Transcript 網路與通信協定
網路與通信協定
陳彥錚 (Yen-Cheng Chen)
[email protected]
http://www.ncnu.edu.tw/~ycchen/
內容大綱
1. 網路基本認識
2. OSI 7層參考模型
3. Internet 通信協定集
4. 網路設備
5. 網管相關通信協定
1. 網路基本認識
網路分類
網路技術
網路傳輸介質
網路設備
網路分類
網路 - 依終端應用區分
數據通信網路 (Data Communication Network)
電信網路 (Telecommunication Network)
網路 - 依距離區分
LAN (Local Area Network)
MAN (Metropolitan Area Network)
WAN (Wide Area Network)
網路分類 (續)
網路 - 依交換方式
線路交換 (Circuit Switching)
分封交換 (Packet Switching)
網路 - 依傳輸介質
有線網路 (Wired Network)
無線網路 (Wireless Network)
Bandwidth
網路技術
Gigabit
Ethernet
ATM
Fast
Ethernet
FDDI
MAN & SMDS
Ethernet
Token Ring
Frame Relay
ISDN (basic rate)
Distance
LAN
MAN
WAN
網路傳輸介質
Media
Wireline
Transmission
Electric
Conductors
Wireless
Transmission
Optical
Fiber
Radio
Twisted
Pair
Coaxial
Cable
Mono-mode
Infrared
Laser Links
Multi-mode
Microwave
Satellite
Transmission
網路設備
LAN/Internet設
備
Repeater
Hub
Bridge
Switch
Router
Gateway
WAN設備
Modem
Repeater
ADM (Add-Drop Multiplexer)
Cross-Connect
Switch
Multiplexer
Concentrator
2. OSI 7層參考模型
OSI Model
OSI - Open Systems Interconnection
由國際標準組織ISO (International Standard
Organization)制定之網路分層架構標準。
OSI參考模型,從實體傳輸介質至上層網路應用,
由低而高共包括七個層級
OSI之網路標準,依循OSI參考模型之七層級制定,
以便清楚完整規範網路應有之功能元件以及必須
遵守的準則。
OSI Reference Model
7
6
5
4
3
2
1
Application
7: 應用層
Presentation
6: 表現(展示)層
Session
5: 交談(會議)層
Transport
4: 傳輸層
Network
3: 網路層
Data Link
Physical
2: 資料鏈結層
1: 實體層
OSI 通信架構
Application
Application protocol
Application
Presentation
Presentation protocol
Presentation
Session
Session protocol
Session
Transport
Transport protocol
Transport
Network
Network
Network
Network
Data Link
Data Link
Data Link
Data Link
Physical
Physical
Physical
Physical
IMP 2
Host B
Host A
IMP 1
Layer 1 & 2
Layer 1. Physical layer
•Establishes the actual physical connection between the
computer equipment and the network.
•Provides the transmission of bits from one system to
another.
Layer 2. Data link layer
•Provides the transmission of packets.
•Performs error detection and correction functions to ensure
that a packet contains the same information received as
sent.
Layer 3 & 4
Layer 3. Network layer
•Determines the path that will be taken through the network.
•Controls the rate at which the network accepts packets, to
avoid and recover from congestion.
Layer 4. Transport layer
•Provides for the flow of data between sender and receiver,
•Ensures that the data arrives at the correct destination.
•Ensure that packets are sent at a rate the receiver and the
application can cope with.
•At the receiver, the transport layer reassembles the packets
into messages and delivers them to the next highest layer.
Layer 5 & 6
Layer 5. The session layer
•Allows the setup and termination of a communications path.
Ensures that the sender is authentic and has access rights
to establish a connection.
•Synchronizes the communication between two systems.
Layer 6. The presentation layer
•Converts outbound data from a machine-specific format to
an international standard format.
•Converts inbound data from international format to a
machine-specific format.
Layer 7
Layer 7. The application layer
•Provides the software for network services, such as file
transfer, remote login, remote execution, e-mail, etc.
•Provides the interface between user programs and the
network.
