Beruflich Dokumente
Kultur Dokumente
TRACEROUTE:
The Internet of Things (IoT) is the network of physical objects or "things" embedded with electronics,
software, sensors and connectivity to enable it to achieve greater value and service by exchanging data
with the manufacturer, operator and/or other connected devices. Each thing is uniquely identifiable
through its embedded computing system but is able to interoperate within the
existing Internet infrastructure.
Traceroute sends out three packets per TTL increment. Each column corresponds to the time is took to get
one packet back (round-trip-time).
This tries to account for situations such as:
A traceroute packet is routed along a different link than other attempts
11 130.117.3.201 (130.117.3.201) 109.762 ms 130.117.49.197 (130.117.49.197) 118.191 ms 107.262
ms
A traceroute packet is dropped
9 154.54.26.142 (154.54.26.142) 104.153 ms * *
-ROUND TRIP TIME:
-UDP uses a simple transmission model with a minimum of protocol mechanism. [1] It has
nohandshaking dialogues
-aloha: Aloha, also called the Aloha method, refers toa simple communications
scheme in which each source (transmitter) in a network sends data wheneverthere
is a frame to send. If the framesuccessfully reaches the destination (receiver), the
next frame is sent. If theframe fails to be received at the destination, it is sent
again. This protocol wasoriginally developed at the University of Hawaii for use
with satellite communication systems in the Pacific.
-ip addresses can go from 00000000-11111111(Ipv4)
NIC or Ethernet card is a circuit board or card that is installed in a computer so that
it can be connected to a network. A network interface card provides the computer
with a dedicated, full-time connection to a network.
Reserved adresses are the folowing:
0.0.0.0 -- This represents the default network, which is the abstract concept of just being connected
to a TCP/IP network.
255.255.255.255 -- This address is reserved for network broadcasts, or messages that should go to
all computers on the network.
127.0.0.1 -- This is called the loopback address, meaning your computer's way of identifying itself,
whether or not it has an assigned IP address.(computer talking to itself)
169.254.0.1 to 169.254.255.254 -- This is the Automatic Private IP Addressing (APIPA) range of
addresses assigned automatically when a computer's unsuccessful getting an address from a DHCP
server.
more quickly without sending the dana to the larger network but sending it to the smaller network
instead.Therefore the dana reaches the user more faster.
-subnet mask: conatins 32 bits and exist independently it must be a part of the ip adress.For a subnet mask
to be valid it has to have 2 parts:
the left side with all mask bits set to '1' (the extended network portion)
the right side with all bits set to '0' (the host portion), such as the first example above.
To conclude subnet mask: a subnet mask represents a filter which is built in in a IP adrress.
ETHERNET
Definition: Ethernet is a physical and data link layer technology for local area networks (LANs).
Ethernet was invented by engineer Robert Metcalfe.
When first widely deployed in the 1980s, Ethernet supported a maximum theoretical data rate of
10 megabits per second (Mbps). Later, so-called "Fast Ethernet" standards increased this maximum data
rate to 100 Mbps. Gigabit Ethernet technology further extends peak performance up to 1000 Mbps, and
10 Gigabit Ethernet technology also exists.
Higher level network protocols like Internet Protocol (IP) use Ethernet as their transmission medium. Data
travels over Ethernet inside protocol units called frames.
The run length of individual >Ethernet cables is limited to roughly 100 meters, but Ethernet networks can
be easily extended to link entire schools or office buildings using network bridge devices.
VPN-technology
Corporation use this kind of technology wich allows them to connect to a public network(Internet)
securily Anyone who wants to intercept the data can't read it.The Forerunner of the vpn was isdn(leased
line).
-Through VPN you can access your private network over Internet.
-A VPN is created by establishing a virtual point-to-point connection through the use of dedicated
connections, virtual tunneling protocols, or traffic encryptions.
-VPNs allow employees to securely access their company's intranet while traveling outside the office.
-VPN technology is also used by Internet users to connect to proxy servers for the purpose of protecting
personal identity and location.
INTRANET
Represent private internal network designed for use only by companyi employees. Intranet enable
distance colleagues to work together through technologies such as desktop sharing. By adding a vpn a
bussiness can extend all its intranet resources to employees working from remote offices or their homes.
POP: point of presence. A place for local users to access the company's network. Often through a local
phone or dedicated line.
You can leave your Internet connection open and still use the phone line for voice calls.
DSL doesn't necessarily require new wiring; it can use the phone line you already have.
The company that offers DSL will usually provide the modem as part of the installation.
