|
||||
Chapter 1: Network Layers and the 7-layer OSI model
The International Organization for Standardization (ISO) has a model for describing networks, the Open System Interconnection (OSI) model. The model dates from the 1970s, and is still in use today primarily because it describes our current networking environments very well:
The two layers that do not map directly to TCP/IP networking -- session and presentation -- fall into either the responsibility of the lower layer (transport) or the upper layer (application).
Last edited by jggimi; 2nd September 2012 at 06:28 PM. |
|
||||
Chapter 2: Layer 1: Physical layer: hubs/switches/cables/connections
There are a wide variety of physical infrastructure, for two types of network:
LANs may use radio or different types of cabling. But they have common types of equipment:
If the router connects directly with the WAN (such as DSL), the router is the gateway device. Instead, the router may have a small point-to-point LAN with an external gateway device. A computer running BSD may be a router or a bridge. All it needs is two or more Network Interface Controllers (NICs). Last edited by jggimi; 28th August 2012 at 04:06 PM. |
|
||||
Chapter 3: Layer 2: Data link layer - Ethernets and Alphabets
WANs use a variety of protocols to manage traffic between links, depending on the requirements of the physical layer and its topology, and as this is between your service provider and the gateway device will not be addressed in this introduction.
LANs, too, may use different protocols. With only a few exceptions, LANs use a link layer protocol called Ethernet. Wired Ethernet is IEEE standard 802.3, and wireless Ethernet is "WiFi", IEEE standard 802.11. Key things to know about Ethernet:
--- A device on an Ethernet LAN may send a message to another device on the LAN, or to all devices. But the frames go no further. This layer of networking is limited to a single LAN. Last edited by jggimi; 31st August 2012 at 03:56 PM. |
|
||||
Chapter 4: Layer 3: Network layer: TCP/IP and its protocols
The "Internet Protocol Suite" consists of more than 130 different protocols. Your /etc/protocols file lists them, by number. Some are very obscure, and some are very commonly used. This introduction takes a look at four of them:
IP, the Internet Protocol (#0) ICMP, Internet Control Message Protocol (#1) TCP, the Transmission Control Protocol (#6) UDP, the User Datagram Protocol (#17) The network layer model works elegantly here, as TCP/IP's protocols operate in layers. Here is a diagram on TCP/IP from Wikipedia which shows how the a block of information -- a packet -- that uses UDP is transmitted, layer within layer. An Ethernet frame contains an IP packet, which contains a UDP packet, which contains the application data. Each layer is separate, and contains its own control information and the underlying payload for the next layer: Last edited by jggimi; 28th August 2012 at 08:30 PM. |
|
||||
Chapter 5: Layer 7: Applications
We jump now to the last layer -- the protocols which manage communications at the application layer -- HTTP was mentioned above in Chapter 1, and there are other protocols at this layer you may be familiar with: such as FTP, SSH, and P2P protocols like BitTorrent.
The network model permits the applications to operate separately from protocols in other layers. This approach permits some of the protocols at this layer to choose between multiple lower level protocols as needed, or as the admin chooses. As an example of an automatic protocol switch, the Domain Name System protocol uses UDP for requests and responses that are relatively short, and uses TCP for longer length queries or for database maintenance actions between and among Domain Name Servers. The separation of protocols into layers impacts application design. For example, the HTTP protocol uses TCP as an underlying transport mechanism. HTTP is stateless, yet HTTP takes advantage of TCP's state management and automated error handling. Last edited by jggimi; 4th September 2012 at 12:01 AM. |
|
||||
Chapter 6: Internet Protocol: IP addresses, nets, subnets, and routing
If you knew nothing else about TCP/IP networking before reading this introduction, you probably knew about IP addresses. You knew that every computer on a TCP/IP network has one. This is the layer that provides us with routing. With nothing more than a pair of IP addresses we can interconnect two LANs and route packets between them.
