Summer Youth Program: Computer/Network Architecture and Security.

Summer Youth Program: Summer Youth Program: Computer/Network Computer/Network Architecture and SecurityArchitecture and Security

Introduction to NetworkingIntroduction to Networking

Objectives:Understand the physical connection that has to take place for a computer to connect to the Internet.Recognize the components that comprise the computer.Install and troubleshoot network interface cards and/or modems.Use basic testing procedures to test the Internet connection.Demonstrate a basic understanding of the use of web browsers and plug-ins.

Internet Connection RequirementsInternet Connection RequirementsInternet is the largest data network on earth

Consists of many large and small networks that are interconnected Individual computers are the sources and destinations of information through the Internet

Connection to the Internet can be broken down into three parts:

Physical connection

Logical connection

Applications

Computer BasicsComputer BasicsElectronic Components

Transistor, Integrated circuit (IC), Resistor, Capacitor, Connector, and Light emitting diode (LED)

PC SubsystemsPrinted circuit board, CD-ROM drive, Central processing unit (CPU), Floppy drive, Hard drive, Microprocessor, Motherboard, Bus, Random-access memory (RAM), Read-only memory (ROM), System unit, Expansion slot, Power supply,

Backplane componentsNetwork interface card (NIC), Video card, Audio card, Parallel port, Serial port, Mouse port, Power cord

Network Interface CardNetwork Interface Card

A NIC, or LAN adapter, provides network communication capabilities to and from a PCThese considerations are importantin the selection of a NIC:

Protocols – Ethernet, Token Ring, or FDDI Types of media – Twisted-pair, coaxial, wireless, or fiber-optic Type of system bus – PCI or ISA

NIC’s & ModemsNIC’s & ModemsA modem, or modulator-demodulator,has two main functions:

provides the computer with connectivity toa telephone lineconverts data from a digital signal to an analogsignal that is compatible with a standard phone line

A NIC provides a network interface for each hostSituations that require NIC installation include the following:

Installation of a NIC on a PC that does not already have one Replacement of a malfunctioning or damaged NIC Upgrade from a 10-Mbps NIC to a 10/100/1000-Mbps NIC Change to a different type of NIC, such as wireless Installation of a secondary, or backup, NIC for network security reasons

Internet Connections for ConsumersInternet Connections for Consumers

Requires use of a Modem

Dial-up – slow

Always on High Speed Connections

DSL – Verizon

Cable – Comcast, Charter, Road-Runner

TCP/IPTCP/IP

TCP/IP

The operating system tools must be used to configure TCP/IP on a workstation

Testing Connectivity with PingTesting Connectivity with PingPing is a basic program that verifies a particular IP address exists and can accept requests.Ping stands for Packet Internet or Inter-Network Groper.How can ping be used?

ping 127.0.0.1 - loopback test. It verifies the operation of the TCP/IP stack and NIC transmit/receive function.ping host computer IP address - verifies the TCP/IP address configuration for the local host and connectivity to the host.ping default-gateway IP address - verifies whether the router that connects the local network to other networks can be reached.ping remote destination IP address - verifies connectivity to a remote host.

Information & TestingInformation & Testing

NIC MAC Address Verificationhttp://standards.ieee.org/regauth/oui/index.shtml

Traceroute Site:http://www.traceroute.orghttp://www.traceroute.org

Web Browsers and Plug-insWeb Browsers and Plug-insA Web browser is software that interprets HTML, which is one of the languages used to code Web page content.

