(i)What Is DNS?
In this section
Domain Name System (DNS) is one of the industry-standard suite of protocols that
comprise TCP/IP. Microsoft Windows Server 2003. DNS is implemented using two
software components: the DNS server and the DNS client (or resolver). Both components
are run as background service applications.
Network resources are identified by numeric IP addresses, but these IP addresses are
difficult for network users to remember. The DNS database contains records that map
user-friendly alphanumeric names for network resources to the IP address used by those
resources for communication. In this way, DNS acts as a mnemonic device, making
network resources easier to remember for network users.
The Windows Server 2003 DNS Server and Client services use the DNS protocol that is
included in the TCP/IP protocol suite. DNS is part of the application layer of the TCP/IP
reference model.
(ii)Name resolution in computer languages
Expressions in computer languages can contain identifiers. The semantics of such
expressions depend on the entities that the identifiers refer to. The algorithm that
determines what an identifier in a given context refers to is part of the language
definition.
The complexity of these algorithms is influenced by the sophistication of the language.
For example, name resolution in assembly language usually involves only a single simple
table lookup, while name resolution in C++ is extremely complicated as it involves:
• namespaces, which make it possible for an identifier to have different meanings
depending on its associated namespace;
• scopes, which make it possible for an identifier to have different meanings at
different scope levels, and which involves various scope overriding and hiding
rules. At the most basic level name resolution usually attempts to find the binding
in the smallest enclosing scope, so that for example local variables supersede
global variables; this is called shadowing.
• visibility rules, which determine whether identifiers from specific namespaces or
scopes are visible from the current context;
• overloading, which makes it possible for an identifier to have different meanings
depending on how it is used, even in a single namespace or scope;
• accessibility, which determines whether identifiers from an otherwise visible
scope are actually accessible and participate in the name resolution process.
(iii)Subnet Masking Definition
What is subnet masking, and what it is used for?
TCP/IP communication between computers is divided into packets with headers
(electronic address labels) that identify the IP address of the computer a packet is coming
from, and the IP address of the computer it is going to (the destination).
Every IP address is divided into a network ID portion and a client ID portion. On the
internet, routers look at the 3 binary digits on the left of the destination IP address to
determine an IP address's "class." (An IP address is 32 binary digits.) The router then
uses the class to determine how many binary digits make up the network portion of the IP
address: 8 for class A's, 16 for class B's, and 24 for class C's. It uses a database in the
router (called the routing table) to decide where to send it next.
Once a packet is passed by an Internet router to its destination network, it is either on the
LAN segment of the destination computer, or the LAN has been subdivided by the LAN
administrators. If its on the destination computer's LAN segment, the destination
computer uses it and it goes no further. If a network administrator has divided the LAN,
and the destination computer is not on the current LAN segment, the corporate routers
(not Internet routers) must now determine how to forward the packet to the correct LAN
segment. These corporate routers are what sub-divide the LAN.
The "network" portion of the IP address doesn't help the corporate router, because every
IP address in the subdivided LAN has the same network ID. This is what the subnet mask
is for. Here's a key point: A subnet mask is used both when a LAN is subdivided, and
when it is not subdivided (a single LAN segment).
If the LAN is not subdivided, the subnet mask shows that the LAN is a single segment.
For example, with a class C IP address, the first 3 octets (w.x.y in the w.x.y.z format, or
the left-most 24 binary digits) are the network ID portion, and a subnet mask of
255.255.255.0 would be used to indicate that there was only one undivided LAN
segment. In this case, the client ID portion of the IP address (the z in the w.x.y.z format)
is not divided, and all 8 binary digits are used to identify a specific computer on the LAN
segment. (In binary, a mask of 255.255.255.0 is
11111111.11111111.11111111.00000000.)
When a LAN is subdivided, the client ID portion of the IP address is split! The part on
the left is used to identify the corporate LAN segment, and the part on the right is used to
identify a specific computer on that LAN segment. With a class C IP address, and a
subnet mask of 255.255.255.192, the 192 tells the corporate routers that of the eight
binary digits making up the client ID in a class C IP address, the 2 on the left are to
identify the LAN segment, and the remaining 6 identify the specific computer on that
LAN segment. (In binary, a mask of 255.255.255.192 is
11111111.11111111.11111111.11000000, and the digits in red show which digits of the
client ID portion are masked, and therefore used to identify a corporate subnet.)
Here's a class B example. The client ID of a class B IP address is the 16 binary digits on
the right (y.z in the w.x.y.z format). A mask of 255.255.248.0 tells the corporate routers
that the first 5 of those 16 is to identify the LAN segment, while a mask of
255.255.255.192 tells the corporate routers that the first 10 of those 16 is to identify the
LAN segment. (Though the mask of 255.255.255.192 is the same as the mask for the
class C address, a class B address has a larger client ID portion, so the digits in red show
the first 10 digits of the client ID portion being masked:
11111111.11111111.111111111.11000000.)
Urgent Pointer (2 bytes)
Protocol: TCP TCP PCI
Field: urgent pointer
Length: 2 bytes
Contents: urgent data indicator.
This field communicates the current value of the urgent pointer as a
positive offset from the sequence number in this segment. The urgent
pointer points to the sequence number of the octet following the urgent
data. This field is only be interpreted in segments with the URG
control bit set.
Ans 2:TCP/IP uses three schemes to accomplish these tasks:
• Addressing : IP addresses deliver data to the correct host.
• Routing : Gateway deliver data to the correct network.
• Multiplexing : Protocol and port numbers deliver data to the correct
software module within the host.
Each of these functions is necessary to send data between two co-operating applications
across the Internet.
IP Host Address:
The Internet work Protocol identifies hosts with a 32-bit number called IP address or a
host address. To avoid confusion with MAC addresses, which are machine or station
addresses, the term IP address will be used to designate this kind of address. IP addresses
are written as four dot-separated decimal numbers between 0-255.
IP addresses must be unique among all connected machines (are any hosts that you can
get over a network or connected set of networks, including your local area network,
remote offices joined by the company's wide-area network, or even the entire Internet
community).
The Internet Protocol moves data between the hosts in the form of datagrams. Each
datagram is delivered to the address contained in the destination address of the datagrams
header. The Destination Address is a standard 32-bit IP address that contains sufficient
information to uniquely identify a network and a specific host on that network.
If your network is connected to the Internet, you have to get a range of IP addresses
assigned to your machines through a central network administration authority. The IP
address uniqueness requirement differs from the MAC addresses. IP addresses are unique
only on connected networks, but machine MAC addresses are unique in the world,
independent of any connectivity. Part of the reason for the difference in the uniqueness
requirement is that IP addresses are 32-bits, while MAC addresses are 48-bits, so
mapping every possible MAC address into an IP address requires some overlap. Of
course, not every machine on a Ethernet is running IP protocols, so the many-to-one
mapping isn't as bad as the numbers might indicate. There are a variety of reasons why
the IP address is only 32 bits, while the MAC address is 48 bits, most of which are
historical.
Since the network and data link layer use different addressing schemes, some system is
needed to convert or map the IP addresses to the MAC addresses. Transport-layer
services and user processes use IP addresses to identify hosts, but packets that go out on
the network need MAC addresses. The Address Resolution Protocol (ARP) is used to
convert the 32-bit IP address of a host into its 48-bit MAC address. When a hosts wants
to map an IP address to a MAC address, it broadcasts an ARP request on the network,
asking for the host using the IP address to respond. The host that sees its own IP address
in the request returns its MAC address to the sender. With a MAC address, the sending
host can transmit a packet on the Ethernet and know that the receiving host will recognize
it.
IP Address Classes:
An IP address contains a network part and a host part, but the format of these parts in not
the same in every IP address.
Figure shows the IP address classes.
Not all network addresses or host addresses are available for use. The class A addresses,
0 and 127, that are reserved for special use. Network 0 designates the default route (is
used to simplify the routing information that IP must handle) and network 127 is the
loopback address (simplifies network applications by allowing the local host to be
addressed in the same manner as a remote host). We use the special network addresses
when configuring a host.
There are also some host addresses reserved for special use. In all network classes, host
number 0 and 255 are reserved. An IP address with all host bits set to zero identifies the
network itself. Addresses in this form are used in routing table listings to refer to entire
networks. An IP address with all bits set to one is a broadcast address (is used to
simultaneously address every host on a network). A datagram sent to this address is
delivered to every individual host on that network.
IP uses the network portion of the address to route the datagram between networks. The
full address, including the host information, is used to make final delivery when the
datagram reaches the destination network.
Figure shows host communication on a local network.
