Doug Lowe - Networking All-in-One For Dummies
Здесь есть возможность читать онлайн «Doug Lowe - Networking All-in-One For Dummies» — ознакомительный отрывок электронной книги совершенно бесплатно, а после прочтения отрывка купить полную версию. В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Жанр: unrecognised, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.
- Название:Networking All-in-One For Dummies
- Автор:
- Жанр:
- Год:неизвестен
- ISBN:нет данных
- Рейтинг книги:4 / 5. Голосов: 1
-
Избранное:Добавить в избранное
- Отзывы:
-
Ваша оценка:
Networking All-in-One For Dummies: краткое содержание, описание и аннотация
Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «Networking All-in-One For Dummies»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.
s covers all the basic and not-so-basic information you need to get a network up and running. It also helps you keep it running as it grows more complicated, develops bugs, and encounters all the fun sorts of trouble you expect from a complex system. Ideal both as a starter for newbie administrators and as a handy quick reference for pros, this book is built for speed, allowing you to get past all the basics—like installing and configuring hardware and software, planning your network design, and managing cloud services—so you can get on with what your network is actually intended to do.
In a friendly, jargon-free style, Doug Lowe—an experienced IT Director and prolific tech author—covers the essential, up-to-date information for networking in systems such as Linux and Windows 10 and clues you in on best practices for security, mobile, and more. Each of the nine minibooks demystifies the basics of one key area of network management.
Plan and administrate your network Implement virtualization Get your head around networking in the Cloud Lock down your security protocols The best thing about this book? You don’t have to read it all at once to get things done; once you’ve solved the specific issue at hand, you can put it down again and get on with your life. And the next time you need it, it’ll have you covered.
Networking All-in-One For Dummies — читать онлайн ознакомительный отрывок
Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «Networking All-in-One For Dummies», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.
Интервал:
Закладка:
| CIDR | Subnet Mask | Address Range |
|---|---|---|
| 10.0.0.0/8 | 255.0.0.0 | 10.0.0.1–10.255.255.254 |
| 172.16.0.0/12 | 255.240.0.0 | 172.16.1.1–172.31.255.254 |
| 192.168.0.0/16 | 255.255.0.0 | 192.168.0.1–192.168.255.254 |
Pondering Ports
When you use an IP address, you often associate that IP address with a port, which enables a connection to a particular service. The best-known port is port 80, which corresponds to the HTTP of the World Wide Web. The combination of a transport protocol (for example, TCP), an IP address, and a port is called an Internet socket.
Although IP addresses are defined at layer 3 of the OSI model (the network layer), ports are a layer 4 construct. Layer 4 is the transport layer, so it makes sense that ports would live there.
Ports are commonly combined with IP addresses when used in URLs (also known as web addresses.) I dive deep into URLs in Chapter 6of this minibook, so hold tight.
Ports are represented by 32-bit numbers, so they range from 0 to 65535. There are three ranges of port numbers:
0 to 1023: These are called well-known ports, and they’re used for the widely used services available on the Internet. Refer to Table 3-6for a list of some of the most popular well-known ports.
1024 to 49151: These are called registered ports, and they’re assigned by the Internet’s governing authorities to various service providers. For example, Apple’s iTunes uses port 3689 and Adobe’s Media Server uses port 8134.
49152 to 65535: These are called dynamic ports, private ports, or ephemeral ports. These ports cannot be registered and are used only for a specific communication.
TABLE 3-6Well-Known Ports
| Port | Description | Port | Description |
|---|---|---|---|
| 20 | File Transmission Protocol (FTP) Data Transmission | 110 | Post Office Protocol (POP3) |
| 21 | File Transmission Protocol (FTP) Command Control | 119 | Network News Protocol (NNP) |
| 22 | Secure Shell | 123 | Network Time Protocol (NTP) |
| 23 | Telnet | 143 | Internet Message Access Protocol (IMAP) |
| 25 | Simple Mail Transport Protocol (SMTP) | 161 | Simple Network Management Protocol (SNMP) |
| 53 | Domain Name System (DNS) | 194 | Internet Relay Chat (IRC) |
| 80 | Hypertext Transfer Protocol (HTTP) | 443 | HTTP Secure (HTTPS) |
Understanding Network Address Translation
Nearly all firewalls use a technique called network address translation (NAT) to hide the actual IP address of a computer on the local network from the outside world. When that’s the case, the NAT device must use a globally unique IP address to represent the computer to the Internet. Behind the firewall, though, the computer has a private IP address. When packets cross the firewall, the NAT device translates the private IP address to the public IP address and vice versa.
