3rd Edition: Chapter 1kth/ns.pdf · Networks and Security 2 Table of Contents Student Contributions...

Networks and Security 1

Literature

Computer Networking: A Top Down Approach Featuring the Internet, 3rd edition. Jim Kurose, Keith RossAddison-Wesley, July 2004.

Sicherheit und Kryptographie im Internet:Von sicherer E-Mail bis zu IP-Verschlüsselung,1. Auflage.Jörg Schwenkvieweg, 2002.


Table of Contents

Student Contributions 3Introduction (ch. 1) 4Application Layer (ch. 2) 63Transport Layer (ch. 3) 135Network Layer (ch. 4) 162Wireless Networks 209Multimedia (ch. 6) 226Network Security (ch. 7, Schwenk) 236


Student Contributions

Topic Page Duration Date Student1. Switch 47 1L KW442. P2P 131 2L KW453. IPv6 206 1L KW474. Multimedia 234 2L KW505. Firewall 300 2L KW026. IDS & IPS 301 2L KW037. Network Scanner 304 2L KW488. Sniffer 308 2L KW519. PGP 319 2L KW0410. WLAN Router 336 2L KW4911. Social Engineering 338 2L KW05


Chapter 1: IntroductionOur goal:

get “feel” and terminologymore depth, detail later in courseapproach:

use Internet as example

Overview:what’s the Internetwhat’s a protocol?network edgenetwork coreaccess net, physical mediaInternet/ISP structureperformance: loss, delayprotocol layers, service modelsnetwork modeling


Chapter 1: roadmap

1.1 What is the Internet?1.2 Network edge1.3 Network core1.4 Network access and physical media1.5 Internet structure and ISPs1.6 Delay & loss in packet-switched networks1.7 Protocol layers, service models


What’s the Internet: “nuts and bolts” viewmillions of connected computing devices: hosts = end systemsrunning network appscommunication links

fiber, copper, radio, satellitetransmission rate = bandwidth

routers: forward packets (chunks of data)

local ISP

companynetwork

regional ISP

router workstationserver

mobile


What’s the Internet: “nuts and bolts” view

protocols control sending, receiving of msgs

e.g., TCP, IP, HTTP, FTP, PPPInternet: “network of networks”

loosely hierarchicalpublic Internet versus private intranet

Internet standardsRFC: Request for commentsIETF: Internet Engineering Task Force

local ISP

companynetwork

regional ISP

router workstationserver

mobile


What’s the Internet: a service viewcommunication infrastructure enables distributed applications:

Web, email, games, e-commerce, file sharing

communication services provided to apps:

Connectionless unreliableconnection-oriented reliable


What’s a protocol?human protocols:

“what’s the time?”“I have a question”introductions

… specific msgs sent… specific actions taken

when msgs received, or other events

network protocols:machines rather than humansall communication activity in Internet governed by protocols

protocols define format, order of msgs sent and received among network

entities, and actions taken on msg

transmission, receipt


What’s a protocol?a human protocol and a computer network protocol:

Q: Other human protocols?

Hi

HiGot thetime?2:00

TCP connectionreq

TCP connectionresponseGet http://www.awl.com/kurose-ross

time


Chapter 1: roadmap



A closer look at network structure:

network edge:applications and hostsnetwork core:

routersnetwork of networks

access networks, physical media:communication links


The network edge:end systems (hosts):

run application programse.g. Web, emailat “edge of network”

client/server modelclient host requests, receives service from always-on servere.g. Web browser/server; email client/server

peer-peer model:minimal (or no) use of

dedicated serverse.g. Gnutella, KaZaA


Network edge: connection-oriented service

Goal: data transfer between end systemshandshaking: setup (prepare for) data transfer ahead of time

Hello, hello back human protocolset up “state” in two communicating hosts

TCP - Transmission Control Protocol

Internet’s connection-oriented service

TCP service [RFC 793]reliable, in-order byte-stream data transfer

loss: acknowledgements and retransmissions

flow control:sender won’t overwhelm receiver

congestion control:senders “slow down sending rate” when network congested


Network edge: connectionless service

Goal: data transfer between end systems

same as before!UDP - User Datagram Protocol [RFC 768]:

connectionless unreliable data transferno flow controlno congestion control

App’s using TCP:HTTP (Web), FTP (file transfer), Telnet (remote login), SMTP (email)

App’s using UDP:streaming media, teleconferencing, DNS, Internet telephony


Chapter 1: roadmap



The Network Core

mesh of interconnected routersthe fundamental question: how is data transferred through net?

circuit switching:dedicated circuit per call: telephone netpacket-switching: data sent thru net in discrete “chunks”


Network Core: Circuit Switching

End-end resources reserved for “call”link bandwidth, switch capacitydedicated resources: no sharingcircuit-like (guaranteed) performancecall setup required


Network Core: Circuit Switchingnetwork resources

(e.g., bandwidth) divided into “pieces”pieces allocated to callsresource piece idle if not used by owning call (no sharing)

dividing link bandwidth into “pieces”

frequency divisiontime division


Network Core: Packet Switchingeach end-end data stream

divided into packetsuser A, B packets sharenetwork resourceseach packet uses full link bandwidth resources used as needed

Bandwidth division into “pieces”Dedicated allocationResource reservation

resource contention:aggregate resource demand can exceed amount availablecongestion: packets queue, wait for link usestore and forward: packets move one hop at a time

Node receives complete packet before forwarding


Packet switching versus circuit switching

1 Mb/s linkeach user:

100 kb/s when “active”active 10% of time

circuit-switching: 10 users

packet switching: with 35 users, probability > 10 active less than .0004

Packet switching allows more users to use network!

N users1 Mbps link


Packet switching versus circuit switching

Great for bursty dataresource sharingsimpler, no call setup

Excessive congestion: packet delay and lossprotocols needed for reliable data transfer, congestion control

Q: How to provide circuit-like behavior?bandwidth guarantees needed for audio/video appsstill an unsolved problem (chapter 6)

Is packet switching a “slam dunk winner?”


Packet-switched networks: forwarding

Goal: move packets through routers from source to destinationdatagram network:

destination address in packet determines next hoproutes may change during sessionanalogy: driving, asking directions

virtual circuit network:each packet carries tag (virtual circuit ID), tag determines next hopfixed path determined at call setup time, remains fixed thru callrouters maintain per-call state


Chapter 1: roadmap



Access networks and physical media

Q: How to connect end systems to edge router?residential access netsinstitutional access networks (school, company)mobile access networks

Keep in mind: bandwidth (bits per second) of access network?shared or dedicated?


