Transcript Chapter 2
FIREWALLS & NETWORK SECURITY with
Intrusion Detection and VPNs, 2nd ed.
2
An Introduction to
Networking
By Whitman, Mattord, & Austin
© 2008 Course Technology
Learning Objectives
Upon completion of this chapter, you should be able to:
Describe the basic elements of computer-based data
communication
Know the key entities and organizations behind current
networking standards, as well as the purpose of and
intent behind the more widely used standards
Explain the nature and intent of the OSI reference model
and list and describe each of the model’s seven layers
Describe the nature of the Internet and the relationship
between the TCP/IP protocol and the Internet
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 2
Networking Fundamentals
Fundamental exchange of information: sender
communicates message to receiver over some
medium
Communication only occurs when recipient is
able to receive, process, and comprehend
message
One-way flow of information is called a channel
When recipient becomes a sender, for example
by responding to original sender’s message, this
two-way flow is called a circuit
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 3
Networking Fundamentals (continued)
Any medium may be subject to interference,
called noise, which occurs in variety of forms
– Attenuation: loss of signal strength as signal
moves across media
– Crosstalk: occurs when one transmission
“bleeds” over to another
– Distortion: unintentional variation of
communication over media
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 4
Networking Fundamentals (continued)
Any medium may be subject to interference,
called noise, which occurs in variety of forms
(continued)
– Echo: reflection of a signal due to equipment
malfunction or poor design
– Impulse: sudden, short-lived increase in signal
frequency or amplitude, also known as a spike
– Jitter: signal modification caused by
malfunctioning equipment
– White noise: unwanted noise due to signal
coming across medium at multiple frequencies
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 5
Reasons to Network
Data communications: exchange of messages
across a medium
Networking: interconnection of groups or
systems with purpose of exchanging information
Some reasons to build a network:
– To exchange information
– To share scarce or expensive resources
– To allow distributed organizations to act as if
centrally located
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 6
Types of Networks
Networks can be categorized by:
– Components: peer-to-peer (P2P), server-based,
distributed multi-server
– Size: local area network (LAN), metropolitan area
network (MAN), wide area network (WAN)
– Layout or topology: physical (ring, bus, star,
hierarchy, mesh, hybrid), logical (bus, star)
– Media: guided (wired), unguided (wireless)
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 7
Network Standards
Among the agencies that work on data
communications standards are:
–
–
–
–
–
Internet Society (ISOC)
Internet Assigned Numbers Authority (IANA)
American National Standards Institute (ANSI)
International Telecommunication Union (ITU)
Institute of Electrical and Electronics Engineers
(IEEE)
– Telecommunications Industry Association (TIA)
– International Organization for Standardization
(ISO)
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 8
OSI Reference Model and Security
OSI reference model allocates functions of
network communications into seven distinct
layers, each with its own functions and protocols
Premise of model is information sent from one
host is translated and encoded through various
layers, from Application layer to Physical layer
Physical layer initiates transmission to receiver
Receiver translates and decodes message by
processing information through each layer in
reverse order
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 9
The Physical Layer
The primary function of the Physical layer is to
place the transmission signal carrying the
message onto the communications media—that
is, to put “bits on a wire”
The functions of the Physical layer are:
– Establish and terminate the physical and logical
connection to the media
– Manage the flow and communication on the
media
– Embed the message onto the signal carried
across the physical media
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 10
Network Media
Dominant media types and standards include:
–
–
–
–
–
–
Coaxial cable
Fiber-Optic cable
Twisted-pair wire
Wireless LAN
Bluetooth
Infrared
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 11
Embedding the Message
Method used to embed message on signal
depends on type of message and type of signal
Two types of message (or information):
– Analog information: continuously varying source
(such as voice communications)
– Digital information: discrete, between a few
values (such as computer communications)
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 12
Embedding the Message (continued)
Multiplexing combines several circuits to create
high-bandwidth stream to carry multiple signals
long distances
Three dominant multiplexing methods are:
– Frequency division multiplexing (FDM): combines
voice channels
– Time division multiplexing (TDM): assigns a time
block to each client
– Wave division multiplexing (WDM): uses different
frequencies of light so multiple signals can travel
on same fiber-optic cable
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 13
Managing Communication
Bit (or signal) flow conducted in several ways:
– Simplex transmissions: flow one way through a
medium
– Half-duplex transmissions: flow either way, but in
only one direction at a time
– Full-duplex transmissions: can flow both ways at
the same time
– Serial transmissions: flow one bit at a time down
a single communications channel
– Parallel transmissions: flow multiple bits at a time
down multiple channels
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 14
Managing Communication (continued)
Asynchronous (or timing-independent)
– Formulate data flow so each byte or character
has its own start and stop bit
– Used in older modem-based data transfers to
send individual characters between systems
Synchronous (or timing-dependent)
– Use computer clocking to transmit data in
continuous stream between two systems
– Clock synchronization makes it possible for end
nodes to identify start and end of data flow
– This protocol is much more efficient
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 15
Data Link Layer
Primary networking support layer
Referred to as first “subnet” layer because it
