Presentation is loading. Please wait.

Presentation is loading. Please wait.

SCMG Meeting Fall 2004 TCP/IP Basics For The IS Professional Michael S. Recant MGS, Inc.

Similar presentations


Presentation on theme: "SCMG Meeting Fall 2004 TCP/IP Basics For The IS Professional Michael S. Recant MGS, Inc."— Presentation transcript:

1 SCMG Meeting Fall 2004 TCP/IP Basics For The IS Professional Michael S. Recant MGS, Inc.

2 Introduction n MGS, Inc. - a small consulting and software development firm in the Unisys ClearPath market space n We extensively use network communications to solve our business problems n This presentation is based on our actual experiences from 1993 until today

3 What is TCP/IP and Where Did It Come From? n Designed as part of an effort by the military to develop robust, reliable vendor-independent data communications n Standards published as Request for Comment (RFCs) n You can download RFCs for all the protocols discussed in this presentation from:

4 What is TCP/IP and Where Did It Come From? n TCP/IP and Internet history u ARPANET research started u ARPANET made operational u TCP/IP added to BSD UNIX u Term Internet is first used u Most major US/Canadian Universities u Most countries inter-networked u Commercial use takes over the Internet u Microsoft integrates TCP/IP into Windows u TCP/IP surpasses IPX/SPX as the most common network protocol

5 What is TCP/IP and Where Did It Come From? n TCP - Transmission Control Protocol u Breaks application data streams into packets u Insures reliable delivery of packets in the correct order u Does data stream Re-assembly n IP - Internet Protocol u Packet based u Implements the network addressing scheme u Packets are routable u The networking layer for the Internet

6 TCP/IP Communication - Architecture n Based on the 7 level OSI Model u Application F OSI Application F OSI Presentation u Network F OSI Session F OSI Transport F OSI Network u Link F OSI Data link F OSI Physical

7 TCP/IP Communication - A Layered Implementation n Application data (business) u User Information n Application Protocol (service) u Telnet, HTTP,FTP n Network Session (connection) u TCP, UDP, ICMP n Network (packet movement) u IP (vs IPX, NetBEUI) n Link (physical transport) u Ethernet, ATM, FDDI

8 TCP/IP Communication - The Link Layer n Supported by a variety of physical transports n Most frequently used u Ethernet (IEEE 802.3) u Serial Port (PPP) n Network topologies dependant on hardware u 100BaseT star u ThinNet bus u Token Ring ring u PPP point-to-point n Link layer encapsulates the IP packet

9 TCP/IP Communication - The Networking Layer n Provides Connection (TCP only) n Breaks the data stream down into small packets (TCP only) n IP packet encapsulates the higher layers u Application protocol u Application data n Provides logical addressing n Provides packet routing

10 TCP/IP Communication - The Application Layer n Application programs use the system’s TCP/IP interface u BSD Sockets (UNIX) u Winsock (Windows) n Application level processing u Service - message communication based on an application-to-application protocol u Data - business information communicated using the Service

11 TCP/IP Communication - Example Packet n Typical Communications Packet Header IP Header TCP Header HTTP Header HTML Data |Hardware| IP | Session | Protocol | Data | | Link | Network | Application |

12 IP Communication - Overview n IP implemented based on a Packet Concept n Physical transport independent architecture n Unreliable and connectionless (at this layer) n Routable n Superior to older protocols (Novell IPX, Microsoft NetBEUI)

13 IP Communication - Example Data App Ethernet Card IP Data Computer #2 IP Ethernet Card App Data Computer #1 LAN

14 IP Addressing - Overview n Not associated with hardware n 32-bit Unique Host Address n Dotted-decimal Notation: nnn.nnn.nnn.nnn (where nnn is 0 to 255) n Represents a combined LAN number and HOST number n HOST 0 refers to the entire LAN n HOST all-bits-on (example 255) is for broadcast to all hosts

15 IP Addressing - Address Conventions n IP Address Class Ranges u Class A - 1.n.n.n to 127.n.n.n u Class B n.n.n to 191.n.n.n u Class C n.n.n to 223.n.n.n n IP Address Class Sizes u Class A - 16,777,216 addresses u Class B - 65,636 addresses u Class C addresses n Special IP Addresses u Loop back to u Private F to F to F to

