Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE...
60
Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11
-
Upload
caroline-phillips -
Category
Documents
-
view
219 -
download
1
Transcript of Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE...
Lesson 1: Local Area Network (LAN) Technologies LAN encapsulations Ethernet Token Ring FDDI IEEE 802.11
LAN Encapsulations
Delimitation Protocol identification Addressing Bit-level integrity check
Ethernet
Ethernet II IEEE 802.3 IEEE 802.3 SNAP
Destination AddressSource Address
Payload ...
EtherType
Frame Check Sequence
Preamble
46 - 1,500 bytes
Ethernet II
The Maximum Extent Ethernet Network
Repeater
2500 meters
A B
Slot time = 57.6 s
IEEE 802.3 Frame Format
Destination AddressSource Address
DSAPSSAP
Control
Payload
Length
Frame Check Sequence
Preamble
IEEE 802.2 LLC Header
Start Delimiter
. . .
IEEE 802.3 Header
IEEE 802.3 Trailer
IEEE 802.3 SNAP Frame Format
Destination AddressSource Address
DSAPSSAP
Control
IP Datagram
Length
Frame Check Sequence
Preamble
IEEE 802.2 LLC Header
Start Delimiter
. . .
IEEE 802.3 Header
IEEE 802.3 Trailer
Organization CodeEtherType
= 0x00-00-00
= 0x08-00
SNAPHeader
38-1,492 bytes
= 0xAA
= 0xAA
= 0x03
Special Bits on Ethernet MAC Addresses
Destination Address
Source Address
0 - Individual1 - Group
0 - Universal Admin1 - Local Admin
0 - No Routing1 - Routing Present
0 - Universal Admin1 - Local Admin
IEEE 802.5 Frame Format
DSAPSSAP
Control
IEEE 802.2 LLC Header
. . .
IEEE 802.5 Header
IEEE 802.5 Trailer
Start DelimiterAccess ControlFrame Control
Destination AddressSource Address
Frame Check Sequence
End DelimiterFrame Status
Payload
IEEE 802.5 SNAP Frame Format
IEEE 802.5 Header
IEEE 802.5 Trailer
Start DelimiterAccess ControlFrame Control
Destination AddressSource Address
Frame Check Sequence
End DelimiterFrame Status
DSAPSSAP
Control
IP Datagram
IEEE 802.2 LLC Header
. . .
Organization CodeEtherType
= 0x00-00-00
= 0x08-00
SNAPHeader
= 0xAA
= 0xAA
= 0x03
Special Bits on Token Ring MAC Addresses
Destination Address
0 - Individual1 - Group
0 - Universal Admin1 - Local Admin
0 - No Routing1 - Routing Present
0 - Universal Admin1 - Local Admin
Source Address
0 - Functional1 - Nonfunctional
FDDI Frame Format
DSAPSSAP
Control
IEEE 802.2 LLC Header
. . .
FDDI Header
FDDI Trailer
PreambleStart DelimiterFrame Control
Destination AddressSource Address
Frame Check Sequence
End DelimiterFrame Status
Payload
FDDI SNAP Frame Format
FDDIHeader
FDDI Trailer
PreambleStart DelimiterFrame Control
Destination AddressSource Address
Frame Check Sequence
End DelimiterFrame Status
DSAPSSAP
Control
IP Datagram
IEEE 802.2 LLC Header
. . .
Organization CodeEtherType
= 0x00-00-00
= 0x08-00
SNAPHeader
= 0xAA
= 0xAA
= 0x03
Up to 4,352 bytes
IEEE 802.11 Frame Format
Address 1Address 2
DSAPSSAP
Control
Payload
Address 3
Frame Check Sequence
Frame Control
IEEE 802.2 LLC Header
Duration/ID
. . .
IEEE 802.11 Header
IEEE 802.11 Trailer
Sequence ControlAddress 4
Protocol VersionType
SubtypeTo DS
From DSMore Fragments
RetryPower Management
More DataWEP
Order
The Frame Control Field
IEEE 802.11 SNAP Frame Format
Address 1Address 2
DSAPSSAP
Control
IP Datagram
Address 3
Frame Check Sequence
Frame Control
IEEE 802.2 LLC Header
Duration/ID
. . .
IEEE 802.11 Header
IEEE 802.11 Trailer
Sequence Control
Organization CodeEtherType
= 0x00-00-00
= 0x08-00 SNAPHeader
= 0xAA
= 0xAA
= 0x03
Lesson 2: Wide Area Network (WAN) Technologies WAN encapsulations Point-to-Point Protocol Frame relay
WAN Encapsulations
Delimitation Protocol identification Addressing Bit-level integrity check
Point-to-Point Protocol (PPP)
Data Link Layer encapsulation method Link Control Protocol (LCP) Network Control Protocols (NCPs)
PPP Encapsulation Using HDLC Framing
FlagAddressControl
Protocol
IP Datagram
Frame Check SequenceFlag
= 0x7E
= 0xFF
= 0x03
= 0x00-21
= 0x7E
. . .
