Computers communicate over networks using unique addresses assigned by system software. A computer message, called a packet, frame, or datagram, includes the address of the destination computer and the sender's return address. The three most common types of networks are broadcast, point-to-point, and switched. Once popular token-based networks (such as FDDI and token ring) are rarely seen anymore.
Speed is important to the proper functioning of the Internet. Newer specifications (cat 6 and cat 7) are being standardized for 1000BaseT (1 gigabit per second, called gigabit Ethernet, or GIG-E) and faster networking. Some of the networks that form the backbone of the Internet run at speeds up to almost 10 gigabits per second (OC192) to accommodate the ever-increasing demand for network services. Table 10-1 lists some of the specifications in use today.
On a broadcast network, such as Ethernet, any of the many systems attached to the network cable can send a message at any time; each system examines the address in each message and responds only to messages addressed to it. A problem occurs on a broadcast network when multiple systems send data at the same time, resulting in a collision of the messages on the cable. When messages collide, they can become garbled. The sending system notices the garbled message and resends it after waiting a short but random amount of time. Waiting a random amount of time helps prevent those same systems from resending the data at the same moment and experiencing yet another collision. The extra traffic that results from collisions can put an extra load on the network; if the collision rate gets too high, retransmissions result in more collisions. Ultimately the network becomes unusable.
A point-to-point link does not seem like much of a network because only two endpoints are involved. However, most connections to WANs (wide area networks) are through point-to-point links, using wire cable, radio, or satellite links. The advantage of a point-to-point link is its simplicity: Because only two systems are involved, the traffic on the link is limited and well understood. A disadvantage is that each system can typically be equipped for a small number of such links, and it is impractical and costly to establish point-to-point links that connect each computer to all the rest.
Point-to-point links often use serial lines and modems. The combination of a modem with a point-to-point link allows an isolated system to connect inexpensively to a larger network.
The most common types of point-to-point links are the ones used to connect to the Internet. When you use DSL (digital subscriber line), you are using a point-to-point link to connect to the Internet. Serial lines, such as T-1, T-3, ATM links, and ISDN, are all point-to-point. Although it might seem like a point-to-point link, a cable modem is based on broadcast technology and in that way is similar to Ethernet.
A switch is a device that establishes a virtual path between source and destination hosts in such a way that each path appears to be a point-to-point link, much like a railroad roundhouse. The switch creates and tears down virtual paths as hosts need to communicate with each other. Each host thinks it has a direct point-to-point path to the host it is talking to. Contrast this approach with a broadcast network, where each host also sees traffic bound for other hosts. The advantage of a switched network over a pure point-to-point network is that each host requires only one connection: the connection to the switch. Using pure point-to-point connections, each host must have a connection to every other host. Scalability is provided by further linking switches.
LAN: Local Area Network
Local area networks (LANs) are confined to a relatively small areaa single computer facility, building, or campus. Today, most LANs run over copper or fiberoptic (glass or plastic) cable, but other wireless technologies, such as infrared (similar to most television remote control devices) and radio wave (wireless, or Wi-Fi), are becoming more popular.
If its destination address is not on the local network, a packet must be passed on to another network by a router (page 388). A router may be a general-purpose computer or a special-purpose device attached to multiple networks to act as a gateway among them.
A Mac OS X system connected to a LAN usually connects to a network using Ethernet. A typical Ethernet connection can support data transfer rates from 10 megabits per second to 1 gigabit per second, with speed enhancements planned for the future. As a result of computer load, competing network traffic, and network overhead, file transfer rates on an Ethernet are always slower than the maximum, theoretical transfer rate.
An Ethernet network transfers data using copper or fiberoptic cable or wireless transmitters and receivers. Originally each computer was attached to a thick coaxial cable (called thicknet) at tap points spaced at six-foot intervals along the cable. The thick cable was awkward to deal with, so other solutions, including a thinner coaxial cable called thinnet, or 10Base2, were developed. Today most Ethernet connections either are wireless or are made over unshielded twisted pair (referred to as UTP, Category 5 [cat 5], Category 5e [cat 5e], Category 6 [cat 6], 10BaseT, or 100BaseT) wiresimilar to the type of wire used for telephone lines and serial data communications.
A switched Ethernet network is a special case of a broadcast network that works with a network switch (or just switch) which is a special class of hub that has intelligence. Instead of having a dumb repeater (passive hub) that broadcasts every packet it receives out of every port, a switch learns which devices are connected to which of its ports. A switch sorts packets and then sends the traffic to only the machine it is intended for. A switch also has buffers for holding and queuing packets.
