PROG1225-07 Lecture-Networking Introduction.pdf

Full Transcript

1225

Unit Seven: Networking Introduction
Overview
When two computers communicate using a local network (like a home network) or the Internet, communication happens
at three levels – hardware, operating system, and application. The three basic steps in networking communication are:




1st: one computer must find the other.
2nd: both computers must agree on the methods and rules for communication – called protocols.
3rd: one computer takes on the role of making request from the other computer – in a client/server model (like a web
browser and web server) – or both computers make requests from each other – in a peer-to-peer model (like two
computers on a home network sharing files).

Network Communication Layers
When two devices communicate, they must use the same protocols so that the communication makes sense. For almost
all networks today, including the Internet, the group or suite of protocols used is called TCP/IP (Transmission Control
Protocol/Internet Protocol).

In the above example, communication starts with an application (browser) passing a request to the OS, which passes the
request to the network card and then on to the network. When the request reaches the network card on the server, the
network card passes it on to the OS and then the OS passes it on to the application (the web server).


Hardware Level: consists of some type of network card and connection to the network.
o Network connection – can be wireless (like Wi-Fi, satellite, cellular) or use some type of cabling (like Ethernet
cables, phone lines, coaxial cables).4
 Wi-Fi (IEEE 802.11) and Ethernet are the most common types of connections for home and offices.
o Network Adapter (or Network Card, Network Interface Card, NIC) – includes any network connector (port) or
wireless access circuitry.
 MAC (Media Access Control) Address (or Hardware Address, Physical Address, Adapter Address) – Every
network adapter has a 48-bit (6 byte) hexadecimal number hard-coded on the card by its manufacturer that is
unique for that device. Part of the MAC address identifies the manufacturer of the network adapter.







MAC addresses are used to locate a computer on a local area network (LAN). A LAN is a group of computers
and devices (like printers and storage devices) connected together in the same general location (like a house
or building).
Operating System Level: use IP (Internet Protocol) addresses to find other computers on a network.
o IP Address – a 32-bit or 128-bit number that is assigned to a network device (like a computer or printer) when a
connection is first made.
 MAC addresses are used only to find computers on a local network and is also used when assigning IP
addresses – a certain MAC address can be given a specific IP address or can even be banned from getting an
IP address.
 IP addresses are used to find computers on the Internet as well as local networks that use the TCP/IP
protocol. Intranets are local networks that use the TCP/IP protocols. IP addresses can be helpful in locating a
computer when a local network has been divided into smaller networks called a subnetwork or subnet.
Application Level: use port numbers to determine which application is requesting information from the Internet.
o Port Number (Port or Port Address) – a preassigned number that uniquely identifies the type of application on
the computer. A web browser will typically use port 80 and an email program will typically ‘listen’ for incoming
email at port 25. The port number is usually added to the end of a IP address.

Before a message is transmitted on a network, if it is too long, it’s broken up into smaller pieces. Header and trailer
information is added, including the IP addresses of the source and destination computer, and the application’s port
number. When this information is added, the message (or message pieces) is called a segment, datagram, packet, or
frame depending on what information has been added to the header and trailer and which layer of communication added
the information.

OSI Protocol Layers vs TCP/IP
OSI (Open Systems Interconnection) Reference Model: is a seven-layer communication model developed to categorize
the layers of communication – developed by the International Organization for Standardization (ISO).
Layer 1: Physical Layer


Responsible only for sending bits via a wired or wireless transmission.

Layer 2: Data Link Layer (or just Link Layer)




Responsible for interfacing with the physical hardware only on the local network.
Ethernet and Wi-Fi are the typical link layer protocols used which is programmed into all the hardware on the local
network. The Ethernet and Wi-Fi protocol uses the MAC address for transmitting data.
The information coming from this layer is called a Frame.

Layer 3: Network Layer





Responsible for moving messages from one node to another until they reach the destination host.
IP (Internet Protocol) is the main protocol used at this layer which uses IP addresses to identify nodes (devices)
on a network.
The information coming from this layer is called a Packet.
IP relies on several routing protocols to find the best route for a packet when traversing several networks on its
way to its destination. These routing protocols include ICMP (Internet Control Message Protocol) and ARP
(Address Resolution Protocol).

Layer 4: Transport Layer


Responsible for transporting application layer payloads (data) from one application to another on different
computers.







TCP (Transmission Control Protocol) makes a connection with the end host, checks whether the data is received,
and resends it if it is not. TCP is sometimes called a connection-oriented protocol. TCP is used by applications
such as Web browsers and email. Guaranteed delivery takes longer and is used when it is important to know that
the data reached its destination.
UDP (User Datagram Protocol) does not guarantee delivery by checking whether data is received – so UDP is
sometimes called a connectionless protocol or best-effort protocol. UDP is used for broadcasting, such as
streaming video or audio over the Web, where guaranteed delivery is not as important as fast transmission. USP
is also used to monitor network traffic.
The information coming from this layer is called either a segment (TCP) or datagram (UDP).

