Perry Mehta Virus, Backup and Restore LANWANInternet - PowerPoint PPT Presentation

1 / 134
About This Presentation
Title:

Perry Mehta Virus, Backup and Restore LANWANInternet

Description:

Use appropriate cables (recommended by vendor) in connecting UPS to server. Use Control Panel to configure UPS settings for the server. ... – PowerPoint PPT presentation

Number of Views:201
Avg rating:3.0/5.0
Slides: 135
Provided by: perry7
Category:

less

Transcript and Presenter's Notes

Title: Perry Mehta Virus, Backup and Restore LANWANInternet


1
Perry MehtaVirus, Backup and
RestoreLAN/WAN/Internet
  • Solano Community College
  • Week 4-5

2
Objectives
  • Selecting backup hardware
  • Planning your backup schedule
  • Backing up files
  • Restoring files
  • Installing a UPS
  • Configuring Win2K for a UPS

3
Objectives (II)
  • Infestation
  • Virus
  • Types of Viruses
  • Worms/Trojan Horses
  • AV systems
  • LAN
  • WAN
  • Internet

4
Objectives III
  • OSI Model
  • TCP/IP Model
  • Ethernet
  • Token Ring
  • FDDI (Fiber Distributed Data Interface)
  • Routing Protocols

5
Backup
  • Planning
  • Involves planning, execution testing
  • Need to create an effective plan
  • Need to execute the plan faithfully
  • Need to run frequent tests
  • Why is it necessary to back data??

6
Hardware Backup options
  • Windows allows backup to logical drives or tape
    drives
  • Tape hardware
  • Quarter Inch Cartridge (QIC)
  • 10GB per cartridge uncompressed
  • Too slow
  • Digital Audio Tape (DAT)
  • 2 24GB per tape, transfer 2Mbps
  • Slow in restoring data
  • 8mm
  • 40GB per cartridge, transfer 3Mbps
  • Digital Linear Tape (DLT)
  • 20GB 40GB, transfer 2.5Mbps
  • Vendors
  • Compaq, iomega, HP, exabyte

7
Limitations of Tape Backup
  • Data can be lost between backups
  • Open File cannot be backed up
  • Solutions are
  • RAID disk storage
  • Fault Tolerant hardware
  • Mirroring
  • Clustering

8
Reasons to use 3rd party software backup solutions
  • Open files
  • make sure you understand the applications that
    keep files open when planning backup strategy
  • Multi-tape backups
  • plan for capacity (auto tape changer)
  • Backing up clients/registry
  • If there is need to backup data from client
    machines including registry
  • Automation
  • backups need to be automated so that backup can
    be done in wee hours w/o tech support

9
Types of backup
  • Normal
  • Back up all files that are selected regardless of
    their backup status (known via archive bit)
  • Sets the archive bit
  • Copy
  • Same as Normal w/o changing archive bit
  • Differential
  • Backup only those files that have changed since
    last backup
  • Does not change status of archive bit
  • Backup all the files since the last normal backup

10
Types (II)
  • Incremental
  • Backup only files that have changed since last
    backup
  • Clears the archive bit to show that files have
    been backed up
  • Keeps record of only files that have been
    modified since previous backup
  • Daily
  • Identify files to be backed up by looking at
    modified date
  • If a backed-up file is modified, backup is made

11
Tape Rotation
  • Tape rotation goals
  • Spread wear across tapes
  • Store data on and off site
  • Several copies of files where possible
  • Retain files for a certain time period (depends
    on company policy)
  • What types of rotation schemes have you seen?

12
Rotation Schemes
  • Two-set rotation
  • Two sets of 5 tapes and use each set in alternate
    weeks
  • Good solution if files do not need be archived
    for long period of time

13
Rotation Schemes (II)
  • Grandfather-Father-Son (GFS)
  • Four tapes for each weekday
  • Five tapes for each of Fridays (some months have
    5 weeks)
  • One tape for each month

14
Backup screen
  • Start - Programs Accessories Systems Tools
    Backup
  • Backup wizard guides you thru menu allowing
  • What to backup
  • Where to backup
  • How to backup (normal, incremental)
  • When to backup (scheduling)

15
Restoring files
  • Use restore wizard to restore selected
    files/folders from selected media
  • You can select which location it needs to be
    restored to

16
Power problems
  • Power problems could be
  • Outages
  • Voltage variations
  • Spikes and surges
  • Line noise
  • Use UPSs and surge protectors to protect your
    hardware
  • Do not buy cheaper surge protectors and cheaper
    AV systems
  • It is small investment to protect your invaluable
    resources

17
Uninterruptible Power Supply (UPS)
18
UPS (continued)
  • Choose UPS that is right for your system
  • Use appropriate cables (recommended by vendor) in
    connecting UPS to server
  • Use Control Panel to configure UPS settings for
    the server.
  • Carry out an exhaustive test to make sure
  • UPS is fully functional and is carrying out all
    functions as presumed.

19
Infestation
  • According to Andrews (2003), In 2001, one of 10
    corporate desktops were infected with computer
    infestation, and the rate of infestation is
    increasing 15 every year (p. 370)
  • Infestation unwanted program transmitted to a
    user computer w/o his/her knowledge.
  • 4 Types of infestation Virus, Worms, Trojan
    Horses and Logic Bombs

20
Virus
  • Program that replicates itself by attaching
    itself to another program, hence contagious.
  • Virus program has to be executed for it to create
    any sort of damage, thereby has incubation
    period.
  • Extremely destructive and most commonly found
    these days.

