Скачать презентацию An Introduction to Networking Chapter 1 Panko s Business Скачать презентацию An Introduction to Networking Chapter 1 Panko s Business

a2abdca7ce55501717dbe6099f72bec5.ppt

  • Количество слайдов: 89

An Introduction to Networking Chapter 1 Panko’s Business Data Networks and Telecommunications, 6 th An Introduction to Networking Chapter 1 Panko’s Business Data Networks and Telecommunications, 6 th edition Copyright 2007 Prentice-Hall May only be used by adopters of the book

The Chapter • This chapter is a survey of the key concepts we will The Chapter • This chapter is a survey of the key concepts we will see in this course • The rest of the book essentially fleshes out the concepts we will see in this chapter 2

Part I: Basic Networks Concepts we will see throughout the book Part I: Basic Networks Concepts we will see throughout the book

Figure 1 -1: Basic Networking Concepts • What Is a Network? – A network Figure 1 -1: Basic Networking Concepts • What Is a Network? – A network is a transmission system that connects two or more applications running on different computers. Network 4

Figure 1 -2: The Internet and Applications Webserver Application E-Mail Client Computer Browser Mobile Figure 1 -2: The Internet and Applications Webserver Application E-Mail Client Computer Browser Mobile Client Computer The Internet (Global Transmission System To Carry Application Data) The Internet is a Global TRANSMISSION System Applications are DELIVERED By The Internet Server Computer (Webserver) E-Mail Application Server Computer (Mail Server) 5

Figure 1 -1: Basic Networking Concepts • The Internet – Client/server applications • PC Figure 1 -1: Basic Networking Concepts • The Internet – Client/server applications • PC clients receive service from servers • Many C/S applications need special clients • Many (but not all) C/S applications only need a browser Client Program Client Computer Server Program Server Computer 6

Figure 1 -1: Basic Networking Concepts • Internal Corporate Networks – For transmission among Figure 1 -1: Basic Networking Concepts • Internal Corporate Networks – For transmission among computers within a corporation – Transaction processing applications • High-volume clerical(書記的) applications • Accounting, payroll, billing, etc. – Voice over IP (Vo. IP) 7

Figure 1 -1: Basic Networking Concepts • Data Communications and Telecommunications – Data communications, Figure 1 -1: Basic Networking Concepts • Data Communications and Telecommunications – Data communications, as the name suggests, involves the transmission of data (text, numbers, pictures, and other information). – In turn, telecommunications is the transmission of voice and video, including ordinary telephony and broadcast and cable television. – Beginning to converge 8

Figure 1 -1: Basic Networking Concepts • Digital Transmission – Information is first converted Figure 1 -1: Basic Networking Concepts • Digital Transmission – Information is first converted into a string of ones and zeros (binary) – Next, the ones and zeros are converted into signals that propagate over transmission media. – More detail in Chapter 3 Hello… 101001 12345… 1000100 9

Part II: The Nine Elements of a Network Although the idea of “network” is Part II: The Nine Elements of a Network Although the idea of “network” is simple, you must understand the nine elements found in most networks

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Computer Access Line Switch 2 Networks connect Switch applications on different computers. Switch 1 Applications are all users care about Trunk 3 Line Mobile Client Wireless Access Point Server Computer Outside World Router 11

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Computer Mobile Client Access Line Switch 2 Networks connect computers: clients (fixed and mobile) and servers Switch 1 Trunk 3 Line Wireless Access Point Server Computer Outside World Router 12

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Data Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Data Link Client Computer Switch Computers (and routers) 1 usually communicate Trunk by sending messages Line called frames Mobile Client Wireless Access Point Server The path Computer a frame takes Switch is called its data link 3 Outside World Router 13

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Frame Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Frame to Sw 1 Frame to Sw 2 Client Computer Frame To Sw 3 Switch 2 Switch 1 Switch 3 Trunk Line Mobile Client Switches Forward Frames Sequentially Wireless Access Point Frame to Server Computer Outside World Switch 4 Router 14

