The Functions of Operating Systems Scheduling(multi-programming)
2002 Networking Operating Systems (CO32010) 1. Operating Systems 2. Processes and scheduling 3.
-
Upload
lucas-woods -
Category
Documents
-
view
219 -
download
0
description
Transcript of 2002 Networking Operating Systems (CO32010) 1. Operating Systems 2. Processes and scheduling 3.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
3. Distributedprocessing
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare
1.1 NOS definition and units1.2 Computer Systems1.3 Multitasking and Threading1.4 Exercises
Objectives:• To outline the main areas covered in the module.• To define some of the basic terminology of operating systems.• To define the main components of a network operating system.• To define the differences in operating systems.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Definition of an NOS
The infrastructure that allows the reliable distribution of processes, files systems, networking components, networking protocols, and other associated components in order to produce a system which is reliable and secure, and which operates within a required specification.
RouterProgrammingand Security
RoutingProtocols
Encryption
DistributedProcessing
Processingand scheduling
DistributedFile
Systems
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Router
RouterRouter
6. Router Programming Router
Server7. NOS’s
2. Processes and scheduling
5. Distributed file systems8. Encryption
3. Distributed Processing
5. Routing Protocols
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Areas covered
• Introduction. This unit provides a basic introduction to some of the concepts involved with operating systems, such as the basic definition involved in computer systems.
• Processes and Scheduling. This unit outlines some of the key concepts in the operation of an operating system, especially related to processes, and scheduling.
• Distributed Processing. This units outline some of the standard methods which are used to control the distribution of processes over a network. A key focus is on the RPC protocol, which is a standard method for distributing processes.
• Distributed File Systems. This unit outlines some of the methods which can be used to distribute file systems over a network. A key focus of this unit is the NFS standard, which can be used to distribute file system over a network.
• Routing Protocols. This unit outlines some of the key methods, and problems that occur with standard routing protocols
• Routers and ACLs. This unit outlines how routers are programming, and how ACLs can be applied to facilitate network security.
• Encryption. This unit outlines the principles of methods which allow data to be encrypted.
• Networking Operating Systems. This unit outlines the three main networking operating systems: UNIX, Novell NetWare and Microsoft Windows.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Hardware, Operating Systems and User Interfaces
User interface:• Microsoft Windows (Windows 95/NT/2000/XP).• Microsoft Windows 3.1.• X-Windows.
Operating system:• Microsoft Windows (Windows 95/NT/2000?XP).• DOS.• UNIX/Linux.• VMS.• Novell NetWare.
Hardware:• x86 architecture.• SPARC architecture.• Apple architecture.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Operating System
Printer Printer ServerPrint Queues
Volumes
User account database
Resources
Kernal
Groups
Users
File system
Memory
Operating system
Hardware, Operating Systems and User Interfaces
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Operating system characteristics
Single-user Multi-user
Stand-alone Networked
Single-tasking Multitasking
Single processor Multi-processor
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Operating system characteristics
Local processing
Distributedprocessing
Embedded Non-embedded
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Operating Systems
Hardware
MicrosoftWindows95/98 (OS)
UNIXLINUX
DOSMac OS
MicrosoftWindowsNT (OS)
File system:- Creating a file system- Copying/deleting/moving files
Multi-user- Allowing users to loging into system- Allow users permissions to certain resources- Managing queues for resources
Memory:- Creating virtual memory systems- Disk swapping for memory
Multiprocessing- Allowing several processes to run, at a time- Scheduling of processing to allow priority
Device interfacing:- Access to connected devices- Multi-user access- Device drivers
Networking:- Remote login/file transfer- Creating global file systems
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Mouse driver
Video driver
Soundcard driver
Operating System
Network driver
Application program
Applicationprogram
Kernel
Communicationwith operating system
Keyboard driver
Operating SystemComponents
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Information passed between processes
Low-levelinterrupt
Low-levelinterrupt
ProcessProcess
Low-levelinterrupt
Low-levelinterrupt
ProcessProcess
Message or signal
Network or local computer
Data passed between processes
Interrupt Interrupt
Low-levelinterrupt
Low-levelinterrupt
ProcessProcess
Low-levelinterrupt
Low-levelinterrupt
ProcessProcess
Message or signal
Network or local computer
Data passed between processes
Interrupt Interrupt
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Preemptive Multitasking
ProcessorOkay No.1, you’ve
had your turn,get to the back ofthe queue. Next! Process queue
23 4 5
1
Come on. My turn soon
Pre-emptive multitasking:Processes are given some time on the processor. This allows all the processes to have some time on the processor, and makes for smoother and more reliable operation
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Co-operative Multitasking
Sorry. You’ll have towait until he’s
finished
6
Process queue
2 3 4 5
Processor
1
Hurry up. I’mwaiting. You’ve
been on that processorfor ages.
This isn’tvery fair!
Hurray. I could stay here forever.
Anyway, I’m not going back to
the end of the queue.
Co-operative multitasking:Processes must yield from the processor, before other processes can run on the processor
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Threads
Process approach
Interlinkingof threads
Independentthreads
Threads approach
Process splits into threads
Process
Common sharingof data between threads
Splitting a process into threads
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
3. Distributedprocessing
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare
2.1 Introduction2.2 Scheduling2.3 Higher-level primitives2.4 Signals, pipes and task switching 2.5 Messages2.6 Microsoft Windows scheduling2.7 UNIX process control
Objectives:• To define the main parameters used in scheduling.• To define some of the main scheduling techniques and
be able to contrast them.• To briefly define the usage of parallel processing.• To outline the usage of high-level primitives, such as
signals, pipes and task-switching.• To give examples of practical process control.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare
3.1 Introduction3.2 Interprocess communication3.3 Flags and semaphores3.4 RPC3.5 Multi-processor systems3.6 Exercises
Objectives:• To define the concept of distributed processing, and
contrast centralized systems against distributed ones.• To define mechanisms of interprocess control, such as
pipes, semaphores, flags, and message queues.• To define, in detail, how semaphores are used, and how
the can prevent deadlock.• To define the conditions for deadlock.• To outline algorithms to prevent deadlock, such as the
Banker’s Algorithm.• To outline practical interprocess control protocols,
especially RPC.
3. Distributedprocessing
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.1 Centralised v. Distributed
HeadOffice
RegionalOffice
LocalOffice
ATM
CustomersStaff
Logistics
Distributed:Decision makingAccount managementLogistics
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.6 Deadlock
• Resource locking. This is where a process is waiting for a resource which will never become available. Some resources are pre-emptive, where processes can release their access on them, and give other processes a chance to access them. Others, though, are non-pre-emptive, and processes are given full rights to them. No other processes can then get access to them until the currently assigned process is finished with them. An example of this is with the transmission and reception of data on a communication system. It would not be a good idea for a process to send some data that required data to be received, in return, to yield to another process which also wanted to send and receive data.
• Starvation. This is where other processes are run, and the deadlocked process is not given enough time to catch the required event. This can occur when processes have a low priority compared with other ones, as higher priority tasks tend to have a better chance to access the required resources.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.7 Analogy to deadlock
C
F
AB
DE
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.8 Four conditions for deadlock
• Mutual exclusion condition. This is where processes get exclusive control of required resources, and will not yield the resource to any other process.
• Wait for condition. This is where processes keep exclusive control of acquired resources while waiting for additional resources.
• No pre-emption condition. This is where resources cannot be removed from the processes which have gained them, until they have completed their access on them.
