5.1. Introduction to networks.
Section quote:
- "Note that 120 sec is defined in the protocol as the maximum
possible retransmission timeout(RTT). I guess we'll have to use something
other than TCP to talk to the University of Mars."
-- a comment on found on Linux kernel 'tcp.c' source file
Section contents:
5.1.1. Network concepts
I will try to talk about this interconnected subject but I stongly
recommend that you refer to UNIX manual pages and GNU info pages
for each tool, and to the Linux documentation project (TLDP)
HOWTOs. Linux is build from the ground to be network aware
server system, Linux kernel support almost all NICs
and protocols, Linux little kernel has a built in powerful firewall,
and there are servers as kernel modules like TUX web server.
Linux uses IP as it's main protocol (like TCP/IP) but it supports
other protocols like Novel IPX, and AppleTalk.
Many distributions allow you to configure network graphically,
but I'll discuss command line tools because it offer more features,
remember that you have nice GUI tool see
Distribution specific tools appendix.
When we talk about networks usually talk about server-client relationship,
the 'server' offer a 'service' to one or more 'client', this service
access to files, print on a remote printer, query a data base, or even
gateway to access Internet. In Linux server-client relationship is not only
network based but also there are 'file socket' and 'FIFO pipe'
as in X11 server and other daemons. People thinks that an operating system
has a mode to be a server and other to be client, or it can be a server
only if you told the installer so! this is not true,
to have a server you should run a program called daemon
(Disk And Execution Monitor)
that listen to clients requests to offer them a service, each service
is set separately. People may think that the server is a very big
expensive computer with all services, this is totally wrong
we call this idea 'Single Point of Failur' model,
good network design is to have different services on different computers,
this is more secure and reliable.
we call each machine a 'Host', a group of machines is called a 'Domain'
that form a network or subnetwork. The local area networks (LAN)
is a fast network with 10-100 Mbps (Megabits per second) ethernet cards
(an example) and some cards may reach 1Gbps !
but it's for no more than 100 meters long cables. Wide area networks
(WAN) is connected by phone lines (for example) but with
slower speeds as low as tens/hundreds of kilobits per second.
To make a network we need special cards called Network Interface Card (NIC),
like Ethernet cards (the first ethernet device is '/dev/eth0'
and it's interface name 'eth0'), Wireless Wi-Fi cards (the firt Wi-Fi adaptor
interface name is wifi0 which is just an alias for an ethernet NIC),
Modems (the first serial port device is '/dev/ttyS0'
and it's interface is ppp0), Token Ring cards ('tr0' for the first one),
and even with no NIC, Linux uses a virtual device called local loopback
interface ('lo') it's used to connect your computer to ..., well, to itself.
5.1.2. Network addressing.
We give a number to each NIC as it's address, there are many
addressing families supported by Linux like Novel IPX but Linux
favorite one is ARPA inet which is also called Internet Protocol version 4
IPv4 (or simply IP), from Linux first versions it has stable robust
IP implementation, IPv4 is a 32-Bit number usually written as
4 decimal numbers 0-255 splited by '.' in the form 'W.X.Y.Z'.
 Tip
IPv4 has some limitations since it's only 32-Bit,
so the new IPv6 which is 128-bit, not only gives more digits to represent more
hosts and networks, but also it offer more features in speed and reliability.
But it's is not supported by all servers and clients, the new 2.6 Linux kernel
offer very nice support for IPv6 protocols.
| Class | Range | LAN address | Default netmask | netmask as number |
|---|
| Class A | 0.0.0.0-127.255.255.255 | 10.0.0.0-10.255.255.255 | 255.0.0.0 | 8 |
| Class B | 128.0.0.0-191.255.255.255 | 172.16.0.0-172.31.255.255 | 255.255.0.0 | 16 |
| Class C | 192.0.0.0-223.255.255.255 | 192.168.0.0-192.168.255.255 | 255.255.255.0 | 24 |
the host digits should be 1-254 since 0 is for the address of the network
('192.168.17.0' is a network address)
and 255 is for broadcasting ('192.168.15.255' is a broadcasting address).
Host digits are distinguished from network digits using the netmask,
It's just like the address but we put 1's on network digits and 0's on
host digits so we can get the nettwork address with logical 'AND' operation
between the address and the netmask, for example if the address is
'172.18.1.2' and netmask is '255.255.0.0'
this mean that this host is a member of '172.18.0.0' subnetwork.
We can represent the netmask as the number of 1's, in the previous example
the netmask is 16 (we have 2 bytes of 1's this mean 16-Bit),
it's common to write the network address in the form '172.18.0.0/255.255.0.0'
or '172.18.0.0/16', informally '172.18.X.Y'.
