Lecture #2 - Electrical and Computer Engineering
Download
Report
Transcript Lecture #2 - Electrical and Computer Engineering
Lec 2: Internet Connectivity:
Packet Switching
ECE5650
Taxonomy
1-1
Recap: Internet Physical Structure
Residential access
Modem
DSL
Cable modem
Wireless
ISP
Backbone ISP
ISP
The Internet is a network of
Campus access
Ethernet
FDDI
Wireless
networks
Each individually administrated
network is called an Autonomous
System (AS)
We can roughly divide the networks
into access networks and transit
networks
Taxonomy
1-2
Recap: Layered protocol stack
application: supporting network
applications
FTP, SMTP, HTTP
transport: process-process data
transfer
TCP, UDP
network: host-host data transfer
IP
link: data transfer between
neighboring network elements
application
transport
network
link
physical
PPP, Ethernet
physical: bits “on the wire”
Taxonomy
1-3
Recap: Histroy
60’s: packet switching theory, ARPNET
ARPANET was an attempt to investigate the feasibility
of packet switching
• ARPANET was built on top of telephone networks
70’s: internetworking, Ethernet
80’s: applications: email, ftp, telnet, etc
90’s: web killer appl and commercialization
totally distributed, autonomous systems roughly
hierarchical where ISPs interconnect at PoP and NAP
Today: As important as utility services
backbone speed: about 10 Gbps
number of hosts: about 400 millions
Taxonomy
1-4
Outline
Network Taxonomy
Broadcast vs Switched Networks
Circuit Switched vs packet switched
Switched Network Performance
Delay, Lose, Throughtput
Security
Taxonomy
1-5
The Network Core
mesh of interconnected
routers
the fundamental
question: how is data
transferred through net?
circuit switching:
dedicated circuit per
call: telephone net
packet-switching: data
sent thru net in
discrete “chunks”
Taxonomy
1-6
Network Core: Circuit Switching
End-end resources
reserved for “call”
link bandwidth and
switch capacity predetermined
dedicated resources
with no sharing of
bandwidth
guaranteed
performance
call setup required
Taxonomy
1-7
Network Core: Circuit Switching
network resources
(e.g., bandwidth)
divided into “pieces”
pieces allocated to calls
resource piece
idle if
dividing link bandwidth
into “pieces”
frequency division
time division
not used by owning call
(no sharing)
Taxonomy
1-8
Circuit Switching: FDM and TDM
Note: Circuit is analogous to connection
Example:
Frequency Domain Mux (FDM)
4 users/slots
bandwidth/
frequency
of the link
time
Time Domain Mux (TDM)
Transmission rate of single circuit = frame rate in frames/sec * #bits in a slot
bandwidth/
frequency
of the link
Slot
time
4 slots/frame
Taxonomy
1-9
Circuit Switching in MultiHop Route
processing delay at Node 1
circuit
establishment
data
transmission
propagation delay
from A to Node 1
propagation delay
from B To A
DATA
circuit
termination
Taxonomy
1-10
Network Core: Packet Switching
each end-end data stream
divided into packets
user A, B packets share
network resources
each packet uses full link
bandwidth
resources used as needed
Bandwidth division into “pieces”
Dedicated allocation
Resource reservation
resource contention:
flow-control needed as
aggregate resource
demand can exceed
amount available
congestion control
needed as packets
queued and wait for
link use
store and forward:
packets move one hop
at a time
Taxonomy
1-11
Packet Switching: Statistical Multiplexing
10 Mb/s
Ethernet
A
B
statistical multiplexing
C
1.5 Mb/s
queue of packets
waiting for output
link
D
E
Sequence of A & B packets does not have fixed pattern,
on demand sharing of resources (statistical
multiplexing).
Header
Data
Trailer
Taxonomy
1-12
Packet Switching
Host C
Host D
Host A
Node 1
Node 2
Node 3
Node 5
Host B
Node 6
Node 7
Host E
Node 4
Taxonomy
1-13
Timing Diagram of Packet Switching
transmission
time of Packet 1
at Host A
Packet 1
propagation
delay from
Host A to
router 1
Packet 2
Packet 1
processing
and
queueing
delay of
Packet 1 at
router 2
Packet 3
Packet 2
Packet 3
Packet 1
Packet 2
Packet 3
Taxonomy
1-14
Packet switching vs Circuit Switching: An
Example
Packet switching allows more users to use network!
