course review. final review: 12/10/20012 outline networks: a top down view (for a change). other...
DESCRIPTION
Final Review: 12/10/20013 Protocol Stacks The Open Systems Interconnection (OSI) Model. Application Presentation Session Transport Network Data link Physical Network Data link Physical Application Presentation Session Transport Network Data link Physical Data link PhysicalTRANSCRIPT
Course Review
Final Review: 12/10/2001 2
Outline
• Networks: A top down view (for a change).• Other topics.
• Security• QoS• Multicast
• Questions?
Final Review: 12/10/2001 3
Protocol StacksThe Open Systems Interconnection (OSI) Model.
Application
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Application
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical
Final Review: 12/10/2001 4
Browsing the Web
Web Browser
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Web Server
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical
?Client Server
Final Review: 12/10/2001 5
HTTP Request Example
GET / HTTP/1.1Accept: */*Accept-Language: en-usAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 5.5;
Windows NT 5.0)Host: www.seshan.orgConnection: Keep-Alive
Final Review: 12/10/2001 6
HTTP Response Example
HTTP/1.1 200 OKDate: Tue, 27 Mar 2001 03:49:38 GMTServer: Apache/1.3.14 (Unix) (Red-Hat/Linux) mod_ssl/2.7.1
OpenSSL/0.9.5a DAV/1.0.2 PHP/4.0.1pl2 mod_perl/1.24Last-Modified: Mon, 29 Jan 2001 17:54:18 GMTETag: "7a11f-10ed-3a75ae4a"Accept-Ranges: bytesContent-Length: 4333Keep-Alive: timeout=15, max=100Connection: Keep-AliveContent-Type: text/html…..
Final Review: 12/10/2001 7
Single Transfer Example
Client ServerSYN
SYN
SYN
SYN
ACK
ACK
ACK
ACK
ACK
DAT
DAT
DAT
DAT
FIN
ACK
0 RTT
1 RTT
2 RTT
3 RTT
4 RTT
Server reads from disk
FIN
Server reads from disk
Client opens TCP connection
Client sends HTTP request for HTML
Client parses HTMLClient opens TCP connection
Client sends HTTP request for image
Image begins to arrive
Final Review: 12/10/2001 8
Persistent Connection Example
Client Server
ACK
ACK
DAT
DAT
ACK
0 RTT
1 RTT
2 RTT
Server reads from diskClient sends HTTP request for HTML
Client parses HTMLClient sends HTTP request for image
Image begins to arrive
DATServer reads from disk
DAT
Final Review: 12/10/2001 9
DNS Server
• A DNS server is responsible for maintaining the name-address mapping in a specific domain.
• E.g. cs.cmu.edu• The network manager can add,
remove, or change mappings.• Computers can send requests to the
server to translate a name into an address.
• But how do you find the server?• Recursively contact the parent in
the hierarchical name space• Caching is used to speed up the
lookup of frequently used names.
cs.cmu.edu
hawaii.cs.cmu.edu
Other DNS servers
128.17.4.174
Final Review: 12/10/2001 10
Typical Exchange
• Sender creates and initializes a socket.
• Sender issues an open connection command.
• Specifies destination IP and application port addresses
• Sender blocks while connection is established
• If the connection succeeds, data exchange can start.
• Lots of things can go wrong: wrong addresses, receiver or network down.
• Receiver creates and initializes a socket.
• Receiver listens on the socket for a connection request.
• Can sometimes restrict the type of connection
• If receiver accepts the connection and the connection succeeds, data exchange can start.
• Communication typically uses a different socket
Final Review: 12/10/2001 11
Browsing the Web
Web Browser
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Web Server
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical ?Client Server
Final Review: 12/10/2001 12
Connection management
Time
Open
Data
Close
Sender Receiver
syn
syn/ack
ack
fin
ackfin
ack
EstablishInitial
Sequence Numbers
Final Review: 12/10/2001 13
Reliability
• Checksum guarantees end-end data integrity.• Sequence numbers detect packet sequencing problems:
• duplicate: ignore• reordered: reorder or drop• lost: retransmit
• Lost packets detected by sender.• uses time out to detect lack of acknowledgment • requires reliable roundtrip time estimate
• Retransmission requires that sender keeps copy of the data until ACK is received.
