pp

Images

Key Questions

What is a protocol ?

layered protocol stacks

This layered arrangement is not confined to networking, and how it works is probably best understood if you compare it to real life example.

We will divide the task into two distinct processes as follows:

  • 1
    Take a package, wrap it and address it.
    Send it to the destination
  • 2
    Receive the package
    Deliver it to the recipient

Why not use one single protocol to transfer data from one application to another?

The answer is that any of the layers/tasks can be changed without affecting the other layers.

One of the great benefits of TCP/IP is that it provides interoperable communications between all types of hardware and all kinds of operating systems.

A sign of the network’s success is the confusion that surrounds the term internet. Originally it was used only as the name of the network built upon IP. Now internet is a generic term used to refer to an entire class of networks. An internet (lowercase “i”) is any collection of separate physical networks, interconnected by a common protocol, to form a single logical network. The Internet (uppercase “I”) is the worldwide collection of interconnected networks

Key Questions

What is a protocol ?

layered protocol stacks

This layered arrangement is not confined to networking, and how it works is probably best understood if you compare it to real life example.

We will divide the task into two distinct processes as follows:

  • 1
    Take a package, wrap it and address it.
    Send it to the destination
  • 2
    Receive the package
    Deliver it to the recipient

Why not use one single protocol to transfer data from one application to another?

The answer is that any of the layers/tasks can be changed without affecting the other layers.

One of the great benefits of TCP/IP is that it provides interoperable communications between all types of hardware and all kinds of operating systems.

A sign of the network’s success is the confusion that surrounds the term internet. Originally it was used only as the name of the network built upon IP. Now internet is a generic term used to refer to an entire class of networks. An internet (lowercase “i”) is any collection of separate physical networks, interconnected by a common protocol, to form a single logical network. The Internet (uppercase “I”) is the worldwide collection of interconnected networks

TCP

The most common protocol used in the transport layer is TCP (Transmission Control Protocol). This is a connection oriented protocol. TCP offers reliable, peer-acknowledged, ordered, session-based connectivity between two hosts.

TCP Reliability

During sending data, TCP assures that data has been provided to the recipient. The receiver checks if the received packet was intact during transmission (by checking the checksum of the data) and, if so, the receiver confirms it by sending an acknowledgement to the sender. If the sender doesn't receive the acknowledgement for a message within some time period, it will resend the lost packet.

After several unsuccessful attempts, TCP assumes that the receiver is unreachable and informs the application layer that the transmission has failed.

TCP Ordering

The TCP header contains a field with the message sequence number. The sequence number is incremented by one for every message sent. During receiving data, TCP rearranges incoming packets and put them in the right order. Thanks to that, the application layer doesn't need to care about the ordering of network packets.

TCP Header

TCP Session

TCP Usage

TCP is widely used by protocols and applications that require high reliability. It is not as fast as UDP but, if configured properly, it still provides quite good speed together with high quality of transmitted data.

There are a lot of application layer protocols that are most mostly used together with TCP. Some of the most popular ones are:

  • HTTP, HTTPS
  • FTP
  • SMTP
  • Telnet
  • UDP

    The second popular protocol that is used in the transport layer is UDP (User Datagram Protocol or Universal Datagram Protocol), a simpler, connectionless protocol. One program just sends some packages to another, without creating any kind of relation between them.

    Due to its simplicity UDP is faster than TCP. On the other hand, it doesn't provide such reliability as TCP. There is no guarantee that the messages would reach the receiver. UDP doesn't deliver packets in the same order that they were sent. It is up to the application to check that the received messages are intact and to deal with data in the correct order.

    UDP Usage

    UDP is preferred if unimportant data is transmitted or the communication has to be really fast. For example, UDP is used for DNS requests (because of a huge number of clients sending many short messages to relatively few DNS servers). Similarly, during audio and video transmission the loss of some packets is not so damaging to the receiver.

    There are a lot of application layer protocols that use UDP, for example:

    Analogy between the postal network and TCP/IP

    Both the post office and Internet separate responsibility into independent layers. Here is a comparison of the operation of the post office and the TCP/IP protocols.

    Application layer

    Postal network: Someone writes a letter to a friend in New York, addresses it, and drops it in a mailbox. The friend opens the letter and reads it with a smile on his face. Neither of them think about how the letter got there -- did it go in a Ford or Chevrolet truck to the airport, what was the name of the person driving the truck, did it fly straight to New York or was it transferred to another plane in Kansas City, etc.? They are working at the application layer -- getting work done. They are communicating directly with each other, unaware of the underlying delivery mechanism.

