Networking Operating Systems (CO 32010) Objectives: 2. Processes • To outline the usage of the three main NOS’s: NT/2000, and UNIX and Netware. • To define the usage of objectscheduling properties in each of the NOS’s. • To define how distributed files systems are created in the 1. Operating three main NOS’s (UNIX – NFS, Active Directories – Systems NT/2000 and NDS – Net. Ware) 3. Distributed processing 7. Encryption 8. 1 8. 2 8. 3 8. 4 8. 5 Introduction Microsoft Windows UNIX Novell Net. Ware NDS 6. Routers 8. NT, UNIX and Net. Ware 5. Routing protocols http: //www. soc. napier. ac. uk/~bill/nos. html 4. Distributed file systems bill@napier, 2001
Local audit policy Success Failure • User login/logout ü ü • File and object access ´ ü • Use of user rights ´ ´ • User and group management ü ´ • Security policy changes ´ ü • Restart/shutdown ü ü • Process tracking ü ü \freds _pc \bills_ c p Domain (my_d) \server 1 Domain audit policy • User login/logout • File and object access • etc http: //www. soc. napier. ac. uk/~bill/nos. html Success Failure ü ü ´ ü bill@napier, 2001
UNIX file attributes http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
UNIX • • • • TCP/IP for its communications. NFS for mounting files over a network. ICMP (for ping, traceroute, and so on). RIP (for routing). ARP (for determination of MAC addresses). DNS (for determining domain names). BOOTP (for IP address allocation). FTP (for file transfer). TELNET (for remote login). NIS (for creating domains). RPC (for remote processing execution). SMTP (for e-mail). SNMP (for network management) http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Application Presentation Application program Session Transport Network Net. Ware (SPX/IPX) UNIX/ Internet (TCP/IP) Transport Driver Interface (TDI) Windows (Net. BEUI) Data link Media Access Control Physical Ethernet/ ATM/ ISDN/ etc. http: //www. soc. napier. ac. uk/~bill/nos. html Network Device Interface Specification (NDIS) NDIS Wrapper NDIS NIC Driver NIC bill@napier, 2001
Application programs Net. Ware shell (NETx) software NCP (network core protocol) SPX/IPX ODI (open data-link interface) hardware Net. Ware client: Windows NT, Windows 3. 1, Unix, OS/2, Mac or DOS NIC (network interface card) server http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Problems with Novell Net. Ware 3 • It uses SPX/IPX which is incompatible with TCP/IP traffic. • It is difficult to synchronize servers with user information. • The file structure is local to individual servers. • Server architecture is flat and cannot be organized into a hierarchical structure (Bindery services). http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
NDS • Hierarchical server structure. • Network-wide users and groups. • Global objects. NDS integrates users, groups, printers, servers, volumes and other physical resources into a hierarchical tree structure. • System-wide login with a single password. This allows users to access resources which are connected to remote servers. • NDS processes logins between Net. Ware 3. 1 and Net. Ware 4/5 servers, if the login names and passwords are the same. • Supports distributed file system. http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
NDS (cont. ) • Synchronization services. NDS allows for directory synchronization, which allows directories to be mirrored on different partitions or different servers. This provides increased reliability in that if a server develops a fault then the files on that server can be replicated by another server. • Standardized organizational structure for applications, printers, servers and services. This provides a common structure across different organizations. • It integrates most of the administrative tasks in Windows-based NWADMIN. EXE program. • It is a truly distributed system where the directory information can be distributed around the tree. • Support for NFS server for UNIX resources. • Multiple login scripts, as opposed to system and user login scripts in Net. Ware 3. 1. • Windows NT support. http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Organization Electrical Mechanical Root objects Production Administration Container objects BINS/VOL 1 Q_LASER Containe objects CD_DISK SYS/VOL 2 http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
![• [ROOT]. This is the top level of the tree. The top of](https://present5.com/presentation/4de6fb70a5c029d730b744cc3e31ecd6/image-14.jpg "• [ROOT]. This is the top level of the tree. The top of")