21
Boot Sector Virus
  • Boot Sector Virus
  • Hides on MBR (Master boot record) that loads OS
    on active partition of Hard Drive.
  • If floppy used for booting, virus can be hiding
    on the floppy disk as well. (very common)
  • Prevention Setup CMOS to disable boot sector
    writing

22
File Virus
  • Hides in executable file (.exe) program or word
    document containing macro (small program)
  • Macro viruses spreads commonly attachments in
    emails.
  • Melissa (macro virus of 1999) word 97 file
    list.doc.
  • Upon opening attachment, macro executed and send
    the same email to 50 users found in address book.


23
More Viruses
  • Multipartite virus combo of boot sector and file
    virus
  • Polymorphic changing its signature and
    characteristics as it mutates masking itself
    from being recognized by AV
  • Encrypting transform itself whereby its stops
    mutating for AV to catch it
  • Stealth Act of concealing by altering OS info on
    file size and temporarily removing itself from
    file about to be opened to conceal its identity.

24
Worm
  • Program that spreads copies of itself without a
    host program
  • Worms overloads the network/memory/hard drive
    causing it to crash due to incessant replication

25
Trojan Horse
  • Does not need a host to run
  • Replaces itself for legitimate program
  • Does not replicate
  • Not as common as virus

26
Logic Bomb
  • Dormant code that can be triggered at
    predetermined time.
  • Eg. Disgruntled employees creating logic bomb in
    payroll system.

27
Infestation Spreads
  • Floppy disks exchange
  • Purchase software from unreliable sources
  • Downloading from web
  • Used, preformatted floppies
  • Opening unsolicited attachments
  • Not write-protecting original program disks

28
Act of Replication
  • For any program to execute, it must be stored in
    memory.
  • Virus sitting in the program is also now in
    memory.
  • Virus will now look for other programs in memory
    to replicate onto those programs as well.
  • Virus becomes dangerous the longer it stays in
    memory eg. Hence good practice is to clean out
    cache of memory by rebooting.

29
Virus Hoax
  • All of us have at some point received something
    that reads like
  • There is a new virus out there in the last
    couple of days!! DO NOT OPEN Please forward this
    email to your loved ones and friends.
  • Do not forward such emails.
  • The intent is to clutter the network with
    unnecessary traffic.

30
Protection against Infestations
  • Run AV at startup and automatic periodic updates
  • Automatic scanner to scan word docs and email
    attachments
  • Buy s/w from reputable vendors
  • Avoid trading floppies
  • Scan every floppy for virus

31
Protection (continued)
  • Download programs from internet sparingly
  • Careful of pirated software
  • Before using machine used by someone else (public
    places such as labs), hard boot to erase the
    memory resident programs/viruses
  • Disable changes to MBR option via CMOS

32
Selection of AV
  • Automatic software updates and virus definitions
    keeping the computer abreast of latest viruses
  • Execute at startup
  • Detect macros in word processor
  • Automatically check for email attachment viruses
  • Ability to scan automatically or manually for
    viruses

33
AV Web Sites/Companies
  • www.symantec.com
  • www.mcafee.com
  • www.esafe.com
  • www.trendmicro.com
  • www.f-prot.com

34
Development of OSI
  • Quote from William Stallings
  • The history of development of OSI model is, for
    some reason, a little known story
  • Design of OSI was actually done by group at
    Honeywell Info Systems, headed by Mike Canepa,
    with Charlie Bachman as principal technical
    member in mid 70s

35
Development continued1
  • Focus for the group was structured communication
    architecture
  • They studied the SNA systems network arch,
    ARPANET and standardized database systems
  • Result was 7-layer arch known as DSA Distributed
    Systems Architecture in 1977.

36
Development continued2
  • In 77, British Standards Institute proposed to
    the International Organization for
    standardization (ISO) that standard
    architecture is needed to define communication
    for distributed processing
  • ISO formed subcommittee on OSI open systems
    Interconnection
  • ANSI American National Standards Institute was
    charged to develop proposals in advance of the
    1st formal meeting of the subcommittee.

37
Development continued3
  • ANSI selected DSA plan of Bachman and Canepa
  • When ISO met in Mar78, the plan was approved w/
    consensus that architecture would support most
    requirements of OSI and can be expanded further
    later
  • Provisional version released in Mar78
  • Refinements were published in June79
  • Standardized in 1984

38
SNA model v/s OSI
  • The figure shows the comparison and similarities
    of the SNA Model to the OSI model.
  • SNA only discusses the 6 layers minus the
    physical layer since there is no set standard for
    layer 1.

39
SNA layers
  • Data link control (DLC)
  • Defines several protocols, including the
    Synchronous Data Link Control (SDLC) protocol for
    hierarchical communication
  • Token Ring Network communication protocol for LAN
    communication between peers.
  • SDLC provided a foundation for IEEE 802.2.
  • The data link control Layer provides the
    error-free movement of data between the Network
    Addressable Units (NAUs) within a given
    communication network via the Synchronous Data
    Link Control (SDLC) Protocol.
  • Path Control
  • Performs routing and datagram segmentation and
    reassembly (SAR)
  • Eg. APPN
  • Handles session establishment between peer nodes,
    dynamic transparent route calculation, and
    traffic prioritization.

