0
TCP/IP Introduction 智匯亞洲有限公司 Commverge Solutions, Taiwan FEGTS IP Training 2010/11/5, Taipei
Course Objects <ul><li>Introduce modern network and TCP/IP fundament </li></ul>
Course Scope <ul><li>Major scope </li></ul><ul><ul><li>網路傳輸基礎介紹 </li></ul></ul><ul><ul><li>常見網路設備介紹﹙一﹚ </li></ul></ul><ul>...
Course Content <ul><li>Some course slides content comes from: </li></ul><ul><ul><li>Internetworking With TCP/IP Volume 1: ...
Course Schedule Review Test 5:30pm ~ 6:00pm TCP/IP Application 4:00pm ~ 5:30pm Break Protocol – ICMP, TCP and UDP 2:00pm ~...
About the Trainer <ul><li>Kae Hsu﹙ 許至凱﹚ </li></ul><ul><ul><li>Commverge Solutions – Taiwan </li></ul></ul><ul><ul><ul><li>...
網路傳輸基礎介紹 <ul><li>常見網路傳輸介質 </li></ul><ul><li>網路傳輸類別 </li></ul><ul><li>傳輸協定 </li></ul><ul><li>常見網路障礙分類 </li></ul>
如何傳遞訊號 ? <ul><li>在通訊環境裡,資料最後還是會被轉換成 0 與 1 進行傳送 </li></ul><ul><ul><li>使用電流進行訊號交換;例如 </li></ul></ul><ul><ul><ul><li>用高電位 ( 5...
常見網路傳輸介質 <ul><li>銅線 </li></ul><ul><ul><li>無遮罩雙絞線﹙ Unshielded Twisted Pair ﹚ </li></ul></ul><ul><ul><ul><li>Category 3 </li...
常見網路傳輸介質 <ul><li>UTP 收 / 送方向討論 </li></ul><ul><ul><li>在 Ethernet 家族, UTP 使用四對絞線中其中二對進行傳輸 </li></ul></ul><ul><ul><ul><li>一對為...
光通訊的掘起 <ul><li>使用銅線為介質所面臨的瓶頸 </li></ul><ul><ul><li>線材重、耗能 </li></ul></ul><ul><ul><li>容量小 </li></ul></ul><ul><ul><li>有效傳輸距離...
常見光傳輸元件 <ul><li>光纖 </li></ul><ul><ul><li>多模光纖( Multi-mode Fiber , MMF ) </li></ul></ul><ul><ul><ul><li>光纖直徑: 50/125μm 、 62...
常見光傳輸元件 <ul><li>光放大器 </li></ul><ul><ul><li>在電傳輸世界,可直接放大電流增加傳輸距離 </li></ul></ul><ul><ul><li>光具獨立性,難以直接增強既有光源功率 </li></ul></...
網路傳輸類別 <ul><li>專線( Leased Line ) </li></ul><ul><ul><li>T1/E1 </li></ul></ul><ul><ul><ul><li>T1 : 1.544Mbps </li></ul></ul>...
SONET/SDH rates 3.3333% 1327.10 39813.12 STM-256 OC-768 STS-768 3.3334% 331.78 9953.28 STM-64 OC-192 STS-192 3.3332% 82.94...
Wavelength-division multiplexing (WDM) <ul><li>Multiplex different wavelengths light into a single optical fiber </li></ul...
Unchannelized, Channelized <ul><li>Use DS3 as the example </li></ul><ul><li>Unchannelized T3 </li></ul><ul><ul><li>All slo...
Ethernet Family <ul><li>Ethernet </li></ul><ul><ul><li>10Mbps </li></ul></ul><ul><ul><ul><li>10Base2, 10Base5, 10BaseT </l...
傳輸協定 <ul><li>Layer 1 protocol </li></ul><ul><ul><li>T1 、 E1 、 T3 、 E3 、 SONET/SDH </li></ul></ul><ul><li>Layer 2 protocol ...
傳輸協定 <ul><li>Frame Relay </li></ul><ul><ul><li>多用於早期 VPN 網路佈建協定( 1980~1990 ) </li></ul></ul><ul><ul><li>已被 MPLS 取代 </li></...
傳輸協定 <ul><li>Multiprotocol Label Switching (MPLS) </li></ul><ul><ul><li>Packet switching enhancement </li></ul></ul><ul><u...
常見網路障礙分類 <ul><li>斷線 </li></ul><ul><ul><li>原因 </li></ul></ul><ul><ul><ul><li>實體電路或光纖損壞 </li></ul></ul></ul><ul><ul><ul><li>...
常見網路障礙分類 <ul><li>壅塞 </li></ul><ul><ul><li>原因 </li></ul></ul><ul><ul><ul><li>網路流量大於電路容量 </li></ul></ul></ul><ul><ul><li>影響 ...
常見網路設備介紹﹙一﹚ <ul><li>專線 </li></ul><ul><ul><li>CSU/DSU ( Channel Service Unit/Data Service Unit ) </li></ul></ul><ul><ul><ul...
常見網路設備介紹﹙一﹚ <ul><li>Ethernet </li></ul><ul><ul><li>過時的設備 </li></ul></ul><ul><ul><ul><li>Repeater </li></ul></ul></ul><ul><...
IP 介紹 <ul><li>ARP </li></ul><ul><li>IP 位址 </li></ul><ul><li>IP 路由 </li></ul><ul><li>IP 封包介紹 </li></ul>
ARP <ul><li>IP 位址是一抽象化資料,無法直接用在資料傳遞 </li></ul><ul><ul><li>資料傳遞需藉由實體網路完成 </li></ul></ul><ul><li>ARP - Address Resolution Pr...
Ethernet 硬體位址 <ul><li>Ethernet 位址長度: 48bits </li></ul><ul><ul><li>表示法: 16 進位表示法 </li></ul></ul><ul><ul><ul><li>16 進位: 0 ~ ...
ARP 運作 <ul><li>建立 IP 位址與硬體位址對映 </li></ul><ul><ul><li>Machine A broadcasts ARP request with B’s IP address </li></ul></ul><...
Illustration Of ARP Request And Reply Messages
使用 ARP 察看網路狀況 <ul><li>檢視電腦 ARP table </li></ul><ul><ul><li>“ arp –a” </li></ul></ul><ul><ul><li>Example </li></ul></ul>
使用 ARP 察看網路狀況 <ul><li>檢視設備 ARP table </li></ul><ul><ul><li>“ show arp” </li></ul></ul><ul><ul><li>Example </li></ul></ul>
Internet Protocol <ul><li>Internet Protocol </li></ul><ul><ul><li>Internet 封包交換標準 </li></ul></ul><ul><li>IP address </li><...
IP 位址分配與發放 <ul><li>目前最高 IP 管理單位為 IANA </li></ul><ul><ul><li>Internet Assigned Numbers Authority </li></ul></ul><ul><ul><ul...
IP Address Division <ul><li>Address divided into two parts </li></ul><ul><ul><li>Prefix (network ID) identifies network to...
IP address 表示法 <ul><li>為了讀寫與記憶方便, IP 位址多半以十進位表示 </li></ul><ul><ul><li>A 32-bit number in binary </li></ul></ul><ul><li>  1...
IP address 表示法 <ul><li>VLSM - Variable Length Subnet Mask </li></ul><ul><ul><li>以 IP address/Netmask pair 表示 IP 位址 </li></...
VLSM 與 CIDR 對照
特殊的 IP 位址 <ul><li>Network address </li></ul><ul><ul><li>Host field contains all  0  bits </li></ul></ul><ul><li>Limit broa...
特殊的 IP 位址 <ul><li>All zero IP address </li></ul><ul><ul><li>在電腦尚未拿到真正 IP 前做為本機 IP 位址使用 </li></ul></ul><ul><ul><ul><li>只能當做...
特殊的 IP 位址 <ul><li>Multicast address </li></ul><ul><ul><li>32bit 表示法 </li></ul></ul><ul><ul><ul><li>111 XXXXX XXXXXXXX XXXX...
特殊的 IP 位址 <ul><li>無法在 Internet 上出現的 IP 位址 </li></ul><ul><ul><li>10.0.0.0/8 </li></ul></ul><ul><ul><ul><li>Private IP addre...
IP 位址操作 <ul><li>Major concept : </li></ul><ul><ul><li>二進元運算;一切皆按 2 的冪次進行 </li></ul></ul><ul><li>網路分割 </li></ul><ul><ul><li...
IP 位址操作 <ul><li>Example A </li></ul><ul><ul><li>Write the following mask in slash notation (/n): </li></ul></ul><ul><ul><u...
IP 位址操作 <ul><li>Example B </li></ul><ul><ul><li>In a class B subnet, we know the IP address of one of the hosts and the ma...
IP 位址操作 <ul><li>Example C </li></ul><ul><ul><li>Given four IP blocks: 192.168.0.0/23, 192.168.5.0/24, 192.168.12.0/25, 192...
IP 位址操作 <ul><li>Example D </li></ul><ul><ul><li>For IP block 20.0.0.0/8, the first address in a network (network address) ...
IP 位址操作 <ul><li>Example E </li></ul><ul><ul><li>An organization is granted the block 16.0.0.0/18. The administrator wants ...
IP 位址操作 <ul><li>Example F </li></ul><ul><ul><li>An ISP is granted a block of address starting with 120.60.4.0/20. The ISP ...
IP 路由 <ul><li>網路設備需透過 IP 路由資訊了解如何進行封包傳遞 </li></ul><ul><li>網路設備獲得 IP 路由資訊的方式 </li></ul><ul><ul><li>Direct connect </li></ul...
IP 路由資訊 <ul><li>路由表中可含下列種類 IP 路由 </li></ul><ul><ul><li>Network-specific routes </li></ul></ul><ul><ul><ul><li>表達特定網路 IP 路由...
路由器如何選擇路由 ? <ul><li>路由表中有許多 IP 路由資訊,路由器該如何選擇 ? </li></ul><ul><ul><li>依路由表中 IP 路由資訊建立一二元”樹” </li></ul></ul><ul><ul><ul><li>...
Longest-Prefix Matching 怎麼運作 ? <ul><li>依路由表資訊建立” unique prefix list” </li></ul><ul><ul><li>用最少位元區別出路由表中所有 IP 路由資訊 </li></u...
Longest-Prefix Matching 怎麼運作 ? <ul><li>對照欲轉送封包 IP 位址與該二元樹得知結果 </li></ul><ul><ul><li>Example : 89.2.100.170 </li></ul></ul>...
路由表長什麼樣子 ? <ul><li>Example : Cisco IOS </li></ul>
路由表長什麼樣子 ? <ul><li>Example : Juniper Junos </li></ul>
路由表長什麼樣子 ? <ul><li>Example : Linux </li></ul>
IP 封包 <ul><li>IP 封包攜帶資訊 </li></ul><ul><ul><li>IP 封包與其下層網路關聯 </li></ul></ul>
IP 封包資訊 –  address <ul><li>Destination IP address </li></ul><ul><ul><li>IP 位址錯誤,無法傳送至正確目的 </li></ul></ul><ul><li>Source IP...
IP 封包資訊 –  fragmentation <ul><li>Fragmentation </li></ul><ul><ul><li>各類網路介面其 MTU ( Maximum Transmission Unit )大小不一;換算至 IP ...
IP 封包資訊 –  fragmentation <ul><li>遇 MTU 較小網路時, IP 封包需要被切割 </li></ul><ul><ul><li>Performed by routers </li></ul></ul><ul><ul...
IP 封包資訊 –  Time-to-Live <ul><li>TTL field of datagram header decremented at each hop (i.e., each router) </li></ul><ul><ul...
IP 封包轉送特色 <ul><li>IP uses best-effort delivery </li></ul><ul><ul><li>Makes an attempt to deliver </li></ul></ul><ul><ul><l...
ICMP/TCP/UDP 介紹 <ul><li>通訊協定分層 </li></ul><ul><li>ICMP - ERROR AND CONTROL MESSAGES </li></ul><ul><li>TCP - RELIABLE STREAM...
通訊協定分層 <ul><li>Motivation For Layering </li></ul><ul><ul><li>Communication is difficult to understand </li></ul></ul><ul><...
Protocol Layering <ul><li>Concept </li></ul><ul><ul><li>Separates protocol functionality </li></ul></ul><ul><ul><li>Each l...
實際分層情況
Examples Of Layering <ul><li>Two models exist </li></ul><ul><li>ISO 7-layer reference model for Open System Interconnectio...
ISO 7-Layer Reference Model
TCP/IP 5-Layer Reference Model
TCP/IP Layer <ul><li>Layer 1 - physical hardware </li></ul><ul><ul><li>Defines electrical signals used in communication </...
TCP/IP Layer 3: Internet <ul><li>Layer 3 - Internet </li></ul><ul><ul><li>Protocol is IP </li></ul></ul><ul><ul><ul><li>Ma...
The Layering Principle <ul><li>Software implementing layer n at the destination receives exactly the message sent by softw...
Illustration Of Layering In An Internet
Handling Multiple Protocols Per Layer <ul><li>Sender places field in header to say which protocol used at each layer </li>...
Example Of Demultiplexing Performed By IP
Example Of Demultiplexing Performed By TCP <ul><li>TCP is part of operating system </li></ul><ul><li>Transfer to applicati...
ERROR AND CONTROL MESSAGES – ICMP <ul><li>Errors In Packet Switching Networks </li></ul><ul><ul><li>Causes include </li></...
Error Reporting Mechanism <ul><li>Named Internet Control Message Protocol (ICMP) </li></ul><ul><ul><li>Required and integr...
Error Reporting Vs. Error Correction <ul><li>ICMP does not </li></ul><ul><ul><li>Provide interaction between a router and ...
ICMP Message Encapsulation <ul><li>ICMP message has header and data area </li></ul><ul><li>Complete ICMP message is treate...
ICMP Message Format <ul><li>Multiple message types </li></ul><ul><li>Each message has its own format </li></ul><ul><li>Mes...
