ISY 143 Chapter 9 Network Fundamentals
12 Types of Network Protocols
- AppleTalk - Asynchronous Transfer Mode (ATM) - DECnet - Ethernet - Fiber Distributed Data Interface (FDDI) - Internet Protocols (IP) - Internetwork Packet Exchange (IPX) - Signaling System 7 (SS7) - Systems Network Architecture (SNA) - Token Ring - Transmission Control Protocol/ Internet Protocol (TCP/IP) - X.25
Dynamic Host Configuration Protocol (DHCP)
- DHCP server keeps an address pool Addresses leased - Can share an address among devices (one device per address at a time) - Less time consuming and error prone - DHCP can also give a host additional information, such as its subnet mask and its default gateway - Servers are given static addresses; end user systems' addresses are often assigned dynamically.
Denial-of-Service (DoS) Attacks
- ICMP has been greatly abused by attackers to execute denial-of-service (DoS) attacks - Because ICMP packets are very small and connectionless, many thousands can be generated by a single system in a very short period of time - Attackers have developed methods to trick many systems into generating thousands of ICMP packets with a common destination—the attacker's target
What are the protocols for managing and transmitting data between packet-switched computer networks originally developed for the Department of Defense? Most users are familiar with Internet protocols such as email, File Transfer Protocol (FTP), Telnet, and Hypertext Transfer Protocol (HTTP).
Internet Protocols (IP)
What was the networking protocol created by Novell for use with Novell NetWare operating systems called?
Internetwork Packet Exchange (IPX)
Packets
Large chunks of data must typically be broken up into smaller, more manageable chunks (called packets) before they are transmitted from one computer to another. -More effectively share bandwidth -Only need to retransmit smaller amount of data if there is a problem in communication
Mixed (or Hybrid) Topology
More than one topology at the same time
IPv4 Addresses
EX: 192.0.54.87 - 32 bits - Dotted decimal notation - Hierarchical - Network portion - Host portionNet
Star Topology
Network components are connected to a central point.
Ring Topology
Network components are connected to each other in a closed loop with each device directly connected to two other devices.
Bus Topology
Network components are connected to the same cable, often called "the bus" or "the backbone."
What is the name of the communications protocol used between private branch exchanges (PBXs) to handle tasks such as call setup, routing, and teardown?
Signaling System 7 (SS7)
What set of network protocols developed by IBM, originally used to connect IBM's mainframe systems?
Systems Network Architecture (SNA)
TCP vs. UDP
Transport layer protocols -TCP = reliable -UDP = unreliable (best effort) -Provides process-to-process delivery - TCP is a "connection-oriented" protocol and offers reliability and guaranteed delivery of packets. UDP is a "connectionless" protocol with no guarantees of delivery.
Networks
Two or more computers communication together for the purposes of sharing information, along with the necessary infrastructure
Three Types of IPv4 Destination Addresses
Unicast - Single destination - Host portion mixes zeroes and ones - Sample usage: Most user data Multicast - Some, but not all, hosts are intended recipient - Class D address (First octet between 224 and 239 inclusive) - Sample usage: Exchange of routing information, videoconferencing Broadcast - Directed broadcast - broadcast within a network 255.255.255.255. Such broadcasts are NOT forwarded by routers - Limited broadcasts - host portion all ones. Forwarded by routers - Sample usage: ARP requests, DHCP
ICMP
Used to: - Determine remote network's availability and the length of time to reach a remote network - Report to sender errors in transmission back - During the early development of large networks, it was quickly discovered that there needed to be some mechanism for managing the overall infrastructure—handling connection status, traffic flow, availability, and errors. - This mechanism is the ICMP protocol. -ICMP is a control and information protocol and is used by network devices to determine such things as a remote network's availability, the length of time to reach a remote network, and the best route for packets to take when traveling to that remote network (using ICMP redirect messages, for example). - ICMP can also be used to handle the flow of traffic, telling other network devices to "slow down" transmission speeds if packets are coming in too fast. - ICMP, like UDP, is a connectionless protocol. ICMP was designed to carry small messages quickly with minimal overhead or impact to bandwidth.
