network2
Tue 02/17/08
.. at the mercy of another company
- interference - trees, whether, foreign objects
Infrared
- operates at 300Hz to 400Thz terahz
infrared NEED line of sight!
.. incapable of penetrating most anything
.. but will reflect off of light color surfaces
- distance: very limited distance .. typically within a room
advantages of infrared - does not require frequency lisencing
one of the big advantages .. doesn't require fancy antennas
cheap to impliment
latency not an issue
easy to work with as long as you don't have anything in the way!
bandwidth . can get relatively high bandwidth with infrared but typically you only get about 4Mb
security - more secure than other wireless options .. not as secure as the wired options
interference - from objections .. line of sight is critical
.. sun's radiation can be an obstructions
durability -- pretty durable
common uses:
- remote controls
- cell phones -
direct device communication
.. printing .. used to be all laptops and printers had infrared ports ..
..sycing
Data link layer -- on next exam .. but do know what all the layers are . as part of the osi unit
data link layer -
physical addressing .. mac address
.. burned into the network card, come from the manufacurruer and realtively unique
ip addresses are unique world wide
xx:xx:xx:xx:xx:xx
first half tells you the manufacturer of the network card
last six are "random"
as long as you don't have two defvices on the same lan .. it doesn't matter that someone else in the world has the same mac
it is possible with software to override the address.
.. so possible to override but in most cases won' mess with it.
data link layer
header and footer
on the other side, dll wil strip off header and footer and push it up to the next layer
so frames
. also do error control. and that error control includes detecting .
in some cases correcting eerrors
- requesting resends .. if the ack is not received .. do we need to send the packet again
also have flow control -- .. makes sure that we don't overwhelm the reciever .. or at least tries to make sure
going to give us some way to throttle down the sender
Media access control - our way of making sure that everbody takes turns accessing the physical media
media access control .. make sure evryone gets a fair turn, that no one's clogging
-------
Thu 02/19/09
notes for today and tomorrow are in email -- you took them on the iTouch, remember?
-------
Thu 02/26/09
-------
Mon 03/09/09
bluetooth -
- wireless protocal - .. operates in the 2.4Ghz range
typically used for PANs
typical distance .. in a room .. generally can't get much further than that
named after - translation of kind Blatland .. king that united a land in norway -- so since it was seen as a way to unit disparate devices, they named it after him
the max piconet size is 7 devices
we can extend this .. we can connect pico nets into what we call scatter nets to have more than 7 devices
if we have our 7 deviies out hhere scattered about
one of the devices will always be the primary .. gonna have a bunch of secondary devices communicating with it
we can add on to this by making one device a seconardy in the first pico net and a primary in the second
so eseentially we can create a tree structre
is possible to have a bluethooth dvice on etthernet -- so you can bridge accross those protocal
really 8 devices -- 7 secnardy devices plus a primary
in bluetooth , communication is always between a primary and secondary .
we cant ave to secondary devices directly communicating with each other
so how does it work?
uses timeslots and polling for communication
numbers its timeslots
all even numbered timeslots are reserved for the primary device
so the primary device is the only one who can send during the even numbered timeslots
the seconardy devices must then share all of the odd numbered timeslots
the secondardy devices can only send if primary set to them in previous timeslot
so primary polling devices
devices have to wait until ythey are essentially polled before they can send data
the data rate s realtively low -- 1Mbps for < 2.0 version and 3Mbps for ≥ 2.0 version
bluetooth uses FHSS - frequenciy hopping spread spectrum -- hops accross 79 channels
encodes its data with FSK
usea a more advanced form than we've discussed but that's the base
bluetooth is alos less communoly known as IEEE 802.15.3
bluetooth frame:
- access code: sych bits so we can make sure we're seychronoized .. also contains the id of the primary station aka piconet id - id of primary station .. 72 bits
- header: 54bits -> 3 * 18 bits -- the header is repeated 3 times .. and tha'ts our error correction .. if we have two 1's and a 0, we'll go with the 1
18 bits:
source/destination address - 3 bits - only need to represent 7 devices
- 4 bits - what type it is
- 1 bit flow control - set to 1 if the buffer's full
- ack bit
- sequence number
- HEC - header error check
finally, data. - lenght of data .. either 240 bits, 1490 bits, or 2740 bits .. and this represents each from that we send out can either take up 1, 3, or 5 timeslots
.. need to end on an odd number timeslot!
obove that -- l2cat header - .. tells us what bluetooth application to push it out to
circuit switch network:
- cnnection setup process that reservices resources from the source to the destination .
common example of this which isn't true anymore , but old teelephone networks..
it used to be that when you picked up the phone, the telephone compnay would reserve bandwidth for you to to other end
when a call was initially placed, dial phone number and wit would create connecton
reserved bandwidth at each connection
big advantage - QOS - you are not competeing with any other devices -- your bandwidth is guarenteed
disadvantage - reserved bandwidth sits idol a lot -- inefficiency of unused , idol bandwidth
- also, setup delay - before any data can be sent, we need to set up the connection and degociate
at the opposite end, a datagram network - this is what most of our networks are today
- there is no reservation of bandwdith
- no connection setup
- we simply send each individual datagram out on the network
- this is the way that ethernet works, wifi
there is no connection setup and teardown .. just construct the datagram packet, put it on network, it gets to destination.
the beatuy - anybody can use the bandwidth -- not going to just sit there
send it through switches
is the possibility that each datagram moves along a different path
the big advantage, we don't have the inefficiency of idol network space
everyone is elligable to compete and use the network
so big advantage: we don't have idol time if there is data to send - we have no connection setup
big disadvantage - have no good way of doing QOS
all kinda .. "compete with everyhone else" and get what you can get
(quality of service)
virtual circuit networks
------------------------
combine datagram and circuit networks
they allow for the setup of virtual circuits
.. all datagrams follow the same path, but we're not going to necessarily garentee bandwidth, but we do have that option
we have some setup - with seting up the virtual circuits but although we're setting up these virtual circuilts, there will be a portion of the bandwidth that is a free-for-all
so we don't have idol time (if data to send)
we can do QOS - ex: ATM
ATM -
- asynchronous transfer mode
- asynchronous communications
- designed for fiber optics
- cell switched data network
- all cells are 53 bytes
.. 48 bytes are the actual data
so can only send 48 bytes in a cell but we can send it so quickly
uses asynchroneous TDM
asynchroneous - no slot for each and every device but address in data itself
ATM was devoloped to take advantage of fiber optics
.. designed to operate with minimal error control / flow control
designed for fiber , which has little interference -- provided you have a clean fiber
also designed to combine voice, video , data, raltime -- all different types of traffic on one media
- designed to consolidate data, voice, video, etc on one medium
but everyone must play well together
guarentee QOS for voice and video while still providing data etc
so used when we focus on QOS .. reason for original implementation
ATM layers:
physical - like osi -- transport data from one interface to another. but two parts
physical media - deals with thing ssuch as bit transfer, encode, etc
on top of that, transmission convergance .. converts between bits and cells (both ways)
ATM - covers the dll
AAL - atm adaptation layer - implementt things such as lane - lan emulation
try to implement as much as possible in hardware -- much faster than software
meant to be the next big communications protocall
ATM layer - does multiplexing, switching, headers
ATM adaptation layer:
segmentation and assembly ... happens often -- we don tususallly send 2 mb at a time
also adapts to other protocals, such as etternet .. done by lane -- local area network emulation
.. but that introduces overhead
ATM service classes:
AAL1 - connecttion oriented, constant bit rate, timing is important .. not delay tolerant - ex: voice
AAL2 - also connection oriented - here we have a variable bit rate .. someimtes sending a lot of data
timing is important - generally if it doesn't arrive right away , its useless
AAL3 - connection oriented variable bit rate. timeing is not important
- ex: standard data
AAL4 - is connectionless
timeing is not important here -- more or less standard data
AAL5 - connectionless bursty traffic .. no error control!