Two of the most popular Web browsers are Internet Explorer (IE), Netscape Communicator, and FireFox

Plug-ins are applications that work with the browser to launch the programsrequired to view special files:

Flash – Plays multimedia files created by Macromedia Flash

Quicktime – Plays video files created by Apple

Real Player – Plays audio files

IE vs. FireFoxIE vs. FireFoxFireFox and all other Mozilla-based products are FireFox and all other Mozilla-based products are generally more secure than IEgenerally more secure than IE

Reasons:Reasons: It is not integrated with Windows, which helps It is not integrated with Windows, which helps prevent viruses and hackers from causing prevent viruses and hackers from causing damage if they somehow manage to compromise damage if they somehow manage to compromise FireFox.FireFox.There is no support for VBScript and ActiveX, two There is no support for VBScript and ActiveX, two technologies which are the reasons for many IE technologies which are the reasons for many IE security holes.security holes.No spyware/adware software can automatically No spyware/adware software can automatically install in FireFox just by visiting a web site.install in FireFox just by visiting a web site.FireFox doesn't use Microsoft's Java VM, which FireFox doesn't use Microsoft's Java VM, which has a history of more flaws than other Java VMs.has a history of more flaws than other Java VMs.You have complete control over cookies.You have complete control over cookies.

Data Networks CreationData Networks CreationData networks developed as a result of businesses and Data networks developed as a result of businesses and governments agencies needing to exchange electronic governments agencies needing to exchange electronic information across long distances.information across long distances.

Businesses needed solution to:Businesses needed solution to:

How to avoid duplication of equipment and How to avoid duplication of equipment and resourcesresources

How to communicate efficientlyHow to communicate efficiently

How to set up and manage a networkHow to set up and manage a network

The Creation of StandardsThe Creation of Standards One solution to incompatibility was to One solution to incompatibility was to

create standards within Local Area create standards within Local Area Neworks (LANs)Neworks (LANs)

LANs limitations prompted (Metropolitan LANs limitations prompted (Metropolitan Area Networks) MANs and (Wide Area Area Networks) MANs and (Wide Area Networks) WANsNetworks) WANs

Data Networks with Respect to Data Networks with Respect to DistancesDistances

Networking DevicesNetworking Devices

Networking Devices:Networking Devices:Repeaters and HubsRepeaters and Hubs

Repeaters

Hubs

http://www1.shopping.com/xPF-CTG_MINICOM_CAT5_SERIAL_RS232_EXTENDER_1000

http://www1.shopping.com/xPO-D_Link_DUB_H4_DUB_H4~CLT-HSNLF

Networking Devices:Networking Devices:NICs and BridgesNICs and Bridges

Bridges

NICS

Networking Devices: Networking Devices: SwitchesSwitches

Switches

Networking Devices - RoutersNetworking Devices - Routers

Routers

Network TopologyNetwork Topology

Network Topology:Network Topology:Bus & Star TopologyBus & Star Topology

BUS TOPOLOGY

STAR TOPOLOGY

Network Topology: Network Topology: Ring TopologyRing Topology

RING TOPOLOGY

Network Topology Cont:Network Topology Cont:Partial & Full MeshPartial & Full Mesh

Partial Mesh Full Mesh

MS VISIO MS VISIO Creating Network DiagramsCreating Network Diagrams

MS Visio MS Visio Network ExampleNetwork Example

MaxProLABORATORIES, INC. S ilico n G ra p h ics

C om put er S y s t em s

XL SERIES

POWE

R

1 2 3

5 64

987

#0*

ABC DEF

GHI JKL MNO

PRS TUV WXY

1 2 3

4 5 6

A4 LTR

TONE

ALARM

OPER SYMBOLSSTOP

START/COPY

CODED DIAL

REDIAL/PAUSE RECEIVE MODE RESOLUTION

FUNCTION CARTRIDGE RESUME

PRINTERRESET

< >

Designed by:

Microsof tWindows NTWindows 95

ÒÒ

ÒÒ P R O C S S OE R

Ò

MMXä

Ò

Back Space

NumLock

CapsLock

ScrollLock

Enter

Shift

CtrlAltCtrl A lt

Shift

CapsLock

Tab

Esc F1 F2 F3 F4 F5 F6 F7 F8 F9 F10 F11 F12 PrintScroll

SysRq

ScrollLock Pause

Break

NumLock

Enter

+

_*

Designed by:

Microsof tWindows NTWindows 95

ÒÒ

ÒÒ P R O C S S OE R

Ò

MMXä

Ò

Back Space

NumLock

CapsLock

ScrollLock

Enter

Shift

CtrlAltCtrl A lt

Shift

CapsLock

Tab

Esc F1 F2 F3 F4 F5 F6 F7 F8 F9 F10 F11 F12 PrintScroll

SysRq

ScrollLock Pause

Break

NumLock

Enter

+

_*

3645 Main StreetHigh Capacity Bandwidth Manager

NEWBRIDGE

ON

OFF

ON

OFF

PS110A

PS110A

Critical Alarm

Major Alarm

Minor Alarm

FILE SERVER

OMNI SWITCH

EMAIL SERVER

AUTHENTICATION SERVER

PRINTER

AV-CLIENT TELNET CLIENT

Michigan Tech University’sCNSA Progam

CONFIDENTIAL CONFIDENTIALNetwork Diagam

GCH_v.1.47/5/05

MS VisioMS VisioNetwork Example #2Network Example #2

IP Cloud

BLACK BOXÒÒ

MONITOR T YPE

VGA Splitter 2-Channel

POWER

ÒÒ

SY ST EM S, IN C .ä

Glass-hopper

BLACK BOXÒÒ

MONITOR T YPE


POWER

ÒÒ

BLACK BOXÒÒ

MONITOR T YPE


POWER

ÒÒ

BLACK BOXÒÒ

MONITOR T YPE


POWER

ÒÒ

BLACK BOXÒÒ

MONITOR T YPE


POWER

ÒÒ

BLACK BOXÒÒ

MONITOR T YPE


POWER

ÒÒ

BLACK BOXÒÒ

MONITOR T YPE


POWER

ÒÒ

N C X 3E6 Next Generation Networks

System Status

TELECOM

Ethernet Status

Circuit Status


System Status

TELECOM

Ethernet Status

Circuit Status


System Status

TELECOM

Ethernet Status

Circuit Status


System Status

TELECOM

Ethernet Status

Circuit Status

LINE OUT

SYNC

LINE IN

SYNCSTATUS

Technologies Group, Inc.

ISDN Basic Rate InterfaceProtocol Analyzer

Model ISDN 1000PA

LINE OUT

SYNC

LINE IN

SYNCSTATUS

Technologies Group, Inc.