• Circular wait condition. This is a circular chain of processes on which each process holds one or more resources that are requested by the next process in the chain.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.7 Analogy to deadlock
C
F
AB
DE
Circular wait condition
Mutual exclusion condition and nopre-emption. None ofcars will give up theirexclusive access to the Junction.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.9 Banker’s Algorithm (Safe condition)
Process A requires a maximum of 50MB.Process B requires a maximum of 40MB.Process C requires a maximum of 60MB.Process D requires a maximum of 40MB. The current state would be safe as Process A can complete which releases 50 MB (which allows the other processes to complete):
Process Current allocation Maximum allocation required
A 40 50
B 20 40
C 20 60
D 10 40
Resource unallocated
10
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.10 Banker’s Algorithm(Unsafe condition)
Process A requires a maximum of 50MB.Process B requires a maximum of 40MB.Process C requires a maximum of 60MB.Process D requires a maximum of 40MB. The current state would be unsafe as no process can complete:
Process Current allocation Maximum allocation required
A 15 50
B 30 40
C 45 60
D 0 40
Resource unallocated
5
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.11 Banker’s Algorithm
Each resource has exclusive access to resources that have been granted to it.Allocation is only granted if there is enough allocation left for at least one process to complete, and release its allocated resources.Processes which have a rejection on a requested resource must wait until some resources have been released, and that the allocated resource must stay in the safe region.
Problems:Requires processes to define their maximum resource requirement.Requires the system to define the maximum amount of a resource.Requires a maximum amount of processes.Requires that processes return their resources in a finite time.Processes must wait for allocations to become available. A slow process may stop many other processes from running as it hogs the allocation.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
3.12 RPC
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
Data LinkData Link
PhysicalPhysicalEthernet/ISDN/FDDI/ATM/etc
TCP/IPUDP/IP
RPC
Application program
Data link
Network layer responsiblefor the routing data over thenetwork and delivering it at thedestination
Network
Applicationprogram
Applicationprogram
Transport layer sets upa virtual connection, andstreams data
Remote process
Remote process
Session layer (RPC) supportsthe running of remoteprocesses and passing run parameters and results
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
Data LinkData Link
PhysicalPhysicalEthernet/ISDN/FDDI/ATM/etc
TCP/IPUDP/IP
RPC
Application program
Data link
Network layer responsiblefor the routing data over thenetwork and delivering it at thedestination
Network
Applicationprogram
Applicationprogram
Transport layer sets upa virtual connection, andstreams data
Remote process
Remote process
Session layer (RPC) supportsthe running of remoteprocesses and passing run parameters and results
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
The caller process sends a call message,
with all the procedure’s parameters
Client
Server reads parameters and runs the process
Server
Caller process waits for a response
Server process waits for a call
The caller process sends a call message,
with all the procedure’s parameters
Process, andparameters
Server sends results to the
clientResults
Server process waits for a call
3.13 RPC operation
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC
RPC provides:
• A unique specification of the called procedure. • A mechanism for matching response parameters with
request messages.• Authentication of both callers and servers. The call
message has two authentication fields (the credentials and verifier), and the reply message has one authentication field (the response verifier).
• Protocol errors/messages (such as incorrect versions, errors in procedure parameters, indication on why a process failed and reasons for incorrect authentication).
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC
RPC provides three fields which define the called procedure:
• Remote program number. These are numbers which are defined by a central authority (like Sun Microsystems).
• Remote program version number. This defines the version number, and allows for migration of the protocol, where older versions are still supported. Different versions can possibly support different message calls. The server must be able to cope with this.
• Remote procedure number. This identifies the called procedure, and is defined in the specification of the specific program’s protocol. For example, file service may define that an 8 defines a read operation and a 10 defines a write operation.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC
RPC call message format:
• Message type. This is either CALL (0) or REPLY (1).• Message status. There are two different message status
fields, depending on whether it is a CALL or a REPLY. • Rpcvers. RPC Version number (unsigned integer). • Prog, vers and proc. Specifies the remote program, its
version number and the procedure within the remote program (all unsigned integers).
• Cred. Authentication credentials.• Verf. Authentication verifier.• Procedure specific parameters.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC authentications
RPC authentication
• No authentication (AUTH_NULL). No authentication is made when callers do not know who they are or when the server does not care who the caller is. This type of method would be used on a system that did not have external connections to networks, and assumes that all the callers are valid.
• Unix authentication (AUTH_UNIX). Unix authentication uses the Unix authentication system, which generates a data structure with a stamp (an arbitrary ID which the caller machine may generate), machine name (such as ‘Apollo’), UID (caller’s effective user ID), GID (the caller’s effective group ID) and GIDS (an array of groups which contain the caller as a member).
• Short authentication (AUTH_SHORT). • DES authentication (AUTH_DES). Unix authentication suffers from two
problems: the naming is too Unix oriented and there is no verifier (so credentials can easily be faked). DES overcomes this by addressing the caller using its network name (such as ‘[email protected]’) instead of by an operating system specific integer. These network names are unique on the Internet. For example [email protected] identifies user ID number 111 on the mycomputer.net system.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC programming
RPC programming levels:
• Highest layer. At this level the calls are totally transparent to the operating system, the computer type and the network. With this the programmer simply calls the required library routine, and does not have to worry about any of the underlying computer type, operating system or networking. For example, the rnusers routine returns the number of users on a remote computer (as given in Program 3.2).
• Middle layer. At this level the programmer does not have to worry about the network connection (such as the TCP sockets), the Unix system, or other low-level implementation mechanisms. It just makes a remote procedure call to routines on other computers, and is the most common implementation as it gives increased amount of control over the RPC call. These calls are made with: registerrpc (which obtains a unique system-wide procedure identification number); callrpc (which executes a remote procedure call); and svc_run. The middle layer, in some more complex applications, does not allow for timeout specifications, choice of transport, Unix process control, or error flexibility in case of errors. If these are required, the lower layer is used.
• Lowest layer. At this level there is full control over the RPC call, and this can be used create robust and efficient connections.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC highest level programming
#include <stdio.h> int main(int argc, char *argv[]) { int users; if (argc != 2) { fprintf(stderr, "Use: rnusers hostname\n"); return(1); } if ((users = rnusers(argv[1])) < 0) { fprintf(stderr, "Error: rnusers\n"); exit(-1); } printf("There are %d users on %s\n", users, argv[1]); return(0); }
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC middle level programming
#include <stdio.h>#include <rpc.h>#define RUSERSPROG 10002 /* Program number */#define RUSERSVERSION 2 /* Version number */#define RUSERPROCVAL 1 /* Procedure number */int main(int argc, char *argv[]) { unsigned long users; int rtn; if (argc != 2) {
fprintf(stderr, "Use: nusers hostname\n"); exit(-1); } if (rtn = callrpc(argv[1], RUSERSPROG, RUSERSVERSION, RUSERSPROCVAL,
xdr_void, 0, xdr_u_long, &users) != 0) { clnt_perrno(stat); return(1); } printf("There are %d users on %s\n", users, argv[1]); return(0); }
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC lowest level programming
#include <stdio.h> #include <rpc.h> #define RUSERSPROG 10002 /* Program number */#define RUSERSVERSION 2 /* Version number */#define RUSERPROCVAL 1 /* Procedure number */ char *nuser(); int main(void) { registerrpc(RUSERSPROG, RUSERSVERS, RUSERSPROC_NUM, nuser,
xdr_void, xdr_u_long); svc_run(); fprintf(stderr, "Error: server terminated\n"); return(1); }
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
RPC lowest level programming
Sample contents of /etc/rpc file:
portmapper 100000 portmap sunrpcrstatd 100001 rstat rstat_svc rup perfmeterrusersd 100002 rusersnfs 100003 nfsprogypserv 100004 ypprog
This shows RPC process name, and RPC procedure number.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
3. Distributedprocessing
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare
4.1 Distributed File Systems4.2 Active Directories4.3 Exercises4.4 Sample exam question
Objectives:• To discuss the advantages of a distributed file system.• To outline the different methods of mounting remote file
systems onto a file system structure.• To outline practical implementations of a distributed file
systems, especially NFS.• To show how domains can be created and managed,
especially using standard protocols, such as NIS.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.1 Distributed file system
Distributed databases
Networked filesystem (NFS)
CentralizedConfiguration(passwords, user IDs,and so on)
LocalizedFile storage(rather thanaccessing a remote file)
Mounted asa local drive
Administrationservices
Network
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.2 Advantages of distributed file systems
• File system mirrors the corporate structure. File systems can be distributed over a corporate network, which might span cities, countries or even continents. The setup of a complete network file system over a corporation can allow the network to mirror the logical setup of the organization, rather than its physical and geographical organization. For example the Sales Department might be distributed around the world, but the network in which they connect to is identical to the way that the Sales Department is organized.
