1. An Introduction to Networking Chapter 1 Panko’s Business Data Networks and Telecommunications, 6 th edition Copyright 2007 Prentice-Hall (Modified by Kevin Lin- -Taiwan ) Copyright 2007 Prentice-Hall (Modified by Kevin Lin- 嘉大 -Taiwan )

2. 企業通訊 2008@mis.NCYU An Introduction to Networking 2/84 Outline 1. Basic Networks Concepts 2. The Nine Elements of a Network 3. Transmission Speed 4. LANs and WANs 5. Internets 6. Security

3. Part I: Basic Networks Concepts Concepts we will see throughout the book

4. 企業通訊 2008@mis.NCYU An Introduction to Networking 4/84 Figure 1-1: Basic Networking Concepts  What is a network? –The basic idea:

5. 企業通訊 2008@mis.NCYU An Introduction to Networking 5/84 Figure 1-1: Basic Networking Concepts  What is a network? –A network is a transmission system that connects two or more applications running on different computers. Users only care about applications.Users only care about applications. It is our job to make networking invisible to the user.It is our job to make networking invisible to the user. Network

6. 企業通訊 2008@mis.NCYU An Introduction to Networking 6/84 Figure 1-2: The Internet and Applications Client Computer Mobile Client Computer Browser E-Mail Client Webserver Application Server Computer (Webserver) E-Mail Application Server Computer (Mail Server) The Internet is a global TRANSMISSION system. Not just the World Wide Web Internet The Internet (Global transmission system to carry application data) Internet The Internet (Global transmission system to carry application data)

7. 企業通訊 2008@mis.NCYU An Introduction to Networking 7/84 Figure 1-1: Basic Networking Concepts  The Internet –Client/server applications PC clients receive service from serversPC clients receive service from servers Many C/S applications need special clientsMany C/S applications need special clients Many (but not all) C/S applications only need a browserMany (but not all) C/S applications only need a browser –webapp Client Computer Server Computer Server ProgramClient Program

8. 企業通訊 2008@mis.NCYU An Introduction to Networking 8/84 Figure 1-1: Basic Networking Concepts  Internal Corporate Networks –For transmission among computers within a corporation Typically, only about 10% of all corporate traffic typically involves Internet applicationsTypically, only about 10% of all corporate traffic typically involves Internet applications – 過去主要流量： Transaction processing applications High-volume clerical applicationsHigh-volume clerical applications Accounting, payroll, billing, etc.Accounting, payroll, billing, etc. – 現在主要流量可能是 Voice over IP (VoIP) or P2P?or P2P?

9. 企業通訊 2008@mis.NCYU An Introduction to Networking 9/84 Figure 1-1: Basic Networking Concepts  Data Communications and Telecommunications –Data communications (datacoms), as the name suggests, involves the transmission of data (text, numbers, pictures, and other information). –In turn, telecommunications (telecoms) is the transmission of voice and video, including ordinary telephony and broadcast and cable television. –Beginning to converge ADSL vs. SkypeADSL vs. Skype

10. 企業通訊 2008@mis.NCYU An Introduction to Networking 10/84 Figure 1-1: Basic Networking Concepts  Digital Transmission –Information is first converted into a string of ones and zeros (binary)  digital communication –Next, the ones and zeros are converted into signals that propagate over transmission media. ( More detail in Chapter 3 ) Hello… 12345… 101001 1000100

11. Part II:The Nine Elements of a Network Although the idea of “network” is simple, you must understand the nine elements found in most networks

12. 企業通訊 2008@mis.NCYU An Introduction to Networking 12/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 2 Switch 3 Message (Frame) Access Line Trunk Line Server ApplicationClient Application Networks connect applications on different computers. Applications are all users care about Networks connect applications on different computers. Applications are all users care about 

13. 企業通訊 2008@mis.NCYU An Introduction to Networking 13/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 2 Switch 3 Message (Frame) Access Line Trunk Line Server ApplicationClient Application Networks connect computers: clients (fixed and mobile) and servers Networks connect computers: clients (fixed and mobile) and servers  