ICMP Message Types
Example ICMP Message (ICMP Echo Request/Reply) <ul><li>Sent by  ping  program </li></ul><ul><li>Used to test reachability ...
Example ICMP Message (Destination Unreachable) <ul><li>Used to report that datagram could not be delivered </li></ul><ul><...
Example ICMP Message (Destination Unreachable)
Example ICMP Message (Time Exceeded) <ul><li>At least one fragment failed to arrive, or </li></ul><ul><li>TTL field in IP ...
RELIABLE STREAM TRANSPORT SERVICE - TCP <ul><li>Transmission Control Protocol (TCP) </li></ul><ul><ul><li>Major transport ...
TCP Characteristics <ul><li>Stream orientation </li></ul><ul><li>Buffered transfer </li></ul><ul><li>Full duplex connectio...
Illustration Of Acknowledgements <ul><ul><ul><li>Time moves from top to bottom in the diagram </li></ul></ul></ul>
Illustration Of Recovery After Packet Loss
Sliding Window <ul><li>The Problem With Simplistic PAR </li></ul><ul><li>A simple positive acknowledgement protocol wastes...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: Ol...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: Da...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: AC...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <u...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <u...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <u...
Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <u...
Layering Of The Three Major Protocols
TCP Ports, Connections, And Endpoints <ul><li>Endpoint of communication is application program </li></ul><ul><li>TCP uses ...
TCP Segment Format
TCP Retransmission <ul><li>Designed for Internet environment </li></ul><ul><ul><li>Delays on one connection vary over time...
Adaptive Retransmission Issue <ul><li>Difficulties With Adaptive Retransmission </li></ul><ul><ul><li>The problem is knowi...
Solution: Smoothing <ul><li>Adaptive retransmission schemes keep a statistically smoothed round-trip estimate </li></ul><u...
Flow Control And Congestion Control <ul><li>Flow Control </li></ul><ul><ul><li>Receiver advertises window that specifies h...
TCP Performance Factors <ul><ul><li>Flow control </li></ul></ul><ul><ul><ul><li>Window Size Adjustment </li></ul></ul></ul...
TCP Performance Factors <ul><ul><li>Congestion Control </li></ul></ul><ul><ul><ul><li>Flow control 讓接收端控制進入之流量,避免 buffer o...
TCP Performance Factors <ul><ul><ul><li>Slow start </li></ul></ul></ul><ul><ul><ul><ul><li>TCP connection 剛建立時,使用小的 window...
TCP Performance Factors <ul><ul><ul><li>Congestion avoidance </li></ul></ul></ul><ul><ul><ul><ul><li>在此階段 : </li></ul></ul...
TCP Performance Factors <ul><ul><ul><li>Slow start & Congestion avoidance characteristic </li></ul></ul></ul>
TCP Connection Details <ul><li>Connections started reliably, and terminated gracefully </li></ul><ul><ul><li>Connection es...
TCP Finite State Machine
TCP State – real case <ul><li>Command :” netstat –na” </li></ul>
USER DATAGRAM PROTOCOL (UDP) <ul><li>User Datagram Protocol </li></ul><ul><ul><li>Transport-layer protocol (Layer 4) </li>...
Port Numbers In A UDP Message <ul><li>SOURCE PORT identifies application on original source computer </li></ul><ul><li>DES...
Position Of UDP In Protocol Stack <ul><li>UDP lies between applications and IP </li></ul>
UDP Encapsulation
Demultiplexing Based On UDP Protocol Port Number
Assignment Of UDP Port Numbers <ul><li>Small numbers reserved for specific services </li></ul><ul><ul><li>Called well-know...
Examples Of Assigned UDP Port Numbers
常見應用程式介紹 <ul><li>名稱解析 </li></ul><ul><li>遠端登入 </li></ul><ul><li>檔案傳輸與存取 </li></ul><ul><li>電子郵件 </li></ul><ul><li>全球資訊網 </li...
Client-Server Interaction <ul><li>Client </li></ul><ul><ul><li>Invoked by user </li></ul></ul><ul><ul><li>Forms connection...
名稱解析 <ul><li>IP 位址不容易記憶 </li></ul><ul><ul><li>使用”名字”來替主機取名 </li></ul></ul><ul><li>電腦仍需要靠 IP 位址來運作 </li></ul><ul><ul><li>DN...
遠端登入 <ul><li>文字介面( CLI ) </li></ul><ul><ul><li>telnet ( TCP , port 23 ) </li></ul></ul><ul><ul><li>rlogin ( TCP , port 513...
Illustration Of TELNET
檔案傳輸與存取 <ul><li>Always a popular application </li></ul><ul><li>Two basic paradigms </li></ul><ul><ul><li>Whole-file copyin...
NFS Implementation
電子郵件 <ul><li>Among most widely used Internet services </li></ul><ul><li>Protocols for email : </li></ul><ul><ul><li>Simple...
Example Of SMTP <ul><li>S: 220 Beta.GOV Simple Mail Transfer Service Ready </li></ul><ul><li>C: HELO Alpha.EDU </li></ul><...
Multipurpose Internet Mail Extensions (MIME) <ul><li>Permits nontextual data to be sent in email </li></ul><ul><ul><li>Gra...
Example Of Mixed / Multipart Message
全球資訊網 <ul><li>Distributed hypermedia paradigm </li></ul><ul><li>Major service on the Internet </li></ul>
Web Page Identifier <ul><li>Known as Uniform Resource Locator (URL) </li></ul><ul><li>Encodes </li></ul><ul><ul><li>Access...
Web Standards <ul><li>Separate standards for </li></ul><ul><ul><li>Representation </li></ul></ul><ul><ul><ul><li>HyperText...
HTTP Operation <ul><li>Browser sends requests to which server replies </li></ul><ul><li>Typical request: GET used to fetch...
網路管理 <ul><li>Early network systems used two approaches </li></ul><ul><ul><li>Separate, parallel management network </li></...
Architecture Model
Terminology <ul><li>Agent </li></ul><ul><ul><li>Runs on arbitrary system (e.g., a router) </li></ul></ul><ul><ul><li>Respo...
Simple Network Management Protocol (SNMP) <ul><li>Specifies communication between manager’s workstation and managed entity...
Application Troubleshooting <ul><li>Network troubleshooting </li></ul><ul><ul><li>Ping </li></ul></ul><ul><ul><ul><li>偵測目標...
Application Troubleshooting <ul><li>TCP troubleshooting </li></ul><ul><ul><li>偵測目標主機 TCP 狀況: </li></ul></ul><ul><ul><li>確認...
Application Troubleshooting
常見網路設備介紹﹙二﹚ <ul><li>路由器 </li></ul><ul><ul><li>Layer 3 device </li></ul></ul><ul><ul><li>主要以 destination IP address 為轉送依據 <...
常見網路設備介紹﹙二﹚ <ul><li>交換器 </li></ul><ul><ul><li>L3 switch </li></ul></ul><ul><ul><li>L4 switch </li></ul></ul><ul><ul><li>L7...
Reference <ul><li>TCP/IP </li></ul><ul><ul><li>TCP-IP.Illustrated,.Volume.1 </li></ul></ul><ul><ul><ul><li>W. Richard Stev...
課堂練習與課後測驗解答
課堂練習 <ul><li>Example A </li></ul><ul><ul><li>Write the following mask in slash notation (/n): </li></ul></ul><ul><ul><ul><...
課堂練習 <ul><li>Example B </li></ul><ul><ul><li>In a class B subnet, we know the IP address of one of the hosts and the mask ...
課堂練習 <ul><li>Example C </li></ul><ul><ul><li>Given four IP blocks: 192.168.0.0/23, 192.168.5.0/24, 192.168.12.0/25, 192.16...
課堂練習 <ul><li>Example D </li></ul><ul><ul><li>For IP block 20.0.0.0/8, the first address in a network (network address) is ...
課堂練習 <ul><li>Example E </li></ul><ul><ul><li>An organization is granted the block 16.0.0.0/18. The administrator wants to ...
課堂練習 <ul><li>Example F </li></ul><ul><ul><li>An ISP is granted a block of address starting with 120.60.4.0/20. The ISP wan...
課後測驗 <ul><li>Review 1 </li></ul><ul><ul><li>Choose components are DEDICATED for optical transmission? (Choose THREE best a...
課後測驗 <ul><li>Review 2 </li></ul><ul><ul><li>Which IP addresses could be configured on a computer? (Choose TWO best answers...
課後測驗 <ul><li>Review 3 </li></ul><ul><ul><li>For IP block 69.0.0.0: </li></ul></ul><ul><ul><li>Does it belong class A, B or...
課後測驗 <ul><li>Review 4 </li></ul><ul><ul><li>Which network address are invalid on Internet? (Choose FOUR best answers)(10 p...
課後測驗 <ul><li>Review 5 </li></ul><ul><ul><li>Choose options related Time-to-Live field in IP header? (Choose TWO best answe...
課後測驗 <ul><li>Review 6 </li></ul><ul><ul><li>Choose features related TCP? (Choose THREE best answers)(10 points) </li></ul>...
課後測驗 <ul><li>Review 7 </li></ul><ul><ul><li>Choose options about identifying a TCP flow? (Choose THREE best answers)(10 po...
課後測驗 <ul><li>Review 8 </li></ul><ul><ul><li>Which TCP feature cause Denied-of-Service attack? (Choose ONE best answer)(5 p...
課後測驗 <ul><li>Review 9 </li></ul><ul><ul><li>Which protocol provide similar function with RARP (Reverse ARP) and substitute...
課後測驗 <ul><li>Review 10 </li></ul><ul><ul><li>Choose protocols belong TCP application? (Choose THREE best answer)(10 points...
Upcoming SlideShare
Loading in...5
×

FEGTS IP training - TCP/IP Introduction

2,703

Published on

The training material I used in FEGTS IP training in Nov. 1st, 3rd and 5th, 2010
Course Name: TCP/IP Introduction

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,703
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
76
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "FEGTS IP training - TCP/IP Introduction"

  1. 1. TCP/IP Introduction 智匯亞洲有限公司 Commverge Solutions, Taiwan FEGTS IP Training 2010/11/5, Taipei
  2. 2. Course Objects <ul><li>Introduce modern network and TCP/IP fundament </li></ul>
  3. 3. Course Scope <ul><li>Major scope </li></ul><ul><ul><li>網路傳輸基礎介紹 </li></ul></ul><ul><ul><li>常見網路設備介紹﹙一﹚ </li></ul></ul><ul><ul><li>IP 介紹 </li></ul></ul><ul><ul><li>ICMP/TCP/UDP 介紹 </li></ul></ul><ul><ul><li>常見應用程式介紹 </li></ul></ul><ul><ul><li>常見網路設備介紹﹙二﹚ </li></ul></ul>
  4. 4. Course Content <ul><li>Some course slides content comes from: </li></ul><ul><ul><li>Internetworking With TCP/IP Volume 1: Principles, Protocols, and Architecture, 5th Edition </li></ul></ul><ul><ul><ul><li>Douglas E. Comer; Prentice Hall </li></ul></ul></ul><ul><ul><ul><li>Complete slide source: </li></ul></ul></ul><ul><ul><ul><ul><li>http://www.cs.purdue.edu/homes/dec/vol1/vol1_presentation.pdf </li></ul></ul></ul></ul>
  5. 5. Course Schedule Review Test 5:30pm ~ 6:00pm TCP/IP Application 4:00pm ~ 5:30pm Break Protocol – ICMP, TCP and UDP 2:00pm ~ 3:50pm Lunch Break IP Network Introduction 11:00am ~ 12:50pm Break Modern Network Introduction 9:00am ~ 10:50am Agenda Time
  6. 6. About the Trainer <ul><li>Kae Hsu﹙ 許至凱﹚ </li></ul><ul><ul><li>Commverge Solutions – Taiwan </li></ul></ul><ul><ul><ul><li>[email_address] </li></ul></ul></ul><ul><ul><li>http:// tw.linkedin.com/in/kaehsu </li></ul></ul>
  7. 7. 網路傳輸基礎介紹 <ul><li>常見網路傳輸介質 </li></ul><ul><li>網路傳輸類別 </li></ul><ul><li>傳輸協定 </li></ul><ul><li>常見網路障礙分類 </li></ul>
  8. 8. 如何傳遞訊號 ? <ul><li>在通訊環境裡,資料最後還是會被轉換成 0 與 1 進行傳送 </li></ul><ul><ul><li>使用電流進行訊號交換;例如 </li></ul></ul><ul><ul><ul><li>用高電位 ( 5V or 0V ) 表示” 1” </li></ul></ul></ul><ul><ul><ul><li>用低電位 ( 0V or -5V ) 表示” 0” </li></ul></ul></ul><ul><ul><li>使用光波進行訊號交換;例如 </li></ul></ul><ul><ul><ul><li>用”亮”表示” 1” </li></ul></ul></ul><ul><ul><ul><li>用”暗”表示” 0” </li></ul></ul></ul>
