View
220
Download
0
Category
Tags:
Preview:
Citation preview
Network Components and Structure
IT System Components
Readings Burgess, Chapter 2 Mikalsen, Chapter 1
Operating SystemsFile SystemsProcesses and Job ControlDevices and Controllers
Operating Systems
Software which shares and controls hardware resources of a computerShields user from low-level detailsProvides simple access to frequently needed facilities Technical layer (kernel & drivers) File I/O User Interface
4
Operating SystemsOS Users Tasks CPUs
MS/PC DOS S S 1Windows 3X S NonPre-M 1Mac System7 S NonPre-M 1Windows 9X S M- 1AmigaDOS S M- 1Unix-like M M n
VMS M M nNT/2000/XP M M n
OS390 M M n
Unix-Like OS Manufacturer TypeBSD Univ.California Berkeley BSD
SunOS (Solaris 1) Sun Microsystems BSD/Sys5Solaris (2) Sun Microsystems Sys5/BSD
Ultrix DEC/Compaq BSDOSF1/Digital Unix DEC/Compaq BSD/Sys5
HPUX Hewlett-Packard Sys5AIX IBM Sys5/BSDIRIX Silicon Graphics Sys5
GNU/Linux GPL Free Software Posix (SysV/BSD)Unixware Novell Sys5
Operating SystemsMulti-programming (Processes/Threads) allows logical concurrency: multi-user and EventDriven systems, which yields Client/Server architecture!User Interfaces Shell, CLI, GUI
Logfiles, Audit trails, Policies: accounting, security, reliability, performance
Supervisor, Superuser, root user
Comparing UNIX & Windows
Compare Shell Commands See Table 2.1 in Burgess
Compare Directory/File structure See Table 2.2 in Burgess
Compare software concepts See Table 2.3 in Burgess
File SystemsMost OS’s are now multi-user and havehierarchical file systems (Directories & Links)
Unix File HierarchyDirectory structure related to functionLink files – Symbolic vs Hard LinksFile Access Controls Owner,Group,Others method (permission
bits) ACL method
File Permission checkingUser OPEN(“filename”,mode) system callmode = Create, Read, Write, Append, etc..
System searches directory: locates “filename”
Compares users name (UID) of program with Owner of file. If not same, repeat for Group (GID). Else use Other.Compares “mode” with files permBits: Error if “mode” exceeds files allowed permissions.eg. When mode=Read and permBits=rwx,-,- (700) and UID not = Owner
Access Control List checkingInstead of permBits, directory entries for files have ACLsACLs are of the form:
user1:permBits, user2:permBits, …Both user and permBits may be wildcardsACLs may be inherited from parent directoryChecking involves a search of the list to match the name of the user running the program with the user in the ACL
Network File SystemsFor sharing file systems between hosts. Methods include:Drive redirection NET USE in DOS/Windows MAP in Novell
Directory redirection Mount in UNIX
Share & Subscribe, Export & MountConfigured mount or AutomountDistributed Directory systems
Network File SystemsWindows LAN Mgr, Workgroups (SMB),
Unix NFS (originally by SUN)DFS (part of OSI DCE)Common Internet File System (CIFS) “Samba”
Andrew File SystemNetware NDS by NovellWindows Advanced File System
Multi-Programming
ProcessesEach process is a collection of resources:
instance of a running program in RAM, current directory, open files with current position, User and Group ID, limits, etc…
Processes are “time-sliced” by OS SchedulerA process may also contain concurrent paths of execution called ThreadsTo see process hierarchy
Unix: ps –ef or topsWindows: TaskManager
ProcessesUnix Process Hierarchy
New processes are copy of existing ones“Parent” process may wait for “child” processes to exit before proceeding (synchronous model)
When “parent” does not wait, “child” is said to be “running in the background” (asynchronous model)
Processes send termination status message
Process EnvironmentChains of processes share environmentEnvironment may be implied or explicitEnvironment Variables are text stringsVariables usually set by user or scriptEnvironment is inherited by new processes. This is how command parameters are passed from parent to child.But changes to local environment are not passed back to parent process
Things of Special interest to SysAdmins
Logs and Audit Trails A detailed list of actions recorded by
OS File system Logs used to reinstate data Usage Logs used for billing Auditing used for security
Trace source of activity Provide non-repudiation
Things of Special interest to SysAdmins
Privileged Accounts A user with power to configure/maintain
root, Administrator, SysOp, etc.. Can access or do anything !! Is actually very dangerous Should not be used as everyday login. . . .
use only when required Trusted host concept in TCP/IP can now be
easily circumvented because everyone has superuser access on their own PC !!
