Logo  

CS469 - Linux and Unix Administration and Networking

Networking:

Networking Terms:

Latency:

  • The time period between a request and the response.

Bandwidth:

  • The data rate of the medium, usually expressed in bits / second

Throughput:

  • The real data rate after overheads and latencies and other real world considerations (inter-packet gaps, noise, routing delays, etc)

Baud rate:

  • The number of "symbols" per second (often, but not necessarily bits.) baud != bps

Multiplexing (muxing):

  • The combining of multiple analog or digital data streams onto a single shared medium that is then usually de-multiplexed (demuxed) at the receiving end.

Duplex:

  • Half duplex - Can only send or receive at any given time, not both.
  • Full duplex - Can send and recieve simultaneously

Transceiver:

  • Converts signals to and from the underlying medium.

Octet:

  • A grouping of 8 bits (a byte today, but in the past bytes could be of any size, i.e. 9 bit bytes were not uncommon.)

Network segment:

  • A collection of machines electrically connected into a network
    A           B
  ◯─┤           ├─◯      A,B = network segments
    ├─◯       ◯─┼─◯      ┼   = The physical wiring of the network segment
  ◯─┼─◯         │        ◯   = machines connected to the network segment
    │           ├─◯

Bridge:

  • A device for connecting network segments together at the layer 1-2 (Ethernet) level.
  • Forwards packets from one network segment to another
    A           B       A,B = network segments
    │           │       │,─ = physical wiring
    ▢───────────▢       ▢   = bridge device(s)
  • May use some logic in forwarding packets, based on locations of hosts in network segment
  • A hub / switch may be considered a bridge.

Repeater:

  • Re-broadcasts or amplifies messages that it receives, usually as a means to extend the distance a signal will travel.

Switch:

  • A bridge like device that intelligently routes packets between its interfaces, in the same way a telephone switchboard operator would do for telephone calls.

Gateway:

  • Routes packets at layer 3 level (IP) from one network to another, based on routing tables.
  • Routes can be hardwired or dynamically created through routing protocols.

OSI (Open Systems Interconnect) model networking layers

Whenever you read something like 'layer 3 switch' this is where that comes from. These define the various layers of networking topology from the low level hardware, to protocols used at the hardware and mid-layer levels to user front-end.

  1. Physical Layer (10Base-T, 100Base-T, 802.11, etc.)

    • Defines the signaling and electical transport
  2. Data Link Layer (Ethernet / others)

    • Reliable transport of data. Most dumb routers/switches operate at the layer 2 level.
  3. Network Layer (IP(v4|v6) / ICMP / etc.)

    • Pertains to routing packets. A layer 3 switch can route packets by IP address.
  4. Transport Layer (TCP / UDP / etc.)

    • Connection oriented communications (data-streams), reliability, flow control and multiplexing.
  5. Session Layer (TCP / RPC / Sockets)

    • Controls connections between computers.
  6. Presentation Layer (Encryption (SSL/TLS) / format conversions)

    • Formats (encrypts) data to be sent across a network.
  7. Application Layer (User interface)

    • Layer at which the user interacts with the application.

SSH - The Secure SHell:

Ssh is a program suite and protocol to provide an encrypted transport of data to/from your local machine to a remote host. Encrypted transport is important to have to avoid a man in the middle from intercepting passwords or other privileged information. Ssh deprecates older protocols such as the unencrypted telnet or rlogin/rsh protocols (the latter of which ssh is largely based on.)

> ssh

  • OpenSSH SSH Client

> ssh user@host

  • Login shell on host as user

> ssh user@host [command]

  • Execute command on host as user.
-l login name Login as login name
`-X Forward X11
`-Y Trusted X11 forwarding (allows applications more access to keys being typed, amung other things.)
`-x Don't forward X11

A port forwarding:

Ssh allows forwarding a port from the local machine (localhost) to a remote machine through the machine you're connecting to.

> ssh -L localhost:8080:cs.indstate.edu:80 -n -N user@host &

`-L Forward localhost:8080 to cs.indstate.edu:80
`-N Don't execute command
-n Redirect stdin from /dev/null
  • In this example browsing to localhost:8080 on your local machine would connect to the web server on cs.indstate.edu through the remote machine (does not have to be CS.) From the CS servers point of view you seem to be browsing from the remote machine, not your own.

Programs that use ssh to securely transfer files:

> sftp

  • Secure File Transfer program

> scp src dest
> rsync src dest

  • Secure Copy

SSH Key generation and management:

> ssh-keygen

  • Authentication key generation, management and conversion
-R hostname Remove key for hashed host.
-t type Generate key for type (dsa

> ssh-copy-id

  • install your public key in a remote machine's authorized_keys

    [TODO: Demonstrate ssh key generation and authorized keys access]

Files:

/etc/ssh/ssh_host*_key

  • Host key files

/etc/ssh/ssh_host*_key.pub

  • Host public key files.

/etc/ssh/ssh_config

  • Global ssh host config. (man 5 ssh_config)

/etc/ssh/sshd_config

  • Ssh daemon config (man 5 sshd_config)

    [TODO: Configure sshd and ssh for X11 forwarding?]

~/.ssh/authorized_keys

  • List of public keys of hosts that can be used to login as this user.

~/.ssh/known_hosts

  • Lists of hosts & public keys known about by ssh.

Other misc networking programs:

> telnet

  • User interface to the telnet protocol, obsolete, use nc (netcat) instead.

> nc

  • (netcat) TCP/IP swiss army knife

> curl

  • Transfer/get a URL to your local machine via the command line.

> wget

  • Non-interactive network down-loader