Subnets:
The standard structure of an IP address can be locally modified by using host address bits
as additional network address bits. Essentially, the dividing line between network address
bits and host bits is moved, creating additional networks, but reducing the maximum
number of hosts that can belong to each network. These newly designed network bits
define a network within the larger network, called a subnet. Sub netting allows
decentralized management of host addressing. With the standard addressing scheme, a
single administrator is responsible for managing host addresses for the entire network. By
sub netting, the administrator can delegate address assignment to smaller organizations
within the overall organization.
Sub netting can also be used to overcome hardware differences and distance limitations.
IP routers can link dissimilar physical networks together, but only if each physical
network has its own unique network address. Sub netting divides a single network
address into many unique subnet addresses, so that each physical network can have its
own unique address.
Figure shows IP addresses with and without sub netting.
A subnet is defined by applying a bitmask, the subnet mask, to the IP address. If a bit is
on the mask, that equivalent bit in the address is interpreted as a network bit. If the bit in
the mask is off, the bit belongs to the host part of the address. The subnet is only known
locally. To the rest of the Internet, the address is still interpreted as a standard IP address.
Figure 90 shows host communication with sub netting.
Routing:
As networks grow in size, so does the traffic imposed on the wire, which in turn impacts
the overall network performance, including responses. To alleviate such a degradation,
network specialist resort to breaking the network into multiple networks that are
interconnected by specialized devices, including routers, bridges, and switches.
The routing approach calls on the implementation of various co-operative processes, in
both routers and workstations, whose main concern is to allow for the intelligent delivery
of data to its ultimate destination. Data exchange can take place between any workstation,
whether or not both belong to the same network.
Figure shows a view of routing.
Figure 91 emphasis’s that the underlying physical networks that a datagram travels
through may be different and even incompatible. Host A1 on the Token Ring network
routes the datagram through gateway G1, to reach host B1 on the Ethernet. Gateway G1
forwards the data through the X.25 network to gateway G2, for delivery to B1. The
datagram traverses three physical different networks, but eventually arrives intact at B1.
A good place to start when discussing routers is with a through discussion of the
addresses, including MAC addresses, network addresses, and the complete addresses.
The Routing Table:
To perform its function reliably, the routing process is equipped with the capability to
maintain a road map depicting the entire internet work of which it is part. This road map
is commonly referred to as the routing table, and it includes routing information depicting
every known network is, and how it can be reached. The routing process builds and
maintains the routing table by employing a route discovery process known as the Routing
Information Protocol (RIP).
Routers should be capable of selecting the shortest path connecting two networks.
Routers discover the road map of the internet work by dynamically exchanging routing
information among themselves or by being statically configured by network installers, or
both. The dynamic exchange of routing information is handled by yet another process
besides the routing process itself. In the case of TCP/IP, IP handles the routing process,
whereas RIP handles the route discovery process.
Internet Routing Architecture:
When a hierarchical structure is used, routing information about all of the networks in the
internet is passed into the core gateway (a central delivery medium to carry long distance
traffic). The core gateway process this information, and then exchange it among
themselves using the Gateway-to-Gateway Protocol (GGP). The processed routing
information is then passed back out to the external gateways.
Figure shows the Internet Routing Architecture.
Outside of the Internet Core are groups of independent networks called Autonomous
Systems (AS), it is a collection of networks and gateways with its own internal
mechanism for collection routing information and passing it to other network systems.
The Routing Table:
Gateways route data between networks, but all network devices, hosts as well as
gateways, must make routing decisions.
For most hosts, the routing decisions are simple:
• If the destination is on the local network, the data is delivered to the
destination host.
• If the destination is on the remote network, the data is forwarded to a
local gateway.
Because routing is network oriented, IP makes routing decisions based on the network
portion of the address. The IP module determines the network part of the destination's IP
address by checking the high-order bits of the address to determine the address class. The
address class determines the portion of the address that IP uses to identify the network. If
the destination network is the local network, the local subnet mask is applied to the
destination address.
After determining the destination network, the IP module looks up the network in the
local routing table. Packets are routed toward their destination as directed by the routing
table. The routing table may be built by the system administrator or by routing protocols,
but the end result is the same, IP routing decisions are simple table look-ups.
Figure shows a flowchart depiction of the IP routing algorithm.
You can display the routing table's contents with the net stat -r command.
The net stat command displays a routing table containing the following
fields:
• Destination : The destination network or host.
• Gateway : The gateway to use to reach the specified destination.
• Flags : The flags describe certain characteristics of this route.
U: Indicates that the route is up and operational.
H: Indicates this is a route to a specific host.
G: Means the route uses a gateway.
D: Means that this route was adds because of an ICMP
redirect.
• Refcnt : Shows the number of times the route has been referenced to
establish a connection.
• Use : Shows the number of packets transmitted via this route.
• Interface : The name of the network interface used by this route.
All of the gateways that appear in a routing table are networks directly connected to the
local system. A routing table does not contain end-to-end routes. A rout only points to the
next gateway, called the next hop, along the path to the destination network. The host
relies on the local gateway to deliver the data, and the gateways relies on the other
gateways. As a datagram moves from one gateway to another, it should eventually reach
one that is directly connected to its destination network, It is this last gateway that finally
delivers the data to the destination host.
Address Resolution:
The IP address and the routing table direct a datagram to a specific physical network, but
when the data travels across a network, it must obey the physical layer protocol used by
that network. The physical networks that underlay the TCP/IP network do not understand
IP addressing. Physical networks have their own addressing schemes. and there are as
many different addressing schemes as there are different types of physical networks. One
task of the network access protocols is to map IP addresses to physical network
addresses.
Figure show the operation of ARP.
The most common example of this network access layer function is the translation of IP
addresses to Ethernet addresses. The protocol that performs this function is Address
Resolution Protocol (ARP).
Figure shows the layout of an ARP request or ARP reply.
In figure 95, when an ARP request is sent, all fields in the layout are used except the
Recipient Hardware Address (which the request is trying to identify). In an ARP reply,
all the fields are used. The fields in the ARP request and reply can have several values.
The ARP software maintains a table of translations between IP addresses and Ethernet
addresses. This table is built dynamically. When ARP receives a request to translate an IP
address, it checks for the address in its table. If the address is found, it returns the
Ethernet address in its table. If the address is not found in the table, ARP broadcast a
packet to every host on the Ethernet. The packet contains the IP address for which an
Ethernet address is sought. If a receiving host identifies the IP address as its own, it
responds by sending its Ethernet address back to the requesting host. The response is then
cached in the ARP table.
The arp -a command display all the contents of the ARP table.
Figure shows Routing Domains
RARP:
The Reverse Address Resolution Protocol (RARP), is a variant of the address resolution
protocol. RARP also translates addresses, but in the opposite direction. It converts
Ethernet addresses to IP addresses. The RARP protocol really has nothing to do with
routing data from one system to another. RARP helps configure diskless systems by
allowing diskless workstations to learn their IP address. The diskless workstations uses
the Ethernet broadcast facility to ask which IP address maps to its Ethernet address.
When a server on the network sees the request, it looks up the Ethernet address in the
table. If it finds a match, the server replies with the workstation's IP address.
Figure shows the interrelationship between IP and Ethernet MAC address as reflected in
the Ethernet data frame.
In figure, Shaded fields correspondent to the destination and source address of host A,
(the sender) and Host B (the receiver).
Protocols, Ports, and Sockets:
Once data is routed through the network and delivered to a specific host, it must be
delivered to the correct user or process. As the data moves up or down the layers of
TCP/IP, a mechanism is needed to deliver data to the correct protocols in each layer. The
system must be able to combine data from many applications into a few transport
protocols, and from the transport protocols into the Internet Protocol. Combining many
sources of data into a single data stream is called multiplexing. Data arriving from the
network must be demultiplexed, divided for delivery to multiple processes. To
accomplish this, IP uses protocol numbers to identify transport protocols, and the
transport protocols use port numbers to identify applications.
Figure shows Protocol and Port Numbers.
Figure shows the protocol interdependency between Application level protocols and
Transport level protocols.
Protocol Numbers:
Is a single byte in the header of the datagram. The value identifies the protocol in the
layer above IP to which the data should be passed.
Port Numbers:
A host may have many TCP and UDP connections at any time. Connections to a host are
distinguished by a port number, which serves as a sort of mailbox number for incoming
datagram’s. There may be many processes using TCP and UDP on a single machine, and
the port numbers distinguish these processes for incoming packets. When a user program
opens a TCP or UDP socket, it gets connected to a port on the local host. The application
may specify the port, usually when trying to reach some service with a well-defined port
number, or it may allow the operating system to fill in the port number with the next
available free port number.
After IP passes incoming data to the transport protocol, the transport protocol passes data
to the correct application process. Application processes are identified by port numbers,
which are 16-bit values. The source port number, which identifies the process that sent
the data, and the destination port number, which identifies the process that is to receive
the data are contained in the header of each TCP segment and UDP packet.