advantages: high speed due to the hardware implementation
bedfaase we can impolement this stuff in hardware, it'll mnove through the atm switches faster
in general, we have less overhead - minimal error control
- have the ability to do QOS
- can combine things like voice, data, etc .. QOS and non qos data
can put a priority on your frames .. so if we reach a point of conjestion, we can drop some frames.
we can do "guarenteed delivery" .. have the ability to garentee that bandwidth
disadvantages - very different - can't take a standard network admin and expect them to figure it out
because we implement these different qos, gets to be complex
and finally, it's expensive -- switches, fiber, and people who know it are expensive
high speed -- but that's really physical layer
-------
Tue 03/10/09
discussion questions on NETWORK SECURITY!!
IP
138.74.63.1
138.74 - snc class b IP address
last two numbers .. the specific machine
IPv4
this is compsci's IP
responsibilities of the network layer
- network addressing aka logical addresses as opposed to the physical addresses
- delivery from source to destination
- routing of packets (here we refer to the data as packets and not frames)
hierarchical addressing
- network portin of the address and the host portion of the address
look at the network portin until we get to the correct network .. and then look at the host portion
there are different formats
in some cases (not for IP), the host portion is the MAC address
so instead of assigning some other portion to that host, the mac address should be unique in the LAN .. therefore we attach a host portion and make it globally unique
.. this is more efficient for rounting to use hierarchy
because - rounters would need to know how to get to everywhere .. the table would be huge
for example, the core internet routers know how to get to 138.74 .. they know send that to SNC
once here on campus, our routers know how to rout to the specific IP address
very similar to domain names - first you look up .edu then snc and then passed to our servers here for the www
another example - telephone numbers .. area code tells the general area, from there you can use the exchanges to get to the telephone
can look at international numbers, too
and the last one is postal addresses
scientific animal names
IP addresses =
--------------
IPv4 are 32 bits long .. we typically display it in dotted decimal notation
but the computers dont deal that way
four 8-bit octets .. 8bit.8bit.8bit.8bit
IP addresses can be broken into two parts - a network portion and a host portion/id
different classes of IP addresses
but the class determines what portion is the host and what portion is the network.
IP address classes:
class a IP addresses -
- the first octet is the network id and the last 3 octets define the host - n.h.h.h
o a class a network can have a lot of hosts on each class
things that we should know: the first bit in the first octect is always 0
because that first gbit is always 0, the range that we have - is 126 valid class A networks - 1-126.x.x.x, where the last part is some host ID
127.x.x.x - used for the local host or the loopback address
often used to test a network card to see if it's working -- you can ping 127.0.0.1 .. the key is that it never actuallly enters the network itself
10.x.x.x - private addresses - therefore, it is not routable on the internet
ICANN - Internet Corp for Assigned Names and Numbers.
numbers: ip
names: domain names
there are 2^24-2 valid host addresses on each network.
roughly a bit over 2 million
there are some hosts that are not valid
n.0.0.0 signifies the network itself - not possible to rout to the network itself
n.255.255.255 - broadcast address.
class B addresses
- the first two bits of the network portion are 10. the remaining bits can be 0's and 1's
so the range of our first octect
10 000 000 - 10 111 111
range in decimal
128.0.x.x - 191.255.x.x.
- 16,384 valid calss B networks
- each network has 2^16-2 valid hosts
Private class B addresses:
172.16.x.x - 172.31.x.x
Class C networks
- start with 110
- the first 3 octets are network
110 00000 - 110 11111
for that first octet and the full range for the second two octets
range in decimal
192.0.0.x - 223.255.255.x
Private networks:
192.168.0 - 192.168.255
nowadays, A's are gone, B's are hard to come by .. C's are still available but you need to show a reason that you need one
Other reserved IP addresses
Class D - reserved for multicast
- sending from a source to a subset of hosts on the network
- multicast .. first octet starts with 1110
the range is:
224 to 239
other reserved addresses:
192.0.2.0 - testnet
simply used for documentation
169.254.x.x reserved for operating systems that don't have their IP addresses --- they automatically assign in cases where the DHCP server is unavailable
DHCP -
for lab - meet in JMS 216
-------
Thu 03/12/09
classical addressing -- classes, A, B, and C
but we'd be waisting a lot of IP addresses if we stayed with that .. so we have subnetting and supernetting
gateway -- your router towards the internet
the default gateway -- if you've got a packet to send and you don't know where it should go .. send it to the default gateway
class A address -
your netmask - 255.0.0.0
1111 1111 . 0000 0000 . 0000 0000 . 0000 0000
class B
netmask is 255.255.0.0.
1111 1111 . 1111 1111 . 0000 0000 . 0000 0000
class C
255.255.255.0
1111 1111 . 1111 1111 . 1111 1111 . 0000 0000
class B example:
138.74.63.1
10001010 . ...
to get the network portion, we and with the netmask
- 138.74.0.0
creating subnets
- mask some host bits with a subnet mask to create subnets
there is nothing to say that you can't take the last bits instead of the next bits to create a subnet!
