1 / 34

Operating Systems Networks and TCP/IP Lesson 2: Computer System Basics

This lesson covers the basics of operating systems, networks, and TCP/IP. Topics include computer system management, memory management, scheduling, access controls, network topologies, protocols, and the TCP/IP protocol suite.

solange
Download Presentation

Operating Systems Networks and TCP/IP Lesson 2: Computer System Basics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Review of Operating Systems Networks, and TCP/IP Lesson 2

  2. Computer System Basics • Operating Systems • Manage the computer’s resources • Memory management • Scheduling • Access Controls • Lots of different operating systems • Win9X, Win2K, WinME, NT, Unix, Linux, VMS

  3. What is an operating system? Input/ Output Command Interpreter Accounting Operating system Security Communications Program Development Tools Memory Management Scheduling

  4. Networks • What is a network? • Two or more systems connected together • LAN (local area network) • WAN (Wide area network) • MAN (metropolitan area network)

  5. Network Topologies • Topology – the physical arrangement of the network. • Completely Connected • Star • Ring • Bus • Characteristics • # of connections • # of “hops” • Addition of new nodes • Fairness • Collisions and points of failure

  6. ? Network Topologies

  7. Network Topologies -- Star DisAdv: 1 point of failure Adv: distance = 2 hops connections = n-1 Fairness? Addition of new nodes? Congestion(collisions)?

  8. Network Topologies -- Ring DisAdv: many points of failure Adv: avg dist = (n-1)/2 hops connections = n Fairness (token)? Addition of new nodes? Congestion(collisions)?

  9. Network Topology -- Bus DisAdv: Collisions Adv: distance = 1 “hop” connections = n Fairness? Addition of new nodes?

  10. Protocols • A protocol is an agreed upon format for exchanging information. • A protocol will define a number of parameters: • Type of error checking • Data compression method • Mechanisms to signal reception of a transmission • There are a number of protocols that have been established in the networking world.

  11. OSI Reference Model • ISO standard describing 7 layers of protocols • Application: Program-level communication • Presentation: Data conversion functions, data format, data encryption • Session: Coordinates communication between endpoints. Session state maintained for security. • Transport: end-to-end transmission, controls flow of data • Network: routes data from one system to the next • Data Link: Handles physical passing of data between nodes • Physical: Manages the transmission media/HW connections • Abstraction is the principle, you only have to communicate with the layer directly above and below

  12. TCP/IP Protocol Suite • TCP/IP refers to two network protocols used on the Internet: • Transmission Control Protocol (TCP) • Internet Protocol (IP) • TCP and IP are only two of a large group of protocols that make up the entire “suite” • A “real-world” application of the layered concept. • There is not a one-to-one relationship between the layers in the TCP/IP suite and the OSI Model.

  13. OSI Model Application Presentation Session Transport Network Data-link Physical TCP/IP Protocol Suite NFS FTP, Telnet, SSH, SMTP SMB HTTP, NNTP RPC TCP,UDP IP ICMP ARP Physical Application-level protocols Network-level protocols OSI and TCP/IP comparison

  14. TCP/IP Protocol Suite User Process User Process User Process User Process TCP UDP ICMP IP IGMP HW Interface ARP RARP Media

  15. Encapsulation of data User Data application Applheader User Data TCP TCPheader Application data IP TCP segment IPheader TCPheader Application data Ethernetdriver IP Datagram Ethernetheader IPheader TCPheader Application data Ethernettrailer Ethernet Ethernet Frame

  16. Demultiplexing of a received Ethernet Frame application application application application TCP UDP ICMP IGMP IP ARP RARP Ethernetdriver Incoming Frame

  17. IP Datagram 32 Bits Versionhead lngthType of Service Total Length Identification Flags Frag Offset Time-to-live Protocol Header Checksum Source Address Destination Address Options (if any) Data

  18. TCP Packet Structure 32 Bits Source Port Destination Port Sequence Number Acknowledgment Number Data Offset Reserved Flags Window Checksum Urgent Pointer Options (if any) Data TCP establishes a “virtual circuit” between client and server.

