Politecnico di Milano Scuola di Ingegneria Industriale e dell Informazione. 09 Intranetting. Fundamentals of Communication Networks
|
|
- Benjamin Sanders
- 5 years ago
- Views:
Transcription
1 Politecnico di Milano Scuola di Ingegneria Industriale e dell Informazione 09 Intranetting Fundamentals of Communication Networks 1
2 Private networks and Intranets EG subnet IG IG Private network IG o Private networks have evolved based on IP technology. o Private networks are usually partitioned using layer-2 switches, VLAN and IP routers. o A intranet is just a private network using IP technology for LAN (or VLAN) interconnection, and providing some services on the INTERNET (web server, mail server, etc.). 2
3 Characteristics of Intranets o The evolution of services and protocols made Intranets quite different from public IP networks n Security n Address management n Differentiation of services offered to Intranet users and INTERNET users. n Etc. 3
4 Addresses o The exponential increase of the number of hosts of the Internet makes the availability of IPv4 addresses a real problem o This problem has pushed the standardization of IPv6 o In the meanwhile another solution has been found by means of private addresses o If an IP network is not connected to the Internet it can use any arbitrary addressing plan... 4
5 Private addressing (1) o o o Different intranets can reuse the same set of IP addresses (RFC 1597, Address Allocation for Private Internets). n class A: net 10.xx.xx.xx (16 millions addresses) n class B: from to (16 nets with addresses) n class C: nets xx.xx (256 nets with 254 addresses) It s not allowed that packets with private addresses (source or destination addresses) travel in the public Internet The development of some technologies like Proxy and NAT allowed the use of private addressing even to intranets connected to the Internet 5
6 Private addressing (2) o A private network has usually some services that can be accessed from the public Internet o Servers of these services need a public address while internal hosts can use a private address web R ISP Public addr R Private addr. 6
7 Private addressing (3) o Whitout an interconnection mechanism between private and public world, private hosts cannot access to Internet services o Commonly adopted methods for interconnection are NAT and Proxy web R NAT ISP Public addr. R Private addr. 7
8 Connection Intranet/Internet o Intranet using public addresses n Application Proxy n Simple Router o Intranet using private addresses n NAT n Application Proxy 8
9 Connection with a simple Router o The intranet uses public IP addresses o The intranet is actually a part of the big Internet o Communications are always possible o Low security 9
10 Connection through an application Proxy o This solution works either with public or private addresses o Intranet and INTERNET are not connected at the IP layer o Any request (application layer) is forwarded to the proxy that forwards it to the Internet using its public IP address o A proxy for each application is required 10
11 Application Proxy http proxy ftp proxy R Internet R ind. pubblici Private addr. remote web server Routing tables with public and private addresse 11
12 Network Address Translation (NAT) o NATs (Network Address Translation) routers have all classical functionalities of IP routers o and in addition they can map a (private) addressing space in another (public) addressing space. 12
13 Network Address Translator (NAT) o NAT allows to associate (usually temporarily) a private address to a public address. The set of private addresses is usually much larger than that of public addresses. Packets to the Internet are filtered and forwarded to the NAT Source Destination NAT Available addresses: subnet Private IP Public IP Source Destination
14 NAT Table NAT Available addresses: subnet NAT Table Source Destination Private IP Public IP Source Destination o To allow bidirectional connections a mapping table is required: n Static mapping n Dynamic mapping 14
15 NAT methods o Traditional NAT n Basic NAT n Network Address Port Translation (NAPT) o Bi-directional NAT n Twice NAT 15
16 Common features o Transparent Address Translation n Association (binding/unbinding) trasparent to hosts n Two association modes: o Static (easy but inefficient) o Dynamic (efficient but complex) o Transparent Routing n Routing must be managed according to the address type (private addressing plans must not be redistributed to the public network) o ICMP Packet Translation n Portions of ICMP messages include IP addresses, therefore they have to be translated 16
