IP Addresses
Download
Report
Transcript IP Addresses
Architecting the Internet
Chapter 11
Learn how to…
•
•
•
•
Map the TCP/IP Model to the OSI Model.
Explain Internet addressing.
List network utilities for troubleshooting.
Explain how domain names map to IP
addresses.
• List the content and delivery services
provided to end users.
Understanding TCP/IP
Internet Architecture
IETF
• The Internet Engineering Task Force
(IETF) is the standards body in charge
of defining Internet protocols.
– Defines protocols through a Request for
Comments (RFC) process.
• IETF assigns protocols an RFC number and an
RFC maturity state.
– For more information, visit www.ietf.org
RFC Maturity States
• Proposed
– The protocol has been accepted for consideration
and may advance through the rest of the stages to
become an Internet standard.
• Draft
– The IETF is now considering adopting the protocol as
an Internet standard.
• Internet Standard
– The protocol passed the testing and proved its merit
on the Internet.
Special RFC Maturity States
• Experimental
– The protocol is not ready for testing outside carefullycontrolled laboratory situations.
• Historic
– The standard has become obsolete or unnecessary.
• Informational
– The standard is from a non-IETF vendor or standards
body.
RFC
• The complete list of RFCs is at
www.ietf.org/iesg/1rfc_index.txt
• To view an RFC, type its number in the
search engine at www.ietf.org/rfc.html
Application Layer Protocols
HTTP
• Hypertext Transfer Protocol (HTTP)
– Transfers hypertext Web pages across
the Internet.
– RFC 1945 for HTTP 1.0
– RFC 2616 for HTTP 1.1
FTP
• File Transfer Protocol (FTP)
– Is used when you log on to an FTP server
to transfer files over the Internet from one
computer to another.
– RFC 959
TFTP
• Trivial File Transfer Protocol (TFTP)
– Is a simpler form of FTP.
– Used by diskless workstations and some
routers to get their configuration files during
startup.
– Uses UDP.
– RFC 1350
Telnet and Gopher
• Telnet
– Terminal emulation protocol that enables
users to log on to remote host computers
over the Internet.
– RFC 854
• Gopher
– Distributed document search and retrieval.
– RFC 1436
SMTP
• Simple Mail Transfer Protocol (SMTP)
– Rules for transferring e-mail over the Internet.
– RFC 821
– Post Office Protocol version 3 (POP3) is a
related standard (RFC 1939) that specifies
how users retrieve their e-mail from a mail
server.
NNTP and DNS
• Network News Transfer Protocol
(NNTP)
– Powers USENET newsgroups.
– RFC 977
• Domain Name System (DNS)
– Translates a fully qualified domain name
(Example: www.loc.gov) into a numeric IP
address (Example: 140.147.249.7).
– RFC 1034 & 1035
SNMP and BOOTP
• Simple Network Management Protocol
(SNMP)
– Network administrators use SNMP to manage
TCP/IP network devices remotely.
– RFC 1157
• Bootstrap Protocol (BOOTP)
– Startup protocol that enables a workstation to
discover configuration information including its
IP address, router address, and DNS server
address.
DHCP
• Dynamic Host Configuration Protocol
(DHCP)
– Assigns an IP address, router address,
and other configuration parameters to
a workstation during initialization.
Transport Layer Protocols
TCP
• Transmission Control Protocol (TCP)
– Establishes and manages the connection
between the computers that are exchanging
data.
– Numbers the segments on the sending
computer, reassembles the segments on the
receiving computer, and ensures that the data
is intact with no omissions or duplications.
– RFC 793
UDP
• User Datagram Protocol (UDP)
– Connectionless protocol that does not require
the negotiation and establishment of a
session between the sending and receiving
computers.
– Because there is no provision for the
resending of lost packets, UDP is considered
to be an unreliable transport protocol.
Internet Layer Protocols
IP
• Internet Protocol (IP)
– Determines the best path for routing the
packet to its destination address.
– Addresses the packet accordingly.
– Fragments the packet if it is too long for the
network segment.
ARP and RARP
• Address Resolution Protocol (ARP)
– Translates IP addresses into physical MAC
addresses.
– RFC 826
• Reverse Address Resolution Protocol
(RARP)
– Given the MAC address of a network device,
RARP determines its IP address.
– RFC 903
IGMP
• Internet Group Management Protocol
(IGMP)
– Is used for multicasting, which is sending of
a message from one computer to a group of
IP addresses belonging to users who
subscribe to the group.
– RFC 1112
ICMP
• Internet Control Message Protocol
(ICMP)
– TCP/IP uses ICMP for troubleshooting.
