Datakommunikasjon høsten 2002

Datakommunikasjon høsten 2002 Mandag 11. november Repitisjon Datakom høsten 2002 1

Hva skal dere lære? Hva er Internett Nettverkskort Protokoller Adressering Applikasjoner ISDN LAN WAN ISP ASP Ethernet ARP TCP/IP Bro Svitsj Ruter FW/Brannmur DNS SNMP SMTP Datakom høsten 2002 2

Datakom høsten 2002 3

Tele-/datakommunikasjonsnett IN - Node LAN Internet PSTN GSM Telecom Management System Tactical and Strategic Military Networks Datakom høsten 2002 4

Hypertext Transfer Protocol HTTP Benyttes av WWW Protokoll for overføring av HTML Kan overføre tekst, lyd, bilder osv. Transaksjonsorientert klient/tjener protokoll Vanligvis mellom en Web browser (klient) og Web server (tjener) Benytter TCP Tilstandsløs Hver transaksjon behandles separat (Keep-Alive) En ny TCP forbindelse for hver transaksjon Terminerer forbindelsen når transaksjonen er komplett Datakom høsten 2002 5

Telnet og Rlogin Innlogging fra en maskin til en annen over nettet Benytter seg av klient-tjener begrepet Telnet er en standard applikasjon som er implementert i alle TCP/IP applikasjoner Rlogin kommer fra Berkley Unix og ble utviklet for pålogging mellom to Unix systemer Telnet er mer kompleks enn Rlogin Datakom høsten 2002 6

FTP (File Transfer Protocol) Internett standard for filoverføring FTP protokoll Kontroll forbindelse Server gjør en passive open på port 21 Klient gjør en active open til port 21 Data overføres fra port 20 på FTP serveren Datakom høsten 2002 7

DNS - Domain Name System RFC1034, RFC1035 Mapper mellom hostnavn og IP-adresse (og omvendt) Benyttes av TCP/IP applikasjoner Distribuert, hierarkisk Benytter både TCP og UDP som transport, port nummer 53 Eksempler DNS Query DNS Reply Datakom høsten 2002 8

What s a protocol? a human protocol and a computer network protocol: Hi Hi Got the time? 2:00 time TCP connection req. TCP connection reply. Get http://gaia.cs.umass.edu/index.htm <file> Datakom høsten 2002 9

A Communications Model Source Generates data to be transmitted Transmitter Converts data into transmittable signals Transmission System Carries data Receiver Converts received signal into data Destination Takes incoming data Datakom høsten 2002 10

Simplified Communications Model - Diagram Datakom høsten 2002 11

Networking Point to point communication not usually practical Devices are too far apart Large set of devices would need impractical number of connections Solution is a communications network Datakom høsten 2002 12

Simplified Network Model Datakom høsten 2002 13

WAN - Wide Area Networks Store geografiske områder Består av en rekke noder Alternative teknologier Linesvitsjing (Circuit switching) Pakkesvitsjing (Packet switching) Frame relay Asynchronous Transfer Mode (ATM) Datakom høsten 2002 14

LAN - Local Area Networks En eller flere bygninger Eies vanligvis av den som henger utstyr på lokalnettet Høyere datahastigheter enn WAN Ethernet 10 eller 100 Mbit/s Tidligere kun kringasting, dvs alle kan lytte på nettet Nå mer og mer svitsjede systemer, dvs kan segmentere nettet Datakom høsten 2002 15

Home networks Typical home network components: ADSL or cable modem router/firewall Ethernet wireless access point to/from cable headend cable modem router/ firewall Ethernet (switched) wireless access point wireless laptops Datakom høsten 2002 16

Circuit Switching Dedikert kommunikasjonsvei mellom partene så lenge kommunikasjonen pågår. Eksempel: Telefonnettet Datakom høsten 2002 17

Circuit Switching: FDMA and TDMA Frequency Division Multiplexing Access frequency Example: 4 users Time Division Multiplexing Access time frequency time Datakom høsten 2002 18

