ENHANCED SYSTEM OF TEST PACKET GENERATION WITH PACKET FILTERING
|
|
- Roy Anthony
- 5 years ago
- Views:
Transcription
1 ENHANCED SYSTEM OF TEST PACKET GENERATION WITH PACKET FILTERING KARANAM UNMEELYA UG Scholar, Sreenivasa Institute of Technology of Management Studies,Chittoor, Andhra Pradesh, India ABSTRACT--This paper is an attempt to enhance the Automatic Test Packet Generation system. Packet Filtering plays the exacting roles in networking. In networking the network devices which combine with IPsec gateway, firewalls Diffserv and QoS routers to perform packet filtering. In this paper we gives the new packet filtering inflation mode that uses flexible demographic exploration trees to promote extensive traffic component and diminish the moderate packet comparable extent. Test Packet Generation with Packet Filtering which discusses the network devices which observe with packet to active the web link through test packets. In packet filtering the data traffic may occur when data transfer though routers. In the packet class the router could not specify to develop the packet rejection, which is vital for many filtering devices. Keywords: Packet, Filtering, Network, IP I INTRODUCTION: It is notably hard to debug networks. Every day, network engineers wrestle with router misconfigurations, fiber cuts, faulty interfaces, mislabeled cables, software bugs, intermittent links, and a myriad other reasons that cause networks to misbehave or fail completely. Network engineers hunt down bugs using the most rudimentary tools (e.g., SNMP, and) and track down root causes using a combination of accrued wisdom and intuition. Debugging networks is only becoming harder as networks are getting bigger [1]. The communication concluded which data are carried generally carry data in units referred to as packets which are intended for many different sources. Addressing and packet typing are included in most standardized and proprietary packet basednetworking protocols which make use of destination address fields at the beginning within each data packet for the purpose of distinguishing proper recipients of the data of the packets. As a packet is received at central and final components in a system, active determination of the proper recipient for the data must be made in order to efficiently accept, forward, or discard the data packet. Such determinations are made based upon the above discussed address, packet type and other fields within the relevant packets. These determinations can be made by network controller hardware alone, by a combination of hardware and software, or by software alone. In broadcast type networks, every node is responsible for examining every packet and accepting those of interest, while rejecting all others. This is called packet filtering. Accuracy, speed and economy of the filtering mechanism are all of importance. 140
2 Fig 1: Automatic Test Packet Generation Block Diagram When the above contend determinations are made through a combination of hardware and software, the hardware is said to have accomplished a partial filtering of the incoming packet stream. It should be noted that one type of packet filtering is accomplished on the basis of packet error characteristics such as collision fragments known as runts", frame check sequence errors, and the like. The type of filtering relevant to the present discussion is based upon packet filtering in which filtering criteria can be expressed as simple Boolean functions of data fields within the packet as opposed to filtering based upon detection of errors or improperly formed packets. Fig 2: Generate packets to test drop rules In the simplest case, each node of a computer network must capture those packets whose destination address field matches the node s unique address. However there frequently occur situations in which additional packets are also of interest. One example occurs when the node belongs to a predefined set of nodes all of which simultaneously receive certain specific group cast packets which are addressed to that group. Group cast packets are usually identified by some variation of the address field of the packet. Group cast address types generally fall into one of two forms. Broadcast addresses are intended for all nodes and multicast addresses are targeted for specific applications to which subsets of nodes are registered. Another case of such field based packet filtering occurs when certain network management nodes are adapted to focus on specific protocols, inter-node transactions, or the like, to the exclusion of all other traffic. II NETWORK MODEL: The network model is an index realize as a extensible path of describing object and their association. In the packet filtering first the packet is generated then filters using ATGP - Automatic Test Packet Generation. The packets can be released using 141
