Transcript networking and internetworking

Networking and
Internetworking
Chapter 3
4/11/2007
COMP4704, H. Lee
1
Roadmap
•
•
•
•
•
4/11/2007
Terminology and networking issues
Types of network
Network principles
Internet protocols
Case studies: Ethernet, wireless LAN
and ATM
COMP4704, H. Lee
2
Roadmap
•
•
•
•
•
4/11/2007
Terminology and networking issues
Types of network
Network principles
Internet protocols
Case studies: Ethernet, wireless LAN
and ATM
COMP4704, H. Lee
3
Basic Terminology
• Communication subsystem
• Hosts (purposeful) vs. nodes (devices)
• Routing: delivering data from one part of
the (wide area) network to another
• Subnet: unit of routing (cf. the Internet
being constructed from many subnets)
4/11/2007
COMP4704, H. Lee
4
Networking Issues for Distr. Systems (1)
• Performance
– Latency (caused by software overhead, routing
delays, conflicting demands for access to
transmission channels)
– Data transfer rate (unit: bits/sec, caused by
mainly physical characteristics)
– time required for a network to transfer a message
with length bits between two computers is:
message transmission time = latency + length/data transfer rate
4/11/2007
COMP4704, H. Lee
5
Networking Issues for Distr. Systems (2)
• Performance (cont.)
– Total system bandwidth (measure of throughput):
total volume of traffic that can be transferred across
the network in a given time (cf. network flow
algorithm) – in local area network vs. in wide area
network
• Scalability
– The ability to grow
– The impact of traffic on performance can be gauged
from common latencies (world wide wait?)
4/11/2007
COMP4704, H. Lee
6
Networking Issues for Distr. Systems (3)
• Reliability
– Possible errors are usually due to software errors (e.g.,
receiving computer unable to accept a packet, buffer
overflow, etc.)
• Security
– Firewall: protection boundary between the organization’s
intranet & the rest of the Internet.
– Purpose: to protect the resources inside the organization
from access by external users, to control the access.
– Runs on a gateway (entry point to an intranet).
– Cryptographic techniques are needed (Ch. 7).
4/11/2007
COMP4704, H. Lee
7
Networking Issues for Distr. Systems (4)
• Mobility
– More and more in demand
• Quality of service
– The ability to meet deadlines when transmitting &
processing streams of real-time multimedia data (require
guaranteed bandwidth & bounded latency)
• Multicasting
– One-to-many communication (simultaneous transmission
of messages to several recipients)
– Simulated one-to-one is not good (fault-tolerance reason)
4/11/2007
COMP4704, H. Lee
8
Roadmap
•
•
•
•
•
4/11/2007
Terminology and networking issues
Types of network
Network principles
Internet protocols
Case studies: Ethernet, wireless LAN
and ATM
COMP4704, H. Lee
9
Types of Network (1)
• Local area networks (LANs)
– Technologies: Ethernet, token rings, etc.
– Bandwidth (b/w): gigabits/sec
• Wide area networks (WANs)
– Routing is needed – routers, routing algorithms
– B/w: varies from 1-2Mbps (~ 10-100Kbps)
4/11/2007
COMP4704, H. Lee
10
Types of Network (2)
• Metropolitan area networks (MANs)
–
–
–
–
–
4/11/2007
High b/w copper & fiber optic cables
Up to 50 km
Technologies: from Ethernet to ATM
IEEE 802.6 protocol, 1994
E.g. DSL (Digital subscriber line), cable
modem connections
COMP4704, H. Lee
11
Types of Network (3)
• Wireless networks
– IEEE 802.11 (WaveLAN): 2-11Mbps over 150m
– Wireless local area networks (WLANs)
– Wireless personal area networks (WPANs)
• E.g. infra-red links in palmtop & laptop computers,
BlueTooth low-power radio network technology (12Mbps over 10m)
• Internetworks
– The Internet
– TCP/IP protocols
4/11/2007
COMP4704, H. Lee
12
Types of Network (4)
Example
Range
Bandwidth Latency
(Mbps)
(ms)
LAN
Ethernet
1-2 kms
10-1000
WAN
IP routing
worldwide
0.010-600 100-500
MAN
ATM
250 kms
1-150
10
Internetwork
Internet
worldwide
0.5-600
100-500
WPAN
Bluetooth (802.15.1)
10 - 30m
0.5-2
5-20
WLAN
WiFi (IEEE 802.11)
0.15-1.5 km 2-54
5-20
WMAN
WiMAX (802.16)
550 km
1.5-20
5-20
WWAN
GSM, 3G phone nets
worldwide
0.01-02
100-500
Wired:
1-10
Wireless:
4/11/2007
COMP4704, H. Lee
13
Roadmap
•
•
•
•
•
4/11/2007
Terminology and networking issues
Types of network
Network principles
Internet protocols
Case studies: Ethernet, wireless LAN
and ATM
COMP4704, H. Lee
14
Network Principles (1)
• Packet transmission
– Message: logical unit of information. Sequence
of data items of arbitrary length.
