networkingpptss2012-131215100852-phpapp01.ppt

SKILLS FOR INDIANetwork Components

*

A hub is the place where data converges from one or more directions and is forwarded out in one or more directions.Seen in local area networksHubs

*

A gateway is a network point that acts as an entrance to another network. On the internet, in terms of routing, the network consists of gateway nodes and host nodesHost nodes are computer of network users and the computers that serve contents (such as Web pages)Gateway nodes are computers that control traffic within your companys network or at your local internet service provider (ISP)Gateways

*

A router is a device or a software in a computer that determines the next network point to which a packet should be forwarded toward its destinationAllow different networks to communicate with each otherA router creates and maintain a table of the available routes and their conditions and uses this information along with distance and cost algorithms to determine the best route for a given packetA packet will travel through a number of network points with routers before arriving at its destinationRouters

*

A bridge is a product that connects a local area network (LAN) to another local area network that uses the same protocol (for example, Ethernet or token ring)A bridge examines each message on a LAN, "passing" those known to be within the same LAN, and forwarding those known to be on the other interconnected LAN (or LANs)Bridge

*

Bridge: device to interconnect two LANs that use the SAME logical link control protocol but may use different medium access control protocolsRouter: device to interconnect SIMILAR networks, e.g. similar protocols and workstations and serversGateway: device to interconnect DISSIMILAR protocols and servers, and Macintosh and IBM LANs and equipmentDifferences

*

Allow different nodes of a network to communicate directly with each otherAllow several users to send information over a network at the same time without slowing each other down

Switches

*

Document Amendment History

Document Amendment HistoryS.NoDescriptionAuthorVersionDate12345678

*

T H A N K Y O U. . .All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise, without written permission of the owner.

SKILLS FOR INDIAIEEE Standards

*

IEEE 802 refers to a family of IEEE standardsDealing with local area network and metropolitan area networkRestricted to networks carrying variable-size packetsSpecified in IEEE 802 map to the lower two layersData link layer LLC sub layer MAC sub layer Physical layerThe most widely used standards The Ethernet family, Token Ring, Wireless LANBridging and Virtual Bridged LANsAn individual Working Group provides the focus for each area

Introduction

*

IEEE 802 Working Groups

Active working groups Inactive or disbanded working groups 802.1 Higher Layer LAN Protocols Working Group 802.3 Ethernet Working Group 802.11 Wireless LAN Working Group 802.15 Wireless Personal Area Network (WPAN) Working Group 802.16 Broadband Wireless Access Working Group 802.17 Resilient Packet Ring Working Group 802.18 Radio Regulatory TAG 802.19 Coexistence TAG 802.20 Mobile Broadband Wireless Access (MBWA) Working Group 802.21 Media Independent Handoff Working Group 802.2 Logical Link Control Working Group802.4 Token Bus Working Group802.5 Token Ring Working Group802.7 Broadband Area Network Working Group802.8 Fiber Optic TAG802.9 Integrated Service LAN Working Group802.10 Security Working Group802.12 Demand Priority Working Group802.14 Cable Modem Working Group

*

TypesInfrastructure basedAd-hoc

AdvantagesFlexible deploymentMinimal wiring difficultiesMore robust against disasters (earthquake etc)

DisadvantagesLow bandwidth compared to wired networks (1-10 Mbit/s)Need to follow wireless spectrum regulationsNot support mobility802.11 Wireless LAN Working Group

*

802.11802.11802.11a802.11b802.11g802.11n802.11 Wireless LAN Working Group

ProtocolRelease dateOp. FrequencyData rate(Max)Range(indoor)Range(outdoor)Legacy19972.5~2.5 GHz2 Mbit/s802.11a19995.15~5.35/5.47~5.725/5.725~5.875 GHz54 Mbit/s~25 m~75 m802.11b19992.4~2.5GHz11 Mbit/s~35 m ~100 m802.11g20032.4~2.5GHz54 Mbit/s~25 m~75 m802.11n20072.4GHz or 5GHz540 Mbit/s~50 m~125 m

*

What is the 802.11n?Uses MIMO radio technology and OFDM as a basisAnywhere from 100Mbps to 600Mbps depending on implementationSupport both 2.4 GHz and 5 GHzUse multiple stream

802.11n increase transmission efficiency of MACCutting guard band time in halfReducing the number of pilot carrier, for dataAggregating frames and bursting Using a 40MHz instead of a 20MHz channel30~50% => 70%802.11n Working Group

*

802.11n Working GroupTimeline

Draft 1.0 failed IEEE meeting ballot IEEE record 12,000 comments received Draft 2.0 is now required Orlando March 2007 IEEE Meeting Pre-N certification program start March 2007 Result expect ratification in early 2008

*

Working Groups summary

802.15802.15.1802.15.2802.15.4b802.15.3a802.15.3b802.15.4802.15.3802.15.1 : WPAN/Bluetooth802.15.2 : Coexistence Group 802.15.3 : High Rate(HR) WPAN Group 802.15.3a : WPAN HR Alternative PHY Task Group 802.15.3b : MAC Amendment Task Group 802.15.4 : Low Rate(LW) WPAN Group(Zigbee) 802.15.4a : WPAN Low Rate Alternative PHY 802.15.4b : Revisions and Enhancements UWB Forum802.15.4a802.15 Wireless Personal Area Network(WPAN)

*

IEEE 802.16Be was established by IEEE Standards Board in 1999, aims to prepare formal specifications for the global deployment of broadband Wireless Metropolitan Area Network.A unit of the IEEE 802 LAN/MAN Standards Committee. A related technology Mobile Broadband Wireless Access(MBWA) Pedestrian(Nomadic)Mobile(Vehicular)0.1 1.010 100802.16a(WiMAX)WWAN(IMT-2000)cdma2000 1xEV-DO,cdma2000 1xEV-DV3.1WCDMA HSDPA802.15.1(Bluetooth)802.11(WLAN)802.15.3a(UWB)802.16 Broadband Wireless Access(BWA)

*

802.16802.15.g802.15.h802.15.k802.15.j802.16.f802.15.m802.15.i802.16f : Management Information Base 802.16g : Management Plane Procedures and Services 802.16h : Improved Coexistence Mechanisms for License-Exempt Operation 802.16i : Mobile Management Information Base 802.16j : Multihop Relay Specification 802.16k : Bridging of 802.16 802.16m : Advanced Air Interface. 802.16 Broadband Wireless Access (BWA)

*



*


SKILLS FOR INDIATypes of Network

*

Local Area NetworkMetropolitan Area networkWide area networkThe internetPersonal Area Network

Major Categories of Networks

*

A Local Area Network (LAN) is a relatively small network that is confined to a small geographic area, such as a single office or a building. Laptops, desktops, servers, printers, and other networked devices that make up a LAN are located relatively close to each other. A key characteristic is that all of the equipment that comprises a LAN, is owned by a single entity. Local Area Network

*

The term Metropolitan Area Network (MAN) is typically used to describe a network that spans a citywide area or a town. MANs are larger than traditional LANs and predominantly use high-speed media, such as fiber optic cable, for their backbones. MANs are common in organizations that need to connect several smaller facilities together for information sharing. This is often the case for hospitals that need to connect treatment facilities, outpatient facilities, doctor's offices, labs, and research offices for access to centralized patient and treatment information. MANs share many of the same security threats as LANs, but on a larger scale. The plight of an administrator in a central location granting access to countless offices that are scattered within a city is a difficult one that demands strict access control mechanisms to protect against unauthorized information access.Metropolitan Area Network

*

MAN Architecture

*

A Wide Area Network (WAN) covers a significantly larger geographic area than LANs or MANs. A WAN uses public networks, telephone lines, and leased lines to tie together smaller networks such as LANs and MANs over a geographically dispersed area. Connecting devices in different geographic areas together for information sharing, WANs are an important piece of enterprise networks. For example, consider the VisaNet global network used by Visa International. The VisaNet network connects locations throughout 150 countries to validate and debit credit-card transactions at over 24 million locations. By providing security and simplicity over a standard-based WAN architecture, Visa International relies on their network infrastructure to provide reliable access to merchants who accept Visa credit cards for transactions. Wide Area Network

*

WAN Architecture

*

A more recent term used to describe a type of network is a Personal Area Network (PAN). PAN networks are usually wireless, established in an on-demand or ad-hoc fashion when needed to communicate between two or more devices. PAN networks can be used between devices owned by two different parties, or between two devices owned by one person, such as a PDA and a laptop or mobile phone. These networks are usually characterized as short-range, often limited to 10 meters or less in range. An example of a PAN technology is Bluetooth wireless networking. Bluetooth is designed as a cable-replacement technology, allowing users to discard the serial and USB cables used by many of today's peripheral devices and rely on a Bluetooth PAN for communication. Bluetooth PANs support up to 7 devices in a single network and can be used for proprietary protocols (such as PDA synchronization) or standards-based protocols, including Internet access over IP and the Bluetooth Network Encapsulation Protocol (BNEP). Personal Area Network