Disadvantages:
A DSL connection works better when you are closer to the provider's central office. The farther away
you get from the central office, the weaker the signal becomes.
The connection is faster for receiving data than it is for sending data over the Internet.
The Transceiver
Most residential customers call their DSL transceiver a "DSL modem." The engineers at the telephone
company or ISP call it an ATU-R. Regardless of what it's called, it's the point where data from the user's
computer or network is connected to the DSL line.
DSL modem
Photo courtesy Allied Telesyn
The transceiver can connect to a customer's equipment in several ways, though most residential installation
uses USB or 10 base-T Ethernet connections. While most of the ADSL transceivers sold by ISPs and
telephone companies are simply transceivers, the devices used by businesses may combine
network routers, network switchesor other networking equipment in the same platform.
The DSLAM
The DSLAM at the access provider is the equipment that really allows DSL to happen. A DSLAM takes
connections from many customers and aggregates them onto a single, high-capacity connection to the
Internet. DSLAMs are generally flexible and able to support multiple types of DSL in a single central office,
and different varieties of protocol and modulation -- both CAP and DMT, for example -- in the same type of
DSL. In addition, the DSLAM may provide additional functions including routing or dynamic IP
address assignment for the customers.
FIREWALL VS ANTIVIRUS
.
Firewall :
Also known as a 'packet filter'. Basically, software which monitors network
traffic and connection attempts into and out of a network or computer and determines
whether or not to allow it to pass. Depending on the sophistication, this can be limited to
simple IP/port combinations or do full content-aware scans.
A firewall can be thought of as a screen or sieve that categorically strains out potentially
harmful data.
Antivirus:
A software which will find programs/files/software/etc that might compromise your
computer, either by being executable or by exploiting a vulnerability in the program
normally supposed to process them -- Rootkits, trojans, or other types of malware.
It detects these kinds of harmful programs that are already installed on your computer or
about to be installed.
It can perform various protective measures (based on the security settings in the Antivirus software) such as quarantine, permanent removal, fix, etc.,
It will also look for potentially harmful files that are downloaded from the internet or
attached to an email and notifies/removes it to protect your computer.
NOTE: Antivirus software has to be updated frequently; each new strain of virus will
likely have different signatures.
Firewalls use one or more of three methods to control traffic flowing in and out of the network:
Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that
make it through the filters are sent to the requesting system and all others are discarded.
Proxy service - Information from the Internet is retrieved by the firewall and then sent to the
Stateful inspection - A newer method that doesn't examine the contents of each packet but instead
compares certain key parts of the packet to a database of trusted information. Information traveling from
inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is
compared to these characteristics. If the comparison yields a reasonable match, the information is allowed
through. Otherwise it is discarded.
PROXY SERVER
A proxy server receives a request for an Internet service (such as a Web page
request) from a user. If it passes filtering requirements, the proxy server, assuming
it is also a cache server , looks in its local cache of previously downloaded Web
pages. If it finds the page, it returns it to the user without needing to forward the
request to the Internet. If the page is not in the cache, the proxy server, acting as
a client on behalf of the user, uses one of its own IP addresses to request the page
from the server out on the Internet. When the page is returned, the proxy server
relates it to the original request and forwards it on to the user.
To the user, the proxy server is invisible; all Internet requests and returned
responses appear to be directly with the addressed Internet server. (The proxy is
not quite invisible; its IP address has to be specified as a configuration option to
the browser or other protocol program.)
An advantage of a proxy server is that its cache can serve all users. If one or more
Internet sites are frequently requested, these are likely to be in the proxy's cache,
which will improve user response time. In fact, there are special servers called
cache servers. A proxy can also do logging.
3. P2P
4. Coockies
6. Bridge,switch,hub,router
7. Subnet mask
8. Cache, hard disk brzine
9.
10. Best effort serviceBest-effort delivery describes a network service in which the network does
not provide any guarantees that data is delivered or that a user is given a guaranteed quality of
service level or a certain priority. In a best-effort network all users obtain best-effort service,
meaning that they obtain unspecified variable bit rate and delivery time, depending on the current
traffic load.
11.
12. Socket
13. Rtt-round trip time
14. Proxy
15. RTP,RTSP
16. ASNAbstract Syntax Notation One (ASN.1) is a standard and notation that describes rules and
structures for representing, encoding, transmitting,
17. ICMP
18. and decoding data in telecommunications and computer networking. The formal rules enable
representation of objects that are independent of machine-specific encoding techniques. Formal
notation makes it possible to automate the task of validating whether a specific instance of data
representation abides by the specifications. In other words, software tools can be used for the
validation.[1]
UDP PROTOCOL
- UDP provides checksums for data integrity, and port numbers for addressing different functions at the
source and destination of the datagram.
