* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download IP Addresses
Survey
Document related concepts
Wireless security wikipedia , lookup
Network tap wikipedia , lookup
Remote Desktop Services wikipedia , lookup
Dynamic Host Configuration Protocol wikipedia , lookup
Deep packet inspection wikipedia , lookup
Airborne Networking wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer network wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Internet protocol suite wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Architecting the Internet Chapter 11 Learn how to… • • • • Map the TCP/IP Model to the OSI Model. Explain Internet addressing. List network utilities for troubleshooting. Explain how domain names map to IP addresses. • List the content and delivery services provided to end users. Understanding TCP/IP Internet Architecture IETF • The Internet Engineering Task Force (IETF) is the standards body in charge of defining Internet protocols. – Defines protocols through a Request for Comments (RFC) process. • IETF assigns protocols an RFC number and an RFC maturity state. – For more information, visit www.ietf.org RFC Maturity States • Proposed – The protocol has been accepted for consideration and may advance through the rest of the stages to become an Internet standard. • Draft – The IETF is now considering adopting the protocol as an Internet standard. • Internet Standard – The protocol passed the testing and proved its merit on the Internet. Special RFC Maturity States • Experimental – The protocol is not ready for testing outside carefullycontrolled laboratory situations. • Historic – The standard has become obsolete or unnecessary. • Informational – The standard is from a non-IETF vendor or standards body. RFC • The complete list of RFCs is at www.ietf.org/iesg/1rfc_index.txt • To view an RFC, type its number in the search engine at www.ietf.org/rfc.html Application Layer Protocols HTTP • Hypertext Transfer Protocol (HTTP) – Transfers hypertext Web pages across the Internet. – RFC 1945 for HTTP 1.0 – RFC 2616 for HTTP 1.1 FTP • File Transfer Protocol (FTP) – Is used when you log on to an FTP server to transfer files over the Internet from one computer to another. – RFC 959 TFTP • Trivial File Transfer Protocol (TFTP) – Is a simpler form of FTP. – Used by diskless workstations and some routers to get their configuration files during startup. – Uses UDP. – RFC 1350 Telnet and Gopher • Telnet – Terminal emulation protocol that enables users to log on to remote host computers over the Internet. – RFC 854 • Gopher – Distributed document search and retrieval. – RFC 1436 SMTP • Simple Mail Transfer Protocol (SMTP) – Rules for transferring e-mail over the Internet. – RFC 821 – Post Office Protocol version 3 (POP3) is a related standard (RFC 1939) that specifies how users retrieve their e-mail from a mail server. NNTP and DNS • Network News Transfer Protocol (NNTP) – Powers USENET newsgroups. – RFC 977 • Domain Name System (DNS) – Translates a fully qualified domain name (Example: www.loc.gov) into a numeric IP address (Example: 140.147.249.7). – RFC 1034 & 1035 SNMP and BOOTP • Simple Network Management Protocol (SNMP) – Network administrators use SNMP to manage TCP/IP network devices remotely. – RFC 1157 • Bootstrap Protocol (BOOTP) – Startup protocol that enables a workstation to discover configuration information including its IP address, router address, and DNS server address. DHCP • Dynamic Host Configuration Protocol (DHCP) – Assigns an IP address, router address, and other configuration parameters to a workstation during initialization. Transport Layer Protocols TCP • Transmission Control Protocol (TCP) – Establishes and manages the connection between the computers that are exchanging data. – Numbers the segments on the sending computer, reassembles the segments on the receiving computer, and ensures that the data is intact with no omissions or duplications. – RFC 793 UDP • User Datagram Protocol (UDP) – Connectionless protocol that does not require the negotiation and establishment of a session between the sending and receiving computers. – Because there is no provision for the resending of lost packets, UDP is considered to be an unreliable transport protocol. Internet Layer Protocols IP • Internet Protocol (IP) – Determines the best path for routing the packet to its destination address. – Addresses the packet accordingly. – Fragments the packet if it is too long for the network segment. ARP and RARP • Address Resolution Protocol (ARP) – Translates IP addresses into physical MAC addresses. – RFC 826 • Reverse Address Resolution Protocol (RARP) – Given the MAC address of a network device, RARP determines its IP address. – RFC 903 IGMP • Internet Group Management Protocol (IGMP) – Is used for multicasting, which is sending of a message from one computer to a group of IP addresses belonging to users who subscribe to the group. – RFC 1112 ICMP • Internet Control Message Protocol (ICMP) – TCP/IP uses ICMP for troubleshooting. – Routers and servers normally send error messages in ICMP packets. Network Access Layer