• performance issue
Final Review: 12/10/2001 14
When to Send a Packet?• End-to-end flow control.
• avoid buffer overflow on receiver• receiver advertizes a window size
• Congestion control.• estimates amount of data that can be in network• implemented using the congestion window, slow start,
and fast retransmit/recovery mechanisms• Efficiency considerations.
• try to send large packets (if possible)• more efficient in the network and on end points
• piggybacking of acks
Final Review: 12/10/2001 15
Window Size versus Throughput
Sender
ReceiverTime
Throughput = Window SizeRoundtrip Time
Final Review: 12/10/2001 16
TCP Congestion Avoidance• Congestion avoidance limits how fast TCP can send
data.• Implemented using a congestion window that limits how
much data can be in the network• independent from flow control window
• transmission is limited by minimum of the two windows• window grows in response to acknowledgement
• Packet loss is seen as sign of congestion.• multiplicative decrease of the congestion window• have to cut back fast since cost of congestion is high
• How do you detect when more bandwidth becomes available?
• gradually increment congestion window (probing)• results in oscillation around congestion window size!
Final Review: 12/10/2001 17
TCP Saw Tooth Behavior
Time
CongestionWindow
InitialSlowstart
Fast Retransmit
and Recovery
Slowstartto pacepackets
Timeoutsmay still
occur
Final Review: 12/10/2001 18
Browsing the Web
Web Browser
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Web Server
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical ?Client Server
Final Review: 12/10/2001 19
Hop-by-Hop PacketForwarding in the Internet
Ethernet Packetsover SONET
MixedEthernetHost Host
7..3
21
Final Review: 12/10/2001 20
Addressing in IP v4 (Basic)• Each host has an Internet address.• Addresses are hierarchical.
• address contains hint about location• Address space is divided in three classes of point-to-
point addresses, multicast addresses, and some special addresses.
type network host
A 1 7 24B 2 14 16C 3 21 8D 4 (multicast) 28
Example: 128.2.209.19
Final Review: 12/10/2001 21
Routing based on Network Identifier
AN 2
ISP 2
ISP 1
ISP 3
AN 4
AN 1 AN 5
AN 3
Host Host
Host
Host
Host
Host
Net.Host
Net ID
Net IDNet ID
Net ID
Next
NextNext
NextForwarding Table
Final Review: 12/10/2001 22
Problems with Simple Address Structure
• Running out of addresses.• Especially true for mid-sized networks
• Routing tables are becoming too big.• 100 of thousands of entries
• Temporary solution: classless inter-domain routing.
• Use address space more efficiently by relaxing the strict address structure,
• length of network address is variable• generalization of subnetting idea
• have internet service providers hand out blocks of addresses to their customers
Final Review: 12/10/2001 23
Route Lookup with CIDR
• Problem: with CIDR there can be multiple matches when looking up an address.
• Can for example happen when a customer switches ISPs but keeps addresses
• Solution: lookup is based on longest prefix match.
• If there are multiple matches in the lookup, the longest match (longest netmask) wins
10110110 hosts
10110110 010 hosts
10110110 010 0100011
Final Review: 12/10/2001 24
What Does Routing Do?
• Routing protocol specifies how routers jointly collect information about the network.
• Routing protocols must be standardized
• Routing algorithm uses network information to select appropriate routes and to set up the routing table.
• The data forwarding engine performs route lookup in the routing table.
• through which interface should a packet be forwarded?
