1 / 133

Networking Overview

Networking Overview. TCP/IP. TCP/IP == Transmission Control Protocol/Internet Protocol Almost ubiquitous protocol for communication over network Many other networking protocols ATM, X.25, SS7, Sonet,… But TCP/IP has taken over the world. TCP/IP. Here, a brief overview of TCP/IP

butch
Télécharger la présentation

Networking Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Networking Overview Networking Overview 1

  2. TCP/IP • TCP/IP == Transmission Control Protocol/Internet Protocol • Almost ubiquitous protocol for communication over network • Many other networking protocols • ATM, X.25, SS7, Sonet,… • But TCP/IP has taken over the world Networking Overview 2

  3. TCP/IP • Here, a brief overview of TCP/IP • For more info, see, for example, • Computer Networks, Tanenbaum • Computer Networks and Internets, Comer • Computer Networking: A Top Down Approach Featuring the Internet, Kurose and Ross • TCP/IP Protocol Suite, Forouzan Networking Overview 3

  4. Why TCP/IP? • Almost everywhere • Author developed payphone billing protocol in 1992 • Used X.25, later ported to SS7 • Today would almost certainly use TCP/IP • TCP/IP makes the world “extremely hackable” Networking Overview 4

  5. OSI Reference Model • In 1980, ISO developed OSI • Computer communication over network • Protocol layering • Breaks problem into small parts • Layer provides service to next higher • Modular • Makes it easy, for example, to replace Ethernet with wireless Networking Overview 5

  6. OSI Reference Model • Layer 7 --- Application Layer • Links application to the communication channel • Layer 6 --- Presentation Layer • How to represent bits for transmission • Layer 5 --- Session Layer • Coordinate (multiple) sessions • Layer 4 --- Transport Layer • Logical channel between systems Networking Overview 6

  7. OSI Reference Model • Layer 3 --- Network Layer • Move data from host-to-host, across network core (interconnected mesh of routers) • Layer 2 --- Data Link Layer (or Link Layer) • Move data across one “hop” • Layer 1 --- Physical Layer • Transmit bits across a physical link (fiber optic, copper cable, wireless, etc.) • Note: Layers 7,6,5 often treated as one Networking Overview 7

  8. TCP/IP, Our Hero • Layers from TCP/IP’s perspective… • Application Layer --- Program trying to communicate using TCP/IP • E.g., email servers, SSH client and server, etc • Transport Layer --- Includes TCP and UDP • TCP provides reliable delivery • UDP is “bare bones” transport layer protocol Networking Overview 8

  9. TCP/IP, Our Hero • Network Layer --- Based on IP • Deliver packets from end-to-end • To be cool, you must say “layer 3” • Data Link Layer --- One hop • “Layer 2” • Physical Layer --- The physical media Networking Overview 9

  10. TCP/IP Protocol Stack • TCP/IP synonymous with transport layer and network layer (combined) • For example… Networking Overview 10

  11. Layering (Again) • Each layer adds some info • Usually added to beginning, so called a header Networking Overview 11

  12. Terminology • Application layer packet • Transport layer  TCP segment (for example) • Network layer  IP datagram • Data link/physical layer(s)  frame • We may use “packet” for all of these Networking Overview 12

  13. TCP/IP • Protocols: TCP, UDP, IP, ICMP • Defined in RFCs 791 thru 793 • Developed for academic research • No thought of security • No confidentiality, integrity, authentication, … Networking Overview 13

  14. TCP/IP and Security • Originally, no security in TCP/IP • Any security provided by applications • But TCP/IP retrofit for security • IPSec --- security at the “IP layer” • “Built in” security for applications • IPSec is a bloated and complex protocol Networking Overview 14

  15. TCP • TCP provides reliable delivery • Most familiar apps use TCP • Web browsing (HTTP) • Secure shell (SSH) • File transfer (FTP) • Email (SMTP, POP, IMAP) • Etc., etc., etc. • For most apps, TCP saves a lot of work Networking Overview 15