– Routers and servers normally send error
messages in ICMP packets.
Network Access Layer Protocols
Network Access Layer
• Network Access Layer
– Transforms the packets into a binary encoded
stream of 0’s and 1’s for transmission over the
physical network.
– Then the NIC transforms the 0’s and 1’s into
the signals that get transmitted physically over
the network.
TCP/IP Protocol Suite
Demultiplexing
Demultiplexing
• Demultiplexing is the process of
unpacking the message by processing
and removing the headers added to the
packets at each layer.
– Consists of four stages, which are explained
in the following slides.
Stage 1
• On the receiving computer, the Network
Access Layer takes a look at the packet
and uses the MAC address to determine
whether it should be processed here.
• Packets that do not get processed here
are ignored and passed on to other
network nodes.
Stage 2
• Packets that belong here pass up to the
Internet Layer, which takes a look at the
IP addressing in the packet to determine
whether any further routing is required.
Stage 3
• The Transport Layer takes a look at the
TCP or UDP port number to determine
which service needs to receive the
message.
Stage 4
• The Application Layer passes the
message to the service or application
that will act on the message.
– If the message contains an HTTP request for
a Web page, for example, the server answers
by sending the page.
Routing
Routing
• Routing is the process of determining the
network path over which packets are sent.
Types of Routing
• Direct routing
– When two computers
on the same network
communicate with
each other.
• Indirect routing
– When the sending and
receiving computers
are not on the same
local network.
– The packets get sent
to the MAC address of
a router.
– The router to which
the packets first get
sent is called the
default gateway.
Routing Table and Hops
• Routing Information Table
– Keeps track of the routes over which it will
send packets to different networks to which
the router is connected.
• Hops
– A hop is each trip between routers.
– The number of routers between the source
and destination is the hop count.
Static and Dynamic Routes
• Static routes
– Must be updated only
by manual changes
made by the network
administrator.
• Dynamic routes
– Learned when the
router communicates
with other routers to
exchange information
about new routes that
have been added, or
old routes that are no
longer available.
Routing Tables
Routing Protocols
• Routing protocols are used by routers to
talk to each other about changes in routes.
• There are two types of routing protocols:
– Exterior routing protocols are used to
communicate with routers outside an
organization’s network.
– Interior routing protocols are used to
communicate with routers inside an
organization’s network.
EGP
• External Gateway Protocol (EGP)
– Exterior routing protocol is used to exchange
net-reachability information between Internet
gateways belonging to different autonomous
systems.
• An autonomous system is a set of routers under
a single technical administration.
– RFC 904
BGP
• Border Gateway Protocol (BGP)
– An exterior routing protocol where a border
router keeps track of the status of neighboring
AS’s and uses a pruning process to select
optimum routes.
– RFC 1267 & 1268
RIP
• Routing Information Protocol (RIP)
– Interior routing protocol where:
• routers periodically send their information tables
every thirty seconds across their network
connections to their neighboring routers.
– RFC 1058 & 2453
OSPF
• Open Shortest Path First (OSPF)
– Interior routing protocol where:
• Changes in router tables get exchanged as
soon as they happen, instead of having to wait
for 30 seconds.
• Only the changes get sent, instead of the whole
table, thereby saving bandwidth.
• Statistics on the transmission speed
of multiple possible routes are exchanged.
– RFC 2328
Port Number
• Port numbers provide a fast way of
determining which application should
receive an incoming request.
– Well known ports range from 0 to 1023.
– Registered ports range from 1024 to 49151.
– Dynamic or private ports range from
49152 to 65535.
– For a complete listing, go to
www.iana.org/assignments/port-numbers
Well Known Ports
Internet Addressing
IP Addresses
• An IP address consists of four bytes
separated by periods.
• Each byte is an eight-bit number that
ranges in value from 0 to 255.
– The smallest address is 0.0.0.0, while the
largest is 255.255.255.255.
• The number of IP addresses this scheme
allows is 2564, which is 4,294,967,296.
IP Addresses
• The Internet Corporation for Assigned Names
and Numbers (ICANN) is in charge of assigning
IP addresses.
• Every IP address consists of two basic parts:
– Network ID
– Host ID
• The Network ID always comes first, followed by
the host ID.
• Depending on the size of the network, the
Network ID occupies the first one, two, or three
bytes in the IP address.
• The remainder of the address is the host ID.
Classes
• Class A
– The first byte is network ID, while the last three bytes
are host ID.
– The first byte ranges from 1 to 126.
– These addresses are used by extremely large
organizations.
• Class B
– The first two bytes are network ID, while the last two
bytes are host ID.