3 inbound filters on a given interface, this simplifies the filtering specifications. modified. The rule abstraction models all real-world rules we know including IP forwarding (modifies port, checksum, and TTL, but not IP address); VLAN tagging (adds VLAN IDs to the header); and ACLs (block a header, or map to a queue). Essentially, a rule defines how a region of header space at the ingress (the set of packets matching the rule) is transformed into regions of header space at the egress [2]. d) Rule History: At any point, each packet has a rule history: an ordered list of rules [r 0, r 1,] the packet matched so far as it traversed the network. Rule histories are fundamental to ATPG, as they provide the basic raw material from which ATPG constructs tests [1]. III LIFE OF A TEST PACKET a) Packets: Fig 3: Network Packet Generation A network packet is a formatted unit of data carried by a packet-switched network. Computer communications links that do not support packets, such as traditional point-to-point telecommunications links, simply transmit data as a bit stream. When data is formatted into packets, the bandwidth of the communication medium can be better shared among users than if the network were circuit switched. b) Switches: A network switch is a computer networking device that connects devices together on a computer network, by using packet switching to receive, process and forward data to the destination device. Unlike less advanced network hubs, a network switch forwards data only to one or multiple devices that need to receive it, rather than broadcasting the same data out of each of its ports [3]. The life of a test packet can be viewed as applying the switch and topology transfer functions repeatedly shown in below figure. When a packet pk arrives at a network port, the switch function that contains the input port pk.p is applied to pk, producing a list of new packets [pk1,pk2,...]. If the packet reaches its destination, it is recorded. Otherwise, the topology function is used to invoke the switch function containing the new port. The process repeats until packets reach their destinations (or are dropped) [1]. The General alternatives to pocket filtering for network security may contain securing each node with network access using the functional gateway. Accessing the network on simple method to filter the packet for addressing to secure each node that has network access commonly impractical. In some other sites have to relocate the packet filtering for resources to secure and then watch the each node that need network access c) Rules: A rule generates a list of one or more output packets, corresponding to the output port(s) to which the packet is sent, and defines how packet fields are 142
4 Packet Techniques: Packet technique is a technique that allows network administrators or hackers to probe firewall rule-sets and find entry points into a targeted system or network. This is done by manually generating packets to test network devices and behavior, instead of using existing network traffic [4]. Testing may target the firewall, IDS, TCP/IP stack, router or any other component of the network. Packets are usually created by using a packet generator or packet analyzer which allows for specific options and flags to be set on the created packets. The act of packet crafting can be broken into four stages: Packet Assembly, Packet Editing, Packet Play and Packet Decoding. Tools exist for each of the stages - some tools are focused only on one stage while others such as to encompass all stages. Fig 4: Testing in Emulated Network. Packet Decoding is the capture and analysis of the network traffic generated during Packet Play. In order to determine the targeted network's response to the scenario created by Packet Play, the response must be captured by a packet analyzer and decoded according to the appropriate specifications. Depending on the packets sent, a desired response may be no packets were returned or that a connection was successfully established, among others. Fig 5: Static versus dynamic checking IV A PACKET FILTERING EXAMPLE Life of a Packet For example, we examine this outline. The network administrator of a company with class B network IP such as which to not access from the internet to his network in a general with subnet /16. The administrator has special subnet in his network /24 this is used in a collaborative project with a local university which has class B network ; he wishes to permit access to special subnet /24 from all subnets of the university /16. Finally he wishes to deny access except to the subnet that is open to the whole university from the specific subnet /24 at the university because the subnet is known to be insecure and a haven for crackers. Rule C is the default rule which specifies what happens if none of the other rules apply. 143
5 Rule Source Address Destination Address Action A / /24 Permit B / /16 Deny C / /0 Deny V IMPLEMENTATION We have simulated our system in JAVA. We implemented and tested with a system configuration on Intel Dual Core processor, Windows XP and using Eclipse IDE. We have used four modules in our implementation part. The details of each module for this system are as follows Consider the sample packets their desired treatment under the policy outlined above and their treatment depending on whether the rules above are applied in order "ABC" or "BAC" P a c k et Source Address Destination Address Desi red Acti on ABC Acti on BAC Acti on Fig 6: ATPG Tool Deny Deny (B) Permit Per mit (A) Permit Per mit (A) Deny Deny (C) Deny (B) Deny (B) Per mit (A) Deny (C) A router that applies the rules in the order ABC will achieve the desired results, packets from the hackers haven subnet at the university to the company network in general such as packet 1 above will be denied (by rule B), packets from the university hacker haven subnet at the university to the company s collaboration subnet (such as packet 2 above) will be permitted (by rule A), packets from the university general network to the company open subnet (such as packet 3) above will be permitted (by rule A). Fig 7: Router Module 144
