Lesson 2 - UTSA.edu
Download
Report
Transcript Lesson 2 - UTSA.edu
Review of Operating Systems
Networks, and TCP/IP
Lesson 2
Computer System Basics
• Operating Systems
• Manage the computer’s resources
• Memory management
• Scheduling
• Access Controls
• Lots of different operating systems
• Win9X, Win2K, WinME, NT, Unix, Linux, VMS
What is an operating system?
Input/
Output
Command
Interpreter
Accounting
Communications
Operating
system
Security
Program
Development
Tools
Memory
Management
Scheduling
Networks
• What is a network?
•
•
•
•
Two or more systems connected together
LAN (local area network)
WAN (Wide area network)
MAN (metropolitan area network)
Network Topologies
• Topology – the physical arrangement of the network.
•
•
•
•
Completely Connected
Star
Ring
Bus
• Characteristics
•
•
•
•
•
# of connections
# of “hops”
Addition of new nodes
Fairness
Collisions and points of failure
Network Topologies
?
Network Topologies -- Star
Adv:
distance = 2 hops
connections = n-1
DisAdv:
1 point of failure
Fairness? Addition of new nodes? Congestion(collisions)?
Network Topologies -- Ring
Adv:
avg dist = (n-1)/2 hops
connections = n
DisAdv:
many points of
failure
Fairness (token)? Addition of new nodes? Congestion(collisions)?
Network Topology -- Bus
Adv:
distance = 1 “hop”
connections = n
Fairness? Addition of new nodes?
DisAdv:
Collisions
Protocols
• A protocol is an agreed upon format for
exchanging information.
• A protocol will define a number of parameters:
• Type of error checking
• Data compression method
• Mechanisms to signal reception of a transmission
• There are a number of protocols that have been
established in the networking world.
OSI Reference Model
• ISO standard describing 7 layers of protocols
• Application: Program-level communication
• Presentation: Data conversion functions, data format, data encryption
• Session: Coordinates communication between endpoints. Session state
•
•
•
•
maintained for security.
Transport: end-to-end transmission, controls flow of data
Network: routes data from one system to the next
Data Link: Handles physical passing of data between nodes
Physical: Manages the transmission media/HW connections
• Abstraction is the principle, you only have to communicate with
the layer directly above and below
TCP/IP Protocol Suite
• TCP/IP refers to two network protocols used on the
Internet:
• Transmission Control Protocol (TCP)
• Internet Protocol (IP)
• TCP and IP are only two of a large group of
protocols that make up the entire “suite”
• A “real-world” application of the layered concept.
• There is not a one-to-one relationship between the
layers in the TCP/IP suite and the OSI Model.
OSI and TCP/IP comparison
OSI Model
TCP/IP Protocol Suite
Application
Presentation
NFS
FTP, Telnet,
SSH, SMTP
HTTP, NNTP
Session
TCP,UDP
IP
ICMP
ARP
Data-link
Physical
Physical
Application-level
protocols
RPC
Transport
Network
SMB
Network-level
protocols
TCP/IP Protocol Suite
User
Process
User
Process
User
Process
TCP
User
Process
UDP
ICMP
IP
IGMP
ARP
HW
Interface
RARP
Media
Encapsulation of data
User Data
application
Appl
header
TCP
header
User Data
TCP
Application data
IP
TCP segment
IP
header
TCP
header
Application data
Ethernet
driver
IP Datagram
Ethernet
header
IP
header
TCP
header
Application data
Ethernet Frame
Ethernet
trailer
Ethernet
Demultiplexing of a received
Ethernet Frame
application
application
TCP
ICMP
IP
RARP
Ethernet
driver
Incoming Frame
application
UDP
IGMP
ARP
application
IP Header Packet Structure
32 Bits
Version head lngth
Identification
Time-to-live
Total Length
Type of Service
Flags
Frag Offset
Header Checksum
Source Address
Protocol
Destination Address
Options (if any)
Data
TCP Header Packet Structure
32 Bits
Source Port
Destination Port
Sequence Number
Acknowledgment Number
Data Offset Reserved Flags
Window
Checksum
Urgent Pointer
Options (if any)
Data
TCP establishes a “virtual circuit” between client and server.
