1 / 70

CS 468: Advanced UNIX Class 7

CS 468: Advanced UNIX Class 7. Dr. Jesús Borrego Regis University. Topics. IA Lab visit was scheduled for last week; rescheduled for next week Review of Homework 5 Networking Homework 6 Review for final Q&A. Networking. Computers connecting to other computers

iona-daugherty
Télécharger la présentation

CS 468: Advanced UNIX Class 7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS 468: Advanced UNIXClass 7 Dr. Jesús Borrego Regis University

  2. Topics IA Lab visit was scheduled for last week; rescheduled for next week Review of Homework 5 Networking Homework 6 Review for final Q&A

  3. Networking Computers connecting to other computers Computers connecting to the Internet Network Topologies Network Devices Internetworking Communicating with Users Data distribution NFS

  4. Communication model Source Transmitter Transmission System Receiver Destination Communications Infrastructure

  5. OSI Model Application Presentation Session Transport Network Data Link Physical

  6. Internet Protocol Stack Application Transport Transport Network/ Internet Data Link Control Physical

  7. OSI vs. IP Application Application Presentation Session Transport Transport Network/ Internet Network Data Link Control Data Link Physical Physical

  8. Ethernet institutional router 100 Mbps to institution’sISP Ethernet switch 100 Mbps 1 Gbps 100 Mbps server • typically used in companies, universities, etc • 10 Mbps, 100Mbps, 1Gbps, 10Gbps Ethernet • today, end systems typically connect into Ethernet switch

  9. Bridges • Connects separate networks • One Ethernet network to another one • “Bridges” two network segments together • Makes it appear as if the two segments were a single one • Wire length is limited due to degradation of signal • Bridges allow extension of physical limitation of wire

  10. Routers • Bridges cannot accommodate large networks • Routers connect two or more networks • “Routes” incoming messages to appropriate network • Can be used to connect a LAN to an ISP (Internet Service Provider) • Can be used to link the different networks in the global Internet

  11. Gateway Used to connect remote LANs to a WAN (Wide Area Network)

  12. Topologies Typical LAN topologies include: • Bus • Single link for all computers • Ring (Token) • Each computer connected to at least 2 other computers • Star • Central server

  13. D E Internetworking – Packet Switching 100 Mb/s Ethernet C A statisticalmultiplexing 1.5 Mb/s B queue of packets waiting for output link • sequence of A & B packets has no fixed timing pattern • Time Division Multiplexing (TDM)

  14. Internet Address IPv4 – 4 Octets Class A: 0*.*.*.* (two reserved, all 0’s and all 1’s) Class B: 10*.*.*.* Class C: 110*.*.*.* Class D: 111*.*.*.* Class E: 1111*.*.*.* Many subnet calculators available online

  15. Ports and common services

  16. Users in your system users – local host users rusers - users on local network who – more info than users rwho – more info than rusers w – more information than who whois – information about major internet sites hostname – displays local host name finger – lists information about a user

  17. Finger utility

  18. User communication on a network write – send individual lines to user talk – interactive split screen two-way chat wall – send messages to all users on local host mail – send email messages mesg – disables incoming messages to your terminal

  19. File transfer on network Rcp (remote copy) – copy files from one host to another uucp (unix-to-unix copy) – like rcp, copies files between two hosts ftp (file transfer protocol/program) – copy files between local host and other hosts Commands for ftp: UPU page 338

  20. Distributed access commands rlogin – provides login to remote servers rsh – execute shell commands on remote Unix hosts telnet – executes commands on remote telnet hosts

  21. Network File System (NFS) Public domain specification developed by Sun Microsystems Allows you to mount several local file systems into a single network file hierarchy Provides remote mount capability Uses RPC to mount a file system on remote machine

  22. Internet control ICANN – Internet Corporation for Assigned Names and Numbers – allocates names and domains ISOC – Internet Society – represents Internet users, technical advisory society IGF – Internet Governance Forum, global forum established by the United Nations in 2005