6 REFERENCES: 1. Hongyi Zeng, Peym.an Kazemian, George Varghese,and Nick McKeown"Automatic Test Packet Generation" in IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 22, NO. 2, APRIL P. Kazemian, G. Varghese, and N. McKeown, Header space analysis: Static checking for networks, in Proc. NSDI, 2012, pp Fig 8: Tool locating with the details of failure node 3. "Hubs Versus Switches Understand the Tradeoffs", ccontrols.com Retrieved Zereneh, William. "Packet Crafting", Retrieved R. R. Kompella, J. Yates, A. Greenberg, and A. C. Snoeren, IP fault localization via risk modeling, in Proc. NSDI, Berkeley, CA, USA, 2005, vol. 2, pp M. Kuzniar, P. Peresini, M. Canini, D. Venzano, and D. Kostic, A SOFT way for OpenFlow switch interoperability testing, in Proc. ACM CoNEXT, 2012, pp K. Lai and M. Baker, Nettimer: A tool for measuring bottleneck link, bandwidth, in Proc. USITS, Berkeley, CA, USA, 2001, vol. 3, pp B. Lantz, B. Heller, and N. McKeown, A network in a laptop: Rapid prototyping for software-defined networks, in Proc. Hotnets, 2010, pp. 19:1 19:6. 9. F. Le, S. Lee, T. Wong, H. S. Kim, and D. Newcomb, Detecting network-wide and router-specific misconfigurations through data mining, IEEE/ACM Trans. Netw., vol. 17, no. 1, pp , Feb Fig 9: Performance Analysis of Packet Filtering CONCLUSION: Packet filtering is presently applicable and important in network security tool, but some user development could have a considerable impact. There are several demanding defect that seem to be accepted to various users, such as the inbuilt to examine expert TCP port in filters, which need to be addressed. In some other process to filter designation tool could highly terminal that activity of network administrators trying to use packet filtering capabilities. The identical number of field values in test packet rules in a intelligent premises to apply in demographic packet filtering. 10. H. V. Madhyastha, T. Isdal, M. Piatek, C.Dixon,T.Anderson, A. Krishnamurthy,and A. Venkataramani, iplane: An information plane for distributed services, in Proc. OSDI, Berkeley, CA, USA, 2006, pp N. Duffield, Network tomography of binary network performance characteristics, IEEE Trans. Inf. Theory, vol. 52, no. 12, pp , Dec N. Duffield, F. L. Presti, V. Paxson, andd.towsley, Inferringlink loss using striped unicast probes, in Proc. IEEE INFOCOM, 2001, vol. 2, pp B. Lantz, B. Heller, and N. McKeown, A network in a laptop: Rapid prototyping for software-defined networks, in Proc. Hotnets, 2010, pp. 19:1 19: 145
REVIEW PAPER ON AUTOMATIC TEST PACKET GENERATION AND FAULT LOCALIZATION
Journal homepage: www.mjret.in ISSN:2348-6953 REVIEW PAPER ON AUTOMATIC TEST PACKET GENERATION AND FAULT LOCALIZATION Mr. Shrikant B. Chavan 1, Soumitra Das 2, Dr. D. Y. Patil School of Engineering, (Affiliated
More informationISSN (Online) ISSN (Print)
Minimising Attacks Using ATPG On Networks G.Ankitha 1, N.Praveena 2 1 student, M. Tech, V.R. Siddartha Engineering College, Kanuru Vijayawada 2 assistant Professor, I T Department, V.R. Siddartha Engineering
More informationNetwork Monitoring using Test Packet Generation
Network Monitoring using Test Packet Generation Madhuram Kabra Modern Education Society s College of Engineering Pune, India Mohammed Sukhsarwala Modern Education Society s College of Engineering Pune,
More informationAutomatic Troubleshooting of Network using Test Packet Generation
Automatic Troubleshooting of Network using Test Packet Generation Udaysingh Mohan Bhosale 1, Prof Amrit Priyadarshi 2 1 Department of Information Technology, DGOI,FOE, Daund, Savitribai Phule Pune University,
More informationA Prototype ATPG System to Reduce the Attacks in th Networks
A Prototype ATPG System to Reduce the Attacks in th Networks 1 M.ANUSHA 1 M.Tech Student, Department of CSE, S.R. Enginnering college, Hasanparthi Village, Warangal District, Telangana, India. anusha.dsp@gmail.com
More informationRIHT: A NOVEL HYBRID IP TRACEBACK SCHEME
Shanlax International Journal of Arts, Science and Humanities Vol. 5 No. 2 October 2017 ISSN: 2321-788X UGC Approval No: 43960 Impact Factor: 2.114 RIHT: A NOVEL HYBRID IP TRACEBACK SCHEME Article Particulars
More informationMechanical Investigation of Packet Production
RESEARCH ARTICLE Mechanical Investigation of Packet Production 1 Ms. Ramya P., 2 Saravanan A. M., *1M.phil Research Scholar, Department of computer Science Muthurangam Government Arts College (Autonomous),
More informationEnhancing liveness testing for transferring data packets through using automatic test packet generation
Enhancing liveness testing for transferring data packets through using automatic test packet generation 1 A.Arun, 2 M.Mayuranathan 1 PG Scholar, 2 Assistan Professor 1, 2 Department of Computer Science
More informationA DEVOTED APPROACH TO TEST THE LIVENESS OF NETWORK Dr.M. Ramesh Kumar 1, Dr. S.R.Boselin Prabhu 2, P.Ponni 3, D.Arthi 4, P.