Packet Switching Datapakker sendes enkeltvis Datapakkene behøver ikke ta samme vei gjennom nettet Datapakkene sendes fra node til node mellom avsender og mottaker Brukes mellom datamaskiner Eksempel: Datapak basert på X.25 Datakom høsten 2002 19

Pakkesvitsjing A 10 Mbs Ethernet statistical multiplexing C B queue of packets waiting for output link 1.5 Mbs 45 Mbs D E Datakom høsten 2002 20

Asynchronous Transfer Mode ATM Little overhead for error control Fixed packet (called cell) length Anything from 10Mbps to Gbps Constant data rate using packet switching technique Datakom høsten 2002 21

Integrated Services Digital Network ISDN Laget for å erstatte PSTN, dvs analog telefoni Prøveprosjekt i Norge høsten 1989 Ble først populært når det kunne benyttes for å koble seg mot Internett Datakom høsten 2002 22

ISDN kanaler Grunnaksess (Basic Access): 2 B-kanaler 1 D-kanal Utvidet aksess (Primary rate Access): 30 B-kanaler 1 D-kanal Datakom høsten 2002 23

ADSL Assymetric Digital Subscriber Line Telenor tilbyr (hastighet inn/ut): 384 / 128 Kb/s laste ned lyd og bilde, samt gjøre flere ting på en gang 704 / 128 Kb/s laste ned filmklipp, programvare og andre store filer 1024 / 256 Kb/s laste ned og sende ut store filer raskt og effektivt Datakom høsten 2002 24

Internet protocol stack application: supporting network applications ftp, smtp, http transport: host-host data transfer tcp, udp network: routing of datagrams from source to destination ip, routing protocols link: data transfer between neighboring network elements ppp, ethernet physical: bits on the wire application transport network link physical Datakom høsten 2002 25

Internetworking Protocols Datakom høsten 2002 26

Kommunikasjonslagene (referert til OSI) Internet-TCP/IP OSI FTP HTTP SMTP DNS Application Application Presentation Session TCP UDP Transport Transport ICMP IP ARP Network Network PPP Data Link Data Link Ethernet Physical Datakom høsten 2002 27

Sikkerhet Autentisering (identifikasjon) Aksesskontroll (aksess til ressurser) Konfidensialitet (informasjon holdes hemmelig) Integritetstjeneste (data skal være korrekte) Tilgjengelighet (informasjonen skal være tilgjengelig for de som er autorisert) CIA Confidentiality Integrity Availability Datakom høsten 2002 28

Symmetrisk kryptering Secret Key Cleartext Encryption Algorithm Ciphertext Encryption Algorithm Cleartext Encipher Decipher Datakom høsten 2002 29

Asymmetrisk kryptering One Key to Encipher Another Key to Encipher Cleartext Encryption Algorithm Ciphertext Encryption Algorithm Cleartext Encipher Decipher Datakom høsten 2002 30

IPSec IP Security Sikkerhetsmekanisme for beskyttelse av VPN VPN Virtual Private Network VPN over Internett Mellom avdelingskontorer Mellom hjemmekontor og jobb Mellom leverandør og kunde Datakom høsten 2002 31

IPSec sikkerhetstjenester Konfidensialitet Informasjonen krypteres Integritet En veis hash funksjon Autentisering MAC (hash + hemmelighet) Digital signatur Datakom høsten 2002 32

PING ping 193.69.136.8 Pinging 193.69.136.8 with 32 bytes of data: Reply from 193.69.136.8: bytes=32 time=81ms TTL=127 Reply from 193.69.136.8: bytes=32 time=48ms TTL=127 Reply from 193.69.136.8: bytes=32 time=50ms TTL=127 Reply from 193.69.136.8: bytes=32 time=49ms TTL=127 Ping statistics for 193.69.136.8: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 48ms, Maximum = 81ms, Average = 57ms Datakom høsten 2002 33

Informasjon om IP på maskin ipconfig -all Ethernet adapter Local Area Connection: Connection-specific DNS Suffix. : halden.scandpower.no Description........... : 3Com EtherLink XL 10/100 PCI or Complete PC Management NIC (3C905C-TX) Physical Address......... : 00-50-DA-DD-2E-5E DHCP Enabled........... : No IP Address............ : 193.69.136.78 Subnet Mask........... : 255.255.255.0 Default Gateway......... : 193.69.136.54 DNS Servers........... : 193.69.136.53 Datakom høsten 2002 34

