On the Way to Today`s Internet ARPANET ARPANET

Transcrição

Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
On the Way to Today's Internet
ARPANET
Goal:
• Interconnection of computers and networks using uniform protocols
Design objective for ARPANET
• A particularly important initiative was initiated by the ARPA
(Advanced Research Project Agency, with military interests)
• The participation of the military was the only sensible way to implement such
an ambitious and extremely expensive project
• The OSI specification was still in developing phase
• The operability of the network should remain
intact even after a largest disaster possible,
e.g. a nuclear war, thus high connectivity and
connectionless transmission
• Network computer and host computer are
separated
ARPA
Advanced Research
Projects Agency
ARPANET
1969
Subnet
Result: ARPANET (predecessor of today's Internet)
Page 1
Chapter 3.2: The Internet Protocol IP
ARPANET
A node consists of
• an IMP
• a host
A subnet consists of:
• Interface Message Processors
(IMPs), which are connected by
leased transmission circuits
• High connectivity (in order to
guarantee the demanded
reliability)
The Beginning of ARPANET
Stanford Research
Institutes (SRI)
XDS
940
Host-host Protocol
Host
Host-IMP
Protocol
IMP
IMP
Source IMP to
destination IMP protocol
IMP
IBM
360/75
P
-I M
IMP tocol
pro
University
of Utah
IMP
XDS
1-7
Several protocols for the
communication between
IMP-IMP, host-IMP,…
Page 3
DEK
PDP-10
IMP
University of
California Santa
Barbara (UCSB)
Subnet
Page 2
California
University of California
Los Angeles (UCLA)
ARPANET
(December 1969)
Page 4
Evolution by ARPANET
Interworking
Problem: Interworking!
Very fast evolution of ARPANET within shortest time:
Simultaneously to the ARPANET further (smaller) networks were developed.
SRI
Utah
Illinois
WITH
All the LANs, MANs, WANs
• had different protocols, media,…
SRI
Utah
Illinois
USC
Stanford
• could not be interconnected at first and were not be able to communicate
with each another.
Harvard
Aberdeen
WITH
UCSB
Therefore:
UCSB
UCLA
Harvard
UCLA
ARPANET in April 1972
USC
CMU
ARPANET in September 1972
Page 5
Development of uniform protocols on the transport- and network level
(without a too accurate definition of these levels, in particular without
exact coordination with the respective OSI levels).
Result: TCP/IP networks.
Page 6
TCP/IP
TCP/IP and the OSI Reference Model
Developed 1974:
Application Layer
Transmission Control Protocol/Internet Protocol (TCP/IP)
Application Layer
Presentation Layer
Requirements:
Session Layer
• Fault tolerance
• Maximal possible reliability and availability
• Flexibility (i.e. suitability for applications with very different
requirements)
Transport Layer
Transport Layer (TCP/UDP)
Network Layer
Internet Layer (IP)
Data Link Layer
Host-to-Network Layer
Physical Layer
The result:
• Network protocol IP; (Internet Protocol; connectionless)
• End-to-end protocols TCP (Transmission Control Protocol; connection-oriented)
and UDP (User Datagram Protocol; connectionless)
Page 7
ISO/OSI
TCP/IP
Page 8
From the ARPANET to the Internet
Internet
What does it mean: “a computer is connected to the Internet”?
• 1983 TCP/IP became the official protocol of ARPANET. ARPANET was
connected with many other USA networks.
- Use of the TCP/IP protocol suite
- Accessibility over an IP address
• Intercontinental connecting with networks in Europe, Asia, Pacific.
- Ability to send IP packets
• The total network evolved this way to a world-wide available network (called
“Internet”) and gradually lost its early militarily dominated character.
In its early period, the Internet was limited to the following
applications:
• No central administrated network, but a world-wide union from many
individual, different networks under local control (and financing).
E-mail
• 1990 the Internet consisted of 3,000 networks with 200,000 computers. That
was however only the beginning of a rapid evolution.