40
SNA layers (2)
  • Transmission Control
  • Reliable end-to-end service
  • Provides encrypting and decrypting services
  • NetBEUI NetBIOS Extended User Interface
  • Data Flow Control
  • Manages request and response processing
  • Determines whose turn it is to communicate
  • Groups messages
  • Interrupts data flow upon request
  • Eg. NetBIOS

41
SNA Layers (3)
  • Presentation services
  • Data transformation to translate data from one
    format to another
  • Coordinate resource sharing
  • Synchronize transactions operations
  • Eg. IPDS intelligent printer data stream
  • Transaction Services
  • Programs that implement distributed processing on
    management services
  • SMB (server message block)
  • IBM protocol for sharing files, printers, serial
    ports, etc. between computers (jawin.com)

42
OSI Model and 7 layers
  • OSI model describes how info flows from s/w
    application in one computer to another
  • Model divides tasks involved w/ moving info
    between networked computers into 7 manageable
    task groups specifying particular network
    function
  • Each task is carried out in form of layer, hence
    the 7 layer model
  • Upper Layers Top 3
  • Bottom Layers Bottom 4

43
Diagram of OSI model

44
Functions of each layer
  • Application Layer 7
  • User Interface
  • Communication services to support applications
    such as s/w for file transfers, database access
    and email
  • Telnet, HTTP, FTP, WWW
  • Presentation Layer 6
  • How is data presented
  • Data Encryption
  • Compression of the data
  • JPEG, GIF, MPEG, ASCII, EBCDIC

45
Functions continued1
  • Session Layer 5
  • Allows applications on different computers to
    establish, use and end each session
  • Regulating which side transmits and how long
  • SQL, NFS, DECnet Session Control Protocol (SCP)
  • Transport Layer 4
  • Segments long messages into small packets for
    transmission
  • Reordering of packets for error-free delivery
  • TCP, UDP, SPX
  • Network Layer 3
  • Defines and learns Routes to destination
  • Fragmenting of packet
  • IP, IPX

46
Functions continued2
  • Data Link Layer 2
  • Provides reliable transmit of data frames
    across a physical link
  • IEEE divided the layer into 2 parts
  • LLC logical link control
  • Manages comm between devices over a single link

  • MAC Media Access Control
  • Defines MAC addresses to identify each device
  • IEEE 802.3/802.2, PPP, FDDI, ATM
  • Physical Layer 1
  • Regulates transmission of bits over phy medium
  • Specification of voltage, wire speed, cable
    pin-outs
  • V.35, EIA/TIA-232, EIA/TIA-449, RJ45

47
OSI Reference Model
48
OSI Reference Model
49
James Bond 007 and OSI 7 Layers
  • 7th FloorBond meets Number 1 at spy H/Q and is
    given a message to deliver to US embassy
  • 6th FloorBond proceeds to 6th floor where
    message is translated into intermediary language,
    encrypted and miniaturized
  • 5th Floor Security checks the message and puts
    some chkpoints in the message so his counterpart
    in US embassy can be sure he has the entire
    message
  • 4th Floor The large message is broken into small
    packets so spies at the other end in US embassy
    can reassemble it

50
Bond 007 Continued1
  • 3rd Floor Personnel chk the address and advice
    Bond of the fastest route to destination
  • 2nd Floor Message is put in a special pouch
    packet which contains the message, source and
    destination ID
  • 1st Floor Q has prepared the Aston Martin for
    the trip to the Embassy
  • On the other side, bond proceeds from bottom to
    top floor as message is decoded.
  • US ambassador is grateful and says to Bond
    Bond, pls tell Number 1 Ill be glad to meet him
    for dinner tonite.

51
OSI versus TCP/IP
  • TCP/IP layers are based upon DoD (dept of
    defense) model

52
OSI vs. TCP/IP
  • Differences
  • One can only functionally position the internet
    model to the ISO OSI model because basic
    differences exist such as
  • In the Internet protocol suite, a layer
    represents a reasonable packaging of function.
  • The ISO view, on the other hand, treats layers as
    rather narrow functional groups, attempting to
    force modularity by requiring additional layers
    for additional functions.

53
OSI vs. TCP/IP
  • Differences
  • In the TCP/IP protocols, a given protocol can be
    used by other protocols within the same layer,
    whereas in the OSI model two separate layers
    would be defined in such circumstances.
  • Examples of such "horizontal dependencies" are
    FTP, which uses the same common representation as
    TELNET on the "application layer," and ICMP,
    which uses IP for sending its datagrams on the
    "internetwork" layer.

54
OSI vs. TCP/IP
  • Differences
  • In practice, what we are discussing here is the
    difference between ade jure standard, OSI, and
    ade facto standard, TCP/IP.
  • The focus in the TCP/IP world is on agreeing on a
    protocol standard which can be made to work in
    diverse heterogeneous networks.
  • The focus in the OSI world has always been more
    on the standard than the implementation of the
    standard.

