Internet Protocols And Infra Structure Essay, Research Paper
Introduction:
Network: Anything reticulated or decussated at equal distances, with interstices between the intersections.
- A Dictionary of the English
Language
SECTION : 1
A network is simply a collection of machines connected in some way that allows them to communicate with each other and share information. To do this the machines have to be connected in some way that allows communication, and have an agreed upon a language to talk when they do communicate.
Components of a network might include individual hosts, some form of communications hardware, a network protocol and a collection of network services.
B) Individual hosts
A network is a collection of individual machines sometimes referred to as hosts. Each host (computer) must have some unique identifier that allows other hosts to talk to it.
1.2 COMPONENTS OF A NETWORK
A) Network Protocol
In order to communicate the parties must speak the same language. Languages on computer networks are referred to as network protocols. A network protocol is simply a set of rules and formats that govern how information is sent and in what format it is sent. Some of the different network protocols used today include TCP/IP (Internet and UNIX favourite), IPX (Novell), Appletalk (MAC), DECnet and various others.
TCP/IP is quickly becoming the networking protocol and is the one I concentrate on in this subject.
B) Network services
To be of use to users the network will provide various services including file, print and device sharing, electronic mail etc.
1.3 TYPES OF NETWORKS
A) Network categories
? LAN (local area network)
All the hosts in the network are directly linked to each other. For example most of the computers on the ground floor of the IT building at CQU are part of a LAN.
? WAN (wide area network)
Much larger than a LAN and all machines are not directly connected. WANs will generally have a lower throughput than a LAN. All of the LANs on the CQU campus connect and form a WAN.
1.4 SOME MORE DEFINITIONS
Like any field of computing, networking has its own terminology. This section provides definitions for some of the terms you’ll come across.
? Packets and datagrams
Many networking protocols transmit information as packets. Information being sent across the network is divided into small (hundreds of bytes usually) chunks of data, called packets. The networking software at the sending end will break the outgoing data into packets. When the packets arrive at their destination the networking software on the receiving machine will put them all back together.
In some cases not all the packets will arrive at the destination using the same route. The packets may also arrive out of order, packet 50 might arrive before packet 49. The networking software handles all of this.
Under TCP/IP packets are often referred to as datagrams. Ethernet, on type of networking hardware, refers to packets as frames
.
? Routing
The art of deciding which route data from one machine takes to get to another. In many cases their are multiple different possible routes that can be taken and the routing software must decide which to take.
? Router
Responsible for performing the routing for a network, a router is typically a device that connects multiple networks together. (The terms router, gateway and bridge are sometimes used interchangeably).
? Gateway
A device that connects two totally different types of network. For example you might have a gateway machine sitting between an IPX network and a TCP/IP network. The gateway allows the two different networks to talk to each other by converting the protocols they are using.
? Connectionless and connection oriented
Networking transport protocols will often be described as being connection oriented or connectionless. A connection oriented protocol acts like a telephone connection. The sender contacts the receiver and asks are you ready to talk? If the receiver is ready a connection is formed and communication can take place. If the receiver isn’t ready or isn’t there, no communication. Once the connection is made all the information sent down the connection will arrive at the other end.
A connectionless protocol is like the postal service in that all information is sent in individual messages (called packets or datagrams). The individual datagrams have no knowledge or interconnection. Often they are delivered using totally different routes.
? Unreliable and reliable protocols
When a protocol is called unreliable this does not imply that a large percentage of the information it sends is not arriving at the other end. Instead it means that the protocol does not check whether or not the information it just sent actually arrives at the other end.
On the other hand a reliable network protocol will send a piece of information and will wait to make sure that the information arrived at the other end (this is achieved by the receiver sending an acknowledgment back to the sender saying “yep received that piece, send me another”).
1.5 TYPES OF NETWORKING HARDWARE
There is a wide range of different networking hardware that can be used. It’s beyond the scope of this subject to examine each of these. However the following readings from the Internet have been located.
? FDDI : http://www.iol.unh.edu/training/fddi/htmls/index.html
? ISDN : http://www.acc.com/White/isdn.html
? Frame relay : http://www.acc.com/White/frame.html
? ATM : http://juggler.lanl.gov/lanp/atm.tutorial.html
? Ethernet : http://wwwhost.ots.utexas.edu/ethernet/
SECTION 2
2.1 TCP/IP
A) What is TCP/IP?
The Transmission Control Protocol (TCP)
The Transmission Control Protocol works with IP to provide reliable delivery. It provides a means to ensure that the various datagrams making up a message are reassembled in the correct order at their final destination and that any missing datagrams are re-sent until they are correctly received.
