IFN507 Network Systems - QUT Presentation PDF

IFN507 Network Systems Unit Preview School of Computer Science Queensland University of Technology Your safety and health are the 1st priority Stay safe Stay healthy For emergency anytime anywhere ⎻ Dial 000 The following QUT Emergency Contacts are copied from https://www.qut.edu.au/about/emergency-contacts ⎻ QUT Emergency Dial 3138 8888 ⎻ QUT Security 3138 5585 1800 065 585 (freecall) 2 Teaching Team Your unit coordinator: ⎻ Professor Glen Tian ( [email protected]. qut.edu.au/staff/tian GP-S1012A ) Your Lecturers: ⎻ Professor Glen Tian [email protected] staff.qut.edu.au/staff/tian Your tutor: ⎻ Dr Abdo Khamis [email protected] 3 A Unit of 12 credit points You are expected to commit an average of about 12 hours per week to this unit over for 13 teaching weeks ⎻ 2-hour lecture To gain network concepts and knowledge ⎻ 2-hour practicals/tutorials To reinforce what you have learned from lecture materials To gain practical experience with tutor’s assistance To have group discussions ⎻ About 8-hour self-study 4 IT Job Market – an overview IT Job market survey from Hays www.hays.com.au/salary- guide Have a look and get some ideas what knowledge/expertise areas are highly demanded in IT ⎻ What useful information have you found from there? 5 About This Unit Rationale ⎻ Computer systems and communications networks are essential to the activities of modern organisations. This is an introductory network unit ⎻ To provide you with fundamental skills and knowledge to understand, analyse, design, configure, and manage computer networks ⎻ To provide the core skills needed to continue on to more advanced network and security units in your major 6 Learning Outcomes On successful completion of this unit you will be able to: ⎻ Explain the fundamental concepts of layered network architecture, protocols, and services through learning the building blocks of computer networks ⎻ Design and configure computer networks to meet specific requirements ⎻ Diagnose and resolve network problems and service interruptions ⎻ Identify common network security incidents, determine the types of attacks, and recommend mitigation strategies 7 QUT Student Code of Conduct Manual of Policies and Procedures “treat other members of the University community with respect and courtesy” “behave in a manner which does not adversely affect the freedom of other members of the University community to pursue their studies, duties or activities” … 8 Communications The unit’s Canvas site will be used as the primary means to provide learning resources and necessary administrative information. Announcements are posted on the Canvas and also email to your student email address. Use your QUT student email account for all email communications in this unit It is your responsibility to regularly check your email and the Canvas unit Web page. Consultation by appointment, or in an ad-hoc manner 9 Syllabus Weekly schedule – subject minor change ⎻ https://canvas.qut.edu.au/courses/17401/assignments/syllabus Assessments 1. Lab/practicals: three deliverables (30% = 10% Test 1 + 10% Test 2 + 10% Test 3) 1) Linux practicals in Week 5 2) Addressing and routing in Week 10, and 3) Packet analysis in Week 12 2. Applied project: one deliverable (30% Written Report) 4) A written report in Week 13 3. Final exam: in exam period (40%) 10 Textbook and References Your primary source of learning materials is the lectures and the relevant chapters and sections of the textbook. Textbook: ⎻ Jill West: CompTIA Network+ Guide to Networks, 9th edition, Cengage, 2021 We declare that none of the teaching team members will get any commission from the publisher from your purchase Free Linux Courses Online ⎻ Introduction to Linux – edX Lecture and tutorial Materials developed by teaching team ⎻ On Canvas Enjoy the unit, and Enjoy studying at QUT 11 IFN507 Network Systems Introduction to Networking School of Computer Science, QUT Overview Peer-to-peer and client-server networks Types of applications and protocols on a network Network hardware devices and physical topologies The ISO 7-layer Open-System-Interconnection (OSI) model This lecture covers Module 1 of the textbook 13 Networking is all about Interconnection for communication A (small or huge) number of computers ⎻ Connection and communication 1st: connectivity 2nd: scalability Then, reliability, availability, security, performance, etc For interconnection and communication ⎻ All devices must speak the same language and follow the same grammatical rules ⎻ The same language: 7-layer OSI model, and 4-layer TCP/IP model ⎻ The same rules: various network protocols 14 Network topological models A topological model describes how network devices work together as a whole network Two types of topological models: ⎻ Physical topology It defines how hardware devices and cables are interconnected to form a physical network, e.g., a floor plan of structured cabling ⎻ Logical topology It defines how network functions and logical components work together to form a logical network, e.g., access control through password authentication 15 Peer-to-peer (P2P) Network Model In a P2P network model, each device on the network is responsible for controlling access to its resources ⎻ No centralized control A number of computers, also known as nodes or hosts, form a logical group of computers and users ⎻ They may share resources or prevent access to resources ⎻ Each computer controls its own admin, resources, security, etc ⎻ Each computer user has a local account for working on the computer ⎻ Example: users over the Internet Advantages and disadvantages: ⎻ easy, simple ⎻ not scalable, not necessarily secure, not practical for larges-scale networks 16 Client-Server Network Model A server ⎻ It manages shared resources and control network access Many clients ⎻ Each client requests to the server for network access or resources ⎻ Each client does not share it resources directly with others It may share its resources with others through the server ⎻ Example: Users access to a central database Advantages relative to P2P networks: ⎻ More scalable ⎻ Centrally controlled network access and network resources ⎻ Central monitoring and management 17 Client-Server Applications Network Services are the resources a network makes available to its users ⎻ They include applications and data provided by the applications In a client-server application ⎻ A server provide network resources to clients ⎻ Clients request network resources from the server Protocols are methods and rules for communication between networked devices ⎻ Two primary protocols: TCP (Transmission Control Protocol), and TCP/IP protocol suite is IP (Internet Protocol) used on the Internet for communication 18 Popular Client-Server Applications Web services (A web server, and many web clients) Email services (An email server, and many email clients) Web browsing FTP (File Transfer Protocol) services (An FTP server, many users to download from the server) Remote Desktop Remote applications (e.g., SSH) DNS (Domain Name System) services 19 Local Area Networks (LANs) and Hardware A LAN is usually for a workspace or a small physical area ⎻ Such as a lab or a building A LAN interconnects nodes via a device called switch Each device needs a Network Interface Card (NIC) to connect to the switch Industrial Switch NIC Laptop onboard NIC 20 Start Topology or Bus Topology Physically, a LAN is interconnected with star topology ⎻ A switch in the central point to Physical topology interconnect all other nodes Logically, a LAN is interconnected with bus topology ⎻ All nodes access the network through the bus Function of the switch ⎻ A switch receives incoming data from Logical topology one of its ports and redirects the data to another port or multiple ports according to the intended destination of the data 21 Daisy-chained switches in a LAN A LAN can have multiple switches Three switches daisy-chained together in a single line served as a bus physically and logically ⎻ However, each of the switches is connected