NAT is one of the foundational techniques that enables the Internet to work. It’s the way an organization can have dozens, hundreds, or thousands of computers on its network without requiring a separate public IP address for each computer. Instead, each organization has a relatively small number of public IP addresses that are assigned to the public-facing interfaces of its firewall(s). NAT enables all the computers behind the firewall to communicate with the Internet, piggybacking on the public IP address of the firewall itself.
Consider what typically happens when a user sends a request to a local HTTP server — that is, an HTTP server that is on the same network as the user. Let’s assume that the IP address of the local HTTP server is 192.168.0.100, and the IP address of the user’s computer is 192.168.0.50. What happens is this:
1 The user’s computer sends an HTTP request in the form of an IP packet with the following address information:For the source, the transport protocol is TCP, the IP address is 192.168.0.50. The port number for the source is chosen by client and is typically a high port number. For this example, I’ll use port 45444 for the source port.For the destination, the transport protocol is TCP, the IP address is 192.168.0.100, and the port is 80.
2 The HTTP server receives the request, processes it, and sends back an HTTP response in the form of an IP packet with the following address information:For the source, the transport protocol is TCP, the IP address is 192.168.0.100, and the port is 80.For the destination, the transport protocol is TCP, the IP address is 192.168.0.50, and the port is 45444 (the port that was chosen by the client).
This won’t work if the user wants to send a request to an HTTP server on the Internet, because the IP address of the user’s computer is a private address, not a public address. So, the HTTP server won’t be able to send a response to 192.168.0.50 because such an address doesn’t exist on the public Internet.
That’s where NAT comes in.
The magic of NAT is handled by the firewall itself. The basic idea of NAT is that the firewall maintains an internal table of outgoing packets so it can remember which computer in the local network has requested information from sites on the public Internet. Because more than one computer may make requests for information from the same Internet site, NAT exploits ephemeral ports (see the preceding section) to keep things straight.
Let me walk you through an example. But first, let’s assume that the firewall in this example has the following IP addresses:
Outside IP address (public): 75.68.10.201
Inside IP address (private): 192.168.0.1
Let’s also assume that the HTTP server is at 99.84.206.125 (which happens to be Wiley’s web server), and a user whose private IP address is 192.168.0.50 uses a web browser to request information from the HTTP server. The HTTP request will have the following address information:
Source IP: 192.168.0.50
Source port: 45444
Destination IP: 99.84.206.125
Destination port: 80
Here’s how it works:
1 The firewall sees this packet and realizes that it must substitute its own IP address (let’s assume 192.168.0.1).
2 The firewall selects a random port number from a pool of ephemeral port numbers, which it will use to keep track of the request.For example, let’s say it picks port 42003.
3 The firewall records the following information in its NAT table for this request:Source IP: 192.168.0.50Source port: 45444Destination IP: 99.84.206.125Destination port: 80Temporary port: 42003
4 The firewall modifies the packet by substituting its own public IP address for the source IP and the temporary port for the source port.
5 The firewall sends the modified packet to the public Internet.The modified packet contains the following information:Source IP: 75.68.10.201Source port: 42003Destination IP: 99.84.206.125Destination port: 80
6 A few seconds later, the firewall receives an incoming HTTP response message with the following address information:Source IP: 99.84.206.125Source port: 80Destination IP: 75.68.10.201Destination port: 42003
7 The firewall peruses its NAT table and finds that this response matches the entry it recorded in Step 3.
8 The firewall retrieves the original source IP address and port from the NAT table and substitutes it for the destination IP and port.The modified response message now has the following address information:Source IP: 99.84.206.125Source port: 80Destination IP: 192.168.0.50Destination port: 45444
Читать дальшеИнтервал:
Закладка:
Похожие книги на «Networking All-in-One For Dummies»
Представляем Вашему вниманию похожие книги на «Networking All-in-One For Dummies» списком для выбора. Мы отобрали схожую по названию и смыслу литературу в надежде предоставить читателям больше вариантов отыскать новые, интересные, ещё непрочитанные произведения.
Обсуждение, отзывы о книге «Networking All-in-One For Dummies» и просто собственные мнения читателей. Оставьте ваши комментарии, напишите, что Вы думаете о произведении, его смысле или главных героях. Укажите что конкретно понравилось, а что нет, и почему Вы так считаете.