Protocols Network Access Layer • Network Access Layer – Transforms the packets into a binary encoded stream of 0’s and 1’s for transmission over the physical network. – Then the NIC transforms the 0’s and 1’s into the signals that get transmitted physically over the network. TCP/IP Protocol Suite Demultiplexing Demultiplexing • Demultiplexing is the process of unpacking the message by processing and removing the headers added to the packets at each layer. – Consists of four stages, which are explained in the following slides. Stage 1 • On the receiving computer, the Network Access Layer takes a look at the packet and uses the MAC address to determine whether it should be processed here. • Packets that do not get processed here are ignored and passed on to other network nodes. Stage 2 • Packets that belong here pass up to the Internet Layer, which takes a look at the IP addressing in the packet to determine whether any further routing is required. Stage 3 • The Transport Layer takes a look at the TCP or UDP port number to determine which service needs to receive the message. Stage 4 • The Application Layer passes the message to the service or application that will act on the message. – If the message contains an HTTP request for a Web page, for example, the server answers by sending the page. Routing Routing • Routing is the process of determining the network path over which packets are sent. Types of Routing • Direct routing – When two computers on the same network communicate with each other. • Indirect routing – When the sending and receiving computers are not on the same local network. – The packets get sent to the MAC address of a router. – The router to which the packets first get sent is called the default gateway. Routing Table and Hops • Routing Information Table – Keeps track of the routes over which it will send packets to different networks to which the router is connected. • Hops – A hop is each trip between routers. – The number of routers between the source and destination is the hop count. Static and Dynamic Routes • Static routes – Must be updated only by manual changes made by the network administrator. • Dynamic routes – Learned when the router communicates with other routers to exchange information about new routes that have been added, or old routes that are no longer available. Routing Tables Routing Protocols • Routing protocols are used by routers to talk to each other about changes in routes. • There are two types of routing protocols: – Exterior routing protocols are used to communicate with routers outside an organization’s network. – Interior routing protocols are used to communicate with routers inside an organization’s network. EGP • External Gateway Protocol (EGP) – Exterior routing protocol is used to exchange net-reachability information between Internet gateways belonging to different autonomous systems. • An autonomous system is a set of routers under a single technical administration. – RFC 904 BGP • Border Gateway Protocol (BGP) – An exterior routing protocol where a border router keeps track of the status of neighboring AS’s and uses a pruning process to select optimum routes. – RFC 1267 & 1268 RIP • Routing Information Protocol (RIP) – Interior routing protocol where: • routers periodically send their information tables every thirty seconds across their network connections to their neighboring routers. – RFC 1058 & 2453 OSPF • Open Shortest Path First (OSPF) – Interior routing protocol where: • Changes in router tables get exchanged as soon as they happen, instead of having to wait for 30 seconds. • Only the changes get sent, instead of the whole table, thereby saving bandwidth. • Statistics on the transmission speed of multiple possible routes are exchanged. – RFC 2328 Port Number • Port numbers provide a fast way of determining which application should receive an incoming request. – Well known ports range from 0 to 1023. – Registered ports range from 1024 to 49151. – Dynamic or private ports range from 49152 to 65535. – For a complete listing, go to www.iana.org/assignments/port-numbers Well Known Ports Internet Addressing IP Addresses • An IP address consists of four bytes separated by periods. • Each byte is an eight-bit number that ranges in value from 0 to 255. – The smallest address is 0.0.0.0, while the largest is 255.255.255.255. • The number of IP addresses this scheme allows is 2564, which is 4,294,967,296. IP Addresses • The Internet Corporation for Assigned Names and Numbers (ICANN) is in charge of assigning IP addresses. • Every IP address consists of two basic parts: – Network ID – Host ID • The Network ID always comes first, followed by the host ID. • Depending on the size of the network, the Network ID occupies the first one, two, or three bytes in the IP address. • The remainder of the address is the host ID. Classes • Class A – The first byte is network ID, while the last three bytes are host ID. – The first byte ranges from 1 to 126. – These addresses are used by extremely large organizations. • Class B – The first two bytes are network ID, while the last two bytes are host