network administration in windows · introduction to tcp/ip • transmission control...
TRANSCRIPT
Network
Administration
in Windows
1
Outline
• Chapter I: TCP/IP Protocol
• Chapter II: Building TCP/IP Infrastructure with
Windows Server 2008
• Chapter III: Intranet Application Services:
Web, FTP and Mail
• Chapter IV: Advanced Topics: DFS, NAT,
Security,….
2
3
Chapter I
The TCP/IP Protocol
A Quick Reviews
4
Introduction To TCP/IP
• Transmission Control Protocol/Internet Protocol
(TCP/IP)
– Most commonly used network protocol suite today
– Wide vendor support
– Open protocol
– Provides access to Internet services
• Windows Server 2003/2008/2012
– Can use several protocols
– Many of its main features require the use of TCP/IP
12
The (capital “I”) Internet
▪ The world-wide network of TCP/IP
networks
▪ Different people or organisations own
different parts
▪ Different parts use different technologies
▪ Interconnections between the parts
▪ No central control or management
13
What’s the Internet
• millions of connected computing devices: hosts, end-systems
–PC’s workstations, servers
–PDA’s phones,
• communication links
–fiber, copper, radio, satellite
• routers: forward packets (chunks) of data through network
local ISP
company network
regional ISP
router
workstation server mobile
14
TCP/IP Architecture Overview
• The TCP/IP model can be broken down into four layers: – Application
– Transport
– Internet
– Physical Network Interface
• Application layer provides access to network resources. It defines rules, commands, and procedures for client to talk to a service running on a server
15
TCP/IP Architecture Overview
(continued)
• Transport layer is responsible for preparing data
ready to be transported across the network
• Internet layer is responsible for logical
addressing and routing
• Physical Network Interface layer consists of the
network card driver and the network card itself
16
TCP/IP Protocol
17
The TCP/IP Model
Network layer
PPP ATM Optics ADSL Satellite 3G Ethernet
IP
UDP TCP
HTTP FTP Telnet DNS SMTP Audio Video
RTP
Physical and Data link layer
Application layer
Transport layer
18
Layer Interaction:
TCP/IP Model
Host Router Host
Application
TCP or UDP
IP
Link
Physical
IP
Link Link
IP
Link Link
Application
TCP or UDP
IP
Link
Physical Physical
Router
23
A Flow of Application messages across
TCP/IP layers
Messages (UDP) or Streams
(TCP)
Application
Transport
Interne
t
UDP or TCP segment
IP Packets
Network-specific frames
Messag
e Layers
Underlying network
Physical Network interface
24
Encapsulation of a message transmitted
via TCP over an Ethernet
Application message
TCP
header
IP
header
Ethernet header
Ethernet
frame
port
TCP
IP
Segment
Packet
25
Layering: physical communication
application
transport
network
link
physical
application
transport
network
link
physical application
transport
network
link
physical
application
transport
network
link
physical
network
link
physical
data
data
26
Application Layer Protocols • There are many Application layer protocols,
each of which is associated with a client application and service provided by a server (Client/Server Model)
– HTTP
– FTP
– TELNET
– SMTP
– POP3
– IMAP4
27
Application Model
28
HTTP
• Hypertext Transfer Protocol (HTTP) is the most common protocol used on the Internet today
• HTTP defines the commands that Web browsers can send and how Web servers are capable of responding
FTP
• File Transfer Protocol (FTP) is file-sharing protocol
• FTP is implemented in stand-alone FTP clients as well as in Web browsers
• It is safe to say that most FTP users today are using Web browsers
Application Layer Protocols
29
Application Layer Protocols
TELNET
• Telnet is a terminal emulation protocol that is primarily used to connect remotely to UNIX and Linux Systems
• The Telnet protocol specifies how a telnet server and telnet client communicate
30
SMTP
• Simple Mail Transfer Protocol (SMTP) is used to send
and receive e-mail messages between e-mail servers
that are communicating
• It is used by e-mail client software, such as Outlook
Express, to send messages to the server
• SMTP is never used to retrieve e-mail from a server
when you are reading it
• Other protocols control the reading of e-mail messages
Application Layer Protocols
31
POP3
