are reordered into data segments that are passed up to the appropriate application.
NetWare's equivalents of the OSI physical and data link layers are the medium access and data link layers. The data link layer is directly compatible with the Open Data-Link Interface (ODI) standard. Similarly, the medium access layer is directly compatible with all common, standardized media access protocols.
This low-level adherence to open industry standards enables NetWare and the IPX/SPX protocol stack to be implemented almost universally.
IPX addresses are 10 octets (80 bits) long. This is significantly larger than IPv4's 32-bit address, but less than IPv6's 128-bit address. Each address is comprised of two components: a network number up to 32 bits in length and a 48-bit node number. These numbers are expressed in dotted hexadecimal notation. For example, 1a2b.0000.3c4d.5e6d could be a valid IPX address where the 1a2b represented the network number and 0000.3c4d.5e6d was the node number.
IPX addresses, too, can be "invented" by a network administrator. However, this runs the risk of address conflicts when internetworking. Invention of network numbers also places the burden of maintaining and managing all such fabricated numbers on the network administrator. The better approach is to obtain registered IPX network numbers from Novell.
The universally assigned address (MAC address) on the network interface card (NIC) is usually used as the IPX host number. Given that these addresses are, at least in theory, unique, this provides a convenient, unique host numbering.
As with IP, IPX is capable of supporting multiple simultaneous sessions. This creates the need for identifying the specific process or program that is communicating on any given session. This identification is achieved through the use of a 16-bit socket number in the IPX header. This socket number is analogous to TCP/IP's port number.
Novell, Inc. has watched the market share of its proprietary IPX/SPX protocol stack plummet under competitive pressure. As "open" protocol stacks such as OSI, IP, and others became available, IPX/SPX suffered. Commercially available office automation software bundles also cut into Novell's sales. Having a proprietary, tightly coupled series of products became viewed as a liability in a marketplace that valued openness and interoperability.
Novell has demonstrated its commitment to regaining its lost prominence by making IPv6 its default protocol for future versions of NetWare. To successfully implement this change of strategy, Novell must ensure backward compatibility of IPv6 and IPX/SPX. To achieve this goal, Novell has worked closely with the Internet Engineering Task Force (IETF) during the design of IPv6. This has resulted in numerous IPX services becoming integral to IPv6.
Having set the stage for its future, Novell now must ensure a seamless migration of its current protocol stack and application suite to this new environment. More importantly, it needs to provide value-adding products and services using an open network platform. Novell's vision for the future is to provide Network Directory Services (NDS) and related products for two customer bases: the Internet community and corporate intranet communities.
NDS provides a single, global, logical view of all network services and resources. This allows users to access network services and resources with a single login, regardless of the user's location or the location of the resources.
As Apple computers increased in popularity, and their users became increasingly sophisticated in their use, the need to network them became inescapable. It is no surprise that the network Apple developed is as user friendly as their computers. AppleTalk, the name for Apple's networking protocol stack, and its necessary hardware are included with every computer Apple sells.
Connecting to the network can be as simple as plugging in the network connection and powering up the Apple computer. The AppleTalk network is a peer-to-peer network that provides basic functionality such as file and printer sharing. Unlike client/server networks, there are no hardened definitions constraining the functionality of a peer-to-peer network. Each machine can act simultaneously as both a client and a server.
AppleTalk has also been embraced by many other operating system (OS) manufacturers. It is not uncommon to find support for the AppleTalk protocol stack available on non-Apple computers. This enables customers to use AppleTalk and Apple computers to create, or join existing, non-Apple client/server networks.
The AppleTalk protocol stack contains five functional layers: network access, datagram delivery, network, zone information, and application. Apple's AppleTalk protocol stack closely follows the functionality of the OSI Reference Model on its network transport and session layers. The physical and data link layers are collapsed into numerous, frame-specific, individual layers. Similarly, AppleTalk integrates the application and presentation layers into a single application layer. Figure 4.6 illustrates this functional relationship.