17 NAT Dynamic association (1) o Dynamic assignment is based on the concept of session o When NAT receives the first packet of a session it creates the association between public and private addresses o At the end of the session the public address is released o What s a session? n Its definition is protocol dependent n For TCP and UDP a session is based on socket n For ICMP a set of three addresses (source IP, destination IP, Protocol Identifier) n The direction of a session is the the direction of the first packet 17
18 NAT Dynamic association (2) o Once defined the session we have to assess when it starts and ends o Session start: n TCP: SYN packet n UDP, ICMP: connectionless, there is not a unique method o Session end: n TCP: FIN packets or RESET n Other protocol: there is not a unique method n Timers are always required to recover from error states. 18
19 NAT Application Level Gateway o Several applications includes IP addresses in the messages (ASCII or binary formats) and port numbers o Application Level Gateways (ALG) add some functionalities to NATs for a correct operation with such applications o Based on the application and messages type, not only IP headers but also message contents are translated, and if needed TCP segments are modified accordingly o ALG are similar to proxy, but they are transparent to hosts 19
20 Traditional NAT (1) o Also named Outbound NAT o It allows only sessions initiated from the private network (from the intranet to the internet) o Routing information is ridistributed from the Internet to the Intranet but not in the opposite direction o 2 sub-types n Basic NAT n NAPT (Network Address and Port Translator) 20
21 Traditional NAT (2) o Basic NAT n Only the IP address is translated n There is a one-to-one mapping during a session and two hosts cannot use the same public address at the same time n Requests can be blocked due to the limited number of available public addresses o NAPT n The couple (IP, port) is translated n Many private addresses can be mapped on the same public address at the same time n Some problems arise with flows not using UDP or TCP (with ICMP it is possible to use the protocol identifier field) n With fragments it does not work 21
22 Bi-Directional NAT o A session can start in any direction o Problem: n How can a public host start a session with a private host without a public address? n Symbolic names must be used and the DNS service must support the NAT DNS Intranet server.azienda.com DNS resp: DNS query: server.azienda.com? DNS ALG R NAT table DNS resp: Internet 22
23 NAT Some comments o Address mapping is not an easy task o It requires n To recalculate the Header Checksum n To replace address into ICMP message and to recalculate the header checksum n To recalculate the checksum of TCP or UDP with the new pseudo-header o ALG are required with application including addresses or ports into application messages o IPsec and all security protocols are difficult to manage 23
24 NAT The case of FTP (1) o The case of FTP: n On control connection PORT and PASV methods are adopted n PORT n1,n2,n3,n4,n5,n6 (n1, n2, n3,n4, n5, n6 are coded with ASCI) o n1.n2.n3.n4 is the client IP Address o N5x256+n6 = port number for data connection n The PORT command must be translated by the ALG, but that s not the end of the story... 24
25 NAT- The case of FTP (2) n Suppose that you have to map (private) with (public) n FTP uses ASCI o During translation private-> public the command PORT becomes longer o During translation public-> private the command PORT becomes shorter n -> TCP payload changes size -> byte numbering in SN and AN fields must be modified n The ALG for FTP needs a mapping table for SN and AN for each active TCP connection 25
26 WAN connection of remote intranets (1) o Different Intranets (of the same organization/company) can be connected together o Problems: n n n cost use of private addresses security Intranet Intranet Intranet 26
27 WAN connection of remote intranets (2) o Dedicated channels o Problem: n Very high cost Intranet Intranet Intranet 27
28 WAN connection of remote intranets (3) o Public packet networks (e.g. Frame Relay) o Problems: n Quite high cost Intranet Intranet Rete pubblica FR Intranet 28
29 WAN connection of remote intranets (4) o INTERNET (Virtual Private Network - VPN) Problems: n n n Private addresses security performance ISP ISP Intranet Intranet 29
30 Virtual Private Networks o Tunnels ISP tunnel ISP Intranet Intranet 30
31 IP tunneling o o o Tunnel can be created through encapsulation of IP packets into IP packets The payload traveling in the public network can be encrypted (IPsec) Addresses in the remote intranets are usually private Destination Source IP Router/gateway Tunneling IP Tunnel destination/source Destination Source Destination Source Payload Payload Tunnel payload 31