• Easier to protect the access rights on file systems. In a distributed file system it is typical to have a strong security policy on the file system, and each file will have an owner who can define the privileges on this file. File systems on user computers tend to have limited user security.
• Increased access to single sources of information. Many users can have access to a single source of information. Having multiple versions of a file can cause a great deal of problems, especially if it is not know as to which one is the most up-to-date.
• Automated updates. Several copies of the same information can be stored, and when any one of them is updated they are synchronized to keep each of them up-to-date. Users can thus have access to a local copy of data, rather than accessing a remote copy of it. This is called mirroring files.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.3 Advantages of distributed file systems
• Improved backup facilities. A user’s computer can be switched-off, but their files can still be backed-up from the distributed file system.
• Increased reliability. The distributed file system can have a backbone which is constructed from reliable and robust hardware, which are virtually 100% reliable, even when there is a power failure, or when there is a hardware fault.
• Larger file systems. In some types of distributed file systems it is possible to build-up large file systems from a network of connected disk drives.
• Easier to administer. Administrators can easily view the complete file system.• Interlinking of databases. Small databases can be linked together to create
large databases, which can be configured for a given application. The future may also bring the concept of data mining, where agent programs will search for information with a given profile by interrogating databases on the Internet.
• Limiting file access. Organizations can setup an organization file structure, in which users can have a limited view of complete file system.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.4 Traditional file structure v. corporate structure
\\
usersusers
progsprogs
configconfig
fredfred
bertbert
orgnameorgname
salessales productionproduction
researchresearch
UK OfficeUK Office
US OfficeUS Office
\\
usersusers
progsprogs
configconfig
fredfred
bertbert
orgnameorgname
salessales productionproduction
researchresearch
UK OfficeUK Office
US OfficeUS Office
Tree structure
UNIX NDS/ActiveDirectories
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Network
4.5 Flat structures
\\
\\bert \\fred \\freddy
Local disk Local disk Local disk
Windows NT uses a flat structure, where nodes join into a domain
Flat structure
Domain
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
GlobalFile system
/etc
/user
/progs
/sys
C:
D:
E:
F:
Network
Forest ofdrives
Singletree
Drives mountedover the networkto create a single tree
Drives mountedover the networkto a forest of drives
4.6 Forest of drives v. single tree
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.7 NFS services protocol stack
Physical
Data link
Network
Transport
Session
Ethernet/Token Ring
IP
TCP
RPC
Application NFS NIS
Presentation XDR
RPC is stateless, where a NFS server waits for a client to contact it for a client to contact it, it then gets a request for a service, and sends back the results.
XDR defines a common data format for the conversion of data values.
RPC defines a a number of procedures which can be executed on the server, such as WRITE, CREATE, and so on.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.8 Some RPC procedures used by NFS
No. Procedure Name0 void NULL(void) No operation1 attrstat GETATTR(fhandle) Get file attributes2 attrstat SETATTR(sattrargs) Set file attributes6 readres READ(readargs) Read from file8 attrstat WRITE(writeargs) Write to file9 diropres CREATE(createargs) Create file10 stat REMOVE(diropargs) Remove file11 stat RENAME(renameargs) Rename file13 stat LINK(linkargs) Create link to file14 diropres MKDIR(createargs) Create symbol link15 stat RMDIR(diropargs) Create directory
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
NetworkRPC proceduresgetattr, setattr,read, write,create, remove,rename, link,symlink, mkdir,rmdir, readdir
NFS serverRemotely accessedfile system
File system eithermounted onto a singletree or as a forest of drives
Network
NFS client
RPC responseRequested data,parameters orstatus flag (such as:NFS_OK and NFSERR_PERM)
4.9 RPC procedures and responses
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Master NIS server maintains:/etc/passwd Domain passwords/etc/groups Domain groups/etc/hosts IP addresses and host names/etc/rpc RPC processes/etc/network Used to map IP address to networks/etc/protocols Known network layer protocols/etc/services Known transport layer protocols
ClientsNIS Domain
#/etc/passwdroot:FDEc6.32:1:0:Super unser:/user:/bin/cshfred:jt.06hLdiSDaA:2:4:Fred Blogs:/user/fred:/bin/cshfred2:jtY067SdiSFaA:3:4:Fred Smith:/user/fred2:/bin/csh
#/etc/groupsroot::0:rootother::1:root,hpdbbin::2:root,binsys::3:root,uucpfreds_grp::4:fred,fred2,fred3
#/etc/hosts138.38.32.45 bath198.4.6.3 compuserve193.63.76.2 niss148.88.8.84 hensa146.176.2.3 janet
#/etc/rpcportmapper 100000 portmap sunrpcrstatd 100001 rstat rstat_svc rusersd 100002 rusersnfs 100003 nfsprogypserv 100004 ypprog
#/etc/protocolsip 0 IPicmp 1 ICMPggp 3 GGPtcp 6 TCP
Server
#/etc/servicesftp 21/tcptelnet 23/tcpsmtp 25/tcppop3 110/tcp
#/etc/networksloopback 127.0.0.0localnet 146.176.151.0Production 146.176.142.0
4.10 NIS domain
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Master NISServer maintains:/etc/passwd/etc/groups/etc/hosts/etc/rpc/etc/network/etc/protocols/etc/servicesand so on.
Slave NISserver
Master sends updates to NIS slaves
Slave NISserver
NIS Domain
NISclient
2. Client broadcasts an NIS request to thedomain
3. The client then binds tothe first server which responds
1. Client isstarted
4.11 NIS master and slave(s)
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
4.12 inetd.conf – defines the network services that are started
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args># Echo, discard and daytime are used primarily for testing.echo stream tcp nowait root internalecho dgram udp wait root internaldiscard stream tcp nowait root internaldiscard dgram udp wait root internaldaytime stream tcp nowait root internaldaytime dgram udp wait root internaltime dgram udp wait root internal## These are standard services.ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/wu.ftpdtelnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd## Shell, login, exec and talk are BSD protocols.shell stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rshdlogin stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rlogindtalk dgram udp wait root /usr/sbin/tcpd /usr/sbin/in.ntalkdntalk dgram udp wait root /usr/sbin/tcpd /usr/sbin/in.ntalkd## Pop mail serverspop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.pop3d#bootps dgram udp wait root /usr/sbin/tcpd /usr/sbin/in.bootpd#finger stream tcp nowait daemon /usr/sbin/tcpd /usr/sbin/in.fingerdsystat stream tcp nowait guest /usr/sbin/tcpd /usr/bin/ps -auwwx
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
3. Distributedprocessing
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare
5.1 Introduction5.2 Routing fundamentals5.3 Routing protocol techniques5.4 RIP5.5 OSPF5.6 IGRP5.7 EGP/BGP
Objectives:• To outline the fundamental techniques using in routing
protocols.• To define the main problem in routing protocol
techniques, such as routing loops, and count-to-infinity, and how the may be overcome.
• To outline practical protocols, especially RIP and IGRP, and reflect on their strengths and weaknesses.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.1 Alternative Routes
B
1
Net1
Net2
Net3
Net4
Net5Net6
Net7
Net8
4
3
6 BA 1
2
5
A 1
2
3
4 6
5 6
B
B
5 6
2 4 6 B
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.2 Best route?