3. Internet通信協定集
常稱TCP/IP通信協定
並沒嚴格定義通信層級
一般將TCP/IP通信協定分為四層
處理層 (Process Layer)
主機對主機層 (Host-to-host Layer)
網際網路層 (Internet Layer)
網路存取層 (Network Access Layer)
Internet通信協定
HTTP
Application
SMTP
NNTP TELNET
SNMP
DNS
TCP
Transport
Network
Network
Access
Data Link
FTP
ECHO
NTP
TIME
BOOTP DHCP
UDP
RIP
OSPF
BGP
ICMP
IGMP
IP
ARP
RARP
SLIP
PPP
IP (Internet Protocol)
IP位於網際網路層,(OSI第三層)
主要提供多個互連網路間之路由/繞送
(Routing)功能。
協定特性:Connectionless、Unreliable
為能提供有效路由功能,制定了IP定址機制。
每一TCP/IP網路上之主機均有一32-bit IP位
址。
140.131.76.1
IP Address
長度:4 Bytes (32-Bit)
每一IP 位址包括兩個部份
網路位址 (Network Address)
主機位址 (Host Address)
Host
Network
有時一網路會再分割為多個子網路,此時主機
位址又再細分為子網路(Subnet)及主機
(Host)兩個部份。
Network
Subnet
Host
IP 位址分類
Special IP Addresses
All-0 host suffix Network Address
All-0s This computer (0.0.0.0)
All-0s network This network.
E.g., 0.0.0.7 = Host 7 on this network
All-1 host suffix All hosts on the destination
net
(directed broadcast)
All-1s All hosts on this net (limited broadcast)
Subnet number cannot be all 1
127.*.*.* Looback through IP layer
Private IP Addresses
Any organization can use these inside their
network
Can’t go on the internet. [RFC 1918]
1
16
256
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
網路遮罩(Netmask)
網路遮罩,將一IP位址中之代表網路及子網路
位址之位元設為1,其餘設為0即為網路遮罩。
Class A 255.0.0.0
Class B 255.255.0.0
Class C 255.255.255.0
網路遮罩與IP位址利用邏輯AND便可得到網
路位址。
Routers and the IP Addressing
Principle
• Routers have two or more addresses. One for
each interface.
Routing Table
IF ((Mask[i] & Destination Addr) = = Destination[i])
Forward to NextHop[i]
IP Forwarding Process
TCP (Transmission Control Protocol)
傳輸控制協定(TCP)位於主機對主機層,
(相對於OSI第4層)。
連結導向(Connection-Oriented)
three-way handshake
提供具可靠性(Reliable)之傳輸
Sequencing, Checksum
負責傳送端(Sender)與接收端(Receiver)
間之流量控制(Flow Control)
Sliding Window
UDP (User Datagram Protocol)
UDP位於主機對主機層, 相對於OSI第4層。
協定特性:Connectionless、Unreliable
提供一簡單快速的主機間資金傳送機制。
通信埠(Port)
每個主機之應用/處理層上可能有各種不同的
應用、服務、或資源,每當一主機收到由網路
上傳來之資料時,傳輸層必須提供一能辨別網
路應用服務之機制,以便將資料分派至正確的
處理程式。
每一上層通信應用服務或程式對應一唯一的
TCP或UDP通信埠號(Port Number)。
常見TCP/IP應用服務與埠號
UDP
TCP
21
23
25
53
79
80
110
119
123
FTP
Telnet
SMTP
DNS
Finger
HTTP
POP3
NNTP
NTP
53
67
69
161
162
DNS
BOOTP
TFTP
SNMP
SNMP-Trap
Port: 1~1024,網際網路標準專用
4. 網路設備
Repeater
Hub
Bridge
Switch
Router
Routing Switch
Gateway
Repeater
Operates at Layer 1, the physical layer.
Connects two network segments into one large segment, or
to expand an existing segment.
Enhances data signals and thus can be used to extend
maximum cabling distances.
There is no network intelligence built into a simple repeater;
it is used strictly for signal propagation.
Hub
Operates at Layer 1, the physical layer.
Simply a multiport repeater.