provides addressing, packetizing, media access
control, error control, and some flow control for
local network
In LANs, it handles client-to-client and client-toserver communications
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 16
Data Link Layer (continued)
DLL is further divided into two sublayers:
– Logical Link Control (LLC) sublayer
• Primarily designed to support multiplexing and
demultiplexing protocols transmitted over MAC
layer
• Also provides flow control and error detection and
retransmission
– Media Access Control (MAC) sublayer
• Designed to manage access to communications
media—in other words, to regulate which clients
are allowed to transmit and when
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 17
DLL Protocols
Dominant protocol for local area networking is
Ethernet for wired networks and Wi-Fi for
wireless networks
Other DLL LAN protocols include:
–
–
–
–
–
Token ring
Fiber Distributed Data Interface (FDDI)
Point-to-Point Protocol (PPP)
Point-to-Point Tunneling Protocol (PPTP)
Layer Two Tunneling Protocol (L2TP)
WANs typically use ATM and frame relay
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 18
Forming Packets and Addressing
First responsibility of DLL is converting Network
layer packet into DLL frame
DLL adds not only a header but also a trailer
When necessary, packet is fragmented into
frames, with corresponding information
embedded into each frame header
Addressing is accomplished with a number
embedded in network interface card (NIC)
This MAC address allows packets to be
delivered to an endpoint; typically shown in
hexadecimal format (e.g., 00-00-A3-6A-B2-1A)
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 19
Media Access Control
A primary function of DLL is controlling flow of
traffic—that is, determining which station is
allowed to transmit when
Two general approaches:
– Control
– Contention
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 20
Media Access Control (continued)
Control (deterministic)
– Well-regulated network: traffic transmitted in
orderly fashion, maintaining optimal data rate
– Facilitate priority system: key clients or servers
can be polled more frequently than others
Contention (stochastic)
– Clients listen to determine if channel is free and
then transmit
– Must have mechanisms to deal with collisions
– Collision avoidance vs. collision detection
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 21
Switches and Bridges
Specific technologies used to connect networks
at Data Link layer
While hub connects networks at Physical layer,
connecting two networks with hub results in one
large network (or collision domain)
Connection via Layer 2 switch, capable of
bridging, maintains separate collision domains
Bridging: process of connecting networks with
DLL protocols while maintaining integrity of
each network, only passing messages that need
to be transmitted between the two
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 22
Network Layer and Packetizing
Network layer is primary layer for
communications between networks
Three key functions:
– Packetizing
– Addressing
– Routing
During packetizing, Network layer takes
segments sent from Transport layer and
organizes them into packets for transmission
across a network
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 23
Addressing
Network layer uses network-layer address to
uniquely identify destination across multiple
networks
Typical address consists of the network ID and
the host ID
In TCP/IP, IP address is network-layer address
IP address contains source and destination IP
address along with additional packet information
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 24
Addressing (continued)
Addresses maintained and issued by Internet
Assigned Numbers Authority (IANA)
In early years, addresses distributed as follows:
– Class A: consists of primary octet (the netid) with
three octets providing host ID portion; allows up
to 16,777,214 hosts on network
– Class B: consists of two octets in netid with two
octets providing 65534 host IDs
– Class C: consists of three octets in netid with one
octet providing 254 host IDs
– Class D and Class E addresses are reserved
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 25
Addressing (continued)
This address assignment method proves
inefficient
Internet moving to new version of IP, IPv6,
which uses 128-bit address instead of 32-bit
Increases available addresses by factor of 2128
Network Address Translation (NAT): uses
device, like a router, to segregate external
Internet from internal network
Device maps organizational addresses to
different addresses inside the intranet
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 26
Routing
Moving Network layer packets across networks
Routing protocols include static and dynamic
Internal routing protocols:
– Used inside autonomous system (AS)
– Distance-vector routing protocols and link-state
routing protocols
External routing protocols:
– Communicate between autonomous systems
– Translate different internal routing protocols
– Border Gateway Protocol (BGP)
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 27
Transport Layer
Primary function of Transport layer is to provide
reliable end-to-end transfer of data between
user applications
Lower layers focus on networking and
connectivity while upper layers, beginning with
Transport layer, focus on application-specific
services
Transport layer also responsible for end-to-end
error control, flow control, and several other
functions
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 28
Error Control
Process of handling problems with transfer
process, which may result in modified or
corrupted segments
Broken into two components: error detection
and error correction
Errors are typically single-bit or multiple-bit
Bit errors are most likely the result of noise
interference
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 29
Error Control (continued)
Errors detected using one of several schemes:
– Repetition: data transmitted redundantly
– Parity: “check bits” at end of each byte of data
– Redundancy: parity calculated for blocks of data
rather than individual byte (LRC, VRC, CRC)
Errors typically corrected by retransmission of
damaged segment
Dominant error correction techniques are
automatic repeat requests (ARQs)
Three most common ARQs are Stop-And-Wait,
Go-Back-N, and Selective Repeat
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 30
Flow Control
Purpose is to prevent receiver from being
overwhelmed with segments, preventing