Residential access: point to point access

Dialup via modemup to 56Kbps direct access to router (often less)Can’t surf and phone at same time: can’t be “always on”

ADSL: asymmetric digital subscriber lineup to 1 Mbps upstream (today typically < 256 kbps)up to 8 Mbps downstream (today typically < 1 Mbps)FDM: 50 kHz - 1 MHz for downstream

4 kHz - 50 kHz for upstream0 kHz - 4 kHz for ordinary telephone


Residential access: cable modems

HFC: hybrid fiber coaxasymmetric: up to 30Mbps downstream, 2 Mbps upstream

network of cable and fiber attaches homes to ISP router

homes share access to router deployment: available via cable TV companies


Residential access: cable modems

Diagram: http://www.cabledatacomnews.com/cmic/diagram.html


Cable Network Architecture: Overview

home

cable headend

cable distributionnetwork (simplified)

Typically 500 to 5,000 homes



home

cable headend

cable distributionnetwork (simplified)



home

cable headend

cable distributionnetwork

server(s)


Company access: local area networks

company/univ local area network (LAN) connects end system to edge routerEthernet:

shared or dedicated link connects end system and router10 Mbs, 100Mbps, Gigabit Ethernet


Wireless access networksshared wireless access network connects end system to router

via base station aka “access point”

wireless LANs:802.11b (WiFi): 11 Mbps

wider-area wireless accessprovided by telco operator3G ~ 384 kbps

• Will it happen??WAP/GPRS in Europe

basestation

mobilehosts

router


Home networksTypical home network components:

ADSL or cable modemrouter/firewall/NATEthernetwireless accesspoint

wirelessaccess point

router/firewall

wirelesslaptops

cablemodem

to/fromcable

headend

Ethernet


Physical Media

Bit: propagates betweentransmitter/rcvr pairsphysical link: what lies between transmitter & receiverguided media:

signals propagate in solid media: copper, fiber, coax

unguided media:signals propagate freely, e.g., radio

Twisted Pair (TP)two insulated copper wires

Category 3: traditional phone wires, 10 Mbps EthernetCategory 5: 100Mbps Ethernet


Physical Media: coax, fiber

Coaxial cable:two concentric copper conductorsbidirectionalbaseband:

single channel on cablelegacy Ethernet

broadband:multiple channel on cableHFC

Fiber optic cable:glass fiber carrying light pulses, each pulse a bithigh-speed operation:

high-speed point-to-point transmission (e.g., 5 Gps)

low error rate: repeaters spaced far apart ; immune to electromagnetic noise


Physical media: radio

signal carried in electromagnetic spectrumno physical “wire”bidirectionalpropagation environment effects:

reflection obstruction by objectsinterference

Radio link types:terrestrial microwave

e.g. up to 45 Mbps channelsLAN (e.g., Wifi)

2Mbps, 11Mbpswide-area (e.g., cellular)

e.g. 3G: hundreds of kbpssatellite

up to 50Mbps channel (or multiple smaller channels)270 msec end-end delaygeosynchronous versus low altitude


Chapter 1: roadmap



Internet structure: network of networks

roughly hierarchicalat center: “tier-1” ISPs (e.g., UUNet, BBN/Genuity, Sprint, AT&T), national/international coverage

treat each other as equals

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP

Tier-1 providers interconnect (peer) privately

NAP

Tier-1 providers also interconnect at public network access points (NAPs)


Tier-1 ISP: e.g., SprintSprint US backbone network



“Tier-2” ISPs: smaller (often regional) ISPsConnect to one or more tier-1 ISPs, possibly other tier-2 ISPs

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP

NAP

Tier-2 ISPTier-2 ISP

Tier-2 ISP Tier-2 ISP

Tier-2 ISP

Tier-2 ISP pays tier-1 ISP for connectivity to rest of Internet

tier-2 ISP is customer oftier-1 provider

Tier-2 ISPs also peer privately with each other, interconnect at NAP



“Tier-3” ISPs and local ISPs last hop (“access”) network (closest to end systems)

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP

NAP



Tier-2 ISP

localISPlocalISP

localISP

localISP

localISP Tier 3

ISP

localISP

localISP

localISP

Local and tier-3 ISPs are customers ofhigher tier ISPsconnecting them to rest of Internet



a packet passes through many networks!

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP

NAP



Tier-2 ISP

localISPlocalISP

localISP

localISP

localISP Tier 3

ISP

localISP

localISP

localISP


Swiss Science Network

http://www.switch.ch/network/map/SWITCHlanbb1.gif


Global ConnectivitySWITCH is using three different ways to achieve full Internet connectivity:

national peerings at CIXP and TIXGEANT, providing access to the research and educational community worldwide global transit, provided by Global Crossing (Geneva), Level3 (Geneva) and Telia (Zurich)

The list above is given in order of decreasing preference. National peerings give the shortest round trip delays and thus usually the best performance.

http://www.cixp.ch/http://www.telehouse.ch/http://www.switch.ch/network/geant.htmlhttp://www.gblx.net/http://www.level3.com/http://www.telia.net/


Swiss Free ISPs

http://www.freedomlist.com/find.php3?country=140


Switch

Student ContributionAufgabe:

• what is switch?• what services are provided?• demonstrate services offered!

Unterlagen• www.switch.ch

Umfang• 1 Lektion


Chapter 1: roadmap



How do loss and delay occur?packets queue in router buffers

packet arrival rate to link exceeds output link capacitypackets queue, wait for turn

A

B

packet being transmitted (delay)

packets queueing (delay)free (available) buffers: arriving packets dropped (loss) if no free buffers


Nodal delay

dproc = processing delaytypically a few microsecs or less

dqueue = queuing delaydepends on congestion

dtrans = transmission delay= L/R, significant for low-speed links

dprop = propagation delaya few microsecs to hundreds of msecs

proptransqueueprocnodal ddddd +++=


“Real” Internet delays and routes

What do “real” Internet delay & loss look like? Traceroute program: provides delay measurement from source to router along end-end Internet path towards destination. For all i:

sends three packets that will reach router i on path towards destinationrouter i will return packets to sendersender times interval between transmission and reply.

3 probes

3 probes

3 probes


“Real” Internet delays and routes

1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms 5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms 6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms17 * * *18 * * *19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms

traceroute: gaia.cs.umass.edu to www.eurecom.frThree delay measements from gaia.cs.umass.edu to cs-gw.cs.umass.edu

* means no reponse (probe lost, router not replying)

trans-oceaniclink


Packet loss

queue (aka buffer) preceding link in buffer has finite capacitywhen packet arrives to full queue, packet is dropped (aka lost)lost packet may be retransmitted by previous node, by source end system, or not retransmitted at all


Chapter 1: roadmap



Protocol “Layers”Networks are complex!

many “pieces”:hostsrouterslinks of various mediaapplicationsprotocolshardware, software

Question:Is there any hope of organizing structure of

network?

Or at least our discussion of networks?


Organization of air travel

a series of steps

ticket (purchase)

baggage (check)

gates (load)

runway takeoff

airplane routing

ticket (complain)

baggage (claim)

gates (unload)

runway landing

airplane routing

airplane routing


ticket (purchase)

baggage (check)

gates (load)

runway (takeoff)

airplane routing

departureairport

arrivalairport

intermediate air-trafficcontrol centers

airplane routing airplane routing

ticket (complain)

baggage (claim

gates (unload)

runway (land)

airplane routing

ticket

baggage

gate

takeoff/landing

airplane routing

Layering of airline functionality

Layers: each layer implements a servicevia its own internal-layer actionsrelying on services provided by layer below


Why layering?Dealing with complex systems:

explicit structure allows identification, relationship of complex system’s pieces

layered reference model for discussionmodularization eases maintenance, updating of system

change of implementation of layer’s service transparent to rest of systeme.g., change in gate procedure doesn’t affect rest of system

layering considered harmful?


