Download ch13

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

SIP extensions for the IP Multimedia Subsystem wikipedia , lookup

Airborne Networking wikipedia , lookup

TCP congestion control wikipedia , lookup

Distributed firewall wikipedia , lookup

Low Pin Count wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Computer network wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Point-to-Point Protocol over Ethernet wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Internet protocol suite wikipedia , lookup

Lag wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

AppleTalk wikipedia , lookup

RapidIO wikipedia , lookup

Net bias wikipedia , lookup

CAN bus wikipedia , lookup

IEEE 1355 wikipedia , lookup

VMEbus wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Deep packet inspection wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Real-Time Messaging Protocol wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript
Chapter 13
Ethernet and TCP/IP Networking
13.1 (BL1+) Obviously there are a lot of possible answers to this question. Here are some of the most
probable student choices:
ftp: file transfer protocol; used to move files from one system to another
smtp: simple mail transfer protocol; used by mail servers to relay mail messages; by mail clients to
send mail to a mail server
pop3: post office protocol; used by a mail client to receive mail messages from a mail server
imap: internet message access protocol; used by a mail client to receive mail messages from a mail
server
ssh: secure shell; used to connect to a server securely
finger: finger user information protocol; used to retrieve information about a user from a remote
system
rtp: real-time transport protocol; used to deliver streaming audio and video over the Internet
It should be noted that ping is NOT an application level protocol; rather, it is a utility connected to
ICMP, which is an IP level protocol used for providing control information on a netowrk.
13.2 (BL2) The DNS is arranged in a hierarchy, similar to a directory tree, with a root at the top. Each
member of the tree consists of a server or cluster of servers whose contents consist of a directory of
IP addresses representing entry points for the next lower level on the hierarchy. The IP addresses
are used to access the directory servers at the next lower level. A DNS search involves working
down the tree until the entry containing the desired IP address is obtained.
13.3 (BL2) An authoritative domain server is one that holds officially registered domain names with the
corresponding addresses for the domain host and its subdomain hosts, if any. As such it represents
the last lookup required to determine the IP address for a particular domain name.
A local domain DNS server is simply a server responsible for locating a required IP address and
serving it to a DNS client, and then to the HTTP client application.
13.4 (BL1+) The DNS root server is the master directory for the entire Internet. The root server contains
IP address entries for each of the top-level domains, both generic and country-code.
13.5 (BL2-) One obtains a URL from one of a number of registrars authorized to assign domain names
by the Internet Corporation for Assigned Names and Numbers (ICANN).
13.6 (BL2) A large site will have many IP addresses associated with a single domain name. The DNS
database will maintain a list of all the IP addresses for the domain name, and will respond to a
request with the entire list. However, the list will be ordered differently for each request. Assuming
that a DNS client normally accepts the IP address at the top of the list, the IP addresses used will be
distributed approximately evenly over a large number of requests, providing load balancing.
13.7 (BL3) This problem requires external research, since it goes beyond the discussion in the text.
Data in TCP flows in both directions, therefore each TCP header has both a sequence number and
an acknowledgment number, which operate identically. Considering only one direction, the sender
generates a random 32-bit number and places it in the header of the packet that is used to establish
the connection. This number establishes a starting point for the data to follow. The connection
packet uses the first number, so the starting point number actually starts at the next larger number.
All the data that follows is numbered by byte, starting from the pre-established starting point. Each
subsequent packet contains a sequence number that corresponds to the byte number of the first byte
in the packet. Thus, the receiving TCP knows exactly how many bytes should have been received
prior to receipt of this packet, as well as the sequence order of each packet.
In acknowledgment, the receiving TCP sends the number of the last byte successfully received,
plus one. This corresponds to the next byte that it expects to receive, which allows the sender to
determine errors and missing packets, and to resend those packets.
13.8 (BL2-) The IP datagram requires separate fields for header-length and total length because both the
header and the data fields are of variable size. The header size can vary between 20 and 60 bytes,
and the data can vary between 0 and 65515 (i.e. 65535 minus the minimum header) bytes.
13.9 (BL2) IP domain addresses are assigned in batches, rather than as a single IP address. Thus, part of