Problem: 1 Mbps link and each user needs 100
kbps when “active” and is active 10% of time.
circuit-switching FDM:
Max #users = (1,000,000 b/s)/(100,000 b/s) = 10
packet switching:
Min #users = 10
Max is > 10 due to the probability that users are
inactive 90% of time
N users
1 Mbps link
Taxonomy
1-15
Packet Switching vs Circuit Switching
Is packet switching a “slam dunk winner?”
Great for bursty data
resource sharing
simpler, no call setup
Excessive congestion: packet delay and loss
protocols needed for reliable data transfer,
congestion control
Q: How to provide circuit-like behavior?
bandwidth guarantees needed for audio/video apps
still an unsolved problem
Taxonomy
1-16
Packet-switched Networks: Forwarding
L
Goal: move packets through routers from source to dest
(1) Packet-switched datagram network:
destination address in packet determines next hop
Entire packet must arrive at router before it can be transmitted
on next link
routes may change during session
analogy: driving, asking directions
(2) Packet-switched virtual circuit network:
each packet carries tag (VC ID), tag determines next hop
fixed path determined at call setup time, remains fixed thru call
routers maintain per-call state
Taxonomy
1-17
Virtual-Circuit Switching
Three phases
VC establishment
Data transfer
VC disconnect
Host C
Host D
Host A
Node 1
Node 2
Node 3
Node 5
Host B
Node 6
Node 7
Host E
Node 4
Taxonomy
1-18
Virtual-Circuit Packet Switching
Example: Asynchornous Transfer Mode (ATM)
networks; Multiple Label Packet Switching (MPLS) in
IP networks
Hybrid of circuit switching and datagram switching
each packet carries a short
tag (virtual-circuit (VC) #);
tag determines next hop
fixed path determined at
Virtual Circuit setup time,
remains fixed thru flow
routers maintain per-flow
state
Incoming
Interface
Incoming
VC#
Outgoing
Interface
Outgoing
VC#
1
12
2
22
1
16
3
1
2
12
3
22
…
• what state do routers
maintain for datagram switching?
Taxonomy
1-19
Timing Diagram of Virtual-Circuit Switching
Host 1
Node 1
Host 2
Node 2
propagation delay
between Host 1
and Node 1
VC
establishment
Packet 1
Packet 2
Packet 1
data
transfer
Packet 3
Packet 2
Packet 3
Packet 1
Packet 2
Packet 3
VC
termination
Taxonomy
1-20
Datagram Switching vs. Virtual Circuit
Switching
What are the benefits of datagram
switching over virtual circuit switching?
What are the benefits of virtual circuit
switching over datagram switching?
Taxonomy
1-21
Network Taxonomy
comm
networks
switched
networks
broadcast
networks
Broadcast networks
Nodes share a common channel; information transmitted
by a node is received by all other nodes in the network
Examples: TV, radio
Switched networks
Information is transmitted to a small sub-set (usually
only one) of the nodes
Taxonomy
1-22
Switched Network
Switched
networks
Circuit-switched
networks
FDM
TDM
Packet-switched
networks
Networks
with VCs
(X.25,Frame relay, ATM)
Datagram
Networks
(Internet)
Course Subject
Taxonomy
1-23
Outline
Network Taxonomy
Broadcast vs Switched Networks
Circuit Switched vs packet switched
Switched Network Performance
Delay:
Loss
Throughput
Security
Taxonomy
1-24
Delay Calculation in Circuit Switched Networks
Time
Propagation delay: delay for the first
d/s
bit to go from a source to a destination
Transmission delay: time to pump
DATA
L/R
data onto link at reserved rate
Propagation delay:
d = length of physical link
s = propagation speed in
medium (~2x105 km/sec)
propagation delay = d/s
Transmission delay:
R = reserved bandwidth
(bps)
L = packet length (bits)
time to send a packet
into link = L/R Taxonomy 1-25
An Example
Propagation delay
suppose the distance between A and B is 4000 km, then
one-way propagation delay is:
4000 km
200, 000 km/ s
20ms
Transmission delay
suppose we reserve a one slot GSM channel
• a GSM frame can transmit about 115 kbps
• A GSM frame is divided into 8 slots
• each reserved one slot GSM has a bandwidth of about 14 Kbps
(=115/8)
then the transmission delay of a packet of 1 Kbits is
1kbits
14 kbps
70ms
Taxonomy
1-26
An Example (cont.)