    TCP/IP: A user retrieves a Web page from a server in New York by typing a URL into a browser and clicking the enter key. The server receives the request, finds the page on its hard drive and sends it back to the user. Neither the user nor the client or server software is aware of the way the messages were delivered -- did they go over wireless connections, how many routers did they pass through, who manufactured the routers, was the server a PC or a rack-mounted machine, was it running IIS or Apache, etc.? There are many application layer protocols.

    Transport layer

    Postal network: If you accidentally write the wrong address on a letter to someone in Kansas, a postal employee in Kansas will stamp it "address unknown" and it will be returned to you. You will also be informed if a registered letter cannot be delivered. You will be unaware of the details of the error message delivery system, and it will be up to you to decide what to do next.

    TCP/IP: Transport layer software establishes a connection between a client and server then monitors that connection for errors. It also slows transmission if it gets too fast to handle at the other end. Transport layer software is not concerned with how the data is actually moved from one point to the other -- that is the responsibility of lower level software. There are two transport layer protocols TCP (reliable) and UDP (unreliable, but fast). If TCP tries repeatedly and errors persist, it informs its "boss," the application program.

    Internet layer

    Postal network: Airplanes move letters between cities. The pilot does not pay attention to who the letters are addressed to or from, what they say, or whether they contain photos and drawings or only written words.

    TCP/IP: Internet layer programs move data between networks. IP is the internet layer protocol. IP software ignores the data, and it does the same thing with a packet whether it comes from the Dalai Lama or your mother in law. Once the data gets to its destination local area network (LAN), it is handed over to data linklayer software or firmware for delivery to the proper computer.

    Data link layer

    Postal network: Trucks move letters within a city.

    TCP/IP: Data Link layer programs move (incoming and outgoing) data within LANs. Ethernet is the most common data link protocol. A data link program is not concerned with how outgoing data will be handled once it leaves the LAN or how incoming data got there. That is the responsibility of the internet layer software.

    Physical layer

    Postal network: People use pens and paper to write letters, and the recipient reads them using reflected light and sometimes glasses.

    TCP/IP: Physical layer protocols specify the means of representing ones and zeros (bits). The method of transmitting them between two points using wire, radio, fiber, etc. is also specified. There are many ways to make ones and zeros and many ways to transmit them so there are many physical layer protocols.

    Breaking the rules

    These are ideal descriptions. In real life, a postman might read a letter or decide not to deliver it. On the Internet, a router may be programmed to process packets from the owner of a competing service slowly or to send copies of packets containing certain content to a government security agency. In the postal network, there are laws against tampering with mail. Some people advocate network neutrality laws against differential treatment of packets on the Internet.


    Basic Networking

    What is a network ? A group of 2 or more devices that can communicate.

    • Hardware
    • Software
    • Medium :  Ethernet Cable Wi Fi
    • Protocols

    Advantages of networks

    Communication

    People can communicate with others all over the world at a very low cost using e- mail, chat, telephone, video telephone, video conferencing and SMS (Short Message Service and is also commonly referred to as a "text message") services

    Communication

    In a network, resources such as printers, scanners, fax machines and modems can be shared among the users.

    Communication

    Application programmes (known as Apps) and software are generally stored on the central computer server and are accessible to any workstation connected to this network.

    Communication

    Users on a network can access data stored on other computers and on the internet. Known as Databases, these systems are used in companies to hold information such as customer, product or employee information. Database information can be stored in-house on a computer server or in the Cloud...


    Types of Network - Topology

    • Ring
    • Bus
    • Star

    A Computer can only talk if it has the token/Microphone

    Advantages

    • Transmission of data easy one way so no collisions
    • Easy to add new computers

    Disadvantages

    • Data must pass through other computers to reach destination - make it slow
    • One machine down or switched off whole network down

    Advantages

    • Easy to install or add extra devices
    • Any node an communicate if the bus is not being used/ check for signal before transmit
    • As add more devices collisions will be more frequent and can slow the network

    Disadvantages

    • Collisions can slow network communication as network grows. 

