ISP Services Working at a Small-to-Medium Business or ISP – Chapter 7 Copyleft 2012 Vincenzo Bruno (www.vincenzobruno.it) Released under Crative Commons License 3.0 By-Sa Cisco name, logo and materials are Copyright Cisco Systems Inc. 1 Overview Customer Requirements Scenarios Customer Requirements Scenarios Scenario 1 - The customer owns and manages all their own network equipment and services. These customers only need reliable Internet connectivity from the ISP. Scenario 2 - The ISP provides Internet connectivity. The ISP also owns and manages the network connecting equipment installed at the customer site. ISP responsibilities include setting up, maintaining, and administering the equipment for the customer. The customer is responsible for monitoring the status of the network and the applications, and receives regular reports on the performance of the network. Scenario 3 - The customer owns the network equipment, but the applications that the business relies on are hosted by the ISP. The actual servers that run the applications are located at the ISP facility. These servers may be owned by the customer or the ISP, although the ISP maintains both the servers and the applications. Servers are normally kept in server farms in the ISP network operations center (NOC), and are connected to the ISP network with a highspeed switch. Reliability, Availability, SLA ● Reliability can be measured in two ways: ● ● ● ● ● mean time between failure (MTBF): Equipment manufacturers specify MTBF based on tests they perform as part of manufacturing. The measure of equipment robustness is fault tolerance. The longer the MTBF, the greater the fault tolerance. mean time to repair (MTTR): is established by warranty or service agreements. An equipment failure impacts the ability of the ISP to meet the terms of the SLA. To prevent this, an ISP may purchase expensive service agreements for critical hardware to ensure rapid manufacturer or vendor response. An ISP may also choose to purchase redundant hardware and keep spare parts on site. Availability is normally measured in the percentage of time that a resource is accessible. Traditionally, telephone services are expected to be available 99.999% of the time. This is called the five-9s standard of availability. As ISPs offer more critical business services, such as IP telephony or high-volume retail sale transactions, ISPs must meet the higher expectations of their customers. ISPs ensure accessibility by doubling up on network devices and servers using technologies designed for high availability. In redundant configurations, if one device fails, the other one can take over the functions automatically. Redundance TCP/IP transport protocols TCP/IP Layers OSI and TCP/IP The TCP/IP model and the OSI model have similarities and differences. ● ● Similarities ● Use of layers to visualize the interaction of protocols and services ● Comparable Transport and Network layers ● Used in the networking field when referring to protocol interaction Differences ● ● OSI model breaks the function of the TCP/IP Application Layer into distinct layers. The upper three layers of the OSI model specify the same functionality as the Application Layer of the TCP/IP model. The TCP/IP suite does not specify protocols for the physical network interconnection. The two lower layers of the OSI model are concerned with access to the physical network and the delivery of bits between hosts on a local network. TCP and UDP ● ● ● ● ● ● ● ● ● TCP is a reliable, guaranteed-delivery protocol. TCP specifies the methods hosts use to acknowledge the receipt of packets, and requires the source host to resend packets that are not acknowledged. TCP also governs the exchange of messages between the source and destination hosts to create a communication session. TCP is often compared to a pipeline, or a persistent connection, between hosts. Because of this, TCP is referred to as a connection-oriented protocol. TCP requires overhead, which includes extra bandwidth and increased processing, to keep track of the individual conversations between the source and destination hosts and to process acknowledgements and retransmissions UDP is a very simple, connectionless protocol. It provides low overhead data delivery. UDP is considered a "best effort" Transport Layer protocol because it does not provide error checking, guaranteed data delivery, or flow control. Because UDP is a "best effort" protocol, UDP datagrams may arrive at the destination out of order, or may even be lost all together. Applications that use UDP can tolerate small amounts of missing data. An example of a UDP application is Internet radio. If a piece of data is not delivered, there may only be a minor effect on the quality of the broadcast. TCP and UDP Encapsulations Three Way Handshake ● ● Before a TCP session can be used, the source and destination hosts exchange messages to set up the connection over which data segments can be sent. The two hosts use a three step process to set up the connection. In the first step, the source host sends a type of message, called a Synchronization Message, or SYN, to begin the TCP session establishment process. The message serves two purposes: ● ● ● ● ● It indicates the intention of the source host to establish a connection with the destination host over which to send the data. It synchronizes the TCP sequence numbers between the two hosts, so that each host can keep track of the segments sent and received during the conversation. For the second step, the destination host replies to the SYN message with a synchronization acknowledgement, or SYN-ACK, message. In the last step, the sending host receives the SYN-ACK and it sends an ACK message back to complete the connection setup. Data segments can now be reliably sent. This SYN, SYN-ACK, ACK activity between the TCP processes on the two hosts is called a three-way handshake TCP Timer and Order ● ● The timer allows sufficient time for the message to reach the destination host and for an acknowledgement to be returned. If the source host does not receive an acknowledgement from the destination within the allotted time, the timer expires, and the source assumes the message is lost. ● The portion of the message that was not acknowledged is then re-sent. ● TCP also specifies how messages are reassembled at the destination host. ● Each TCP segment contains a sequence number. ● ● At the destination host, the TCP process