|
|
Notice! The role of this model answer is instructional only. The answers might not cover everything in detail that the questions asks. The answers give you the content of the answer and idea what it should be. The things that are important in the grading of the homework have been emphasized. If you think there is a mistake in the model answer, please let the course staff know!
Internetworking means connecting networks with each other.
To combine networks implemented with different transfer technologies
a combining factor is needed. In TCP/IP-world ie. in Internet it is
the Internet Protocol ie. IP. IP hides the details of the underlying
network: Different transfer technologies are basically used "only" to
mediate IP-packets from one node to another.
Connection-oriented data transfer means that the state-information relevant to the conneciton is kept in the nodes of the network that participate in controlling the network. Connection-oriented doesn't necessarily mean circuit-switched data transfer, as connection can be achieved in the same way in a packet-switching environment. E.g. the telephone network is connection-oriented. TCP implements connection-orientation on top of the connectionless IP-network. In the case TCP the state-information is kept only in the endpoints of the traffic (and perhaps in a firewall located in the IP-network along the way (stateful inspection)). Thus it is the responsibility of the trafficking hosts to maintain the state-information relevant to the current connection.
In connection-oriented data transfer separate start- and ending liturgies are needed for the data transfer, with which the state of the connection is changed. A connectionless protocol is stateless. E.g. in an IP-network each router handles the packets one at a time, and doesn't maintain any history records - the same individual decision based on the routing table and the receiver's IP-address is made for each packet.
Compared to a telephone network an IP-networks differs most
distinctively in two aspects: An IP-network is packet-switched, that
is, all data travels in packets in a connectionless IP-network and
the IP-network is dumb and the terminal is smart (in a telephone
network situation is basically vice versa). An IP-network offers
unreliable packet service and on top of that the trafficking hosts
can build additional services if they want to (e.g. TCP and reliable
data transfer). Thus IP doesn't require a lot from the OSI-models
second layer laying below.
An autonomous system means a part of a network, where a uniform
routing policy is used. Routing protocols are divided into internal
and external routing protocols. Internal protocols (OSPF, RIPv1,
RIPv2, IGRP, EIGRP, IS-IS) are using within an autonomous system
and between the AS's information about the internal routes (an
AS-path is formed) is shared by external routing protocols (e.g.
BGPv4). Thus we don't have an OSPF-process covering the whole Internet
which would bring us information about all possible IP-subnets.
Instead of that Internet is divided into smaller parts
governed by one organization, from which information to outside
is spread on a need-to-know basis and in a compact form. Basically
this is all about controlling complexity. Also the "explosion" of
the backbone network's routing tables because of the huge amount of
routing information is prevented.
OSPF (Open Shortest Path First) is based on Dijkstra's SPF-algorithm. In OSPF an autonomous region is divided into OSPF-regions, with which the spreading of routing information inside an AS can be controlled. The protocol shares information about topology changes through the network and when converged every router has a uniform picture about the topology of the network. Now every router itself computes a new tree for the network and thus forms its own opinion about routes in the network - exactly the opposite of what happens with distance vector protocols, which are dependent on the neighbours' computations. For the same reason link state protocols are loopless protocols. OSPF is IETF's recommendation for an IGP-protocol (Interior Gateway Protocol, in other words an internal routing protocol in autonomous systems) and it delivers it's hello- message and route updates as a multicast message (address 224.0.0.2, in other words all the subnet's routers). OSPF also includes a possibility for verification of the origin of the route updates based on shared secrecy.
OSFP is more complex than RIP, but in large networks it is a considerably better option, on the basis of e.g. versatility in spreading the routing information (different kinds of OSPF-regions), more versatile option for traffic sharing using alternative routes, lighter network traffic with multicasts and a faster convergence after changes. As a minus side is the complexity of the protocol - to maintain a network using OSPF means that one has to really study this stuff.
RIP or Routing Information Protocol is an old routing protocol,
it's first version is nowadays only rarely used. Reason to this is
that it can't deliver information about the subnet mask along it's
route update notifications, so it can't be used in networks where
varying size subnetting has been used (VLSM). Distance vector
protocols rely on route updates, which they receive from their
neighbours. An update contains the whole routing table of the
neighbour (except with EIGRP only the update), and based on that
a router updates it's own routing table and informs others about
the changes. Using distance vector protocols quick topology-changes
can lead to loops and to prevent this different techniques have
been developed (poison reverse, split horizon, hold-down-timers etc.).
RIP is widely supported and easy to understand. RIPv2 has
updated the protocol somewhat, and the second version can relay
also the subnet masks in its route updates. Also data security
has been improved. RIPv2 is suitable to small networks.
ICMP or Internet Control Message Protocol is a protocol located on
the network layer, which works on top of IP - ie. it is not reliable.
ICMP is used to convey many different kinds of error messages, to
gather information (querying for subnet mask, default gateway or
date) or to test the availability of a network (echo request and
reply - ping and traceroute). ICMP doesn't make much use of the
possibilites to gather information, for this purpose more
sophisticated protocols are used (NTP, DHCP etc.).
Every network adapter has a unique hardware address (that is, a MAC-address) and correspondingly a unique IP-address; these two don't have anything in common. Because of this a separate protocol is needed to tie the IP- and MAC-addresses together: Address Resolution Protocol, in other words ARP helps us to find out in a subnet a MAC-address corresponding to an IP-address. This happens with broadcast messages (a MAC-broadcast message in ethernet, 48 bits of 1s), in which there is an ARP-request: "if your IP-address is X, then tell me your MAC-address". Every host in the subnet processes the request (but routers don't route them outside the subnet) and the one with the corresponding IP-address replies directly to the maker of the query. Once the querier has learned the IP-MAC-correspondence it places the answer into its cache and now can send the frame into ethernet-network. Based on the receivers IP-address nothing can be sent - the ethernet-address of the next jump is also needed so that the frame carrying the IP-packet can be sent on its way.