14. 企業通訊 2008@mis.NCYU An Introduction to Networking 14/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 3 Message (Frame) Trunk Line Server ApplicationClient Application The path a frame takes is called its data link The path a frame takes is called its data link Computers (and routers) usually communicate by sending messages called frames Computers (and routers) usually communicate by sending messages called frames Data Link 

15. 企業通訊 2008@mis.NCYU An Introduction to Networking 15/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 4 Message (Frame) Trunk Line Server ApplicationClient Application Switch 2 Switch 1 Switch 3 Frame to Sw1 Frame to Sw1 Frame to Sw2 Frame to Sw2 Frame To Sw3 Frame To Sw3 Frame to Server Frame to Server Frames are forwarded within a single network by devices called Switch es 

16. 企業通訊 2008@mis.NCYU An Introduction to Networking 16/84 Figure 1-5: Ethernet Switch Operation A1-44-D5-1F-AA-4C B2-CD-13-5B-E4-65 Switch D4-47-55-C4-B6-F9 C3-2D-55-3B-A9-4F Port 15 Frame to C3… A1- sends a frame to C3-… Frame to C3… Switch sends frame to C3-… Switching Table PortHost 10A1-44-D5-1F-AA-4C 13B2-CD-13-5B-E4-65 15C3-2D-55-3B-A9-4F 16 D4-47-55-C4-B6-F9 Switching Table PortHost 10A1-44-D5-1F-AA-4C 13B2-CD-13-5B-E4-65 15C3-2D-55-3B-A9-4F 16 D4-47-55-C4-B6-F9 15C3-2D-55-3B-A9-4F C3- is out Port 15 1 2 3

17. 企業通訊 2008@mis.NCYU An Introduction to Networking 17/84 Figure 1-3: Elements of a Network Both sizes of switches are 48 cm (19 inches) wide Small Switches (Stacked): Workgroup Switches (to link stations to network) Large Switch (Chassis Switch) Central Core Switch

18. 企業通訊 2008@mis.NCYU An Introduction to Networking 18/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 2 Switch 3 Switch 4 Message (Frame) Access Line Trunk Line Server ApplicationClient Application Wireless access points connect wireless stations (mobile devices) to switches Wireless access points connect wireless stations (mobile devices) to switches 

19. 企業通訊 2008@mis.NCYU An Introduction to Networking 19/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 2 Switch 3 Switch 4 Message (Frame) Access Line Trunk Line Server ApplicationClient Application Routers connect networks to the outside world. Routers forward messages outside of a single network, to other networks. Routers connect networks to the outside world. Routers forward messages outside of a single network, to other networks. 

20. 企業通訊 2008@mis.NCYU An Introduction to Networking 20/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 2 Switch 3 Switch 4 Message (Frame) Access Line Trunk Line Server ApplicationClient Application Access lines connect computers to switches Access lines connect computers to switches 

21. 企業通訊 2008@mis.NCYU An Introduction to Networking 21/84 Figure 1-3: Elements of a Network Wireless Access Point Mobile Client Router Outside World Server Computer Client Computer Switch 1 Switch 2 Switch 3 Switch 4 Message (Frame) Access Line Trunk Lines Server ApplicationClient Application Trunk lines connect switches to switches and switches to routers Trunk lines connect switches to switches and switches to routers Trunk Line 

22. 企業通訊 2008@mis.NCYU An Introduction to Networking 22/84 Figure 1-4: Packet Switching and Multiplexing Client Station A Mobile Client Station B Router D Server Station C  Trunk line multiplex es the messages of multiple conversations AC BD Access Line Trunk Line  Packet Switching : Conversations are broken into small messages So packet switching/multiplexing reduces the cost of trunk lines ( ∵ share the trunk line’s capacity) ( Other costs actually are increased ： packet switches are more expensive )

