* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download BOOTP Packet Format - Texas Tech University
Server Message Block wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Wireless security wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Network tap wikipedia , lookup
TCP congestion control wikipedia , lookup
Remote Desktop Services wikipedia , lookup
Airborne Networking wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Computer network wikipedia , lookup
Distributed firewall wikipedia , lookup
Deep packet inspection wikipedia , lookup
Dynamic Host Configuration Protocol wikipedia , lookup
Wake-on-LAN wikipedia , lookup
UniPro protocol stack wikipedia , lookup
Internet protocol suite wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Originally (1/7/01) by: Usha Viswanathan Modified (1/17/03) by: John R. Durrett 1 Presentation Overview – – – – – – – – TCP/IP ideas and origins Conceptual Model: OSI and TCP/IP TCP/IP protocol architecture IP addressing IP Routing TCP Applications IPv6 2 TCP/IP The “lingua franca” of the Internet. 3 ISO’s Open Systems Interconnect (OSI) Reference Model – Protocol Layering • Series of small modules Well defined interfaces, hidden inner processes Δ Process modules can be replaced Lower layers provide services to higher layers – Protocol Stack: modules taken together – Each layer communicates with its pair on the other machine 4 The OSI Model Sender Receiver Application Application The path messages take Presentation Presentation Session Session Transport Transport Network Network Datalink Datalink Across Network Physical Physical 5 OSI Layers Communication partners, QoS identified Semantics , encryption compression (gateways) Application Presentation Establishes, manages, terminates sessions Session Sequencing, flow/error control, name/address resolution Routing, network addresses (routers) Transport Network MAC address, low level error control (bridges ) Datalink Encoding/decoding digital bits, interface card Physical 6 TCP/IP Application Application Transport Layer Transport Layer Transport Layer Network Layer Network Layer Network Layer Network Layer Network Layer Network Layer Alice Router Bob 7 TCP/IP: The Protocols and the OSI Model Application Presentation Session Transport TELNET FTP SMTP DNS SNMP DHCP RIP RTP RTCP Transmission Control Protocol User Datagram Protocol OSPF ICMP IGMP Internet Protocol Network ARP Datalink Physical Ethernet Token Bus Token Ring FDDI 8 Data Encapsulation by Layer Data Application TCP Header Datagram TCP Network Packet Data Link Frame Destination Opens envelopes layer-by-layer 9 Transmission Control Protocol (TCP) – – – – – – Traditional TCP/IP Security: None • No authenticity, confidentiality, or integrity • Future: IPSec Workhorse of the internet • FTP, telnet, ssh, email, http, etc. The protocol responsible for the reliable transmission and reception of data. Unreliable service is provided by UDP. Transport layer protocol. Can run multiple applications using the same transport. • Multiplex through port numbers 10 TCP Fields Source port Destination port Sequence number Acknowledgment number Data offset Reserved U A P R S F R C S S Y I P K H T N N Window Checksum Urgent pointer Options Padding data 11 TCP Connection Establishment – Alice to Bob: SYN with Initial Sequence Number-a – Bob to Alice: ACK ISN-a with ISN-b – Alice to Bob: ISN-b – Connection Established 12 User Datagram Protocol (UDP) – – Connectionless Does not retransmit lost packets Does not order packets Inherently unreliable – Mainly tasks where speed is essential – Streaming audio and video DNS – – – Source Port Destination Port Message Length Checksum Data … 13 ICMP: network plumber Message Type Type # Purpose Echo Reply 0 Ping response –system is alive Destination Unreachable 3 No route, protocol, or port closed Source Quench 4 Slow down transmission Redirect 5 Reroute