– Packet: subdivisions of a message. Sequence of
binary data of restricted length ( regulated,
predictable). Carry information of source &
destination computers.
• Data streaming
– Multimedia data streams
4/11/2007
COMP4704, H. Lee
15
Network Principles (2)
• Switching schemes
– Broadcast: involves no switching. LAN
technologies (Ethernet), wireless networking.
– Circuit switching: telephone networks
– Packet switching: store-&-forward network.
Postal system.
– Frame relay (small packets): brings advantages
of circuit switching to packet switching networks.
ATM networks.
4/11/2007
COMP4704, H. Lee
16
Network Principles (3)
• Protocols
– Well-known set of rules
– Communication protocol
• Spec. of the seq. of messages that must be exchanged
• Spec. of the format of the data in the messages
Message sent
Message received
Layer n
Layer 2
Layer 1
Sender
4/11/2007
Communication medium
COMP4704, H. Lee
Recipient
17
Network Principles (4)
Applic ation-layer mess age
Pres entation header
Ses si on header
T rans port header
Network header
Encapsulation as it is applied in layered protocols
4/11/2007
COMP4704, H. Lee
18
Network Principles (5)
Mes sage received
Mes sage s ent
Layers
Applic ation
Pres entation
Ses si on
T rans port
Network
Data l ink
Physic al
Sender
Communic ati on
medium
Rec ipient
Protocol layers in the ISO Open Systems Interconnection (OSI) model
4/11/2007
COMP4704, H. Lee
19
OSI protocol summary
Layer
Description
Examples
Application
Protocols that are designed to meet the communication requirements of
specific applications, often defining the interface to a service.
Presentation
Protocols at this level transmit data in a network representation that is
independent of the representations used in individual computers, which may
differ. Encryption is also performed in this layer, if required.
At this level reliability and adaptation are performed, such as detection of
failures and automatic recovery.
This is the lowest level at which messages (rather than packets) are handled.
Messages are addressed to communication ports attached to processes,
Protocols in this layer may be connection-oriented or connectionless.
Transfers data packets between computers in a specific network. In a WAN
or an internetwork this involves the generation of a route passing through
routers. In a single LAN no routing is required.
Responsible for transmission of packets between nodes that are directly
connected by a physical link. In a WAN transmission is between pairs of
routers or between routers and hosts. In a LAN it is between any pair of hosts.
The circuits and hardware that drive the network. It transmits sequences of
binary data by analogue signalling, using amplitude or frequency modulation
of electrical signals (on cable circuits), light signals (on fibre optic circuits)
or other electromagnetic signals (on radio and microwave circuits).
HTTP, FTP , SMTP,
CORBA IIOP
Secure Sockets
(SSL),CORBA Data
Rep.
Session
Transport
Network
Data link
Physical
4/11/2007
COMP4704, H. Lee
TCP, UDP
IP, ATM virtual
circuits
Ethernet MAC,
ATM cell transfer,
PPP
Ethernet base-band
signalling, ISDN
20
Internetwork layers
Mes sage
Layers
Applic ation
Internetwork
protoc ols
T rans port
Internetwork
Internetwork pac kets
Network interface
Network-spec ifi c pac kets
Underlying
network
protoc ols
Underlying network
4/11/2007
COMP4704, H. Lee
21
Network Principles (6)
• Packet delivery
– Datagram packet delivery
• A seq. of packets may follow different routers
• The Internet’s network layer (IP)
• Ethernet and most local network technologies
– Virtual circuit packet delivery
• A virtual circuit must be set up before packets can be delivered.