RouteLookup
RoutingProtocol
RoutingAlgorithms
Routing protocol
Other routers
Final Review: 12/10/2001 25
Dijkstra’s Algorithm(Link State)
FA
D
EC
3
2
2
5
3
4
4
3
1
2
B
2, F
3, F5, E
6, E
3, F
6, E
5, E 3, F5, E
6, E
6, B6, B
6, E
6, B
2, F
Final Review: 12/10/2001 26
Distance Vector RoutingExample
B
A D
C
BCD
---
3
9
1
1
4
ABD
---
ACD
---
ABC
---
B/3C/9
-
A/9B/1D/1
A/3C/1D/4
-B/4C/1
B/3B/4B/5
B/4B/1D/1
A/3C/1C/2
C/5C/2C/1
B/3B/4B/7
B/4B/1D/1
A/3C/1C/2
B/7C/2C/1
Final Review: 12/10/2001 27
Hierarchical Routing• Two level routing based on intra-domain and inter-domain
routing to improve scalability.• Matches the structure of the address space.• Driven in part by business/management concerns.
• Local network information is kept internal• Agreements with specific service providers at boundaries
Host Host
Host
Host
Host
Host
Final Review: 12/10/2001 28
Browsing the Web
Web Browser
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Web Server
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical ?Client Server
Final Review: 12/10/2001 29
Datalink in the Backbone
• Routers are connected by point-point links or by (datalink layer) switched clouds.
• Point-point links typically based on SONET.• E.g. Packets over SONET
• Switched clouds often uses virtual connection datalink technologies.
• E.g., ATM, frame relay
PC atHome
Router Point-Pointlink
PCs atWork
Switched Cloud
Final Review: 12/10/2001 30
802.3 EthernetBroadcast technology
• Carrier-sense multiple access with collision detection (CSMA/CD).
• 10Mbps cable rate. • Maximum diameter 2.5km. • Minimum frame = 64 bytes.• Thick or thin coax; 10Base-T unshielded twisted pair in star
configuration using hub.
host host host host
host host host host
Hub
Final Review: 12/10/2001 31
Ethernet Switches
• Bridges make it possible to increase LAN capacity.• Packets are no longer broadcasted - they are only forwarded on selected links• Adds a switching flavor to the broadcast LAN
• Ethernet switch is a special case of a bridge: each bridge port is connected to a single host.
• Simplifies the protocol and hardware used (only two stations on the link)• Can make the link full duplex (really simple protocol!)• Can have different port speeds
Final Review: 12/10/2001 32
Framing• A link layer function, defining which bits have
which function.• Minimal functionality: mark off units of
transmission.• Some techniques:
• frame delimiter characters with character stuffing• frame delimiter codes with bit stuffing• out of band delimiters (e.g. FDDI control symbols)• synchronous transmission (e.g. SONET)
Final Review: 12/10/2001 33
Browsing the Web
Web Browser
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Web Server
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical ?Client Server
Final Review: 12/10/2001 34
The Frequency Domain
• A (periodic) signal can be viewed as a sum of sine waves of different strengths.
• Every signal has an equivalent representation in the frequency domain.
• What frequencies are present and what is their strength• Similar to radio and TV signals
TimeFrequency
Am
plitu
de
Final Review: 12/10/2001 35
Wireless: Good News Bad News
• Great technology: no wires to install, convenient mobility, ..
• High attenuation limits distances.• Wave propagates out as a sphere• Signal strength reduces quickly (1/distance)2
• High noise due to interference from other transmitters.• Use MAC and other rules to limit interference• Aggressive encoding techniques to make signal less
sensitive to noise• Other effects: multipath fading, security, ..• Ether has limited bandwidth.
• Try to maximize its use
Final Review: 12/10/2001 36
TCP Problems Over Noisy Links
• Wireless links are inherently error-prone• Fades, interference, attenuation• Errors often happen in bursts
• TCP cannot distinguish between corruption and congestion
• TCP unnecessarily reduces window, resulting in low throughput and high latency
• Burst losses often result in timeouts• Sender retransmission is the only option
• Inefficient use of bandwidth
Final Review: 12/10/2001 37
Proposed Solutions
• End-to-end protocols• Selective ACKs, Explicit loss notification
• Split-connection protocols• Separate connections for wired path and
wireless hop• Reliable link-layer protocols
• Error-correcting codes• Local retransmission
Final Review: 12/10/2001 38
Browsing the Web
Web Browser
Presentation
Session
Transport
Network
Data link
Physical
Network
Data link
Physical1
2
3
4
5
6
7 Web Server
Presentation
Session
Transport
Network
Data link
Physical
Data link
Physical
Everything Cleared Up!Client Server
Final Review: 12/10/2001 39
Security Threats
• Impersonation.• Pretend to be another user with the intent of getting access
to information or services• Secrecy.