55
OSI vs. TCP/IP
  • Efficiency and feasibility.
  • The OSI norms tend to be prescriptive (for
    instance the "layer N" must go through "all
    layers below it"), whereas the TCP/IP protocols
    are descriptive, and leave a maximum of freedom
    for the implementers.
  • One of the advantages of the TCP/IP approach is
    that each particular implementation can use
    operating system-dependent features, generally
    resulting in a greater efficiency (fewer CPU
    cycles, more throughput for similar functions),
    while still ensuring "interoperability" with
    other implementations.

56
OSI vs. TCP/IP
  • Efficiency and feasibility.
  • Another way to see this is that most of the
    Internet protocols have first been developed
    (coded and tested), before being "described" in
    an RFC (usually by the implementer) which clearly
    shows the feasibility of the protocols.

57
TCP/IP Suite
  • Application Layers (top 3)
  • user interface for the various protocols and
    applications that access the network
  • File transfer, remote logon to other nodes,
    e-mail functionality, and network monitoring.
  • Host to Host layer
  • flow control and connection reliability as data
    moves from a sending to a receiving computer.
  • Internet layer
  • routing of data across logical network paths and
    provides an addressing system to the upper layers
    of the DOD stack
  • Defines the packet format used for the data as it
    moves onto the network.
  • Network Access Layer
  • consists of the protocols that take the packets
    from the Internet layer and package them in an
    appropriate frame type.

58
DHCP
  • The Dynamic Host Configuration Protocol (DHCP)
    provides a framework for passing configuration
    information to hosts on a TCP/IP network.
  • DHCP is based on the BOOTP protocol, adding the
    capability of automatic allocation of reusable
    network addresses and additional configuration
    options.
  • DHCP participants can interoperate with BOOTP
    participants (RFC 1534).

59
DHCP
  • DHCP supports three mechanisms for IP address
    allocation
  • Automatic allocation
  • DHCP assigns a permanent IP address to the host.

  • Manual allocation
  • The host's address is assigned by a network
    administrator
  • Dynamic allocation
  • DHCP assigns an IP address for a limited period
    of time.
  • Such a network address is called a lease.
  • This is the only mechanism that allows automatic
    reuse of addresses that are no longer needed by
    the host to which it was assigned.

60
DHCP
  • This section describes the client/server
    interaction if the client does not know its
    network address.
  • Assume that the DHCP server has a block of
    network addresses from which it can satisfy
    requests for new addresses.
  • Each server also maintains a database of
    allocated addresses and leases in permanent local
    storage.
  • The client broadcasts a DHCPDISCOVER message on
    its local physical subnet.
  • The DHCPDISCOVER message may include some options
    like network address suggestion or lease duration
    etc.
  • Each server may respond with a DHCPOFFER message
    that includes an available network address and
    other configuration options.

61
DHCP
  • The client receives one or more DHCPOFFER
    messages from one or more servers.
  • The client chooses one based on the configuration
    parameters offered and broadcasts a DHCPREQUEST
    message which includes the server identifier''
    option to indicate which message it has selected.

62
DHCP
  • The servers receive the DHCPREQUEST broadcast
    from the client.
  • Those servers not selected by the DHCPREQUEST
    message use the message as notification that the
    client has declined that server's offer.
  • The server selected in the DHCPREQUEST message
    commits the binding for the client to persistent
    storage and responds with a DHCPACK message
    containing the configuration parameters for the
    requesting client.
  • The combination of client hardware and assigned
    network address constitute a unique identifier
    for the client's lease and are used by both the
    client and server to identify a lease referred to
    in any DHCP messages.
  • The "your IP address" field in the DHCPACK
    messages is filled in with the selected network
    address.

63
DHCP
  • The client receives the DHCPACK message with
    configuration parameters.
  • The client performs a final check on the
    parameters, for example with ARP for allocated
    network address, and notes the duration of the
    lease and the lease identification cookie
    specified in the DHCPACK message.
  • At this point, the client is configured.
  • If the client detects a problem with the
    parameters in the DHCPACK message, the client
    sends a DHCPDECLINE message to the server and
    restarts the configuration process.
  • The client should wait a minimum of ten seconds
    before restarting the configuration process to
    avoid excessive network traffic in case of
    looping.

64
DHCP
  • If the client receives a DHCPNAK message, the
    client restarts the configuration process.
  • The client may choose to relinquish its lease on
    a network address by sending a DHCPRELEASE
    message to the server.
  • The client identifies the lease to be released by
    including its network address and its hardware
    address.

65
IP Addresses
  • Unique 32-bit address
  • Three major classes
  • Class A (/8)
  • Class B (/16)
  • Class C (/24)
  • Subnet masking get away from two level hierarchy
    so as to control broadcast storms

66
IP Address
67
IP Address Range
68
Subnetting
69
Subnetting example
70
Configuring TCP/IP on PC
  • Primary DNS
  • Default gateway
  • IP Address
  • Pre-Windows 2000, then need WINS/NetBIOS name

71
NetBEUI (NetBIOS extended user interface)
  • To be used with NetBIOS
  • NetBIOS is protocol that allows computers on
    network to be known by friendly name
  • NetBEUI is non-routable
  • NetBEUI works at layer ¾ (fig next slide)
  • NetBIOS, works at Session layer, sets up
    communication session between two computers on
    network
  • Redirector makes client computer see all ntwk
    resources as if they are locaol
  • SMB (server message block) provides peer-peer
    comm between redirectors on client and network
    server machines.
  • Good for local peer-peer networks, but cannot be
    used for internetworking as it is not routable.

