1. Slides for Chapter 3: Networking and Internetworking From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edition 4, © Pearson Education 2005

2. IS473 Distributed Systems CHAPTER 3 Networking and Internetworking

3. Dr. Almetwally mostafa3 OUTLINE  Communication Subsystem.  Types of Network.  Principles of Network.  Internet Protocols.  Network Case studies.

4. Dr. Almetwally mostafa4 Communication Subsystem  The hardware and software within a distributed system which provides the communication facilities is known as the communication subsystem.  Consists of: Transmission media: providing the physical connectivity, e.g. wire, cable, fibre and wireless channels; Hardware devices: providing the linkage, e.g. routers, bridges, hubs, repeaters, network interfaces and gateways; Software components: managing the communication, e.g. protocol stacks, communication handlers and drivers.

5. Dr. Almetwally mostafa5 Impact on Distributed Systems  The communication impact on a distributed system will be one of the delay introduced by the message passing.  The delay experienced by each individual message can be broken down into two factors: Latency: is the time which is necessary to set up the communication, i.e. it is the delay incurred from the time the message is sent until it starts to arrive at the destination. Transmission delay: determined by the length of the message and the data transfer rate, the speed of data transfer between two computers in the network, usually in bits per second. Message transmission time = latency + length / data transfer rate  Above equation is valid only for messages shorter than the maximum allowable length by the underlying network.  Longer messages are segmented and the transmission time is the summation of segments transmission times.

6. Dr. Almetwally mostafa6 Network Types  Local Area Networks (LANs) High-speed communication on proprietary grounds (on-campus). Based on twisted copper wire, coaxial cable or optical fibre. Total system bandwidth is high and latency is low. Most typical solution: Ethernet with 100 Mbps  Metropolitan Area Networks (MANs) High-speed communication for nodes distributed over medium-range distances, usually belonging to one organization. Based on high bandwidth copper and optical fibre. Providing "back-bone" to interconnect LAN's. Technology often based on ATM, FDDI or DSL.

7. Dr. Almetwally mostafa7 Network Types  Wide Area Networks Communication over long distances (cities, countries, or continents). Covers computers of different organizations. High degree of heterogeneity of underlying computing infrastructure. Involves routers to manage network and route messages to their destinations. Speeds up to a few Mbps possible, but around 50-100 Kbps more typical. Most prominent example: the Internet.  Wireless Networks End user equipment accesses network through short or mid range radio or infrared signal transmission Wireless WANs: GSM (up to about 20 Kbps), UMTS (up to Mbps), PCS. Wireless LANs/MANs: WaveLAN (2-11 Mbps, radio up to 150 meters). Wireless Personal Area Networks: Bluetooth (up to 2 Mbps on low power radio signal, < 10 m distance).

8. Instructor’s Guide for Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edn. 4 © Pearson Education 2005 Figure 3.1 Network performance ExampleRangeBandwidth (Mbps) Latency (ms) Wired: LANEthernet1-2 kms10-10001-10 WANIP routingworldwide0.010-600100-500 MANATM250 kms1-15010 InternetworkInternetworldwide0.5-600100-500 Wireless: WPANBluetooth (802.15.1)10 - 30m0.5-25-20 WLAN WiFi (IEEE 802.11)0.15-1.5 km2-545-20 WMAN WiMAX (802.16)550 km1.5-205-20 WWAN GSM, 3G phone netsworldwide0.01-02100-500

9. Dr. Almetwally mostafa9 Network Types  Internetworks Several networks linked together to provide common data communication facilities. Needed for developing open distributed systems that contain very large numbers of computers. Integrate a variety of local and wide area network technologies to provide the network capacity needed by each group of users. Interconnected by dedicated switching computers, routers, and general purpose computers, gateways. Addressing and transmission of data to included computers are supported by a software layer.

10. Dr. Almetwally mostafa10 Network Principles Packet transmission  A packet is a sequence of binary data with addressing information to identify the source and destination computers.  A network message with arbitrary length is divided before transmission into packets of restricted length.  Restricted length packets are used: To allow each computer in the network to allocate sufficient buffer storage to hold largest possible incoming packet. To avoid long waiting for communication channels to be free if long messages ware transmitted without subdivision.

11. Dr. Almetwally mostafa11 Network Principles Switching Schemes  A switching system is required to transmit information between two arbitrary nodes in the network using shared communications link.  Four types of switching are used in computer network: Broadcast: Requires no switches. All messages are sent to all connected computers. Each computer is responsible extracting messages addressed to itself. Used approach in Ethernet and wireless networks.