Things of Special interest to SysAdmins
Knowing how to care for your hardware Read the instructions! Understand interfaces & connectors Know capabilities and limitations of devices
Speeds Capacities Compatibilities
Know how to handle components Avoid damage due to Static Discharge Packaging and transport Assembly
Things of Special interest to SysAdmins
Types of disk drives ATA-IDE SCSI Serial ATA
Types of Memory devices Fast Page,EDO, SDRAM, ECC, etc…
BIOS and NVRAM settings
Things of Special interest to SysAdmins
Easy Systems Integration System built from identical parts Applies to hardware and software
Network Structures
Refer: Burgess Ch 3
Why Network ??Why do networks appear in Enterprises?
Resource Sharing Hardware Data storage &
retrieval Software Processing power Internet Access
Efficient CooperationSecurity Centralized Common backup Also a Risk!
Costs Costly to install but savings later
Networks contain….Hosts that run Clients and ServicesMedia and equipment that connect HostsProtocols that govern connectionsUsers (Vendors or Customers !?!)Networks allow cooperation….Cooperation leads to Communities of Users
Clients and ServersThe Hosts and their services need IdentityIdentities are usually namesHowever protocols use numeric addressesAddresses can be associated with names using resolver services and directoriesThis is an Infrastructure serviceSysAdmins maintain these too….
Host Identities & Name Services
A host has many different names used in various contexts:
HostID – NIC or CPU serial#
Install Name - /etc/hostname.*
Application Names – eg Oracle database name
Local name list - /etc/hosts
Network Information Service – “yellow pages”
Transport level addresses – TCP/UDP port# + IP#
Physical level addresses – NIC address
DNS names – IP names & info
WINS names – IP, NetBIOS & WfW names
Establishing Network Identity
Identity = Address = NameSome addresses are fixed (eg HostID, NIC#)
Some must be initialised (eg during startup) Internet Addresses must be Globally Unique
therefore can’t use NIC# (IPv6 excepted?)
Static Allocation continuous identity (RARP,BOOTP,DNS)
Dynamic Allocation transient identity (BOOTP,DHCP)
Naming Services
Used to convert Address to Name or vice-versa
A Performance and Security nexusDNS or bind used world-wideNIS or NIS+ used in UnixWINS used in WindowsAuthentication (Kerberos, Radius)Directory (X500, ldap, NDS, ActiveServer)
Network Operating Systems
Peer-to-Peer .vs. Server-WorkstationUnix – most general, open and variant
Windows NT/2000/XPWorkgroups or Domains
Novell - NDSMacintosh – now like Unix (System X)
NOS Functions
I/O optimisation – Various forms of Cache
Fault ToleranceDirectory – Manage server resources
User SessionsHome Directory, History & Preferences
Multi-Processing - Concurrency
Print SpoolingBackup
Network Sharing modelsUse synchronous request/reply protocols
(RPC)
Drive mappingFile System MountResource Share & SubscribeTerminal session – CLI or shell basedGUI interface – X11, WindowsWeb-based
Network Hardware
Ethernet, Fast Ethernet, Gigabit EthernetToken RingWireless (IEEE 802.11a/b/g)Fibre Distributed Data interface (FDDI)ATMFibre ChannelHigh Performance Parallel Interface (HIPPI)
Ethernet Hardware
Network Interface Cards (NIC) Connector, RAM, DMA, I/O port, IRQ
Workstations – PCs or “Thin Clients”
Cables & Connectors
Network ConnectionsRepeaters, Bridges and Routers
An Ethernet is a single collision domain ie a single shared medium (segment)Bus topology (physical or logical)Media Access Control (MAC) “contest” based CSMA/CD
Ethernet Frame format Ethernet, Ethernet II and SNAP
Ethernet cable characteristics: Min.Frame size, Signal propagation speed, Max.Segment length = Collision window size
Network Design with Ethernet
Repeaters/hubs, bridges/switches, routersRepeaters copy incoming bits to all outputsBridges filter packets based on MAC address to isolate local traffic from rest of networkBoth extend range (4 repeats max.) or adapt different media and connectorsRouter also, but uses network (IP) addressSwitch forwards packet only to target address
Network Segments
In a single network devices share a media access protocol (eg CSMA/CD in ethernet)A packet being transmitted usually occupies the medium exclusively over the entire cableTo reduce the traffic density in large networks, they need to be divided into separate media areas or segmentsSegments can then be joined using bridges, switches or routers which forward appropriatelyWhat about Broadcasts? Switches usually forward them but Routers usually don’t
Network Analysis Checklist
1. Topology2. Subnets3. Network
addresses4. Default routes
5. Netmask6. What’s
connected7. Host Functions8. Locate key
services
Recommended