Figure 1 -5: Ethernet Switch Operation C 3 - is out Port 15 Switching Figure 1 -5: Ethernet Switch Operation C 3 - is out Port 15 Switching Table Port Host 10 A 1 -44 -D 5 -1 F-AA-4 C 2 13 B 2 -CD-13 -5 B-E 4 -65 15 C 3 -2 D-55 -3 B-A 9 -4 F 16 D 4 -47 -55 -C 4 -B 6 -F 9 Frame to C 3… D 4 -47 -55 -C 4 -B 6 -F 9 Switch 3 Port 15 Frame to C 3… 1 A 1 -44 -D 5 -1 F-AA-4 C B 2 -CD-13 -5 B-E 4 -65 A 1 - sends a frame to C 3 -2 D-55 -3 B-A 9 -4 F Switch sends frame to C 315

Figure 1 -3: Elements of a Network Small Switches (Stacked): Both sizes of switches Figure 1 -3: Elements of a Network Small Switches (Stacked): Both sizes of switches are 48 cm (19 inches) wide Large Switch 16

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Switch Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Switch 2 Access Line Client Computer Wireless Access Switch Points Connect 1 Wireless Stations Trunk Line to Switches Mobile Client Wireless Access Point Server Computer Switch 3 Outside World Switch 4 Router 17

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Computer Switch 2 Access Line Switch 1 Trunk Line Routers connect networks to the outside world; Switch Treated just like computers 3 in single networks Mobile Client Wireless Access Point Server Computer Outside World Switch 4 Router 18

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Access Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Access Line Client Computer Switch 2 Access Lines Connect Computers Switch to Switches 1 Trunk Line Mobile Client Wireless Access Point Server Computer Switch 3 Outside World Switch 4 Router 19

Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Figure 1 -3: Elements of a Network Client Application Server Application Message (Frame) Client Computer Switch 2 Access Line Switch 1 Mobile Client Trunk Lines Connect Switches to Switches and Wireless Switches to Routers Point Access Trunk Lines Switch 4 Server Computer Switch 3 Trunk Line Outside World Router 20

Figure 1 -4: Packet Switching and Multiplexing Client Computer A AC Breaking Communications into Figure 1 -4: Packet Switching and Multiplexing Client Computer A AC Breaking Communications into Small Messages is Called Packet Switching, even if the Messages are Frames AC AC BD AC Server Computer C Trunk Line BD Access BD Line Multiplexing Mixes BD the Messages of Multiple Conversations on a Trunk Line Mobile Client Computer B So Packet Switching Reduces the Cost of Trunk Lines Router D 21

Network Elements: Recap • Applications (the only element that users care about) • Computers Network Elements: Recap • Applications (the only element that users care about) • Computers – Clients – Servers • Switches and Routers • Transmission Lines – Trunk lines – Access Lines • Messages (Frames) • Wireless Access Points Never talk about an innovation “reducing cost, ” “increasing speed, ” etc. without specifying which element is cheaper or faster. For example, multiplexing only reduces the cost of trunk lines; other costs are not decreased 22

Part III: Transmission Speed Part III: Transmission Speed

Figure 1 -6: Transmission Speed • Measuring Transmission Speed – Measured in bits per Figure 1 -6: Transmission Speed • Measuring Transmission Speed – Measured in bits per second (bps) – In metric notation: • Increasing factors of 1, 000 … – Not factors of 1, 024 103 • Kilobits per second (kbps)-note the lowercase k 106 • Megabits per second (Mbps) 109 • Gigabits per second (Gbps) 1012 • Terabits per second (Tbps) 24

Figure 1 -6: Transmission Speed • Measuring Transmission Speed – What is 23, 000 Figure 1 -6: Transmission Speed • Measuring Transmission Speed – What is 23, 000 bps in metric notation? – What is 3, 000, 000 bps in metric notation? – What is 15, 100, 000 bps in metric notation? • Occasionally measured in bytes per second • Written as Bps 25

Figure 1 -6: Transmission Speed • Writing Transmission Speeds – The rule for writing Figure 1 -6: Transmission Speed • Writing Transmission Speeds – The rule for writing speeds (and metric numbers in general) is that there should be 1 to 3 places before the decimal point • 23. 72 Mbps is correct (2 places before the decimal point). • 2, 300 Mbps has four places before the decimal point, so it should be rewritten as 2. 3 Gbps (1 place). • 0. 5 Mbps has zero places to the left of the decimal point. It should be written as 500 kbps (3 places). 26