The primary purpose of TCP is to avoid the loss, damage, duplication, delay, or misordering of packets that can occur under IP. When IP forwards datagrams, individual datagrams may or may not arrive, and they probably will not arrive in the order in which they were sent. TCP adds the reliability that IP lacks. Also, security provisions such as limiting user access to certain machines can be implemented through TCP.
TCP provides reliability by using checksums (error detection codes) on the data, sequence numbers in the TCP header, positive acknowledgment of data received, and retransmission of unacknowledged data.
Most versions of the UNIX operating system comes with in-built support for networking. The default network protocol that UNIX systems are typically designed to talk is TCP/IP. TCP/IP is also known as the Internet Protocol Suite.
TCP/IP is the protocol used by the Internet, a network of networks spread throughout the world connecting over two million machines with over twenty million users. It is not necessary to be connected to the Internet to use TCP/IP. However being able to connect to the Internet is one of the advantages of using TCP/IP.
2.2 ISOC AND INTERNET STANDARDS
The development of Internet standards is not controlled by any one commercial organisation, even though it can be influenced by them. Instead the development of the Internet is performed by a number of different non-profit organisations including :
? The Internet Society,
A non-governmental International organisation for global cooperation and coordination for the Internet and its internetworking technologies and applications.
? The Internet Architecture Board
The Internet Architecture Board (IAB) is a body of the Internet Society responsible for overall architectural considerations in the Internet. It also serves to adjudicate disputes in the standards process.
? The Internet Engineering Task Force
The Internet Engineering Task Force (IETF) is the protocol engineering and development arm of the Internet. The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. (taken from http://www.ietf.org/)
? The Internet Engineering And Planning Group
The following readings are included to provide more information on these organisations.
Information on Internet organisations :
? ISOC The Internet Society SLOW SITE : http://www.isoc.org/
? IEPG the Internet engineering and planning group : http://www.iepg.org/
2.3 RFC’s
A) Request for comment (RFCs)
The standards used on the Internet are specified in documents called Request for Comments (RFCs). (Not all RFCs are standards). Someone proposing a new Internet standard will write and submit an RFC. The RFC will be distributed to the Internet community who will comment on it and may suggest changes. The standard proposed by the RFC will be adopted as a standard if the community is happy with it.
RFCs are assigned numbers, Figure 1 includes RFC numbers that correspond to the different protocols. If you have access to the Internet you can anonymously ftp RFCs from a number of well-known sites (including archie.au).
RFCs can and often are very technical and hard to understand unless you are familiar with the area (the RFC for ftp is about 80 pages long).
The following links might prove useful:
? Australian FTP archive of RFCs : ftp://archie.au/rfc/
? Ohio State University’s RFC archive : http://www.cis.ohio-state.edu/hypertext/information/rfc.html
? a UK based RFC archive with a search engine : http://www.connect.org.uk/techwatch/standards/index.html
2.3 TCP/IP PROOLS
A) The protocols of TCP/IP
TCP/IP is an example of a layered communications suite. The advantage of this layered approach is that the protocols at higher levels can safely assume that the lower level protocols will carry out their responsibilities.
For example TCP does not need to know anything about the hardware being used because it is hidden by the layers below it. Figure 1 displays the four different layers of TCP/IP and where some of the many protocols that make up the Internet protocol suite fit within those layers.
TCP and IP are two of the many protocols that make up the suite of Internet protocols. Figure 1 lists some of the others. Some of these protocols will be discussed in detail in the next chapter.
Other Readings On TCP/IP :
? A TCP/IP Primer SLOW SITE :
http://www.sun.com/sunworldonline/swol-11-1995/swol-11-sysadmin.html
? The Linux Network Administrator’s Guide :
(a free copy of a book published by O’Reilly and Associates. Essential if you are networking using Linux.) :
ftp://ftp.dstc.edu.au/pub/Linux/docs/LDP/network-guide/
The inclusion of these pages is intended to provide you with other readings on TCP/IP if you are interested.
B) IPv6 and Ipng
IPv6 is the formal name of a protocol developed by the IETF’s IPng (Next Generation Internet Protocol) working group. IPng is designed to be an evolutionary step from IPv4, the current version of IP being widely used.
In this subject we will not be examining IPv6 in any great detail but you should be aware of its existence. The following readings are included for interest.
