COM342_L7A - eej.ulst.ac.uk

advertisement
COM342
Networks and Data Communications
Lecture 7A: Practical TCP/IP Networks
Ian McCrum
Room 5B18
Tel: 90 366364 voice mail on 6th ring
Email: IJ.McCrum@Ulster.ac.uk
Web site: http://www.eej.ulst.ac.uk
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/1/30
Setting up networking
• Ethernet cards; e.g 3C509 from 3com, in the (very) old days cards
were sold as NE2000 compatible. Keypoints are obviously the
type of connection at the back, 10BaseT or 10Base2. But is also
nice to have flashing lights…
• 10Base2 needs proper T-pieces and terminators. A simple daisy
chain is used, with cables at least 2 metres long. My stack of PCs
made for cramped cabling so I have now swopped for twisted pair
(10BaseT).
• 10BaseT needs proper cables, these can be straight ( or normal) or
they can be crossover types, PC <->hubs use straight but Hubs <->
network sockets on the wall need crossover types.
• It is possible to link two PCs without using a hub, but you must
use a crossover cable.
• The lab in week 12 is to do with making up 10BaseT leads.
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/2/30
In Windows you can see how many packets
pass through your network card
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/3/30
We get other information from running utilities
E.g From START->RUN->CMD (or command.com) IPCONFIG/ALL
……
Physical Address. . . . . . . . . : 00-03-47-B8-53-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : 21 November 2004 11:12:30
Lease Expires . . . . . . . . . . : 22 November 2004 11:12:30
The machine at 192.168.0.1 is a windows 98 box running “ICS” internet
connection sharing. It actually passes DNS queries on to my ISP. The LAN
is not aware of anything beyond this router. It can surf and connect
using SSH or ftp. I run zonealarm on the router and am careful not to
run “servers” within the LAN.
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/4/30
Simple LANs
If we ignore the internet for the minute then all we must do
is link all PCs to our LAN. This is straight forward
All must be on the same network,
the network part of their IP number
Then possibly to another LAN.
router
First you need to recall data about IP numbers and netmasks
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/5/30
IP Numbers
• The first half of the available range for Ipv4 is taken up with Class
A machines. 8 bits are used for the network
• The next quarter is class B, 16 bits are used for the network. And
the last quarter (roughly) is class C where 24 bits are used for the
network portion.
• An example Class-C is 193.61.142.120 with a netmask of
255.255.255.0 This can also be described as 193.61.142.120/24
• You are allowed to use 192.168.0.0 to 192.168.255.255 for you
own use without registering it. These special private addresses
cannot be put onto the internet. Of course what you do in the
privacy of your own home, your own LANs is your own
business…
• There are also class A and class C numbers reserved for private
addresses. E.g 10.0.0.0 to 10.255.255.255 and there are also a few
other funny numbers used here and there…
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/6/30
Setting up addresses
• If you are setting up a machine on a LAN administered by
someone else you must either.
• Get the IP number and netmask as well as the IP number of the
gateway and the IP number of the DNS server from the network
administrator. He might want to know what physical network
socket you are plugging into, or even the MAC number burnt onto
your network card (NIC). Remember Lab 2; you can use
IFCONFIG /all to get that.
• Or if he is using Dynamic Host Control Protocol ( DHCP) then
you just tick the “automatic boxes”
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/7/30
TCP/IP on my machine
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/8/30
My IP no 193.61.148.83
• What can we determine about it?
– Since it is in the range 192.0.0.0 to 223.255.255.255
1100-0000 0000-0000 0000-0000 0000-0000
– It must be a class C address
• Where 1st 3 bits identify that it is class C
• Next 21 bits identify network ( one of 2 millionish)
• Last 8 bits host within network.
