A story by Victor Norman Once upon a time a PC well call him H is connected to a network and turned on Aside The network looks like this H needs an IP address PC H notices he has a network connection but no name ID: 440301
Download Presentation The PPT/PDF document "A PC Wakes Up" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
A PC Wakes Up
A story by Victor NormanSlide2
Once upon a time
…
a PC (we’ll call him “H”) is connected to a network and turned on.
Aside: The network looks like this:Slide3
H needs an IP address
PC H notices he has a network connection, but no name
…
So, he decides he needs to get a name somehow...
He composes a message:
To: Everyone around here
From: me (but, I’m unnamed right now, except this number 0x73.)
Re: I need a name. Is there anyone out there in the network who can give me a unique name that anyone in the world can use to talk to me? If so, please send me that name.
(We actually call this a “DHCP request”.)
He sends the message out his network interface.Slide4
Meanwhile, on Switch S…
Switch S sees a message on port 1.
Switch S is like a postman: it is responsible for sending messages on to who they are for, but it never gets messages itself.
Switch S looks at the To: field and sees this is a special message to be sent to
everyone
. So, he makes copies of the message and sends them out all his other ports.
Switch S also makes a note to itself: I’ve seen a message on port 1 from this guy called 0x73. Now, if I ever get a message for 0x73, I can send it only on port 1.Slide5
Who can handle this message?
The switch has now duplicated the message and sent to everyone.
All machines receive the message, but they look at it, and realize they aren’t set up to give out unique names to newbies on the network. So, they throw the message away.
However, NAT N receives the message and realizes that he has been configured to hand out names to newbies. (i.e., he is running a DHCP server!)
His DHCP server software looks up information in its
config
file and finds an unassigned new name (IP address), and marks that name as “assigned” to this machine called 0x73.Slide6
The Response Awakens
The DHCP server composes a message:
To: you, Mr. 0x73 with no real name
From: me, 10.0.0.1, known around these parts as 0x1a.Re: Your request for a nameHere is your new name: 10.0.0.3.
Also, everyone on your network is 10.0.0.something, ok?
Oh, and, the DNS server is running on me, 10.0.0.1.
And, if you ever want to talk to someone out in the big world, just send the message to me and I’ll forward it out there for you.
The DHCP server sends the message, which goes out its network interface (to Switch S). (Switch says, “Aha! I see a message from 0x1a on port 4. I’ll remember that!”)Slide7
I have a name!
Switch forwards the response to H.
H receives the message and from the information knows:
its new unique universal name: 10.0.0.3That if it needs to talk to any other machine with a name like 10.0.0.*, it can send to it directly – it is in the neighborhood.
That if it needs to talk to any other machine, it should send the message to 10.0.0.1, who will handle forwarding the message to the other machine.
That if it needs to change a name (like
www.google.com
or
www.cnn.com
or
calvin.edu
) to a computer name (like 153.106.4.1), it can ask 10.0.0.1 to do the conversion.Slide8
Reminder of what our network looks likeSlide9
Chapter 2: the user wants a web page
After some time passes
… a user starts a web browser on H and types this into the address bar:
http://host2.company.com/index.html.The browser program knows that it cannot talk to machine with a nice name like host2.company.com – it has to somehow get the unique computer name for it (the IP address).
To do this, the program uses a library on the computer. This library composes a message:
To: name converting server, running on 10.0.0.1
From: me (0x73, aka 10.0.0.3)
Re: convert host2.company.com to its IP address, please. (DNS request)Slide10
A funny thing happened on the way to the post office…
When this library tries to send this message out the network interface, there is a problem
…
The networking code in the OS does not know how to talk to 10.0.0.1 -- it has to have that machine’s local name (which we know is 0x1a).So, the OS pauses the DNS request message, and generates a number conversion request (ARP request):
To: everyone in the neighborhood
From: me
(0x73,
aka 10.0.0.3)
Re: I need the local name of 10.0.0.1
The OS sends this message out its network interface.Slide11
What happens next?
What happens when Switch S gets the message?
Answer: it sends it out to all machines.
What happens when each machine receives it?Answer: it drops the message if it isn’t set up to answer the question.
Which machine can answer the question?
Answer: 10.0.0.1 will answer the question. It will send a response:
To: 0x73 (aka 10.0.0.3)
From: 0x1a (aka 10.0.0.1)
Re: your request for my name: My local name is 0x1a. (ARP response)Slide12
And, now back on the farm…
H gets the response (which was forwarded by S).
It forwards it up to the networking code in the OS, which says to itself:
Huh, so 10.0.0.1 is the same as 0x1a. I’ll remember that (at least for a while).It also remembers that it was in the process of sending another message. As you may recall, the message was:
To: name converting server, running on 10.0.0.1
From: me (0x73, aka 10.0.0.3)
Re: convert host2.company.com to its IP address, please. (DNS request
)
Now, the networking code in the OS can send this out, because it knows the local name of
10.0.0.1 (it is 0x1a).Slide13
Finally, the message goes out
The message requesting a name conversion for host2.company.com has been sent to 10.0.0.1 (0x1a).
Switch S knows where that machine is, so forwards the message to it.
10.0.0.1 (NAT N) receives the message (because it is for it).
It checks to see if it is running the server that resolves names – and Yes, it is!
This server (DNS server) talks to some other servers and gets the computer name for host2.company.com (98.1.1.1). The server composes a message:
To: 10.0.0.3 (aka 0x73)
From: 10.0.0.1 (aka 0x1a)
Re: the request you sent for a name conversion.
I have found the computer name for host2.company.com. It is 98.1.1.1.
H
ave a nice day!
It sends the message out its network interface, via S, to H.Slide14
And, back on the farm again
…
The name conversion response is received and sent by the OS to the library that requested the name conversion.