Port numbers are not unique between transport layer protocols, the numbers are only
unique within a specific transport protocol. It is the combination of protocol and port
numbers that uniquely identifies the specific process the data should be delivered to.
Figure shows data packets multiplexed via TCP or UDP through port addresses and onto
the targeted TCP/IP applications.
In figure, if a data packet arrives specifying a transport protocol of 6, it is forwarded to
the TCP implementation. If the packet specifies 17 as the required protocol, the IP layer
would forward the packet to the programs implementing UDP.
Figure shows the exchange of port numbers during the TCP handshake.
In figure 101, the source host randomly generates a source port, in this example 3044. It
sends out a segment with a source port of 3044 and a destination port of 23. The
destination host receives the segment, and responds back using 23 as it source port and
3044 as its destination port.
Sockets:
Well-known ports are standardized port numbers that enables remote computers to know
which port to connect to for a particular network service. This simplifies the connection
process because both the sender and the receiver know in advance that data bound for a
specific process will use a specific port.
There is a second type of port number called a dynamically allocated port. As the name
implies, this ports are not pre-assigned. They are assigned to processes when needed. The
system ensures that it does not assign the same port number to two processes, and that the
number assigned are above the range of standard port numbers. She provide the
flexibility needed to support multiple users.
The combination of an IP address and a port number is called a socket. A socket uniquely
identifies a single network process within the entire internet. One pair of sockets, one
socket for the receiving host and one for the sending host, define the connection for
connection-oriented protocols such as TCP.
Names and Addresses:
Every network interface attached to a TCP/IP network is defined by a unique 32-bit IP
address. A name, called a host name, can be assigned to any device that has an IP
address. Names are assigned to devices because, compared to numeric Internet addresses,
names are easier to remember and type correctly. The network software doesn't require
names, but they do make it easier form humans to use the network. In most cases, host
names and numeric addresses can be used interchangeably. Whether a command is
entered with an address or a host name, the network connection always takes place based
on the IP address. The system converts the host name to an address before the network
connection is made. The network administrator is responsible for assigning names and
addresses and storing them in the database used for the conversion. There are two
methods for translating names into addresses. The older method simply looks up the host
name in a table called the host table. The newer technique uses a distributed database
system called Domain Name Service (DNS) to translate names to addresses.
The Host Table:
Is a simple text file that associates IP addresses with host names. Most systems have a
small host table containing name and address information about the important hosts on
the local network. This small table is used when DNS is not running, such as during the
initial system start-up. Even if you use DNS, you should create a small host file
containing entries for your host, for localhost, and for the gateway and servers on your
local net. Sites that use NIS use the host table as input to the NIS host database. You can
use NIS in conjunction with DNS, but even when they are used together, most NIS sites
create host tables that have an entry for every host on the local network. Hosts connected
to the Internet should use DNS.
The Network Information Centre (NIC) Host Table:
Maintain a large table of Internet hosts, which is stored on the host. The NIC places host
names and addresses into the file for all sites on the Internet. The NIC table contains
three types of entries: Network records, gateway records, and host records.
Figure shows the format of the Host.txt records.
In figure, each record begins with a keyword (NET, HOST or GATEWAY) that
identifies the record type, followed by an IP address, and one or more names associated
with the address. The IP addresses and host names from the Host record are extracted to
construct the /etc/hosts file. The network addresses and names from the NET records are
used to create the etc/networks file.
Domain Name Service (DNS):
It is a distributed database system that doesn't bog down as the database grows. It
guarantees that new host information will be disseminated to the rest of the network as it
is needed to those who are interested. If a DNS server receives a request for information
about a host for which it has no information, it passes on the request to an authoritative
server (is any server responsible for maintaining accurate information about the domain
which is being queried). When the authoritative server answers, the local server saves
(caches) the answer for future use. The next time the local server receives a request for
this information, it answers the request itself. The ability to control host information from
an authoritative source and to automatically disseminate accurate information makes
DNS superior to the host table, even for small networks not connected to the Internet.
Figure shows resolution of a DNS query.
The Domain Hierarchy:
DNS is a distributed hierarchical system for resolving host names into IP addresses.
Under DNS, there is no central database with all of the Internet host information. The
information is distributed among thousands of name servers organised into a hierarchy.
DNS has a root domain at the top of the domain hierarchy that is served by a group of
name servers called the root server. Information about a domain is found by tracing
pointers from the root domain, through subordinate domains, to the target domain.
Directly under the root domain are the top level domains. There are two basic types of
top-level domains, geographic and organizational.
Figure shows Domain Hierarchy.
Creating Domains and Sub domains:
The Network Information Centre has the authority to allocate domains. To obtain a
domain, you apply to the NIC for authority to create a domain under one of the top-level
domains. Once the authority to create a domain is granted, you can create additional
domains, called sub domains, under your domain.
Domain Names:
Reflect the domain hierarchy. Domain names are written from most specific, a host name,
to least specific, a top-level domain, with each part of the domain name separated by a
dot (
Figure shows organization of the DNS name space.
Network Information Service (NIS):
Is an administrative database system that provides central control and automatic
dissemination of important administrative files, NIS can be used in conjunction with
DNS, or as an alternative to it. NIS and DNS have some similarities and some
differences. Like DNS, the NIS overcomes the problem of accurately distributing the host
table, nut unlike DNS, it only provides service for the local area networks. NIS is not
intended as a service for the Internet as a whole. Another difference is that NIS provides
access to a wider range of information than DNS. As its name implies, NIS provides
much more than name-to-address conversion. It converts several standard UNIX files into
databases that can be queried over the network. These databases are called NIS maps.
NIS provides a distributed database system for common configuration files. NIS servers
manage copies of the database files, and NIS clients request information from the servers
instead of using their own, local copies of these files. Once NIS is running, simply
updating the NIS server ensures that all machines will be able to retrieve the new
configuration file information
A major problem in running a distributed computing environment is maintaining separate
copies of common configuration files such as the password, group, and hosts files.
Ideally, the network should be consistent in its configuration, so that users don't have to
worry about where they have accounts or if they'll be able to find a new machine on the
network. Preserving consistency, however, means that every change to one of these
common files must be propagated to every host on the network. The Network Information
Service (NIS) addresses these problems. It is a distributed database system that replaces
copies of commonly replicated configuration files with a centralized management
facility. Instead of having to manage each host's files, you maintain one database for each
file on one central server. Machines that are using NIS retrieve information as needed
from these database. If you add a new system to the network, you can modify on file on a
central server and propagate this change to the rest of the network, rather than changing
the hosts file for each individual host on the network. Because NIS enforces consistent
views of files on the network, it is suited for files that have no host-specific information
in them. Files that are generally the same on all hosts in a network, fit the NIS model of a
distributed database nicely. NIS provides all hosts information from its global database.
Master, Slaves, and Clients:
NIS is built on the client-server model. An NIS server is a host that
contains NIS data files, called maps. Clients are hosts that request
information from these maps. Servers are further divided into master and
slave servers: The master server is the true single owner of the map data.
Slave NIS servers handle client requests, but they do not modify the NIS
maps. The master server is responsible for all map maintenance and
distribution to its slave servers. Once an NIS map is built on the master to
include a change, the new map file is distributed to all slave servers. NIS
clients see these changes when the perform queries on the map file, it
doesn't matter whether the clients are talking to a master or a slave server,
because once the map data is distributed, all NIS servers have the same
information.
Figure shows NIS masters, slaves, and clients.
With the distinction between NIS servers and clients firmly established,
we can see that each system fits into the NIS scheme in one of three ways:
• Client only: This is a typical of desktop workstations, where the system
administrator tries to minimize the amount of host-specific tailoring
required to bring a system onto the network. As an NIS client, the host
gets all of its common configuration information from an extant server.
• Server only: While the host services client request for map information,
it does not use NIS for its own operation. Server-only configuration may
be useful when a server must provide global host and password
information for the NIS clients, but security concerns prohibit the server
from using these same files. However, bypassing the central configuration
scheme opens some of the same loopholes that NIS was intended to close.
Although it is possible to configure a system to be an NIS server only, we
don't recommend it.
• Client and server: In most cases, an NIS server also function as an NIS
client so that its management is streamlined with that of other client-only
hosts.
Most precisely, a domain is a set of NIS maps. A client can refer to a map
from any of several different domains. Most of the time, however, any
given host will only look up data from one set of NIS maps. Therefore, it's
common to use the term domain to mean the group of systems that share a
set of NIS maps. All systems that need to share common configuration
information are put into an NIS domain. Although each system can
potentially look up information in any NIS domain, each system is
assigned to a default domain, meaning that the system, by default, looks
up information from a particular set of NIS maps. It is up to the
administrator to decide how many different domains are needed.
An interruption in NIS service affects all NIS clients if no other servers
are available. Even if another server is available, clients will suffer
periodic slowdowns as the recognize the current server is down and hunt
for a new one.