to its nodes via star topology physically, thus making the overall star- bus physical topology ⎻ A topological model combining several topological models is known as a hybrid topological model 22 Interconnection of LANs via Routers A router is a device that manages traffic between two or more LANs A router can be used in small home networks to connect home LAN to the internet ⎻ This is known as a SOHO (Small Office-Home Office) network Difference between a router and a switch ⎻ A switch works on, and belongs to, its LAN ⎻ A router is a gateway interconnecting and belonging to multiple LANs 23 Demonstration of Routers in Networks Three LANs connected by a router 24 MANs and WANs Metropolitan area network (MAN)—A group of connected LANs in the same geographical area ⎻ Also known as Campus Area Network (CAN) Wide Area Network (WAN) – A group of LANs spreading over a wide geographical area ⎻ The Internet is he largest and most varied WAN PAN (personal area network)— The smallest network ⎻ A network of personal devices such as your smartphone and your laptop 25 The 7-layer OSI Model - Principle Compare two devices communication on a network to two people communicating by the way of Postal Service 26 The 7-layer OSI Model – Detailed Layers Note: ARP is a layer 2 protocol that uses layer 3 IP addresses The 7-layer OSI reference model is developed to categorize the layers of communication The layers are numbered in order, starting from Layer 1, the physical layer at the bottom ⎻ Layer 1: Physical ⎻ Layer 2: Dara link ⎻ Layer 3: Network ⎻ Layer 4: Transport ⎻ Layer 5: Session ⎻ Layer 6: Presentation ⎻ Layer 7: Application 27 Flow of Data through the OSI Model 28 The Use of OSI Reference Model Protocol interaction ⎻ Layers directly above and below Application layer protocols ⎻ Interaction with Software Physical layer protocols ⎻ Act on cables, connectors, and NICs The OSI model is a theoretical representation describing network communication between two nodes ⎻ Never implemented ⎻ Hardware and software independent ⎻ Each network communication process represented 29 OSI and TCP/IP Models OSI TCP/IP Model Model Applicatio Application n (e.g. Telnet, FTP, Presentati DHCP, DNS, HTTP, on SMTP…) Session Transport Transport TCP UDP Network Internetwork ICMP IP Data Link Network Access 30 Physical Functions of the 7 layers 31 Layer 7: Application Layer Layer 7 describes the interface between two applications on separate computers Layer 7 protocols are used by application programs to ⎻ Provide services to users, such as a browser and email client ⎻ Provide services to the system for, e.g., management of networks and resources Payload – data that is passed between applications (or utility programs) and the OS. 32 Layer 7 example: retrieving a web page Layer 6 Presentation Layer Presentation layer—Responsible for reformatting, compressing, and/or encrypting data in a way that the receiving application can read Example: ⎻ An web browsing message can be encrypted at the Presentation layer by the browser or by the O S (Operating System) 34 Layer 5: Session Layer Layer 5 describes how data between applications is synched and recovered if messages do not arrive intact at the receiving application The Application, Presentation, and Session layers are intertwined ⎻ Often difficult to distinguish between them Most tasks are performed by the OS when an application makes an API call to the OS ⎻ Application programming interface (A PI) call is the method that an application uses when it makes a request of the O S 35 Layer 5 Example: Managing voice communicatio n 36 Layer 4: Transport Layer Layer 4 is responsible for transporting Application layer payloads from one application to another Control information is put into a header, which is added to the payload ⎻ Known as encapsulation The layer 4 header addresses the receiving application by a number called a port number 37 Layer 4 Protocols TCP and UDP Two main Transport layer protocols at Layer 4 ⎻ TCP (Transmission Control Protocol) It makes a connection with the end host, checks whether data was received; called a connection-oriented protocol If a message is too long, TCP divides it into smaller ones called segments ⎻ UDP (User Datagram Protocol) It does not guarantee delivery by first connecting and checking whether data is received; called a connectionless protocol A message is called a datagram 38 Segmentatio n and Reassembly 39 Layer 3: Network Layer Layer 3 is responsible for moving messages from one node to another until they reach the destination host IP adds its own Network layer header to the segment or datagram ⎻ The entire Network layer message is called a packet IP address—Assigned to each node on a network ⎻ Network layer uses it to uniquely identify each host IP relies on several routing protocols to find the best route for a packet to take to reach destination ⎻ ICMP and ARP are examples Note: ARP is not strictly a Layer 3 protocol. It works at Layer 2 but uses Layer 3 IP address information Network layer protocol will divide large packets into smaller packets ⎻ The process is known as fragmentation 40 Layer 2: Data Link Layer Layers 2 and 1 are responsible for interfacing with physical hardware on the local network ⎻ Protocols at these layers are programmed into firmware of a computer’s NIC and other hardware The type of networking hardware or technology used on a network determines the Link Layer protocol used ⎻ Ethernet and Wi-Fi are examples Layer2 puts control information in a Link layer header and at the end of the packet in a trailer ⎻ The data transmitted at the entire Link layer is called a frame MAC (Media Access Control) address—Hardware address of the source and destination NICs ⎻ Also called a physical address, hardware address, or Data Link layer address ⎻ Embedded on every network adapter ⎻ In a LAN, a node can be found through MAC address 41 Two Data Link Layer Sublayers LLC (Logical Link Control) sublayer ⎻ It provides common interface, reliability and flow control MAC (Media Access Control) sublayer ⎻ It manages access to the physical medium ⎻ It appends physical address of destination computer onto data frame 42 Layer 1: Physical Layer Layer 1 is the simplest layer and is responsible for sending bits via a wired or wireless transmission Bits can be transmitted as: ⎻ Wavelengths in the air ⎻ Voltage on a copper wire ⎻ Light (via fiber-optic cabling) 43 Protocol Data Unit (PDU) PDU: the name for a group of data bits as it moves from one layer to the next, and from one LAN to the next ⎻ It is sometimes called a message or a transmission Extremely technical Names for a PDU or OSI model Name name message as it moves from Layer 7, Application Payload or data L7P D U one layer to another layer Layer 6, Presentation layer Layer 5, Session layer Layer 4, Transport Segment (T C P) or datagram L4P D U layer (U D P) Layer 3, Network layer Packet L3P D U Layer 2, Data Link Frame L2P D U layer Layer 1, Physical layer Bit or transmission L1P D U 44 Demonstration of PDU Names Data transformation ⎻ Original software application data differs from application layer NIC data Information added at each layer Segments/datagrams ⎻ Generated in Transport layer ⎻ Unit of data resulting from subdividing larger Protocol Data Unit (PDU) Packets/datagrams ⎻ Generated in Network layer ⎻ Added logical addressing information added to segments Frames ⎻ Generated in Data Link layer ⎻ Added physical addressing and error-checking information to segments 45 Communication between two systems On data’s way down the protocol stack (model): ⎻ Data is divided into data units called protocol data units (PDU) ⎻ Some layers add their own formatting to the Decapsulation Encapsulation PDU, which is called a header (encapsulation) When data arrives at the receiving end, it is passed up the protocol stack: ⎻ At each layer, software reads its PDU data and strips its header information (called decapsulation) and passes the PDU to the next higher layer ⎻ Packet leaves the Application layer in a format the receiving