Information on IPv6 :
? The Official IPng Page SLOW SITE : http://playground.sun.com/pub/ipng/html/ipng-main.html
? Another IPv6 Page : http://www.openvms.digital.com/openvms/announcements/ipc6-standards.html
? An Overview of IPng : http://playground.sun.com/pub/ipng/html/INET-IPng-Paper.html
= FIGURE 1 =
The four layers of TCP/IP
SECTION 3
Each of the four layers of TCP/IP perform a different role. In order to perform this role each layer adds a small piece of control information, called a header, onto the front of each packet of information sent.
When a packet is sent it moves down the four layers. As it passes through each layer that layer appends its header information onto the front. The information is then sent. When it is received at the other end it moves up through the layers. As it moves up each layer strips off its header information and uses it to perform some task.
Figure 2 provides a representation of this.
= FIGURE 2 =
3.2 NETWORK ACCESS LAYER
A) Network access layer
The network access layer is the bottom layer of the TCP/IP protocol stack. This layer provides the ability to transmit an IP datagram from one host to another host on the same physical network. To do this the network access layer must be aware of the details of the network hardware on which it is running. This also means that for each different type of networking hardware there must be a different network access layer.
This is the layer that is responsible for translating an Internet address into a hardware address. The process will be discussed further in a later section.
3.3 THE INTERNET LAYER
A) Internet layer
The Internet layer consists of two protocols IP, the Internet protocol and ICMP, the Internet control message protocol. IP is central to the TCP/IP protocol suite. All information being sent via TCP/IP must use IP. IP performs the following tasks
? defines the size and the format of the datagram to be transmitted,
The size of the datagram depends on the type of network hardware being used. Different types of hardware can handle different size datagrams. IP will create datagrams using the MTU, maximum transmission unit for the hardware.
? defines the Internet addressing scheme,
The header for every IP datagram will contain two IP addresses. The source IP address and the destination.
? moves data between the network access layer and the transport layer
? routes datagrams for remote machine,
? fragments and re-assembles datagrams
ICMP performs a number of control, error reporting and information functions .
* example of network access layer packet being given to IP
3.4 TRANSPORT LAYER
A) Transport layer
The transport layer’s two major protocols are ;
? Transmission Control Protocol, TCP
A reliable connection oriented protocol.
? User Datagram Protocol, UDP
An unreliable connectionless protocol
B) Ports
Both UDP and TCP support the concept of ports. On any networked computer it is likely that there will be many different programs all using the network at the same time. This means the computer is receiving multiple datagrams for a number of different programs.
How does it know which datagram belongs to which program?
When a program wishes to send or receive information over a TCP/IP network it must connect to a port. Any information that is destined for the program must be labeled with its port number. If a program wishes to send any information it must know the port number of the receiver.
Ports are implemented by the transport protocol layer. The header for both TCP and UDP contain two 16 bit numbers that are used for the source port and the destination port. The transport layer will examine the port numbers and deliver the information to the correct program.
3.5 UDP and TCP
A) UDP and TCP
UPD delivers information with a minimum of protocol overhead and is generally used when the amount of data being transmitted is small. TCP uses considerably more overhead (a TCP header consists of 6 32-bit words while a UDP header has 2).
TCP’s extra overhead is used to ensure its reliability. Each packet of information that is sent using TCP contains a checksum. The receiver of the information will examine the checksum to determine whether or not the data has arrived unchanged. If the data is unchanged the receiver will then send an acknowledgment back to the sender (”it’s okay I received that information”). If the sender does not the acknowledgment back within a certain time the sender will resend the information.
The most common alternative is UDP (”user datagram protocol”) which is designed for applications where you don’t need to put sequences of datagrams together. It fits into the system much like TCP. There is a UDP header. The network software puts the UDP header on the front of your data, just as it would put a TCP header on the front of your data. Then UDP sends the data to IP, which adds the IP header, putting UDP’s protocol number in the protocol field instead of TCP’s protocol number. However UDP doesn’t do as much as TCP does. It doesn’t split data into multiple datagrams. It doesn’t keep track of what it has sent so it can resend if necessary. About all that UDP provides is port numbers, so that several programs can use UDP at once. UDP port numbers are used just like TCP port numbers. There are well-known port numbers for servers that use UDP. Note that the UDP header is shorter than a TCP header. It still has source and destination port numbers, and a checksum, but that’s about it. No sequence number, since it is not needed. UDP is used by the protocols that handle name lookups (see IEN 116, RFC 882, and RFC 883), and a number of similar protocols.
B) Application layer
Application layer protocols include FTP Telnet RIP NFS HTTP SMTP and many others. These protocols are used to provide application level services. For example FTP defines a number of services for transferring files.