electronic mail (partly because the US post was not very reliable
and the different time zones made telephone accessibility of the
telephone partner more difficult)
Remote login
running jobs on external computers
File transfer
exchange of data between computers
Page 9
Page 10
Evolution of the Internet
• Until 1990: the Internet was comparatively small, only used by universities
and research institutions.
• 1990: The WWW (World Wide Web) - first developed by the CERN for the
simplification of communication within the field of high-energy physics became, together with HTML and Netscape browsers, a from nobody
foreseen “killer application”; this was the breakthrough for the acceptance of
the Internet.
• Emergence of so-called Internet Service Providers (ISP), i.e. companies,
which make their computers available as access points to the Internet.
• Millions of new (predominantly non-academic) users!
• New applications, e.g. E-Commerce
• 1995: Backbones, ten thousands LANs, millions attached computers,
exponentially rising number of users
• 1998: The number of attached computers is doubled approx. all 6 months
• 1999: The transferred data volume is doubled in less than 4 months
200.000.000
180.000.000
160.000.000
140.000.000
120.000.000
100.000.000
80.000.000
60.000.000
40.000.000
20.000.000
0
1.01.1981
1.01.1982
1.01.1983
1.01.1984
1.01.1985
1.01.1986
1.01.1987
1.01.1988
1.01.1989
1.01.1990
1.01.1991
1.01.1992
1.01.1993
1.01.1994
1.01.1995
1.01.1996
1.01.1997
1.01.1998
1.01.1999
1.01.2000
1.01.2001
1.01.2002
1.01.2003
Evolution of the Internet
• At mid of 2005: (estimated) 350 million of hosts attached to the Internet
Page 11
Page 12
Evolution in Europe
Internet and Intranet
Internet
•
Communication via the TCP/IP protocols
•
Local operators control and finance
•
Global coordination by some organizations
•
Internet Providers provide access points for private individuals
Intranet
•
Enterprise-internal communication with the same protocols and applications
as in the Internet.
Computers are sealed off from the global Internet (data security)
Heterogeneous network structures from different branches can be
integrated with TCP/IP easily
Use of applications like in the WWW for internal data exchange
Date
Page 13
FTP
Telnet
Sandglass Model
SMTP
DNS
SNMP
TFTP
Application
Layer
E-Mail, File Transfer,
Video Conferencing, …
HTTP, SMTP, FTP, …
Protocols
Networks
Ethernet
ICMP
Token Ring
Transport
Layer
UDP
TCP
IGMP
Page 14
The TCP/IP Protocol Suite
HTTP
IP
Token Bus
ARP
RARP
Wireless LAN
Internet
Layer
Because of the small number of central
protocols but the large number of
applications and communication
networks, the TCP/IP protocol stack
(and applications/networks) can be
represented like a sandglass.
Host-tonetwork Layer
Twisted Pair, Optical Fiber,
Radio, …
Page 15
Page 16
Internet Layer
IP – Internet Protocol
Raw division into three tasks:
• Data transfer over a global network
• Route decision at the sub-nodes
• Control of the network or transmission status
IP: connectionless, unreliable transmission of datagrams/packets (“Best Effort”)
• Transparent end-to-end communication between the hosts
• Routing, interoperability between different network types
• IP addressing (IPv4):
Routing Protocols
→
→
→
→
Transfer Protocols:
IPv4, IPv6
Uses logical 32-bit addresses
Hierarchical addressing
3 network classes
4 address formats (including multicast)
• Fragmenting and reassembling of packets
Routing Tables
• Maximum packet size: 64 kByte (in practice: 1500 byte)
“Control” Protocols:
ICMP, ARP, RARP, IGMP
• At present commonly used: Version 4 of IP protocol: IPv4
Page 17
IP Packet
The IP Header (1)
32 Bits (4 Bytes)
Version IHL
Type of
Service
Identification
Time to Live
Page 18
Protocol
DM
FF
• Version: IP version number (for simultaneous use of several IP versions)
Total Length
• IHL: IP Header Length (in words of 32 bit; between 5 and 15, depending upon
options)
Fragment Offset