12. Dr. Almetwally mostafa12 Network Principles Switching Schemes Circuit switching: Approach taken in the telephone system. A physical link is established between the sender and the receiver. Packet switching: Otherwise known as store-and-forward (postal system). At each switching node (connection point) a computer manages the packets by reading each one into memory, examining its destination, and choosing an outgoing circuit appropriately. Frame relay: Reading in and storing the whole of each packet introduces a performance overhead which can become significant. In ATM networks a frame of fixed size is used in place of a packet and only its header needs to be examined. The remainder of the frame is simply relayed as a stream of bits.

13. Dr. Almetwally mostafa13 Network Principles Protocols  A well-known set of rules and formats used for communication between processes to perform a given task.  Implemented by a pair of software modules located in the sending and receiving computers.  Protocol software modules are arranged in a hierarchy of layers.  A complete set of protocol layers is referred to as a protocol suite or protocol stack.  Protocol layering brings benefits in simplifying and generalizing the software interface for access to the communication services, but it also carries significant performance costs.  The application, presentation, and session layers are not distinguish in the Internet protocol stack: The application and presentation layers are implemented as a single middleware layer. The session layer is integrated with the transport layer.

14. Instructor’s Guide for Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edn. 4 © Pearson Education 2005 Figure 3.2 Conceptual layering of protocol software Layer n Layer 2 Layer 1 Message sent Message received Communication medium SenderRecipient

15. Instructor’s Guide for Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edn. 4 © Pearson Education 2005 Figure 3.3 Encapsulation as it is applied in layered protocols

16. Dr. Almetwally mostafa16 Network Principles Protocols Protocol layers in the ISO model

17. Dr. Almetwally mostafa17 Network Principles Protocols LayerDescription Application Protocols that are designed to meet the communication requirements of specific applications, often defining the interface to a service. Presentation Protocols at this level transmit data in a network representation that is independent of the representations used in individual computers, which may differ. Encryption is also performed in this layer, if required. Session Transport Network Data link Responsible for transmission of packets between nodes that are directly connected by a physical link. In a WAN transmission is between pairs of routers or between routers and hosts. In a LAN it is between any pair of hosts. Physical The circuits and hardware that drive the network. It transmits sequences binary data by analogue signalling (on cable circuits), light signals (on fibre optic circuits) or other electromagnetic signals (on radio and microwave circuits). At this level reliability and adaptation are performed, such as detection of failures and automatic recovery. This is the lowest level at which messages (rather than packets) are handled. Messages are addressed to communication ports attached to processes. Transfers data packets between computers in a specific network. In a WAN or an internetwork this involves the generation of a route passing through routers. In a single LAN no routing is required.

18. Dr. Almetwally mostafa18 Network Principles Protocols  The task of dividing messages into packets before transmission and reassembling them at receiving computer is performed in the transport layer.  The transport layer is responsible for delivering messages to destinations with transport addresses.  A transport address is composed of the network address number of a host computer (an IP number in the Internet) and a port number.  Ports are software-definable destination points for communication within a host computer.  In the Internet there are typically several ports at each host computer with well-known numbers, each allocated to a given Internet service.

19. Instructor’s Guide for Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edn. 4 © Pearson Education 2005 Figure 3.6 Internetwork layers

20. Dr. Almetwally mostafa20 Network Principles Routing  A function required in all networks except LANs.  The best route for communication between points in the network is re-evaluated periodically to take into account the current traffic and any faults in the network: adaptive routing.  Packets delivery to their destinations is the collective responsibility of the routers located at connection points.  Routing algorithm, implemented by a program in the network layer at each point, has two functions: 1.Decide the routes for packets transmission (on hop-by-hop basis): Whenever a virtual circuit or connection is established in case of circuit- switched and frame-relay network layers. Separately for each packet in case of packet-switched network layers. 2.Update its knowledge of the network based on traffic monitoring and the detection of failures.