effective processing of each received segment
Some error correction techniques have built-in
flow control
Dominant technique is sliding window protocol,
which provides mechanism by which receiver
can specify number of segments (or bytes) it
can receive before sender must wait
Receiver enlarges or reduces window size as
necessary
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 31
Other Functions of the Transport Layer
Assignment of ports, which identify the service
requested by a user
Combination of Network layer address and port
is referred to as a socket
Tunneling protocols also work at Transport layer
These protocols work with Data Link layer
protocols to provide secure connections
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 32
Session Layer
Responsible for establishing, maintaining, and
terminating communications sessions between
two systems
Regulates whether communications are simplex
(one way only), half-duplex (one way at a time),
or full-duplex (bidirectional)
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 33
Presentation Layer
Responsible for data translation and encryption
functions
For example, if one system is using standard
ASCII and another is using EBCDIC, the
Presentation layer performs the translation
Encryption can also be part of operations
performed at this level
Presentation layer encapsulates Application
layer messages prior to passing them down to
Transport layer
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 34
Application Layer
At Application layer, user is provided with a
number of services, most aptly called
application protocols
TCP/IP protocol suite includes applications such
as e-mail (SMTP and POP), World Wide Web
(HTTP and HTTPS), file transfer (FTP and
SFTP), and others
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 35
The Internet and TCP/IP
The Internet incorporates millions of small,
independent networks, connected by most of
the major common carriers
Most services we associate with the Internet are
based on Application layer protocols
The Internet is a physical set of networks, while
the World Wide Web (WWW) is a set of
applications that run on top of the Internet
Web uses domain name-based Uniform
Resource Identifiers (URIs), Uniform Resource
Locator (URL) being best-known type
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 36
TCP/IP
TCP/IP actually suite of protocols used to
facilitate communications across the Internet
Developed before OSI reference model, it is
similar in concept but different in detail
TCP/IP model is less formal than OSI reference
model
Each of the four layers of TCP/IP model
represents a section of one or more layers of
OSI model
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 37
Application Layer
TCP/IP Application layer consists of utility
protocols that provide value to end user
Data from users and utilities are passed down to
Transport layer for processing
Wide variety of Application layer protocols that
support Internet users: SMTP, POP for e-mail,
FTP for data transfer, HTTP for Web content
Application layers on each host interact directly
with corresponding applications on other hosts
to provide requisite communications support
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 38
Transport Layer
Responsible for transferring of messages,
including resolution of errors, managing
necessary fragmentation, and control of
message flow, regardless of underlying network
Connection or connectionless messages
Connects applications through use of ports
Lowest layer of TCP/IP stack to offer any form
of reliability
TCP: connected, reliable protocol
UDP: connectionless, unreliable protocol
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 39
Internetwork Layer
Handles moving packets in a single network
Examples of protocols are X.25 and
ARPANET’s Host/IMP Protocol
Internet Protocol (IP) performs task of moving
packets from source host to destination host
IP carries data for many different upper-layer
protocols
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 40
Internetwork Layer (continued)
Some protocols carried by IP function on top of
IP but perform other Internetwork layer functions
All routing protocols are also part of Network
layer
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 41
Subnet Layers
TCP/IP Subnet layers include Data Link and
Physical layers
TCP/IP relies on whatever native network
subnet layers are present
For example, if user’s network is Ethernet then
IP packets are encapsulated into Ethernet
frames
No specification for Data Link layer or Physical
layer
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 42
Chapter Summary
Fundamental exchange of information: sender
communicates message to receiver over some
medium
Communication only occurs when recipient is
able to receive, process, and comprehend
message
Any medium may be subject to interference:
attenuation, crosstalk, distortion, echo, impulse,
jitter, white noise
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 43
Chapter Summary (continued)
Some reasons to build a network:
– To exchange information
– To share scarce or expensive resources
– To allow distributed organizations to act as if
centrally located
Networks can be categorized by: components,
size, layout or topology, media
OSI reference model allocates functions of
network communications into seven distinct
layers, each with its own functions and protocols
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 44
Chapter Summary (continued)
OSI reference model layers:
– Physical: puts transmissions onto media
– Data Link: primary networking support layer
– Network: primary layer for communications
between networks
– Transport: provides reliable end-to-end transfer
of data between user applications
– Session: establishes, maintains, terminates
communications sessions between two systems
– Presentation: data translation and encryption
– Application: provides application protocols
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 45
Chapter Summary (continued)
Each of four layers of TCP/IP model represents
a section of one or more layers of OSI model
– Application: consists of utility protocols that
provide value to end user
– Transport: responsible for transferring messages,
regardless of underlying network
– Internetwork: handles moving packets in a single
network
– Subnet: includes Data Link and Physical layers,
relying on whatever native network subnet layers
are present for signal transmission
Firewalls & Network Security, 2nd ed. - Chapter 2
Slide 46