Establishment of a TCP connection
(“3-way Handshake”)
Client sends connection request,
Specifying a port to connect to
On the server.
SYN
client
Server responds with both an
acknowledgement and a queue
for the connection.
Server
SYN/ACK
Server
client
Client returns an acknowledgement
and the circuit is opened.
ACK
client
Server
User Datagram Protocol (UDP)
UDP is a connectionless transport layer protocol that provides no reliability and
has no mechanism for connection establishment or termination.
UDP makes no guarantee about packet delivery. This “fire and forget” nature
means a packet is placed on the network and you just hope it gets to where it
was supposed to go to.
UDP is commonly used for network services that are not sensitive to an
occasional lost (dropped) packet.
Because of the relative overall reliability of the network, it has become less
important to have a guaranteed service and thus UDP is a good choice for many
streaming services.
Application Protocols
•
•
•
•
•
HTTP – HyperText Transfer Protocol
FTP – File Transfer Protocol
Telnet – A terminal communications facility
SMTP – Simple Mail Transfer Protocol
SSH – Secure SHell
Common Ports
• Common Ports used to facilitate communication
• HTTP: TCP port 80
• Telnet: TCP port 23
• FTP: TCP port 20 and 21
• SMTP: TCP port 25
• SSH: TCP port 22
• DNS: UDP and TCP port 53
• NETBIOS: TCP port 139
• Knowing your network means knowing your
active ports
Routing
• The overall process of delivering a packet from point A to point B.
• It is the job of the router to know where to send a packet in order to reach its
destination
• Routing tables are used to determine where to send a packet.
• Static: entries entered once and not updated
• Routing Information Protocol (RIP): entire tables shared on a periodic
basis. Not very efficient or secure.
• Open Shortest Path First (OSPF): Table maintained to determine what the
shortest path is to specific destinations. Tremendous overhead.
• Border Gateway Protocol (BGP): Peer routers (neighbors) exchange
routing information. Entire table initially loaded but subsequent changes
limited to updates.
IP Addressing
• We’re all familiar with the concept of URL’s and IP addresses, we’ve been
using them for a while. We normally like to recall the URL, not the IP
address but the network requires the address, DNS (Domain Name Service)
solves this problem for us.
• When you use a site’s name, your computer will send a DNS query to your local
DNS server, if it knows the address it will return it otherwise it will send a query
to a higher-level domain server, which may forward the query further up and so
forth until the address is obtained.
• There are two basic ways to assign an IP address to a computer:
• Static – an address is assigned to a specific system and stays with it
• DHCP (Dynamic Host Configuration Protocol) – a dynamic addressing scheme
that allows us to allocate IP addresses on a first-come, first-served basis. When a
device connects to the network, it queries a DHCP server to obtain an IP address
from a range of addresses. If the server runs out of addresses, the requestor is out
of luck.
• more people can access the network without using as many addresses
Network Address Translation (NAT)
• There are a limited number of IP addresses available and
not every system needs one.
• NAT was developed to provide a means to translate private
IP addresses into public IP addresses.
• A device (typically a router or firewall) will accomplish this translation
process.
Source: 63.69.110.110
Destination: 207.25.71.23
Source: 10.1.1.123
Destination: 207.25.71.23
Firewall
performs NAT
Source: 207.25.71.23
Destination: 10.1.1.123
Source: 207.25.71.23
Destination: 63.69.110.110
Network Address Translation
A modern NAT gateway must change the Source address on every outgoing
packet to be its single public address. It therefore also renumbers the Source
Ports to be unique, so that it can keep track of each client connection. The NAT
gateway uses a port mapping table to remember how it renumbered the ports for
each client's outgoing packets. The port mapping table relates the client's real
local IP address and source port plus its translated source port number to a
destination address and port. The NAT gateway can therefore reverse the process
for returning packets and route them back to the correct clients.
When any remote server responds to an NAT client, incoming packets arriving at
the NAT gateway will all have the same Destination address, but the destination
port number will be the unique Source Port number that was assigned by the
NAT. The NAT gateway looks in its port mapping table to determine which "real“
client address and port number a packet is destined for, and replaces these
numbers before passing the packet on to the local client.