21. Dr. Almetwally mostafa21 Network Principles Routing Hosts Links or local networks A DE B C 1 2 5 4 3 6 Routers Routing in wide area network

22. Dr. Almetwally mostafa22 Network Principles Routing Routing tables for the previous network Routings from DRoutings from E ToLinkCostToLinkCost A B C D E 3 3 6 local 6 1 2 2 0 1 A B C D E 4 4 5 6 2 1 1 1 0 Routings from ARoutings from BRoutings from C ToLinkCostToLinkCostToLinkCost A B C D E local 1 1 3 1 0 1 2 1 2 A B C D E 1 2 1 4 1 0 1 2 1 A B C D E 2 2 5 5 2 1 0 2 1

23. Instructor’s Guide for Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edn. 4 © Pearson Education 2005 Figure 3.9 Pseudo-code for RIP (router information prototcol)routing algorithm Send: Each t seconds or when Tl changes, send Tl (local table)on each non-faulty outgoing link. Receive: Whenever a routing table Tr is received on link n: for all rows Rr in Tr { if (Rr.link | n) { Rr.cost = Rr.cost + 1; Rr.link = n; if (Rr.destination is not in Tl) add Rr to Tl; // add new destination to Tl else for all rows Rl in Tl { if (Rr.destination = Rl.destination and (Rr.cost < Rl.cost or Rl.link = n)) Rl = Rr; // Rr.cost < Rl.cost : remote node has better route // Rl.link = n : remote node is more authoritative }

24. Dr. Almetwally mostafa24 Network Principles Internetworking  Many subnets based on many network technologies are integrated to build an internetwork.  To make this possible, the following are needed: A unified internetwork addressing scheme enables packets to be addressed to any host connected to any subnets (provided by IP addresses in the Internet). A protocol defining the format of internetwork packets and giving rules of handling them (IP protocol in the Internet). Interconnecting components that route packets to their destination in terms of internetwork addresses (performed by internet routers in the Internet).  The next figure shows a small part of the Internet comprises several subnets interconnected by routers and contains also many connection devices as switches, gateways, and hubs.

25. Dr. Almetwally mostafa25 Network Principles Internetworking router/ firewall

26. Dr. Almetwally mostafa26 Network Principles Internetworking  Routers: Interconnected through subnets in an internetwork. Have distinct identities (IP addresses) within each subnet. Responsible for forwarding the internetwork packets arrived on any connection to the correct outgoing connection and maintain routing tables for that purpose.  Bridges: Link networks of different types.  Bridge/Routers: Link networks of the same type and perform routing functions.

27. Dr. Almetwally mostafa27 Network Principles Internetworking  Hubs: Connecting together several segments of LAN cables. Have a number of sockets. A host computer can be connected to each socket.  Switches: Perform a similar function to routers but for LANs only. Routing the incoming packets only to the connected hosts. Build up routing tables by the observation of traffic.

28. Dr. Almetwally mostafa28 Internet Protocols  The Internet emerged from the development of the TCP/IP protocol suite.  TCP stands for Transmission Control Protocol and IP for Internet Protocol.  Many application services and application-level protocols now exist based on TCP/IP including: The Web (HTTP). E-mail (SMTP, POP). File transfer (FTP). Net News (NNTP). Telnet (telnet).

29. Dr. Almetwally mostafa29 Internet Protocols Messages (UDP) or Streams (TCP) Application Transport Internet UDP or TCP packets IP datagrams Network-specific frames Message Layers Underlying network Network interface TCP/IP layers

30. Instructor’s Guide for Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edn. 4 © Pearson Education 2005 Figure 3.13 Encapsulation in a message transmitted via TCP over an Ethernet Application message TCP header IP header Ethernet header Ethernet frame port TCP IP

31. Dr. Almetwally mostafa31 Internet Protocols  TCP is a transport protocol that can be used to support applications directly or additional protocols can be layered on it to provide additional features.  TCP is a reliable connection-oriented protocol used to transport streams of data.  Another transport protocol (User Datagram Protocol UDP) is used to meet traditional message-based communication.  IP is the underlying network protocol that provide the basic transmission mechanism for the Internet and other subnets.  Success of TCP/IP is based on their independence of underlying transmission technology enabling internetworks to built up from many heterogeneous networks and data links.

32. Dr. Almetwally mostafa32 Internet Protocols IP Application TCPUDP A programmer’s conceptual view of an Internet TCP/IP

33. Dr. Almetwally mostafa33 Internet Protocols IP Addressing  Used scheme for assigning addresses to networks and the computers connected to them must satisfy the following requirements: Universal: any host on Internet can send a message to any other. Assign Unique IP address to each host in the Internet. Sufficient: defining large addressing space and using it efficiently. IPv4 (1984): 32-bit addresses for 2 32 (~ 4 billion) addresses, but insufficient due to: i) Unforeseen growth of internet.ii) Inefficient use of address space. IPv6 (1994): 128-bit addresses for 2 128 (~ 3x10 38 ) addressable nodes. Routing: support a flexible and efficient routing scheme, but addresses themselves should not contain routing information.

