***
< [Home](https://github.com/SeanOhAileasa) | [README](https://github.com/SeanOhAileasa/nkp-network-concepts/blob/main/README.md) >

## CompTIA Network+ - Course Material 2022
### Topic: ``Protocol Data Units``
***

Course material for the ``CompTIA Network+`` module of the ``ICT Associate Apprenticeship (Cybersecurity)`` programme.

<a id="top"></a>
***
## Table of Contents
***

<a id="topAdvancedNetworking"></a>
### [Protocol Data Units](#networkConcepts)

- Unit of Information (Transmission) [Sent at a particular OSI Layer] <br/>
	- Switch <br/>
		- PDU <br/>
			- Ethernet <br/>
				- Frame of Data [No Knowledge of its Contents] <br/>
	- IP <br/>
		- PDU <br/>
			- Packet of Data <br/>
	- TCP <br/>
		- PDU <br/>
			- TCP Segment <br/>
	- UDP <br/>
		- PDU <br/>
			- UDP Datagram <br/>
- Source to Destination <br/>
	- Encapsulation <br/>
		- OSI Layer [7, 6, & 5] <br/>
			- Data Associated with Application <br/>
		- OSI Layer [4]  <br/>
			- Add TCP Header <br/>
				- PDU Included (within TCP Packet) [Contains Application Information] <br/>
		- OSI Layer [3]  <br/>
			- Add IP Header <br/>
				- PDU Included [Contains TCP Header & Application Information]
		- OSI Layer [2] <br/>
			- MAC Addresses (Encapsulate Data Link Frame) <br/>
		- OSI Layer [1]  <br/>
			- Send Across the Network <br/>
	- Decapsulation [Frame on other side of Network] <br/>
		- OSI Layer [2] <br/>
			- Data Link Frame <br/>
				- Strip off Headers [Frame Header / IP Header / TCP Header] <br/>
					- Application PDU for Destination <br/>
					![Image: PDU](https://github.com/SeanOhAileasa/SeanOhAileasa/blob/master/rc/nkp/pdu-encapsulation-decapsulation.png?raw=true) <br/>
- Maximum Transmission Unit (MTU) <br/>
	- Determines Maximum Size of IP Fragment sent across Network <br/>
		- Without Fragmenting the Data <br/>
	- Fragmentation [Negative Impact on Communication Efficiency] <br/>
		- Takes Time [Fragment Packet into Smaller Pieces] <br/>
		- Lose Fragments [Loses Entire Packet] <br/>
			- Retransmit all Fragments <br/>
		- Sometimes Do Not Know its Happening <br/>
			- MTU Size Unknown [One End of Network to the Other] <br/>
				- Commonly Automated when Session is Established <br/>
					- Internet Control Message Protocol (ICMP) Filtered [Often Inaccurate] <br/>
						- Requiring Manual Configuration [MTU Values] <br/>
		- Build Ethernet Frame (Fragmentation affects the Information) <br/>
			- TCP Data [1460 bytes]  <br/>
				- TCP Header [20 bytes] <br/>
					- IP Header [20 bytes] <br/>
			- Wrap Ethernet  <br/>
				- [14 bytes - Header] <br/>
				- [4 bytes - Frame Check Sequence FCS] <br/>
			- Tunnel over Different Connection [VPN] <br/>
				- Hit Maximum Size (Ethernet Frame) [1500 bytes] <br/>
					- Fragment Data before sending through Tunnel <br/>
					![Image: Build Ethernet Frame](https://github.com/SeanOhAileasa/SeanOhAileasa/blob/master/rc/nkp/build-ethernet-frame.png?raw=true) <br/>
						- Fragments always mulitiples of ``8`` [# of Fragmentation Offset bits in IP Header] <br/>
	- Troubleshooting <br/>
		- Size usually Configured Once (not changed often) [Network Infrastructure Based] <br/>
		- Concern for Tunneled Traffic [VPN] <br/>
			- Additional Headers [Around the IP Information] <br/>
				- Now too Large for Ethernet Network [Requiring Fragmentation] <br/>
		- Applications that do not want its Data Fragmented <br/>
			- Don't Fragment (DF) <br/>
				- Special bit in IP Header [Do Not Fragment] <br/>
					- Message through Internet Control Message Protocol (ICMP) [DF Set] <br/>
			- Configure MTU [Without Fragmentation] <br/>
				- ``ping`` [Start with Maximum Size of ``1500`` bytes - Keep Lowering] <br/>
					- Maximum size of IP Packet [ICMP Header (``8`` bytes) & IP Header (``20`` byte) = ``1472``] <br/>
						- ``ping -f -l 1472 <ip address>`` [Windows] <br/>
							- ``-f`` <br/> 
								- ``!=`` Fragment <br/>
							- ``-l`` <br/>
								- Specify Link [``1472``] <br/>
							- ``<ip address>`` <br/>
								- Device on other side of the Communication <br/>