traffic Echo 8 Ping Time Exceeded 11 TTL exceeded packet dropped Parameter Problem 12 Bad header Timestamp 13 Time sent and requested Timestamp return 14 Time request reply Information request 15 Hosts asks: What network am I on Information Reply 16 Information Response 14 Ports “Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. The contact port is sometimes called the "well-known port". PORT USE 17 Quote of the Day 20 File Transfer Data 21 File Transfer Control •Priviledged – unprivileged ports 22 SSH •Netstat –na 23 Telnet 25 SMTP 43 Whois (tcp & udp) 666 Doom •Source port •Destination port •Logical connection 15 IP Address – uniquely identifies a computer on a network – 32 bits, 4 bytes of 8 bits each: xxxxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx dotted quad notation system Example 198.113.201.23 There are five classes of addresses: A - E. – – – 16 Identifying a Class Address Identifier Class A 0 Network Address 0-126 Host Address 16,277,214 hosts per network ID 7 bits of network address First byte 65,354 hosts Class B 128-191 14 bits of network address 10 First two bytes Class C 192-223 254 hosts 21 bits of network address 110 First three bytes 24 bits of host address Last three bytes 16 bits of host address Last two bytes 8 bits of host address Last byte Class D 224-239 1110 Multicast address in the range of 224.0.0.0 - 239.255.255.255 Class E 240-255 11110 Class E - Reserved for future use 17 Subnetting Customer Site 130.1.0.0 Internet – – 130.1.1.0 130.1.2.0 130.1.3.0 ....... 130.1.255.0 Each address consists of two components: Network address and Host address Determined by Netmask 10.21.41.3 = 00001010 00010101 00101001 00000011 – 255.255.0.0 = 11111111 11111111 00000000 00000000 – – Network address is IP XORed with netmask 18 Masks and Prefixes – The addresses 210.10.40.0/24 and 210.10.40.0/255.255.255.0 mean the exact same thing. IP Network Address Prefix Subnet Mask 128.1.0.0 /16 255.255.0.0 190.1.8.0 /21 255.255.248.0 207.16.16.128 /25 255.255.255.128 19 IP Addressing Customer can split the network into multiple subnets, each with an entry in the local router table. One entry in the Global Routing Tables Internet 150.1.0.0 Router 150.1.4.0 150.1.10.0 150.1.12.0 150.1.1.0 150.1.5.0 150.1.9.0 150.1.11.0 150.1.2.0 150.1.17.0 150.1.6.0 150.1.15.0 150.1.3.0 150.1.16.0 150.1.14.0 150.1.7.0 1501.13.0 150.1.8.0 Autonomous System (Typical Customer Network) 20 Address Allocation (The Internet Registry) IANA InterNIC America RIPE Europe APNIC Asia National Regional Consumer 21 Domain Name Service (DNS) TELNET Sun_server (1) Name Query “Sun_Server” (2) Query Response “198.1.1.1” (3) Connection 11000 1 198.1.1.1 198.1.1.2 DNS Resolver – – Name Server 101010 Database containing the mapping for Sun_Server 198.1.1.1 Provides a naming service for TCP/IP. • Provides many functions related to IP addresses and names Three components • A name server, a name resolver, and a database 22 DNS Structure – – – – – Hierarchical in structure. Each level provides further definition. Each branch is called a level (63 characters in length). Internet Registry provides uniqueness in names. A single domain is assigned and may be further defined by the local site. 23 Domain Structure Root Server com .firm edu .arts com .nom gov .rec mil .info net .web .store The extra top-level domains (TLDs) that are shown as the bottom set of boxes are proposed, they are shown here as examples, and as of this writing have not been adopted. 