Suppose the setup message is very small, and the total setup
processing delay is 200 ms
Then the delay to transfer a packet of 1 Kbits from A to B
(from the beginning until host receives last bit of the file) is:
20 200 20 20 70 310 ms
Host B
Host A
20 + 200
20
20
DATA
time
70
Taxonomy
1-27
Another example
How long does it take to send a file of 640,000
bits (1 byte=8bits) from host A to host B over a
circuit-switched network?
All links are 1.536 Mbps (Mega Bits Per Second)
Each link uses TDM with 24 slots/sec
500 msec to establish end-to-end circuit (setup time
including propagation delay)
Single circuit speed
File transmission time
= 1.536 Mbps / 24 = 64kbps
= 500 msec + file size/speed
= 0.5 sec + 640,000 bits / 64 kbps
= 10.5 sec
Taxonomy
1-28
How do loss and delay occur in
packet switching?
packets queue in router buffers
packet arrival rate to link exceeds output link capacity
packets queue, wait for turn
packet being transmitted (delay)
A
B
packets queueing (delay)
free (available) buffers: arriving packets
dropped (loss) if no free buffers
Taxonomy
1-29
Four sources of packet delay
1. Processing delay at
router:
2. Queueing delay at
router
check bit errors
determine output link
time waiting at output
link for transmission
depends on congestion
level of router
transmission
A
propagation
B
nodal
processing
queueing
Taxonomy
1-30
Delay in packet-switched networks
3. Transmission delay of
link:
R=link bandwidth (bps)
L=packet length (bits)
time to send bits into
link = L/R
4. Propagation delay of
medium:
d = length of physical link
s = propagation speed in
medium (~2x108 m/sec)
propagation delay = d/s
Note: s and R are very
different quantities!
transmission
A
propagation
B
nodal
processing
queueing
Taxonomy
1-31
Total Delay in Datagram Networks
Host 1
transmission
time of Packet 1
at Host 1
Node 1
Node 2
propagation
delay between
Host 1 and
Node 2
Packet 1
Packet 2
Host 2
nodal
processing
and queueing
delay of
Packet 1 at
Node 2
Packet 1
Packet 3
Packet 2
Packet 3
Packet 1
Packet 2
Packet 3
Taxonomy
1-32
Total End-End Delay
homogeneous links
dend-end N (dnodal ) N (dproc dqueue dtrans dprop )
N
= #links between source and destination = #routers + 1
dproc
= processing delay at router (task 1)
typically a few microsecs or less
dqueue = queuing delay at router (task 2)
depends on congestion (neglect if light traffic)
dtrans = transmission delay for router to put data on medium (task 3)
= L/R, significant for low-speed links
dprop
= propagation delay at medium (task 4)
a few microsecs to hundreds of msecs
N q
q
q
d
d proc dqueue
dtrans
d qprop heterogeneous links
end end q 1
Taxonomy
1-33
“Real” Internet delays and routes
What do “real” Internet delay & loss look like?
Traceroute program (in Unix) or Tracert (MS-
DOS): provides delay measurement from source to
router along end-end Internet path towards
destination. For all i:
sends three packets that will reach router i on path
towards destination
router i will return packets to sender
sender times interval between transmission and reply.