create "class C" size addresses from a class B
the easiest way to do this:
subnet mask:
1111 1111 . 1111 1111 . 1111 1111 . 0000 0000
so if we wstart with
138.74
we can create a bunch of subnets
gain 8 bits to create subnets
how many subnets? - 2^8 -2 = 256 -2 = 254 new subnets
how many hosts per subnet?2^8-2 hosts per subnet
snc default subnet mask
255.255.252.0
11111111.11111111.11111100.00000000
using 6 bits for the subnet
22 bits total for the network portion
2^22-2 networks
10 host bits -> 2^10-2 hosts per subnet
say that we need 200 hosts for the largest subnet
at least 8 subnets
class B address
currently have 16 network bits
8 host bits needed - 2^8-2 = 254 devices at most
4 subnet bits needed -- if you don't want to break the rules .. gives us 14 possible subnets
if you've got extra, err on the side of giving more host bits
so lets use 10 and 6
so that gives us a
255.255.252.0 subnet mask
supernetting -
borrowing network bits and making them host bits
end result: we can combine smaller networks into a larger supernet
if you were assigned class C addresses
200.0.0.0
200.0.1.0
200.0.2.0
200.0.7.0
so we have 8 class C addresses
and you want a single network taat is bigger
default netmask -
255.255.255.0
200.0.0.0/24 <-- cisco notation for netmask
11111111.11111111.11111111.00000000
11111111.11111111.11111000.00000000
the number of subnets that we would have is 2^3-2 = 6 subnets
so like subnetting but reverse
how many hosts on our supernet -
8+3 -> 2^11 -2 hosts that we can all put on the one supernet
but everyone does subnetting these days
-------
Mon 03/23/09
ARP - Address resolution protocall
- process of translating a network layer address (logical address) to a hardware address (data link)
hardware are local, network is global
logical addresses give us information as to where the notde is located
we need the network layer addresses to route
easier to route based on logical addresses
3 methods of briding the gap between hardware and logical addresses
1) table lookup - has to be on every device on the netwrrk .. a royal pain .
- every devvice maintains a table of all local, logical, and hardware addresses.
this is a nightmare to maintain .. not used at all anymore .. not reasonable to update the table every time we add a device
2) closed form computation - take the mac address and add a network portion to it.
typically used by ipx .. was novell's networking
what does it look like? -
Mac and attached to the front - network address
.. dont need a lookup table
3) what we use today is ARP
a devicce sneds out a broadcast that is something like who has IP address of x.x.x.x?
will be sent out to all devices on the lan
and the device on the lan with IP x.x.x.x responds " my mac address is: ..."
in order for this to be useful, all devices maintain a cache of known MAC to IP translations
ARP cache
----------
IP,MAC address,timeout
x.x.x.x,1:2:3:4:5:6,30 min
20 to 30 minutes is average.
changed mac address will wreck havok
.. this is why the mac address override came to be .. if you want to fail over to a second machine, you have it take over the primary mac address
how do we broadcast? send to all F's
RARP - reverse ARP
- used to boot diskless systems to get IP Address / or what3ever protocal
the update to this was bootp -
- replaced rarp function
- is used today
DHCP - dynamic host control protocal
- assigns IP addresses and possibly other network info
- ex: default gateway - netmask, DNS
1) Static IP assignments - DHCP server has a table of mac and IP addresses -- always same IP address
2) dynamic IP assignment - dhcp server maintains a pool of addresses
- address assigned "randomly" from the pool of addresses
.. typically, unless you run out of a pool, you're going to maintain the information s to how it has been previously been assigned .. .. no you're not garenteed to get the same IP but often times you will
- devices are assigned a lease on an IP address
.. you can use this for 24 hours .. at that point, you send a renual request after 24 hours
even if you're device is completely turned off, you keep the lease until the lease is expired
particularly useful for transient machines
esp erbs and gerbs
-------
Thu 03/26/09
**** YOUR NOTES FOR TUESDAY ARE ACTUALLY IN THE MATH NOTEBOOK
RIP
Distance Vecotr Routing
best for small networks.
updates are sent out periodically
sending out a copy of entire routing table
cost is simple - just how many routers do I have to go through to get to my destination
rip,, IGRP, EIGRP
rynamic routing table creation
- at boot up a router has configuration info for each interface
.. we don't want to use dhcp becaase the pcs are pointing to the router .. we need the IP to stay the same!!
- IP address
- netmask
.. from the interface configuration info, we can add all directly connected networks to routing table
and of course once we have a routing table, we send an update to all eeighbors saying these are all the networks that I have connected
what does the routing table look like?
- a minimum of 3 columns, usually 4
requirements -
- network id 138.74.0.0 .. network with all zero's filled in for host portion
next -> cost .. 1 .. becaase it's directly connected
and next hop .. and it's a directly oonnected network, we're gonna have a dash ---, otherwise, the next IP address to forward the packet onto
4th field - netmask
255.255.0.0, for example
but routers don't store the netmask like this .. routers have /16 .. number of 1's .. number of netmask bits
Updating the routng table
how do we learn about the rest of the network.
example:
router A 14.0.0.0 router B \ 55.0.0.0
router C
router F
router E router D
router A knows about : 14, 78, and 23
next hop .. well they're directly connected
and cost is 1
F knows about 78 and 92 .. cost of 1 for directly connected
B is aware of 14 and 55
C is aware of 55 andd 66
DD has 66 and 8
E is aware of 23 and 8
how do we update the routing table?
0. add cost to get to the router that sent update to all costs.
next step,
1. if advertized netwrok is not in routing table, add it
2. Else, if advertized netwook IS in the routing table -
a.) if the next hop is the same, update the routing table entry
b.) if the next hop is different, then
i) If cost is lower, replace the old routing tabble info
ii) if cost is higher or same, ignore it
B's update: 14, 55, and their cost
the other routers don't care what the next hop for B is .. if we had a netmask, we would send that out as well
so here B is advertizing it's entire routing table .. going to cend it to C anddA
A receives the update and adds the cost to get to B .. so the table received now has a 2 for cost
1. use B as the next hop
.. the next hop is different so we need to look at the cost .. but the cost is higher, so do nothing
now we add 55 with a cost of 2, the next hop is B
now let's look at C
is 14 in C's network? no, so we're gonna add it
hop cost of 2 .. next hop B
is 55 in there yes .. next hop is different, cost is higher so ignore
A sends an update - everythng in it's current table
14,1
78,1
23,1
55,2
a's update sent to E
add network 14 -- hop cost 2, next hop is A
add 78, hop cost of 2, next hop A
23 already there
55 .. add it .. and the hop cost is 3 .. cost from A was 2
A sends update to B
. B adds 78, cost 2 , next hop A
add 23, cost 2, next hop A
55 .. already there with a lower cost
so lets - break it
fully converged .. everyone knows where everyone is
what if router B does and network 1 dies
.. router C notices that 1 is no longer there and removes it from routing table
but then it receives an update from A .. and it adds network 1
.. the updates just keep increasing
.. so if we have a packet to send to network 1 ..
it goes from D to C to A to C to A to C to A ....
prevention of routing loops -- because routing loops are bad
- use the ttl .. or time to live .. we have a max number of hops a packet is allowed to take .. this is part of the IP headers
.. every hop decrements this value
when ttl reaches 0, the packet is disgarded
-------
Fri 03/27/09
wed apr 8th 6-8 .. exam 2
everything about dlc and network layers
A
2/ \3
B--1---C--4--D--5---
we discussed ttl
working network routing tables
A
1
2
3
4
5
C
1 1 -
2 1 -
3 2 D
4 1 -
5 2 D
D
1 2 C
2 2 A
3 1 -
4 1 -
5 1 -
A
1 2 C
2 1 -
3 1 -
4 2 C
5 2 D
we break 1.