Class A has only one network (no subnetworks) all addresses are for hosts,
class B has 16 subnetwork,class C has 256 subnetwork.
Another example '192.168.88.0/24' informally is '192.168.88.X'.
Refere to RFC 1918.
We select how to give address to NIC while installing or with your distribution
network configuring tools, you may use a DHCP server to give you an automatic
dynamic address, in this case one of the boot scripts runs DHCP client that
send a request and wait for answer from the DHCP server which will response with
all needed network configurations like an address for the client host,
the netmask, the gateway and name servers addresses,
that client sends it's requests to 67 port using broadcasting addresses
'0.0.0.0' and '255.255.255.255' (since it does not have configuration yet)
and wait for a response from port 68, in no such server response (ie. no DHCP
server reachable or exists) then you should use another method
in other words you have to give your host a fixed static address by hand
and explicitly specify all other configuration like Netmask, gateway and name
servers addresses. In both methods this is done by one '/etc/init.d/'
boot scripts and how to configure it depends on your distribution.
5.1.3. Naming computers in a network.
Instead of using numbers people like to use names like 'localhost'
is the name of '127.0.0.1', we start from the smallest (host)
and we put '.' as a delimiter like 'localhost.localdomain'
and this is a real example 'www.linuxbox.net'
is the address of the web server 'www' on 'linuxbox' subnet on a network 'net',
like if we talk a file name '/net/linuxbox/www'
in backword order. As we have absolute file names for files we have
Fully Qualified Domain Name for networks, this is the
full name, host name '.' subnetwork '.' ... etc.
Each host can have a list of host names and their address.
in the file '/etc/hosts' like this example :
# This is a simple '/etc/hosts'
# Address Names
127.0.0.1 localhost localhost.localdomain
192.168.10.1 linuxbox
192.168.0.1 proxy gateway
192.168.0.3 ns
#/etc/resolv.conf
domain foo.mynet.com
search foo.mynet.com mynet.com
name server 192.168.0.3
#/etc/nsswitch.conf:
#...
hosts: files dns
#...
5.1.4. Protocols and ports.
Data are send from/to a network it's encapsulated in a special format
called 'pocket', pocket structure differs from a protocol to another,
how and where to save 'source' and 'destination' addresses,what anti-interference
checksum to use (like parity checks or CRC checks) ... etc.
Main three protocols are ICMP,UDP and TCP, the first protocol 'ICMP' is used
for diagnostic purose, it's not used to establish a connection,
the other two protocols need a port number along with the destination address,
each port on the server corresponds to a service or subprotocol,
for example the web protocol 'http' corresponds to TCP port number 80.
On TCP and UDP protocols connection is done in 3 steps,
a 'new' request from a client, some 'related' conversation between
the server and the client to open a channel, if the server agrees
then they 'establish' a connection. The address usually is written
in a human readable format called URL in the following format:
'protocol://[user[:password]@]host.somenet.edu[:port]/'
where 'user', 'password' and 'port' are optional for example
'smb://ahmad:dontlook@172.22.0.5/'
and 'http://proxy.mynet.com:8080/'
all protocol names like 'http', 'ftp', and 'smb' can be found on the file
'/etc/protocols', the file '/etc/services'
contains port numbers and corresponding services and protocols.
this file is used by 'inetd' super service which is replaced
by other super service 'xinetd' which does not use the same file
(it uses many files, one for each service) although this file
do exist, but it maybe not updated, see Port numbers appendix.
5.1.5. Network topologies.
A mathematics topic called topology talks about sets it's elements
are also sets and discuss operations and relations between them,
this maybe the root of this term. Each network topology has addressing
family, specific NICs and cables.
The most simple way to connect two hosts is via
'Point to Point Protocol' or 'pear to pear' and 'ppp' for short,
each host is connect to the other one using a special cable
together they form a network. Each host is conneted to one host so there
is no need for addressing. Any (or both) of those two host may
connect to other networks using different NIC this does not count.
For example, when you connect to you dialup ISP, you are using ppp,
you TCP/IP Internet connection is converted to a stream and send to
your ISP (between you and your ISP no addressing needed), and there
the stream is converted back to TCP/IP pockets and goes to the Internet.
You may connect two computers via the serial port of each (with or without a modem)
or even the parallel port (the printer port), this is not common becuase
it's too slow compared to ethernet card.