Network Interconnection
Network Interconnection Covers different approaches for ensuring border or perimeter security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Lecture
More informationNetwork Address Translation. All you want to know about
Network Address Translation All you want to know about (C) Herbert Haas 2005/03/11 Reasons for NAT Mitigate Internet address depletion Save global addresses (and money) Conserve internal address plan TCP
More informationNetwork layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing
Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every
More informationNetwork Layer PREPARED BY AHMED ABDEL-RAOUF
Network Layer PREPARED BY AHMED ABDEL-RAOUF Network layer transport segment from sending to receiving host on sending side encapsulates segments into datagrams on receiving side, delivers segments to transport
More informationNetwork layer: Overview. Network Layer Functions
Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every
More informationTCP /IP Fundamentals Mr. Cantu
TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:
More informationThe Internet Protocol (IP)
The Internet Protocol (IP) The Blood of the Internet (C) Herbert Haas 2005/03/11 "Information Superhighway is really an acronym for 'Interactive Network For Organizing, Retrieving, Manipulating, Accessing
More informationOn Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964
The requirements for a future all-digital-data distributed network which provides common user service for a wide range of users having different requirements is considered. The use of a standard format
More informationTCP/IP Protocol Suite
TCP/IP Protocol Suite Computer Networks Lecture 5 http://goo.gl/pze5o8 TCP/IP Network protocols used in the Internet also used in today's intranets TCP layer 4 protocol Together with UDP IP - layer 3 protocol
More informationLecture 8. Network Layer (cont d) Network Layer 1-1
Lecture 8 Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets Network
More informationData Communication & Networks G Session 7 - Main Theme Networks: Part I Circuit Switching, Packet Switching, The Network Layer
Data Communication & Networks G22.2262-001 Session 7 - Main Theme Networks: Part I Circuit Switching, Packet Switching, The Network Layer Dr. Jean-Claude Franchitti New York University Computer Science
More informationHands-On Ethical Hacking and Network Defense
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified 1-11-17 Objectives Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the
More informationNetwork and Security: Introduction
Network and Security: Introduction Seungwon Shin KAIST Some slides are from Dr. Srinivasan Seshan Some slides are from Dr. Nick Mckeown Network Overview Computer Network Definition A computer network or
More informationHierarchical Routing. Our routing study thus far - idealization all routers identical network flat no true in practice. administrative autonomy
Hierarchical Routing Our routing study thus far - idealization all routers identical network flat no true in practice scale: with 50 million destinations: can t store all dest s in routing tables! routing
More informationTCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12
TCP/IP Networking Training Details Training Time : 9 Hours Capacity : 12 Prerequisites : There are no prerequisites for this course. About Training About Training TCP/IP is the globally accepted group
More informationSEN366 (SEN374) (Introduction to) Computer Networks
SEN366 (SEN374) (Introduction to) Computer Networks Prof. Dr. Hasan Hüseyin BALIK (12 th Week) The Internet Protocol 12.Outline Principles of Internetworking Internet Protocol Operation Internet Protocol
More informationLecture 3. The Network Layer (cont d) Network Layer 1-1
Lecture 3 The Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router? Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets
More informationChapter 7. Local Area Network Communications Protocols
Chapter 7 Local Area Network Communications Protocols The Network Layer The third layer of the OSI Model is the network layer. The network layer is concerned with providing a means for hosts to communicate
More informationNetwork Basic v0.1. Network Basic v0.1. Chapter 3 Internet Protocol. Chapter 3. Internet Protocol
Network Basic v0.1 Chapter 3. Internet Protocol 1 Network Basic v0.1 Chapter 3 Internet Protocol 1. The Role of Network Layer 2. IP Protocol Feature 3. IP Packet Routing 5. DHCP 6. NAT 2 1 네트워크 ICONs 3