16 IP Addressing - Where does it come from? n LAN numbers are assigned by the Internet Network Information Center (InterNIC) n LAN numbers are unique within the Internet n Host numbers are are assigned by local network administrator n Host numbers are unique within a LAN n IP Address is always paired with an associated Network Mask

17 IP Addressing - Networks of Addresses n IP address has two parts: u LAN Number u Host Number n LAN Number calculated by: (IP Address AND Network Mask) n Host Number calculated by: (IP Address AND NOT(Network Mask)) n Example: IP Address: Network Mask: LAN Number: Host Number:.25

18 IP Addressing - Setting The Host IP Address n Manually: by setting IP Address and Network Mask n Automatically: by Dynamic Host Configuration Protocol (DHCP) n DHCP requires one or more DHCP servers provisioned with the available IP Address ranges

19 IP Addressing - Private LAN Addressing n A Private LAN is where the LAN is not connected to the Internet n Technically any IP Address range can be used but one of the InterNIC “private” LAN numbers is recommended n Often used for isolated Intranets n When used with NAT, simplifies changing your company’s Internet IP Address range

20 IP Addressing - Network Address Translation n Referred to as NAT n Maps Internet IP Addresses to Private LAN IP Addresses n Many-to-one NAT u Maps many private LAN IP Addresses to a single Internet address u Limited use for Servers n One-to-one NAT u Maps one private IP Address to one Internet IP Address

21 IP Addressing - Network Address Translation n Many-to-one NAT n One-to-one NAT NAT Device PC# PC# PC # PC # PC NAT Device PC# PC#

22 IP Communication - Local-LAN n Communication protocol used when the destination is on the same LAN n Address Resolution Protocol (ARP) maps IP Address to hardware address u IP Address in ARP table? u Broadcast ARP-request u Receive ARP-reply with both IP Address and associated MAC hardware address u Store ARP-reply in ARP table u Send packet to responder MAC address

23 IP Communication - Off-LAN Routing n Communication protocol used when the destination is on a different LAN n A routing table is used to define paths to Off-LAN IP Addresses n All Off-LAN routes are defined in the Host’s routing table n Routing table identifies IP address of the router associated with a route

24 IP Communication - Off-LAN Routing n Automatic updates received from routers on the LAN n A default routing entry is needed to send off-LAN packets to unknown routes (Internet) n Manual entries can entered in the routing table to deal with complex topologies

25 IP Communication - Summary n Only three settings are required for successful communications u IP Address u Network Mask u Default Router (only needed for off-LAN traffic) n DHCP can set all three automatically

26 IP Communications - Connecting to the Internet n Internet Service Provider (ISP) n Provides physical connectivity u PPP (28-56 Kbaud) u ISDN / IDSL (128 Kbaud) u SDSL (384 to 768 Kbaud) u T1 (1 Mbaud) u Cable Modem (1-3 Mbaud) n Provides logical connectivity u Floating IP Address u Fixed IP Address u Range of fixed IP Addresses n Note that providing a service requires a fixed IP Address

27 IP Communications - Connecting to the Internet n There are critical security issues to be addressed before putting any server on the Internet n ISPs can provide additional customer services u DNS u Mail u News u WEB

28 IP Communication - Additional Capabilities n Internet Control Message Protocol (ICMP) u IP communication service messages like PING, TRACEROUTE and ROUTER n Internet Group Message Protocol (IGMP) u IP communications based on multicasting (sending to groups of hosts)

29 The Domain Name System - DNS n The Domain Name System insulates applications from specific IP Addresses n Format: host.domainname.domain n “domainname.domain” assigned by InterNIC n “host” assigned by network administrator and designates a specific computer n “host” can be a multi-level name aaa.bbb.domainname.domain

30 The Domain Name System - DNS Tree root etc....org.edu.com etc... microsoft.commgsinc.com etc... Ftp.mgsinc.comwww.mgsinc.com

31 The Domain Name System - DNS Domain Entry Registrant: MGS, Inc (MGSINC-DOM) Trade Road, Suite B Richmond, VA 23236, USA Domain Name: MGSINC.COM Record last updated on 21-Jun Record expires on 29-Mar Record created on 28-Mar Database last updated on 13-Sep :15:00 EDT. Domain servers in listed order: NS1.MGSINC.COM NS2.MGSINC.COM NS3.MGSINC.COM

