Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11.

Published byCaroline Phillips Modified over 8 years ago

Similar presentations

Presentation on theme: "Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11."— Presentation transcript:

1 Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11

2 LAN Encapsulations Delimitation Protocol identification Addressing Bit-level integrity check

3 Ethernet Ethernet II IEEE 802.3 IEEE 802.3 SNAP

4 Destination Address Source Address Payload... EtherType Frame Check Sequence Preamble 46 - 1,500 bytes Ethernet II

5 The Maximum Extent Ethernet Network Repeater 2500 meters A B Slot time = 57.6  s

6 IEEE 802.3 Frame Format Destination Address Source Address DSAP SSAP Control Payload Length Frame Check Sequence Preamble IEEE 802.2 LLC Header Start Delimiter... IEEE 802.3 Header IEEE 802.3 Trailer

7 IEEE 802.3 SNAP Frame Format Destination Address Source Address DSAP SSAP Control IP Datagram Length Frame Check Sequence Preamble IEEE 802.2 LLC Header Start Delimiter... IEEE 802.3 Header IEEE 802.3 Trailer Organization Code EtherType = 0x00-00-00 = 0x08-00 SNAP Header 38-1,492 bytes = 0xAA = 0x03

8 Special Bits on Ethernet MAC Addresses Destination Address Source Address 0 - Individual 1 - Group 0 - Universal Admin 1 - Local Admin 0 - No Routing 1 - Routing Present 0 - Universal Admin 1 - Local Admin

9 IEEE 802.5 Frame Format DSAP SSAP Control IEEE 802.2 LLC Header... IEEE 802.5 Header IEEE 802.5 Trailer Start Delimiter Access Control Frame Control Destination Address Source Address Frame Check Sequence End Delimiter Frame Status Payload

10 IEEE 802.5 SNAP Frame Format IEEE 802.5 Header IEEE 802.5 Trailer Start Delimiter Access Control Frame Control Destination Address Source Address Frame Check Sequence End Delimiter Frame Status DSAP SSAP Control IP Datagram IEEE 802.2 LLC Header... Organization Code EtherType = 0x00-00-00 = 0x08-00 SNAP Header = 0xAA = 0x03

11 Special Bits on Token Ring MAC Addresses Destination Address 0 - Individual 1 - Group 0 - Universal Admin 1 - Local Admin 0 - No Routing 1 - Routing Present 0 - Universal Admin 1 - Local Admin Source Address 0 - Functional 1 - Nonfunctional

12 FDDI Frame Format DSAP SSAP Control IEEE 802.2 LLC Header... FDDI Header FDDI Trailer Preamble Start Delimiter Frame Control Destination Address Source Address Frame Check Sequence End Delimiter Frame Status Payload

13 FDDI SNAP Frame Format FDDI Header FDDI Trailer Preamble Start Delimiter Frame Control Destination Address Source Address Frame Check Sequence End Delimiter Frame Status DSAP SSAP Control IP Datagram IEEE 802.2 LLC Header... Organization Code EtherType = 0x00-00-00 = 0x08-00 SNAP Header = 0xAA = 0x03 Up to 4,352 bytes

14 IEEE 802.11 Frame Format Address 1 Address 2 DSAP SSAP Control Payload Address 3 Frame Check Sequence Frame Control IEEE 802.2 LLC Header Duration/ID... IEEE 802.11 Header IEEE 802.11 Trailer Sequence Control Address 4

15 Protocol Version Type Subtype To DS From DS More Fragments Retry Power Management More Data WEP Order The Frame Control Field

16 IEEE 802.11 SNAP Frame Format Address 1 Address 2 DSAP SSAP Control IP Datagram Address 3 Frame Check Sequence Frame Control IEEE 802.2 LLC Header Duration/ID... IEEE 802.11 Header IEEE 802.11 Trailer Sequence Control Organization Code EtherType = 0x00-00-00 = 0x08-00 SNAP Header = 0xAA = 0x03

17 Lesson 2: Wide Area Network (WAN) Technologies WAN encapsulations Point-to-Point Protocol Frame relay

18 WAN Encapsulations Delimitation Protocol identification Addressing Bit-level integrity check

19 Point-to-Point Protocol (PPP) Data Link Layer encapsulation method Link Control Protocol (LCP) Network Control Protocols (NCPs)

20 PPP Encapsulation Using HDLC Framing Flag Address Control Protocol IP Datagram Frame Check Sequence Flag = 0x7E = 0xFF = 0x03 = 0x00-21 = 0x7E...