More informationb. Suppose the two packets are to be forwarded to two different output ports. Is it
Problem-1:[15] Suppose two packets arrive to two different input ports of a router at exactly the same time. Also suppose there are no other packets anywhere in the router. a. Suppose the two packets are
More informationMcGraw-Hill The McGraw-Hill Companies, Inc., 2000
!! McGraw-Hill The McGraw-Hill Companies, Inc., 2000 "#$% & '$# )1 ) ) )6 ) )* )- ). )0 )1! )11 )1 )1 )16 )1 3'' 4", ( ( $ ( $ $$+, $$, /+ & 23,4 )/+ &4 $ 53" Network Layer Position of network layer Figure
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationDeploying and Troubleshooting Network Address Translation
Deploying and Troubleshooting Network Address Translation Session mihollow@cisco.com 2 Copyright Printed in USA. Agenda The WWW of NAT The Why, the What, and the Where Pitfalls and How to Avoid Tools for
More informationComputer Network Addressing. The TCP/IP Layers and Addresses. Topics. The Internet Communication. The TCP/IP Layers and Addresses IP Address
Topics Computer Addressing The / Layers and Addresses Computer and Data Communication Laboratory I 2 The Internet Communication The / Layers and Addresses 4 Protocol Layers / Protocol Stack OSI and / SMTP
More informationHP A-F1000-A-EI_A-F1000-S-EI VPN Firewalls
HP A-F1000-A-EI_A-F1000-S-EI VPN Firewalls NAT Configuration Guide Part number:5998-2649 Document version: 6PW100-20110909 Legal and notice information Copyright 2011 Hewlett-Packard Development Company,
More informationNetwork Layer/IP Protocols
Network Layer/IP Protocols 1 Outline IP Datagram (IPv4) NAT Connection less and connection oriented service 2 IPv4 packet header 3 IPv4 Datagram Header Format version of the IP protocol (4 BIts) IP header
More informationInternetworking Part 2
CMPE 344 Computer Networks Spring 2012 Internetworking Part 2 Reading: Peterson and Davie, 3.2, 4.1 19/04/2012 1 Aim and Problems Aim: Build networks connecting millions of users around the globe spanning
More informationRMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6
RMIT University Data Communication and Net-Centric Computing COSC 1111/2061 Internetworking IPv4, IPv6 Technology Slide 1 Lecture Overview During this lecture, we will understand The principles of Internetworking
More informationTCP/IP THE TCP/IP ARCHITECTURE
TCP/IP-1 The Internet Protocol (IP) enables communications across a vast and heterogeneous collection of networks that are based on different technologies. Any host computer that is connected to the Internet
More informationEITF25 Internet Techniques and Applications L7: Internet. Stefan Höst
EITF25 Internet Techniques and Applications L7: Internet Stefan Höst What is Internet? Internet consists of a number of networks that exchange data according to traffic agreements. All networks in Internet
More informationTutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem.
Tutorial 9 1 Router Architecture Consider a router with a switch fabric, 2 input ports (A and B) and 2 output ports (C and D). Suppose the switch fabric operates at 1.5 times the line speed. a. If, for
More informationNetwork Address Translation
Network Address Translation All you want to know about (C) Herbert Haas 2005/03/11 Reasons for NAT Mitigate Internet address depletion Save global addresses (and money) Conserve internal address plan TCP
More informationConfiguring Static and Dynamic NAT Translation
This chapter contains the following sections: Network Address Translation Overview, page 1 Information About Static NAT, page 2 Dynamic NAT Overview, page 4 Timeout Mechanisms, page 4 NAT Inside and Outside
More informationCS 356: Computer Network Architectures. Lecture 15: DHCP, NAT, and IPv6. [PD] chapter 3.2.7, 3.2.9, 4.1.3, 4.3.3
CS 356: Computer Network Architectures Lecture 15: DHCP, NAT, and IPv6 [PD] chapter 3.2.7, 3.2.9, 4.1.3, 4.3.3 Xiaowei Yang xwy@cs.duke.edu Dynamic Host Configuration Protocol (DHCP) Dynamic Assignment
More informationNetwork Model. Why a Layered Model? All People Seem To Need Data Processing
Network Model Why a Layered Model? All People Seem To Need Data Processing Layers with Functions Packet Propagation Each router provides its services to support upper-layer functions. Headers (Encapsulation
More informationSSL VPN Virtual Private Networks based on Secure Socket Layer
SSL VPN Virtual Private Networks based on Secure Socket Layer Mario Baldi Politecnico di Torino (Technical Univesity of Turin) http://staff.polito.it/mario.baldi SSL VPN: What is that? SSL as the central
More informationThe Internet. 9.1 Introduction. The Internet is a global network that supports a variety of interpersonal and interactive multimedia applications.