– The first byte ranges from 128 to 191.
– These addresses are used by medium to large
organizations.
Classes
• Class C
– The first three bytes are network ID, while the last
byte is host ID.
– The first byte ranges from 192 to 223.
– These addresses are used by small organizations.
• Class D
– All the four bytes are network ID.
– The first byte ranges from 224 to 239.
– These addresses are used for multicasting.
• Class E
– These addresses are reserved for future use and
experimentation.
– The first byte ranges from 240 to 255.
IP Address Classes
Loopback Address
• Network ID 127 is reserved as the
loopback address.
• A diagnostic IP address reserved for
testing purposes that redirects packets
to the same computer that sent them.
• Typically, 127.0.0.1 is used.
Broadcast Address
• A broadcast is a message that gets sent
to all of the hosts on a network.
• All host bits are set to 1 for a broadcast.
– All 1’s in binary are equal to 255 in decimal.
Broadcast Address
• Limited Broadcast
– Sent to 255.255.255.255
– Stays within the LAN because routers do not
forward limited broadcasts.
• Net-directed Broadcast
– Sent to all the hosts on a given network.
– For example, for the class B network
103.25.0.0, the net-directed broadcast
address is 103.25.255.255.
Broadcast Address
• Subnet-directed broadcast
– A broadcast message sent to all the nodes on
a subnet.
• Subnets are created when a large LAN is broken
into smaller LANs.
– All-subnet-directed broadcasts:
• Send a message to all hosts on a network.
• Are obsolete now due to multicasting.
Zeros in IP Address
• All bytes in the network ID cannot be zero.
• All bytes in the host ID cannot be zero.
• The IP address 0.0.0.0 is the source
address used when a host broadcasts a
request for an IP address.
– It cannot be assigned to a host permanently.
Private IP Addresses
• Private IP addresses are used within
autonomous systems.
– Routers on the public Internet reject
addresses in these ranges.
• Class A private IP address range
– 10.0.0.0 to 10.255.255.255
• Class B private IP address range
– 172.16.0.0 to 172.31.255.255
• Class C private IP address range
– 192.168.0.0 to 192.168.255.255
Subnet Masks
• A subnet mask is a dotted quad number
that enables the local network to
determine whether any given IP address is
internal or external to the local network.
• A subnet mask is a series of 1’s followed
by a series of 0’s.
– The 1’s identify which bits go to the
network ID.
– The 0’s identify which bits go to the host ID.
Subnet Masks
• Following are the default subnet masks for
each class of address for networks that
have not been subnetted:
– Class A: 255.0.0.0
– Class B: 255.255.0.0
– Class C: 255.255.255.0
Configuring TCP/IP
• Computers must have an IP address and
a subnet mask.
• To communicate outside of their own local
LAN, computers must also have a default
gateway.
DNS and WINS
• The Internet uses the Domain Name System
(DNS) to enable end users to access resources
by name, such as www.loc.gov, instead of
requiring users to type the site’s numeric IP
address.
• Windows has a naming system called Windows
Internet Naming Service (WINS).
– WINS allows computers to be known by their
NetBIOS name (computer name).
• All computers need either DNS or WINS.
– Computers on the Internet should use DNS.
TCP/IP Settings
• TCP/IP settings can be:
– Static – entered manually
– Dynamic – learned from a DHCP server at startup
• To configure your TCP/IP settings:
– Right-click My Network Places (or Network
Neighborhood) and choose Properties.
– Right-click Local Area Network and choose
Properties.
– Double-click Internet Protocol (TCP/IP).
• Protocol binding is the act of assigning a
protocol to a network interface card.
TCP/IP Settings
Configuring Networks for
Optimum Performance
Tools
• There are several tools used by network
administrators to solve problems and to
help tune a network’s performance:
– Ping
– Traceroute
– Netstat
– Ipconfig and winipcfg
– Arp
– Network analyzers
ping
• ping sends ICMP echo request packets to
a destination IP address.
– The destination returns the echo requests.
– By default, ping sends four echo request
packets.
• Ping determines whether you can reach a
node or device on the network.
ping
• To ping, go to Start | Programs |
Accessories | Command prompt and then
type ping followed by the IP address or
DNS name of the device you wish to
reach.
traceroute
• traceroute reports the path data follows
as a packet winds its way over the network
from the source to the destination
computer.
• From a command prompt, enter tracert (on
a Windows PC) followed by the IP address
or DNS address.
traceroute
netstat
• netstat (network statistics) displays
information about the connections that are
open and the protocol processes that are
currently running on a network host.
– Run netstat from a command prompt.