A second imperative for NIS servers is synchronization. Clients may get
their NIS information from any server, so all servers must have copies of
every map file to ensure proper NIS operation. Furthermore, the data in
each map file on the slave servers must agree with that on the master
server, so that NIS clients cannot get out-of-data or stale data. NIS
contains several mechanisms for making changes to map files and
distributing these changes to all NIS servers on a regular basis.
Remote Procedure Call (RPC):
Provides a mechanism for one host to make a procedure call that appears to be part of the
local process but is really executed on another machine on the network. Typically, the
host on which the procedure call is executed has resources that are not available on the
calling host. This distribution of computing services imposes a client/server relationship
on the two hosts: The host owning the resource is a server for that resource, and the
calling host becomes a client of the server when it needs access to the resource. The
resource might be a centralized configuration file (NIS) or a shared file system (NFS).
Instead of executing the procedure on the local host, the RPC system bundles up the
arguments passed to the procedure into a network datagram. The exact bundling method
is determined by the presentation layer, described in the next section. The RPC client
creates a session by locating the appropriate server and sending the datagram to a process
on the server that can execute the RPC. On the server, the arguments are unpacked, the
server executes the result, packages the result (if any), and sends it back to the client.
Back on the client side, the reply is converted into a return value for the procedure call,
and the user application is reentered as if a local procedure call has completed. RPC
services may be built on either TCP or UDP transports, although most are UDP-oriented
because the are centered short-lived requests. Using UDP also forces the RPC call to
contain enough context information for its execution independent of any other RPC
request, since UDP packets may arrive in any order, if at all.
When an RPC call is made, the client may specify a time-out period in which the call
must complete. If the server is overloaded or has crashed, or if the request is lost in transit
to the server, the remote call may not be executed before the time-out period expires. The
action taken upon an RPC times varies by application, some resend the RPC call, while
others may look for another server.
Remote Procedure Call Execution:
Figure shows Remote Procedure Call Execution.
External Data Representation (XDR):
Is built on the notion of an immutable network byte ordering, called the canonical form.
It isn't really important what the canonical form is, your systems may or may not use the
same byte ordering and structure packing conventions. This form simply allows network
hosts to exchange structured data independently of any peculiarities of a particular
machine. All data structures are converted into the network byte ordering and padded
appropriately.
The rule of XDR is sender makes local canonical, receivers makes canonical local. Any
data that goes over the network is in canonical form. A host sending data on the network
converts it to canonical form, and the host that receives the data converts it back into its
local representation. A different way to implement the presentation layer might be
receiver makes local. In this case, the sender does nothing to the local data, and the
receiver must deduce the packing and encoding technique and convert it into the local
equivalent, While this scheme may send less data over the network, it places the burden
of incorporating a new hardware architecture on the receiving side, rather than on the
new machine.
Ans3 (i)Class B subnets
In my last Daily Drill Down, we borrowed bits from the host portion of a Class C
network address. Class C network addresses only have eight bits to manipulate into
subnets. However, a Class B has 16 bits to play with. This will allow more subnets with
more hosts per subnet than a Class C network ever could.
Table 1 lists all of the possible Class B subnets:
Table 1
Mask Binary Subnets Hosts per subnet
255.255.128.0 10000000.00000000 2 32,766
255.255.192.0 11000000.00000000 2 16,382
255.255.224.0 11100000.00000000 6 8,190
255.255.240.0 11110000.00000000 14 4,094
255.255.248.0 11111000.00000000 30 2,046
255.255.252.0 11111100.00000000 62 1,022
255.255.254.0 11111110.00000000 126 510
255.255.255.0 11111111.00000000 254 254
255.255.255.128 11111111.10000000 510 126
255.255.255.192 11111111.11000000 1022 62
255.255.255.224 11111111.11100000 2,046 30
255.255.255.240 11111111.11110000 4,094 14
255.255.255.248 11111111.11111000 8,190 6
255.255.255.252 11111111.11111100 16,382 2
All possible Class B subnets
There are quite a few more masks we can use with a Class B network address than we
can with a Class C network address. Remember that this is not harder than subnetting
with Class C, but it can get confusing if you don’t pay attention to where the subnet bits
and host bits are in a mask. This takes practice!
In this Daily Drill Down, I will use the same techniques I used in the Class C article to
subnet a network. We’ll start with the Class B subnet mask of 255.255.192.0 and figure
out the subnets, broadcast address, and valid host range. We will answer the same five
questions we answered for the Class C subnet masks:
1. How many subnets does this mask provide?
2. How many hosts per subnet does this mask provide?
3. What are the valid subnets?
4. What is the broadcast address for each subnet?
5. What is the host range of each subnet?
Before we answer these questions, there is one difference you need to be aware of when
subnetting a Class B network address. When subnetting in the third octet, you need to add
the fourth octet. For example, on the 255.255.192.0 mask, the subnetting will be done in
the third octet. To create a valid subnet, you must add the fourth octet of all 0s and all 1s
for the network and broadcast address (0 for all 0s and 255 for all 1s).
Example 1: Answers for the 255.255.192.0 mask
1. 2-2=2 subnets
2. 2-2=16,382 hosts per subnet
3. 256-192=64.0, 128.0
4. Broadcast for the 64.0 subnet is 127.255. Broadcast for the 128.0 subnet is
191.255.
5. The valid hosts are:
Subnet 64.0 128.0
first host 64.1 128.1
last host 127.254 191.254
broadcast 127.255 191.255
Notice that the numbers in the third octet are the same numbers we used in the fourth
octet when subnetting the 192 mask. The only difference is that we add 0 and 255 in the
fourth octet.
For the 64.0 subnet, all the hosts between 64.1 and 127.254 are in the 64 subnet. In the
128.0 subnet, the hosts are 128.1 through 191.254.
I know this is confusing, but I promise if you read this complete Daily Drill Down
carefully, I can make it easier for you.
Work through a few more with me, and it should start to become clearer.
Example 2: 255.255.240.0
1. 2-2=14 subnets
2. 2-2=4094 hosts per subnet
3. 256-240=16.0, 32.0, 48.0, 64.0, etc.
4. Broadcast for the 16.0 subnet is 31.255. Broadcast for the 32.0 subnet is 47.255,
etc.
5. The valid hosts are:
Subnet 16.0 32.0 48.0 64.0
first host 16.1 32.1 48.1 64.1
last host 31.254 47.254 63.254 79.254
broadcast 31.255 47.255 63.255 79.255
Example 3: 255.255.248.0
1. 2-2=30 subnets
2. 2-2=2,046 hosts per subnet
3. 256-248=8.0, 16.0, 24.0, 32.0, 40.0, 48.0, 56.0, 64.0, etc.
4. Broadcast for the 8.0 subnet is 15.255. Broadcast for the 16.0 subnet is 23.255,
etc.
5. The valid hosts are:
Subnet 8.0 16.0 24.0 32.0 40.0 48.0 56.0 64.0
first host 8.1 16.1 24.1 32.1 40.1 48.1 56.1 64.1
last host 15.254 23.254 31.254 39.254 47.254 55.254 63.254 71.254
broadcast 15.255 23.255 31.255 39.255 47.255 55.255 63.255 71.255
Example 4: 255.255.252.0
1. 2-2=62 subnets
2. 2-2=1,022 hosts per subnet
3. 256-252=4.0, 8.0, 12.0, 16.0, 20.0, 24.0, 28.0, 32.0, etc.
4. Broadcast for the 4.0 subnet is 7.255. Broadcast for the 8.0 subnet is 11.255, etc.
5. The valid hosts are:
Subnet 4.0 8.0 12.0 16.0 20.0 24.0 28.0 32.0
first host 4.1 8.1 12.1 16.1 20.1 24.1 28.1 32.1
last host 7.254 11.254 15.254 19.254 23.254 27.254 31.254 35.254
broadcast 7.255 11.255 15.255 19.255 23.255 27.255 31.255 35.255
Example 5: 255.255.255.0
1. 2-2=254 subnets
2. 2-2=254 hosts per subnet
3. 256-255=1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0, etc.
4. Broadcast for the 1.0 subnet is 1.255. Broadcast for the 2.0 subnet is 2.255, etc.
5. The valid hosts are:
Subnet 1.0 2.0 3.0 4.0 5.0 6.0 7.0 8.0
first host 1.1 2.1 3.1 4.1 5.1 6.1 7.1 8.1
last host 1.254 21.254 3.254 4.254 5.254 6.254 7.254 8.254
broadcast 1.255 2.255 3.255 4.255 5.255 6.255 7.255 8.255
That last example was pretty simple. I hope you notice a pattern now. All the numbers
were basically the same except we added the fourth octet into the address.