32 The Domain Name System - DNS Servers n Provides service to convert domain names to IP Addresses n If necessary, it goes back to the InterNIC “root” server for info n DNS tables are maintained by the site’s network administrator n Can provide both Forward DNS and Reverse DNS n May cache name/IP Address association for a period of time

33 The Domain Name System - DNS Resolver n Client software which requests a DNS Server to resolve name n All systems running TCP/IP run a resolver n DNS Server(s) IP Address must be specified to the resolver

34 IP Based Services - Overview n Services are built on top of IP networking n Services use TCP/IP Sessions u TCP u UDP n Services are addressed by: u Host name or IP Address u Port number n Service protocols also defined by RFC standards n These are Different from Microsoft Networking Services

35 IP Based Services - Overview n TCP/IP Applications have the responsibility for the following u Establishing the application-to- application connection u Operating the Service protocol u Identifying where messages start/end based on the Service protocol u Processing the data in the message(s)

36 IP Based Services - Sessions n TCP/IP supports two types of application-to-application sessions n User Datagram Protocol (UDP) u No reliability, no message ordering u Connectionless data path u Application must fragment messages u Specify Hostname and Port n Transmission Control Protocol (TCP) u Reliable u Automatic message fragmentation u Single connection data path u Specify Hostname and Port

37 IP Based Services - Services n A server can offer (run) one or more TCP/IP services n Each service uses a specific protocol over a specific TCP/IP Port u Ports are reserved as well known ports u Only authorized applications should use the well known ports u All ports above 1023 can be used by normal applications

38 IP Based Services - Services n The documented well known port numbers can be found at: n Common IP based services u Telnet - Terminal u FTP - File Transfer u LPD/LPR - Printing u SMTP/POP3 - Electronic Mail u HTTP - Web u Misc. Service Protocols

39 IP Based Services - Telnet - Terminal Interface n Provides traditional terminal access n The client and server can negotiate the terminal characteristics n Typical implementation uses clear-text password for logon n Capabilities and characteristics are specific to the server operating system

40 IP Based Services - FTP - File Transfer n Provides both text and binary file transfer n Client can connect either on an Anonymous basis or can use a defined UserID/Password n Note that the password is sent as clear-text. n File access is controlled through the server operating system’s permissions

41 IP Based Services - LPD/LPR - Remote Printing n Provides remote printing services in both directions u LPD Server (incoming) u LPR Client (outgoing) n The following specifications are needed to connect an LPR client to an LPD server printer u Host name or IP Address u Port number (well known port 515) u Printer name

42 IP Based Services - SMTP/POP3 - Mail Services n Provides electronic mail services n SMTP (send mail) is used to transmit an n POP (receive mail) is used to acquire a received n There are alternate services for managing receipt of sent via SMTP u IMAP u WEB based

43 IP Based Services - HTTP - Web Services n Provides Web services n The HTTP command structure allows the browser client to request information n The Web server responds by either retrieving the requested file or invoking execution of the requested program or script n The information sent back to the client may contain elements that will execute on the client

44 IP Based Services - Service Protocols n SNMP u Simple Network Management Protocol u The service is used to provide status and usage information about a server u Information is provided in a generic data structure called a MIB n Echo u Echoes every character sent u Useful for confirming speed and reliability of a TCP/IP data path n Time u Used to synchronize a server’s clock to a standard source

45 Network Management - Proxy Servers n Proxy Servers “front end” servers providing well known services n Requests are forwarded to the real server for processing n Benefits u Security u NAT u Data caching u Workload distribution n Problems u Slows performance (bottleneck) u Client may require knowledge of proxy

46 Network Management - Security - General n Don’t just put your corporate servers on the Internet n Only allow Internet access to specific services on a specific system n Limit to access from fixed locations if possible (not the whole Internet) n Audit ALL Internet access

47 Network Management - Security - Firewalls n Firewalls u Restrict access to/from a LAN u Limit packets based on packet type, IP Address and port, or service u Software like Microsoft Proxy Server u Black-box like SonicWALL n Guidelines u Allow connections from internal systems to systems on the Internet u Allow connections from systems on the Internet to “public” services (Web, SMTP) u Minimize or eliminate connections from systems on the Internet to non “public” services