23. Part III:Transmission Speed

24. 企業通訊 2008@mis.NCYU An Introduction to Networking 24/84 Figure 1-6: Transmission Speed  Measuring Transmission Speed –Measured in bits per second ( bps ) –In metric notation: Increasing factors of 1,000 …Increasing factors of 1,000 … –Not factors of 1,024 Kilobits per second (kbps) - note the lowercase kKilobits per second (kbps) - note the lowercase k Megabits per second (Mbps)Megabits per second (Mbps) Gigabits per second (Gbps)Gigabits per second (Gbps) Terabits per second (Tbps)Terabits per second (Tbps)

25. 企業通訊 2008@mis.NCYU An Introduction to Networking 25/84 Figure 1-6: Transmission Speed  Measuring Transmission Speed –The rule ： there should be 1 to 3 places before the decimal point –273.44 Gbps –15,100,000 bps  15.1 Mbps –0.036 Mbps  36 kbps  Occasionally measured in bytes per second This may be done for file downloadsThis may be done for file downloads Written as BpsWritten as Bps

26. 企業通訊 2008@mis.NCYU An Introduction to Networking 26/84 Figure 1-6: Transmission Speed  Rated Speed vs. Throughput –Rated speed is the speed a network should provide, based on standards –Throughput is the speed a network actually provides We will use this distinction constantly throughout this bookWe will use this distinction constantly throughout this book –When transmission capacity is shared by multiple users, The total shared throughput is the aggregate throughputThe total shared throughput is the aggregate throughput Individual throughput is what individuals receive as a fraction of the aggregate throughputIndividual throughput is what individuals receive as a fraction of the aggregate throughput

27. Part IV:LANs and WANs

28. 企業通訊 2008@mis.NCYU An Introduction to Networking 28/84 First Bank of Paradise (FBP)  The book’s running case study –Composite mid-size bank in Hawaii –Banks are fairly “typical” firms, although they have stronger need for security –Warren Chun is the chief information officer (CIO) –Yvonne Champion is the network manager –Annual Revenues: $4.5 Billion –Operations 60 Branches60 Branches 375 ATMs (Automated Teller Machines)375 ATMs (Automated Teller Machines)

29. 企業通訊 2008@mis.NCYU An Introduction to Networking 29/84 First Bank of Paradise (FBP)  Network –700 Ethernet switches –450 Routers  Computers –2,300 desktop and notebook user PCs –130 Windows servers –60 Unix servers  Information Systems Staff –112 people

30. 企業通訊 2008@mis.NCYU An Introduction to Networking 30/84 Figure 1-7: The First Bank of Paradise’s Wide Area Networks (WANs) Operations Headquarters North Shore T3 Leased Line T3 Branches in State (60) ISP 1 ISP 2 Da Kine Island Credit Card Authorization Bureau 56 kbps 2 PVCs PVC 1 PVC 2 56 kbps T1T1 T1T1 Fractional T1 Line redundancy Internet Bank has multiple facilities connected by multiple WANs Bank has multiple facilities connected by multiple WANs

31. 企業通訊 2008@mis.NCYU An Introduction to Networking 31/84 Figure 1-7: The First Bank of Paradise’s Wide Area Networks (WANs)  LANs transmit data within corporate sites –LAN is the network within a site  WANs transmit data between corporate sites –WAN is a network that links different sites together  Each LAN or WAN is a single network  LAN costs are low and speeds are high  WAN costs are high and speeds are lower WAN

32. 企業通訊 2008@mis.NCYU An Introduction to Networking 32/84 WAN  WAN is a single network –built by a carrier (ISP 、固網電信公司 )  Possible solutions –Point-to-Point Leased Line Networks （例：中華電信 T1, T3 專線） –Public Switched Data Networks (PSDN) Frame Relay （例：亞太線上 — 訊框傳送服務）Frame Relay （例：亞太線上 — 訊框傳送服務） ATM (Asynchronous Transfer Mode) （例：台灣固網 — 國內數據 —ATM 服務）ATM (Asynchronous Transfer Mode) （例：台灣固網 — 國內數據 —ATM 服務） MPLS （例：易達通電訊）MPLS （例：易達通電訊） Metropolitan Area EthernetMetropolitan Area Ethernet 易達通電訊 MPLS-VPN 6-27-1 補充補充