Internet Control Message Protocol (ICMP)
ICMP uses the IP datagram delivery facility to send its messages.
IP Header
ICMP message
20 bytes
The format for the ICMP message is as follows:
8-bit type
8-bit code
16-bit checksum
(contents -- depends on type and code)
ICMP performs the following control, error reporting, and informational
Functions for TCP/IP:
- Flow Control
- Detecting unreachable destinations
- Redirecting routes
- Checking remote hosts (e.g. ping)
Internet Control Message Protocol (ICMP)
Type
0
3
3
3
5
8
11
13
14
Code
0
0
1
3
1
0
0
0
0
Message
Echo Reply
Net Unreachable
Host Unreachable
Port Unreachable
Host Redirect
Echo Request
Time-to-live exceeded
Timestamp Request
Timestamp Reply
DNS
• Domain Name System (service) – provides services that
translate host names to IP addresses and back again.
• Two modes of operation
• Communication to clients that need names resolved, accomplished
via UDP
• Transfer of large blocks of DNS records (to distribute the workload
of resolving addresses), done using TCP (known as a DNS zone
transfer).
• One of most common DNS servers is the Berkley Internet
Name Domain (BIND) DNS server available for most
UNIX systems as well as for Microsoft NT.
• Typically runs on port 53 using UDP and TCP
IPv4 versus IPv6
• From the IPv6 FAQ, what are the merits of IPv6?
• scalability:IPv6 uses 128bit address space. Address length is 4 times longer
•
•
•
•
than IPv4.
security:IPv6 basic specification includes security. It includes packet
encryption (ESP:Encapsulated Security Payload) and source authentication
(AH:Authentication Header).
[confidentiality and authentication]
real-time:To support real-time traffic such as video conference, IPv6 has
"Flow Label". Using flow label, routers can know which end-to-end flow a
packet belongs to, and then find out the packet which belongs to real-time
traffic.
[needed to allow for prioritization of traffic]
autoconfiguration:IPv6 basic specification includes address
autoconfiguration. So, even a novice user can connect their machine to
network.
specification optimization:IPv6 keeps good parts and discards old and
useless parts of IPv4.
IP Security (IPSEC)
• Optional in IPv4, supported in IPv6.
• Two major modes:
• Tunnel: encrypts both the data and header portions of
the packet.
• Transport: encrypts the data portion of the packet.
• Requires both ends to be using IPSEC (obviously,
since one end will encrypt, the other needs to be
able to decrypt).
About IPSEC
(from the IPSEC FAQ)
• IPsec = AH + ESP + IPcomp + IKE
• IPsec consists of a couple of separate protocols, listed below:
• Authentication Header (AH): provides authenticity guarantee for packets, by attaching
strong crypto checksum to packets. If you receive a packet with AH and the checksum
operation was successful, you can be sure about two things :
– The packet was originated by the expected peer. The packet was not generated by an
impersonator.
– The packet was not modified in transit.
• Encapsulating Security Payload (ESP): provides confidentiality guarantee for packets,
by encrypting packets with encryption algorithms. If you receive a packet with ESP and
successfully decrypted it, you can be sure that the packet was not wiretapped in the
middle.
• IP payload compression (IPcomp): ESP provides encryption service to the packets.
However, encryption tends to negatively impact compression on the wire. IPcomp
provides a way to compress packets before encryption by ESP (Of course, you can use
IPcomp alone if you wish to).
• Internet Key Exchange (IKE): AH and ESP need shared secret keys between peers. For
communication between distant locations, we need to provide ways to negotiate keys in
secrecy. IKE will make this possible.
Ethernet
• The most common physical layer protocol.
• A shared media protocol, collisions possible
• Uses CSMA/CD to control traffic
• Several different variations of Ethernet exist
•
•
•
•
•
10Base-2 : Thinnet (thin coax)
10Base-5: Thicknet (earliest version, thick coax)
10Base-T: Standard twisted pair Ethernet
100Base-T: Fast Ethernet
1000Base-T: Gigabit Ethernet
Summary
•
•
•
•
Computer System Basics
Network Topologies
Network Addressing
IPSEC