Difference between revisions of "Networking concepts"

From Gender and Tech Resources

m (TCP/IP ports and addresses)
m (TCP/IP ports and addresses)
Line 26: Line 26:
 
== TCP/IP ports and addresses ==
 
== TCP/IP ports and addresses ==
  
* The part of the network that does the job of transporting and managing the data across the network is called ''TCP/IP'' which stands for ''Transmission Control Protocol (TCP)'' and ''Internet Protocol (IP)''.
+
* The part of the network that does the job of transporting and managing the data across the "normal" internet is called ''TCP/IP'' which stands for ''Transmission Control Protocol (TCP)'' and ''Internet Protocol (IP)''.
 
* The IP layer requires a 4 (''IPv4'') or 6 (''IPv6'') byte address to be assigned to each network interface card on each computer. This can be done automatically using network software such as ''Dynamic Host Configuration Protocol (DHCP)'' or by ''manually entering static addresses''.  
 
* The IP layer requires a 4 (''IPv4'') or 6 (''IPv6'') byte address to be assigned to each network interface card on each computer. This can be done automatically using network software such as ''Dynamic Host Configuration Protocol (DHCP)'' or by ''manually entering static addresses''.  
 
* The TCP layer requires what is called a ''port number'' to be assigned to each message. This way it can determine the type of service being provided. These are not ports that are used for serial and parallel devices or for computer hardware control, but reference numbers used to define a service (RFC6335).
 
* The TCP layer requires what is called a ''port number'' to be assigned to each message. This way it can determine the type of service being provided. These are not ports that are used for serial and parallel devices or for computer hardware control, but reference numbers used to define a service (RFC6335).
 
* Addresses are used to locate computers, almost like a house address.
 
* Addresses are used to locate computers, almost like a house address.
 +
* Each IP address is denoted by what is called ''dotted decimal notation''. This means there are four numbers, each separated by a dot. Each number represents a one byte value with a possible range of 0-255.
 +
* Until the introduction of ''Classless Inter-Domain Routing (CIDR)'' in 1993 to slow the growth of routing tables on routers across the internet, and to help slow the rapid exhaustion of IPv4 addresses, ''classful networks'' were used. You can still find it in tutorials, some networks, and in archeological artifacts such as ''default subnet mask''. In classful adresses, the first one or two bytes (depending on the class of network), generally will indicate the number of the network, the third byte indicates the number of the subnet, and the fourth number indicates the host number.
 +
 +
{|
 +
|-
 +
! Mask !! # of subnets !! SlashFmt !! Class A hosts          !! Class A mask !! Class B hosts    !! Class B mask !! Class C hosts          !! Class C mask !! Class C sub hosts    !! Class C sub mask
 +
|-
 +
| 255 || 1 or 256 || /32 || 16,777,214 || 255.0.0.0 || 65,534 || 255.255.0.0 || 254 || 255.255.255.0 || Invalid, 1 address || 255.255.255.255
 +
|-
 +
| 254 || 128 || /31 || 33,554,430 || 254.0.0.0 || 131,070 || 255.254.0.0 || 510 || 255.255.254.0 || Invalid, 2 addresses || 255.255.255.254
 +
|-
 +
| 252 || 64 || /30 || 67,108,862 || 252.0.0.0 || 262,142 || 255.252.0.0 || 1,022 || 255.255.252.0 || 2 hosts, 4 addresses || 255.255.255.252
 +
|-
 +
| 248 || 32 || /29 || 134,217,726 || 248.0.0.0 || 524,286 || 255.248.0.0 || 2,046 || 255.255.248.0 || 6 hosts, 8 addresses || 255.255.255.248
 +
|-
 +
| 240 || 16 || /28 || 268,435,454 || 240.0.0.0 || 1,048,574 || 255.240.0.0 || 4,094 || 255.255.240.0 || 14 hosts, 16 addresses || 255.255.255.240
 +
|-
 +
| 224 || 8 || /27 || 536,870,910 || 224.0.0.0 || 2,097,150 || 255.224.0.0 || 8,190 || 255.255.224.0 || 30 hosts, 32 addresses || 255.255.255.224
 +
|-
 +
| 192 || 4 || /26 || 1,073,741,822 || 192.0.0.0 || 4,194,302 || 255.192.0.0 || 16,382 || 255.255.192.0 || 62 hosts, 64 addresses || 255.255.255.192
 +
|-
 +
| 128 || 2 || /25 || 2,147,483,646 || 128.0.0.0 || 8,388,606 || 255.128.0.0 || 32,766 || 255.255.128.0 || 126 hosts, 128 addresses || 255.255.255.128
 +
|}
  