3 probes
3 probes
3 probes
Taxonomy
1-38
“Real” Internet delays and routes
traceroute: jis.mit.edu to wayne state
3 delay measures
1 W92-RTR-1-W92SRV21.MIT.EDU (18.7.21.1) 0.435 ms 0.367 ms 0.249 ms
2 EXTERNAL-RTR-1-BACKBONE.MIT.EDU (18.168.0.18) 0.815 ms 0.704 ms 0.539 ms
3 EXTERNAL-RTR-2-BACKBONE.MIT.EDU (18.168.0.27) 20.266 ms 0.667 ms 0.561 ms
4 nox230gw1-Vl-526-NoX-MIT.nox.org (192.5.89.89) 0.659 ms 5.859 ms 0.587 ms
5 nox230gw1-PEER-NoX-NOX-192-5-89-10.nox.org (192.5.89.10) 5.844 ms 5.829 ms 5.796 ms
6 chinng-nycmng.abilene.ucaid.edu (198.32.8.82) 35.703 ms 33.674 ms 32.154 ms
7 mren-chin-ge.abilene.ucaid.edu (198.32.11.98) 29.647 ms 33.975 ms 36.040 ms
8 ge-1-3-0x189.aa1.mich.net (192.122.182.17) 31.860 ms 31.891 ms 31.874 ms
9 v27.wsu3.mich.net (198.108.23.133) 33.405 ms 33.480 ms 33.508 ms
10 141.217.154.98 (141.217.154.98) 34.833 ms 33.710 ms 33.698 ms
11 * * *
12 * * *
Taxonomy
1-39
“Real” Internet delays and routes
tracert www.yahoo.com
Tracing route to www.yahoo.akadns.net [216.109.118.67]
over a maximum of 30 hops:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
1 ms
11 ms
7 ms
7 ms
12 ms
13 ms
12 ms
13 ms
31 ms
36 ms
37 ms
36 ms
35 ms
36 ms
3 delay (end-end)
measurements for each of
the 3 msgs
1 ms
1 ms 192.168.0.1
9 ms
8 ms 64.230.197.241
7 ms
7 ms 64.230.235.85
7 ms
7 ms 64.230.235.97
12 ms 12 ms rtp627197rts [64.230.220.254]
13 ms 12 ms 64.230.242.205
12 ms 12 ms bx3-toronto12-pos5-0.in.bellnexxia.net [206.108.107.234]
13 ms 13 ms if-7-0.core1.TTT-Scarborough.teleglobe.net [209.58.25.69]
32 ms 31 ms if-3-3.mcore3.NJY-Newark.teleglobe.net [216.6.57.33]
36 ms 36 ms if-13-0.core1.AEQ-Ashburn.teleglobe.net [216.6.57.42]
36 ms 36 ms ix-14-2.core1.AEQ-Ashburn.teleglobe.net [63.243.149.110]
36 ms 36 ms vlan200-msr1.dcn.yahoo.com [216.115.96.161]
36 ms 36 ms ge3-1.bas2-m.dcn.yahoo.com [216.109.120.146]
36 ms 37 ms p4.www.dcn.yahoo.com [216.109.118.67]
Note: an * in one of the routers result means no response (probe lost, router did not
reply for at least one of the 3 msgs)
Trace complete.
It took 13 routers to get from my house to www.yahoo.com
Taxonomy
1-40
“Real” Internet delays and routes
Ping program: checks if a host is live or not and
provides RTT delay measurement from source to
destination along end-end Internet path.
sends n requests of size 32 bytes and calculates avg RTT
sender times interval between transmission and reply.
ping -n <number of requests to send> <hostname>
n probes
Taxonomy
1-41
“Real” Internet delays and routes
ping www.yahoo.com
Pinging www.yahoo.akadns.net [68.142.226.34] with 32 bytes of data:
Reply from 68.142.226.34: bytes=32 time=38ms TTL=51
Reply from 68.142.226.34: bytes=32 time=39ms TTL=51
Reply from 68.142.226.34: bytes=32 time=38ms TTL=51
Reply from 68.142.226.34: bytes=32 time=39ms TTL=51
Ping statistics for 68.142.226.34:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 39ms, Average = 38ms
RTTs
Taxonomy
1-42
Outline
Network Taxonomy
Broadcast vs Switched Networks
Circuit Switched vs packet switched
Switched Network Performance
Performance Metrics:
• Delay:
• Loss
• Throughput
Security
Taxonomy
1-43
Packet loss
queue (aka buffer) preceding link in buffer has
finite capacity
packet arriving to full queue dropped (aka lost)
lost packet may be retransmitted by previous
node, by source end system, or not at all
buffer
(waiting area)
A
B
packet being transmitted
packet arriving to
full buffer is lost
Taxonomy
1-44
Throughput
throughput: rate (bits/time unit) at which
bits transferred between sender/receiver
instantaneous: rate at given point in time
average: rate over long(er) period of time
link
capacity
that
can carry
server,
with
server
sends
bits pipe
Rs bits/sec
fluid
at rate
file of
F bits
(fluid)
into
pipe
Rs bits/sec)
to send to client
link that
capacity
pipe
can carry
Rfluid
c bits/sec
at rate
Rc bits/sec)
Taxonomy
1-45
Throughput (more)
Rs
< Rc What is average end-end throughput?