Wide Area Network (WAN)
tends to be larger, covering more geographic area, and consists of two or more systems in geographically separated areas connected by any of a variety of methods such as leased lines, radio waves, satellite relays, microwaves, or even dial up connections.
Private Addresses
- 10.0.0.0-10.255.255.255 (10.0.0.0/8) - 172.16.0.0-172.31.255.255 (172.16.0.0/12) - 192.168.0.0-192.168.255.255 (192.168.0.0/16) - AKA RFC 1918 Addresses
Storage Area Network (SAN)
A high-speed network connecting a variety of storage devices such as tape systems, RAID arrays, optical drives, file servers, and others.
Virtual Local Area Network (VLAN)
A logical network allowing systems on different physical networks to interact as if they were connected to same physical network.
IP Addresses and Subnetting
- IP address are 32-bit numbers represented as four groups of 8 bits each (called octets). - Of those 32 bits in an IP address, some are used for the network portion of the address (the network ID), and some are used for the host portion of the address (the host ID). - Subnetting is the process that is used to divide those 32 bits in an IP address and tell you how many of the 32 bits are being used for the network ID and how many are being used for the host ID.
Remote Packet Delivery
- IPv4 addresses are 32-bit numbers that usually are expressed as a group of four numbers (such as 140.1.1.132) - IPv6 addresses are 128 bits long - In order to send a packet to a specific system on the other side of the world, you have to know the remote system's IP address - Each packet includes the IP address of both the sender and the receiver - IP addresses are sometimes called Layer 3 or logical addresses
Port Address Translation (PAT)
- Is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
Subnetting
- Let's look at an example using the IP address 10.10.10.101 with a subnet mask of 255.255.255.0. - First you must convert the address and subnet mask to their binary representations: - Subnet Mask: 11111111.11111111.11111111.00000000 - IP Address: 00001010.00001010.00001010.01100101 - Then, you perform a bitwise AND operation to get the network address. - The bitwise AND operation examines each set of matching bits from the binary representation of the subnet mask and the binary representation of the IP address. - For each set where both the mask and address bits are 1, the result of the AND operation is a 1. - Otherwise, if either bit is a 0, the result is a 0. - So, for our example we get Network Address: 00001010.00001010.00001010.00000000 which in decimal is 10.10.10.0, the network ID of our IP network address (translate the binary representation to decimal). - The network ID and subnet mask together tell us that the first three octets of our address are network-related (10.10.10.), which means that the last octet of our address is the host portion (101 in this case). - In our example, the network portion of the address is 10.10.10 and the host portion is 101. - Another shortcut in identifying which of the 32 bits is being used in the network ID is to look at the subnet mask after it's been converted to its binary representation. If there's a 1 in the subnet mask, then the corresponding bit in the binary representation of the - IP address is being used as part of the network ID. In the preceding example, the subnet mask of 255.255.255.0 in binary representation is 11111111.11111111.11111111.00000000. - We can see that there's a 1 in the first 24 spots, which means that the first 24 bits of the IP address are being used as the network ID (which is the first three octets of 255.255.255).
Network Classes
- Network address spaces are traditionally divided into one of three classes: - Class A supports 16,777,214 hosts on each network with a default subnet mask of 255.0.0.0 Subnets: 0.0.0.0 to 126.255.255.255. - Class B supports 65,534 hosts on each network with a default subnet mask of 255.255.0.0 Subnets: 128.0.0.0 to 191.255.255.255. - Class C supports 253 hosts on each network with a default subnet mask of 255.255.255.0 Subnets: 192.0.0.0 to 223.255.255.255. - Everything above 224.0.0.0 is reserved for either multicasting or future use. - In addition, certain subnets are reserved for private use and are not routed across public networks such as the Internet: ■ 10.0.0.0 to 10.255.255.255 ■ 172.16.0.0 to 172.31.255.255 ■ 192.168.0.0 to 192.168.255.255 ■ 169.254.0.1 to 169.254.255.254
What are three ways of communication over a network?