*

PAN Architecture

*

WANs were developed to communicate over a large geographical area (e.g. lab-to-lab; city-to-city; east coast-to-west coast; North America-to-South America etc)WANs require the crossing of public right of ways (under control and regulations of the interstate commerce and institute of telephone and data communications established by the govt and international treaties).WANs around the world relies on the infrastructure established by the telephone companies (common carrier) or public switched telephone network (PSTN)WANs consists of a number of interconnected switching nodes (today = computers). Transmission signals are routed across the network automatically by software control to the specified destination. The purpose of these nodes are to route messages through switching facilities to move data from node to node to its destinationData Communications Through WANs

*

WANs originally implemented circuit switching and packet switching technologies. Recently, frame relay and asynchronous transfer mode (ATM) networks have been implemented to achieve higher operating and processing speeds for the messageWAN are owned by the common carrier in the U.S. and government in most foreign countriesInterconnected devices, I.e. LANs or Personal Computers (PC) or Workstation or Servers can be (usually are) privately owned by companies

*



*


OSI ModelSKILLS FOR INDIA

*

ISO/OSI Reference Model Open Systems InterconnectionNo one really uses this in the real world. A reference model so others can develop detailed interfacesValue: The reference model defines 7 layers of functions that take place at each end of communication and with each layer adding its own set of special related functionsFlow of data through each layer at one

*

ISO/OSI Reference ModelHow to transmit signal; coding Hardware means of sending an receiving data on a carrierTwo party communication: Ethernet Routing and Forwarding Address: IP End-to-end control & error checking (ensure complete data transfer): TCP Establish/manage connection ASCII Text, Sound (syntax layer) File Transfer, Email, Remote Login

*

Thephysical layerdefineselectricaland physical specifications for devices. In particular, it defines the relationship between a device and atransmission medium, such as a copper orfiber optical cable.The major functions and services performed by the physical layer are:Establishment and termination of aconnectionto acommunicationsmediumParticipation in the process whereby the communication resources are effectively shared among multiple users. For example, contentionresolution andflow control

Layer 1: Physical layer

*

Modulation, or conversion between the representation ofdigital datain user equipment and the corresponding signals transmitted over a communicationschannel. These are signals operating over the physical cabling (such as copper andoptical fiber) or over aradio link

Parallel SCSIbuses operate in this layer, although it must be remembered that the logicalSCSIprotocol is a transport layer protocol that runs over this bus. Various physical-layer Ethernet standards are also in this layer; Ethernet incorporates both this layer and the data link layer. The same applies to other local-area networks, such astoken ring,FDDI,ITU-TG.hnandIEEE 802.11, as well as personal area networks such asBluetoothandIEEE 802.15.4.

*

Layer 2: Data link layerThedata link layerprovides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the physical layer. Originally, this layer was intended for point-to-point and point-to-multipoint media, characteristic of wide area media in the telephone system. Local area network architecture, which included broadcast-capable multi access media, was developed independently of the ISO work inIEEE Project 802. IEEE work assumedsub-layeringand management functions not required for WAN use. In modern practice, only error detection, not flow control using sliding window, is present in data link protocols such asPoint-to-Point Protocol(PPP), and, on local area networks, the IEEE 802.2LLClayer is not used for most protocols on the Ethernet, and on other local area networks, its flow control and acknowledgment mechanisms are rarely used. Sliding window flow control and acknowledgment is used at the transport layer by protocols such asTCP, but is still used in niches whereX.25offers performance advantages.

*

TheITU-TG.hnstandard, which provides high-speed local area networking over existing wires (power lines, phone lines and coaxial cables), includes a completedata link layerwhich provides both error correction and flow control by means of aselective repeatSliding Window Protocol.

Both WAN and LAN service arrange bits, from the physical layer, into logical sequences called frames. Not all physical layer bits necessarily go into frames, as some of these bits are purely intended for physical layer functions. For example, every fifth bit of the FDDIbit stream is not used by the layer.

*

Layer 3: Network layerThenetwork layerprovides the functional and procedural means of transferring variable lengthdatasequences from a source host on one network to a destination host on a different network (in contrast to the data link layer which connects hosts within the same network), while maintaining thequality of servicerequested by the transport layer. The network layer performs networkroutingfunctions, and might also perform fragmentation and reassembly, and report delivery errors.Routersoperate at this layer, sending data throughout the extended network and making the Internet possible. This is a logical addressing scheme values are chosen by the network engineer. The addressing scheme is not hierarchical.

*

Layer 3: Network layerThe network layer may be divided into three sub layers:Sub network access that considers protocols that deal with the interface to networks, such as X.25;Sub network-dependent convergence when it is necessary to bring the level of a transit network up to the level of networks on either sideSub network-independent convergence handles transfer across multiple networks

*

An example of this latter case is CLNP, or IPv6 ISO 8473. It manages theconnectionlesstransfer of data one hop at a time, from end system toingress router, router to router, and fromegress routerto destination end system. It is not responsible for reliable delivery to a next hop, but only for the detection of erroneous packets so they may be discarded. In this scheme, IPv4 and IPv6 would have to be classed with X.25 as subnet access protocols because they carry interface addresses rather than node addresses.

A number of layer-management protocols, a function defined in the Management Annex, ISO 7498/4, belong to the network layer. These include routing protocols, multicast group management, network-layer information and error, and network-layer address assignment. It is the function of the payload that makes these belong to the network layer, not the protocol that carries

*

Layer 4: Transport layer Thetransport layerprovides transparent transfer of data between end users, providing reliable data transfer services to the upper layers. The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and error control. Some protocols are state-and connection-oriented. This means that the transport layer can keep track of the segments and retransmit those that fail. The transport layer also provides the acknowledgement of the successful data transmission and sends the next data if no errors occurred.

*

OSI defines five classes of connection-mode transport protocols ranging from class 0 (which is also known as TP0 and provides the least features) to class 4 (TP4, designed for less reliable networks, similar to the Internet). Class 0 contains no error recovery, and was designed for use on network layers that provide error-free connections. Class 4 is closest to TCP, although TCP contains functions, such as the graceful close, which OSI assigns to the session layer. Also, all OSI TP connection-mode protocol classes provide expedited data and preservation of record boundaries.

Although not developed under the OSI Reference Model and not strictly conforming to the OSI definition of the transport layer, the Transmission Control Protocol(TCP) and theUser Datagram Protocol(UDP) of the Internet Protocol Suite are commonly categorized as layer-4 protocols within OSI.

*

Layer 5: Session layerThesession layercontrols the dialogues (connections) between computers. It establishes, manages and terminates the connections between the local and remote application. It provides forfull-duplex,half-duplex, orsimplexoperation, and establishes checkpointing, adjournment, termination, and restart procedures. The OSI model made this layer responsible for graceful close of sessions, which is a property of theTransmission Control Protocol, and also for session check pointing and recovery, which is not usually used in the Internet Protocol Suite. The session layer is commonly implemented explicitly in application environments that useremote procedure calls. On this level, Inter-Process_(computing)communication happen (SIGHUP, SIGKILL, End Process, etc.).

*

Layer 6: Presentation layerThepresentation layerestablishes context between application-layer entities, in which the higher-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. If a mapping is available, presentation service data units are encapsulated into session protocol data units, and passed down the stack.This layer provides independence from data representation (e.g.,encryption) by translating between application and network formats. The presentation layer transforms data into the form that the application accepts. This layer formats and encrypts data to be sent across a network. It is sometimes called the syntax layer.

The original presentation structure used the basic encoding rules ofAbstract Syntax Notation One(ASN.1), with capabilities such as converting anEBCDIC-coded textfileto anASCII-coded file, orserializationofobjectsand otherdata structuresfrom and toXML.

*

Layer 7: Application layerTheapplication layeris the OSI layer closest to the end user, which means that both the OSI application layer and the user interact directly with the software application. This layer interacts with software applications that implement a communicating component. Such application programs fall outside the scope of the OSI model. Application-layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. When identifying communication partners, the application layer determines the identity and availability of communication partners for an application with data to transmit. When determining resource availability, the application layer must decide whether sufficient network or the requested communication exist. In synchronizing communication, all communication between applications requires cooperation that is managed by the application layer.

*

Comparison with TCP/IP ModelIn theTCP/IP modelof the Internet, protocols are deliberately not as rigidly designed into strict layers as in the OSI model.[10]RFC 3439contains a section entitled "Layeringconsidered harmful(section link here)." However, TCP/IP does recognize four broad layers of functionality which are derived from the operating scope of their contained protocols, namely the scope of the software application, the end-to-end transport connection, the internetworking range, and the scope of the direct links to other nodes on the local network.Even though the concept is different from the OSI model, these layers are nevertheless often compared with the OSI layering scheme in the following way: The Internetapplication layerincludes the OSI application layer, presentation layer, and most of the session layer. Its end-to-endtransport layerincludes the graceful close function of the OSI session layer as well as the OSI transport layer.