Routing based on hops:
Route (1,3,5,6) = 4 hops [BEST]Route (1,3,5,2,4,6) = 6 hops
Routing based on delay (latency):
Route(2,4,6) = 1.5+1.25 = 2.75Route(2,5,6) = 1.1+1.3 = 2.4 [BEST]
Routing based on error probability:
Pe(2 – 5)=0.01 Pe(5 – 6)=0.15Pe(2 – 4)=0.05 Pe(4 – 6)=0.1
Pnoerror(2,5,6) =(1 – 0.01) (1 – 0.15) = 0.8415 Pnoerror(2,4,6) =(1 – 0.05) (1 – 0.1) = 0.855 [BEST]
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.2 Best route?
• Challenge 1.• Challenge 2.
DA
B
C0.1
0.2
0.05
0.3
0.2
Error probability
Route: ABCD No Error =(1-0.2)x(1-0.05)x(1-0.3)
= 0.532
Lowest errorprobability Wins!
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.2 Best route?
• Challenge 1.• Challenge 2.
DA
B
C1
2
0.5
3
2
Delay (ms)
Route: ABCD Delay =(2)+(0.5)+(3) ms
= 5.5 ms
Lowest delayWins!
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.3 Layer 3 protocols
Routing protocols. A routing protocol provides a mechanism for routers to share routing information. These protocols allow routers to pass information between themselves, and update their routing tables. Examples of routing protocols are Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP), Enhanced Interior Gateway Routing Protocol (EIGRP), and Open Shortest Path First (OSPF).
Routed protocols. These protocols are any network layer protocol that allows for the addressing of a host and a destination on a network, such as IP and IPX. Routers are responsible for passing a data packet onto the next router in, if possible, an optimal way, based on the destination network address. The definition of an optimal way depends on many things, especially its reachability. With IP, routers on the path between a source and a destination, examine the network part of the IP address to achieve their routing. Only the last router, which is connected to the destination node network, examines the host part of the IP address.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.4 Types of Routing
Dynamic routing. In dynamic routing, the routers monitor the network, and can change their routing tables based on the current network conditions. The network thus adapts to changing conditions. Unfortunately, this method tends to reveal everything known about an internetwork to the rest of the network. This may be inappropriate for security reasons.
Static routing. In static routing, a system administrator sets up a manual route when there is only one route to get to a network (a stub network). This type of configuring reduces the overhead of dynamic routing. Static routing also allows the internetwork administrator to specify the information that is advertised about restricted parts of a network.
Default routing. These are manually defined by the system administrator and define the path that is taken if there is not a known route for the destination.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.5 Best Route Parameters?
Bandwidth. The data capacity of a link, which is typically defined in bps.
Delay. The amount of time that is required to send a packet from the source to a destination.
Load. A measure of the amount of activity on a route.
Reliability. Relates to the error rate of the link.
Hop count. Defined by the number of routers that it takes between the current router and the destination.
Ticks. Defines the delay of a link by a number of ticks of a clock.
Cost. An arbitrary value which defines the cost of a link, such as financial expense, bandwidth, and so on.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.6 Type of Update?
Broadcast. In broadcast, routers transmit their information to other routers at regular intervals. A typical broadcast routing protocol is RIP, in which routers send their complete routing table once every few minutes, to all of their neighbors. This technique tends to be wasteful in bandwidth, as changes in the route do not vary much over short amounts of time.
Event-driven. In event-driven routing protocols, routing information is only sent when there is a change in the topology or state of the network. This technique tends to be more efficient than broadcast, as it does not use up as much bandwidth.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.7 Routing protocol types
Bandwidth
Hop count
+
+
+
Event driven v. broadcastStatic .v. dynamic
+
Link-state Distance-vector
Each routertransmits routinginformation toall other routersonlywhen there
are changes(OSPF/BGP/EGP)
Problems:•Initial flooding •Processing/memory
Each router periodically sendsinformation toeach of its neighbors(RIP).
Problems: •Bandwidth•Step-by-step updates
Hybrid (IS-IS)
+
+Routed(IP, IPX,NetBEUI)
+Routing(RIP, OSPF)
+
+
+
Delay
Reliability
Tick
Cost
SessionSessionTransportTransportNetworkNetworkData linkData linkPhysicalPhysical
HTTPHTTPTCPTCP
IP RIPIP RIPEthernet/
FDDIEthernet/
FDDI
RoutingRouting
Layer 3 protocolsLayer 3 protocols TypesTypes
UpdatesUpdates
Distancemetrics
Distancemetrics
Bandwidth
Hop count
+
+
+
Event driven v. broadcastStatic .v. dynamic
+
Link-stateLink-state Distance-vector Distance-vector
Each routertransmits routinginformation toall other routersonlywhen there
are changes(OSPF/BGP/EGP)
Problems:•Initial flooding •Processing/memory
Each router periodically sendsinformation toeach of its neighbors(RIP).
Problems: •Bandwidth•Step-by-step updates
Hybrid (IS-IS)
+
+Routed(IP, IPX,NetBEUI)
+Routing(RIP, OSPF)
+
+
+
Delay
Reliability
Tick
Cost
SessionSessionTransportTransportNetworkNetworkData linkData linkPhysicalPhysical
HTTPHTTPTCPTCP
IP RIPIP RIPEthernet/
FDDIEthernet/
FDDI
SessionSessionTransportTransportNetworkNetworkData linkData linkPhysicalPhysical
HTTPHTTPTCPTCP
IP RIPIP RIPEthernet/
FDDIEthernet/
FDDI
RoutingRouting
Layer 3 protocolsLayer 3 protocols TypesTypes
UpdatesUpdates
Distancemetrics
Distancemetrics
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.8 Example routing
W X
Z Y
1 3
2
4
Network A
Network BNetwork C
Dest HopsA 1B 2C 1
Dest HopsA 0B 1C 2
Dest HopsA 2B 1C 0
Dest HopsA 1B 0C 1
Nextxzz
NextNetwork Ayy
NextxNetwork Bz
NextwyNetwork C
W X
Z Y
1 3
2
4
Network A
Network BNetwork C
Dest HopsA 1B 2C 1
Dest HopsA 0B 1C 2
Dest HopsA 2B 1C 0
Dest HopsA 1B 0C 1
Nextxzz
NextNetwork Ayy
NextxNetwork Bz
NextwyNetwork C
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.9 Routing loops
W X
Z Y
1 32
4
A. Network Aunreachable
A. Network Aunreachable Network
unreachable
Network A
V
A. Network Aunreachable
A. Network Aunreachable
B. I can reachNetwork A in
3 hops
B. I can reachNetwork A in
3 hops
Router Z thinks it can reach Network A in 4 hops, as Router W says it canreach it in 3 hops, this overrules the information from
Router Y which says it cannotreach Network A
C. Network AReachable via
Router W
C. Network AReachable via
Router W
D. Network Areachable
D. Network Areachable
E. Network Areachable
E. Network AreachableAA
BB
CC
DD
EE
Timing ofevents
W X
Z Y
1 32
4
A. Network Aunreachable
A. Network Aunreachable Network
unreachable
Network A
V
A. Network Aunreachable
A. Network Aunreachable
B. I can reachNetwork A in
3 hops
B. I can reachNetwork A in
3 hops
Router Z thinks it can reach Network A in 4 hops, as Router W says it canreach it in 3 hops, this overrules the information from
Router Y which says it cannotreach Network A
C. Network AReachable via
Router W
C. Network AReachable via
Router W
D. Network Areachable
D. Network Areachable
E. Network Areachable
E. Network AreachableAA
BB
CC
DD
EE
Timing ofevents
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.10 Overcoming Distance Vector Problems
Setting infinity values. The count-to-infinity will eventually resolve itself when the routers have counted to infinity (as infinity will be constrained with the maximum definable value), but while the network is counting to this value, the routing information will be incorrect. To reduce the time that it takes to get to this maximum, a maximum value is normally defined. In RIP this value is set at 16 hops for hop-count distance-vectors, thus the maximum number of hops that can occur is 15. This leads to a problem in that a destination which has a distance of more than 15 hops is unreachable, as a value of 16 or more defines that the network is unreachable.