a 32-bit IP address identifies the domain, the remainder of the bits in the address identify a
particular host within the domain network. An IP address mask allows separation of the domain
part of the IP address from the individual host address within the network.
The address 222.44.66.88/24 indicates that the first 24 bits of the address are the domain, the
remaining eight bits identify the host address within the network. The domain is thus 222.44.66.nn,
where nn is any address from 0 to 255. This mask indicates that the IP address supports a network
of up to 256 machines. The particular machine in this case is machine 88.
Similarly, the address 200.40.60.80/26 indicates that the domain is 26 bits long; the domain
identifier is thus 200.40.60.[the first two bits of the last octet]. Since the given address is 80, the
host address must begin with 01, (i.e. 0 x 128 + 1 x 64) and therefore the domain address is
200.40.60.64. The remaining six bits support 64 addressable hosts, with IP addresses ranging from
200.40.60.64 to 200.40.60.127.
13.10 (BL2) A DHCP lease is an agreement in which a network node, or client, negotiates and accepts an
IP address from a DHCP server for a fixed period of time. The DHCP server contains a pool of IP
addresses for this purpose. When the lease expires, the client must either negotiate for extension or
renewal of the lease or must stop using the leased IP address. This process is known as dynamic
address allocation.
13.11 (BL2+) The purpose of the Address Resolution Protocol is to establish a match between an IP
address and a MAC address. Communication at the data link layer requires the use of physical
addresses. To obtain the physical address corresponding to an IP address, the sender broadcasts an
ARP request packet to all the nodes on the network. The ARP request packet contains the sending
node's IP address and physical address, plus the IP address for which the physical address is
requested. All nodes receive the request, but the node with the corresponding IP address is the only
one to respond. It sends an ARP response packet with its MAC address directly to the sender's
physical address. The sending node will cache the matching pair of addresses for a period of time
to eliminate the need to repeat the ARP request for subsequent packets with the same destination
address.
13.12 (BL3) Note: this is a difficult problem. The successful transmission of data requires that any
combination of bits be transmittable as data. If a particular sequence of bits is used as a
synchronization sequence, then there must be a way to distinguish the synchronization sequence
from an identical bit pattern within the data. This concept is called transparency. The usual way is
to have the sending system modify the pattern when it is seen in the data sequence by augmenting a
subset of the sequence with a bit that makes the pattern different. This technique is called bit
stuffing. (Neither transparency nor bit stuffing are defined in the book.) For example, the data
pattern 11001001 could be changed to 110010010 every time it occurs. This guarantees that the
pattern 110010011 can never occur in the transmitted data. The actual data pattern 110010011
would be transmitted as 1100100101. At the receiving end, the extra bit is removed, and the
original data is restored. There are other subsets that could be used. Bit stuffing and unstuffing take
place at the data link layer, since these processes are directly concerned with the physical
transmission of data between the nodes.
13.13(BL2+) The fundamental concepts incorporated in ALOHANet are very similar to those of
Ethernet. Each allows a station to initiate a request at any time the channel is open. Each requires
the transmitting station to listen to the channel for collisions. When a collision occurs, each
requires a station to cease transmission and to wait a random amount of time before attempting
transmission again. The primary differences between ALOHANet and Ethernet are in the medium,
in the signaling method, and in the distances between stations. Ethernet is multidrop bus based,
using digital signaling. ALOHANet is radio based, using analog signaling. This difference is not
important operationally. The distance between stations is a more serious consideration. Because
the distances are large, there is a considerable length of time during which a collision is possible.
This means that collisions are more likely, lowering performance capability. ALOHANet could be
expected to perform satisfactorily under light traffic conditions, but unsatisfactorily when traffic is
heavy.
13.14 (BL2) The primary use for bus-based Ethernet operation is in wireless networking, where the
nature of the medium makes this methodology necessary. Bus-based Ethernet is also occasionally
used for short term temporary networking when a network switch is not readily available. In older
systems, bus-based Ethernet is occasionally seen because the cost of a hub used to be much less
expensive than the cost of a switch, but this is no longer the case.
Bus-based Ethernet requires that all nodes share the bus; thus the speed of the bus is, at best,
inversely proportional to the number of nodes. With collisions, the actual speed may be somewhat