The Internet 9.1 Introduction The Internet is a global network that supports a variety of interpersonal and interactive multimedia applications. Associated with each access network - ISP network, intranet,
More informationEEC-684/584 Computer Networks
EEC-684/584 Computer Networks Lecture 14 wenbing@ieee.org (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Internetworking
More informationBusiness Data Networks and Security 10th Edition by Panko Test Bank
Business Data Networks and Security 10th Edition by Panko Test Bank Chapter 2 Network Standards 1) Internet standards are published as. A) RFCs B) IETFs C) TCP/IPs D) Internet Protocols Question: 1a Objective:
More informationFundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,
Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure
More informationComputer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis
Computer Network Fundamentals Spring 2008 Week 4 Network Layer Andreas Terzis Outline Internet Protocol Service Model Addressing Original addressing scheme Subnetting CIDR Fragmentation ICMP Address Shortage
More informationCPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer
1 CPSC 826 Intering The Network Layer: Routing & Addressing Outline The Network Layer Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu November 10, 2004 Network layer
More informationOperation Manual Network Protocol. Table of Contents
Table of Contents Table of Contents Chapter 1 IP Address Configuration... 1-1 1.1 IP Address Overview... 1-1 1.2 IP Address Configuration... 1-4 1.2.1 Assigning IP Addresses to an Interface... 1-4 1.2.2
More informationETSF05/ETSF10 Internet Protocols Network Layer Protocols
ETSF05/ETSF10 Internet Protocols Network Layer Protocols 2016 Jens Andersson Agenda Internetworking IPv4/IPv6 Framentation/Reassembly ICMPv4/ICMPv6 IPv4 to IPv6 transition VPN/Ipsec NAT (Network Address
More informationinternet technologies and standards
Institute of Telecommunications Warsaw University of Technology 2017 internet technologies and standards Piotr Gajowniczek Andrzej Bąk Michał Jarociński Network Layer The majority of slides presented in
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e Chapter 8 Networking Essentials Objectives Learn about the protocols and standards Windows uses for networking Learn how to connect
More informationOutline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address
Outline IP The Internet Protocol o IP Address IP subnetting CIDR o ARP Protocol o IP Function o Fragmentation o NAT o IPv6 2 IP Address o Hostname & IP Address IP Address o The Address ping www.nu.ac.th
More informationChapter 4: outline. 4.5 routing algorithms link state distance vector hierarchical routing. 4.6 routing in the Internet RIP OSPF BGP
Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP 4.5 routing algorithms link state
More informationIP Security. Have a range of application specific security mechanisms
IP Security IP Security Have a range of application specific security mechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS However there are security concerns that cut across protocol layers Would like security
More informationNetwork Layer: Internet Protocol
Network Layer: Internet Protocol Motivation Heterogeneity Scale Intering IP is the glue that connects heterogeneous s giving the illusion of a homogenous one. Salient Features Each host is identified by
More informationThis tutorial will help you in understanding IPv4 and its associated terminologies along with appropriate references and examples.