    Advantages

    • No Collisions so FASTER
    • More Reliable
    • Easy to trouble shoot 

    Disadvantages

    • If switch fails entire network down
    • More cable than bus or  ring

    Private IP Address

    192.168.?.?   These are reserved for private IP addresses - Default settings on Router

    Network Address Translation (NAT) is a method of connecting multiple devices to the internet using one public IP address.

    he best way to explain NAT is to use the example of a phone system at an office that has one public telephone number and multiple extensions. This type of telephone system allows people to call you on a single public telephone number and performs the translation and routing of the public number to a particular private extension. Similarly, in order to receive an IP call from a remote codec over the public internet, the same network address translation principle applies. NAT and port forwarding allows a single device, such as a broadband router, to act as an agent between the public internet and a local private LAN.

    14/ Nov Activity HomeWork ( if not finished ) -  Present Findings on Friday can use 1 slide.  Complete Table below and post to your blog -  Will be graded on Friday

    Client Server Advantages

    • 1
      List Element
    • 2
      List Element
    • 3
      List Element

    Peer to Peer Advanatges

    • 1
      List Element
    • 2
      List Element
    • 3
      List Element

    Client Server Disadvantages

    • 1
      List Element
    • 2
      List Element
    • 3
      List Element

    Peer to Peer Disadvantages

    • 1
      List Element
    • 2
      List Element
    • 3
      List Element

    VPN's

    When you use a private WAN connection from a service provider, you trust them that they treat your data confidential. The service provider will make sure that they separate traffic from different customers and that nobody else is able to see your data.

    What about the Internet? When you send traffic from A to B using the Internet, you have no control at all which networks are used to get from the source to the destination. Someone in between the traffic path might be capturing your packets and you wouldn’t know.

    PNs provide a couple of features such as:

    • Confidentiality: preventing anyone from reading your data. This is implemented with encryption.
    • Authentication: verifying that the router/firewall or remote user that is sending VPN traffic is a legitimate device or router.
    • Integrity: verifying that the VPN packet wasn’t changed somehow during transit.
    • Anti-replay: preventing someone from capturing traffic and resending it, trying to appear as a legitimate device/user.

    Site-to-site VPN

    With the site-to-site VPN, we have a network device at each site, between these two network devices we build a VPN tunnel. Each end of the VPN tunnel will encrypt the original IP packet, adds a VPN header, a new IP header and then forwards the encrypted packet to the other end of the tunnel.

  • H1 sends an IP packet with source 192.168.1.1 and destination 192.168.2.2.
  • R1 encrypts the IP packet, adds a VPN header and creates a new IP header with its own public IP address as the source and 2.2.2.2 as the destination.
  • R1 sends the new packet to R2.
  • R2 receives the packet, checks if the packet really came from R1, decrypts it and forwards it to H2.
  • H2 receives the original IP packet.
  • Client  to Server  VPN

    The client-to-site VPN is also called the remote user VPN. The user installs a VPN client on his/her computer, laptop, smartphone or tablet. The VPN tunnel is established between the user’s device and the remote network device. Here’s an example:

    SSL VPN

    SSL (Secure Sockets Layer)  is a protocol that is normally used to encrypt traffic between a web browser and web server. When you surf the web using HTTP, everything is clear text. For secure connections, we use HTTPS. We can use the same technology for VPNs.

    Even though it’s called SSL VPN, nowadays we use TLS (Transport Layer Security) for HTTPS, which is the successor of SSL.

    One of the advantages of SSL VPN is that since it uses HTTPS, you can use it pretty much everywhere. Most public wifi hotspots do permit HTTPS traffic while some might block other traffic like IPSec. Another reason why SSL VPN is popular is that you don’t always have to use a software client.

    Most SSL VPN solutions offer a “portal” through the web browser that you can use to access applications. For some advanced features, you might have to install a software client.

    If you want to see an example of what SSL VPN looks like, you can take a look at my Cisco ASA Anyconnect Remote VPN lesson.

    Conclusion

    In this lesson you have learned some of the basics of VPNs:

    • VPNs can be used as an alternative to private WAN connections and offer a secure connection over an insecure medium, such as the Internet.
    • VPNs offer features such as confidentiality, authentication, integrity and anti-replay.
    • The two most common VPN types are site-to-site VPNs and client-to-site VPNs.
    • Some common VPN protocols are:
      • IPSec: a framework that provides security on layer three of the OSI model.
      • PPTP: an old VPN protocol that uses PPP and GRE, insecure and should not be used anymore.
      • L2TP: a VPN protocol that tunnels layer two traffic, does not offer any encryption so should be used together with IPsec.
      • SSL VPN: uses SSL (HTTPS) to create a secure connection with the web browser.
    Scroll to Top