• [ROOT]. This is the top level of the tree. The top of the NDS tree is the [ROOT] object. • C=Country. This object can be used, or not, to represent different countries, typically where an organization is distributed over two or more countries. If it is used then it must be placed below the [ROOT] object. NDS normally does not use the Country object and uses the Organization Unit to define the geographically located sites, such as SALES_UK. [ROOT], SALES_USA. [ROOT], and so on. • L=Locality. This object defines locations within other objects, and identifies network portions. The Country and Locality objects are included in the X. 500 specification, but they are not normally used, because many Net. Ware 4 utilities do not recognize it. When used, it must be placed below the [Root] object, Country object, Organization object, or Organizational Unit object. http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Leaf Objects (CN - Common Name) Apart from the container objects (C, O, OU, and so on) there are leaf objects. These are assigned a CN (for Common Name). They include: CN=AFP Server CN=Bindery Queue CN=Computer CN=Directory Map CN=Group CN=Organizational Role CN=Print Queue CN=Print Server CN=Printer CN=Profile CN=Server CN=User CN=Volume http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
• LP=Licensed. Product This object is automatically created when a license. certificate is installed. When used, it must be placed below the [Root] object, Country object, Organization object, or Organizational Unit object. • O=Organization This object represents the name of the organization, a. company division or a department. Each NDS Directory tree has at least one Organization object, and it must be placed below the [Root] object (unless the tree uses the Country or Locality object). • OU=Organization. This object normally represents the name of the Unit organizational unit within the organization, such as Production, Accounts, and so on. At this level, User objects can be added and a system level login script is created. It is normally placed below the Organizational object. http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Secondary server Primary server NIC MSL adapter Duplexed traffic MSL adapter NIC Network connections http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Remote access to network PPP/SLIP Remote access connection Remote access server http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
PPTP Virtual flow PPTP encapsulates the required protocol (TCP/IP, IPX, Apple. Talk, NETBEUI) Remote access server Virtual Private Network http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
IP IPX IP IPX IPCP PPP IPXCP ACP IPXCP Network layer ACP NCP Authentication and LCP Asynchronous/synchronous media Data link layer Asynchronous/synchronous media PPP trailer IP PPP header http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Flag Address Control (01111110) (1111) (00000011) 1 byte Protocol Data FCS 2 bytes variable 2 or 4 bytes Network protocols: 0021 h – IP 0029 h – Appletalk 002 bh – Novell IPX Flag (01111110) 1 byte Network Control Protocols: 8021 h – IP Control Protocol 8029 h – Appletalk Control Protocol 802 bh – Novell IPX Control Protocol Link Control Protocols: C 021 h – Link Control Protocol C 023 h – PAP C 025 h – Link Quality Report C 223 h – CHAP http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
2 or 4 bytes 2 bytes Flag Address Control (01111110) (1111) (00000011) 1 byte Protocol (C 021 h - LCP ) FCS 1 byte Code Flag (01111110) Identifier Length 1 Configure-Request 2 Configure-Ack 3 Configure-Nak 4 Configure-Reject 5 Terminate-Request 6 Terminate-Ack 7 Code-Reject 8 Protocol-Reject 9 Echo-Request 10 Echo-Reply http: //www. soc. napier. ac. uk/~bill/nos. html Data bill@napier, 2001
Network connection Client Server LCP AND NCP packets • Link establishment phase • Link quality phase • Network-layer protocol phase • Link termination phase http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Network Hostname; remotenode Password; pass 1 “Remotenode pass 1” Accept/reject http: //www. soc. napier. ac. uk/~bill/nos. html Password sent with clear text bill@napier, 2001
Client Server Hostname; remotenode Password; pass 1 Challenge Response Accept/reject http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
RCR sta Tut Closed str Closing Open Close Opened sca RCN, TO + scn Req-sent RCA RCR+ TO+ RCRAck-Rcvd RCA scn RCN, TO + scr Ack-Sent sca RCR+ RCR- http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
LCP configuration packets Link Dead Phase Up Link Establishment Phase Opened Authentication Phase Fail Success/ none Down Link Terminatation Phase Closing Network. Layer Protocol Phase NCP packets http: //www. soc. napier. ac. uk/~bill/nos. html bill@napier, 2001
Скачать презентацию Networking Operating Systems CO 32010 Objectives 2 Processes
4de6fb70a5c029d730b744cc3e31ecd6.ppt