A DEVOTED APPROACH TO TEST THE LIVENESS OF NETWORK Dr.M. Ramesh Kumar 1, Dr. S.R.Boselin Prabhu 2, P.Ponni 3, D.Arthi 4, P.Preethi 5 1 Associate Professor, Department of Computer Science and Engineering,
More informationAutomatic Test Packet Generation
Automatic Test Packet Generation James Hongyi Zeng with Peyman Kazemian, George Varghese, Nick McKeown Stanford University, UCSD, Microsoft Research http://eastzone.github.com/atpg/ CoNEXT 2012, Nice,
More informationAutomatic Test Packet Generation
Automatic Test Packet Generation Hongyi Zeng, Peyman Kazemian, Nick McKeown University, Stanford, CA, USA George Varghese UCSD, La Jolla Microsoft Research, Mountain View, CA, USA https://github.com/eastzone/atpg/wiki
More informationQuality Analysis in Data Transfer without Packet Dump
Quality Analysis in Data Transfer without Packet Dump D.R. ManoRanjani 1 M.S. NishaPriya 2 BheemaMehraj 3 1 Dept. of C.S.E., Bharath University, Chennai, Tamil Nadu, INDIA. 2 Dept. of C.S.E., Bharath University,
More informationAUTOMATIC PACKET GENERATION FOR DYNAMIC TESTING
AUTOMATIC PACKET GENERATION FOR DYNAMIC TESTING Selvi M #1, Sivaranjini B #2, Mr. Sharmasth Vali Y *3 # UG Scholar, Computer Science and Engineering, Dhanalakshmi College of Engineering *Assistant Pr+ofessor,
More informationCisco Cisco Certified Network Associate (CCNA)
Cisco 200-125 Cisco Certified Network Associate (CCNA) http://killexams.com/pass4sure/exam-detail/200-125 Question: 769 Refer to exhibit: Which destination addresses will be used by Host A to send data
More informationFormal Network Testing
Formal Network Testing Hongyi Zeng, Peyman Kazemian, George Varghese, Nick McKeown {kazemian,hyzeng,nickm}@stanford.edu, Stanford University, Stanford, CA USA varghese@cs.ucsd.edu, UCSD, San Diego and
More informationTechnical Notes. QoS Features on the Business Ethernet Switch 50 (BES50)
Technical Notes QoS Features on the Business Ethernet Switch 50 (BES50) Version: NN70000-004 issue 1.00 Date: February 3 rd, 2009 Status: Released Copyright 2009 Nortel Networks. All rights reserved. The
More informationOSI Network Layer. Chapter 5
OSI Network Layer Network Fundamentals Chapter 5 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most common Network
More informationAutomatic Test Packet Generation
554 IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 22, NO. 2, APRIL 2014 Automatic Test Packet Generation Hongyi Zeng, Member, IEEE, Peyman Kazemian, Member,IEEE, George Varghese, Member, IEEE, Fellow, ACM,
More informationMODULE: NETWORKS MODULE CODE: CAN1102C. Duration: 2 Hours 15 Mins. Instructions to Candidates:
BSc.(Hons) Computer Science with Network Security BEng (Hons) Telecommunications Cohort: BCNS/17B/FT Examinations for 2017-2018 / Semester 2 Resit Examinations for BCNS/15A/FT, BTEL/15B/FT & BTEL/16B/FT
More informationConfiguring Cache Services Using the Web Cache Communication Protocol
Configuring Cache Services Using the Web Cache Communication Protocol Finding Feature Information, page 1 Prerequisites for WCCP, page 1 Restrictions for WCCP, page 2 Information About WCCP, page 3 How
More informationA Modern Dynamic Packet Generation Technique for Network Architecture
A Modern Dynamic Packet Generation Technique for Network Architecture 1 Jarugulla Aswani, 2 M.V.B Chandra Sekhar, 3 B.Ramesh 1 M.Tech Scholar, 2 Associate Professor, 3 Assistant Professor 1,2,3 Department
More informationIP Multicast Routing Technology Overview
Finding Feature Information, on page 1 Information About IP Multicast Technology, on page 1 Finding Feature Information Your software release may not support all the features documented in this module.
More informationThis tutorial will help you in understanding IPv4 and its associated terminologies along with appropriate references and examples.