application can read 46 Summary of How the Layers Work Together 47 Summary Peer-to-peer and client-server networking The 7-layer OSI reference model is a reference model for how applications can ⎻ P2P is simple and easy but not scalable communicate over a network ⎻ Client-server is more scalable and has centralized control of networks and resurces − Application provides access to network resources − Presentation handles data formatting and translation Switches connect hosts to form LANs − Session manages ongoing conversations between two Routers connect multiple LANs computers − Transport breaks long data streams into smaller The central point of networking is chunks interconnection − Network provides best path selection and IP ⎻ All devices must speak the same language: addressing the same OSI model or TCP/IP model − Data Link defines how computers access the media ⎻ All devices must follow the same grammatical − Physical converts bits into signals and defines media rules: and connectors the same protocols at the same layers ---- THE END ---- 48 Lecture 2 Part I Data flow and format in 7-layer architecture A brief review of fundamental concepts of computer networks OSI 7-layer model: functions and data flows 50 Data format Extremely technical OSI model Name name Layer 7, Application layer Payload or data L7P D U Layer 6, Presentation layer Layer 5, Session layer Layer 4, Transport layer Segment (T C P) or L4P D U datagram (U D P) Layer 3, Network layer Packet L3P D U Layer 2, Data Link layer Frame L2P D U Layer 1, Physical layer Bit or transmission L1P D U 51 Encapsulation and decapsulation 52 Where are these 7 layers Note: ARP is a layer 2 protocol that uses layer 3 IP addresses 53 7-layer model (OSI) vs 4-layer model (TCP/IP) OSI Model TCP/IP Model Application Application (e.g. Telnet, FTP, DHCP, DNS, HTTP, SMTP, …) Presentation Session Transport Transport TCP, UDP, … Network Internetwork ICMP, IP, … Data Link Network Access Physical 54 IFN507 Network Systems Physical and Data-Link Layers School of Computer Science, QUT Overview – Physical and Data Link Layers Network Interface Card (NIC) and MAC address Switches Two sub-layers in data-link layer Ethernet protocol Media Access Control (MAC) Note: ARP is a layer 2 ⎻ CSMA/CD protocol that uses ⎻ CSMA/CA layer 3 IP addresses Cabling This module covers part of chapters 1, 3, 4, 5 and 6 of the textbook 56 Network Interface card (NIC) A NIC attaches a network device to a network A NIC can be ⎻ a separate adapter card that slides into one of the motherboard extension slots; or ⎻ built into the motherboard 57 NIC Functions For incoming messages: ⎻ a NIC receives bit signals and assemble them into frames, ⎻ verifies the destination address (to make sure the messages are for its own), and ⎻ then removes frame header and sends the resulting packet to the network layer For outgoing messages: ⎻ A NIC card receives packets from network layer, ⎻ creates frames by adding MAC address/error check, and ⎻ converts frame into bit signals and transmits them 58 Physical (MAC) Address Each network device, e.g., NIC, has a unique physical address as its ID ⎻ A MAC address is used to identify machines within the same broadcast network on layer 2 of the OSI model ⎻ A MAC address is composed of two parts: The first 24 bits are manufacture-ID assigned by IEEE, and the last 24 bits make up the device ID ⎻ Examples of MAC address 78:4f:43:4d:47:c2 64-00-6A-95-9B-4F 59 Find Your Computer’s MAC Address In Windows 10 In MacOS, or Ubuntu Your Laptop has several network adapters, e.g., Ethernet and Wi-Fi. Thus, it will have several MAC addresses. Wired: under en0 Wireless: under en1 60 Switch A network switch is a layer 2 device It is a multiport network bridge that uses hardware addresses, i.e., MAC addresses, to process and forward data at the data link layer. Some switches can also process data at the network layer, i.e., layer 3, by additionally incorporating routing functionality using IP addressing to perform routing. ⎻ Such switches are also called layer-3 switches or multilayer switches ⎻ In order not to confuse you at this stage, we only discuss layer-2 switches 61 Steps of switch operation 1. The switch receives a frame. 2. The switch reads the source and destination MAC addresses. 3. The switch looks up the destination MAC address in its switching table. 4. The switch forwards the frame to the port where the computer owning the MAC address is found. 5. The switching table is updated with the source MAC address and port information. 62 A large LAN connected by switches Switches are daisy-chained together in a single line This is a hybrid physical topology ⎻ Switch to switch: Bus ⎻ Switch to computers: Star All switches in this example work at Layer 2 ⎻ They receive and forward data via MAC addresses 63 Switching Switching is a network topology component It determines connection creation between nodes ⎻ Circuit switching ⎻ Packet switching 64 Circuit Switching Circuit switching requires a dedicated physical connection between the sending and receiving devices. Connection established between two network nodes ⎻ Before transmitting data Dedicated bandwidth Data follows the same path Monopolizes bandwidth while connected ⎻ Resource wasted Uses ⎻ Live audio, videoconferencing ⎻ Traditional telephone calls 65 Packet switching Packet switching breaks data into packets before transporting Packets ⎻ Contain addressing and control information for data transmission ⎻ Travel any network path to destination ⎻ Find fastest path available at any instant ⎻ Need not follow each other ⎻ Need not arrive in sequence ⎻ Reassembled at destination If used in live audio and video transmission, packet switching will require speedy connections 66 Circuit Switching vs Packet Switching Key features Benefits Drawbacks Circuit Connection established Dedicated bandwidth Monopolizes switching between two N/W nodes Data follows same initial bandwidth while prior to data path selected  less connected resource transmission overhead wasted The channel is reserved Less latency for More costly until disconnected connection Data follows same path establishment  always- on Packet Datagram packets are Packets can be routed Packets can become switching independently sent and through different paths lost while taking can take different paths to reach the final alternative routes to throughout the network. destination to get the destination. around network Messages are divided congestion into packets that It makes efficient use of contain source and network bandwidth. destination information  more overhead 67 Two sublayers of the data-link layer LLC (Logical Link Control) sublayer ⎻ Provides common interface, reliability and flow control MAC (Media Access Control) sublayer ⎻ Manages access to the physical medium ⎻ Appends physical address of destination computer onto data frame 68 Ethernet The most popular layer 2 standard The most popular network technology used on modern LANs Benefits ⎻ Flexible ⎻ Can run on various network media ⎻ Excellent throughput ⎻ Reasonable cost All variations of Ethernet ⎻ Share common access method CSMA/CD (for wired networks) 69 Attenuation, Latency, Jitter, and RTT Attenuation is the loss of a signal’s strength as it travels away from source ⎻ Signals can be boosted using a repeater, which regenerates a digital signal in its original form without noise previously accumulated Latency is the delay between signal transmission and receipt ⎻ Latency may cause network transmission errors ⎻ The length of the cable affects latency, as does the existence of any intervening device Jitter is the variation in latency ⎻ Example: delay changes from 30 ms to 32 ms, the jitter is 2 ms RTT (round trip time) is the time for packet to go from sender to receiver, then back from receiver to sender 70 Bandwidth and Throughput They are measurements of the capacity or efficiency of network transmissions Bandwidth ⎻ The amount of data that could be theoretically transmitted during a given period of time Throughput Quantity Prefix