ID. – The first byte ranges from 128 to 191. – These addresses are used by medium to large organizations. Classes • Class C – The first three bytes are network ID, while the last byte is host ID. – The first byte ranges from 192 to 223. – These addresses are used by small organizations. • Class D – All the four bytes are network ID. – The first byte ranges from 224 to 239. – These addresses are used for multicasting. • Class E – These addresses are reserved for future use and experimentation. – The first byte ranges from 240 to 255. IP Address Classes Loopback Address • Network ID 127 is reserved as the loopback address. • A diagnostic IP address reserved for testing purposes that redirects packets to the same computer that sent them. • Typically, 127.0.0.1 is used. Broadcast Address • A broadcast is a message that gets sent to all of the hosts on a network. • All host bits are set to 1 for a broadcast. – All 1’s in binary are equal to 255 in decimal. Broadcast Address • Limited Broadcast – Sent to 255.255.255.255 – Stays within the LAN because routers do not forward limited broadcasts. • Net-directed Broadcast – Sent to all the hosts on a given network. – For example, for the class B network 103.25.0.0, the net-directed broadcast address is 103.25.255.255. Broadcast Address • Subnet-directed broadcast – A broadcast message sent to all the nodes on a subnet. • Subnets are created when a large LAN is broken into smaller LANs. – All-subnet-directed broadcasts: • Send a message to all hosts on a network. • Are obsolete now due to multicasting. Zeros in IP Address • All bytes in the network ID cannot be zero. • All bytes in the host ID cannot be zero. • The IP address 0.0.0.0 is the source address used when a host broadcasts a request for an IP address. – It cannot be assigned to a host permanently. Private IP Addresses • Private IP addresses are used within autonomous systems. – Routers on the public Internet reject addresses in these ranges. • Class A private IP address range – 10.0.0.0 to 10.255.255.255 • Class B private IP address range – 172.16.0.0 to 172.31.255.255 • Class C private IP address range – 192.168.0.0 to 192.168.255.255 Subnet Masks • A subnet mask is a dotted quad number that enables the local network to determine whether any given IP address is internal or external to the local network. • A subnet mask is a series of 1’s followed by a series of 0’s. – The 1’s identify which bits go to the network ID. – The 0’s identify which bits go to the host ID. Subnet Masks • Following are the default subnet masks for each class of address for networks that have not been subnetted: – Class A: 255.0.0.0 – Class B: 255.255.0.0 – Class C: 255.255.255.0 Configuring TCP/IP • Computers must have an IP address and a subnet mask. • To communicate outside of their own local LAN, computers must also have a default gateway. DNS and WINS • The Internet uses the Domain Name System (DNS) to enable end users to access resources by name, such as www.loc.gov, instead of requiring users to type the site’s numeric IP address. • Windows has a naming system called Windows Internet Naming Service (WINS). – WINS allows computers to be known by their NetBIOS name (computer name). • All computers need either DNS or WINS. – Computers on the Internet should use DNS. TCP/IP Settings • TCP/IP settings can be: – Static – entered manually – Dynamic – learned from a DHCP server at startup • To configure your TCP/IP settings: – Right-click My Network Places (or Network Neighborhood) and choose Properties. – Right-click Local Area Network and choose Properties. – Double-click Internet Protocol (TCP/IP). • Protocol binding is the act of assigning a protocol to a network interface card. TCP/IP Settings Configuring Networks for Optimum Performance Tools • There are several tools used by network administrators to solve problems and to help tune a network’s performance: – Ping – Traceroute – Netstat – Ipconfig and winipcfg – Arp – Network analyzers ping • ping sends ICMP echo request packets to a destination IP address. – The destination returns the echo requests. – By default, ping sends four echo request packets. • Ping determines whether you can reach a node or device on the network. ping • To ping, go to Start | Programs | Accessories | Command prompt and then type ping followed by the IP address or DNS name of the device you wish to reach. traceroute • traceroute reports the path data follows as a packet winds its way over the network from the source to the destination computer. • From a command prompt, enter tracert (on a Windows PC) followed by the IP address or DNS address. traceroute netstat • netstat (network statistics) displays information about the connections that are open and the protocol processes that are currently running on a network host. – Run netstat from a command prompt. – Switches can be used – to see what switches are used, type netstat /? ipconfig • Use ipconfig to inspect the current IP configuration on computers with Windows NT/2000/XP/2003. – ipconfig can also be used to release, renew, or refresh the DHCP leases. • Run ipconfig from