• Post Office Protocol version 3 (POP3) is the most common protocol used for reading e-mail messages
• This protocol has commands to download messages and delete messages from the mail server
• POP3 does not support sending messages
• POP3 supports only a single inbox and does not support multiple folders for storage on the server
Application Layer Protocols
32
IMAP4
• Internet Message Access Protocol version 4
(IMAP4) is another common protocol used to
read e-mail messages
• IMAP4 can download message headers only and
allow you to choose which messages to
download
• IMAP4 allows for multiple folders on the server
side to store messages
Application Layer Protocols
33
Transport Layer Protocols
• Transport layer protocols (TCP & UDP) are responsible for getting data ready to move across the network
• The most common task performed by Transport layer protocols is breaking entire messages down into segments suitable to form packets
• Transport layer protocols use port numbers
• When a segment is addressed to a particular port, the Transport layer protocol knows to which service to deliver the packet
34
TCP • Transmission Control Protocol (TCP) is the most
commonly used Transport layer protocol for most
Internet services
• TCP is connection-oriented and reliable
• Connection-oriented means that TCP creates and
verifies a connection with a remote host before
sending information
• Verifies that the remote host exists and is willing to
communicate before starting the conversation
• Provides flow control, segmentation, and error
control
35
TCP
• Connection-oriented – Establishes a connection before transmitting data
– Three-way handshake
SYN
SYN/ACK
ACK
36
TCP • Error control & Flow control
– Require acknowledgements from receiver to ensure data was received correctly
– Checksum • Unique character string allowing receiving node to
determine if arriving data unit exactly matches data unit sent by source
• Ensures data integrity
Send data, wait for ACK
ACK
Send more data, wait for ACK
37
• Segmentation – Breaking large data units received from Application layer into
multiple smaller units called segments
– Increases data transmission efficiency
– MTU (maximum transmission unit): Largest data unit network
will carry (Ethernet default: 1500 bytes)
• Sequencing – Method of identifying segments belonging to the same
group of subdivided data
• Reassembly – Process of reconstructing segmented data units
TCP
38
Transport Layer (cont’d.)
Figure 2-2 Segmentation and reassembly
39
1 2 3 4 5 6 7 8 9 10 11 User Data
1 Source ID or port 16 bits
2 Destination ID or port 16 bits
3 Sequence number 32 bits
4 ACK number 32 bits
5 Header length 4 bits
6 Unused 6 bits
7 Flags 6 bits
8 Flow control 16 bits
9 CRC 16 16 bits
10 Urgent pointer 16 bits
11 Options 16 bits
TCP Segment
40
UDP
• User Datagram Protocol (UDP)
– Not as commonly used as TCP
– Used for different services
– Connectionless and unreliable
• UDP is the appropriate if
– Unconcerned about missing packets
– Want to implement reliability in a special way
• Streaming audio and video are in this category
41
UDP – Segment
1 2 3 4 User Data
1 Source ID or port
2 Destination ID or port
3 Length
4 Checksum
42
TCP versus UDP
• TCP is connection-oriented and reliable
– Like registered mail
• UDP is connectionless and unreliable
– Like sending a message split on several
postcards and assuming that the receiver
will be able to put the message together
43
Sockets and Ports
44
Sockets and Ports • Processes assigned unique port numbers
• Process’s socket – Port number plus host machine’s IP address
• Port numbers – Simplify TCP/IP communications
– Ensures data transmitted correctly to the specific application among multiple applications running on same host
• Example – Telnet port number: 23
– IPv4 host address: 10.43.3.87
– Socket address: 10.43.3.87:23
45
Sockets and Ports (cont’d.)
Figure 4-12 A virtual connection for the Telnet service
46
Sockets and Ports (cont’d.) • Port number range: 0 to 65535
• Three types
– Well Known Ports
• Range: 0 to 1023
• Operating system or administrator use
– Registered Ports
• Range: 1024 to 49151
• Network users, processes with no special privileges
– Dynamic and/or Private Ports
• Range: 49152 through 65535
• No restrictions
47
Sockets and Ports (cont’d.)
