CIT 500: IT Fundamentals

CIT 500: IT Fundamentals

Networking

1

Topics

1. LANs and WANs2. TCP/IP Layers3. IP Addressing and Routing4. SSH remote logins5. Web access6. Network commands

2

Networks

Networks are groups of connected computers.– Wired: ethernet, frame relay.– Wireless: 802.11, bluetooth.

Scales– LAN– WAN– Internetwork

Hardware– Network Interface Cards (NICs)– Hubs and switches– Routers

3

Circuit vs Packet Switching

Circuit-switched: A connection called a circuit is set up between two devices and used for the whole communication.

Packet-switched: Data is chopped up into small pieces called packets and sent over the network. Each packet may follow a different path between the communicating parties.

Circuit vs Packet Switching

Logical and Physical Network Paths

Logical network path

6

Physical network path

Send me the web page at http://nku.edu/.

PC

Here’s the HTML data for that page.

PC

Server

Server

Switch

RouterSwitch

Router

Local Area Networks

• Network covering a small physical area, i.e. an office up to a campus.

• LAN Hardware– Network Interface Card (NIC)– Twisted pair cabling.– RJ45 connectors.

7

Broadcast Local Delivery

• Send message to every PC on network.

• Each PC checks address that message was sent to.

• If address matches address of PC, PC accepts message.

8

Hub

Switched Local Delivery

Switch learns location of PCs.Ex: A sends message to C.

1. Switch receives traffic on port 1.2. Adds A to table for port 1.3. Switch sends message to all ports but 1.

9

Port Computer

1 ?

2 ?

3 ?

4 ?

Port Computer

1 A

2 B

3 C

4 D

Initial Switch Table

Final Switch Table

Switch

A B C D

4

2

1

3

Ethernet MAC Addresses

• OUI assigned by IEEE.• Burned in address (BIA) stored in ROM.• Can be replaced with a local address.

Switch Hardware

Switch ports can plug into– Other switches.– Hubs.– PCs or other end devices.

11

Small Home/Office Switch

Rack-mounted Switch

Building larger LANs

What if you run out of ports?– Plug a switch into one of the ports.

What if you run out of port/MAC table space?– Build larger tables—for every host in world?– Use routing.

How is routing different from switching?– Structured addresses allow grouping of hosts.

12

Routing LogicPC1: If host on same Ethernet,

send; otherwise, send to gateway router.

R1, R2: Lookup destination in route table and forward packet to specified router.

R3: Lookup destination in route table and send to local Ethernet.

IP Addresses32-bit integers

One for each network interface.Dotted decimal notation: ii.jj.kk.ll

172 . 16 . 254 . 1

10101100 00010000 11111110 00000001

1 byte

32 bits = 4 bytes

Grouping IP AddressesGroups of consecutive IP addrs are called networks.

Routing table would only need 3 entries below.

Network and Host Parts

IP addresses are divided into two parts– Network ID (like zip code)– Host ID (like street address)

Network ID Host ID

Two special IP addresses– Network address (e.g. 130.4.0.0)– Broadcast address (e.g. 130.4.255.255)

CIT 384: Network Administration Slide #17

Assigning Addresses

ICANN assigns network numbers.– Internet Corporation for Assigned Network

Numbers.– ICANN gives authority to regional orgs, e.g. ARIN

(American Registry for Internet Numbers)– Typically to ISPs, universities, corporations.

ISP assigns IP addresses within network

Why WANs?The obvious answer: distance

– Ethernet can’t travel over many miles.– You don’t have the rights-of-way to run a cable

over many miles between sites.

Solution: point-to-point leased line.

What is the Internet?

1. The Internet isn't complicated2. The Internet isn't a thing. It's an agreement.3. The Internet is stupid.4. Adding value to the Internet lowers its value.5. All the Internet's value grows on its edges.6. The Internet's three virtues:

a. No one owns it b. Everyone can use it c. Anyone can improve it

From http://www.worldofends.com/20

Internet StandardsIETF (Internet Engineering Task Force)

– Open group responsible for Internet standards.RFC (Request for Comments)

– Internet standard documents.– IETF archives RFCs at www.ietf.org.

IANA (Internet Assigned Numbers Authority)– Coordinates unique network numbers.– IP addresses, protocol numbers, etc.

ICANN (Inet. Corp. for Assigned Names & Numbers)– Manages DNS top level domains (TLDs) like .com, .gov– Gives domain registrars responsibilities over domains.