• Type of Service: Indication of the desired service: Combination of reliability (e.g.
file transfer) and speed (e.g. audio)
Header Checksum
IP Header,
usually 20 Bytes
3 bit priority
(0 = normal data,
7 = control packet)
Source Address
Destination Address
Options (variable, 0-40 Byte)
DATA (variable)
Precedence
D T R unused
Delay
Reliability
Throughput
• Total Length: Length of the entire packet (in byte, ≤ 216-1 = 65535 bytes)
Padding
• Identification: definite marking of a packet
Header
• Time to Live (TTL): Lifetime of packets is limited to maximal 255 Hops (endless
circling of packets in the network is prevented). In principle, also the processing
time in routers is to be considered, which does not happen in practice. The
counter is reduced with each hop, with 0 the packet is discarded.
Data
Page 19
Page 20
The IP Header (2)
Fragmentation
• DF: Don't Fragment. All routers must forward packets up to a size of 576 byte,
everything beyond that is optional. Larger packets with set DF-bit therefore cannot
take each possible way in the network.
• MF: More Fragments. “1” - further fragments follow. “0” - last fragment of a
datagram)
• Fragment Offset: Sequence number of the fragments of a packet (213 = 8192
possible fragments). The offset states, at which place of a packet (counted in
multiples of 8 byte) a fragment belongs. From this a maximum length of 8192 * 8
byte = 65536 byte results for a packet.
• A too large or too small packet length prevents a good performance. Additionally
there are often size restrictions (buffer, protocols with length specifications,
standards, allowed access time to a channel,…)
• The data length must be a multiple of 8 byte. Exception: the last fragment, there
only the remaining data are packed, padding to 8 byte units does not take place.
• If the “DF”-bit is set, the fragmentation is prevented.
Ident. Flags Offset
777
• Protocol: Which transport protocol is used in the data part (UDP, TCP,…)? To
which transport process the packet is to be passed on?
x00
Data
0
0
1200 bytes
IP header
• Header Checksum: 1’s complement of the sum of the 16-bit half words of the
header. Must be computed with each hop (since TTL changes)
777
x01
777
• Source Address/Destination address: Network and host numbers of sending and
receiving computer. This information is used by routers for the routing decision.
511
0
0
x01
64
512
777 x00 128
Page 21
1200
The IP Header (3)
IP Addressing
Options: Prepare for future protocol extensions. Coverage: Multiple of 4 byte,
therefore possibly padding is necessary. At present, 5 options are defined,
however none is supported by common routers:
• Security: How secret is the transported information? (Application e.g. in
military: Avoidance of crossing of certain countries/networks.)
• Strict Source Routing: Complete path defined from the source to the
destination host by providing the IP addresses of all routers which are
crossed. (Use by system managers e.g. in case of damaged routing
tables or for time measurements)
• Unique IP address for each host and router.
• IP addresses are 32 bits long and are used in the Source Address as well as in
Destination Address field of IP packets.
• The IP address is structured hierarchical and refers to a certain network, i.e.
machines with connection to several networks have several IP addresses.
• Structure of the address: Network address for physical network (e.g. 137.226.0.0)
and host address for a machine in the addressed network (e.g. 137.226.12.221)
32 bits
126 networks with
224 host each
(starting from 1.0.0.0)
Class
• Loose Source Routing: The carried list of routers must be passed in
indicated order. Additional routers are permitted.
• Record Route: Recording of the IP addresses of the routers passed.
(Maximally 9 IP addresses possible, nowadays too few.)
• Time Stamp: Records router addresses (32 bits) as well as a time stamp
for each router (32 bits). Application e.g. in fault management.
1024
Page 22
1023
Page 23
A
0
B
10
