3 Regional, National, and International Networks
Networks that connect machines situated over geographical distances larger than the 1 km covered by ethernet are known as wide area networks. Some wide area networks are regional networks which connect systems within a city, state, or region. There are also several national and international networks.
Membership in a regional or national network is usually extended to entire local networks. In other words, the nodes in a wide area network tend to be local networks themselves, as opposed to single machines. Connection to a regional or national network is through a gateway in the local network that links the local network to other networks in the regional network.
Wide area networks started up as a way of linking together sites with common interests. For example, the Energy Sciences Network (ESNET) connects university, academic, and industrial research labs funded by the US Department of Energy. NSFNET, sponsored by the National Science Foundation, is a hierarchical network with a very high bandwidth ``backbone'' connecting several regional NSF networks. Each of these networks is administered separately. If a department or research group wishes to join a regional or national network, it applies to the administrator for membership. Once connected, it pays dues to cover operational costs and follows guidelines set by the network administration.
The Internet is a loose federation of wide area networks. There is no central Internet administration to evaluate applications for membership, there are no dues, and there are no formal rules other than those of the constituent networks. If your workstation is part of a local area network that is connected to a regional or national network, chances are your machine is already a part of the Internet. Most national and international wide area networks, including NSFNET, ESNET, ARPANET, and BITNET, are members of the Internet. Internet services are not (yet) as transparent as local network services. For example, in order to copy a file in a local area network, you would just type
% cp x y
where x is the name of the existing file and y is the name you want to give the copy. You don't need to know whether x is on your machine, a different workstation, or a file server. In a wide area network, however, you start a special application that makes a remote connection, displays names of files you can access, and has many different transfer modes. In the near future, however, as bandwidth improves and the services described in this section evolve, you can expect the conceptual dividing line between local and wide area networks to blur. For example you should be able to start an X Window client application on a computer on the other side of the country and have it draw windows directly on your workstation.
What allows this federation of networks to cooperate with one another and exchange information is the fact that all are packet switched communications systems based on the TCP/IP protocol standards. TCP (transmission control protocol) and IP (Internet protocol) are two standards that together allow applications to communicate with one another over a wide range of physically different communication systems. Local networks can be based on a variety of technologies, but as long as the software layers on top of the network hardware implements the TCP/IP protocol operations a network can become part of the Internet.
TCP/IP communication depends on addresses being included in each packet. As described previously, routers use these addresses to decide whether to keep a packet in a local network or to forward it to a different network. Addresses have four numeric fields. For example, the address of the machine used by the Computational Science Education Project is 129.59.130.21. To make it easier to remember addresses, there is an equivalent symbolic form, in this case compsci.cas.vanderbilt.edu.
When you are using Internet software to communicate with another site, all you need to know about the site is its name. Most local networks either have a name server or a way to connect to a name server in order to translate symbolic names into internet addresses. If the translation fails, however, you can still make a connection by using the numeric address. For example, suppose you have an account on compsci, and you wish to log in. One way is to use the rlogin program (described in 2.2):
% rlogin compsci.cas.vanderbilt.edu
If your local network cannot translate the name, you will get an ``unknown host'' error message. If you know the numeric address, try it:
% rlogin 129.59.130.21
The symbolic name of a site is determined by a naming standard known as the domain name system. Each field in a symbolic address corresponds to a single domain. The first field is a host name, which identifies a single computer. The last
field is a top level domain. In between are department names, organization names, etc. in order of increasing generality. In our example, compsci.cas.vanderbilt.edu is a host named compsci in the College of Arts and Sciences at Vanderbilt University, which is an educational institution. The six top level domains in the US and some sample addresses are listed in Figure 5. Symbolic addresses of sites outside the US end with a two-letter country code. Common country codes are also listed in Figure 5. There is a slow movement toward a naming standard that includes geographic information for sites within the US, also, but it is proceeding about as slowly as the conversion to the metric system. As new sites apply for Internet names many are given these new style names. For example, a name being considered for the Springfield Public School District is sps.lane.or.us (Springfield Public Schools, Lane County, Oregon, US).
At one point during the evolution of the Internet is was necessary to know which constituent network a site belonged to, and to use that network's
naming scheme as part of its Internet name. For example, a network of Unix machines known as UUNET identified a site by the path a message traversed in reaching the site. A command of the form
% mail drizzle!fog!mist!fred
meant ``send a message from this machine to host drizzle, have it forward the message to fog, and have fog send it to the user named fred on mist.'' When drizzle was connected to the Internet, Fred's colleagues at other Internet sites could send him mail via the address ``fog!mist!fred@drizzle.cs.cascadia.edu''. Now, however, you would probably reach Fred simply by using the domain name of his organization, i.e. You will still see host names and user names that contain network- specific fields, but they are becoming increasingly rare.
Figure 6 shows a typical local area network and its relationship
to a regional network. Every workstation and compute server supports TCP/IP and
the applications built on top of this protocol. For example, users can log in
to fog from mist
using rlogin. Because there is a
connection to the regional network (NorthWestNet) a user on fog can use rlogin to connect to compsci.
In many organizations the system that is connected to the regional network (e.g. drizzle in Figure 6) is the only one allowed to transfer packets outside the local network. The machine connected to the regional net is a firewall that isolates the other systems from the rest of the Internet. Given the recent history of Internet ``worms'' which, intentionally or not, invade local networks and waste resources, and the vulnerability of Unix systems to hackers who take it as a challenge to see how many systems they can log into, many system administrators prefer to connect only one system to the Internet and concentrate their efforts at maintaining security on this one system.
The presence of a firewall between your system and the rest of the Internet is a nuisance at times, but it does not prevent you from using rlogin, FTP, or any other TCP/IP application to access Internet resources. What you need to do is use rlogin to make a connection to the firewall, and then run FTP or other applications from there. Chances are your home directory is mounted on the firewall, so any file transfers you want to make can be done directly.