ecs298k: internet architecture lecture #1
DESCRIPTION
ecs298k: Internet Architecture lecture #1. Dr. S. Felix Wu Computer Science Department University of California, Davis http://www.cs.ucdavis.edu/~wu/ [email protected]. My slides have been/will be on-line available!. What is “Internet”?. 1969: 4 node network (56K). - PowerPoint PPT PresentationTRANSCRIPT
04/03/2001 ecs298k spring 2001 1
ecs298k:Internet Architecturelecture #1lecture #1
Dr. S. Felix Wu
Computer Science Department
University of California, Davishttp://www.cs.ucdavis.edu/~wu/
04/03/2001 ecs298k spring 2001 2
My slides have been/will be My slides have been/will be on-line available!on-line available!
04/03/2001 ecs298k spring 2001 3
What is “Internet”?What is “Internet”?
1969: 4 node network (56K).– MILNET in US and MINET in Europe– Arpanet (government and universities)
1985/86: NSFNet (56K)– connecting 6 super-computing centers.– 1988 (T1: 1.544 Mbps, 13 sites)– 1990: Merit: Policy Routing– 1991: (T3: 45 Mbps)
04/03/2001 ecs298k spring 2001 4
Internet ProtocolInternet Protocol
payloadheader
src addr: 32 bitsdst addr: 32 bits
A router and its routing table
dst addr filter
169.237.*.* /16132.30.7.* /24
04/03/2001 ecs298k spring 2001 5
NSFNet-Based InternetNSFNet-Based Internet
NSF-corebackbone
Regionalbackbone
campus
04/03/2001 ecs298k spring 2001 6
CommercializationCommercialization ISP (Internet Service Provider)
– connecting end-users to NSF backbone– connecting end-users to their own backbone
NAP (Network Access Points)– inter-connecting ISPs– first, at least 100 MB
04/03/2001 ecs298k spring 2001 7
Today’s InternetToday’s Internet
04/03/2001 ecs298k spring 2001 8
traceroute: Warning: www.yahoo.com has multiple addresses; using 204.71.200.68traceroute to www.yahoo.akadns.net (204.71.200.68), 30 hops max, 38 byte packets 1 fnh254.cs.ucdavis.edu (169.237.6.254) 0.537 ms 0.446 ms 0.349 ms 2 169.237.246.238 (169.237.246.238) 1.096 ms 1.342 ms 1.058 ms 3 area14-gw.ucdavis.edu (169.237.1.30) 2.022 ms 1.436 ms 1.407 ms 4 border-m20-gw.ucdavis.edu (169.237.2.2) 1.478 ms 1.403 ms 1.511 ms 5 BERK--ucd2.ATM.calren2.net (198.32.249.33) 5.017 ms 5.427 ms 5.297 ms 6 BERK--SUNV.POS.calren2.net (198.32.249.13) 5.398 ms 5.362 ms 5.213 ms 7 BERK--BERK-7507.POS.calren2.net (198.32.249.70) 5.523 ms 5.721 ms 5.281 ms 8 acr1-serial2-3-0-0.SanFranciscosfd.cw.net (206.24.211.133) 6.563 ms 5.933 ms 5.877 ms 9 bpr1.pax.cw.net (206.24.210.8) 7.789 ms 7.857 ms 7.553 ms10 206.24.241.2 (206.24.241.2) 16.055 ms 15.746 ms 15.649 ms11 so1-0-0-622M.cr1.pao2.gblx.net (208.50.169.141) 15.973 ms 15.992 ms 15.708 ms12 pos6-0-2488M.cr1.SNV.gblx.net (208.50.169.62) 16.461 ms 16.270 ms 16.615 ms13 ge0-0-1000M.hr8.SNV.gblx.net (206.132.254.37) 16.152 ms 16.060 ms 16.339 ms14 bas1r-ge3-0-hr8.snv.yahoo.com (208.178.103.62) 16.135 ms 16.242 ms 15.936 ms15 www3.yahoo.com (204.71.200.68) 16.643 ms 17.199 ms 15.787 ms
04/03/2001 ecs298k spring 2001 9
traceroute to www.gatech.edu (130.207.244.203), 30 hops max, 38 byte packets 1 fnh254.cs.ucdavis.edu (169.237.6.254) 0.539 ms 0.436 ms 0.370 ms 2 169.237.246.238 (169.237.246.238) 1.045 ms 1.077 ms 1.078 ms 3 area14-gw.ucdavis.edu (169.237.1.30) 1.670 ms 1.412 ms 1.345 ms 4 border-m20-gw.ucdavis.edu (169.237.2.2) 1.371 ms 2.225 ms 1.901 ms 5 BERK--ucd3.ATM.calren2.net (198.32.249.37) 4.147 ms 4.464 ms 4.403 ms 6 SUNV--BERK.POS.calren2.net (198.32.249.14) 5.862 ms 5.239 ms 5.136 ms 7 abilene--QSV.POS.calren2.net (198.32.249.162) 5.427 ms 5.280 ms 5.463 ms 8 scrm-snva.abilene.ucaid.edu (198.32.8.70) 8.239 ms 8.263 ms 8.271 ms 9 dnvr-scrm.abilene.ucaid.edu (198.32.8.2) 30.391 ms 30.413 ms 29.956 ms10 kscy-dnvr.abilene.ucaid.edu (198.32.8.14) 40.933 ms 40.685 ms 40.475 ms11 ipls-kscy.abilene.ucaid.edu (198.32.8.6) 49.493 ms 49.682 ms 49.584 ms12 atla-ipls.abilene.ucaid.edu (198.32.8.42) 60.006 ms 59.522 ms 59.452 ms13 sox-rtr.abilene.sox.net (199.77.193.9) 59.728 ms 60.715 ms 59.595 ms14 199.77.194.6 (199.77.194.6) 60.302 ms 60.407 ms 60.662 ms15 www.gatech.edu (130.207.244.203) 61.592 ms 62.205 ms 62.824 ms