Internet protocol stackapplication: supporting network applications

FTP, SMTP, HTTPtransport: host-host data transfer

TCP, UDPnetwork: routing of datagrams from source to destination

IP, routing protocolslink: data transfer between neighboring network elements

PPP, Ethernetphysical: bits “on the wire”

application

transport

network

link

physical


messagesegment

datagramframe

sourceapplicationtransportnetwork

linkphysical

HtHnHl MHtHn M

Ht MM

destinationapplicationtransportnetwork

linkphysical

HtHnHl MHtHn M

Ht MM

networklink

physical

linkphysical

HtHnHl MHtHn M

HtHnHl MHtHn M

HtHnHl M HtHnHl M

router

switch

Encapsulation


Introduction: Summary

Covered a “ton” of material!Internet overviewwhat’s a protocol?network edge, core, access network

packet-switching versus circuit-switching

Internet/ISP structureperformance: loss, delaylayering and service models

You now have:context, overview, “feel” of networkingmore depth, detail to follow!


Chapter 2: Application layer

2.1 Principles of network applications2.2 Web and HTTP2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP2.5 DNS

2.6 P2P file sharing


Chapter 2: Application LayerOur goals:

conceptual, implementation aspects of network application protocols

transport-layer service modelsclient-server paradigmpeer-to-peer paradigm

learn about protocols by examining popular application-level protocols

HTTPFTPSMTP / POP3 / IMAPDNS


Some network apps

E-mailWebInstant messagingRemote loginP2P file sharingMulti-user network gamesStreaming stored video clips

Internet telephoneReal-time video conferenceMassive parallel computing


Creating a network appWrite programs that

run on different end systems andcommunicate over a network.e.g., Web: Web server software communicates with browser software

No software written for devices in network core

Network core devices do not function at app layerThis design allows for rapid app development

applicationtransportnetworkdata linkphysical




Application architectures

Client-serverPeer-to-peer (P2P)Hybrid of client-server and P2P


Client-server architectureserver:

always-on hostpermanent IP addressserver farms for scaling

clients:communicate with

servermay be intermittently connectedmay have dynamic IP addressesdo not communicate directly with each other


Pure P2P architecture

no always on serverarbitrary end systems directly communicatepeers are intermittently connected and change IP addressesexample: Gnutella

Highly scalable

But difficult to manage


Hybrid of client-server and P2P

NapsterFile transfer P2PFile search centralized:

• Peers register content at central server• Peers query same central server to locate content

Instant messagingChatting between two users is P2PPresence detection/location centralized:

• User registers its IP address with central server when it comes online

• User contacts central server to find IP addresses of buddies


Processes communicating

Process: program running within a host.within same host, two processes communicate using inter-process communication (defined by OS).processes in different hosts communicate by exchanging messages

Client process: process that initiates communication

Server process: process that waits to be contacted

Note: applications with P2P architectures have client processes & server processes


Sockets

process sends/receives messages to/from its socketsocket analogous to door

sending process shoves message out doorsending process relies on transport infrastructure on other side of door which brings message to socket at receiving process

process

TCP withbuffers,variables

socket

host orserver

process

TCP withbuffers,variables

socket

host orserver

Internet

controlledby OS

controlled byapp developer

API: (1) choice of transport protocol; (2) ability to fix a few parameters


Addressing processesFor a process to receive messages, it must have an identifierA host has a unique32-bit IP addressQ: does the IP address of the host on which the process runs suffice for identifying the process?Answer: No, many processes can be running on same host

Identifier includes both the IP address and port numbersassociated with the process on the host.Example port numbers:

HTTP server: 80Mail server: 25

More on this later


App-layer protocol defines

Types of messages exchanged, eg, request & response messagesSyntax of message types: what fields in messages & how fields are delineatedSemantics of the fields, ie, meaning of information in fieldsRules for when and how processes send & respond to messages

Public-domain protocols:defined in RFCsallows for interoperabilityeg, HTTP, SMTP

Proprietary protocols:eg, KaZaA


What transport service does an app need?

Data losssome apps (e.g., audio) can tolerate some lossother apps (e.g., file transfer, telnet) require 100% reliable data transfer

Timingsome apps (e.g., Internet telephony, interactive games) require low delay to be “effective”

Bandwidthsome apps (e.g., multimedia) require minimum amount of bandwidth to be “effective”other apps (“elastic apps”) make use of whatever bandwidth they get


Transport service requirements of common apps

Application

file transfere-mail

Web documents

Data loss

no lossno lossno lossloss-tolerant

loss-tolerantloss-tolerantno loss

Bandwidth

elasticelasticelasticaudio: 5kbps-1Mbpsvideo:10kbps-5Mbpssame as above few kbps upelastic

Time Sensitive

nononoyes, 100’s msec

yes, few secsyes, 100’s msecyes and no

real-time audio/video

stored audio/videointeractive gamesinstant messaging


Internet transport protocols services

TCP service:connection-oriented: setup required between client and server processesreliable transport between sending and receiving processflow control: sender won’t overwhelm receiver congestion control: throttle sender when network overloadeddoes not provide: timing, minimum bandwidth guarantees

UDP service:unreliable data transfer between sending and receiving processdoes not provide: connection setup, reliability, flow control, congestion control, timing, or bandwidth guarantee

Q: why bother? Why is there a UDP?


Internet apps: application, transport protocols

Application

e-mailremote terminal access

Web file transfer

streaming multimedia

Internet telephony

Applicationlayer protocol

SMTP [RFC 2821]Telnet [RFC 854]HTTP [RFC 2616]FTP [RFC 959]proprietary(e.g. RealNetworks)proprietary(e.g., Dialpad)

Underlyingtransport protocol

TCPTCPTCPTCPTCP or UDP

typically UDP



2.1 Principles of network applications

app architecturesapp requirements

2.2 Web and HTTP2.4 Electronic Mail




Web and HTTP

First some jargonWeb page consists of objectsObject can be HTML file, JPEG image, Java applet, audio file,…Web page consists of base HTML-file which includes several referenced objectsEach object is addressable by a URLExample URL:www.someschool.edu/someDept/pic.gif

host name path name


HTTP overview

HTTP: hypertext transfer protocolWeb’s application layer protocolclient/server model

client: browser that requests, receives, “displays” Web objectsserver: Web server sends objects in response to requests

HTTP 1.0: RFC 1945HTTP 1.1: RFC 2068

PC runningExplorer

Server running

Apache Webserver

Mac runningNavigator

HTTP request

HTTP re

quest

HTTP response

HTTP re

sponse


HTTP overview (continued)

Uses TCP:client initiates TCP connection (creates socket) to server, port 80server accepts TCP connection from clientHTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server)TCP connection closed

HTTP is “stateless”server maintains no information about past client requests

Protocols that maintain “state” are complex!past history (state) must be maintainedif server/client crashes, their views of “state” may be inconsistent, must be reconciled

aside


HTTP connections

Nonpersistent HTTPAt most one object is sent over a TCP connection.HTTP/1.0 uses nonpersistent HTTP

Persistent HTTPMultiple objects can be sent over single TCP connection between client and server.HTTP/1.1 uses persistent connections in default mode


HTTP request message

two types of HTTP messages: request, responseHTTP request message:

ASCII (human-readable format)

GET /somedir/page.html HTTP/1.1Host: www.someschool.eduUser-agent: Mozilla/4.0Connection: close Accept-language:fr

(extra carriage return, line feed)

request line(GET, POST,

HEAD commands)

headerlines

Carriage return, line feed

indicates end of message


HTTP request message: general format


Uploading form input

Post method:Web page often includes form inputInput is uploaded to server in entity body