*The following chapter will discuss the application protocols in more detail.
SECTION 4
4.1 HARDWARE ADDRESSES
A) Hardware addresses
Network hardware use their own addressing schemes. For example every ethernet card has built into it a 48 bit address (called an Ethernet address or a Media Access Control, MAC, address). The high 24 bits of the address are used to assign a unique number to manufacturers of ethernet addresses and the low 24 bits are assigned to individual ethernet cards made by the manufacturer.
Some example ethernet addresses are listed below ;
00:00:0C:03:79:2F
00:40:F6:60:4D:A4
00:20:AF:A4:55:87
00:20:AF:A4:55:7B
*Notice that the last two ethernet cards were made by the same manufacturer (with the manufacturers number of ).
Every packet of information sent on ethernet contains a source and destination MAC address. The packet is placed on the ethernet network and every machine, actually the ethernet card, on the network looks at the packet. If the card recognises the destination MAC as its own it “grabs” the packet and passes it to the Network access layer. This only works when the machines are on the same physical ethernet network.
4.2 INTERNET ADDRESSES
A) Internet addresses
One of the responsibilities of the Internet protocol is to define the Internet addressing scheme. TCP/IP networking software and protocols use the IP addressing scheme to route and distribute information.
TCP/IP addresses are currently 32 bit numbers that are usually represented by four 8 bit (octets) numbers separated by full stops (called dotted decimal form) e.g. 132.22.42.1. Using 8 bits the maximum range that can be represented is 0-255 (256 numbers). This means that 257.33.33.22 is an invalid address.
For example :
The IP address 132.22.42.1 is actually stored as a 32 bit binary number. Each of the four decimal numbers above representing one byte of the final binary number
132 = 10000100
22 = 00010110
42 = 00101010
1 = 00000001
Final number is ;
10000100 00010110 00101010 00000001
B) Addresses and Interfaces
A common misconception is that an IP address belongs to the machine. For example the machine cq-pan.cqu.edu.au has the IP address 138.77.37.37. This statement is slightly incorrect. In actual fact it is the ethernet card on cq-pan that has the IP address.
IP addresses are assigned to network interfaces. A network interface might be an ethernet card, a SLIP connection over a modem, a token ring card or any other form of network connection. It is possible for one machine or device to actually have multiple network interfaces and therefore have multiple IP addresses.
= Figure 3 =
An ethernet network card
4.3 GATEWAYS AND IP ADDRESSES
A) Gateways and IP addresses
Gateways and routers are able to distribute data from one network to another because they are actually physically connected to two or more networks through a number of network interfaces. Figure 4 provides a representation of this.
The machine in the middle, the gateway machine, has two network interfaces. One has the IP address 138.77.37.1 and the other 138.77.36.1 (it’s common practice for a networks gateway machine to have the host id 1.
B) How it works
When the machine 138.77.37.37 wants to send some information to the machine 138.77.36.15 it can’t just put the data onto the network. The two machines are on separate networks. 138.77.37.37 sends the information to the gateway and “asks” the gateway to forward it onto 138.77.36.15
= Figure 4 =
A simple gateway
4.4 INTERNET ADDRESSES TO HARDWARE ADDRESSES
A) Converting Internet To Hardware Addresses
Networking hardware knows nothing about Internet addresses. Hardware general uses its own addressing scheme. It is the responsibility of the network access layer of the TCP/IP protocol stack to map Internet addresses to physical network addresses.
Different networking hardware will have different addressing schemes. Therefore this mapping will be performed differently for different hardware.
B) Address Resolution Protocol
The Address Resolution Protocol (ARP) is the protocol that performs the mapping of IP addresses to ethernet addresses. The ARP software on a machine maintains a table that contains the translation between IP address and ethernet address.
When the machine wants to send data to a local machine the ARP software is asked if it knows about the IP address. If the ARP table contains the IP address, the ethernet address is returned.
If the IP address is not known a packet is broadcast to every host on the local network containing the required IP address. Every host on the network examines the packet. If the receiving host recognises the IP address as its own, it will send a reply back that contains its ethernet address. This response is then placed into the ARP table.
The Arp Command :
On a UNIX machine you can view the contents of the ARP table using the arp command. arp -a will display the entire table.
4.5 NETWORKS AND HOSTS
A) Networks and hosts
An IP address actually consists of two parts;
? a network portion
This is used to identify the network that the machine belongs to.
? the host portion.
Uniquely identifies the host.
An IP address in total is 32 bits long. The number of bits used by the network part and the number used by the host part of the address depends on the class of the address.