48 Network Management - Security - VPN n Virtual Private Networking u Provides a secure, private path from a workstation to the servers on your LAN, through the Internet or an Intranet u Works in a similar fashion to a dial-in PPP connection to your LAN u Requires special workstation software u Needs a Path through through Firewall on a known port u Needs both logon security and data encryption u VPN Client/Server acts like two routers that use IP/Internet for “physical communication” rather than a private phone connection

49 Network Management - Reliability n Internet IP Communication u Redundancy must come from your ISP u Multiple-ISP redundancy is difficult (IP Addresses change) n Workstations u NAT makes switching LANs transparent by insulating the workstation from the Internet IP address n Services u TCP/IP Services have limited built-in reliability u Only DNS and MAIL have fail-over designed into the protocols

50 TCP/IP Diagnostic Tools - Overview n Useful Diagnostic Utility Programs u Ping u TraceRoute u Microsoft IpConfig u Microsoft NetMON u IPSwitch WhatsUp u IPSwitch WS_Ping ProPack

51 TCP/IP Diagnostic Tools - Ping n Always use to confirm basic end-to-end communication [C:\] PING Pinging CMG.ORG [ ] with 32 bytes of data: Reply from : bytes=32 time=54ms TTL=241 Reply from : bytes=32 time=39ms TTL=241 Reply from : bytes=32 time=38ms TTL=241 Ping statistics for : Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 38ms, Maximum = 54ms, Average = 46ms

52 TCP/IP Diagnostic Tools - TraceRoute [C:\] tracert Tracing route to [ ] 1 8 ms 4 ms 4 ms gateway.mgsinc.com [ ] 2 21 ms 18 ms 19 ms ms 18 ms 20 ms fe1-0crva003.volocom.net [ ] 4 18 ms 19 ms 19 ms core2.washington1.level3.net [ ] 5 20 ms 19 ms 18 ms washington1.level3.net [ ] 6 82 ms 83 ms 84 ms losangeles1.level3.net [ ] 7 86 ms 84 ms 84 ms hsipacc1.losangeles1.level3.net [ ] 8 86 ms 83 ms 83 ms unknown.level3.net [ ] 9 85 ms 84 ms 83 ms neteng.itd.earthlink.net [ ] ms 83 ms 84 ms [ ] Trace complete. n Use to check the path through which packets are routed

53 TCP/IP Diagnostic Tools - IpConfig n Check current Windows TCP/IP Configuration

54 TCP/IP Diagnostic Tools - NetMON n Monitor Network Packets

55 TCP/IP Diagnostic Tools - WhatsUp n Use to monitor presence of key network components/services

56 TCP/IP Diagnostic Tools - WS_Ping ProPack n Use to test key network services

57 Additional Questions? Michael S. Recant VP Software Development MGS, Inc Trade Road, Suite B Richmond, VA Voice: (804) Fax: (804) Web: This presentation is available on our WEB site

58 Reference Material n TCP/IP Illustrated, Vol 1 by W. Richard Stevens, Addison-Wesley n TCP/IP Illustrated, Vol 2 by W. Richard Stevens, Addison-Wesley n TCP/IP Network Administration by Craig Hunt, O’Reilly & Associates, Inc. n Business Data Communications and Networking by Fitzgerald & Dennis, John Wiley & Sons, Inc. n Microsoft Windows NT Server Networking Guide, Microsoft Press n Windows 2000 TCP/IP by Karanjit Siyan, Ph.D., New Riders Publishing

59 Reference Material n TCP/IP Addressing by Buck Graham, Academic Press n Internetworking with TCP/IP Vol II: Design, Implementation, and Internals by Douglas E. Comer, Prentice Hall n WhatsUp Gold Software by IPSwitch, Inc. n WS_Ping ProPack Software by IPSwitch, Inc. n SonicWALL Firewall by SonicWALL Inc. n BSDI UNIX, Berkeley Software Design, Inc

60 SCMG Meeting Fall 2004 TCP/IP Basics For The IS Professional


Download ppt "SCMG Meeting Fall 2004 TCP/IP Basics For The IS Professional Michael S. Recant MGS, Inc."

Similar presentations


Ads by Google