  9. 9. 常見網路傳輸介質 <ul><li>銅線 </li></ul><ul><ul><li>無遮罩雙絞線﹙ Unshielded Twisted Pair ﹚ </li></ul></ul><ul><ul><ul><li>Category 3 </li></ul></ul></ul><ul><ul><ul><ul><li>16Mhz, 10Base-T </li></ul></ul></ul></ul><ul><ul><ul><li>Category 4 </li></ul></ul></ul><ul><ul><ul><ul><li>20Mhz, 10Base-T </li></ul></ul></ul></ul><ul><ul><ul><li>Category 5 </li></ul></ul></ul><ul><ul><ul><ul><li>100Mhz, 100Base-TX </li></ul></ul></ul></ul><ul><ul><ul><li>Category 5e </li></ul></ul></ul><ul><ul><ul><ul><li>“ Enhanced” Cat5, 1000Base-T </li></ul></ul></ul></ul><ul><ul><ul><li>Category 6 </li></ul></ul></ul><ul><ul><ul><ul><li>250Mhz, 1000Base-TX </li></ul></ul></ul></ul><ul><ul><li>接頭 </li></ul></ul><ul><ul><ul><li>RJ-45 </li></ul></ul></ul><ul><ul><ul><ul><li>8P8C </li></ul></ul></ul></ul>
  10. 10. 常見網路傳輸介質 <ul><li>UTP 收 / 送方向討論 </li></ul><ul><ul><li>在 Ethernet 家族, UTP 使用四對絞線中其中二對進行傳輸 </li></ul></ul><ul><ul><ul><li>一對為送端﹙ TX﹚ </li></ul></ul></ul><ul><ul><ul><li>一對為收端﹙ RX﹚ </li></ul></ul></ul><ul><ul><li>設備連接時,必需一邊 TX 與他邊 RX 對接 </li></ul></ul><ul><ul><ul><li>RJ45 8P8C 兩種接線定義: TIA/EIA-568A 、 TIA/EIA-568B </li></ul></ul></ul><ul><ul><ul><ul><li>UTP 兩端 RJ45 腳位皆為 568A 或 568B 時,稱” straight” </li></ul></ul></ul></ul><ul><ul><ul><ul><li>UTP 一端 RJ45 腳位為 568A ,另一端為 568B 時,稱” cross-over” </li></ul></ul></ul></ul><ul><ul><li>設備腳位配置可分成兩類: </li></ul></ul><ul><ul><ul><li>Host 端﹙含路由器﹚ - MDI </li></ul></ul></ul><ul><ul><ul><li>Hub/Switch 端 - MDIX </li></ul></ul></ul><ul><ul><ul><li>同類設備連接時需使用” cross-over” wire ;異類則使用” straight” </li></ul></ul></ul><ul><ul><li>較新的網路設備已可支援 MDI/MDIX 自動切換 </li></ul></ul>
  11. 11. 光通訊的掘起 <ul><li>使用銅線為介質所面臨的瓶頸 </li></ul><ul><ul><li>線材重、耗能 </li></ul></ul><ul><ul><li>容量小 </li></ul></ul><ul><ul><li>有效傳輸距離短 </li></ul></ul><ul><ul><li>易被外界環境干擾 </li></ul></ul><ul><ul><li>容易被鯊魚咬壞 XD </li></ul></ul><ul><li>傳輸方式從電變成光 </li></ul><ul><ul><li>質輕,耗能少 </li></ul></ul><ul><ul><li>容量大 </li></ul></ul><ul><ul><li>有效傳輸距離長 </li></ul></ul><ul><ul><li>不易受外界環境干擾 </li></ul></ul><ul><ul><li>無電磁波問題 </li></ul></ul>
  12. 12. 常見光傳輸元件 <ul><li>光纖 </li></ul><ul><ul><li>多模光纖( Multi-mode Fiber , MMF ) </li></ul></ul><ul><ul><ul><li>光纖直徑: 50/125μm 、 62.5/125μm </li></ul></ul></ul><ul><ul><ul><li>使用於 850nm 波長 </li></ul></ul></ul><ul><ul><ul><li>傳送距離短( ~500m ) </li></ul></ul></ul><ul><ul><li>單模光纖( Single-mode Fiber , SMF ) </li></ul></ul><ul><ul><ul><li>光纖直徑: 9/125μm </li></ul></ul></ul><ul><ul><ul><li>使用於 1310nm , 1550nm 波長 </li></ul></ul></ul><ul><ul><ul><li>傳送距離長( 10km~80km ) </li></ul></ul></ul><ul><li>光纖接頭 </li></ul><ul><ul><li>FC 、 SC 、 LC etc… </li></ul></ul>
  13. 13. 常見光傳輸元件 <ul><li>光放大器 </li></ul><ul><ul><li>在電傳輸世界,可直接放大電流增加傳輸距離 </li></ul></ul><ul><ul><li>光具獨立性,難以直接增強既有光源功率 </li></ul></ul><ul><ul><ul><li>需先將光轉成電,再轉成光後傳送 </li></ul></ul></ul><ul><ul><li>EDFA ( Erbium-Doped Fiber Amplifier ; 摻鉺光纖放大器) </li></ul></ul><ul><ul><ul><li>利用 Er 3+ 離子電子躍遷放出相同波長光源達到放大小效果 </li></ul></ul></ul><ul><ul><ul><li>“ 光通訊中最偉大發明之一” </li></ul></ul></ul><ul><li>傳輸距離 </li></ul><ul><ul><li>MMF </li></ul></ul><ul><ul><ul><li>SR : 300m~500m </li></ul></ul></ul><ul><ul><li>SMF </li></ul></ul><ul><ul><ul><li>LR : ~10km </li></ul></ul></ul><ul><ul><ul><li>ER : ~40km </li></ul></ul></ul><ul><ul><ul><li>ZR : ~80km </li></ul></ul></ul>
  14. 14. 網路傳輸類別 <ul><li>專線( Leased Line ) </li></ul><ul><ul><li>T1/E1 </li></ul></ul><ul><ul><ul><li>T1 : 1.544Mbps </li></ul></ul></ul><ul><ul><ul><li>E1 : 2.048Mbps </li></ul></ul></ul><ul><ul><li>T3/E3 </li></ul></ul><ul><ul><ul><li>T3 : 44.736Mbps </li></ul></ul></ul><ul><ul><ul><li>E3 : 34.368Mbps </li></ul></ul></ul><ul><ul><li>STM-X/OC-Y </li></ul></ul><ul><ul><li>CWDM 、 DWDM </li></ul></ul>
  15. 15. SONET/SDH rates 3.3333% 1327.10 39813.12 STM-256 OC-768 STS-768 3.3334% 331.78 9953.28 STM-64 OC-192 STS-192 3.3332% 82.94 2488.32 STM-16 OC-48 STS-48 3.3340% 20.74 622.08 STM-4 OC-12 STS-12 3.3308% 5.18 155.52 STM-1 OC-3 STS-3 3.3372% 1.73 51.84 STM-0 OC-1 STS-1 % Overhead Bandwidth Optical Optical Electrical Data rate (Mbps) SDH SONET
  16. 16. Wavelength-division multiplexing (WDM) <ul><li>Multiplex different wavelengths light into a single optical fiber </li></ul><ul><ul><li>Each wavelength light could carry 1 independent traffic </li></ul></ul><ul><li>Coarse WDM </li></ul><ul><ul><li>8 λ multiplexed in a single optical fiber </li></ul></ul><ul><li>Dense WDM </li></ul><ul><ul><li>32, 64 even 128 λ multiplexed in a single optical fiber </li></ul></ul><ul><li>Transponder </li></ul><ul><ul><li>Convert payload light to specific λ </li></ul></ul>
  17. 17. Unchannelized, Channelized <ul><li>Use DS3 as the example </li></ul><ul><li>Unchannelized T3 </li></ul><ul><ul><li>All slots composed to a single channel </li></ul></ul><ul><ul><ul><li>Non-multiplexed </li></ul></ul></ul><ul><ul><li>44.736Mbps </li></ul></ul><ul><li>Channelized T3 </li></ul><ul><ul><li>All slots are independent </li></ul></ul><ul><ul><ul><li>Could be multiplexed into multiple DS0 or DS1 </li></ul></ul></ul><ul><ul><li>43.008Mbps </li></ul></ul><ul><ul><ul><li>With more overhead and bit stuffing </li></ul></ul></ul>
  18. 18. Ethernet Family <ul><li>Ethernet </li></ul><ul><ul><li>10Mbps </li></ul></ul><ul><ul><ul><li>10Base2, 10Base5, 10BaseT </li></ul></ul></ul><ul><li>Fast Ethernet </li></ul><ul><ul><li>100Mbps </li></ul></ul><ul><ul><ul><li>100Base-TX, 100Base-FX </li></ul></ul></ul><ul><li>Gigabit Ethernet </li></ul><ul><ul><li>1Gbps </li></ul></ul><ul><ul><ul><li>1000Base-SX/LX/ZX, 1000Base-T/TX </li></ul></ul></ul><ul><li>10Gigabit Ethernet </li></ul><ul><ul><li>10Gbps </li></ul></ul><ul><ul><ul><li>10GBase-SR/LR/ER/ZR, 10GBase-CX4/T </li></ul></ul></ul><ul><li>Future technology </li></ul><ul><ul><li>40Gbps 、 100Gbps </li></ul></ul>
  19. 19. 傳輸協定 <ul><li>Layer 1 protocol </li></ul><ul><ul><li>T1 、 E1 、 T3 、 E3 、 SONET/SDH </li></ul></ul><ul><li>Layer 2 protocol </li></ul><ul><ul><li>HDLC 、 PPP 、 Frame-Relay 、 ATM 、 MPLS </li></ul></ul><ul><li>Layer 3+ protocol </li></ul><ul><ul><li>IPv4 、 IPv6 </li></ul></ul><ul><ul><li>ICMPv4 、 ICMPv6 </li></ul></ul><ul><li>Layer 4 protocol </li></ul><ul><ul><li>TCP 、 UDP </li></ul></ul>
  20. 20. 傳輸協定 <ul><li>Frame Relay </li></ul><ul><ul><li>多用於早期 VPN 網路佈建協定( 1980~1990 ) </li></ul></ul><ul><ul><li>已被 MPLS 取代 </li></ul></ul><ul><li>ATM </li></ul><ul><ul><li>Fixed cell size – 53 bytes </li></ul></ul><ul><ul><ul><li>48bytes for payload </li></ul></ul></ul><ul><ul><ul><li>5 bytes for header </li></ul></ul></ul><ul><ul><li>Fixed cell size designed for fast switching </li></ul></ul><ul><ul><ul><li>Overhead: 9.43% </li></ul></ul></ul><ul><ul><li>Good QoS mechanism for voice and data </li></ul></ul>
  21. 21. 傳輸協定 <ul><li>Multiprotocol Label Switching (MPLS) </li></ul><ul><ul><li>Packet switching enhancement </li></ul></ul><ul><ul><ul><li>MPLS-TE ( Traffic Engineering ) </li></ul></ul></ul><ul><ul><ul><li>Faster switching then Hop-by-Hop IP lookup </li></ul></ul></ul><ul><ul><li>VPN enhancement </li></ul></ul><ul><ul><ul><li>MPLS-VPN </li></ul></ul></ul><ul><ul><ul><li>More features than legacy VPN technology </li></ul></ul></ul><ul><ul><li>QoS enhancement </li></ul></ul><ul><ul><ul><li>MPLS-QoS </li></ul></ul></ul>
  22. 22. 常見網路障礙分類 <ul><li>斷線 </li></ul><ul><ul><li>原因 </li></ul></ul><ul><ul><ul><li>實體電路或光纖損壞 </li></ul></ul></ul><ul><ul><ul><li>設備故障 </li></ul></ul></ul><ul><ul><li>影響 </li></ul></ul><ul><ul><ul><li>無法連線 </li></ul></ul></ul><ul><li>瞬斷 </li></ul><ul><ul><li>原因 </li></ul></ul><ul><ul><ul><li>光傳輸路由或光傳輸設備卡板切換 </li></ul></ul></ul><ul><ul><ul><ul><li><50ms ,“理論上”不會有感覺 </li></ul></ul></ul></ul><ul><ul><ul><li>ISP 路由器進行路由收斂( routing convergency )過程中丟棄無法處理之封包 </li></ul></ul></ul><ul><ul><li>影響 </li></ul></ul><ul><ul><ul><li>掉包( packet loss ) </li></ul></ul></ul>
  23. 23. 常見網路障礙分類 <ul><li>壅塞 </li></ul><ul><ul><li>原因 </li></ul></ul><ul><ul><ul><li>網路流量大於電路容量 </li></ul></ul></ul><ul><ul><li>影響 </li></ul></ul><ul><ul><ul><li>掉包 </li></ul></ul></ul><ul><ul><ul><li>速度變慢、或忽快忽慢 </li></ul></ul></ul><ul><li>連線速度慢( LAG ) </li></ul><ul><ul><li>原因 </li></ul></ul><ul><ul><ul><li>瞬斷,壅塞造成的掉包 </li></ul></ul></ul><ul><ul><ul><ul><li>TCP 可進行遺失封包的重傳,瞬斷對客戶的影響多半是瞬斷後感覺連線變慢,不致於連線失敗;但仍與上層 application 行為有關 </li></ul></ul></ul></ul><ul><ul><ul><li>海纜路由 </li></ul></ul></ul><ul><ul><ul><ul><li>正常情況下,美東 ~150ms ,香港 ~22ms (皆為來回) </li></ul></ul></ul></ul><ul><ul><ul><li>連線目標 loading 過大 </li></ul></ul></ul>
  24. 24. 常見網路設備介紹﹙一﹚ <ul><li>專線 </li></ul><ul><ul><li>CSU/DSU ( Channel Service Unit/Data Service Unit ) </li></ul></ul><ul><ul><ul><li>做為 T1/E1/T3/E3 電路連接使用 </li></ul></ul></ul><ul><ul><ul><li>路由器未內含 T1/E1/T3/E3 CSU/DSU 時,常以 V.35 or HSSI 介面連接外部 CSU/DSU </li></ul></ul></ul><ul><ul><li>DSLAM ( DSL access multiplexer ) </li></ul></ul><ul><ul><ul><li>將許多 ADSL/VDSL 電路收攏處理 </li></ul></ul></ul><ul><ul><li>ATU-R ( ADSL Terminal Unit – Remote ) </li></ul></ul><ul><ul><ul><li>用戶端 ADSL 設備 </li></ul></ul></ul><ul><ul><ul><li>與 DSLAM 最大距離: 5.5km ( 1.5Mbps ) </li></ul></ul></ul><ul><ul><li>VTU-R ( VDSL Terminal Unit – Remote ) </li></ul></ul><ul><ul><ul><li>用戶端 VDSL 設備 </li></ul></ul></ul><ul><ul><ul><li>與 DSLAM 最大距離: 1500m ( 13Mbps ) </li></ul></ul></ul><ul><ul><ul><ul><li>常與 FTTB 併用 </li></ul></ul></ul></ul>
  25. 25. 常見網路設備介紹﹙一﹚ <ul><li>Ethernet </li></ul><ul><ul><li>過時的設備 </li></ul></ul><ul><ul><ul><li>Repeater </li></ul></ul></ul><ul><ul><ul><ul><li>具放大電路訊號功能達到延申 Ethernet 目的 </li></ul></ul></ul></ul><ul><ul><ul><li>Hub </li></ul></ul></ul><ul><ul><ul><ul><li>具 repeater 功能 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>將許多電腦連接在一起 </li></ul></ul></ul></ul><ul><ul><ul><li>Bridge </li></ul></ul></ul><ul><ul><ul><ul><li>具 repeater 功能 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>可辨識 Ethernet 封包,區隔出 collision domain </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>仍無法區隔 broadcast domain </li></ul></ul></ul></ul></ul><ul><ul><li>Switch </li></ul></ul><ul><ul><ul><li>可視為具 bridge 功能的 hub </li></ul></ul></ul>
  26. 26. IP 介紹 <ul><li>ARP </li></ul><ul><li>IP 位址 </li></ul><ul><li>IP 路由 </li></ul><ul><li>IP 封包介紹 </li></ul>
  27. 27. ARP <ul><li>IP 位址是一抽象化資料,無法直接用在資料傳遞 </li></ul><ul><ul><li>資料傳遞需藉由實體網路完成 </li></ul></ul><ul><li>ARP - Address Resolution Protocol </li></ul><ul><ul><li>連結 IP 位址與下層網路實體位置 </li></ul></ul><ul><ul><li>常用場合: Ethernet 環境 </li></ul></ul>