24 Network Address Translation (NAT) – – – – Illegal Addresses Unroutable addresses: 10.0.0.0 192.168.0.0 Limited address space in IP V4 NAT maps bad to valid addresses • Mapping to single external address • One-to-One mapping • Dynamically allocated addresses 12.13.4.5 10.0.0.5 Router 25 Name Servers Query “labhost.bnr.ca.us” Root server Referral to us server Query “labhost.bnr.ca.us” Query “labhost.bnr.ca.us” Name Server IP address of “labhost.bnr.ca.us” .us server Referral to ca.us server Query “labhost.bnr.ca.us” .ca.us server Referral to bnr.ca.us server Query “labhost.bnr.ca.us” bnr.ca.us server IP address of “labhost.bnr.ca.us” 26 Logical Structure of the Internet Protocol Suite HTTP TELNET FTP TFTP DNS SNMP User Datagram Protocol Transmission Control Protocol Connectionless Connection Oriented IP (ICMP,IGMP) Internet Addressing ARP RARP Physical Layer 27 Address Resolution Protocol (ARP) Maps IP addresses to MAC addresses When host initializes on local network: – ARP broadcast : IP and MAC address – If duplicate IP address, TCP/IP fails to initialize Address Resolution Process on Local Network – Is IP address on local network? – ARP cache – ARP request – ARP reply – ARP cache update on both machines 28 ARP Operation Give me the MAC address of station 129.1.1.4 Here is my MAC address ARP Request 129.1.1.1 ARP Response Accepted B Not me Request Ignored C Not me Request Ignored 129.1.1.4 That’s me 29 Address Resolution on Remote Network – IP address determined to be remote – ARP resolves the address of each router on the way – Router uses ARP to forward packet Router Network A Network B 30 Reverse Address Resolution Protocol (RARP) Give me my IP address RARP Response 129.1.1.1 Not me Not me RARP Request Diskless Workstation B RARP Response Accepted Request Ignored C RARP Server Request Ignored Same packet type used as ARP Only works on local subnets Used for diskless workstations 31 The Internet Protocol (IP) – – IP’s main function is to provide for the interconnection of subnetworks to form an internet in order to pass data. The functions provided by IP are: • Addressing • Routing • Fragmentation of datagrams 32 Host Name Resolution Standard Resolution – – – Checks local name Local HOSTS file DNS server Windows NT Specific Resolution – – – – NetBIOS cache WINS server b-node broadcasts LMHOSTS file (NetBIOS name) 33 Routing Packets – Process of moving a packet from one network to another toward its destination – RIP, OSPF, BGP – Dynamic routing – Static routing – Source routing 34 IP Routing – – – – – – IP routing is the process by which packets are routed and delivered between networks Local vs remote networks Router vs default gateway Static vs dynamic routing Two types: direct and indirect. Two types of protocols IGP and EGP. • IGP provides for routing within a single AS • EGP provides for routing between ASs 35 Direct and Indirect Routing Direct Routing Direct Routing Station B 140.1.2.1 Station A 140.1.1.1 Station C 140.1.3.1 Indirect Routing Station D 140.2.1.1 – Network numbers must match for direct routing. – Different network numbers for indirect routing. – Remote nodes may use a combination of both direct and indirect routing. 36 Hubs & Switches – Hub: • broadcasts information received on one interface to all other physical interfaces – Switch: • does not broadcast • Uses MAC address to determine correct interface 37 Firewalls – Control the flow of traffic between networks – Internal, External, Server, Client Firewalls – Traditional Packet filters Stateful Packet filters Proxy-based Firewalls – – 38 Traditional Packet Filters – – – Analyses each packet to determine drop or pass SourceIP, DestinationIP, SrcPort, DestPort, Codebits, Protocol, Interface Very limited view of traffic Action Source Destination Protocol SrcPort Dest Port Codebits Allow Inside Outside TCP Any 80 Any Allow Outside Inside TCP 80 >1023 ACK Deny All All All All All All 39 Stateful Packet Filters – Adds memory of previous packets to traditional packet filters – When packet part of initial connection (SYN) it is remembered Other packets analyzed according to previous connections – 40 Proxy-based (Application) Firewalls – Focus on application to application – Can approve: • By user • By application • By source or destination – Mom calls, wife