Split horizon. This method tries to overcome routing loops. With this routers do not update their routing table with information on a destination if they know that the network is already connected to the router (that is, the router knows more about the state of the network than any other router, as it connects to it). Thus in Figure X, Router Z and Router X will not send routing information on Network B to Router Y, as they know that Network B is connected to Router Y.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.11 Overcoming Distance Vector Problems
Hold-Down Timers. This method overcomes the count-to-infinity problem. With a hold-time time, a router starts a hold-time timer when it receives an update from a neighbor indicating that a previously accessible network is now inaccessible. It also marks the route as inaccessible. There are then three possible situations:
o If, at any time before the hold-down timer expires, an update is sent from the same neighbor which alerted the initial problem saying that it is now accessible, the router marks the network as accessible and removes the hold-down timer. o If an update arrives from a different neighboring router with a better metric than the original metric, the router marks the network as accessible and removes the hold-down timer.o If, at any time before the hold-down timer expires, an update is sent from a different neighbor which alerted the initial problem saying that it is accessible, but has a poorer metric than the previously recorded metric, the update is ignored. Obviously after the timer has expired the network will still be prone to looping routes, but the timer allows for a longer time for the network to settle down and recover the correct information.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.12 Link-state overview
W X
Z Y
1 32
4
LSP:NetworkUnreachable
LSP:NetworkUnreachableLSP:Network
ReachableLSP:NetworkReachable
LSP:NetworkUnreachable
LSP:NetworkUnreachable
Networkunreachablearrives afternetwork reachable
Network 1 becomes unreachable for a short time
OSPF (RFC1583)OSPF (RFC1583)Ver.Ver. TypeType Message Len.Message Len.
Router IDRouter IDArea IDArea ID
ChecksumChecksum Auth. TypeAuth. Type
AuthenticationAuthentication+ Memory
Increased amount ofstorage memoryfor tree
ProcessingIncreased processingpower required tobuild trees
+LSP
(Link statepackets)
+Topologicaldatabase(for SPF) A change in
topology causes updates to allother routers
Each routerbuilds up a treetopology of the subnetworksand find shortest path
LSPLink-stateLink-state
MethodsMethods ProblemProblem
OperationOperation
ConcernsConcerns
W X
Z Y
1 32
4
LSP:NetworkUnreachable
LSP:NetworkUnreachableLSP:Network
ReachableLSP:NetworkReachable
LSP:NetworkUnreachable
LSP:NetworkUnreachable
Networkunreachablearrives afternetwork reachable
Network 1 becomes unreachable for a short time
W X
Z Y
1 32
4
LSP:NetworkUnreachable
LSP:NetworkUnreachableLSP:Network
ReachableLSP:NetworkReachable
LSP:NetworkUnreachable
LSP:NetworkUnreachable
Networkunreachablearrives afternetwork reachable
Network 1 becomes unreachable for a short time
OSPF (RFC1583)OSPF (RFC1583)Ver.Ver. TypeType Message Len.Message Len.
Router IDRouter IDArea IDArea ID
ChecksumChecksum Auth. TypeAuth. Type
AuthenticationAuthentication
OSPF (RFC1583)OSPF (RFC1583)Ver.Ver. TypeType Message Len.Message Len.
Router IDRouter IDArea IDArea ID
ChecksumChecksum Auth. TypeAuth. Type
AuthenticationAuthentication+ Memory
Increased amount ofstorage memoryfor tree
ProcessingIncreased processingpower required tobuild trees
+LSP
(Link statepackets)
+Topologicaldatabase(for SPF) A change in
topology causes updates to allother routers
Each routerbuilds up a treetopology of the subnetworksand find shortest path
LSPA change intopology causes updates to allother routers
Each routerbuilds up a treetopology of the subnetworksand find shortest path
LSPLink-stateLink-state
MethodsMethods ProblemProblem
OperationOperation
ConcernsConcerns
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.13 OSPF overview
OSPFisan IGP(Interior
Gateway Protocol)which distributes
routing information betweenrouters in a single autonomous system. All routers have the same database.
Gateways
Separatedomains
OSPF (RFC1583)OSPF (RFC1583)Ver.Ver. TypeType Message Len.Message Len.Router ID (unique in AS)Router ID (unique in AS)
Area ID (similar to subnetting)Area ID (similar to subnetting)ChecksumChecksum Auth. TypeAuth. Type
AuthenticationAuthentication
Hello [1]. Used to establish and maintain a connection. Routers agree HelloIntervalandRouterDeadInterval.•HelloInterval. Number of seconds between Hello
packets. The smaller the value, the fastest the detection of topological changes. X.25 uses 30 sec, LANs uses
10 sec.•RouterDeadInterval. Number of seconds before a routerassumes that a routeis down. It should be a multiple
of HelloInterval (such as four times).Database Description [2]. Used to send databasebetween routers.Link-state Request [3]. Request parts of a neighbor’s
database, which may be more up-to-date.Link-state Update [4]. Used to flood link state advertisements.Link-state Acknowledgement[5]. Used to acknowledge
flooded advertisements.
+
+
+
+
+
AdditionalInformation(depends onpacket type)
32 bits
OS
PF
head
er
Autonomous System
Autonomous System
Autonomous System
Autonomous System
Autonomous System
Autonomous System
EGP used between AS’sInternet
OSPFisan IGP(Interior
Gateway Protocol)which distributes
routing information betweenrouters in a single autonomous system. All routers have the same database.
Gateways
Separatedomains
OSPF (RFC1583)OSPF (RFC1583)Ver.Ver. TypeType Message Len.Message Len.Router ID (unique in AS)Router ID (unique in AS)
Area ID (similar to subnetting)Area ID (similar to subnetting)ChecksumChecksum Auth. TypeAuth. Type
AuthenticationAuthentication
OSPF (RFC1583)OSPF (RFC1583)Ver.Ver. TypeType Message Len.Message Len.Router ID (unique in AS)Router ID (unique in AS)
Area ID (similar to subnetting)Area ID (similar to subnetting)ChecksumChecksum Auth. TypeAuth. Type
AuthenticationAuthentication
Hello [1]. Used to establish and maintain a connection. Routers agree HelloIntervalandRouterDeadInterval.•HelloInterval. Number of seconds between Hello
packets. The smaller the value, the fastest the detection of topological changes. X.25 uses 30 sec, LANs uses
10 sec.•RouterDeadInterval. Number of seconds before a routerassumes that a routeis down. It should be a multiple
of HelloInterval (such as four times).Database Description [2]. Used to send databasebetween routers.Link-state Request [3]. Request parts of a neighbor’s
database, which may be more up-to-date.Link-state Update [4]. Used to flood link state advertisements.Link-state Acknowledgement[5]. Used to acknowledge
flooded advertisements.