  28. 28. Ethernet 硬體位址 <ul><li>Ethernet 位址長度: 48bits </li></ul><ul><ul><li>表示法: 16 進位表示法 </li></ul></ul><ul><ul><ul><li>16 進位: 0 ~ F </li></ul></ul></ul><ul><ul><li>Example </li></ul></ul><ul><ul><ul><li>00:10:DB:98:7C:12 </li></ul></ul></ul><ul><ul><ul><li>000d.ed8a.0961 </li></ul></ul></ul><ul><ul><ul><li>4e-21-0d-7c-62-4f </li></ul></ul></ul>
  29. 29. ARP 運作 <ul><li>建立 IP 位址與硬體位址對映 </li></ul><ul><ul><li>Machine A broadcasts ARP request with B’s IP address </li></ul></ul><ul><ul><li>All machines on local net receive broadcast </li></ul></ul><ul><ul><li>Machine B replies with its physical address </li></ul></ul><ul><ul><li>Machine A adds B’s address information to its table </li></ul></ul><ul><ul><li>Machine A delivers packet directly to B </li></ul></ul><ul><li>將結果存放在 ARP table 中 </li></ul><ul><ul><li>Table 有 cache 功能,不需要每次都要查 </li></ul></ul><ul><ul><li>一般 Time-out 時間: 20 分鐘 </li></ul></ul>
  30. 30. Illustration Of ARP Request And Reply Messages
  31. 31. 使用 ARP 察看網路狀況 <ul><li>檢視電腦 ARP table </li></ul><ul><ul><li>“ arp –a” </li></ul></ul><ul><ul><li>Example </li></ul></ul>
  32. 32. 使用 ARP 察看網路狀況 <ul><li>檢視設備 ARP table </li></ul><ul><ul><li>“ show arp” </li></ul></ul><ul><ul><li>Example </li></ul></ul>
  33. 33. Internet Protocol <ul><li>Internet Protocol </li></ul><ul><ul><li>Internet 封包交換標準 </li></ul></ul><ul><li>IP address </li></ul><ul><ul><li>Internet 定址資訊 </li></ul></ul><ul><ul><li>長度 </li></ul></ul><ul><ul><ul><li>IPv4 : 32bits </li></ul></ul></ul><ul><ul><ul><li>IPv6 : 128bits </li></ul></ul></ul><ul><ul><li>在 Internet 上,每台電腦應該都有獨一無二的 IP address </li></ul></ul><ul><ul><ul><li>例外: </li></ul></ul></ul><ul><ul><ul><ul><li>Network behind NAT/PT </li></ul></ul></ul></ul><ul><ul><ul><ul><li>DNS anycast </li></ul></ul></ul></ul>
  34. 34. IP 位址分配與發放 <ul><li>目前最高 IP 管理單位為 IANA </li></ul><ul><ul><li>Internet Assigned Numbers Authority </li></ul></ul><ul><ul><ul><li>IP address & BGP AS number 管理 </li></ul></ul></ul><ul><ul><ul><li>Domain names 管理 </li></ul></ul></ul><ul><ul><ul><li>Protocol name & port number 註冊 </li></ul></ul></ul><ul><li>其它 IP 管理與發放單位 </li></ul><ul><ul><li>Regional Internet Registry </li></ul></ul><ul><ul><ul><li>AfriNIC 、 APNIC 、 ARIN 、 LACNIC 、 RIPE NCC </li></ul></ul></ul><ul><ul><li>National Internet Registry </li></ul></ul><ul><ul><ul><li>TWNIC </li></ul></ul></ul><ul><ul><li>Local Internet Registry </li></ul></ul><ul><ul><ul><li>Internet Service Provider </li></ul></ul></ul>
  35. 35. IP Address Division <ul><li>Address divided into two parts </li></ul><ul><ul><li>Prefix (network ID) identifies network to which host attaches </li></ul></ul><ul><ul><li>Suffix (host ID) identifies host on that network </li></ul></ul><ul><li>如何區分 prefix & suffix? </li></ul><ul><ul><li>By “netmask” </li></ul></ul><ul><ul><ul><li>長度與 IP address 一樣, 32bits </li></ul></ul></ul><ul><ul><ul><li>IPv6 無 netmask 觀念 </li></ul></ul></ul><ul><ul><li>Netmask 由一串連續的 1 開始,結束於一串連續的 0 </li></ul></ul><ul><ul><ul><li>連續的” 1” 所佔的位元數,即為 prefix 長度 </li></ul></ul></ul><ul><ul><ul><li>Example </li></ul></ul></ul><ul><ul><ul><ul><li>IP address : 10000000 00001010 00000010 00000011 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Netmask : 11111111 11111111 11111111 00000000 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Result : 10000000 00001010 00000010 00000011 </li></ul></ul></ul></ul><ul><ul><ul><ul><li> prefix suffix </li></ul></ul></ul></ul>
  36. 36. IP address 表示法 <ul><li>為了讀寫與記憶方便, IP 位址多半以十進位表示 </li></ul><ul><ul><li>A 32-bit number in binary </li></ul></ul><ul><li> 10000000 00001010 00000010 00000011 </li></ul><ul><ul><li>The same 32-bit number expressed in dotted decimal notation </li></ul></ul><ul><li>128 . 10 . 2 . 3 </li></ul>
  37. 37. IP address 表示法 <ul><li>VLSM - Variable Length Subnet Mask </li></ul><ul><ul><li>以 IP address/Netmask pair 表示 IP 位址 </li></ul></ul><ul><ul><ul><li>目前絕大部份電腦與網路設備在設定 IP 位址時,皆是採 VLSM 型式設定 IP 位址 </li></ul></ul></ul><ul><li>CIDR - Classless Inter-Domain Routing </li></ul><ul><ul><li>以 IP address/N pair 表示 IP 位址 </li></ul></ul><ul><ul><ul><li>N 為 0~32 間的整數,表示 prefix 長度 </li></ul></ul></ul><ul><li>Example </li></ul><ul><ul><li>IP address : 10000000 00001010 00000010 00000011 </li></ul></ul><ul><ul><li>Netmask : 11111111 11111111 11111111 00000000 </li></ul></ul><ul><ul><li>Result : </li></ul></ul><ul><ul><ul><li>VLSM : 128.10.2.3 , 255.255.255.0 </li></ul></ul></ul><ul><ul><ul><li>CIDR : 128.10.2.3/24 </li></ul></ul></ul>
  38. 38. VLSM 與 CIDR 對照
  39. 39. 特殊的 IP 位址 <ul><li>Network address </li></ul><ul><ul><li>Host field contains all 0 bits </li></ul></ul><ul><li>Limit broadcast </li></ul><ul><ul><li>Broadcast on local network </li></ul></ul><ul><ul><ul><li>將封包傳送到本地網路上的所有電腦 </li></ul></ul></ul><ul><ul><ul><li>路由器不會轉送該類封包 </li></ul></ul></ul><ul><ul><li>Network and host fields both contain all 1 bits </li></ul></ul><ul><li>Direct broadcast </li></ul><ul><ul><li>Broadcast on specific (possibly remote) network </li></ul></ul><ul><ul><ul><li>將封包傳送到特定網路上的所有電腦 </li></ul></ul></ul><ul><ul><li>Host field contains all 1 bits </li></ul></ul><ul><li>以上 IP address 都不能設定在電腦或網路設備上 </li></ul>
  40. 40. 特殊的 IP 位址 <ul><li>All zero IP address </li></ul><ul><ul><li>在電腦尚未拿到真正 IP 前做為本機 IP 位址使用 </li></ul></ul><ul><ul><ul><li>只能當做 source IP address </li></ul></ul></ul><ul><ul><ul><li>不能設定在實際電腦或網路設備上 </li></ul></ul></ul>
  41. 41. 特殊的 IP 位址 <ul><li>Multicast address </li></ul><ul><ul><li>32bit 表示法 </li></ul></ul><ul><ul><ul><li>111 XXXXX XXXXXXXX XXXXXXXX XXXXXXXX </li></ul></ul></ul><ul><ul><li>Formerly “Class D” IP address </li></ul></ul><ul><ul><li>Multicast 位址分配資訊 </li></ul></ul><ul><ul><ul><li>http://www.iana.org/assignments/multicast-addresses </li></ul></ul></ul><ul><li>Reversed address </li></ul><ul><ul><li>32bit 表示法 </li></ul></ul><ul><ul><ul><li>1111 XXXX XXXXXXXX XXXXXXXX XXXXXXXX </li></ul></ul></ul><ul><ul><li>Formerly “Class E” IP address </li></ul></ul>
  42. 42. 特殊的 IP 位址 <ul><li>無法在 Internet 上出現的 IP 位址 </li></ul><ul><ul><li>10.0.0.0/8 </li></ul></ul><ul><ul><ul><li>Private IP address , RFC1918 </li></ul></ul></ul><ul><ul><li>169.254.0.0/16 </li></ul></ul><ul><ul><ul><li>Link Local IP address , RFC5735 </li></ul></ul></ul><ul><ul><li>172.16.0.0/12 </li></ul></ul><ul><ul><ul><li>Private IP address , RFC1918 </li></ul></ul></ul><ul><ul><li>192.168.0.0/16 </li></ul></ul><ul><ul><ul><li>Private IP address , RFC1918 </li></ul></ul></ul><ul><li>無法在網路上出現的 IP 位址 </li></ul><ul><ul><li>127.0.0.0/8 </li></ul></ul><ul><ul><ul><li>代表本機位址,常用的是 127.0.0.1 </li></ul></ul></ul><ul><ul><ul><li>用於本機 IP 功能測試 </li></ul></ul></ul>
  43. 43. IP 位址操作 <ul><li>Major concept : </li></ul><ul><ul><li>二進元運算;一切皆按 2 的冪次進行 </li></ul></ul><ul><li>網路分割 </li></ul><ul><ul><li>“ 除二”方式切分 </li></ul></ul><ul><ul><li>注意 Prefix 長度 </li></ul></ul><ul><li>網路合併 </li></ul><ul><ul><li>找出最多重覆位元,即為新網路之 prefix </li></ul></ul><ul><li>避開 host-id 為全 0 或全 1 者 </li></ul><ul><ul><li>All 0 in host-id: network </li></ul></ul><ul><ul><li>All 1 in host-id: broadcast </li></ul></ul>
  44. 44. IP 位址操作 <ul><li>Example A </li></ul><ul><ul><li>Write the following mask in slash notation (/n): </li></ul></ul><ul><ul><ul><li>255.255.255.0 </li></ul></ul></ul><ul><ul><ul><li>255.0.0.0 </li></ul></ul></ul><ul><ul><ul><li>255.255.224.0 </li></ul></ul></ul><ul><ul><ul><li>255.255.240.0 </li></ul></ul></ul><ul><ul><ul><li>255.254.0.0 </li></ul></ul></ul>
  45. 45. IP 位址操作 <ul><li>Example B </li></ul><ul><ul><li>In a class B subnet, we know the IP address of one of the hosts and the mask as given below: </li></ul></ul><ul><ul><li>IP address: 125.134.112.66 </li></ul></ul><ul><ul><li>Netmask: 255.255.224.0 </li></ul></ul><ul><ul><li>What is the first address (network address)? </li></ul></ul>
  46. 46. IP 位址操作 <ul><li>Example C </li></ul><ul><ul><li>Given four IP blocks: 192.168.0.0/23, 192.168.5.0/24, 192.168.12.0/25, 192.168.20.0/26. Please aggregate them to a new IP block with longest prefix-length. </li></ul></ul>
  47. 47. IP 位址操作 <ul><li>Example D </li></ul><ul><ul><li>For IP block 20.0.0.0/8, the first address in a network (network address) is 20.0.0.0. What is the 220000th address? </li></ul></ul>
  48. 48. IP 位址操作 <ul><li>Example E </li></ul><ul><ul><li>An organization is granted the block 16.0.0.0/18. The administrator wants to create 500 fixed-length subnets. </li></ul></ul><ul><ul><ul><li>Find the subnet mask </li></ul></ul></ul><ul><ul><ul><li>Find the number of addresses in each subnet </li></ul></ul></ul><ul><ul><ul><li>Find the first and the last address in the first subnet </li></ul></ul></ul><ul><ul><ul><li>Find the first and the last address in the last subnet (subnet 500) </li></ul></ul></ul>
  49. 49. IP 位址操作 <ul><li>Example F </li></ul><ul><ul><li>An ISP is granted a block of address starting with 120.60.4.0/20. The ISP wants to distribute these blocks to 100 organizations with each organization receiving 8 addresses only. </li></ul></ul><ul><ul><ul><li>Design the subblocks and give the slash notation for each subblock. </li></ul></ul></ul><ul><ul><ul><li>Find out how many addresses are still available after the allocations. </li></ul></ul></ul>
  50. 50. IP 路由 <ul><li>網路設備需透過 IP 路由資訊了解如何進行封包傳遞 </li></ul><ul><li>網路設備獲得 IP 路由資訊的方式 </li></ul><ul><ul><li>Direct connect </li></ul></ul><ul><ul><ul><li>該 IP network 直接介接在路由器上 </li></ul></ul></ul><ul><ul><li>Static route </li></ul></ul><ul><ul><ul><li>手動設定路由器中的 IP 路由資訊 </li></ul></ul></ul><ul><ul><li>Dynamic route </li></ul></ul><ul><ul><ul><li>路由器藉由路由協定互相交換 IP 路由資訊 </li></ul></ul></ul><ul><ul><ul><li>RIP 、 OSPF 、 IS-IS 、 BGP </li></ul></ul></ul><ul><li>路由器中存放 IP 路由資訊的虛擬清單稱為 路由表 </li></ul><ul><ul><li>每筆路由皆含 prefix 與 netmask 資訊 </li></ul></ul>
  51. 51. IP 路由資訊 <ul><li>路由表中可含下列種類 IP 路由 </li></ul><ul><ul><li>Network-specific routes </li></ul></ul><ul><ul><ul><li>表達特定網路 IP 路由資訊 </li></ul></ul></ul><ul><ul><ul><li>Prefix 代表該特定網路 </li></ul></ul></ul><ul><ul><ul><li>Suffix 全部為 0 </li></ul></ul></ul><ul><ul><li>Host-specific routes </li></ul></ul><ul><ul><ul><li>表達特定主機 IP 路由資訊 </li></ul></ul></ul><ul><ul><ul><li>Netmask 為 255.255.255.255 或 /32 </li></ul></ul></ul><ul><ul><li>Default route </li></ul></ul><ul><ul><ul><li>表達路由器最後將參考的 IP 路由資訊 </li></ul></ul></ul><ul><ul><ul><ul><li>Host 多半只會設定 default route </li></ul></ul></ul></ul>
  52. 52. 路由器如何選擇路由 ? <ul><li>路由表中有許多 IP 路由資訊,路由器該如何選擇 ? </li></ul><ul><ul><li>依路由表中 IP 路由資訊建立一二元”樹” </li></ul></ul><ul><ul><ul><li>每筆路由都將會在該”樹”上被分配到一個位置 </li></ul></ul></ul><ul><ul><ul><li>路由器對照 </li></ul></ul></ul><ul><ul><ul><ul><li>需被轉送的封包之 IP 位址 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>二元樹 </li></ul></ul></ul></ul><ul><ul><ul><li>二元樹上對映 IP 位址位元數最多者為最佳路由 </li></ul></ul></ul><ul><ul><ul><li>此選擇 IP 路由原則稱 longest-prefix search or longest match </li></ul></ul></ul>
