CS360 Quiz slides.pdf

Full Transcript

College of Computing and Informatics CS360 Computer Networks Chapter 17 McGraw-Hill ©The McGraw-Hill Companies, Inc., 2000 Chapter 17: Outline 17.1 CONNECTING DEVICES 17.2 VIRTUAL LANS Chapter 17: Outline The first section discusses connecting devices. It first describes hubs and their features. The section then discusses link-layer switches (or simply switches, as they are called), and shows how they can create loops if they connect LANs with broadcast domains. The second section discusses virtual LANs or VLANs. The section first shows how membership in a VLAN can be defined. The section then discusses the VLAN configuration. It next shows how switches can communicate in a VLAN. Finally, the section mentions the advantages of a VLAN. 17-1 CONNECTING DEVICES Hosts and networks do not normally operate in isolation. We use connecting devices to connect hosts together to make a network or to connect networks together to make an Internet. Connecting devices can operate in different layers of the Internet model. We discuss three kinds of connecting devices: hubs, link-layer switches, and routers. Figure 17.1: Three categories of connecting devices 17.4 17.17.1 Hubs A hub is a device that operates only in the physical layer. Signals that carry information within a network can travel a fixed distance before attenuation endangers the integrity of the data. A repeater is a multiport device, often called a hub, receives a signal and, before it becomes too weak or corrupted, regenerates and retimes the original bit pattern. Figure 17.2 shows that when a packet from station A to station B arrives at the hub, the signal representing the frame is regenerated to remove any possible corrupting noise, but the hub forwards the packet from all outgoing ports except the one from which the signal was received. In other words, the frame is broadcast. All stations in the LAN receive the frame, but only station B keeps it. The rest of the stations discard it. Figure 17.2: Hub 17.5 17.17.2 Link-Layer Switches A link-layer switch (or switch) operates in both the physical and the data-link layers. As a physical-layer device, it regenerates the signal it receives. As a link-layer device, the link-layer switch can check the MAC addresses (source and destination) contained in the frame. In Figure 17.3, we have a LAN with four stations that are connected to a link-layer switch. If a frame destined for station 71:2B:13:45:61:42 arrives at port 1, the linklayer switch consults its table to find the departing port. According to its table, frames for 71:2B:13:45:61:42 should be sent out only through port 2; therefore, there is no need for forwarding the frame through other ports. Figure 17.3: Link-Layer Switch 17.6 Figure 17.4: Learning switch When station A sends a frame to station D, the switch does not have an entry for either D or A. The frame goes out from all three ports; the frame floods the network. However, by looking at the source address, the switch learns that station A must be connected to port 1. This means that frames destined for A, in the future, must be sent out through port 1. The switch adds this entry to its table. 17.7 *Figure 17.4: Learning switch (Cont.) To make a table dynamic, we need a switch that gradually learns from the frames’ movements. To do this, the switch inspects both the destination and the source addresses in each frame that passes through the switch. The destination address is used for the forwarding decision (table lookup); the source address is used for adding entries to the table and for updating purposes. Let us elaborate on this process using Figure 17.4. 1. When station A sends a frame to station D, the switch does not have an entry for either D or A. The frame goes out from all three ports; the frame floods the network. However, by looking at the source address, the switch learns that station A must be connected to port 1. This means that frames destined for A, in the future, must be sent out through port 1. The switch adds this entry to its table. The table has its first entry now. When station D sends a frame to station B, the switch has no entry for B, so it floods the network again. However, it adds one more entry to the table related to station D. The learning process continues until the table has information about every port. However, note that the learning process may take a long time. For example, if a station does not send out a frame (a rare situation), the station will never have an entry in the table. 17.8 Figure 17.5: 17.9 Loop problem in a learning switch Figure 17.5: Loop problem in a learning switch (Cont.) Figure 17.5 shows a very simple example of a loop created in a system with two LANs connected by two switches. 