ARP - Address Resolution Protocol (IP til MAC adresse) arp -a Interface: 193.69.136.78 on Interface 0x2 Internet Address Physical Address Type 193.69.136.34 00-60-b0-3d-82-74 dynamic 193.69.136.54 00-10-5a-66-21-78 dynamic 193.69.136.60 00-50-da-4f-31-8c dynamic 193.69.136.61 00-60-97-17-2a-48 dynamic 193.69.136.91 00-60-08-49-2a-fe dynamic 193.69.136.115 08-00-09-70-2c-8e dynamic 193.69.136.133 08-00-09-87-fe-29 dynamic Datakom høsten 2002 35

Traceroute Address: Time: Seq: Results: 192.168.1.1 <10ms 1 56 bytes received. 80.212.232.0 16ms 2 56 bytes received. 146.172.167.65 16ms 3 56 bytes received. 146.172.202.57 31ms 4 168 bytes received. 146.172.202.37 16ms 5 168 bytes received. 146.172.250.229 16ms 6 168 bytes received. 146.172.248.66 31ms 7 56 bytes received. 193.156.90.3 16ms 8 56 bytes received. 193.75.3.62 15ms 9 56 bytes received. www.vg.no [193.69.165.20] 31ms 9 52 bytes received. Datakom høsten 2002 36

Standards Required to allow for interoperability between equipment Advantages Ensures a large market for equipment and software Allows products from different vendors to communicate Disadvantages Freeze technology May be multiple standards for the same thing Datakom høsten 2002 37

Standards Organizations Internet Society Internet Architecture Board (IAB) Internet Engineering Task Force (IETF) Internet Engineering Steering Group (IESG) ISO - International Standard for Organization JTC Joint Technical Committee ITU-T (tidligere CCITT) ITU- International Telecommunication Union 14 study groups ATM forum Datakom høsten 2002 38

Network applications: some jargon Process: program running within a host. within same host, two processes communicate using interprocess communication (defined by OS). processes running in different hosts communicate with an application-layer protocol user agent: software process, interfacing with user above and network below. implements application-level protocol Web: browser E-mail: mail reader streaming audio/video: media player Datakom høsten 2002 39

Client-server paradigm Typical network app has two pieces: client and server Client: initiates contact with server ( speaks first ) typically requests service from server, Web: client implemented in browser; e-mail: in mail reader Server: provides requested service to client e.g., Web server sends requested Web page, mail server delivers e-mail application transport network data link physical request reply application transport network data link physical Datakom høsten 2002 40

Application-layer protocols (cont). API: application programming interface defines interface between application and transport layers socket: Internet API two processes communicate by sending data into socket, reading data out of socket Q: how does a process identify the other process with which it wants to communicate? IP address of host running other process port number - allows receiving host to determine to which local process the message should be delivered Datakom høsten 2002 41

What transport service does an app need? Data loss some apps (e.g., audio) can tolerate some loss other apps (e.g., file transfer, telnet) require 100% reliable data transfer Timing some apps (e.g., Internet telephony, interactive games) require low delay to be effective Bandwidth some apps (e.g., multimedia) require minimum amount of bandwidth to be effective other apps ( elastic apps ) make use of whatever bandwidth they get Datakom høsten 2002 42

Transport service requirements of common apps Application Data loss Bandwidth Time Sensitive file transfer e-mail Web documents real-time audio/video stored audio/video interactive games financial apps no loss no loss loss-tolerant loss-tolerant loss-tolerant loss-tolerant no loss elastic elastic elastic audio: 5Kb-1Mb video:10kb-5mb same as above few Kbps up elastic no no no yes, 100 s msec yes, few secs yes, 100 s msec yes and no Datakom høsten 2002 43