- Protocols and History - OSI networking Model - Packet Delivery and routing
Internet Protocols (IP)
- Provides addresses used in the internet - IPv4 and IPv6
Network Address Translation (NAT)
- To compensate for this lack of available IP address space, we use Network Address Translation (NAT). - NAT translates private (nonroutable) IP addresses into public (routable) IP addresses.
IPv4 Masks
-32 bits: ones followed by zeroes 11111111 11111111 11111111 00000000 - Identify network and host portions in address - One bit in mask means corresponding bit in address is a network bit - Zero bit in mask means corresponding bit in address is a host bit - Dotted decimal or slash notation 255.255.255.0 /24
Addressing
-A specific identity for your device.
Network Protocols
-Agreed-upon formats for exchanging or transmitting data between systems -Define a number of agreed upon parameters, such as: -The data compression method -The type of error checking to use -Mechanisms for systems to signal when they have finished either receiving or transmitting data
Intranet
A "private" network that is accessible only to authorized users. Many large corporations host an intranet to facilitate information sharing within their organization.
Campus area network (CAN)
A network connecting any number of buildings in an office or university complex (also referred to as a campus wide area network).
Metropolitan area network (MAN)
A network designed for a specific geographic locality such as a town or a city.
Client/Server
A network in which powerful, dedicated systems called servers provide resources to individual workstations or clients.
What defines a number of parameters, such as the data compression method, the type of error checking to use, and mechanisms for systems to signal when they have finished either receiving or transmitting data?
A protocol
4 types of IP addresses (Network & Hosts)
A. N.N.N.H B. N.N.H.H C. N.H.H.H D. Multicast Address
IP Packet
An IP packet has two main sections: the header and the data section (sometimes called the payload). - The header section contains all of the information needed to describe the packet. - Some of the things included in the header include: What kind of packet it is (protocol version number) How large the header of the packet is (packet header length) - How to process this packet (type of service telling the network whether or not to use options such as minimize delay, maximize throughput, maximize reliability, and minimize cost) - How large the entire packet is (overall length of packet—since this is a 16-bit field, the maximum size of an IP packet is 65,535 bytes, but in practice most packets are around 1500 bytes) - A unique identifier so that this packet can be distinguished from other packets Whether or not this packet is part of a longer data stream and should be handled relative to other packets - Flags that indicate whether or not special handling of this packet is necessary A description of where this packet fits into the data stream as compared to other packets (the fragment offset) - A "time to live" field that indicates the packet should be discarded if the value is zero
What is the communications protocol developed by apple to connect Macintosh computers and printers called?
AppleTalk
What protocol is based on transferring data in fixed-size packets so the fixed packet help ensures that no single data type monopolizes the available bandwidth?
Asynchronous Transfer Mode (ATM)
The OSI Model
Communications protocols were developed around the Open System Interconnection (OSI) model. The OSI model, is a standard for worldwide communications that defines a framework for implementing protocols and networking components in seven distinct layers. - Within the OSI model, control is passed from one layer to another (topdown) before it exits one system and enters another system, where control is passed bottom-up to complete the communications cycle. -It is important to note that most protocols only loosely follow the OSI model; several protocols combine one or more layers into a single function. The OSI model also provides a certain level of abstraction and isolation for each layer, which only needs to know how to interact with the layer above and below it. -The application layer, for example, only needs to know how to communicate with the presentation layer—it does not need to talk directly to the physical layer.