33. 企業通訊 2008@mis.NCYU An Introduction to Networking 33/84 WAN-2 WAN-1 LAN ＋ WAN vs. Internet ＋ Intranet LAN-1 LAN-2 LAN-3 LAN-1 LAN-2 LAN-3 LAN-4 LAN-5 WAN-3 LAN-1 WAN-4 LAN-4 LAN-1 中國 台灣美國 6-27-2 補充補充

34. 企業通訊 2008@mis.NCYU An Introduction to Networking 34/84 Figure 1-8: LANs vs. WANs Characteristics Scope Cost per bit Transmitted Typical Speed LANs For transmission within a site ( 場所 ): campus,building, and SOHO (Small Office or Home Office) LANs Low Unshared 100 Mbps to a gigabit per second to each desktop. Even faster trunk line speeds. Unshared 100 Mbps to a gigabit per second to each desktop. Even faster trunk line speeds. WANs For transmission between sites For transmission between sites High Shared 128 kbps to several megabits per second trunk line speeds Shared 128 kbps to several megabits per second trunk line speeds

35. 企業通訊 2008@mis.NCYU An Introduction to Networking 35/84 Figure 1-8: LANs vs. WANs Characteristics Management LANs WANs On own premises, so firm builds and manages its own LAN or outsources the Work On own premises, so firm builds and manages its own LAN or outsources the Work Must use a carrier with rights of way for transmission in public Area. Carrier handles most work but Charges a high price. Must use a carrier with rights of way for transmission in public Area. Carrier handles most work but Charges a high price. Choices Unlimited Only those offered by carrier Only those offered by carrier

36. 企業通訊 2008@mis.NCYU An Introduction to Networking 36/84 Figure 1-9: Local Area Network (LAN) in a Large Building Multi-floor Office Building The bank has multiple LANs — one at each site (buildings, branch offices…)

37. 企業通訊 2008@mis.NCYU An Introduction to Networking 37/84 Figure 1-9: Local Area Network (LAN) in a Large Building Router Core Switch Workgroup Switch 2 Workgroup Switch 1 Wall Jack To WAN Wall Jack Server Client Frames from the client to the server go through Workgroup Switch 2, through the Core Switch, through Workgroup Switch 1, and then to the server

38. Part V:Internets

39. 企業通訊 2008@mis.NCYU An Introduction to Networking 39/84 Figure 1-11: Internets  Single LANs vs. Internets –In single networks (LANs and WANs), all devices connect to one another by switches—our focus so far. –In contrast, an internet is a group of networks connected by routers so that any application on any host on any single network can communicate with any application on any other host on any other network in the internet. LAN WAN LAN Application Router

40. 企業通訊 2008@mis.NCYU An Introduction to Networking 40/84 Figure 1-11: Internets  Internet Components –All computers in an internet are called hosts Servers, clients, PDAs, cellphones, etc.Servers, clients, PDAs, cellphones, etc. Cat Internet Client PC (Host) Cellphone (Host) VoIP Phone (Host) PDA (Host) Server (Host)

41. 企業通訊 2008@mis.NCYU An Introduction to Networking 41/84 Figure 1-11: Internets  Hosts have two addresses  IP Address –This is the host’s official address on its internet –32 bits long (just for IPv4) –Expressed for people in dotted decimal notation e.g., 128.171.17.13  Single-Network Addresses ( MAC Address ) –This is the host’s address on its single network –For instance, Ethernet addresses are 48 bits long –Expressed in hexadecimal notation e.g., AF-23-9B-E8-67-47

42. 企業通訊 2008@mis.NCYU An Introduction to Networking 42/84 Figure 1-11: Internets  Networks are connected by devices called routers –Switches provide connections within networks, while routers provide connections between networks in an internet.  Frames and Packets –In single networks (LANs and WANs), message are called frame s –In internets, messages are called packet s

43. 企業通訊 2008@mis.NCYU An Introduction to Networking 43/84 Figure 1-12: Internet with Three Networks (Source) Host A Network X (LAN) Network Y (WAN) (LAN) Network Z R1 R2 Route A-B Packet A packet goes all the way across the internet; It’s path is its route A packet goes all the way across the internet; It’s path is its route X2X1X1 Z1Z2Z2 Host B (Destination)