  53. 53. Longest-Prefix Matching 怎麼運作 ? <ul><li>依路由表資訊建立” unique prefix list” </li></ul><ul><ul><li>用最少位元區別出路由表中所有 IP 路由資訊 </li></ul></ul><ul><ul><ul><li>Example :一路由表中具七筆路由資訊 </li></ul></ul></ul><ul><ul><ul><ul><li>53.0.0.0/8 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>70.0.0.0/8 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>86.0.0.0/8 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>97.0.0.0/8 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>170.240.0.0/16 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>176.2.0.0/16 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>187.10.0.0/16 </li></ul></ul></ul></ul>
  54. 54. Longest-Prefix Matching 怎麼運作 ? <ul><li>對照欲轉送封包 IP 位址與該二元樹得知結果 </li></ul><ul><ul><li>Example : 89.2.100.170 </li></ul></ul><ul><ul><ul><li>In 32bit : 0101 1001 00000010 01100100 10101010 </li></ul></ul></ul>
  55. 55. 路由表長什麼樣子 ? <ul><li>Example : Cisco IOS </li></ul>
  56. 56. 路由表長什麼樣子 ? <ul><li>Example : Juniper Junos </li></ul>
  57. 57. 路由表長什麼樣子 ? <ul><li>Example : Linux </li></ul>
  58. 58. IP 封包 <ul><li>IP 封包攜帶資訊 </li></ul><ul><ul><li>IP 封包與其下層網路關聯 </li></ul></ul>
  59. 59. IP 封包資訊 – address <ul><li>Destination IP address </li></ul><ul><ul><li>IP 位址錯誤,無法傳送至正確目的 </li></ul></ul><ul><li>Source IP address </li></ul><ul><ul><li>IP 位址錯誤,無法返回至正確來源 </li></ul></ul><ul><ul><li>IP 位址錯誤遭設備丟棄 </li></ul></ul>
  60. 60. IP 封包資訊 – fragmentation <ul><li>Fragmentation </li></ul><ul><ul><li>各類網路介面其 MTU ( Maximum Transmission Unit )大小不一;換算至 IP 封包後 MTU 大小為 </li></ul></ul><ul><ul><ul><li>T1/E1 : 1500bytes </li></ul></ul></ul><ul><ul><ul><li>T3/E3 : 4470bytes </li></ul></ul></ul><ul><ul><ul><li>ATM : 4470bytes </li></ul></ul></ul><ul><ul><ul><li>Fast Ethernet : 1500bytes </li></ul></ul></ul><ul><ul><ul><li>Gigabit Ethernet : 1500bytes </li></ul></ul></ul><ul><ul><ul><ul><li>Jumbo frame support : 1518bytes ~ 9000bytes </li></ul></ul></ul></ul><ul><ul><ul><li>SONET/SDH : 4470bytes </li></ul></ul></ul><ul><ul><li>封包自 MTU 大的網路介面往 MTU 小的網路介面移動時,就有可能發生問題 </li></ul></ul>
  61. 61. IP 封包資訊 – fragmentation <ul><li>遇 MTU 較小網路時, IP 封包需要被切割 </li></ul><ul><ul><li>Performed by routers </li></ul></ul><ul><ul><ul><li>Divides datagram into several, smaller datagrams called fragments </li></ul></ul></ul><ul><ul><ul><li>Fragment uses same header format as datagram </li></ul></ul></ul><ul><ul><li>Each fragment forwarded independently </li></ul></ul><ul><li>IP 封包重組 </li></ul><ul><ul><li>Ultimate destination puts fragments back together </li></ul></ul><ul><ul><ul><li>Key concept! </li></ul></ul></ul><ul><ul><ul><li>Needed in a connectionless Internet </li></ul></ul></ul><ul><ul><li>Known as reassembly </li></ul></ul><ul><ul><ul><li>No need to reassemble subfragments first </li></ul></ul></ul><ul><ul><li>Timer used to ensure all fragments arrive </li></ul></ul><ul><ul><ul><li>Timer started when first fragment arrives </li></ul></ul></ul><ul><ul><ul><li>If timer expires, entire datagram discarded </li></ul></ul></ul>
  62. 62. IP 封包資訊 – Time-to-Live <ul><li>TTL field of datagram header decremented at each hop (i.e., each router) </li></ul><ul><ul><li>If TTL reaches zero, datagram discarded </li></ul></ul><ul><ul><li>Prevents datagrams from looping indefinitely (in case forwarding error introduces loop) </li></ul></ul><ul><ul><ul><li>IETF recommends initial value of 255 (max) </li></ul></ul></ul><ul><ul><ul><li>Example </li></ul></ul></ul>
  63. 63. IP 封包轉送特色 <ul><li>IP uses best-effort delivery </li></ul><ul><ul><li>Makes an attempt to deliver </li></ul></ul><ul><ul><li>Does not guarantee delivery </li></ul></ul><ul><li>In the Internet, routers become overrun or change routes, meaning that: </li></ul><ul><ul><li>Datagrams can be lost </li></ul></ul><ul><ul><li>Datagrams can be duplicated </li></ul></ul><ul><ul><li>Datagrams can arrive out of order or scrambled </li></ul></ul><ul><li>Motivation: allow IP to operate over the widest possible variety of physical networks </li></ul>
  64. 64. ICMP/TCP/UDP 介紹 <ul><li>通訊協定分層 </li></ul><ul><li>ICMP - ERROR AND CONTROL MESSAGES </li></ul><ul><li>TCP - RELIABLE STREAM TRANSPORT SERVICE </li></ul><ul><li>UDP - USER DATAGRAM PROTOCOL </li></ul>
  65. 65. 通訊協定分層 <ul><li>Motivation For Layering </li></ul><ul><ul><li>Communication is difficult to understand </li></ul></ul><ul><ul><li>Many subproblems </li></ul></ul><ul><ul><ul><li>Hardware failure </li></ul></ul></ul><ul><ul><ul><li>Network congestion </li></ul></ul></ul><ul><ul><ul><li>Packet delay or loss </li></ul></ul></ul><ul><ul><ul><li>Data corruption </li></ul></ul></ul><ul><ul><ul><li>Data duplication or inverted arrivals </li></ul></ul></ul><ul><li>How to solve? </li></ul><ul><ul><li>Divide the problem into pieces </li></ul></ul><ul><ul><li>Solve subproblems separately </li></ul></ul><ul><ul><li>Combine into integrated whole </li></ul></ul><ul><ul><li>Result is layered protocols </li></ul></ul>
  66. 66. Protocol Layering <ul><li>Concept </li></ul><ul><ul><li>Separates protocol functionality </li></ul></ul><ul><ul><li>Each layer solves one part of the communication problem </li></ul></ul><ul><ul><li>Intended primarily for protocol designers </li></ul></ul><ul><ul><li>Set of layers is called a protocol stack </li></ul></ul>
  67. 67. 實際分層情況
  68. 68. Examples Of Layering <ul><li>Two models exist </li></ul><ul><li>ISO 7-layer reference model for Open System Interconnection (OSI) </li></ul><ul><ul><li>Predates TCP/IP </li></ul></ul><ul><ul><li>Does not include an Internet layer </li></ul></ul><ul><ul><li>Prescriptive (designed before protocols) </li></ul></ul><ul><li>Internet 5-layer reference model </li></ul><ul><ul><li>Designed for TCP/IP </li></ul></ul><ul><ul><li>Descriptive (designed along with actual protocols) </li></ul></ul>
  69. 69. ISO 7-Layer Reference Model
  70. 70. TCP/IP 5-Layer Reference Model
  71. 71. TCP/IP Layer <ul><li>Layer 1 - physical hardware </li></ul><ul><ul><li>Defines electrical signals used in communication </li></ul></ul><ul><ul><ul><li>(e.g. voltages on wires between two computers) </li></ul></ul></ul><ul><ul><li>Uninteresting except to electrical engineers </li></ul></ul><ul><li>Layer 2 - Network Interface </li></ul><ul><ul><li>Defines communication between computer and network hardware </li></ul></ul><ul><ul><ul><li>Isolates details of hardware (MAC) addressing </li></ul></ul></ul><ul><ul><ul><li>Example protocol: ARP </li></ul></ul></ul><ul><ul><li>Code is usually in the operating system </li></ul></ul>
  72. 72. TCP/IP Layer 3: Internet <ul><li>Layer 3 - Internet </li></ul><ul><ul><li>Protocol is IP </li></ul></ul><ul><ul><ul><li>Machine to machine communication </li></ul></ul></ul><ul><ul><ul><li>Defines best-effort, connectionless datagram delivery service for the Internet </li></ul></ul></ul><ul><ul><li>Code is usually in the operating system </li></ul></ul><ul><li>Layer 4 – Transport </li></ul><ul><ul><li>Provides end-to-end connection from application program to application program </li></ul></ul><ul><ul><ul><li>Often handles reliability, flow control </li></ul></ul></ul><ul><ul><ul><li>Protocols are TCP and UDP </li></ul></ul></ul><ul><ul><li>Code is usually in the operating system </li></ul></ul><ul><li>Layer 5 – Application </li></ul><ul><ul><li>Implemented by application programs </li></ul></ul><ul><ul><li>Built on top of transport layer </li></ul></ul>
  73. 73. The Layering Principle <ul><li>Software implementing layer n at the destination receives exactly the message sent by software implementing layer n at the source. </li></ul>
  74. 74. Illustration Of Layering In An Internet
  75. 75. Handling Multiple Protocols Per Layer <ul><li>Sender places field in header to say which protocol used at each layer </li></ul><ul><li>Receiver uses field to determine which protocol at next layer receives the packet </li></ul><ul><li>Known as multiplexing and demultiplexing </li></ul>
  76. 76. Example Of Demultiplexing Performed By IP
  77. 77. Example Of Demultiplexing Performed By TCP <ul><li>TCP is part of operating system </li></ul><ul><li>Transfer to application program must cross operating system boundary </li></ul>
  78. 78. ERROR AND CONTROL MESSAGES – ICMP <ul><li>Errors In Packet Switching Networks </li></ul><ul><ul><li>Causes include </li></ul></ul><ul><ul><ul><li>Temporary or permanent disconnection </li></ul></ul></ul><ul><ul><ul><li>Hardware failures </li></ul></ul></ul><ul><ul><ul><li>Router overrun </li></ul></ul></ul><ul><ul><ul><li>Routing loops </li></ul></ul></ul><ul><ul><li>Need mechanisms to detect and correct </li></ul></ul><ul><li>Error Detection And Reporting Mechanisms </li></ul><ul><ul><li>IP header checksum to detect transmission errors </li></ul></ul><ul><ul><li>Error reporting mechanism to distinguish between events such as lost datagrams and incorrect addresses </li></ul></ul><ul><ul><li>Higher level protocols (i.e., TCP) must handle all other problems </li></ul></ul>
  79. 79. Error Reporting Mechanism <ul><li>Named Internet Control Message Protocol (ICMP) </li></ul><ul><ul><li>Required and integral part of IP </li></ul></ul><ul><ul><li>Used primarily by routers to report delivery or routing problems to original source </li></ul></ul><ul><ul><li>Also includes informational (nonerror) functionality </li></ul></ul><ul><ul><li>Uses IP to carry control messages </li></ul></ul><ul><ul><li>Only reports problems to original source </li></ul></ul><ul><li>ICMP purpose </li></ul><ul><li>The Internet Control Message Protocol allows a router to send error or control messages to the source of a datagram, typically a host. ICMP provides communication between the Internet Protocol software on one machine and the Internet Protocol software on another. </li></ul>
  80. 80. Error Reporting Vs. Error Correction <ul><li>ICMP does not </li></ul><ul><ul><li>Provide interaction between a router and the source of trouble </li></ul></ul><ul><ul><li>Maintain state information (each packet is handled independently) </li></ul></ul><ul><li>Consequence </li></ul>When a datagram causes an error, ICMP can only report the error condition back to the original source of the datagram; the source must relate the error to an individual application program or take other action to correct the problem.
