Introducing LAN Topologies

Local Area Network (LAN) Topologies

Over the years, there has been experimentation and implementation of various network
designs. In reference to networking, when we refer to the term "topology", we are actually
referring to the design or look of the network at hand. Let's discuss the advantages and
disadvantages of these topologies below.

Star Topology

The main premise of a star topology is that devices are individually connected via a central
networking device such as a switch or hub. This topology is the most commonly found today
because of its reliability and scalability - despite the cost.

Any information sent to a device in this topology is sent via the central device to which it
connects. Let's explore some of these advantages and disadvantages of this topology below:

Because more cabling & the purchase of dedicated networking equipment is required for this
topology, it is more expensive than any of the other topologies. However, despite the added
cost, this does provide some significant advantages. For example, this topology is much more
scalable in nature, which means that it is very easy to add more devices as the demand for the
network increases.

Unfortunately, the more the network scales, the more maintenance is required to keep the
network functional. This increased dependence on maintenance can also make
troubleshooting faults much harder. Furthermore, the star topology is still prone to failure -
albeit reduced. For example, if the centralised hardware that connects devices fails, these
devices will no longer be able to send or receive data. Thankfully, these centralised hardware
devices are often robust.
Bus Topology

This type of connection relies upon a single connection which is known as a backbone cable.
This type of topology is similar to the leaf off of a tree in the sense that devices (leaves) stem
from where the branches are on this cable.

Because all data destined for each device travels along the same cable, it is very quickly
prone to becoming slow and bottlenecked if devices within the topology are simultaneously
requesting data. This bottleneck also results in very difficult troubleshooting because it
quickly becomes difficult to identify which device is experiencing issues with data all
travelling along the same route.

However, with this said, bus topologies are one of the easier and more cost-efficient
topologies to set up because of their expenses, such as cabling or dedicated networking
equipment used to connect these devices.

Lastly, another disadvantage of the bus topology is that there is little redundancy in place in
case of failures. This disadvantage is because there is a single point of failure along the
backbone cable. If this cable were to break, devices can no longer receive or transmit data
along the bus.
Ring Topology

The ring topology (also known as token topology) boasts some similarities. Devices such as
computers are connected directly to each other to form a loop, meaning that there is little
cabling required and less dependence on dedicated hardware such as within a star topology.

A ring topology works by sending data across the loop until it reaches the destined device,
using other devices along the loop to forward the data. Interestingly, a device will only send
received data from another device in this topology if it does not have any to send itself. If the
device happens to have data to send, it will send its own data first before sending data from
another device.

Because there is only one direction for data to travel across this topology, it is fairly easy to
troubleshoot any faults that arise. However, this is a double-edged sword because it isn't an
efficient way of data travelling across a network, as it may have to visit many multiple
devices first before reaching the intended device.

Lastly, ring topologies are less prone to bottlenecks, such as within a bus topology, as large
amounts of traffic are not travelling across the network at any one time. The design of this
topology does, however, mean that a fault such as cut cable, or broken device will result in
the entire networking breaking.
What is a Switch?
Switches are dedicated devices within a network that are designed to aggregate multiple other
devices such as computers, printers, or any other networking-capable device using ethernet.
These various devices plug into a switch's port. Switches are usually found in larger networks
such as businesses, schools, or similar-sized networks, where there are many devices to
connect to the network. Switches can connect a large number of devices by having ports of 4,
8, 16, 24, 32, and 64 for devices to plug into.

Switches are much more efficient than their lesser counterpart (hubs/repeaters).
Switches keep track of what device is connected to which port. This way, when they
receive a packet, instead of repeating that packet to every port like a hub would do, it
just sends it to the intended target, thus reducing network traffic.
Both Switches and Routers can be connected to one another. The ability to do this increases
the redundancy (the reliability) of a network by adding multiple paths for data to take. If one
path goes down, another can be used. Whilst this may reduce the overall performance of a
network because packets have to take longer to travel, there is no downtime -- a small price to
pay considering the alternative.

What is a Router?
It's a router's job to connect networks and pass data between them. It does this by using
routing (hence the name router!).

Routing is the label given to the process of data travelling across networks. Routing involves
creating a path between networks so that this data can be successfully delivered.