ISDN Basic Rate InterfaceProtocol Analyzer

Model ISDN 1000PA

Glass-hopper

hopperUTP-

SuperStack IISwitch 93 00

SUPERSTACK

3Com

C onsole10 00Base -SX

10 00Base -SX

10 00Base -SX

3C9 30 11


SUPERSTACK

3Com


10 00Base -SX

10 00Base -SX

3C9 30 11


SUPERSTACK

3Com


10 00Base -SX

10 00Base -SX

3C9 30 11


SUPERSTACK

3Com


10 00Base -SX

10 00Base -SX

3C9 30 11

Ethernet Switch

Ethernet Switch Ethernet Switch

Ethernet Switch

Fiber Splitter

Fiber Splitter

Fiber SplitterFiber Splitter

Fiber Splitter

Fiber Splitter

Fiber Splitter

ATM Switch ATM Switch

ATM Switch

ATM Switch

LAN Analyzer LAN Analyzer

Michigan Tech University’sCNSA Progam

Network DiagamCONFIDENTIAL CONFIDENTIAL

GCH_v.2.77/5/05

MS VisioMS VisioWAN Architecture ExampleWAN Architecture Example

PORT 3 PORT 4

PORT 2PORT 1

SYN

ALM

PORT 1 PORT 2 PORT 3 PORT 4

MODULE EXPANSION SLOT

Model Serial No. MAC Address10/100 ETH CONSOLE

SYN

ALM

SYN

ALM

SYN

ALM

SYN

ALM

Gateway

Ò

SETUP

OPERATE

1 2ABC

3DEF

4GHI

5JKL

6MNO

7PRS

8TUV

9WXY

* 0OPER

#

EN

TE

R

Ò

CONSOLE ETHERNET ISDN U TEL1 TEL2POWER

PORT 3 PORT 4

PORT 2PORT 1

SYN

ALM




SYN

ALM

SYN

ALM

SYN

ALM

SYN

ALM

Gateway


Ò

SETUP

OPERATE

1 2ABC

3DEF

4GHI

5JKL

6MNO

7PRS

8TUV

9WXY

* 0OPER

#

EN

TE

R

Ò


PORT 3 PORT 4

PORT 2PORT 1

SYN

ALM




SYN

ALM

SYN

ALM

SYN

ALM

SYN

ALM

Ò

SETUP

OPERATE

1 2ABC

3DEF

4GHI

5JKL

6MNO

7PRS

8TUV

9WXY

* 0OPER

#

EN

TE

R

Ò

PSTN

Data Network

PSTN

1 2ABC

JKLGHI

4 5TUVPRS

7 8

0OPER

3DEF

MNO

6WXY

#

9

1 2 3

4 5 6

7 8 9

* 0 #

ABC DEF

GHI JKL MNO

PQRS TUV WXYZ

Hold Cancel Forward Redial

Super Key Message

1 2ABC

JKLGHI

4 5TUVPRS

7 8

0OPER

3DEF

M NO

6W XY

#

9

PSTN (Auto-switch)Japan to New York

VoIP (On net call)Japan to New York

PSTN (Hop-off call)Japan to United States,Domestic long distance call

Japan New York

California

Router Router

PBX PBX

WAN DIAGRAMCONFIDENTIAL CONFIDENTIAL

Legend

GCH_v.1.27/2/05

MS VisioMS VisioSwitch Architecture ExampleSwitch Architecture Example

S il iconG raph ics

O R I G I N 2000

S il iconG raph ics

O R I G I N 2000

N Y X 2O

S il iconG raph ics

S il iconG raph ics

ALARM

CONSOLE

1518 IAD

1 2 3 4 5 6 7 8 9 10 11 12

OutputGood

OutputGood

OutputGood

OutputGood

OutputGood

OutputGood

CHASSIS STATUS

TEMPERATURE FAN POWER SUPPORT SYSTEM

1 2 3 4 5 6

LMPTEST

S1

S2

S3

L1

L2

N

B41

B

S1

S2

L1

L2

H

BCP

8

S1

S2

L1

L2

H

BCP

8

ALARM

CONSOLE

1518 IAD

4200

4200 4200

N Y X 2O

S il iconG raph ics

S il iconG raph ics

N Y X 2O

S il iconG raph ics

S il iconG raph ics

S il iconG raph ics

O R I G I N 2000

S il iconG raph ics

O R I G I N 2000

S il iconG raph ics

O R I G I N 2000

S il iconG raph ics

O R I G I N 2000

Private Intranet

PBXPBX

OMNI SWITCH

PublicT1/E1 TDM

or ATM Network

OmniAccess OmniAccess

Ethernet Network Ethernet Network

PBX

BRANCH OFFICE BRANCH OFFICE

CENTRAL OFFICE

CONFIDENTIAL CONFIDENTIALSWITCHED ETHERNET NETWORK

Public Internet

MS VisioMS VisioClient Architecture ExampleClient Architecture Example

ATM

R7

R8

ISDN

R5

R2

S0/0

S0/1

S0/0

S0/2

R6

R9

controller T1 0

controller T1 0

R4

S0

S0/0

S1/1

S0/0

R1

Sw2Sw1

VLAN_B

VLAN_A

VLAN_D

BB1

Frame Relay

VLAN_E

VLAN_C

ATM 138.10.78.0/24

RIP v2

OSPF

EIGRP

EBGP

10/100 Ethernet

ISDN Connection

ATM Connection

Frame Relay Connection

Legend

BB3

Fiber Optic

CONFIDENTIAL CONFIDENTIALSyrex Network Architecture

GCH_ver3.76/11/05

Network ProtocolsNetwork Protocols

Local-area Networks (LANs)Local-area Networks (LANs)