This layer is still part of our TCP/IP network, even if we only have an isolated LAN, such as two computers connected via a single cable. Because the IP address numbers are how we address all our communication in TCP/IP. Internet Domain names like www.bsdforums.org are not part of TCP/IP addressing. Domain names are converted to IP addresses with requests (over your TCP/IP network) to a nearby Domain Name Server. Your BSD computer has the IP addresses of one or more Domain Name Servers in your /etc/resolv.conf file... put there by you or by a nearby Dynamic Host Configuration Protocol (DHCP) server at network startup.The devices on the LAN make and keep maps between IP addresses and MAC addresses as they communicate, via an Address Resolution Protocol. It's fairly simple. The first time device 10.0.0.1 needs to send a message to IP address 10.0.0.2, it sends a broadcast packet to the LAN, asking, "Who is 10.0.0.2?" -- and it gets a reply, stating, "I am 10.0.0.2 - I am MAC address 12:34:56:78:9a:bc." On BSD systems you can see the results with the arp(8) command, or with the route(8) command's show option. When you need packets to leave the LAN and travel to other networks, you use a router. As described in Chapter 2 of this introduction, a router is a computer with multiple network interfaces. One NIC on the LAN, and one or more NICs on other networks. IP addresses use a definition -- a subnet -- to define the IP address range for a LAN. IP addresses within a LAN's subnet are on the LAN and can be directly addressed via the data link layer. Addresses outside of the LAN subnet are elsewhere, and must be routed. For my computer to route any packets outside the LAN, my computer needs to know which of the many devices on my LAN is the router. That information is stored along with the network(s) reachable by the router in a table in my computer's RAM -- called a routing table. Routes are fairly simple. To route a packet anywhere, my computer only needs to know:
Subnets are defined by netmasks -- the number of bits defining the address range of a subnet. Your ifconfig(8) command will display NICs IP addresses and netmasks. There are a variety of notations to show how many bits make up a subnet. "255.255.255.0" and "/24" are two ways to describe the same netmask. IPv4 addresses are 32 bits, and both notations define the left-most 24 bits as masked out, and not part of the subnet, with the right most 8 bits available for addresses. An 8-bit subnet (256 numbers, 254 usable addresses) is very common because it is easy for human-readable IP address notations. But it is not required. Other length netmasks may be used. Netmasks are also used in routing tables ... when there are multiple routers on a LAN. For instance, there might be 2 entries in the table, for two routers, one of which is for the internet, and one of which is for any address that begins with 10.x.x.x:
Code:
# ifconfig em0 192.168.1.3/24 # route add 10/8 192.168.1.1 # route add default 192.168.1.2 Last edited by jggimi; 4th September 2012 at 12:03 AM. |
|
||||
Chapter 7: The Big Three - ICMP, UDP, TCP
ICMP is the protocol used for status, error, and information messages between networks. You have used ICMP if you have used ping(8), or perhaps traceroute(8). These are the common administrative tools. ICMP is also used by automated network management software in larger networks and across the Internet, as ICMP counts the number of networks in use along any route, as well as response times. It is also a helpful diagnostic tool when errors occur along a route path -- ICMP error information packets, such as "destination unreachable" that are returned by a router to an application may be very helpful, and may improve application performance by avoiding an application timeout.
UDP is a simple transport mechanism. It is stateless. It has no error recovery. Packets may arrive at the destination in the wrong order (if they traveled along different routes) and packets may be dropped along the way due to network congestion or error, and never arrive at all. Its main advantage is that it is fast. Either the application need not worry about error recovery or packet ordering, or the application must take on these responsibilities. TCP is the most common transport protocol for applications, because it includes session management and error recovery. Packets are sent with sequence numbers so that they can be reordered if they arrive out of sequence, and there are acknowledgements of received packets so that missing packets that were dropped are resent. All automatically. TCP guarantees delivery, as long as there is a functional path between endpoints and functioning systems at both ends. TCP is slower than UDP, due to these additional services. Both TCP and UDP share the concept of ports. The protocol headers contain 16 bits for a source port number, and 16 bits for a destination port number. Receiving applications "listen" for traffic assigned to specific ports. This allows devices to conduct many simultaneous UDP and/or TCP conversations at the same time, among different applications. Last edited by jggimi; 2nd September 2012 at 06:29 PM. |
|
||||
Chapter 8: Session states
Stateless protocols do not keep track of conversation status, they do not manage sessions. Protocols that track state, such as TCP, are known as Stateful protocols. Endpoints may be in any of ten states at any time, covering three general communication phases: a) establishing a session, b) data transfer, and c) ending a session.