– Switches can be used – to see what switches
are used, type netstat /?
ipconfig
• Use ipconfig to inspect the current IP
configuration on computers with Windows
NT/2000/XP/2003.
– ipconfig can also be used to release, renew,
or refresh the DHCP leases.
• Run ipconfig from a command prompt.
– For more details, run ipconfig /all
winipcfg
• winipcfg is an older version of ipconfig
for Windows 95/98/Me.
• Run winipcfg as follows:
Start | Run | winipcfg
arp
• The Address Resolution Protocol (ARP)
translates IP addresses into physical
MAC addresses.
• Use the command-line utility called arp
to inspect the current contents of your
computer’s ARP table.
• Use arp –a to see your ARP table.
Network Analyzers
• A network analyzer enables a network
administrator to capture and analyze
packets crossing a network to:
– Test connections
– Send alerts
– Sniff packets for analysis
– Generate reports
Internetworking Servers
DNS
• Actual IP addresses must be used to
communicate over a TCP/IP network.
• It would be difficult to learn and remember all the
IP addresses of sites on the Internet you want to
contact.
• Therefore, users can remember (or guess)
names of Internet sites instead of using their
actual IP addresses.
• The Domain Name System (DNS) was
invented because people prefer to go to Internet
sites using domain names, such as www.loc.gov,
instead of numeric IP addresses, such as
140.147.249.7.
DNS Servers
• DNS servers convert between IP
addresses and domain names.
– Called domain name resolution
DNS Name Space
• The DNS system is powered by a
hierarchically distributed database called
the name space organized according to
three levels:
– Root level
– Top level
– Second level
• Each level contains DNS servers that are
in charge of keeping track of the domains
in the next lower level.
DNS Name Space
DNS Service
• Name server
– Responds to a DNS
query by replying with
the IP address that
corresponds to the
domain name.
• Name resolver
– If the name server
does not already know
the IP address for
the domain name in
the request, then the
name server calls
upon a name resolver
higher up the
hierarchy.
DNS Server Types
• Root server
– Resolves all of the top-level domains on the
Internet.
• Primary server
– First DNS server in a domain.
• Secondary server
– One or more secondary servers can help
share the name-serving load and provide
backup in case the primary server goes down.
DNS Record Types
• Here are some of the common resource record
types in the DNS database:
Host Table
• Before 1983, when DNS began evolving
into an Internet standard, one huge file
called the hosts table contained the name
and IP address of every named host on
the Internet.
– Host tables can still be used to give a node a
nickname, enhance performance on your
local network, or on an isolated internal
network.
Host Table
• To view the hosts table on your computer,
traverse to c:\windows\system32\drivers\etc or
c:\winnt\system32\drivers\etc and view the hosts
file in Notepad.
Proxy Server
• A proxy server is a computer that serves
as an intermediary between client
workstations and the external network.
Why Use a Proxy Server
• Private IP address hiding
– Proxy servers hide the internal addresses on the
private network from the public Internet.
• Public IP address pooling
– Use less public addresses by overloading a public
address with several private addresses.
• Enhanced network security
– Proxy server can block outside users.
• Web content caching
– Faster performance as a result of Web page caching.
Why Use a Proxy Server
• Transaction filtering
– A proxy server can monitor the requests coming from
the private network and block access to forbidden
resources.
• Transaction logging
– A proxy server can record and timestamp the URLs,
IP addresses, and external services accessed by
clients running behind the proxy.
Caching Server
• A caching server speeds access to
resources by making a local copy of
resources requested from the network.
– Web content and other kinds of documents
and files can be served more quickly to
subsequent users who request the same
resources.
Mirrored Server
• A mirrored server is a computer whose
data reads and writes are simultaneously
executed on another computer.
– Provides redundancy and fault tolerance in
mission-critical operations.
– On a single server, a redundant array of
independent drives (RAID) controller can be
used to mirror a drive.
Certificate Server
• Certificate servers issue digital
certificates that network hosts use to
digitally sign and encrypt messages using
public-private key pairs.
– Allow users to keep their data secure over the
Internet.
– Allow recipients to determine the authenticity
of the information to make sure it is coming
from a trusted source.
Directory Server
• A directory server is a stand-alone
computer or server component in charge
of managing a database that keeps track
of all the users, passwords, resources,
printers, servers, e-mail addresses, phone
numbers, and departmental contacts
throughout an organization’s network.
X.500 and LDAP
• To allow directory servers to communicate with
each other and distribute the directory database
over multiple networks, the ISO created a
Directory Access Protocol (DAP) called X.500.
