610 likes | 848 Views
Lesson 1: Local Area Network (LAN) Technologies. LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11. LAN Encapsulations. Delimitation Protocol identification Addressing Bit-level integrity check. Ethernet. Ethernet II IEEE 802.3 IEEE 802.3 SNAP. Ethernet II. Preamble.
E N D
Lesson 1: Local Area Network (LAN) Technologies • LAN encapsulations • Ethernet • Token Ring • FDDI • IEEE 802.11
LAN Encapsulations • Delimitation • Protocol identification • Addressing • Bit-level integrity check
Ethernet • Ethernet II • IEEE 802.3 • IEEE 802.3 SNAP
Ethernet II Preamble Destination Address Source Address EtherType ... 46 - 1,500 bytes Payload Frame Check Sequence
The Maximum Extent Ethernet Network 2500 meters Repeater A B Slot time = 57.6ms
IEEE 802.3 Frame Format Preamble Start Delimiter Destination Address IEEE 802.3 Header Source Address Length DSAP IEEE 802.2 LLC Header SSAP Control Payload . . . IEEE 802.3 Trailer Frame Check Sequence
IEEE 802.3 SNAP Frame Format Preamble Start Delimiter Destination Address IEEE 802.3 Header Source Address Length DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x03 Organization Code = 0x00-00-00 SNAP Header EtherType = 0x08-00 IP Datagram 38-1,492 bytes . . . IEEE 802.3 Trailer Frame Check Sequence
Special Bits on Ethernet MAC Addresses Destination Address Source Address 0 - Individual 1 - Group 0 - Universal Admin 1 - Local Admin 0 - No Routing 1 - Routing Present 0 - Universal Admin 1 - Local Admin
IEEE 802.5 Frame Format Start Delimiter Access Control Frame Control IEEE 802.5 Header Destination Address Source Address DSAP IEEE 802.2 LLC Header SSAP Control Payload . . . Frame Check Sequence End Delimiter IEEE 802.5 Trailer Frame Status
IEEE 802.5 SNAP Frame Format Start Delimiter Access Control Frame Control IEEE 802.5 Header Destination Address Source Address DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x03 Organization Code = 0x00-00-00 SNAP Header EtherType = 0x08-00 IP Datagram . . . Frame Check Sequence End Delimiter IEEE 802.5 Trailer Frame Status
Special Bits on Token Ring MAC Addresses Destination Address 0 - Functional 1 - Nonfunctional 0 - Universal Admin 1 - Local Admin 0 - Individual 1 - Group Source Address 0 - Universal Admin 1 - Local Admin 0 - No Routing 1 - Routing Present
FDDI Frame Format Preamble Start Delimiter Frame Control FDDI Header Destination Address Source Address DSAP IEEE 802.2 LLC Header SSAP Control Payload . . . Frame Check Sequence End Delimiter FDDI Trailer Frame Status
FDDI SNAP Frame Format Preamble Start Delimiter Frame Control FDDI Header Destination Address Source Address DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x03 Organization Code = 0x00-00-00 SNAP Header EtherType = 0x08-00 IP Datagram . . . Up to 4,352 bytes Frame Check Sequence End Delimiter FDDI Trailer Frame Status
IEEE 802.11 Frame Format Frame Control Duration/ID Address 1 IEEE 802.11 Header Address 2 Address 3 Sequence Control Address 4 DSAP IEEE 802.2 LLC Header SSAP Control Payload . . . IEEE 802.11 Trailer Frame Check Sequence
The Frame Control Field Protocol Version Type Subtype To DS From DS More Fragments Retry Power Management More Data WEP Order
IEEE 802.11 SNAP Frame Format Frame Control Duration/ID Address 1 IEEE 802.11 Header Address 2 Address 3 Sequence Control DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x03 Organization Code = 0x00-00-00 EtherType SNAP Header = 0x08-00 IP Datagram . . . IEEE 802.11 Trailer Frame Check Sequence
Lesson 2: Wide Area Network (WAN) Technologies • WAN encapsulations • Point-to-Point Protocol • Frame relay
WAN Encapsulations • Delimitation • Protocol identification • Addressing • Bit-level integrity check
Point-to-Point Protocol (PPP) • Data Link Layer encapsulation method • Link Control Protocol (LCP) • Network Control Protocols (NCPs)
PPP Encapsulation Using HDLC Framing Flag Address Control Protocol IP Datagram Frame Check Sequence Flag = 0x7E = 0xFF = 0x03 = 0x00-21 . . . = 0x7E
Typical PPP Framing Flag Protocol IP Datagram Frame Check Sequence Flag = 0x7E = 0x21 . . . = 0x7E
Multilink Protocol Long Sequence Number Format Flag Protocol Beginning Fragment Bit Ending Fragment Bit Reserved Sequence Number Multilink Fragment Frame Check Sequence Flag = 0x7E = 0x3D . . . = 0x7E
Multilink Protocol Short Sequence Number Format Flag Protocol Beginning Fragment Bit Ending Fragment Bit Reserved Sequence Number Multilink Fragment Frame Check Sequence Flag = 0x7E = 0x3D . . . = 0x7E
Frame Relay Encapsulation for IP Datagrams Flag Address Control = 0x7E = 0x03 NLPID = 0xCC IP Datagram . . . Frame Check Sequence Flag = 0x7E
Frame Relay Two-Byte Address Field DLCI C/R EA DLCI FECN BECN DE EA = 0 First byte = 0 Second byte = 1
Lesson 3: Address Resolution Protocol (ARP) • Overview of ARP • ARP frame structure • ARP in Windows Server 2008 and Windows Vista • Inverse ARP • Proxy ARP