About the Tutorial Internet Protocol version 4 (IPv4) is the fourth version in the development of the Internet Protocol (IP) and the first version of the protocol to be widely deployed. IPv4 is described
More informationChapter 5 Network Layer
Chapter 5 Network Layer Network Layer IPv4 2 IP Header Application Header + data 3 IP IP IP IP 4 Focus on Transport Layer IP IP 5 Network Layer The Network layer (Layer 3) provides services to exchange
More informationExamination 2D1392 Protocols and Principles of the Internet 2G1305 Internetworking 2G1507 Kommunikationssystem, fk SOLUTIONS
Examination 2D1392 Protocols and Principles of the Internet 2G1305 Internetworking 2G1507 Kommunikationssystem, fk Date: January 17 th 2006 at 14:00 18:00 SOLUTIONS 1. General (5p) a) Draw the layered
More informationEE 610 Part 2: Encapsulation and network utilities
EE 610 Part 2: Encapsulation and network utilities Objective: After this experiment, the students should be able to: i. Understand the format of standard frames and packet headers. Overview: The Open Systems
More informationUnit 5: Internet Protocols skong@itt-tech.edutech.edu Internet Protocols She occupied herself with studying a map on the opposite wall because she knew she would have to change trains at some point. Tottenham
More informationInternet. 1) Internet basic technology (overview) 3) Quality of Service (QoS) aspects
Internet 1) Internet basic technology (overview) 2) Mobility aspects 3) Quality of Service (QoS) aspects Relevant information: these slides (overview) course textbook (Part H) www.ietf.org (details) IP
More informationCMPE 80N: Introduction to Networking and the Internet
CMPE 80N: Introduction to Networking and the Internet Katia Obraczka Computer Engineering UCSC Baskin Engineering Lecture 17 CMPE 80N Spring'10 1 Announcements Next class: Presentation of fun projects
More informationEC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane
EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane This presentation is adapted from slides produced by Jim Kurose and Keith Ross for their book, Computer Networking:
More informationConfiguring Network Address Translation
Finding Feature Information, on page 1 Network Address Translation (NAT), on page 2 Benefits of Configuring NAT, on page 2 How NAT Works, on page 2 Uses of NAT, on page 3 NAT Inside and Outside Addresses,
More informationLoad Balancing Technology White Paper
Load Balancing Technology White Paper Keywords: Server, gateway, link, load balancing, SLB, LLB Abstract: This document describes the background, implementation, and operating mechanism of the load balancing
More informationTRANSMISSION CONTROL PROTOCOL. ETI 2506 TELECOMMUNICATION SYSTEMS Monday, 7 November 2016
TRANSMISSION CONTROL PROTOCOL ETI 2506 TELECOMMUNICATION SYSTEMS Monday, 7 November 2016 ETI 2506 - TELECOMMUNICATION SYLLABUS Principles of Telecom (IP Telephony and IP TV) - Key Issues to remember 1.
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationBIG-IP CGNAT: Implementations. Version 13.0
BIG-IP CGNAT: Implementations Version 13.0 Table of Contents Table of Contents Deploying a Carrier Grade NAT... 9 Overview: The carrier-grade NAT (CGNAT) module... 9 About ALG Profiles...10 About CGNAT
More informationInternetwork Protocols
Internetwork Protocols Background to IP IP, and related protocols Internetworking Terms (1) Communications Network Facility that provides data transfer service An internet Collection of communications
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Network Layer IPv4, Format and Addressing,, IPv6 Prof. Lina Battestilli Fall 2017 Chapter 4 Outline Network Layer: Data Plane 4.1 Overview of Network layer
More informationNetwork Address Translation
Network Address Translation All you want to know about (C) Herbert Haas 2005/03/11 In this chapter we discuss the idea of Network Address Translation and special issues associated to it. Invented in 1994,
More informationH3C SecPath Series High-End Firewalls
H3C SecPath Series High-End Firewalls NAT and ALG Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: SECPATHF1000SAI&F1000AEI&F1000ESI-CMW520-R3721 SECPATH5000FA-CMW520-F3210
More informationIntroduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices
Preface p. xv Acknowledgments p. xvii Introduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices p. 6 Firewall
More informationMapping of Address and Port (MAP) an ISPs Perspective. E. Jordan Gottlieb Principal Engineer Charter Communications
Mapping of Address and Port () an ISPs Perspective E. Jordan Gottlieb Principal Engineer Charter Communications jordan.gottlieb@charter.com Agenda What is? Benefits of in Action Algorithms in Action Deployment
More informationSupport for policy-based routing applies to the Barracuda Web Security Gateway running version 6.x only.
