Networking notes - General

From Helpful
(Redirected from Anycast)
Jump to navigation Jump to search

For other network related things, see:


Layers, frames, and packets

Networking is modelled using layers.

Layer models

There are actually two model layers

  • the OSI model being the formal one, and
  • the one from the IP suite (quite similar to the DoD model)
...the practical one - for IP use
it mostly just ignores higher layers such as OSI's 6 and 7 - which are relatively rare to see used in descriptions anyway

Layer 1 (physical layer)

  • transfer units are called: symbols or bits
  • whatever needs to happen on the copper, fiber, or whatnot
  • for many end users this means Ethernet, or more specifically, various sections of the IEEE 802.3 standard.
  • Physical is something few people ever deal with (if it's broken, replace it)

Layer 2 (data link layer):

  • transfer units are called: frames
  • Layer 1 and 2 are often linked because hardware and its management are often designed together for efficiency.
  • Link is normally below what you'ld care about, but becomes relevant when you tunnel things, or do lower-level encryption, or both, like around VPNs.
  • the maximum frame size matters to fragmentation and such, also when tunneling

Layer 3 (network layer): (in the IP suite also called 'internet layer')

  • transfer units are called: packets
  • usually addressed here: concepts like node addressing, and basic/local routing, possibly with some basic error control and segmentation
  • protocols in the IP suite: IP (20-byte header)
  • Other ptotocols: IPX, ARP (IP-address-to-Ethernet-address lookups), RARP (its reverse), IGMP (multicast support protocol), RIP and other routing-related protocols

Layer 4 (transport layer):

  • transfer units are called: segments, or datagrams
  • Decisions such as whether to be connection-based or not, and may introduce concepts such as ports, in-order guarantees, flow control, more error handling and such.
  • protocols in the IP suite: TCP (20-byte header), UDP (8-byte), ICMP (4-byte).
  • Other protocols: SPX (resembling TCP), NetBEUI, SCTP

Layer 5 is seen as 'application' in the IP suite, which there is the highest layer.

That makes it it everything you as a coder work with, and anything higher-level is just a program doing its thing.
UDP and particularly TCP are rather practical for networking, so applications often build what they want straight onto them, including everything from HTTP to SIP to SSH to DHCP to FTP to RTP to SMTP to SNMP to DNS to SOAP.

OSI, goes on up to seven layers. In its view:

OSI layer 5 (session, not application)

  • is usually not necessary, but protocols at this level tend to be protocols that add some functionality for a program to use, dealing with concepts like that of (simultaneous) streams, or:
  • describes tunneling and VPN provisions, such as in PPTP
  • may provides security and sessions by SSL and SSH
  • may do low-latency provisions for multimedia, such as in RTP / RTCP
  • handle easier-to handle session setup (more sobust, more featured), such as in SIP
  • includes NetBIOS, which adds its own host naming, name service, connectionful and connectionless transfers. (though not so much large-scale routing, so IP is categorically more interesting)

OSI layer 6 (presentation)

  • Seems intended as a canonicalization step between applications on different platforms, such as in:
  • NCP (Netware Core Protocol) which drives most netware applications; it provides file access, access control, printing, statistics, and more

OSI layer 7 (application)

  • In the OSI view, this is all applications. That is, those that in the IP view would have been called 'layer 5, application.'


  • while technically, 'packet' and 'frame' refer to specfic layers (network/3 and data link/2, respectively), in practice both (in particularly 'packet') gets used in the vaguer meaning of 'a chunk of data'


Each later is said to encapsulate the layer under it.

In terms of transmitted bytes of data, each networking layer is only really concerned with the layer directly under it.

As long as that lower layer lives up to its promises, the higher layer doesn't have to care about how it does it, and can focus entirely on fulfilling its own.

For an example of encapsulation, consider a web page is data transferred by HTTP, which is wrapped in TCP, in IP, and (at your end) most likely Ethernet or WiFi. (for delivery to your broadband modem, which may then go via DSL or DOCSIS, when then probably goes via copper and fiber at different stages, and whatnot. You don't have to care.)