34. Dr. Almetwally mostafa34 Internet Protocols IP Addressing  The IP address: 32-bit numeric identifier containing: A unique network identifier within the Internet, allocated by the Internet Network Information Center (NIC). A unique host identifier within that network, assigned by its manager. Written as a sequence of four decimal numbers separated by dots. Has equivalent symbolic domain name represented in a hierarchy. Has five classes: Class A: reserved for very large networks (2 24 hosts on each). Class B: allocated for organization networks contain more than 255 hosts. Class C: allocated to all other networks (less than 255 hosts on each). Class D: reserved for multicasting but this is not supported by all routers. Class E: unallocated addresses reserved for future requirements.

35. Dr. Almetwally mostafa35 Internet Protocols IP Addressing Internet addressing structure

36. Dr. Almetwally mostafa36 Internet Protocols IP Addressing Decimal representation of Internet addressing octet 1octet 2octet 3 Class A: 1 to 127 0 to 255 1 to 254 Class B: 128 to 191 Class C: 192 to 223 224 to 239 Class D (multicast): Network ID Host ID Multicast address 0 to 255 1 to 254 0 to 255 1 to 254240 to 255 Class E (reserved): 1.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255 192.0.0.0 to 223.255.255.255 224.0.0.0 to 239.255.255.255 240.0.0.0 to 255.255.255.255 Range of addresses

37. Dr. Almetwally mostafa37 Internet Protocols IP Protocol  Network protocol of the Internet protocol stack.  Transmits datagrams from one host to another via intermediate routers with the following characteristics: No guarantee of delivery. Duplication possible. Unbounded delay. No order preservation.  Address resolution IP addresses may need to be mapped to physical network addresses. Ethernet has 48-bit addresses. Use Address Resolution Protocol (ARP) Either direct relation between IP and physical address, or mapping.

38. Dr. Almetwally mostafa38 Internet Protocols IP Protocol  When an IP datagram (up to 64 Kbytes) is longer than the Maximum Transfer Unit (MTU) of the underlying network: It is broken into smaller packets at the source and reassembled at its final destination. Each packet has a fragment identifier to enable out-of-order fragments to be collected. data IP address of destination IP address of source header up to 64 kilobytes IP packet layout

39. Dr. Almetwally mostafa39 Internet Protocols IP Routing  IP network layer routes packets from their source to their destination using a routing algorithm: Distance-vector algorithm: Router Information Protocols (RIP-1, RIP-2, ……). Link state algorithms class. Open Shortest Path First (OSPF) protocol.  Different routing algorithms may co-exist since routing tables contain identical information for all algorithms.  However, for routing table creation and update, the same algorithm needs to be used.  Therefore, the Internet is divided into topological areas and one algorithm used in every area.

40. Dr. Almetwally mostafa40 Internet Protocols IP Routing  Internet topological map is partitioned into autonomous systems which are subdivided into areas. Every autonomous system has a backbone area. The collection of routers connect non-backbone areas to the backbone and the links that interconnect those routers are the Internet backbone. Backbone links are usually of high bandwidth and are replicated for reliability.  Packets addressed to hosts on the local network as the sender: Transmitted in a single hope without routing. IP layer uses the Address Resolution Protocol (ARP) to determine the network address of local destination host

41. Dr. Almetwally mostafa41 Internet Protocols IP Routing  The need to store information from every node in the IP address space to every other node leads to routing table size explosion.  Two possible solutions: Topological grouping of IP addresses, so that addresses in one topological area are all routed to a central router of that area. For example, all addresses 194.0.0.0 to 195.255.255.255 in Europe. Routers outside Europe can have a single table entry to route all addresses in this range to the closest European router, which then perform detailed routing. Problem: before 1993, IP addresses were assigned without regard to geographic location, still in use. Usage of default routes: Not all nodes in a subnet need to store complete routing information as long as key routers close to backbone have complete routing information.