Table 4-3 Commonly used TCP/IP port numbers
48
Internet Layer Protocols
• Internet layer protocols are responsible for all tasks related to logical addressing
• An IP address is a logical address
• Any protocol that is aware of other networks exists at this layer
• Each Internet layer protocol is very specialized
• They include: IP, RIP and OSPF, ICMP, IGMP, and ARP
49
IP
• Internet Protocol (IP) is responsible for the logical
addressing of each packet created by the Transport
layer to produce a complete IP Packet
• As each packet is built, IP adds the source and
destination IP address to the IP packet
ICMP
• Internet Control Messaging Protocol (ICMP) is used
to send IP error and control messages between
routers and hosts
• The most common use of ICMP is the ping utility
Internet Layer Protocols
50
IP Packet version 4
1 Version number 4 bits
2 Header length 4 bits
3 Type of Service 8 bits
4 Total length 16 bits
5 Identifiers 16 bits
6 Flags 3 bits
7 Packet offset 13 bits
8 Hop limit 8 bits
9 Protocol 8 bits
10 CRC 16 16 bits
11 Source address 32 bits
12 Destination Address 32 bits
13 Options varies
14 User data varies
1 2 3 4 5 6 7 8 9 10 11
IP4
12 13 14
51
IGMP
• Internet Group Management Protocol (IGMP) is used
for the management of multicast groups
• Hosts use IGMP to inform routers of their
membership in multicast groups
• Routers use IGMP to announce that their networks
have members in particular multicast groups
• The use of IGMP allows multicast packets to be
distributed only to routers that have interested hosts
connected
Internet Layer Protocols
52
ARP
• Address Resolution Protocol (ARP) is used to
convert logical IP addresses to physical MAC
addresses
• This is an essential part of the packet delivery
process
Internet Layer Protocols
53
Network Interface Layer
Protocols
• Most of the common Network Interface layer
protocols are defined by the Institute of Electrical
and Electronics Engineers (IEEE)
54
Types of addresses used on hosts
Address Example Software Example Address
Application Layer Web browser www.cba.uga.edu
Transport Layer TCP 80
Network Layer IP 128.192.98.5
Data Link Layer Ethernet Driver 00-0C-00-F5-03-5A
55
• Internet Protocol (IP):
– a protocol used in the internet layer.
– IP makes use of the existing networks to deliver information, where these networks may use a variety of protocols.
• Each computer has two addresses:
– hardware address: used by the underlying network protocol for deliver data frame;
– IP address: used by the internetworking protocols for deliver IP Packet.
• Hardware address is also known as physical address.
IP Addresses
56
IP Addressing Scheme • Each computer / router is assigned a unique IP address
having 32 bits.
• Each IP address has two parts:
– The prefix (network ID or NetID) specifies the network to which the computer is attached.
– The suffix (HostID) specifies a particular computer on a network.
• Problem
– Given only 32 bits, how many bits should be allocated to the prefix and the suffix?
• around 4 billion addresses.
IP Addresses
57
IP Addressing Scheme • Considerations
– If the prefix has many bits (large prefix, small
suffix), there are many networks you can built but
each network can only have a few computers.
– If the prefix has a few bits (small prefix, large
suffix), there are only few networks you can built
but each network can have many computers.
IP Addresses
58
Subnet Masks
• A subnet mask defines which part of its IP address is the network ID and which part is the host ID
• Subnet masks are composed of four octets just like an IP address
• Wherever there is a 255 in the subnet mask, that octet is part of the network ID
• Wherever there is a 0 in the subnet mask, that octet is part of the host ID
59
Subnet Masks (continued) • A computer uses its subnet mask to determine
– Which network it is on
– Whether other computers are on the same
network or a different network
• If two computers on the same network are
communicating, then they can deliver packets
directly to each other
• If two computers are on different networks,
they must use a router to communicate
60
Subnet Masks (continued)
61
• The IP addressing scheme defines three primary classes (A,B,C), where each class has a distinct prefix/suffix size, and two reserved classes (D&E).
• The internet can accommodate large networks, medium networks, and small networks.
• Classes A, B, C are the primary classes. The IP addresses of computers and routers belong to these classes.
• Class D is used for multicasting. When a packet is sent to an IP multicast address, all the computers sharing this address will receive this packet.
• Class E addresses are considered experimental and are not used
IP Address Classes
62
The Classful Addressing Scheme
63
• The first decimal value defines the
class of the IP address as follows:
64
IP Address Classes & Default
Subnet Masks
65
• In each primary class, the number of networks
and the number of computers per network are as
follows:
• Each packet sent across the internet contains:
– the IP address of the source, and
– the IP address of the destination.
66
• Dotted Decimal Notation – Commonly we use the dotted decimal notation to
represent the 32-bit IP address.