Wide-area Networks (WANs)Wide-area Networks (WANs)

MetropolitanMetropolitan--Area Network (MANs)Area Network (MANs)

StorageStorage--Area Networks (SANS)Area Networks (SANS)

Virtual Private Networks (VPNVirtual Private Networks (VPNss))

VPN ArchitecturesVPN Architectures

Client-Initiated Access VPN

NAS-Initiated Access VPN

Intranet and Extranet VPNIntranet and Extranet VPN

Benefits of VPNsBenefits of VPNs

Importance of BandwidthImportance of Bandwidth

• Why is Bandwidth Important?

• What are Bandwidth’s limitations?

• What is Bandwidth’s effect on network performance?

Bandwidth Pipe AnalogyBandwidth Pipe Analogy

Bandwidth Highway AnalogyBandwidth Highway Analogy

Bandwidth MeasurementsBandwidth Measurements

Bandwidth LimitationsBandwidth Limitations

Bandwidth ThroughputBandwidth Throughput

Digital Transfer CalculationDigital Transfer Calculation

CablingCablingLANs and WANsLANs and WANs

LAN Physical LayerLAN Physical Layer

LAN Physical Layer LAN Physical Layer SymbolsSymbols

Ethernet on a CampusEthernet on a CampusThere are several ways that Ethernet There are several ways that Ethernet technologies can be used in a campus technologies can be used in a campus network: network:

10Mbps can be used at the user level10Mbps can be used at the user levelClients or servers that require more bandwidth Clients or servers that require more bandwidth can use 100-Mbps Ethernetcan use 100-Mbps EthernetFast Ethernet is used as the link between user Fast Ethernet is used as the link between user and network devices. Fast Ethernet can be used and network devices. Fast Ethernet can be used to connect enterprise servers. to connect enterprise servers. Fast Ethernet or Gigabit Ethernet should be Fast Ethernet or Gigabit Ethernet should be implemented between backbone devices, based implemented between backbone devices, based on affordability. on affordability.

Connection MediaConnection Media

UTP ImplementationUTP Implementation

Patch Panels used for Organization in Wiring Closets. Sometimes referred to as punch downs.

UTP Cable •8 colored wires•2 twisted pair

UTP Implementation ContinuedUTP Implementation Continued

Note: Only 4 wires being used for Tx and

Rx

EIA/TIA T568-A or T568-B Standards

UTP ImplementationUTP Implementation

Straight-Through and Straight-Through and Cross-Over ComparisonCross-Over Comparison

Console ConnectionsConsole Connections Used to manage a device, such as Used to manage a device, such as

switch or router, locallyswitch or router, locally Uses a DB-9 to RJ45 adapterUses a DB-9 to RJ45 adapter Uses Rollover cableUses Rollover cable

Straight-Through and Cross-Straight-Through and Cross-Over Comparison ContinuedOver Comparison Continued

Summer Youth Program: Summer Youth Program: Computer/Network Computer/Network Architecture and SecurityArchitecture and Security

Using Layers to Analyze Using Layers to Analyze ProblemsProblems

Using Layers to Describe Data Using Layers to Describe Data CommunicationCommunication

OSI Model OSI Model

Layer 1Layer 1

Layer 2 Layer 2

•Provides reliable transit of data across a physical link

•Provides physical address

•Error correction, best effort delivery.