<hr width=50%;>

< [Table of Contents](#top) | [References](#references) >
<a id="networkConcepts"></a>
***
### Protocol Data Units
***

< [Table of Contents](#top) | [References](#references) >
<a id="networkConceptsProtocolDataUnits"></a>
***
###### Protocol Data Unit (PDU)
***

A protocol data unit or a PDU is a unit of information that is sent by a protocol at a particular OSI layer. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - Switch - Ethernet PDU
***

For example, a switch is going to operate on the Ethernet PDU. That protocol data unit is the most important thing so that the switch knows where to forward that frame. 

But inside of that particular frame is data that the switch doesn't really care about. The same thing applies if a router is forwarding IP traffic, it's concerned about the IP addresses, but it doesn't care about the other data that might be involved with other protocols inside of that packet.

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - TCP (PDU: Segment) - UDP (PDU: Datagram)
***

And if you're working with TCP or UDP, the protocol data units for those would be a TCP segment or UDP datagram. 

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - Source to Destination [Encapsulation] - OSI Layers [Layer 5, 6, and 7] - Data Associated with Application
***

Let's see how these different PDU operate at these different OSI layers. 

This source device would like to send application information to the destination.

So we start with the data associated with that app. 

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - Source to Destination [Encapsulation] - OSI Layers [Layer 4] - Add TCP Header
***

To be able to send that application information we're going to add on a TCP header. 

So there's a protocol data unit inside of that TCP packet that contains the application information.

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - Source to Destination [Encapsulation] - OSI Layers [Layer 3] - Add IP Header
***

Then we need to add on an IP header, which of course is going to have a PDU. 

Inside of that, contains that TCP header and everything else.

![image-2.png](attachment:image-2.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - Source to Destination [Encapsulation] - OSI Layers [Layer 2] - MAC Addresses (Data Link Frame)
***

We're also going to need to put MAC addresses. 

So we put a layer two Data Link Frame around all of that.

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### PDU - Source to Destination [Decapsulation] - OSI Layers [Layer 1] - Send Across the Network - Strip off Headers - Application PDU
***

And then we send it down to layer one and send it across the network. 

![image.png](attachment:image.png)

When that frame arrives on the other end of the network, we've got this layer two Data Link Frame.

Now we need to strip off the:


- frame header


- IP header


- TCP header 


to finally get back to the application PDU for the destination device. 

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU)
***

The size of the PDU that you'll transmit will be determined by the MTU or the maximum transmission unit. 

This will determine the maximum size of an IP fragment to send across the network without having to fragment that data along the way. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation
***

Fragmentation is commonly seen as having a negative impact on overall communication efficiency.

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Lose Fragments [Retransmitting]
***

That's because it does take time to fragment the packet into smaller pieces and send it across the network. And if you lose any of those fragments along the way, you have to retransmit all of the fragments that make up that packet. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Size Unknown [One end of Network to Other]
***

Another problem with fragmentation is sometimes you don't know that it's actually happening. It's difficult to know what the actual maximum transmission unit size would be from one end of the network to the other. 

The process of determining the MTU between one device and another is commonly automated when the session is established. But if there is some type of filtering between the devices, especially with ICMP, you may not be able to automatically configure an MTU between devices, and it may be up to you to manually configure these MTU values. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Build Ethernet Frame
***

Let's look at how we build an Ethernet frame and how fragmentation affects this information. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Build Ethernet Frame - TCP Data [1460 bytes] - TCP Header [20 bytes]
***

Let's start by sending some TCP data across the network. 

The maximum amount of TCP data that we can send in a normal Ethernet frame is 1460 bytes. 

And we'll put a 20 byte TCP header on the front of that.

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Build Ethernet Frame - TCP Data [1460 bytes] - TCP Header [20 bytes] - IP Header [20 bytes]
***

Then need an IP header which is another 20 bytes.