TCP requires three packets to be sent and received -- a "3-way handshake" to establish a session. Once established, the session remains as a communication channel until an endpoint initiates a session teardown sequence, which may take as many as 4 packets to complete. Along with port numbers and sequence numbers, checksums are added to the packets to permit error recovery. State management has overhead, but the overhead provides value: error detection and recovery, packet reordering (when the arrivals are out-of-order), confirmation of receipt, and flow controls to manage network congestion or latency effects. Other protocols may manage state. For example, HTTP tracks state with application specific content called a "cookie". Last edited by jggimi; 31st August 2012 at 05:20 PM. |
|
||||
Chapter 9: Network Address Translation
Network Address Translation (NAT) is very useful.
An example:
NAT routers monitor state. This is known as stateful tracking. NAT routers may also translate the source port numbers, to simplify stateful tracking, as is shown in this diagram from Microsoft: TCP states are easy to monitor. Stateless protocols (like UDP) are tracked using timers. --- NOTE: NAT routers can't route unsolicited traffic. If a packet arrives at my example router at IP address 1.2.3.4, and there is no assocated state for this traffic ... the NAT router cannot forward the packet. This is why when you have a NAT router and you wish to offer a network service, you must pre-configure port forwarding. If I tell the router to forward incoming TCP packets with destination port 80 to my web server at 10.0.0.9, when an incoming packet arrives with no pre-established state, and it is for destination port 80, the router will translate 1.2.3.4 to 10.0.0.9 and forward the packet to my web server.NAT cannot route uninvited inbound traffic. Those packets are dropped, and either reflect an error via ICMP or not, depending on router configuration. ----- Through a NAT router, many devices on a LAN may share a single IP address on the Internet. This has allowed the Internet to permit more devices to connect to it than the available IP addresses would allow. A number of address ranges have been defined for private networks. These are address ranges that are only used privately -- never on the Internet directly. To route packets in and out of networks that use these ranges, NAT must be used. These network ranges are used over and over in millions of private networks:
Last edited by jggimi; 27th March 2013 at 03:32 PM. Reason: typo |
|
||||
Chapter 10: Putting it all together: Internets
Thank you for taking the time to read this short introduction to networking. To obtain it:
After all, this is only a simple introduction. It is not intended to provide answers; instead, its to help you articulate better questions. Last edited by jggimi; 4th September 2012 at 12:17 AM. |
|
||||
Ladies and Gentlemen, I have completed this short introduction to TCP/IP.
If you have a question about a TCP/IP protocol or the application of these concepts to your situation, please post your question in its own thread. This is a conceptual introduction to networking, it is not a FAQ and it is not a Q&A thread. Should you have a question about a technology, application, or protocol not discussed here, please post your question in its own thread. Examples of this might include IPSec, Ethernet collision detection, firewalls, security, traffic shaping, SSH, FTP, PXE, fragmentation, Quality of Service bits ... RFCs and standards ... Microsoft Networking protocols, WiFi SSIDs.... Should you have a clarifying question about the presentation of these concepts, you may post here. Suggestions for corrections to the text will be graciously received either in public or by PM, though they may not be accepted. Thank you. Last edited by jggimi; 31st August 2012 at 05:40 PM. |
|
|||
I'd like to thank my teacher jggimi for the great support he offers to newcomers and wish him Happy Long Life & Happy Hacking ..
Thanks very much !! |
|
||||
Great guide jggimi, thanks for taking time to write this all up in such clean and lean manner.
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
|
|||
Thank you very much! I created a pdf version out of the forum posts, if anyone is interested.
Last edited by drm; 7th September 2012 at 11:51 AM. Reason: added microtype package |
|
||||
Could You post the LaTeX 'source' for this document somewhere? Looks quite nice
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
|
|||
Sure, here it is Just basic latex, it could most likely be improved. Enjoy!
Edit: I added the microtype package and updated the pdf version above. |
|
||||
Thanks a lot!
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Security Stanford University -- Free online Introduction to Cryptography course | jggimi | News | 3 | 12th March 2012 02:42 PM |
Introduction plus SSH login hang question. | pico | OpenBSD General | 7 | 2nd April 2010 06:08 AM |
Designing BSD Rootkits: An Introduction to Kernel Hacking | cajunman4life | Book reviews | 2 | 21st June 2008 03:27 PM |
Semi-brief introduction to file permissions, | BSDfan666 | Guides | 4 | 7th June 2008 02:38 PM |
DMZ for two networks users... | maurobottone | OpenBSD Security | 6 | 2nd June 2008 02:57 PM |