Figure 1 -6: Transmission Speed • Writing Transmission Speeds – How to convert 1, Figure 1 -6: Transmission Speed • Writing Transmission Speeds – How to convert 1, 200 Mbps to proper form • Divide the number 1, 200 by 1000 – Move decimal point three places to the left: 1. 200 • Multiple the metric suffix Mbps by 1, 000 – Gbps • Result: – 1. 2 Gbps – When you make either the number or the metric smaller, you have to make the other one bigger 27

Figure 1 -6: Transmission Speed • Writing Transmission Speeds – How to convert 0. Figure 1 -6: Transmission Speed • Writing Transmission Speeds – How to convert 0. 036 Mbps to proper form • Multiply the number 0. 036 by 1000 – Move decimal point three places to the right: 36 • Divide the metric suffix Mbps by 1, 000 – kbps • Result: – 36 kbps 28

Figure 1 -6: Transmission Speed • Writing Transmission Speeds – How should you write Figure 1 -6: Transmission Speed • Writing Transmission Speeds – How should you write the following in proper form? • 549. 73 kbps • 0. 47 Gbps • 11, 200 Mbps • . 0021 Gbps 29

Figure 1 -6: Transmission Speed • Rated Speed Versus Throughput – Rated speed is Figure 1 -6: Transmission Speed • Rated Speed Versus Throughput – Rated speed is the speed a network should provide, based on standards – Throughput is the speed a network actually provides – We will use this distinction constantly throughout this book 30

Figure 1 -6: Transmission Speed • Rated Speed Versus Throughput – When transmission capacity Figure 1 -6: Transmission Speed • Rated Speed Versus Throughput – When transmission capacity is shared by multiple users, • The total shared throughput is the aggregate throughput • Individual throughput is what individuals receive as a fraction of the aggregate throughput 31

Part IV: LANs and WANs Part IV: LANs and WANs

First Bank of Paradise (FBP) • The book’s running case study – Composite mid-size First Bank of Paradise (FBP) • The book’s running case study – Composite mid-size bank in Hawaii – Banks are fairly “typical” firms, although they have stronger need for security – Warren Chun is the chief information officer (CIO) – Yvonne Champion is the network manager 33

First Bank of Paradise (FBP) • Annual Revenues: $4. 5 Billion • Operations – First Bank of Paradise (FBP) • Annual Revenues: $4. 5 Billion • Operations – 60 Branches – 375 ATMs (Automated Teller Machines) • Network – 700 Ethernet switches – 450 Routers 34

First Bank of Paradise (FBP) • Computers – 2, 300 desktop and notebook user First Bank of Paradise (FBP) • Computers – 2, 300 desktop and notebook user PCs – 130 Windows servers – 60 Unix servers • Information Systems Staff – 112 people 35

Figure 1 -8: LANs Versus WANs Characteristics LANs Scope For transmission within For transmission Figure 1 -8: LANs Versus WANs Characteristics LANs Scope For transmission within For transmission a site. Campus, between sites building, and SOHO (Small Office or Home Office) LANs Cost per bit Transmitted Low High Unshared 100 Mbps to a gigabit per second to each desktop. Even faster trunk line speeds. Shared 128 kbps to several megabits per second trunk line speeds Typical Speed WANs 36

Figure 1 -8: LANs Versus WANs Characteristics Management Choices LANs WANs On own premises, Figure 1 -8: LANs Versus WANs Characteristics Management Choices LANs WANs On own premises, so firm builds and manages its own LAN or outsources the Work Must use a carrier with rights of way for transmission in public Area. Carrier handles most work but Charges a high price. Unlimited Only those offered by carrier 37

Figure 1 -9: Local Area Network (LAN) in a Large Building Multi-floor Office Building Figure 1 -9: Local Area Network (LAN) in a Large Building Multi-floor Office Building The bank has multiple LANs—one at each site 38

Figure 1 -9: Local Area Network (LAN) in a Large Building Client Server Wall Figure 1 -9: Local Area Network (LAN) in a Large Building Client Server Wall Jack Workgroup Switch 2 Workgroup Switch 1 Wall Jack To WAN Router Core Switch Frames from the client to the server go through Workgroup Switch 2, through the Core Switch, through Workgroup Switch 1, and then 39 to the server

Figure 1 -10: Workgroup Switch (19 inches / 48 cm Wide) 48 cm (19 Figure 1 -10: Workgroup Switch (19 inches / 48 cm Wide) 48 cm (19 in. ) Workgroup Switch with 16 ports Wire cord going out to a computer or to another switch 40