C
110
D
1110
Multicast address
E
1111
Reserved for future use
Network
16383 networks with
216 hosts each
Host
Network
Host
Network
Host
2097151 networks
(LANs) with
256 hosts each
Page 24
IP Addresses
IP Addresses and Routing
137.226.112.0
137.226.12.0
137.226.12.1
Ziel-IP
Anschluss
Netzwerkinterface
12.x.x.x
194.52.124.x
b
137.226.x.x
142.117.x.x
a
142.117.x.x
direkt
a
194.52.124.x
direkt
b
x.x.x.x
default
a
137.226.112.1
Router
a
137.226.12.21
137.226.112.78
Binary format
10001001 11100010 00001100 00010101
Dotted Decimal Notation
137.226.12.21
194.52.124.0
•
Each node has (at least) one world-wide unique IP address
•
Router or gateways, which link several networks with one another, have for each
network an assigned IP address
Page 25
b
142.117.0.0
137.226.0.0
12.0.0.0
Page 26
IP Addressing - Examples
Address Space
The representation of the 32-bit addresses is divided into 4 sections of each 8 bits:
6,25%
137.226.12.174
6,25%
10001001
11100010
00001100
10101110
12,50%
Class B address
of RWTH Aachen
Class B address
Subnet
(Computer science 4)
Terminal
“Shadow”
50,00%
Special addresses:
0 0 0 .............................................................. 0 0 0
This host
0 0 ................. 0 0
Host in this network
Host
1 1 1 .............................................................. 1 1 1
Network
127
1 1 1 ................................. 1 1 1
arbitrary
Broadcast in own local area network
Klasse
Class A
Klasse
Class B
Class C
Klasse
Class D
Klasse
Class E
Klasse
25,00%
Broadcast in the remote network
Loop, no sending to the network
Page 27
Page 28
IP Addresses are scarce…
IP Subnets
Problem: Class C-networks are very small, Class B-networks often already too
large. Therefore exists the possibility of dividing an through the IP-address
identified network into so-called subnets.
Problems
• Nobody had thought about such a strong growth of the Internet
(otherwise one would have defined longer addresses from the beginning).
• Too many Class A address blocks were assigned in the first Internet years.
Examples for subnets: subnet mask 255.255.255.0
• Inefficient use of the address space.
Ethernet A 128.10.1.0
Example: if 500 devices in an enterprise are to be attached, a Class B address
block is needed, but by this unnecessarily more than 65.000 host addresses are
blocked.
Solution approach
Extension of the address space within IPv6 against the actual version IPv4
⇒ IP version 6 has 128 bit for addresses
⇒ 7 x 1023 IP addresses per square meter of the earth's surface (including the
oceans!)
All traffic
for 128.10.0.0
Rest
of the
Internet
128.10.1.3
Router
Ethernet
A
Host
Ethernet B 128.10.2.0
128.10.2.133 128.10.2.18
128.10.2.3
Ethernet
B
Host
Ethernet
B
Host
But: The success of IPv6 is not by any means safe! (The introduction of IPv6 is
tremendously difficult: Interoperability, costs, migration strategies,….)
Page 29
Ethernet
A
Host
128.10.2.1
⇒ one address per molecule on earth's surface!
128.10.1.70 128.10.1.26
128.10.1.8
Ethernet
A
Host
Ethernet
B
Host
Page 30
IP Subnets
IP Subnets - Computation of the Destination
The entrance router of the RWTH, which receives the IP packet, does not know,
where host “12.21” is located.
.
12
.
21
137.
226
• Within an IP network address block, several physical networks can be
addressed
• Some bits of the host address part are used as network ID
0111
1000
10001001
11100010
00001100
• A Subnet mask identifies the „abused” bits
IP address
AND
Class B
address
Subnet
Mask
Network
255.
Host
255.
00010101
255.
0
1111 1111 1111 1111 1111 1111 0000 0000
11111111111111111111110000000000
Subnet mask
10
Network
Subnet
Host
137.
226.
12.
0
1000 1001 1110 0010 0000 1100 0000 0000
Network of the addressed host
• All hosts of a network should use the same subnet mask
• Routers can determine through combination of an IP address and a subnet
mask, into which subnet a packet must be sent.
Page 31
The router computes the subnet “137.226.12” and sends the packet to the router,