FIGURE 4.6. Comparison of the OSI Reference Model and AppleTalk.
As mentioned, AppleTalk combines the functionality of the OSI Reference Model's application and presentation layers into a single application layer. Because AppleTalk is a fairly simple protocol stack, there is only a single protocol occupying this layer. It is the AppleTalk Filing Protocol (AFP). AFP provides network file services to applications that exist separate from the protocol stack, for example, electronic mail, print queuing, and so on. Any application running on an Apple computer must pass through AFP if it needs to send or receive information across the network.
AppleTalk's version of the OSI session layer contains five primary protocols that provide such services as full-duplex transmission, logical name-to-address resolution, printer access, packet sequencing, and so on.
The first session layer protocol is the AppleTalk Data Stream Protocol (ADSP). ADSP provides full-duplex connection-oriented services in a highly reliable manner by establishing a logical connection (session) between the two communicating processes on client machines. ADSP also manages this connection by providing flow control services, sequence management, and acknowledgment of transmitted packets. ADSP uses socket addresses to establish this process-to-process logical connection. Once the connection is established, the two systems can exchange data.
Another AppleTalk session layer protocol is AppleTalk Session Protocol (ASP). This protocol provides reliable data delivery using sequence-oriented session management and the transport services of AppleTalk Transport Protocol (ATP), a transport layer protocol.
The AppleTalk Update-Based Routing Protocol (AURP) is used in larger AppleTalk networks. AURP is used primarily for route management and information exchange between routing devices, particularly Exterior Gateway routers.
AppleTalk's session layer also includes a Printer Access Protocol (PAP). Although PAP was originally developed for managing access to networked printers, it can be used for a variety of data exchanges. It provides a bi-directional session between two devices, complete with flow control and sequence management.
The last of the AppleTalk session layer protocols is the Zone Information Protocol (ZIP). ZIP provides a mechanism for logically grouping individual networked devices using "friendly" names. These logical groups are called zones. In an extended network, computers can span multiple networks, but still be logically grouped into a zone. However, in small, non-extended networks only one zone can be defined.
ZIP uses the Name Binding Protocol (NBP), a transport layer protocol, to translate these names to network and node numbers, and the ATP protocol for delivery of zone information updates.
These five session layer protocols provide AppleTalk clients with logical connections and data transfers between computers, regardless of how near or far apart they are.
The AppleTalk transport layer offers transport services to the layers above it. There are four distinct protocols in this layer. The most frequently used protocol in this layer is the AppleTalk Transport Protocol (ATP).
ATP provides a reliable, loss-free mechanism for packet delivery between two computers. ATP uses the sequence and acknowledgment fields in the packet header to ensure packets are not lost on their way to their destination.
Another significant AppleTalk transport layer protocol is the Name Binding Protocol (NBP). As previously indicated, NBP enables ZIP to translate friendly names into actual addresses. NBP performs the actual translation of zone names to network and node addresses. NBP contains four basic functions: registration, lookup, confirmation, and deletion of names.
AppleTalk Echo Protocol (AEP) is another transport layer protocol. It is used to determine the accessibility of a system and to compute the Round Trip Transmit time (RTT).
The last transport layer protocol is AppleTalk's Routing Table Maintenance Protocol (RTMP). As AppleTalk uses routed protocols in its network layer, it must provide for management of routing tables. RTMP provides routers with content for its routing tables.
AppleTalk's datagram delivery layer, directly analogous to OSI's Layer 3 (network layer), provides connectionless, packet-sized datagram delivery. This is the basis for establishing communications and delivering data over an AppleTalk network. This layer is also responsible for providing the dynamic addressing of networked nodes, as well as MAC address resolution for IEEE 802 networks.