• Virtual circuit number instead of source & destination addresses in
each packet
• ATM
• Benefits from lower latencies
• Relation with the Internet transport protocols: UDP (connectionless)
& TCP (connection-oriented). Each can be implemented over either
type of network layer.
4/11/2007
COMP4704, H. Lee
22
Network Principles (7)
• Routing
– Adaptive routing: find the best route taking into
account the current traffic in the network and any
faults (broken connections or routers).
– Routing algorithm
1. Make decisions to determine the route taken by each
packet.
2. Dynamically update its knowledge of the network (linkstate algorithms): Routing Information Protocol (RIP)
– Routing in network = finding paths in graphs
– “Bellman-Ford” protocol: distance-vector algorithm
4/11/2007
COMP4704, H. Lee
23
Routing in a wide area network
A
Hosts
or local
networks
1
B
2
3
Links
4
C
5
D
6
E
Routers
4/11/2007
COMP4704, H. Lee
24
Routing tables for the network in the previous slide
Routings from A
To
Link
Cost
A
local
0
B
1
1
C
1
2
D
3
1
E
1
2
Routings from B
To
Link
Cost
A
1
1
B
local
0
C
2
1
D
1
2
E
4
1
Routings from D
To
Link
Cost
A
3
1
B
3
2
C
6
2
D
local
0
E
6
1
4/11/2007
Routings from C
To
Link
Cost
A
2
2
B
2
1
C
local
0
D
5
2
E
5
1
Routings from E
To
Link
Cost
A
4
2
B
4
1
C
5
1
D
6
1
E
local
0
COMP4704, H. Lee
25
Pseudo-code for RIP routing algorithm
Send: Each t seconds or when Tl changes, send Tl on each non-faulty outgoing link.
Receive: Whenever a routing table Tr is received on link n:
for all rows Rr in Tr {
if (Rr.link != n) {
Rr.cost = Rr.cost + 1;
Rr.link = n;
if (Rr.destination is not in Tl) add Rr to Tl;// add new destination to Tl
else for all rows Rl in Tl {
if (Rr.destination = Rl.destination and
(Rr.cost < Rl.cost or Rl.link = n)) Rl = Rr;
// Rr.cost < Rl.cost : remote node has better route
// Rl.link = n : remote node is more authoritative (closer)
}
}
}
4/11/2007
COMP4704, H. Lee
26
RIP routing algorithm (cont.)
• Frequency t: stabilizing purpose (e.g., if some RIP
packets are lost). For the Internet: t = 30 sec.
• Broken link: set cost to infinity for all entries in the
Tl that refer to the faulty link and perform Send
action.
• RIP-1 (RFC 1058): improved version of RIP
– Costs can be based on actual b/w of the links.
– Algorithm can be modified to increase its speed of
convergence and to avoid some undesirable intermediate
states, such as loops.
4/11/2007
COMP4704, H. Lee
27
Network Principles (8)
• Congestion control
– Network congested – drop packets
– ~80% of its capacity – the total throughput tends
to drop as a result of packet losses
• Internetworking
– Tunnelling: protocol tunnel – software layer that
transmits packets through an alien network
environment
– E.g. IPv6 encapsulated in IPv4 packets, Mobile
IP, IP multicast protocol, etc.