which links this subnet.
Page 32
Example of a Subnet
More flexible Addressing
Assigned network address for the RWTH:
137.226.0.0
137.226.12.0 Info IV
137.226.8.0
137.226.112.0
254 hosts per subnet:
• Hosts have the addresses
1 – 254
• 0 is reserved for the subnet
• 255 is reserved for broadcast
in the subnet
137.227.10.0
Subnet mask for each subnet = 255.255.255.0
Problem: static categorization of IP addresses - how to use the very small class C
networks efficiently?
Remedy: Classless Inter-Domain Routing (CIDR)
Weakening of the rigid categorization by replacing the static classes by network
prefixes of variable length
• Example: 137.250.3/17: The first 17 bits of the IP address are used for the
network identification
• Used together with routing: Backbone router, e.g. on transatlantic links only
considers the first 13 bits; thus small routing tables, little cost of routing decision
• Routers of an ISP considers e.g. only the first 15 bits
• Routers in company networks consider e.g. the first 25 bits
Other format for writing of addresses in subnets:
137.226.12.221/24
Number of bits for “(sub)network address”
Page 33
NAT – Network Address Translation
NAT Variants
• Each internal computer in the Intranet needs an own IP address to communicate
with the others. For this purpose, “private” address blocks are reserved, which
everyone may use within its own networks and which are never routed in the
Internet:
• 10.0.0.0 - 10.255.255.255
• 172.16.0.0 - 172.31.255.255
• 192.168.0.0 – 192.168.255.255
NAT is available in several “variants”, known under different names:
Basic NAT (also: Static NAT)
• Each private IP address is translated into one certain external IP
• Either, you need as much external addresses as private ones, otherwise no retranslation is possible when a reply arrives
• Or, you manage a pool of external IP addresses and assign one dynamically when
a request is sent out
• When using addresses of those range, the internal computers can communicate
with each other
• But: packets with those addresses are not forwarded by a router. Thus: routers,
which are attached to the “external world” need a global address
• Assign a few IP addresses to a company which are known by a “NAT box” which
usually is installed with the router
192.168.0.2
Currently
mapped:
137.226.12.32
192.168.0.2
137.226.12.32
137.226.12.33
192.168.0.5
137.226.12.33
192.168.0.4
137.226.12.34
---
137.226.12.34
192.168.0.5
137.226.12.35
---
137.226.12.35
Map to
192.168.0.2
192.168.0.3
192.168.0.3
192.168.0.2
192.168.0.3
Internet
192.168.0.4
Page 35
Private IP
Private IP
Internet
router with
NAT box
• When data are leaving the own network, an address translation takes place: the
NAT box exchanges the private address with a globally valid one
• Side effect: hiding of the internal network structure (security)
Page 34
192.168.0.5
router with
NAT box
192.168.0.4
192.168.0.5
Page 36
NAT Variants
NAPT – Network Address Port Translation
Disadvantages of static NAT:
• With static mapping, you need as much official IP addresses as you have
computers
• With dynamic mapping, you need less official IP addresses, but for times of high
traffic you nevertheless need nearly as much addresses as local computers
• Those approaches help to hide the network structure, but not to save addresses
Hiding NAT (also: NAPT: Network Address Port Translation, Masquerading)
• Translate several local addresses into the same external address
• Now: some more details are necessary to deliver a response
192.168.0.2
192.168.0.3
router with
NAT box
destination?
to: 137.226.12.32
Internet
192.168.0.4
192.168.0.5
Private IP
Map to
192.168.0.2
137.226.12.32
192.168.0.3
137.226.12.32
192.168.0.4
137.226.12.32
192.168.0.5
137.226.12.32
Protocol Port (local) IP (local) Port (global) IP (global)
Page 37
IP (destination)
Port
(destination)
TCP
1066
10.0.0.1 1066
198.60.42.12 137.226.12.221
21
TCP
1500
10.0.0.7 1500
198.60.42.12 207.17.4.21
80
Page 38
