CCNA Discovery
advertisement
CCNA Discovery Chapter 7 Oh, so they have Internet on computers now! ISP’s Provide Services • • • • • Email Web Hosting Media Streaming IP Telephony File Transfer ISP’s must guarantee a level of service based on: • Reliability • Availability Characteristics of Reliability • Redundant Hardware • Redundant Hardware • Redundant Hardware • Fault Tolerance - The measure of equipment robustness is fault tolerance, the longer the MTBF, the greater the fault tolerance. • The longer the MTBF (mean time between failure), the greater the reliability Availability • Five nines (99.999%) Uptime (.001 Downtime) I'm learnding! TCP/IP Protocols TCP/IP vs OSI Models Similarities • Use of layers to visualize the interaction of protocols and services • Comparable Transport and Network Layers • Used in the networking field when referring to protocol interaction Differences •OSI model breaks the function of the TCP/IP Application Layer into separate distinct layers. The upper three layers of the OSI model specify the same functionality as the Application Layer of the TCP/IP model. •The TCP/IP protocol suite does not specify protocols for the physical network interconnection. The two lower layers of the OSI model are concerned with access to the physical network and the delivery of bits between hosts on a local network. TCP/IP vs OSI Models TCP/IP model is based on actual protocols and standards developed, whereas the OSI model is a theoretical guide for how protocols interact. TCP vs. UDP (Transport Needs) TCP (Connection-Oriented Protocol) • TCP is a reliable, guaranteed-delivery protocol. TCP specifies the methods hosts use to acknowledge the receipt of packets, and requires the source host to resend packets that are not acknowledged. TCP protocols also govern the exchange of messages between the source and destination hosts to create a communication session. • High Overhead TCP vs. UDP (Transport Needs) UDP (Connectionless Protocol) • Low overhead • No Flow Control • No error recovery function • “Best Effort” and may arrive out of order or lost. Encapsulation • 7.2.2.2 view animation TCP Handshake Great Homer, how are you doing? How are you doing, Barney? I’m hungry. TCP Handshake (3 Way handshake) 1. A --> B SYN My sequence number is X 2. A <-- B ACK Your sequence number is X ; expect X + 1 next 3. A <-- B SYN My sequence number is Y 4. A --> B ACK Your sequence number is Y ; expect Y + 1 next. **Because step 2 and 3 are combined into one message, it is called a threeway handshake. The following diagram might better illustrate this process. Why use the three-way handshake? • It synchronizes both ends of a connection by allowing both sides to agree upon initial sequence numbers. TCP Timer • When a host sends message segments to a destination host using TCP. • The timer allows sufficient time for the message to reach the destination host and for an acknowledgement to be returned. If the source host does not receive an acknowledgement from the destination within the allotted time, the timer expires and the source assumes the message is lost and reset. TCP Sequence Numbers • TCP specifies how messages are reassembled at the destination host. Each TCP segment contains a sequence number. At the destination host, the TCP process stores received segments in a TCP buffer. By evaluating the segment sequence numbers, the TCP process can confirm there are no gaps in the received data. When data is received out of order it can also reorder the segments as necessary. Me fail English? That’s unpossible. UDP Very Simple Protocol: it is not connectionoriented and does not provide the sophisticated retransmission, sequencing, and flow control mechanisms of TCP, UDP has a much lower overhead. • • • • • • Domain Name System (DNS) Simple Network Management Protocol (SNMP) Dynamic Host Configuration Protocol (DHCP) Routing Information Protocol (RIP) Trivial File Transfer Protocol (TFTP) Online games Supporting Multiple Services • The task of managing multiple simultaneous communication processes is done by the Transport Layer. • To differentiate the segments and datagrams for each application, both TCP and UDP have header fields that can uniquely identify these applications for data communications purposes. Port Numbers • In the header of each segment or datagram, there is a source and destination port. • When a client application sends a request to a server application, the destination port contained in the header is the port number that is assigned to the application running on the server. *IP and MAC Address’ do not change! Port Numbers • For example, if you want to talk to Mr Buggi on the phone, you first need to know Mr. Buggi’s phone number, then you should know Mr Buggi’s name. Here the name of Mr. Buggi is the port number. As for computer, knowing the IP address is just one thing. It also need to know which software need to transfer the data. Port Numbers to know • • • • • • • • • • • • HTTP – 80 SMTP – 25 NETSTAT – 15 FTP – 20 & 21 SSH – 22 Telnet – 23 DNS – 53 BOOTP-67 & 68 TFTP – 69 SNMP – 161 BGP – 179 UPS – 401 • • • • HTTPS – 443 POP3 - 110 Kazaa – 1214 Windows Live Messaging – 1863 • Civilization – 2056 • Halo: Combat Evolution – 2302 • Nintendo Wi-Fi (Wii ?) - 29920 • The TCP processes on the sending and receiving hosts are slightly different. Clients are active and request connections, while servers are passive, and listen for and accept connections. • Server processes are usually statically assigned well-known port numbers from 0 to 1023. Well-known port numbers enable a client application to assign the correct destination port when generating a request for services. Sockets and Socket Pairs • The combination of the Transport Layer port number and the host's Network Layer IP address uniquely identifies a particular application process running on an individual host device. This combination is called a socket. A