4/11/2007
COMP4704, H. Lee
28
Tunnelling for IPv6 migration
IPv6 encapsulated in IPv4 packets
IPv4 network
A
IPv6
IPv6
B
Encapsulators
4/11/2007
COMP4704, H. Lee
29
Roadmap
•
•
•
•
•
4/11/2007
Terminology and networking issues
Types of network
Network principles
Internet protocols
Case studies: Ethernet, wireless LAN
and ATM
COMP4704, H. Lee
30
Internet Protocols
• Internet
– ARPANET: the first large-scale computer
network (early ’70s)
– TCP/IP (Transmission Control Protocol/Internet
Protocol)
– Currently more than 60 million hosts
– Applications: Web (HTTP), email (SMTP, POP),
netnews (NNTP), file transfer (FTP), telnet
•
4/11/2007
TLS (Transport Layer Security) on top of TCP to
produce secure channels (e.g. for secure HTTP)
COMP4704, H. Lee
31
TCP/IP layers
Message
Layers
Application
Messages (UDP) or Streams (TCP)
Transport
UDP or TCP packets
Internet
IP datagrams
Network interface
Network-specific frames
Underlying network
4/11/2007
COMP4704, H. Lee
32
Encapsulation in a message transmitted via TCP
over an Ethernet
Application message
TCP header
port
IP header TCP
Ethernet header IP
Ethernet frame
4/11/2007
COMP4704, H. Lee
33
The programmer's conceptual view of a TCP/IP Internet
(Universality of IP packets)
Applic ation
Applic ation
T CP
UDP
IP
4/11/2007
COMP4704, H. Lee
34
IP Addressing
Figure 3.15: Internet address structure, showing field sizes in bits
7
Clas s A:
Clas s B:
0
24
Network ID
1 0
Hos t ID
14
16
Network ID
Hos t ID
21
Clas s C:
1 1 0
8
Network ID
Hos t ID
28
Clas s D (mul tic as t):
1 1 1 0
Multic as t address
27
Clas s E (reserved):
4/11/2007
1 1 1 1 0
unused
COMP4704, H. Lee
35
Figure 3.16: Decimal representation of Internet addresses
(network identifiers allocated by Internet Network Information Center)
octet 1
octet 2
Network ID
Class A:
1 to 127
octet 3
Host ID
0 to 255
0 to 255
1.0.0.0 to
127.255.255.255
0 to 255
0 to 255
128.0.0.0 to
191.255.255.255
0 to 255
Host ID
1 to 254
0 to 255
Network ID
Class B:
Class C:
Range of addresses
Host ID
128 to 191
0 to 255
192 to 223
Network ID
0 to 255
192.0.0.0 to
223.255.255.255
Multicast address
Class D (multicast):
224 to 239
0 to 255
0 to 255
1 to 254
224.0.0.0 to
239.255.255.255
Class E (reserved):
240 to 255
0 to 255
0 to 255
1 to 254
240.0.0.0 to
255.255.255.255
4/11/2007
COMP4704, H. Lee
36
The IP Protocol (1)
• “Unreliable (best-effort)” delivery semantics: no
guarantee of delivery; only header checksum
(detecting corruptions in the addressing & packet
management data), no data checksum (leaving it to
the higher-level protocols – TCP & UDP; “end-toend” argument)
• Address resolution by Address Resolution Protocol
• IP Spoofing: malicious sender substitutes address
(source address) that is different from its own
4/11/2007
COMP4704, H. Lee
37
The IP Protocol (2)
• DDoS attacks
(Example: February 2000) Issue many ping
(checking the availability of a host) service requests
to a large # of computers at several sites. These
malicious ping requests all contained the IP address
of a target computer in their sender address field.
The ping responses were therefore all directed to
the target -> input buffer overflow -> preventing
legitimate IP packets from getting serviced.
4/11/2007
COMP4704, H. Lee
38
DDoS Attack
A malicious attacker subverts a number
of machines, known as zombies
4/11/2007
COMP4704, H. Lee
39
DDoS Attack Example
SMURF Attack: Exhausting Resources
broadcast
ping spoofed
from x.y.z.w
BOB
EVE
x.y.z.w
4/11/2007
COMP4704, H. Lee
40
The IP Routing (1)
• Backbones: topological map is partitioned
conceptually into two parts
1. Autonomous systems (AS)
2. Areas (subdivisions)
• Every AS in the topological map has a backbone area
• Routing protocols
1. RIP-1 (distance-vector algorithm)
2. RIP-2 (in the next slide)
3. Link-state algorithms (Open Shortest Path First):
based on Dijkstra’s algorithm 1959
4/11/2007
COMP4704, H. Lee
41
The IP Routing (2)
• RIP-2
1. Classless interdomain routing (CIDR)
2. Better multicast routing
3. Authentication of RIP packets to prevent attacks on the routers
• Solutions to overcome the infeasibility (every router
maintaining a full routing table w/ the route to every
destination in the Internet is infeasible):
1. Topological grouping of IP addresses (1993)
194.0.0.0 to 195.255.255.255
198.0.0.0 to 199.255.255.255
200.0.0.0 to 201.255.255.255
202.0.0.0 to 203.255.255.255
4/11/2007
Europe
North America
Central & South America
Asia & the Pacific
COMP4704, H. Lee
42
The IP Routing (3)
• Solutions to overcome the infeasibility (cont.)
