정보보호기술연구본부 “Internet Security” Chapter 1. P.2 Contents 1. Internetworking...
-
Upload
randell-mckinney -
Category
Documents
-
view
223 -
download
0
description
Transcript of 정보보호기술연구본부 “Internet Security” Chapter 1. P.2 Contents 1. Internetworking...
“Internet Security”
Chapter 1
P.2
Contents
1. Internetworking and Layered Models 1.1 Networking Technology - LANs, WANs 1.2 Connecting Devices - Switches, Repeaters, Bridges, Routers, Gateways 1.3 The OSI Model 1.4 TCP/IP Model - Network Access Layer - Internet Layer - Transport Layer - Application Layer
P.3
Networking Technology
▣ Local Area Networks (LANs)◈ Ethernet◈ Token Ring◈ Fiber Distributed Data Interface (FDDI)
P.4
Networking Technology
▣ Ethernet◈ A LAN standard originally developed by Xerox and later
extended by a joint venture between DEC, Intel and Xerox◈ The access mechanism used in an Ethernet
• CSMA/CD
Ethernet Frame FormatEthernet Frame Format
P.5
Networking Technology
▣ CSMA/CD◈ Carrier Sense Multiple Access/Collision Detection◈ As indicated by CSMA name, the Ethernet is a multiple access
network ( a set of nodes send and receive frames over a shared link)◈ “carrier sense” in CSMA/CD means that all node can distinguish
between an idle and a busy link◈ “collision detection” means a node listens as it transmit and can
detect when a frame it is transmitting has interfered (collided) with a frame transmitted by another node
P.6
Networking Technology
▣ Token Ring◈ A LAN standard originally developed by IBM, uses a logical ring
topology◈ Access method
• The token is passed from station to station in sequence until it encounters a station with data to send
P.7
Networking Technology
▣ FDDI◈ A LAN protocol standard by ANSI and ITU-T
• American National Standard Institute • International Telecommunications Union - Telecommunication Standardization Sector
◈ Access method• Token passing• If a station receives the token earlier than the designed time, it can keep
the token and send data until the scheduled leaving time
P.8
Networking Technology
▣ Wide Area Networks (WANs)◈ Point-to-Point Protocol (PPP)◈ X.25◈ Frame Relay◈ Asynchronous Transfer Mode (ATM)
P.9
Networking Technology
▣ PPP◈ Designed to handle the transfer of data using either asynchronous
modem links or high-speed synchronous leased lines◈ PPP frame format
• Flag field• Address field• Control field• Protocol field• Data field• CRC
P.10
Networking Technology
▣ X.25◈ Used as the packet switching protocol provided for use in a WAN◈ Developed by the ITU-T in 1976◈ Defines how a packet mode terminal can be connected to a packet
network for exchange of data◈ Describes the procedures necessary for establishing connection, data
exchange, acknowledgement, flow and data control
P.11
Networking Technology
▣ X.25 hierarchy
P.12
Networking Technology
▣ Frame Relay◈ A WAN protocol designed in response to X.25 deficiencies
• Extensive error-checking and flow control◈ Each station keeps a copy of the original frame until it receives
confirmation from the next station that the frame has arrived intact• In FR, Station-to-Station checking is implemented at the data link layer• X.25 only checks for error from source to destination at the network layer
X.25 Frame Relaypacket frame
2.4Kbps – 56Kbps 9.9Kbps – E1Node to Node End to End1,2,3 Layers 1,2 Layers
Transmission UnitSubscriber speedError Processing
OSI Layer
Comparison of X.25 and Frame Relay
P.13
Networking Technology
▣ ATM◈ Designed to support the transmission of data, voice and video through
a high data-rate transmission medium such as fiber-optic cable◈ A protocol for transferring cells
• Cell (53 bytes) = Header (5 bytes) + Payload (48 bytes)
• Header = VPI (Virtual Path Identifier) + VCI (Virtual Channel Identifier)
P.14
Connecting Devices
▣ Five categories◈ Switches, repeaters, bridges, routers and gateways◈ Each of these devices excepts the first one (switches) interacts with
protocols at different layers of the OSI model
Application (L7)
Presentation (L6)
Session (L5)
Transport (L4)
Network (L3)
Data link (L2)
Physical (L1)
Gateway
Repeater
BridgeRepeater
Connecting Device
P.15
Connecting Devices
▣ Switches◈ Hardware/software device capable of creating temporary connections
between two or more devices to the switch but not to each other◈ Switching mechanism are generally classified into three method :
• Circuit switching Creates a direct physical connection between two devices such as telephones Once a connection is made between two systems, circuit switching creates a
dedicated path between two end users• Packet switching
Data are transmitted in discrete units of variable-length blocks called packets The packet are sent over the network node to node. At each node, the packet
is stored briefly before being routed according to the information on its header• Message switching
Known as the store and forwarding method
P.16
Connecting Devices
▣ Repeaters◈ An electronic device that operates on the physical layer of the OSI
model◈ Boosts the transmission signal from one segment and continues the
signal to another segment◈ Allows us to extend the physical length of a network
• A repeater receives the signal before attenuation, regenerates the original bit pattern and puts the restored copy back on to the link
repeater
P.17
Connecting Devices
▣ Bridges◈ Operate in both the physical and the data link layers of the OSI model◈ A bridge can access the physical addresses of all stations connected
to it◈ When a frame enters a bridge, the bridge not only regenerates the
signal but also checks the address of the destination and forwards the new copy to the segment to which the address belongs
Bridge
Segment 1
Segment 2
P.18
Connecting Devices
▣ Routers◈ Operate in the physical, data link and network layers of the OSI model◈ The Internet is a combination of networks connected by routers
• An IP router forwards IP datagrams among the networks to which it connects
P.19
Connecting Devices
▣ Gateways◈ Operate over the entire range in all seven layers of the OSI model◈ Internet routing devices◈ Provides translation services between incompatible LANs or
application• Protocol converter which connects two or more heterogeneous system
and translates among them
P.20
The OSI Model
▣ History◈ The design of Ethernet preceded the development of the seven-layer
OSI model◈ The Open System Interconnection (OSI) model was developed and
published in 1982 by the International Organization for Standard (ISO) as a generic model for data communication
◈ The OSI reference model specifies the seven layers of functionality• Shown in Figure 1.2
P.21
The OSI Model
▣ Physical Layer◈ Provides the interface with physical media
• Interface : mechanical connection from the device to physical medium used to transmit the digital bit stream
◈ Responsible for converting the digital data into a bit stream for transmission over the network
◈ Includes the method of connection used between the network cable and the network adapter ( )
101010101101010101……
10101010110101010101…..