Internet transport protocols services TCP service: connection-oriented: setup required between client, server reliable transport between sending and receiving process flow control: sender won t overwhelm receiver congestion control: throttle sender when network overloaded does not providing: timing, minimum bandwidth guarantees UDP service: unreliable data transfer between sending and receiving process does not provide: connection setup, reliability, flow control, congestion control, timing, or bandwidth guarantee Datakom høsten 2002 44

Internet apps: application, transport protocols Application e-mail remote terminal access Web file transfer streaming multimedia remote file server Internet telephony Application layer protocol smtp [RFC 821] telnet [RFC 854] http [RFC 2068] ftp [RFC 959] proprietary (e.g. RealNetworks) NSF proprietary (e.g., Vocaltec) Underlying transport protocol TCP TCP TCP TCP TCP or UDP TCP or UDP typically UDP Datakom høsten 2002 45

ftp: the file transfer protocol user at host FTP user interface FTP client local file system file transfer FTP server remote file system transfer file to/from remote host client/server model client: side that initiates transfer (either to/from remote) server: remote host ftp: RFC 959 ftp server: port 21 Datakom høsten 2002 46

ftp: separate control, data connections ftp client contacts ftp server at port 21, specifying TCP as transport protocol two parallel TCP connections opened: TCP control connection port 21 control: exchange commands, responses between client, server. out of band control FTP client TCP data connection port 20 FTP server data: file data to/from server ftp server maintains state : current directory, earlier authentication Datakom høsten 2002 47

ftp commands, responses Sample commands: sent as ASCII text over control channel USER username PASS password LIST return list of file in current directory RETR filename retrieves (gets) file STOR filename stores (puts) file onto remote host Sample return codes status code and phrase (as in http) 331 Username OK, password required 125 data connection already open; transfer starting 425 Can t open data connection 452 Error writing file Datakom høsten 2002 48

DNS: Domain Name System People: many identifiers: SSN, name, passport # Internet hosts, routers: IP address (32 bit) - used for addressing datagrams name, e.g., gaia.cs.umass.edu - used by humans Q: map between IP addresses and name? Domain Name System: distributed database implemented in hierarchy of many name servers application-layer protocol host, routers, name servers to communicate to resolve names (address/name translation) note: core Internet function, implemented as applicationlayer protocol complexity at network s edge Datakom høsten 2002 49

DNS name servers Why not centralize DNS? single point of failure traffic volume distant centralized database maintenance doesn t scale! no server has all name-to- IP address mappings local name servers: each ISP, company has local (default) name server host DNS query first goes to local name server authoritative name server: for a host: stores that host s IP address, name can perform name/address translation for that host s name Datakom høsten 2002 50

DNS: Root name servers contacted by local name server that can not resolve name root name server: contacts authoritative name server if name mapping not known gets mapping returns mapping to local name server a NSI Herndon, VA c PSInet Herndon, VA d U Maryland College Park, MD g DISA Vienna, VA h ARL Aberdeen, MD j NSI (TBD) Herndon, VA k RIPE London i NORDUnet Stockholm m WIDE Tokyo e NASA Mt View, CA f Internet Software C. Palo Alto, CA b USC-ISI Marina del Rey, CA l ICANN Marina del Rey, CA 13 root name servers worldwide Datakom høsten 2002 51

Simple DNS example root name server host surf.eurecom.fr wants IP address of gaia.cs.umass.edu 2 5 3 4 1. contacts its local DNS server, dns.eurecom.fr 2. dns.eurecom.fr contacts root name server, if necessary 3. root name server contacts authoritative name server, dns.umass.edu, if necessary local name server dns.eurecom.fr 1 6 authorititive name server dns.umass.edu requesting host surf.eurecom.fr gaia.cs.umass.edu Datakom høsten 2002 52

DNS example Root name server: may not know authoritative name server may know intermediate name server: who to contact to find authoritative name server 2 local name server dns.eurecom.fr 1 8 root name server 7 3 6 intermediate name server dns.umass.edu 4 5 requesting host surf.eurecom.fr authoritative name server dns.cs.umass.edu gaia.cs.umass.edu Datakom høsten 2002 53