44. 企業通訊 2008@mis.NCYU An Introduction to Networking 44/84 Figure 1-11: Internets  Packets are carried within frames –One packet is transmitted from the source host to the destination host across the entire internet –Within a single network, the packet is encapsulated in (carried in) the network’s frame Frame Truck (frame) Package (Packet) Packet Source: A Destination: B Source: A Destination: R1

45. 企業通訊 2008@mis.NCYU An Introduction to Networking 45/84 Figure 1-12: Internet with Three Networks Mobile Client Host Server Host Switch X2 Switch X1 Switch Router R1 D6-EE-92-5F-C1-56 Network X Route A-B A route is a packet’s path through the internet A route is a packet’s path through the internet Data link A-R1 Data link A-R1 A data Link is a frame’s path through its single network A data Link is a frame’s path through its single network In Network X, the Packet is Placed in Frame X Host A 10.0.0.23 AB-23-D1-A8-34-DD Switch Packet Frame X

46. 企業通訊 2008@mis.NCYU An Introduction to Networking 46/84 Figure 1-12: Internet with Three Networks Router R1 Router R2 AF-3B-E7-39-12-B5 Packet Frame Y To Network X To Network Z Network Y Data Link R1-R2 Route A-B Packet

47. 企業通訊 2008@mis.NCYU An Introduction to Networking 47/84 Figure 1-12: Internet with Three Networks Host B www.pukanui.com 1.3.45.111 55-6B-CC-D4-A7-56 Mobile Client Host Switch Z1 Switch Z2 Switch Packet Frame Z Network Z Router R2 Router Data Link R2-B Mobile Client Computer

48. 企業通訊 2008@mis.NCYU An Introduction to Networking 48/84 Figure 1-12: Internet with Three Networks  In this internet with three networks, in a transmission, –There is one packet –There are three frames (one in each network)  If a packet in an internet must pass through 10 networks, –How many packets will be sent? –How many frames must carry the packet?

49. 企業通訊 2008@mis.NCYU An Introduction to Networking 49/84 10000000101010110001000100001101 Figure 1-13: Converting IP Addresses into Dotted Decimal Notation Divided into 4 bytes. These are segments. 100000001010101100010001 00001101 Dotted decimal notation (4 segments separated by dots) Dotted decimal notation (4 segments separated by dots) IP Address (32 bits long) Convert each byte to decimal (result will be between 0 and 255)* 12817117 13 *The conversion process is described in the Hands On section at the end of the chapter. 128.171.17.13

50. 企業通訊 2008@mis.NCYU An Introduction to Networking 50/84 Figure 1-25: Windows Calculator

51. 企業通訊 2008@mis.NCYU An Introduction to Networking 51/84 Figure 1-14: The Internet, internets, Intranets, and Extranets  The Global Internet –Spelled with a lowercase i, internet means any internet –Spelled with a uppercase I, Internet means the global Internet

52. 企業通訊 2008@mis.NCYU An Introduction to Networking 52/84 Figure 1-14: The Internet, internets, Intranets, and Extranets  The Internet (Figure 1-17) –Host computers –Internet service providers ( ISP s) Required to access the InternetRequired to access the Internet Carry your packets across the InternetCarry your packets across the Internet Collect money to pay for the InternetCollect money to pay for the Internet –The Internet backbone consists of many ISPs ISPs interconnect at Network access points ( NAP s) to exchange cross-ISP trafficISPs interconnect at Network access points ( NAP s) to exchange cross-ISP traffic  The Internet is a collection of independent commercial ISPs.