Some Ethernet switches have enough bandwidth to communicate simultaneously, in full-duplex mode, with all the devices connected to them. A nonswitched (hub-based) broadcast network can run in only half-duplex mode. Full-duplex Ethernet further improves things by eliminating collisions. Each host on a switched network can transmit and receive simultaneously at 10/100/1,000 megabits per second for an effective bandwidth between hosts of 20/200/2,000 megabits per second, depending on the capacity of the switch.
Wireless networks are becoming increasingly common. They are found in offices, homes, and public places, such as universities, coffee shops, and airports. Wireless access points provide functionality similar to an Ethernet hub. They allow multiple users to interact via a common radio frequency spectrum. A wireless, point-to-point connection allows you to wander about your home or office with a laptop, using an antenna to link to a LAN or to the Internet via an in-house base station. Mac OS X is designed to work with Apple wireless boards, although third-party wireless boards exist and provide drivers. A wireless access point, or base station, connects a wireless network to a wired network so that no special protocol is required for a wireless connection. You can set up a Macintosh system to serve as an access point using Apple Airport software.
WAN: Wide Area Network
A wide area network (WAN) covers a large geographic area. In contrast, the technologies (such as Ethernet) used for LANs were designed to work over limited distances and for a certain number of host connections. A WAN may span long distances over dedicated data lines (leased from a telephone company) or radio or satellite links. WANs are often used to interconnect LANs. Major Internet service providers rely on WANs to connect to their customers within a country and around the globe.
Some networks do not fit into either the LAN or the WAN designation. A MAN (metropolitan area network) is a network that is contained in a smaller geographic area, such as a city. Like WANs, MANs are typically used to interconnect LANs.
Internetworking Through Gateways and Routers
A LAN connects to a WAN through a gateway, a generic term for a computer or a special device with multiple network connections that passes data from one network to another. A gateway converts the data traffic from the format used on the LAN to that used on the WAN. Data that crosses the country from one Ethernet to another over a WAN, for example, is repackaged from the Ethernet format to a different format that can be processed by the communications equipment that makes up the WAN backbone. When it reaches the end of its journey over the WAN, the data is converted by another gateway to a format appropriate for the receiving network. For the most part, these details are of concern only to the network administrators; the end user does not need to know anything about how the data transfer takes place.
A router is the most popular form of gateway. Routers play an important role in internetworking. Just as you might study a map to plan your route when you need to drive to an unfamiliar place, a computer needs to know how to deliver a message to a system attached to a distant network by passing through intermediary systems and networks along the way. You might envision using a giant network road map to choose the route that your data should follow, but a static map of computer routes is usually a poor choice for a large network. Computers and networks along the route you choose may be overloaded or down, without providing a detour for your message.
Routers communicate with one another dynamically, keeping each other informed about which routes are open for use. To extend the analogy, this situation would be like heading out on a car trip without consulting a map to find a route to your destination; instead you head for a nearby gas station and ask directions. Throughout the journey, you would continue to stop at one gas station after another, getting directions at each to find the next one. Although it would take a while to make the stops, each gas station would advise you of bad traffic, closed roads, alternative routes, and shortcuts.
The stops made by the data are much quicker than those you would make in your car, but each message leaves each router on a path chosen based on the most current information. Think of it as a GPS (global positioning system) setup that automatically gets updates at each intersection and tells you where to go next, based on traffic and highway conditions.
Figure 10-1 (next page) shows an example of how LANs might be set up at three sites interconnected by a WAN (the Internet). In this type of network diagram, Ethernet LANs are drawn as straight lines, with devices attached at right angles; WANs are represented as clouds, indicating that the details have been left out; wireless connections are drawn as zigzag lines with breaks, indicating that the connection may be intermittent.
Figure 10-1. A slice of the Internet
In Figure 10-1, a gateway or a router relays messages between each LAN and the Internet. Three of the routers in the Internet are shown (for example, the one closest to each site). Site A has a server, a workstation, a network computer, and a PC sharing a single Ethernet LAN. Site B has an Ethernet LAN that serves a printer and four workstations. A firewall permits only certain traffic to pass between the Internet router and the site's local router. Site C has three LANs linked by a single router, perhaps to reduce the traffic load that would result if they were combined or to keep workgroups or locations on separate networks. Site C also includes a wireless access point that enables wireless communication with nearby computers.
A firewall in a car separates the engine compartment from the passenger compartment, protecting the driver and passengers from engine fires, noise, and fumes. In much the same way, computer firewalls separate computers from malicious and unwanted users.