Figure 1 -7: The First Bank of Paradise’s Wide Area Networks (WANs) Frame Relay Figure 1 -7: The First Bank of Paradise’s Wide Area Networks (WANs) Frame Relay Network Branch Office North Shore Operations OC 3 Private Leased Line T 3 Bank has multiple T 3 facilities connected by multiple WANs Headquarters OC-n: Optical Carrier-n, n × 51. 84 Mbit/s T 3: T-carrier Third Level, 44. 736 Mbit/s 41

Recap: LANs and WANs • LANs transmit data within corporate sites • WANs transmit Recap: LANs and WANs • LANs transmit data within corporate sites • WANs transmit data between corporate sites • Each LAN or WAN is a single network • LAN costs are low and speeds are high WAN • WAN costs are high and speeds are lower 42

Part V: Internets Part V: Internets

Figure 1 -11: Internets • Single LANs Versus Internets – In single networks (LANs Figure 1 -11: Internets • Single LANs Versus Internets – In single networks (LANs and WANs), all devices connect to one another by switches—our focus so far. – In contrast, an internet is a group of networks connected by routers so that any application on any host on any single network can communicate with any application on any other host on any other network in the internet. Application LAN WAN Router 44

Figure 1 -11: Internets • Internet Components – All computers in an internet are Figure 1 -11: Internets • Internet Components – All computers in an internet are called hosts • Servers, clients, PDAs, cellphones, etc. PDA (Host) Client PC (Host) Vo. IP Phone (Host) Internet Server (Host) Cellphone (Host) 45

Figure 1 -11: Internets • Hosts Have Two Addresses • IP Address – This Figure 1 -11: Internets • Hosts Have Two Addresses • IP Address – This is the host’s official address on its internet – 32 bits long – Expressed for people in dotted decimal notation (e. g. , 128. 171. 17. 13) • Single-Network Addresses – This is the host’s address on its single network – Ethernet addresses, for instance, are 48 bits long – Expressed in hexadecimal notation (e. g. , AF-23 -9 B-E 8 -67 -47) 46

Figure 1 -11: Internets • Networks are connected by devices called routers – Switches Figure 1 -11: Internets • Networks are connected by devices called routers – Switches provide connections within networks, while routers provide connections between networks in an internet. • Frames and Packets – In single networks, message are called frames frame – In internets, messages are called packets packet 47

Figure 1 -11: Internets • Packets are carried within frames – One packet is Figure 1 -11: Internets • Packets are carried within frames – One packet is transmitted from the source host to the destination host • Its IP destination address is that of the destination host – In each network, the packet is carried in (encapsulated in) a frame (Figure 1 -12) – If there are N networks between the source and destination hosts, there will be one packet and N frames for a transmission 48

Figure 1 -12: Internet with Three Networks Host A Packet Network X Network Z Figure 1 -12: Internet with Three Networks Host A Packet Network X Network Z A packet goes all the way across the internet; Route A-B It’s path is its route R 1 Network Y R 2 Host B 49

Figure 1 -12: Internet with Three Networks • Messages in single networks (LANs or Figure 1 -12: Internet with Three Networks • Messages in single networks (LANs or WANs) are called frames • Message in internets are called packets – Travel from the source host to the destination host across the entire internet • Within a single network, the packet is encapsulated in (carried in) the network’s frame Packet Package (Packet) Truck (frame) Frame 50

Figure 1 -12: Internet with Three Networks In Network X, the Packet is Placed Figure 1 -12: Internet with Three Networks In Network X, the Packet is Placed in Frame X Packet Details in Network X Switch Host A 10. 0. 0. 23 AB-23 -D 1 -A 8 -34 -DD Data link A-R 1 Switch X 1 A route is a packet’s path through the Mobile Client internet Host Route A-B Network X Switch X 2 Switch Server A data Link is a Host frame’s path through its single network Router R 1 D 6 -EE-92 -5 F-C 1 -56 51

Figure 1 -12: Internet with Three Networks Details in Network Y To Network X Figure 1 -12: Internet with Three Networks Details in Network Y To Network X Route A-B To Network Z Router R 1 Data Link R 1 -R 2 Frame Y Packet Router R 2 AF-3 B-E 7 -39 -12 -B 5 Network Y 52