Support for policy-based routing applies to the Barracuda Web Security Gateway running version 6.x only. Transparently Routing Web Traffic to the Barracuda Web Security Gateway This article demonstrates
More informationThe Netwok 15 Layer IPv4 and IPv6 Part 3
1 ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE The Netwok 15 Layer IPv4 and IPv6 Part 3 Jean Yves Le Boudec 2015 Contents 1. Fragmentation 2. Interworking h4 h6 with NATs 3. Proxy ARP Textbook Chapter 5: The
More informationECE4110 Internetwork Programming. Introduction and Overview
ECE4110 Internetwork Programming Introduction and Overview 1 EXAMPLE GENERAL NETWORK ALGORITHM Listen to wire Are signals detected Detect a preamble Yes Read Destination Address No data carrying or noise?
More informationHost-based Translation Problem Statement.
Host-based Translation Problem Statement chengang@chinamobile.com Why we need host based translation Two IP families need talk each other, otherwise there are totally separated two worlds; There exists
More informationLecture 17 Overview. Last Lecture. Wide Area Networking (2) This Lecture. Internet Protocol (1) Source: chapters 2.2, 2.3,18.4, 19.1, 9.
Lecture 17 Overview Last Lecture Wide Area Networking (2) This Lecture Internet Protocol (1) Source: chapters 2.2, 2.3,18.4, 19.1, 9.2 Next Lecture Internet Protocol (2) Source: chapters 19.1, 19.2, 22,1
More informationCS475 Networks Lecture 8 Chapter 3 Internetworking. Ethernet or Wi-Fi).
Assignments Reading for Lecture 9: Section 3.3 3.2 Basic Internetworking (IP) Bridges and LAN switches from last section have limited ability CS475 Networks Lecture 8 Chapter 3 Internetworking is a logical
More informationNAT, IPv6, & UDP CS640, Announcements Assignment #3 released
NAT, IPv6, & UDP CS640, 2015-03-03 Announcements Assignment #3 released Overview Network Address Translation (NAT) IPv6 Transport layer User Datagram Protocol (UDP) Network Address Translation (NAT) Hacky
More informationThe Network 15 Layer IPv4 and IPv6 Part 3
1 ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE The Network 15 Layer IPv4 and IPv6 Part 3 Jean Yves Le Boudec 2017 Contents 9. Proxy ARP 10. Fragmentation 11. Interworking h4 h6 with NATs Textbook Chapter 5:
More informationIPsec NAT Transparency
The feature introduces support for IP Security (IPsec) traffic to travel through Network Address Translation (NAT) or Port Address Translation (PAT) points in the network by addressing many known incompatibilities
More informationTeldat Router. NAT Feature
Teldat Router NAT Feature Doc. DM520-I Rev. 8.40 October, 2000 INDEX Chapter 1 Introduction... 1 1. Introduction to NAT...2 2. Types of NAT...3 2.1. Static NAT...3 2.2. Dynamic NAT...3 2.3. NAPT (Masquerading)...4
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More informationNetwork Address Translation (NAT) Contents. Firewalls. NATs and Firewalls. NATs. What is NAT. Port Ranges. NAT Example
Contents Network Address Translation (NAT) 13.10.2008 Prof. Sasu Tarkoma Overview Background Basic Network Address Translation Solutions STUN TURN ICE Summary What is NAT Expand IP address space by deploying
More informationCisco Network Address Translation (NAT)
Cisco Network Address Translation (NAT) Introduction IETF NGTrans working group defined several translation mechanisms to enable communications between IPv6-only and IPv4-only hosts. One such example is
More informationCMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 12
CMPE 150/L : Introduction to Computer Networks Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 12 1 Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what
More informationTCP/IP Protocol Suite and IP Addressing
TCP/IP Protocol Suite and IP Addressing CCNA 1 v3 Module 9 10/11/2005 NESCOT CATC 1 Introduction to TCP/IP U.S. DoD created the TCP/IP model. Provides reliable data transmission to any destination under
More informationIPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.
