Ethernet switches, hubs, etc

Download Report

Transcript Ethernet switches, hubs, etc

CISC 370 - Class Today
•
•
•
•
Projects
Hubs, Switches, Routers, Bridges
Ethernet wrapup
Carlson Case Study
3/26/2016
R. Smith - University of St Thomas - Minnesota
1
Project
• Select a topic and get approval
• Write a 3-page outline
– presents an overview of your topic, including major facts that
were uncovered by your initial research.
• Write a paper about your topic
– it should be about 10 pages long - 3,000-5,000 words.
• Give a final, 15-minute presentation
– given at the final class
– Group projects give a longer presentation
• All members participate in the final presentation
3/26/2016
R. Smith - University of St Thomas - Minnesota
2
Project Schedule
• Topic: TODAY
• Outline: April 21
• Revised Outline (optional): April 28
• Papers: May 12
• Presentations: May 12 and 14
3/26/2016
R. Smith - University of St Thomas - Minnesota
3
A Little More Ethernet
• The yellow ‘hose’ in the network lab
– “Original” Ethernet – vampire taps
• Switches, Hubs, Bridges, Routers
• Long Haul Ethernet (?)
3/26/2016
R. Smith - University of St Thomas - Minnesota
4
Bridges, Hubs, Switches, Routers
• Different ways to connect LANs together
–
–
–
–
Router or Gateway – routes at L3 (IP layer)
Bridge – routes at L2; “extends” a LAN
Hub – a repeater at L2
Switch – directs L2 packets at addressed destination
• Topologies
– Often physically a star
– May logically be a bus
3/26/2016
R. Smith - University of St Thomas - Minnesota
5
Bridges and Routers
• Router (“L3 Router”)
– Generally a Layer 3 “Network” device
– L2 MAC addresses are left behind when going through router
• Bridge “L2 Router”
– Connects two separate LANs together
– May use a different transfer medium to hook them together
• Radio link between LANs in separate buildings
– May do a little routing as opposed to simple echo
• Only forward packets in remote LAN’s address range
3/26/2016
R. Smith - University of St Thomas - Minnesota
6
Switches and Hubs
• Hubs
– They echo all the messages they get (de facto broadcast)
• Switches
– Store/Forward Switch
– Cut-through switch
• Why did all the hubs turn to switches?
– For the young folk: a few years ago, all we could buy were
hubs.
– Now, all they sell are switches.
– What are the trade-offs?
3/26/2016
R. Smith - University of St Thomas - Minnesota
7
Long Haul Ethernet (?)
• Ethernet is not supposed to be long haul!
– It’s a LAN, isn’t it?
• They want to exploit the rich set of existing
Ethernet-based technologies
• Optical technologies
– 1000base-LX – single mode fiber = 5 km
– 10Gbase-E single mode fiber = 40km (!!)
• Now we’re getting into WAN territory (ATM)
3/26/2016
R. Smith - University of St Thomas - Minnesota
8
Carlson Case Study
• Let’s do it in class
• Take 10 minutes to read it over
– Check out some of the references on the Internet
• Break into 6 or so groups
• Each group takes one of the 3 questions.
3/26/2016
R. Smith - University of St Thomas - Minnesota
9
Carlson Case Study
• What hardware did they start out with?
– IBM mainframe, HP & Sun servers - what are these things?
• Software?
– Oracle, MS Exchange, Web servers, PeopleSoft, data
warehousing app
3/26/2016
R. Smith - University of St Thomas - Minnesota
10
Original configuration/problems
• Where was the data at the start of this process?
DAS - direct attached storage, like SATA, IDE, SCSI
NAS - network attached storage, like NFS
SAN - storage area network - block i/o across a LAN
• Operational problems
Data replication procedures - ensuring consistency
Backup and disaster recovery
Need 24/7 operation
Existing fiber channel used for backup and control
Architecture couldn't scale
3/26/2016
R. Smith - University of St Thomas - Minnesota
11
New hardware
• Nishan storage switches - convert i/o
operations into IP SAN operations
HP disk array
• SAN protocols - iSCSI
• TCP/IP based SCSI commands
Fiber Channel - proprietary protocol
Nishan has a strategy for mapping fiber
channel onto tcp/ip, used in their switches
3/26/2016
R. Smith - University of St Thomas - Minnesota
12
Wireless Applications
• o LAN extension - save money on installation
• o Building to Building - directed beam
• o Nomad access - like at the airport
• o Ad hoc networking - just need to set up a
LAN without spending effort on wires
General Requirements
• o Throughput
o Number of nodes
o Backbone connection - backhaul
o Service area - range