*

The internetworking layer (Internet layer) is a subset of the OSI network layer (see above), while thelink layerincludes the OSI data link and physical layers, as well as parts of OSI's network layer. These comparisons are based on the original seven-layer protocol model as defined in ISO 7498, rather than refinements in such things as the internal organization of the network layer document.

The presumably strict peer layering of the OSI model as it is usually described does not present contradictions in TCP/IP, as it is permissible that protocol usage does not follow the hierarchy implied in a layered model. Such examples exist in some routing protocols (e.g., OSPF), or in the description oftunneling protocols, which provide a link layer for an application, although the tunnel host protocol may well be a transport or even an application layer protocol in its own right.

*



*


Understanding Network ProtocolsSKILLS FOR INDIA

*

Protocol are used for communication between computers in different computer networks. Protocol achieves:What is communicated between computers?How it is communicated?When it is communicated?What conformance (bit sequence) between computers?Key elements of a protocol are:SYNTAC: Data format and signal levelsSEMANTICS: Control information for coordination and error handlingTIMING: Synchronization, speed matching, and sequencingExamples of protocols:WAN Protocol: TCP/IPProtocols of Computer Communications and Networks

*

The Internet Protocol Suite and the OSI Reference Model

*

TheTransmission Control Protocol(TCP) is one of the coreprotocolsof theInternet Protocol Suite. TCP is one of the two original components of the suite, complementing theInternet Protocol(IP), and therefore the entire suite is commonly referred to asTCP/IP. TCP provides reliable, ordered delivery of a stream of bytes from a program on one computer to another program on another computer. TCP is the protocol used by major Internet applications such as theWorld Wide Web,email,remote administrationandfile transfer. Other applications, which do not require reliable data stream service, may use theUser Datagram Protocol(UDP), which provides datagramservice that emphasizes reducedlatencyover reliability. TCP

*

TheUser Datagram Protocol(UDP) is one of the core members of theInternet Protocol Suite, the set of network protocols used for theInternet. With UDP, computer applications can send messages, in this case referred to asdatagram, to other hosts on anInternet Protocol(IP) network without requiring prior communications to set up special transmission channels or data paths. The protocol was designed byDavid P. Reedin 1980 and formally defined inRFC 768.UDP uses a simple transmission model without implicithandshakingdialogues for providing reliability, ordering, or data integrity. Thus, UDP provides an unreliable service and datagram may arrive out of order, appear duplicated, or go missing without notice. UDP assumes that error checking and correction is either not necessary or performed in the application, avoiding the overhead of such processing at the network interface level. Time-sensitive applications often use UDP because dropping packets is preferable to waiting for delayed packets, which may not be an option in a real-time system.User Datagram Protocol

*

TheInternet Control Message Protocol(ICMP) is one of the core protocols of theInternet Protocol Suite. It is chiefly used by the operating systemsof networked computers to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached. ICMP can also be used to relay query messages. It is assigned protocol number 1.

ICMPdiffers from transport protocols such asTCPandUDPin that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications (with the exception of some diagnostic tools likepingandtrace route).ICMP forInternet Protocol version 4(IPv4) is also known as ICMPv4.IPv6has a similar protocol,ICMPv6.Internet Control Message Protocol

*

Hypertext Transfer Protocol(HTTP) is anapplication protocolfor distributed, collaborative,hypermediainformation systems. HTTP is the foundation of data communication for theWorld Wide Web.Hypertextis a multi-linear set of objects, building a network by using logical links (the so-calledhyperlinks) between thenodes(e.g. text or words). HTTP is the protocol to exchange or transfer hypertext.The standards development of HTTP was coordinated by theInternet Engineering Task Force(IETF) and theWorld Wide Web Consortium(W3C), culminating in the publication of a series ofRequests for Comments(RFCs), most notablyRFC 2616(June 1999), which defines HTTP/1.1, the version of HTTP in common use.Hypertext Transfer Protocol

*

In computing, thePost Office Protocol(POP) is anapplication-layerInternet standardprotocolused by locale-mail clientsto retrievee-mailfrom a remoteserverover aTCP/IPconnection.POP andIMAP(Internet Message Access Protocol) are the two most prevalentInternetstandard protocols for e-mail retrieval. Virtually all modern e-mail clients andserverssupport both. The POP protocol has been developed through several versions, with version 3 (POP3) being the current standard. Mostwebmailservice providers such as Hotmail,GmailandYahoo! Mailalso provide IMAP and POP3 service.Post Office Protocol

*

File Transfer Protocol(FTP) is a standardnetwork protocolused to transfer files from onehostto another host over aTCP-based network, such as theInternet. It is often used to upload web pages and other documents from a private development machine to a public web-hosting server. FTP is built on aclient-serverarchitecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves using aclear-textsign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that hides (encrypts) the username and password, and encrypts the content, SSH File Transfer Protocolmay be used.File Transfer Protocol

*

Internet message access protocol(IMAP) is one of the two most prevalentInternet standardprotocols fore- mailretrieval, the other being thePost Office Protocol(POP). Virtually all moderne-mail clientsandmail serverssupport both protocols as a means of transferring e-mail messages from a server.The Internet Message Access Protocol (commonly known as IMAP) is anApplication LayerInternet protocol that allows aclient to accesse-mailon a remotemail server. The current version, IMAP version 4 revision 1 (IMAP4rev1), is defined byRFC 3501. An IMAP server typically listens onwell-known port143. IMAP overSSL(IMAPS)is assigned well-known port number 993.Internet Message Control Protocol

*

IPX/SPX is a routable protocol and can be used for small and large networks. It was created by Novell primarily for Novell NetWare networks, but is popular enough that it is used on products that are not from Novell.NCP- NetWare Core Protocol provides for client/server interactions such as file and print sharing. It works at the application, presentation, and session levels.SAP- Service Advertising Protocol packets are used by file and print servers to periodically advertise the address of the server and the services available. It works at the application, presentation, and session levels.

IPX/SPX

*

IPX/SPXSPX- Sequenced Packet Exchange operates at the transport layer providing connection oriented communication on top of IPX.IPX- Internetwork Packet Exchange supports the transport and network layers of the OSI network model. Provides for network addressing and routing. It provides fast, unreliable, communication with network nodes using a connection less datagram service.

*

Other Network Support

ODI- Open Data-link Interface operates at the data link layer allowing IPX to work with any network interface cardRIP- Routing Information Protocol is the default routing protocol for IPX/SPX networks which operates at the network layer. A distance-vector algorithm is used to calculate the best route for a packetMHS- Message Handling Service by Novell is used for mail on Netware networks

Network LevelProtocolsApplicationNCPSAPPresentationSessionTransportIPXSPXNetworkData LinkNDIS/NIC drivers

*

NetBIOSis an acronym forNetwork Basic Input/Output System. It provides services related to thesession layerof theOSI modelallowing applications on separate computers to communicate over alocal area network. As strictly anAPI, NetBIOS is not anetworking protocol. Olderoperating systemsran NetBIOS overIEEE 802.2andIPX/SPXusing theNetBIOS\ Frames(NBF) and NetBIOS(NBX) protocols, respectively. In modern networks, NetBIOS normally runs overTCP/IPvia theNetBIOS over TCP/IP(NBT) protocol. This results in each computer in the network having both anIP addressand a NetBIOS name corresponding to a (possibly different) host name.NetBIOS

*

NetBEUI (NetBIOS Extended User InterfaceNetBEUI (NetBIOS Extended User Interface) is a new, extended version ofNetBIOS, the program that lets computers communicate within a local area network. NetBEUI formalizes the frame format (or arrangement of information in a data transmission) that was not specified as part of NetBIOS. NetBEUI was developed by IBM for its LAN Manager product and has been adopted by Microsoft for its Windows NT, LAN Manager, and Windows for Workgroups products. Hewlett-Packard and DEC use it in comparable products.NetBEUI is the best performance choice for communication within a single LAN. Because, like NetBIOS, it does not support the routing of messages to other networks, its interface must be adapted to other protocols such asInternetwork Packet ExchangeorTCP/IP. A recommended method is to install both NetBEUI and TCP/IP in each computer and set the server up to use NetBEUI for communication within the LAN and TCP/IP for communication beyond the LAN.

*

NetBIOS (Network Basic Input/Output System) isn't a network protocol. It's an API (applications programming interface) for File and Printer Sharing. NetBIOS names identify computers on the network. NetBIOS broadcasts locate computers and shared disks and folders on the network and allow them to appear in My Network Places and Network Neighborhood.