B) IP Address classes
There are three main address classes, A, B and C. Table 1 summarises the differences between the three classes. The class of an IP address can be deduced by the value of the first byte of the address.
Class First byte value Size of network part Size of host part Number of hosts
A 1 to 126 8 24 16 million
B 128 to 191 16 16 64,000
C 192 to 223 24 8 254
TABLE 1
4.6 THE PING COMMAND
A) PING
The ping command is a simple utility that provides a simple test of whether or not you can talk to another machine. It is also one method by which you can discover the IP address of a machine.
The format of the ping command is simply ping host (where host can be either the hostname or the IP address). The output of the command generally takes one of two formats
? verbose
In verbose mode ping continually sends a packet of information from your machine to the destination and reports back the IP address it is sending the information to, how long the information took to be returned, and various other stats.
? not verbose
In this format ping reports back a simple message indicating whether or not the destination machine is reachable.
*Why ping fails ;
There are two cases where ping might fail;
? the machine is not reachable
There is no network connection between your machine and the destination for it to use (e.g. someone has put a back hoe through the fiber linking the two machines or the networking software is not properly configured)
? the machine is not up
The destination machine is not turned on or not responding to the network for some reason.
For example:
$ ping localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.9 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=255 time=0.6 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=255 time=0.6 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=255 time=0.6 ms
— localhost ping statistics —
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.6/0.6/0.9 ms
4.7 SPECIAL ADDRESSES
A) Special Addresses
Some IP addresses are reserved for specific purposes and you can not assign these addresses to a machine.
For example, 127.0.0.1 is the loopback address. Data sent to the address 127.0.0.1 is sent straight to the machine sending the information (the local host). If you are not connected to a network this is probably the only IP address you can use.
B) Network And Broadcast Addresses
Other special addresses include,
? the network address, and
When the host bits are all 0 the IP address is used to refer to a particular network.
? the broadcast address.
When all the host bits are set to 1 the IP address “specifies” all machines on the network.
0 and 255 have special meanings. 0 is reserved for machines that don’t know their address. In certain circumstances it is possible for a machine not to know the number of the network it is on, or even its own host address. For example, 0.0.0.23 would be a machine that knew it was host number 23, but didn’t know on what network.
255 is used for “broadcast”. A broadcast is a message that you want every system on the network to see. Broadcasts are used in some situations where you don’t know who to talk to.
4.8 LOCALHOST AND LOOPBACK
A) Localhost And Loopback
As mentioned above 127.0.0.1 is a special IP address. It refers to the local host. The local host allows software to address the local machine in exactly the same way it would address a remote machine.
4.9 SUBNETS
A) Subnets
Central Queensland University has a class B network address, 138.77.0.0. This would imply that you could make the following assumptions about the IP address 138.77.1.1. The network address is 138.77.0.0 and that the host address is 1.1, this is after all how a class B address is defined.
If you did make these implications you would be wrong.CQU has decided to break its available IP addresses into further networks, called subnets, by using subnetting. Subnetting works by moving the dividing line between the network address bits and the host address bits. Instead of using the first two bytes for the network address CQU uses subnetting to use the first three bytes.
CQU uses subnetting so the address 138.77.1.1 actually breaks up into a network address 138.77.1.0 and a host address of 1. The network 138.77.1.0 is said to be a subnet of the larger 138.77.0.0 network.
4.10 WHY SUBNET?
Subnetting is used for a number of reasons including
? security reasons,
Using ethernet all hosts on the same network can see all the packets on the network. So it makes sense to put the computers in student labs on a different network to the computer on which student results are placed.
? physical reasons,
Hardware networking, like ethernet, has physical limitations. You can’t put machines on the Mackay campus on the same network as machines on the Rockhampton campus (they are separated by about 300 kilometers). The same applies for machines into different buildings.
? political reasons, and
There may be departments or groups within an organisation that have unique needs or want to control their own network. This can be achieved by subnetting and allocating them their own network.
? hardware and software differences.
Someone may wish to use completely different networking hardware and software.
4.11 HOSTNAMES
IP addresses are fine for machines but they are difficult for people to remember. For this reason machines using TCP/IP also have host names. A fully qualified Internet host name follows the format
hostname.site.domain.country
? hostname
A name by which the machine is known. This name must be unique to the site on which the machine is located.
? site
A short name given to the site (company, University, government department etc) on which the machine resides.
? domain
Each site belongs to a specific domain. A domain is used to group sites of similar purpose together.
? country
Specifies the actual country in which the machine resides.