21 Typical PPP Framing Flag Protocol IP Datagram Frame Check Sequence Flag = 0x7E = 0x21 = 0x7E...

22 Multilink Protocol Long Sequence Number Format Flag Protocol Beginning Fragment Bit Ending Fragment Bit Reserved Sequence Number Multilink Fragment Frame Check Sequence Flag = 0x7E = 0x3D = 0x7E...

23 Multilink Protocol Short Sequence Number Format Flag Protocol Beginning Fragment Bit Ending Fragment Bit Reserved Sequence Number Multilink Fragment Frame Check Sequence Flag = 0x7E = 0x3D = 0x7E...

24 Frame Relay Encapsulation for IP Datagrams Flag Address Control = 0x7E... Frame Check Sequence Flag IP Datagram = 0x7E NLPID = 0xCC = 0x03

25 Frame Relay Two-Byte Address Field DLCI C/R EA DLCI FECN BECN DE EA = 0 = 1 = 0 First byte Second byte

26 Lesson 3: Address Resolution Protocol (ARP) Overview of ARP ARP frame structure ARP in Windows Server 2008 and Windows Vista Inverse ARP Proxy ARP

27 Overview of ARP Resolves the next-hop IP address of a node to its corresponding media access control (MAC) address  For direct deliveries, ARP resolves the datagram’s destination IP address  For indirect deliveries, ARP resolves the IP address of a neighboring router ARP message exchange  Broadcast ARP Request  Unicast ARP Reply

28 The ARP or Neighbor Cache Table of resolved IP addresses and their corresponding MAC addresses Checked before sending ARP Request message  Network black holes

29 ARP Frame Structure Hardware Type Protocol Type Hardware Address Length Protocol Address Length Operation Sender Hardware Address Sender Protocol Address Target Hardware Address Target Protocol Address = 0x0800 = 6 = 4

30 ARP in Windows Server 2008 and Windows Vista Works in the same way as Neighbor Discovery in IP version 6 (IPv6) Neighbor Discovery processes  Address resolution  Duplicate address detection  Neighbor unreachability detection

31 Address Resolution ARP Request SHA: 00-60-08-52-F9-D8 SPA: 10.0.0.99 THA: 00-00-00-00-00-00 TPA: 10.0.0.1 ARP Reply SHA: 00-10-54-CA-E1-40 SPA: 10.0.0.1 THA: 00-60-08-52-F9-D8 TPA: 10.0.0.99 Node 1 IP Address: 10.0.0.99 MAC Address: 00-60-08-52-F9-D8 Node 2 IP Address: 10.0.0.1 MAC Address: 00-10-54-CA-E1-40  

32 Duplicate Address Detection ARP Request for one’s own address  Reply received: Duplicate IP address  No reply received: Unique IP address for the network segment Duplicate address ARP exchange  Broadcast ARP Request sent by offending node  Unicast ARP Reply sent by defending node

33 Neighbor Unreachability Detection Reachable if IP packets sent to the neighboring node were received and processed by the neighboring node  Exchange of ARP Request and ARP Reply messages  Indications from Transmission Control Protocol (TCP) that sent data is being acknowledged

34 Neighbor Cache Entry States INCOMPLETE REACHABLE STALE DELAY PROBE

35 Inverse ARP Used for non-broadcast multiple access (NBMA) technologies (frame relay) MAC-level address is known, but IP address of node at the other end of the connection is not Inverse ARP message exchange  InARP Request  InARP Reply

36 Proxy ARP Proxy ARP Device Node 1 Node 2 Single Subnet

37 A Windows Server 2008 Remote Access Server and Proxy ARP Remote Access Client Assigned address: 10.1.1.201 Windows Server 2008 Remote Access Server 10.1.1.0/24 10.1.1.50 10.1.1.8 Configured range: 10.1.1.200-10.1.1.254