Overview of ARP • Resolves the next-hop IP address of a node to its corresponding media access control (MAC) address • For direct deliveries, ARP resolves the datagram’s destination IP address • For indirect deliveries, ARP resolves the IP address of a neighboring router • ARP message exchange • Broadcast ARP Request • Unicast ARP Reply
The ARP or Neighbor Cache • Table of resolved IP addresses and their corresponding MAC addresses • Checked before sending ARP Request message • Network black holes
ARP Frame Structure Hardware Type Protocol Type Hardware Address Length Protocol Address Length Operation Sender Hardware Address Sender Protocol Address Target Hardware Address Target Protocol Address = 0x0800 = 6 = 4
ARP in Windows Server 2008 and Windows Vista • Works in the same way as Neighbor Discovery in IP version 6 (IPv6) • Neighbor Discovery processes • Address resolution • Duplicate address detection • Neighbor unreachability detection
Address Resolution Node 1 IP Address: 10.0.0.99 MAC Address: 00-60-08-52-F9-D8 Node 2 IP Address: 10.0.0.1 MAC Address: 00-10-54-CA-E1-40 ARP Request SHA: 00-60-08-52-F9-D8 SPA: 10.0.0.99 THA: 00-00-00-00-00-00 TPA: 10.0.0.1 ARP Reply SHA: 00-10-54-CA-E1-40 SPA: 10.0.0.1 THA: 00-60-08-52-F9-D8 TPA: 10.0.0.99
Duplicate Address Detection • ARP Request for one’s own address • Reply received: Duplicate IP address • No reply received: Unique IP address for the network segment • Duplicate address ARP exchange • Broadcast ARP Request sent by offending node • Unicast ARP Reply sent by defending node
Neighbor Unreachability Detection • Reachable if IP packets sent to the neighboring node were received and processed by the neighboring node • Exchange of ARP Request and ARP Reply messages • Indications from Transmission Control Protocol (TCP) that sent data is being acknowledged
Neighbor Cache Entry States • INCOMPLETE • REACHABLE • STALE • DELAY • PROBE
Inverse ARP • Used for non-broadcast multiple access (NBMA) technologies (frame relay) • MAC-level address is known, but IP address of node at the other end of the connection is not • Inverse ARP message exchange • InARP Request • InARP Reply
Proxy ARP Node 1 Single Subnet Proxy ARP Device Node 2
A Windows Server 2008 Remote Access Server and Proxy ARP 10.1.1.0/24 10.1.1.50 Windows Server 2008 Remote Access Server 10.1.1.8 Remote Access Client Assigned address: 10.1.1.201 Configured range: 10.1.1.200-10.1.1.254
Lesson 4: Point-to-Point Protocol (PPP) • PPP overview • PPP connection process • Link Control Protocol (LCP) • PPP authentication protocols • Network Control Protocols (NCPs) • PPP over Ethernet (PPPoE)
PPP Overview • A Data Link Layer encapsulation method • LCP for negotiating the Data Link Layer characteristics • NCPs for negotiating Network Layer protocols over the point-to-point connection
PPP Connection Process 1. PPP configuration using LCP 2. Authentication 3. Callback 4. Protocol configuration using NCPs
LCP Frame Structure Flag Address Control Protocol Code Identifier Length Data Frame Check Sequence Flag = 0x7E = 0xFF = 0x03 = 0xC0-21 LCP Frame . . . = 0x7E
LCP Options Protocol Code Identifier Length Type Length Option Data = 0xC0-21 LCP Option . . .
LCP Negotiations • LCP messages • Configure-Request • Configure-Nak • Configure-Reject • Configure-Ack • For Peer A and Peer B • Peer A initiates an LCP negotiation for the data to be sent by Peer B • Peer B initiates a separate LCP negotiation for the data to be sent by Peer A
PPP Authentication Protocols • Password Authentication Protocol (PAP) • Challenge Handshake Authentication Protocol (CHAP) • Microsoft-CHAP version 2 (MS-CHAP v2) • Extensible Authentication Protocol (EAP)
PAP • Simple, plaintext authentication protocol • PAP authentication process: 1. Connection-initiating PPP peer (the calling peer) sends a PAP Authenticate-Request message to the authenticating PPP peer (the answering peer) 2. The answering peer validates the user name and password and sends either a PAP Authenticate-Ack or PAP Authenticate-Nak message
PAP Authentication Request Message Protocol Code Identifier Length Peer ID Length Peer ID Password Length Password = 0xC0-23 = 1 . . . . . .
PAP Authenticate-Ack and Authenticate-Nak Messages Protocol Code Identifier Length Message Length Message = 0xC0-23 = 2 or 3 . . .
CHAP • More secure authentication protocol • Provides proof of knowledge of password without sending the password • CHAP authentication process 1. The answering peer sends a CHAP Challenge message that contains a challenge string 2. The calling peer sends a CHAP Response message that contains a Message Digest-5 (MD5) hash of the CHAP session ID, the challenge string, and the user’s password 3. The answering peer verifies hash and sends a CHAP Success or CHAP Failure message
CHAP Challenge or Response Messages Protocol Code Identifier Length Value Size Value Name = 0xC2-23 . . . . . .
CHAP Success or Failure Messages Protocol Code Identifier Length Message = 0xC2-23 . . .