The more difficult process of subnetting a Class B network address is when you start
using bits in the fourth octet for subnetting. For example, what happens when you use
this mask with a Class B network address: 255.255.255.128? Is that valid? Absolutely!
There are nine bits for subnetting and seven bits for hosts. That is 510 subnets, each with
126 hosts. However, it is the most difficult mask to figure out the valid hosts for.
Example 6: The Class B 255.255.255.128 subnet mask:
1. 2-2=510 subnets
2. 2-2=126 hosts per subnet
3. For the third octet, the mask would be 256-255=1, 2, 3, 4, 5, 6, etc.
4. For the fourth octet, the mask would be 256-128=128, which is one subnet if it is
used. However, if you turn the subnet bit off, the value is 0. This means that for
every subnet in the third octet, the fourth octet has two subnets: 0 and 128, for
example 1.0 and 1.128.
5. Broadcast for the 0.128 subnet is 128.255; the broadcast for the 1.0 subnet is
1.127. Broadcast for the 1.128 subnet is 1.255, etc.
6. The valid hosts are:
Subnet 0.128 1.0 1.128 2.0 2.128 3.0 3.128 4.0
first host 0.129 1.1 1.129 2.1 2.129 3.1 3.129 4.1
last host 0.254 1.126 1.254 2.126 2.254 3.126 3.254 4.126
broadcast 0.255 1.127 1.255 2.127 2.255 3.127 3.255 4.127
The thing to remember is that for every subnet in the third octet, there are two in the
fourth octet: 0 and 128. For the 0 subnet, the broadcast address is always 127. For the 128
subnet, the broadcast address is always 255.
Let’s continue with more subnetting into the fourth octet. This is exactly like subnetting a
Class C network address, but the third octet is part of the subnet address.
Example 7: Class B network 255.255.255.192
1. 2-2=1022 subnets
2. 2-2=62 hosts per subnet
3. 256-255=1.0, 2.0, 3.0, etc. for the third octet. 256-192=64, 128, 192 for the fourth
octet. For every valid subnet in the third octet, we get four subnets in the fourth
octet: 0, 64, 128, and 192.
4. Broadcast for the 1.0 subnet is 1.63, since the next subnet is 1.64. Broadcast for
the 1.64 subnet is 1.127, since the next subnet is 1.128. Broadcast for the 1.128
subnet is 1.191, since the next subnet is 1.192. Broadcast for the 1.192 subnet is
1.255.
5. The valid hosts are as follows:
Subnet 0.64 0.128 0.192 1.0 1.64 1.128 1.192 2.0
first host 0.65 0.129 0.193 1.1 1.65 1.129 1.193 2.1
last host 0.126 0.190 0.254 1.62 1.126 1.190 1.254 2.62
broadcast 0.127 0.191 0.255 1.63 1.127 1.191 1.255 2.63
On this one, the 0 and 192 subnets are valid, since we are using the third octet as well.
The subnet range is 0.64 through 255.128. 0.0 is not valid since no subnet bits are on.
255.192 is not valid because then all subnet bits would be on.
Example 8: Class B network 255.255.255.224
1. 2-2=2046 subnets
2. 2-2=30 hosts per subnet
3. 256-255=1.0, 2.0, 3.0, etc. for the third octet. 256-224=32, 64, 96, 128, 160, 192
for the subnet value. (For every value in the third octet, we get eight subnets in the
fourth octet: 0, 32, 64, 96, 128, 160, 192, 224.)
4. Broadcast for the 1.0 subnet is 1.63, since the next subnet is 1.64. Broadcast for
the 1.64 subnet is 1.127, since the next subnet is 1.128. Broadcast for the 1.128
subnet is 1.191, since the next subnet is 1.192. Broadcast for the 1.192 subnet is
1.255.
5. The valid hosts are:
Subnet 0.32 0.64 0.96 0.128 0.160 0.192 0.224 1.0
first host 0.33 0.65 0.97 0.129 0.161 0.193 0.225 1.1
last host 0.62 0.94 0.126 0.158 0.190 0.222 0.254 1.30
broadcast 0.63 0.95 0.127 1.159 0.191 0.223 0.255 1.31
For this subnet mask, the 0 and 224 subnets are valid as long as not all subnet bits in the
third octet are off or all subnet bits in the fourth octet are on.
When would we use this valuable information? All the time! For example, if you have a
host configuration of 172.16.10.33 255.255.255.224, what subnet, broadcast address, and
valid host range is this host a member of? (We would solve this question with the
information presented above.)
256-224=32, 64
Bingo! In the fourth octet, the host address is 33. That is between 32 and 64, so the host is
in the 32 subnet, which has a broadcast address of 63, and the valid host range is 33-62.
Easy. Just remember that the subnet is 10.32 because the third octet is part of the subnet
address.
Let’s try another one. You have a host configuration of 172.16.10.33 255.255.255.240.
What subnet, broadcast address, and valid host range is this host a member of?
Since we did not go through this mask in this Daily Drill Down, you’ll have to figure it
out on your own. It is done the same way as all the others.
256-240=16, 32, 48
Bingo! The host is in the 10.32 subnet, which has a broadcast address of 10.47 and a
valid host range of 10.33 through 10.46.
Let’s keep going: You have a host configuration of 172.16.10.33 255.255.255.248. What
subnet, broadcast address, and valid host range is this host a member of?
256-248=8, 16, 24, 32, 40
Bingo! The host is in the 10.32 subnet, which has a broadcast address of 10.39 and valid
host range of 10.33 through 10.38. Easy, huh?
One more: You have a host configuration of 172.16.10.17 255.255.255.252. What subnet,
broadcast address, and valid host range is this host a member of?
256-252=4, 8, 12, CIDR Notation
CIDR specifies an IP address range by the combination of an IP address and its associated network mask.
CIDR notation uses the following format -
xxx.xxx.xxx.xxx/n
where n is the number of (leftmost) '1' bits in the mask. For example,
192.168.12.0/23
applies the network mask 255.255.254.0 to the 192.168 network, starting at 192.168.12.0. This notation
represents the address range 192.168.12.0 - 192.168.13.255. Compared to traditional class-based
networking, 192.168.12.0/23 represents an aggregation of the two Class C networks 192.168.12.0 and
192.168.13.0 each using the default network mask 255.255.255.0.
CIDR supports Internet address allocation and message routing independent of the traditional class of a
given IP address range. For example,
10.4.12.0/22
represents the address range 10.4.12.0 - 10.4.15.255 by employing the network mask 255.255.252.0. This
effectively represents an apportioning of four Class C networks within the much larger Class A space.
CIDR notation is sometimes adopted even on non-CIDR networks. In non-CIDR IP sub netting, however, the
value of n is restricted to either 8 (Class A), 16 (Class B) or 24 (Class C) from the Internet address allocation
and routing perspective.
The Super netting/CIDR chart
There are four columns available in the chart:
The CIDR Block, the Super net Mask, Number of Class C Networks and the Number of Hosts column.
Class C
CIDR
Block
Supernet Mask
Number of Class C
Networks
Number of
Hosts
/14 255.252.0.0 1024 262144
/15 255.254.0.0 512 131072
/16 255.255.0.0 256 65536
/17 255.255.128.0 128 32768
/18 255.255.192.0 64 16384
/19 255.255.224.0 32 8192
/20 255.255.240.0 16 4096
/21 255.255.248.0 8 2048
/22 255.255.252.0 4 1024
/23 255.255.254.0 2 512
/24 255.255.255.0 1 254
/25 255.255.255.128 1/2 126
/26 255.255.255.192 1/4 62
/27 255.255.255.224 1/8 32
/28 255.255.255.240 1/16 16
/29 255.255.255.248 1/32 8
/30 255.255.255.252 1/64 4
The CIDR Block
The CIDR Block simply represents the number of bits used for the subnet mask. For example, /14 means 14
bits assigned to the subnet mask, it is a lot easier telling someone you have a 14 bit subnet mask rather
than a subnet mask of 255.252.0.0
Note: In the above paragraph, I called the 14 bits as a subnet mask, when in fact it's a super net mask, but
because when you configure any network device, the field you will need to enter the value is usually named
as the 'subnet mask', I decided to name it 'subnet mask' as well, in order to avoid confusion.
When we use a CIDR Block of 24 (24 bit subnet mask) we are not Super netting. This is a default subnet
mask for a Class C network. With CIDR Blocks /25 to /30 we are actually Sub netting and not Super netting.
Now you might wonder why I have them in the chart. The fact is that those particular CIDR Blocks are valid,
regardless of whether applying them to a network means we are Sub netting and not Super netting.
A good example is if you wanted a permanent connection to your ISP and only required 2 IP Addresses, one
for your router and one for your Firewall, you would be assigned one /30 CIDR Block. With such a subnet
mask you will have 4 IP Addresses, from which 2 will be reserved (one for the Network address and one for
the Broadcast address) and you're left with 2 that you can assign to your hosts (router and firewall).