The library says to itself:“Huh. So host2.company.com is the same as 98.1.1.1. I’ll remember that for a while. Could come in handy again.”
The library now tells the web browser that it got the computer name it needed.
The web browser software now makes a new request to send over the network to 98.1.1.1:
To: 98.1.1.1
From: 10.0.0.3 (aka 0x73)
From-Mailbox: 37373 (this mailbox was randomly chosen and not in use)
Re: web page request. (Mailbox: 80)
Please send me
the
file
index.html
. Thanks.Slide15
But, whoa!
We have a problem. A computer can only talk to its neighbors, and 98.1.1.1 is not a neighbor – it is some machine somewhere out there in cyberspace.
Fortunately, the networking code remembers something:
“If I need
to talk to any other machine,
I
should send the message to 10.0.0.1, who will handle forwarding the message to the other machine
.”
So, it changes (or really, amends) the message slightly:
To:
98.1.1.1
(via
10.0.0.1)
From: 10.0.0.3 (aka 0x73
)
From-Mailbox: 37373
Re: web page request
. (Mailbox: 80)
Please send me the html file
index.html
. Thanks
.
This way, the message is marked as ultimately for 98.1.1.1, but locally
for
10.0.0.1.Slide16
Still no go
…
We have this message:
To: 98.1.1.1 (via 10.0.0.1)
From: 10.0.0.3 (aka 0x73)
From-Mailbox: 37373
Re: web page request. (Mailbox: 80)
Please send me the html file
index.html
. Thanks.
But, how do we talk to 10.0.0.1. We know he is on the local network, so we can talk to him. But, we need his local name, not his global name.
Wait! Remember we made a note to ourselves earlier:
“Huh
, so 10.0.0.1 is the same as 0x1a. I’ll remember that (at least for a while
).”
So, we replace the first part of the message with this:
To: 98.1.1.1
(via 0x1a).
Now we can send the message.Slide17
And, away we go!
The message goes out H’s interface.
Switch S sees it and knows to forward it out only port 4 to 0x1a (10.0.0.1).
NAT N receives it (because it is for 0x1a – itself).N notices that it really isn’t for itself – it is for 98.1.1.1.N has been told previously that for messages it doesn’t know how to deliver, it should send them on to Router R (201.202.203.1).
However, N is a NAT (Network Address Translation) device
… so it is special.Slide18
Reminder of what our network looks likeSlide19
Far from the
NATting
crowd
A NAT is special. It is like agent 007. It keeps secrets.A NAT passes messages from one side to the other, not letting either side know what it is doing.
Specifically, it keeps the “private side” (10.0.0.*) network secret from the world.
The world just thinks it is communicating with the NAT. The NAT is actually passing the messages on to the private network.
How does it do this?Slide20
How to be a secret agent
To: 98.1.1.1 (via
0x1a)
changed to (via 0xb0)
From: 10.0.0.3 (aka 0x73
)
changed to
201.202.203.204 (aka 0xfa)
From-Mailbox:
37373
changed to
40000 (randomly chosen)
Re: web page request. (Mailbox: 80)
Please send me
the
file
index.html
. Thanks.
So, now the message that goes out seems to come from N itself, not from 10.0.0.3. N sends the message out to R (local name 0xb0).
N remembers this:
if I get a response to me (201.202.203.204) to Mailbox 40000, it means the message isn’t actually for me. I should instead forward it on to 10.0.0.3, Mailbox 37373.Slide21
On the road again
…
The message arrives at R (because it is marked as being for 0xb0).
R sees that it isn’t for itself – it is actually for 98.1.1.1.R has been configured (somehow!) to know to send
the message out
its 77.1.2.3 interface, in order to get it to 98.1.1.1.
R does that.
Repeat some number of times
… until the message arrives at 98.1.1.1 (local name 0x3a).Slide22
Are we there yet?
The message is at the intended recipient host2.company.com.
The message is accepted and the networking software sees that it is sent to Mailbox 80.
The software sees that a web server is waiting for messages on mailbox 80, so it gives the message to that program.
The web server looks at the request, which is:
Please send me
the
file
index.html
. Thanks
.
The server finds the file
index.html
, wraps it up nice and neat, and begins to compose a response:Slide23
An answer
To: 201.202.203.204
From: 98.1.1.1 (aka 0x3a)
To-Mailbox: 40000Re: response to your web page request (from Mailbox 80)Here is your web page:
<head
><title>A
web
page</title></
head>
…. etc ....
The networking software looks up how to get the message to 201.202.203.204 and sees it has to send it to a local machine which will take care of getting it there. The software also puts the local name of the machine in the To: field above.
The message gets back to N. Slide24
And then
…
N receives a message to itself, mailbox 40000.
It remembers that this is actually for 10.0.0.3. So, it changes the message:To: 201.202.203.204
changed to
10.0.0.3, aka 0x73
From: 98.1.1.1 (aka 0x3a
)
changed to
(aka 0x1a)
To-Mailbox:
40000
changed to
37373
Re: response to your web page request (from Mailbox 80)
Here is your web page:
<head>A web page></head>
…. etc ....
Thus, the message appears to 10.0.0.3 to have been created by 98.1.1.1 and unaltered.Slide25
Chapter 3: We are done
The message arrives at H and H accepts it.
It passes the message to the web browser who is waiting on mailbox 37373.
The web browser sees it is a good response and translates the HTML into a web page and displays it.Slide26
What we didn’t talk about…
What happens if your message becomes corrupted, or lost, or hijacked by a hacker?
Why does a machine have two or three names:
Local name (0x1a)Global computer name (98.1.1.1)Global human-readable name (host2.company.com).
Many many
other details
…
Will this be on the test?