  16. TCP Header • Every TCP packet includes header Networking Overview 16

  17. TCP Port Numbers • Source port, destination port • 16-bit numbers • Tells which “door” to send data to • Source == outgoing “door”, etc. • Server application “listens” on a port • Listening ports are open • Non-listening ports are closed Networking Overview 17

  18. TCP Port Numbers • Examples of well-known ports • TCP port 21 --- FTP • TCP port 22 --- SSH • TCP port 23 --- telnet • TCP port 25 --- SMTP • TCP port 80 --- HTTP • TCP port 6000 --- The X Window System (X11) • Note these ports are used by convention • Could use 8080 for HTTP and not get arrested • But both client and server must know this Networking Overview 18

  19. Ports • Example • Note that attackers want to know which ports (“doors”) are open Networking Overview 19

  20. Ports • To see which ports are in use • Locally, use netstat -na Networking Overview 20

  21. TCP Control Bits • Control bits or flags • For “3-way handshake”, and other special things Networking Overview 21

  22. TCP Control Bits • Originally, 6 control bits • URG --- urgent data, give it priority (or not…) • ACK --- acknowledge earlier data • PSH --- push data thru now • RST --- reset the connection, due to error or an interruption (abnormal termination) • SYN --- synchronize sequence numbers • FIN --- no more data, so tear down connection Networking Overview 22

  23. TCP Control Bits • Two additional control bits • CWR --- congestion window reduced; due to network congestion, reduced window size • ECE --- explicit congestion notification echo; connection is experiencing congestion • For congestion control issues Networking Overview 23

  24. TCP 3-Way Handshake • Used to establish TCP connection • Note sequence numbers: ISNA and ISNB • ACK and SYN flag bits used here Networking Overview 24

  25. TCP 3-Way Handshake • Establishes “connection” • Sequence numbers enable TCP to • Make sure all packets arrive • Make sure all packets delivered in order • FIN bit used when session torn down • RST used to end in “error” cases Networking Overview 25

  26. Other Fields in TCP Header • Data offset --- where the data begins • Reserved --- reserved for future use (or for clever attackers…) • Window --- controls number of outstanding packets; prevents one side from sending too fast (flow control) • Checksum --- error detection (uses CRC) Networking Overview 26

  27. Other Fields in TCP Header • Urgent pointer --- if URG flag set, tells where the urgent data is located • Options --- additional info (e.g., the max size of packet); variable size • Padding --- used to make things line up on 32-bit boundaries Networking Overview 27

  28. UDP • UDP == User Datagram Protocol • Minimal “no frills” transport protocol • Does minimum possible • “Connectionless” • No flow control, no congestion control, packets can be out of order, not arrive, … • UDP == Unreliable Damn Protocol Networking Overview 28

  29. UDP • Why use UDP? • Low overhead • 8 byte header vs 20 bytes (or more) for TCP • No congestion control/flow control • How can this be good? Networking Overview 29

  30. Where is UDP Used? • Streaming audio/video • Some packet loss is OK • Example: Real Player, UDP port 7070 • Apps where low overhead is useful • Trivial FTP (TFTP), UDP port 69 • Simple Network Management Protocol (SNMP), UDP port 161 Networking Overview 30

  31. FTP vs UDP • Which is more secure? • With UDP, more work for firewalls • Hard to track “connections” • Example: Slammer worm fit into one 376-byte UDP packet; got thru firewalls • But neither TCP nor UDP offer any “real” security (confidentiality, etc.) Networking Overview 31

  32. IP • IP == Internet Protocol • Not “intellectual property” • IP is the network layer protocol today • Mostly IPv4 • IPv6 used a little bit --- offers more addresses and more security • Here, we focus on IPv4 Networking Overview 32

  33. IP Header • Note that source and destination addresses each 32 bits Networking Overview 33

  34. What is a Network? • LAN == Local Area Network • LANs are building blocks of networks • LAN is bunch of computers connected together by hub, switch, wireless, … • No router between computers on a LAN • Usually, small geographic area Networking Overview 34