URL method:Uses GET methodInput is uploaded in URL field of request line:

www.somesite.com/animalsearch?monkeys&banana


Method types

HTTP/1.0GETPOSTHEAD

asks server to leave requested object out of response

HTTP/1.1GET, POST, HEADPUT

uploads file in entity body to path specified in URL field

DELETEdeletes file specified in the URL field


HTTP response message

HTTP/1.1 200 OK Connection closeDate: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html

data data data data data ...

status line(protocol

status codestatus phrase)

headerlines

data, e.g., requestedHTML file


HTTP response status codes

200 OKrequest succeeded, requested object later in this message

301 Moved Permanentlyrequested object moved, new location specified later in this message (Location:)

400 Bad Requestrequest message not understood by server

404 Not Foundrequested document not found on this server

505 HTTP Version Not Supported

In first line in server->client response message.A few sample codes:


Exercise

1. Telnet to your favorite Web server:Opens TCP connection to port 80(default HTTP server port) at cis.poly.edu.Anything typed in sent to port 80 at cis.poly.edu

telnet cis.poly.edu 80

2. Type in a GET HTTP request:By typing this in (hit carriagereturn twice), you sendthis minimal (but complete) GET request to HTTP server

GET /~ross/ HTTP/1.1Host: cis.poly.edu

3. Look at response message sent by HTTP server!4. Try out the other http commands!


User-server state: cookies

Many major Web sites use cookies

Four components:1) cookie header line in

the HTTP response message

2) cookie header line in HTTP request message

3) cookie file kept on user’s host and managed by user’s browser

4) back-end database at Web site

Example:Susan access Internet always from same PCShe visits a specific e-commerce site for first timeWhen initial HTTP requests arrives at site, site creates a unique ID and creates an entry in backend database for ID


Cookies: keeping “state” (cont.)

client serverusual http request msgusual http response +Set-cookie: 1678

usual http request msgcookie: 1678

usual http response msg

usual http request msgcookie: 1678

usual http response msg

cookie-specificaction

cookie-spectific

action

servercreates ID

1678 for user

entry in backend

database

access

access

Cookie file

amazon: 1678ebay: 8734

Cookie file

ebay: 8734

Cookie file

amazon: 1678ebay: 8734

one week later:


Cookies (continued)What cookies can bring:

authorizationshopping cartsrecommendationsuser session state (Web e-mail)

Cookies and privacy:cookies permit sites to learn a lot about youyou may supply name and e-mail to sitessearch engines use redirection & cookies to learn yet moreadvertising companies obtain info across sites

aside



2.1 Principles of network applications2.2 Web and HTTP2.3 FTP2.4 Electronic Mail




FTP: the file transfer protocol

transfer file to/from remote hostclient/server model

client: side that initiates transfer (either to/from remote)server: remote host

ftp: RFC 959ftp server: port 21

file transfer FTPserver

FTPuser

interface

FTPclient

local filesystem

remote filesystem

user at host


FTP: separate control, data connections

FTP client contacts FTP server at port 21, specifying TCP as transport protocolClient obtains authorization over control connectionClient browses remote directory by sending commands over control connection.When server receives a command for a file transfer, the server opens a TCP data connection to clientAfter transferring one file, server closes connection.

FTPclient

FTPserver

TCP control connectionport 21

TCP data connectionport 20

Server opens a second TCP data connection to transfer another file.Control connection: “out of band”FTP server maintains “state”: current directory, earlier authentication


FTP commands, responses

Sample commands:sent as ASCII text over control channelUSER usernamePASS password

LIST return list of file in current directoryRETR filename retrieves (gets) fileSTOR filename stores (puts) file onto remote host

Sample return codesstatus code and phrase (as in HTTP)331 Username OK, password required125 data connection already open; transfer starting425 Can’t open data connection452 Error writing file


Exercise

use ftp in a command windowconnect to dskw2106.zhwin.ch

user: studentpwd: zwi

try out the commands from previous pagesave file on serverload file from serverdelete file on server


Electronic Mail

Three major components:user agents mail servers simple mail transfer protocol: SMTP

User Agenta.k.a. “mail reader”composing, editing, reading mail messagese.g., Eudora, Outlook, elm, Netscape Messengeroutgoing, incoming messages stored on server

user mailbox

outgoing message queue

mailserver

useragent

useragent

useragent

mailserver

useragent

useragent

mailserver

useragent

SMTP

SMTP

SMTP


Electronic Mail: mail servers

Mail Serversmailbox contains incoming messages for usermessage queue of outgoing (to be sent) mail messagesSMTP protocol between mail servers to send email messages

client: sending mail server“server”: receiving mail server

mailserver

useragent

useragent

useragent

mailserver

useragent

useragent

mailserver

useragent

SMTP

SMTP

SMTP


Electronic Mail: SMTP [RFC 2821]

uses TCP to reliably transfer email message from client to server, port 25direct transfer: sending server to receiving serverthree phases of transfer

handshaking (greeting)transfer of messagesclosure

command/response interactioncommands: ASCII textresponse: status code and phrase

messages must be in 7-bit ASCII


Scenario: Alice sends message to Bob1) Alice uses UA to compose

message and “to” [email protected]

2) Alice’s UA sends message to her mail server; message placed in message queue

3) Client side of SMTP opens TCP connection with Bob’s mail server

4) SMTP client sends Alice’s message over the TCP connection

5) Bob’s mail server places the message in Bob’s mailbox

6) Bob invokes his user agent to read message

useragent

mailserver

mailserver user

agent

1

2 3 4 56


Sample SMTP interactionS: 220 hamburger.eduC: HELO crepes.frS: 250 Hello crepes.fr, pleased to meet you C: MAIL FROM: S: 250 [email protected]... Sender ok C: RCPT TO: S: 250 [email protected] ... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection


Exercise

telnet servername 25see 220 reply from serverenter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands

above lets you send email without using email client (reader)


SMTP: final words

SMTP uses persistent connectionsSMTP requires message (header & body) to be in 7-bit ASCIISMTP server uses CRLF.CRLF to determine end of message

Comparison with HTTP:HTTP: pullSMTP: push

both have ASCII command/response interaction, status codes

HTTP: each object encapsulated in its own response msgSMTP: multiple objects sent in multipart msg


Mail message format

SMTP: protocol for exchanging email msgs

RFC 822: standard for text message format:header lines, e.g.,

To:From:Subject:

different from SMTP commands!

bodythe “message”, ASCII characters only

header

body

blankline


Message format: multimedia extensions

MIME: multipurpose internet mail extension, RFC 2045, 2056additional lines in msg header declare MIME content type

From: [email protected]: [email protected]: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg

base64 encoded data ..... ......................... ......base64 encoded data

multimedia datatype, subtype,

parameter declaration

encoded data

method usedto encode data

MIME version


Mail access protocols

SMTP: delivery/storage to receiver’s serverMail access protocol: retrieval from server

POP: Post Office Protocol [RFC 1939]• authorization (agent server) and download

IMAP: Internet Mail Access Protocol [RFC 1730]• more features (more complex)• manipulation of stored msgs on server

HTTP: Hotmail , Yahoo! Mail, etc.

useragent

sender’s mail server

useragent

SMTP SMTP accessprotocol

receiver’s mail server


POP3 protocol

authorization phaseclient commands:

user: declare usernamepass: password

server responses+OK

-ERR

transaction phase, client:list: list message numbersretr: retrieve message by numberdele: deletequit

