Download Understanding Network Communication: Terms, Models, and Components and more Summaries Communication in PDF only on Docsity! Basic Networking Crash Course 2017 RVTEC Meeting University of Minnesota Duluth, Large Lakes Observatory October 27th - Duluth, Minnesota Britton Anderson, Office of Information Technology University of Alaska Objectives • Describe basic networking components and operations • Explain the fundamentals of network communication • Define common networking terms • Analyze the OSI Model • Identify the functions of various network services • Describe functions and challenges of shipboard networks • Overview of optimizing TCP throughput Fundamentals of Network Communication • A computer network consists of two or more computers connected by some kind of transmission medium, such as a cable or air waves. • In order to access the Internet, a computer has to be able to connect to a network. A Typical Home Network
Intemet
Notebook E
e Notebook C ©
Computer A Computer B Computer D
A Research Vessel Network
R/V Sikuliaq
Shore
WAN 1 PepVPN with SpeedFusion
192.168.8.0/24 (NAT) NAT-T tunnel,
OSPF area 0, advertises
Cellular/WiFi 199.165.123.0/27, 199.165.123.52/30
WAN 2
(1. 92.168.10.0/24 (NAT,
HiSeasNet
WAN 3
199.165.123.40/30
Fleet Broadband
WAN 4
199.165.123.44/30
NO
Peplink Balance :
(WAN Aggregator, Iridium
Captive Portal, WAN 5.
- 2014-07
usage reporting) 192.168.12.0/24 (NAT) Jon C. Meyer, HiSeasNet
Cjmeyer@ucsd. edu)
Britton Anderson, UAF
(blanderson3@alaska. edu)
as
FUTURE:
199.165.123.0/27 Captive Portal
Quota-based
Open Internet Internet Access
access
<=
jouuny gu Ne
Palo Alto Firewall
FUTURE:
(NAT, security, CyberRoam
routing) (NAT, Captive Portal,
reporting)
Infrastructure LAN User LAN
10.1.0.0/24 10.5.0.0/24
Network Terms • Every profession has its own language and acronyms • Need to know the language of networks to be able to properly communicate needs and issues off ship. LANs, Internetworks, WANs • Local area network (LAN) – small network, limited to a single collection of machines and connected by one or more interconnecting devices in a small geographic area LANs, Internetworks, WANs • An internetwork is a networked collection of LANs tied together by devices such as routers • Reasons for being: – Two or more groups of users and their computers need to be logically separated but still need to communicate – Number of computers in a single LAN has grown and is no longer efficient – The distance between two groups of computers exceeds the capabilities of most LAN devices Packets • Chunks of data sent across the network are usually called packets or frames, with packets being the more well-known term • Frames are packets with source and destination MAC addresses, and error checking added to it • Using the USPS analogy, you can look at a packet as an envelope containing the data that has a street address on it. Frames • A frame is outside a packet with the source and destination MAC addresses added to it • The frame is built with the MAC addresses on the beginning and an error-checking code on the end. In between them is the packet • A frame is like the mail carrier moving your envelope and your letter from place to place • The process of adding IP addresses and MAC addresses to packets and frames to chunks of data is called encapsulation • Information added to the front of the data is called a header and information added to the end is called a trailer Communication Between Two Computers 1. A user at Comp A types ping 10.1.1.2 at a command prompt 2. The network software creates a ping message 3. The network protocol packages the message by adding IP address of sending and destination computers and acquires the destination computer’s MAC address 4. The network interface software adds MAC addresses of sending and destination computers and sends the message 5. Comp B receives message, verifies that the addresses are correct and then sends a reply to Comp A using Steps 2 – 4 Network Models • A network model is a framework to conceptually divide network functions progressively in a logical reference. • Two major models exist – TCP/IP Model Often referred to as the DOD model since it was originally designed for them – OSI Network Model developed by the International Standards Organization as a standard called the Open Systems Interconnection (OSI) reference model. Model Comparison
TCP/IP model Protocols and services
HTTP, FTTP,
Application Telnet, NTP,
DHCP, PING
TCP, UDP
OSI model
Application
=
a
el
n
UD
o