The Super net Mask
Basically, this is your Subnet mask. When you configure the devices that will be attached to the specified
network, this is the value you will enter as a Subnet mask. It's also the decimal value the CIDR Block
specifies. For example, a /24 CIDR block means a 24 bit Subnet mask, which in its turn translates to
255.255.255.0
Number of Class C Networks
This number shows us how many Class C Networks are combined by using a specific Super net mask or, if
you like, CIDR Block. For example, the /24 CIDR Block, 255.255.255.0 Super net mask is 1 Class C
Network, whereas a /20 CIDR Block, 255.255.240.0 Super net mask is 16 Class C networks.
Number Of Hosts
This value represents the number of hosts per Super net. For example, when we use a /20 CIDR Block,
which means a Subnet (or Super net) mask of 255.255.240.0, we can have up to 4096 hosts.
The 4096 number is obtained by the fact that we have 16 class B networks using the /20 notation (the third
octet is 240, 256 - 240 = 16), so we have 16 class B IP’s which each have 256 IP addresses. 16 x 256 =
4096
There is one thing you must be careful of though! The value 4096 does not represent the valid, usable IP
Addresses. If you wanted to find out how many of these IP Addresses you can actually use, in other words,
assign to hosts, then you simply take 2 IP Addresses from that number (the first and last IP Address), so
you're left with 4094 IP Addresses to play with.
Why take 2 away? One is reserved for the Network Address and one for the Broadcast Address of that
network.
CIDR Sub netting
Under CIDR rules, the subnet mask used to break a Class C block or 254 addresses into two subnets is
255.255.255.128 which results in 2 subnets with 126 usable addresses in each.
This usually brings up the following questions: "If we break a group of 254 addresses into two pieces, why
do we only end up with 2 groups of 126? Why not two groups of 127? Where did all of the other two
addresses go?" Under Classic and CIDR IP rules, within a subnet the addresses with a host portion that is
all zeroes or all ones have special meanings. The host address with all ones is the broadcast address for the
subnet. Packets addressed to the broadcast address are received by all devices on the network. The
address with a host portion that is all zeroes is the same as the network address and cannot be used as an
actual host address because this causes confusion with certain network commands and messages. This is
why in a Class C network, with numbers 0 through 255 available, you lose 0 (binary 00000000) and 255
(binary 11111111) and can use only 254 addresses (1 thru 254).
When you break a single block of IP addresses into two smaller blocks, each of these two new subnets
needs both a network address and an announce address. This uses up the lowest address and highest
address of the range.
When you use a subnet mask of 128, you have 2 possible subnets:
0 00000000
128 10000000
If you were using Classic IP rules it would be recommended that you not use either of these subnets, but
under CIDR rules they are allowed.
The recommended net masks for a Class C network using Classic IP rules, with the number of subnets
available and the number of addresses within each subnet, are as follows:
Class C Available Available
# bits Mask Subnets Addresses
------- --------------- --------- ---------
1 255.255.255.128 2 126
2 255.255.255.192 4 62
3 255.255.255.224 8 30
4 255.255.255.240 16 14
5 255.255.255.248 32 6
6 255.255.255.252 64 2
Under CIDR rules a Class C network sub netted with the net mask 255.255.255.128 gives two usable
networks. The first has a network address of 0, an announce address of 127, and 126 available addresses
in the range 1 thru 126. The second subnet has a network address of 128, an announce address of 255, and
126 available addresses in the range 129 thru 254. Other subnets are calculated in the same fashion.16,
20
Ans4 These answers may not be correct so don't just take my word for it! Do the
questions yourself by cheating and using your course notes and books. If they look like
mine, then the chances are quite good that we are both correct. It does not matter if it
takes you more than one hour for each question, the fact you have got an answer will
stick in you mind and will help during the real exam.
Learn to read the question properly and only answer what is asked and not what you think
they want. Don't forget to do all the parts of each question. Explain any assumptions you
have made if the question is not clear. Read all the questions before you write anything
down, there may be an easier one further down the paper. Tick off the ones you can
answer as you read the paper, then go back and assess which will be the best question to
start with.
I have looked at both of these past papers and there is a common theme of 8 questions
from which you must select 5. There is no compulsory question so you can just cross out
the three you don't like in the exam. All questions are worth the same 20 marks (hence 5
= 100%) although the sub questions do vary the the marks they attract. I cannot see any
parts with less than 2 marks although some of the larger ones do attract 10 or more on
occasion.
The questions usually group all their parts around a common subject area so there should
be no rogue parts to these questions.
In common with previous exams I have assumed that you get a point for each statement,
bullet point or sentence that gives a complete answer and uses all the buzz-words. If your
answer does not do this only expect half a point per statement. Sometimes it is easier to
draw a diagram than try to describe something in words (a TCP packet layout for
instance). In this case you will get marks for every correct physical object drawn, and
every correct label that explains what it is.
Keep an eye on the time, there are 5 questions to answer in 3 hours that's 15 minutes to
read the paper, 30 minutes per question and 15 minutes checking at the end. That works
out at about 90 seconds per mark, so if you are still working on a 3 mark question after 5
minutes, stop, leave a few lines blank and go back to it at the end.
I have not bothered to repeat the questions before I answer them. Please print out the
exam papers by downloading the zip file in the CNPA Index page. This contains two
PDF files, one of each exam paper.
1.
a
(7
mar
ks)
(to remember the ISO OSI 7 layer model use PANTSPA reading from the bottom
up)
1. Application Client program that uses the network utilities (FTP, TELNET)
and tools for the application programmer.
2. Presentation Abstraction of application data format (ASCII, EBCDIC,
Integer Length, Video Stream, etc.) between peers
3. Session Name Space to tie together discrete data streams that are part of a
single application e.g. Videoconference
4. Transport End to End (process to process) communication of messages
5. Network Addressing and Routing of packets to their final destination
6. data Link Transmission and reception of frames over the physical medium
7. Physical The physical medium over which the communicating bit stream is
carried
1.
b
(5
mar
ks)
(show HTTP request inside TCP packet inside Ethernet Frame - Easier to use a
diagram for this one)
1.
c
(3
mar
ks)
(The only example I can think of is the ATM LAN Emulation scenario)
Here the Data link layer
has been replaced with the
three ATM layers to
support LAN Emulation
over an ATM network.
Just above the Physical
layer is the ATM layer
which deals with the
delivery of CELLS
carrying 48 bytes of
payload.
Above this is the AAL5
layer which handles
fragmentation and reassembly
to provide an
Ethernet Frame look-alike
interface for the layers
above.
Above this is the
Signaling and LAN
Emulation layer which
mimics the shared
medium approach of a
LAN and provides both
Broadcast and Multicast
functionality.
1.
d
(5
mar
ks)
(Refer to the two diagrams on page 38 of the CNPA Course Book)
Diagram 1.18 shows the 4 layers with Applications at the top, then Transports, then
IP and lastly Network at the bottom. Diagram 1.19 shows how the applications can
make direct calls down to the Network or IP layers and ignore the TCP or UDP
Transport layers. This gives a lot of flexibility that the ISO OSI model does not
allow.
The why is slightly more difficult. The IP part is centric to the whole thing and as
long as the interfaces to IP follow the API in both directions it matters not what
transport layer is above or what network layer is below, IP will still work and keep
it all together.
The four layer model fell out as a de-factor standard due to the fact that in the early
1980's the software was shipped as part of Berkley UNIX on a number of UNIX
platforms (most manufacturers provided the Berkley Extensions when they shipped
their own UNIX flavors).
If anyone has a more complete answer I'd like to hear it.
2.
a
(5
mar
ks)
(This is about IPv4 Address Classes)
All IP Addresses in Version 4 are 32 bits long and are written as four groups of
numbers separated by dots i.e.: 19.159.62.21
Each group represents an eight bit pattern written as a number between zero and
255. The actual bits in the address represent both a Network part and a Host part of
the node address. The dividing line between Network and Host gives rise to four
Classes as follows:
1. Class-A 7 bit Network 24 bit Host (First Bits = 0) Network Numbers: 1 -
126
2. Class-B 14 bit Network 16 bit Host (First Bits = 10) Network Numbers:
128 - 191
3. Class-C 21 bit Network 8 bit host (First Bits = 110) Network Numbers:
192 - 223
4. Class-D Multicast Addresses (First Bits = 1110) Network Numbers: 224 -
247
5. Class-E Reserved (First Bits = 1111) Network Numbers: 248 - 255
The number of bits used for the identification of the Network or the Host
determines the absolute number allowed for each part. So for Class-A with 7 bits in
the Network part, it can only support 126 networks (0 and 127 are reserved) but
each one can support up to 16,777,216 Hosts. For Class-C that equates to
2,097,152 networks supporting 255 Hosts each.
