Transcript A story
A PC Wakes Up
A STORY BY VICTOR NORMAN
Once upon a time…
a PC (we’ll call him “H”) is connected to a network and turned on.
Aside: The network looks like this:
H needs an IP address
PC H notices he has a network connection, but no name…
So, he decides he needs to get a name somehow...
He composes a message:
To: Everyone around here
From: me (but, I’m unnamed right now, except this number 0x73.)
Re: I need a name. Is there anyone out there in the network who can give me a
unique name that anyone in the world can use to talk to me? If so, please send me
that name.
(We actually call this a “DHCP request”.)
He sends the message out his network interface.
Meanwhile, on Switch S…
Switch S sees a message on port 1.
Switch S is like a postman: it is responsible for sending messages on
to who they are for, but it never gets messages itself.
Switch S looks at the To: field and sees this is a special message to
be sent to everyone. So, he makes copies of the message and
sends them out all his other ports.
Switch S also makes a note to itself: I’ve seen a message on port 1
from this guy called 0x73. Now, if I ever get a message for 0x73, I
can send it only on port 1.
Who can handle this message?
The switch has now duplicated the message and sent to everyone.
All machines receive the message, but they look at it, and realize
they aren’t set up to give out unique names to newbies on the
network. So, they throw the message away.
However, NAT N receives the message and realizes that he has
been configured to hand out names to newbies. (i.e., he is running
a DHCP server!)
His DHCP server software looks up information in its config file and
finds an unassigned new name (IP address), and marks that name
as “assigned” to this machine called 0x73.
The Response Awakens
The DHCP server composes a message:
To: you, Mr. 0x73 with no real name
From: me, 10.0.0.1, known around these parts as 0x1a.
Re: Your request for a name
Here is your new name: 10.0.0.3.
Also, everyone on your network is 10.0.0.something, ok?
Oh, and, the DNS server is running on me, 10.0.0.1.
And, if you ever want to talk to someone out in the big world, just send the
message to me and I’ll forward it out there for you.
The DHCP server sends the message, which goes out its network
interface (to Switch S). (Switch says, “Aha! I see a message from
0x1a on port 4. I’ll remember that!”)
I have a name!
Switch forwards the response to H.
H receives the message and from the information knows:
its new unique universal name: 10.0.0.3
That if it needs to talk to any other machine with a name like 10.0.0.*, it
can send to it directly – it is in the neighborhood.
That if it needs to talk to any other machine, it should send the message
to 10.0.0.1, who will handle forwarding the message to the other
machine.
That if it needs to change a name (like www.google.com or
www.cnn.com or calvin.edu) to a computer name (like 153.106.4.1), it
can ask 10.0.0.1 to do the conversion.
Reminder of what our network looks like
Chapter 2: the user wants a web
page
After some time passes… a user starts a web browser on H and types
this into the address bar: http://host2.company.com/index.html.
The browser program knows that it cannot talk to machine with a
nice name like host2.company.com – it has to somehow get the
unique computer name for it (the IP address).
To do this, the program uses a library on the computer. This library
composes a message:
To: name converting server, running on 10.0.0.1
From: me (0x73, aka 10.0.0.3)
Re: convert host2.company.com to its IP address, please. (DNS request)
A funny thing happened on the
way to the post office…
When this library tries to send this message out the network
interface, there is a problem…
The networking code in the OS does not know how to talk to 10.0.0.1
-- it has to have that machine’s local name (which we know is 0x1a).
So, the OS pauses the DNS request message, and generates a
number conversion request (ARP request):
To: everyone in the neighborhood
From: me (0x73, aka 10.0.0.3)
Re: I need the local name of 10.0.0.1
The OS sends this message out its network interface.
What happens next?
What happens when Switch S gets the message?
Answer: it sends it out to all machines.
What happens when each machine receives it?
Answer: it drops the message if it isn’t set up to answer the question.
Which machine can answer the question?
Answer: 10.0.0.1 will answer the question. It will send a response:
To: 0x73 (aka 10.0.0.3)
From: 0x1a (aka 10.0.0.1)
Re: your request for my name: My local name is 0x1a. (ARP response)
And, now back on the farm…
H gets the response (which was forwarded by S).
It forwards it up to the networking code in the OS, which says to
itself:
Huh, so 10.0.0.1 is the same as 0x1a. I’ll remember that (at least for a
while).
It also remembers that it was in the process of sending another
message. As you may recall, the message was:
To: name converting server, running on 10.0.0.1
From: me (0x73, aka 10.0.0.3)
Re: convert host2.company.com to its IP address, please. (DNS request)
Now, the networking code in the OS can send this out, because it
knows the local name of 10.0.0.1 (it is 0x1a).
Finally, the message goes out
The message requesting a name conversion for host2.company.com
has been sent to 10.0.0.1 (0x1a).
Switch S knows where that machine is, so forwards the message to it.
10.0.0.1 (NAT N) receives the message (because it is for it).
It checks to see if it is running the server that resolves names – and Yes, it
is!
This server (DNS server) talks to some other servers and gets the
computer name for host2.company.com (98.1.1.1). The server
composes a message:
To: 10.0.0.3 (aka 0x73)
From: 10.0.0.1 (aka 0x1a)
Re: the request you sent for a name conversion.
I have found the computer name for host2.company.com. It is 98.1.1.1.
Have a nice day!
It sends the message out its network interface, via S, to H.
And, back on the farm again…
The name conversion response is received and sent by the OS to the
library that requested the name conversion.