2. Default route: specifies a route to be used for all IP packets
whose destination is not included in the routing table
(trading routing efficiency for table size).
Routings from C
(E.g.) From figures in slides
To
Link
Cost
24 & 25
B
2
C
local
E
5
Default 5
1
0
1
-
(Esp. useful when all outward messages must pass through a
single point.)
4/11/2007
COMP4704, H. Lee
43
The IP Routing (5)
• IPv6 (IETF 1994): to overcome the potential problem
of IPv4 w/ 32-bit addresses
•
Fig 3.17: IP packet layout
header
IP address of s ource
IP address of des tinati on
data
up to 64 kil obytes
•
Fig 3.19: IPv6 header layout
Version (4 bits)
Traffic class (8 bits)
Payload length (16 bits)
Flow label (20 bits)
Next header (8 bits)
Hop limit (8 bits)
Source address
(128 bits)
Destination address
(128 bits)
4/11/2007
COMP4704, H. Lee
44
The IP Routing (6)
• IPv6 (cont.)
•
•
Address space: 2128 (~ 3 x 1038)
1000 IP addresses/ m2 of the earth surface in the worst case
assignments of IP addresses [Huitema]
•
Anycast: delivers a packet to at least one of the hosts that
subscribes to the relevant address
Security: authentication & encrypted security payload
extension header types. IPSec specification (RFC 2411)
•
4/11/2007
COMP4704, H. Lee
45
Mobile IP (1)
• DHCP (Dynamic Host Configuration Protocol):
Enables a newly connected computer to acquire a
temporary IP address & the addresses of local
resources such as a DNS server from the local DHCP
server.
• Discovery services: discover what local services such
as printing, mail delivery, etc, are available.
• What if the service itself is moving around?
• Need MobileIP (cf. cellular phone network)
4/11/2007
COMP4704, H. Lee
46
Mobile IP (2)
The MobileIP routing mechanism
Sender
Address of FA
returned to sender
First IP packet
addressed to MH
Subsequent IP packets
tunnelled to FA
Mobile host MH
Internet
Foreign agent FA
Home
agent
4/11/2007
First IP packet
tunnelled to FA
COMP4704, H. Lee
47
TCP and UDP
• Use of ports: port number – for addressing messages to
processes within a computer. 16-bit integer.
• UDP (~ transport-level replica of IP): messages of up to
64 kbytes in size (the max. packet permitted by IP)
• TCP features:
• Sequencing (by sequence numbers)
• Flow control (by buffering and variable window size)
• Retransmission (by acknowledgement)
• Buffering (by incoming buffer at the receiver)
• Checksum (for error checking in data)
4/11/2007
COMP4704, H. Lee
48
Domain Names and Firewalls
• Domain name system (DNS)
• Firewalls security policy:
1.
Service control
2.
Behavior control
3.
User control
• Filtering operations
1.
IP packet filtering
2.
TCP gateway: checks all TCP connection requests
3.