--UDP uses a simple transmission model with a minimum of protocol mechanism. [1] It has
nohandshaking dialogues
-Time-sensitive applications often use UDP because dropping packets is preferable to waiting for delayed
packets, which may not be an option in a real-time system
-The UDP header consists of 4 fields, each of which is 2 bytes (16 bits). [2] The use of the fields "Checksum"
and "Source port" is optional in IPv4 (pink background in table). In IPv6 only the source port is optional (see
below).
Numerous key Internet applications use UDP, including: the Domain Name System (DNS), where queries
must be fast and only consist of a single request followed by a single reply packet, the Simple Network
Management Protocol (SNMP), the Routing Information Protocol (RIP)[2]and the Dynamic Host Configuration
Protocol (DHCP).
TCP PROTOCOL
Proccess of sending information:
While IP handles actual delivery of the data, TCP keeps track of the individual units of data transmission,
called segments, that a message is divided into for efficient routing through the network. For example, when
an HTML file is sent from a web server, the TCP software layer of that server divides the sequence of octets
of the file into segments and forwards them individually to the IP software layer (Internet Layer). The Internet
Layer encapsulates each TCP segment into an IP packet by adding a header that includes (among other
data) the destination IP address. When the client program on the destination computer receives them, the
TCP layer (Transport Layer) reassembles the individual segments and ensures they are correctly ordered
and error free as it streams them to an application.
CONCLUSION:
OSI 7 LAYERYS START FROM APPLICATION AND THEN ON THE CLIENT SIDE GOES
FROM PHYISAL LAYER. In this situation from transport layer(segments) to network layer
(packets) and then the client side which icludes network layer to transport layer.
Due to network congestion, traffic load balancing, or other unpredictable network behavior, IP packets can
be lost, duplicated, or delivered out of order. TCP detects these problems, requests retransmission of lost
data, rearranges out-of-order data, and even helps minimize network congestion to reduce the occurrence of
the other problems. Once the TCP receiver has reassembled the sequence of octets originally transmitted, it
passes them to the receiving application. Thus, TCP abstracts the application's communication from the
underlying networking details.
-TCP protocol operations may be divided into three phases. Connections must be properly established in a
multi-step handshake process (connection establishment) before entering the data transfer phase. After
data transmission is completed, the connection termination closes established virtual circuits and releases all
allocated resources.
Flags in tcp:
SYN (1 bit) Synchronize sequence numbers. Only the first packet sent from each end should have
this flag set. Some other flags and fields change meaning based on this flag, and some are only valid for
when it is set, and others when it is clear (making the connection possible packet)
-TCP has a 3 way handshake 1.handshake whent it asks to establish a
connection between the source and the destination. Then the destination
forwards a SYN(ACK) back to the source and a the end the 3rd. Handshake is
the confirmation of the SYN (ACK).
FIN (1 bit) No more data from sender (sending flag when connection is done)
ACK (1 bit) indicates that the Acknowledgment field is significant. All packets after the
initial SYN packet sent by the client should have this flag set.
PSH (1 bit) Push function. Asks to push the buffered data to the receiving application.
-Tcp uses data loss for indincation that the traffic congestion is high.
A TCP connection is managed by an operating system through a programming interface that represents the
local end-point for communications, the Internet socket. During the lifetime of a TCP connection the local
end-point undergoes a series of state changes:[12]
TCP STATES
LISTEN
(server) represents waiting for a connection request from any remote TCP and port.
SYN-SENT
(client) represents waiting for a matching connection request after having sent a connection request.
SYN-RECEIVED
(server) represents waiting for a confirming connection request acknowledgment after having both
received and sent a connection request.
ESTABLISHED
(both server and client) represents an open connection, data received can be delivered to the user.
The normal state for the data transfer phase of the connection.
FIN-WAIT-1
(both server and client) represents waiting for a connection termination request from the remote TCP,
or an acknowledgment of the connection termination request previously sent.
FIN-WAIT-2
(both server and client) represents waiting for a connection termination request from the remote TCP.
CLOSE-WAIT
(both server and client) represents waiting for a connection termination request from the local user.
CLOSING
(both server and client) represents waiting for a connection termination request acknowledgment
from the remote TCP.