+
+
+
+
+
AdditionalInformation(depends onpacket type)
32 bits
OS
PF
head
er
Autonomous System
Autonomous System
Autonomous System
Autonomous System
Autonomous System
Autonomous System
EGP used between AS’sInternet
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.14 Tree-like topology v. Internet-like topology
Org1
Site1 Site2 Site3
LAN1 LAN2 LAN3
Org2
Site1 Site2 Site3
LAN1 LAN2 LAN3
Single backbone
Org1
Site1 Site2 Site3
LAN1 LAN2 LAN3
Org2
Site1 Site2 Site3
LAN1 LAN2 LAN3
Org 3
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
5.15 Autonomously attached networks
Autonomously attached network (AAN)
Autonomously attached network (AAN)
AANAAN
AANAAN
AANAAN
Gateway(G/W)
G/W
G/W
G/W
G/W
G/W
G/W
Autonomously attached network (AAN)
Autonomously attached network (AAN)
AANAAN
AANAAN
AANAAN
Gateway(G/W)
G/W
G/W
G/W
G/W
G/W
G/W
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
3. Distributedprocessing
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare6.1 Introduction
6.2 Router configuration and startup6.3 Router commands6.4 Access Control Lists (ACLs)6.5 Exercises6.6 Cisco router commands
Objectives:• To outline the main elements of a router.• To be able to understand the main elements in the
programming of a router.• To be able to program a router for a given specification.• To understand the operation of firewalls, and how these
are implemented on a firewall.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.1 Routers
Router
Consoleport
Modem
Auxiliaryport
Ether1
Seri
al0
Ether0
Consoleterminal
VirtualTerminal(throughtelnet)
TFTPServer(to downloadconfigurationfiles over thenetwork)
Seri
al1
Interfaces
Auxi
liary
Port
(RJ
-45)
Cons
ole
Port
(RJ
-45)
Serial0(DB-60)
Serial1(DB-60)
Ether0(DB-15)
Ether1(DB-15)ROUTER
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.2 Router modes
ROM
Performhardware
tests
Loadoperating
system
RunEXECBootstrap
program
ExecutesUser commands
Global,process
andinterface
information
Load configuration file from NVRAM
User EXEC.View configuration
parameters
Privileged EXEC.Edit configuration
parameter/debug/testing
Setup modeUsed to configurethe router when
first started
RXBOOTMaintenance mode, such as recovering
lost passwords
Global ConfigPerforms simple
configuration tasks
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.2 Example topology
Switch LAB-A(Router)
LAB-B(Router)
Serial0 Serial1Ether1 LAB-C(Router)
Serial0 Serial1
LAB-D(Router)HubHub
LAB-E(Router)
Ether0 Ether0 Serial0
201.100.11.0205.7.5.0
192.5.5.0 219.17.100.0 223.8.151.0
210.93.105.0
Serial1
Ether0Ether0
199.6.13.0
201.100.11.1201.100.11.2 199.6.13.1 199.6.13.2
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.3 Router startup
• The bootstrap loader is loaded from ROM and run on the processor. • The operation system (Cisco IOS – Internetwork Operating System) is then loaded
from the boot field of a configuration register (which specifies either boot from flash memory, boot from the network or manual boot). The lower four bits of the configuration register define the boot field.
• The operating system is then booted, and it determines the hardware and the software on the system, and displays these to the console terminal.
• The operating system then loads the configuration file from NVRAM and executes it one line at a time. These lines start different processes, and define addresses and protocol types.
• If there is no configuration file in NVRAM, the router automatically goes into user setup mode, where the router asks the user questions about the router configuration. Once these have been specified the router saves these to NVRAM, so that the settings will be saved. Once saved, the router should automatically boot, without going into user setup mode. As much as possible the router tries to discover its environment, and tries to minimize the settings that the user has to add. Typically values are given in squared brackets, which are defaults that the user can choose if the return key is pressed at the option.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.4 Router memory
• NVRAM. This type of memory does not lose its contents when the power is withdrawn, but can be written to. It is used to store the router’s backup/startup configuration file. One of the options in the configuration is where the operating system image is loaded from, typically either from flash memory, or from a TFTP server.
• Flash. This is erasable, reprogrammable ROM, which keeps its contents when the power is taken away. It is used in the router to contain one or more copies of the operating system image and microcode. Flash memory allows for easy updates to the operating system software, without having to replace any parts of the hardware.
• ROM. This is a permanent type of memory, which cannot be changed, and does not lose its contents when the power is withdrawn. On the router it contains power-on diagnostics, a bootstrap program, and operating system software. Upgrades to ROM require a change of a ROM integrated circuit.
• RAM. This is the main memory of the router and stores running programs and the current running configuration file. Along with this the RAM stores routing tables, ARP cache, packet buffering and packet hold queues. The contents of the RAM are lost when the power is withdrawn.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.5 Router commands (enable)
LAB-A con0 is now availablePress RETURN to get started.User Access VerificationPassword: *******LAB-A> ?Exec commands: access-enable Create a temporary Access-List entry access-profile Apply user-profile to interface clear Reset functions connect Open a terminal connection
::::::::LAB-A> enablePassword: **********LAB-A# ?Exec commands: access-enable Create a temporary Access-List entry access-profile Apply user-profile to interface access-template Create a temporary Access-List entry cd Change current directory
::::::::
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.6 Router commands (enable)
show arp. Displays the current status of router’s ARP tables, which map IP addresses to MAC address. Session run 6.6 gives an example of this command.show buffers. This command shows detailed statistics on the buffers within the router. Session run 6.2 gives an example of this command. In this case, the memory buffers split into small buffers (104 bytes), middle buffers (600 bytes), big buffers (1524 bytes), very big buffers (4520 bytes), large buffers (5024 bytes) and huge buffers (18024 bytes). show flash. This command displays information on the data stored in the flash memory. An example is given in Session run 6.8.show hosts. This command displays a lists of connected hosts and their IP addresses.show interfaces. This command displays statistics for all interfaces configured on the router. Session run 6.10 shows an example.show mem. This command displays the usage of the routers memory. Session run 6.3 shows an example. show processes. This command shows the active processes.show protocols. This command displays the status of currently running protocols (such as IP, IPX, AppleTalk and DECnet). It can be seen from Session run 6.9 that there are three active interfaces (Ethernet0, Serial0 and Serial1), and that each of the interfaces is operating (‘they are up’). For example the IP address of Ethernet0 interface is 219.17.100.1/24, which specifies that it has an IP address of 219.17.100.1 and that 24 bits are used to define the network part of the address (as expected as it is a Class C address).show running-config. This command displays the active configuration file. show startup. Displays the startup configuration file. show version. This command display information on the hardware, software version, configuration file name, and the boot image.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.7 Router commands (show buffers)
LAB-A# show buffersBuffer elements: 500 in free list (500 max allowed) 2026 hits, 0 misses, 0 createdPublic buffer pools:Small buffers, 104 bytes (total 50, permanent 50): 49 in free list (20 min, 150 max allowed) 669 hits, 0 misses, 0 trims, 0 created
::::::::Huge buffers, 18024 bytes (total 0, permanent 0): 0 in free list (0 min, 4 max allowed) 0 hits, 0 misses, 0 trims, 0 created 0 failures (0 no memory)Interface buffer pools:Ethernet0 buffers, 1524 bytes (total 32, permanent 32): 8 in free list (0 min, 32 max allowed) 24 hits, 0 fallbacks 8 max cache size, 8 in cache
::::::::Serial0 buffers, 1524 bytes (total 32, permanent 32): 7 in free list (0 min, 32 max allowed) 102 hits, 0 fallbacks 8 max cache size, 8 in cache
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.8 Router commands (show hosts)
LAB-A> show hostsDefault domain is not setName/address lookup uses domain serviceName servers are 255.255.255.255 Host Flags Age Type Address(es)LAB-B (perm, OK) 17 IP 201.100.11.2 219.17.100.1 199.6.13.1LAB-C (perm, OK) 18 IP 199.6.13.2 223.8.151.1 204.204.7.1LAB-D (perm, OK) 19 IP 204.204.7.2 210.93.105.1LAB-E (perm, OK) 18 IP 210.93.105.2LAB-A (perm, OK) 19 IP 192.5.5.1 205.7.5.1 201.100.11.1
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.9 Router commands (show protocols)
Lab-B> show protocolsInternet Protocol routing is enabledEthernet0 is up, line protocol is up Internet address is 219.17.100.1/24Serial0 is up, line protocol is up Internet address is 199.6.13.1/24Serial1 is up, line protocol is up Internet address is 201.100.11.2/24
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.10 Router commands (show running-config)
Lab-B# show running-configBuilding configuration... Current configuration:!version 12.0service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Lab-B!enable password class!ip subnet-zero!interface Ethernet0 ip address 219.17.100.1 255.255.255.0 no ip directed-broadcast!interface Serial0 ip address 199.6.13.1 255.255.255.0 ip directed-broadcast no ip mroute-cache no fair-queue clockrate 56000!