About the Tutorial Internet Protocol version 4 (IPv4) is the fourth version in the development of the Internet Protocol (IP) and the first version of the protocol to be widely deployed. IPv4 is described
More informationET4254 Communications and Networking 1
Topic 9 Internet Protocols Aims:- basic protocol functions internetworking principles connectionless internetworking IP IPv6 IPSec 1 Protocol Functions have a small set of functions that form basis of
More informationChapter 5 OSI Network Layer
Chapter 5 OSI Network Layer The protocols of the OSI model Network layer specify addressing and processes that enable Transport layer data to be packaged and transported. The Network layer encapsulation
More informationInformation about Network Security with ACLs
This chapter describes how to configure network security on the switch by using access control lists (ACLs), which in commands and tables are also referred to as access lists. Finding Feature Information,
More informationCCNA Discovery 3 Chapter 8 Reading Organizer
Name Date Chapter 8 Reading Organizer After completion of this chapter, you should be able to: Describe traffic filtering and explain how Access Control Lists (ACLs) can filter traffic at router interfaces.
More informationConfiguring Firewall Filters (J-Web Procedure)
Configuring Firewall Filters (J-Web Procedure) You configure firewall filters on EX Series switches to control traffic that enters ports on the switch or enters and exits VLANs on the network and Layer
More informationSelective Boundary Cutting For Packet Classification SOUMYA. K 1, CHANDRA SEKHAR. M 2
ISSN 2319-8885 Vol.04,Issue.34, August-2015, Pages:6786-6790 www.ijsetr.com SOUMYA. K 1, CHANDRA SEKHAR. M 2 1 Navodaya Institute of Technology, Raichur, Karnataka, India, E-mail: Keerthisree1112@gmail.com.
More informationRegister Bit Name Description Default Global Ctrl Reg 2 SGCR2. Table 1. Registers are used for Common and Egress Port Setting
QoS Priority Support In the KSZ8842 Family Introduction Latency critical applications such as Voice over IP (VoIP) and video typically need to guarantee a high quality of service (QoS) throughout the network.
More informationContinuous Real Time Data Transfer with UDP/IP
Continuous Real Time Data Transfer with UDP/IP 1 Emil Farkas and 2 Iuliu Szekely 1 Wiener Strasse 27 Leopoldsdorf I. M., A-2285, Austria, farkas_emil@yahoo.com 2 Transilvania University of Brasov, Eroilor
More informationGeneric Architecture. EECS 122: Introduction to Computer Networks Switch and Router Architectures. Shared Memory (1 st Generation) Today s Lecture
Generic Architecture EECS : Introduction to Computer Networks Switch and Router Architectures Computer Science Division Department of Electrical Engineering and Computer Sciences University of California,
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 13 wenbing@ieee.org (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of lecture 12 Routing Congestion
More informationSections Describing Standard Software Features
27 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to
More informationLayer 2 functionality bridging and switching
Layer 2 functionality bridging and switching BSAD 141 Dave Novak Sources: Network+ Guide to Networks, Dean 2013 Overview Layer 2 functionality Error detection Bridges Broadcast and collision domains How
More informationIntroduction. Network Architecture Requirements of Data Centers in the Cloud Computing Era
Massimiliano Sbaraglia Network Engineer Introduction In the cloud computing era, distributed architecture is used to handle operations of mass data, such as the storage, mining, querying, and searching
More informationComputer Networks. Routing
Computer Networks Routing Topics Link State Routing (Continued) Hierarchical Routing Broadcast Routing Sending distinct packets Flooding Multi-destination routing Using spanning tree Reverse path forwarding
More informationQuality of Service in the Internet
Quality of Service in the Internet Problem today: IP is packet switched, therefore no guarantees on a transmission is given (throughput, transmission delay, ): the Internet transmits data Best Effort But:
More informationNetworking for Data Acquisition Systems. Fabrice Le Goff - 14/02/ ISOTDAQ
Networking for Data Acquisition Systems Fabrice Le Goff - 14/02/2018 - ISOTDAQ Outline Generalities The OSI Model Ethernet and Local Area Networks IP and Routing TCP, UDP and Transport Efficiency Networking
More informationQuality of Service. Understanding Quality of Service
The following sections describe support for features on the Cisco ASR 920 Series Router. Understanding, page 1 Configuring, page 2 Global QoS Limitations, page 2 Classification, page 3 Marking, page 6
More information20-CS Cyber Defense Overview Fall, Network Basics
20-CS-5155 6055 Cyber Defense Overview Fall, 2017 Network Basics Who Are The Attackers? Hackers: do it for fun or to alert a sysadmin Criminals: do it for monetary gain Malicious insiders: ignores perimeter
More informationCybersecurity was nonexistent for most network data exchanges until around 1994.