If you connect two computers using ethernet cards this is not a 'ppp'
even though it look's physically like it, ethernet NIC takes IP address.
|
|
In 'token ring' topology pocket is send from host to next host in the ring
until it reaches it's target, each host is connected to two hosts,
the previous and the next, using a special NIC with a 'T' shaped
connector the cable come in from side of the previous host and
out from the other side to the next host to form a ring,
see www.linuxtr.net.
When a host receives pockets not directed to itself, it pass them
to the next host and so on, we call sending pockets in a mechanism
that many other hosts receive them 'broadcasting' the same way radio
station broadcast to every body.
Token ring cards are not common because if one is down
all the ring will be down. Virtually you may call any broadcasting based
topology a ring, as hosts connected using ethernet cards and a central
'broadcasting hup', the hup is the ring, also you may get a ring like network
using a '10base2' cabled with 'T pieces' on each host
and at both ends we but a terminator resistor (50 ohm) (to absorb signals so
they don't reflect), those two examples are logically rings and have
it's problems like low bandwidth (transmission speed) and enable
a local sniffers to spy on other hosts.
|
|
Star shaped networks has a central point all hosts connect to it,
this center a 'switched hup' (switch for short), or a computer with
many ethernet cards. This is very common LAN topology, to connect
ethernet cards in a host using a 10baseT (twisted-pair) cable
to switch. if 'a' want to send 'b' somthing it send it to
the central point then it send it to 'b', if 'c' is listening/sniffing
it will not catch any thing.
|
|
The way the network looks and how cables are shped need not reflect
the real topology of the network. As we say before about hosts connected
to a central 'broadcasting hup' looks physically like a star but it's logically
a ring because pockets are broadcasted to every host, but unlike token rings
if a host is down this does NOT affect other hosts or the network.
Information here are too simplified for demonstration purpose.
A mixed network could have more than one model.
hosts in room 'B1' is connected to a 'broadcasting hup',
hosts in room 'A1' is connected to a 'switched hup', rooms switches are
connected to a 'Linux router' ,
one of the hosts is connected to Internet using a modem with 'ppp' model,
to ISP server, this host is used as a 'gateway' that gives Internet access all
hosts in building 'A', it's also can work as a firewall.
the hardware 'router' (like cisco routers) is used to connect networks to each other
and make the decision 'this pocket addressed to W.X.Y.Z will go on this
or that cable', a computer with Linux and many NICs can be used as a router
as the one on build A.
Some detials were removed for simplification like modems and ISP server.
Hosts in room 'A1' take addresses in the form '192.168.10.X'
and room 'A2' addresses are '192.168.20.X',
hosts in building 'B' could take the same address without
any confusion since the LAN is not visible on the Internet
(unless we plan to use VPN) .
assume that host 1 in room 'B1' with address '172.17.0.1' sends a pocket
to a host in room 'B2' with address '172.18.0.1', all
node connected to B1 hup will receive this pocket including the router
this router will send the pocket to B2 hup which send it to all hosts
in B2 room including '172.18.0.1', but if it send another pocket
to the public Internet address of ppp0 of A then it will pass through
the hub,then the router which check that it's an external address
send to the proxy, which send it to ISP via the Internet link then it reaches
'192.168.0.1' in A.
Some network topologies use no cables using a special ethernet card called
'WaveLAN' (see www.wavelan.com), it's logically just like any ethernet card
but wireless. If there are two rooms with addresses
'192.168.1.X' and '192.168.2.X'
and a laptop with WaveLAN card, moves from room to room
it will be disconnected and connected again with different address.
This problem is solved using a technology called 'Mobile IP'
in which a host gets a virtual address no matter where it is.
5.1.6. Routing tables.
When a 'pocket' from a host connected using one NIC and one cable to a LAN,
pockets know it's way using this single cable, if there are more that one
NIC and more cables,there than one way pockets could go on
(consider 'lo' as NIC so we have more than one way)
we decide the way it should go based on the address for example
'127.0.0.1' will go to the same machine to 'lo' interface,
and LAN addresses '10.0.0.0/8' will go using ethernet interface,
public WAN addresses will go using the modem ppp interface and phone cables
.. etc. This process is called 'routing', it's decision making of what pocket
go to what interface.
Hardware routers are looks like switches but much more expensive,
it has many ports to plug hosts and networks, it can be remotly
programmed using special protocols like RIP, to have a dynamic
routing tables. A Linux box with many ethernet cards can work as
a router using kernel static routing tables that can be manipulated using
'route' command also there are servers that support dynamic routing tables
like 'routed' and 'gated' which support many protocols.
|
Best viewed with free web browsers
You may get more high quality software
from here for free
Generously Hosted by www.JadMadi.net
|