Typical PPP Framing
Flag
Protocol
IP Datagram
Frame Check SequenceFlag
= 0x7E
= 0x21
= 0x7E
. . .
Multilink Protocol Long Sequence Number Format
Flag
Protocol
Beginning Fragment BitEnding Fragment Bit
ReservedSequence Number
Multilink Fragment
Frame Check SequenceFlag
= 0x7E
= 0x3D
= 0x7E
. . .
Multilink Protocol Short Sequence Number Format
Flag
Protocol
Beginning Fragment BitEnding Fragment Bit
ReservedSequence Number
Multilink Fragment
Frame Check SequenceFlag
= 0x7E
= 0x3D
= 0x7E
. . .
Frame Relay Encapsulation for IP Datagrams
FlagAddressControl
= 0x7E
. . .
Frame Check SequenceFlag
IP Datagram
= 0x7E
NLPID = 0xCC
= 0x03
Frame Relay Two-Byte Address Field
DLCIC/REA
DLCIFECNBECN
DEEA
= 0
= 1
= 0 First byte
Second byte
Lesson 3: Address Resolution Protocol (ARP)
Overview of ARP ARP frame structure ARP in Windows Server 2008 and
Windows Vista Inverse ARP Proxy ARP
Overview of ARP Resolves the next-hop IP address of a node to
its corresponding media access control (MAC) addressFor direct deliveries, ARP resolves the datagram’s
destination IP address For indirect deliveries, ARP resolves the IP address
of a neighboring router ARP message exchange
Broadcast ARP RequestUnicast ARP Reply
The ARP or Neighbor Cache
Table of resolved IP addresses and their corresponding MAC addresses
Checked before sending ARP Request messageNetwork black holes
ARP Frame Structure
Hardware Type
Protocol Type
Hardware Address Length
Protocol Address Length
Operation
Sender Hardware Address
Sender Protocol Address
Target Hardware Address
Target Protocol Address
= 0x0800
= 6
= 4
ARP in Windows Server 2008 and Windows Vista
Works in the same way as Neighbor Discovery in IP version 6 (IPv6)
Neighbor Discovery processesAddress resolutionDuplicate address detectionNeighbor unreachability detection
Address Resolution
ARP RequestSHA: 00-60-08-52-F9-D8SPA: 10.0.0.99THA: 00-00-00-00-00-00TPA: 10.0.0.1
ARP ReplySHA: 00-10-54-CA-E1-40SPA: 10.0.0.1THA: 00-60-08-52-F9-D8TPA: 10.0.0.99
Node 1IP Address: 10.0.0.99
MAC Address: 00-60-08-52-F9-D8
Node 2IP Address: 10.0.0.1
MAC Address: 00-10-54-CA-E1-40
Duplicate Address Detection
ARP Request for one’s own addressReply received: Duplicate IP addressNo reply received: Unique IP address for the
network segment Duplicate address ARP exchange
Broadcast ARP Request sent by offending nodeUnicast ARP Reply sent by defending node
Neighbor Unreachability Detection
Reachable if IP packets sent to the neighboring node were received and processed by the neighboring node Exchange of ARP Request and ARP Reply
messages Indications from Transmission Control
Protocol (TCP) that sent data is being acknowledged
Neighbor Cache Entry States
INCOMPLETE REACHABLE STALE DELAY PROBE
Inverse ARP Used for non-broadcast multiple access
(NBMA) technologies (frame relay) MAC-level address is known, but IP
address of node at the other end of the connection is not
Inverse ARP message exchange InARP Request InARP Reply
Proxy ARP
Proxy ARP Device
Node 1
Node 2
SingleSubnet
A Windows Server 2008 Remote Access Server and Proxy ARP
Remote Access ClientAssigned address: 10.1.1.201
Windows Server 2008Remote Access Server
10.1.1.0/24
10.1.1.50
10.1.1.8
Configured range:10.1.1.200-10.1.1.254
Lesson 4: Point-to-Point Protocol (PPP)
PPP overview PPP connection process Link Control Protocol (LCP) PPP authentication protocols Network Control Protocols (NCPs) PPP over Ethernet (PPPoE)
PPP Overview
A Data Link Layer encapsulation method LCP for negotiating the Data Link Layer
characteristics NCPs for negotiating Network Layer
protocols over the point-to-point connection
PPP Connection Process
1. PPP configuration using LCP
2. Authentication
3. Callback
4. Protocol configuration using NCPs
LCP Frame StructureFlag
AddressControl
Protocol
CodeIdentifier
LengthData
Frame Check SequenceFlag
= 0x7E
= 0xFF
= 0x03
= 0xC0-21
= 0x7E
. . .