1 The Advanced Research Projects Agency Network (ARPANET) started with the Stanford Research Institute (now SRI International) and the University of California, Los Angeles (UCLA) in 1960. In 1970, ARPANET
More informationSections Describing Standard Software Features
30 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to
More informationProSAFE 8-Port 10-Gigabit Web Managed Switch Model XS708Ev2 User Manual
ProSAFE 8-Port 10-Gigabit Web Managed Switch Model XS708Ev2 User Manual April 2016 202-11656-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. You
More informationConfiguring QoS CHAPTER
CHAPTER 34 This chapter describes how to use different methods to configure quality of service (QoS) on the Catalyst 3750 Metro switch. With QoS, you can provide preferential treatment to certain types
More informationII. Principles of Computer Communications Network and Transport Layer
II. Principles of Computer Communications Network and Transport Layer A. Internet Protocol (IP) IPv4 Header An IP datagram consists of a header part and a text part. The header has a 20-byte fixed part
More informationPreview Test: cis191_chap1_quiz
3/9/2015 Preview Test: cis191_chap1_quiz 20155229528. Sunyata 98 Courses Organizations Need Help? Prevent Sexual Violence Preview Test: cis191_chap1_quiz Test Information Description Instructions Timed
More informationAccess Control Lists and IP Fragments
Access Control Lists and IP Fragments Document ID: 8014 Contents Introduction Types of ACL Entries ACL Rules Flowchart How Packets Can Match an ACL Example 1 Example 2 fragments Keyword Scenarios Scenario
More informationOSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1
OSI Network Layer Network Fundamentals Chapter 5 Version 4.0 1 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most
More informationWCCPv2 and WCCP Enhancements
WCCPv2 and WCCP Enhancements Release 12.0(11)S June 20, 2000 This feature module describes the Web Cache Communication Protocol (WCCP) Enhancements feature and includes information on the benefits of the
More informationSection 1. General Networking Theory
Section 1 General Networking Theory This chapter ensures you are prepared for questions in the Cisco Certified Internetwork Expert (CCIE) written exam that deal with general networking theories. General
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Network Layer ICMP (5.6), Network Management(5.7) & SDN (5.1, 5.5, 4.4) Prof. Lina Battestilli Fall 2017 Outline 5.6 ICMP: The Internet Control Message
More informationImplementing Access Lists and Prefix Lists
An access control list (ACL) consists of one or more access control entries (ACE) that collectively define the network traffic profile. This profile can then be referenced by Cisco IOS XR softwarefeatures
More informationEECS 122: Introduction to Computer Networks Switch and Router Architectures. Today s Lecture
EECS : Introduction to Computer Networks Switch and Router Architectures Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,
More informationMulticast and Quality of Service. Internet Technologies and Applications
Multicast and Quality of Service Internet Technologies and Applications Aims and Contents Aims Introduce the multicast and the benefits it offers Explain quality of service and basic techniques for delivering
More informationConfiguring Web Cache Services By Using WCCP
CHAPTER 44 Configuring Web Cache Services By Using WCCP This chapter describes how to configure your Catalyst 3560 switch to redirect traffic to wide-area application engines (such as the Cisco Cache Engine
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationTag Switching. Background. Tag-Switching Architecture. Forwarding Component CHAPTER
CHAPTER 23 Tag Switching Background Rapid changes in the type (and quantity) of traffic handled by the Internet and the explosion in the number of Internet users is putting an unprecedented strain on the
More informationSetting the firewall for LAN and DMZ
Setting the firewall for LAN and DMZ Dokument-ID Version 2.0 Status Date of publication Setting the firewall for LAN and DMZ Final Version 01.2017 1 Contents 1.1 Need 3 1.2 Description 3 1.3 Requirements/limitations
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationConcept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space that is provided.
223 Chapter 19 Inter mediate TCP The Transmission Control Protocol/Internet Protocol (TCP/IP) suite of protocols was developed as part of the research that the Defense Advanced Research Projects Agency
More informationChapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
More informationEthernet Network Redundancy in SCADA and real-time Automation Platforms.
Ethernet Network Redundancy in SCADA and real-time Automation Platforms www.copadata.com sales@copadata.com Content 1. ABSTRACT... 2 2. INTRODUCTION... 2 IEC 61850 COMMUNICATION SERVICES... 2 APPLICATION
More informationPUCPR. Internet Protocol. Edgard Jamhour E N G L I S H S E M E S T E R
PUCPR Internet Protocol Address Resolution and Routing Edgard Jamhour 2014 E N G L I S H S E M E S T E R 1. Address Resolution The IP address does not identify, indeed, a computer, but a network interface.