NetBEUI (NetBIOS Extended User Interface) is a network protocol, like TCP/IP and IPX/SPX. All three protocols support file and printer sharing using the NetBIOS API. Nothing in Windows networking requires the NetBEUI protocol. All network functions are available using the TCP/IP and/or NW Link IPX/SPX protocols. NetBEUI is available as an un-supported protocol in Windows XP.Difference between NetBIOS & NetBEUI

*

Apple TalkAppleTalkis aproprietarysuite of networking protocolsdeveloped byApple Inc.for theirMac computers. AppleTalk included a number of features that allowedlocal area networksto be connected with no prior setup or the need for a centralized router or server of any sort. Simply connecting together AppleTalk equipped systems would automatically assign addresses, update the distributed namespace, and configure any required inter-networking routing. It was a trueplug-n-playsystem.AppleTalk was released for the original Macintosh in 1985, and was the primary protocol used by Apple machinery through the 1980s and 90s. Versions were also released for theIBM PCand compatibles, and theApple IIGS. AppleTalk support was also available in most networked printers (especiallylaser printers), somefile serversand a number ofrouters. Through this period, AppleTalk was, by far, the most popular networking system in the world.

*

Apple Talk..ContinuedThe rise ofTCP/IPduring the 1990s led to a re-implementation of most of these types of support on that protocol, and AppleTalk became unsupported as of the release ofMac OS X v10.6in 2009. Many of AppleTalk's more advanced auto-configuration features have since been introduced inBonjour.

*

Associated TCP/IP Protocols & Services

HTTPThis protocol, the core of the World Wide Web, facilitates retrieval and transfer of hypertext (mixed media) documents. Stands for the HyperText Transfer protocolTelnetA remote terminal emulation protocol that enables clients to log on to remote hosts on the network.SNMPUsed to remotely manage network devices. Stands for the Simple Network Management Protocol. DNSProvides meaningful names like achilles.mycorp.com for computers to replace numerical addresses like 123.45.67.89. Stands for the Domain Name System.SLIP/ PPPSLIP (Serial Line Internet Protocol) and PPP (Point to Point Protocol) encapsulate the IP packets so that they can be sent over a dial up phone connection to an access providers modem.

*



*


IP AddressingSKILLS FOR INDIA

*

What is an IP address?IP (Internet Protocol) addressDevice used by routers, to select best path from source to destination, across networks and internetworksNetwork layer address, consisting of NETWORK portion, and HOST portion Logical address, assigned in software by network administratorPart of a hierarchical numbering scheme - unique, for reliable routingMay be assigned to a host pc, or router port

*

Types of IP addressStatic addressDynamic address

*

Static IP address

Manually input by network administratorManageable for small networksRequires careful checks to avoid duplication

*

Dynamic IP address

Examples - BOOTP, DHCP Assigned by server when host bootsDerived automatically from a range of addressesDuration of lease negotiated, then address released back to server

*

Classes of IP addressClass A - large organizations , governmentsClass B - medium sized organizationsClass C - small organizations

*

Class A IP address1st octet = network address, octets 2-4 = host address1st bits of 1st octet set to 0up to (2^24 - 2) host addresses (16.8M)

*

Class A IP address

124. 224. 224.100

01111100 11100000 11100000 01100100

*

Class B IP address1st 2 octets = network address, octets 3-4 = host address1st 2 bits of 1st octet set to 10up to (2^16 - 2) host addresses (65534)

*

Class B IP address

129. 224. 224. 100

10000001 11100000 11100000 01100100

*

Class C IP address1st 3 octets = network address, octet 4 = host address1st 3 bits of 1st octet set to 110up to (2^8 - 2) host addresses (254)

*

Class C IP address

193. 224. 224. 100

11000001 11100000 11100000 01100100

*

IP addresses and routing Routing tablesIdentifying source and destinationIP packet routing

*

IP addresses and routing -Routing

TablesCreated by router, held in memory, constantly updatedBased on cross-referencing IP packet source address, and port on which received

*

IP addresses and routing Identifying source and destinationAs part of a layer 3 packet, IP header contains source and destination addressEach address is 32 bits long, and unique to device or portRouter reads destination IP address, checks against routing tables

*

IP addresses and routing - IP packet routingIf destination address not on the same segment as receive port, router sends packet to correct port for routing to destinationIf destination on same segment as receive port, packet not forwarded

*

Networks and subnetsWhy subnetSubnet maskRestrictions on borrowed bits

*

When an organization is granted a block of addresses, it can create subnets to meet its needs. The prefix length increases to define the subnet prefix length.Why subnetReduce broadcast domain, improve network efficiencyWhy subnetReduce broadcast domain, improve network efficiency

*

Subnet masksExtend NETWORK portion, borrow from HOST portionAllow external networks to route packets direct to subnet

SKILLS FOR INDIAIP Routing

*

Network Address TranslationNetwork Address Translation or NATKinds of Network Address TranslationOperation of Network Address TranslationSecurity and Administration

*

IP Routing

When we want to connect two or more networks using different n/w addresses then we have to use IP Routing technique. The router will be used to perform routing between the networks. A router will perform following functions for routing.Path determinationPacket forwardingPath determination The process of obtaining path in routing table is called path determination. There are three different methods to which router can learn path.Automatic detection of directly connected n/w. Static & Default routing Dynamic routing

*

IP Routing

Packet forwarding It is a process that is by default enable in router. The router will perform packet forwarding only if route is available in the routing table.

*

Routing Process

The pc has a packet in which destination address is not same as the local n/w address.The pc will send an ARP request for default gateway. The router will reply to the ARP address and inform its Mac address to pc.The pc will encapsulate data, in which source IP is pc itself, destination IP is server, source Mac is pcs LAN interface and destination Mac is routers LAN interface.

*

Routing Process

R110.0.0.1172.16.0.5S. MAC D. MAC PC1 R1 D. IP 172.16.0.5 S. IP 10.0.0.6

*

The router will receive the frame, store it into the buffer. When obtain packet from the frame then forward data according to the destination IP of packet. The router will obtain a route from routing table according to which next hop IP and interface is selected According to the next hop, the packet will encapsulated with new frame and data is send to the output queue of the interface.

*

Static RoutingIn this routing, we have to use IP route commands through which we can specify routes for different networks. The administrator will analyze whole internetwork topology and then specify the route for each n/w that is not directly connected to the router.

Steps to perform static routing

Create a list of all n/w present in internetwork.Remove the n/w address from list, which is directly connected to n/w.Specify each route for each routing n/w by using IP route command.

Router(config)#ip route Next hop IP it is the IP address of neighbor router that is directly connected our router.

*

Advantages of static routing(1) Fast and efficient.(2) More control over selected path.(3) Less overhead for router.(4) Bandwidth of interfaces is not consumed in routing updates.

Disadvantages of static routing(1) More overheads on administrator.(2) Load balancing is not easily possible.(3) In case of topology change routing table has to be change manually.

*

Static route can also specify in following syntax: -Old Router(config)#ip route 172.16.0.0 255.255.0.0 172.25.0.2OrRouter(config)#ip route 172.16.0.0 255.255.0.0 serial 0Alternate command to specify static route

*

If more than one path are available from our router to destination then we can specify one route as primary and other route as backup route.Administrator Distance is used to specify one route as primary and other route as backup. Router will select lower AD route to forward the traffic. By default static route has AD value of 1. With backup path, we will specify higher AD so that this route will be used if primary route is unavailable.ProtocolsADDirectly Connected0Static1BGP20EIGRP90IGRP100OSPF110RIP120

Backup route or loading static route

*

Syntax: - To set backup path Router(config)#ip route

Default RoutingDefault routing means a route for any n/w. these routes are specify with the help of following syntax: -Router(config)#ip route 0.0.0.0 0.0.0.0 OrTo display routing tableRouter#sh ip route

*

To display routing tableRouter#sh ip routeTo display static routes onlyRouter#sh ip route staticS 192.168.10.0/28 [1/0] via 172.16.0.5To display connected n/ws onlyRouter#sh ip route connectedTo check all the interface of a routerRouter#sh interface brief

*

Dynamic Routing

In dynamic routing, we will enable a routing protocol on router. This protocol will send its routing information to the neighbor router. The neighbors will analyze the information and write new routes to the routing table.The routers will pass routing information receive from one router to other router also. If there are more than one path available then routes are compared and best path is selected. Some examples of dynamic protocol are: -RIP, IGRP, EIGRP, OSPF

Types of Dynamic Routing ProtocolsAccording to the working there are two types of Dynamic Routing Protocols.(1) Distance Vector(2) Link State

*

Dynamic Routing

According to the type of area in which protocol is used there are again two types of protocol: -(1) Interior Routing Protocol(2) Exterior Routing ProtocolInterior RoutingExterior RoutingRIPBGPIGRPEXEIGRPEIGRPOSPF

*

Distance Vector RoutingThe Routing, which is based on two parameters, that is distance and direction is called Distance Vector Routing. The example of Distance Vector Routing is RIP & IGRP.

Operation: -(1) Each Router will send its directly connected information to the neighbor router. This information is send periodically to the neighbors.(2) The neighbor will receive routing updates and process the route according to following conditions: - If update of a new n/w is received then this information is stored in routing table. If update of a route is received which is already present in routing table then route will be refresh that is route times is reset to zero.

*

Distance Vector RoutingIf update is received for a route with lower metric then the route, which is already present in our routing table. The router will discard old route and write the new route in the routing table. If update is received with higher metric then the route that is already present in routing table, in this case the new update will be discard.

