Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
CISC 370 - Class Today • • • • Projects Hubs, Switches, Routers, Bridges Ethernet wrapup Carlson Case Study 5/25/2017 R. Smith - University of St Thomas - Minnesota 1 Project • Select a topic and get approval • Write a 3-page outline – presents an overview of your topic, including major facts that were uncovered by your initial research. • Write a paper about your topic – it should be about 10 pages long - 3,000-5,000 words. • Give a final, 15-minute presentation – given at the final class – Group projects give a longer presentation • All members participate in the final presentation 5/25/2017 R. Smith - University of St Thomas - Minnesota 2 Project Schedule • Topic: TODAY • Outline: April 21 • Revised Outline (optional): April 28 • Papers: May 12 • Presentations: May 12 and 14 5/25/2017 R. Smith - University of St Thomas - Minnesota 3 A Little More Ethernet • The yellow ‘hose’ in the network lab – “Original” Ethernet – vampire taps • Switches, Hubs, Bridges, Routers • Long Haul Ethernet (?) 5/25/2017 R. Smith - University of St Thomas - Minnesota 4 Bridges, Hubs, Switches, Routers • Different ways to connect LANs together – – – – Router or Gateway – routes at L3 (IP layer) Bridge – routes at L2; “extends” a LAN Hub – a repeater at L2 Switch – directs L2 packets at addressed destination • Topologies – Often physically a star – May logically be a bus 5/25/2017 R. Smith - University of St Thomas - Minnesota 5 Bridges and Routers • Router (“L3 Router”) – Generally a Layer 3 “Network” device – L2 MAC addresses are left behind when going through router • Bridge “L2 Router” – Connects two separate LANs together – May use a different transfer medium to hook them together • Radio link between LANs in separate buildings – May do a little routing as opposed to simple echo • Only forward packets in remote LAN’s address range 5/25/2017 R. Smith - University of St Thomas - Minnesota 6 Switches and Hubs • Hubs – They echo all the messages they get (de facto broadcast) • Switches – Store/Forward Switch – Cut-through switch • Why did all the hubs turn to switches? – For the young folk: a few years ago, all we could buy were hubs. – Now, all they sell are switches. – What are the trade-offs? 5/25/2017 R. Smith - University of St Thomas - Minnesota 7 Long Haul Ethernet (?) • Ethernet is not supposed to be long haul! – It’s a LAN, isn’t it? • They want to exploit the rich set of existing Ethernet-based technologies • Optical technologies – 1000base-LX – single mode fiber = 5 km – 10Gbase-E single mode fiber = 40km (!!) • Now we’re getting into WAN territory (ATM) 5/25/2017 R. Smith - University of St Thomas - Minnesota 8 Carlson Case Study • Let’s do it in class • Take 10 minutes to read it over – Check out some of the references on the Internet • Break into 6 or so groups • Each group takes one of the 3 questions. 5/25/2017 R. Smith - University of St Thomas - Minnesota 9 Carlson Case Study • What hardware did they start out with? – IBM mainframe, HP & Sun servers - what are these things? • Software? – Oracle, MS Exchange, Web servers, PeopleSoft, data warehousing app 5/25/2017 R. Smith - University of St Thomas - Minnesota 10 Original configuration/problems • Where was the data at the start of this process? DAS - direct attached storage, like SATA, IDE, SCSI NAS - network attached storage, like NFS SAN - storage area network - block i/o across a LAN • Operational problems Data replication procedures - ensuring consistency Backup and disaster recovery Need 24/7 operation Existing fiber channel used for backup and control Architecture couldn't scale 5/25/2017 R. Smith - University of St Thomas - Minnesota 11 New hardware • Nishan storage switches - convert i/o operations into IP SAN operations HP disk array • SAN protocols - iSCSI • TCP/IP based SCSI commands Fiber Channel - proprietary protocol Nishan has a strategy for mapping fiber channel onto tcp/ip, used in their switches 5/25/2017 R. Smith - University of St Thomas - Minnesota 12 Wireless Applications • o LAN extension - save money on installation • o Building to Building - directed beam • o Nomad access - like at the airport • o Ad hoc networking - just need to set up a LAN without spending effort on wires General Requirements • o Throughput o