stores received segments in a buffer. By evaluating the segment sequence numbers, the TCP process can confirm that there are no gaps in the received data. When data is received out of order, TCP can also reorder the segments as necessary. UDP uses ● Although the total amount of UDP traffic found on a typical network is often relatively low, Application Layer protocols that do use UDP include: ● Domain Name System (DNS) ● Simple Network Management Protocol (SNMP) ● Dynamic Host Configuration Protocol (DHCP) ● RIP routing protocol ● Trivial File Transfer Protocol (TFTP) ● Online games ● Audio and video streaming TCP and UDP datagrams Multiple Services with Ports Host Names ● ● ● ● Virtually all computer systems still maintain a local HOSTS file. A local HOSTS file is created when TCP/IP is loaded on a host device. As part of the name resolution process on a computer system, the HOSTS file is scanned even before the more robust DNS service is queried. A local HOSTS file can be used for troubleshooting or to override records found in a DNS server DNS Hierarchy ● ● ● ● DNS uses domain names to form the hierarchy. The naming structure is broken down into small, manageable zones. Each DNS server maintains a specific database file and is only responsible for managing name-to-IP mappings for that small portion of the entire DNS structure. When a DNS server receives a request for a name translation that is not within its DNS zone, the DNS server forwards the request to another DNS server within the proper zone for translation DNS Process Resolvers ● ● ● ● ● Resolvers are applications or operating system functions that run on DNS clients and DNS servers. When a domain name is used, the resolver queries the DNS server to translate that name to an IP address. A resolver is loaded on a DNS client, and is used to create the DNS name query that is sent to a DNS server. Resolvers are also loaded on DNS servers. If the DNS server does not have the name-to-IP mapping requested, it uses the resolver to forward the request to another DNS server. DNS Hierarchy and FQDN ● ● ● ● ● ● The root DNS server may not know exactly where the host H1.cisco.com is located, but it does have a record for the .com toplevel domain. Likewise, the servers within the .com domain may not have a record for H1.cisco.com either, but they do have a record for the cisco.com domain The DNS servers within the cisco.com domain do have the record for H1.cisco.com and can resolve the address DNS relies on this hierarchy of decentralized servers to store and maintain the resource records. The resource records contain domain names that the server can resolve, and alternate servers that can also process requests. The name H1.cisco.com is referred to as a fully qualified domain name (FQDN) or DNS name, because it defines the exact location of the computer within the hierarchical DNS namespace. DNS Name Resolution Dynamic DNS Updates ● ● ● ● ● To make updating the DNS zone information easier, the DNS protocol was changed to allow computer systems to update their own record in the DNS zone through dynamic updates. Dynamic updates enable DNS client computers to register and dynamically update their resource records with a DNS server whenever changes occur. To use dynamic update, the DNS server and the DNS clients, or DHCP server, must support the dynamic update feature. Dynamic updates on the DNS server are not enabled by default, and must be explicitly enabled. Most current operating systems support the use of dynamic updates Two methods: client update or DHCP server update 1: The Client updates DNS 2: DHCP Server updates DNS DNS Zones ● ● ● ● ● DNS servers maintain the zone database for a given portion of the overall DNS hierarchy. Resource records are stored within that DNS zone. DNS zones can be either a forward lookup or reverse lookup zone. They can also be either a primary or a secondary forward or reverse lookup zone. Each zone type has a specific role within the overall DNS infrastructure. Forward and Reverse Lookup Zones ● A forward lookup zone is a standard DNS zone that resolves fully qualified domain names to IP addresses. ● ● ● This is the zone type that is most commonly found when surfing the Internet. When typing a website address, such as www.cisco.com, a recursive query is sent to the local DNS server to resolve that name to an IP address to connect to the remote web server. A reverse lookup zone is a special zone type that resolves an IP address to a fully qualified domain name. ● ● ● Some applications use reverse lookups to identify computer systems that are actively communicating with them. There is an entire reverse lookup DNS hierarchy on the Internet that enables any publicly registered IP address to be resolved. Many private networks choose to implement their own local reverse lookup zones to help identify computer systems within their network. Reverse lookup commands ● ● ● Reverse lookups on IP addresses can be found using the ping -a [ip_address] command (only on windows). In Gnu/Linux add -x to the dig command: ● dig www.fis.unical.it (forward lookup) ● dig -x 192.167.201.212 (reverse lookup) The most common uses of the reverse DNS are: ● Anti-spam ● Network troubleshooting ● Avoid spammers and phishers using a forward confirmed reverse DNS etc Primary and Secondary Zones ● Primary Zones: A primary DNS zone is a zone that can be modified. ● ● ● ● When a new resource record needs to be added or an existing record needs to be updated or deleted, the change is made on a primary DNS zone. When you have a primary zone on a DNS server, that server is said to be authoritative for that DNS zone, since it will have the answer for DNS queries for records within that zone. There can only be one primary DNS zone for any given DNS domain; however, you can have a primary forward and primary reverse lookup zone. A secondary zone is a read-only backup zone maintained on a separate DNS server than the primary zone. ● ● ● The secondary zone is a copy of the primary zone and receives updates to the zone information from the primary server. Since the secondary zone is a read-only copy of the zone, all updates to the records need to be done on the corresponding primary zone. You can also have secondary zones for both forward and reverse lookup zones. Depending on the availability requirements for a DNS zone, you may have many secondary DNS zones spread across many DNS servers. End of lesson