socket pair, consisting of the source and destination IP addresses and port numbers, is also unique and identifies the specific conversation between the two hosts. • What would the source and destination sockets be? • Socket Example: • Source: 192.168.1.17:25 • Destination: 192.168.2.39:8080 • Socket Pair • 192.168.1.17:25, 192.168.2.39:8080 Naming – DNS and HOSTS • Used HOSTS before DNS • A HOSTS file is still used by virtually all computer systems. A local HOSTS file is created when TCP/IP is loaded on a host device. As part of the name resolution process on a computer system, the HOSTS file is scanned even before the more robust DNS service is queried. A local HOSTS file can be used for troubleshooting or to override records found in a DNS server. • Malware/Virus’ can attach it HOSTS Example DNS (Domain name Service) 53 • Maps name-to-IP addresses for internal hosts • Forwards name resolution requests to a caching-only server (maintained by ISP) DNS Made up of: 1. Resource Records and Domain Namespace 2. Domain Name Servers 3. Resolvers • The root DNS server may not know exactly where the host H1.cisco.com is located, but it does have a record for the .com top level domain. Likewise, the servers within the .com domain may not have a record for H1.cisco.com either, but they do have a record for the cisco.com domain. The DNS servers within the cisco.com domain do have the record for H1.cisco.com and can resolve the address. The name H1.cisco.com is referred to as a fully qualified domain name (FQDN) or DNS name, because it defines the exact location of the computer within the hierarchical DNS namespace. DNS Dynamic Updates • Dynamic updates enable DNS client computers to register and dynamically update their resource records with a DNS server whenever changes occur. DNS Name Resolution • Forward lookup (Primary/Secondary) • Reverse lookup (Primary/Secondary) Forward Lookup Zone • A forward lookup zone is a standard DNS zone that resolves fully qualified domain names to IP addresses. This is the zone type that is most commonly found when surfing the Internet. When typing a web site address, such as www.cisco.com, a recursive query is sent to the local DNS server to resolve that name to an IP address so as to connect to the remote web server. Reverse Lookup Zone • A reverse lookup zone is a special zone type that allows you to resolve an IP address to a fully qualified domain name. Some applications use reverse lookups to identify computer systems who are actively communicating with them. There is an entire reverse lookup DNS hierarchy on the Internet that will enable any publicly registered IP address to be resolved. Many private networks choose to implement their own local reverse lookup zones to help identify computer systems within their network. Reverse lookups on IP addresses can be found using the ping -a <ip address> command. • When registering a Domain Name you must also name two DNS servers for redundancy. Ideally on two different networks. SERVICES – HTTP & HTTPS • HTTP • Many different versions. Most recent version allows for a single web server to host multiple sites. Also multiple requests and response messages can be used with the same connection. • NOT SECURE – sent in plain text (request and response) • HTTPS • Secure – authentication and encryption with SSL • Requires additional server time • When contacting an HTTP server to download a web page, a uniform resource locator (URL) is used to locate the server and a specific resource. The URL identifies: 1. Protocol being used 2. Domain name of the server needing to be accessed 3. Location of the resource on the server http://example.com/example1/index.htm Proxy Server Proxy server • Speed - caching allows resources requested by one user to be available to subsequent users without having to access the actual server where the page is stored. • Security - proxy servers can be used to intercept computer viruses and other malicious content and prevent them from being forwarded onto clients. • Filtering - proxy servers can view incoming HTTP messages and filter unsuitable and offensive web content. FTP 20 and 21 • FTP is a connection-oriented protocol that uses TCP to communicate between a client FTP proces • FTP implementations include the functions of a protocol interpreter (PI) and a data transfer process (DTP). PI and DTP define two separate processes that work together to transfer files. As a result, FTP requires two connections to exist between the client and server, one to send control information and commands, and a second one for the actual file data transfer.s and an FTP process on a server. Protocol Interpreter (PI) 21 • The PI function is the main control connection between the FTP client and the FTP server. It establishes the TCP connection and passes control information to the server. Control information includes things such as commands to navigate through a file hierarchy, as well as renaming or moving files. DTP (Data Transfer Process) • This function is enabled only when the user wants to actually transfer files to or from the FTP server. Unlike the PI connection, which remains open, the DTP connection closes automatically when the file transfer is complete. Active vs Passive FTP • Passive- a client initiates a request to the server and opens a port for the expected data. The server then connects to the client on that port and the data transfer begins. • Active- the FTP Server opens a random source port (greater than 1023). The server forwards its IP address and this random port to the FTP client over the control stream. The server then waits for a connection from the FTP client in order to begin the data file transfer. EMAIL: SMTP, POP3 and IMAP • Store and forward method (Stored in databases on mail servers) EMAIL: SMTP, POP3 and IMAP • Sends: SMTP (25) • dbuggi@esu6.org • Receives: POP3 (110)(deleted from serer and IMAP (not deleted from server)