• To streamline the process, the University of
Michigan invented in 1993 a lighter version
called the Lightweight Directory Access
Protocol (LDAP) that can run over TCP/IP.
Advantages of X.500 & LDAP
• Synchronization
– The directory on one server can synchronize
with the directory on another server.
• Replication
– Part or all of the directory database on one
server can copy itself onto another server.
• Scalability
– There is no limit to the size to which the
directory can grow.
Catalog Server
• A catalog server uses robots called
spiders that comb through a network’s files
and create an index of everything they
find.
– This provides quicker access.
Transaction Server
• Transaction servers work behind the
scenes in e-commerce to ensure that
when a financial transaction occurs, all
of the necessary databases get updated
and related services receive proper
notifications.
– A transaction is a set of events that must be
performed or rolled back simultaneously.
Serving Internet Resources
Web Servers
• Web servers are standalone computers or
server components that respond to HTTP
requests from browsers and other kinds of
Internet clients.
– Web servers use the HTTP protocol and are
sometimes called HTTP servers.
Default File Names
• When you visit a site without specifying a
filename, the Web server responds by
sending you the site’s default page.
Web Server Logs
• Web servers can log the hits to their Web
pages.
– Client access data such as the IP address
– Referrer data reveals the URL that the user
typed or clicked to reach the site
– Error data that can be used for
troubleshooting
Web Root Folders
• The Web root is the physical folder that
represents the beginning of the server’s
Web space.
– Sites hosted on that server typically reside in
subfolders off the root.
Virtual Directories
• A virtual directory is the name of a path
to a Web folder that may reside anywhere
in the host computer’s file space.
– The physical location is often on a different
drive allowing the workload to be distributed.
• Aliases can be used to refer to a Web site
or virtual directory.
Access Control
• Access to a Web site can be controlled
through:
– File permissions
• Most Web servers observe the operating system’s
file permission settings.
– Authenticated user access control
• To authenticate means to have a user log on by
entering a username and password.
• The site looks up in a database to find whether or
not the user should be granted access.
Permissions
Web Gateways
• A Web gateway runs a computer
application consisting of one or more
programs, or scripts, which generate the
HTML response that the end user sees
onscreen.
– A user is communicating with a Web
application instead of a traditional Web page.
CGI
• Web gateways may use the Common
Gateway Interface (CGI) protocol.
– Defines the manner in which form’s data,
cookies, and other kinds of information in a
Web request get submitted to the program
or script.
– The programs that respond to CGI requests
are often referred to as CGI scripts.
Mail Servers
• Mail servers provide e-mail services.
• Simple Mail Transfer Protocol (SMTP) defines
the manner in which e-mail gets sent over the
Internet.
• There are several ways that mail gets formatted
for transmission over the Internet.
– MIME
– Uuencoding
– BinHex encoding
MIME
• Multipurpose Internet Mail Extensions
(MIME) are a set of standards that specify
the formatting of Internet message bodies,
the media types of Internet files and
message bodies, and the method for
attaching files that do not consist of plain
ASCII text.
MIME Types
Uuencoding and BinHex
• Uuencoding is Unix-to-Unix encoding that
was done manually prior to MIME.
– Translates an 8-bit character stream of a
binary (i.e. non-ASCII) file attachment into
a stream of 7-bit characters.
– Obsolete today.
• BinHex encoding is to the Macintosh what
uuencoding is to UNIX.
Mailing List Servers
• Behind the scenes, mailing list servers
are powered by SMTP and are used for
the listserv services.
Streaming Media Servers
• Microsoft, Apple,
and Real
Networks are the
primary vendors
of the streaming
media services.
– Uses UDP as
opposed to TCP.
FTP Servers
• FTP servers allow you to transfer files
over the Internet using FTP.
• When running an FTP server:
– Many brands of FTP servers transmit user
names and passwords in clear text.
– You may unknowingly expose files that you
would not want the public to access.
News Servers
• News servers provide access to USENET
newsgroups.
• USENET newsgroup servers run on port
119, following the Network News Transport
Protocol (NNTP).
UNIX and Linux
• UNIX and Linux listen for Internet requests
through a program called inetd, which
stands for Internet daemon.
– The term daemon refers to any process that
runs in the background, waiting to respond to
certain kinds of requests.
– The Internet daemon dispatches requests
coming from the Internet to the server
components that will handle them.
Inetd Configuration File
Microsoft Windows
• When a Microsoft Windows server boots,
the computer goes through a startup
process that starts the Internet services.
• The administrator decides which services
will run and uses the Microsoft
Management Console (MMC) to configure
them.
Microsoft Windows
Microsoft Windows
Microsoft Windows