• Get access to the contents of packets• Message integrity.
• Change a message unbeknownst to the sender or receiver• Repudiation
• Denying to have sent a message• Denial of service.
• Flooding the system so users with legitimate needs cannot get service
• Range of other threats: password guessing, exploiting programming bugs, …
Final Review: 12/10/2001 40
Encryption
ciphertext = E(plaintext, k) plaintext = D(ciphertext, k’)• Private key (symmetric, e.g. DES)
• the two parties share a common private key k• Public key (asymmetric, e.g. RSA)
• derive two keys, kprivate and kpublic
• kprivate is kept private by its owner• kpublic is published
• Tradeoffs between private and public key cryptography.
• Key management, speed• Challenge: key management.
Final Review: 12/10/2001 41
Example Applications
• Kerberos.• Support security in corporate environment• Based on key distribution center that knows all the entities
• Know = share secret
• Secure socket layer (SSH).• Support secure channels in open internet environment• Based on certificates and certification authorities• Provides privacy, but trust is limited
• Pretty good privacy (PGP).• Provides privacy, authentication, repudiation in internet
environment• Key management based on a “web of trust”
Final Review: 12/10/2001 42
How to Provide QoS?
• Admission control limits number of users.• You cannot provide guarantees if there are too many users
sharing the same set of resources (bandwidth)• For example, telephone networks - busy tone• This implies that your request for service can be rejected
• Traffic enforcement limits how much traffic users can inject based on predefined limits.
• Make sure user respects the traffic contract• Data outside of contract can be dropped (before entering the
network!) or can be sent at a lower priority• Scheduling support in the routers guarantee that users get their
share of the bandwidth.• Again based on pre-negotiated bounds
• Signaling protocol gives routers the information they need to provide QoS.
• E.g. RSVP
Final Review: 12/10/2001 43
Qos Summary
Final Review: 12/10/2001 44
IETF QoS Models
• Integrated services: diverse QoS at the micro-flow level.• Range of QoS: best effort, controlled load, guaranteed• Specific end-to-end service defined for each class• Requires end-to-end support, e.g. edge and core routers• Concern about complexity, cost, marketing/charging
• Differentiated services: QoS at the aggregate flow level.• Defines range of “forwarding behaviors”, but services
are defined by the providers• Pushes most complexity to the edge of the network –
fast core routers work only with small number of traffic classes
• Based on the same building blocks.
Final Review: 12/10/2001 45
Multimedia Challenges
• TCP/UDP/IP suite provides best-effort, no guarantees on expectation or variance of packet delay
• Streaming applications delay of 5 to 10 seconds is typical and has been acceptable, but performance deteriorate if links are congested (transoceanic)
• Real-Time Interactive requirements on delay and its jitter have been satisfied by over-provisioning (providing plenty of bandwidth), what will happen when the load increases?...
Final Review: 12/10/2001 46
Multicast – Efficient Data Distribution
Src Src
Final Review: 12/10/2001 47
IP Multicast Architecture
Hosts
Routers
Service model
Host-to-router protocol(IGMP)
Multicast routing protocols(various)
Final Review: 12/10/2001 48
Multicast Routing
• Basic objective – build distribution tree for multicast packets
• Core based protocols• Examples: CBT, PIM-SM
• Flood and prune• Examples: DVMRP, PIM-DM
• Link-state multicast protocols• Example: MOSPF
Final Review: 12/10/2001 49
Shared vs. Source-based Trees
• Source-based trees• Separate shortest path tree for each sender • DVMRP, MOSPF, PIM-DM, PIM-SM
• Shared trees• Single tree shared by all members• Data flows on same tree regardless of sender• CBT, PIM-SM
Final Review: 12/10/2001 50
Questions?