NPNS_Supplement_2

Best of Luck!!!

Exam Question

• Explain the procedure for mapping multicast address to Ethernet address:

• http://www.tcpipguide.com/free/t_TCPIPAddressResolutionForIPMulticastAddresses.htm

• IP multicast addresses are resolved to IEEE 802 (Ethernet) MAC addresses using a direct mapping technique that uses 23 of the 28 bits in the IP multicast group address.

6

• Linux IP firewall utility called iptables.• An iptables firewall consists of several tables, each

with a default policy and builtin chains of rules. Further rule chains can optionally be created in each table. Different tables and chains are traversed according to the source and destination of the packet.

• IPTables is a statefulfirewall.• The iptables command is used to configure both IP

filtering and Network Address Translation.

• What is DHCP?• The Internet is a vast source of information that is continuously updated and

accessed via computers and other devices. For a device (also referred to as a host) to connect to the Internet, it is necessary that among other configurations, it must have an Internet Protocol (IP) address. The IP address is the computer's address on the Internet. A common comparison of an IP address is an individual's telephone number, which is an identifier for people to communicate with the individual. Up until the late 1980s, configuring a computer to connect to the Internet was a manual process. The protocol Bootstrap Protocol (BOOTP) was the first Transmission Control Protocol/Internet Protocol (TCP/IP) network configuration tool used to prevent the task of having to manually assign IP addresses by automating the process.

• While the introduction of the BOOTP network protocol was a welcome innovation for network administrators tasked with managing large numbers of computers on a network, it was the first attempt and a new and improved TCP/IP network protocol soon followed. This protocol is called Dynamic Host Configuration Protocol (DHCP). DHCP was not designed as a replacement for BOOTP, but an extension of its functionality.

How DHCP WorksAs its name indicates, DHCP provides dynamic IP address assignment. What this means is that instead of having to rely on a specific IP address, a computer will be assigned one that is available from a subnet or "pool" that is assigned to the network. DHCP also extends BOOTP functionality to provide IP addresses that expire. BOOTP indirectly uses a form of leasing that never expired, but the term wasn't actually used until the introduction of DHCP. When DHCP assigns an IP address, it actually leases the identifier to the host computer for a specific amount of time. The default lease is five days, but a network administrator should evaluate their own particular circumstances to determine an appropriate lease.

• Extension Headers• In IPv6, extension headers are used to encode optional Internet-

layer information.• Extension headers are placed between the IPv6 header and the

upper layer header in a packet.• Extension headers are chained together using the next header

field in the IPv6 header. The next header field indicates to the router which extension header to expect next. If there are no more extension headers, the next header field indicates the upper layer header (TCP header, User Datagram Protocol [UDP] header, ICMPv6 header, an encapsulated IP packet, or other items).

• http://www.juniper.net/techpubs/en_US/junos9.6/information-products/topic-collections/config-guide-routing/id-10122335.html

• register_netdev(snull_devs);• unregister_netdev(dev);

Architecture

Network stack

Network hardware driver

Bus infrastructure(platform, pci, usb, etc.)

sk_buff net_device

sk_buff

The struct sk_buff is the structure representing a network packet

Designed to easily support encapsulation/decapsulation of data through the protocol layers

In addition to the data itself, an sk_buff maintains

head, the start of the packet

data, the start of the packet payload

tail, the end of the packet payload

end, the end of the packet

len, the amount of data of the packet

These fields are updated when the packet goes through the protocol layers

struct net_device

This structure represents a single network interface

Allocation takes place with alloc_etherdev()

The size of private data must be passed as argument. The pointer to these private data can be read in net_device->priv

alloc_etherdev() is a specialization of alloc_netdev() for Ethernet interfaces

Registration with register_netdev()

Unregistration with unregister_netdev()

Liberation with free_netdev()

• Windows Sockets server applications generally create a socket, and then use the listen() function on it to listen for connection requests. One of the parameters passed when calling listen() is the backlog of connection requests that the application would like Windows Sockets to queue for it. This value controls the number of unaccepted connections that can be queued. Once an application accepts a connection, it is moved out of the connection request backlog and no longer counts. The Windows Sockets 1.1 specification indicates that the maximum allowable value for a backlog is 5; however, Windows NT 3.51 accepts a backlog of up to 100, Windows NT 4.0 and Windows 2000 Server accept a backlog of 200, and Windows NT 4.0 Workstation and Windows 2000 Professional accept a backlog of 5 (which reduces memory demands).

The listen function• Description

– The listen function converts a data socket into a listening socket. In this manual, the term data socket means a socket that you can use to send and receive data, and the term listening socket means a socket that you can use to listen for attempts by other sockets to connect. When you first create a socket it is a data socket by default.

• Declaration– The system include file WinSock2.inc contains the following declaration for

the listen function:– function listen(s : SOCKET; backlog : integer) : integer; external dll='ws2_32.dll';

• The Second Argument• The second argument passed to the listen function is the maximum length of the

queue of pending connections. If you pass a value, for this argument, that is too large then the underlying service provider will choose an appropriate value. If you are not sure what value you should use for this argument then use SOMAXCONN, which will cause the underlying service provider to choose an appropriate value. NOTE: The constantSOMAXCONN is declared in the system include file WinSock2.inc.

CS 640 32

IP V6:Address Space and Notation• Allocation is classless

– Prefixes specify different uses (unicast, multicast, anycast)• Anycast: send packets to nearest member of a group

– Prefixes can be used to map v4 to v6 space and visa-versa– Lots of flexibility with 128 bits!

• ~1500 address/sqft of the earths surface• Standard representation is set of eight 16-bit values separated by

colons– Eg. 47CD:1234:3200:0000:0000:4325:B792:0428– If there are large number of zeros, they can be omitted with series of

colons• Eg. 47CD:1234:3200::4325:B792:0428

– Address prefixes (slash notation) are the same as v4• Eg. FEDC:BA98:7600::/40 describes a 40 bit prefix

Misc…