English | 2013 | ISBN: 978-0136085300 | 744 Pages | PDF | 10 MB
An internationally best-selling, conceptual introduction to the TCP/IP protocols and Internetworking, this book interweaves a clear discussion of fundamentals and scientific principles with details and examples drawn from the latest technologies. Leading author Douglas Comer covers layering and packet formats for all the Internet protocols, includingTCP, IPv4, IPv6, DHCP, and DNS. In addition, the text explains new trends in Internet systems, including packet classification, Software Defined Networking (SDN), and mesh protocols used in The Internet of Things.
The text is appropriate for individuals interested in learning more about TCP/IP protocols, Internet architecture, and current networking technologies, as well as engineers who build network systems. It is suitable for junior to graduate-level courses in Computer Networks, Data Networks, Network Protocols, and Internetworking.
Bootstrap And Autoconfiguration (DHCP, NDP, IPv6-ND)
Managed And Unmanaged Configuration For IPv6
When IPv6 was first envisioned, the designers thought about a special case: two IPv6 hosts that connect without any servers on their network. For example, consider two IPv6 mobile devices that have Wi-Fi capability. The designers thought it should be possible for the devices to communicate directly without requiring a base station and
without requiring a server to hand out addresses. Consequently, the designers adopted an unmanaged approach in which address assignment is automated. They use the term IPv6 stateless autoconfiguration to describe the IPv6 address allocation scheme. Whenever a host joins an unmanaged network, the host employs stateless autoconfiguration to generate an IPv6 address and begin communication. Thus, stateless autoconfiguration means hosts can communicate without requiring a server to hand out addresses.
Many managers objected to stateless autoconfiguration. Network operators who manage large commercial ISP networks were especially disappointed. Because they manage for-profit services that charge customers for network connections, the operators wanted control over which hosts connect to their network (i.e., to exclude noncustomers). In particular, the operators wanted a managed service that would give them control over address assignment.
In terms of managed address assignment services, DHCP is widely accepted as the industry standard. Network operators like DHCP because it gives an operator precise
control over how addresses are assigned. In particular, a manager can choose the assignment policy on a host-by-host basis by pre-assigning a fixed IP address to a given
host or allowing the host to obtain an address from a pool automatically.
Internet Security And Firewall Design (IPsec, SSL)
IPsec Encapsulating Security Payload
Instead of inserting an extra header, ESP requires a sender to replace the IP payload with an encrypted version of the payload. A receiver decrypts the payload and recreates the original datagram.
As with authentication, IPsec sets the NEXT HEADER (IPv6) or PROTOCOL (IPv4) field in the IP header to indicate that ESP has been used. The value chosen is 50. An ESP header has a NEXT HEADER field that specifies the type of the original payload. Figure 29.3 illustrates how ESP modifies a datagram.
Although it accurately represents the use of IPsec with IPv4, Figure 29.3 overlooks an important concept in IPv6: multiple headers. In the simplest case, an IPv6 datagram
might be structured exactly as in the figure, with an IPv6 base header followed by a TCP header and TCP payload. However, the set of optional IPv6 headers include hopby-hop headers that are processed by intermediate routers. For example, the datagram might contain a source route header that specifies a set of intermediate points along a path to the destination. If ESP encrypts the entire datagram following the IPv6 base header, hop-by-hop information would be unavailable to routers. Therefore, ESP is only applied to items that follow the hop-by-hop headers.