Figure 1 -12: Internet with Three Networks Data Link R 2 -B Host B Figure 1 -12: Internet with Three Networks Data Link R 2 -B Host B www. pukanui. com 1. 3. 45. 111 55 -6 B-CC-D 4 -A 7 -56 Details in Network Z Frame Z Packet Switch Z 1 Switch Z 2 Switch Mobile Client Host Router R 2 Mobile Client Computer Router Network Z 53

Figure 1 -12: Internet with Three Networks • In this internet with three networks, Figure 1 -12: Internet with Three Networks • In this internet with three networks, in a transmission, – There is one packet – There are three frames (one in each network) • If a packet in an internet must pass through 10 networks, – How many packets will be sent? – How many frames must carry the packet? 54

Recap • Switches versus Routers – Switches move frames through a single network (LAN Recap • Switches versus Routers – Switches move frames through a single network (LAN or WAN) – Routers move packets through internets • Messages – Messages in single networks are called frames – Messages in internets are called packets – Packets are encapsulated within (carried inside) frames 55

Figure 1 -12: Internet with Three Networks • Spelled in lowercase, “internet” is any Figure 1 -12: Internet with Three Networks • Spelled in lowercase, “internet” is any internet • Spelled in uppercase, “Internet” is the global Internet 56

Figure 1 -13: Converting IP Addresses into Dotted Decimal Notation IP Address (32 bits Figure 1 -13: Converting IP Addresses into Dotted Decimal Notation IP Address (32 bits long) 100000001011000100001101 Divided into 4 bytes. These 10000000 10101011 0001 00001101 are segments. Convert each byte to decimal (result will be between 0 and 255)* Dotted decimal notation (4 segments separated by dots) 128 171 17 13 128. 171. 17. 13 *The conversion process is described in the Hands On section at the end of the chapter. 57

Figure 1 -25: Windows Calculator 1. Open Calculator, which is in the Program Group Figure 1 -25: Windows Calculator 1. Open Calculator, which is in the Program Group Accessories 2. Select View, Scientific 58

Figure 1 -25: Windows Calculator 4. Enter data on keypad (Limit is 8 bits Figure 1 -25: Windows Calculator 4. Enter data on keypad (Limit is 8 bits for Binary) 3. Enter initial data type here Dec = Decimal Bin = Binary 59

Figure 1 -25: Windows Calculator 6. Observe answer 5. Enter final data type here, Figure 1 -25: Windows Calculator 6. Observe answer 5. Enter final data type here, observe results Initial zeros are dropped, so answer is 0001 0111 60

Figure 1 -14: The Internet, internets, Intranets, and Extranets • The Global Internet – Figure 1 -14: The Internet, internets, Intranets, and Extranets • The Global Internet – As noted earlier, • Spelled with a lowercase i, internet means any internet • Spelled with a uppercase I, Internet means the global Internet 61

Figure 1 -14: The Internet, internets, Intranets, and Extranets • The Internet (Figure 1 Figure 1 -14: The Internet, internets, Intranets, and Extranets • The Internet (Figure 1 -18) – Host computers – Internet service providers (ISPs) • Required to access the Internet • Carry your packets across the Internet • Collect money to pay for the Internet – The Internet backbone consists of many ISPs • ISPs interconnect at Network access points (NAPs) to exchange cross-ISP traffic 62

Figure 1 -17: The Internet Webserver Host Computer User PC Host Computer Access Line Figure 1 -17: The Internet Webserver Host Computer User PC Host Computer Access Line Internet Backbone (Multiple ISP Carriers) Access Line Router NAP ISP User PC’s Internet Service Provider NAP = Network Access Point Webserver’s Internet Service Provider 63

Figure 1 -18: Subnets in an Internet LAN 2 LAN 1 Router R 1 Figure 1 -18: Subnets in an Internet LAN 2 LAN 1 Router R 1 LAN Subnet 60. 4. 3. x LAN Subnet 10. 1. x. x LAN Subnet 10. 2. x. x LAN Subnet 10. 3. x. x Router R 2 LAN Subnet 60. 4. 15. x WAN Subnet 123. x. x. x LAN Subnet 60. 4. 7. x Router R 4 LAN Subnet 60. 4. 131. x Router R 3 Note: Subnets are single networks (collections of switches, transmission lines) 64

