Embed Size (px)
Citation preview
Networking 101
An Introduction to Networking
Roger Connell
Innova Solutions
Overview
• IP• TCP• Private Address Ranges• Small Office Network• TCP/IP Tools• Symbolic Name Translation• Windows Resource Sharing• Routers and Firewalls• Analysers
IP
• Datagram– Send it let it rattle around to its destination– If it takes too long throw it away– Address Format (V4)
• 192.168.0.188 4 Octets
• Sits on top of a Data Link Protocol– Ethernet
• MAC Address Allocated by Card Manufacturer– https://wwwcoms.murdoch.edu.au/macaddress.html
– But could be• IEEE 802-2, Token Ring, FDDI, SMDS,SDLC, LAPB, etc.
IP V4 Packet Format
Version HeaderLength
Type ofService Total Length
Identification Fragment Info
Time to Live Protocol Header Checksum
Source Address
Destination Address
Multiple 32 bit words of “Options”
Data
IP Address Aspects• The IP Address applies to a connection not a host• “Networks” and Subnets
– Conceptual Class A,B,C– Actual implementation is Subnets
• Defined by Subnet Mask 255.255.255.0 – 255.255.255.128 or 255.255.255.192?
• Works with IP Address– 192.168.26.34– Broadcast all 1’s in subnet 192.168.26.63?– The Network Address is all 0’s used in routing tables (192.168.26.192)
• Network Address Translation– Original concept every connection owns an IP address
• Not enough addresses in IP4– IP6 was solution but– NAT has solved the problem
– Local Network uses a range of Private IP Addresses• ISP allocates one Global IP Address for each WAN connection• NAT used to Translate Address from Local to Global• http://en.wikipedia.org/wiki/Private_network
??
Private IP Address• Private IP Address Ranges
– 10.0.0.0 to 10.255.255.255– 172.16.0.0 to 172.31.255.255– 192.168.0.0 to 192.168.255.255
• Gateway provides Address Translation (and other fire wall services)– Typically the ADSL modem or router or Gateway Computer (for dial up)– Typical gateway uses .1 or .254 of subnet– ISP provides global (WAN) IP address
• either dynamically or fixed• From the WAN all calls are to and from the WAN IP address
– For outgoing calls NAT maintains a cross reference table• Special rules for some protocols supported by “good” firewalls
– Eg. FTP Data Channel
– Incoming calls must have handling rules (Port forwarding)• Private IP address ranges not supported in the WAN
– Protects your computers from outside attacks• Loopback Address
– Localhost, lo or lo0 >> 127.0.0.1
Small Office Network• Choose a Private Network Range• Allocation Method
– Auto Requires a DCHP server• Generally supplied with router
– Provides an IP address, Mask, Gateway and DNS details– You need to set auto allocate range to not conflict with manual Allocations
• Address may change so servers and shares need to use Windows Host names– Manual Allocation
• You need to have a plan and configure details otherwise supplied by DHCP• Servers and Shares can be referred to by IP address and avoid Windows drop outs
– Or distributed using Hosts and LMHosts
– Suggestion • Auto for Laptops and Manual for servers and shares.
Internet IntraNet192.168.3.0
NAT
DHCP
215.56.89.234192.168.3.254
192.168.3.101
192.168.3.100
Changing IP Properties• Control Panel>>Network Connections
– Select the connection to change• Select Properties and on the General Tag
– Select Internet Protocol and press Properties
NB. The Link Layer Configuration is at the top of the Connection Properties Dialog
TCP and UDP• UDP and TCP Add a Port Number
– Destination Port No is the “application” or “service” address on the host• Applications/services register to listen for incoming data on the defined port• IANA port numbers: http://www.iana.org/assignments/port-numbers • 0 to 1023 Well Known ports managed by IANA• 1024 to 49151 Registered by IANA as a convenience• 49152 to 65535 Dynamic (used for source address) • C:\WINDOWS\system32\drivers\etc\services
– Source Port number used with IP addresses and destination port number to create a unique identifier for the connection.
– Source port number incremented at each use• UDP – User Datagram Protocol
– really only IP with port number and optional checksum– source port optional
• TCP Transport Connection Protocol– Provides a reliable stream connection– Requests retransmission of lost or corrupted data and reassembles the original
order.
TCP/IP
IP
TCP
TCP PDU Format
Source Port Destination Port
Protocol Header Checksum
Sequence Number
Acknowledgement Number
Multiple 32 bit words of “Options”
Data
Window
Checksum (Hdr + Data) Urgent Pointer
IP Header
HeaderLength Code BitsReserved
TCP IP Tools• Ping
– ping [-t] [-a] [-n Count] [-l Size] [-f] [-i TTL] [-v TOS] [-r Count] [-s Count] [{-j HostList | -k HostList}] [-w Timeout] [TargetName]
• IPConfig– ipconfig [/all] [/renew [Adapter]] [/release [Adapter]] [/flushdns]
[/displaydns] [/registerdns] [/showclassid Adapter] [/setclassid Adapter [ClassID]]
– http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ipconfig.mspx?mfr=true
• TraceRt– tracert [-d] [-h MaximumHops] [-j HostList] [-w Timeout] [TargetName]
• NsLookup– nslookup [-SubCommand ...] [{ComputerToFind| [-Server]}
• Others– NetStat,
Meaningful Names
• All packets are directed by IP address but that has no “meaning”– Symbolic Name– Directory Services
• Name Servers translate a symbolic name to an IP address
• Two main participants– Domain Name Server (DNS)– Netbios name service (NBNS)
• Windows Internet Name Service (WINS)
Domain Name Server• DNS uses a distributed database protocol to delegate control of domain
name hierarchies among zones, each managed by a group of name servers.