  81. 81. ICMP Message Encapsulation <ul><li>ICMP message has header and data area </li></ul><ul><li>Complete ICMP message is treated as data in IP datagram </li></ul><ul><li>Complete IP datagram is treated as data in physical network frame </li></ul>
  82. 82. ICMP Message Format <ul><li>Multiple message types </li></ul><ul><li>Each message has its own format </li></ul><ul><li>Messages </li></ul><ul><ul><li>Begin with 1-octet TYPE field that identifies which of the basic ICMP message types follows </li></ul></ul><ul><ul><li>Some messages have a 1-octet CODE field that further classifies the message </li></ul></ul><ul><li>Example </li></ul><ul><ul><li>TYPE specifies destination unreachable </li></ul></ul><ul><ul><li>CODE specifies whether host or network was unreachable </li></ul></ul>
  83. 83. ICMP Message Types
  84. 84. Example ICMP Message (ICMP Echo Request/Reply) <ul><li>Sent by ping program </li></ul><ul><li>Used to test reachability </li></ul>
  85. 85. Example ICMP Message (Destination Unreachable) <ul><li>Used to report that datagram could not be delivered </li></ul><ul><li>Code specifies details </li></ul>
  86. 86. Example ICMP Message (Destination Unreachable)
  87. 87. Example ICMP Message (Time Exceeded) <ul><li>At least one fragment failed to arrive, or </li></ul><ul><li>TTL field in IP header reached zero </li></ul>
  88. 88. RELIABLE STREAM TRANSPORT SERVICE - TCP <ul><li>Transmission Control Protocol (TCP) </li></ul><ul><ul><li>Major transport service in the TCP/IP suite </li></ul></ul><ul><ul><li>Used for most Internet applications (esp. World Wide Web) </li></ul></ul><ul><ul><li> </li></ul></ul><ul><ul><li>Around 95% of all bytes and around 85-95% of all packets on the Internet are transmitted using TCP. </li></ul></ul><ul><li> – Eggert, et. al. CCR </li></ul>
  89. 89. TCP Characteristics <ul><li>Stream orientation </li></ul><ul><li>Buffered transfer </li></ul><ul><li>Full duplex connection </li></ul><ul><ul><li>Machine could send and receive simultaneously </li></ul></ul><ul><li>Reliability </li></ul><ul><ul><li>Positive Acknowledgement with Retransmission (PAR) </li></ul></ul><ul><ul><ul><li>Receiver sends acknowledgement when data arrives </li></ul></ul></ul><ul><ul><ul><li>Sender starts timer whenever transmitting </li></ul></ul></ul><ul><ul><ul><li>Sender retransmits if timer expires before acknowledgement arrives </li></ul></ul></ul>
  90. 90. Illustration Of Acknowledgements <ul><ul><ul><li>Time moves from top to bottom in the diagram </li></ul></ul></ul>
  91. 91. Illustration Of Recovery After Packet Loss
  92. 92. Sliding Window <ul><li>The Problem With Simplistic PAR </li></ul><ul><li>A simple positive acknowledgement protocol wastes a substantial amount of network bandwidth because it must delay sending a new packet until it receives an acknowledgement for the previous packet. </li></ul><ul><li>Problem is especially severe if network has long latency </li></ul><ul><li>Sliding Window </li></ul><ul><ul><li>Allow multiple packets to be outstanding at any time </li></ul></ul><ul><ul><li>Still require acknowledgements and retransmission </li></ul></ul><ul><ul><li>Example source : </li></ul></ul><ul><ul><ul><li>http://www.it.uu.se/edu/course/homepage/datakom/civinght04/schema/ sliding_window . pps </li></ul></ul></ul>
  93. 93. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: Old data sent that has already been ACK:ed (Could as well be marked as free space) New data sent to transport layer by application, but not yet sent Free buffer space where application can write new data to be sent
  94. 94. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: Data that has been sent, but not ACK:ed Also called the Sending window This is the sliding window (yes, it slides!) This data can not be sent yet, as the sliding window in this example has a maximum size of 10
  95. 95. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: ACTION : An ACK of the oldest sent packet arrives <ul><li>The window slides so that the left border is in line with the oldest outstanding ACK </li></ul><ul><li>The unsent segments that fit within the window are sent </li></ul>
  96. 96. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <ul><li>The data is placed in free buffer slots </li></ul>ACTION : The application has more data to send
  97. 97. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <ul><li>Older sent but un-ACK:ed segments are now considered to be ACK:ed </li></ul>ACTION : An ACK arrives in the middle of the window <ul><li>The window slides and unsent segments within the window are sent </li></ul><ul><li>The window shrinks by one segment as there is no more than 9 segments outstanding </li></ul>
  98. 98. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <ul><li>The data is placed in free buffer slots </li></ul>ACTION : The application has more data to send <ul><li>As the window is currently 9 segments wide, it can grow by one segment </li></ul><ul><li>The new data that fits within the window is sent </li></ul>
  99. 99. Sliding window - Sender side Cumulative Acknowledgments Not sent Sent, no ACK ACK:ed Free Sending buffer at the sender: <ul><li>The ACK is silently ignored </li></ul>ACTION : An ACK of already ACK:ed segments arrives
  100. 100. Layering Of The Three Major Protocols
  101. 101. TCP Ports, Connections, And Endpoints <ul><li>Endpoint of communication is application program </li></ul><ul><li>TCP uses protocol port number to identify application </li></ul><ul><li>TCP connection between two endpoints identified by four items </li></ul><ul><ul><li>Sender’s IP address </li></ul></ul><ul><ul><li>Sender’s protocol port number </li></ul></ul><ul><ul><li>Receiver’s IP address </li></ul></ul><ul><ul><li>Receiver’s protocol port number </li></ul></ul><ul><li>Because TCP identifies a connection by a pair of endpoints, a given TCP port number can be shared by multiple connections on the same machine. </li></ul>
  102. 102. TCP Segment Format
  103. 103. TCP Retransmission <ul><li>Designed for Internet environment </li></ul><ul><ul><li>Delays on one connection vary over time </li></ul></ul><ul><ul><li>Delays vary widely between connections </li></ul></ul><ul><li>Fixed value for timeout will fail </li></ul><ul><ul><li>Waiting too long introduces unnecessary delay </li></ul></ul><ul><ul><li>Not waiting long enough wastes network bandwidth with unnecessary retransmission </li></ul></ul><ul><li>Retransmission strategy must be adaptive </li></ul><ul><ul><li>Adaptive Retransmission </li></ul></ul><ul><ul><ul><li>TCP keeps estimate of round-trip time (RTT) on each connection </li></ul></ul></ul><ul><ul><ul><li>Round-trip estimate derived from observed delay between sending segment and receiving acknowledgement </li></ul></ul></ul><ul><ul><ul><li>Timeout for retransmission based on current round-trip estimate </li></ul></ul></ul>
  104. 104. Adaptive Retransmission Issue <ul><li>Difficulties With Adaptive Retransmission </li></ul><ul><ul><li>The problem is knowing when to retransmit </li></ul></ul><ul><ul><li>Segments or ACKs can be lost or delayed, making roundtrip estimation difficult or inaccurate </li></ul></ul><ul><ul><li>Round-trip times vary over several orders of magnitude between different connections </li></ul></ul><ul><ul><li>Traffic is bursty, so round-trip times fluctuate wildly on a single connection </li></ul></ul><ul><ul><li>Load imposed by a single connection can congest routers or networks </li></ul></ul><ul><ul><li>Retransmission can cause congestion </li></ul></ul><ul><ul><li>Because an internet contains diverse network hardware technologies, there may be little or no control for intranetwork congestion </li></ul></ul>
  105. 105. Solution: Smoothing <ul><li>Adaptive retransmission schemes keep a statistically smoothed round-trip estimate </li></ul><ul><li>Smoothing keeps running average from fluctuating wildly, and keeps TCP from overreacting to change </li></ul><ul><li>Difficulty: choice of smoothing scheme </li></ul>
  106. 106. Flow Control And Congestion Control <ul><li>Flow Control </li></ul><ul><ul><li>Receiver advertises window that specifies how many additional bytes it can accept </li></ul></ul><ul><ul><li>Window size of zero means sender must not send normal data (ACKs and urgent data allowed) </li></ul></ul><ul><li>Congestion Control </li></ul><ul><ul><li>Slow start </li></ul></ul><ul><ul><li>Congestion avoidance </li></ul></ul><ul><ul><li>Fast retransmit </li></ul></ul><ul><ul><li>Fast recovery </li></ul></ul><ul><li>Example source : </li></ul><ul><ul><li>[TWNOG] 網路與 TCP 效能關聯探討 </li></ul></ul><ul><ul><ul><li>http://opm.twnic.net.tw/14th/1-twnogworkshop.pdf </li></ul></ul></ul>
  107. 107. TCP Performance Factors <ul><ul><li>Flow control </li></ul></ul><ul><ul><ul><li>Window Size Adjustment </li></ul></ul></ul><ul><ul><ul><ul><li>“ Receiver window size filed” in TCP header </li></ul></ul></ul></ul>
  108. 108. TCP Performance Factors <ul><ul><li>Congestion Control </li></ul></ul><ul><ul><ul><li>Flow control 讓接收端控制進入之流量,避免 buffer overflow 情況發生 </li></ul></ul></ul><ul><ul><ul><ul><li>藉由 AdvertisedWindow 調整發送端 window size </li></ul></ul></ul></ul><ul><ul><ul><ul><li>無法反應網路連線狀況 </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>無法避免所經網路是否有類似 buffer overflow 情況發生 </li></ul></ul></ul></ul></ul><ul><ul><ul><li>為能偵測可能的網路壅塞, TCP 使用 Congestion control 。 </li></ul></ul></ul><ul><ul><ul><ul><li>藉由 CongestionWindow (cwnd) 來進行調整 </li></ul></ul></ul></ul><ul><ul><ul><li>Congestion control 主要含四種方式 (RFC5681) : </li></ul></ul></ul><ul><ul><ul><ul><li>Slow start </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Congestion avoidance </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Fast retransmit </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Fast recovery </li></ul></ul></ul></ul>
  109. 109. TCP Performance Factors <ul><ul><ul><li>Slow start </li></ul></ul></ul><ul><ul><ul><ul><li>TCP connection 剛建立時,使用小的 window size 。等到收到 ACK 後再慢慢增加。 </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>cwnd 初始值為 1 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>旨在偵測網路頻寬狀況 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>每收到 1 個 ACK 則 cwnd+1 </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>如此一來,每經過一個 round-trip time (RTT) , cwnd 的值則變成上一次 RTT 的兩倍 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>指數成長 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>為避免 cwnd 增加太快,俟 cwnd 超過” slow start threshold, ssthresh” 後,每一 RTT 只增加 1 </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>線性成長 </li></ul></ul></ul></ul></ul>
  110. 110. TCP Performance Factors <ul><ul><ul><li>Congestion avoidance </li></ul></ul></ul><ul><ul><ul><ul><li>在此階段 : </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>cwnd > ssthresh </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>cwnd + 1 for each RTT </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>當有 packet loss 發生時,則 : </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>ssthresh -> cwnd/2 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>cwnd -> 1 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>packet retransmission </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>一旦 packet loss 發生時, TCP Performance 將受到嚴重影響。 </li></ul></ul></ul></ul>