Figure 1 -19: Terminology Differences for Single. Network and Internet Professionals By Single-Network Professionals Figure 1 -19: Terminology Differences for Single. Network and Internet Professionals By Single-Network Professionals By Internet Professionals Single Networks Are Called Networks Subnets Internets Are Called Internets Networks In this book, to avoid confusion, we will call internets “internets” and subnets “single networks” 65

Figure 1 -14: The Internet, internets, Intranets, and Extranets • Intranets – An intranet Figure 1 -14: The Internet, internets, Intranets, and Extranets • Intranets – An intranet is an internal internet for use within an organization – Based on the TCP/IP standards created for the Internet “Intra” means “within” 66

Figure 1 -14: The Internet, internets, Intranets, and Extranets • Extranets – To connect Figure 1 -14: The Internet, internets, Intranets, and Extranets • Extranets – To connect multiple firms • Only some computers from each firm are on the extranet – Use TCP/IP standards “Extra” means “outside” 67

Figure 1 -14: The Internet, internets, Intranets, and Extranets • Intranets, Extranets, and the Figure 1 -14: The Internet, internets, Intranets, and Extranets • Intranets, Extranets, and the Internet – Confusingly, both intranets and extranets can use the Internet for some of their transmission capacity 68

Figure 1 -15: Routers (19 inches / 48 cm Wide) 69 Figure 1 -15: Routers (19 inches / 48 cm Wide) 69

Figure 1 -16: Small Router for a Branch Office (19 inches / 48 cm Figure 1 -16: Small Router for a Branch Office (19 inches / 48 cm Wide) Height: 1 U = 1. 75 inches (Pizza Box) 70

Figure 1 -20: IP Address Management • Every Host Must Have a Unique IP Figure 1 -20: IP Address Management • Every Host Must Have a Unique IP address – Server hosts are given static IP addresses (unchanging) – Clients get dynamic (temporary) IP addresses that may be different each time they use an internet • Dynamic Host Configuration Protocol (DHCP) (Figure 1 -21) – Clients get these dynamic IP addresses from Dynamic Host Configuration Protocol (DHCP) servers (Figure 121) 71

Figure 1 -21: Dynamic Host Configuration Protocol (DHCP) Pool of IP Addresses Client PC Figure 1 -21: Dynamic Host Configuration Protocol (DHCP) Pool of IP Addresses Client PC A 3 -4 E-CD-59 -28 -7 F DHCP Server DHCP Request Message: “My 48 -bit Ethernet address is A 3 -4 E-CD-59 -28 -7 F”. Please give me a 32 -bit IP address. ” 72

Figure 1 -21: Dynamic Host Configuration Protocol (DHCP) Pool of IP Addresses Client PC Figure 1 -21: Dynamic Host Configuration Protocol (DHCP) Pool of IP Addresses Client PC A 3 -4 E-CD-59 -28 -7 F DHCP Server DHCP Response Message: “Computer at A 3 -4 E-CD-59 -28 -7 F, your 32 -bit IP address is 1101000010111110101100000010”. (Usually other configuration parameters as well. ) 73

動態主機組態協定(DHCP) • Dynamic Host Configuration Protocol • 自動設定電腦的 – IP位址(163. 22. 20. 223) – 動態主機組態協定(DHCP) • Dynamic Host Configuration Protocol • 自動設定電腦的 – IP位址(163. 22. 20. 223) – 子網路遮罩(255. 0) – 預設通訊閘(163. 22. 20. 254) – 領域名稱伺服器(163. 22. 2. 1) –… • winipcfg (Win 98/Me) • ipconfig /all (Win 2000/XP) 74

Ipconfig (Windows XP, 2000) • ipconfig /all • ipconfig /release • ipconfig /renew 75 Ipconfig (Windows XP, 2000) • ipconfig /all • ipconfig /release • ipconfig /renew 75

1 2 3 控制台 網路和網際網路連線 76 1 2 3 控制台 網路和網際網路連線 76

77 77

Figure 1 -20: IP Address Management • Domain Name System (DNS) (Figure 1 -22) Figure 1 -20: IP Address Management • Domain Name System (DNS) (Figure 1 -22) – IP addresses are official addresses on the Internet and other internets – Hosts can also have host names (e. g. , cnn. com) • Not official—like nicknames – If you only know the host name of a host that you want to reach, your computer must learn its IP address • DNS servers tell our computer the IP address of a target host whose name you know. (Figure 1 -22) 78