Application-level gateway: acts as proxy for application process
4/11/2007
COMP4704, H. Lee
49
Firewall configurations
a) Filteri ng router
Protec ted i ntranet
Router/
fi lter
Internet
web/ftp
s erver
b) Filteri ng router and basti on
R/fil ter
Bas tion
Internet
web/ftp
s erver
c ) Screened subnet for bas tion
R/fil ter
Bas tion R/fil ter
Internet
web/ftp
s erver
4/11/2007
COMP4704, H. Lee
50
Roadmap
•
•
•
•
•
4/11/2007
Terminology and networking issues
Types of network
Network principles
Internet protocols
Case studies: Ethernet, wireless LAN
and ATM
COMP4704, H. Lee
51
IEEE 802 network standards
IEEE No. Name
Title
Reference
802.3
CSMA/CD Networks (Ethernet)
[IEEE 1985a]
802.4
Token Bus Networks
[IEEE 1985b]
802.5
Token Ring Networks
[IEEE 1985c]
802.6
Metropolitan Area Networks
[IEEE 1994]
Wireless Local Area Networks
[IEEE 1999]
Ethernet
802.11
WiFi
802.15.1
Bluetooth Wireless Personal Area Networks
[IEEE 2002]
802.15.4
ZigBee
Wireless Sensor Networks
[IEEE 2003]
802.16
WiMAX
Wireless Metropolitan Area Networks [IEEE 2004a]
4/11/2007
COMP4704, H. Lee
52
Ethernet (1)
• Developed at the Xerox Palo Alto Research Center
in 1973.
• Original prototype Ethernet ran at 3 Mbps; now
ranging from 10 Mbps to 1000 Mbps.
• Method of operation: carrier sensing multiple
access w/ collision detection (CSMA/CD) –
contention bus network
• Packet broadcasting: all stations are continuously
listening to the medium for packets that are
addressed to them. Packets (frames) are broadcast.
• Packets vary in length between 64 and 1518 (MTU
in the IEEE standard).
4/11/2007
COMP4704, H. Lee
53
Ethernet (2)
• Packet layout
bytes: 7
1
6
6
Preamble S Destination Source
address
address
2
Length
of data
46 ~ 1500
4
Data for transmission Checksum
– Prefix: used for h/w timing purposes
– S: start frame delimiter
– Checksum: packets w/ incorrect checksums are dropped
(by the datalink layer in the receiving station) – “end-toend argument”
4/11/2007
COMP4704, H. Lee
54
Ethernet (3)
• Packet collisions
– Collision detection
– Jamming signal (all stations recognize the collision)
– Back-off (wait random amount of time – bounded by
constant L – before retransmitting up to 10 attempts (each
time doubling L)
4/11/2007
COMP4704, H. Lee
55
IEEE 802.11 Wireless LAN
• Wireless LAN configuration
A
B
C
Laptops
radi o obs truc tion
Palmtop
D
E
Wireless
LAN
Bas e station/
acc es s point
Server
LAN
4/11/2007
COMP4704, H. Lee
56
Asynchronous Transfer Mode Networks (1)
• To carry a wide variety of data incl. multimedia data.
• Data-switching technology over telephone networks
(synchronous), synchronous optical network (SONET).
• Virtual connection – b/w and latency guarantees
• Low latency – switching delay ~25 microseconds
• Gigabits per second are attainable in pure ATM
networks.
• ATM cell layout
Header: 5 bytes
Virtual path id
Virtual c hannel id
Flags
Data
53 bytes
4/11/2007
COMP4704, H. Lee
57
Asynchronous Transfer Mode Networks (2)
• ATM protocol layers
Mes sage
Layers
Applic ation
Higher-layer protoc ols
ATM adaption l ayer
ATM c el ls
ATM l ayer
ATM virtual c hannel s
Physic al
4/11/2007
COMP4704, H. Lee
58
Asynchronous Transfer Mode Networks (3)
• Switching virtual paths in an ATM network
Hos t
VPI = 2
VPI = 3
VP/VC
s witch
VP switc h
VPI = 4
VPI in VPI out
2
3
4
5
VPI = 5
VP switc h
Hos t
VPI : virtual path i denti fier
Virtual path
4/11/2007
Virtual c hannel s
COMP4704, H. Lee
59
Homework 2A
• Please solve the following exercise questions:
– Chapter 3 exercises: 3.1, 3.3, 3.7, 3.12, and 3.18.
• Due date:
– 4/25/2007 (Wednesday)
– at the beginning of class.
4/11/2007
COMP4704, H. Lee
60