A timer is associated with each route. The router will forward routing information on all interfaces and entire routing table is send to the neighbor. There are three types of timers associated with a route.Route update timer It is the time after which the router will send periodic update to the neighbor.

*

Distance Vector Routing Route invalid timer It is the time after which the route is declared invalid, if there are no updates for the route. Invalid route are not forwarded to neighbor routers but it is still used to forward the traffic. Route flush timerIt is the time after which route is removed from the routing table, if there are no updates about the router.

*

Metric of Dynamic RoutingMetric are the measuring unit to calculate the distance of destination n/w. A protocol may use a one or more than one at a time to calculate the distance. Different types of metric are: -Hop CountBand WidthLoadReliabilityDelayMTU

*

Hop CountIt is the no. of Hops (Routers) a packet has to travel for a destination n/w.

BandwidthBandwidth is the speed of link. The path with higher bandwidth is preferred to send the data.

LoadLoad is the amount of traffic present in the interface. Paths with lower load and high throughput are used to send data.

ReliabilityReliability is up time of interface over a period of time.

DelayDelay is the time period b/w a packet is sent and received by the destination

*

MTU Maximum Transmission UnitIt is the maximum size of packet that can be sent in a frame mostly MTU is set to 1500.

Problems of Distance VectorThere are two main problems of distance vector routingBandwidth ConsumptionRouting LoopsBandwidth ConsumptionThe problem of accessive bandwidth consumption is solved out with the help of autonomous system. It exchanges b/w different routers. We can also perform route summarization to reduce the traffic.

*

Routing LoopsIt may occur b/w adjacent routers due to wrong routing information. Distance Vector routing is also called routing by Rumor. Due to this the packet may enter in the loop condition until their TTL is expired.

Method to solve routing loopsThere are five different methods to solve or reduce the problem of routing loop.Maximum Hop CountFlash Updates/Triggered UpdatesSplit HorizonPoison ReverseHold Down

*

Maximum Hop Count This method limits the maximum no. of hops a packet can travel. This method does not solve loop problem. But it reduce the loop size in the n/w. Due to this method the end to end size of a n/w is also limited.

Flash Updates/Triggered UpdatesIn this method a partial update is send to the all neighbors as soon as there is topology change. The router, which receives flash updates, will also send the flash updates to the neighbor routers.

Split HorizonSplit Horizon states a route that update receive from an interface can not besend back to same interface.

*

Poison ReverseThis method is the combination of split Horizon and Flash updates. It implements the rule that information received from the interface can not be sent back to the interface and in case of topology change flash updates will be send to the neighbor.

Hold DownIf a route changes frequently then the route is declared in Hold Down state and no updates are received until the Hold Down timer expires.

*

Routing Information ProtocolFeatures of RIP: - Distance Vector Open standard Broadcast Updates (255.255.255.255) MetricHop CountTimersUpdate 30 secInvalid 180 secHold 180 sec

*

Loop ControlSplit HorizonTriggered UpdatesMaximum Hop CountHold Down Maximum Hop Count 15 Administrative Distance 120 Equal Path Cost Load BalancingMaximum Load path 6 Default 4 Does not support VLSM Does not support Autonomous system

*

Router#conf terRouter(config)#router ripRouter(config-router)#network Router(config-router)#network ----------------------------Router(config-router)#exitRouter(config-router)#network 10.0.0.0Router(config-router)#network 172.16.0.0Router(config-router)#network 200.100.100.0175.2.0.0 via 172.16.0.6

Configuring RIP

*

Configuring RIPR110.0.0.1172.16.0.5175.2.1.1200.100.100.12172.16.0.6

*

Display RIP Routers

Router#sh ip route ripR 192.168.75.0/24 [120/5] via 172.30.0.2 00:00:25 serial 1/0RIP Dest. n/w mask AD Metric Next Hop Timer own Interface

RIP advanced configurationPassive InterfacesAn interface, which is not able to send routing updates but able to receive routing update only is called Passive Interface. We can declare an interface as passive with following commands: -Router#conf terRouter(config)#router ripRouter(config-router)#Passive-interface Router(config-router)#exit

*

Neighbor RIP

In RIP, by default routing updates are send to the address 255.255.255.255. In some scenarios, it may be required to send routing updates as a unicast from router to another. In this case, we have to configure neighbor RIP.For example: - in a Frame Relay n/w the broadcast update is discarded by the switches, so if we want to send RIP updates across the switches then we have to unicast updates using Neighbor RIP.

*

Frame Relay CloudUnicast 10.0.0.2255.255.255.25510.0.0.110.0.0.2R1R2Router(config)#router ripRouter(config)#router ripRouter(config-router)#neighbor 10.0.0.2Router(config router)# neighbor 10.0.0.1R2R1

*

To change Administrative DistanceRouter(config)#router ripRouter(config-router)#distance Router(config-router)#exit 95 or 100

To configure Load Balance

RIP is able to perform equal path cost Load Balancing. If multiple paths are available with equal Hop Count for the destination then RIP will balance load equally on all paths.Load Balancing is enabled by default 4 paths. We can change the no. of paths. It can use simultaneously by following command: -

Router(config)#router ripRouter(config-router)#maximum-path

*

To display RIP parameters Router#sh ip protocolOrRouter#sh ip protocol RIPThis command display following parameters: -(i) RIP Timers(ii) RIP Version (iii) Route filtering(iv) Route redistribution(v) Interfaces on which update send(vi) And receive(vii) Advertise n/w(viii) Passive interface(ix) Neighbor RIP(x) Routing information sources(xi) Administrative Distance

*

RIP version 2RIP version 2 supports following new features: -Support VLSM (send mask in updates)Multicast updates using address 224.0.0.9Support authentication

Commands to enable RIP version 2

We have to change RIP version 1 to RIP version 2. Rest all communication will remain same in RIP version 2.Router(config)#Router RIPRouter(config-router)#version 2Router(config-router)#exit

*

To debug RIP routing Router#debug ip rip To disable debug routing Router#no debug ip rip Or Router#no debug all Or Router#undebug all

*

Interior Gateway Routing ProtocolFeatures: - Cisco proprietary Distance vector TimersUpdate 90 secInvalid 270 secHold time 280 secFlush 630 sec Loop controlAll methods

*

Interior Gateway Routing ProtocolMetric (24 bit composite)Bandwidth (default)Delay (default)Load ReliabilityMTU

*

Interior Gateway Routing ProtocolBroadcast updates to address 255.255.255.255 Unequal path cost load balancing Automatic route summarization Support AS Does not support VLSM

*

Configuring IGRPRouter(config)#router igrp (1 65535)Router(config-router)#network Router(config-router)#network Router(config-router)#exit

Configuring Bandwidth on Interface for IGRPBy default the router will detect maximum speed of interface and use this value as the bandwidth metric for IGRP. But it may be possible that the interfaces and working at its maximum speed then we have to configure bandwidth on interface, so that IGRP is able to calculate correct method

*

Router(config)#interface Router(config-if)#bandwidth Router(config-if)#exitRouter(config)#interface serial 0Router(config-if)#bandwidth 256Router(config-if)#exitConfiguring Unequal path cost load balancingTo configure load balancing, we have to set two parameters (1) Maximum path (by default 4)(2) Variance (default 1)Maximum Path: - it is maximum no. of paths that can be used for load balancing simultaneously.

*

Variance: - it is the multiplier value to the least metric for a destination n/w up to which the load can be balanced. Router(config)#Router igrp Router(config-router)#variance Router(config-router)#exit

*

Configuring IGRPConfiguring following options in IGRP as same as in case of RIP: -Neighbor Passive interfaceTimerDistance (AD)Maximum path

*

Network Address TranslationRFC-1631A short term solution to the problem of the depletion of IP addressesLong term solution is IP v6 (or whatever is finally agreed on)CIDR (Classless Inter Domain Routing ) is a possible short term solutionNAT is anotherNAT is a way to conserve IP addressesHide a number of hosts behind a single IP addressUse:10.0.0.0-10.255.255.255, 172.16.0.0-172.32.255.255 or 192.168.0.0-192.168.255.255 for local networks

*

Translation ModesDynamic translation (IP masquerading)Large number of internal users share a single external addressStatic translationA block external addresses are translated to a same size block of internal addressesLoad balancing translationA single incoming IP address is distributed across a number of internal serversNetwork redundancy translationMultiple internet connections are attached to a NAT firewall that it chooses and uses based on bandwidth, congestion and availability

*

Dynamic Translation (IP Masquerading )Also called Network Address and Port Translation (NAPT)Individual hosts inside the Firewall are identified based on of each connection flowing through the firewallSince a connection doesnt exist until an internal host requests a connection through the firewall to an external host, and most Firewalls only open ports only for the addressed host only that host can route back into the internal networkIP Source routing could route back in; but, most Firewalls block incoming source routed packetsNAT only prevents external hosts from making connections to internal hosts.Some protocols wont work; protocols that rely on separate connections back into the local network Theoretical max of 216 connections, actual is much less