Layer 5: Session Layer


Describes how data between applications is synced and recovered if messages don’t arrive intact at the receiving
application.

Layer 6: Presentation Layer


Responsible for reformatting, compressing, and/or encrypting data in a way that the application on the receiving
end can read.

Layer 7: Application Layer




Describes the interface between two applications, each on separate computers.
HTTP, SMTP, POP3, IMAP4, FTP, Telnet, and RDP are examples of TCP/IP application layer protocols.
The information coming from this layer is called a payload and includes control information like the port number
of the application (which is based on the application layer protocol used).

The Application, Presentation, and Session layers are so intertwined that it is often difficult to distinguish between them.
Tasks for each layer may be performed by the operating system or the application. Most tasks are performed by the OS
when an application makes an API (Application Programming Interface) call to the OS – which is a method an application
uses when it makes a request of the OS.

Below is a table relating the different layers with each model…

OSI Model
Application Layer
Presentation
Layer
Session Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer

Protocols and Services
HTTP, SMTP, POP3, IMAP4,
FTP, Telnet, RDP
(TCP/IP suite of protocols
embedded in the OS)
TCP or UDP
IP, ICMP, and ARP
Ethernet

TCP/IP Model

Basic 3 Layer Model

Applications (Web
Browser, Email)

Application Layer

Application Layer
Operating System Layer
Transport Layer
Network Layer
Network Interface
Layer

Hardware Layer

As noted above, each TCP/IP layer adds data to be transmitted (when data is added it’s called encapsulation and when
data is removed it’s called decapsulation) …





Application Layer – payload data
Transport Layer – adds a header to the payload data to create a segment (TCP) or datagram (UDP)
Network Layer – adds another header to the segment/datagram to create a packet
Network Interface Layer – adds another header and a trailer to a packet to create a frame

TCP/IP Protocols
Common protocols used by networking applications include:















HTTP (Hypertext Transfer Protocol) (Port #80): used for the World Wide Web and used by web browsers and web
servers to communicate.
HTTPS (HTTP Secure) (Port #443): refers to the HTTP protocol working with a security protocol such as Secure
Sockets Layer (SSL) or Transport Layer Security (TLS) to create a secured (encrypted) socket – a connection between a
browser and web server.
SMTP (Simple Mail Transfer Protocol) (Port #25): used to send an email message to its destination.
POP (Post Office Protocol) (Port #110) or IMAP (Internet Message Access Protocol) (Port #143): used to download
messages from an email server. POP3 (POP version 3) or IMAP4 (IMAP version 4) is used.
Telnet (Port #23): an unsecured protocol used to connect to another computer.
LDAP (Lightweight Directory Access Protocol) (Port #389): used by various client applications when querying a
database. LDAP is not encrypted – LDAPS (LDAP Secure) (Port #636) is encrypted.
SMB2 (Server Message Block version 2) (Port #445): can be used to share files and printers on a network. Also called
CIFS (Common Internet File System).
FTP (File Transfer Protocol) (Port #20 & #21): used to transfer files between two computers. FTP by default is not
encrypted – SFTP (Secure FTP) uses SSH encryption (Port #22).
SSH (Secure Shell) (Port #22): protocol encrypts transmission so they cannot be intercepted. SSH is commonly used
in Linux to pass sign-in information to a remote computer and control that computer over a network.
SNMP (Simple Network Management Protocol) (Port #161 and #162): used to monitor network traffic.
RDP (Remote Desktop Protocol) (Port #3389): used by the Windows Remote Desktop and Remote Assistance utilities
to connect to and control a remote computer.
DNS (Domain Name Server) (Port #53): used to resolve a computer name (or web address) to an IP address.
DHCP (Dynamic Host Configuration Protocol) (DHCPv4: Port #67 & #68) (DHCPv6: Port #546 & #547): used to
assign an IP address to a network device.