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.11 Router commands (show running-config – cont.)
interface Serial1 ip address 201.100.11.2 255.255.255.0 no ip directed-broadcast!router rip network 199.6.13.0 network 201.100.11.0 network 219.17.100.0!no ip classless!line con 0 password cisco login transport input noneline aux 0line vty 0 4 password cisco login!end!
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
LAB-A(Router)LAB-A
(Router)LAB-B
(Router)LAB-B
(Router)Serial1 LAB-C
(Router)LAB-C
(Router)Serial0
HubHub
Ether0
201.100.11.0
219.17.100.0
199.6.13.0
201.100.11.2 199.6.13.1 199.6.13.2
201.100.11.2
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.12 MAC and IP address
Switch LAB-A(Router)
Hub
MAC: 0010.7b81.1d72IP: 192.5.5.1
205.7.5.0
192.5.5.0
ARP TABLE (in LAB-A)Protocol Address Age (min) Hardware Addr Type InterfaceInternet 205.7.5.254 108 0030.8071.9f40 ARPA Ethernet1Internet 192.5.5.1 - 0010.7b81.1d72 ARPA Ethernet0Internet 192.5.5.12 1 0000.b430.b332 ARPA Ethernet0
Internet 205.7.5.1 - 0010.7b81.1d73 ARPA Ethernet1
MAC: 0000.b430.b332 IP: 192.5.5.12
MAC: 0010.7b81.1d73 IP: 205.7.5.1
MAC: 0030.8071.9f40 IP: 205.7.5.254
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.13 Router programming
Router> enableRouter#
Router# config tEnter configuration commands, one per line. End with END.Router (config)# hostname LAB_ALAB_A (config)#
LAB_A (config)# enable secret classLAB_A (config)# exitLAB_A# exitLAB_A> enablePassword: cccPassword: classLAB_A#
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.14 Router programming
LAB_A# config tLAB_A (config)# int e0LAB_A (config-if)# ip address 192.5.5.1 255.255.255.0LAB_A (config-if)# no shutdownLAB_A (config-if)# exitLAB_A (config)# int e1LAB_A (config-if)# ip address 205.7.5.1 255.255.255.0LAB_A (config-if)# no shutdownLAB_A (config-if)# exitLAB_A (config)# int s0LAB_A (config-if)# ip address 201.100.11.1 255.255.255.0LAB_A (config-if)# clock rate 56000LAB_A (config-if)# no shutdownLAB_A (config-if)# exit
LAB_A (config)# router ripLAB_A (config-router)# network 192.5.5.0LAB_A (config-router)# network 205.7.5.0LAB_A (config-router)# network 201.100.11.0LAB_A (config-router)# exitLAB_A (config)#
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.15 ACLs
A port on a router can be setup with ACLsto filter traffic based on the network address or the source or destination port number
For example the firewall may block FTP traffic going out of the network.
Router
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.16 ACLs
• Source IP address. The address that the data packet was sent from.
• Destination IP address. The address that the data packet is destined for.
• Source TCP port. The port that the data segment originated from. Typical ports which could be blocked are FTP (port 21), TELNET (port 23), and WWW (port 80).
• Destination TCP port. The port that the data segment is destined for.
• Protocol type. This filters for UDP or TCP traffic.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.17 Standard ACLs
Router# access-list access-list-value {permit | deny} source source-mask
Router# access-list 1 deny 156.1.1.10 0.0.0.0
Router# access-list 1 deny 156.1.1.0 0.0.0.255
Router# access-list 1 deny 156.1.1.0 0.0.0.255Router# access-list 1 permit ip any any
Router (config)# interface Ethernet0Router (config-if)# ip address 156.1.1.130 255.255.255.0Router (config-if)# ip access-group 1 in
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
6.18 Extended ACLs
Router# access-list access-list-value {permit | deny} {test-conditions}
Router(config)#access-list 100 deny ip host 156.1.1.134 156.70.1.1 0.0.0.0
Router(config)#access-list 100 permit ip any any
Router(config)#access-list 100 deny ip 156.1.1.0 0.0.0.255 156.70.1.0 0.0.0.255Router(config)#access-list 100 permit ip any any
Router(config)#access-list 100 deny ip 156.1.1.0 0.0.0.254 host 156.70.1.1
Router(config)#access-list 100 permit ip any any
Router (config)# interface Ethernet0Router (config-if)# ip address 156.1.1.130 255.255.255.192Router (config-if)# ip access-group 100 in
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Networking Operating Systems (CO32010)
1. OperatingSystems
2. Processesand scheduling
3. Distributedprocessing
4. Distributedfile systems
5. Routingprotocols6. Routers
7. Encryption
8. NT, UNIX and NetWare
8.1 Introduction8.2 Microsoft Windows8.3 UNIX8.4 Novell NetWare8.5 NDS
Objectives:• To outline the usage of the three main NOS’s: NT/2000,
UNIX and Netware.• To define the usage of object properties in each of the
NOS’s.• To define how distributed files systems are created in the
three main NOS’s (UNIX – NFS, Active Directories – NT/2000 and NDS – NetWare)
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Domain(my_d)
Domain(my_d)
Local audit policy Success Failure• User login/logout
• File and object access • Use of user rights • User and group management • Security policy changes • Restart/shutdown • Process tracking
\\bills_pc
\\freds_pc
\\server1
Domain audit policy Success Failure• User login/logout • File and object access • etc
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
UNIX file attributes
- rwxr - xr -x 1 bill_b staff 28 May 12 1993 gopc
d rwx rwx rwx
USER GROUP WORLD
group’s name
directory attribute
file owner name
date/time last modified filename
User
Group
World
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
UNIX
• TCP/IP for its communications.• NFS for mounting files over a network.• ICMP (for ping, traceroute, and so on).• RIP (for routing).• ARP (for determination of MAC addresses).• DNS (for determining domain names).• BOOTP (for IP address allocation).• FTP (for file transfer).• TELNET (for remote login).• NIS (for creating domains).• RPC (for remote processing execution).• SMTP (for e-mail).• SNMP (for network management)
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Transport DriverInterface (TDI)
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
Data linkData link
PhysicalPhysical
NetWare(SPX/IPX)NetWare(SPX/IPX)
UNIX/Internet(TCP/IP)
UNIX/Internet(TCP/IP)
Windows(NetBEUI)Windows(NetBEUI)
Media Access ControlMedia Access Control
Ethernet/ ATM/ ISDN/ etc.Ethernet/ ATM/ ISDN/ etc.
Application programApplication program
Network DeviceInterface Specification
(NDIS)NDIS
WrapperNDIS NICDriver
NIC
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
ODI (opendata-link interface)
NIC (networkinterface card)
SPX/IPX
NCP (networkcore protocol)
NetWare shell(NETx)
Application programs
software
hardware
server
NetWare client: Windows NT, Windows 3.1, Unix, OS/2, Mac or DOS
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Application
Presentation
Session
Transport
Network
Data link
Physical
Ethernet,Token Ring,
etc.
IPX
Open-deviceinterface (ODI)
NetWareshell
NCP redirector/NETBIOS emulator
SPX
Applicationprogram
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Problems with Novell NetWare 3
• It uses SPX/IPX which is incompatible with TCP/IP traffic.
• It is difficult to synchronize servers with user information.