For example the CQU machine jasper’s fully qualified name is jasper.cqu.edu.au, where jasper is the hostname, cqu is the site name, the domain is edu and the country is au.
Domain Purpose
Edu Educational institution, university or school
Com Commercial company
Gov Government department
Net Networking Companies
4.12 QUALIFIED NAMES
hostname :
Under Linux the hostname of a machine is set using the hostname command. Only the root user can set the hostname. Any other user can use the hostname command to view the machine’s current name.
A) Qualified Names
jasper.cqu.edu.au is a fully qualified name and uniquely identifies the machine jasper on the CQU campus to the entire Internet. There cannot be another machine called jasper at CQU. However there could be another machine called jasper at James Cook University in Townsville (its fully qualified name would be jasper.jcu.edu.au).
A fully qualified name must be unique to the entire Internet. Which implies every hostname on a site should be unique.
B) Not Qualified
It is not always necessary to specify a fully qualified name. If a user on aldur.cqu.edu.au enters the command telnet jasper the networking software assumes that because it isn’t fully qualified hostname the user means the machine jasper on the current site (cqu.edu.au).
4.13 NAME RESOLUTION
A) Name Resolution
Most users will use hostnames when using the Internet. However the TCP/IP networking software always uses the host address. When you enter http://www.lycos.com/ with Netscape the first thing the networking software does is find the IP address for www.lycos.com. Once it has the IP address it can connect and download the WWW pages.
The process of taking a hostname and finding the IP address is called name resolution.
B) Methods Of Name Resolution
There are two methods that can be used to perform name resolution
? the /etc/hosts file, and
? the Domain Name Service.
4.14 /etc/hosts
A) /etc/hosts
One way of performing name resolution is to maintain a file that contains a list of hostnames and their equivalent IP addresses. Then when you want to know a machine’s IP address you look up the file.
Under UNIX the file is /etc/hosts. /etc/hosts is a text file with one line per host. Each line has the format
IP_address hostname aliases
Comments can be indicated by using the hash # symbol. Aliases are used to indicate shorter names or other names used to refer to the same host.
For example , the hosts file of the machine aldur looks like this ;
# every machine has the localhost entry
127.0.0.1 localhost loopback
138.77.36.29 aldur.cqu.edu.au aldur
138.77.1.1 jasper.cqu.edu.au jasper
138.77.37.28 pol.cqu.edu.au pol
4.15 DOMAIN NAME SERVİCE
A) Domain Name Service (DNS)
The following reading on the DNS was taken from http://www.aunic.net/dns.html
In the early days of the Internet, all host names and their associated IP addresses were recorded in a single file called hosts.txt, maintained by the Network Information Centre in the USA. Not surprisingly, as the Internet grew so did this file, and by the mid-80’s it had become impractically large to distribute to all systems over the network, and impossible to keep up to date. The Internet Domain Name System (DNS) was developed as a distributed database to solve this problem. It’s primary goal is to allow the allocation of host names to be distributed amongst multiple naming authorities, rather than centralised at a single point.
B) DNS Structure
The DNS is arranged as a hierarchy, both from the perspective of the structure of the names maintained within the DNS, and in terms of the delegation of naming authorities. At the top of the hierarchy is the root domain “.” which is administered by the Internet Assigned Numbers Authority (IANA). Administration of the root domain gives the IANA the authority to allocate domains beneath the root, as shown in the diagram below:
The process of assigning a domain to an organisational entity is called delegating, and involves the administrator of a domain creating a sub-domain and assigning the authority for allocating sub-domains of the new domain the subdomain’s administrative entity.
4.16 More DNS
This is a hierarchical delegation, which commences at the “root” of the Domain Name Space (”.”). A fully qualified domain name, is obtained by writing the simple names obtained by tracing the DNS hierarchy from the leaf nodes to the root, from left to right, separating each name with a stop “.”, e.g.
fred.xxxx.edu.au
is the name of a host system (huxley) within the XXXX University (xxx), an educational (edu) institution within Australia (au).
The sub-domains of the root are known as the top-level domains, and include the edu (educational), gov (government), and com (commercial) domains. Although an organisation anywhere in the world can register beneath these three-character top level domains, the vast majority that have are located within, or have parent companies based in, the United States. The top-level domains represented by the ISO two-character country codes are used in most other countries, thus organisations in Turkey are registered beneath tr.
The majority of country domains are sub-divided into organisational-type sub-domains. In some countries two character sub-domains are created (eg. ac.nz for New Zealand academic organisations), and in others three character sub-domains are used (eg. com.tr for Turkish commercial organisations). Regardless of the standard adopted each domain may be delegated to a separate authority.