*

Static TranslationMap a range of external address to the same size block of internal addressesFirewall just does a simple translation of each addressPort forwarding - map a specific port to come through the Firewall rather than all ports; useful to expose a specific service on the internal network to the public network

*

Load BalancingA firewall that will dynamically map a request to a pool of identical clone machinesoften done for really busy web siteseach clone must have a way to notify the Firewall of its current load so the Fire wall can choose a target machineor the firewall just uses a dispatching algorithm like round robinOnly works for stateless protocols (like HTTP)

*

Network RedundancyCan be used to provide automatic fail-over of servers or load balancingFirewall is connected to multiple ISP with a masquerade for each ISP and chooses which ISP to use based on client loadKind of like reverse load balancingA dead ISP will be treated as a fully loaded one and the client will be routed through another ISP

*

Problems with NATCant be used with: Protocols that require a separate back-channelProtocols that encrypt TCP headersEmbed TCP address info Specifically use original IP for some security reason

*

Working of NAT & PATNATInternetSwitch10.0.0.510.0.0.610.0.0.710.0.0.810.0.0.5200.100.100.12 1080

10.0.0.6200.100.100.12 1085

10.0.0.1200.100.100.12

*

10.0.0.7200.100.100.12 1024

10.0.0.8200.100.100.12 1024

1100Port Translation

*

Static NATThis NAT is also used for servers. It provides port-based access to the servers with the help of NAT.

RouterInternetLive 200.1.1.5Local 192.168.10.6Static NAT200.1.1.5 = 192.168.10.6

*

Port Base Static NATThis NAT is used for servers in which one Live IP is directly mapped to one Local IP. This NAT will forward on the traffic for the Live IP to the Local PC in the n/w.

RouterInternet200.1.1.5:80 -> 192.168.10.6Router200.1.1.5:53 -> 192.168.10.7

Web DNS192.168.10.6 192.168.10.7

*

Dynamic NAT using PoolDynamic NAT is used for clients, which want to access Internet. The request from multiple client IPs are translated with the Live IP obtained from the Pool. It is also called Pool Based Dynamic NAT.Pool => 200.1.1.8 200.1.1.12/28InternetLocal address => 172.16.X.X Except => 172.16.0.5 172.16.0.6 172.16.0.7Pool allotted => 200.1.1.0 15/28ServerStatic => 200.1.1.3 = 172.16.0.7Port Based Static NAT 200.1.1.4:53 = 172.16.0.6 200.1.1.4:80 = 172.16.0.5

*

Dynamic NAT using PoolClientDynamic NATPool => 200.1.1.8 200.1.1.12/28Local address => 172.16.0.XExcept172.16.0.5172.16.0.6172.16.0.7

*

Configuring NATRouter#conf terRouter(config)#int serial 0Router(config-if)#ip nat outsideRouter(config-if)#int eth 0Router(config-if)#ip nat insideRouter(config-if)#exitRouter(config)#ip nat inside source static 172.16.0.7 200.1.1.3Router(config)#ip nat inside source static tcp 172.16.0.5 80 200.1.1.4 80Router(config)#ip nat inside source static udp 172.16.0.6 53 200.1.1.4 53Router(config)#access-list 30 deny 172.16.0.5Router(config)#access-list 30 deny 172.16.0.6Router(config)#access-list 30 deny 172.16.0.7Router(config)#access-list 30 permit anyRouter(config)#ip nat pool abc 200.1.1.8 200.1.1.12 netmask 255.255.255.240

*

Command for Basic NATRouter(config)#ip nat inside source list 30 interface serial 0

To display NAT translationRouter#sh ip nat translations(after ping any address, it shows ping details)

To clear IP NAT TranslationRouter#clear ip nat Translation *

*



*


SKILLS FOR INDIARemote Access Mode

*

Remote Access ServiceRemote Access Services(RAS) refers to any combination of hardware and software to enable the remote access tools or information that typically reside on a network of IT devices. A RAS server is a specialized computer which aggregates multiple communication channels together. Because these channels are bidirectional, two models emerge: Multiple entities connecting to a single resource, and a single entity connecting to multiple resources. Both of these models are widely used. Both physical and virtual resources can be provided through a RAS server: centralized computing can provide multiple users access to a remote virtual operating system. Access Providers often use RAS servers to terminate physical connections to their customers, for example customers who get Internet through some form of modem.Originally coined by Microsoft when referring to their built-in NT remote access tools, RAS was a service provided byWindows NTwhich allows most of the services which would be available on anetworkto be accessed over amodemlink.

*

The service includes support for dialupandlogon, presents the same network interface as the normal network drivers (albeit slightly slower). It is not necessary to run Windows NT on theclient- there are client versions for otherWindowsoperating systems.A feature built intoWindows NTenables users to log into an NT-basedLANusing a modem,X.25connection orWANlink. RAS works with several major network protocols, includingTCP/IP,IPX, andNBF.To use RAS from a remote node, you need a RAS client program, which is built into most versions of Windows, or anyPPPclient software. For example, most remote control programs work with RAS.Starting in the mid-1990s, several manufacturers such asU.S. Roboticsproduced "modem terminal servers". Instead of havingRS-232ports, these would directly incorporate an analogmodem. These devices were commonly used byInternet service providersto allow consumer dial-up. Modern versions interface to anISDNPRIinstead of having analog modem ports.

*

Complete these steps to configure RAS on a Cisco ICM Logger.

SelectStart>Settings>Control PanelDouble-click theNetworkAppletSelectServicesDouble-click theRemote Access Service

*

Figure 1: Remote Access Setup

*

ClickConfigure. Figure 2: Configure Port Usage

*

Media Access MethodsAn access method is a set of rules governing how the network nodes share the transmission medium. The rules for sharing among computers are similar to the rules for sharing among humans in that they both boil down to a pair of fundamental philosophies: first come, first served and take turns. These philosophies are the principles defining the three most important types of media access methods:

*

Media Access MethodsContention. -(CSMA/CD Carrier Sense Multiple Access with Collision Detection, -CSMA/CA Carrier Sense Multiple Access with Collision Avoidance) Token passing. Demand Priority.

*

ContentionCSMA/CD Carrier Sense Multiple Access with Collision DetectionIEEE 802.3 Ethernet LANs use the Carrier Sense Multiple Access with Collision detection(CSMA/CD) protocol to detect and handle collisions on the network. However, WLANs cant use CSMA/CD because they cant transmit and listen at the same time.

CSMA/CA Carrier Sense Multiple Access with Collision AvoidanceThe IEEE 802.11b standard specifies the carrier sense multiple access with collision avoidance (CSMA/CA) protocol for WLANs. CSMA/CA tries to avoid collisions by using explicit packet acknowledgment.With CSMA/CA, an acknowledgment packet is sent by the receiving station to confirm it has received a data packet. If the transmitting station does not receive the acknowledgment, it assumes that a collision has occurred and transmits the data packet again.

*

Token passingIEEE 802.5 standard deals with Token Ring networksToken passing is implemented on a token-ring network.IEEE 802.5 Token Ring networks use a token-passing media access method. A token is a special packet that gives permission to a device to transmit data on to the network. When a device receives a token and transmits a frame, the frame is forwarded around the ring by all attached devices.When the frame reaches its destination, it is copied and processed by the receiving device and placed back on the ring. Before placing the frame back on the ring, the receiving device sets frame-status bits to indicate that the frame was received. The frame circles the ring until it returns to the original transmitting device.

*

Demand PriorityDemand priority is an access method used with the new 100Mbps 100VG-AnyLAN standard. Although demand priority is officially considered a contention-based access method, demand priority is considerably different from the basic CSMA/CD Ethernet. In demand priority, network nodes are connected to hubs, and those hubs are connected to other hubs. Contention, therefore, occurs at the hub. (100VG-AnyLAN cables can actually send and receive data at the same time.) Demand priority provides a mechanism for prioritizing data types. If contention occurs, data with a higher priority takes precedence

*

Collision & Broadcast DomainsMAC AddressContains 48-bit destination address field.Who is this frame for?00-C0-F0-56-BD-97Hey Joe

*

MAC AddressHow will all other NICs handle the frame?Drop it (in the bit bucket)

*

Special MAC AddressWho is this frame for?FF-FF-FF-FF-FF-FFHey everybody

*

Broadcast MAC AddressFF-FF-FF-FF-FF-FF48 bits, all 1sAll NICs copy the frame & send it up the stack

*

Broadcast FramesNecessary for network functionUsed forfinding services: Hey, is there a server out there?Advertising services: Hey, Im a printer you can use.Some Layer 3 (Network Layer) protocols use broadcasts frequently:AppletalkIPX (older Novell protocol)Networks that use these protocols must be limited in size, or they will become saturated with broadcast frames.TCP/IP (a Layer 3 protocol) uses broadcasts sparingly.Therefore, networks that use TCP/IP can be made quite large without broadcast problems. (They scale well.)