Routing is useful when devices are connected by many paths, such as in the example diagram
below.
A Primer on Subnetting
As we've previously discussed throughout the module so far, Networks can be found in all
shapes and sizes - ranging from small to large. Subnetting is the term given to splitting up a
network into smaller, miniature networks within itself. Think of it as slicing up a cake for
your friends. There's only a certain amount of cake to go around, but everybody wants a
piece. Subnetting is you deciding who gets what slice & reserving such a slice of this
metaphorical cake.

Take a business, for example; You will have different departments such as:

 Accounting
 Finance
 Human Resources
Whilst you know where to send information in real life to the correct department, networks
need to know as well. Network administrators use subnetting to categorise and assign specific
parts of a network to reflect this.

Subnetting is achieved by splitting up the number of hosts that can fit within the network,
represented by a number called a subnet mask. Let's refer back to our diagram from the first
room in this module:

As we can recall, an IP address is made up of four sections called octets. The same goes for a
subnet mask which is also represented as a number of four bytes (32 bits), ranging from 0 to
255 (0-255).

Subnets use IP addresses in three different ways:

 Identify the network address

 Identify the host address
 Identify the default gateway

Let's split these three up to understand their purposes into the table below:

Type Purpose Explanation Example

This address identifies the start of For example, a device with the IP address of
Network
the actual network and is used to 192.168.1.100 will be on the network identified by 192.168.1.0
Address
identify a network's existence. 192.168.1.0
Host An IP address here is used to For example, a device will have the network
192.168.1.100
Address identify a device on the subnet address of 192.168.1.1
The default gateway address is a Any data that needs to go to a device that isn't on
special address assigned to a the same network (i.e. isn't on 192.168.1.0) will be
Default
device on the network that is sent to this device. These devices can use any host 192.168.1.254
Gateway
capable of sending information to address but usually use either the first or last host
another network address in a network (.1 or .254)
Now, in small networks such as at home, you will be on one subnet as there is an unlikely
chance that you need more than 254 devices connected at one time.

However, places such as businesses and offices will have much more of these devices (PCs,
printers, cameras and sensors), where subnetting takes place.

Subnetting provides a range of benefits, including:

 Efficiency
 Security
 Full control

We'll come on to explore exactly how subnetting provides these benefits at a later date;
however, for now, all we need to understand is the security element to it. Let's take the
typical café on the street. This cafe will have two networks:

1. One for employees, cash registers, and other devices for the facility
2. One for the general public to use as a hotspot

Subnetting allows you to separate these two use cases from each other whilst having the
benefits of a connection to larger networks such as the Internet.

Recalling from our previous tasks that devices can have two identifiers: A MAC address and
an IP address, the ARP protocol or Address Resolution Protocol for short, is the technology
that is responsible for allowing devices to identify themselves on a network.

Simply, the ARP protocol allows a device to associate its MAC address with an IP address on
the network. Each device on a network will keep a log of the MAC addresses associated with
other devices.

When devices wish to communicate with another, they will send a broadcast to the entire
network searching for the specific device. Devices can use the ARP protocol to find the MAC
address (and therefore the physical identifier) of a device for communication.

The OSI model (or Open Systems Interconnection Model) is an absolute fundamental model
used in networking. This critical model provides a framework dictating how all networked
devices will send, receive and interpret data.

One of the main benefits of the OSI model is that devices can have different functions and
designs on a network while communicating with other devices. Data sent across a network
that follows the uniformity of the OSI model can be understood by other devices.

The OSI model consists of seven layers which are illustrated in the diagram below. Each
layer has a different set of responsibilities and is arranged from Layer 7 to Layer 1.
At every individual layer that data travels through, specific processes take place, and pieces
of information are added to this data, which is what we'll come to discuss in the upcoming
tasks within this room. However, for now, we only need to understand that this process is
called encapsulation and what the OSI model looks like in the diagram below:

The ARP Protocol

How does ARP Work?

Each device within a network has a ledger to store information on, which is called a cache. In
the context of the ARP protocol, this cache stores the identifiers of other devices on the
network.