38 Lesson 4: Point-to-Point Protocol (PPP) PPP overview PPP connection process Link Control Protocol (LCP) PPP authentication protocols Network Control Protocols (NCPs) PPP over Ethernet (PPPoE )

39 PPP Overview A Data Link Layer encapsulation method LCP for negotiating the Data Link Layer characteristics NCPs for negotiating Network Layer protocols over the point-to-point connection

40 PPP Connection Process 1. PPP configuration using LCP 2. Authentication 3. Callback 4. Protocol configuration using NCPs

41 LCP Frame Structure Flag Address Control Protocol Code Identifier Length Data Frame Check Sequence Flag = 0x7E = 0xFF = 0x03 = 0xC0-21 = 0x7E... LCP Frame

42 LCP Options Protocol Code Identifier Length Type Length Option Data = 0xC0-21... LCP Option

43 LCP Negotiations LCP messages  Configure-Request  Configure-Nak  Configure-Reject  Configure-Ack For Peer A and Peer B  Peer A initiates an LCP negotiation for the data to be sent by Peer B  Peer B initiates a separate LCP negotiation for the data to be sent by Peer A

44 PPP Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft-CHAP version 2 (MS-CHAP v2) Extensible Authentication Protocol (EAP)

45 PAP Simple, plaintext authentication protocol PAP authentication process: 1. Connection-initiating PPP peer (the calling peer) sends a PAP Authenticate-Request message to the authenticating PPP peer (the answering peer) 2. The answering peer validates the user name and password and sends either a PAP Authenticate-Ack or PAP Authenticate-Nak message

46 PAP Authentication Request Message Protocol Code Identifier Length Peer ID Length Peer ID Password Length Password = 0xC0-23... = 1...

47 PAP Authenticate-Ack and Authenticate-Nak Messages Protocol Code Identifier Length Message Length Message = 0xC0-23... = 2 or 3

48 CHAP More secure authentication protocol  Provides proof of knowledge of password without sending the password CHAP authentication process 1. The answering peer sends a CHAP Challenge message that contains a challenge string 2. The calling peer sends a CHAP Response message that contains a Message Digest-5 (MD5) hash of the CHAP session ID, the challenge string, and the user’s password 3. The answering peer verifies hash and sends a CHAP Success or CHAP Failure message

49 CHAP Challenge or Response Messages Protocol Code Identifier Length Value Size Value Name = 0xC2-23...

50 CHAP Success or Failure Messages Protocol Code Identifier Length Message = 0xC2-23...

51 MS-CHAP v2 Microsoft authentication protocol  MS-CHAP with mutual authentication MS-CHAP v2 authentication process 1. The answering peer sends a CHAP Challenge message that contains a challenge string 2. The calling peer sends an MS-CHAP v2 Response message that contains an encrypted response and a challenge for the answering peer 3. The answering peer verifies the response and sends a CHAP Success message with an encrypted response based on the calling peer’s challenge 4. The calling peer verifies the answering peer’s response

52 MS-CHAP v2 Response Message Protocol Code Identifier Length Value Size Peer Challenge Reserved Windows NT Response Flags Name = 0xC2-23... (16 bytes) (8 bytes)... (24 bytes) = 49

53 EAP An extension to PPP to allow for more extensibility and flexibility for authentication methods for PPP connections EAP messages:  EAP-Request  EAP-Response  EAP-Success  EAP-Failure

54 EAP Request or Response Messages Protocol Code Identifier Length Type Type-specific data = 0xC2-27... = 1 or 2

55 EAP Success or Failure Messages Protocol Code Identifier Length = 0xC2-27 = 3 or 4 = 4

56 EAP Authentication Types EAP-Transport Layer Security (TLS) Protected EAP (PEAP)  EAP-MS-CHAP v2  EAP-TLS

57 NCPs IP Control Protocol (IPCP)  IP Compression Protocol  IP Address  Primary Domain Name System (DNS) Server Address  Primary NetBIOS Name Server (NBNS) Server  Secondary DNS Server Address  Secondary NBNS Server Compression Control Protocol (CCP)  Microsoft Point-to-Point Compression (MPPC)  Microsoft Point-to-Point Encryption (MPPE) Encryption Control Protocol (ECP)