Problems with NAPT
The new IP - IPv6
IPv6 (December 1995, RFC 1883)
Publication of the standard (January 1995, RFC 1752)
NAPT works well with communication initiated from the Intranet. But: how could
someone from outside give a request to the Intranet (e.g. to the webserver)?
• NAPT box needs to be a bit more “intelligent”
• Some static information has to be stored, e.g. “each incoming request with port 80
has to be mapped to the private address of the webserver”
• Still problems with applications like e.g. ICQ
• Thus, only more IP addresses really help to solve the problem
Specification for IPng (December 1994, RFC 1726)
First requirements for IPng (December 1993, RFC 1550)
.
Simpler structure of the headers
More automatism
Simpler configuration
Performance improvements
Migration strategies
More security
Larger address space
IPv4 (September 1981, RFC 791)
Page 39
Page 40
IPv6
IPv6 - Characteristics
• Address size
– 128-bit addresses (8 groups of each 4 hexadecimal numbers)
Why changing the protocol, when IPv4 works well?
• Improved option mechanism
– Simplifies and accelerates the processing of IPv6 packets in routers
• Dramatically increasing need for new IP addresses
• Auto-configuration of addresses
– Dynamic allocation of IPv6-addresses
• Improved support of real time applications
• Security mechanisms (Authentication and data protection)
• Improvement of the address flexibility
– Anycast address: Reach any one out of several
• Differentiation of types of service, in particular for real time applications
• Support of mobility (hosts can go on journeys without address change)
• Support of the reservation of resources
– Marking of packets for special traffic
• Simplification of the protocol in order to ensure a faster processing
• Security mechanisms
– Authentication and Privacy
• Reduction of the extent of the routing tables
• Option for further development of the protocol
• Simpler header structure:
– IHL: redundant, no variable length of header by new option mechanism
– Protocol, fragmentation fields: redundant, moved into the options
– Checksum: Already done by layer 2 and 4
Page 41
Page 42
IPv6 Main Header
• Version: IP version number
• Priority: 4 bits for priority. 1 - News, 4 ftp, 6 - telnet, 8 to 15 - real time traffic
• Flow label: virtual connection with certain
characteristics/requirements
• PayloadLen: packet length after the 40byte header
• Next Header: 8-bit selector. Indicates the
type of the following extension header (or
the transport header)
• HopLimit: At each node decremented by
one. At zero the packet is discarded
• Source Address: The address of the
original sender of the packet
• Destination Address: The address of the
receiver (not necessarily the final
destination, if there is an optional routing
header)
• Next Header/Data: if an extension header
is specified, it follows after the main
header. Otherwise, the data are following
IPv6 Extension Headers
1
4
Version
(4)
16
8
Priority
(4)
24
32
Flow label (24)
PayloadLen (16)
Next Header (8)
HopLimit (8)
Source Address (128)
Optional data follows in extension headers. There are 6 headers defined:
• Hop by Hop (information for single links)
All routers have to examine this field. Momentarily only the support of
Jumbograms (packets exceeding the normal IP packet length) is defined (length
specification).
• Routing (definition of a full or partly specified route)
Destination Address (128)
• Fragmentation (administration of fragments)
Difference to IPv4: Only the source can do fragmentation. Routers for which a
packet is too large, only send an error message back to the source.
• Authentication (of the sender)
Next Header/Data
• Ciphered data
• Destination options (additional information for the destination)
The prefix of an address characterizes
geographical areas, providers, local internal
areas,…
Page 43
Page 44
IPv4 vs. IPv6: Header
4
VerEn
sion
8
IHL
16
Type
TypeOF
of
Service
service
Identification
Time to