  19. Client sends connection request, Specifying a port to connect to On the server. SYN Server Server responds with both anacknowledgement and a queuefor the connection. client SYN/ACK Server client Client returns an acknowledgementand the circuit is opened. ACK Server client Establishment of a TCP connection(“3-way Handshake”)

  20. User Datagram Protocol (UDP) UDP is a connectionless transport layer protocol that provides no reliability and has no mechanism for connection establishment or termination. UDP makes no guarantee about packet delivery. This “fire and forget” naturemeans a packet is placed on the network and you just hope it gets to where itwas supposed to go to. UDP is commonly used for network services that are not sensitive to anoccasional lost (dropped) packet. Because of the relative overall reliability of the network, it has become lessimportant to have a guaranteed service and thus UDP is a good choice for manystreaming services.

  21. Application Protocols • HTTP – HyperText Transfer Protocol • FTP – File Transfer Protocol • Telnet – A terminal communications facility • SMTP – Simple Mail Transfer Protocol • SSH – Secure SHell

  22. Common Ports • Common Ports used to facilitate communication between common protocols • HTTP: TCP port 80 • Telnet: TCP port 23 • FTP: TCP port 20 and 21 • SMTP: TCP port 25 • SSH: TCP port 22 • DNS: UDP and TCP port 53

  23. Routing • The overall process of delivering a packet from point A to point B. • It is the job of the router to know where to send a packet in order to reach its destination • Routing tables are used to determine where to send a packet. • Static: entries entered once and not updated • Routing Information Protocol (RIP): entire tables shared on a periodic basis. Not very efficient or secure. • Open Shortest Path First (OSPF): Table maintained to determine what the shortest path is to specific destinations. Tremendous overhead. • Border Gateway Protocol (BGP): Peer routers (neighbors) exchange routing information. Entire table initially loaded but subsequent changes limited to updates.

  24. IP Addressing • We’re all familiar with the concept of URL’s and IP addresses, we’ve been using them for a while. We normally like to recall the URL, not the IP address but the network requires the address, DNS (Domain Name Service) solves this problem for us. • When you use a site’s name, your computer will send a DNS query to your local DNS server, if it knows the address it will return it otherwise it will send a query to a higher-level domain server, which may forward the query further up and so forth until the address is obtained. • There are two basic ways to assign an IP address to a computer: • Static – an address is assigned to a specific system and stays with it • DHCP (Dynamic Host Configuration Protocol) – a dynamic addressing scheme that allows us to allocate IP addresses on a first-come, first-served basis. When a device connects to the network, it queries a DHCP server to obtain an IP address from a range of addresses. If the server runs out of addresses, the requestor is out of luck. • more people can access the network without using as many addresses

  25. Network Address Translation (NAT) • There are a limited number of IP addresses available and not every system needs one. • NAT was developed to provide a means to translate private IP addresses into public IP addresses. • A device (typically a router or firewall) will accomplish this translation process. Source: 63.69.110.110Destination: 207.25.71.23 Source: 10.1.1.123Destination: 207.25.71.23 Firewall performs NAT Source: 207.25.71.23 Destination: 63.69.110.110 Source: 207.25.71.23 Destination: 10.1.1.123

  26. Network Address Translation A modern NAT gateway must change the Source address on every outgoing packet to be its single public address. It therefore also renumbers the Source Ports to be unique, so that it can keep track of each client connection. The NAT gateway uses a port mapping table to remember how it renumbered the ports for each client's outgoing packets. The port mapping table relates the client's real local IP address and source port plus its translated source port number to a destination address and port. The NAT gateway can therefore reverse the process for returning packets and route them back to the correct clients. When any remote server responds to an NAT client, incoming packets arriving at the NAT gateway will all have the same Destination address, but the destination port number will be the unique Source Port number that was assigned by the NAT. The NAT gateway looks in its port mapping table to determine which "real“ client address and port number a packet is destined for, and replaces these numbers before passing the packet on to the local client.