42. Dr. Almetwally mostafa42 Internet Protocols IP Routing Default Routing Routings from C ToLinkCost B C E 2 local 5 1 0 1 Default5- Hosts Links or local networks A DE B C 1 2 5 4 3 6 Routers

43. Dr. Almetwally mostafa43 Internet Protocols IP Routing  Classless Inter Domain Routing (CIDR) is a scheme introduced in 1996 to face the shortage of IP addresses.  CIDR scheme is used to allocate IP addresses and manage entries of routing tables.  Main problem: scarcity of Class B addresses, while plenty of Class C addresses were available.  Solution: allocate batches of contiguous Class C addresses to subnets of more than 255 hosts and vice versa.  For efficient routing: add mask field to routing tables used to select the portion of an IP address that is compared with the table entry. Enables the network/host address to be any portion of the IP address. More flexible than the old class-based algorithm.

44. Dr. Almetwally mostafa44 Internet Protocols IP Routing  CIDR Example: net X: 2048 addresses 194.24.0.0 - 194.24.7.255, mask 255.255.248.0 net Y: 4096 addresses 194.24.16.0 - 194.24.31.255, mask 255.255.240.0 net Z: 1024 addresses 194.24.8.0 - 194.24.11.255, mask 255.255.252.0 Given address 194.24.17.4, bitwise AND with all masks in table Only result of and-ing with net Y mask gives valid address: 11000010 00011000 00010001 00000100 11111111 11111111 11110000 00000000 11000010 00011000 00010000 00000000 => route according to net Y line routing table information. 11000010 00011000 00000000 00000000 11000010 00011000 00010000 00000000 11000010 00011000 00001000 00000000 11111111111111111111100000000000 11111111 111111111111000000000000 11111111 111111111111110000000000 XYZXYZ address mask

45. Dr. Almetwally mostafa45 Internet Protocols IP Version 6 (IPv6)  Adopted in 1994 to face the addressing limitations of IPv4.  Addresses long are 128-bits (~ 3x10 38 addressable entities).  Address space is partitioned: One partition will hold the entire range of IPv4 addresses. Two partitions used to organize the address space: One according to the geographical locations of the addressed nodes. The other according to their organizational locations.  Improved routing speed: No checksum applied to the packet content, only to its header. No datagram fragmentation occurs inside network Supporting a mechanism for determining the smallest datagram size (MTU) before a packet is transmitted.

46. Dr. Almetwally mostafa46 Internet Protocols IP Version 6 (IPv6) Source address (128 bits) Destination address (128 bits) Version (4 bits)Priority (4 bits)Flow label (24 bits) Payload length (16 bits)Hop limit (8 bits)Next header (8 bits) IPv6 header layout

47. Dr. Almetwally mostafa47 Internet Protocols IP Version 6 (IPv6)  Multimedia streams and other real-time data elements can transmitted in identified flow. The priority and flow label fields can be used to enable handling specific packets more rapidly or with higher reliability than others. Flow labels enable resources to be reserved in order to meet timing requirements of specific real-time data streams.  Support multicast (as IPv4 ): The transmission of packets to multiple hosts using a single address.  Support a new mode of transmission called anycast: Deliver a packet to at least one of the hosts subscribed to the relevant address.  Allow implementing of security at the IP level without the need for security-aware implementations of application programs.  Internet protocol stack, routers software, and application programs require upgrading to support the migration to IPv6.

48. Dr. Almetwally mostafa48 Internet Protocols MobileIP  Support for roaming of laptop computers, personal digital assistants (PDAs), wearable computing devices, etc.  IP addresses are bound to subnet addresses, but roaming may leave subnet boundary.  MobileIP allows IP communication to continue transparently with respect to current location of the mobile host.  The mobile host is allocated a permanent IP address, corresponding to its “home" domain.  When the mobile host is roaming: A home agent runs on a fixed machine in the home domain. A foreign agent correspondingly running on a fixed machine at the temporary domain.

49. Dr. Almetwally mostafa49 Internet Protocols MobileIP Sender Home Mobile host MH Foreign agent FA Internet agent 1. First IP packet addressed to MH 2. Address of FA returned to sender 3. First IP packet forwarded to FA 4. Subsequent IP packets send to FA directly MobileIP routing mechanism

50. Dr. Almetwally mostafa50 Internet Protocols MobileIP  The home agent keeps track of the current IP address of the mobile host and acts as a proxy during periods of disconnection.  When the mobile machine is registered with the foreign agent, the foreign agent contacts the home agent, notifying it of the new temporary IP address.  Requests for the server are captured by home agent and re- routed, embedded in MobileIP packets, to the foreign agent: The sender sends first IP packet addressed to the mobile host. The Home agent receive the packet as a proxy for the mobile host. The home agent returns the address of the foreign agent to the sender. The home agent forwards the first IP packet to the foreign agent. Subsequent IP packets sent to the foreign agent directly.