Live
Coexistence of IPv4 and IPv6
32
4
16
VerEn PrioPrio
sion rity
Totally
Total Length
length
Fragment offset
Protocol
8
Flow
Flow Label
label
PayloadLen
Header Checksum
32
Next
NEXT
Header
headers
Hop
Hop Limit
limit
SOURCE
Source ADDRESS
Address
SOURCE
Source ADDRESS
Address
SOURCE
Source ADDRESS
Address
Destination
DestinationADDRESS
Address
SOURCE
Source ADDRESS
Address
Options
Option (variable)/Padding
(variable)/Padding
SOURCE
Source ADDRESS
Address
DATA
Data
Destination
DestinationADDRESS
Address
IPv6 cannot be introduced “over night”… for some time both IP variants will be used in
parallel.
• New network interface card drivers support both versions of IP, thus they are able to
communicate with the newer version
• But: how to enable two modern IPv6-based hosts to communicate if only an IPv4based network is in between?
1. Header Conversion
Router translates an incoming IPv6 packet into a IPv4
packet, receiving router retranslates
payload
Destination
DestinationADDRESS
Address
IPv6
header
payload
IPv4
header
Destination
DestinationADDRESS
Address
Destination
DestinationADDRESS
Address
IPv6 network
NEXT
Next Header
header/DATA
/ Data
Page 45
Routers which “speak” IPv4 and IPv6 in parallel
Virtual Private Network (VPN)
2. Tunneling
Router at the entry to the IPv4-based network encapsulate an incoming IPv6 packet
into a new IPv4 packet with destination address of the next router also supporting IPv6
•
•
IPv6
header
IPv4
header
payload
IPv6
header
Internet
•
•
mostly IPv4
IPv6 network
IPv6 network
Page 46
Coexistence of IPv4 and IPv6
payload
IPv6
header
mostly IPv4
IPv6
header
payload
Internet
The IPv6 header is longer, but this is only
caused by the longer addresses.
Otherwise it is “better sorted” and thus
faster to process by routers.
payload
But: reconstruction
of e.g. flow label???
IPv6 “tunnel” through IPv4
By a Virtual Private Network (VPN) a network infrastructure is understood, in
which distributed components belonging to one logical private network
communicate with one another over a public network (e.g. Internet)
VPNs are used frequently for the connection of geographically distributed
organizations (Intranet in the Internet)
VPNs ensure authenticated access and permit the protection of sensitive data in
distributed networks by encryption of data
The logical connection between private components over a public network is
achieved again by tunneling an IPv4 connection with e.g. IPsecure
IPv6 network
• More overhead because of two headers for one packet, but no information
loss due to header conversion
VPN
Tunneling is a general concept also used for multicast, VPN, etc: it simply
means “pack a whole packet as it is into a new packet of different protocol”
Page 47
Page 48
Tunneling Mechanism
Tunneling here:
Encapsulate packets into
encrypted IP packets, e.g. by
using IPsecure. Packets
directed to the remote network
part by this remain unchanged,
but are the payload of an
encrypted packet.
Page 49

On the Way to Today`s Internet ARPANET ARPANET

Transcrição

Documentos relacionados

Application Example: WWW Communication in the WWW WWW

Naming vs. Locating Entities Simple Solution for a

Layer 1 – Physical Layer Transmission Media Twisted Pair

Wireless Broadband Networks 802.16

Mobile Communications

Mobile Communications

Chapter 2 - Informatik 4

History of Optical Disks Basic Technology Basic

Limitations of Object-Based Middleware Components

Metropolitan Area Networks Resilient Packet Ring

Mobile Communications Structure of the Lecture

Data Encryption Standard (DES) General Structure of

das institut für südasien-, tibet- und

Transfer and Control Protocols Standards of ITU H.261

Name of Module: Biometric Identification Credit Points (ECTS):3

Wireless Ethernet Wireless LANs: Design Goals

Mangamarkt Anmeldung

Naming - Informatik 4

An die Bundeskanzlerin Angela Merkel Bundeskanzleramt Willy

Network Categories Network Types for the Local

Faktoren im Lebenszyklus