53. 企業通訊 2008@mis.NCYU An Introduction to Networking 53/84 Figure 1-17: The Internet User PC’s Internet Service Provider Webserver’s Internet Service Provider ISP User PC Host Computer Webserver Host Computer NAP = Network Access Point Router NAP ISP Internet Backbone (Multiple ISP Carriers) Access Line Access Line

54. 企業通訊 2008@mis.NCYU An Introduction to Networking 54/84 Figure 1-18: Subnets in an Internet LAN 1 LAN 2 Note:Subnets are single networks (collections of switches, transmission lines) Often just show subnets as lines in internet diagrams. Router R1 Router R3 Router R4 Router R2 LAN Subnet 10.1.x.x WAN Subnet 123.x.x.x LAN Subnet 60.4.3.x LAN Subnet 10.2.x.x LAN Subnet 10.3.x.x LAN Subnet 60.4.15.x LAN Subnet 60.4.7.x LAN Subnet 60.4.131.x

55. 企業通訊 2008@mis.NCYU An Introduction to Networking 55/84 Figure 1-19: Terminology Differences for Single- Network and Internet Professionals By Single-Network Professionals By Internet Professionals By Internet Professionals Single Networks Are Called Networks Subnets Internets Are Called Internets Networks In this book, to avoid confusion, we will call internets “internets” and subnets “single networks” Internet specialists and single-network specialists use conflicting terminology:

56. 企業通訊 2008@mis.NCYU An Introduction to Networking 56/84 Figure 1-14: The Internet, internets, Intranets, and Extranets  Intranet s –An intranet is an internal internet for use within an organization –Based on the TCP/IP standards created for the Internet “Intra” means “within”

57. 企業通訊 2008@mis.NCYU An Introduction to Networking 57/84 Figure 1-14: The Internet, internets, Intranets, and Extranets  Extranet s –To connect multiple firms Only some computers from each firm are on the extranetOnly some computers from each firm are on the extranet –Use TCP/IP standards “Extra” means “outside”

58. 企業通訊 2008@mis.NCYU An Introduction to Networking 58/84 Figure 1-14: The Internet, internets, Intranets, and Extranets  Intranets, Extranets, and the Internet –Confusingly, both intranets and extranets can use the Internet for some of their transmission capacity –Although intranets operate within firms, firms have many sites. Site-to-site communication within an intranet may use the Internet for transmission.Site-to-site communication within an intranet may use the Internet for transmission. –In an extranet, the companies may use the Internet to reach one another.

59. 企業通訊 2008@mis.NCYU An Introduction to Networking 59/84 The Internet  No central computer system –but has communication standards (IP-based)  No governing body –but have many international advisory and standard groups: ISOC, W3C, IETF, TWNIC…  No one owns it –composed of many networks owned by commercial ISPs, educational/research/government organizations… 6-13 補充補充

60. 企業通訊 2008@mis.NCYU An Introduction to Networking 60/84 Internet World Stats 補充補充 2007 年底 : 1,319,872,109

61. 企業通訊 2008@mis.NCYU An Introduction to Networking 61/84 Internet World Stats (cont.) 補充補充

62. 企業通訊 2008@mis.NCYU An Introduction to Networking 62/84 Internet Traffic Report http://www.internettrafficreport.com/ 補充補充

63. 企業通訊 2008@mis.NCYU An Introduction to Networking 63/84 Figure 1-15: Routers (19 inches / 48 cm Wide)

64. 企業通訊 2008@mis.NCYU An Introduction to Networking 64/84 Figure 1-20: IP Address Management  Every host must have a unique IP address –Server hosts are given static IP addresses (unchanging) ？： Server 真得固定 IP 嗎？ –Clients get dynamic (temporary) IP addresses that may be different each time they use an internet  Dynamic Host Configuration Protocol ( DHCP ) Clients get these dynamic IP addresses from DHCP servers (Figure 1-21)Clients get these dynamic IP addresses from DHCP servers (Figure 1-21)

65. 企業通訊 2008@mis.NCYU An Introduction to Networking 65/84 Figure 1-21: Dynamic Host Configuration Protocol (DHCP) Client PC A3-4E-CD-59-28-7F DHCP Server DHCP Request Message: “My 48-bit Ethernet address is A3-4E-CD-59-28-7F. Please give me a 32-bit IP address.” Pool of IP Addresses 10.1.1.22 10.1.1.23 … 10.1.1.22 10.1.1.23 … Client 如何知道 DHCP Server 的位置 (IP)?