C: list S: 1 498 S: 2 912 S: . C: retr 1 S: S: . C: dele 1 C: retr 2 S: S: . C: dele 2 C: quit S: +OK POP3 server signing off

S: +OK POP3 server ready C: user bob S: +OK C: pass hungry S: +OK user successfully logged on


Exercise

use telnet to your e-mail providertry to download e-mails from your accountuse the previous page as a template


POP3 (more) and IMAPMore about POP3

Previous example uses “download and delete” mode.Bob cannot re-read e-mail if he changes client“Download-and-keep”: copies of messages on different clientsPOP3 is stateless across sessions

IMAPKeep all messages in one place: the serverAllows user to organize messages in foldersIMAP keeps user state across sessions:

names of folders and mappings between message IDs and folder name


DNS: Domain Name System

People: many identifiers:SSN, name, passport #

Internet hosts, routers:IP address (32 bit) -used for addressing datagrams“name”, e.g., ww.yahoo.com - used by humans

Q: map between IP addresses and name ?

Domain Name System:distributed databaseimplemented in hierarchy of many name serversapplication-layer protocolhost, routers, name servers to communicate to resolve names (address/name translation)

note: core Internet function, implemented as application-layer protocolcomplexity at network’s “edge”


DNS Why not centralize DNS?

single point of failuretraffic volumedistant centralized databasemaintenance

doesn’t scale!

DNS servicesHostname to IP address translationHost aliasing

Canonical and alias names

Mail server aliasingLoad distribution

Replicated Web servers: set of IP addresses for one canonical name


Root DNS Servers

com DNS servers org DNS servers edu DNS servers

poly.eduDNS servers

umass.eduDNS serversyahoo.comDNS servers

amazon.comDNS servers

pbs.orgDNS servers

Distributed, Hierarchical Database

Client wants IP for www.amazon.com; 1st approx:Client queries a root server to find com DNS serverClient queries com DNS server to get amazon.comDNS serverClient queries amazon.com DNS server to get IP address for www.amazon.com


DNS: Root name serverscontacted by local name server that can not resolve nameroot name server:

contacts authoritative name server if name mapping not knowngets mappingreturns mapping to local name server

13 root name servers worldwide

b USC-ISI Marina del Rey, CAl ICANN Los Angeles, CA

e NASA Mt View, CAf Internet Software C. Palo Alto, CA (and 17 other locations)

i Autonomica, Stockholm (plus 3 other locations)

k RIPE London (also Amsterdam, Frankfurt)

m WIDE Tokyo

a Verisign, Dulles, VAc Cogent, Herndon, VA (also Los Angeles)d U Maryland College Park, MDg US DoD Vienna, VAh ARL Aberdeen, MDj Verisign, ( 11 locations)


TLD and Authoritative Servers

Top-level domain (TLD) servers: responsible for com, org, net, edu, etc, and all top-level country domains uk, fr, ca, jp.

Network solutions maintains servers for com TLDEducause for edu TLD

Authoritative DNS servers: organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web and mail).

Can be maintained by organization or service provider


Local Name Server

Does not strictly belong to hierarchyEach ISP (residential ISP, company, university) has one.

Also called “default name server”When a host makes a DNS query, query is sent to its local DNS server

Acts as a proxy, forwards query into hierarchy.


requesting hostcis.poly.edu

gaia.cs.umass.edu

root DNS server

local DNS serverdns.poly.edu

23

4

5

61

authoritative DNS serverdns.cs.umass.edu

78

TLD DNS server

Example

Host at cis.poly.eduwants IP address for gaia.cs.umass.edu


requesting hostcis.poly.edu

gaia.cs.umass.edu

root DNS server

local DNS serverdns.poly.edu

1

2

45

6

authoritative DNS serverdns.cs.umass.edu

7

8

TLD DNS serve

3

Recursive queriesrecursive query:

puts burden of name resolution on contacted name serverheavy load?

iterated query:contacted server replies with name of server to contact“I don’t know this name, but ask this server”


Exercise

use nslookup to find out your local name serverquery your local name server

IP-address -> domain nameDomain name -> IP-address

what other information can be obtained from the DNS?



2.1 Principles of network applications

app architecturesapp requirements

2.2 Web and HTTP2.4 Electronic Mail




P2P file sharing

ExampleAlice runs P2P client application on her notebook computerIntermittently connects to Internet; gets new IP address for each connectionAsks for “Hey Jude”Application displays other peers that have copy of Hey Jude.

Alice chooses one of the peers, Bob.File is copied from Bob’s PC to Alice’s notebook: HTTPWhile Alice downloads, other users uploading from Alice.Alice’s peer is both a Web client and a transient Web server.

All peers are servers = highly scalable!


P2P: centralized directory

original “Napster” design1) when peer connects, it

informs central server:IP addresscontent

2) Alice queries for “Hey Jude”

3) Alice requests file from Bob

centralizeddirectory server

peers

Alice

Bob

1

1

1

12

3


P2P: problems with centralized directory

Single point of failurePerformance bottleneckCopyright infringement

file transfer is decentralized, but locating content is highly decentralized


Query flooding: Gnutella

fully distributedno central server

public domain protocolmany Gnutella clients implementing protocol

overlay network: graphedge between peer X and Y if there’s a TCP connectionall active peers and edges is overlay netEdge is not a physical linkGiven peer will typically be connected with < 10 overlay neighbors


Gnutella: protocol

Query

QueryHit

Query

Query

QueryHit

Query

Query

Query

Hit

File transfer:HTTPQuery message

sent over existing TCPconnections

peers forwardQuery message

QueryHit sent over reversepath

Scalability:limited scopeflooding


Gnutella: Peer joining

1. Joining peer X must find some other peer in Gnutella network: use list of candidate peers

2. X sequentially attempts to make TCP with peers on list until connection setup with Y

3. X sends Ping message to Y; Y forwards Ping message.

4. All peers receiving Ping message respond with Pong message

5. X receives many Pong messages. It can then setup additional TCP connections

Peer leaving: see homework problem!


Exploiting heterogeneity: KaZaA

Each peer is either a group leader or assigned to a group leader.

TCP connection between peer and its group leader.TCP connections between some pairs of group leaders.

Group leader tracks the content in all its children.

ordinary peer

group-leader peer

neighoring relationshipsin overlay network


P2P Demonstration

Student ContributionAufgabe:

• choose a p2p software• show installation• identify risks• show usage

Unterlagen• z.B. www.gnutella.com

Umfang• 2 Lektionen


Chapter 2: Summary

Application architecturesclient-serverP2Phybrid

application service requirements:

reliability, bandwidth, delay

Internet transport service model

connection-oriented, reliable: TCPunreliable, datagrams: UDP

specific protocols:HTTPFTPSMTP, POP, IMAPDNS

Our study of network apps now complete!