TCP
Connection-oriented Reliable, guaranteed delivery Data will be properly ordered when given to application Sequence numbers Three-way handshake: - TCP is a "connection-oriented" protocol and was specifically designed to provide a reliable connection between two hosts exchanging data. - TCP was also designed to ensure that packets are processed in the same order in which they were sent. - As part of the TCP protocol, each packet has a sequence number to show where that packet fits into the overall conversation. - With the sequence numbers, packets can arrive in any order and at different times and the receiving system will still know the correct order for processing them. - The sequence numbers also let the receiving system know if packets are missing—receiving packets 1, 2, 4, and 7 tells us that packets 3, 5, and 6 are missing and needed as part of this conversation. - The receiving system can then request retransmission of packets from the sender to fill in any gaps.
UDP
Connectionless protocol - Packets are created and sent on their way - Unreliable, best effort, no guarantee of delivery - Data may be submitted to application out of order - UDP is known as a "connectionless" protocol as it has very few error recovery services and no guarantee of packet delivery. - With UDP, packets are created and sent on their way. - The sender has no idea whether the packets were successfully received or whether they were received in order. - In that respect, UDP packets are much like postcards—you address them and drop them in the mailbox, not really knowing if, when, or how the postcards reach your intended audience. - Even though packet loss and corruption are relatively rare on modern networks, UDP is considered to be an unreliable protocol and is often only used for network services that are not greatly affected by the occasional lost or dropped packet. - Time synchronization requests, name lookups, and streaming audio are good examples of network services based on the UDP protocol. - UDP also happens to be a fairly "efficient" protocol in terms of content delivery versus overhead. - With UDP, more time and space is dedicated to content (data) delivery than with other protocols such as TCP. - This makes UDP a good candidate for streaming protocols, as more of the available bandwidth and resources are used for data delivery than with other protocols.
What is the protocol developed by Digital Equipment Corporation that's used to connect PDP and VAX systems?
DECnet
Domain Name System (DNS)
DNS translates names into IP addresses. When you enter the name of your favorite web site into the location bar of your web browser and press ENTER, the computer has to figure out what IP address belongs to that name.
Local Packet Delivery
Each journey though a single network involves a local sender and receiver address, sometimes called a layer 2 or physical address -With Ethernet, the addresses are called MAC addresses - To find another system's MAC address, the Address Resolution Protocol (ARP) is used ARP resolves IP addresses to MAC addresses Example: 02:07:E9:D8:FB:CA - When the packet moves into a different network, different local addresses are used -Packets delivered on a network, such as an office LAN, are usually sent using the destination system's hardware address, or Media Access Control (MAC) address. - Each network card or network device is supposed to have a unique hardware address so that it can be specifically addressed for network traffic. - MAC addresses are assigned to a device or network card by the manufacturer, and each manufacturer is assigned a specific block of MAC addresses to prevent two devices from sharing the same MAC address. - MAC addresses are usually expressed as six pairs of hexadecimal digits, such as 00:07:e9:7c:c8:aa. In order for a system to send data to another system on the network, it must first find out the destination system's MAC address. - Maintaining a list of every local system's MAC address is both costly and time consuming, and although a system may store MAC addresses temporarily for convenience, in many cases the sender must find the destination MAC address before sending any packets. - To find another system's MAC address, the Address Resolution Protocol (ARP) is used. Essentially, this is the computer's way of finding out "who owns the blue convertible with license number 123JAK." - In most cases, systems know the IP address they wish to send to, but not the MAC address. Using an ARP request, the sending system will send out a query: Who is 10.1.1.140? This broadcast query is examined by every system on the local network, but only the system whose IP address is 10.1.1.140 will respond. That system will send back a response that says "I'm 10.1.1.140 and my MAC address is 00:07:e9:7c:c8:aa." - The sending system will then format the packet for delivery and drop it on the network media, stamped with the MAC address of the destination workstation.
What LAN protocol was developed jointly by Xerox, DEC, and Intel- the most widely implemented LAN standard?
Ethernet
What are the three types of IPv4 addresses?