• The file structure is local to individual servers.
• Server architecture is flat and cannot be organized into a hierarchical structure (Bindery services).
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
NDS
• Hierarchical server structure.• Network-wide users and groups.• Global objects. NDS integrates users, groups,
printers, servers, volumes and other physical resources into a hierarchical tree structure.
• System-wide login with a single password. This allows users to access resources which are connected to remote servers.
• NDS processes logins between NetWare 3.1 and NetWare 4/5 servers, if the login names and passwords are the same.
• Supports distributed file system.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
NDS (cont.)
• Synchronization services. NDS allows for directory synchronization, which allows directories to be mirrored on different partitions or different servers. This provides increased reliability in that if a server develops a fault then the files on that server can be replicated by another server.
• Standardized organizational structure for applications, printers, servers and services. This provides a common structure across different organizations.
• It integrates most of the administrative tasks in Windows-based NWADMIN.EXE program.
• It is a truly distributed system where the directory information can be distributed around the tree.
• Support for NFS server for UNIX resources. • Multiple login scripts, as opposed to system and user login scripts in
NetWare 3.1.• Windows NT support.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Organization
Electrical Mechanical Production Administration
BINS/VOL1
Q_LASER
CD_DISK
SYS/VOL2
Containerobjects
Containerobjects
Rootobjects
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
[ROOT]. This is the top level of the inverted tree and contains all the objects within the organizational structure.
Organization. This object class defines the organizational name (such as FRED_AND_CO). It is normally the next level after [ROOT] (or below the C=Country object).
User. This object defines an individual user. The first user created in a NetWare 4 system is the ADMIN user, which is typically the only user with rights to add and delete objects on the whole of the NDS struc-ture.
NCP (NetWare Control Protocol) Server. This appears for all NetWare 4 servers.
Volume. This identifies the mounted volume for file services. A ne t-work file system data links to the Directory tree through Volume objects.
The most commonly used objects are:
Bindery. These allow compatibility with existing Bindery-based NetWare 3, NetWare 3 clients and NetWare 4 servers which do not completely implement NDS. They display any object that isn’t a user, group, queue, profile or print server, which was created using the bind-ery services.
Organizational unit. This object represents the OU part of the NDS tree. These divide the NDS tree into subdivisions, which can represent different geographical sites, different divisions or workgroups. Diffe r-ent divisions might be PRODUCTION, ACCOUNT, RESEARCH, and so on. Each Organizational Unit has its own login script.
Organization role. This object represents a defined role within an organization object. It is thus easy to identify users who have an a d-ministrative role within the organization.
Group. This object represents a grouping of users. All users within a group inherit the same access rights.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Directory map. This object points to a file system directory on a mounted volume. It is typically used to create a global file system which has physically separate parts.
Alias. This identifies an object with another name. For example, a print queue which is called NET_PRINT1 might have an alias name of HP _LASER_JET_6.
Printer. This can either be connected to the printer port of a PC, or connected to a NetWare server.
Print queue. This object represents the queue of print jobs.
Profile. This object defines a special scripting file. This can be a global login script, a location login script or a special login script.
Print server. This object allows print jobs to be queued, waiting to be serviced by the associated printer.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
• [ROOT]. This is the top level of the tree. The top of the NDS tree is the [ROOT] object.
• C=Country. This object can be used, or not, to represent different countries, typically where an organization is distributed over two or more countries. If it is used then it must be placed below the [ROOT] object. NDS normally does not use the Country object and uses the Organization Unit to define the geographically located sites, such as SALES_UK.[ROOT], SALES_USA.[ROOT], and so on.
• L=Locality. This object defines locations within other objects, and identifies network portions. The Country and Locality objects are included in the X.500 specification, but they are not normally used, because many NetWare 4 utilities do not recognize it. When used, it must be placed below the [Root] object, Country object, Organization object, or Organizational Unit object.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Leaf Objects (CN - Common Name)
Apart from the container objects (C, O, OU, and so on) there are leaf objects. These are assigned a CN (for Common Name). They include:
CN=AFP Server CN=BinderyCN=Bindery Queue CN=ComputerCN=Directory Map CN=GroupCN=Organizational Role CN=Print Queue CN=Print ServerCN=Printer CN=ProfileCN=Server CN=UserCN=Volume
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
[ROOT]
O=Organization(such as: O=FRED_ANDCO)
OU=Organizational Unit(such as: OU=TEST)
User1Groups
Printer
Printer Server
Print Queues
User2
Volumes
OU=Organizational Unit(such as: OU=SALES)
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
• LP=Licensed Product. This object is automatically created when a license certificate is installed. When used, it must be placed below the [Root] object, Country object, Organization object, or Organizational Unit object.
• O=Organization. This object represents the name of the organization, a company division or a department. Each NDS Directory tree has at least one Organization object, and it must be placed below the [Root] object (unless the tree uses the Country or Locality object).
• OU=Organization Unit. This object normally represents the name of the organizational unit within the organization, such as Production, Accounts, and so on. At this level, User objects can be added and a system level login script is created. It is normally placed below the Organizational object.
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Primary server
NICMSL
adapterMSL
adapter NIC
Secondary server
Duplexedtraffic
Network connections
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
PPP/SLIP
Remote access server
Remote access to network
Remote access connection
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
PPTP PPTP
Remote access server
PPTP encapsulates the required protocol (TCP/IP, IPX, AppleTalk, NETBEUI)
Virtual Private Network
Virtual flow
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
NCP
IPCP IPXCP ACP
PPP
IP
IP
IP
IPX
IPX
IPX
IP
IP
IP
IPX
IPX
IPX
Networklayer
Datalinklayer
Authentication and LCP
Asynchronous/synchronous media
NCP
IPCP IPXCP ACP
Authentication and LCP
Asynchronous/synchronous media
IPPPP trailer PPP header
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Flag(01111110)
Address(11111111)
Control(00000011)
1 byte 1 byte 1 byte 2 bytes 2 or 4 bytes
variable
Protocol Data FCS
Network protocols:0021h – IP0029h – Appletalk002bh – Novell IPX
Network Control Protocols:8021h – IP Control Protocol8029h – Appletalk Control Protocol802bh – Novell IPX Control Protocol
Link Control Protocols:C021h – Link Control ProtocolC023h – PAPC025h – Link Quality ReportC223h – CHAP
Flag(01111110)
1 byte
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Flag(01111110)
Address(11111111)
Control(00000011)
1 byte 1 byte 1 byte
2 bytes2 or 4 bytes
Protocol(C021h - LCP ) FCS Flag
(01111110)
1 byte
Code Identifier Length Data
1 Configure-Request2 Configure-Ack3 Configure-Nak4 Configure-Reject5 Terminate-Request6 Terminate-Ack7 Code-Reject8 Protocol-Reject9 Echo-Request10 Echo-Reply11 Discard-Request12 RESERVED
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Network connection
Client Server
LCP AND NCP packets• Link establishment phase• Link quality phase• Network-layer protocol phase• Link termination phase
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Network
Hostname; remotenodePassword; pass 1
“Remotenode pass 1”
Accept/reject
Password sent with clear text
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
ClientServer
Hostname; remotenodePassword; pass 1
Challenge
Response
Accept/reject
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Closed OpenedClosing
Ack-SentAck-RcvdReq-sent
RCR sta Tut
Closestr
RCN,TO + scr
scn
RCR-
RCR+
RCATO+
RCR-RCR+
scaRCA
RCN,TO +
Open
scascn
bill@napier, 2002
http://www.soc.napier.ac.uk/~bill/nos.html
Link DeadPhase
LinkEstablishment
Phase
AuthenticationPhase
Link Terminatation
Phase
Network-Layer Protocol
Phase
Fail
Opened
Fail
Down Closing
Up
Success/ none
LCP configuration packets
NCP packets