Chapter 2: Summary

typical request/reply message exchange:

client requests info or serviceserver responds with data, status code

message formats:headers: fields giving info about datadata: info being communicated

Most importantly: learned about protocols

control vs. data msgsin-band, out-of-band

centralized vs. decentralized stateless vs. statefulreliable vs. unreliable msgtransfer “complexity at network edge”


Chapter 3: Transport LayerOur goals:

understand principles behind transport layer services:

multiplexing/demultiplexingreliable data transferflow controlcongestion control

learn about transport layer protocols in the Internet:

UDP: connectionless transportTCP: connection-oriented transportTCP congestion control


Chapter 3 outline

3.1 Transport-layer services3.2 Multiplexing and demultiplexing3.3 Connectionless transport: UDP

3.5 Connection-oriented transport: TCP

segment structurereliable data transferflow controlconnection management


Transport services and protocolsprovide logical communicationbetween app processes running on different hoststransport protocols run in end systems

send side: breaks app messages into segments, passes to network layerrcv side: reassembles segments into messages, passes to app layer

more than one transport protocol available to apps

Internet: TCP and UDP



networkdata linkphysical



networkdata linkphysicalnetwork

data linkphysical

logical end-end transport


Transport vs. network layer

network layer: logical communication between hoststransport layer: logical communication between processes

relies on, enhances, network layer services

Household analogy:12 kids sending letters

to 12 kidsprocesses = kidsapp messages = letters in envelopeshosts = housestransport protocol = Ann and Billnetwork-layer protocol = postal service


Internet transport-layer protocols

reliable, in-order delivery (TCP)

congestion control flow controlconnection setup

unreliable, unordered delivery: UDP

no-frills extension of “best-effort” IP

services not available: delay guaranteesbandwidth guarantees






networkdata linkphysicalnetwork

data linkphysical

logical end-end transport


Chapter 3 outline





Multiplexing/demultiplexing

application

transport

network

link

physical

P1 application

transport

network

link

physical

application

transport

network

link

physical

P2P3 P4P1

host 1 host 2 host 3

= process= socket

delivering received segmentsto correct socket

Demultiplexing at rcv host:gathering data from multiplesockets, enveloping data with header (later used for demultiplexing)

Multiplexing at send host:


How demultiplexing workshost receives IP datagrams

each datagram has source IP address, destination IP addresseach datagram carries 1 transport-layer segmenteach segment has source, destination port number (recall: well-known port numbers for specific applications)

host uses IP addresses & port numbers to direct segment to appropriate socket

source port # dest port #

32 bits

applicationdata

(message)

other header fields

TCP/UDP segment format


Chapter 3 outline





UDP: User Datagram Protocol [RFC 768]“no frills,” “bare bones” Internet transport protocol“best effort” service, UDP segments may be:

lostdelivered out of order to app

connectionless:no handshaking between UDP sender, receivereach UDP segment handled independently of others

Why is there a UDP?no connection establishment (which can add delay)simple: no connection state at sender, receiversmall segment headerno congestion control: UDP can blast away as fast as desired


UDP: moreoften used for streaming multimedia apps

loss tolerantrate sensitive

other UDP usesDNSSNMP

reliable transfer over UDP: add reliability at application layer

application-specific error recovery!


32 bits

Applicationdata

(message)

UDP segment format

length checksumLength, in

bytes of UDPsegment,including

header


Chapter 3 outline





TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581

full duplex data:bi-directional data flow in same connectionMSS: maximum segment size

connection-oriented:handshaking (exchange of control msgs) init’ssender, receiver state before data exchange

flow controlled:sender will not overwhelm receiver

point-to-point:one sender, one receiver

reliable, in-order byte steam:

no “message boundaries”pipelined:

TCP congestion and flow control set window size

send & receive buffers

socketdoor

TCPsend buffer

TCPreceive buffer

socketdoor

segment

applicationwrites data

applicationreads data


TCP segment structure


32 bits

applicationdata

(variable length)

sequence numberacknowledgement number

Receive windowUrg data pnterchecksum

FSRPAUheadlennot

used

Options (variable length)

URG: urgent data (generally not used)

ACK: ACK #valid

PSH: push data now(generally not used)

RST, SYN, FIN:connection estab(setup, teardown

commands)

# bytes rcvr willingto accept

Internetchecksum

(as in UDP)

countingby bytes of data(not segments!)


TCP seq. #’s and ACKsSeq. #’s:

byte stream “number” of first byte in segment’s data

ACKs:seq # of next byte expected from other sidecumulative ACK

Q: how receiver handles out-of-order segments

A: TCP spec doesn’t say, - up to implementor

Host A Host B

Seq=42, ACK=79, data = ‘C’

Seq=79, ACK

=43, data = ‘

C’

Seq=43, ACK=80

Usertypes

‘C’

host ACKsreceipt

of echoed‘C’

host ACKsreceipt of‘C’, echoes

back ‘C’

timesimple telnet scenario


Chapter 3 outline





TCP: retransmission scenariosHost A

Seq=100, 20 bytes data

ACK=1

00

timepremature timeout

Host B


ACK=120


Seq=

92 t

imeo

ut

ACK=120

Host A


ACK=100

loss

tim

eout

lost ACK scenario

Host B

X


ACK=100

time

Seq=

92 t

imeo

utSendBase

= 100

SendBase= 120

SendBase= 120

Sendbase= 100


TCP retransmission scenarios (more)Host A


ACK=100

loss

tim

eout

Cumulative ACK scenario

Host B

X


ACK=120

time

SendBase= 120


Chapter 3 outline





TCP Flow Control

receive side of TCP connection has a receive buffer:

speed-matching service: matching the send rate to the receiving app’s drain rate

app process may be slow at reading from buffer

sender won’t overflowreceiver’s buffer by

transmitting too much,too fast

flow control


TCP Flow control: how it works

(Suppose TCP receiver discards out-of-order segments)spare room in buffer

= RcvWindow= RcvBuffer-[LastByteRcvd -

LastByteRead]

Rcvr advertises spare room by including value of RcvWindow in segmentsSender limits unACKeddata to RcvWindow

guarantees receive buffer doesn’t overflow


Chapter 3 outline





TCP Connection ManagementRecall: TCP sender, receiver

establish “connection” before exchanging data segmentsinitialize TCP variables:

seq. #sbuffers, flow control info (e.g. RcvWindow)

client: connection initiatorSocket clientSocket = new Socket("hostname","port

number");

server: contacted by clientSocket connectionSocket = welcomeSocket.accept();

Three way handshake:Step 1: client host sends TCP

SYN segment to serverspecifies initial seq #no data

Step 2: server host receives SYN, replies with SYNACK segment

server allocates buffersspecifies server initial seq. #

Step 3: client receives SYNACK, replies with ACK segment, which may contain data


TCP Connection Management (cont.)

Closing a connection:

client closes socket:clientSocket.close();

Step 1: client end system sends TCP FIN control segment to server

Step 2: server receives FIN, replies with ACK. Closes connection, sends FIN.

client

FIN

server

ACK

ACK

FIN

close

close

closed

tim

ed w

ait


TCP Connection Management (cont.)

Step 3: client receives FIN, replies with ACK.

Enters “timed wait” -will respond with ACK to received FINs

Step 4: server, receives ACK. Connection closed.

