Beruflich Dokumente
Kultur Dokumente
Bill Chu
Virtually all the general purpose computers are connected in the past five years. Killer applications
Visical World Wide Web Email E-commerce / On-line trading Napster E-Business Understand computing Use/write applications Deliver application Maintain applications
Protocol
A protocol is a series of steps, involving two or more parties, designed to accomplish a task Everyone involved in the protocol must know the protocol and all of the steps to follow in advance Everyone in the protocol must agree to follow it The protocol must be unambiguous; each step must be well defined and there must be no chance of a misunderstanding. The protocol must be complete; there must be a specified action for every possible situation.
Protocol Model Address: - how to name a partner Format: - specify the message formats Rules: - specify the behaviors of the protocol - what should be done when something happens
Electrical/Optical signals/noise Errror detection and recovery medium control access message boundary routing, fragmentation flow control (net congestion) loss and duplicated messages synchronization representation application specific how to develop in timely fashion (debug, verify and low cost) how to maintain it how to extend and evolve it
Layered Approach
partition into multiple layers of software each layer has clear programming interfaces
each layer solves a limited set of problems each layer encapsulates the related details reduce complexity, isolate changes, promote manageability efficiency
Pros
Cons
physical and data link are hardware heavy network and transport are software heavy session and presentation are typically light layers
voltages or frequencies
what is bad signals RS232 connectors for RS232 serial line communication RJ45 or BNC connectors for Ethernet
connection-oriented network
establish connection before communication once communication established, a circuit line is reserved for the communicating partners example: telephone network
packet sent from a node to another node the intermediate node stores the packet and decides to forward to another node towards the destination no circuit line is reserved example: Ethernet
Circuit connection
Routing table In 2 Out Host B 4
in
out
Comparisons: CS and PS
Circuit-switched line resource performance cost adaptive routing switch device reliability utilization dedicated guaranteed expensive not easy highly complex high low Packet-switched shared averaged less easy simple higher higher
WAN
wide area network cross large span of space (continental) typically heterogeneous and low speed example: Internet metro-area network regional scope (city-wide) local area network limited scope (a couple of buildings) typically homogeneous & high speed example: Ethernet & Token ring
MAN
LAN
Open air
radio, microwaves, satellites, infrared noise signals, collision clear signals, low power and high rate (Gbps) Lower cost interfaces Bi-directional
Optical
Copper wire
Every nodes tap into a common medium Signals may collide with each other
need to arbitrate who will get the bus capable of broadcasting message (one send & many listen) the common medium is the bottleneck
single node failure causes no network failure the medium failure brings down the network
common medium
Cable Modem
One node at the center as the master node Other nodes linked to the master as slaves
slaves communicate via master easy to arbitrate among slaves (master decides) not scalable (the master is the bottleneck) normally for small networks or that requires predictable performance master failure shutdowns the whole net
Master slave
slave
Nodes are arranged in a ring One node receives from its predecessor & sends to its successor
arbitrate who can access the ring messages forwarded by each node sender deletes its messages from the ring the common ring is the single point of failure (complicated connectors needed)
each node can talk to its neighbors directly non-neighbor nodes needs store-andforward for communication
No restrictions on how to link the nodes Topology can adapt to individual organization needs
Main tasks
arbitrate who can use the transmission medium define the boundaries of a packet
framing
typically implemented in hardware or firmware when you buy a network card, you get both physical and data link layer protocols in the card
Observations:
connection between limited hosts different needs for different technologies legacy networks each physical technology has its limits
Limited connectivity
Internet
Ethernet
Token Ring
...
ATM
hosts
independent of physical technologies independent of locations universal language every host is equal no matter of
Universal connectivity
Scalable
Robust
Problems to be Solved
Universal naming
how to translate the universal name to local name used by local physical network? how to route IP packages among different local networks to reach the destination? different physical networks use different package sizes. how this should be handled?