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/9/30
http://www.ripe.net/index.html
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/10/30
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/11/30
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/12/30
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/13/30
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/14/30
•193.61.128.00 /14
•193.61.159.255
range for UUJ
•1100 0000 | 0011 1101 | 1000 0000 | 0000 0000
= 193.61.128.0
•1100 0000 | 0011 1101 | 1001 1111 | 1111 1111
= 193.61.159.255
•(159-128)*256 = 7936 addresses
•193.61.160.00 /14
•193.61.175.255
range for UUC
•1100 0000 | 0011 1101 | 1010 0000 | 0000 0000
= 193.61.160.0
•1100 0000 | 0011 1101 | 1010 1111 | 1111 1111
= 193.61.175.255
•(175-160)*256 = 3840 addresses
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/15/30
1111 1111 | 1111 1100 | 0000 0000 | 0000 0000 = 255.252.0.0 mask (aggregate
entry in CIDR) sometimes depicted as \14 since the first 14 bits are set to 1.
1100 0000 | 0011 1101 | 1001 0100 | 0101 0011
1111 1111 | 1111 1100 | 0000 0000 | 0000 0000
1100 0000 | 0011 1100 | 0000 0000 | 0000 0000
= 193.61.148.83
= 255.252.0.0
= 193.60.0.0 it’s a match!
The first fourteen bits must be identical to those in red in order that an IP
address be routed in this direction.
Hence UUJ has
From:
1100 0000 | 0011 1101 | 1000 0000 | 0000 0000
= 193.61.128.0
To:
1100 0000 | 0011 1101 | 1001 1111 | 1111 1111
= 193.61.159.255
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/16/30
Getting your own IP number
Whoever connects you to the internet must look after routing
your traffic, they must give you a number from the bank of
numbers that they adminster
They can give you one static number or a range of static
numbers, these will be related and involve some sort of
netmask, at least partially. E.g UUJ
Most home users will be given one number, usually allocated
dynamically, the number can change and will be different
every time you switch on or reboot
My ISP charges £2 extra for a static IP number
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/17/30
Setting up your own domain
• You can buy vacant domain names from e.g Simply.com. There
will be a yearly fee, about a tenner for a .com and less for a .co.uk
or .org I’ll not cover the “naming schemes here” look it up.
• Once you know the IP number of the machine you are going to
use you can tell the seller to give you a “redirect” from his
machines. Traffic for your named machine will get your number
• There are a few places that will give you a free name, if it is
within their realm. E,g I have mccrum.homelinux.com the site
www.dyndns.org owns this (and 48 other domains).
• This site also allows you to change the destination IP number
yourself, or better still automatically. My ISP gives me an IP
number for the machine at my house, but he can change it. There
is a small program running on my router PC that monitors this and
re-registers the new number at dyndns.org (see dyndns for details)
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/18/30
Talking across LANs
• Consider that I, on 193.61.148.83 with subnet mask
255.255.255.0, wish to talk to Mary on 193.61.149.46.
• Since my subnet mask defines that all with addresses
193.61.148.0 to 193.61.148.255 as local
• this packet to 193.61.149.46 will be passed to a router
(gateway) on 193.61.148.200
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/19/30
Note the route has two NICs one for each network
193.61.148.00/24
Router
193.61.149.00/24
Packet
Mary
Me
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/20/30
First step forward to route and stored there
Source
IP
My IP
address
Mary’s IP
address
193.61.148.83
193.61.149.46
My MAC
MAC
address
21/11/2004
Destination
Router’s lhs
MAC
address
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/21/30
Packet in router and passed up to IP layer
Packet
193.61.148.00/24
Router
193.61.149.00/24
Me
21/11/2004
Mary
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/22/30
Second step rebuild packet and forward to Mary
Source
IP
My IP
address
Mary’s IP
address
193.61.148.83
193.61.149.46
Router’s
MAC rhs MAC
address
21/11/2004
Destination
Mary’s
MAC
address
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/23/30
Packet passed to Mary
193.61.148.00/24
Router
193.61.149.00/24
Packet
Me
21/11/2004
Mary
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/24/30
Routing tables
192.168.111.1/24
192.168.0.1/24
Router
192.168.0.3/24
192.168.111.2/24
Packet
Mary
Me
Network Destination
Netmask
Gateway
0.0.0.0
0.0.0.0
192.168.0.1
127.0.0.0
255.0.0.0
127.0.0.1
192.168.0.0
255.255.255.0
192.168.0.3
192.168.0.3
255.255.255.255
127.0.0.1
192.168.0.255
255.255.255.255
192.168.0.3
eth0
224.0.0.0
224.0.0.0
192.168.0.3
eth0
255.255.255.255
255.255.255.255
192.168.0.3
eth0
Default Gateway:
Interface
eth0
loopback
eth0
loopback1
192.168.0.1
Use the following commands to see the routing tables; In Linux route –n is useful in windows try ROUTE PRINT…
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/25/30
In the Linux world
• Many routers, including the wireless ones that combine hubs and/or ADSL
modems or interfaces for modems use linux as an embedded OS. You can
access these, either by pointing a browser at the machine, possibly/typically
using an unusual port number (not 80!) or by using Telnet or the more secure
version SSH.