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Build Ethernet Frame - TCP Data [1460 bytes] - TCP Header [20 bytes] - IP Header [20 bytes] - Wrap Ethernet [14 bytes - Header] [4 bytes - Frame Check Sequence ``FCS``]
***

And then we'll wrap Ethernet around all of that which will require an additional 14 Bytes on the header and another four bytes for the frame check sequence.

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Build Ethernet Frame - Maximum Size Ethernet Frame [1500 bytes]
***

This is where we might run into problems because now we've hit the maximum size of an Ethernet frame at 1500 bytes. 

What if we now need to tunnel all of this information over a different connection - perhaps over a VPN. 

Since we've already hit the maximum size of Ethernet, we'll need to fragment this data before we send it through the tunnel. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Fragmentation - Build Ethernet Frame - Maximum Size Ethernet Frame [1500 bytes] - Fragment
***

Here's a very simple example of taking an IP header that contains a TCP header and TCP data and we're needing to fragment all of that TCP information so that it can be sent through the network. 

![image.png](attachment:image.png)

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Troubleshooting
***

Fortunately, an MTU is not something that changes very often, it's usually based on a type of communications medium or method of communication over the network. 

Once you set the MTU, you usually don't have to go back and make any changes to it. 

And as I mentioned earlier, it's very common to run into MTU problems when you're tunnelling information, especially over a VPN. We have to put additional headers around that IP information, which means it's now too large to go over an Ethernet network and we have to fragment that data to get it through that particular VPN tunnel. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Troubleshooting - Don't Fragment (DF) [Special bit in IP Header]
***

Some applications don't like to have its data fragmented, and in those cases, the application can choose to turn on a special bit in the IP header called the Don't Fragment (DF) bit. 

That tells all of the devices throughout the path of the communication not to fragment any of this data. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Troubleshooting - Don't Fragment (DF) [Special bit in IP Header] - Message through Internet Control Message Protocol (ICMP)
***

Normally a fragmentation must occur along that path - a message will be sent back through ICMP to the original station, saying that this information was not able to be sent through this network because the don't fragment (DF) bit was set. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Troubleshooting - Don't Fragment (DF) [Special bit in IP Header] - ``ping``
***

It would be much more efficient if you could configure an MTU that would allow all traffic to go through the tunnel without having to require any time type of fragmentation. 

But what is that particular value for the maximum transmission unit - one thing you can do is to use the ``ping`` command to try to determine what a good size might be. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Troubleshooting - Don't Fragment (DF) [Special bit in IP Header] - ``ping`` - Maximum size of IP Packet
***

You can start with the maximum size of an IP packet, and then start working down until you're able to ``ping`` a device on the other side of a network. 

You can send this ``ping`` command with a special option that turns on the don't fragment (DF) bit and then you can set it to be the maximum size of 1472 bytes. 

That means that you're using the entire 1500 bytes, including the 8-byte ICMP header and a 20-byte IP address, making it 1472 bytes. 

< [Table of Contents](#top) | [References](#references) >
<a id="___"></a>
***
###### Maximum Transmission Unit (MTU) - Troubleshooting - Don't Fragment (DF) [Special bit in IP Header] - ``ping`` - Maximum size of IP Packet - ``ping -f -l 1472 <ip address>``
***

If you're in Windows, you would use the ``ping`` command with the ``-f`` to tell it not to fragment and then a ``-l`` to specify what the length might be and in our case, we're going to use 1472 and then we use the IP address of the device that's on the other side of this communication. 

If that ping doesn't work, we'll lower the amount of data we're sending through and try sending it again. We'll keep lowering that amount until we finally find exactly the right amount to be able to send the largest amount of data through without requiring any type of fragmentation.

***
## END

< [Table of Contents](#top) >
<a id="references"></a>
***
## References
***

J. "Professor" Messer, "CompTIA Network+ (N10-007) Course Notes," [professormesser.com](https://web.archive.org/web/20220404153917/https://www.professormesser.com/network-plus/n10-007/n10-007-training-course/), March 2019.

***
## END

< [Table of Contents](#top) | [References](#references) >
<a id="appendix"></a>
***
## Appendix
***

***
## END

In [1]:
from IPython.core.display import display,HTML
display(HTML("<style>.container { width:100% !important; }</style>"))

# END JUPYTER NOTEBOOK