Abbreviation 1 bit per second n/a 1 bps = 1 bit per second ⎻ How much data is 1000 bits per second kilo 1 Kbps = 1 kilobit per second actually transmitted 1,000,000 bits per second mega 1Mbps = 1 megabit per second during a given period 1,000,000,000 bits per giga 1 Gbps = 1 gigabit per second second of time 1,000,000,000,000 bits per tera 1 Tbps = 1 terabit per second second Table 5-1 Throughput and bandwidth measures 71 Data Transmission vs Data Storage Data transmission quantities are measured in multiples of bits per second ⎻ E.g., 100 kbps, 30 Mbps, 10 Gbps, … ⎻ Lower-case ‘b’ indicates ‘bit’ Data storage quantities: in multiples of bytes ⎻ e.g., 100 kB, 11 MB, 10 GB, … ⎻ Capital ‘B” means ‘Byte’ ‘kilo” has different meanings in throughput and storage ⎻ 1 kbps = 1000 bits per second ⎻ 1 kB = 1024 bytes () ⎻ 1 byte = 8 bits 72 Full-duplex, half- duplex, and simplex Full-duplex: signals travel in both directions over a medium simultaneously Half-duplex: signals travel in both directions by only in one direction at a time Simplex – only one direction In Windows, setting NIC’s transmission mode and speed via Device Manager ⎻ The default “Auto Negotiation” is the best setting. Better not to change it. 73 Copper cables Coaxial cable and Twinaxial cable Twisted-Pair cable ⎻ Two types Shielded twisted pair (STP) Unshielded twisted pair (UTP) ⎻ Most common twisted pair types include the following: Category (cat) 3, 5, 5e, 6, 6a, 7, 7a, and 8 CAT 5e or higher used in modern LANs 74 RJ45 75 Ethernet Standards for Copper Cable 10Base-T ⎻ 10 represents maximum throughput: 10 Mbps (Mbits per second) ⎻ Base indicates baseband transmission ⎻ Follows 5-4-3 rule of networking 5 network segments 4 repeating devices 3 populated segments maximum 100Base-T (Fast Ethernet) 1000Base-T (Gigabit Ethernet) 10GBase-T ⎻ Requires Cat 6, 6a, or 7 cabling 76 Fiber-Optic Cables Fiber-optic cable, also called fiber, contains one or more glass or plastic fibers at its center (core) ⎻ Advantages (over copper cables) Extremely high throughput Very high noise resistance Excellent security Able to carry signals for longer distances ⎻ Drawbacks More expensive than twisted pair cable Requires special equipment to splice ⎻ Drawbacks 77 Ethernet Standards for Fiber-Optic Cable 100Base-FX (Fast Ethernet) ⎻ 100-Mbps throughput, baseband, fiber-optic cabling 1000Base-LX (1-Gigabit Ethernet) 1000Base-SX (1-Gigabit Ethernet) 10GBase-SR and 10GBase-SW 10GBase-ER and 10GBase-EW 10GBASE-LR 78 Summary of Common Ethernet Standards "100" =>100 Mbit/s transmission speed "BASE" => baseband signaling. "T" or "F" => physical medium "X" => encoding method 79 Structured Cabling There is an international standard that describe how to install network media ⎻ ANSI/TIA-568 Commercial Building Wiring Standard ⎻ It is also known as structured cabling The principles of structured cabling apply no matter what type of media, transmission technology, or networking speeds are involved Structured cabling is based on a hierarchical design and assumes a network is based on the star topology 80 Multiple types of Ethernet on a WAN 81 Media Access Control (MAC) CSMA/CD (Carrier Sense Multiple Access with Collision Detection) ⎻ In Ethernet (IEEE 802.3) CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) ⎻ In wireless networks (IEEE 802.11) 82 CSMA/CD (Carrier Sensing Multiple Access/Collision Detection) A media access method ⎻ It controls how nodes access communications channel Carrier sense ⎻ Ethernet NICs listen to the network to check channel, determine if it is free, and if yes begin transmission Collision ⎻ A collision happens when two nodes transmit simultaneously Collision detection routine ⎻ Enacted if node detects collision Jamming NIC issues 32-bit sequence Indicates previous message faulty 83 CSMA/CD (cont’d) Collision domain ⎻ Portion of network where collisions occur Ethernet network design ⎻ Repeaters repeat collisions This results in a larger collision domain ⎻ Switches and routers They separate collision domains Collision domains differ from broadcast domains 84 CSMA/CA (Carrier Sensing Multiple Access/Collision Avoidance) RTS/CTS (Request to CSMA/CA minimizes collision Uses ACK packets to verify Send/Clear to Send) Collision potential avoidance (CA) every transmission protocol: Ensures packets not inhibited by other Requires more overhead transmissions than 802.3 (Ethernet) Efficient for large Real throughput less than transmission packets the theoretical maximum More overhead to 802.11 (wireless network) 85 Summary Each network device has a unique MAC address A switch works at layer 2 Layer 2 has two sub-layers: LLC and MAC Data transmission quantities are measured in bandwidth and throughput Ethernet (IEEE 802.3) is the most popular layer-2 protocol ⎻ The most popular network technology for LAN Copper and Fiber cables support Ethernet Ethernet (in layer 2) and all its variations use CSMA/CD Wireless IEEE 802.11 is a layer 2 standard that uses CSMA/CA to minimize collision potential 86 IFN507 Network Systems Network layer: IP Addressing and IP related protocols School of Computer Science Queensland University of Technology Overview – Network Layer IP (Internet Protocol) Addressing − IPv4 addresses − IPv6 addresses IP (Internet Protocol) DHCP (Dynamic Host Configuration Protocol) Note: ARP is a layer ICMP (Internet Control Message Protocol) 2 protocol that uses ARP (Address Resolution Protocol) layer 3 IP address − This is a layer 2 protocol that uses Layer 3 IP address information informatio n This document covers part of Ch3 & CH4 of the textbook Four addressing methods in networking LAYER Address Application layer (Layer 7) Domain names, computer names, host names Transport layer (Layer 4) DNS server Port numbers Network layer (Layer 3) IP addresses (IPv4, IPv6) ARP protocol Data-link layer (Layer 2) MAC addresses Static IP addresses are assigned manually by the network administrator Dynamic IP addresses are assigned automatically by a DHCP server Addressing The Internet Assigned Numbers Authority (IANA) −IANA delegates 5 regional Internet registries (RIRs) RIRs allocate address blocks to Local Internet Registries / National Internet registry APNIC is located in BNE 90 Source from Wikipedia Five RIRs African Network Information Centre (AfriNIC) Africa American Registry for Internet Numbers US, Canada, several parts of (ARIN) the Caribbean region, and Antarctica Asia-Pacific Network Information Centre Asia, Australia, New Zealand, (APNIC) and neighboring countries Latin America and Caribbean Network Latin America and parts of the Information Centre (LACNIC) Caribbean region Réseaux IP Européens Network Coordination Europe, Russia, the Middle East, Centre (RIPE NCC) and Central Asia 91 Hierarchy of addressing Scheme IANA APNIC AfriNIC ARIN LACNIC RIPE RIR RIR RIR RIR RIR ISP/LIR ISP/LIR ISP/LIR ISP/LIR ISP/LIR End user End user End user End user End user Internet Assigned Numbers Authority (IANA) Regional Internet Registry (RIR) Local Internet Registry (LIR) 92 Roles of the Network Layer The Network layer is where administrators usually do the most network configuration This layer is where the IP protocol operates and is the heart of the TCP/IP protocol suite The Network layer is responsible for four main tasks: −It defines and verifies IP addresses −It routes packets through an internetwork −It resolves MAC addresses from IP addresses −It delivers packets efficiently 93 Define and Verify IP Addresses An IP address is assigned to every computer and network device using TCP/IP for communications IP addresses are used for two main purposes: − To identify a network device at the Internetwork layer − To identify the network on which a device resides When a device receives an IP packet, it compares the destination IP address with its own: − If it matches or is a broadcast, the packet is processed − It is does not match then the packet is discarded Every IP address contains two parts: − A network ID − A host ID 94 Route Packets through an Internetwork The Network layer determines