Can be used to increase overall network size and number of
nodes on a single segment.
Can isolate faults within the subnet.
Allows you to add stations to a segment without disrupting the
entire network.
Bridge
Operates at Layer 2, the data link layer.
Allows networks with different physical signaling, but
with compatible data link addressing schemes, to
communicate.
Helps reduce traffic on a backbone LAN by filtering
any information coming from one segment to another
that does not need to be forwarded through the
backbone.
A common use for a bridge is to allow users on an
Ethernet LAN and a Token Ring LAN to
communicate with each other.
Bridge Example
Application
Application
Presentation
Presentation
Session
Session
Transport
Bridge
Network
Transport
Network
Data Link
Data Link
Data Link
Data Link
Physical
Physical
Physical
Physical
Switch
Operates at Layer 2, the data link layer.
Dispatches data to its destination, which it
determines from the packet’s lower-layer media
access control (MAC) address.
Can limit traffic, and does not understand network
protocols.
Router
Operates at Layer 3, the network layer.
Connects two networks with different technologies,
and provides an intelligent means of transferring
packets from one network to the other.
Also forwards traffic among multiple hubs and
bridges.
Router Example
Application
Application
Presentation
Presentation
Session
Session
Transport
Router
Transport
Network
Network
Network
Network
Data Link
Data Link
Data Link
Data Link
Physical
Physical
Physical
Physical
Routing Switch
Operates at Layer 3, the network layer.
Combines the intelligence of a router with the
efficiency of a switch,
Routing data at higher speeds.
Gateway
Operates at Layer 7, the application layer.
Can encompass all seven of the OSI model layers.
A computing system that can be programmed to do
any number of intricate protocol conversions and
negotiations, such as between IP and IPX.
5. 網管相關通信協定
SNMPv1
SNMPv2C
ICMP
ARP/RARP
DHCP
SNMPv1
(Simple Network Management Protocol version 1)
The most common management protocol in use in data networks.
Provides a means of obtaining information from, and sending
information to, network devices.
Based on the manager-agent model.
Uses Management Information Bases (MIBs) to exchange
information between the manager and the agent.
Using the SNMP protocol, a manager can query and modify the
status and configuration information on each managed device by
making requests to the agent running on the managed device.
All commands use the UDP/IP protocol, which means that
communication between the manager and the agent is
connectionless.
SNMP operates at Layer 7, the application layer.
SNMPv2C (version 2)
SNMPv2C includes the basic functions of SNMPv1.
Adds
new message types,
standardized multi-protocol support,
enhanced security,
new MIB objects, and
a way to co-exist with SNMPv1.
SNMPv2C is useful for the retrieval of large amounts of
management information using fewer network resources.
ICMP
(Internet Control Message Protocol)
ICMP is the part of IP that handles error and control
messages.
ICMP operates at Layer 3, the network layer.
ICMP supports an echo function, which sends a packet
on a round-trip between two hosts.
Ping, which sends a signal to see if an interface is up
and running, is based on ICMP echo.
ICMP can also send an address mask request that
returns the address of the subnet mask on the remote
system. This feature is important for non-SNMP devices.
ICMP Type
8 / 0 Echo Request / Echo Reply
3 Destination Unreachable
4 Source Quench
5 Redirect
11 Time Exceeded
12 Parameter Problem
13 / 14 Timestamp Request / Timestamp Reply
17 / 18 Address Mask Request / Address Mask
Reply
Ping
•
Most basic tool for internet management
•
Based on ICMP ECHO_REQUEST message
•
Available on all TCP/IP stacks
•
Useful for measuring
•
•
Connectivity
•
Packet Loss
•
Round Trip Time
Can do auto-discovery of TCP/IP equipped stations
on single segment
ping
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] | [-k host-list]]
[-w timeout] destination-list
Options:
-t
-a
-n count
-l size
-f
-i TTL
-v TOS
-r count
-s count
-j host-list
-k host-list
-w timeout
Ping the specified host until stopped.
To see statistics and continue - type Control-Break;
To stop - type Control-C.
Resolve addresses to hostnames.