  111. 111. TCP Performance Factors <ul><ul><ul><li>Slow start & Congestion avoidance characteristic </li></ul></ul></ul>
  112. 112. TCP Connection Details <ul><li>Connections started reliably, and terminated gracefully </li></ul><ul><ul><li>Connection established with a 3-way handshake </li></ul></ul><ul><ul><li>Connection terminated with 4-way handshake </li></ul></ul>
  113. 113. TCP Finite State Machine
  114. 114. TCP State – real case <ul><li>Command :” netstat –na” </li></ul>
  115. 115. USER DATAGRAM PROTOCOL (UDP) <ul><li>User Datagram Protocol </li></ul><ul><ul><li>Transport-layer protocol (Layer 4) </li></ul></ul><ul><ul><li>Connectionless service: provides application programs with ability to send and receive messages </li></ul></ul><ul><ul><li>Allows multiple, application programs on a single machine to communicate concurrently </li></ul></ul><ul><ul><li>Same best-effort semantics as IP </li></ul></ul><ul><ul><ul><li>Message can be delayed, lost, or duplicated </li></ul></ul></ul><ul><ul><ul><li>Messages can arrive out of order </li></ul></ul></ul><ul><ul><li>Application accepts full responsibility for errors </li></ul></ul>
  116. 116. Port Numbers In A UDP Message <ul><li>SOURCE PORT identifies application on original source computer </li></ul><ul><li>DESTINATION PORT identifies application on ultimate destination computer </li></ul><ul><li>Note: IP addresses of source and destination do not appear explicitly in header </li></ul>
  117. 117. Position Of UDP In Protocol Stack <ul><li>UDP lies between applications and IP </li></ul>
  118. 118. UDP Encapsulation
  119. 119. Demultiplexing Based On UDP Protocol Port Number
  120. 120. Assignment Of UDP Port Numbers <ul><li>Small numbers reserved for specific services </li></ul><ul><ul><li>Called well-known ports </li></ul></ul><ul><ul><li>Same interpretation throughout the Internet </li></ul></ul><ul><ul><li>Used by server software </li></ul></ul><ul><li>Large numbers not reserved </li></ul><ul><ul><li>Available to arbitrary application program </li></ul></ul><ul><ul><li>Used by client software </li></ul></ul><ul><li>More later in the course Internetworking </li></ul>
  121. 121. Examples Of Assigned UDP Port Numbers
  122. 122. 常見應用程式介紹 <ul><li>名稱解析 </li></ul><ul><li>遠端登入 </li></ul><ul><li>檔案傳輸與存取 </li></ul><ul><li>電子郵件 </li></ul><ul><li>全球資訊網 </li></ul><ul><li>網路管理 </li></ul>
  123. 123. Client-Server Interaction <ul><li>Client </li></ul><ul><ul><li>Invoked by user </li></ul></ul><ul><ul><li>Forms connection to remote server </li></ul></ul><ul><ul><li>Passes keystrokes from user’s keyboard to server and displays output from server on user’s screen </li></ul></ul><ul><li>Server </li></ul><ul><ul><li>Accepts connection over the network </li></ul></ul><ul><ul><li>Passes incoming characters to OS as if they were typed on a local keyboard </li></ul></ul><ul><ul><li>Sends output over connection to client </li></ul></ul>
  124. 124. 名稱解析 <ul><li>IP 位址不容易記憶 </li></ul><ul><ul><li>使用”名字”來替主機取名 </li></ul></ul><ul><li>電腦仍需要靠 IP 位址來運作 </li></ul><ul><ul><li>DNS - Domain Name Service </li></ul></ul><ul><ul><li>DNS 查詢( UDP , port 53 ) </li></ul></ul><ul><ul><li>DNS Zone Transfer ( TCP , port 53 ) </li></ul></ul>
  125. 125. 遠端登入 <ul><li>文字介面( CLI ) </li></ul><ul><ul><li>telnet ( TCP , port 23 ) </li></ul></ul><ul><ul><li>rlogin ( TCP , port 513 ) </li></ul></ul><ul><ul><li>rsh ( TCP , port 514 ) </li></ul></ul><ul><ul><li>ssh ( TCP , port 22 ) </li></ul></ul><ul><li>圖形介面( GUI ) </li></ul><ul><ul><li>Virtual Network Computing (VNC) </li></ul></ul><ul><ul><li>Remote Desktop Protocol (RDP) </li></ul></ul>
  126. 126. Illustration Of TELNET
  127. 127. 檔案傳輸與存取 <ul><li>Always a popular application </li></ul><ul><li>Two basic paradigms </li></ul><ul><ul><li>Whole-file copying </li></ul></ul><ul><ul><li>Piecewise file access </li></ul></ul><ul><li>Whole-file copying </li></ul><ul><ul><li>FTP ( TCP , port 20 、 21 ) </li></ul></ul><ul><ul><ul><li>Secured version : SSL-FTP 、 sftp 、 scp </li></ul></ul></ul><ul><ul><li>TFTP ( UDP , port 69 ) </li></ul></ul><ul><ul><ul><li>Code is much smaller </li></ul></ul></ul><ul><li>Piecewise file access </li></ul><ul><ul><li>NFS ( TCP , port 2049 ) </li></ul></ul><ul><ul><ul><li>Protocol for file access, not copying </li></ul></ul></ul><ul><ul><ul><li>Developed by Sun Microsystems, now part of TCP/IP standards </li></ul></ul></ul><ul><ul><ul><li>Transparent (application cannot tell that file is remote) </li></ul></ul></ul>
  128. 128. NFS Implementation
  129. 129. 電子郵件 <ul><li>Among most widely used Internet services </li></ul><ul><li>Protocols for email : </li></ul><ul><ul><li>Simple Mail Transfer Protocol (SMTP , TCP:25) </li></ul></ul><ul><ul><li>Post Office Protocol version 3 (POP3 , TCP:110) </li></ul></ul><ul><ul><li>Internet Message Access Protocol (IMAP , TCP:143) </li></ul></ul><ul><li>Protocol 使用位置 </li></ul><ul><ul><li>Mail client 連線至 email server 進行寄信動作 </li></ul></ul><ul><ul><ul><li>SMTP </li></ul></ul></ul><ul><ul><li>Mail client 連線至 email server 進行收信動作 </li></ul></ul><ul><ul><ul><li>POP3 、 IMAP </li></ul></ul></ul><ul><ul><li>Email server 間彼此傳遞信件 </li></ul></ul><ul><ul><ul><li>SMTP </li></ul></ul></ul>
  130. 130. Example Of SMTP <ul><li>S: 220 Beta.GOV Simple Mail Transfer Service Ready </li></ul><ul><li>C: HELO Alpha.EDU </li></ul><ul><li>S: 250 Beta.GOV </li></ul><ul><li>C: MAIL FROM:<Smith@Alpha.EDU> </li></ul><ul><li>S: 250 OK </li></ul><ul><li>C: RCPT TO:<Jones@Beta.GOV> </li></ul><ul><li>S: 250 OK </li></ul><ul><li>C: RCPT TO:<Green@Beta.GOV> </li></ul><ul><li>S: 550 No such user here </li></ul><ul><li>C: RCPT TO:<Brown@Beta.GOV> </li></ul><ul><li>S: 250 OK </li></ul><ul><li>C: DATA </li></ul><ul><li>S: 354 Start mail input; end with <CR><LF>.<CR><LF> </li></ul><ul><li>C: ...sends body of mail message... </li></ul><ul><li>C: ...continues for as many lines as message contains </li></ul><ul><li>C: <CR><LF>.<CR><LF> </li></ul><ul><li>S: 250 OK </li></ul><ul><li>C: QUIT </li></ul><ul><li>S: 221 Beta.GOV Service closing transmission channel </li></ul>
  131. 131. Multipurpose Internet Mail Extensions (MIME) <ul><li>Permits nontextual data to be sent in email </li></ul><ul><ul><li>Graphics image </li></ul></ul><ul><ul><li>Voice or video clip </li></ul></ul><ul><li>Sender </li></ul><ul><ul><li>Encodes binary item into printable characters </li></ul></ul><ul><ul><li>Places in email message for transfer </li></ul></ul><ul><li>Receiver </li></ul><ul><ul><li>Receives email message containing encoded item </li></ul></ul><ul><ul><li>Decodes message to extract original binary value </li></ul></ul>
  132. 132. Example Of Mixed / Multipart Message
  133. 133. 全球資訊網 <ul><li>Distributed hypermedia paradigm </li></ul><ul><li>Major service on the Internet </li></ul>
  134. 134. Web Page Identifier <ul><li>Known as Uniform Resource Locator (URL) </li></ul><ul><li>Encodes </li></ul><ul><ul><li>Access protocol to use </li></ul></ul><ul><ul><li>Domain name of server </li></ul></ul><ul><ul><li>Protocol port number (optional) </li></ul></ul><ul><ul><li>Path through server’s file system (optional) </li></ul></ul><ul><ul><li>Parameters (optional) </li></ul></ul><ul><ul><li>Query (optional) </li></ul></ul><ul><li>Format </li></ul><ul><li>http: // hostname [: port] / path [; parameters] [? query] </li></ul>
  135. 135. Web Standards <ul><li>Separate standards for </li></ul><ul><ul><li>Representation </li></ul></ul><ul><ul><ul><li>HyperText Markup Language (HTML) </li></ul></ul></ul><ul><ul><ul><li>Document contains text plus embedded links </li></ul></ul></ul><ul><ul><ul><li>HTML gives guidelines for display, not details </li></ul></ul></ul><ul><ul><ul><li>Consequence: two browsers may choose to display same document differently </li></ul></ul></ul><ul><ul><li>Transfer </li></ul></ul><ul><ul><ul><li>Used between browser and web server </li></ul></ul></ul><ul><ul><ul><li>Protocol is HyperText Transfer Protocol (HTTP) </li></ul></ul></ul><ul><ul><ul><li>Runs over TCP </li></ul></ul></ul>
  136. 136. HTTP Operation <ul><li>Browser sends requests to which server replies </li></ul><ul><li>Typical request: GET used to fetch document </li></ul><ul><li>Example </li></ul><ul><li>GET http://www.cs.purdue.edu/people/comer/ HTTP/1.1 </li></ul><ul><li>Relative URL also permitted </li></ul><ul><li>GET /people/comer/ HTTP/1.1 </li></ul>
  137. 137. 網路管理 <ul><li>Early network systems used two approaches </li></ul><ul><ul><li>Separate, parallel management network </li></ul></ul><ul><ul><li>Link-level management commands </li></ul></ul><ul><li>TCP/IP pioneered running management protocols at the application layer </li></ul><ul><ul><li>Motivation: provide internet-wide capability instead of single network capability </li></ul></ul><ul><li>In a TCP/IP internet, a manager needs to examine and control routers and other network devices. Because such devices attach to arbitrary networks, protocols for internet management operate at the application level and communicate using TCP/IP transport-level protocols. </li></ul>
  138. 138. Architecture Model
  139. 139. Terminology <ul><li>Agent </li></ul><ul><ul><li>Runs on arbitrary system (e.g., a router) </li></ul></ul><ul><ul><li>Responds to manager’s requests </li></ul></ul><ul><li>Management software </li></ul><ul><ul><li>Runs on manager’s workstation </li></ul></ul><ul><ul><li>Sends requests to agents as directed by the manager </li></ul></ul>
  140. 140. Simple Network Management Protocol (SNMP) <ul><li>Specifies communication between manager’s workstation and managed entity </li></ul><ul><li>Uses fetch-store paradigm </li></ul><ul><li>常見版本 </li></ul><ul><ul><li>SNMPv1 </li></ul></ul><ul><ul><li>SNMPv2c </li></ul></ul><ul><ul><li>SNMPv3 </li></ul></ul>
  141. 141. Application Troubleshooting <ul><li>Network troubleshooting </li></ul><ul><ul><li>Ping </li></ul></ul><ul><ul><ul><li>偵測目標是否可到達 </li></ul></ul></ul><ul><ul><ul><li>Ping 不到原因 </li></ul></ul></ul><ul><ul><ul><ul><li>目標不存在或沒有開機 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>目標網路斷線 </li></ul></ul></ul></ul><ul><ul><ul><ul><li>ICMP 封包遭防火牆丟棄 </li></ul></ul></ul></ul><ul><ul><li>Traceroute </li></ul></ul><ul><ul><ul><li>偵測封包至目標 IP 地址”去向”路由 </li></ul></ul></ul><ul><ul><ul><ul><li>“ 返回路由”無法藉由 traceroute 探詢 </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Ping 可有限度的探詢返回路由 </li></ul></ul></ul></ul></ul><ul><ul><ul><li>Traceroute 不到原因 </li></ul></ul></ul><ul><ul><ul><ul><li>Traceroute 所使用封包( UDP 、 ICMP )遭防火牆丟棄 </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>調整 traceroute 所使用封包來規避 firewall 攔截 </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>MPLS-TE Tunnel 可設定不回應 TTL 變化 </li></ul></ul></ul></ul>
  142. 142. Application Troubleshooting <ul><li>TCP troubleshooting </li></ul><ul><ul><li>偵測目標主機 TCP 狀況: </li></ul></ul><ul><ul><li>確認 TCP 3-way handshaking 成功 </li></ul></ul><ul><ul><ul><li>若 3-way handshaking 都無法完成自然不可能成功連線 </li></ul></ul></ul><ul><ul><li>利用基本 application protocol 指令測試目標主機狀況 </li></ul></ul><ul><ul><ul><li>SMTP </li></ul></ul></ul><ul><ul><ul><li>POP3 </li></ul></ul></ul><ul><ul><ul><li>HTTP </li></ul></ul></ul>
  143. 143. Application Troubleshooting
  144. 144. 常見網路設備介紹﹙二﹚ <ul><li>路由器 </li></ul><ul><ul><li>Layer 3 device </li></ul></ul><ul><ul><li>主要以 destination IP address 為轉送依據 </li></ul></ul><ul><li>網路防火牆 </li></ul><ul><ul><li>Layer 4 device </li></ul></ul><ul><ul><li>可 IP 與 TCP/UDP 資訊進行過濾依據 </li></ul></ul><ul><li>應用程式防火牆 </li></ul><ul><ul><li>Layer 7 device </li></ul></ul><ul><ul><li>可察看應用程式協定如 HTTP 、 FTP 再進行過濾 </li></ul></ul>