If the Network part of two addresses is the same (ignoring sub netting) then the
Hosts are said to be on the same Network.
The following are reserved addresses which have special meaning:
1. 127 Loopback Used for Adaptor testing
2. 255.255.255.255 Broadcast Sent to all hosts !!!
2.
b
(3
(Remember the Network and Host parts of the IP Address)
The Router looks at the first few bits of the Destination IP Address to determine
the Class of the address. Then it works out how many bits make up the Network
part of the IP Address. Then it looks this up in it's Routing Table to see what Port
mar
ks) is associated with that Network.
2.
c
(6
mar
ks)
(Subnet - Multiple LANS within one Site looks like One from outside the Site. Super
Net - A group of Networks treated as One Network)
Sub Netting was introduced in an attempt to improve the efficiency of address
allocation. It is enabled by the use of a Subnet Mask which, when logically Ended
with the Destination IP Address, reveals the Network and Host parts of the Address
as follows:
Destination IP Address: 128.016.044.012
Subnet Mask: 255.255.240.000
IP Adds: 1000 0000 . 0001 0000 . 0010 1100 . 0000
1100 (AND)
Subnets: 1111 1111 . 1111 1111 . 1111 0000 . 0000
0000 =
Network: 1000 0000 . 0001 0000 . 0010 0000 . 0000
0000 +
Host: 0000 0000 . 0000 0000 . 0000 1100 . 0000
1100
Destination Network: 128.016.032.000
Destination Host: 000.000.012.012
Note: The spaces and leading zeros are for clarity only
Super Netting was introduced to reduce the scaling problems associated with
globally unique addressing schemes. As the number of Networks goes up, then so
does the size of the Routing Tables held in the switches and routers. Searches
through the Routing Tables to find the correct port for datagram delivery take
longer as the Routing Table expands. The solution is to reduce the Routing Table
to show only the shortest Address Bit Patterns which uniquely identify the
outgoing Port. When Datagram nears it's final destination the Port Addresses get
more specific and the Bit Pattern matching the Destination Address eventually line
up on the final Port routing. See diagram below showing simplified 8 bit addresses:
Note: R = Router, N = Node
2.
d
(6
mar
ks)
(NAT=Network Address Translation, DNS = Domain Name Service or Server)
MAC Addresses are globally unique, but IP Addresses don't have to be under some
circumstances. Obviously, if you have a private network that is not connected to
the Internet, then addresses used on this Private LAN can be duplicates of IP
Addresses on the Internet. However as soon as you connect this private LAN to the
Internet, you must make sure there is no conflict with previously used addresses.
One way to do this is to use a NAT (Network Address Translator) box. As it's
name implies, this has the ability to convert the Source Address field in an
outgoing TCP packet from it's local (duplicate) address to a globally unique
address when passed on to the Internet. The following diagram shows how this
works:
Host A on NAT 1 sends a message to Host C on NAT 2. As the message arrives at
NAT 1, it's sources address is changed to 199.1.2.3 by NAT 1. DNS is asked for
the address of Host B and it replies with 199.5.6.7 which is used to set the
Destination Address. The message is sent and when it arrives at NAT 2, the NAT
box updates the Destination Address to 10.0.0.1 and delivers the message to Host
C. If Host C needs to reply back to Host B, the same procedure is used in the
opposite direction. The DNS always lies because it was lied to by the NAT boxes
when they announced their hosts.
A large private network can be hidden from the Internet by a NAT box with a
small number of Ports. Not everyone in the company using the private LAN will be
sending messages out side the LAN at the same time.
3.
a
(7
mar
ks)
(Fragmentation of an IP packet - Page 256 of course book)
The IP header contains an I dent Field which is unique per packet over a time
frame (depends on the sliding window size). When a packet is fragmented into
smaller packets each of the fragments carries the same I dent so that they can be
related back together at the collection point. The Offset Field in the header is used
to sequence the fragmented packets back into the correct order during the reassembly
into the single large packet.
The initial packet is shown at the top, beneath are three fragments showing the use
of I dent and Offset fields and the M bit of the Flags which is set to 1 when the
fragment is part of a collection. The M bit is set to 0 when it is the last fragment in
the set or when it is a stand alone packet.
3.
b
(6
mar
ks)
(Remember AAL5)
The fragmentation of IP packets over ATM is more efficiently done using the
ATM mechanisms of AAL5 Segmentation and Reassembly. This AAL protocol
sits above ATM and segments the data into units that fit into the ATM 48 byte
Cells.
Firstly the payload data is padded to the next 48 byte boundary to ensure the
payload can be split into a whole number of Cells. Then the payload is segmented
and encapsulated into ATM Cells before transmission over the ATM network.
Bit 3 in the ATM header Type Field is now used to indicate the last Segment in the
group or the only one when set to 1. When set to 0 then the ATM Cell is part of a
group (i.e. there is more to follow
Ans5:Introducing the TCP/IP Protocol Suite
This section presents an in-depth introduction to the protocols that are included in TCP/IP. Although the
information is conceptual, you should learn the names of the protocols. You should also learn what each
protocol does.
“TCP/IP” is the acronym that is commonly used for the set of network protocols that compose the
Internet Protocol suite. Many texts use the term “Internet” to describe both the protocol suite and the
global wide area network. In this book, “TCP/IP” refers specifically to the Internet protocol suite.
“Internet” refers to the wide area network and the bodies that govern the Internet.
To interconnect your TCP/IP network with other networks, you must obtain a unique IP address for your
network. At the time of this writing, you obtain this address from an Internet service provider (ISP).
If hosts on your network are to participate in the Internet Domain Name System (DNS), you must obtain
and register a unique domain name. The InterNIC coordinates the registration of domain names through a
group of worldwide registries. For more information on DNS, refer to System Administration Guide:
Naming and Directory Services (DNS, NIS, and LDAP).
Protocol Layers and the Open Systems Interconnection Model
Most network protocol suites are structured as a series of layers, sometimes collectively referred to as a
protocol stack. Each layer is designed for a specific purpose. Each layer exists on both the sending and
receiving systems. A specific layer on one system sends or receives exactly the same object that another
system's peer process sends or receives. These activities occur independently from activities in layers
above or below the layer under consideration. In essence, each layer on a system acts independently of
other layers on the same system. Each layer acts in parallel with the same layer on other systems.
OSI Reference Model
Most network protocol suites are structured in layers. The International Organization for Standardization
(ISO) designed the Open Systems Interconnection (OSI) Reference Model that uses structured layers. The
OSI model describes a structure with seven layers for network activities. One or more protocols is
associated with each layer. The layers represent data transfer operations that are common to all types of
data transfers among cooperating networks.
The OSI model lists the protocol layers from the top (layer 7) to the bottom (layer 1). The following table
shows the model.
Table 1-1 Open Systems Interconnection Reference Model
Layer
No.
Layer Name Description
7 Application Consists of standard communication services and applications that
everyone can use.
6 Presentation Ensures that information is delivered to the receiving system in a form that
the system can understand.
5 Session Manages the connections and terminations between cooperating systems.
4 Transport Manages the transfer of data. Also assures that the received data are
identical to the transmitted data.
3 Network Manages data addressing and delivery between networks.
2 Data link Handles the transfer of data across the network media.
1 Physical Defines the characteristics of the network hardware.
The OSI model defines conceptual operations that are not unique to any particular network protocol suite.
For example, the OSI network protocol suite implements all seven layers of the OSI model. TCP/IP uses
some of OSI model layers. TCP/IP also combines other layers. Other network protocols, such as SNA, add
an eighth layer.
TCP/IP Protocol Architecture Model
The OSI model describes idealized network communications with a family of protocols. TCP/IP does not
directly correspond to this model. TCP/IP either combines several OSI layers into a single layer, or does
not use certain layers at all. The following table shows the layers of the Solaris implementation of
TCP/IP. The table lists the layers from the topmost layer (application) to the bottommost layer (physical
network).
Table 1-2 TCP/IP Protocol Stack
OSI Ref.
Layer No.
OSI Layer Equivalent TCP/IP Layer TCP/IP Protocol Examples
5,6,7 Application, session,
presentation
Application NFS, NIS, DNS, LDAP, telnet, ftp,
rlogin, rsh, rcp, RIP, RDISC, SNMP, and
others
4 Transport Transport TCP, UDP, SCTP
3 Network Internet IPv4, IPv6, ARP, ICMP
2 Data link Data link PPP, IEEE 802.2
1 Physical Physical
network
Ethernet (IEEE 802.3), Token Ring, RS-232,
FDDI, and others
The table shows the TCP/IP protocol layers and the OSI model equivalents. Also shown are examples of
the protocols that are available at each level of the TCP/IP protocol stack. Each system that is involved in
a communication transaction runs a unique implementation of the protocol stack.