1. Station A sends a frame to station D. The tables of both switches are empty. Both forward the frame and update their tables based on the source address A. 2. Now there are two copies of the frame on LAN 2. The copy sent out by the left switch is received by the right switch, which does not have any information about the destination address D; it forwards the frame. The copy sent out by the right switch is received by the left switch and is sent out for lack of information about D. Note that each frame is handled separately because switches, as two nodes on a broadcast network sharing the medium, use an access method such as CSMA/CD. The tables of both switches are updated, but still there is no information for destination D. 3. Now there are two copies of the frame on LAN 1. Step 2 is repeated, and both copies are sent to LAN 2. 4. The process continues on and on. Note that switches are also repeaters and regenerate frames. So, in each iteration, there are newly generated fresh copies of the frames. 17.10 Spanning Tree Algorithm To solve the looping problem, the IEEE specification requires that switches use the spanning tree algorithm to create a loopless topology. In graph theory, a spanning tree is a graph in which there is no loop. In a switched LAN, this means creating a topology in which each LAN can be reached from any other LAN through one path only (no loop). 17.11 Spanning Tree Algorithm Figure 17.6 shows a system with four LANs and five switches. We have shown the physical system and its representation in graph theory. The nodes are the LANs and the switches. The connecting arcs show the connection of a LAN to a switch and vice versa. Figure 17.6: A system of connected LANs and its graph 17.12 Spanning Tree Algorithm To find the spanning tree, we need to assign a cost (metric) to each arc. Such has minimum hops. However, the hop count is normally: 1 from a switch to the LAN and 0 in the reverse direction. Figure 17.6: A system of connected LANs and its graph (Part b) 17.13 Spanning Tree Algorithm The process for finding the spanning tree involves three steps: Step 1: Every switch has a built-in ID (normally the serial number, which is unique). Each switch broadcasts this ID so that all switches know which one has the smallest ID. The switch with the smallest ID is selected as the root switch (root of the tree). We assume that switch S1 has the smallest ID. It is, therefore, selected as the root switch. 17.14 Spanning Tree Algorithm Step 2: The algorithm tries to find the shortest path (a path with the shortest cost) from the root switch to every other switch or LAN. The shortest path can be found by examining the total cost from the root switch to the destination. The combination of the shortest paths creates the shortest tree, which is also shown in Figure 17.7. Figure 17.7: Finding the shortest path and the spanning tree for a switch. 17.15 Spanning Tree Algorithm Step 3: Based on the spanning tree, We mark the ports that are part of the spanning tree, the forwarding ports, which forward a frame that the switch receives. We also mark those ports that are not part of the spanning tree, the blocking ports, which block the frames received by the switch. Figure 17.8 shows the logical systems of LANs with forwarding ports (solid lines) and blocking ports (broken lines). Figure 17.8: Forwarding and blocking ports after using spanning tree algorithm 17.16 17.17.3 Routers A router is a three-layer device; it operates in the physical, data-link, and network layers. In Figure 17.9, assume an organization has two separate buildings with a Gigabit Ethernet LAN installed in each building. The organization uses switches in each LAN. *The two LANs can be connected to form a larger LAN using 10 Gigabit Ethernet technology that speeds up the connection to the Ethernet and the connection to the organization server. A router then can connect the whole system to the Internet. Figure 17.9: Routing example 17.17 17.17.3 Routers There are three major differences between a router and a repeater or a switch. 1. A router has a physical and logical (IP) address for each of its interfaces. 2. A router changes the link-layer address of the packet (both source and destination) when it forwards the packet. 3. *A router acts only on those packets in which the link-layer destination address matches the address of the interface at which the packet arrives. 17.18 17-2 Virtual LANs A station is considered part of a LAN if it physically belongs to that LAN. The criterion of membership is geographic. What happens if we need a virtual connection between two stations belonging to two different physical LANs? We can roughly define a virtual local area network (VLAN) as a local area network configured by software, not by physical wiring. 17.19 Figure 17.11: A switch using VLAN software Figure 17.11 shows a switched LAN divided into VLANs. The whole idea of VLAN technology is to divide a LAN into logical, instead of physical, segments. *A LAN can be divided into several logical LANs, called VLANs. Each VLAN is a work group in the organization. The group membership in VLANs is defined by software, not hardware. *Any station can be logically moved to another VLAN. All members belonging to a VLAN can receive broadcast messages sent to that particular VLAN. *This means that if a station moves from VLAN 1 to VLAN 2, it receives broadcast messages sent to VLAN 2, but no longer receives broadcast messages sent to VLAN 1. 