  27. Internet Control Message Protocol (ICMP) ICMP uses the IP datagram delivery facility to send its messages. IP Header ICMP message 20 bytes The format for the ICMP message is as follows: 8-bit type 8-bit code 16-bit checksum (contents -- depends on type and code) ICMP performs the following control, error reporting, and informational Functions for TCP/IP: - Flow Control - Detecting unreachable destinations - Redirecting routes - Checking remote hosts (e.g. ping)

  28. Internet Control Message Protocol (ICMP) • Type Code Message • 0 0 Echo Reply • 3 0 Net Unreachable • 1 Host Unreachable • 3 3 Port Unreachable • 5 1 Host Redirect • 8 0 Echo Request • 11 0 Time-to-live exceeded • 13 0 Timestamp Request • 14 0 Timestamp Reply

  29. DNS • Domain Name System (service) – provides services that translate host names to IP addresses and back again. • Two modes of operation • Communication to clients that need names resolved, accomplished via UDP • Transfer of large blocks of DNS records (to distribute the workload of resolving addresses), done using TCP (known as a DNS zone transfer). • One of most common DNS servers is the Berkley Internet Name Domain (BIND) DNS server available for most UNIX systems as well as for Microsoft NT. • Typically runs on port 53 using UDP and TCP

  30. IPv4 versus IPv6 • From the IPv6 FAQ, what are the merits of IPv6? • scalability:IPv6 uses 128bit address space. Address length is 4 times longer than IPv4. • security:IPv6 basic specification includes security. It includes packet encryption (ESP:Encapsulated Security Payload) and source authentication (AH:Authentication Header). [confidentiality and authentication] • real-time:To support real-time traffic such as video conference, IPv6 has "Flow Label". Using flow label, routers can know which end-to-end flow a packet belongs to, and then find out the packet which belongs to real-time traffic. [needed to allow for prioritization of traffic] • autoconfiguration:IPv6 basic specification includes address autoconfiguration. So, even a novice user can connect their machine to network. • specification optimization:IPv6 keeps good parts and discards old and useless parts of IPv4.

  31. IP Security (IPSEC) • Optional in IPv4, supported in IPv6. • Two major modes: • Tunnel: encrypts both the data and header portions of the packet. • Transport: encrypts the data portion of the packet. • Requires both ends to be using IPSEC (obviously, since one end will encrypt, the other needs to be able to decrypt).

  32. About IPSEC (from the IPSEC FAQ) • IPsec = AH + ESP + IPcomp + IKE • IPsec consists of a couple of separate protocols, listed below: • Authentication Header (AH): provides authenticity guarantee for packets, by attaching strong crypto checksum to packets. If you receive a packet with AH and the checksum operation was successful, you can be sure about two things : • The packet was originated by the expected peer. The packet was not generated by an impersonator. • The packet was not modified in transit. • Encapsulating Security Payload (ESP): provides confidentiality guarantee for packets, by encrypting packets with encryption algorithms. If you receive a packet with ESP and successfully decrypted it, you can be sure that the packet was not wiretapped in the middle. • IP payload compression (IPcomp): ESP provides encryption service to the packets. However, encryption tends to negatively impact compression on the wire. IPcomp provides a way to compress packets before encryption by ESP (Of course, you can use IPcomp alone if you wish to). • Internet Key Exchange (IKE): AH and ESP need shared secret keys between peers. For communication between distant locations, we need to provide ways to negotiate keys in secrecy. IKE will make this possible.

  33. Ethernet • The most common physical layer protocol. • A shared media protocol, collisions possible • Uses CSMA/CD to control traffic • Several different variations of Ethernet exist • 10Base-2 : Thinnet (thin coax) • 10Base-5: Thicknet (earliest version, thick coax) • 10Base-T: Standard twisted pair Ethernet • 100Base-T: Fast Ethernet • 1000Base-T: Gigabit Ethernet

  34. Summary • Computer System Basics • Network Topologies • Network Addressing • IPSEC

More Related