Layer 3Layer 3

Layer 4Layer 4

Layer 5 Layer 5

Layer 6Layer 6

Layer 7 Layer 7

Peer-to-Peer CommunicationPeer-to-Peer Communication

TCP/IP Model TCP/IP Model

Encapsulation & DecapsulationEncapsulation & Decapsulation

Names for Data at Each Names for Data at Each Layer Layer

Network EnvironmentsNetwork Environments

Peer-to-Peer NetworksPeer-to-Peer Networks

All Peers are equalAll Peers are equal

10 Host max (recommended)10 Host max (recommended)

Client/Server EnvironmentClient/Server Environment

network services are located on a network services are located on a dedicated computer called a serverdedicated computer called a server

Peer-to-Peer vs. Client/ServerPeer-to-Peer vs. Client/ServerAdvantagesAdvantages

Advantages of a Peer-to-Peer Advantages of a Peer-to-Peer NetworkNetwork

Advantages of a Advantages of a Client/Server NetworkClient/Server Network

Less expensive to Less expensive to implementimplement

Provides for better Provides for better securitysecurity

Does not require Does not require additional specialized additional specialized network administration network administration softwaresoftware

Easier to administer when Easier to administer when the network is large due the network is large due to centralized to centralized administrationadministration

Does not require a Does not require a dedicated network dedicated network administratoradministrator

All data can be backed up All data can be backed up on one central locationon one central location

Peer-to-Peer vs. Client/ServerPeer-to-Peer vs. Client/ServerDisadvantagesDisadvantages

Disadvantages of a Peer-to-Disadvantages of a Peer-to-Peer NetworkPeer Network

Disadvantages of a Disadvantages of a Client/Server NetworkClient/Server Network

Does not scale well to a Does not scale well to a large networks and large networks and administration becomes administration becomes unmanageableunmanageable

Requires expensive Requires expensive specialized network specialized network administrative and administrative and operational softwareoperational software

Each user must be trained Each user must be trained to perform administrative to perform administrative taskstasks

Requires expensive, more Requires expensive, more powerful hardware for the powerful hardware for the server machineserver machine

Less secureLess secure Requires a professional Requires a professional administratoradministrator

All machines sharing All machines sharing resources negatively resources negatively impacts performanceimpacts performance

Has a single point of Has a single point of failure. User data is failure. User data is unavailable if the server unavailable if the server is downis down

Ethernet SwitchingEthernet Switching

Layer 2 BridgingLayer 2 Bridging

What is a Bridge? What is a Bridge?

What is the Bridging process?What is the Bridging process?

Bridge TypesBridge Types

Bridge OperationsBridge Operations

SwitchesSwitches

Switching TableSwitching Table

LatencyLatency

What is Latency?What is Latency?

How does it affect a network?How does it affect a network?

Switch ModesSwitch Modes

Store-and-forward Store-and-forward switchingswitching

Cut-through switching Cut-through switching

Fragment-free switchingFragment-free switching

Collision Domains and Collision Domains and Broadcast DomainsBroadcast Domains

How to reduce the impact of broadcasts and collisions on the performance of the network?

Types of NetworksTypes of Networks

Data CollisionsData Collisions

When two bits are propagated at the same time on the same network, a collision will occur.

Collisions and Collision Collisions and Collision DomainsDomainsExtended by a huband repeater

SegmentationSegmentation

Breaking Up Collision Breaking Up Collision Domains Using SegmentationDomains Using Segmentation

Segmenting with BridgesSegmenting with Bridges

Segmenting with SwitchesSegmenting with Switches

Segmenting with RoutersSegmenting with Routers

Layer 2 BroadcastsLayer 2 Broadcasts

Layer 2 devices must flood all broadcast Layer 2 devices must flood all broadcast and multicast traffic. and multicast traffic.

The accumulation of broadcast and The accumulation of broadcast and multicast traffic from each device in the multicast traffic from each device in the network is referred to as broadcast network is referred to as broadcast radiation.radiation.

Broadcast DomainsBroadcast Domains

A group of collision domains that are A group of collision domains that are connected by Layer 2 devicesconnected by Layer 2 devices

Controlled at Layer 3 (router)Controlled at Layer 3 (router) Routers do not forward broadcastsRouters do not forward broadcasts

Data FlowData Flow

Network SegmentNetwork Segment If the segment is used in TCP, it would be If the segment is used in TCP, it would be

defined as a separate piece of the data. defined as a separate piece of the data. If segment is being used in the context of If segment is being used in the context of

physical networking media in a routed physical networking media in a routed network, it would be seen as one of the parts network, it would be seen as one of the parts or sections of the total network.or sections of the total network.