Digging down a few layers, at layer layer 2 the frame can be viewed like:

Ethernet header (14 bytes) Ethernet payload data (0-1500 bytes1), in this case:
IP header (20 bytes) IP payload (0-1480 bytes), which in the case of TCP/IP is:
TCP header (20 bytes) TCP application data (here HTTP)
(0-1460 bytes)
Ethernet checksum (4 bytes)


For WiFi 802.11 the link layer would look rather different.
  • 1 three details to that range:
there is a a minimum size for Ethernet frames: 64 bytes. If smaller, the frame will be considered a framing error called a runt, and discarded
Because Ethernet takes 14+4 bytes, its payload should be at least 46 bytes
protocols like ARP are so compact that they have to pad their frames with nonsense data to avoid this
the maximum of 1500 comes from Ethernet's maximum frame size of 1518 (and it using 14+4 for header and checksum)
Jumbo frames[1] means the maximum size can be larger than that, though they are technically not 802.3 (Ethernet) conformant.



Multicast, anycast, broadcast

This article/section is a stub — some half-sorted notes, not necessarily checked, not necessarily correct. Feel free to ignore, or tell me about it.

Unicast means data should go to one specific target.

from and to a specific address
often combined with a name service

Broadcast means addressing of all local endpoints

usually a layer 2 thing, because doing this at layer 3 would be very spammy
from host, to broadcast address
assume broadcast is quite local - in that it's typically a very bad idea to route broadcasts very far, so switches will typically not route them between subnets (and sometimes not even to all of a subnet)
Things like DHCP are broadcast at layer 2 because it's intended to be specific to just a subnet at a time
Easy for truly local things - but a lot of real applications, this is too limited in a way you can't widen.
Also not great for bandwidth when used for anything bulky

Multicast means one transmission of data should go to multiple endpoints

Multicast is a general concept. People often mean multicast on IP (or sometimes multicast on ATM, multicast on infiniband).
Most have some concept of virtual networks.
usually a layer 3 thing(verify), digging into layer 2(verify)
e.g. IPv4 multicast over ethernet uses both special IP addresses and special MAC addresses
IP multicast could be thought of as a pub-sub system, roughly:
specific hosts register with a specific multicast address
a host sends to a specific multicast address
"You put packets in at one end, and the network conspires to deliver them to anyone who asks." - i.e. it's a best-effort system
can work across subnet boundaries (unlike broadcast, which is subnet-only)
may e.g. be LAN, ~campus, ~internet level, and different supporting protocols may apply
for this to work / be efficient you need supporting switches
often fits a specific goal, like 'helps SSDP / UPnP discovery work' or perhaps 'service discovery of all printers in my home' or 'delivery of messages with a specific network protocol and/or layout'
which can be more efficient and/or more practical than broadcast and/or unicast connections, depending on situation and use.
doesn't really apply to connection-oriented protocols, so in the context of IP means UDP, not TCP (though research into something like the latter is ongoing)
in IPv4 multicast
Many hosts can join a specific multicast IP (in 224/4, using IGMP (Internet Group Management Protocol).
Such a join means an interest in packets sent to that address. For each such multicast group, a distribution tree is calculated
for some existing multicast nets, see
local IP multicast (e.g. in LANs) is special-cased and often usable regardless of your LAN subnet details, making it potentially useful for
service discovery
e.g. MDNS, the thing that is probably giving you those .local addresses, works via (local) multicast
device setup, e.g. using MDNS, because you can get to it before you configure it for unicast on your subnet

Geocast is a specific type of multicast that tries to be clever at country/world scale

Anycast means getting route to the (topologically) closest net with the target address

regularly works out as a "any node who listen to this specific (so yes, shared) address" thing
often works out as a same content at distinct geographical places, as that's great for load balancing, decentralized servicing, redundancy
anycast implementation of this idea varies.
For example, with IPv4 you can have multiple hosts with the same IP and use BGP. While BGP is intended to a good select route to a single destination, in this case it will effectively choosing a destination. (This trick works mainly with stateless protocols like UDP, because when BGP changes route it will in this case change destination host)
e.g. there may be 13 root DNS servers with a fixed IP (though they do change, if rarely), there may be many more physical root servers, with the intent of routing you to the closest one via anycast (this is a trick we generally avoid, but useful exactly because it's about DNS)
IPv6 more directly supports anycast -- within a subnet(verify)
(note that this is similar to the round-robin DNS trick, but distinct: anycast works at IP addressing / routing level, round-robin works purely in name resolution before that)

See also:

some glossary