72
NetBEUI stack
73
Other Technologies
  • Microsoft NetworkingNetBIOS
  • NetBIOS, a layer of software developed to link a
    network operating system with specific hardware,
    was originally designed as THE network controller
    for IBM's Network LAN.
  • NetBIOS has now been extended to allow programs
    written using the NetBIOS interface to operate on
    the IBM token ring architecture.
  • NetBIOS has since been adopted as an industry
    standard and now, it is common to refer to
    NetBIOS-compatible LANs.

74
Other Technologies
  • Microsoft NetworkingNetBIOS
  • It offers network applications a set of "hooks"
    to carry out inter-application communication and
    data transfer.
  • In a basic sense, NetBIOS allows applications to
    talk to the network.
  • Its intention is to isolate application programs
    from any type of hardware dependencies.
  • It also spares software developers the task of
    developing network error recovery and low level
    message addressing or routing.
  • The use of the NetBIOS interface does a lot of
    this work for them.

75
Other Technologies
  • Microsoft NetworkingNetBEUI
  • NetBEUI is an enhanced version of the NetBIOS
    protocol used by network operating systems.
  • It formalizes the transport frame that was never
    standardized in NetBIOS and adds additional
    functions.

76
Other Technologies
  • Microsoft NetworkingNetBEUI
  • The transport layer driver frequently used by
    Microsofts LAN Manager.
  • NetBEUI implements the OSI LLC2 protocol.
  • NetBEUI is the original PC networking protocol
    and interface designed by IBM for the LanManger
    Server.
  • This protocol was later adopted by Microsoft for
    their networking products.
  • It specifies the way that higher level software
    sends and receives messages over the NetBIOS
    frame protocol.
  • This protocol runs over the standard 802.2
    data-link protocol layer.

77
Appletalk (MACs)
  • Routable protocol that allows large networks to
    be broken into subgroups called zones
  • Zones is similar to workgroups in windows
    peer-peer networking
  • Network Address is divided into network portion
    and node portion

78
IPX/SPX
  • Internetwork Packet Exchange/Sequential Packet
    Exchange
  • Used for Novell NetWare network operating System
  • Routable protocol

79
IPX/SPX stack
80
Troubleshooting Protocols
  • Ping
  • Telnet
  • FTP (file transfer protocol)
  • Tracert
  • IPConfig
  • Netstat

81
Routing Protocols
  • Border Gateway Protocol (BGP)
  • Open Shortest Path First (OSPF)
  • Routing Information Protocol (RIP)
  • Resource Reservation Protocol (EIA-VP)
  • IP multicast

82
Routing Protocols
  • Routing Protocols
  • Many different low-level network protocols exist
    for routing data through the Internet.
  • Border Gateway Protocol (BGP)
  • An Exterior Gateway Protocol defined in RFC 1267
    and RFC 1268.
  • Its design is based on experience gained with
    Exterior Gateway Protocol (EGP)

83
Routing Protocols
  • Open Shortest Path First (OSPF)
  • A link state routing protocol that is one of the
    Internet standard Interior Gateway Protocols
    defined in RFC 1247.
  • There is no OSPF EGP, OSPF is an IGP only.
  • Routing Information Protocol (RIP)
  • A distance vector, as opposed to link state,
    routing protocol.
  • RIP is an Internet standard Interior Gateway
    Protocol defined in STD 34, RFC 1058 and updated
    by RFC 1388.

84
Routing Protocols
  • Resource Reservation Protocol (RSVP)
  • A protocol that supports quality of service.
  • IP multicast
  • Ethernet addressing scheme used to send packets
    to devices of a certain type or for broadcasting
    to all nodes.
  • The least significant bit of the most significant
    byte of a multi-cast address is one.

85
Ethernet
  • Ethernet
  • In 1973, at Xerox Corporations Palo Alto
    Research Center (more commonly known as PARC),
    researcher Bob Metcalfe designed and tested the
    first Ethernet network.
  • While working on a way to link Xeroxs "Alto"
    computer to a printer, Metcalfe developed the
    physical method of cabling that connected devices
    on the Ethernet as well as the standards that
    governed communication on the cable.
  • Ethernet has since become the most popular and
    most widely deployed network technology in the
    world.
  • Many of the issues involved with Ethernet are
    common to many network technologies, and
    understanding how Ethernet addressed these issues
    can provide a foundation that will improve your
    understanding of networking in general.

86
Ethernet
  • Ethernet
  • The Ethernet standard has grown to encompass new
    technologies as computer networking has matured,
    but the mechanics of operation for every Ethernet
    network today stem from Metcalfes original
    design.
  • The original Ethernet described communication
    over a single cable shared by all devices on the
    network.
  • Once a device attached to this cable, it had the
    ability to communicate with any other attached
    device.
  • This allows the network to expand to accommodate
    new devices without requiring any modification to
    those devices already on the network.

87
Ethernet
  • Ethernet
  • Ethernet is a local area technology, with
    networks traditionally operating within a single
    building, connecting devices in close proximity.
  • At most, Ethernet devices could have only a few
    hundred meters of cable between them, making it
    impractical to connect geographically dispersed
    locations.
  • Modern advancements have increased these
    distances considerably, allowing Ethernet
    networks to span tens of kilometers.