IPv4 addressing, NAT http://xkcd.com/195/ Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley Some materials copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights
More informationB.Sc. (Hons.) Computer Science with Network Security B.Eng. (Hons) Telecommunications B.Sc. (Hons) Business Information Systems
B.Sc. (Hons.) Computer Science with Network Security B.Eng. (Hons) Telecommunications B.Sc. (Hons) Business Information Systems Bridge BTEL/PT BCNS/14/FT BIS/14/FT BTEL/14/FT Examinations for 2014-2015
More informationTransition Strategies from IPv4 to IPv6: The case of GRNET
Transition Strategies from IPv4 to IPv6: The case of GRNET C. Bouras 1,2, P. Ganos 1, A. Karaliotas 1,2 1 Research Academic Computer Technology Institute, Patras, Greece 2 Department of Computer Engineering
More informationECE 435 Network Engineering Lecture 14
ECE 435 Network Engineering Lecture 14 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 25 October 2018 Announcements HW#6 was due HW#7 will be posted 1 IPv4 Catastrophe 2 Out of
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationPacket Header Formats
A P P E N D I X C Packet Header Formats S nort rules use the protocol type field to distinguish among different protocols. Different header parts in packets are used to determine the type of protocol used
More informationLecture 8. Basic Internetworking (IP) Outline. Basic Internetworking (IP) Basic Internetworking (IP) Service Model
Lecture 8 Basic Internetworking (IP) Reminder: Homework 3, Programming Project 2 due on Tuesday. An example internet is shown at right. Routers or gateways are used to connect different physical networks.
More informationNAT Router Performance Evaluation
University of Aizu, Graduation Thesis. Mar, 22 17173 1 NAT Performance Evaluation HAYASHI yu-ichi 17173 Supervised by Atsushi Kara Abstract This thesis describes a quantitative analysis of NAT routers
More informationOSI Network Layer. Chapter 5
OSI Network Layer Network Fundamentals Chapter 5 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most common Network
More informationMODULE: NETWORKS MODULE CODE: CAN1102C. Duration: 2 Hours 15 Mins. Instructions to Candidates:
BSc.(Hons) Computer Science with Network Security BEng (Hons) Telecommunications Cohort: BCNS/17B/FT Examinations for 2017-2018 / Semester 2 Resit Examinations for BCNS/15A/FT, BTEL/15B/FT & BTEL/16B/FT
More informationDEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager
DEPLOYMENT GUIDE Version 1.1 DNS Traffic Management using the BIG-IP Local Traffic Manager Table of Contents Table of Contents Introducing DNS server traffic management with the BIG-IP LTM Prerequisites
More informationSC/CSE 3213 Winter Sebastian Magierowski York University CSE 3213, W13 L8: TCP/IP. Outline. Forwarding over network and data link layers
SC/CSE 3213 Winter 2013 L8: TCP/IP Overview Sebastian Magierowski York University 1 Outline TCP/IP Reference Model A set of protocols for internetworking The basis of the modern IP Datagram Exchange Examples
More informationINTERNET SYSTEM. Internet Protocol. Kent State University Dept. of Computer Science. CS 4/55231 Internet Engineering. Large Scale Networking
CS 4/55231 Internet Engineering Kent State University Dept. of Computer Science LECT-6 SYSTEM 1 2 Large Scale Networking No Single Technology can Adequately Serve Every One s Need. Each LAN/ WAN has specific
More informationDatagram. Source IP address. Destination IP address. Options. Data
Datagram Version H. len Service Datagram length Datagram identifier FR-FR FR-FR-FR-FR Time-to-live Transp. prot. H. Checksum Source IP address Destination IP address Options Data Each line represents a
More informationIntroduction to Internet. Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis
Introduction to Internet Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis What about inter-networks communications? Between LANs? Ethernet?? Ethernet Example Similarities and Differences between
More informationRequest for Comments: August IP Network Address Translator (NAT) Terminology and Considerations
Network Working Group Request for Comments: 2663 Category: Informational P. Srisuresh M. Holdrege Lucent Technologies August 1999 IP Network Address Translator (NAT) Terminology and Considerations Status
More information