o Power consumption in portable (battery driven)
devices
o Transmission robustness - how good is the signal?
o Security - can outsiders interfere?
o Colocated wireless LANs
o FCC and broadcast licensing - none should be
needed
o Roaming/handoff
o Dynamic configuration
Distinguishing requirements
• for the 4 applications - yes/maybe/no
•
•
•
•
•
•
Backbone connectivity - backhaul
Per-node communication privacy
Access authorization
Service metering (charging for connection)
Number of nodes
Directionality
Technologies
• Infrared, Spread Spectrum, Radio
– Infrared – remote controls, some short haul (25 m)
– Spread Spectrum – general purpose, up to 250m
– Radio – narrowband microwave, up to 40m
• Licensing – a potential pain
– Some bands require FCC licensing (costly, political)
– Industrial/Scientific/Medical – typical for 802.11
• no license needed for some uses
• 802.11 Standards
– Direct sequence spread spectrum
• 2.4Ghz, 1-2Mbps
– Frequency hopping spread spectrum, same band same speeds
• 80211b - DSSS - 5.5 to 11 Mbps
Spread Spectrum??
• FHSS – Frequency Hopping
– Hedy Lamarr/George Antheil; SIGSALY (AT&T)
– Systematically switching between radio channels/frequencies
• Lamarr’s system used a piano roll (88 frequencies)
• DSSS – Direct Sequence
– Uses a single very wide ‘carrier’ signal that sounds like noise
– Embeds small signals (‘chips’) in the larger carrier
• Most chips are noise; some chips contain ‘part’ of a bit
• Reconstruct the ‘real’ bits from selected chips
– Allows multiple stations to ‘talk’ at the same time
• By using different ‘chips’ they don’t interfere with each
others’ transmissions
– 54 Mbps/2.4 GHz carrier signal = 44 separate ‘channels’
Architecture
• BSS - Basic Service Set
– A group of wireless stations sharing the same medium = in
broadcast proximity to one another and sharing data
– SSID - Service Set Identifier - a marker to indicate which
network a wireless packet is intended for
– One station might serve as an Access Point (AP)
APs connect to distribution systems (DSes)
• Extended Service Set - ESS
– Two or more BSSes connected by a common backbone
may have overlapping broadcast proximity
•IEEE 802.11 Services
• o Association - establishing the initial link to a
station
o Reassociation - moving from one station to
another
o Disassociation - moving out of range or
shutting down
o Authentication
o Privacy
Medium access control
• reliable data delivery
– Normally 2 frame exchanges: send the data, get an ACK
immediately
– Sometimes 4 frame exchanges: RTS, CTS, then other 2
• This reduces risk of collision in crowded airwaves by
exchanging short control messages instead of longer data
packets
• access control - how they take turns
– DFWMAC - distributed foundation wireless MAC
• One choice - distributed coordination similar to CSMA/CD
• Other choice - centralized control - PCF - point coordination
function
– Wireless hub coordinates handshaking instead of leaving it to
individual stations
Wireless Security
• We can disable SSID broadcast - makes
networks harder to find
– “Security through obscurity”
– WarGames example
• We can filter on MAC addresses - only talk to
devices with accepted addresses
• Cryptographic security
WEP - Wireless equivalent privacy
• Shared key encryption protocol
– 128-bit keys using RC-4
Each packet has an IV
Per-packet key constructed of key + IV
– The secret part is much smaller than the encryption key
• Poorly constructed encryption
– 64-bit keys broken in 40-bit time
128-bit keys broken in 64-bit time
Possible to modify a packet's contents and CRC without
knowing the encryption key
Wireless Protected Accesss
• WPA – first try
– designed as stopgap since WEP was so bad
– 128-bit keys using RC-4
– Pre-shared keys updated using TKIP - Temporal Key Integrity
Protocol
• Better integrity protection
• Larger effective keys
• Key update protocol
• WPA2 - 802.11i - full implementation of WPA
– Use permanent keys to authenticate; temporary keys to
encrypt
– Can use RADIUS authentication server (protocol called 802.1X)
• (what is this RADIUS thing about?)
Creative Commons License
This work is licensed under the Creative
Commons Attribution-Share Alike 3.0 United
States License. To view a copy of this license,
visit http://creativecommons.org/licenses/bysa/3.0/us/ or send a letter to Creative
Commons, 171 Second Street, Suite 300, San
Francisco, California, 94105, USA.
3/26/2016
R. Smith - University of St Thomas - Minnesota
24