Physical Network Layer
The physical network layer specifies the characteristics of the hardware to be used for the network. For
example, physical network layer specifies the physical characteristics of the communications media. The
physical layer of TCP/IP describes hardware standards such as IEEE 802.3, the specification for Ethernet
network media, and RS-232, the specification for standard pin connectors.
Data-Link Layer
The data-link layer identifies the network protocol type of the packet, in this instance TCP/IP. The datalink
layer also provides error control and “framing.” Examples of data-link layer protocols are Ethernet
IEEE 802.2 framing and Point-to-Point Protocol (PPP) framing.
Internet Layer
The Internet layer, also known as the network layer or IP layer, accepts and delivers packets for the
network. This layer includes the powerful Internet Protocol (IP), the Address Resolution Protocol (ARP),
and the Internet Control Message Protocol (ICMP).
IP Protocol
The IP protocol and its associated routing protocols are possibly the most significant of the entire TCP/IP
suite. IP is responsible for the following:
• IP addressing – The IP addressing conventions are part of the IP protocol. Designing an IPv4
Addressing Scheme introduces IPv4 addressing and IPv6 Addressing Overview introduces IPv6 addressing.
• Host-to-host communications – IP determines the path a packet must take, based on the
receiving system's IP address.
• Packet formatting – IP assembles packets into units that are known as datagram’s. Datagram’s
are fully described in Internet Layer: Where Packets Are Prepared for Delivery.
• Fragmentation – If a packet is too large for transmission over the network media, IP on the
sending system breaks the packet into smaller fragments. IP on the receiving system then reconstructs the
fragments into the original packet.
The Solaris OS supports both IPv4 and IPv6 addressing formats, which are described in this book. To avoid
confusion when addressing the Internet Protocol, one of the following conventions is used:
• When the term “IP” is used in a description, the description applies to both IPv4 and IPv6.
• When the term “IPv4” is used in a description, the description applies only to IPv4.
• When the term “IPv6” is used in a description, the description applies only to IPv6.
ARP Protocol
The Address Resolution Protocol (ARP) conceptually exists between the data-link and Internet layers. ARP
assists IP in directing datagram’s to the appropriate receiving system by mapping Ethernet addresses (48
bits long) to known IP addresses (32 bits long).
ICMP Protocol
The Internet Control Message Protocol (ICMP) detects and reports network error conditions. ICMP reports
on the following:
• Dropped packets – Packets that arrive too fast to be processed
• Connectivity failure – A destination system cannot be reached
• Redirection – Redirecting a sending system to use another router
Chapter 8, Administering a TCP/IP Network (Tasks) contains more information on the Solaris OS
commands that use ICMP for error detection.
Transport Layer
The TCP/IP transport layer ensures that packets arrive in sequence and without error, by swapping
acknowledgments of data reception, and retransmitting lost packets. This type of communication is
known as end-to-end. Transport layer protocols at this level are Transmission Control Protocol (TCP),
User Datagram Protocol (UDP), and Stream Control Transmission Protocol (SCTP). TCP and SCTP provide
reliable, end-to-end service. UDP provides unreliable datagram service.
TCP Protocol
TCP enables applications to communicate with each other as though they were connected by a physical
circuit. TCP sends data in a form that appears to be transmitted in a character-by-character fashion,
rather than as discrete packets. This transmission consists of the following:
• Starting point, which opens the connection
• Entire transmission in byte order
• Ending point, which closes the connection.
TCP attaches a header onto the transmitted data. This header contains many parameters that help
processes on the sending system connect to peer processes on the receiving system.
TCP confirms that a packet has reached its destination by establishing an end-to-end connection between
sending and receiving hosts. TCP is therefore considered a “reliable, connection-oriented” protocol.
SCTP Protocol
SCTP is a reliable, connection-oriented transport layer protocol that provides the same services to
applications that are available from TCP. Moreover, SCTP can support connections between systems that
have more than one address, or multihomed. The SCTP connection between sending and receiving system
is called an association. Data in the association is organized in chunks. Because SCTP supports
multihoming, certain applications, particularly applications used by the telecommunications industry,
need to run over SCTP, rather than TCP.
UDP Protocol
UDP provides datagram delivery service. UDP does not verify connections between receiving and sending
hosts. Because UDP eliminates the processes of establishing and verifying connections, applications that
send small amounts of data use UDP.
Application Layer
The application layer defines standard Internet services and network applications that anyone can use.
These services work with the transport layer to send and receive data. Many application layer protocols
exist. The following list shows examples of application layer protocols:
• Standard TCP/IP services such as the ftp, tftp, and telnet commands
• UNIX “r” commands, such as rlogin and rsh
• Name services, such as NIS and the domain name system (DNS)
• Directory services (LDAP)
• File services, such as the NFS service
• Simple Network Management Protocol (SNMP), which enables network management
• Router Discovery Server protocol (RDISC) and Routing Information Protocol (RIP) routing protocols
Standard TCP/IP Services
• FTP and Anonymous FTP – The File Transfer Protocol (FTP) transfers files to and from a remote
network. The protocol includes the ftp command and the in.ftpd daemon. FTP enables a user to
specify the name of the remote host and file transfer command options on the local host's command line.
The in.ftpd daemon on the remote host then handles the requests from the local host. Unlike rcp,
ftp works even when the remote computer does not run a UNIX based operating system. A user must log
in to the remote system to make an ftp connection, unless the remote system has been configured to
allow anonymous FTP.
You can obtain an enormous amount of material from anonymous FTP servers that are connected to the
Internet. Universities and other institutions set up these servers to offer software, research papers, and
other information to the public domain. When you log in to this type of server, you use the login name
anonymous, hence the term “anonymous FTP server.”
Using anonymous FTP and setting up anonymous FTP servers is outside the scope of this manual. However,
many books, such as The Whole Internet User's Guide & Catalog, discuss anonymous FTP in detail.
Instructions for using FTP are in System Administration Guide: Network Services. The ftp(1) man page
describes all ftp command options that are invoked through the command interpreter. The ftpd(1M)
man page describes the services that are provided by the in.ftpd daemon.
• Telnet – The Telnet protocol enables terminals and terminal-oriented processes to communicate
on a network that runs TCP/IP. This protocol is implemented as the telnet program on local systems
and the in.telnetd daemon on remote machines. Telnet provides a user interface through which two
hosts can communicate on a character-by-character or line-by-line basis. Telnet includes a set of
commands that are fully documented in the telnet(1) man page.
• TFTP – The Trivial File Transfer Protocol (tftp) provides functions that are similar to ftp, but
the protocol does not establish ftp's interactive connection. As a result, users cannot list the contents of
a directory or change directories. A user must know the full name of the file to be copied. The
tftp(1)man page describes the tftp command set.
UNIX “r” Commands
The UNIX “r” commands enable users to issue commands on their local machines that run on the remote
host. These commands include the following:
• rcp
• rlogin
• rsh
Instructions for using these commands are in the rcp(1), rlogin(1), and rsh(1) man pages.
Name Services
The Solaris OS provides the following name services:
• DNS – The domain name system (DNS) is the name service provided by the Internet for TCP/IP
networks. DNS provides host names to the IP address service. DNS also serves as a database for mail
administration. For a complete description of this service, see System Administration Guide: Naming and
Directory Services (DNS, NIS, and LDAP). See also the resolver(3RESOLV) man page.
• /etc files – The original host-based UNIX name system was developed for standalone UNIX
machines and then adapted for network use. Many old UNIX operating systems and computers still use this
system, but it is not well suited for large complex networks.
• NIS – Network Information Service (NIS) was developed independently of DNS and has a slightly
different focus. Whereas DNS focuses on making communication simpler by using machine names instead
of numerical IP addresses, NIS focuses on making network administration more manageable by providing
centralized control over a variety of network information. NIS stores information about machine names
and addresses, users, the network itself, and network services. NIS name space information is stored in
NIS maps. For more information on NIS Architecture and NIS Administration, see System Administration
Guide: Naming and Directory Services (DNS, NIS, and LDAP).
Directory Service
The Solaris OS supports LDAP (Lightweight Directory Access Protocol) in conjunction with the Sun Open
Net Environment (Sun ONE) Directory Server, as well as other LDAP directory servers. The distinction
between a name service and a directory service is in the differing extent of functionality. A directory
service provides the same functionality of a naming service, but provides additional functionalities as
well. See System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).
File Services
The NFS application layer protocol provides file services for the Solaris OS. You can find complete
information about the NFS service in System Administration Guide: Network Services.
Network Administration
The Simple Network Management Protocol (SNMP) enables you to view the layout of your network and the
status of key machines. SNMP also enables you to obtain complex network statistics from software that is
based on a graphical user interface (GUI). Many companies offer network management packages that
implement SNMP.