Figure 1 -22: The Domain Name System (DNS) 1. Client Host wishes to reach Figure 1 -22: The Domain Name System (DNS) 1. Client Host wishes to reach Voyager. cba. hawaii. edu; Needs to know its IP Address DNS Table Host Name IP Address … … Voyager. cba. hawaii. edu 128. 171. 17. 13 … … 2. Sends DNS Request Message “The host name is Voyager. cba. hawaii. edu” Voyager. cba. hawaii. edu 128. 171. 17. 13 Local DNS Host 79

Figure 1 -22: The Domain Name System (DNS) DNS Table Host Name IP Address Figure 1 -22: The Domain Name System (DNS) DNS Table Host Name IP Address … … Voyager. cba. hawaii. edu 128. 171. 17. 13 … … 4. DNS Response Message “The IP address is 128. 171. 17. 13” 5. Client sends packets to 128. 171. 17. 13 DNS Host 3. DNS Host looks up IP address Voyager. cba. hawaii. edu 128. 171. 17. 13 80

Figure 1 -22: The Domain Name System (DNS) The local DNS host sends back Figure 1 -22: The Domain Name System (DNS) The local DNS host sends back the response; the user is unaware that other DNS hosts were involved Client Host DNS Table Host Name IP Address … … Voyager. cba. hawaii. edu 128. 171. 17. 13 … … 1. DNS Request Message 3. DNS Response Message If local DNS host does not have the target host’s IP address, it contacts other DNS hosts to get the IP address Local DNS Host 2. Request & Response Anther DNS Host 81

 • nslookup • ipconfig /displaydns • ipconfig /flushdns • ipconfig /registerdns 82 • nslookup • ipconfig /displaydns • ipconfig /flushdns • ipconfig /registerdns 82

Part VI: Security Part VI: Security

Figure 1 -23: Firewall and Hardened Hosts Allowed Legitimate Packet Border Firewall The Internet Figure 1 -23: Firewall and Hardened Hosts Allowed Legitimate Packet Border Firewall The Internet Hardened Server Hardened Client PC Attacker Border firewall should pass legitimate packets Legitimate Packet Legitimate Host Log File Internal Corporate Network 84

Figure 1 -23: Firewall and Hardened Hosts Hardened Server Border firewall should deny (drop) Figure 1 -23: Firewall and Hardened Hosts Hardened Server Border firewall should deny (drop) and log attack packets Border Firewall Attack Packet Attacker The Internet Hardened Client PC Denied Attack Packet Log File Legitimate Host Internal Corporate Network 85

Figure 1 -23: Firewall and Hardened Hosts Hardened Server Attack Packet Border Firewall Attack Figure 1 -23: Firewall and Hardened Hosts Hardened Server Attack Packet Border Firewall Attack Packet Attacker The Internet Hardened Client PC Attack Packet Hosts should Denied be hardened Attack against attack packets Packet that get through Legitimate Host Internal Corporate Log File Network 86

Figure 1 -24: Cryptographic Protections • Cryptography 阻撓 – The use of mathematical operations Figure 1 -24: Cryptographic Protections • Cryptography 阻撓 – The use of mathematical operations to thwart attacks on message dialogues between pairs of communicating parties (people, programs, or devices) • Cryptography is Expensive – Usually only sensitive dialogues are cryptographically secured • Initial Authentication 騙子 – Determine the other party’s identity to thwart impostors 87

Figure 1 -24: Cryptographic Protections • Message-by-Message Protections – Encryption to provide confidentiality so Figure 1 -24: Cryptographic Protections • Message-by-Message Protections – Encryption to provide confidentiality so that an eavesdropper cannot reach intercepted messages – Electronic signatures provide message-by-message authentication to prevent the insertion of messages by an impostor after initial authentication – Electronic signatures usually also provide message integrity; this tells the receiver whether anyone has changed the message en route 88

Recap: Security • Security – Firewalls – Hardened Hosts – Cryptographic security for sensitive Recap: Security • Security – Firewalls – Hardened Hosts – Cryptographic security for sensitive dialogues • Initial authentication • Encryption for confidentiality • Electronic signatures for authentication and message integrity 89