the best way to get a packet from network to network until it reaches its destination Most large internetworks (the Internet) have multiple paths for getting from one network to another Routers work at the Network layer − It is routers’ job to select the best path to the destination − Routers use the network ID portion of IP addresses along with their routing tables to determine the best path This will be discussed later in routing 95 Resolve MAC Addresses from IP Addresses Every frame contains both physical (MAC) and logical (IP) source and destination addresses When a packet is ready to be sent to the Network access layer, the destination device’s MAC address must be retrieved before the frame header can be constructed TCP/IP uses Address Resolution Protocol (ARP) to find MAC addresses − ARP will be discussed later in more detail 96 Deliver Packets Efficiently Network-layer protocols primarily focus on efficient delivery of packets − Features such as flow control, delivery confirmation or message assembly are not included in Network-layer protocols These features require overhead to ensure reliable delivery Network-layer protocols rely on the protocols in the Transport and Application layers to provide reliability features − They are considered connectionless protocols, which rely on upper-layer protocols to ensure the safe journey of packets 97 Protocols at the Network Layer Some of the most commonly used Internetwork-layer protocols: −IPv4 and IPv6 −ARP ARP is not a pure layer-3 protocol, nor a pure layer-2 protocol. It generally works at layer 2 by using layer 3 IP address information −ICMP −IPsec −DHCP DHCP is not a pure layer-3 protocol. It is an IP address management protocol, and this generally works at layer 7. 98 Two Versions of IP - IPv4 and IPv6 There are currently two versions of IP in use: Version 4 – IPv4 (with 32 bits) −Invented in 1977 −4.3 Billion IP addresses Version 6 – IPv6 (with 128 bits) : −In late 1990s −IPv6 has been available for over 2 decades, yet recently we see the overall pace of IPv6 adoption −More about IPv6 will be discussed later 99 IPv4 Addresses An IPv4 address is represented by 32 bits (=4 bytes) −Organized in 4 blocks each with a byte xxxxxxx xxxxxxx xxxxxxx xxxxxxx x x x x x = 0 or 1 2^0 =1 For example, 2^1 =2 2^2 =4 Binary: 00000001.00000010.10010101.111111112^3 =8 2^4 =16 Decimal: 1.2.149.255 2^5 = 32 2^6 = 64 2^7 + 2^4 +2^2 + 2^0 = 149 2^7 = 128 2^8 = 256 More examples 2^7 = 128 11000000. 10101000. 00000001. 00000001 2^6 = 64 2^5 = 32 192.168.1.1 2^4 = 16 2^3 = 8 (192 = 128 + 64; 168 = 128 + 32 + 8) 2^2 = 4 2^0 = 1 10000011. 10110101. 00100001. 11001110 131.181.33.206 131 = 128 + 2 + 1 181 = 128 + 32 + 16 + 4 + 1 33 = 32 + 1 206 = 128 + 64 + 8 + 4 + 2 IPv4 address classes Possible networks # 1.x.y.z – 126.x.y.z (total 126) 128.0.y.z – 191.255.y.z (total: 16,000) 192.0.0.z – 223.255.255.z (total: 2 million) Classes A, B and C licensed IP addresses are available for use on the Internet − Called public IP address Classes D and E Classes D & E addresses are not available for general use: −Class D begins with octets 224–239 and are used for multicasting −Class E begins with octets 240–254 and are used for research IP address(es) Function 255.255.255.255 Used for broadcast messages by TCP/IP background processes. A broadcast message is read by every node on the network. Reserved I P addresses 0.0.0.0 Currently unassigned 127.0.0.1 through Used for research or can indicate your own computer, 127.255.255.254 in which case it is called the loopback address. 169.254.0.1 Used to create an A PIPA (Automatic Private IP through Addressing) address when a computer configured for 169.254.255.254 D H C P first connects to the network and is unable to lease an IPv4 address from the D H C P server. Private IP addresses A company can use private IP addresses on its private networks IEEE recommends the following IP addresses be used for private networks: −10.0.0.0 through 10.255.255.255 −172.16.0.0 through 172.31.255.255 −192.168.0.0 through 192.168.255.255 Network Address Translation (NAT) Private IP addresses are not visible to the Internet NAT enables a host with a private IP addr to access the Internet Two variations of NAT −SNAT (static NAT) – each time a host requests to access the Internet, it is assigned the same public IP address −DNAT (dynamic NAT): A pool of public IP addresses for dynamic assignment to local hosts Classless Addressing and Subnet Mask Using classful addresses is a waste of IP address resource Today, IP addresses are used as classless addresses −Clients do not apply for particular class of addresses Instead, getting IP addresses from an ISP Most ISPs have already applied for a pool of IP addresses that can be leased to clients For classless address, use a network mask to determine which part of address denoted the network portion −32-bit number 1 signifies the networking bit in the address 0 signifies the host bits in the address 106 Network Masking Default masks for classful addresses Class Dotted Notation Binary Pattern A 255.0.0.0 11111111 00000000 00000000 00000000 B 255.255.0.0 11111111 11111111 00000000 00000000 C 255.255.255.0 11111111 11111111 11111111 00000000 Masking is a process to extract the address of the physical network from an IP address Usually when a router forwards packets from one network to another, it uses this masking to identify if the packets belong to its network or not 107 Examples of masking How does QUT’s routers know whether a packet is destined for QUT −Hint: 131.181.x.x is QUT’s Class B address  10000011 10110101 xxxxxxxx xxxxxxxx Logical AND A B A and B 0 0 0 0 1 0 1 0 0 1 1 1 10000011 10110101 01110000 00000110 (131.181.x.x) AND 11111111 11111111 00000000 00000000 (255.255.0.0) 10000011 10110101 00000000 00000000 (131.181.0.0) 108 Representation of classless addresses Two methods: −Address with a subnet mask 131.181.12.1 subnet mask 255.255.0.0 −Address with a / (slash) representation 131.181.12.1/16 /16 means that the first 16 bits are representing the network portion 109 Exercise eth0: eth1: IP: 192.168.1.1 IP: 192.168.2.1 Mask:255.255.255.0 Mask:255.255.255.0 Refer to the diagram −Are Hosts A and B in the same A network? C D B −Are Hosts A and IP: 192.168.1.10 C in the same Mask:255.255.255.0 IP: 192.168.2.10 IP: 192.168.2.11 network? IP: 192.168.1.11 Mask:255.255.255.0 Mask:255.255.255.0 Mask:255.255.25 −How to enable A to ping C? 110 IPv6 Addresses An IPv6 address is represented by 128 bits (=16 bytes) −Organized in 8 blocks −Each block consists of 2 bytes (=16 bits) represented by a hexadecimal number 2001:0000:0B80:0000:0000:00D3:9C5A:00CC −If blocks contain all zeroes, they can be written as double colons (::), only one set of double colons is used in an I P address 2001::B80:0000:0000:D3:9C5A:CC 2001:0000:B80::D3:9C5A:CC (preferred method because it contains fewest zeroes) 111 Co-existence of IPv4 and IPv6 Dual stack −A network is configured to use both I P v 4 and I P v6 Tunnelling −A method used by I P v 6 to transport I P v 6 packets through or over an I P v 4 network Demonstrati on of dual stack IPv6 IPv4 In MacOS and Linux, use the command: ifconfig 113 IP (Internet Protocol) IP operates at the Network layer of the O SI model: −It specifies where data should be delivered to −It identifies the data’s source and destination I P addresses IP implements two basic functions: −Addressing: Each network device is given an IP address Note: ARP is a layer 2 protocol that uses layer 3 −Fragmentation IP address information A large-size datagram is broken down to small ones for forwarding Features of IP IP enables TCP/IP to internetwork − The Internet is largely based on the IP protocol − It enables to traverse more than one LAN segment, and more than one type of network through a router − IP addresses are not really needed for communication within a LAN MAC addresses are sufficient in this case IP is an unreliable, connectionless protocol − This means that IP does not guarantee delivery of data and no session is established before