17.20 Figure 17.12: Two switches in a backbone using VLAN software VLAN technology even allows the grouping of stations connected to different switches in a VLAN. Figure 17.12 shows a backbone local area network with two switches and three VLANs. Stations from switches A and B belong to each VLAN. 17.21 17.2.1 Membership What characteristic can be used to group stations in a VLAN? Vendors use different characteristics such as interface numbers, port numbers, MAC addresses, IP addresses, IP multicast addresses, or a combination of two or more of these. 17.2.2 Configuration How are the stations grouped into different VLANs? Stations are configured in one of three ways: manually, automatically and semi-automatically 17.22 17.2.3 Communication between Switches In a multi-switched backbone, each switch must know not only which station belongs to which VLAN, but also the membership of stations connected to other switches. For example, in Figure 17.12, switch A must know the membership status of stations connected to switch B, and switch B must know the same about switch A. Three methods have been devised for this purpose: table maintenance, frame tagging, and time-division multiplexing. 17.23 17.2.4 Advantages There are several advantages to using VLANs. 1. Cost and Time Reduction VLANs can reduce the migration cost of stations going from one group to another. 2. Creating Virtual Work Groups VLANs can be used to create virtual work groups. For example, in a campus environment, professors working on the same project can send broadcast messages to one another without the necessity of belonging to the same department. This can reduce traffic if the multicasting capability of IP was previously used. 3. Security VLANs provide an extra measure of security. People belonging to the same group can send broadcast messages with the guaranteed assurance that users in other groups will not receive these messages. 17.24 Thank You College of Computing and Informatics CS360 Computer Networks Chapter 18- Introduction to Network Layer McGraw-Hill ©The McGraw-Hill Companies, Inc., 2000 Chapter 18: Outline NETWORK-LAYER SERVICES PACKET SWITCHING NETWORK-LAYER PERFORMANCE IPv4 ADDRESSES - Classful 18-1 NETWORK-LAYER SERVICES Before discussing the network layer on the Internet today, let’s briefly discuss the network-layer services that, in general, are expected from a network-layer protocol. 1. Packetizing 2. Routing and Forwarding Figure 18.1 shows the communication between Alice and Bob at the network layer. Figure 18.1: Communication at the network layer 18.3 18.18.1 Packetizing The first duty of the network layer is packetizing. Packetizing means encapsulating the payload in a network-layer packet at the source and decapsulating the payload from the network-layer packet at the destination. *In other words, one duty of the network layer is to carry a payload from the source to the destination without changing it or using it. The network layer is doing the service of a carrier such as the postal office, which is responsible for delivery of packages from a sender to a receiver without changing or using the contents. 18.4 18.18.2 Routing and Forwarding Other duties of the network layer, which are as important as the first, are routing and forwarding, which are directly related to each other. Forwarding value Send the packet out of interface 2 B Data Figure 18.2: Forwarding process 18.5 B Data 18-2 PACKET SWITCHING A router, in fact, is a switch that creates a connection between an input port and an output port (or a set of output ports), just as an electrical switch connects the input to the output to let electricity flow. Data communication switching techniques are divided into two broad categories: 1. Circuit switching (example: telephone network) 2. Packet switching (uses in network layer) Today, packet switching network uses two approaches to route the packets: 1. Datagram (connectionless) approach. 