C recognizes this ..
A sends update to all neighbors
C adds network 1 with cost of 3
C sends to A , A sends to C .. etc
Infinity
- - - -
∞ = 16
- no network can be more than 15 hops from any other network
and this is just within rip
was designed for the original internet .. but now it takes more than 15 hops
but i'ts an interior protocal, so you can have more than 15 routers from end to end
typically, within an org, rip is still used because it's simple
so with infinity,
C sends an updateeto A . advertizes network 1 .. says that the entry came from C .. needs to update table.
.. this keeps going to ∞ .. 16!
.. this now means network unreachable
so using infinity prevents routing loops continually increasing cost but thinking the network is reachable.
other ways of preventing this problem from happening
we'll typically implement more than one of these .. because networks always have issues
split horizon
.. you never advertize a route back out from the interface from which you received it
- garantee a route will not be advertized out the interface on which it is received
so C, sttll takes out 1
but when A sends update, it's update to C will include 2,3, and 5 .. not going to include any of those that have the next hop of C .. because that's where we learned the information
as a result of that, we're not going to be putting 1 back into our network hop
likewise, when A advertizes to D, it would have info about 1,2,3,4
when D sends out an update,
D's update to A is going to include 1,4 and 5 with costs of 2,1 and 1
When A receives this update, no changes
Poison reverse with triggered updates
----------------------
- advertizes down networks with a hop count of ∞
- triggered updates force updates to neighbors with a detected change in topology
.. so if we detect that there's a problem, we immediately send an update.
Hold down timers
- - - - - - - - -
time when topology changes are taking place is a dangerous time
- by creating a time after topology change where no updates to down (∞) routes take place
.. so don't change anything until the down timer expires
the downside is that if 1 comes right back up. it's still listed as down until the hold down timer expires
we use all of these tequinques at once
rip .. routing information protocal is what we've been talking to
- rest in peace
- very simply
- based on the bellman ford algorithm
.. what we went through yesterday
hop count is the cost
was the first routing protocal of the internet
.. so has been in use for 40 years .. still used in very simple networks but not reasonable for typical networks
one of the limitations .. ∞ = 16 -- so we can't hve a network with more than 15 hops
version 1 can only do classful routing
.. no subnets!
version 2 can do vlsm .. variable length subnet mask.
igrp =
interior gateway routing protocal
- proprietary cisco routing protocal
distance vector routing protocal
cost is based on bandwidth, reliability, delay
K1 andd K2 are constants
alg
(K1/bandwidth + K2*delay) * reliability
also stabilitiy feature -- like preventing routing loops
stable network .. everything has converged
another big advantage -> ∞ is defined as up to 255 -- configurable .. default 100
infinity is stil hop count
we can also split traffic amungst multiple paths
we can do load balancing over redudant paths
-------
Tue 03/31/09
OSPF
- devide the autonomous system (as) into areas
create areas and each area has a designated boarder router
boarder router summarizes the routing information and passes it on
so updates go to everyone in local area .. border router takes care of passing it on
boarder routers ... are typically commected to a backbone network .. (area 0)
types of OSPF networks
1) point to point .. two routers that are connected together and there's no host or other router attached to network
- ex: dialup, T1, T2, sattellite, most remote connection
- we do not need to represent the network in our graph
2) stub networks
- Lan connecgted to exactly 1 router
router
\
\ { lan }
simplest network .. going to represent the router and the network in our diagram .. graphing is realtively straightforward
3) virtual link network .. virtually pretend there is a link from one router to another
- sometimes when you have border routers that need to connect to backbone, you create a virtual link that makes the router look like it's directly connected to the backbone
3) transient networks
- LAN with two or more routers and possible (end) devices directly on the LAN
.. if its just two routers and no devices, then it's a point to point
(A) device (B)
\ | /
[switch]
/ \
(C) (D)
need to be able to out everywhere
we elect a designated router (DR) and a backup designated router (BDR)
- DR acts as the network in the middle
DR is elected when the network starts up or a major topology change takes places (BDR is elected the same time)
BDR absorbs all info that DR does but doesn't do anything unless the DR dies
- DR is the router with the highest priority at the time of the election
if we later plug in a router that has a higher priority, we won't necessarily change our DR ... if there's a new election, then maybe backup DR ..
but unless election is redone, it doesn't not immediately become DR
we'll use lowest letter = higher priority
so
A B
\ /
{ DR A}
/ \
D C
{1}\
(A)------(B) (E)-{6}
/ \ /
{2} {switch}
\ / \
(C)-------(D) (F)-{7}
| |
{3} {4}
AB, CD .. point to point
1, 3 , 4,, 6, 7 .. stub
transient - 5,2
transient .. need to have designated algorithms
so A and B are DR
dykstra
for router A
root -- we said it was A
temporarily add all directly connected nodes
{1}\
(A)- - - (B) (E)-{6}
: \ /
{2} {switch}
\ / \
(C)-------(D) (F)-{7}
| |
{3} {4}
permanently add 1.
temporarily add all dc networks to 1 .. done
permanently add 2
{1}\
(A)------(B) (E)-{6}
/ \ /
{2} {switch}
\ / \
(C)- - - -(D) (F)-{7}
: |
{3} {4}
....
(A)
/ | \
1 2 B
.....
shortest path tree
from that, we can get our routing table
1 1 -
2 3 -
3 6 C
4 10 C
5 8 B
6 11 B
7 11 B
-------
Thu 04/02/09
BP - boarder gateway protocal
.. not a protocal that you wuld use in your internal system .. interdomain routing protocal
not used inside an organization
typically used by ISPs
it is THE routing protocal of the internet .. ie, when you get to the core of the internet, the core is routed by BGP
- path vector routing - instead of maintaining just the next hop, it maintains the entire path
so the routing table and updates contain the entire path to the destination network
network, netmask, cost, path
138.74.0.0, 255.255.0.0, magicly calculated based on security / reliablility / number of hops / level of trust from neighbor that you learned this route .. we don't trust everyone .. we assign specific levls of trust to our neighbors, all the networks that we have to go through 5.0.0.0 / etc
path vector routing - why?
why not distance vector: inherently unstable - not unusual for your distance vector network to fall out of convergence .. lots of problems with loops
- can only use hop count
- we must 100% trust neighbors
Link State routing - link state packets from every network in the internet .. need to do a shortest path tree to every network on the internet -- too many routes in the internet - would take too long to calculate the shortest path tree and too much memory
also, there would be too many updates
multihomed networks -
(verizon)
/ \
{internet} (network) \ /
{at&t}
we want to make sure that we're not going down, so we connect to more than one isp
.. how do we know to go through at&t or verizon?