  23. Network Standards RFC: Request for Comments RFC 114/959: A File Transfer Protocol RFC 791: Internet Protocol RFC 793: Transmission Control Protocol RFC 1945: Hypertext Transfer Protocol HTTP 1.0 RFC 2251: Lightweight Directory Access Protocol RFC 2460: Internet Protocol v6 (IPv6) RFC 4251: Secure Shell (SSH) Protocol Architecture

  24. Internet Protocols

  25. Internet Protocols • BGP - Border Gateway Protocol • FTP - File Transfer Protocol • HTTP - Hypertext Transfer Protocol • ICMP - Internet Control Message Protocol • IGMP - Internet Group Management Protocol • IP - Internet Protocol • MIME - Multipurpose Internet Mail Extension Source: Stallings, W. (2007). Data and computer communications (8th ed.). Upper Saddle River, NJ: Pearson Prentice Hall.

  26. Internet Protocols (Cont’d) • OSPF – Open Shortest Path First • RSVP – Resource ReSerVation Protocol • SMTP – Simple Mail Transfer Protocol • SNMP – Simple Network Management Protocol • TCP – Transmission Control Protocol • UDP – User Datagram Protocol Source: Stallings, W. (2007). Data and computer communications (8th ed.). Upper Saddle River, NJ: Pearson Prentice Hall.

  27. Sample Flow Server Server Application Application Data Data Presentation Presentation Data Data Session Session Data Data Transport Transport Data Data Data Data Data Data Data Data Network Network Data Link Data Link Physical Physical

  28. IPv4

  29. IPv6

  30. Internet Addressing • Media Access Control (MAC): used by hardware • IPv4 and IPv6 used by software to determine source, destination, and component location (NIC, not computers) • Hostnames used by people • Data link layer maps IPs to hardware • Hostnames can map names to IPs

  31. Sample subnet calculator Source: http://www.subnetonline.com/pages/subnet-calculators/ip-subnet-calculator.php

  32. CIDR Classless Inter-Domain Routing • Netmasks that do not end in a byte boundary • Each byte has 8 bits • To subnet 128.138.243.0 with 26 bits – not a byte boundary (8, 16, 24), we use the convention 128.138.243.0/26

  33. 26 bits 6 bits

  34. CIDR Calculator Source: http://www.subnet-calculator.com/cidr.php

  35. NAT • Private addresses can be used internally by an organization • NAT captures internal addresses and prevents them from exiting the corporate environment • NAT maintains a table of internal versus external addresses to ensure that no internal addresses escape to the global Internet

  36. Routing • The process of determining the output path for an incoming packet • Routing tables are maintained in the kernel and also in routers throughout the Internet • If the server does not know where to send it next, it uses the Address Resolution Protocol to determine next action

  37. routing algorithm local forwarding table header value output link 0100 0101 0111 1001 3 2 2 1 value in arriving packet’s header 1 0111 2 3 Routing

  38. ARP • ARP discovers the hardware address associated with an IP address • If the destination address is not in the same network, ARP determines the next hop router • If address is not known, it send a broadcast message “Does anybody know where X is?” • Response is received and then the protocol uses the response

  39. DHCP • Dynamic Host Configuration Protocol (RFC 2131) • When a host connects to a network, it obtains a ‘lease’ on an IP address, gateways, DNS name servers, Syslog hosts, and others. • If the lease is not renewed, it expires

  40. DHCP discover src : 0.0.0.0, 68 dest.: 255.255.255.255,67 yiaddr: 0.0.0.0 transaction ID: 654 DHCP interaction arriving client DHCP server: 223.1.2.5 DHCP offer src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 654 Lifetime: 3600 secs DHCP request src: 0.0.0.0, 68 dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs time DHCP ACK src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs

  41. Security Issues • Default IP forwarding on a server should be disabled to prevent the server to act as a router • ICMP redirect (you should not send packet to me, send to XYZ) can compromise system • Source routing can slip through firewalls • Do not want to accept or forward source-routed packets

  42. Security Issues (Cont’d) • IP spoofing means changing source or destination in packet header • Receiver may believe source and reply to a malicious server (man-in-the-middle attack) • Host-based firewalls are preferred to client-based firewalls • VPN – allow remote uses to create ‘tunnels’ to the private network • Requires encryption

More Related