Layer 1 – The Physical Layer • In networking, data is transmitted in bits – A pulse of 5 volts of electricity can represent a 1 bit and a pulse of 0 volts can represent a 0 bit – With fiber-optic cable, a 1 bit is represented by the presence of light and a 0 bit by the absence of light – WiFi transmits and receives radio wave pulses in either 2.4GHz or 5GHz frequencies. • A “byte” is a collection of 8 bits Layer 1 - Troubleshooting • Link testers – Fluke Networks – NetScout – NetTool.io Layer 2 – Data Link • Standardized transmission/reception – Ethernet – MPLS – Frame Relay • Standardizes hardware media access control (MAC) addresses – 48 bit addresses, consisting of a 24-bit Organizational Unit Identifier (OUI), and a 24-bit unique address. – OUI identifies the originating manufacturer of the NIC. • Error detection and correction • Spanning Tree Layer 2 - Devices • Switches – Maintains an internal table identifying MAC addresses through corresponding ports. – Uses the Source/Destination MAC address in the frame to make intelligent decisions to move frames. – Faster than routing, not as scalable. – Trunks/uplinks will commonly see many MAC addresses – Can segment networks into Virtual LANs (VLANs). • Network Interface Cards (NICs) – Converts bits and data into signals for transmission on network media. Converts signals back to bits for reception. Layer 3 - Network • The most complex layer in the OSI model. – Also one that presents the most problem areas. • TCP – The most common protocol suite used in networking. UDP – Very prevalent in streaming data. – IPv4 – Still most common addressing suite in use, however exhausted. 32-bit based addresses • 4.3 billion addresses globally – IPv6 – Standardized for nearly two decades, not seeing wide adoption, but rollout gaining stream. 128-bit • 3.4e38 addresses globally Layer 3 – IP Addressing • IPv4 – 32-bit addresses, dotted decimal octets. Most common. – Subnet mask delimiter segments IP networks. – Ex. Subnet mask of 255.255.255.0 and an IP address of 10.11.12.13 segments the first three octets for the network ID, and the last octet for hosts in the network. – Private reserved IP ranges to preserve exhausted public ranges • IPv6 – 128-bit addresses in 16-bit hexadecimal segments • Subnet mask represented with the address. • Trailing zeros summarized with :: • Ex 2607:f318::/32 == 2607:f318:0000:0000:0000:0000:0000:0000/32 Layer 3 - IP Addressing • DHCP – Dynamic Host Control Protocol – Allows for automated IPv4 configuration to hosts on your network. – Provisions IP address, subnet mask, default gateway, DNS servers at a minimum. – Can also allow DNS registration, NTP configuration, limited automated configuration parameters. – DHCPv6 exists for IPv6 control • SLAAC – Stateless Automated Address Configuration – Automated IPv6 Layer 3 – Network Address Translation • Private IPv4 ranges to preserve exhausted public IP space—RFC 1918 – 10.0.0.0/8 = 16.78 Million IP addresses – 172.16.0.0/12 = 1.04 Million IP addresses – 192.168.0.0/16 = 65,536 IP addresses • Allows firewalls to associate a public IP to a private IP as needed – 1:1 – Host (Private IP) <> Firewall <> Public IP <> Internet – As more traffic becomes internet dependant, NAT becomes less useful as 1:1 relationship uses similar resources. Layer 3 – Domain Name Service • Domain Name Service (DNS) is a basic fundamental necessity of every day life. • Brings accessibility by allowing internet navigation using text-based names (domains) • Larger trusted structure worldwide indexes all names. • DNS servers are responsible for translating domain names into IP addresses – First thing to occur when navigating to any website Layer 3 - Routing • Makes up the internet – responsible for ensuring data moves through effective paths to its destination. • Several standard routing protocols exist to automate the provisioning of network routes. – Interior Gateway Protocol (IGP) • Open Shortest Path First (OSPF) • Enhanced Interior Gateway Routing Protocol (EIGRP) • Routing Information Protocol (RIP/RIPv2) • Primarily what we ship-going folks are concerned with – Exterior Gateway Protocol (EGP) • Used to advertise routes to the public internet. Can not advertise private IP addresses externally. • Border Gateway Protocol (BGP) Layer 3 - Troubleshooting
* Ping
eee @ blanderson3 — -bash — 88x15
{MacBook-Pro:~ blanderson3$ ping 199.165.123.1 ]
PING 199.165.123.1 (199.165.123.1): 56 data bytes
64 bytes from 199.165.123.1: icmp_seq=@ ttl=57 time=295.424 ms
64 bytes from 199.165.123.1: icmp_seq=1 ttl=57 time=278.082 ms
64 bytes from 199.165.123.1: icmp_seq=2 tt1=57
[email protected] ms
64 bytes from 199.165.123.1: icmp_seq=3 ttl=57 time=369.510 ms
64 bytes from 199.165.123.1: icmp_seq=4 ttl=57 time=295.263 ms
64 bytes from 199.165.123.1: icmp_seq=5 ttl=57 time=510.341 ms
64 bytes from 199.165.123.1: icmp_seq=6 ttl=57 time=742.278 ms
64 bytes from 199.165.123.1: icmp_seq=7 ttl=57 time=653.353 ms
“Cc
--- 199.165.123.1 ping statistics -—-
8 packets transmitted, 8 packets received, @.0% packet loss
round-trip min/avg/max/stddev = 278.082/449.313/742.278/163.664 ms
MacBook-Pro:~ blanderson3$ ff
Cclebrating a century V7 20/7
Layer 3 - Troubleshooting
¢ Traceroute