Number of echo requests to send.
Send buffer size.
Set Don't Fragment flag in packet.
Time To Live.
Type Of Service.
Record route for count hops.
Timestamp for count hops.
Loose source route along host-list.
Strict source route along host-list.
Timeout in milliseconds to wait for each reply.
Example
C:\>ping -n 10 -l 256 www.im.ncnu.edu.tw
Pinging euler.im.ncnu.edu.tw [163.22.20.16] with 256 bytes of data:
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
from
from
from
from
from
from
from
from
from
from
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
163.22.20.16:
bytes=256
bytes=256
bytes=256
bytes=256
bytes=256
bytes=256
bytes=256
bytes=256
bytes=256
bytes=256
time=1ms
time=1ms
time=1ms
time=1ms
time=1ms
time=1ms
time=1ms
time=1ms
time=1ms
time=1ms
TTL=253
TTL=253
TTL=253
TTL=253
TTL=253
TTL=253
TTL=253
TTL=253
TTL=253
TTL=253
Ping statistics for 163.22.20.16:
Packets: Sent = 10, Received = 10, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
Traceroute
RFC 1393
To provide a trace of the path the packet took to reach
the destination.
Operates by first sending out a packet with a Time To
Live (TTL) of 1. The first hop then sends back an ICMP
error message indicating that the packet could not be
forwarded because the TTL expired.
The packet is then resent with a TTL of 2, and the
second hop returns the TTL expired. This process
continues until the destination is reached.
Record the source of each ICMP TTL exceeded message
http://www.visualroute.com/
tracert
C:\>tracert www.google.com
Tracing route to www.l.google.com [72.14.235.104]
over a maximum of 30 hops:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<1
<1
<1
<1
23
2
*
6
28
31
*
62
63
62
63
65
77
64
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
Trace complete.
<1
<1
<1
<1
1
3
*
6
28
30
*
63
63
64
64
63
73
73
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
<1
<1
<1
<1
1
3
5
6
28
29
*
62
63
62
63
69
70
64
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
gateway.puli34-10-10.ncnu.edu.tw [10.10.34.254]
ip253.puli01.ncnu.edu.tw [163.22.1.253]
ip090.puli18-10-10.ncnu.edu.tw [10.10.18.90]
ip094.puli18.ncnu.edu.tw [163.22.18.94]
ip098.puli255-64-203.ncnu.edu.tw [203.64.255.98]
140.128.251.38
bb-MOE-CHT.TANet.edu.tw [192.83.196.111]
202.169.174.58
202.169.174.45
202.40.161.1
Request timed out.
218.100.16.24
216.239.43.68
66.249.95.198
72.14.232.162
72.14.232.221
72.14.232.217
tw-in-f104.google.com [72.14.235.104]
VisualRoute
http://www.visualroute.com/
ARP/RARP
Address Resolution Protocol / Reverse ARP
ARP/RARP are used at Layer 2, the link layer,
ARP is used to map an IP address to a MAC (or
link level, or hardware) address.
RARP is used to map a MAC address to an IP
address.
arp
arp
arp
arp
arp
-a
-d 10.10.34.235
-d *
–s 157.55.85.212
-?
00-aa-00-62-c6-09
C:\>arp -a
Interface: 10.10.34.169
Internet Address
10.10.34.231
10.10.34.234
10.10.34.235
10.10.34.238
10.10.34.239
10.10.34.240
10.10.34.254
--- 0x2
Physical Address
00-12-cf-28-cd-20
00-12-cf-29-c6-80
00-12-cf-28-1e-20
00-12-cf-28-4d-e0
00-12-cf-25-23-40
00-12-cf-28-bf-e0
00-08-e3-dd-b3-1f
Type
dynamic
dynamic
dynamic
dynamic
dynamic
dynamic
dynamic
C:\>arp -s 10.10.34.235 00-12-cf-28-1e-20
C:\>arp –a
Interface: 10.10.34.169
Internet Address
10.10.34.235
10.10.34.254
--- 0x2
Physical Address
00-12-cf-28-1e-20
00-08-e3-dd-b3-1f
Type
static
dynamic
DHCP
(Dynamic Host Configuration Protocol)
DHCP allows IP addresses to be allocated on a temporary
basis (a lease).