The primary protocol in this layer is the Datagram Delivery Protocol (DDP). DDP provides best-effort data transmission in a connectionless fashion across multiple networks. It adapts its header types depending upon the intended destination. The basic components remain constant; additional fields are added, as needed.
Datagrams that will be delivered locally, that is, on the same subnetwork, use the short header format. Datagrams that require routing to other subnetworks use the extended header format. The extended header format contains network addresses and a hop counter field.
The DDP header contains the following fields:
The datagram delivery layer also contains a protocol that is used to resolve node addresses into MAC addresses for machines connected to IEEE 802 networks. This protocol is the AppleTalk Address Resolution Protocol (AARP). AARP can also be used to determine the node address for any given station. AARP stores its information in the Address Mapping Table (AMT). Because of the dynamic assignment of node numbers, the table used by AARP is constantly and automatically updated.
AppleTalk's data link layer provides the functionality of the OSI Reference Model's physical and data link layers. This functionality is integrated into frame-specific sublayers. For example, EtherTalk is a data link layer protocol that provides all the OSI physical and data link layer functionality in a single sublayer. This sublayer enables AppleTalk to be encapsulated in an 802.3-compliant Ethernet framing structure.
There are similar AppleTalk sublayers for Token Ring (known as TokenTalk) and for FDDI (FDDITalk). These protocols are called access protocols because of the physical network access services they offer.
EtherTalk uses a line access protocol known as EtherTalk Link Access Protocol (ELAP) to package data and place the 802.3-compliant frames onto the physical medium. This line access protocol naming convention and functionality holds true for the remainder of the access protocols, for example, TokenTalk relies upon TokenTalk Link Access Protocol (TLAP).
In addition to access protocols that conform to industry standards, Apple offers a proprietary local area network protocol in its data link layer. This protocol is known as LocalTalk. LocalTalk operates at 230Kbps over twisted pair wiring. It uses, predictably, the LocalTalk Link Access Protocols (LLAP) to assemble frames and place them onto the network. LLAP also includes mechanisms for medium access management, data link-level addressing, data encapsulation, and bit representation for frame transmission.
The AppleTalk addressing scheme is composed of two parts: the network number and the node number.
Network numbers are usually 16 bits long, although unary numbering may be used for non-extended or very small extended networks. These numbers must be defined by the network administrator and used by AppleTalk to route packets between the different networks. The network number 0 is reserved by the protocol for use in connecting new network nodes for the first time. The network number must have a value between 00000001 and FFFFFFFF.
Node numbers are 8-bit addresses consisting of four hexadecimal numbers. The valid range of addresses for hosts, printers, routers, and other devices is from 1 to 253. Node numbers 0, 254, and 255, although mathematically possible within an 8-bit binary address, are reserved by AppleTalk for use on extended networks. All node numbering is done dynamically by AppleTalk's data link layer.
AppleTalk addresses are expressed in dotted decimal notation. That is, the binary address is converted to the decimal (Base 10) number system and a dot (.) is used to separate the node and network numbers. For example, 100.99 refers to device 99 on network 100. The leading zeroes are suppressed.
AppleTalk is a proprietary protocol stack designed expressly for networking Apple's Personal Computers (PCs). Its future is directly tied to the fortunes of Apple Corporation and the trajectories of its technologies. As with Novell's proprietary stack, the physical and data link layers are used to provide compatibility with established standards, although a proprietary LocalTalk physical layer can be used to interconnect Apple computers using twisted pair wiring at up to 230Kbps.
The selection of a protocol stack can be one of the more important decisions in developing a high-performance network. This is the mechanism that provides the interface between the network's hardware and the applications that rely upon the network for connectivity.
Once a protocol has been selected, the next decision must be whose stack should be purchased. OS vendors and application suite vendors are all competing in this arena. It is imperative that, before you place a purchase order for any given stack, you understand exactly what that stack can do and what makes it different from the same protocol's stacks available from other vendors.
© Copyright, Macmillan Computer Publishing. All rights reserved.
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}