2. Virtual circuit (connection-oriented) approach 18.6 18.2.1 Datagram (Connectionless) Approach When the Internet started, to make it simple, the network layer was designed to provide a connectionless service in which the networklayer protocol treats each packet independently, with each packet having no relationship to any other packet. *The idea was that the network layer is only responsible for delivery of packets from the source to the destination. *In this approach, the packets in a message may or may NOT travel the same path to their destination. Figure 18.3 shows the idea. Figure 18.3: A connectionless packet-switched network 18.7 Figure 18.4: Forwarding process in a router when used in a connectionless network In connectionless packet switching network, router ONLY routes the packet based on the destination address. SA DA 18.8 Data SA DA Data 18.2.2 Virtual-Circuit (connection-oriented) Approach In a connection-oriented service (also called virtual-circuit approach), there is a relationship between ALL packets belonging to a message. Before all datagrams in a message can be sent, a virtual connection should be set up to define the path for the datagrams. After connection setup, the datagrams can all follow the same path. In this type of service, not only must the packet contain the source and destination addresses, it must also contain a flow label, a virtual circuit identifier that defines the virtual path the packet should follow. Figure 18.5: A virtual-circuit packet-switched network 18.9 Figure 18.6: Forwarding process in a router when used in a virtual circuit network Figure 18.6 shows the forwarding decision is based on the value of the label, or virtual circuit identifier. 18.10 Create Virtual-Circuit connection ❑ To create a virtual circuit connection, three phases are used: 1. Setup phase - In this phase, a router create an entry for a virtual circuit. - Two auxiliary packets need to be exchanged between the source and the destination; request packet and acknowledgment packet. (see figures 18.7, 18.8) 2. Data-transfer phase. - After all routers have created their forwarding table for specific virtual circuit, then the network-layer packets belonging to one message can be sent one after another. (see figure 18.9) 3. Teardown phase. - In the teardown phase, source A, after sending all packets to B, sends a special packet called teardown packet - Destination B responds with a confirmation packet. - All routers delete the corresponding entries from their tables. 1.11 4.11 *Figure 18.7: Sending request packet in a virtual-circuit network A to B A to B A to B 18.12 A to B *Figure 18.8: Sending acknowledgments in a virtual-circuit network 18.13 *Figure 18.9: Flow of one packet in an established virtual circuit 18.14 18-3 NETWORK-LAYER PERFORMANCE *The upper-layer protocols that use the service of the network layer expect to receive an ideal service, but the network layer is not perfect. The performance of a network can be measured in terms of delay, throughput, and packet loss. Congestion control is an issue that can improve the performance. 18.15 18.3.1 Delay All of us expect instantaneous response from a network, but a packet, from its source to its destination, encounters delays. The delays in a network can be divided into four types: 1. Transmission delay The time a sender needs to put the bits in a packet on the transmission media one by one. 2. Propagation delay The time it takes for a bit to travel from point A to point B in the transmission media. 3. Processing delay The time require to process a packet in a router 4. Queuing delay The time the packet waits in router’s queue. 18.16 18.3.2 Throughput (transmission rate) Throughput at any point in a network is defined as the number of bits passing through the point in a second. which is actually the transmission rate of data at that point. *In a path from source to destination, a packet may pass through several links (networks), each with a different transmission rate. Assume that we have three links, each with a different transmission rate, as shown in Figure 18.10. In general, in a path with n links in series: Throughput = minimum {TR1, TR2,…,TRn) 18.17 Figure 18.10: Throughput in a path with three links in a series 18.3.3 Packet Loss *Another issue that severely affects the performance of communication is the number of packets lost during transmission. *When a router receives a packet while processing another packet, the received packet needs to be stored in the input buffer waiting for its turn. A router, however, has an input buffer with a limited size. A time may come when the buffer is full and the next packet needs to be dropped. The effect of packet loss on the Internet network layer is that the packet needs to be resent, *which in turn may create overflow and cause more packet loss. 18.18 18.3.4 Congestion Control Congestion control is a mechanism for improving performance. Congestion control refers to the mechanisms and techniques to control the congestion and keep the load below the capacity of the network. In Chapter 23, we will discuss congestion at the transport layer. *Although congestion at the network layer is not explicitly addressed in the Internet model, the study of congestion at this layer may help us to better understand the cause of congestion at the transport layer and find possible remedies to be used at the network layer. *Congestion at the network layer is related to two issues delay and throughput. 18.19 Figure 18.13. Packet delay and throughput as functions of load Congestion control at the network layer involves two metrics that measure the performance of a network: delay and throughput. 