Number of nodes o Backbone connection - backhaul o Service area - range o Power consumption in portable (battery driven) devices o Transmission robustness - how good is the signal? o Security - can outsiders interfere? o Colocated wireless LANs o FCC and broadcast licensing - none should be needed o Roaming/handoff o Dynamic configuration Distinguishing requirements • for the 4 applications - yes/maybe/no • • • • • • Backbone connectivity - backhaul Per-node communication privacy Access authorization Service metering (charging for connection) Number of nodes Directionality Technologies • Infrared, Spread Spectrum, Radio – Infrared – remote controls, some short haul (25 m) – Spread Spectrum – general purpose, up to 250m – Radio – narrowband microwave, up to 40m • Licensing – a potential pain – Some bands require FCC licensing (costly, political) – Industrial/Scientific/Medical – typical for 802.11 • no license needed for some uses • 802.11 Standards – Direct sequence spread spectrum • 2.4Ghz, 1-2Mbps – Frequency hopping spread spectrum, same band same speeds • 80211b - DSSS - 5.5 to 11 Mbps Spread Spectrum?? • FHSS – Frequency Hopping – Hedy Lamarr/George Antheil; SIGSALY (AT&T) – Systematically switching between radio channels/frequencies • Lamarr’s system used a piano roll (88 frequencies) • DSSS – Direct Sequence – Uses a single very wide ‘carrier’ signal that sounds like noise – Embeds small signals (‘chips’) in the larger carrier • Most chips are noise; some chips contain ‘part’ of a bit • Reconstruct the ‘real’ bits from selected chips – Allows multiple stations to ‘talk’ at the same time • By using different ‘chips’ they don’t interfere with each others’ transmissions – 54 Mbps/2.4 GHz carrier signal = 44 separate ‘channels’ Architecture • BSS - Basic Service Set – A group of wireless stations sharing the same medium = in broadcast proximity to one another and sharing data – SSID - Service Set Identifier - a marker to indicate which network a wireless packet is intended for – One station might serve as an Access Point (AP) APs connect to distribution systems (DSes) • Extended Service Set - ESS – Two or more BSSes connected by a common backbone may have overlapping broadcast proximity •IEEE 802.11 Services • o Association - establishing the initial link to a station o Reassociation - moving from one station to another o Disassociation - moving out of range or shutting down o Authentication o Privacy Medium access control • reliable data delivery – Normally 2 frame exchanges: send the data, get an ACK immediately – Sometimes 4 frame exchanges: RTS, CTS, then other 2 • This reduces risk of collision in crowded airwaves by exchanging short control messages instead of longer data packets • access control - how they take turns – DFWMAC - distributed foundation wireless MAC • One choice - distributed coordination similar to CSMA/CD • Other choice - centralized control - PCF - point coordination function – Wireless hub coordinates handshaking instead of leaving it to individual stations Wireless Security • We can disable SSID broadcast - makes networks harder to find – “Security through obscurity” – WarGames example • We can filter on MAC addresses - only talk to devices with accepted addresses • Cryptographic security WEP - Wireless equivalent privacy • Shared key encryption protocol – 128-bit keys using RC-4 Each packet has an IV Per-packet key constructed of key + IV – The secret part is much smaller than the encryption key • Poorly constructed encryption – 64-bit keys broken in 40-bit time 128-bit keys broken in 64-bit time Possible to modify a packet's contents and CRC without knowing the encryption key Wireless Protected Accesss • WPA – first try – designed as stopgap since WEP was so bad – 128-bit keys using RC-4 – Pre-shared keys updated using TKIP - Temporal Key Integrity Protocol • Better integrity protection • Larger effective keys • Key update protocol • WPA2 - 802.11i - full implementation of WPA – Use permanent keys to authenticate; temporary keys to encrypt – Can use RADIUS authentication server (protocol called 802.1X) • (what is this RADIUS thing about?) Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/bysa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. 5/25/2017 R. Smith - University of St Thomas - Minnesota 24