In order to map these two identifiers together (IP address and MAC address), the ARP
protocol sends two types of messages:

1. ARP Request
2. ARP Reply
When an ARP request is sent, a message is broadcasted to every other device found on a
network by the device, asking whether or not the device's MAC address matches the
requested IP address. If the device does have the requested IP address, an ARP reply is
returned to the initial device to acknowledge this. The initial device will now remember this
and store it within its cache (an ARP entry).

This process is illustrated in the diagram below:

The DHCP Protocol

IP addresses can be assigned either manually, by entering them physically into a device, or
automatically and most commonly by using a DHCP (Dynamic Host Configuration
Protocol) server. When a device connects to a network, if it has not already been manually
assigned an IP address, it sends out a request (DHCP Discover) to see if any DHCP servers
are on the network. The DHCP server then replies back with an IP address the device could
use (DHCP Offer). The device then sends a reply confirming it wants the offered IP Address
(DHCP Request), and then lastly, the DHCP server sends a reply acknowledging this has
been completed, and the device can start using the IP Address (DHCP ACK).
TCP/IP (The Three-Way Handshake)
TCP (or Transmission Control Protocol for short) is another one of these rules used in
networking.

This protocol is very similar to the OSI model that we have previously discussed in room
three of this module so far. The TCP/IP protocol consists of four layers and is arguably just a
summarised version of the OSI model. These layers are:
 Application
 Transport
 Internet
 Network Interface
Very similar to how the OSI model works, information is added to each layer of the TCP
model as the piece of data (or packet) traverses it. As you may recall, this process is known as
encapsulation - where the reverse of this process is decapsulation.

One defining feature of TCP is that it is connection-based, which means that TCP must
establish a connection between both a client and a device acting as a server before data is
sent.

Because of this, TCP guarantees that any data sent will be received on the other end. This
process is named the Three-way handshake, which is something we'll come on to discuss
shortly. A table comparing the advantages and disadvantages of TCP is located below:

Advantages of TCP Disadvantages of TCP

Requires a reliable connection between the two
devices. If one small chunk of data is not received,
Guarantees the integrity of data.
then the entire chunk of data cannot be used and must
be re-sent.
Capable of synchronising two devices A slow connection can bottleneck another device as
to prevent each other from being the connection will be reserved on the other device the
flooded with data in the wrong order. whole time.
TCP is significantly slower than UDP because more
Performs a lot more processes for
work (computing) has to be done by the devices using
reliability
this protocol.

TCP packets contain various sections of information known as headers that are added from
encapsulation. Let's explain some of the crucial headers in the table below:

Header Description
This value is the port opened by the sender to send the TCP packet from. This value
Source Port
aren't already in use at the time).
This value is the port number that an application or service is running on the remote
Destination Port
running on port 80. Unlike the source port, this value is not chosen at random.
Source IP This is the IP address of the device that is sending the packet.
Destination IP This is the IP address of the device that the packet is destined for.
Sequence Number When a connection occurs, the first piece of data transmitted is given a random numb
Acknowledgement After a piece of data has been given a sequence number, the number for the next piec
Number explain this more in-depth further on.
This value is what gives TCP integrity. A mathematical calculation is made where th
Checksum
performs the mathematical calculation, the data must be corrupt if the output is differ
Data This header is where the data, i.e. bytes of a file that is being transmitted, is stored.
This header determines how the packet should be handled by either device during the
Flag
behaviours, which is what we'll come on to explain below.

Next, we'll come on to discuss the Three-way handshake - the term given for the process used
to establish a connection between two devices. The Three-way handshake communicates
using a few special messages - the table below highlights the main ones:

Step Message Description

 A SYN message is the initial packet sent by a client during the handshake.
1 SYN This packet is used to initiate a connection and synchronise the two devices
together (we'll explain this further later on).
This packet is sent by the receiving device (server) to acknowledge the
2 SYN/ACK
synchronisation attempt from the client.
The acknowledgement packet can be used by either the client or server to
3 ACK acknowledge that a series of messages/packets have been successfully
received.
Once a connection has been established, data (such as bytes of a file) is sent
4 DATA
via the "DATA" message.
This packet is used to cleanly (properly) close the connection after it has
5 FIN
been complete.
This packet abruptly ends all communication. This is the last resort and
indicates there was some problem during the process. For example, if the
# RST
service or application is not working correctly, or the system has faults such
as low resources.