Collision DomainNetwork region in which collisions are propagated.Repeaters and hubs propagate collisions.Bridges, switches and routers do not.

Reducing Collisions Collision frequency can be kept low by breaking the network into segments bounded by:bridgesswitchesrouters

Broadcast DomainNetwork region in which broadcast frames are propagated.Repeaters, hubs, bridges, & switches propagate broadcasts.Routers either do or dont, depending on their configuration.

Reducing Broadcasts Broadcasts are necessary for network function.Some devices and protocols produce lots of broadcasts; avoid them.Broadcast frequency can be kept manageable by limiting the LAN size.LANs can then be cross-connected by routers to make a larger internetwork.

Shared EthernetA single segment that is shared among all connected NICs.A single collision domain.A logical bus (may be a physical star).The segment includes repeaters and hubs.Sometimes called a single flat Ethernet.

Shared Ethernet

Switched EthernetConsists of a several segments, each of which is shared by NICs attached to it.The network is segmented into several collision domains.Bridges, switches, and routers create the segment and collision domain boundaries.Segments may contain hubs and repeaters.

Switched Ethernet

Micro segmented Switched EthernetEach user NIC is connected directly to a switch port.Provides one switched segment to each connected NIC.No sharing.No collisions.

Micro segmented Switched Ethernet

Summary

Term

Includes

Boundary

Example

LAN Segment

(Collision domain)

Cable

Repeaters

Hubs

Bridges

Switches

(Routers)

Entire LAN

(Broadcast domain)

Everything except Routers

Edge of LAN

Routers

Internetwork

(Group of LANs

cross-connected

by Routers)

LANs &

Routers

Edge of Internetwork

Identify the collision domains & broadcast domains



Identify the collision domains & broadcast domains:Router connects separate networks.One broadcast domain per router interface.

ApplicationFirst, complete Lab 7AThen, on a printed copy of the Teaching Topology (curriculum p7.5.5)Circle each collision domain - use a solid line.Circle each broadcast domain - use a dashed line.

*

ReminderCollisionsspread throughout a LAN segmentspread across hubs & repeatersare stopped by switches & bridgesBroadcastsspread throughout an entire LAN spread across hubs, switches, bridgesare stopped only by routers

*

LAN SwitchingEthernet switches are used in LAN to create Ethernet n/ws. Switches forward the traffic on the basis of MAC address. Switches maintain a Mac Addresse table in which mac addresses and port no.s are used to perform switching decision. Working of bridge and switch is similar to each other.

*

Classification of switchesSwitches are classified according to the following criteria: -

Types of switches based on working(1) Store & Forward This switch receives entire frame then perform error checking and start forwarding data to the destination.(2) Cut through This switch starts forwarding frame as soon as first six bytes of the frame are received.(3) Fragment-free This switch receives 64 bytes of the frame, perform error checking and then start forwarding data.(4) Adaptive cut-through It changes its mode according the condition. If it see there are errors in many frames then it changes to Store & Forward mode from Cut through or Fragment-free.

*

Classification of switchesTypes of switches based on management(1) Manageable switches(2) Non-Manageable switches(3) Semi-Manageable switchesTypes of switches based on OSI layer (1) Layer 2 switches (only switching)(2) Layer 3 switches (switching & routing)

Types of switches based on command mode (only in Cisco)(1) IOS based(2) CLI based

Type of switches based on hierarchical model(1) Core layer switches(2) Distribution layer switches(3) Access layer switches

*

Basic Switch AdministrationIOS based switches are similar to the routers. We can perform following function on switches in a similar manner as performed on router.(1) Access switch using console(2) Commands to enter & exit from different mode(3) Commands to configure passwords(4) Manage configuration(5) Backup IOS and configuration(6) Configuring and resolving hostnames(7) Managing telnet(8) Configuring CDP(9) Configuring time clock(10) Configuring Banners(11) Command line shortcuts and editing shortcuts(12) Managing history(13) Configure logging(14) Boot system commands

*

Basic Switch AdministrationFollowing function and options are not similar in router and switch.(1) Default hostname is Switch(2) Auxiliary port is not present (3) VTY ports are mostly 0 to 15(4) By default interfaces are enabled(5) IP address cannot be assign to interfaces(6) Routing configuration mode is not present(7) Interface no. starts from 1(8) Web access is by default enabled(9) Configuration registry is not present in similar manner(10) Flash memory may contain multiple files and startup-configuration is also saved in flash

*

Configuring IP and Gateway on switch We can configure IP address on switch for web access or telnet IP address is required for the administration of the switch. If we have to access switch from remote n/w then we will configure default gateway in addition to IP address.IP address is assigned to the logical interface of switch with following command:-Switch(config)#interface vlan 1Switch(config)#IP address Switch(config)#no shSwitch(config)#exit

*

Old SwitchesSwitch(config)#ip address Switch(config)#exit

Configuring GatewaySwitch(config)#ip default-gateway Switch(config)#exit

*

(1) Power off switch press mode button present in front of switch then power on the switch.(2) Keep mode button press until Switch: prompt appears on console.(3) In switch monitor mode, type following commands: - flash_init load_helper rename flash:config.text flash: dir flash: boot(4) After booting switch will prompt to enter in initial configuration dialog. Enter no here and type. Switch>enable Rename flash: Flash:config.text Configure memoryChange password and save config. Then copy run start_config.Breaking Switch Password

*



*


Security ProtocolSKILLS FOR INDIA

*

Asecurity protocol(cryptographic protocolorencryption protocol) is an abstract or concreteprotocolthat performs asecurity-related function and appliescryptographicmethods.

A protocol describes how thealgorithmsshould be used. A sufficiently detailed protocol includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:

Key agreementor establishmentEntityauthenticationSymmetricencryptionand message authenticationmaterial constructionSecured application-level data transportNon-repudiationmethods

*

Internet Key ExchangeInternet Key Exchange(IKEorIKEv2) is the protocol used to set up asecurity association(SA) in theIPSecprotocol suite. IKE builds upon theOakley protocolandISAKMP.IKE usesX.509certificates for authentication which are either pre-shared or distributed usingDNS(preferably withDNSSEC), and aDiffieHellman key exchangeto set up ashared session secretfrom whichcryptographic keysare derived.In addition, a security policy for every peer which will connect must be manually maintained

*

IPsecInternet Protocol Security(IPsec) is aprotocol suitefor securingInternet Protocol(IP) communications byauthenticatingandencryptingeachIP packetof a communication session. IPsec also includes protocols for establishingmutual authenticationbetween agents at the beginning of the session and negotiation ofcryptographic keysto be used during the session.IPsec is an end-to-end security scheme operating in theInternet Layerof theInternet Protocol Suite. It can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1]Some other Internet security systems in widespread use, such asSecure Sockets Layer(SSL),Transport Layer Security(TLS) andSecure Shell(SSH), operate in theupper layersof the TCP/IP model. In the past, the use of TLS/SSL had to be designed into an application to protect the application protocols. In contrast, since day one, applications did not need to be specifically designed to use IPsec.

*

Hence, IPsec protects any application traffic across an IP network. This holds true now for SSL as well with the rise of SSL basedVPNrevolution with implementations likeOpenVPN.IPsec originally was developed at the Naval Research Laboratory as part of aDARPA-sponsored research project. ESP was derived directly from the SP3D protocol, rather than being derived from the ISO Network-Layer Security Protocol (NLSP). The SP3D protocol specification was published byNIST, but designed by the Secure Data Network System project of theNational Security Agency(NSA), IPsec AH is derived in part from previous IETF standards work for authentication of the Simple Network Management Protocol (SNMP).IPsec is officially specified by theInternet Engineering Task Force(IETF) in a series ofRequest for Commentsdocuments addressing various components and extensions. It specifies the spelling of the protocol name to beIPsec

*

Kerberos (protocol)Kerberosis acomputer networkauthenticationprotocolwhich works on the basis of "tickets" to allownodescommunicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at aclientservermodel, and it providesmutual authenticationboth the user and the server verify each other's identity. Kerberos protocol messages are protected againsteavesdropping andreplay attacks. Kerberos builds onsymmetric key cryptographyand requires atrusted third party, and optionally may usepublic-key cryptographyby utilizingasymmetric key cryptographyduring certain phases of authentication. Kerberos uses port 88 by default."Kerberos" also refers to a suite offree softwarepublished byMassachusetts Institute of Technology(MIT) that implements the Kerberos protocol.

*

Point-to-point protocolInnetworking, thePoint-to-Point Protocol(PPP) is adata linkprotocolcommonly used in establishing a direct connection between twonetworking nodes. It can provide connectionauthentication, transmissionencryption(usingECP,RFC 1968), and compression.PPP is used over many types of physical networks includingserial cable,phone line,trunk line,cellular telephone, specialized radio links, and fiber optic links such asSONET. PPP is also used overInternet accessconnections (now marketed as "broadband").Internet service providers(ISPs) have used PPP for customerdial-up accessto theInternet, since IP packets cannot be transmitted over amodemline on their own, without some data link protocol. Two encapsulated forms of PPP,Point-to-Point Protocol over Ethernet(PPPoE) andPoint-to-Point Protocol over ATM(PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish aDigital Subscriber Line(DSL) Internet service connection with customers.

