Professional Documents
Culture Documents
Module D: The Data Link Layer and Local ♦ MAC (Media Access Control) sublayer:
Area Networks provides media access management protocols
for accessing a shared medium.
(Part II - Local Area Networks or LANs) provides unreliable datagram service.
D.6 LAN and Ethernet Technologies • Summary of IEEE Project 802 LAN Standards:
see Figure 13.1 (p.396/[B]).
• Two main classes of LAN technologies (in 80s and 90s):
see Figure 5.15 (p.488/[A]).
– Token-passing technologies:
Token-ring LANs
FDDI networks (MANs and LANs)
69 70
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
♦ Preamble (8 bytes):
Preamble field (7 identical octets, 10101010, for
synchronization)
Start Frame Delimiter field (1 byte: 10101011)
♦ Payload (46 to 1,500 bytes): − using baseband transmission and Manchester encoding.
Data field
Pad field (dummy data that pads Data field up − network diameter (for 10Base5):
to its minimum length)
♦ the distance between the farthest two nodes.
♦ Trailer (4 bytes):
FCS field
71 72
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
♦ no more than 5 segments of up to 500 m each, and D.7 ARP (Address Resolution Protocol)
no more than 4 repeaters (in the collision domain).
• Address binding:
• Fast Ethernet (100-Mbps), Gigabit Ethernet, and Ten-Gigabit
Ethernet LANs: − Given an IP address of a host, find its physical or
see Figures 5.25 (p.505/[A]), 13.3 (p.398/[B]), 13.19 & hardware address; called Address Resolution (using ARP
13.20 (p.410/[B]), 13.22 (p.414/[B]), and 13.23 or Address Resolution Protocol).
(p.415/[B]).
− Given a physical or hardware address of a host, find its IP
Various IEEE 802.3 specifications for the different variants of address; called Reverse Address Resolution (using RARP
baseband Ethernet and their respective media: or Reverse Address Resolution Protocol)
• ARP:
see Figures 5.17 (p.492/[A]), 5.19 (p.494/[A]), 21.1
(p.613/[B]), 21.2 (p.614/[B]), 21.3 (p.615/[B]), and 21.4
(p.616/[B]).
ARP Request
ARP Reply
73 74
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
e.g. On an Ethernet, the Type field in Ethernet frames e.g. one network address shared between two physical
carrying ARP messages must contain 0x0806. networks:
75 76
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
77 78
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
Module E: Security in Data Communications SSL / TLS (Secure Sockets Layer / Transport Layer
and Networking Security protocols)
PGP (Pretty Good Privacy protocol)
E.1 Network Security Services VPN (Virtual Private Network)
• Recall - applying SS and CDMA to Physical & Link layers. E.2 Cryptography
79 80
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
– asymmetric-key cryptography: using a keyed hash function (e.g., HMAC – Hashed MAC
see Figures 30.4 (p.933/[B]) and 8.6 (p.718/[A]). algorithm based on SHA-1 with a symmetric key) to
create a compressed digest from the message.
♦ using one private key and one public key.
• DS:
♦ common algorithms:
RSA (Rivest/Shamir/Adleman) algorithm – using an asymmetric-key system, but the private and
Diffie-Hellman algorithm public keys of the sender.
81 82
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
− flexible and extensible (allowing endpoints to choose − providing message integrity and message/source
algorithms and parameters, such as key size). authentication.
♦ protecting the whole IP packet with a new IP header. • IPSec ESP protocol:
♦ normally used between two routers, or between a − providing message integrity, message/source
host and a router, see Figure 32.5 (p.998/[B]). authentication, and privacy.
83 84
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
(1) Add ESP Trailer to the payload. − a router installed between the internal network of an
(2) Encrypt the payload and ESP Trailer. organization and the global Internet for access control.
(3) Add ESP Header (between IP and TCP Headers).
(4) Create authentication data using ESP Header, − designed to forward some packets and filter others.
encrypted payload and ESP Trailer.
(5) Append ESP Auth to ESP Trailer. • Two popularly commercial implementations:
(6) Add the IP Header and set Protocol value to 50.
(i) Packet-filtering firewall:
• Tunneled versions: see Figure 32.23 (p.1022/[B]), Tables 8.4 (p.766/[A])
and 8.5 (p.767/[A]).
AH –
− blocking or forwarding packets based on information
ESP – in the network layer and transport layer headers.
85 86
Copyright @ October 2007 by CS2105/OngGH Copyright @ October 2007 by CS2105/OngGH
− a cryptographic system developed at MIT. − used by ISPs (for dialup users, and VPN systems).
− a security protocol designed by Netscape to provide − using an RC4 40-bit stream cipher to encrypt data and a
security on the WWW, but not formally adopted by the 32-bit CRC to verify it.
IETF (a de facto standard).
− replaced by WPA (Wi-Fi Protected Access).
− residing at the same layer as the socket API (Application
Program Interface for internet communications).
87 88