a command prompt. – For more details, run ipconfig /all winipcfg • winipcfg is an older version of ipconfig for Windows 95/98/Me. • Run winipcfg as follows: Start | Run | winipcfg arp • The Address Resolution Protocol (ARP) translates IP addresses into physical MAC addresses. • Use the command-line utility called arp to inspect the current contents of your computer’s ARP table. • Use arp –a to see your ARP table. Network Analyzers • A network analyzer enables a network administrator to capture and analyze packets crossing a network to: – Test connections – Send alerts – Sniff packets for analysis – Generate reports Internetworking Servers DNS • Actual IP addresses must be used to communicate over a TCP/IP network. • It would be difficult to learn and remember all the IP addresses of sites on the Internet you want to contact. • Therefore, users can remember (or guess) names of Internet sites instead of using their actual IP addresses. • The Domain Name System (DNS) was invented because people prefer to go to Internet sites using domain names, such as www.loc.gov, instead of numeric IP addresses, such as 140.147.249.7. DNS Servers • DNS servers convert between IP addresses and domain names. – Called domain name resolution DNS Name Space • The DNS system is powered by a hierarchically distributed database called the name space organized according to three levels: – Root level – Top level – Second level • Each level contains DNS servers that are in charge of keeping track of the domains in the next lower level. DNS Name Space DNS Service • Name server – Responds to a DNS query by replying with the IP address that corresponds to the domain name. • Name resolver – If the name server does not already know the IP address for the domain name in the request, then the name server calls upon a name resolver higher up the hierarchy. DNS Server Types • Root server – Resolves all of the top-level domains on the Internet. • Primary server – First DNS server in a domain. • Secondary server – One or more secondary servers can help share the name-serving load and provide backup in case the primary server goes down. DNS Record Types • Here are some of the common resource record types in the DNS database: Host Table • Before 1983, when DNS began evolving into an Internet standard, one huge file called the hosts table contained the name and IP address of every named host on the Internet. – Host tables can still be used to give a node a nickname, enhance performance on your local network, or on an isolated internal network. Host Table • To view the hosts table on your computer, traverse to c:\windows\system32\drivers\etc or c:\winnt\system32\drivers\etc and view the hosts file in Notepad. Proxy Server • A proxy server is a computer that serves as an intermediary between client workstations and the external network. Why Use a Proxy Server • Private IP address hiding – Proxy servers hide the internal addresses on the private network from the public Internet. • Public IP address pooling – Use less public addresses by overloading a public address with several private addresses. • Enhanced network security – Proxy server can block outside users. • Web content caching – Faster performance as a result of Web page caching. Why Use a Proxy Server • Transaction filtering – A proxy server can monitor the requests coming from the private network and block access to forbidden resources. • Transaction logging – A proxy server can record and timestamp the URLs, IP addresses, and external services accessed by clients running behind the proxy. Caching Server • A caching server speeds access to resources by making a local copy of resources requested from the network. – Web content and other kinds of documents and files can be served more quickly to subsequent users who request the same resources. Mirrored Server • A mirrored server is a computer whose data reads and writes are simultaneously executed on another computer. – Provides redundancy and fault tolerance in mission-critical operations. – On a single server, a redundant array of independent drives (RAID) controller can be used to mirror a drive. Certificate Server • Certificate servers issue digital certificates that network hosts use to digitally sign and encrypt messages using public-private key pairs. – Allow users to keep their data secure over the Internet. – Allow recipients to determine the authenticity of the information to make sure it is coming from a trusted source. Directory Server • A directory server is a stand-alone computer or server component in charge of managing a database that keeps track of all the users, passwords, resources, printers, servers, e-mail addresses, phone numbers, and departmental contacts throughout an organization’s network. X.500 and LDAP • To allow directory servers to communicate with each other and distribute the directory database over multiple networks, the ISO created a Directory Access Protocol (DAP) called X.500. • To streamline the process, the University of Michigan invented in 1993 a lighter version called the Lightweight Directory Access Protocol (LDAP) that can