History of Internet1969 ARPAnet created (4 hosts)1984 DNS deployed1986 Cleveland Freenet offers free Internet access1987 Number of hosts reaches 10,0001988 Morris Worm1989 Number of hosts reaches 100,0001990 First commercial dialup ISP1991 WWW released at CERN1992 Number of hosts reaches 1,000,0001993 Mosaic, graphical web browser, released1994 First banner ads appear on the web1995 AOL offers Internet access1996 Telcos try to ban Internet telephones1996 Number of hosts reaches 10,000,0002000 Number of hosts reaches 100,000,000

CIT 140: Introduction to IT Slide #23

The Domain Name System

CIT 140: Introduction to IT Slide #24

Dig: DNS Lookupdig [options]

Purpose Interact with name servers specified in/etc/resolv.conf and display

their responsesOutputResponses of name servers for queries

sent to themCommonly used option/features:-f file For batch operation , take domain names

(or IP addresses) from ‘file-p port Interact with a name server at ‘port’

instead of the default port53

CIT 140: Introduction to IT Slide #25

Dig Example> dig www.google.com

; <<>> DiG 8.3 <<>> www.google.com;; res options: init recurs defnam dnsrch;; got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 5,

ADDITIONAL: 0;; QUERY SECTION:;; www.google.com, type = A, class = IN

;; ANSWER SECTION:www.google.com. 14m40s IN CNAME www.l.google.com.www.l.google.com. 4m40s IN A 72.14.203.104www.l.google.com. 4m40s IN A 72.14.203.99

SSH Remote Login

SSH Features

Secure loginssh –l user host

Secure remote command executionssh –l user host command

Secure file transfersftp –l user hostscp file user@host:/tmp/myfile

The Problem of Passwords

1. Good passwords are hard to remember.2. Password transferred to remote system.3. Automating remote access with passwords is

difficult.

Key-based Authentication

SSH has a public-key authentication feature.Private key stored in your machine.Public key stored on remote machines.

Public-key login protocol1. Client sends server a login request.2. Server issues a challenge.3. Client responds with computation based on

challenge and private key.4. Server checks response with public key.

Using key-based authentication

1. Generate a public/private key pair.ssh-keygen

Encrypted key files: id_dsa, id_dsa.pub

2. Copy public key to remote hostCopy to ~/.ssh/authorized_keys.

3. Login to remote hostssh –l user remote

Keys are more secure than Passwords

1. Need to have two items to login: key file and passphrase.

2. Neither key nor passphrase is sent to remote host.

3. Machine-generated cryptographic keys are infeasible to guess, unlike passwords.

SSH Agent

Problem: you have to enter passphrase to decrypt the key each time you use ssh.

Solution: SSH Agent> ssh-agent $SHELL > ssh-add Enter passphrase for /home/jw/.ssh/id_dsa: ********

Identity added: /home/you/.ssh/id_dsa (/home/jw/.ssh/id_dsa)

> ssh –l jw host

SSH Agent Features

Agent support for entire session.Start ssh-agent on initial shell.X: ~/.xsession (Often enabled by default.)

Multiple keysssh-add keyfilessh-add –l

Remove keysssh-add –d keyfilessh-add –D

Text-based web browsers

Widely used text-based browsers– Lynx– Links

Advantages– Support for blind users.– Privacy: no image-based web bugs.– Performance.– Use –dump option for non-interactive use.

34

wget

wget URL – non-interactive network download

-o file Save URL to specified file.-c Continue getting partially downloaded file.-p Download all support files (images, css, js.)-k Change links to point to local files (-k –p)-r Recursively download links in target.-t # Retry specified number of times (default 20)

35

Ping

• Test to see if remote host is available.• If connection fails, test link by link

– Ping system on your LAN.– Ping closest router.– Ping next router.– …– Ping target system.

• One link will fail if cannot reach remote host.• Use –c option to specify number of packets.

36

Traceroute

Tracks path through each router to destination– Reports which routers the packets passed through– Reports how much time it took for each hop

Useful for identifying network problems– Identify which links are down– Identify which links are slow

Remote traceroutes via www.traceroute.org.

37

ifconfig

ifconfig [-a] int – configure a network interface

Only root can modify settings.

[-a] list settings for all interfacesint list settings for the specified interface

intLinux typically uses eth0, eth1 for

Ethernet38

hostname

hostname – show or set system’s host name; may or may not include DNS

domain.

dnsdomainname – show or set system’s DNS domain name.

39

References

1. Daniel J. Barrett, Robert G. Byrnes, Richard E. Silverman, SSH, The Secure Shell, 2nd edition, O’Reilly, 2005.

2. Wendell Odom, CCNA Official Exam Certification Library, 3rd edition, Cisco Press, 2007.

3. Bill Parkhurst, Routing First-Step, Cisco Press, 2005.4. Doc Searls and David Weinberger, World of Ends,

http://www.worldofends.com/, 2003.5. W. Richard Stevens, TCP/IP Illustrated, Addison-Wesley,

19946. Nicholas Wells, The Complete Guide to Linux System

Administration, Thomson Course Technology, 2005.

40