When the lease for an IP address expires, the address can
be reused by a different node.
This is useful in environments supporting mobile users who
connect to the network with a laptop from many different
places.
This helps alleviate the problem of limited IP addresses and
simplifies TCP/IP client configurations.
動態主機組態協定(DHCP)
Dynamic Host Configuration Protocol
自動設定電腦的
IP位址(163.22.20.223)
子網路遮罩(255.255.255.0)
預設通訊閘(163.22.20.254)
領域名稱伺服器(163.22.2.1)
…
winipcfg (Win 98/Me)
ipconfig /all (Win 2000/XP)
1
2
3
控制台 網路和網際網路連線
ipconfig
ipconfig
ipconfig /all
ipconfig /release
ipconfig /renew
C:\>ipconfig
Windows IP Configuration
Ethernet adapter 區域連線:
Connection-specific
IP Address. . . . .
Subnet Mask . . . .
Default Gateway . .
DNS
. .
. .
. .
Suffix
. . . .
. . . .
. . . .
.
.
.
.
:
:
:
:
ncnu.edu.tw
10.10.34.169
255.255.255.0
10.10.34.254
領域名稱系統(DNS)
提供主機名稱與IP位址之轉換
www.im.ncnu.edu.tw
163.22.20.16
由DNS伺服器提供
RR-DNS (Round Robin DNS)
www.yahoo.com: (8台伺服器)
66.218.71.90, 66.218.71.80, 66.218.71.95, …
DDNS (Dynamic DNS)
主機名稱
浮動IP位址
ipconfig /displaydns
ipconfig /flushdns
nslookup
C:\>nslookup
Default Server: academic.ncnu.edu.tw
Address: 163.22.2.1
> www.cnn.com
Server: academic.ncnu.edu.tw
Address: 163.22.2.1
Non-authoritative answer:
Name:
www.cnn.com
Addresses: 64.236.29.120, 64.236.91.21, 64.236.16.20, 64.236.16.52
64.236.16.84, 64.236.24.12, 64.236.24.20, 64.236.24.28
> 163.22.20.16
Server: academic.ncnu.edu.tw
Address: 163.22.2.1
Name:
euler.im.ncnu.edu.tw
Address: 163.22.20.16
Aliases: 16.20.22.163.in-addr.arpa
>
全球資訊網(WWW)
TANet
www.abc.com
Source
Switch/Router
DHCP Server
DNS Server
Proxy Server/Filter
TANet / HiNet / ISPs
Destination
HiNet
(5)
(3)
(1)
(4)
NCNU
Web Filter
Campus
Network
(2)
Proxy
Servers
DHCP
Server
DNS
Server
Router
Switch
電子郵件 (E-Mail)
用戶端 Outlook / Outlook Express
SMTP伺服器 – 送信
無需密碼,用戶需在規定的網路內送信
Open Relay / Spam Mail
POP伺服器– 收信
需密碼,沒有限制網路
常見問題
用戶沒在規定的網路內送信
信箱爆滿(Quota)
電子郵件 (E-Mail) – 送
HiNet
TANet
(6)
pop.ntu.edu.tw
Sender
Switch/Router
DHCP Server
DNS Server
SMTP Server/Virus Scan
POP Server
TANet / ISPs
Receiver
POP
Server
NCNU
(3) Campus
(1)
Network
(2)
(5)
Virus
Scan
SMTP
Servers
Router
Switch
DHCP
Server
DNS
Server
(4)
電子郵件 (E-Mail) – 收
smtp.ntu.edu.tw
Sender
TANet / ISPs
Switch/Router
SMTP Server/Virus Scan
POP Server
Receiver*
DHCP Server
DNS Server
HiNet
TANet
(1)
(5)
(3)
(4)
POP
Server
NCNU
Campus
Network
(2)
Virus
Scan
SMTP
Servers
Router
Switch
DHCP
Server
DNS
Server