.. need bgp
most routers run more than one protocal .. and they have different priorities
. direct connect gets highest priority -> you trust that most!
Different types of autonomous systems (AS) in BGP
-----------------
- stub AS --> network with a single connection out
- multihomed AS --> network with more than one connection out
.. both of these are end networks .. not transient -- leaf on a tree
- transient AS - multihomed AS that allows traffic to pass through
so in our diagram, verizon and at&t are transient networks
at the endge of each AS is a boarder router (gateway) takes care of consolidating these routes, advertizes routes to others, more than one routing protocal -> translates
loop detection
- - - - - - -
make sure that no network in our path occurs more than once in the path route
ip headers -
----------
packet:
dlc header + ip header + data + dlc trailer
1st 4 bits - version - the version of IP (either 4 or 6) 6-> 6 octets .. and v6 has some security built in
next 4 bits - header length, since you can have a variable length header .. lenght of the header in 4 byte chuncks
5 means 4 * 5 = 20 bytes of header
next 8 bits - service type
- 1st 3 bits of that specify priority for ex: QOS .. most traffic does not modify these first 3 bits
- last 5 bits - type of service - what are the things that are important to this packet
for ex: minimum delay, minimum cost, maximum throughput, max reliability
next 16 bits - packet length
- total lenght of the packet in bytes
next 16 bits - identification - unique ID used for packet fragmentation
flags - 3 bits - 1st bit is not used. 2nd bit: do not fragment - if we hit a network that has a smaller mtu, we can't send
last bit - there are more fragments - this is not the last fragment
but network layer doesn't garentee that they arrive in order
.. given by the fragmentation offset
fragementation offset - 13 bits - tells us how far into the initial message does the fragment fit
in 8 byte chunks
.. offset of the fragment within original message in 8 byte chunks
so a value of 7 means that this fragment starts 7 * 8 = 56 bytes in
TTL - prevents the packets from living on the network for ever
next 8 - transport layer protocal - tcp, udp, sctp
header checksum - check that there is no errors in our header - not data bits
source ip
destination ip
- 32 bits each
and finally, our data!
assuming ip v4
-------
Fri 04/03/09
Transport Layer
---------------
- end to end transfer of the data
app
presentation
sessin
transport
network
dlc
physical
intermediary devices:
network
dlc
phyiscal
transport layer - responsibilities
- service point addressing- the port in tcp/ip
.. so what application to pass the data to .. web, ftp, etc
- segmentation and reassembly
- error and flow control
but we already did that at the network layer .. why do it again
.. double check .. and also the headers change as the packet goes trhough .. so we want to check if errors happen at the router
end to end transport attempts to ensure that we have no errors from our source to destination -- so, end to end error and flow control
examples: TCP, UDP, SCTP -> tries to combine the benefits of dcp and udp
TCP does error and flow contrrl with another sliding window .. but now we can grow and shrink it based on the results that we find from congestion control
service point addressing:
port addresses
0-1023 - are called well known port addresses
80 - http
20/21 - ftp
22 - ssh
23 - telnet
53 -dns
443 - ssl / https
smtp - 25
ports 1024 - 49,151 - registered ports
- companies can register port numbers with a governming body that keeps track of all the port numbers - IANA - internet assigned number authority
. people don't always obey this one
49,151 - 65,336 - dynamic ports aka ephemeral ports
.. ports assigned to connections by the operating system
connecting to server .. the connection back to you is a dynamic port
- used by client programs.
netstat -rn
gives you a routing table
netstat -an
all connections that you have
0.0.0.0 .. acting as a server, but nobody's talking to it
you can have completely different applicatiins running on the tcp / udp
udp -- don't actually make a connection -- you just send out a packed .. so you see a star
***GRE TRIVIA!***
osi transport classes
transport class 0 .. is the simple class - not going to do any error or flow control
.. does provide segmentation and reassembly
tp1 - basic error recovery class - still do segmentation and reassembly
but .. going to use something like acknowledgement to request resends of errored packets and unacknoleged packets
tp2 is tp0 with multplexing allowed - can run more than one application .. ex: email plus IM .. two apps from same source to same destination .. we can combine our data into one packet
tp3 - tp1 w/ multiplexing .. ex: TCP
tp4 - advanced error control - above and beyond tp3 .. would be for data that's absolutely critical that it gets there
someewhat based on app, somewhat based on network
streaming audio -- there's no time to resend the packet
-------
Mon 04/06/09
UDP
user datagram protocal
unreliable -- dilivery and duplication not guarenteed
like usps ..
put it out there and hopes it gets there
.. connectionless .. do't go through the whole process of setting up a connection between source and data
the beauty of that is that it's less overhead becaase we don't have the whole setup process
what does it look like?
source port (16 bits), destination port (16 bits), length (16 bits) - length of the header plus data, checksum (optional - 16 bits)
advantage of checksum .. at least it knows that there aren't any errors
data
if you use the checksum, it includes the udp header and then IP physudoheader
in psudoheader: source and destinatin IP address, the protocal, and the total length
the rest of the ip header fields are set to 0 becuase they may be changing along the way
.. and the data itself -- the session layer .. everything in the session layer
uses:
- multicast applications
- time-sensative
messaging or voice
- anything that starts with the word "streaming"
- applications that do their own error and flow control
many apps can be configured to use udp vs tcp
tcp - transport control protocal
.. connection oriented
setup and tear down
.. if it's not properly torn down, it sits in limbo
we actually have error and flow control
reliable connection stream
tcp header
source port (16 bits), destination port (16 bits), sequence number,
sequence numbers - for ordering
- so that we both think we're receving the same chunch .. that we've recieved it correctly
sequence numbers are incremented by the size of the data in bytes
seauence # 1000
ack 1001
next sequence number for pakcets of 100 bytes wouudl be 1100
tcp liikes to model this as a stream .. so we use these sequence numbers to aid in that
initial sequence number is somewhat randomly chosen
.. continuing packet header now
acknowledgement number - 32 bits like sequence number
hlength - 4 bits . size of header in 32 bit words
if hlength = 5, then we have 5* 32 bits in the header .. 160
next 6 bits are reserved
6 bits of flags -
- URG - is the hurget pointer significant .. another flag in our header
- PSH - plush function and it forces sending of the data ... typically we wait until our buffer is full
can often happen if you , for ex hit enter
ack - the value in the acknowledgement field is valid
.. ack is used when you're piggybacking
rst - reset the connection
syn - used to synchronize sequence numbers during connection setup
fin - used for connection termination / teardown
window size .. 16 bits
checksum -
urgent pointer - 16 bits
urgent pointer - significant only if URG flag is set
.. points to data that should be immediately processed
finally, options
below that, actual tcp data
how tcp ip connections work
tcp connection setup
- uses a three way handshake .. whenver we want to make sure that both sorce and destination are on the same page is by the process of a three way handshake
also may negociate connection parameters
- max segment size
- window size
- QOS
this handsake triggers the allocation of resources at our source and destional
.. port numbers and buffers.