– Manual Configuration but distributed– Resolution starts from global root nameservers
• Logically only 13 root nameservers• Physically more using anycast• Each holds delegations for all Top Level Domains
– .com, .edu, .org, .au, .uk, .at, .nz ………
• Locally configured by ISPs etc.– Records delegating sub domains– Records give IP address for servers part of this domain
• Local DNS resolve any unknown name on request– Having resolved an address a DNS server caches it for a time to live parameter– There are now services which will allow handling of dynamic IP addresses
• Presumably via very short time to live values• www.dyndns.org
WINS and Netbios• Windows Name Resolution
– Is Dynamic• Local broadcast• Windows Internet Name Server• LMHosts file
– Mode Determines order of look up• b (broadcast), p (peer), m (mixed), h (hybrid)
– Name Cache– Additional functions resolve services available
• Host Files– \%SystemRoot%\System32\drivers\etc\LMHost - For Lookups? – \%SystemRoot%\System32\drivers\etc\Host - For IP Tools Ping, NetStat, …. Why???
• Flat – Name must be unique– Group (Work Group) just for presentation (I think?)
• Broadcast may be blocked by IP Routers– Who has TheDomainIWant– Register name by broadcast
• Disappearing Hosts– Attempting to use a host when it is not available sometimes flushes the cache?– Firewalls can block broadcasts– Radio connections seem to drop the stack while changing log in– Using the Network wizard will reconfigure a host name
• It does not default to existing– Limited number of connections available in XP
• Hosts in excess cannot see services
Wins Setup
WINS and DNS
• WINS– Resolves NetBios IP Addresses– Flat and Dynamic Structure– Supports DHCP
• DNS– Resolves hostnames to IP Address – Hierarchical and static structure– Supports TCP/IP applications that require more
information than hostnames and IP addresses.– DHCP Dynamic update is possible with Windows NT
Server 5 and higher
Finding Workgroup Computers• My Computer >
– My Network Places• Should show all shares on network
– View Work Group Computers• Should show all computers in the workgroup
– View Entire Network• Seems a little convoluted and hit and miss to me.
Mapping a Drive• By Mapping a drive you get a drive indicator in “My computer”• Can map to IP address and browse
– Browse shows all “Shares” which are network enabled.
• My Computer>> Tools >> Map Network Drive
Network Enable a Directory• My Computer
– Directory – Properties
• Sharing
• Share Folder on the Network– Share Name– Set writeable
• Share Limit
– XPHome 5 Resources– XPPro 10 Resources
• http://support.microsoft.com/kb/328459
• Notes•For Windows XP Professional-based computers, the maximum number of concurrent network connections that are allowed is 10. This limit includes all transfer and all resource share protocols. For Windows XP Home Edition-based computers, the maximum number of concurrent network connections that are allowed is 5. This limit is the number of sessions that can be hosted at the same time from other computers. Therefore, we cannot use the administrative tool usage to connect to the system from a remote computer.
Router Configuration
• Router establishes your trusted boundary– ADSL Modem/Router– Router connecting to WAN
• Functions– NAT
• Router determines private network used– Firewall
• Port forwarding• Response to WAN Ping, Echo, etc• WAN Configuration (NO NO NO)• Virtual Private Network Support
– DHCP• For dynamic IP addresses
Router Firewall
• The trusted boundary– Preferably running no other stuff that can
expose it
Internet IntraNet
Block all RequestsThat are not “Expected”
Allow calls based onPermissions
For me unrestricted
Corporates often restrict to only authenticated proxies
DMZHost
Basic Setup• ADSL Password• WAN IP Address
– Dynamic IP Address from WAN or Fixed IP address
• LAN IP Address and Mask
Router DHCP Setup
• Starting IP Address• Lease Time
Wireless Setup
• Security Mode – Must have• MAC Address Filtering
Port Forwarding• Enable some applications on the LAN servers to accept WAN traffic
– Zebedee Tunnel– Secure Database– Traffic is addressed to the IP address of the router WAN Connection
• Demilitarized Zone Host implies all (other?) ports– Should be seen as being outside the firewall
• If it is compromised it should not be able to attack LAN computers– Seems not the case with this router
Remote Admin
• NO Way• If you need to support remotely use a VPN or a Tunnel
(Zebedee) via a LAN server to the LAN address.– You may turn on remote support via this means before editing the
box configuration
Internet
Virtual Private Network• Enables operation of a distributed private
network using encrypted tunnels– May need to use same model router– Different Address Spaces
215.56.89.234
192.168.3.101
192.168.3.100
IntraNet 1192.168.3.0
IntraNet 2192.168.4.0
124.65.93.178
192.168.4.1
192.168.4.100
192.168.3.1
Network Analyser
• Gives a view of data on the wire– Ethereal
• The latest version of Ethereal can be found at
• http://www.ethereal.com.
Analyser Filters• Follow A Stream
– 4033 to 80 Tools >> Follow TCP Stream
References
• An Internet Encyclopedia http://www.freesoft.org/CIE/index.htm
• Port Numbers http://www.iana.org/assignments/port-numbers
• Private Networks http://en.wikipedia.org/wiki/Private_network
• Linux Implementation http://us3.samba.org/samba/docs/using_samba/ch01.html
• Windows Netbios parameters in Registry http://asksomeone.net/tcpxp.html
• Windows NT TCP/IP by Karanjit s Siyan• Data Communications, Computer Networks and Open
Systems by Fred Halsall