data is transmitted − IP depends on TCP to ensure messages are put back together in the right order and to ensure each message reaches the correct application on the receiving host IP Header Internet Header Length l Length Field: total length of the IP packet, including header and data tification: Each packet is given a unique ID when sent. If fragmented, the same ID given in each fragment e to Live (TTL): The remaining lifetime of the packet ocol Field: Type of transport layer protocol (TCP or UDP) Maximum Transmission Unit (MTU) MTU is the size of the largest protocol data unit (PDU) that can be communicated in a single network- layer transaction −Similar to the maximum Parcel Size in the postal system MTU relates to, but is different from, the maximum frame size that can be transported on the data link layer 117 IP Fragmentation If a datagram is being sent that is larger than the receiving server’s MTU, it has to be fragmented in order to be transmitted completely. Fragmentation is necessary for data transmission, as every network has a unique limit, i.e. the maximum transmission unit (MTU), for the size of datagrams that it can process. The 3-bit flags field in the IP header specifies fragmentation is allowed or not U D if −It also indicates M it is fragmented whether this packet is the lastunused in the fragment More fragment bit Do not fragment bit 118 Fragment Offset (13 bits) Fragment offset shows where to place packet’s data when fragments are reassembled into a single packet The offset of the data in the original datagram measured in units of 8 bytes −The first fragment has a zero offset The offset only records the 1st byte number of that fragmented packet Examples given on next page 119 Fragmentation Offset Calculation An IP packet is 4020 bytes Fragment 1: Flags 001 MTU of the outgoing NIC = 1420 1444 0 0 1 0 (reserved, fragment, more bytes Ver Hle Serv Type Total length to come) Frag Offset: 0 n (data starts at offset 0: It Identification Flags Frag Offset starts with the first byte of 1444 data). TTL Protocol Checksum Fragment 2: Flags 001 (reserved, 1444 0 0 1 1400/8 =175 fragment, more to come) Frag IP Source Address Offset: 175 (1400/8 - measured in units of 64 bits - 8 bytes) (data IP Destination Address starts at offset 1400: 1400 is the first byte in this fragment). Sending the 4020 byte datagram Fragment 3: Flags 000 will require 3 fragments: The MTU is 1444 0 0 0 2800/8 = 350 (reserved, fragment, last) Frag 1420 but each payload must Offset: 350 (2800/8) (data include a 20 byte IP header (at starts at offset 2800: 2800 is least) so we can only send 1400 the first byte in this fragment. bytes of the IP data in a fragment. 120 Testing fragmentation with ping ping www.optusnet.com –l 15000  15000 bytes of data cannot be transmitted in one packet. It will be fragmented into several fragments for transmission In MacOS or Linux:  ping –c 4 (to limit the number of packets to 4)  man ping (to find more information) 121 Issues with IPv4 Fragmentation Fragmentation causes more overhead (time and resources) for the receiver when reassembling the fragments −because the receiver must allocate memory for the arriving fragments and coalesce them back into one datagram after all of the fragments are received. If one fragment of an IPv4 datagram is dropped, then the entire original IPv4 datagram must be resent. 122 IPv6 Packets IPv6 packets: −IPv6 uses a different packet format than IPv4 −Accommodate the much longer IPv6 addresses −There is no Fragment offset field IPv6 hosts adjust their packet sizes to fit the requirements of the network before sending I Pv 6 messages Setting IPv4 addresses in Windows Clink Start and then Then, click Network & Settings, you will get the Internet, you will get the window blow window below 124 Setting IPv4 addresses in Windows – more steps Clink Properties for the local Area Connection, you will get the window shown on the right −The current IP settings are taken from HDCP −You may edit it and use manual configuration of IP address However, this is not recommended 125 Release and Renew of IP address If for whatever reason, the network is not connected appropriately or if there is conflicting in IP address, you do not necessarily need to reboot your computer −Instead, you may manually release the current IP address and then renew it This may fix your network connection problem 126 Command ipconfig (or ifconfig) ipconfig is a very useful command for viewing and setting up network connection (or ifconfig in MacOS and Linux) − To find more information about ipconfig in Windows, use command: ipconfig /? In MacOS and Linux, use command: man ifconfig 127 DHCP (Dynamic Host Configuration Protocol) DHCP is a network management protocol −So, strictly speaking, it works at Layer 7 A DHCP server dynamically assigns an IP address to a network device −It enables computers to request IP addresses and networking parameters automatically from the Internet Service Provider (ISP) ICMP (Internet Control Message Protocol) ICMP is a Network layer, core protocol that reports on the success or failure of data delivery ICMP can indicate: − When part of a network is congested − When data fails to reach its destination − When data has been discarded because the allotted T TL (Time to Live) has expired ICMP announces transmission failures to the sender − But does not correct errors it detects Provides critical information for troubleshooting network problems ICMPv6 on IPV6 networks performs the functions of both I CMP and ARP on IPv4 networks An ICMP packet Table 4-7 An ICMP packet Field Length Function Type 8 bits Indicates the type of I C MP message, such as Destination Unreachable Code 8 bits Indicates the subtype of the message, such as Destination host unknown Checksum 16 bits Allows the receiving node to determine whether the I C MP packet became corrupted during transmission Rest of header 32 bits Varies depending on message type and subtype Data Variable Usually contains the I P header and first 8 bytes of the data portion of the IP packet that triggered the ICMP message ARP (Address Resolution Protocol) ARP works in conjunction with I Pv4 to discover the MAC address of a host or node on the local network −And to maintain a database that maps IP addresses to MAC addresses on the local network ARP is a Layer 2 protocol that uses Layer 3’s IP address information −It operates only within its local network ARP relies on broadcasting Network IP addresses ARP layer (Layer (IPv4, IPv6) 3) Data-link layer MAC addresses (Layer 2) ARP Table ARP table—The database of IP-to-MAC address mappings An ARP table can contain two types of entries: −Dynamic—Created when a client makes an A RP request that could not be satisfied by data already in the A RP table −Static—Those someone entered manually using the A RP utility (arp command) Check ARP table arp -a ARP Table – example To view a workstation’s ARP table, enter the command: arp -a 133 Summary IP Addresses (IPv4 & IPv6) IP DHCP ICMP ARP −This is a layer 2 protocol that uses layer 3 IP address information THE END IFN507 Network Systems Network Layer: Testing IP fragmentation with ping - Demonstration School of Computer Science Queensland University of Technology IP fragmentation IF an IP datagram is too long, it needs to be fragmented for transmission In IP header, 3- bit flags are used for IP fragmentation setting U D M More fragment bit unused Do not fragment bit 136 Use the utility ping in Windows -n count (ICMP packets. Default 4) -l size (payload in bytes. Default 32) -f (Fragment not allowed) Examples: ping www.google.com ping www.google.com -l 1000 ping www.google.com -l 4000 ping www.google.com -l 4000 -f Demonstration in 137 Windows Use the utility ping in MacOS Examples: ping www.google.com -c 3 ping www.google.com -c 3 -s 1000 ping www.google.com -c 3 -s 4000 ping www.google.com -c 3 -s 4000 -D Demonstration in MacOS THE END 138 IFN507 Network Systems - Subnetting and VLANs Subnet #1: 193.2.1.0/26 Subnet #3: 193.2.1.128/26 Subnet #2: 193.2.1.64/26 Subnet #4: 193.2.1.192/26 School of Computer Science Queensland University of Technology Outline IPv4 Subnetting VLANs This lecture covers Chapter 8 of the textbook IFN507 - Prof Glen Tian 140 Why Subnetting A scenario: given ONE IP address, you need to use this IP address for multiple LANs Network ID Host ID becomes A single LAN with some switches and a router Network ID Subnet ID Host ID Splitting up an address range into to a group of smaller networks – End result is multiple smaller sub-networks A separate subnet for each floor IFN507 - Prof Glen Tian 141 Network Segmentation Enables the reduction and management of broadcast domains To reduce congestion due to fewer devices in a subnet To limit broadcast in each sub-network Divides a network into logical subnets Departments/divisions, staff/visitors Supports different network technologies Ethernet/FDDI/… Supports WAN by allowing geographically separated LANS to use a single network ID 131.181.0.0/16 = 131.181.0.0/24+131.181.1.0/24+… IFN507 - Prof Glen Tian 142 Other advantages of subnetting Segmentation accomplishes the following: – Enhance security – Improve performance – Simplify troubleshooting IFN507 - Prof Glen Tian 143 How to Segment Networks are commonly segmented according to one of the following groupings: – Geographic locations – Departmental boundaries – Device types Network segmentation divides a large broadcast domain into smaller broadcast domains IFN507 - Prof Glen Tian 144 Example A business has grown from 20 or 30 computers to having a few hundred computers and devices: – There is only a single LAN or broadcast domain – One router serves as the default gateway for the entire network To better manage network traffic, segment the network so that each floor contains one LAN or broadcast domain – Install a router on each floor You will need to configure clients on each subnet so they know which devices are on their own subnet – Divide the pool of IP addresses into three groups or subnets (technique called subnetting) IFN507 - Prof Glen Tian 145 Illustration of the Example A single LAN with some switches and a router A separate subnet for each floor IFN507 - Prof Glen Tian 146 Classful IPv4 Addresses Possible networks # 1.x.y.z – 126.x.y.z (total 126) 128.0.y.z – 191.255.y.z (total: 16,000) 192.0.0.z – 223.255.255.z (total: 2 million) So, we (actually, routers) know – For Class A, the first 8 bits represent networks – For Class B, the first 16 bits represent networks – For Class C, the first 24 bits represent networks IFN507 - Prof Glen Tian 147 How to Identify Networks and Subnetworks An IP address is divided into two parts: – Network ID and Host ID Network ID Host ID becomes Network ID Subnet ID Host ID Network ID Host ID Now, we use (borrow) a few Host ID bits to represent sub-networks(subnets), which belong to network ID part – How do we (routers) know which part is network ID? We use subnet mask to mark to indicate which part represents networks (and subnetworks) IFN507 - Prof Glen Tian 148 Subnet Mask A subnet mask has the same length as an IP address – 4 bytes (i.e., 32 bits) – Each bit in the subnet mask corresponds to a bit in an IP address For all IP address bits that represent Network ID – We set the corresponding Subnet Mask bits to 1 For the remaining IP address bits representing Host ID – We set the corresponding Subnet Mask bits to 0 IFN507 - Prof Glen Tian 149 Default IPv4 Subnet Mask Class A: 0xxxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx Subnet mask: 11111111.00000000.00000000.00000000 (255.0.0.0) Number of bits used for network ID: 8 Class B: 10xxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx Subnet Mask: 11111111.11111111.00000000.00000000 (255.255.0.0) Number of bits used for network ID: 16 Class C: 110xxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx Subnet Mask: 11111111.11111111.11111111.00000000 (255.255.255.0) Number of bits used for network ID: 24 IFN507 - Prof Glen Tian 150 Example I P address 192.168.123.132 in binary: – 11000000.10101000.01111011.10000100 (Class C) Subnet mask 255.255.255.0 in binary: – 11111111.111111111.111111111.00000000 Network I D: 192.168.123.0 Host portion: 0.0.0.132 IFN507 - Prof Glen Tian 151 Two Methods to Identify Network ID IP address and Subnet Mask – 192.168.89.127, Subnet Mask: 255.255.255.0 IP address followed by a slash (/) and the number of bits used for the network ID – 192.168.89.127/24 This is what we used in CIDR (Classless Interdomain Routing) – 24 represents the number of 1s in the mask and the number of bits in the network I D – Known as a CIDR block IFN507 - Prof Glen Tian 152 Address Structure – 2 Levels to 3 Levels Subnet mask 255.255.255.0 applied to a class B address will break the host ID (normally 16 bits) into an 8-bit subnet ID and an 8-bit host ID Network portion 11111111 11111111 11111111 00000000 Network portion subnetting Subnetting changes IP addressing from 2-level structure to 3-level structure External networks do not know about subnet/host ID details – They only see a single network User-definable subnet/host ID boundary IFN507 - Prof Glen Tian 153 Subnetting Example Without Subnetting 193. 2. 1. 0 Netid Hostid Network access Host access With Subnetting – 4 subnets required 193 2 1 0--63 64-127 128-191 192-254 What address class is this given address? – Class A, B or C? 193  11000001 What is the subnet mask? What are the subnet addresses? – Subnets 1, 2, 3 and 4 How many valid IP addresses in a subnet? IFN507 - Prof Glen Tian 154 Subnetting of 193.2.1.0 The network is seen: 193.2.1.0 As a whole network EXTERNALLY 00xxxxxx 01xxxxxx 10xxxxxx subnet: subnet: 11xxxxxx 193.2.1.0/26 193.2.1.64/26 subnet: subnet: 193.2.1.128/26 193.2.1.192/26 1) 00000000 – 00111111 0-63 2) 01000000 – 01111111 64-127 3) 10000000 – 10111111 128-191 4) 11000000 – 11111111 192-255 IFN507 - Prof Glen Tian 155 Calculating a Subnet Mask To decide how to derive the subnet mask: – Decide how many subnets you need – Decide how many bits you need to meet or exceed the number of required subnets Use the formula 2n, with n representing the number of bits you must add to the starting subnet mask – Borrow bits from the top of the host portion of the address down – Ensure that you have enough host bits available to assign to computers on each subnet (2n-2) When you create non-default subnet masks you are borrowing two or more host bits and asking IP to interpret them as network bits. – Example: Creating 4 subnets in a class C address and figuring out the subnet mask value 4 = 22 IFN507 - Prof Glen Tian 156 Calculating a Subnet Mask (continued) STEP1: Initial class C address - 24 bits network ID, 8 bits host ID STEP2: Subnetted address 2bits network ID, 2 bits subnet ID and 6 bits host ID  4 subnets each with 62 (2^6-2) hosts STEP3: we would apply the mask 255.255.255.192 or 11111111.11111111.11111111.11000000 to identify Subnet Part the subnet 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 Subnet Part IFN507 - Prof Glen Tian 157 Subnet addresses Subnet Network Portion Host Part 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 00 00 00 0 193 2 1 0 Network Portion 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 10 00 00 0 193 2 1 64 Network Portion 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 00 00 00 0 193 2 1 128 Network Portion 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 10 00 00 0 193 2 1 192 IFN507 - Prof Glen Tian 158 Valid IP addresses in Subnet#1 Subnet Network Portion Host Part 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 00 00 00 0 0 193 2 1 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 00 00 00 1 1 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 00 00 01 0 2 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 00 00 01 1 3 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 00 00 10 0 4 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 0 1 1 1 1 1 0 62 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 01 11 11 1 63 IFN507 - Prof Glen Tian 159 Subnetting rules Valid IP addresses in a subnet – Host bits cannot