DNS: iterated queries root name server recursive query: puts burden of name resolution on contacted name server heavy load? iterated query: contacted server replies with name of server to contact I don t know this name, but ask this server 2 local name server dns.eurecom.fr 1 8 requesting host surf.eurecom.fr 3 4 7 iterated query intermediate name server dns.umass.edu 5 6 authoritative name server dns.cs.umass.edu gaia.cs.umass.edu Datakom høsten 2002 54

DNS: caching and updating records once (any) name server learns mapping, it caches mapping cache entries timeout (disappear) after some time update/notify mechanisms under design by IETF RFC 2136 http://www.ietf.org/html.charters/dnsind-charter.html Datakom høsten 2002 55

DNS records DNS: distributed db storing resource records (RR) Type=A name is hostname Type=NS RR format: (name, value, type,ttl) value is IP address name is domain (e.g. foo.com) value is IP address of authoritative name server for this domain Type=CNAME name is alias name for some cannonical (the real) name www.ibm.com is really servereast.backup2.ibm.com value is cannonical name Type=MX value is name of mailserver associated with name Datakom høsten 2002 56

The Web: the http protocol http: hypertext transfer protocol Web s application layer protocol client/server model client: browser that requests, receives, displays Web objects server: Web server sends objects in response to requests http1.0: RFC 1945 http1.1: RFC 2068 PC running Explorer Mac running Navigator http request http response http request http response Server running NCSA Web server Datakom høsten 2002 57

Hypertext Transfer Protocol HTTP Benyttes av WWW Protokoll for overføring av HTML Kan overføre tekst, lyd, bilder osv. Transaksjonsorienter klient/tjener protokoll Vanligvis mellom en Web browser (klient) og Web server (tjener) Benytter TCP Tilstandsløs Hver transaksjon behandles separat En ny TCP forbindelse for hver transaksjon Terminerer forbindelsen når transaksjonen er komplett Datakom høsten 2002 58

SNMP Simple Network Management Protocol Request Manager Response Agent Unsolicited trap Network Management Station Network Management Protocol (Management Information) Managed Node 59

SNMP protokollen Manager GetRequest, GetNextRequest, SetRequest GetResponse Agent Port 161 Port 162 Trap 60

SNMP innkapsling SNMP innkapsling: LLC/MAC header IP header UDP header SNMP melding LLC/MAC trailer Data Link nivå Nettverksnivå Transportnivå Applikasjonsnivå 61

SNMPv1 melding En SNMPv1 melding består av 3 deler: Versjons nummer Community string En av de 5 SNMP PDUene 62

Internet Mail User agent, dvs Outlook, Eudora, Pegasus osv Mail transfer Agent, dvs Microsoft Exchange, Sendmail SMTP - Simple Mail Transfer Protocol TCP/IP Kun sending av tekst MIME - Multi-purpose Internet Mail Extension Sending av bilder, video osv POP 3 - Post Office Protocol ver 3 IMAP - Internet Message Access Protocol MX-records (Mail Exchange records) Del an DNS (Domain Name System) Datakom høsten 2002 63

SMTP Mail Flyt Datakom høsten 2002 64

User Agent (mail program) Lese og sende mail Opsjoner: Videresending til andre Svarsfunksjon Filtrering av innkommende mail til ulike mail bokser Signatur fil Adresslister, aliases Datakom høsten 2002 65

Mail Transfer Agent (MTA) Ansvarlig for å sende mailen gjennom nettet Baseres på SMTP (Simple Mail Transfer Protocol) SMTP er en enkel ASCII protokoll Benytter TCP og port 25 for å opprette en forbindelse mellom to MTA-er Datakom høsten 2002 66

Sammensetning av en mail Envelopes Brukes av Message Transfer Agent Headers Brukes av User Agent Body Innholdet i mailen (tekst og vedlegg) Datakom høsten 2002 67