88
Ethernet
  • ICCC 802.3 CSMA/CD Protocol (Carrier Sense
    Multiple Access / Collision Detection)
  • The acronym CSMA/CD signifies carrier-sense
    multiple access with collision detection and
    describes how the Ethernet protocol regulates
    communication among nodes.
  • Multiple access means that when one Ethernet
    station transmits, all the stations on the medium
    hear the transmission.
  • Carrier Sense means that before a station
    transmits, it "listens" to the medium to
    determine if another station is transmitting.
  • If the medium is quiet, the station recognizes
    that this is an appropriate time to transmit.

89
Ethernet
  • Ethernet Collision detection
  • Carrier-sense multiple access gives us a good
    start in regulating our traffic on the wire, but
    there is one scenario we still need to address.
  • If two stations listen to the wire and it is
    clear, they could very well try to start
    transmitting at the same time.
  • In Ethernet terminology, this is referred to as a
    collision, or when two stations try to transmit
    at once.

90
Ethernet
  • Ethernet Collision detection
  • Ethernet nodes listen to the medium while they
    transmit to ensure that they are the only station
    transmitting at that time.
  • If the stations hear their own transmission
    returning in a garbled form, as would happen if
    some other station had begun to transmit its own
    message at the same time, then they know that a
    collision occurred.
  • A single Ethernet segment is sometimes called a
    collision domain because no two stations on the
    segment can transmit at the same time without
    causing a collision.
  • When stations detect a collision, they cease
    transmission, wait a random amount of time, and
    attempt to transmit when they again detect
    silence on the medium.

91
Ethernet
  • Ethernet Collision detection
  • The random pause and retry is an important part
    of the protocol.
  • If two stations collide when transmitting once,
    then both will need to transmit again.
  • At the next appropriate chance to transmit, both
    stations involved with the previous collision
    will have data ready to transmit.
  • If they transmitted again at the first
    opportunity, they would most likely collide again
    and again indefinitely.
  • Instead, the random delay makes it unlikely that
    any two stations will collide more than a few
    times in a row.

92
Ethernet
  • Ethernet frame formats
  • The following section will outline the specific
    fields in the different types of Ethernet frames.

  • We will refer to fields by referencing their
    "offset" or number of bytes from the start of the
    frame, beginning with zero.
  • Therefore, when we say that the destination
    address field is from offset zero through five,
    we are referring to the first six bytes of the
    frame.

93
Ethernet
  • Ethernet frame formats
  • Regardless of the frame type being used, the
    means of digital signal encoding on an Ethernet
    network is the same.
  • While a discussion of Manchester Encoding is
    beyond the scope of this discussion, it is
    sufficient to say this
  • On an idle Ethernet network, there is no signal.

  • Because each station has its own oscillating
    clock, the communicating stations have to have
    some way to "synch up" their clocks and thereby
    agree on how long one bit time is.
  • The preamble facilitates this. The preamble
    consists of 8 bytes of alternating ones and
    zeros, ending in 11.

94
Ethernet
  • Ethernet frame formats
  • A station on an Ethernet network detects the
    change in voltage that occurs when another
    station begins to transmit, and uses the preamble
    to "lock on" to the sending station's clock
    signal.
  • Because it takes some amount of time for a
    station to "lock on", it does not know how many
    bits of the preamble have gone by.
  • For this reason, we say that the preamble is
    "lost" in the "synching up" process.
  • No part of the preamble ever enters the adapter's
    memory buffer.
  • Once locked on, the receiving station waits for
    the 11 that signals that the Ethernet frame
    follows.
  • Most modern Ethernet adapters are guaranteed to
    achieve a signal lock within 14 bit-times.

95
Ethernet
  • Ethernet frame formats
  • While the preamble is common to every type of
    Ethernet, what follows it is certainly not.
  • The major types of Ethernet Frame Format are
    shown here.

96
Ethernet
  • Ethernet frame formats

97
Ethernet
  • Ethernet frame formats
  • Extended Ethernet Frame Formats
  • Purpose
  • Extend the Ethernet Frame Format to allow frames
    with payloads larger than 1500 bytes to be
    unambiguously identified
  • Motivation
  • Gigabit Ethernet, a high-speed broadcast LAN
    technology, will interconnect co-located
    high-speed network routers
  • Various access media, with different MTUs, may be
    deployed in networks
  • Avoid performance degradation due to MUTs, may be
    deployed in networks
  • Avoid performance degradation due to
    fragmentation at the interconnect
  • Server efficiency increases with larger packet
    size

98
Ethernet Cabling Options
99
Ethernet
  • 10 Mbps Ethernet design
  • The 5-4-3 (2-1) rule
  • The 5-4-3-2-1 rule embodies a simple recipe for
    network design.
  • It may not be easy to find examples in practice,
    but this rule neatly ties together several
    important elements of design theory.
  • To understand this rule, it's first necessary to
    understand the concepts of collision domains and
    propagation delay.
  • Collision domains are portions of a network.
  • When a network packet is transmitted over
    Ethernet, for example, it is possible for another
    packet from a different source to be transmitted
    close enough in time to the first packet to cause
    a collision on the wire.
  • The total range over which a packet can travel
    and potentially collide with another is its
    collision domain.