A firewall prevents certain types of traffic from entering or leaving a network. For example, a firewall might prevent traffic from your IP address from leaving the network and prevent anyone except users from selected domains from using FTP to retrieve data from the network. The implementations of firewalls vary widely, from UNIX machines with two interfaces (page 937) running custom software to a router (page 952) with simple access lists to esoteric, vendor supplied firewall appliances. Most larger installations have at least one kind of firewall in place. A firewall is often accompanied by a proxy server/gateway (page 416) that provides an intermediate point between you and the host you are communicating with.
In addition to the firewalls found in multipurpose computers, firewalls are becoming increasingly common in consumer appliances. For example, they are built into cable modems, wireless gateways, routers, and stand-alone devices.
Typically a Mac OS X system includes a minimal firewall. A small group of Mac OS X systems may have an inexpensive Linux or UNIX system with two network interfaces and packet-filtering software functioning as a dedicated firewall. One of the interfaces connects to the Internet, modems, and other outside data sources. The other interface connects, normally through a hub or switch, to the local network.
To exchange information over a network, computers must communicate using a common language, or protocol (page 949). The protocol determines the format of message packets. The predominant network protocols used by Mac OS X systems are TCP and IP, referred to as TCP/IP (Transmission Control Protocol and Internet Protocol), although many systems also use AppleTalk. Network services that need highly reliable connections, such as ssh and scp, tend to use TCP/IP. Another protocol used for some system services is UDP (User Datagram Protocol). Network services that do not require guaranteed delivery, such as RealAudio and RealVideo, operate satisfactorily with the simpler UDP.
IP: Internet Protocol
Layering was introduced to facilitate protocol design: Layers distinguish functional differences between adjacent protocols. A grouping of layers can be standardized into a protocol model. The IP protocol has a corresponding model for what distinguishes protocol layers. The IP model differs from the ISO seven-layer protocol model (also called the OSI model) that is often illustrated in networking textbooks. Specifically IP uses the following simplified five-layer model:
TCP: Transmission Control Protocol
TCP is most frequently run on top of IP in a combination referred to as TCP/IP. This protocol provides error recovery and guaranteed delivery in packet transmission order, and it works with multiple ports so that it can handle more than one application. TCP is a connection-oriented protocol (page 927), also known as a stream-based protocol. Once established, a TCP connection looks like a stream of data, not individual IP packets. The connection is assumed to remain up and be uniquely addressable. Every piece of information you write to the connection always goes to the same destination and arrives in the order it was sent. Because TCP is connection oriented and establishes a virtual circuit between two systems, this protocol is not suitable for one-to-many transmissions (see the discussion of UDP, following). TCP has builtin mechanisms for dealing with congestion (or flow) control over busy networks and throttles back (slows the speed of data flow) when it has to retransmit dropped packets. TCP can also deal with acknowledgments, wide area links, high delay links, and other situations.
UDP: User Datagram Protocol
UDP runs at layer 4 of the IP stack, just as TCP does, but is much simpler. Like TCP, UDP works with multiple ports and multiple applications. It has checksums for error detection but does not automatically retransmit datagrams (page 929) that fail the checksum test. UDP is a datagram-oriented protocol: Each datagram must carry its own address and port information. Each router along the way examines each datagram to determine the destination, one hop at a time. You can broadcast or multicast UDP datagrams to many destinations at the same time by using special addresses.
PPP: Point-to-Point Protocol
PPP provides serial line point-to-point connections that support IP. It compresses data to make the most of the limited bandwidth available on serial connections. PPP, which replaces SLIP (Serial Line IP), acts as a point-to-point layer 2/3 transport that many other types of protocols can ride on. This protocol is used mostly for IP-based services and connections, such as TCP or UDP.
AppleTalk: A Non-IP Protocol
Mac OS X supports the AppleTalk protocol. Unlike TCP and UDP, AppleTalk is not part of the IP protocol specification, but rather is a custom protocol developed by Apple long before the introduction of OS X. AppleTalk comes in two major varieties: LocalTalk and EtherTalk. LocalTalk was used over serial ports; today it is used infrequently. EtherTalk is a way of encapsulating AppleTalk packets for transmission over Ethernet. Most routers and switches forward AppleTalk packets. If two systems can communicate via TCP/IP but not via AppleTalk, there may be a router between them that does not forward AppleTalk packets.
AppleTalk is used to share printers and files between systems. It is supported under both Mac OS X Server and the regular version of Mac OS X. Third-party support for AppleTalk is available on most BSD UNIX systems and on many Linux systems. Some versions of Windows prior to XP had builtin AppleTalk support.
Each computer interface is identified by a unique address, or host number, on its network. A system attached to more than one network has multiple interfacesone for each network, each with a unique address.
Each packet of information that is broadcast over the network has a destination address. All hosts on the network must process each broadcast packet to see whether it is addressed to that host. If the packet is addressed to a given host, that host continues to process it. If not, the host ignores it.