Organisations that wish to register a domain name, even if they do not plan to establish an Internet connection in the immediate short term, should contact the administrator of the domain which most closely describes their activities.
Even though the DNS supports many levels of sub-domains, delegations should only be made where there is a requirement for an organisation or organisational sub-division to manage their own name space. Any sub-domain administrator must also demonstrate they have the technical competence to operate a domain name server (described below), or arrange for another organisation to do so on their behalf.
Domain Name Servers
The DNS is implemented as collection of inter-communicating nameservers. At any given level of the DNS hierarchy, a nameserver for a domain has knowledge of all the immediate sub-domains of that domain.
For each domain there is a primary nameserver, which contains authoritative information regarding Internet entities within that domain. In addition Secondary nameservers can be configured, which periodically download authoritative data from the primary server. Secondary nameservers provide backup to the primary nameserver when it is not operational, and further improve the overall performance of the DNS, since the nameservers of a domain that respond to queries most quickly are used in preference to any others.
4.17 /etc/resolv.conf
A) /etc/resolv.conf
When performing a name resolution most UNIX machines will check their /etc/hosts first and then check with their name server. How does the machine know where its domain name server is. The answer is in the /etc/resolv.conf file.
resolv.conf is a text file with three main types of entries
? # comments
Anything after a # is a comment and ignored.
? domain name
Defines the default domain. This default domain will be appended to any hostname that does not contain a dot.
? nameserver address
This defines the IP address of the machines domain name server. It is possible to have multiple name servers defined and they will be queried in order (useful if one goes down).For example ;
The /etc/resolv.conf file from my machine is listed below.
domain cqu.edu.au
nameserver 138.77.5.6
nameserver 138.77.1.1
4.18 The “nslookup” Command
A) nslookup
The nslookup command is used to query a name server and is supplied as a debugging tool. It is generally used to determine if the name server is working correctly and for querying information from remote servers.
Like lpc, nslookup can be used from either the command line or interactively. Giving nslookup a hostname will result in it asking the current domain name server for the IP address of that machine.
nslookup also has an ls command that can be used to view the entire records of the current domain name server.
SECTION 5
5.1 ROUTING
A) Routing
Routing is the act of deciding how each individual datagram finds its way through the multiple different paths to its destination.
For most UNIX computers the routing decisions they must make are simple. If the datagram is for a host on the local network then the data is placed on the local network and delivered to the destination host.
If the destination host is on a remote network then the datagram will be forwarded to the local gateway. The local gateway will then pass it on further.
5.2 ROUTING TABLES
A) Routing tables
Routing is concerned with finding the right network for a datagram. Once the right network has been found the datagram can be delivered to the host.
Most hosts (and gateways) on the Internet maintain a routing table. The entries in the routing table contain the information to know where to send datagrams for a particular network.
B) Constructing the routing table
The routing table can be constructed in one of two ways ;
? constructed by the Systems Administrator, sometimes referred to as static routes,
? dynamically created by a number of different available routing protocols
5.3 The “netstat” Command
A) netstat
The netstat command is used to display the status of network connections to a UNIX machine. One of the functions it can be used for is to display the contents of the kernel routing table by using the -r switch.
For example;
The following examples are from two machines on CQU’s Rockhampton campus. The first one is from telnet jasper
[david@cq-pan:~]$ netstat -rn
Kernel routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
138.77.37.0 0.0.0.0 255.255.255.0 U 0 0 109130 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 9206 lo
0.0.0.0 138.77.37.1 0.0.0.0 UG 0 0 2546951 eth0
bash$ netstat -rn
Routing tables
Destination Gateway Flags Refcnt Use Interface
127.0.0.1 127.0.0.1 UH 56 7804440 lo0
default 138.77.1.11 UG 23 1595585 ln0
138.77.32 138.77.1.11 UG 0 19621 ln0
138.77.16 138.77.1.11 UG 0 555 ln0
138.77.8 138.77.1.11 UG 0 385345 ln0
138.77.80 138.77.1.11 UG 0 0 ln0
138.77.72 138.77.1.11 UG 0 0 ln0
138.77.64 138.77.1.11 UG 0 0 ln0
138.77.41 138.77.1.11 UG 0 0 ln0
5.4 The “traceroute” Command
A) traceroute
For some reason or another, users on one machine cannot connect to another machine or if they can any information transfer between the two machines is either slow or plagued by errors.
It is not only the machines at the two ends you have to check. If the two machines are on different networks the information will flow through a number of gateways and routers. It might be one of the gateway machines that is causing the problem.