LCPFrame
LCP Options
Protocol
CodeIdentifier
Length
TypeLength
Option Data
= 0xC0-21
. . .
LCPOption
LCP Negotiations LCP messages
Configure-RequestConfigure-NakConfigure-RejectConfigure-Ack
For Peer A and Peer BPeer A initiates an LCP negotiation for the data to
be sent by Peer BPeer B initiates a separate LCP negotiation for the
data to be sent by Peer A
PPP Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication
Protocol (CHAP) Microsoft-CHAP version 2 (MS-CHAP v2) Extensible Authentication Protocol (EAP)
PAP Simple, plaintext authentication protocol PAP authentication process:
1. Connection-initiating PPP peer (the calling peer) sends a PAP Authenticate-Request message to the authenticating PPP peer (the answering peer)
2. The answering peer validates the user name and password and sends either a PAP Authenticate-Ack or PAP Authenticate-Nak message
PAP Authentication Request Message
Protocol
CodeIdentifier
LengthPeer ID Length
Peer IDPassword Length
Password
= 0xC0-23
. . .
= 1
. . .
PAP Authenticate-Ack and Authenticate-Nak Messages
Protocol
CodeIdentifier
LengthMessage Length
Message
= 0xC0-23
. . .
= 2 or 3
CHAP More secure authentication protocol
Provides proof of knowledge of password without sending the password
CHAP authentication process1. The answering peer sends a CHAP Challenge
message that contains a challenge string2. The calling peer sends a CHAP Response message
that contains a Message Digest-5 (MD5) hash of the CHAP session ID, the challenge string, and the user’s password
3. The answering peer verifies hash and sends a CHAP Success or CHAP Failure message
CHAP Challenge or Response Messages
Protocol
CodeIdentifier
LengthValue Size
ValueName
= 0xC2-23
. . .
. . .
CHAP Success or Failure Messages
Protocol
CodeIdentifier
LengthMessage
= 0xC2-23
. . .
MS-CHAP v2 Microsoft authentication protocol
MS-CHAP with mutual authentication
MS-CHAP v2 authentication process1. The answering peer sends a CHAP Challenge
message that contains a challenge string
2. The calling peer sends an MS-CHAP v2 Response message that contains an encrypted response and a challenge for the answering peer
3. The answering peer verifies the response and sends a CHAP Success message with an encrypted response based on the calling peer’s challenge
4. The calling peer verifies the answering peer’s response
MS-CHAP v2 Response MessageProtocol
CodeIdentifier
LengthValue Size
Peer ChallengeReserved
Windows NT ResponseFlagsName
= 0xC2-23
. . .
. . .
. . .
(16 bytes)
(8 bytes)
. . . (24 bytes)
= 49
EAP
An extension to PPP to allow for more extensibility and flexibility for authentication methods for PPP connections
EAP messages:EAP-RequestEAP-ResponseEAP-SuccessEAP-Failure
EAP Request or Response Messages
Protocol
CodeIdentifier
LengthType
Type-specific data
= 0xC2-27
. . .
= 1 or 2
EAP Success or Failure Messages
Protocol
CodeIdentifier
Length
= 0xC2-27
= 3 or 4
= 4
EAP Authentication Types
EAP-Transport Layer Security (TLS) Protected EAP (PEAP)
EAP-MS-CHAP v2 EAP-TLS
NCPs IP Control Protocol (IPCP)
IP Compression Protocol IP Address Primary Domain Name System (DNS) Server Address Primary NetBIOS Name Server (NBNS) Server Secondary DNS Server Address Secondary NBNS Server
Compression Control Protocol (CCP) Microsoft Point-to-Point Compression (MPPC) Microsoft Point-to-Point Encryption (MPPE)
Encryption Control Protocol (ECP)
PPP over Ethernet (PPPoE)
Method of encapsulating PPP frames so that they can be sent over an Ethernet network
PPPoE connection phases:1. Discovery phase
Presence of an access concentrator (AC) Determine a PPPoE session ID
2. PPP session phase A PPP connection is established and used for data
transfer
Destination AddressSource Address
PPPoE payload ...
EtherType
Frame Check Sequence
Preamble
40 - 1,494 bytes
VersionTypeCode
Session IDLength
= 1
= 1
PPPoE Frame Format
Destination AddressSource Address
PPP ProtocolPPP payload ...
EtherType
Frame Check Sequence
Preamble
38 - 1,492 bytes
VersionTypeCode
Session IDLength
= 0
= 1
= 1
= 0x88-64
PPPoE Frame Format for PPP Frames