*

PPP is commonly used as adata link layerprotocol for connection oversynchronousand asynchronous circuits, where it has largely superseded the olderSerial Line Internet Protocol(SLIP) and telephone company mandated standards (such asLink Access Protocol, Balanced(LAPB) in theX.25protocol suite). PPP was designed to work with numerousnetwork layerprotocols, includingInternet Protocol(IP),TRILL, Novell'sInternetwork Packet Exchange(IPX),NBFandAppleTalk.

*

Transport Layer SecurityTransport Layer Security(TLS) and its predecessor,Secure Sockets Layer(SSL), arecryptographic protocolsthat provide communicationsecurityover theInternet. TLS and SSLencryptthe segments ofnetworkconnections at theApplication Layerfor the Transport Layer, usingasymmetric cryptographyfor key exchange,symmetric encryptionfor privacy, andmessage authentication codesfor message integrity.Several versions of the protocols are in widespread use in applications such asweb browsing,electronic mail,Internet faxing,instant messagingandvoice-over-IP (VoIP).TLS is anIETFstandards trackprotocol, last updated inRFC 5246, and is based on the earlier SSL specifications developed by NetscapeCommunications.

*

Wireless TechnologyWirelesstelecommunicationsis the transfer of information between two or more points that are not physically connected. Distances can be short, such as a few meters fortelevision remote control, or as far as thousands or even millions of kilometers for deep-space radio communications. It encompasses various types of fixed, mobile, and portabletwo-way radios, cellular telephones,personal digital assistants(PDAs), andwireless networking. Other examples ofwireless technologyincludeGPSunits,Garage door openersor garage doors, wirelesscomputer mice,keyboardsandHeadset (audio),headphones,radio receivers,satellite television,broadcast televisionand cordlesstelephones.

*

InfraredInfrared(IR) light iselectromagnetic radiationwith longerwavelengthsthan those ofvisible light, extending from the nominalrededge of the visiblespectrumat 0.74micrometers(m) to 300m. This range of wavelengths corresponds to afrequencyrange of approximately 1 to 400THz, and includes most of thethermal radiationemitted by objects near room temperature. Infrared light is emitted or absorbed by molecules when they change their rotational-vibrationalmovements.Much of the energy from the Sun arrives on Earth in the form of infrared radiation. Sunlight at zenith provides anirradianceof just over 1kilowattper square meter at sea level. Of this energy, 527 watts is infrared radiation, 445 watts isvisible light, and 32 watts isultraviolet radiation. The balance between absorbed and emitted infrared radiation has a critical effect on the Earth'sclimate.

*

Infrared light is used in industrial, scientific, and medical applications. Night-vision devices using infrared illumination allow people or animals to be observed without the observer being detected. In astronomy, imaging at infrared wavelengths allows observation of objects obscured by interstellar dust. Infrared imaging cameras are used to detect heat loss in insulated systems, observe changing blood flow in the skin, and overheating of electrical apparatus.

*

Light Comparison[3]NameWavelengthFrequency (Hz)Photon Energy (eV)Gamma rayless than 0.01nmmore than 10 EHZ100 keV - 300+ GeVX-Ray0.01nm to 10nm30 EHz - 30 PHZ120 eV to 120 keVUltraviolet10nm - 390nm30 PHZ - 790 THz3 eV to 124 eVVisible390 - 750nm790 THz - 405 THz1.7 eV - 3.3 eVInfrared750nm - 1mm405 THz - 300GHz1.24meV - 1.7 eVMicrowave1mm - 1 meter300GHz - 300MHz1.24eV - 1.24 meVRadio1mm - 100,000km300 GHz-3 Hz12.4feV - 1.24 meV

*

BluetoothWhat is the Bluetooth?Radio modules operate in 2.45GHz. RF channels:2420+k MHzDevices within 10m of each other can share up to 1MbpsProjected cost for a Bluetooth chip is ~$5.Its low power consumptionCan operate on both circuit and packet switching modesProviding both synchronous and asynchronous data services

BluetoothIEEE 802.11AUWBfrequency2.4Ghz5GHz3.1~10.6GHzMAX data rate1Mbps54Mbps100Mbps~1GbpsRange5~10m35~50m10~30mThe number of channel7912..

*

Bluetooth versionsBluetooth 1.0 and 1.0BVersions 1.0 and 1.0B had many problemsManufacturers had difficulty making their products interoperable

Bluetooth 1.1Many errors found in the 1.0B specifications were fixedAdded support for non-encrypted channelsReceived Signal Strength Indicator (RSSI)

Bluetooth 1.2Faster Connection and Discovery Use the Adaptive frequency-hopping spread spectrum (AFH)Improves resistance to radio frequency interferenceHigher transmission speeds in practice, up to 721 kbps

*

Bluetooth 2.0This version, specified November 2004The main enhancement is the introduction of an enhanced data rate (EDR) of 3.0 Mbps. Lower power consumption through a reduced duty cycle. Simplification of multi-link scenarios due to more available bandwidth.

Bluetooth 2.1A draft version of the Bluetooth Core Specification Version 2.1 + EDR is now available

*

Ultra Wide Band(UWB)

What is the UWB?Transmitting information spread over a large bandwidth (>500 MHz)Provide an efficient use of scarce radio bandwidth High data rate in WPAN connectivity and longer-rangeA February 14, 2002Report and Order by the FCC authorizes the unlicensed use of UWBNovember of 2005ITU-R have resulted in a Report and Recommendation on UWBExpected to act on national regulations for UWB very soon

*

Take advantage of inverse relationship between distance and throughputHuge bandwidth : very high throughputLow power consumptionConvenience and flexibilityNo interferenceAdvantage of the UWB

*

Ultra Wide Band(UWB)

Key applicationWireless USBToys and gameConsumer electronicsLocation trackingHandsetCurrent wireless Comparison

Wireless technologyPower mWRage meterBW/channelRate bpsCDMA 1xEVDO600 ~20001.25 MHz2.4M802.16(WiMAX)250~400025MHz120M802.11g(WiFi)50~10025MHz54MBluetooth1~101MHz

Proxy ServerSKILLS FOR INDIA

*

Proxy ServerIncomputer networks, aproxy serveris aserver(a computer system or an application) that acts as an intermediary for requests fromclientsseeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server. The proxy server evaluates the request as a way to simplify and control their complexity. Today, most proxies areweb proxies, facilitating access to content on theWorld Wide Web.

*

Utility of a Proxy serverTo keep machines behind it anonymous, mainly forsecurityTo speed up access to resources (using caching). Web proxies are commonly used tocacheweb pages from a web serverTo apply access policy to network services or content, e.g. to block undesired sitesTo access sites prohibited or filtered by your ISP or institutionTo log / audit usage, i.e. to provide company employee Internet usage reportingTo bypass security / parental controlsTo circumvent Internet filtering to access content otherwise blocked by governmentTo scan transmitted content for malware before deliveryTo scan outbound content, e.g., for data loss preventionTo allow a web site to make web requests to externally hosted resources (e.g. images, music files, etc.) when cross-domain restrictions prohibit the web site from linking directly to the outside domains

*

Types of proxyForward proxiesOpen proxiesReverse proxies

*

Forward proxiesForward proxies are proxies where the client server names the target server to connect to. Forward proxies are able to retrieve from a wide range of sources (in most cases anywhere on the Internet).The terms "forward proxy" and "forwarding proxy" are a general description of behavior (forwarding traffic) and thus ambiguous. Except for Reverse proxy, the types of proxies described in this article are more specialized sub-types of the general forward proxy concept.

*

Open proxiesAn open proxy is a forwarding proxy server that is accessible by any Internet user. Gordon Lyonestimates there are "hundreds of thousands" of open proxies on the Internet. Ananonymous open proxyallows users to conceal theirIP address while browsing the Web or using other Internet services. There are varying degrees of anonymity however, as well as a number of methods of 'tricking' the client into revealing itself regardless of the proxy being used.

*

Reverse proxiesAreverse proxy(or surrogate) is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one or more origin servers which handle the request. The response is returned as if it came directly from the proxy server.Reverse proxies are installed in the neighborhood of one or more web servers. All traffic coming from the Internet and with a destination of one of the neighborhood's web servers goes through the proxy server. The use of "reverse" originates in its counterpart "forward proxy" since the reverse proxy sits closer to the web server and serves only a restricted set of websites.

*

Issues with Proxy ServerThe diversion / interception of a TCP connection creates several issues. Firstly the original destination IP and port must somehow be communicated to the proxy. This is not always possible (e.g. where the gateway and proxy reside on different ho

networkingpptss2012-131215100852-phpapp01.ppt

Documents

Transcript of networkingpptss2012-131215100852-phpapp01.ppt