Routing
Fragmentation
Error handling
Internet Architecture
Internet:
THE network of (interconnected) networks Physical networks interconnected via gateways Gateway(router) is a host glues nets together
Other nets
Gateway
IP Packet Format
IP Header Format V HL type Identification TTL prot total length F frag. offset header cksum
IP Address
IP address == NetID + HostID each byte in an IP address represented as a decimal bytes are separated with a period (.) example: 152.15.35.44
0 class A class B class C class D class E 0 10 110 1110 11110 NetID NetID NetID Multicast address reserved for future use 8 16 HostID HostID HostID 24 31
Dotted notation
Classes
Each computer on the internet as a unique IP address. Each network interface (e.g. ethernet card) has a unique address 8.2.1.1 wants to send a message 8.2.1.3
It yells yaahoo, who is 8.1.2.3 Each computer listens to messages on the bus (collision detection and resolution) for yaahoo 8.2.1.3 replies to 00550DA2F5D82 I am 02950JX2F5Y82
8.2.1.1 sends the message to 8.2.1.3.
IP Routing
Principles
Route packages according to their destination IP net ID Forward packages hop by hop
each gateway has the routing knowledge of its nearby neighbors hosts route packages to gateway and gateway does the rest.
Routing types
direct routing
If the destination net ID is the same as the local net ID, no routing to gateway is needed and send the package via underlying physical network if the destination net ID is different from the local net ID, send the package to an appropriate gateway.
indirect routing
IP Rules
Fragmentation rules
if underlying net size < packet size & not final dest
break packet into small packets and send them reassemble fragmental packets into original size
Error rules
Table-Driven IP Routing
each entry associates a destination net ID with a forwarding gateway each route has a performance metrics
163.29
152.15.254.2 54
e0
Default
152.15.35.1
e0
Next-hop routes
the destination is an IP net ID: a packages addressed to any host in the net, send to the associated gateway the destination is a complete IP address: route all packages to the specified host via the associated gateway the catch all routing: all packages not specified by the above, send the gateway associated with the default route. the gateway associated with the default route is called default gateway
Host-specific routines
Default routes
net 2.1.1.x
Sub-netting
All hosts in a network must have the same net work number As the number of networks grow, so does the need for net work numbers Solution: subnet, divide the host name portion of the IP address into subnet id and the host Subnet mask and routing table.
Internet IP Address
PC PC Router
Intranet IP address
Computer (client) dials to a modem. Computer on the other (ISP server) end is on the internet. The ISP server assigns an ip address for the dialing computer All messages send from the client are routed by the isp host to the rest of the internet.
Client sends a message (on the local bus) to a DHCP server requesting an IP address for the session DHCP server assigns an ip address
IP Fragmentation
IP packages are broken to fit underlying physical network when a package is sent
locations of fragmentation
net 1
net 2
IP Fragmentation Example
Original IP datagram IP header 800 bytes 800 bytes 250 bytes
fragmentation Fragment 1 (offset 0) IP header (fragment 1) Fragment 2 (offset 800) IP header (fragment 2) Fragment 3 (offset 1600) IP header (fragment 3) 250 bytes 800 bytes 800 bytes
Transport Layer
from a host to a host in a best effort fashion from application to application in a reliable delivery
Transport layer fits the gap between user needs and IP messaging
Missing packets Duplicated packets Out of order packets Flow control Synchronization
Missing packet
acknowledge and timeout retransmission sequencing packets sequencing packets wait and stop window-sliding hand shaking
Duplicate messages
Flow control
Synchronization
provide communication endpoint for applications best effort delivery of messages (packets) message boundary is observed the protocol embedded in Internet Datagram sockets provide communication endpoint for applications reliable delivery via connection-based communication no message boundary between packages the protocol embedded in Internet Stream sockets
syn+x
syn+ack+y
ack
Exploits the TCP session establishment protocol. An attacker will send syn, but never sends ack. This type of attack is also called sync flood . Synchronized attacks launched on multiple (often victim) machines.
TCP Retransmission
Sender
is free to divide user stream data in packets expects an ack for each packet sent starts a timer when a packet is sent upon an ack reception, advances seq_no expected upon a timer expiration, resends the packet sends an ack whenever a packet is received deletes the packet if it duplicated is free to pass acknowledged packets to user is forced to pass to user the data when receives a PUSH
Receiver