Rs bits/sec
Rs
Rc bits/sec
> Rc What is average end-end throughput?
Rs bits/sec
Rc bits/sec
bottleneck link
link on end-end path that constrains end-end throughput
Taxonomy
1-46
Throughput: Internet scenario
per-connection
end-end
throughput:
min(Rc,Rs,R/10)
in practice: Rc or
Rs is often
bottleneck
Rs
Rs
Rs
R
Rc
Rc
Rc
10 connections (fairly) share
backbone bottleneck link R bits/sec
Taxonomy
1-47
Outline
Network Taxonomy
Broadcast vs Switched Networks
Circuit Switched vs packet switched
Switched Network Performance
Performance Metrics:
• Delay:
• Loss
• Throughput
Security
Taxonomy
1-48
Network Security
attacks on Internet infrastructure:
infecting/attacking hosts: spyware, virus, worms, Trojan
Horse, unauthorized access, and malware in geneal
• Malware: sw designed to infiltrate or damage a computer system
w/o the owner’s informed consent [Wikipedia]; based on
intention of its creator, rather than any features
• In law, malware is defined as a computer contaminant
denial of service: deny access to resources (servers, link BW)
• Vulnerability attack; BW flooding; Connection flooding
Internet not originally designed with security in mind
original vision: “a group of mutually trusting users attached
to a transparent network”
Internet protocol designers playing “catch-up”
Security considerations in all layers!
Taxonomy
1-49
What can bad guys do: malware?
Spyware:
Worm:
infection by downloading
infection by passively
web page with spyware
receiving object that gets
itself executed
records keystrokes, web
sites visited, upload info
self- replicating: propagates
to collection site
to other hosts, users
Virus
infection by receiving
object (e.g., e-mail
attachment), actively
executing
self-replicating:
propagate itself to
other hosts, users
Sapphire Worm in 2003: aggregate scans/sec
in first 5 minutes of outbreak (CAIDA, UWisc data)
Double in every 8.5 sec
90% infected in 10 min
Taxonomy
1-50
Denial of service attacks
attackers make resources (server, bandwidth)
unavailable to legitimate traffic by overwhelming
resource with bogus traffic
1.
select target
2. break into hosts
around the network
(collectively, known as
botnet)
target
3. send packets toward
target from
compromised hosts
Taxonomy
1-51
Sniff, modify, delete your packets
Packet sniffing:
broadcast media (shared Ethernet, wireless)
promiscuous network interface reads/records all
packets (e.g., including passwords!) passing by
C
A
src:B dest:A
payload
B
Ethereal (Wireshark) software used for endof-chapter labs is a (free) packet-sniffer
Taxonomy
1-52
Masquerade as you
IP
spoofing: send packet with false source address
C
A
src:B dest:A
payload
B
Taxonomy
1-53
Masquerade as you
Man-in-the-middle attack
IP
spoofing: send packet with false source address
record-and-playback: sniff sensitive info (e.g.,
password), and use later
password holder is that user from system point of
view
A
C
src:B dest:A
user: B; password: foo
B
Taxonomy
1-54
Masquerade as you
IP
spoofing: send packet with false source address
record-and-playback: sniff sensitive info (e.g.,
password), and use later
password holder is that user from system point of
view
later …..
A
C
src:B dest:A
user: B; password: foo
B
Taxonomy
1-55
Summary
Network Taxonomy
Broadcast
Circuit Switch
Packet switch
Virtual circuit switch
Switched Network Performance
Delay, packet loss, throughput
Security
Taxonomy
1-56