66. 企業通訊 2008@mis.NCYU An Introduction to Networking 66/84 Figure 1-21: Dynamic Host Configuration Protocol (DHCP) Client PC A3-4E-CD-59-28-7F DHCP Server DHCP Response Message: “Computer at A3-4E-CD-59-28-7F, your 32-bit IP address is 11010000101111101010101100000010”. (Usually other configuration parameters as well.) Pool of IP Addresses 10.1.1.22 10.1.1.23 … 10.1.1.22 10.1.1.23 …

67. 企業通訊 2008@mis.NCYU An Introduction to Networking 67/84 Figure 1-20: IP Address Management  Domain Name System ( DNS ) –IP addresses are official addresses on the Internet and other internets –Hosts can also have host names (e.g., www.ncyu.edu.tw ) Not official—like nicknamesNot official—like nicknames DNS addressDNS address –If you only know the host name of a host that you want to reach, your computer must learn its IP address DNS servers tell our computer the IP address of a target host whose name you know. (Figure 1-22)DNS servers tell our computer the IP address of a target host whose name you know. (Figure 1-22) DNS Address = Host Name + Domain Name = www.mis.ncyu.edu.tw

68. 企業通訊 2008@mis.NCYU An Introduction to Networking 68/84 Figure 1-22: The Domain Name System (DNS) 1. Client Host wishes to reach Voyager.cba.hawaii.edu ; Needs to know its IP Address 2. Sends DNS Request Message “The host name is Voyager.cba.hawaii.edu” Host NameIP Address…… Voyager.cba.hawaii.edu128.171.17.13… Host NameIP Address…… Voyager.cba.hawaii.edu128.171.17.13… DNS Table DNS Host Client Host Voyager.cba.hawaii.edu 128.171.17.13

69. 企業通訊 2008@mis.NCYU An Introduction to Networking 69/84 Host NameIP Address…… Voyager.cba.hawaii.edu128.171.17.13… Host NameIP Address…… Voyager.cba.hawaii.edu128.171.17.13… DNS Table DNS Host Figure 1-22: The Domain Name System (DNS) 4. DNS Response Message “The IP address is 128.171.17.13” 5. Client sends packets to 128.171.17.13 3. DNS Host looks up IP address Client 如何知道 DNS Server 的位置 (IP)? Client Host Voyager.cba.hawaii.edu 128.171.17.13

70. 企業通訊 2008@mis.NCYU An Introduction to Networking 70/84 Figure 1-22: The Domain Name System (DNS) Host NameIP Address…… Voyager.cba.hawaii.edu128.171.17.13… Host NameIP Address…… Voyager.cba.hawaii.edu128.171.17.13… DNS Table Client Host 1. DNS Request Message Another DNS Host Local DNS Host 3. DNS Response Message The local DNS host sends back the response; the user is unaware that other DNS hosts were involved The local DNS host sends back the response; the user is unaware that other DNS hosts were involved If local DNS host does not have the target host’s IP address, it contacts other DNS hosts to get the IP address If local DNS host does not have the target host’s IP address, it contacts other DNS hosts to get the IP address 2. Request & Response

71. Part VI: Security

72. 企業通訊 2008@mis.NCYU An Introduction to Networking 72/84 Figure 1-23: Firewall and Hardened Hosts Legitimate Host Legitimate Packet Border Firewall Hardened Server Allowed Legitimate Packet Hardened Client PC Internal Corporate Network Border firewall should pass legitimate packets Border firewall should pass legitimate packets The Internet Attacker Log File

73. 企業通訊 2008@mis.NCYU An Introduction to Networking 73/84 Figure 1-23: Firewall and Hardened Hosts Legitimate Host Attack Packet Denied Attack Packet Hardened Server Hardened Client PC Internal Corporate Network Border firewall should deny ( drop ) and log attack packets Border firewall should deny ( drop ) and log attack packets The Internet Border Firewall Attacker Log File