With the command "arp -a" you can check your ARP-cahce (both in
Windows and Unix/Linux).
RARP, or Reverse ARP is an antique protocol, which is nowadays used mainly with dumb (diskless) X-terminals. Each X-terminal knows its own MAC-address (hardware address). As one can guess from the name, it is ARP reversed: We send a broadcast message, which holds the question "My MAC-address is XYZ, what is my IP-address?". Using RARP requires a RARP-server in the network, which holds a list of X-terminals' hardware addresses and the corresponding IP-addresses (a static list).
BOOTP, or Bootstrap Protocol is a notifiably more advanced alternative to automatic configuration of computers. In BOOTP, a separate BOOTP-server tells the booting workstation its IP-address, subnet mask, default gateway and other necessary information. In many BOOTP-implementations unfortunately the only option is a static list, but compared to RARP, BOOTP's advantages are e.g. larger amount of information, which can be automatically spread and the possibility to serve multiple subnets with one server (routers must support BOOTP-relay). Nowadays (if one has the possibility of a choice) the automatic sharing of IP-addresses is best done with DHCP (Dynamic Host Configuration Protocol).
Unicast is an IPv6-address which identifies one specific network
connection. This isn't really a new thing. Compared to IPv4 some changes
have been made, mostly in three things. First of all, the address
hierarchic, which means that routers don't have to maintain information
about all the IP-networks in the world - it's enough to be able to
route towards the largest traffic junction points. Upon reaching a
junction point, we search the address a little bit further and
we find out e.g. an operator, in which network the sought device is.
Secondly, the address is 128 bits long, so the address space is much
larger. Thirdly, if needed we can generate the IPv6-address based on
the MAC-address of the network adapter (a sc. EUI-64-address). This
offers the possibility for plug'n play -address control. One doesn't
need to use the MAC-address for generating an IPv6 address.
Anycast is a new addressing type: it is an IP-address which, used
as a packet's address causes the packet to be sent to the nearest member
of the group. Anycast-addressing differs from multicast in a way
that instead of all members receiving the message only the nearest
member receives the message. IPv4 didn't implement this addressing type.
Multicast address is targeted to all members of a group. IPv6 doesn't have broadcast addresses, they've been included into multicast addresses. The fundamental idea in multicast remains the same when moving from IPv4 to IPv6, meaning that machines subscribe to groups they want to be part of (a certain part of the address space has been reserved as multicast addresses, and these addresses aren't given out as normal IP-addresses) using IGMP (Internet Froup Management Protocol). The multicast message from the sender (UDP-based data transmission from one to many) is delivered to it's destination by separate multicast protocols.
First the message is sent from the workstation to the LAN's router,
which takes care of traffic outside the LAN. If the workstation itself
notices that the message is to be routed outside the LAN, it can direct
the message directly to router A, which LAN-address it knows. Otherwise
the workstation sends an ARP-message to the LAN, querying for the
LAN-address corresponding to the receivers IP-address. Router A sees
that the packet is going outside the LAN and replies to the query with
it's own LAN-address. After this the workstation sends the message to A.
Inside a regional network routing is accomplished using some internal
routing protocol (RIP or OSPF). Between regional networks traffic goes
via backbone routers. Between autonomous systems (e.g. different
countries or companies) a sc. outer routing protocol is used, e.g. BGP
(Border Gateway Protocol), because the route isn't chosen based solely
on effectivity, but the choice is affected by several other things
(e.g. political, economical or security reasons). These limitations and
regulations are usually entered manually into routers. BGP is basically
a distance vector protocol, but in BGP routers send each other the
whole route they're using (they inform other about via which routers the
route they're using goes). Routing on Europe's side goes the same way
to the LAN's router B. Then B sends an ARP-message to the ethernet,
which holds the receivers IP-address and queries for the corresponding
LAN-address. When the receiver reports it's own address, the router
sends it the message.
Concept of VPN (Virtual Private Network is a bit vague, but it can be seen as a means of connecting different entities. IP-based VPNs work by tunneling traffic over an IP-network. Used methods are e.g. GRE, IP/IP and IPSEC in tunneling-mode. Depending on the implementation of the tunneling possibility of using several protocols or cryptographic methods to improve the connection's security might be included.
Connecting local area networks is possible via e.g. purchasing the
service from an operator (e.g. Sonera's Datanet, Finnet's LanLink) or
combining the networks using an IP-based VPN. IP-based VPNs have the
advantage of being cheap, secure and flexible. IP-based VPN can be
implemented using an existing Internet-connection and devices and software
needed. VPN is also possible to implement using free software, so that
software- and device costs remain smaller. Security in an IP-based VPN
is on a high level, if strong cryptographic methods are properly
utilised. When trafficking with encryption and authentication the need
to trust the operators network is removed. IP-based VPN doesn't set any
requirements of a unified technology (ie. ATM, Frame Relay) between points
in the operators network, and it also makes possible to use different
operators at different points. Also moving users (e.g. sales personnel)
can join the VPN regardless of where they exactly are.
i)Nothing special, beacuse the IP-address will be checked on the network layer, and frames really meant to another machine don't mess up our connections - our network adapter might experience some minor problems, nothing more. This has no effect on ARP-function, as long as all machines have their own, unique IP-addresses.
ii)Nothing. LAN-addresses (MAC-addresses, hardware addresses, physical addresses or whatever they are called) are subnet-specific, and they're not visible and don't disturb life outside the subnet.