Routing Fundamentals Routing Fundamentals And SubnetsAnd Subnets

Routable and Routed Routable and Routed ProtocolsProtocols

A routed protocol allows the router to forward data A routed protocol allows the router to forward data between nodes on different networks. between nodes on different networks.

In order for a protocol to be routable, it must provide the In order for a protocol to be routable, it must provide the ability to assign a network number and a host number to ability to assign a network number and a host number to each individual device. each individual device.

These protocols also require a network mask in order to These protocols also require a network mask in order to differentiate the two numbers. differentiate the two numbers.

The reason that a network mask is used is to allow groups The reason that a network mask is used is to allow groups of sequential IP addresses to be treated as a single unit. of sequential IP addresses to be treated as a single unit.

IP as a Routed Protocol IP as a Routed Protocol IP is a connectionless, IP is a connectionless, unreliable, best-effort unreliable, best-effort delivery protocol. delivery protocol.

As information flows As information flows down the layers of the down the layers of the OSI modelOSI model;; the data is the data is processed at each layer.processed at each layer.

IP accepts whatever data IP accepts whatever data is passed down to it from is passed down to it from the upper layers. the upper layers.

Packet Propagation and Switching Packet Propagation and Switching Within a RouterWithin a Router

Packet Propagation and Switching Packet Propagation and Switching Within a RouterWithin a Router

As a frame is received at a router interface. As a frame is received at a router interface. The MAC address is checked to see if the frame is The MAC address is checked to see if the frame is directly addressed to the router interface, or a broadcast. directly addressed to the router interface, or a broadcast. The frame header and trailer are removed and the The frame header and trailer are removed and the packet is passed up to Layer 3. packet is passed up to Layer 3. The destination IP address is compared to the routing The destination IP address is compared to the routing table to find a match.table to find a match.The packet is switched to the outgoing interface and The packet is switched to the outgoing interface and given the proper frame header.given the proper frame header.The frame is then transmitted. The frame is then transmitted.

Internet Protocol (IP): Internet Protocol (IP): Connectionless Connectionless

The Internet is a gigantic, connectionless network The Internet is a gigantic, connectionless network in which all packet deliveries are handled by IP. in which all packet deliveries are handled by IP. TCP adds Layer 4, connection-oriented reliability TCP adds Layer 4, connection-oriented reliability

services to IP. services to IP.

A connection is established between the sender and the recipient before any data is transferred.

Telephone Calls: Telephone Calls: Connection-OrientedConnection-Oriented

Anatomy of an IP Packet Anatomy of an IP Packet While the IP source and destination addresses While the IP source and destination addresses are important, the other header fields have are important, the other header fields have made IP very flexible. made IP very flexible. The header fields are the information that is The header fields are the information that is provided to the upper layer protocols defining provided to the upper layer protocols defining the data in the packet. the data in the packet.

Routing OverviewRouting OverviewA router is a network layer device that uses one or more A router is a network layer device that uses one or more routing metrics to determine the optimal path.routing metrics to determine the optimal path.Routing metrics are values used in determining the Routing metrics are values used in determining the advantage of one route over another.advantage of one route over another.Routing protocols use various combinations of metrics Routing protocols use various combinations of metrics for determining the best path for data. for determining the best path for data.

Routing Versus SwitchingRouting Versus Switching This distinction is routing and switching This distinction is routing and switching

use different information in the process of use different information in the process of moving data from source to destination. moving data from source to destination.

Routing Versus SwitchingRouting Versus Switching

Classes of Network IP Classes of Network IP AddressesAddresses

Introduction to SubnettingIntroduction to Subnetting Host bits must Host bits must

are reassigned are reassigned (or “borrowed”) (or “borrowed”) as network bits. as network bits.

The starting The starting point is always point is always the leftmost the leftmost host bit. host bit.