Every network has: - Network address - first address in network (all zeros in host portion) - Broadcast address - last address in network (all ones in host portion) - Host addresses - everything in between
What's the protocol that sends digital data over fiber-optic cabling?
Fiber Distributed Data Interface (FDDI)
Network Topology
How the network is physically or logically arranged.
How do you configure a Windows Host's IPv4 Address?
On a host: ncpa.cpl to bring up network control panel
Packet Delivery
Packet delivery can be divided into two sections: local and remote packet delivery. - Local delivery applies to packets being sent out on a local network - Remote delivery applies to packets being delivered to a remote system, such as across the Internet - A remote delivery can be decomposed into a string of local deliveries - Every packet has two types of addresses: the one for remote delivery (IP address) remains constant throughout the journey; the one for local delivery (e.g., MAC address) changes with each network - Ultimately, packets may follow a local delivery, remote delivery, local delivery pattern before reaching their intended destination. - The biggest difference in local versus remote delivery is how packets are addressed. Network systems have addresses, not unlike office numbers or street addresses, and before a packet can be successfully delivered, the sender needs to know the address of the destination system.
Three- Way Handshake
The "guaranteed and reliable" aspect of the TCP protocol makes it very popular for many network applications and services such as HTTP, FTP, and Telnet. - As part of the connection, TCP requires that systems follow a specific pattern when establishing communications. - The "guaranteed and reliable" aspect of the TCP protocol makes it very popular for many network applications and services such as HTTP, FTP, and Telnet. - As part of the connection, TCP requires that systems follow a specific pattern when establishing communications. - This pattern, often called the three-way handshake, is a sequence of very specific steps: 1. The originating host (usually called the client) sends a SYN (synchronize) packet to the destination host (usually called the server). The SYN packet tells the server what port the client wants to connect to and the initial packet sequence number of the client. 2. The server sends a SYN/ACK packet back to the client. This SYN/ACK (synchronize/acknowledge) tells the client "I received your request" and also contains the server's initial packet sequence number. 3. The client responds to the server with an ACK packet to complete the connection establishment process.
Routing
The process of moving packets from one network to another is called routing and is critical to the flow of information across the Internet. - To accomplish this task, routers use forwarding tables to determine where a packet should go. - When a packet reaches a router, the router looks at the destination address to determine where to send the packet. - Before sending the packet, your system will first determine if the destination IP address is on a local or remote network. - In most cases, it will be on a remote network and your system will not know how to reach that remote network. - Again, it would not be practical for your system to know how to directly reach every other system on the Internet, so your system will forward the packet to a network gateway. - Network gateways, usually called routers, are devices that are used to interconnect networks and move packets from one network to another. That process of moving packets from one network to another is called routing and is critical to the flow of information across the Internet. - To accomplish this task, routers use forwarding tables to determine where a packet should go. - When a packet reaches a router, the router looks at the destination address to determine where to send the packet. - If the router's forwarding tables indicate where the packet should go, the router sends the packet out along the appropriate route. - If the router does not know where the destination network is, it forwards the packet to its defined gateway, which repeats the same process. - Eventually, after traversing various networks and being passed through various routers, our packet arrives at the router serving the network with the web site we are trying to reach. - This router determines the appropriate MAC address of the destination system and forwards the packet accordingly.
What are the steps to determine whether a packet has a local or remote destination?
The steps a host takes to determine whether a packet has a local or remote destination: 1. Bitwise AND the destination address and the mask to determine the network address of the destination network. 2. Bitwise AND host's own address and the mask to determine the network address of the local network. 3. If results of first two steps are identical, the packet has a local destination. Use the destination host's local address 4. If the results of the first two steps are different, the packet has a remote destination. Use the default gateway's local address.
Topology
how the network is physically or logically arranged.
Protocol
is an agreed- upon format for exchanging or transmitting data between systems.
Local Area Network (LAN)
is smaller, in terms of size and geographic coverage and consists of two or more connected devices. - Home networks and most small office networks can be classified as an LAN.