important because of DOS attacks ..
what does it look like
source
destination
sequence number 1371 - random
flags : syn (starting a connectin)
server sends back its own sequence number .. sends an ack of 1372
. because there is no data in the packet , we just increment by 1
client then confirms what it knows .. uses the server sequence number for ack and the intial sequence number
here the only flag that's set is the ack
data:
sequence number 1311
send 10 bytes of data
ack 1321
-------
Thu 04/09/09
TCP connection - three way handshake
afterwards the connection is complete
.. then we send data back and forth mostly likely in a full duplex way
- eventually one device decides it wants to break the connection
.. sends a packet with the fin bit set .. may or may not contain data sequence number may be 1001
going the other way .. 1392 may be the sequence number .. sends back with fin and ack
finally, the initiator sends back an ack
the time between when we requested the close of the connection and when it is complete is called a fin_wait
a lot of overhead but a much more reliable transport stream
SCTP - getting to be more mainstream, still relatively new -- essentially combines the best of tcp and udp
.. from udp .. it is a message (packet) oriented protocal
with udp you essentially make a packet and you send it out .. with tcp it's byte stream. .. app layers see it as a steady stream of bits
sctp is a message oriented protocal .. want to send a message, get a response and then send another message
but unlike udp, it's a reliable protocal
.. reordering of packets and resending if necessart ..
.. conjestion and error control
.. so all the reliability of tcp but messages insteadd of a stream of data
flow and congestion control in tcp -
.. sliding window -
- window size .. in dll it was always a static window size .. and did our sequence numbers mod- size to keep things as they should be
the key difference between tcp sliding window is that here we have a variable window size
they work exaclly the same trasport wize
here the receiver controls the size of the window
.. sender is responible for only allowing data within that window to be outstanding
but now the receiver can say a window size
.. this does the congestion control .. tis is the way the receiver can dictate how fast you can send data
- also, the network in some cases can manipulate lower windows
how does this work?
slow start with exponential increase:
- start with a window size of 1
- exponential increase doubles the window size with each ack
- keeps going until we reach a threshold (default = 65,535 bytes)
- then we startt congestion avoidance
- additive increase in window size
- if we detect congestion - we'd detect that if
1) ack timeout .. ack lost or really delayed .. so if this happens we assume things are really bad
so we ... a) set threshold to half the current window size, b) set the current window to 1.
c) begin slow start with exponential increase again, until we reach the threshold .. and then do an additive increase until we experience congestion again
2) ANOTHER way to detect issues are if we receive 3 duplicate ACKs
- typically due to out of order segments .. most likely , our receiver has already received the next one .. but still waiting for 1002
we assume things aren't quite as bad .. and ..
a) still set the threashold to half the current window size
b) but now instread of setting the current window to 1, we set it to the threshold
c) additive increases, since already at the threshold
-------
Tue 04/14/09
UDP sockets
(no setup and teardown)
sever - waits to respond
-----
client - request info
for both, the first thing that needs to happen is the socket call
socket() .. where we create the necessary data structures (buffers)
,,, first parameter .. protocal family - PF_INET
.. protocal family inet .. also af inent .. address family
means we're using the internet protocal
next param . type of socket - SOCK_DGRAM .. datagram for a udp socket
stream would be tcp
and sock_raw .. create your own socket
finally IPPROTO_UDP -- what transport layer protocal?
or IPPROTO_TCP
on server side .. issue a bind call .. binds the server to a specific IP and port .. only called on server side
on the client, we let the OS pick the port
bind() assigns a local protocol address (IP , prot#) to the socket
we send it
a socket descriptor (sd) . structure that contains a bunch of information
. specify ip and port @ in the socet descriptor
client does not bind, this simply allows the OS to pick IP and ephenoral port (49,000+)
servers: this sepcifics where to find the server
recvfrom
and sendto
recvfrom reads data from the socket into a buffer
also gives info (IP and port) about the client from which the datagram was received
- block while waiting for data
sendt() .. send data back to the client
- send data
- specify the socket descriptor
- specify IP & port #
- socket address structure
client - intiates connection (a sendto) .. going to be receieved by the server's receivefrom
and then the client goes to a blocking receive from
and then typically the ccient ends
closesocket(sd);
tcp sockets
- - - - -
extra step on the server -- listen() .
.. convert an iunconnected socket to a passive (listening) socket
- allows it to accept incoming connections
listen is also where we specify the number of connecdtions allowed to queue
accept() returns the next completed connection from the front of queue that we setup with listen
- going to block if no incoming connections
*difference from UDP .. returns a new socket descriptor taat is specific to this connection
connect - initiates the three-way handshake from the client
- must specify server connction info .. ie, the port and the ip address
.. connect returns when the 3-way handshake is complete
send() - send data over socket
- specify socket descriptor and the buffer to send. (and the length and any possible flags)
receive() - receive data from socket descriptor
- specify socet descriptor (on server side, this is going to be the sd from accept .. so not the listening socket descriptor)
- buffer
- returns the # of bytes received
..
most of the ttme, just one send and receive, but can go back and forth .. because it's connection oriented.
