Our applications rely on some very specialized protocols to surf the Internet, transfer mail, or manage our servers. In this video, you’ll learn about some of the most popular network protocols.
If you’ve ever plugged into a network and been automatically assigned an IP address, it was probably all done with the DHCP. DHCP stands for dynamic host configuration protocol, and the IP address, subnet mask, default gateway, and all of the other IP settings are usually done automatically through DHCP. It’s common to see DHCP using UDP port 67 and UDP port 68 to communicate between your device and a DHCP server that’s on your network.
DHCP automatically assigns this IP address for a certain amount of time, and it sets up a schedule where you have to check back in to make sure that that IP address can still be used by your workstation. You can also configure a static assignment of IP addresses on DHCP. You commonly see these static IP address assignments with DHCP when there is a server or another device that will always be on the network, and the IP address needs to be the same all the time.
Another important service on your network is DNS, or domain name system. This is the service that’s going to convert those names to IP addresses, so that we don’t have to remember all of those individual IP addresses for the services that we need to use. Usually, you will have multiple DNS servers on your network, so that if one happens to have a problem, or you need to take it offline for maintenance, the other DNS server will be providing that same service for everyone on the network.
A common protocol used for a management and authentication on your network is LDAP. LDAP stands for the Lightweight Directory Access Protocol. You can think of this as a database of everybody who’s in your organization, and it makes it very easy to manage things from a central location. The standard for LDAP was originated with the International Telecommunications Union, or the ITU. The standard is often referred to as the X.500 standard, or X.500.
The original standard was DAP, which was the Directory Access Protocol, and it ran on the OSI protocol stack, but we don’t use OSI any longer. So instead, we use the Lightweight Directory Access Protocol, and it very commonly uses TCP port 389 and UDP port 389 to communicate. It is very common to see LDAP being used on many different operating systems. It’s common to see it in Windows, with the Active Directory. Apple uses Open Directory with LDAP, and Novell’s eDirectory uses LDAP, as well.
If you look into the details of the information in your LDAP database, you’ll see that there is a common structure that’s being used. The structure usually has an attribute and a value associated with that attribute. So for instance, a common name would be just a name associated with that device. In this case, there is a common name of a device called Widget Web. The OU is the organizational unit. It looks like this device is part of marketing. There’s an organization attribute.
In this case, the organization is called Widget. The locality is London, the state is London, the country is Great Britain. The DC or domain component is Widget, and another domain component is com. So this device is Widget Web that’s located at widget.com. Here’s a visual breakdown of the information that was in the database. This hierarchy, you can see, starts with Widget Web. That’s the common name.
Here’s the marketing group. There’s other groups, as well, for the accounts group and the MIS group. They roll up to the widget organization. In this case, it is the Great Britain part of Widget, but you can see there is a US component, as well. And everything rolls all the way up to the root of the LDAP directory. We call these broader groups here, in the middle, these container objects. They could be a country or organization, or an organizational unit. The devices at the bottom are the Leaf objects. These are the individual components, like the users and the printers and the file servers.
You can see that LDAP provides a lot of functionality for managing many different devices and components in your organization, which is probably one of the big reasons you see it used so widely on our networks. We have a lot of different devices that are running on our networks. We have servers and routers and firewalls and switches, and all of these devices need to be managed.
There is a central management protocol that we can use for this called SNMP. This is the Simple Network Management Protocol, and it allows us to gather statistics and make configuration changes to these remote devices. It’s very common to use UDP port 161 to be able to communicate back and forth. A very common SNMP query might be from our management device asking, how many bytes have come into a particular interface on a router? And the router will respond with the value that’s associated with the request that we made.
There have been a few different versions of SNMP. Version 1 was the original version. It had a very structured way of communicating, but it provided that communication in the clear. There was no encryption or protection of the data. Version 2 of SNMP added some additional data enhancements, and we were able to ask for information with large bulks of data, instead of asking for things individually, one at a time. But SNMP Version 2 still didn’t provide any security.
For that, we needed SNMP Version 3. This is the current standard. It’s the one that allows message integrity, authentication, and encryption to be included with these SNMP queries. A common service used on Microsoft Windows networks is SMB. This stands for Server Message Block. If you’re transferring files between Windows devices, or you’re printing to a printer that’s on a Windows Network, you’re probably using SMB to do that. You might also see this referred to as CIFS, for Common Internet File System.
Older versions of Windows use NetBIOS to communicate back and forth. But these days, we use TCP/IP. In order to maintain the compatibility between Windows versions, Microsoft takes this NetBIOS information, puts it inside of TCP/IP, and then sends that across the network to the other device. It’s very common to see SMB used over TCP/IP, using UDP port 137 to provide name services, so that you can find devices on the network by name. We also use UDP port 138 to send data in a connectionless form, or a Datagram form.
If we want to connection-oriented communication, we use TCP port 139 to send this SMB information. Modern Windows systems don’t need NetBIOS to communicate, so we can send SMB information directly between devices, using TCP port 445. If you’re administering servers and routers and switches other devices on your network, you want to communicate to those devices to be able to manage them. But you want to be sure the communication is encrypted. In those cases, we need to use SSH, or Secure Shell.
This is an encrypted terminal session, very similar to the one you see here, and it uses TCP port 22 to communicate. Microsoft has their Server Message Block, or SMB, to communicate, and Apple, in their Mac OS, uses AFP, or the Apple Filing Protocol. To be able to have file services, and be able to transfer files between Mac devices, we generally use TCP port 548. This works in conjunction with SLP, which is the Service Location Protocol, running on TCP port 427 and UDP port 427.
This will populate a list of services on our network, so that we can easily find who we want to communicate with. The Apple filing protocol is a full featured file management protocol that allows us to copy or move files, delete and make changes to the file system. Here’s a summary of the network protocols we discussed in this video. And as you can see, there are a number of very important protocols that we use every day on our enterprise networks.