100
Ethernet
  • 10 Mbps Ethernet design
  • The 5-4-3 (2-1) rule
  • Propagation delays are a property of the physical
    medium (e.g., Ethernet).
  • Propagation delays help determine how much of a
    time difference between the sending of two
    packets on a collision domain is "close enough"
    to actually cause a collision.
  • The greater the propagation delay, the increased
    likelihood of collisons.
  • The 5-4-3-2-1 rule limits the range of a
    collision domain by limiting the propagation
    delay to a "reasonable" amount of time.

101
Ethernet
  • 10 Mbps Ethernet design
  • The 5-4-3 (2-1) rule
  • The rule breaks down as follows
  • 5 - the number of network segments
  • 4 - the number of repeaters needed to join the
    segments into one collision domain
  • 3 - the number of network segments that have
    active (transmitting) devices attached
  • 2 - the number of segments that do not have
    active devices attached
  • 1 - the number of collision domains
  • Because the last two elements of the recipe
    follow naturally from the others, this rule is
    sometimes also known as the "5-4-3" rule for
    short.

102
Ethernet
  • 10 Mbps Ethernet design
  • One of the problems with Ethernet is that under
    high loads, performance will noticeably be
    degraded, due to the number of collisions and
    retransmissions that will take place.
  • It is also very difficult to isolate problems
    when using a bus configuration.
  • The Institute of Electrical and Electronic
    Engineers developed a number of electrical
    standards for data communications that were
    adopted by the American National Standards
    Institute.
  • These were referred to as IEEE 802.x protocols.

103
Ethernet
  • 10 Mbps Ethernet design
  • Because of the problem with collisions, standard
    Ethernet systems are limited in capacity to about
    35 or maximum, after which the system becomes
    very slow and unreliable.
  • Ways to reduce collisions include
  • Bridging
  • Sub-netting
  • Moving to a switched system

104
Ethernet
  • 10 Mbps Ethernet design
  • Perhaps the most striking advancement in
    contemporary Ethernet networks is the use of
    switched Ethernet.
  • Switched networks replace the shared medium of
    legacy Ethernet with a dedicated segment for each
    station.
  • These segments connect to a switch, which acts
    much like an Ethernet bridge, but can connect
    many of these single station segments.
  • Some switches today can support hundreds of
    dedicated segments.
  • Since the only devices on the segments are the
    switch and the end station, the switch picks up
    every transmission before it reaches another
    node.
  • The switch then forwards the frame over the
    appropriate segment, just like a bridge, but
    since any segment contains only a single node,
    the frame only reaches the intended recipient.
  • This allows many conversations to occur
    simultaneously on a switched network.

105
Ethernet
  • 10 Mbps Ethernet design
  • Ethernet switching gave rise to another
    advancement, full-duplex Ethernet.
  • Full-duplex is a data communications term that
    refers to the ability to send and receive data at
    the same time.
  • Legacy Ethernet is half-duplex, meaning
    information can move in only one direction at a
    time.
  • In a totally switched network, nodes only
    communicate with the switch and never directly
    with each other.
  • Switched networks also employ either twisted pair
    or fiber optic cabling, both of which use
    separate conductors for sending and receiving
    data.
  • In this type of environment, Ethernet stations
    can forgo the collision detection process and
    transmit at will, since they are the only
    potential devices that can access the medium.
  • This allows end stations to transmit to the
    switch at the same time that the switch transmits
    to them, achieving a collision-free environment.

106
Ethernet
  • Fast Ethernet
  • Fast Ethernet is a local area network (LAN)
    transmission standard that provides a data rate
    of 100 megabits per second (referred to as
    "100BASE-T").
  • Workstations with existing 10 megabit per
    second(10BASE-T) Ethernet card can be connected
    to a Fast Ethernet network.
  • The 100 megabits per second is a shared data
    rate input to each workstation is constrained by
    the 10 Mbps card.

107
Ethernet
  • Fast Ethernet
  • Basically the same as Ethernet, but faster.
  • More limited than Ethernet, since it can only be
    run over Twisted Pair or Fibre (no coax)
  • Although Fast Ethernet runs ten times faster than
    standard Ethernet networks, the advance from
    10Mbps to 100Mbps hasn't come without a few
    technical sacrifices, the first of which is known
    as the Fast Ethernet two hub rule (2-1 rule).

108
Ethernet
  • Fast Ethernet
  • The two hub rule basically says this you can't
    join more than two regular 100Mbps hubs together
    without using some kind of switch or repeater to
    boost the interim signal.
  • In other words, if you try to uplink three, four,
    or more standard hubs together, you're in for
    real trouble.
  • Data won't go where it's supposed to go,
    applications will undoubtedly fail, and your
    users will get steamed for sure.
  • Note that this only applies to standard hubs,
    which are joined together through uplinkingthis
    is nothing more than connecting each hub to each
    successive hub with standard network cabling.
  • In this case, each hub is seen by the network as
    a separate entity, and if you're using Fast
    Ethernet, you'll hit the "two hub" rule wall
    pretty fast.

109
Ethernet
  • Fast Ethernet
  • Not so with stacking technology.
  • Stackable hubs are designed to appear as a single
    hub to the network--even when connected in
    multiples.
  • Let's say you have a hub with four ports.
  • If this is a standard hub, you can only add one
    more hub without having to buy a switch or a
    repeater.
  • If the hub is stackable, though, you can add a
    second, third, or even tenth stackable hub--and
    the network will still think you're only using
    one hub at the site.
  • Depending on your expansion requirements, you get
    a lot more bang for your buck with stacking
    technology because you don't have to worry so
    much about expansion limitations in the future.