answers, etc. 41 IP Address Allocation – – – Automatic Allocation: permanently assigns an IP address to a station. Dynamic Allocation: assigns an IP address to a requesting station for specified amount of time. Manual Allocation: preconfigure the server to give the requesting station the same IP address every time it requests it. 46 Security – Encryption: Symmetric vs Asymmetric, hash codes – Application Layer • PGP, GnuPG, S/MIME, SSH – Session Layer: Secure Socket Layer (SSL) • Digital certificates to authenticate systems and distribute encryption keys • Transport Layer Security (TLS) – Network-IP Layer Security (IPSec) • AH: digital signatures • ESP: confidentiality, authentication of data source, integrity 47 IPSec Authentication Header (AH) Next Header Payload Length Reserved Security Parameters Index (SPI) Sequence Number Field Authentication Data (variable number of 32 bit Words) 48 IPSec: Encapsulating Security Payload (ESP) Security Parameters Index (SPI) Sequence Number Field Opaque Data, variable Length Padding Pad Length Next Header Authentication Data 49 Introduction to the TCP/IP Standard Applications – – – – – – DHCP–Provides for management of IP parameters. TELNET–Provides remote terminal emulation. FTP–Provides a file transfer protocol. TFTP–Provides for a simple file transfer protocol. SMTP–Provides a mail service. DNS–Provides for a name service. 50 DHCP Operation DHCP Server B DHCP Server A DHCP Client DHCP Discover FFFFFF DHCP A Offer (IP addr) DHCP B Offer (IP addr) DHCP Request (A) DHCP A ACK 51 TELNET TELNET server Host TELNET server TELNET client 52 File Transfer Protocol (FTP) Host Storage Client (TFTP – uses UDP) 53 Simple Mail Transfer Protocol (SMTP) –Today known as Electronic Mail, or email. –RFCs 821, 822, 974. –Email still cannot transport packages and other items. –Email is very fast and guarantees delivery. –Three protocols are used for today’s email. • SMTP–operates over TCP • POP–operates over TCP • DNS–operates over UDP –SMTP allows for the sending/receiving of email. –POP allows us to intermittently retrieve email. –DNS makes it simple. 54 Post Office Protocol (POP) – – – – SMTP is set up to send and receive mail by hosts that are up full time. • No rules for those hosts that are intermittent on the LAN POP emulates you as a host on the network. • It receives SMTP mail for you to retrieve later POP accounts are set up for you by an ISP or your company. POP retrieves your mail and downloads it to your personal computer when you sign on to your POP account. 55 POP Operation POP Server POP Client TCP port 110 connection attempt Send authentication Retrieve all messages Send QUIT command Session closed Read messages locally “POP3 server ready” reply Wait for authentication Process authentication and if okay, enter transaction state Lock mailbox for user. Assign messages numbers Send messages Delete (possibly) messages Quit received Perform update on mailbox 56 SMTP, DNS, and POP Topology Your PC Your ISP Retrieve mail Send mail POP Server mnaugle user1 user2 DNS SMTP POP3/SMTP root DNS Internet Remote ISP DNS send mail Joe’s PC SMTP joe Retrieve mail POP Server 57 IPv6 – – IPv6 features: • 128 bit address space • 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses • ARP not used, “Neighbor Discovery Protocol" IPv6 addressing: • Unicast: A one-to-one IP transfer • Multicast: A one-to-many-but-not-all transfer • Anycast: A one-to-many-but-not-all (nearest in group) • No broadcast 58 References – – RFCs: 1180 - A TCP/IP tutorial, 1812 - IP Version 4 Routers 1122 - Requirements for Internet Hosts -- Communication Layers 1123 –Requirements for Internet Hosts -- Application & Support 826 – Address Resolution Protocol, 791 – IP addressing, 950 – Subnetting, 1700 – Assigned Numbers TCP/IP 24/7 (ISBN: 0782125093) – MCSE TCP/IP for Dummies : Cameron Brandon – Illustrated TCP/IP : Matthew Naugle 59