18.20 Congestion Control Congestion control refers to techniques and mechanisms that can either: 1. Prevent congestion, before it happens, or 2. Remove congestion, after it has happened. In general, we can divide congestion control mechanisms into two broad categories: 1. Open-loop congestion control (prevention) and 2. Closed-loop congestion control (removal). 24.21 Congestion control categories Figure 18.14: Backpressure method for alleviating congestion Backpressure is a node-to-node congestion control that starts with a node and propagates, in the opposite direction of data flow, to the source. Node III in the figure has more input data than it can handle. It drops some packets in its input buffer and informs node II to slow down. Node II, in turn, may be congested because it is slowing down the output flow of data. If node II is congested, it informs node I to slow down, which in turn may create congestion. If so, node I informs the source of data to slow down. This, in time, alleviates the congestion. Note that the pressure on node III is moved backward to the source to remove the congestion. *Backpressure can be applied only to virtual circuit networks (each node knows its upstream node) 18.22 Figure 4.15: Choke packet A choke packet is a packet sent by a node to the source to inform it of congestion. In back pressure, the warning is from one node to its upstream node whereas the choke packet is from the node to the source directly. 18.23 18-4 IPv4 ADDRESSES The identifier used in the IP layer of the TCP/IP protocol suite to identify the connection of each device to the Internet is called the Internet address or IP address. An IPv4 address is a 32-bit address that uniquely and universally defines the connection of a host or a router to the Internet. *The IP address is the address of the connection, not the host or the router. 18.24 18.4.1 Address Space An address space is the total number of addresses used by the protocol. If a protocol uses N bits to define an address, the address space is 2N. IPv4 uses 32-bit addresses, which means that the address space is 232 or 4,294,967,296 (more than 4 billion). Figure 18.16: Three different notations in IPv4 addressing 18.25 Figure 4.30: Hierarchy in IP addressing In hierarchical address, the IP address divides into two parts: 1.Network address / netid (Prefix part) and 2.Host address / hostid (Suffix part). *These two parts combined represent the actual connection address. Network Address 1.26 4.26 Host Address 18.4.2 Classful Addressing (old IP address hierarchy) *When the Internet started, an IPv4 address was designed with a fixed-length prefix, but to accommodate both small and large networks, three fixed-length prefixes were designed instead of one (n = 8, n = 16, and n = 24). In Classful addressing, the address space is divided into five classes: A, B, C, D, and E. Figure 18.18: Occupation of the address space in classful addressing 18.27 Examples Exercise 1: For each of the following addresses, determine the class, Network ID, Host ID, and number of hosts. Example1: 15.26.18.123 : 00001111.00011010.00010010.01111011 Class A, why? Network ID = Prefix = 15 Host ID = Suffix = 26.18.123 Number of hosts = 224 – 2 (the network address and the broadcast address cannot be assigned to hosts) Example 2: 152.32.14.19 : 10011000.00100000.00001110.00010011 Example 3: 200.1.21.3 : 11001000.00000001.00010101.00000011 Exercise 2: Host1 has IP address 12.15.13.5. Which address(es) from the following list belongs to the same network of Host1? 12.32.65.60 ✓ 12.15.2.6 ✓ 12.15.13.5 12.15.13.66 ✓ 00001100.00001111.00001101.00000101 123.150.13.5 X 12.15.13.354 invalid IPv4 address 18.28 Exercise 1 (1/3): Determine the class, Network ID, Host ID, and number of hosts. Example1: 15.26.18.123 Class? Class A, because 1st bit = 0 Network ID? Class A → length of Network ID = 8 bits → Network ID = Prefix = 15 Host ID? Host ID = Suffix = 26.18.123 Maximum number of hosts? Number of hosts = 224 – 2 (the network address and the broadcast address cannot be assigned to hosts) 18.29 Exercise 1 (2/3): Determine the class, Network ID, Host ID, and number of hosts. Example2: 152.32.14.19 Class? Network ID? Host ID? Maximum number of hosts? 18.30 Exercise 1 (3/3): Determine the class, Network ID, Host ID, and number of hosts. Example3: 200.1.21.3 Class? Network ID? Host ID? Maximum number of hosts? 18.31 Exercise 2: Example 1: Host1 has IP address 12.15.13.5. Which address(es) from the following list belongs to the same network of Host1? 12.32.65.60 – 12.15.2.6 – 12.15.13.66 – 123.150.13.5 – 12.15.13.354 Rule: Two hosts belong to the same network if they have the same Network ID Example 2: Host2 has IP address 140.12.13.5. Which address(es) from the following list belongs to the same network of Host2? 