Note: with small modification, can handle simultaneous FINs.

client

FIN

server

ACK

ACK

FIN

closing

closing

closed

tim

ed w

ait

closed


TCP Connection Management (cont)

TCP clientlifecycle

TCP serverlifecycle


Chapter 3: Summaryprinciples behind transport layer services:

multiplexing, demultiplexingreliable data transferflow controlcongestion control

instantiation and implementation in the Internet

UDPTCP

Next:leaving the network “edge” (application, transport layers)into the network “core”


Chapter 4: Network Layer

Chapter goals:understand principles behind network layer services:

routing (path selection)dealing with scalehow a router worksadvanced topics: IPv6, mobility

instantiation and implementation in the Internet



4. 1 Introduction4.2 Virtual circuit and datagram networks4.3 What’s inside a router4.4 IP: Internet Protocol

Datagram formatIPv4 addressingICMPIPv6


Network layertransport segment from sending to receiving host on sending side encapsulates segments into datagramson rcving side, delivers segments to transport layernetwork layer protocols in every host, routerRouter examines header fields in all IP datagrams passing through it












Key Network-Layer Functions

forwarding: move packets from router’s input to appropriate router output

routing: determine route taken by packets from source to dest.

Routing algorithms

analogy:

routing: process of planning trip from source to dest

forwarding: process of getting through single interchange


1

23

0111

value in arrivingpacket’s header

routing algorithm

local forwarding tableheader value output link

0100010101111001

3221

Interplay between routing and forwarding


Network layer connection and connection-less service

Datagram network provides network-layer connectionless serviceVC network provides network-layer connection serviceAnalogous to the transport-layer services, but:

Service: host-to-hostNo choice: network provides one or the otherImplementation: in the core


Virtual circuits

call setup, teardown for each call before data can floweach packet carries VC identifier (not destination host address)every router on source-dest path maintains “state” for each passing connectionlink, router resources (bandwidth, buffers) may be allocated to VC

“source-to-dest path behaves much like telephone circuit”

performance-wisenetwork actions along source-to-dest path


VC implementation

A VC consists of:1. Path from source to destination2. VC numbers, one number for each link along

path3. Entries in forwarding tables in routers along

pathPacket belonging to VC carries a VC number.VC number must be changed on each link.

New VC number comes from forwarding table


Forwarding table12 22 32

1 23

VC number

interfacenumber

Incoming interface Incoming VC # Outgoing interface Outgoing VC #

1 12 2 222 63 1 18 3 7 2 171 97 3 87… … … …

Forwarding table innorthwest router:

Routers maintain connection state information!


Datagram networksno call setup at network layerrouters: no state about end-to-end connections

no network-level concept of “connection”packets forwarded using destination host address

packets between same source-dest pair may take different paths



1. Send data 2. Receive data


Forwarding table

Destination Address Range Link Interface

11001000 00010111 00010000 00000000through 0

11001000 00010111 00010111 11111111

11001000 00010111 00011000 00000000through 1

11001000 00010111 00011000 11111111

11001000 00010111 00011001 00000000through 2

11001000 00010111 00011111 11111111

otherwise 3

4 billion possible entries


Longest prefix matching

Prefix Match Link Interface11001000 00010111 00010 0 11001000 00010111 00011000 111001000 00010111 00011 2

otherwise 3

DA: 11001000 00010111 00011000 10101010

Examples

DA: 11001000 00010111 00010110 10100001 Which interface?

Which interface?


Datagram or VC network: why?

Internetdata exchange among computers

“elastic” service, no strict timing req.

“smart” end systems (computers)

can adapt, perform control, error recoverysimple inside network, complexity at “edge”

many link types different characteristicsuniform service difficult

ATMevolved from telephonyhuman conversation:

strict timing, reliability requirementsneed for guaranteed service

“dumb” end systemstelephonescomplexity inside network


Router Architecture Overview

Two key router functions:run routing algorithms/protocol (RIP, OSPF, BGP)forwarding datagrams from incoming to outgoing link


Input Port Functions

Decentralized switching:given datagram dest., lookup output port using forwarding table in input port memorygoal: complete input port processing at ‘line speed’queuing: if datagrams arrive faster than forwarding rate into switch fabric

Physical layer:bit-level reception

Data link layer:e.g., Ethernet


Output Ports

Buffering required when datagrams arrive from fabric faster than the transmission rateScheduling discipline chooses among queued datagrams for transmission


Output port queueing

buffering when arrival rate via switch exceeds output line speedqueueing (delay) and loss due to output port buffer overflow!


Input Port Queuing

Fabric slower than input ports combined -> queueing may occur at input queues Head-of-the-Line (HOL) blocking: queued datagram at front of queue prevents others in queue from moving forwardqueueing delay and loss due to input buffer overflow!


The Internet Network layer

forwardingtable

Host, router network layer functions:

Routing protocols•path selection•RIP, OSPF, BGP

IP protocol•addressing conventions•datagram format•packet handling conventions

ICMP protocol•error reporting•router “signaling”

Transport layer: TCP, UDP

Link layer

physical layer

Networklayer


IP datagram format

ver length

32 bits

data (variable length,typically a TCP

or UDP segment)

16-bit identifierInternetchecksum

time tolive

32 bit source IP address

IP protocol versionnumber

header length(bytes)

max numberremaining hops

(decremented at each router)

forfragmentation/reassembly

total datagramlength (bytes)

upper layer protocolto deliver payload to

head.len

type ofservice

“type” of data flgs fragmentoffsetupperlayer

32 bit destination IP address

Options (if any) E.g. timestamp,record routetaken, specifylist of routers to visit.

how much overhead with TCP?20 bytes of TCP20 bytes of IP= 40 bytes + app layer overhead


IP Fragmentation & Reassemblynetwork links have MTU (max.transfer size) - largest possible link-level frame.

different link types, different MTUs

large IP datagram divided (“fragmented”) within net

one datagram becomes several datagrams“reassembled” only at final destinationIP header bits used to identify, order related fragments

fragmentation: in: one large datagramout: 3 smaller datagrams

reassembly


IP Fragmentation and ReassemblyID=x

offset=0

fragflag=0

length=4000

ID=x

offset=0

fragflag=1

length=1500

ID=x

offset=185

fragflag=1

length=1500

ID=x

offset=370

fragflag=0

length=1040

One large datagram becomesseveral smaller datagrams

Example4000 byte datagramMTU = 1500 bytes

1480 bytes in data field

offset =1480/8


IP Addressing: introductionIP address: 32-bit identifier for host, router interfaceinterface: connection between host/router and physical link

router’s typically have multiple interfaceshost may have multiple interfacesIP addresses associated with each interface

223.1.1.1

223.1.1.2

223.1.1.3

223.1.1.4 223.1.2.9

223.1.2.2

223.1.2.1

223.1.3.2223.1.3.1

223.1.3.27

223.1.1.1 = 11011111 00000001 00000001 00000001

223 1 11


SubnetsIP address:

subnet part (high order bits)host part (low order bits)

What’s a subnet ?device interfaces with same subnet part of IP addresscan physically reach each other without intervening router

223.1.1.1

223.1.1.2

223.1.1.3

223.1.1.4 223.1.2.9

223.1.2.2

223.1.2.1

223.1.3.2223.1.3.1

223.1.3.27

LAN

network consisting of 3 subnets


Subnets 223.1.1.0/24 223.1.2.0/24

223.1.3.0/24

RecipeTo determine the subnets, detach each interface from its host or router, creating islands of isolated networks. Each isolated network is called a subnet.

Subnet mask: /24


SubnetsHow many? 223.1.1.1

223.1.1.3

223.1.1.4

223.1.2.2223.1.2.1

223.1.2.6

223.1.3.2223.1.3.1

223.1.3.27

223.1.1.2

223.1.7.0

223.1.7.1223.1.8.0223.1.8.1

223.1.9.1

223.1.9.2


IP addresses: how to get one?