P.22
The OSI Model
▣ Data link Layer◈ Represents the basic communication link that exists between
computers◈ Responsible for sending/receiving frames or packets of data without
errors◈ Manages transmission, error acknowledgement and recovery
• When a packet of data is received incorrectly, the data link layer makes system send the data again.
◈ Defined in IEEE 802.2 logical link control specifications◈ Data link control protocols
• High-level Data Link Control (HDLC)• Advanced Data Communication Control Procedures (ADCCP)• Link Access Procedure, Balanced (LAP-B)
P.23
The OSI Model
▣ Network Layer◈ Responsible for data transmission across networks◈ Handles the routing of data between computers◈ Translates logical network addressing into physical address and
manages issues such as frame fragmentation and traffic control◈ Examines the destination address and determines the link to be used
to reach that destination
◈ The Internet Protocol (IP) runs at this layer
source destination
P.24
The OSI Model
▣ Transport Layer◈ Responsible for ensuring that message are delivered error-free and in
the correct sequence◈ Splits messages into smaller segments if necessary and provides
network traffic control of messages◈ Traffic Control
• When data is received, a certain amount of processing must take place before the buffer is clear and ready to receive more data.
• In the absence of flow control, the receiver’s buffer may overflow while it is processing old data
abcdef..buffer
abcdef…
P.25
The OSI Model
▣ Session Layer◈ Controls the network connection between the computers in the
network◈ Recognizes nodes on the LAN and sets up tables of source and
destination addresses◈ Responsible for session connection(I.e. for creating, terminating and
maintaining network sessions), exception reporting, etc.
P.26
The OSI Model
▣ Presentation Layer◈ Responsible for the data format, which includes the task of hashing
the data to reduce the number of bits (hash code) that will be transferred
◈ Transfers information from the application software to the network session layer to the operating system
◈ Translates data from application layer into the format used when transmitting across network
◈ On the receiving end, this layer translates the data back into a format that the application layer can understand
P.27
The OSI Model
▣ Application Layer◈ Highest layer defined in the OSI model◈ Responsible for providing user-layer applications and network
management functions• Supporting file service, print service, remote login and e-mail
P.28
TCP/IP Model
▣ TCP/IP four layer model ◈ created with reference to the seven layer OSI model◈ Figure 1.3
OSI model(7 layers)
TCP/IP model(4 layers)
ApplicationPresentation
SessionTransportNetworkData linkPhysical
}}
}}
Application
Transport
Internet
Network Access
Internet Protocol suite
HTTP, FTP, TFTP, NFS, etc.
TCP, UDP
IP, ICMP, IGMP, ARP, RARP
Ethernet, token ring, FDDIPPP, X.25, frame relay, ATM
The TCP/IP model and Internet protocol suite
P.29
TCP/IP Model
▣ Network Access Layer◈ Contains protocols that provide access to a communication network
• Ethernet, Token Ring, FDDI, PPP, etc.◈ One function is to route data between hosts attached to the same
network
◈ Provides the device drivers that support interactions with communications hardware such as the token ring or Ethernet
Ethernet or token ring
P.30
TCP/IP Model
▣ Internet Layer◈ Provides Routing function◈ Allows data to traverse multiple networks◈ Consists of the Internet Protocol (IP) and the Internet Control
Message Protocol (ICMP)
P.31
TCP/IP Model
▣ Transport Layer◈ Delivers data between two processes in different host computers◈ Provides a logical connection between higher-level entities
• E-mail ------ E-mail |__________|
◈ Contains the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP)
P.32
TCP/IP Model
▣ Application Layer◈ Contains protocols for resource sharing and remote access◈ Represents the higher-level protocols that are used to provide a direct
interface with users or applications• FTP(File Transfer Protocol)• HTTP(Hyper-Text Transfer Protocol)• SNMP(Simple Network Management Protocol)• DNS(Domain Name Service)• SMPT(Simple Mail Transport Protocol)• POP(Post Office Protocol)• …