140.12.65.60 – 140.15.13.5 – 140.12.13.66 – 143.150.13.5 – 12.140.130.35 18.32 Thank You College of Computing and Informatics CS360 Computer Networks Chapter 18 (Classless Addressing) + Chapter 19 McGraw-Hill ©The McGraw-Hill Companies, Inc., 2000 Outline IPv4 Addresses - Classless DHCP NAT Classless addressing (current IP address hierarchy) To overcome addresses shortage and give more organizations access to the Internet, classless addressing was designed and implemented. In this scheme, there are no classes. In classless addressing, when an entity, small or large, needs to be connected to the Internet, it is granted a block (range) of addresses. The size of the block (the number of addresses) varies based on the nature and size of the entity. : 232 addresses 18.3 Slash notation (CIDR) The first question that we need to answer in classless addressing is How to find the prefix (network address) length if an address is given. Since the prefix length is not inherent in the address, we need to separately give the length of the prefix. In this case, the prefix length, n, is added to the address, separated by a slash. Called, n, network mask 18.4 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Extracting information from the classless addressing Given ANY address in the block, we normally like to know the three pieces of information about the block: the number of addresses, the first address and the last address in the block. 1. The number of addresses in the block is found as N = 232−n. 2. To find the first address (called network address), we keep the n leftmost bits and set the (32 − n) rightmost bits all to 0s. 3. To find the last address (called broadcast address), we keep the n leftmost bits and set the (32 − n) rightmost bits all to 1s. 18.5 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Example 18.1 A classless address is given as 167.199.170.82/27. We can find the above three pieces of information as follows. The number of addresses in the network is 232 − 27 = 25 = 32 addresses. The network address can be found by keeping the first 27 bits and changing the rest of the bits to 0s. The broadcast address can be found by keeping the first 27 bits and changing the rest of the bits to 1s. First host address = 167.199.170.65 Last host address = 167.199.170.94 18.6 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 18.4.3 Classless Addressing A classless address includes three parts: Network ID: determined from the class of the address Host ID: determined from the mask (number of zeros in the mask) Subnet ID = 32 – ( length of Network ID + length of Host ID) Example of a class B address, where 9 bits are used for Subnetwork ID (taken from Host ID, the network ID always depends on the class) 18.7 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Example 18.2 An example of a classless address is 167.199.170.82/27. 167.199.170.82 = 10100111.11000111.10101010.01010010 Number of bits for Host ID = ? 32 – 27 = 5 (from the mask) Number of bits for Network ID = ? 16 (because the address belongs to Class B) Number of bits for sub-networks = ? 32 – (16 + 5) = 11 Because Subnet ID = 32 – ( length of Network ID + length of Host ID) Maximum number of sub-networks = ? 211 = 2 length of subnet ID Maximum number of hosts per sub-network = 25 – 2 = 30 18.8 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Example 18.3 For 23.14.67.92/12, determine: Number of bits for Host ID = Number of bits for Network ID = Number of bits for sub-networks = Maximum number of sub-networks = Maximum number of hosts per sub-network = 18.9 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Example 18.4 For 220.8.24.128/25, determine: Number of bits for Host ID = Number of bits for Network ID = Number of bits for sub-networks = Maximum number of sub-networks = Maximum number of hosts per sub-network = 18.10 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 18.4.4 DHCP After a block of addresses are assigned to an organization, the network administration can manually assign addresses to the individual hosts or routers. However, address assignment in an organization can be done automatically using the Dynamic Host Configuration Protocol (DHCP). *DHCP is an application-layer program, using the clientserver paradigm, that actually helps TCP/IP at the network layer. 18.11 Figure 18.27: Operation of DHCP 18.12 18.4.5 Network Address Translation (NAT) NAT enables a user to have a large set of addresses internally and one address, or a small set of addresses, externally. The traffic inside can use the large set; the traffic outside, the small set. *In most situations, only a portion of computers in a small network need access to the Internet simultaneously. *A technology that can provide the mapping between the private and universal addresses, and at the same time support virtual private networks, which we discuss in Chapter 32, is Network Address Translation (NAT). *The technology allows a site to use a set of private addresses for internal communication and a set of global Internet addresses (at least one) for communication with the rest of the world. NAT Router 18.13