Q: How does host get IP address?

hard-coded by system admin in a fileWintel: control-panel->network->configuration->tcp/ip->propertiesUNIX: /etc/rc.config

DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server

“plug-and-play”


IP addresses: how to get one?Q: How does network get subnet part of IP

addr?A: gets allocated portion of its provider ISP’s

address space

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23

... ….. …. ….Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23


Hierarchical addressing: route aggregation

“Send me anythingwith addresses beginning 200.23.16.0/20”

200.23.16.0/23

200.23.18.0/23

200.23.30.0/23

Fly-By-Night-ISP

Organization 0

Organization 7Internet

Organization 1

ISPs-R-Us “Send me anythingwith addresses beginning 199.31.0.0/16”

200.23.20.0/23Organization 2

...

...

Hierarchical addressing allows efficient advertisement of routing information:


Hierarchical addressing: more specific routes

ISPs-R-Us has a more specific route to Organization 1

“Send me anythingwith addresses beginning 200.23.16.0/20”

200.23.16.0/23

200.23.18.0/23

200.23.30.0/23

Fly-By-Night-ISP

Organization 0

Organization 7Internet

Organization 1

ISPs-R-Us “Send me anythingwith addresses beginning 199.31.0.0/16or 200.23.18.0/23”

200.23.20.0/23Organization 2

...

...


IP addressing: the last word...

Q: How does an ISP get block of addresses?A: ICANN: Internet Corporation for Assigned

Names and Numbersallocates addressesmanages DNSassigns domain names, resolves disputes


NAT: Network Address Translation

10.0.0.1

10.0.0.2

10.0.0.3

10.0.0.4

138.76.29.7

local network(e.g., home network)

10.0.0/24

rest ofInternet

Datagrams with source or destination in this networkhave 10.0.0/24 address for source, destination (as usual)

All datagrams leaving localnetwork have same single source

NAT IP address: 138.76.29.7,different source port numbers



Motivation: local network uses just one IP address as far as outside word is concerned:

no need to be allocated range of addresses from ISP: - just one IP address is used for all devicescan change addresses of devices in local network without notifying outside worldcan change ISP without changing addresses of devices in local networkdevices inside local net not explicitly addressable, visible by outside world (a security plus).


NAT: Network Address TranslationImplementation: NAT router must:

outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #). . . remote clients/servers will respond using (NAT

IP address, new port #) as destination addr.

remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair

incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table



10.0.0.1

10.0.0.2

10.0.0.3

S: 10.0.0.1, 3345D: 128.119.40.186, 80

110.0.0.4

138.76.29.7

1: host 10.0.0.1 sends datagram to 128.119.40, 80

NAT translation tableWAN side addr LAN side addr138.76.29.7, 5001 10.0.0.1, 3345…… ……

S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4

S: 138.76.29.7, 5001D: 128.119.40.186, 802

2: NAT routerchanges datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,updates table

S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3

3: Reply arrivesdest. address:138.76.29.7, 5001

4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345



16-bit port-number field: 60,000 simultaneous connections with a single LAN-side address!

NAT is controversial:routers should only process up to layer 3violates end-to-end argument

• NAT possibility must be taken into account by app designers, eg, P2P applications

address shortage should instead be solved by IPv6


ICMP: Internet Control Message Protocol

used by hosts & routers to communicate network-level information

error reporting: unreachable host, network, port, protocolecho request/reply (used by ping)

network-layer “above” IP:ICMP msgs carried in IP datagrams

ICMP message: type, code plus first 8 bytes of IP datagram causing error

Type Code description0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachable3 2 dest protocol unreachable3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion

control - not used)8 0 echo request (ping)9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP header


Traceroute and ICMP

Source sends series of UDP segments to dest

First has TTL =1Second has TTL=2, etc.Unlikely port number

When nth datagram arrives to nth router:

Router discards datagramAnd sends to source an ICMP message (type 11, code 0)Message includes name of router& IP address

When ICMP message arrives, source calculates RTTTraceroute does this 3 times

Stopping criterionUDP segment eventually arrives at destination hostDestination returns ICMP “host unreachable” packet (type 3, code 3)When source gets this ICMP, stops.


IPv6Student Contribution

Aufgabe:• Erklären Sie die Neuerungen und Änderungen, welche

IPv6 gegenüber IPv4 aufweist.• Erklären Sie, wie IPv4 auf IPv6 migriert wird und wie ein

gemischter Betrieb aussieht.Unterlagen:

• Buch• Internet

Umfang:• 1 Lektion


Network Layer: summaryWhat we’ve covered:

network layer servicesrouting principles: link state and distance vectorhierarchical routingIPInternet routing protocols RIP, OSPF, BGPwhat’s inside a router?IPv6


Chapter 6: Wireless NetworksBackground:

# wireless (mobile) phone subscribers now exceeds # wired phone subscribers!computer nets: laptops, palmtops, PDAs, Internet-enabled phone promise anytime untethered Internet accesstwo important (but different) challenges

communication over wireless linkhandling mobile user who changes point of attachment to network


Chapter 6 outline

6.1 Introduction

Wireless6.2 Wireless links, characteristics

CDMA6.3 IEEE 802.11 wireless LANs (“wi-fi”)


Elements of a wireless network

network infrastructure

wireless hostslaptop, PDA, IP phonerun applicationsmay be stationary (non-mobile) or mobile

wireless does notalways mean mobility




base stationtypically connected to wired networkrelay - responsible for sending packets between wired network and wireless host(s) in its “area”

e.g., cell towers 802.11 access points




wireless linktypically used to connect mobile(s) to base stationalso used as backbone link multiple access protocol coordinates link access various data rates, transmission distance


Characteristics of selected wireless link standards

384 Kbps

56 Kbps

54 Mbps

5-11 Mbps

1 Mbps802.15

802.11b802.11{a,g}

IS-95 CDMA, GSM

UMTS/WCDMA, CDMA2000

.11 p-to-p link

2G

3G

Indoor

10 – 30m

Outdoor

50 – 200m

Mid rangeoutdoor

200m – 4Km

Long rangeoutdoor

5Km – 20Km




infrastructure modebase station connects mobiles into wired networkhandoff: mobile changes base station providing connection into wired network


Elements of a wireless networkAd hoc mode

no base stationsnodes can only transmit to other nodes within link coveragenodes organize themselves into a network: route among themselves


Wireless Link CharacteristicsDifferences from wired link ….

decreased signal strength: radio signal attenuates as it propagates through matter (path loss)interference from other sources: standardized wireless network frequencies (e.g., 2.4 GHz) shared by other devices (e.g., phone); devices (motors) interfere as wellmultipath propagation: radio signal reflects off objects ground, arriving ad destination at slightly different times

…. make communication across (even a point to point) wireless link much more “difficult”


Wireless network characteristicsMultiple wireless senders and receivers create

additional problems (beyond multiple access):

AB

C

Hidden terminal problemB, A hear each otherB, C hear each otherA, C can not hear each other

means A, C unaware of their interference at B

A B C

A’s signalstrength

space

C�

3rd Edition: Chapter 1kth/ns.pdf · Networks and Security 2 Table of Contents Student Contributions...

Documents

Transcript of 3rd Edition: Chapter 1kth/ns.pdf · Networks and Security 2 Table of Contents Student Contributions...