74. 企業通訊 2008@mis.NCYU An Introduction to Networking 74/84 Figure 1-23: Firewall and Hardened Hosts Legitimate Host Attacker Attack Packet The Internet Border Firewall Attack Packet Attack Packet Log File Hosts should be hardened against attack packets that get through Hosts should be hardened against attack packets that get through Hardened Server Hardened Client PC Anti-virus personal firewall Cryptographic protections

75. 企業通訊 2008@mis.NCYU An Introduction to Networking 75/84 Figure 1-24: Cryptographic Protections  Cryptography –The use of mathematical operations (?) to thwart attacks on message exchanges between pairs of communicating parties (people, programs, or devices)  Cryptography is Expensive –Usually only sensitive communications are cryptographically secured  Cryptographic Protection begins with Initial Authentication –Determine the other party’s identity to thwart impostors （騙子）

76. 企業通訊 2008@mis.NCYU An Introduction to Networking 76/84 Figure 1-24: Cryptographic Protections  Message-by-Message Protections –Encryption to provide confidentiality so that an eavesdropper cannot reach intercepted messages –Electronic signatures (Digital signatures) provide message- by-message authentication to prevent the insertion of messages by an impostor after initial authentication –Electronic signatures usually also provide message integrity; this tells the receiver whether anyone has changed the message en route

77. Recap

78. 企業通訊 2008@mis.NCYU An Introduction to Networking 78/84 Network Elements: Recap  Applications (the only element that users care about)  Computers –Clients –Servers  Switches and Routers  Transmission Lines –Trunk lines –Access Lines  Messages (Frames)  Wireless Access Points Never talk about an innovation “reducing cost,” “increasing speed,” etc. without specifying which element is cheaper or faster. For example, multiplexing only reduces the cost of trunk lines; other costs are not decreased Never talk about an innovation “reducing cost,” “increasing speed,” etc. without specifying which element is cheaper or faster. For example, multiplexing only reduces the cost of trunk lines; other costs are not decreased

79. 企業通訊 2008@mis.NCYU An Introduction to Networking 79/84 Recap: LANs and WANs  LANs transmit data within corporate sites  WANs transmit data between corporate sites  Each LAN or WAN is a single network  LAN costs are low and speeds are high  WAN costs are high and speeds are lower WAN

80. 企業通訊 2008@mis.NCYU An Introduction to Networking 80/84 LAN WAN LAN Internets  Most firms have multiple LANs and WANs.  They must create internets –An internet is a collection of networks connected by routers so that any application on any host on any single network can communicate with any application on any other host on any other network in the internet. Application Router

81. 企業通訊 2008@mis.NCYU An Introduction to Networking 81/84 LAN WAN LAN Internets  Elements of an Internet –Computers connected to the internet are called hosts Both servers and client PCs are hostsBoth servers and client PCs are hosts –Routers connect the networks of the internet together In contrast, switches forward frames within individual networksIn contrast, switches forward frames within individual networks Router Client PC Host Server Host Router

82. 企業通訊 2008@mis.NCYU An Introduction to Networking 82/84 Internets  Hosts Have Two Addresses  IP Address –This is the host’s official address on its internet –32 bits long –Expressed for people in dotted decimal notation (e.g., 128.171.17.13)  Single Network Addresses –This is the host’s address on its single network –Ethernet addresses, for instance, are 48 bits long –Expressed in hexadecimal notation, e.g., AF-23-9B-E8-67-47

83. 企業通訊 2008@mis.NCYU An Introduction to Networking 83/84 Recap  Switches versus Routers –Switches move frames through a single network (LAN or WAN) –Routers move packets through internets  Messages –Messages in single networks are called frames –Messages in internets are called packets –Packets are encapsulated within (carried inside) frames

84. 企業通訊 2008@mis.NCYU An Introduction to Networking 84/84 Security  Security –Firewalls –Hardened Hosts –Cryptographic security for sensitive dialogues Initial authenticationInitial authentication Encryption for confidentialityEncryption for confidentiality Electronic signatures for authentication and message integrityElectronic signatures for authentication and message integrity