51. Dr. Almetwally mostafa51 Internet Protocols TCP and UDP  TCP and UDP provide the communication capabilities of Internet in a useful form for application programs.  TCP and UDP are transport protocols that accomplish process-to-process communication by the use of ports.  Port numbers are used for addressing messages to processes within a particular computer and are valid only within that computer.  UDP (User Datagram Protocol) A transport-level replica of IP: A UDP datagram is encapsulated inside an IP packet. A UDP datagram has a short header includes the source and destination port numbers, a length field, and a checksum.

52. Dr. Almetwally mostafa52 Internet Protocols TCP and UDP  UDP (User Datagram Protocol) cont. Offer unreliable connectionless transport service: No guarantee of delivery. No guarantee of order preservation. No additional reliability mechanisms except the optional checksum. If the received host finds the checksum field is non-zero: Compute a check value from the packet contents. Compare the computed check value with received checksum. Drop the received packet in case of unmatching. Transmit messages of up to 64 bytes in size with minimal additional costs and delays above IP transmission: No setup costs. No administrative acknowledgement messages.

53. Dr. Almetwally mostafa53 Internet Protocols TCP and UDP  TCP (Transport Control Protocol) Offer reliable connection-oriented transport service: Guarantee the delivery of all sending data. Guarantee of order preservation. A bi-directional communication channel between the sending and receiving process is established. The sending process divides the data stream into a sequence of data segments and transmits them as IP packets: Each TCP segment is attached with a sequence number. Sequence numbers are used by the receiver to order the segments. No segment is placed in the input stream of the receiver until all lower- numbered segments. Each segment carries a checksum covering the header and data and the receiver drop any received segment with unmatched checksum.

54. Dr. Almetwally mostafa54 Internet Protocols TCP and UDP  TCP (Transport Control Protocol) cont. A segment acknowledgements system is used to control the flow of stream between the sender and receiving processes: The receiver sends from time to time an acknowledgement to the sender giving the sequence number of the highest successfully received segment. Acknowledgements are carried in the normal data segments if there is a reverse flow of data. If any segment is not acknowledged within a specified timeout the sender retransmits it. The incoming buffer at the receiver is used to balance the flow between the sender and the receiver: The buffer may overflow if the receive operations more slowly than the send operations. Incoming segments are dropped when the buffer is overflowed. The sender is obliged to retransmit that dropped segments.

55. Dr. Almetwally mostafa55 Internet Protocols Domain Names  The Internet supports a scheme of symbolic domain names for hosts and networks because IP addresses are not very memorable for human users.  The domain name is represented in a hierarchical fashion designed to reflect the organizational hierarchy and independent of the physical arrangement of the Internet (location transparency).  In order for communication to take place a domain name must be translated into an IP address.  The translation of domain names is carried out using the Domain Name Service (DNS).  DNS is implemented as a server process can be run on host computers anywhere in the Internet.

56. Dr. Almetwally mostafa56 Internet Protocols Domain Names  There are at least two DNS servers in each domain and often more.  The servers in each domain hold a partial map of the domain name tree below their domain.  The domain map tree must consist of all of the domain and host names within its own domain; often it will contain more.  Name resolution is carried out recursively from right to left, issuing request to other DNS servers in relevant domains as necessary.  The resulting translation is cached at the server handling the original request so that the future requests for the same domain can be resolved without reference to other servers.

57. Dr. Almetwally mostafa57 Internet Protocols Firewalls  The purpose of a firewall is to monitor and control all communication into and out of an intranet.  A firewall is implemented by a set of processes that act as a gateway applying a security policy determined by the organization.  The firewall security policy may include any or all of the following: Service control: determine which services on internal hosts are accessible for external access and reject all other incoming service requests. Filtering actions are based on the contents of IP packets and the included TCP and UDP requests. Behavior control: prevent behavior that infringes the organization’s policies and forming part of an attack. Some filtering actions are applicable at the IP or TCP level but others require higher level interpretation of messages. User control: the organization discriminate between its users by allowing some access to external services but inhibiting others from doing so.

58. Dr. Almetwally mostafa58 Internet Protocols Firewalls Internet Router/ Protected intranet filter web/ftp server Firewall configuration