  145. 145. 常見網路設備介紹﹙二﹚ <ul><li>交換器 </li></ul><ul><ul><li>L3 switch </li></ul></ul><ul><ul><li>L4 switch </li></ul></ul><ul><ul><li>L7 switch </li></ul></ul><ul><li>Proxy/Cache </li></ul><ul><li>應用程式加速器 </li></ul>
  146. 146. Reference <ul><li>TCP/IP </li></ul><ul><ul><li>TCP-IP.Illustrated,.Volume.1 </li></ul></ul><ul><ul><ul><li>W. Richard Stevens; Addison-Wesley Professional </li></ul></ul></ul>
  147. 147. 課堂練習與課後測驗解答
  148. 148. 課堂練習 <ul><li>Example A </li></ul><ul><ul><li>Write the following mask in slash notation (/n): </li></ul></ul><ul><ul><ul><li>255.255.255.0 </li></ul></ul></ul><ul><ul><ul><li>255.0.0.0 </li></ul></ul></ul><ul><ul><ul><li>255.255.224.0 </li></ul></ul></ul><ul><ul><ul><li>255.255.240.0 </li></ul></ul></ul><ul><ul><ul><li>255.254.0.0 </li></ul></ul></ul><ul><ul><li>Answer </li></ul></ul><ul><ul><ul><li>/24 </li></ul></ul></ul><ul><ul><ul><li>/8 </li></ul></ul></ul><ul><ul><ul><li>/19 </li></ul></ul></ul><ul><ul><ul><li>/20 </li></ul></ul></ul><ul><ul><ul><li>/15 </li></ul></ul></ul>
  149. 149. 課堂練習 <ul><li>Example B </li></ul><ul><ul><li>In a class B subnet, we know the IP address of one of the hosts and the mask as given below: </li></ul></ul><ul><ul><li>IP address: 125.134.112.66 </li></ul></ul><ul><ul><li>Netmask: 255.255.224.0 </li></ul></ul><ul><ul><li>What is the first address (network address)? </li></ul></ul><ul><ul><li>Answer </li></ul></ul><ul><ul><li>IP= 01111101 10000110 011 10000 01000010 </li></ul></ul><ul><ul><li>Netmask= 11111111 11111111 111 00000 00000000 </li></ul></ul><ul><ul><li>IP Prefix= 01111101 10000110 011 </li></ul></ul><ul><ul><li>Network= 01111101 10000110 01100000 00000000 </li></ul></ul><ul><ul><li>= 125.134.96.0 </li></ul></ul>
  150. 150. 課堂練習 <ul><li>Example C </li></ul><ul><ul><li>Given four IP blocks: 192.168.0.0/23, 192.168.5.0/24, 192.168.12.0/25, 192.168.20.0/26. Please aggregate them to a new IP block with longest prefix-length. </li></ul></ul><ul><ul><li>Answer </li></ul></ul><ul><ul><li>192.168.0.0/23= 11000000 10101000 0000000 0 00000000 </li></ul></ul><ul><ul><li>192.168.5.0/24= 11000000 10101000 00000101 00000000 </li></ul></ul><ul><ul><li>192.168.12.0/25= 11000000 10101000 00001100 0 0000000 </li></ul></ul><ul><ul><li>192.168.20.0/26= 11000000 10101000 00010100 00 000000 </li></ul></ul><ul><ul><li>longest prefix= 11000000 10101000 000 </li></ul></ul><ul><ul><li>New prefix= 192.168.0.0/19 </li></ul></ul>
  151. 151. 課堂練習 <ul><li>Example D </li></ul><ul><ul><li>For IP block 20.0.0.0/8, the first address in a network (network address) is 20.0.0.0. What is the 220000th address? </li></ul></ul><ul><ul><li>Answer </li></ul></ul><ul><ul><li>20.0.0.0/8= 00010100 00000000 00000000 00000000 </li></ul></ul><ul><ul><li>1st= 00010100 00000000 00000000 00000000 =0 in decimal </li></ul></ul><ul><ul><li>2nd= 00010100 00000000 00000000 00000001 =1 </li></ul></ul><ul><ul><li>3rd= 00010100 00000000 00000000 00000010 =2 </li></ul></ul><ul><ul><li>4th= 00010100 00000000 00000000 00000011 =3 </li></ul></ul><ul><ul><li>… </li></ul></ul><ul><ul><li>220000th= 00010100 ???????? ???????? ???????? =219999 </li></ul></ul><ul><ul><li>219999 in binary = 131072+65536+16384+4096+2048+512+256+64+16+8+4+2+1 </li></ul></ul><ul><ul><li> = 2 17 +2 16 +2 14 +2 12 +2 11 +2 9 +2 8 +2 6 +2 4 +2 3 +2 2 +2 1 +2 0 </li></ul></ul><ul><ul><li> = 110101101101011111 </li></ul></ul><ul><ul><li>220000th= 00010100 00000011 01011011 01011111 </li></ul></ul><ul><ul><li>20.3.91.95 </li></ul></ul>
  152. 152. 課堂練習 <ul><li>Example E </li></ul><ul><ul><li>An organization is granted the block 16.0.0.0/18. The administrator wants to create 500 fixed-length subnets. </li></ul></ul><ul><ul><ul><li>Find the subnet mask </li></ul></ul></ul><ul><ul><ul><li>Find the number of addresses in each subnet </li></ul></ul></ul><ul><ul><ul><li>Find the first and the last address in the first subnet </li></ul></ul></ul><ul><ul><ul><li>Find the first and the last address in the last subnet (subnet 500) </li></ul></ul></ul><ul><ul><li>Answer </li></ul></ul><ul><ul><li>Divide the block into 512 equal-length subnets </li></ul></ul><ul><ul><li>16.0.0.0/18= 00010000 00000000 00 000000 00000000 </li></ul></ul><ul><ul><li>16.0.0.0/18 divide in 2= 00010000 00000000 00 ?00000 00000000 </li></ul></ul><ul><ul><li>16.0.0.0/18 divide in 512= 00010000 00000000 00 ?????? ???00000 </li></ul></ul><ul><ul><li>New subnet mask= 11111111 11111111 11111111 11100000= 255.255.255.224 </li></ul></ul><ul><ul><li>Number of addresses in each subnet = 2 6 = 32 </li></ul></ul><ul><ul><li>First subnet= 00010000 00000000 00000000 000 00000= 16.0.0.0 </li></ul></ul><ul><ul><li>Last address in first subnet= 00010000 00000000 00000000 000 11111= 16.0.0.31 </li></ul></ul><ul><ul><li>500th subnet= 00010000 00000000 00111110 011 00000= 16.0.62.96 </li></ul></ul><ul><ul><li>Last address in 500 th subnet= 00010000 00000000 00111110 011 11111= 16.0.62.127 </li></ul></ul>
  153. 153. 課堂練習 <ul><li>Example F </li></ul><ul><ul><li>An ISP is granted a block of address starting with 120.60.4.0/20. The ISP wants to distribute these blocks to 100 organizations with each organization receiving 8 addresses only. </li></ul></ul><ul><ul><ul><li>Design the subblocks and give the slash notation for each subblock. </li></ul></ul></ul><ul><ul><ul><li>Find out how many addresses are still available after the allocations. </li></ul></ul></ul><ul><ul><li>Answer </li></ul></ul><ul><ul><li>Complete subnet comes from 120.60.0.0 to 120.60.15.255 </li></ul></ul><ul><ul><li>120.60.4.0/20= 01111000 00111100 0000 0100 00000000 </li></ul></ul><ul><ul><li>Only 8 addresses is assigned: only 3 bites for host ID </li></ul></ul><ul><ul><li>Possible assigned subnets: 01111000 00111100 0000 01?? ?????000 </li></ul></ul><ul><ul><li>1st subnet = 01111000 00111100 00000100 00000 000 = 120.60.4.0/29 </li></ul></ul><ul><ul><li>2nd subnet = 01111000 00111100 00000100 00001 000 = 120.64.4.8/29 </li></ul></ul><ul><ul><li>3rd subnet = 01111000 00111100 00000100 00010 000 = 120.64.16.0/29 </li></ul></ul><ul><ul><li>… .. </li></ul></ul><ul><ul><li>100 th subnet = 01111000 00111100 00000111 00011 000 = 120.60.7.24/29 </li></ul></ul><ul><ul><li>Available address comes from: 01111000 00111100 00000111 00100000 </li></ul></ul><ul><ul><li>to: 01111000 00111100 00001111 11111111 </li></ul></ul><ul><ul><li>Available address = 2272 addresses </li></ul></ul>
  154. 154. 課後測驗 <ul><li>Review 1 </li></ul><ul><ul><li>Choose components are DEDICATED for optical transmission? (Choose THREE best answers)(10 points) </li></ul></ul><ul><ul><li>DWDM transponder </li></ul></ul><ul><ul><li>EDFA </li></ul></ul><ul><ul><li>Multimode fiber </li></ul></ul><ul><ul><li>Router </li></ul></ul><ul><ul><li>Switch </li></ul></ul><ul><ul><li>Answer: A, B, C </li></ul></ul>
  155. 155. 課後測驗 <ul><li>Review 2 </li></ul><ul><ul><li>Which IP addresses could be configured on a computer? (Choose TWO best answers)(10 points) </li></ul></ul><ul><ul><li>10.24.130.5/15 </li></ul></ul><ul><ul><li>139.175.3.255/22 </li></ul></ul><ul><ul><li>172.29.2.255/23 </li></ul></ul><ul><ul><li>192.168.1.32/27 </li></ul></ul><ul><ul><li>192.168.100.127/25 </li></ul></ul><ul><ul><li>Answer: A, C </li></ul></ul>
  156. 156. 課後測驗 <ul><li>Review 3 </li></ul><ul><ul><li>For IP block 69.0.0.0: </li></ul></ul><ul><ul><li>Does it belong class A, B or C in CLASSFUL IP scheme? ______(4 points) </li></ul></ul><ul><ul><li>What is the CIDR notation if the prefix-length is 16bits? ____________(4 points) </li></ul></ul><ul><ul><li>Follow “B.” above, what are the 4 networks if we divide this network into four equal pieces (CIDR notation)? </li></ul></ul><ul><ul><li>________________, (2 points) </li></ul></ul><ul><ul><li>________________, (2 points) </li></ul></ul><ul><ul><li>________________, (2 points) </li></ul></ul><ul><ul><li>________________, (2 points) </li></ul></ul><ul><ul><li>What’s the sub-network’s netmask? ________________ (4 points) </li></ul></ul><ul><ul><li>Answer: </li></ul></ul><ul><ul><li>Class A </li></ul></ul><ul><ul><li>69.0.0.0/16 </li></ul></ul><ul><ul><li>69.0.0.0/18, 69.0.64.0/18, 69.0.128.0/18, 69.0.192.0/18 </li></ul></ul><ul><ul><li>255.255.192.0 </li></ul></ul>
  157. 157. 課後測驗 <ul><li>Review 4 </li></ul><ul><ul><li>Which network address are invalid on Internet? (Choose FOUR best answers)(10 points) </li></ul></ul><ul><ul><li>10.1.10.100 </li></ul></ul><ul><ul><li>127.5.63.254 </li></ul></ul><ul><ul><li>172.32.64.1 </li></ul></ul><ul><ul><li>169.254.82.45 </li></ul></ul><ul><ul><li>193.168.256.29 </li></ul></ul><ul><ul><li>Answer: A, B, D, E </li></ul></ul>
  158. 158. 課後測驗 <ul><li>Review 5 </li></ul><ul><ul><li>Choose options related Time-to-Live field in IP header? (Choose TWO best answers)(10 points) </li></ul></ul><ul><ul><li>Network Time Synchronization </li></ul></ul><ul><ul><li>Ping </li></ul></ul><ul><ul><li>Remove packets when routing loop happened </li></ul></ul><ul><ul><li>Traceroute </li></ul></ul><ul><ul><li>Transmission health check </li></ul></ul><ul><ul><li>Answer: C, D </li></ul></ul>
  159. 159. 課後測驗 <ul><li>Review 6 </li></ul><ul><ul><li>Choose features related TCP? (Choose THREE best answers)(10 points) </li></ul></ul><ul><ul><li>Connectionless </li></ul></ul><ul><ul><li>Flow Duplex </li></ul></ul><ul><ul><li>Flow Control </li></ul></ul><ul><ul><li>Reliability </li></ul></ul><ul><ul><li>SYN packet carry receiver sliding window size information </li></ul></ul><ul><ul><li>Answer: B, C, D </li></ul></ul>
  160. 160. 課後測驗 <ul><li>Review 7 </li></ul><ul><ul><li>Choose options about identifying a TCP flow? (Choose THREE best answers)(10 points) </li></ul></ul><ul><ul><li>MAC address </li></ul></ul><ul><ul><li>Protocol type </li></ul></ul><ul><ul><li>Source/Destination IP address </li></ul></ul><ul><ul><li>Source/Destination TCP port </li></ul></ul><ul><ul><li>TCP flag(s) </li></ul></ul><ul><ul><li>Answer: B, C, D </li></ul></ul>
  161. 161. 課後測驗 <ul><li>Review 8 </li></ul><ul><ul><li>Which TCP feature cause Denied-of-Service attack? (Choose ONE best answer)(5 points) </li></ul></ul><ul><ul><li>Four-way handshaking </li></ul></ul><ul><ul><li>Re-transmission </li></ul></ul><ul><ul><li>Sliding Window </li></ul></ul><ul><ul><li>Slow Start </li></ul></ul><ul><ul><li>Three-way handshaking </li></ul></ul><ul><ul><li>Answer: E </li></ul></ul>
  162. 162. 課後測驗 <ul><li>Review 9 </li></ul><ul><ul><li>Which protocol provide similar function with RARP (Reverse ARP) and substitute it later? (Choose ONE best answer)(5 points) </li></ul></ul><ul><ul><li>ARP </li></ul></ul><ul><ul><li>DHCP </li></ul></ul><ul><ul><li>DNS </li></ul></ul><ul><ul><li>GARP </li></ul></ul><ul><ul><li>SNMP </li></ul></ul><ul><ul><li>Answer: B </li></ul></ul>
  163. 163. 課後測驗 <ul><li>Review 10 </li></ul><ul><ul><li>Choose protocols belong TCP application? (Choose THREE best answer)(10 points) </li></ul></ul><ul><ul><li>HTTP </li></ul></ul><ul><ul><li>SMTP </li></ul></ul><ul><ul><li>SNMP </li></ul></ul><ul><ul><li>SSH </li></ul></ul><ul><ul><li>TFTP </li></ul></ul><ul><ul><li>Answer: A, B, D </li></ul></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×