The traceroute command provides a way of discovering the path taken by information as it goes from one machine to another and can be used to identify where problems might be occurring. On the Internet that path may not always be the same.
For example
The following are the results of a number of executions of traceroute from the machine aldur (138.77.36.29).
In the first example the machine knuth is on the same network as aldur. This means that the information can get their directly.
bash$ traceroute knuth
traceroute to knuth.cqu.edu.au (138.77.36.20), 30 hops max, 40 byte packets
1 knuth.cqu.EDU.AU (138.77.36.20) 2 ms 2 ms 2 ms
Some More Internet Protocols :
FTP
file transfer. The file transfer protocol (FTP) allows a user on any computer to get files from another computer, or to send files to another computer. Security is handled by requiring the user to specify a user name and password for the other computer. Provisions are made for handling file transfer between machines with different character set, end of line conventions, etc.
FTP is a utility that you run any time you want to access a file on another system. You use it to copy the file to your own system. You then work with the local copy. (See RFC 959 for specifications for FTP.)
TELNET
remote login. The network terminal protocol (TELNET) allows a user to log in on any other computer on the network. You start a remote session by specifying a computer to connect to. From that time until you finish the session, anything you type is sent to the other computer. Note that you are really still talking to your own computer. But the telnet program effectively makes your computer invisible while it is running. Every character you type is sent directly to the other system. Generally, the connection to the remote computer behaves much like a dialup connection. That is, the remote system will ask you to log in and give a password, in whatever manner it would normally ask a user who had just dialed it up. When you log off of the other computer, the telnet program exits, and you will find yourself talking to your own computer. Microcomputer implementations of telnet generally include a terminal emulator for some common type of terminal. (See RFC’s 854 and 855 for specifications for telnet. By the way, the telnet protocol should not be confused with Telenet, a vendor of commercial network services.)
ICMP
Another alternative protocol is ICMP (”Internet control message protocol”). ICMP is used for error messages, and other messages intended for the TCP/IP software itself, rather than any particular user program. For example, if you attempt to connect to a host, your system may get back an ICMP message saying “host unreachable”. ICMP can also be used to find out some information about the network. See RFC 792 for details of ICMP. ICMP is similar to UDP, in that it handles messages that fit in one datagram. However it is even simpler than UDP. It doesn’t even have port numbers in its header. Since all ICMP messages are interpreted by the network software itself, no port numbers are needed to say where a ICMP message is supposed to go.
Conclusions
? RFC791 on the Internet protocol offers the following defintions of hostnames, IP addresses and routes
? A name indicates what we seek. An address indicates where it is. A route indicates how to get there.
? TCP/IP, the Internet Protocol suite is a layered communications protocol suite consisting of four layers and a large number of protocols. The four layers of TCP/IP are the ;
application layer,
Responsible for providing high level application services e.g. transferring files.
transport layer,
Protocols responsible for providing the ability to multiplex and deliver data to a remote machine
internet layer,
Defines Internet addressing, routing and the Internet datagram.
network access layer.
Hides hardware implementation details from the Internet layers. Services include translating IP addresses into hardware addresses
? Internet standards are defined by Request for Comments (RFCs). The development and the planning of the Internet is performed by a number of non-profit organisations including the Internet Society, Internet Architecture Board, Internet Engineering Task Force and the Internet Engineering and Planning Group.
? An IP address is a 32 bit number usually represented using dotted decimal notation where each of the four bytes are represented as decimal numbers separated by dots, e.g. 138.77.1.1. Every machine on the Internet has both an IP address and a fully qualified hostname. All transmission of information on the Internet uses the IP address.
? Hostnames are used by human beings. Name resolution, the act of converting a hostname to an IP address, is performed using a combination of the file /etc/hosts and the domain name service.
? Routing is the process of deciding which route a packet of information will use to reach its destination. Each machine on the Internet maintains a routing table that defines where it will route packets. Under UNIX the routing table can be viewed using the netstat command. The route a packet follows can be viewed using the traceroute command. Routing tables are either created
statically, or by the systems administrator configuring the system, using the startup or configuration fiels, to used a pre-defined, unchanging route.dynamically.
? There are protocols, part of TCP/IP, that will dynamically modify the routing table in response to events.
? Adding a host to the network requires obtaining, installing and configuring the necessary network hardware, gather the required information including IP address and hostname of the new host, the gateway and the name server, the network address and the subnet mask, modify the appropriate configuration and startup files with that information, make sure the new host has an entry in the domain name service, test the connection.