any program and any os can use .. because these are standard protocols
-------
Thu 04/16/09
session layer
goal: to coordinate from end to end the connect and disconnect of the applications
in many respects, the same as the transport layer but does it more in the app instead of the OS
also provides synchronization points .. so you don't have to start over
also coordinates who sends what when
and tries to ensure a graceful close
application
presentation
session
transport
network
dlc
physical
tha's the OSI model
.. it's a theoretical model .. not really an implementation of it
we typically impolement the tcp/ip model .. the top three are grouped as the applicaton layer
and then tcp/udp transport
ip for network
dlc and physical .. essentially implemented elsewhere
transport - implemented by OS
session .. coordinates: makes sure the entire transaction takes place or is rolled back if not complete
we do this by sending acks much like the three way handshake
this also comes into play with databases .. session makes sure that the transaction completes or roles back
part of this coordination also includes opening new transport layer connections if necessary
and ensuring a graceful close .. need to make sure that both applications understand that we're done
this coordinate most likelyy lends itself to tcp .. but you could do it over udp .. just more work
synchronization points -
- typically used for large transactions or downloads
if I have a large file, I"m gonna institute these sync points every once in awhile. if problems happen, when I resume, I can resume at the previous sync points
so the coordination of communication between programs is really left to the programmer
presentation layer -
- data representation
- data encryption and authentication
- data compression
Data representation:
- big endian or little endian
- size of integers
- character encoding: ascii, epsodc, unicode, asn (abstract syntax notation)
often times what happens is
takes the text, conversts it to asn to send over theenetwork
and then at the other end, convert tt native character representation
- also, cr/lf problem
data compression -
- lossless - can recover the data 100% .. quality is exactly the same as it was before you compressed it
- runlength encoding - replace 12 a's with an escape character and a number of a's
- repeated symbols are replaced by a special marker (escape character) , the symbol, and the number of times it consecutively occurs
- statistical compression: - short codes for frequent symbols and long codes for less frequent .. e couple be represented by a 1 whereas q and z could be represented by 00111110101
relative compression - used for video - send differences between frames
- lossy .. approx the same but not 100%
.. data cannot be reconstructed exactly
- ex: jpeg, mpeg .. transforms the picture into a math equation
. . don't get to keep the clear lines
-------
Fri 04/17/09
Encryption -
----------
- start with palin text, encrypt it at the sender
.. and we get cypher text
.. then sent to destination
and at the destination, take the same cypher text and then decript .. which will then give us a the plaintext
character level encryption -
- polyalphabetic encryptionu
- each occurance of a letter is replaced by a substitute letter
two problems: incredibly easy to break,
- we need to exchange the key
transpositional
- - - - - - -
8 character example
Key: 87325641
Spring is here!
number the characters
123456789012345 (15 really but I cant fit to digits in one slot on here)
and then reorder them in 8 character chunks
advantage - no frequency analysis possible
but you can still start looking for patterns
so a little better than the polyalphabetic, but still somewhat easy to break.
- still need to exchange the key
the key problem with the character level encryption is that you can start doing the character analysis and looking for patterns
bit level encryption - its better
- treat data as 0s and 1s .
- permutation -
1011 0111
can say break into four bits and always but them in this order
1011 0111
0111 1110
you need to know how to permute the bits in order to get the data back
.. since it's per bit .. it's a little more difficult to brute force
still can be brute forced, and the more computing power increases, the easier it is to brute force an attack.
- we still have the key exchange problem
substitution based on bits---------------------
00 -> 10
01 -> 11
10 -> 01
11 -> 00
obviously you'd use longer than 2 bits
we still have a key exchange problem
- again, brute force can break
and the more data you send, the easier it is to brute force .. becuase you just start looking for patterns.
XOR with a key
- - - - - -
. most secure of the (bit level) bunch
- key .. quite long and as a random as possible
take your data and XOR it
XORs are really simple to implement, so we can use alonger key
can be very secure if keylength = message length
.. then we get complete entropy
the shorter your key is, the more information you're giving away and the easier it is to break the code
and we still have the key exchange problem
so these are interesting but not practicle
.. they're ancestors of current technology
DES - data encryption standard
.. this used to be the government standard for non-classified data
- we have a private key that we must share
- public key used to encrypt
- encrypt 64 bit plain text with a 56 bit key
we use the 56 bit key to create 48 bit subkeys
key to good encryption - the algorithm itself should never be a secret
take 64 bit data and divide it into two 32 bit chuncks
save left chunck
permute right chunck and expand so that we get an outcome of 48 bits
then we take a subkey and xor with it
giving us a result
then compress and permute
giving us 32 bits
xor with left part that we set aside
and then combine back together with the left side
then repeat the process 16 times with the 16 different subkeys
triple des cubes the complexity
RSA - Revest, Shamir & Adleman
- based on prime numbers and factoring
- public key, private key.
- 2 primes, p and q
- calcuate n = q * p
hardest part .. pick two very large prime numbers
- select K[p] which is not a factor of (q-1)(p-1).
- select K[s] st Kp * Ks mod (p-1)(q-1) = 1
private - Ks, n
public key - kp, n
to create cipher text
c = cipher text
P = plain text
c = P^kp mod N
|
\/
P = c^ks mod N
much simpler than DES
hard part - it takes forever to figure out what your public and private key will be
calculations are also slightly more difficult
authentication
- - - - - -
differnt than encryption
it's verifying that it did come from where it claims it came from
.. verify the source of the data
.. verify that the data has not been tampered with
.. so different than what we were doing with the encryption
how do we do this - use some sort of digital signature.
create message digiet -- basically a hash of the data .. kinda like a checksum
it's a fingerprint of the data
common has algorithms
- shs - secure has standard
- md5 - message digest 5
if someone changes a couple bits, the hash should come out differently
and then sign the hash
.. and can sign with RSA
- or DSS .. digital signature standard
- sign with the private key, check the signature with the public key
-------
Mon 04/20/09
Domain name Service:
- - - - - - - - - -
converts host names / domain names to IP addresses and vice versa
different ways of doing name resolution (the process of going back and forth)
- -
- DNS
- can use a host file -
- used as backup, but not particularly efficient, and a royal pain to maintain
- NIS .. network information services - precursor to ldap
can also use ldap .. for info on companies on the network.
how do we decide which to use .. there's usually an nsswitch file that decides the priority
the DNS structure is setup as a higherarchical tree
at the top the
root
/ | \
inverse generic country
domain domains domains
/ | | \ \
com net edu jp uk
biz gov mil am fm
org museum coop
info int jobs mobi
name pro tel travel
------------------
google cnn etc
inverse domain allows us to map IP addresses to domain names .. 99% of the time, we're looking up domain names and want to know the IP address
- PTR query
example 138.74.0.9
want to least specific part on the right side .. so reverses it
9.0.74.138.n-addr.arpa.
icann manages th3e inverse lookup and the generic domain.
subdomains
mail, compsci etc
you can keep going down .. but only 127! of them
and subdomains come under control of snc
when you specify domain names, there are two ways:
fully qualified domain name:
.. contains the complete domain name ending with a period
www.snc.edu.
compsci.snc.edu.
partially qualified domain name -
- only the first part of the domain name
given domain of snc.edu, a partially qualified domain name is
compsci
or
www
.. and the host will attached the domain to it
here it's important to not have the peroid, which tells us that it is a fully qualified domain name
nslookup www.snc.edu.
nslookup 1.63.74.138.n-addr.arpa.
specific name servers
- top level domains have root servers
for each zone, primary server - has authority over the zone
secondary servers - act as backups to the primary server
- get data from the primary
.. so when you make your dns changes, you never make them on the secondary
.. in case our primary dns goes down, moot hosts are configured to use backups
considered authoritative for our zone (snc.edu)
Name resolution process
types of domain name records
A - regular host over which the server has authority
mx - mail record domain name
ptr - reverse lookup
recursive name resolution process -
-------------
- host query nameserver it is configured with
- if the original nameserver does not know answer, it passes the query up the tree
- look as needed
- finally, the snc nameserver passes the response back
google.com lookup
pc points to ns1.snc.edu, which does not have authority .. this then looks up under the edu nameserver, edu doesn't know, so it sends up to root name server.. sends you to the com name server
the com name server then asks the google name server .. which sends the info back through all those servers.