Envelopes - eksempel Received: from sara.halden.scandpower.no ([193.69.136.35]) by Received: from sara.halden.scandpower.no ([193.69.136.35]) by janis.halden.scandpower.no with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id RCM02KCM; Mon, 20 Aug 2001 12:41:19 +0200 Received: from fw.scandpower.no (mail.hrp.no [158.36.61.51]) by sara.halden.scandpower.no (8.9.3/8.9.3) with SMTP id MAA12382 for <bak@scandpower.com>; Mon, 20 Aug 2001 12:43:02 +0200 Received: from mail.hrp.no ([158.36.61.51]) by fw.scandpower.no via smtpd (for sara.halden.scandpower.com [193.69.136.35]) with SMTP; 20 Aug 2001 10:44:06 UT Received: from pcthorbjornb (pc-thorbjornb.hrp.no [158.36.44.62]) by mail.hrp.no (8.10.1/8.9.0) with SMTP id f7kalxk14155; Mon, 20 Aug 2001 12:47:33 +0200 (METDST) Datakom høsten 2002 68

Header - eksempel Message-ID: <806CBC6BC8F7D4118BB0009027A3176604ED C2@EXCHANGE> From: Per Hansen <per@pdi.no> To: Bjorn-Arild.Kydland@scandpower.no < bak@scandpower.no> Subject: E-mail security Datakom høsten 2002 69

SMTP-kommandoer (RFC 821) HELO <sending-host> MAIL FROM: <from-address> RCPT TO: <to-address> DATA <tekst>. QUIT Datakom høsten 2002 70

MX-records Brukes for å fortelle omverdenen om hvem som er mail server Del av DNS (Domain Name System) MX-recorden for en domene forteller i prioritert rekkefølge hvor mailen skal sendes Datakom høsten 2002 71

MX-record eksempel MX-record for scandpower.no 1. prioritet: bill.halden.scandpower.no 2. prioritet: mail.globalone.no Mail leveres til mail.globalone.no hvis mailserver bill er nede eller forbindelsen til Internett er nede Datakom høsten 2002 72

POP 3 Post Office Protocol number 3 Protokoll for å hente mail fra mail server til en mail klient (f.eks Outlook eller Eudora) Bruker TCP og port 110 Baserer seg på enkle ASCII kommandoer Datakom høsten 2002 73

POP3 kommandoer USER username PASS password STAT [gir antall uleste meldinger] LIST (n) 8gir størrelse på melding n] RETR n [hent melding nr n] DELE n [slett melding nr n] QUIT Datakom høsten 2002 74

Internet Message Access Protocol - IMAP Mail klient Tilsvarende som POP3, men all behandling av mail foregår på mailserveren POP3 henter mailen ned til User Agent Datakom høsten 2002 75

MIME Multipurpose Internet Mail Extension Utvidelse av SMTP for å kunne overføre filer som ikke er 7-bit ASCII MIME informasjon i mail: MIME-Version Content-Type Content-Transfer-Encoding (Content-Description) (Content-ID) Datakom høsten 2002 76

MIME Content Type Text Image Audio Application (Word, Postscript, ) Multipart (Mixed, alternative) Datakom høsten 2002 77

MIME Content-transfer encoding Forteller hvordan innholdet av mailen er kodet Fem forskjellige kode formater er definert 7 bits ASCII Quoted Printable base64 8 bits som inneholder linjer binær koding, 8 bit data uten linjer Datakom høsten 2002 78

Quoted Printable 7 bit ASCII med alle karakterer <33 og >127 kodes som likhetstegn + verdien av tegnet som to hexadecimale tegn eks. bokstaven å kodes som =E5 Karakteresettet ISO-8859 gir å=229 desimalt 229=11100101 1110=E 1110=5 å kodes som =E5 Datakom høsten 2002 79

Base 64 Encoding Datakom høsten 2002 80

Base 64 encoding Tre bytes med data kodes som fire 6 bits karakterer Orginale data: Hi! H i! 01001000 01101001 00100001 (24 bit) 010010 000110 100100 100001 00010010 00000110 00100100 00100001 S G k h Datamengden øker med 25% Datakom høsten 2002 81

MIME - eksempel MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Datakom høsten 2002 82

MIME eks. Word fil som vedlegg MIME-Version: 1.0 Content-Type: multipart/mixed; Content-Type: text/plain; charset="iso-8859-1" Content-Type: application/msword; Content-Transfer-Encoding: base64 Datakom høsten 2002 83