 
== Network protocol levels ==
 
== Network protocol levels ==

Revision as of 17:11, 29 July 2015

bla

Network topology

A network consists of multiple digital devices connected using some type of interface, each having one or more interface devices such as a Network Interface Card (NIC) and/or a serial device for PPP networking. Each digital device is supported by network software that provides server and/or client functionality.

We can make distinctions in type according to centralisation vs distribution:

  • In a server based network, some devices are set up to be primary providers of services. These devices are called servers and the devices that request and use the service are called clients.
  • In a peer-to-peer network, various devices on the network can act both as clients and servers. Like a network of switchers. :D

The network topology describes the method used to do the physical wiring of the network. The main ones are:

  • Bus networks (not to be confused with the system bus of a computer) use a common backbone to connect all devices. Both ends of the network must be terminated with a terminator. A barrel connector can be used to extend it. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. Bus networks are limited in the number of devices it can serve due to the broadcast traffic it generates.
  • Ring networks connecting from one to another in a ring. Every device has exactly two neighbors. A data token is used to grant permission for each computer to communicate. All messages travel through a ring in the same direction, either "clockwise" or "counterclockwise". A failure in any cable or device breaks the loop and can take down the entire network, so there are also rings that have doubled up on networking hardware and information travels both "clockwise" and "counterclockwise".
  • Star networks using a central connection point called a "hub node", a network hub, switch or router, that controls the network communications. Most home networks are of this type. Star networks are limited in number of hub connection points.
  • Tree networks join multiple star topologies together onto a bus. In its simplest form, only hub devices connect directly to the tree bus, and each hub functions as the root of a tree of devices.
  • Mesh networks use routes. Unlike the previous topologies, messages sent on a mesh network can take any of several possible paths from source to destination. Most prominent example is the internet.

Hardware connections

  • A Network Interface Card (NIC) is a hardware device that allows a computer to connect to a network.
  • Each network interface card (NIC) has a built in hardware address programmed by its manufacturer. This is a 48 bit address and should be unique for each card. This address is called a media access control (MAC) address.
  • You can connect two digital devices (computers) together with a cross-over cable between their network cards, not a straight network jumper cable (otherwise the transmit port would be sending to the transmit port on the other side).
  • A network hub is a hardware device to connect network devices together. The devices will all be on the same network and/or subnet. All network traffic is shared and can be sniffed by any other node connected to the same hub.
  • Uplink does not have a crossover connection and is designed to fit into a crossover connection on the next hub. This way you can keep linking hubs to put more computers on a network. Because each hub introduces some delay onto the network signals, there is a limit to the number of hubs you can sequentially link. Also the computers that are connected to the two hubs are on the same network and can talk to each other. All network traffic including all broadcasts is passed through the hubs.
  • A network switch is like a hub but creates a private link between any two connected nodes when a network connection is established. This reduces the amount of network collisions and thus improves speed. Broadcast messages are still sent to all nodes.
  • If you have a machine (device, computer) with two network cards, eth0, connected to an outbound hub, and eth1, connected to another hub that only connects to local machines, and it is not configured as router or bridge, the two networks are considered separated. If no other machines on the network that the eth0 card is connected to, is an outbound device, all devices in that network are dependent.