  35. What is a Network? • LANs are connected by routers • Routers move packets between LANs Networking Overview 35

  36. IP Addresses • IP addresses are 32 bits • Identify hosts (computers) on network • Written in “dotted decimal” notation • Author calls it “dotted quad” notation Networking Overview 36

  37. IP Addresses • Every IP packet has source and destination IP addresses • Every IP address has 2 parts • One part identifies the network (LAN) • One part identifies the specific host • Makes routing more efficient • But which part is which? Networking Overview 37

  38. Netmasks • Leftmost bits are network part of address • Netmask (subnet mask) often used • Uses “AND” operation • Classless Inter-Domain Routing (CIDR) notation • 10.21.0.0/16 Networking Overview 38

  39. Packet Fragmentation • Link may accept packet of max length • What if packet is too big? • Fragmentation! • Router chops packet into pieces • Reassembled at destination • Fields in IP header identify fragments (and how to reassemble them) Networking Overview 39

  40. Fragmentation Bits • Don’t fragment bit • 0 == OK to fragment, 1 == don’t fragment • More fragments bit • 0 == last fragment, 1 == more fragments • Fragmentation opens door to attacks • Firewalls/IDS do not like fragments Networking Overview 40

  41. Other Stuff in IP Header • Version --- IPv4 or IPv6 • Hlen --- total length of IP header • Service Type --- for quality of service • Total Length --- length of data and header • Identification --- for fragment reassembly • Flags --- don’t fragment, more fragments, … • Fragmentation Offset --- how to reassemble fragments Networking Overview 41

  42. Other Stuff in IP Header • Time-to-Live (TTL) --- max number of “hops” remaining before packet dies • Protocol --- TCP or UDP • Header Checksum --- error detection in header (recomputed at each router) • Source IP Address --- “from” • Destination IP Address --- “to” • Options --- e.g., “source routing” • Padding --- pad length to multiple of 32 bits Networking Overview 42

  43. ICMP • Internet Control Message Protocol • Like the “network plumber” • Host uses ICMP to see if another host is alive and responding • Router uses ICMP to tell source it does not know how to route a packet • Host can tell another host to stop sending data so fast, etc., etc. Networking Overview 43

  44. ICMP • Same packet format as IP • Protocol field is set to 1 • Many ICMP message types • Common types listed on next 2 slides Networking Overview 44

  45. ICMP • Name (type number) --- explanation • Echo reply (0) --- response to ping • Destination unreachable (3) --- IP packet cannot be delivered (sent by router or host) • Source quench (4) --- slow down! • Redirect (5) --- send data to different router • Echo (8) --- ping (is system responding?) Networking Overview 45

  46. ICMP • Message, type number, explanation • Time Exceeded (11) --- TTL exceeded, or problem reassembling fragments • Parameter Problem (12) --- bad parameter • Timestamp (13) --- request system’s time • Timestamp Reply (14) --- send system time • Information Request (15) --- used to determine which network a host is on • Information Reply (16) --- network IP address Networking Overview 46

  47. Routing Packets • How routers get packets thru network • Like Little Red Riding Hood trying to find the best path to grandma’s house • Dynamic routing protocols • RIP, OSPF, BGP • As if trees in the forest calculate best path and tell Red which way to go Networking Overview 47

  48. Routing Packets • Static routing protocols • Hard-coded routes • Red always has to go the same way • Source routing • Source specifies route in packet • Step-by-step directions to Grandma’s house tattooed on Red’s forehead Networking Overview 48

  49. NAT • Network Address Translation • Address-related problems • Not enough IP addresses to go around • Internal network uses “illegal” or unroutable (private) addresses • Solutions: NAT • Gateway (i.e., router or firewall) “translates” addresses Networking Overview 49

  50. NAT • Outgoing --- gateway replaces internal address with valid IP address • Incoming --- gateway replaces valid IP address with internal address • Note that gateway must remember! Networking Overview 50

More Related