run over TCP/IP. Advantages of X.500 & LDAP • Synchronization – The directory on one server can synchronize with the directory on another server. • Replication – Part or all of the directory database on one server can copy itself onto another server. • Scalability – There is no limit to the size to which the directory can grow. Catalog Server • A catalog server uses robots called spiders that comb through a network’s files and create an index of everything they find. – This provides quicker access. Transaction Server • Transaction servers work behind the scenes in e-commerce to ensure that when a financial transaction occurs, all of the necessary databases get updated and related services receive proper notifications. – A transaction is a set of events that must be performed or rolled back simultaneously. Serving Internet Resources Web Servers • Web servers are standalone computers or server components that respond to HTTP requests from browsers and other kinds of Internet clients. – Web servers use the HTTP protocol and are sometimes called HTTP servers. Default File Names • When you visit a site without specifying a filename, the Web server responds by sending you the site’s default page. Web Server Logs • Web servers can log the hits to their Web pages. – Client access data such as the IP address – Referrer data reveals the URL that the user typed or clicked to reach the site – Error data that can be used for troubleshooting Web Root Folders • The Web root is the physical folder that represents the beginning of the server’s Web space. – Sites hosted on that server typically reside in subfolders off the root. Virtual Directories • A virtual directory is the name of a path to a Web folder that may reside anywhere in the host computer’s file space. – The physical location is often on a different drive allowing the workload to be distributed. • Aliases can be used to refer to a Web site or virtual directory. Access Control • Access to a Web site can be controlled through: – File permissions • Most Web servers observe the operating system’s file permission settings. – Authenticated user access control • To authenticate means to have a user log on by entering a username and password. • The site looks up in a database to find whether or not the user should be granted access. Permissions Web Gateways • A Web gateway runs a computer application consisting of one or more programs, or scripts, which generate the HTML response that the end user sees onscreen. – A user is communicating with a Web application instead of a traditional Web page. CGI • Web gateways may use the Common Gateway Interface (CGI) protocol. – Defines the manner in which form’s data, cookies, and other kinds of information in a Web request get submitted to the program or script. – The programs that respond to CGI requests are often referred to as CGI scripts. Mail Servers • Mail servers provide e-mail services. • Simple Mail Transfer Protocol (SMTP) defines the manner in which e-mail gets sent over the Internet. • There are several ways that mail gets formatted for transmission over the Internet. – MIME – Uuencoding – BinHex encoding MIME • Multipurpose Internet Mail Extensions (MIME) are a set of standards that specify the formatting of Internet message bodies, the media types of Internet files and message bodies, and the method for attaching files that do not consist of plain ASCII text. MIME Types Uuencoding and BinHex • Uuencoding is Unix-to-Unix encoding that was done manually prior to MIME. – Translates an 8-bit character stream of a binary (i.e. non-ASCII) file attachment into a stream of 7-bit characters. – Obsolete today. • BinHex encoding is to the Macintosh what uuencoding is to UNIX. Mailing List Servers • Behind the scenes, mailing list servers are powered by SMTP and are used for the listserv services. Streaming Media Servers • Microsoft, Apple, and Real Networks are the primary vendors of the streaming media services. – Uses UDP as opposed to TCP. FTP Servers • FTP servers allow you to transfer files over the Internet using FTP. • When running an FTP server: – Many brands of FTP servers transmit user names and passwords in clear text. – You may unknowingly expose files that you would not want the public to access. News Servers • News servers provide access to USENET newsgroups. • USENET newsgroup servers run on port 119, following the Network News Transport Protocol (NNTP). UNIX and Linux • UNIX and Linux listen for Internet requests through a program called inetd, which stands for Internet daemon. – The term daemon refers to any process that runs in the background, waiting to respond to certain kinds of requests. – The Internet daemon dispatches requests coming from the Internet to the server components that will handle them. Inetd Configuration File Microsoft Windows • When a Microsoft Windows server boots, the computer goes through a startup process that starts the Internet services. • The administrator decides which services will run and uses the Microsoft Management Console (MMC) to configure them. Microsoft Windows Microsoft Windows Microsoft Windows