58 PPP over Ethernet (PPPoE) Method of encapsulating PPP frames so that they can be sent over an Ethernet network PPPoE connection phases: 1. Discovery phase Presence of an access concentrator (AC) Determine a PPPoE session ID 2. PPP session phase A PPP connection is established and used for data transfer

59 Destination Address Source Address PPPoE payload... EtherType Frame Check Sequence Preamble 40 - 1,494 bytes Version Type Code Session ID Length = 1 PPPoE Frame Format

60 Destination Address Source Address PPP Protocol PPP payload... EtherType Frame Check Sequence Preamble 38 - 1,492 bytes Version Type Code Session ID Length = 0 = 1 = 0x88-64 PPPoE Frame Format for PPP Frames

Download ppt "Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11."

Similar presentations

1 ICS 156: Lecture 2 (part 2) Data link layer protocols Address resolution protocol Notes on lab 2.

1 ICS 156: Lecture 2 (part 2) Data link layer protocols Address resolution protocol Notes on lab 2.
© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.

© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.
ADSL Systems - An Overview Praveen Reguraman InterOperability Lab University of New Hampshire 1999.

ADSL Systems - An Overview Praveen Reguraman InterOperability Lab University of New Hampshire 1999.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 12 Point-to-Point Access: PPP.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 12 Point-to-Point Access: PPP.
S4C4 PPP. Protocols Point to Point Protocol Link Control Protocol Network Control Program Password Authentication Protocol Challenge Handshake Authentication.

S4C4 PPP. Protocols Point to Point Protocol Link Control Protocol Network Control Program Password Authentication Protocol Challenge Handshake Authentication.
Point-to-Point Protocol

Point-to-Point Protocol
Understanding IPv6 Slide: 1 Appendix A Link-Layer Support for IPv6.

Understanding IPv6 Slide: 1 Appendix A Link-Layer Support for IPv6.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 1 Local Area Network (LAN) Technologies.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 1 Local Area Network (LAN) Technologies.
 As defined in RFC 826 ARP consists of the following messages ■ ARP Request ■ ARP Reply.

 As defined in RFC 826 ARP consists of the following messages ■ ARP Request ■ ARP Reply.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 4 Point to Point Protocol (PPP)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 4 Point to Point Protocol (PPP)
1 Data Communications Point-to-Point Protocol (PPP)

1 Data Communications Point-to-Point Protocol (PPP)
Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn 2004-2005.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn
Semester 4 - Chapter 4 – PPP WAN connections are controlled by protocols In a LAN environment, in order to move data between any two nodes or routers two.

Semester 4 - Chapter 4 – PPP WAN connections are controlled by protocols In a LAN environment, in order to move data between any two nodes or routers two.
Ariel Eizenberg arielez@cs.huji.ac.il PPP Security Features Ariel Eizenberg arielez@cs.huji.ac.il.

Ariel Eizenberg PPP Security Features Ariel Eizenberg
Point to Point Protocol Operation. Point to Point Protocol Protocol Layers of PPP –Physical Layer –Data Link Layer – HDLC derivative –Other protocols.

Point to Point Protocol Operation. Point to Point Protocol Protocol Layers of PPP –Physical Layer –Data Link Layer – HDLC derivative –Other protocols.
ITIS 6167/8167: Network and Information Security Weichao Wang.

ITIS 6167/8167: Network and Information Security Weichao Wang.
PPP (Point to Point protocol).  On WAN connection, the protocol depends on the WAN technology and communicating equipment:  Examples:  HDLC –  The.

PPP (Point to Point protocol).  On WAN connection, the protocol depends on the WAN technology and communicating equipment:  Examples:  HDLC –  The.
K. Salah 1 Chapter 12 Point-to-Point Access: PPP.

K. Salah 1 Chapter 12 Point-to-Point Access: PPP.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Similar presentations

Ads by Google