IP Addresses
IP address are the backbone of network communication:






Static IP: an IP address that doesn’t change.
Dynamic IP: an IP address that does change – typically received by a DHCP server.
IPv4 (IP version 4) uses a 32-bit IP address in 4 groups of 8 bits each – usually seen in decimal number system
o Addresses range from 0.0.0.0 (currently unassigned IP address) to 255.255.255.255 (used by broadcast messages
by TCP/IP background processes).
o 127.0.0.1 indicates your own computer and is called the loopback address.
o Private IP addresses are not allowed on the Internet and are used for private internal networks:
 10.0.0.0 to 10.255.255.255 (16,777,216 IP addresses)
 172.16.0.0 to 172.31.255.255 (1,048,576 IP addresses)
 192.168.0.0 to 192.168.255.255 (65,536 IP addresses)
o IPv4 addresses use subnet masks to identify which part of an IP address is the network portion and which part is
the host portion (the part of the address that identifies the individual devices on the network).
o APIPA (Automatic Private IP Address): if no DHCP server is available and no static IP is currently assigned then
the computer can assign its own IP address in the range from 169.254.0.0 to 169.254.255.255.
IPv6 (IP version 6) uses a 128-bit IP address in 8 groups of 16 bits each – usually seen in hexadecimal number system
o Example: 2001:0000:0b80:0000:0000:00d3:9c5a:00cc (in hex) … leading zeros in a four-character hex block can
be eliminated: 2001:0000:b80:0000:0000:d3:9c5a:cc … if blocks contain all zeros, they can be written as double

o

o

o

o

colons: 2001:0000:0b80::d3:9c5a:cc … only one set of double colons can be used in an IP address else ambiguity
can occur – so pick the longest run of zeros.
Here are a few terms used in the IPv6 standards:
 A link, sometimes called the local link, is any local area network (LAN) bounded by routers (hardware devices
used to connect computers and networks together and directs traffic between them).
 An interface is a node’s (networking device) attachment to a link (either wired or wireless).
 The last 64 bits (or four blocks) of an IPv6 address identify the interface and are called the interface ID or
interface identifier. These 64 bits uniquely identify an interface on the local link (or in English: The last four
blocks uniquely identify a device on the local network).
 Neighbors are two or more nodes on the same link.
IPv6 classifies IP addresses differently than IPv4. IPv6 supports these three types of IP addresses, classified as to
how the address is used:
 Unicast address – this type of address specifies a single node on a network. Three types of unicast addresses
are global, link local, and unique local addresses.
 Multicast address – packets are delivered to all nodes in the targeted, multicast group.
 Anycast address – this type of address can identify multiple destinations, with packets delivered to the closet
destination. Example: A DNS name server might send a DNS request to a group of DNS servers that have all
been assigned the same anycast address. A router handling the request examines routes to all the DNS
servers in the group and routes the request to the closest server.
 IPv4 uses broadcasting which sends messages to every node on a network. IPv6 reduces network traffic by
eliminating broadcasting.
Three types of unicast addresses:
 Global addresses – also called a global unicast address, can be routed on the Internet.
 Link local addresses – also called a link local unicast address or local address, can be used for communicating
with nodes in the same link (LAN).
 Unique local addresses – is a private address that can travel across subnets within the private network. These
addresses are used by network administrators when subnetting a large network.
IPv6 uses subnetting but doesn’t need a subnet mask because the subnet ID that identifies a subnet is part of the
IPv6 address.
 The subnet ID is the 16 bits following the first 48 bits of the address (used by either global addresses or unique
local addresses).

The following table shows the address prefixes for types of IPv6 addresses:

IPv6 Address Type
Link-local Address
Unique local Address
Global Address
Multicast
Unassigned Address
Loopback Address

Address Prefix
fe80::/64
fc00::/7
2000::/3
ff00::/8
0::0
0::1 or ::1

Notes
First 64-bits are always fe80:0000:0000:0000 (in hex)
First 7-bits are always 1111 110 (or fc in hex)
First 3-bits are always 001
First 8-bits are always 1111 1111 (or ff in hex)
All 64-bits are zeros
First 127 bits are zero, the last bit is one (0:0:0:0:0:0:0:1 in hex)

Character Based Names
Remembering an IP address in not always easy, so character-based names are used to substitute for IP addresses.




Host Name, also called a computer name, is the name of a computer and can be used in place of its IP address.
A workgroup is a group of computers on a peer-to-peer network that are sharing resources. The workgroup name
assigned is only recognized within the local network.
A domain name identifies a network (like microsoft.com or google.com).



A fully qualified domain name (FQDN) identifies a computer and the network to which it belongs. Example:
www.microsoft.com – the host name is www (a web server), Microsoft is the domain name, and com is the top level
domain. Whereas msdn.microsoft.com identifies another computer – msdn.

On the Internet, a fully qualified domain name must be associated with an IP address before a particular computer can be
found. This process of associating a character-based name with an IP address if called name resolution.


DNS (Domain Name System or Domain Name Service) protocol is used by a DNS server to find an IP address for a
computer when the fully qualified domain name is known.
o Home Internet Service Providers (ISPs) are responsible for providing access to one or more DNS servers as part of
the service it provides for Internet access.
o When a computer tries to resolve a computer name to an IP address, it first looks in the DNS cache stored in
memory – if not found, it then uses a DNS server for which it has an IP address for.
o DNS Client is a device requesting DNS services.