be all 0s  this subnet ID – Host bits cannot be all 1s  subnet broadcast Subnet broadcasts are used to send packets to all hosts within the subnet IFN507 - Prof Glen Tian 160 Valid IP addresses in Subnet#2 Subnet Network Portion Host Part 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 10 00 00 0 64 193 2 1 64 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 10 00 00 1 65 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 10 00 01 0 66 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 10 00 01 1 67 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 10 00 10 0 68 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 11 11 11 0 126 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 0 11 11 11 1 127 IFN507 - Prof Glen Tian 161 Valid IP addresses in Subnet#3 Subnet Network Portion Host Part 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 00 00 00 0 193 2 1 128 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 00 00 00 1 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 00 00 01 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 00 00 01 1 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 00 00 10 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 01 11 11 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 01 11 11 1 IFN507 - Prof Glen Tian 162 Valid IP addresses in Subnet#4 Subnet Network Portion Host Part 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 10 00 00 0 193 2 1 192 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 10 00 00 1 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 10 00 01 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 10 00 01 1 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 10 00 10 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 11 11 11 0 1 10 00 00 1 0 00 00 01 0 0 00 00 00 1 1 11 11 11 1 IFN507 - Prof Glen Tian 163 Subnetting Example Your ISP has been allocated a block of address 193.64.33.0/24. Your organization needs to have 8 subnets for its structure. You need to work out: 1) The subnet mask 2) The 8 subnets 3) The valid IP addresses for each subnet 1 11 11 11 1 1 11 11 11 1 1 11 11 11 1 1 11 00 00 0 Network portion (24 bits) Subnet 8>=23 Portion (3 bits) IFN507 - Prof Glen Tian 164 Another Subnetting Example (continued) Your ISP has been allocated a block of address 193.64.33.0/24. Your organization needs to have 8 subnets for its structure. Figure out: 1) the subnet mask, 2) The 8 subnets; 3) the host range in each subnet 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 0 1 0 0 0 0 0 32 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 1 0 0 0 0 0 0 64 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 1 1 0 0 0 0 0 96 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 1 0 0 0 0 0 0 0 128 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 1 0 1 0 0 0 0 0 160 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 1 0 0 0 0 0 0 192 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 1 1 1 1 0 0 0 0 0 224 193 64 33 IFN507 - Prof Glen Tian 165 “Subnet Pie” IFN507 - Prof Glen Tian 166 Another Subnetting Example (continued) Your ISP has been allocated a block of address 193.64.33.0/24. Your organization needs to have 8 subnets for its structure. Figure out: 1) the subnet mask; 2) the 8 subnets; 3) the host range in each subnet This subnet address 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 00 00 00 0 0 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 00 00 00 1 1 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 00 00 01 0 2 1 10 00 00 1 0 10 00 00 0 Subnet #1 0 01 00 01 1 0 00 11 11 0 30 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 00 11 11 1 31 Broadcast address for this subnet 193 IFN507 - Prof Glen Tian 64 33 1 - 30 167 Another Subnetting Example (continued) Your ISP has been allocated a block of address 193.64.33.0/24. Your organization needs to have 8 subnets for its structure. Figure out: 1) the subnet mask; 2) The 8 subnets; 3) the host range in each subnet This subnet address 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 01 00 00 0 32 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 01 00 00 1 33 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 01 00 01 0 34 1 10 00 00 1 0 10 00 00 0 Subnet #2 0 01 00 01 1 0 01 11 11 0 62 1 10 00 00 1 0 10 00 00 0 0 01 00 01 1 0 01 11 11 1 63 Broadcast address for this subnet 193 IFN507 - Prof Glen Tian 64 33 33 - 62 168 VLSM (Variable Length Subnetting) Most sites use the same subnet mask throughout – The subnet mask is 255.255.255.192 #1 #2 MASK 255.255.255.192 #4 #3 IFN507 - Prof Glen Tian 169 VLSM (Variable Length Subnetting) (cont.) Suppose a class C address 212.5.5.0 We requires 3 subnets 60 hosts and 2 with 30 hosts The solution is to subnet a subnet: by borrowing more bits from the host portion… #1 #2 MASK 255.255.255.192 MASK 255.255.255.224 MASK 255.255.255.224 #4 #3 IFN507 - Prof Glen Tian 170 VLSM – Example 212.5.5.0 We require 3 subnets with 60hosts and 2 with 30 hosts. Borrow 2 bits from the host portion – Gives 4 subnets (2 bits for subnet) with 60 hosts each (6 bits for host portion) Further subnet one of the 4 subnets by borrowing an additional 1 bit from the host portion IFN507 - Prof Glen Tian 171 Subnet Included hosts Number of CIDR notation (as hosts calculated next) 1 Sales 120 192.168.10.0 /25 2 Accounting 58 192.168.10.128 /26 3 HR 25 192.168.10.192 /27 4 IT 6 192.168.10.224 /29 5 Executives 5 192.168.10.232 /29 6 WAN link 2 192.168.10.240 /30 7 WAN link 2 192.168.10.244 /30 Actual subnet allocations IFN507 - Prof Glen Tian 172 A further example: nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh 0000 0000 0010 0000 0100 0000 0110 0000 1000 0000 1010 0000 1100 0000 1110 0000 Subnetting: 0000 0001 0010 0001 0100 0001 0110 0001 1000 0001 1010 0001 1100 0001 1110 0001 0000 0010 0010 0010 0100 0010 0110 0010 1000 0010 1010 0010 1100 0010 1110 0010 2 subnets: nnnnnnnn.nnnnnnnn.nnnnnnnn.shhhhhhh 0000 0011 0010 0011 0100 0011 0110 0011 1000 0011 1010 0011 1100 0011 1110 0011.0hhhhhhh 0000 0100 0010 0100 0100 0100 0110 0100 1000 0100 1010 0100 1100 0100 1110 0100 0000 0101.1hhhhhhh 0010 0101 0100 0101 0110 0101 1000 0101 1010 0101 1100 0101 1110 0101 0000 0110 /25 (= 24 + 1) 0010 0110 0100 0110 0110 0110 1000 0110 1010 0110 1100 0110 1110 0110 0000 0111 0010 0111 0100 0111 0110 0111 1000 0111 1010 0111 1100 0111 1110 0111 4 subnets: nnnnnnnn.nnnnnnnn.nnnnnnnn.sshhhhhh.00hhhhhh 0000 1000 0010 1000 0100 1000 0110 1000 1000 1000 1010 1000 1100 1000 1110 1000.01hhhhhh 0000 1001 0010 1001 0100 1001 0110 1001 1000 1001 1010 1001 1100 1001 1110 1001.10hhhhhh 0000 1010 0010 1010 0100 1010 0110 1010 1000 1010 1010 1010 1100 1010 1110 1010.11hhhhhh 0000 1011 0010 1011 0100 1011 0110 1011 1000 1011 1010 1011 1100 1011 1110 1011 /26 (= 24 + 2) 0000 1100 0010 1100 0100 1100 0110 1100 1000 1100 1010 1100 1100 1100 1110 1100 0000 1101 0010 1101 0100 1101 0110 1101 1000 1101 1010 1101 1100 1101 1110 1101 8 subnets: nnnnnnnn.nnnnnnnn.nnnnnnnn.ssshhhhh 0000 1110 0010 1110 0100 1110 0110 1110 1000 1110 1010 1110 1100 1110 1110 1110 /27 0000 1111 0010 1111 0100 1111 0110 1111 1000 1111 1010 1111 1100 1111 1110 1111 16 subnets: nnnnnnnn.nnnnnnnn.nnnnnnnn.sssshhhh 0001 0000 0011 0000 0101 0000 0111 0000 1001 0000 1011 0000 1101 0000 1111 0000 /28 0001 0001 0011 0001 0101 0001 0111 0001 1001 0001 1011 0001 1101 0001 1111 0001 0001 0010 0011 0010 0101 0010 0111 0010 1001 0010 1011 0010 1101 0010 1111 0010 0001 0011 0011 0011 0101 0011 0111 0011 1001 0011 1011 0011 1101 0011 1111 0011 32 subnets: nnnnnnnn.nnnnnnnn.nnnnnnnn.ssssshhh 0001 0100 0011 0100 0101 0100 0111 0100 1001 0100 1011 0100 1101 0100 1111 0100 /29 0001 0101 0011 0101 0101 0101 0111 0101 1001 0101 1011 0101 1101 0101 1111 0101 0001 0110 0011 0110 0101 0110 0111 0110 1001 0110 1011 0110 1101 0110 1111 0110 0001 0111 0011 0111 0101 0111 0111 0111 1001 0111 1011 0111 1101 0111 1111 0111 0001 1000 0011 1000 0101 1000 0111 1000 1001 1000 1011 1000 11

IFN507 Network Systems - QUT Presentation PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue