Docstoc

CMPT 371 Chapter 1

Document Sample
CMPT 371 Chapter 1 Powered By Docstoc
					       School of Computing Science
         Simon Fraser University




CMPT 371: Data Communications and
           Networking

 Instructor: Dr. Mohamed Hefeeda




                                     1-1
Course Objectives
 Understand principles of designing and
  operating computer networks,

 Understand the structure and protocols of
  the largest network of networks (Internet),

 Know how to implement network protocols
  and networked applications, and …

 Have fun!
                                                1-2
Course Info
 Textbook
      Kurose and Rose, Computer Networking: A top-
      down Approach Featuring the Internet, 4th
      edition, 2008

 Course web page


  http://nsl.cs.sfu.ca/teaching/09/371/

  Or access it from my web page:
     http://www.cs.sfu.ca/~mhefeeda
                                                      1-3
Grading
 Homework:            25%
      Several problem sets and programming
      projects


 Midterm exam:         25%

 Final exam:           50%




                                              1-4
Topics
 Introduction
   Overview; Network types; Protocol layering;
    History of the Internet; Signals and Physical
    media
 Network Applications
   Principles of network applications and protocols;
    Sample applications: HTTP, DNS; Socket
    programming
 Transport Layer
   Transport-layer services; Flow and congestion
    control; Internet transport protocols: UDP and
    TCP

                                                        1-5
Topics (cont’d)
 Network Layer
      Routing algorithms (e.g., OSPF, RIP, BGP);
       Forwarding and addressing in the Internet (IP);
       Router design
 Link Layer and Local Area Networks
    Contention resolution and multiple access
     protocols; Error detection and correction;
     Ethernet; Bridges and switches
 Wireless Networks or Multimedia
  Networking (time permits)

                                                         1-6
Chapter 1: Overview

 Goal: Get a “feel” of the computer
 networking area

 Approach: we use the Internet as
 example




                                       1-7
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-8
What’s the Internet: “nuts and bolts” view
  millions of connected            router
                                               workstation
     computing devices: hosts
   = end systems                      server
                                                  mobile
  running network apps          local ISP
  communication links
        fiber, copper, radio,
         satellite                             regional ISP
        transmission rate =
         bandwidth
    routers: forward packets
     (chunks of data)
                                 company
                                 network

                                                              1-9
“Cool” Internet appliances

                                              Web-enabled toaster +
                                              weather forecaster

     IP picture frame
     http://www.ceiva.com/




World’s smallest web server
http://www-ccs.cs.umass.edu/~shri/iPic.html      Internet phones

                                                                      1-10
What’s the Internet: “nuts and bolts” view
   protocols control sending,             router     workstation
    receiving of msgs                        server
       e.g., TCP, IP, HTTP, FTP, PPP                    mobile
   Internet: “network of               local ISP
    networks”
       loosely hierarchical
       public Internet versus                        regional ISP
        private intranet
 Internet standards
    RFC: Request for comments
    IETF: Internet Engineering
     Task Force                         company
                                        network

                                                                     1-11
What’s the Internet: A service view
  communication
   infrastructure enables
   distributed applications:
       Web, email, games, e-
        commerce, file sharing
  communication services
   provided to apps:
       Connectionless unreliable
       connection-oriented
        reliable




                                      1-12
What’s a protocol?
human protocols:           network protocols:
 “what’s the time?”        machines rather than
 “I have a question”        humans
 introductions             all communication
                             activity in Internet
… specific msgs sent         governed by protocols
… specific actions taken   protocols define format,
  when msgs received,        order of msgs sent and
  or other events           received among network
                              entities, and actions
                                  taken on msg
                              transmission, receipt
                                                      1-13
What’s a protocol?
a human protocol and a computer network protocol:


       Hi
                               TCP connection
                               request
       Hi
                               TCP connection
     Got the                   response
      time?                    Get http://www.awl.com/kurose-ross
      2:00
                                     <file>
                     time


                                                                    1-14
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-15
A closer look at network structure

 network edge:
  applications and
  hosts
 network core:
   routers
   network of
    networks
 access networks,
  physical media:
  communication links
                                     1-16
 The network edge
 End systems (hosts):
     run application programs
      (e.g., email) at “edge of network”
 Two models
   client/server model
       • client requests, receives service
         from server, e.g. web browser/server
     peer-to-peer model
       • minimal (or no) use of dedicated servers
       • e.g., Gnutella, BitTorrent, …

 Two services from network
     Connection-oriented
     Connectionless
                                                    1-17
Network edge: Services from Network
Goal: Transfer data between end systems
 Connection-oriented          Connectionless
    Prepare for data             No connection set up,
     transfer ahead of time        simply send
    i.e., establish a            Faster, less overhead
     connection  set up          No reliability, flow
     “state” in the two            control, or congestion
     communicating hosts           control
    Usually comes with:
     reliability, flow and
                                    Internet: UDP—User
     congestion control
                                     Datagram Protocol
    Internet: TCP—
     Transmission Control
     Protocol


                                                            1-18
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-19
The Network Core
 mesh of interconnected
  routers
 the fundamental
  question: how is data
  transferred through net?
    circuit switching:
     dedicated circuit per
     call: telephone net
    packet-switching: data
     sent thru net in
     discrete “chunks”

                              1-20
Network Core: Circuit Switching

End-end resources
  reserved for “call”
 link bandwidth, switch
  capacity
 dedicated resources: no
  sharing
 circuit-like (guaranteed)
  performance
 call setup required




                                  1-21
Network Core: Circuit Switching
 network resources (e.g., bandwidth) divided
  into “pieces”

 pieces allocated to calls


 resource piece   idle if not used by owning call
    no sharing



 dividing link bandwidth into “pieces”
    frequency division
    time division



                                                     1-22
Circuit Switching: FDM and TDM
                         Example:
FDM
                         4 users

      frequency

                  time
TDM


      frequency

                  time
                                    1-23
Numerical example
 How long does it take to send a file of
  640,000 bits from host A to host B over a
  circuit-switched network?
   All links are 1.536 Mbps
   Each link uses TDM with 24 slots/sec
   500 msec to establish end-to-end circuit


Let’s work it out!

 NOTE: 1 Kb = 1000 bits, not 210 bits!

                                               1-24
Network Core: Packet Switching
each end-end data stream           resource contention:
  divided into packets              aggregate resource
 packets from different             demand can exceed
  users share network                amount available
  resources                         congestion: packets
 each packet uses full link         queue, wait for link use
  bandwidth                         store and forward:
 resources used as needed           packets move one hop
                                     at a time
                                         Node receives complete
Bandwidth division into “pieces”          packet before forwarding
     Dedicated allocation
    Resource reservation
                                                                 1-25
Packet Switching: Statistical Multiplexing
        10 Mb/s
A       Ethernet     statistical multiplexing   C

                          1.5 Mb/s
    B
          queue of packets
          waiting for output
                 link


                          D                     E

Sequence of A & B packets does not have fixed pattern,
  shared on demand  statistical multiplexing.
TDM: each host gets same slot in revolving TDM frame.
                                                    1-26
Packet switching versus circuit switching
Packet switching allows more users to use network!
 1 Mb/s link
 each user:
    100 kb/s when “active”
    active 10% of time

 circuit-switching:           N users
    10 users
                                                        1 Mbps link
 packet switching:
    with 35 users,
     probability > 10 active
     less than .0004
                                 Q: how did we get the value 0.0004?

                                                                  1-27
Packet switching versus circuit switching

 Advantages
   no call setup  simpler
   resource sharing (statistical multiplexing) 
       • better resource utilization
       • more users or faster transfer (a single user can use
         entire bw)
       • Well suited for bursty traffic (typical)
 Disadvantages
     Congestion may occur 
       • packet delay and loss
       • need protocols to control congestion and ensure
         reliable data transfer

                                                                1-28
Packet-switched networks: forwarding
   Goal: move packets through routers from source to
    destination
       we’ll study several path selection (i.e. routing) algorithms
        (chapter 4)
 datagram network:
    destination address in packet determines next hop
    routes may change during session
    analogy: driving, asking directions

 virtual circuit network:
    each packet carries tag (virtual circuit ID), tag
     determines next hop
    fixed path determined at call setup time, remains fixed
     thru call
    routers maintain per-call state
                                                                       1-29
Network Taxonomy

                 Telecommunication
                     networks



   Circuit-switched                  Packet-switched
       networks                         networks



 FDM                            Networks        Datagram
                TDM
                                with VCs        Networks




                                                           1-30
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-31
Access networks and physical media
 Q: How to connect end
   systems to edge router?
  residential access nets
  institutional access
   networks (school, company)
  mobile access networks

 Keep in mind:
  bandwidth (bits per
   second) of access network?
  shared or dedicated?



                                     1-32
Residential access: point to point access

 Dialup via modem
    up to 56Kbps direct access to
     router (often less)
    Can’t surf and phone at same
     time: can’t be “always on”

 ADSL: asymmetric digital subscriber line
    up to 1 Mbps upstream (today typically < 256 kbps)
    up to 8 Mbps downstream (today typically < 1 Mbps)
    FDM: 50 kHz - 1 MHz for downstream
          4 kHz - 50 kHz for upstream
          0 kHz - 4 kHz for ordinary telephone
                                                          1-33
Residential access: cable modems

  HFC: hybrid fiber coax
     asymmetric: up to 30Mbps downstream, 2 Mbps
      upstream
  network of cable and fiber attaches homes to ISP
   router
     homes share access to router
  deployment: available via cable TV companies




                                                      1-34
Residential access: cable modems




 Diagram: http://www.cabledatacomnews.com/cmic/diagram.html   1-35
Institutional access: local area
networks
 company/univ local area network
  (LAN) connects end system to
  edge router
 Ethernet:
    shared or dedicated link
     connects end system and
     router
    10 Mbs, 100Mbps, Gigabit
     Ethernet
 LANs: chapter 5




                                    1-36
Wireless access networks
 shared    wireless access network
  connects end system to router
      via base station aka “access point”   router
 wireless LANs:
    802.11b (WiFi): 11 Mbps                   base
 wider-area wireless access                 station
    provided by telco operator
    3G ~ 384 kbps
      • Will it happen??
    WAP/GPRS in Europe                                mobile
                                                        hosts


                                                           1-37
Home networks
Typical home network components:
 ADSL or cable modem
 router/firewall/NAT
 Ethernet
 wireless access point


                                                 wireless
   to/from                                       laptops
              cable   router/
    cable
             modem    firewall
   headend
                                      wireless
                                      access
                           Ethernet    point

                                                            1-38
Physical Media

 Bit: propagates between           Twisted Pair (TP)
  transmitter/rcvr pairs             two insulated copper
 physical link: what lies            wires
  between transmitter &                   Category 3: traditional
                                           phone wires, 10 Mbps
  receiver
                                           Ethernet
 guided media:                           Category 5:
      signals propagate in solid          100Mbps Ethernet
       media: copper, fiber, coax
 unguided media:
    signals propagate freely,
     e.g., radio


                                                                     1-39
Physical Media: coax, fiber
 Coaxial cable:                   Fiber optic cable:
  two concentric copper           glass fiber carrying light
   conductors                       pulses, each pulse a bit
  bidirectional                   high-speed operation:
                                         high-speed point-to-point
  baseband:
                                     
                                         transmission (e.g., 10’s-
       single channel on cable          100’s Gps)
        legacy Ethernet
                                   low error rate: repeaters
    

  broadband:                       spaced far apart; immune
     multiple channels on          to electromagnetic noise
      cable
     HFC




                                                                 1-40
Physical media: radio
  signal carried in             Radio link types:
   electromagnetic                terrestrial microwave
   spectrum                          e.g. up to 45 Mbps channels

  no physical “wire”             LAN (e.g., Wifi)
  bidirectional                     2Mbps, 11Mbps, 54 Mbps

  propagation &                  wide-area (e.g., cellular)
   environment effects:              e.g. 3G: hundreds of kbps

       reflection                satellite
       obstruction by objects       Kbps to 45Mbps channel (or
       Interference                  multiple smaller channels)
       fading                       270 msec end-end delay
                                     geosynchronous versus low
                                      altitude
                                                                  1-41
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-42
 Internet structure: network of networks

 roughly hierarchical
 at center: “tier-1” ISPs (e.g., MCI, Sprint, AT&T, Cable
  and Wireless), national/international coverage
    treat each other as equals

                                              Tier-1 providers
                                              also interconnect
  Tier-1                                      at public network
  providers
                         Tier 1 ISP
                                      NAP     access points
  interconnect                                (NAPs)
  (peer)
  privately
                 Tier 1 ISP      Tier 1 ISP



                                                           1-43
Tier-1 ISP: e.g., Sprint
       POP: point-of-presence

           to/from backbone

                       peering
       …                …
                        .
                     …
       …

              …



          to/from customers




                                 Introduction   1-44
   Internet structure: Tier-2 ISPs
  “Tier-2” ISPs: smaller (often regional) ISPs
     Connect to one or more tier-1 ISPs, possibly other tier-2 ISPs




                                                            Tier-2 ISPs
Tier-2 ISP pays         Tier-2 ISP                          also peer
                                          Tier-2 ISP        privately with
tier-1 ISP for
connectivity to                 Tier 1 ISP                  each other,
rest of Internet                                  NAP       interconnect
                                                            at NAP
Tier-2 ISP is
customer of           Tier 1 ISP        Tier 1 ISP      Tier-2 ISP
tier-1 provider
                   Tier-2 ISP        Tier-2 ISP


                                                                       1-45
   Internet structure: Tier-3 ISPs
  “Tier-3” ISPs and local ISPs
     last hop (“access”) network (closest to end systems)


                  local
                   ISP     Tier 3                   local
                                         local            local
                            ISP                      ISP
                                          ISP              ISP
Local and tier-            Tier-2 ISP            Tier-2 ISP
3 ISPs are
customers of                        Tier 1 ISP
higher tier                                           NAP
ISPs
connecting
them to rest
                          Tier 1 ISP             Tier 1 ISP       Tier-2 ISP
of Internet
                                                                        local
                    Tier-2 ISP           Tier-2 ISP
                                                                         ISP
              local         local          local
               ISP           ISP            ISP                                 1-46
 Internet structure: packet journey
 a packet passes through many networks!


           local
            ISP     Tier 3                    local
                                   local            local
                     ISP                       ISP
                                    ISP              ISP
                    Tier-2 ISP             Tier-2 ISP

                              Tier 1 ISP
                                                NAP


                   Tier 1 ISP              Tier 1 ISP       Tier-2 ISP
                                                                  local
              Tier-2 ISP           Tier-2 ISP
                                                                   ISP
        local         local          local
         ISP           ISP            ISP                                 1-47
A snapshot of the Internet in 1999 showing major ISPs




                                                        1-48
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-49
 How do loss and delay occur?
packets queue in router buffers
 packet arrival rate to link exceeds output link capacity
 packets queue, wait for turn


                               packet being transmitted (delay)



  A


      B
                              packet queueing (delay)
                free (available) buffers: arriving packets
                dropped (loss) if no free buffers
                                                                  1-50
Four sources of packet delay
1. nodal processing:                2. queueing
     check bit errors                      time waiting at output
     determine output link                  link for transmission
                                            depends on congestion
                                             level of router



  A


      B
                  nodal
                processing    queueing


                                                                      1-51
Delay in packet-switched networks
3. Transmission delay:           4. Propagation delay:
 Time to “push” the entire       Time for last bit of packet to
   packet on link                   propagate from src to dst
 R=link bandwidth (bps)          d = length of physical link
 L=packet length (bits)          s = propagation speed in
 Transmission delay = L/R          medium (~2x108 m/sec)
                                  propagation delay = d/s

                                     Note: s and R are very
           transmission                different quantities!
A                           propagation


    B
              nodal
            processing    queueing
                                                                    1-52
 Transmission vs. propagation: Caravan analogy

                              100 km             100 km
      ten-car          toll              toll
      caravan         booth             booth
 car~bit; caravan ~ packet         Time to “push” entire
 Cars “propagate” at                caravan through toll
  100 km/hr                          booth onto highway =
 Toll booth takes 12 sec to
                                     12*10 = 120 sec
  service a car                     Time for last car to
  (transmission time)                propagate from 1st to
 Q: How long until caravan
                                     2nd toll both:
  is lined up before 2nd toll        100km/(100km/hr)= 1 hr
  booth?                            A: 62 minutes

                   See applet at textbook web site          1-53
Total nodal delay
           d nodal  d proc  d queue  d trans  d prop

 dproc = processing delay
    typically a few microsecs or less

 dqueue = queuing delay
    depends on congestion

 dtrans = transmission delay
    = L/R, significant for low-speed links

 dprop = propagation delay
    a few microsecs to hundreds of msecs



                                                           1-54
Queueing delay (revisited)

 R=link bandwidth (bps)
 L=packet length (bits)
 a=average packet
  arrival rate

 traffic intensity = La/R

 La/R ~ 0: average queueing delay small
 La/R -> 1: delays become large
 La/R > 1: more “work” arriving than can be
  serviced, average delay infinite!
                                               1-55
“Real” Internet delays and routes

 What do “real” Internet delay & loss look like?
 Traceroute program: provides delay measurement
  from source to router along end-end Internet path
  towards destination. For all i:
      sends three packets that will reach router i on path
       towards destination
      router i will return packets to sender
      sender times interval between transmission and reply.


       3 probes        3 probes

            3 probes


                                                               1-56
“Real” Internet delays and routes
traceroute: gaia.cs.umass.edu to www.eurecom.fr
                                    Three delay measurements from
                                    gaia.cs.umass.edu to cs-gw.cs.umass.edu
1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms
2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms
3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms
4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms
5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms
6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms
7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms trans-oceanic
                                                                   link
8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms
9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms
10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms
11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms
12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms
13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms
14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms
15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms
16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms
17 * * *
18 * * *              * means no response (probe lost, router not replying)
19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms

                                                                       1-57
Packet loss
 queue (aka buffer) preceding link in buffer
  has finite capacity
 when packet arrives to full queue, packet is
  dropped (aka lost)
 lost packet may be retransmitted by
  previous node, by source end system, or
  not retransmitted at all




                                                 1-58
   Throughput
    throughput: rate (bits/time unit) at which
      bits transferred between sender/receiver
        instantaneous: rate at given point in time
        average: rate over longer period of time




     server, with    link capacity
server sends bits pipe that can carry    link capacity
                                        pipe that can carry
 (fluid) of F bits
    file into pipe     Rs bits/sec
                      fluid at rate         c bits/sec
                                           Rfluid at rate
  to send to client    Rs bits/sec)         Rc bits/sec)

                                                       Introduction   1-59
 Throughput (more)
  Rs   < Rc What is average end-end throughput?

              Rs bits/sec              Rc bits/sec


  Rs   > Rc What is average end-end throughput?

              Rs bits/sec              Rc bits/sec


 bottleneck link
link on end-end path that constrains end-end throughput
                                                Introduction   1-60
Throughput: Internet scenario

                                  Rs
 per-connection
                          Rs                        Rs
  end-end
  throughput:
                                           R
  min(Rc,Rs,R/10)
 in practice: Rc or      Rc                          Rc
  Rs is often                       Rc
  bottleneck

                          10 connections (fairly) share
                       backbone bottleneck link R bits/sec
                                               Introduction   1-61
Chapter 1: roadmap
 1.1 What is the Internet?
 1.2 Network edge
 1.3 Network core
 1.4 Network access and physical media
 1.5 Internet structure and ISPs
 1.6 Delay & loss in packet-switched networks
 1.7 Protocol layers, service models



                                                1-62
Protocol “Layers”
Networks are complex!
 many “pieces”:
   hosts                      Question:
   routers               Is there any hope of
   links of various      organizing structure of
    media                        network?
   applications
   protocols           Or at least our discussion
   hardware,                   of networks?
    software


                                                     1-63
Layering of airline functionality

ticket (purchase)                                            ticket (complain)   ticket

baggage (check)                                              baggage (claim      baggage

  gates (load)                                                gates (unload)     gate

runway (takeoff)                                              runway (land)      takeoff/landing

airplane routing    airplane routing      airplane routing   airplane routing    airplane routing

   departure                intermediate air-traffic              arrival
    airport                     control centers                   airport



Layers: each layer implements a service
    via its own internal-layer actions
    relying on services provided by layer below



                                                                                             1-64
Why layering?
Dealing with complex systems:
 explicit structure allows identification,
  relationship of complex system’s pieces
 modularization eases maintenance, updating of
  system
    change of implementation of layer’s service
     transparent to rest of system
    e.g., change in gate procedure doesn’t affect
     rest of system
 What is the downside of layering?



                                                     1-65
Internet protocol stack
 application: supporting network
  applications                         application
      FTP, SMTP, HTTP
 transport: process-process data      transport
  transfer
      TCP, UDP                         network
 network: routing of datagrams from
  source to destination                   link
      IP, routing protocols
 link: data transfer between           physical
  neighboring network elements
      PPP, Ethernet
 physical: bits “on the wire”
                                           Introduction   1-66
ISO/OSI reference model
 presentation: allow applications to
  interpret meaning of data, e.g.,      application
  encryption, compression, machine-
                                        presentation
  specific conventions
 session: synchronization,               session
  checkpointing, recovery of data        transport
  exchange
                                          network
 Internet stack “missing” these
  layers!                                     link
    these services, if needed, must      physical
     be implemented in application
    needed?

                                          Introduction   1-67
      message         M
                           source
                          application
                                                   Encapsulation
    segment Ht        M   transport
 datagram Hn Ht       M    network
frame      Hl Hn Ht   M      link
                           physical
                                         Hl Hn Ht       M      link       Hl Hn Ht     M
                                                             physical

                                                                                   switch



                destination                Hn Ht    M       network        Hn Ht   M
           M     application            Hl Hn Ht    M         link      Hl Hn Ht   M
     Ht    M     transport                                  physical
   Hn Ht    M     network
Hl Hn Ht    M       link                                                           router
                  physical

                                                                                           1-68
Network Security
 The field of network security is about:
   how bad guys can attack computer networks
   how we can defend networks against attacks
   how to design architectures that are immune to
    attacks
 Internet not originally designed with
  (much) security in mind
     original vision: “a group of mutually trusting
    users attached to a transparent network” 
   Internet protocol designers playing “catch-up”
   Security considerations in all layers!

                                                  Introduction   1-69
Bad guys can put malware into
hosts via Internet
 Malware can get in host from a virus, worm, or
  trojan horse.

 Spyware malware can record keystrokes, web
  sites visited, upload info to collection site.

 Infected host can be enrolled in a botnet, used
  for spam and DDoS attacks.

 Malware is often self-replicating: from an
  infected host, seeks entry into other hosts


                                                   Introduction   1-70
Bad guys can put malware into
hosts via Internet
 Trojan horse                  Worm:
    Hidden part of some          infection by passively
     otherwise useful              receiving object that gets
     software                      itself executed
    Today often on a Web         self- replicating: propagates
     page (Active-X, plugin)       to other hosts, users
 Virus                                  Sapphire Worm: aggregate scans/sec
    infection by receiving
                                 in first 5 minutes of outbreak (CAIDA, UWisc data)

     object (e.g., e-mail
     attachment), actively
     executing
    self-replicating:
     propagate itself to
     other hosts, users
                                                                 Introduction   1-71
     Bad guys can attack servers and
     network infrastructure
  Denial of service (DoS): attackers make resources
      (server, bandwidth) unavailable to legitimate traffic
      by overwhelming resource with bogus traffic
1.   select target
2. break into hosts
   around the network
   (see botnet)
3. send packets toward
   target from                               target
   compromised hosts


                                                      Introduction   1-72
The bad guys can sniff packets
Packet sniffing:
   broadcast media (shared Ethernet, wireless)
   promiscuous network interface reads/records all
    packets (e.g., including passwords!) passing by

       A                              C


                       src:B dest:A   payload
                                                B
      Wireshark software used for end-of-chapter
       labs is a (free) packet-sniffer
                                                    Introduction   1-73
The bad guys can use false source
addresses
 IP   spoofing: send packet with false source address
        A                               C


               src:B dest:A   payload

                                             B




                                              Introduction   1-74
The bad guys can record and
playback
 record-and-playback: sniff sensitive info (e.g.,
  password), and use later
    password holder is that user from system point of
     view

                          C
     A

                              src:B dest:A   user: B; password: foo


                                                    B

                                                         Introduction   1-75
Network Security
 more throughout this course
 chapter 8: focus on security
 crypographic techniques: obvious uses and
  not so obvious uses




                                       Introduction   1-76
Internet History
1961-1972: Early packet-switching principles
 1961: Kleinrock - queueing    1972:
  theory shows                       ARPAnet public demonstration
  effectiveness of packet-
                                     NCP (Network Control Protocol)
  switching
                                      first host-host protocol
 1964: Baran - packet-
                                     first e-mail program
  switching in military nets
                                     ARPAnet has 15 nodes
 1967: ARPAnet conceived
  by Advanced Research
  Projects Agency
 1969: first ARPAnet node
  operational




                                                       Introduction   1-77
    Internet History
    1972-1980: Internetworking, new and proprietary nets
 1970: ALOHAnet satellite        Cerf and Kahn’s internetworking
    network in Hawaii                principles:
   1974: Cerf and Kahn -              minimalism, autonomy - no
    architecture for                     internal changes required
    interconnecting networks             to interconnect networks
   1976: Ethernet at Xerox            best effort service model
    PARC                               stateless routers

   ate70’s: proprietary               decentralized control

    architectures: DECnet, SNA,   define today’s Internet
    XNA                              architecture
   late 70’s: switching fixed
    length packets (ATM
    precursor)
   1979: ARPAnet has 200 nodes


                                                           Introduction   1-78
Internet History
1980-1990: new protocols, a proliferation of networks

 1983: deployment of       new national networks:
    TCP/IP                   Csnet, BITnet,
   1982: smtp e-mail        NSFnet, Minitel
    protocol defined        100,000 hosts
   1983: DNS defined        connected to
    for name-to-IP-          confederation of
    address translation      networks
   1985: ftp protocol
    defined
   1988: TCP congestion
    control
                                              Introduction   1-79
Internet History
1990, 2000’s: commercialization, the Web, new apps
 Early 1990’s: ARPAnet             Late 1990’s – 2000’s:
  decommissioned
                                     more killer apps: instant
 1991: NSF lifts restrictions on     messaging, P2P file sharing
  commercial use of NSFnet
                                     network security to
  (decommissioned, 1995)
                                      forefront
 early 1990s: Web
                                     est. 50 million host, 100
    hypertext [Bush 1945, Nelson     million+ users
     1960’s]
                                     backbone links running at
    HTML, HTTP: Berners-Lee          Gbps
    1994: Mosaic, later Netscape
    late 1990’s:
     commercialization of the Web


                                                       Introduction   1-80
Internet History

2007:
 ~500 million hosts
 Voice, Video over IP
 P2P applications: BitTorrent
  (file sharing) Skype (VoIP),
  PPLive (video)
 more applications: YouTube,
  gaming
 wireless, mobility




                                 Introduction   1-81
Introduction: Summary
Covered a “ton” of material!    You now have:
 Internet overview              context, overview,
 what’s a protocol?              “feel” of networking
 network edge, core, access     more depth, detail to
  network                         follow!
    packet-switching versus
     circuit-switching
 Internet/ISP structure
 performance: loss, delay
 layering and service models
 History (self reading)

                                                     1-82

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:3
posted:2/10/2012
language:
pages:82