iterative name resolution: - - - - - - - - -
host again queries it's configured nameserver
if the nameserver doesn't know, it suggests a nameserver that may
and in this case, instead of passing along the query, the host machine queries the new nameserver
Pc -> snc nameserver -> "go look at .com"
pc -> .com nameserver -> "go ask google"
pc -> google
typically not used becase we don't want everyone to hit our domain name server.
this is tedious, but we usually cache responses at the nameserver
- includes a ttl, so the entry expires
- future queries may simply receive cached response
- cache server will specify that the response is non-authoritative
-------
Thu 04/23/09
-lsocket -lnsl .. when you do the gcc
http protocal
- - - - - --
- protocal for communication between web clients and servers
.. but useed by many applications as well
client server
client makes http request
server sends back an http response
and we may well have a looping of this
HTTP request - format taken from email format
Request line -- says what am I requesting ex: HEAD (header info), GET, INFO, OPTIONS, ... ex: get index.html
after request line may have headers:
OS, browser, IP address, host name .. info about the client .. this is where your environment vairables are set
time, locale, compression
then a blank line - it separates the header info from the body
the body will be optional in the request
HTTP response:
status line - request OK or error code / message
then some server header information - timestamp .. if the headers tell us it's the same timestamp, we can use the cache, OS, web server etc. -- info about the header and file itself
blank line
body
- the file / document itself.
get
host: whatever
try it in putty
GET /index.html HTTP/1.1
host: anything
when we download a web page, how does it work?
really the web server serving static pages is incredibly simple .. sends back index.html
the browser has to display the file
.. it does a lot of work!
so the server just sends files -- the client has to interpret the page and request images and other files if necessary
web server is incredibly stupid
even with cgi -- it just runs the program and displays the output
secure socket layer (ssl)
.. encrypt all traffic of web connection
current version of ssl is 3.0
the new name is tls .. 90% the same - transport layer security
tls 1.0 is essentially the same as ssl 3.0
the world is going to tls
what is security?
- - - - - - - -
nobody can read (an intercepted message) what you have -- you have encryption
* authentication -- is it really you?
once you create a connnection, want to make sure you don't have a man in the middle attack
* finally, message integrity - make sure the message has not been tampered with
.. need to sign the message so that we can detect changes
when we put these three things together, we tend to have security, but we need all these things
ssl or tsl is design to provide us with all three
encryption - secret key for encryption
authentication - key exchange, which authenticates both parties
for the message integrity, use a message hash
1) I would like to use this security: TLS RSA (encryption) WITH - DES128-CBC (key exchange) - SHA (or md5 -- this is your has)
and this is just 1 example
what the process looks like:
client hello which initiates the process
- authenticate with the security authority if that's required
they do some offline things in order to authenticate the validity of the company .. a ton of paperwork with versign
also, exchange random numbers -- become part of our key that we use to encrypt .. we never want to use the master key for our encryption
.. use those as well as certificate keys to create master keys for the client and the server
you use completely different keys in the other direction!
from the master key, you're going to extract encryption and hash keys
-------
Fri 04/24/09
i don't rrecommend tech support unless you really don't like your hair
you're not just a rent a nerd you're a rent a scapegoat
basically, when they come to sue you out of existance, then want to have all the information they need
-------
Mon 04/27/09
cisco ios 101
- iso - interwork operating system
router architechture
- ethernet interfaces
sequentially numbers e0, e1 .. etc
also, some fast ethernet
.. f0, f1, f2 .. 100Mb or higher
(either labeled physically, or youu'll be able to get a diagram)
serial interfaces -- usually the wide area connections ..
s0, s1, s2 .. etc
most of the cisco routers today are blade based
controller blade
seal blade
f/e blade
controller blade .. has cpu and brains
you can also have atm interfaces, frame relay, etc
we also need to talk about the various bits of memory in the router
ROM - read only memory . basically the intelligence used to boot the router .. unchangable .. just used to find the OS
flash - where we store the ios .. stores your operating system
"flash a router" -- gonna replace the ios
NVRam - non-volitle .. maintains values even when turned off. .. only place that we can write stuff to that will stay there .. used to store the startup config
RAM - running memory of the router
contains:
- routing tables
- running configuration .. all of your currently known information
distinct difference between running configuration and startup config .. you can make a whole bhunch of changes and they won't survive a reboot!
.. in almost all cases they should be the same
running configuration -- nice because you can try things on the fly .. but you have to remember to copy it over to the startup config
configuring IOS -
- - - - - - - -
access methods for configuration:
- console port .. serial port which can be communicated with a rollover cable -- it's a cable that comes with your router that lets you plug into the serial port of your computer
.. they still require serial .. but there's a wireless serial adapter that you can buy
.. this is where the initial configuration must be done
connect via aux port:
- ----------------
usually used to attach a modem .. yes, even today it is common to use a good old 56k model attached to routers -- they do this because you're coming in throughh the phone line .. not the network .. you cant assume network access to the device
.. so really critical for troubleshooting and still used today
telnet -
- - - - -
requires network connection, but if you can get in through the network, you can telnet .. initial config must have already take place!
.. once you get the serial port .. hyperterminalcan help you use the serial port
9600 baud
8 bits
none no parody
1 stop bit
emulator emulates the hardware itself
simulator -- mimics
environments aka modes
when you initiallhh loginto the router , you are in user exec mode .. tends to have very limited oommands .. cant make any changes .. -- read only view of the router
.. can't really DO anything .. and a lot of stuff is not even going to have a read only view
from the user exec mode, you can go to priviledged exec mode -
.. use the command "enable" .. should prompt for a password.
you are now in priviledged exec mode
.. global view of the router .. can see all info at a high level
. now have the ability to enter configurations
.. you can't actually config here
prompt at user exec: rountername>
priviledged exec mode: router#
disable will get you back down to user exec mode
from privilidge exec mode, you can type "setup" to get to the initial config menu
when you first login, it'll ask if you want to go through the default config
can also go into global configuration
"configure terminal"
short: "config t"
from global config mode, you can config global, non interface specific, parameters
ex: password to login via command
enable password
enable secret
message of the day
from there you can go into interface config or line config
line config -- what you user for the serial interfaces.
when IOS is rejecting your command, you're probably in the wrong mode!
command-line interface
there is no gui!
help!
----
- ? - lists all available commands (not necessarily useful because long!)
- s? - lists all commands start with s
sh? - all commands starting with sh
sh [tab] .. comppletes the command (if unique)
so