110
Ethernet
  • Fast Ethernet
  • Not so with stacking technology.
  • Unlike regular hubs that are uplinked together
    with regular network cables, stackable hubs are
    "stacked" or "cascaded" with one or more
    "stacking cables."
  • These cables aren't like standard 10BaseT cords
    they're specially designed to actually join the
    backplane of one hub to the next.
  • The result is a minimal slowdown when data moves
    from one hub to another since information doesn't
    have to pass through the hub's regular RJ-45
    ports and the vast array of error correction
    other filters found there.

111
Fast Ethernet Overview
Basic Rules SMC 3 - 2 Rule
SMC 2 - 1 Rule
3 link segments and
2 link segments and
2 Class II repeaters
1 Class I repeater
Class I Repeater
Class II Repeater
Class II Repeater
112
Ethernet vs. Fast Ethernet
  • Fast Ethernet
  • IEEE 802.3u
  • 100 Mbps CSMA/CD
  • 64 to 1518 byte frame size
  • Supported Cable Type
  • - Twisted Pair (100BASE-TX, 2 pair,
  • UTP Cat. 5)
  • - Twisted Pair (100BASE-T4, 4 pair,
  • UTP Cat. 3, 4 and 5)
  • - Twisted Pair (100Base-T2, 2 pair,
  • UTP Cat. 3, 4 and 5)
  • - Fiber (100BASE-FX, 62.5 micron)
  • - MII
  • Ethernet
  • IEEE 802.3
  • 10 Mbps CSMA/CD
  • 64 to 1518 byte frame
  • Supported Cable Type
  • - Twisted Pair (10BASE-T,
  • UTP Cat. 3, 4 and 5)
  • - Fiber (10BASE-FL,
  • 62.5/125 micron core)
  • - Thin Coax (10Base2)
  • - Thick Coax (10BASE5)
  • - AUI

113
Ethernet
  • Gigabit Ethernet
  • In March 1996, the IEEE 802.3 committee approved
    the 802.3z Gigabit Ethernet Standardization
    project.
  • At that time as many as 54 companies expressed
    there intent to participate in the
    standardization project.
  • The Gigabit Ethernet Alliance was formed in May
    1996 by 11 companies
  • 3Com Corp., Bay Networks Inc., Cisco Systems
    Inc., Compaq Computer Corp., Granite Systems
    Inc., Intel Corporation, LSI Logic, Packet
    Engines Inc., Sun Microsystems Computer Company,
    UB Networks and VLSI Technology.

114
Ethernet
  • Gigabit Ethernet
  • The Alliance represents a multi-vendor effort to
    provide open and inter-operable Gigabit Ethernet
    products.
  • The objectives of the alliance are
  • supporting extension of existing Ethernet and
    Fast Ethernet technology in response to demand
    for higher network bandwidth.
  • developing technical proposals for the inclusion
    in the standard
  • establishment of inter-operability test
    procedures and processes

115
Ethernet
  • Gigabit Ethernet
  • The Physical Layer of Gigabit Ethernet uses a
    mixture of proven technologies from the original
    Ethernet and the ANSI X3T11 Fibre Channel
    Specification.
  • Gigabit Ethernet supports 4 physical media types
    .
  • These are defined in 802.3z (1000Base-X) and
    802.3ab (1000Base-T).

116
Ethernet
  • Gigabit Ethernet
  • The 1000Base-X standard is based on the Fibre
    Channel Physical Layer.
  • Fibre Channel is an interconnection technology
    for connecting workstations, supercomputers,
    storage devices and peripherals.
  • Fibre Channel has a 4 layer architecture.
  • The lowest two layers FC-0 (Interface and media)
    and FC-1 (Encode/Decode) are used in Gigabit
    Ethernet.
  • Since Fibre Channel is a proven technology,
    re-using it will greatly reduce the Gigabit
    Ethernet standard development time.
  • Three types of media are include in the
    1000Base-X standard
  • 1000Base-SX850 nm laser on multi mode fiber.
  • 1000Base-LX1300 nm laser on single mode and multi
    mode fiber.
  • 1000Base-CXShort haul copper "twinax" STP
    (Shielded Twisted Pair) cable

117
Ethernet
  • Gigabit Ethernet
  • 1000Base-T
  • 1000Base-T is a standard for Gigabit Ethernet
    over long haul copper UTP.
  • The standards committee's goals are to allow up
    to 25-100 m over 4 pairs of Category 5 UTP.
  • The MAC Layer of Gigabit Ethernet uses the same
    CSMA/CD protocol as Ethernet.
  • The maximum length of a cable segment used to
    connect stations is limited by the CSMA/CD
    protocol.
  • If two stations simultaneously detect an idle
    medium and start transmitting, a collision
    occurs.

118
Ethernet
  • 10GB Ethernet
  • Over the past several years, Ethernet has been
    the most popular choice of technology for local
    area networks (LAN).
  • There are millions of Ethernet users worldwide
    and still counti
Write a Comment
User Comments (0)
About PowerShow.com