LAST-ACK
(both server and client) represents waiting for an acknowledgment of the connection termination
request previously sent to the remote TCP (which includes an acknowledgment of its connection
termination request).
TIME-WAIT
(either server or client) represents waiting for enough time to pass to be sure the remote TCP
received the acknowledgment of its connection termination request. [According to RFC 793 a
connection can stay in TIME-WAIT for a maximum of four minutes known as a MSL (maximum
segment lifetime).]
CLOSED
(both server and client) represents no connection state at all.
SNMP protocol
Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for managing devices
on IP networks". Devices that typically support SNMP include routers, switches, servers, workstations,
printers, modem racks and more.
In typical SNMP uses, one or more administrative computers, called managers, have the task of monitoring
or managing a group of hosts or devices on a computer network. Each managed system executes, at all
times, a software component called an agent which reports information via SNMP to the manager.
SNMP agents expose management data on the managed systems as variables. The protocol also permits
active management tasks, such as modifying and applying a new configuration through remote modification
of these variables. The variables accessible via SNMP are organized in hierarchies. These hierarchies, and
other metadata (such as type and description of the variable), are described by Management Information
Bases (MIBs).
An SNMP-managed network consists of three key components:
Managed device
A managed device is a network node that implements an SNMP interface that allows unidirectional (readonly) or bidirectional (read and write) access to node-specific information. Managed devices exchange nodespecific information with the NMSs. Sometimes called network elements, the managed devices can be any
type of device, including, but not limited to, routers, access servers, switches, bridges, hubs, IP
telephones, IP video cameras, computer hosts, andprinters.
An agent is a network-management software module that resides on a managed device. An agent
has local knowledge of management information and translates that information to or from an
SNMP-specific form.
A network management station (NMS) executes applications that monitor and control managed
devices. NMSs provide the bulk of the processing and memory resources required for network
management. One or more NMSs may exist on any managed network.
SMTP
Short for Simple Network Management Protocol, a set of protocolsfor managing complex networks.
The first versions of SNMP were developed in the early 80s. SNMP works by sending messages,
called protocol data units (PDUs), to different parts of a network. SNMP-compliant devices,
called agents, store data about themselves in Management Information Bases (MIBs)and return this
data to the SNMP requesters
SMTP is a connection-oriented, text-based protocol in which a mail sender communicates with a mail
receiver by issuing command strings and supplying necessary data over a reliable ordered data stream
channel, typically a Transmission Control Protocol (TCP) connection
While electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages,
user-level client mail applications typically use SMTP only for sending messages to a mail server
for relaying. For receiving messages, client applications usually use eitherPOP3 or IMAP.
Mrezni sloj
Forwarding - premjetanje
paketa sa ulaza na odgovarajuci izlaz rutera
IP CLASSESS
Class A
Class A addresses are assigned to networks with a very large number of hosts. The high-order
bit in a class A address is always set to zero. The next seven bits (completing the first octet)
complete the network ID. The remaining 24 bits (the last three octets) represent the host ID.
This allows for 126 networks and 16,777,214 hosts per network. Figure 1.4 illustrates the
structure of class A addresses.
Class B
Class B addresses are assigned to medium-sized to large-sized networks. The two high-order
bits in a class B address are always set to binary 1 0. The next 14 bits (completing the first two
octets) complete the network ID. The remaining 16 bits (last two octets) represent the host ID.
This allows for 16,384 networks and 65,534 hosts per network. Figure 1.5 illustrates the
structure of class B addresses.
Class C
Class C addresses are used for small networks. The three high-order bits in a class C address
are always set to binary 1 1 0. The next 21 bits (completing the first three octets) complete the
network ID. The remaining 8 bits (last octet) represent the host ID. This allows for 2,097,152
networks and 254 hosts per network. Figure 1.6 illustrates the structure of class C addresses.
Class D
Class D addresses are reserved for IP multicast addresses. The four high-order bits in a class D
address are always set to binary 1 1 1 0. The remaining bits are for the address that interested
hosts recognize. Microsoft supports class D addresses for applications to multicast data to
multicast-capable hosts on an internetwork.
Top Of Page
Class E
Class E is an experimental address that is reserved for future use. The high-order bits in a class
E address are set to 1111.
H323
H.323. je ITU-ov standard pisan za ISDN mree, pa kasnije proiren na IP mree. Puni naziv H.323
preporuke je ITU-T Recommendation H.323: Packet based multimedia communication systems.