less; in the worst case, traffic can make the network essentially unavailable. There is also an
inherent6 security issue, since all traffic on the bus is available throughout the bus, making packet
sniffing easy.
Therefore, except for wireless networking, most modern systems use switched Ethernet. Switched
Ethernet provides full connection speed to every pair of communicating nodes, eliminates collision
and traffic issues, and makes packet sniffing more difficult.
13.15. This is a project exercise.
13.16 (BL2+) Since only the token holder may place a message on the bus, the possibility of a collision is
eliminated. Furthermore, an NIU is guaranteed access to the bus to transmit a message regardless
of the level of traffic and the maximum delay before access is granted can be calculated. Every
NIU must be able to access the bus before any other NIU gets repeat access. In contrast,
performance of a CSMA/CD-based Ethernet bus deteriorates rapidly with increasing traffic,
because the probability of collisions increases as more NIUs attempt to access the bus and fail,
causing multiple retries. Therefore, under heavy network loads, the token bus approach is
preferable because it provides an orderly approach to the use of the bus.
Under light load, the 5token bus introduces unnecessary delays because of the overhead. To access
the bus, an NIU has to wait for the token to be passed around, even if no other NIU is attempting to
access the bus. Thus, CSMA/CD is preferable under light loads.
13.17 (BL3) This is a research exercise, with a number of possible solutions. One viable solution is to
use the Internet as a wide area network, with each branch and the headquarters connected to the
Internet through an appropriately sized connection to an ISP. It is also possible to use one of the
alternative technologies presented in Chapter 12 illustrated in the discussion of MANs and WANs,
and revisited in Section 13.8 of the text.
13.19 (BL2) TCP offers a reliable connection for the transmission of messages. Messages are transmitted
as virtual byte streams, in both directions. UDP transmits packets independently, with no guarantee
of delivery and minimal error checking. UDP also limits packet size to the size of a UDP packet,
since each packet is independent with no method for sequencing multiple packets that fcontain an
extended message. As such, TCP is strongly preferred for this type of communication.
11.20 (BL3) QoS is concerned primarily with the consistent and smooth transmission of streaming data
requiring high bandwidth, such as video or high quality audio. The necessary "qualities" for this
capability are sufficient bandwidth, preferential treatment for the packets that make up the stream,
and consistent time delay from packet to packet.
One approach is to transmit the packets over virtual circuits, with priorities built in to the circuits
that allow streaming packets first access to the circuits. This approach is utilized in such protocols
as ATM. It is not suitable for normal Internet use, because the Internet is based on packet
switching, and there are limited means for controlling priorities at the various routers. An
alternative approach is to use the upgraded facilities offered by some Internet services, and known
as differentiated service. In DS, an application establishes a class of service, and routes packets
through routers that are designed to prioritize packet transmission on the basis of a DS field set by
the application.
These methods may be categorized as similar attempts to reserve and prioritize channel capacity
for packets requiring QoS. In addition, contracts with carrier services may be designed to include
guarantees of throughput, delay, and jitter.
13.21 (BL3) In network security, nonrepudiation is defined as the ability of the receiver of a message to
prove that the sender did, indeed, send the message, so that a sender cannot deny that (s)he actually
sent a message. To establish nonrepudiation, it is necessary to establish both message
authentication and message integrity. Authentication verifies the identities of both sender and
recipient; message integrity assures that the message received is the same as the message sent, i.e.
the message has not been tampered with or altered during transmission through the network.
In a typical business scenario, authentication verifies the identity of someone making an online
purchase of a product from a seller. Nonrepudiation makes it possible for the seller to verify that
the buyer actually ordered the product; this prevents the buyer from making a claim later that (s)he
did not actually order the product, and refusing to pay for the product.
13.22 (BL2+) This is a laboratory project. Among other features that a student should note about ,
WireShark are the following:
WireShark can distinguish and sort packets from different sources, from different network
applications.
WireShark can reassemble packets into messages.
WireShark can decrypt a substantial percentage of packets that are not well encrypted.
These capabilities and others make it possible to read a sender's messages. The security
implications are obvious: stolen passwords that allow access to supposedly secure systems, stolen
identities that can be used to undermine a person's financial stability and privacy, stolen trade
secrets and work, and much more.