Describe four (4) services that are part of the TCP/IP protocol suite that would probably be implemented within a network centre to manage: naming within legacy systems automated issuing of IP Addresses name to IP Address translation private IP addressing Section Outcome (TCP/IP Services)
Dynamic Host Configuration Protocol (DHCP) Domain Name System (DNS) Windows Internet Naming System (WINS) Network Address Translation (NAT) Overview
Administering IP Address allocation - Static configuration (becomes impossible as network grows in size) - Dynamic configuration (automated system of IP address, subnet details and other network information delivery) DHCP
DHCP Note, not just for delivering the IP Addresses
Simplified but typical infrastructure ISP Hamilton Network Centre Telkom To upstream service provider Diginet Link IT Div Network Centre Firewall Free BSD DHCP Server DNS ServerJackallGecko East lab etc
Static VS Dynamic IP Addressing Pool of IP Addresses known as Scopes DHCP Renewal Process DHCP Server per Segment DHCP Relay Agent DHCP
DHCP DHCP Client DHCP Server DHCPDiscover DHCPAcknowledgement DHCPRequest DHCPOffer
Automatic Private IP Addressing (APIPA) through through through through Network Address Translation (NAT) Multicast Scopes ( – ) Scopes and SuperscopesDHCP
DHCP Three DHCP Implementations: Dynamic allocation - Leased basis from available pool Automatic allocation - Permanent allocation for duration of communication. Maintains historical list. Static allocation - MAC/IP address allocation, one MAC address will have the same IP address all the time
Network Address Translation (NAT) ISP Office Telkom To upstream service provider Diginet Link Computer running: Network Address Translation (NAT) Firewalling DHCP A class C IP Address Internal IP Addresses
Host File or DNS Server Different Levels of Domain -Root-level “.” -Top level domain(gov / com / org) -Second level(Course / Microsoft) - Subdomain(sales / marketing) DNS
DNS Top Level -gov (U.S. government agencies) -com (Commercial organizations) -mil (U.S. military services) -edu (Educational institutions) -net (ISP’s) - org (Nonprofit organisations)
Primary Name Server has DNS zone file. Authoritative for Domain means server holds the main DNS zone file Primary name server holds a read / write copy of zone file Incremental Zone Transfers DNS
DNS Query Process
DNS and ISP’s
DNS Win2003/7+ provides a full-featured DNS server integrated with older DNS methods such as host files FreeBSD, UNIX etc Primary and Secondary Zones Can be primary server for one zone and secondary for another Win 2003/7+ DNS supports Active Directory Dynamic DNS, clients can create their own A records
DNS Caching-only servers Forward lookup zones In-addr.arpa (name given to reverse lookup zone file) Iterative vs recursive Secondary name servers (read only copies of zone file) Zone transfers
WINS Used for identification in older pre-Windows 2000/3/7 Server versions. Just as DNS provides IP Addresses for host names, Windows Internet Name Service (WINS) provides IP Addresses for NETBIOS computer names.
WINS Subnet 2 Subnet 1 WINS Server Other Servers WINS Server Other Servers No Broadcast Traffic Router
Proxies Forward Facing Proxy
Proxies Keep machines behind it anonymous. To speed up access to resources (using caching). To log / audit usage To scan transmitted content for malware before delivery. To scan outbound content, e.g., for data loss prevention. Access enhancement/restriction
Proxies Open Proxy Allows users to conceal their IP Address
Proxies Reverse Proxy
1.Security 2.Act as a firewall 3.SSL Encryption 4.Load-balancing 5.Cache static content 6.Compression 7.Spoon-feeding 8.Multiple servers on the same public IP address Proxies
Firewalls
Demilitarized Zone (DMZ)
References: Napier, A., Judd, P., Rivers, O., and Adams, A., (2003) E-Business Technologies Thomson Course Technologies ISBN: x Panko, R (2005) Business Data Networks and Communications, 5 th edition, Prentice Hall ISBN: Schneider E-Business, Eighth Edition ISBN-13: Hogan, F., (2005) Internet Presentation