Preporuka opisuje
globalnu arhitekturu, elemente, protokole i procedure za viemedijske konferencijske sustave preko
paketnih mrea i
njihovu integraciju s mreama s komutacijom kanala. Podrka za govornu komunikaciju je
obavezna, dok je ona za
podatkovnu i video komunikaciju mogua, ali nije obavezna.
SIP,RTP,RTCP
Protokol za pokretanje sesije (SIP - Session Initiation Protocol) je signalizacijski protokol koji se
koristi za
uspostavu, modifikaciju i raskidanje viemedijskih sesija u mreama koje se baziraju na Internet
protokolu. SIP
poziv koristi se za kreiranje sesije i definiranje parametara sesije. Protokol je koncipiran neovisno o
transportnom
mediju tako da se moe implementirati na bilo kojoj vrsti mree. Podrana je mobilnost korisnika
pomou posrednih
i preusmjerenih posluitelja koji preusmjeravaju poziv na trenutnu lokaciju korisnika. Korisnici se
mogu
jednostavno registrirati na svoje nove lokacije, koje se zatim biljee na SIP posluiteljima. SIP
protokol je
jednostavan protokol koji se temelji na HTTP (Hypertext Transport Protocol) transakcijskom
modelu zahtjeva i
odgovora (tablica 1).
network congestion
Perhaps the best known example of ICMP in practice is the ping utility, that uses ICMP to probe remote
hosts for responsiveness and overall round-trip time of the probe messages. ICMP also
supportstraceroute, that can identify intermediate "hops" between a given source and destination.
RIP PROTOCOL
OSPF
OSPF (Open Shortest Path First) is a router protocol used within larger autonomous
systemnetworks in preference to the Routing Information Protocol (RIP), an older
routing protocol that is installed in many of today's corporate networks. Like RIP,
OSPF is designated by the Internet Engineering Task Force (IETF) as one of several
Interior Gateway Protocols (IGPs).
Using OSPF, a host that obtains a change to a routing table or detects a change in
the network immediately multicasts the information to all other hosts in the
network so that all will have the same routing table information. Unlike the RIP in
which the entire routing table is sent, the host using OSPF sends only the part that
has changed. With RIP, the routing table is sent to a neighbor host every 30
seconds. OSPF multicasts the updated information only when a change has taken
place.
Rather than simply counting the number of hops, OSPF bases its path descriptions
on "link states" that take into account additional network information. OSPF also
lets the user assign cost metrics to a given host router so that some paths are
given preference. OSPF supports a variable network subnet mask so that a
network can be subdivided.
WIRELESS CHANNEL
All of the versions of WiFi up to and including 802.11n (a, b, g, n) operate between the frequencies
of 2400 and 2500MHz. These paltry 100MHz are separated into 14 channels of 20MHz each. As
you have probably worked out, 14 lots of 20MHz is a lot more than 100MHz and as a result,
every 2.4GHz channel overlaps with at least two (but usually four) other channels (see diagram
above). As you can probably imagine, using overlapping channels is bad in fact, its the primary
reason for awful throughput on your wireless network.
5GHz WIRELESS
Prepare for lots and lots of antennas
The great thing about 5GHz (802.11n and 802.11ac), because theres much more free space at the
higher frequencies, is that offers 23 non-overlapping 20MHz channels!
Its also worth pointing out that, starting with 802.11n, wireless technology in general is alot more
advanced than the olden days of 802.11 b and g. If you own a modern 802.11n router (i.e. if you
bought a router in the last couple of years), it likely has some fancy hardware inside that chooses
the right channel and modifies the output power to maximize throughput and minimize interference.
If youre using the 5GHz band, and your walls arent paper-thin, then attenuation and the general
lack of 5GHz devices should mean that theres very little interference in your apartment, possibly
even allowing you to use the fatter 40, 80, and 160MHz channels if you feel like it.
y. The SYN flag is used because intervening devices like firewalls will often permit SYN but block
other TCP packets that aren't part of an established connection.
The same information is provided as with regular traceroute, but may be more likely to be
permitted in than regular traceroute. Take a web site like amazon.com. UDP-based traceroute
stops at 205.251.248.5, which is probably a firewall of some sort. TCP-based traceroute to
port 80 - which we know "amazon.com" permits - gets one step further to 72.21.194.212.
back. The former is why tcptraceroute has become more popular; any site that allows
connectivity on at least one TCP port - like a web site - is permitting packets in. Blocking ICMP
responses has the side effect of breaking necessary IP networking fundamentals, which varies
from mildly impolite to wildly counterproductive.