The library says to itself:
“Huh. So host2.company.com is the same as 98.1.1.1. I’ll remember that for
a while. Could come in handy again.”
The library now tells the web browser that it got the computer name it
needed.
The web browser software now makes a new request to send over the
network to 98.1.1.1:
To: 98.1.1.1
From: 10.0.0.3 (aka 0x73)
From-Mailbox: 37373 (this mailbox was randomly chosen and not in use)
Re: web page request. (Mailbox: 80)
Please send me the file index.html. Thanks.
But, whoa!
We have a problem. A computer can only talk to its neighbors, and
98.1.1.1 is not a neighbor – it is some machine somewhere out there in
cyberspace.
Fortunately, the networking code remembers something:
“If I need to talk to any other machine, I should send the message to
10.0.0.1, who will handle forwarding the message to the other machine.”
So, it changes (or really, amends) the message slightly:
To: 98.1.1.1 (via 10.0.0.1)
From: 10.0.0.3 (aka 0x73)
From-Mailbox: 37373
Re: web page request. (Mailbox: 80)
Please send me the html file index.html. Thanks.
This way, the message is marked as ultimately for 98.1.1.1, but locally for
10.0.0.1.
Still no go…
We have this message:
To: 98.1.1.1 (via 10.0.0.1)
From: 10.0.0.3 (aka 0x73)
From-Mailbox: 37373
Re: web page request. (Mailbox: 80)
Please send me the html file index.html. Thanks.
But, how do we talk to 10.0.0.1. We know he is on the local network, so
we can talk to him. But, we need his local name, not his global name.
Wait! Remember we made a note to ourselves earlier:
“Huh, so 10.0.0.1 is the same as 0x1a. I’ll remember that (at least for a
while).”
So, we replace the first part of the message with this:
To: 98.1.1.1 (via 0x1a). Now we can send the message.
And, away we go!
The message goes out H’s interface.
Switch S sees it and knows to forward it out only port 4 to 0x1a
(10.0.0.1).
NAT N receives it (because it is for 0x1a – itself).
N notices that it really isn’t for itself – it is for 98.1.1.1.
N has been told previously that for messages it doesn’t know how to
deliver, it should send them on to Router R (201.202.203.1).
However, N is a NAT (Network Address Translation) device… so it is
special.
Reminder of what our network looks like
Far from the NATting crowd
A NAT is special. It is like agent 007. It keeps secrets.
A NAT passes messages from one side to the other, not letting either
side know what it is doing.
Specifically, it keeps the “private side” (10.0.0.*) network secret from the
world.
The world just thinks it is communicating with the NAT. The NAT is
actually passing the messages on to the private network.
How does it do this?
How to be a secret agent
To: 98.1.1.1 (via 0x1a)
changed to (via 0xb0)
From: 10.0.0.3 (aka 0x73)
changed to 201.202.203.204 (aka 0xfa)
From-Mailbox: 37373
changed to 40000 (randomly chosen)
Re: web page request. (Mailbox: 80)
Please send me the file index.html. Thanks.
So, now the message that goes out seems to come from N itself, not
from 10.0.0.3. N sends the message out to R (local name 0xb0).
N remembers this:
if I get a response to me (201.202.203.204) to Mailbox 40000, it means
the message isn’t actually for me. I should instead forward it on to
10.0.0.3, Mailbox 37373.
On the road again…
The message arrives at R (because it is marked as being for 0xb0).
R sees that it isn’t for itself – it is actually for 98.1.1.1.
R has been configured (somehow!) to know to send the message
out its 77.1.2.3 interface, in order to get it to 98.1.1.1.
R does that.
Repeat some number of times… until the message arrives at 98.1.1.1
(local name 0x3a).
Are we there yet?
The message is at the intended recipient host2.company.com.
The message is accepted and the networking software sees that it is
sent to Mailbox 80.
The software sees that a web server is waiting for messages on
mailbox 80, so it gives the message to that program.
The web server looks at the request, which is:
Please send me the file index.html. Thanks.
The server finds the file index.html, wraps it up nice and neat, and
begins to compose a response:
An answer
To: 201.202.203.204
From: 98.1.1.1 (aka 0x3a)
To-Mailbox: 40000
Re: response to your web page request (from Mailbox 80)
Here is your web page:
<head><title>A web page</title></head> …. etc ....
The networking software looks up how to get the message to
201.202.203.204 and sees it has to send it to a local machine which
will take care of getting it there. The software also puts the local
name of the machine in the To: field above.
The message gets back to N.
And then…
N receives a message to itself, mailbox 40000.
It remembers that this is actually for 10.0.0.3. So, it changes the
message:
To: 201.202.203.204
changed to 10.0.0.3, aka 0x73
From: 98.1.1.1 (aka 0x3a)
changed to (aka 0x1a)
To-Mailbox: 40000
changed to 37373
Re: response to your web page request (from Mailbox 80)
Here is your web page:
<head>A web page></head> …. etc ....
Thus, the message appears to 10.0.0.3 to have been created by
98.1.1.1 and unaltered.
Chapter 3: We are done
The message arrives at H and H accepts it.
It passes the message to the web browser who is waiting on mailbox
37373.
The web browser sees it is a good response and translates the HTML
into a web page and displays it.
What we didn’t talk about…
What happens if your message becomes corrupted, or lost, or
hijacked by a hacker?
Why does a machine have two or three names:
Local name (0x1a)
Global computer name (98.1.1.1)
Global human-readable name (host2.company.com).
Many many other details…
Will this be on the test?