TCP/IP ports and addresses

  • The part of the network that does the job of transporting and managing the data across the "normal" internet is called TCP/IP which stands for Transmission Control Protocol (TCP) and Internet Protocol (IP).
  • The IP layer requires a 4 (IPv4) or 6 (IPv6) byte address to be assigned to each network interface card on each computer. This can be done automatically using network software such as Dynamic Host Configuration Protocol (DHCP) or by manually entering static addresses.
  • The TCP layer requires what is called a port number to be assigned to each message. This way it can determine the type of service being provided. These are not ports that are used for serial and parallel devices or for computer hardware control, but reference numbers used to define a service (RFC6335).
  • Addresses are used to locate computers, almost like a house address.
  • Each IP address is denoted by what is called dotted decimal notation. This means there are four numbers, each separated by a dot. Each number represents a one byte value with a possible range of 0-255.
  • Until the introduction of Classless Inter-Domain Routing (CIDR) in 1993 to slow the growth of routing tables on routers across the internet, and to help slow the rapid exhaustion of IPv4 addresses, classful networks were used. You can still find it in tutorials, some networks, and in archeological artifacts such as default subnet mask. In classful adresses, the first one or two bytes (depending on the class of network), generally will indicate the number of the network, the third byte indicates the number of the subnet, and the fourth number indicates the host number.
Mask # of subnets SlashFmt Class A hosts Class A mask Class B hosts Class B mask Class C hosts Class C mask Class C sub hosts Class C sub mask
255 1 or 256 /32 16,777,214 255.0.0.0 65,534 255.255.0.0 254 255.255.255.0 Invalid, 1 address 255.255.255.255
254 128 /31 33,554,430 254.0.0.0 131,070 255.254.0.0 510 255.255.254.0 Invalid, 2 addresses 255.255.255.254
252 64 /30 67,108,862 252.0.0.0 262,142 255.252.0.0 1,022 255.255.252.0 2 hosts, 4 addresses 255.255.255.252
248 32 /29 134,217,726 248.0.0.0 524,286 255.248.0.0 2,046 255.255.248.0 6 hosts, 8 addresses 255.255.255.248
240 16 /28 268,435,454 240.0.0.0 1,048,574 255.240.0.0 4,094 255.255.240.0 14 hosts, 16 addresses 255.255.255.240
224 8 /27 536,870,910 224.0.0.0 2,097,150 255.224.0.0 8,190 255.255.224.0 30 hosts, 32 addresses 255.255.255.224
192 4 /26 1,073,741,822 192.0.0.0 4,194,302 255.192.0.0 16,382 255.255.192.0 62 hosts, 64 addresses 255.255.255.192
128 2 /25 2,147,483,646 128.0.0.0 8,388,606 255.128.0.0 32,766 255.255.128.0 126 hosts, 128 addresses 255.255.255.128

Network protocol levels

Data link layer

Network protocol categories

Repeaters, bridges, routers

ARP and RARP address translation

Basic addressing

  • An IP Address is a logical numeric address that is assigned to every single computer, printer, switch, router or any other device that is part of a TCP/IP-based network.
  • Most of the Internet servers and personal computers use Internet Protocol version 4 (IPv4). This uses 32 bits to assign a network address as defined by the four octets of an IP address, up to 255.255.255.255. Each octet is converted to a decimal number (base 10) from 0–255 and separated by a period (a dot). This format is called dotted decimal notation. For example, the IPv4 address of 11000000101010000000001100011000 is:
    • Segmented into 8-bit blocks: 11000000 10101000 00000011 00011000.
    • Each block is converted to decimal: 192 168 3 24
    • The adjacent octets are separated by a period: 192.168.3.24.
  • Internet Protocol version 6 (IPv6) was designed to answer the future exhaustion of the IPv4 address pool. IPv4 address space is 32 bits which translates to just above 4 billion addresses. IPv6 address space is 128 bits translating to billions and billions of potential addresses. The protocol has also been upgraded to include new quality of service features and security, but also has its vulnerabilities [1] [2]. IPv6 addresses are represented as eight groups of four hexadecimal digits with the groups being separated by colons, for example 2805:F298:0004:0148:0000:0000:0740:F5E9, but methods to abbreviate this full notation exist http://www.vorteg.info/ipv6-abbreviation-rules/.

IP (network)

TCP (transport)

UDP (transport)

ICMP

  1. Routing Loop Attack using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations http://tools.ietf.org/html/draft-ietf-v6ops-tunnel-loops-07
  2. When moving to IPv6, beware the risks http://gcn.com/articles/2013/03/20/risks-moving-to-ipv6.aspx