The diagram below shows a normal Three-way handshake process between Alice and Bob. In
real life, this would be between two devices.

Any sent data is given a random number sequence and is reconstructed using this number
sequence and incrementing by 1. Both computers must agree on the same number sequence
for data to be sent in the correct order. This order is agreed upon during three steps:

1. SYN - Client: Here's my Initial Number Sequence (ISN) to SYNchronise with (0)
2. SYN/ACK - Server: Here's my Initial Number Sequence (ISN) to SYNchronise with
(5,000), and I ACKnowledge your initial number sequence (0)
 3. ACK - Client: I ACKnowledge your Initial Number Sequence (ISN) of (5,000), here
is some data that is my ISN+1 (5,000 + 1)

Device Initial Number Sequence (ISN)

Client (Sender) 0
Client (Sender) 1
Client (Sender) 2
TCP Closing a Connection:

Let's quickly explain the process behind TCP closing a connection. First, TCP will close a
connection once a device has determined that the other device has successfully received all of
the data.

Because TCP reserves system resources on a device, it is best practice to close TCP
connections as soon as possible.

To initiate the closure of a TCP connection, the device will send a "FIN" packet to the other
device. Of course, with TCP, the other device will also have to acknowledge this packet.

Let's show this process using Alice and Bob as we have previously.

In the illustration, we can see that Alice has sent Bob a "FIN" packet. Because Bob received
this, he will let Alice know that he received it and that he also wants to close the connection
(using FIN). Alice has heard Bob loud and clear and will let Bob know that she
acknowledges this.

Perhaps aptly titled by their name, ports are an essential point in which data can be
exchanged. Think of a harbour and port. Ships wishing to dock at the harbour will have to go
to a port compatible with the dimensions and the facilities located on the ship. When the ship
lines up, it will connect to a port at the harbour. Take, for instance, that a cruise liner cannot
dock at a port made for a fishing vessel and vice versa.

These ports enforce what can park and where — if it isn't compatible, it cannot park here.
Networking devices also use ports to enforce strict rules when communicating with one
another. When a connection has been established (recalling from the OSI model's room), any
data sent or received by a device will be sent through these ports. In computing, ports are a
numerical value between 0 and 65535 (65,535).

Because ports can range from anywhere between 0-65535, there quickly runs the risk of
losing track of what application is using what port. A busy harbour is chaos! Thankfully, we
associate applications, software and behaviours with a standard set of rules. For example, by
enforcing that any web browser data is sent over port 80, software developers can design a
web browser such as Google Chrome or Firefox to interpret the data the same way as one
another.

This means that all web browsers now share one common rule: data is sent over port 80. How
the browsers look, feel and easy to use is up to the designer or the user's decision.

While the standard rule for web data is port 80, a few other protocols have been allocated a
standard rule. Any port that is within 0 and 1024 (1,024) is known as a common port. Let's
explore some of these other protocols below:
Port
Protocol Description
Number
This protocol is used by a file-sharing application
File Transfer Protocol (FTP) 21 built on a client-server model, meaning you can
download files from a central location.
This protocol is used to securely login to systems via
Secure Shell (SSH) 22
a text-based interface for management.
This protocol powers the World Wide Web
HyperText Transfer Protocol
80 (WWW)! Your browser uses this to download text,
(HTTP)
images and videos of web pages.
HyperText Transfer This protocol does the exact same as above;
443
Protocol Secure (HTTPS) however, securely using encryption.
This protocol is similar to the File Transfer Protocol
Server Message Block
445 (FTP); however, as well as files, SMB allows you to
(SMB)
share devices like printers.
This protocol is a secure means of logging in to a
Remote Desktop Protocol
3389 system using a visual desktop interface (as opposed
(RDP)
to the text-based limitations of the SSH protocol).

We have only briefly covered the more common protocols in cybersecurity. You can find a
table of the 1024 common ports listed for more information.

What is worth noting here is that these protocols only follow the standards. I.e. you can
administer applications that interact with these protocols on a different port other than what is
the standard (running a web server on 8080 instead of the 80 standard port). Note, however,
applications will presume that the standard is being followed, so you will have to provide a
colon (:) along with the port number.