More informationWhy Firewalls? Firewall Characteristics
Why Firewalls? Firewalls are effective to: Protect local systems. Protect network-based security threats. Provide secured and controlled access to Internet. Provide restricted and controlled access from
More informationDa t e: August 2 0 th a t 9: :00 SOLUTIONS
Interne t working, Examina tion 2G1 3 0 5 Da t e: August 2 0 th 2 0 0 3 a t 9: 0 0 1 3:00 SOLUTIONS 1. General (5p) a) Place each of the following protocols in the correct TCP/IP layer (Application, Transport,
More informationQuality of Service in the Internet
Quality of Service in the Internet Problem today: IP is packet switched, therefore no guarantees on a transmission is given (throughput, transmission delay, ): the Internet transmits data Best Effort But:
More informationJN0-343 Q&As. Juniper Networks Certified Internet Specialist (JNCIS-ENT) Pass Juniper JN0-343 Exam with 100% Guarantee
JN0-343 Q&As Juniper Networks Certified Internet Specialist (JNCIS-ENT) Pass Juniper JN0-343 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee
More informationDistributed Conditional Multicast Access for IP TV in High-Speed Wireless Networks (Destination Specific Multicast)
137 Distributed Conditional Multicast Access for IP TV in High-Speed Wireless Networks (Destination Specific Multicast) 1, 2 Jan Fesl, 1 Richard Klee, 1 Marie Dolezalova 1 Institute of Applied Informatics,
More informationIPv4 ACLs, identified by ACL numbers, fall into four categories, as shown in Table 1. Table 1 IPv4 ACL categories
Table of Contents ACL Configuration 1 ACL Overview 1 IPv4 ACL Classification 1 IPv4 ACL Rule Order 1 Rule Numbering Step with IPv4 ACLs 3 Effective Time Period of an IPv4 ACL 3 IP Fragments Filtering with
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More informationChapter 2. Switch Concepts and Configuration. Part I
Chapter 2 Switch Concepts and Configuration Part I CCNA3-1 Chapter 2-1 Note for Instructors These presentations are the result of a collaboration among the instructors at St. Clair College in Windsor,
More informationLocal Restoration in Metro Ethernet Networks for Multiple Link Failures
Local Restoration in Metro Ethernet etworks for Multiple Link Failures Shibu. V Department of Computer Applications. Preetha Mathew K Department of Computer Applications. Jabir.K.V.T Department of Information
More informationSwitched Ethernet Virtual LANs
Switched Ethernet Virtual LANs Computer Networks Lecture 4 http://goo.gl/pze5o8 Switched Ethernet 2 LAN Switches Behave as bridges (operates in the logical tree topology) Switching is implemented by hardware
More informationImplementation of Boundary Cutting Algorithm Using Packet Classification
Implementation of Boundary Cutting Algorithm Using Packet Classification Dasari Mallesh M.Tech Student Department of CSE Vignana Bharathi Institute of Technology, Hyderabad. ABSTRACT: Decision-tree-based
More informationRouter and ACL ACL Filter traffic ACL: The Three Ps One ACL per protocol One ACL per direction One ACL per interface
CCNA4 Chapter 5 * Router and ACL By default, a router does not have any ACLs configured and therefore does not filter traffic. Traffic that enters the router is routed according to the routing table. *
More informationHow to Create an IP Access List to Filter IP Options TCP Flags Noncontiguous Ports or TTL Values,
Creating an IP Access List to Filter IP Options TCP Flags Noncontiguous Ports or TTL Values This module describes how to use an IP access list to filter IP packets that contain certain IP Options, TCP
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More informationSwitching and Forwarding Reading: Chapter 3 1/30/14 1
Switching and Forwarding Reading: Chapter 3 1/30/14 1 Switching and Forwarding Next Problem: Enable communication between hosts that are not directly connected Fundamental Problem of the Internet or any
More informationPrerequisites for Creating an IP Access List to Filter IP Options TCP Flags Noncontiguous Ports
Creating an IP Access List to Filter IP Options, TCP Flags, Noncontiguous Ports This module describes how to use an IP access list to filter IP packets that contain certain IP Options, TCP flags, noncontiguous
More informationIntroduction to Quality of Service
Introduction to Quality of Service The use of IP as a foundation for converged networks has raised several issues for both enterprise IT departments and ISPs. IP and Ethernet are connectionless technologies
More informationIntroduction to Internetworking
Introduction to Internetworking Introductory terms Communications Network Facility that provides data transfer services An internet Collection of communications networks interconnected by bridges and/or
More informationCisco EXAM CCNA Cisco Certified Network Associate. Buy Full Product.
Cisco EXAM - 200-120 CCNA Cisco Certified Network Associate Buy Full Product http://www.examskey.com/200-120.html Examskey Cisco 200-120 exam demo product is here for you to test the quality of the product.
More informationAPPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE
APPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE William Stallings F.1 TCP/IP LAYERS... 2 F.2 TCP AND UDP... 4 F.3 OPERATION OF TCP/IP... 6 F.4 TCP/IP APPLICATIONS... 10 Copyright 2014 Supplement to Computer
More informationMPLS MULTI PROTOCOL LABEL SWITCHING OVERVIEW OF MPLS, A TECHNOLOGY THAT COMBINES LAYER 3 ROUTING WITH LAYER 2 SWITCHING FOR OPTIMIZED NETWORK USAGE
MPLS Multiprotocol MPLS Label Switching MULTI PROTOCOL LABEL SWITCHING OVERVIEW OF MPLS, A TECHNOLOGY THAT COMBINES LAYER 3 ROUTING WITH LAYER 2 SWITCHING FOR OPTIMIZED NETWORK USAGE Peter R. Egli 1/21
More informationPlanning for Information Network
Planning for Information Network Lecture 7: Introduction to IPv6 Assistant Teacher Samraa Adnan Al-Asadi 1 IPv6 Features The ability to scale networks for future demands requires a limitless supply of
More informationCTS2134 Introduction to Networking. Module 09: Network Management
CTS2134 Introduction to Networking Module 09: Network Management Documentation Facts Good documentation: Ensures that users can find the information they need when making decisions or troubleshooting problems
More informationComputer Networking. December 2004 CEN CN
Computer Networking CEN CN 1 Layer 2 - Bridge Frame Header Data Bridge Trailer Data Link Layer Physical Layer More complex than repeat, it requires hardware and software Bridges have diminished because
More informationAruba 8320 Configuring ACLs and Classifier Policies Guide for ArubaOS- CX 10.00
Aruba 8320 Configuring ACLs and Classifier Policies Guide for ArubaOS- CX 10.00 Part Number: 5200-4710a Published: April 2018 Edition: 2 Copyright 2018 Hewlett Packard Enterprise Development LP Notices
More informationWireless Client Isolation. Overview. Bridge Mode Client Isolation. Configuration
Wireless Client Isolation Overview Wireless Client Isolation is a security feature that prevents wireless clients from communicating with one another. This feature is useful for guest and BYOD SSIDs adding
More informationConfiguring Policy-Based Routing
25 CHAPTER This chapter describes the tasks for configuring policy-based routing (PBR) on a router and includes these major sections: Overview of Policy-Based Routing, page 25-1 Policy-Based Routing Configuration
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:
Managing and Securing Computer Networks Guy Leduc Chapter 2: Software-Defined Networks (SDN) Mainly based on: Computer Networks and Internets, 6 th Edition Douglas E. Comer Pearson Education, 2015 (Chapter
More informationThe MAC Address Format
Directing data is what addressing is all about. At the Data Link layer, this is done by pointing PDUs to the destination MAC address for delivery of a frame within a LAN. The MAC address is the number
More informationRouter Router Microprocessor controlled traffic direction home router DSL modem Computer Enterprise routers Core routers
Router Router is a Microprocessor controlled device that forwards data packets across the computer network. It is used to connect two or more data lines from different net works. The function of the router
More informationFirewalls can be categorized by processing mode, development era, or structure.
Firewalls A firewall in an information security program is similar to a building s firewall in that it prevents specific types of information from moving between the outside world, known as the untrusted
More informationPacket Classification Using Dynamically Generated Decision Trees
1 Packet Classification Using Dynamically Generated Decision Trees Yu-Chieh Cheng, Pi-Chung Wang Abstract Binary Search on Levels (BSOL) is a decision-tree algorithm for packet classification with superior
More informationMrs. Vaishali Navnath Pansambal, Prof.R.H.Kulkarni.
International Journal of Scientific & Engineering Research, Volume 5, Issue 6, June-2014 1236 Model for Advanced Sandwich Probe Topology Inference Scheme in Network Tomography Mrs. Vaishali Navnath Pansambal,
More informationPrinciples. IP QoS DiffServ. Agenda. Principles. L74 - IP QoS Differentiated Services Model. L74 - IP QoS Differentiated Services Model
Principles IP QoS DiffServ Differentiated Services Architecture DSCP, CAR Integrated Services Model does not scale well flow based traffic overhead (RSVP messages) routers must maintain state information
More informationKeywords SDN, Firewall, Openflow, Mininet, Pox
Volume 6, Issue 6, June 2016 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Development of
More informationIntegrated Services. Integrated Services. RSVP Resource reservation Protocol. Expedited Forwarding. Assured Forwarding.
Integrated Services An architecture for streaming multimedia Aimed at both unicast and multicast applications An example of unicast: a single user streaming a video clip from a news site An example of
More information