• Windows users must download a SSH client (e.g PUTTY) but telnet and a web
browser are already.
• It is easy to configure an old PC as a router, either with two ethernet cards or
more usually, one ethernet card and one ADSL modem or simple wireless
access point.
• If your wireless AP has a built in hub for 10BaseT then you can use it.
• The decision is whether to split your home into two LANs or persevere to get
one working.
• Some knowledge of firewalls is also required since your AP or even combined
ADSL modems and routers will offer this.
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/26/30
In the Linux world, a simple router
• An basic understanding of Linux will require reading a few hundred pages…it
is almost possible to configure linux by clicking various readymade gui tools
but at some stage you WILL have to check and maybe edit a few text files. You
will need to have a simple terminal window open to do this and know a few
commands {ls –l , cd dir, cd .., cat file, vi file (:wr, :q! etc)}
• Assuming the two ethernet card network (the rest are similar). Know which
cards you are using, easier if different types!
• When linux boots it searches for hardware and if it finds the cards it inserts
various modules of code into its kernel, it can also get hints by looking at the
file /etc/modprobe.conf if you examine the boot log (run dmesg) it can help
• First thing to do is check that the correct modules to drive your ethernet cards
have been inserted, use the lsmod command for this (look at man lsmod)
• Then use the ifconfig –a and route –n commands to check all is ok
• ping is your friend.
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/27/30
Examples of linux commands
(for 3C509 and 3c905B PCI card)
• I identified the cards by (a) reading the labels and (b) running the lspci command
from a linux terminal
• modprobe eth0 3c59x ;I found 3c5x9.o in /lib/modules/ I also checked the
Ethernet_HOWTO at www.tldp.org for guidance on 3Com network cards.
• I had to boot a dos floppy that contained 3C5x9cfg.exe to set the cards transceiver
type to 10BaseT and enable plug and play. Further docs are found in /use/src/linux
• ifconfig eth0 192.168.0.1
• ifconfig eth1 192.168.111.1
• route add –net 192.168.0.0 netmask 255.255.255.0 eth0
• route add –net 192.168.111.0 netmask 255.255.255.0 eth1
• route add default gw 192.168.111.200 ; router passes rest to ADSL modem
• Few other miscellaneous things to do, enable forwarding in the kernel. This
involves either recompiling or writing a ‘1’ to a “file” in /proc I.e
echo 1 > /proc/sys/net/ipv4/ip_forward
• Also to make changes permanent you need to either invoke the commands above
on powerup (in one of the rc scripts) or use your linux distribution configuration
files, e.g /etc/sysconfig/network
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/28/30
Summary; what you should know
• A lot of the preceding detail is only for your interest.
• Know about IP numbers, what range each class takes
• Know that there are private IP addresses that are not
routed, at least on the public internet
• Realise that one LAN can be linked to another through a
router that has two NICs
• Realise that each LANs IP network addresses must be
different to allow routing.
• Realise that routing tables must have “routes” for each
destination address, LAN1, LAN2 and the rest of the
word. You do NOT need to know the details…
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/29/30
Final version
router
Router, with USB modem
Also does IP Masquerading
• And when I get my wireless router it is going to get worse!
• Thank goodness for linux!
• A good overview of Pat Sweeney’s cable modem setup is
contained in lecture COM342_L7B
21/11/2004
www.eej.ulster.ac.uk/~ian/modules/COM342/COM342_L7A.ppt
L7A/30/30
Download