eee @ blanderson3 — -bash — 89x28
~—-bash
[email protected] ~—-bash +
[MacBook-Pro:~ blanderson3$ traceroute google.com
traceroute to google.com (216.58.193.78), 64 hops max, 52 byte packets
2 = 172.20.10.1 (172.20.10.1) 4.701 ms 3.420 ms 3.425 ms
2 172.26.96.161 (172.26.96.161) 66.346 ms 67.322 ms 80.038 ms
3 172.16.232.228 (172.16.232.228) 63.935 ms
172.16.232.252 (172.16.232.252) 83.378 ms 83.249 ms
12.83.186.161 (12.83.186.161) 79.961 ms 87.537 ms 88.103 ms
12.83.186.145 (12.83.186.145) 71.743 ms 73.212 ms 55.936 ms
12.123.159.49 (12.123.159.49) 73.467 ms 59.769 ms 79.932 ms
12.247.252.14 (12.247.252.14) 87.995 ms 93.235 ms
12.247.252.10 (12.247.252.18) 69.997 ms
108.170.244.2 (108.170.244.2) 47.217 ms
108.178.243.197 (108.170.243.197) 55.553 ms
108.170.243.175 (108.170.243.175) 75.375 ms
9 209.85.251.241 (209.85.251.241) 64.060 ms
209.85.241.124 (209.85.241.124) 56.003 ms
209.85.249.136 (209.85.249.136) 83.128 ms
10 = 72.14.233.183 (72.14.233.183) 113.206 ms
72.14.239.209 (72.14.239.209) 130.204 ms
72.14.233.111 (72.14.233.111) 278.623 ms
11° 216.239.50.38 (216.239.50.38) 111.270 ms
209.85.248.92 (209.85.248.92) 97.856 ms
216.239.62.18 (216.239.62.18) 135.754 ms
12 108.170.245.113 (108.170.245.113) 111.591 ms 127.704 ms *
13° 209.85.242.39 (209.85.242.39) 112.214 ms 99.464 ms
209.85.242.37 (209.85.242.37) 104.368 ms
14
[email protected] (216.58.193.78) 101.987 ms 127.038 ms 112.135 ms
MacBook-Pro:~ blanderson3$ I UAF
AN.
ln
Noor
©
Layer 3 - Troubleshooting
¢ nslookup
\ee@e@ @ blanderson3 — -bash — 72x17
MacBook-Pro:~ blanderson3$ nslookup www.google.com
Server: 137.229.5.193
Address: 137.229.5.193#53
Non-authoritative answer:
Name: www.google.com
Address: 74.125.28.147
Name: www.google.com
Address: 74.125.28.104
Name: www.google.com
Address: 74.125.28.106
Name: www.google.com
Address: 74.125.28.99
Name: www.google.com
Address: 74.125.28.105
Name: www.google.com
Address: 74.125.28.103
Celebrating a century M7 -20/7
Layer 4 - Transport • Where applications become identified – based on port numbers • Standard set of port numbers for well-known applications (0-1024 reserved as standards) – TCP/22 – SSH – TCP/80 – HTTP – TCP/443 – HTTPS – UDP/53 – DNS – Many many many more (and many more after that) • 65,535 ports per IP address • IP address and port together is a socket Layer 4 - Transport • Firewalls - application identification – Basis for securing networks to allow specific applications in/out specific networks. – Allows for application specific rules to deny certain applications but not others while allowing others. – Next-gen firewalls (NGFW) use packet inspection to identify applications’ traffic pattern signatures and can identify those using non-standard ports. Layer 4 – Port Address Translation • Supplants the Network Address Translation function at Layer 3 to use ports to translate many IP addresses to one. – Common in home networking. – Only allows one inside server to be reachable on a given port due to port forwarding. – Best at conserving public IP addresses when many hosts access internet resources - most common on ships. • Host (rhp)<>Router<>FW<>internet host(dst p) • Firewall translates the rhp to another rhp – Firewall tracks the connection state to forward outside port to inside port. OSI Model Recap 7. Application 6. Presentation 5. Session 4. Transport 3. Network 2. Data Link 1. Physical 7. Acumen 6. Palin’s 5. Sarah 4. Test 3. Not 2. Do 1. Please t resent ome achers eeds r. hil Bandwidth Delay Product • TCP is the original protocol of the internet as built in the late 80s-early 90s. – Not particularly efficient with today’s workloads or today’s bandwidth. – TCP receive window (RWIN) scales via Slow Start • Scaling occurs slowly, and latency fluctuations (jitter) often cause it to restart. • Results in single flows crawling over highly latent and fluctuating links. Bandwidth Delay Product • The BDP is a formula that can both determine maximum possible throughput given latency and loss, as well as unscaled RWIN values to reach desired throughput. – Bandwidth (Kbps) * Latency (ms) = RWIN (b) / 8 = RWIN (B) – For example: 2000Kbps * 500ms = 1,000,000 / 8 = 125,000 bytes = 122.07KB RWIN -> 128KB RWIN Impact of Loss
Impact of loss on TCP throughput
100
80
60
40
20
0
0% 2% 4% 6% 8% 10%
Loss Rate
Retransmission Timers • Input as to when congestion control considers a packet lost. – Too low: Retransmit lots of things possibly for no reason – Too high: Connections sit for a while timers expire for data to come back Considerations • CWIN/RWIN are critical to tune over high latency links like satellites for best performance. – CWIN values should be slightly less than BDP – RWIN values should be slightly higher • Consider maximum average latency to maintain speeds. • Optimize retransmission timers if necessary to eliminate fake loss. – Loss should not be expected, but can be prepared for.