3 bits borrowed allows 23-2 or 6 subnets



Reasons for SubnettingReasons for SubnettingProvides addressing flexibility for the network Provides addressing flexibility for the network administrator.administrator.

Each LAN must have its own network or subnetwork Each LAN must have its own network or subnetwork address.address.

Provides broadcast containment and low-level security Provides broadcast containment and low-level security on the LAN. on the LAN.

Provides some security since access to other subnets is Provides some security since access to other subnets is only available through the services of a router. only available through the services of a router.

Establishing the Subnet Mask Establishing the Subnet Mask AddressAddress

Determines which part of an IP address is the network field Determines which part of an IP address is the network field and which part is the host fieldand which part is the host field..

Follow these steps to determine the subnet mask:Follow these steps to determine the subnet mask:

1. Express the subnetwork IP address in binary form.1. Express the subnetwork IP address in binary form.

2. Replace the network and subnet portion of the 2. Replace the network and subnet portion of the address with all 1s.address with all 1s.

3. Replace the host portion of the address with all 0s.3. Replace the host portion of the address with all 0s.

4. Convert the binary expression back to dotted-decimal 4. Convert the binary expression back to dotted-decimal notation.notation.


To determine the number of bits to be used, the network To determine the number of bits to be used, the network designer needs to calculate how many hosts the largest designer needs to calculate how many hosts the largest subnetwork requires and the number of subnetworks subnetwork requires and the number of subnetworks needed. needed. The “slash format” is a shorter way of representing the The “slash format” is a shorter way of representing the subnet mask:subnet mask:

/25 represents the 25 one bits in the subnet mask /25 represents the 25 one bits in the subnet mask 255.255.255.128255.255.255.128

Subnetting Class A and B Subnetting Class A and B NetworksNetworks

The available bits for assignment to the subnet The available bits for assignment to the subnet field in a Class A address is 22 bits while a field in a Class A address is 22 bits while a Class B address has 14 bits. Class B address has 14 bits.

Calculating the Subnetwork Calculating the Subnetwork With ANDingWith ANDing

ANDing is a binary process by which the router ANDing is a binary process by which the router calculates the subnetwork ID for an incoming packet. calculates the subnetwork ID for an incoming packet.

1 AND 1 = 1; 1 AND 0 = 0; 0 AND 0 = 01 AND 1 = 1; 1 AND 0 = 0; 0 AND 0 = 0

The router then uses that information to forward the The router then uses that information to forward the packet across the correct interface. packet across the correct interface.

Packet AddressPacket Address 192.168.10.65192.168.10.6511000000.10101000.00001011000000.10101000.00001010.01010.010

0000000011

Subnet MaskSubnet Mask255.255.255.22255.255.255.2244

11111111.11111111.11111111111111.11111111.11111111.11111.111

0000000000

Subnetwork Subnetwork AddressAddress

192.168.10.64192.168.10.6411000000.10101000.00001011000000.10101000.00001010.01010.010

0000000000

Routed Versus RoutingRouted Versus RoutingA routed protocol: A routed protocol:

Includes any network protocol suite that provides Includes any network protocol suite that provides enough information in its network layer address to enough information in its network layer address to allow a router to forward it to the next device and allow a router to forward it to the next device and ultimately to its destination. ultimately to its destination. Defines the format and use of the fields within a Defines the format and use of the fields within a packet. packet.

A routing protocol: A routing protocol: Provides processes for sharing route information.Provides processes for sharing route information.Allows routers to communicate with other routers to Allows routers to communicate with other routers to update and maintain the routing tables.update and maintain the routing tables.

Path DeterminationPath DeterminationPath determination enables a router to compare the Path determination enables a router to compare the destination address to the available routes in its routing destination address to the available routes in its routing table, and to select the best path. table, and to select the best path.

End of PresentationEnd of Presentation

Summer Youth Program: Computer/Network Architecture and Security.

Documents

Transcript of Summer Youth Program: Computer/Network Architecture and Security.