The network address of a machine is an IP address, which, under IPv4, is represented as one number broken into four segments separated by periods (for example, 192.168.184.5). Domain names and IP addresses are assigned through a highly distributed system coordinated by ICANN (Internet Corporation for Assigned Names and Numbers, www.icann.org) via many registrars (see www.internic.net). ICANN is funded by the various domain name registries and registrars and by IP address registries, which supply globally unique identifiers for hosts and services on the Internet. Although you may not deal with any of these agencies directly, your Internet service provider does.
How a company uses IP addresses is determined by the system or network administrator. For example, the leftmost two sets of numbers in an IP address might represent a large network (campuswide or companywide); the third set, a subnetwork (perhaps a department or a single floor in a building); and the rightmost number, an individual computer. The operating system uses the address in a different, lower-level form, converting it to its binary equivalent, a series of 1s and 0s. See the following Optional section for more information.
Static Versus Dynamic IP Addresses
A static IP address is one that remains the same. A dynamic IP address is one that can change each time you connect to the network. A dynamic address remains the same during a single login session. Any server (mail, Web, and so on) must have a static address so clients can find the machine that is the server. End-user machines usually work well with dynamic addresses. During a given login session, they can function as a client (your Web browser, for example) because they have a constant IP address. When you log out and log in again, it does not matter that you have a different IP address because your computer, acting as a client, establishes a new connection with a server. The advantage of dynamic addressing is that it allows inactive addresses to be reused, reducing the total number of IP addresses needed.
If a Mac OS X system is configured for a dynamic address but no server assigns it one, it assigns itself an address in the 169.254 block after a short delay. Refer to private address space (page 948) for information about addresses you can use on a LAN without registering them.
People generally find it easier to work with names than with numbers, and Mac OS X provides several ways to associate hostnames with IP addresses. The oldest method is to consult a list of names and addresses that are stored in the /etc/hosts file:
$ cat /etc/hosts 127.0.0.1 localhost 220.127.116.11 gwexample.example.com gwexample 18.104.22.168 bravo.example.com bravo 22.214.171.124 hurrah.example.com hurrah 126.96.36.199 kudos.example.com kudos
localhost = 127.0.0.1
The address 127.0.0.1 is reserved for the special hostname localhost, which serves as a hook for the system's networking software to operate on the local machine without going onto a physical network. The names of the other systems are shown in two forms: in a fully qualified domain name (FQDN) format that is unique on the Internet and as a nickname that is locally unique.
As more hosts joined networks, storing these name-to-address mappings in a text file proved to be inefficient and inconvenient. The file grew ever larger and became impossible to keep up-to-date. Mac OS X supports NetInfo, which was developed for use on NeXT computers. NetInfo stores information in a database, making it easier to find a specific address, but it is useful only for host information within a single administrative domain. In many ways NetInfo is superior to flat text files. However, some hosts may not support NetInfo, and it does not scale to a global network with millions of hosts. See page 441 for more information on NetInfo.
The solution is DNS (Domain Name Service, page 411). DNS effectively addresses the efficiency and update issues by arranging the entire network namespace as a hierarchy. Each domain in the DNS manages its own namespace (addressing and name resolution), and each domain can easily query for any host or IP address by following the tree up or down the namespace until the appropriate domain is found. By providing a hierarchical naming structure, DNS distributes name administration across the entire Internet.
The explosive growth of the Internet has uncovered deficiencies in the design of the current address planmost notably the shortage of addresses. Over the next few years, a revised protocol, named IPng (IP Next Generation), also known as IPv6 (IP version 6), will be phased in (it may take longer; the phase-in is going quite slowly). This new scheme is designed to overcome the major limitations of the current approach and can be implemented gradually because it is compatible with the existing address usage. IPv6 makes it possible to assign many more unique Internet addresses (2128, or 340 undecillion ) and supports security and performance control features.
The IPv6 address plan
A sample IPv6 address is fe80::a00:20ff:feff:5be2/10. Each group of four hexadecimal digits is equivalent to a number between 0 and 65,536 164). A pair of adjacent colons indicates a hex value of 0x0000; leading 0s need not be shown. With eight sets of hexadecimal groupings, there are 65,5368 = 2128 possible addresses. In an IPv6 address on a host with the default autoconfiguration, the first characters in the address are always fe80. The last 64 bits hold an interface ID designation, which is often the MAC address (page 941) of the Ethernet controller on the system.
Mac OS X supports IPv6, which can be configured through the Network preference pane in System Preferences. In rare cases you may need to disable IPv6 support on an interface due to compatibility issues.