• more convenient for human to manipulate
– Each octet (8-bit) is expressed as a decimal value, and adjacent decimal values are separated by a dot.
– Example:
67
• Loopback address
– 127.x.x.x
– intended for use in testing TCP/IP and for inter-process communication on the local computer
• Other special value of primary classes:
68
Assigning Public IP Addresses • Assigning Prefix Address
– Each network must have a unique prefix address throughout
an internet.
– To connect a network to the global internet, an organization
obtains a unique prefix address from the Internet Service
Provider (ISP).
– In turn, the ISP coordinates with a central organization (the
Internet Assigned Number Authority (IANA, on or before
1998); the Internet Corporation for Assigned Names and
Numbers (ICANN, after 1998)) to ensure the uniqueness of
the prefix.
– To connect a network to a private internet (Intranet), the
organization can determine the prefix while ensuring its
uniqueness.
69
Assigning IP Addresses • Assigning Suffix Address
– Each computer must have a unique suffix address in the same network; while two computers in two different networks can have identical suffix address or HostID.
– If the suffix is 00…0 or 11…1, the corresponding IP addresses have special meaning. Do not assign these suffixes.
• An IP address with suffix equal to 00…0 is used to refer to the network itself.
• An IP address with suffix equal to 11…1 is a directed broadcast address, i.e., it refers to all hosts on the network.
70
• Example
– An organization wants to form a private TCP/IP
internet with four networks, where one network is large
(with many computers), two are medium, and one is
small.
– Firstly, assign a unique prefix to each network:
• Assign a class A prefix for the large network (say, 10).
• Assign a class B prefix for each of the two medium networks
(say, 128.10 and 128.11).
• Assign a class C prefix for the small network (say, 192.5.48).
– Secondly, assign a unique suffix to each computer
within each network:
71
72
Private IP Addresses
• You can use these addresses on any private LAN.
• You CANNOT use them on the internet. • Internet routers will block them.
73
Default Gateway
• Default gateway is another term for router
• If a computer does not know how to deliver a
packet, it gives the packet to the default
gateway to deliver
• Routers can distinguish multiple networks and
how to move packets between them
• Routers can also figure out the best path to
use to move a packet between different
networks
74
Classful IP Address
▪ A classful network had a “natural” or “implied”
prefix length or netmask: ▪ Class A: prefix length /8 (netmask 255.0.0.0)
▪ Class B: prefix length /16 (netmask 255.255.0.0)
▪ Class C: prefix length /24 (netmask 255.255.255.0)
▪ Modern (classless) routing systems have explicit
prefix lengths or netmasks
▪ You can't just look at an IP address to tell what the prefix
length or netmask should be. Protocols and
configurations need explicit netmask or prefix length.
75
Classless addressing
▪ Internet routing and address management
today is classless
▪ CIDR = Classless Inter-Domain Routing
▪ routing does not assume that class A, B, C
implies prefix length /8, /16, /24
▪ An ISP gets a large block of addresses
▪ e.g., a /16 prefix, or 65536 separate addresses
76
Classless addressing
• Allocate smaller blocks to customers
– e.g., a /26 prefix (64 addresses) to 4 customers
for their medium public networks, a /28 prefix (16
addresses) to 32 customers for their medium
public networks, and a /29 prefix (8 addresses) to
another 64 customers for their small public
networks (and some space left over for other
customers)
77
Binary presentation of Classless IP
▪ 137.158.128.0/17 (netmask 255.255.128.0)
▪ 198.134.0.0/16 (netmask 255.255.0.0)
▪ 205.37.193.128/26 (netmask 255.255.255.192)
1000 1001 1001 1110 1 000 0000 0000 0000
1111 1111 1111 1111 1 000 0000 0000 0000
1100 0110 1000 0110 0000 0000 0000 0000
1111 1111 1111 1111 0000 0000 0000 0000
1100 1101 0010 0101 1100 0001 10 00 0000
1111 1111 1111 1111 1111 1111 11 00 0000
78
Classless addressing exercise
• Consider the address block 133.27.162.0/28
and 133.27.163.48/29.
▪ What are the IP addresses range can you
obtain from each block?
▪ in prefix length notation
▪ netmasks in decimal
▪ IP address ranges
▪ What blocks are still available (not yet
allocated)?