04/03/2001 ecs298k spring 2001 10
traceroute to www.nortelnetworks.com (192.122.98.80), 30 hops max, 38 byte packets 1 fnh254.cs.ucdavis.edu (169.237.6.254) 3.574 ms 1.891 ms 1.813 ms 2 169.237.246.238 (169.237.246.238) 1.860 ms 1.929 ms 1.838 ms 3 area14-gw.ucdavis.edu (169.237.1.30) 1.887 ms 1.962 ms 1.754 ms 4 border-m20-gw.ucdavis.edu (169.237.2.2) 1.891 ms 1.902 ms 1.879 ms 5 BERK--ucd2.ATM.calren2.net (198.32.249.33) 5.347 ms 5.141 ms 5.568 ms 6 QSV-7507-2--QSV.POS.calren2.net (198.32.249.94) 6.706 ms 5.397 ms 5.364 ms 7 QSV-7507-1--QSV-7507-2.POS.calren2.net (198.32.249.86) 7.811 ms 5.521 ms 5.909 ms 8 63-237-208-1.cust.qwest.net (63.237.208.1) 6.035 ms 5.792 ms 5.789 ms 9 svl-core-03.inet.qwest.net (205.171.14.85) 6.548 ms 6.170 ms 6.640 ms10 svl-core-01.inet.qwest.net (205.171.14.121) 5.987 ms 5.999 ms 6.624 ms11 kcm-core-01.inet.qwest.net (205.171.8.9) 41.143 ms 41.302 ms 41.179 ms12 kcm-core-02.inet.qwest.net (205.171.29.126) 40.710 ms 41.459 ms 42.047 ms13 dca-core-01.inet.qwest.net (205.171.5.57) 89.903 ms 90.169 ms 90.870 ms14 dca-core-02.inet.qwest.net (205.171.9.6) 90.226 ms 90.830 ms 90.716 ms15 atl-core-02.inet.qwest.net (205.171.8.153) 105.970 ms 105.829 ms 105.741 ms16 atl-brdr-03.inet.qwest.net (205.171.21.102) 106.000 ms 105.761 ms 105.615 ms17 205.171.4.42 (205.171.4.42) 102.066 ms 101.935 ms 102.183 ms18 so-2-0-0.atlnga1-br2.bbnplanet.net (4.24.8.5) 103.153 ms 102.801 ms 101.990 ms19 p11-0.crtntx1-br2.bbnplanet.net (4.24.6.42) 94.830 ms 94.641 ms 94.916 ms20 p2-0.crtntx1-cr2.bbnplanet.net (4.24.5.18) 95.186 ms 95.127 ms 95.170 ms
04/03/2001 ecs298k spring 2001 11
About the InstructorAbout the Instructor S. Felix Wu ([email protected], x4-7070) Office: 3057 Engineering II Office Hours:
– 1:00-2:00 p.m. on Monday– 1:00-2:00 p.m. on Friday– by appointment
04/03/2001 ecs298k spring 2001 12
about Web siteabout Web site http://www.cs.ucdavis.edu/~wu/ecs289k/index.html
all lectures, notes, announcements, homework assignments, tools, papers will be there.
04/03/2001 ecs298k spring 2001 13
TextbookTextbook No required textbooks, but a long list
recommended books/readings for different subjects….
04/03/2001 ecs298k spring 2001 14
PrerequisitesPrerequisites Computer Networks:
– you should already know subjects such as TCP/IP and other basic network stuff.
Computer Security:– you should have some basic ideas about security
and cryptography such as symmetric and asymmetric key protocols or one way hash function.
Please talk to me if you have any concern.
04/03/2001 ecs298k spring 2001 15
SyllabusSyllabus Internet Architecture [1 lectures] BGP (Border Gateway Routing Protocol) [4 lectures] OSPF (Open Shortest Path First) [2 lectures] Source Tracing and DDoS [2 lectures] IPSec and VPN Policy [4 lectures] QoS: DiffServ, MPLS, and VoIP [3 lectures] Network Management: SNMP, LDAP, MIB, PIB, and
DEN. [1 lecture] Other topics: MobileIP, Ad Hoc, DHCP, DNS….
04/03/2001 ecs298k spring 2001 16
Course RequirementsCourse Requirements 40%: Final Research Project Proposal
– we need to work together on this task and I need to approve it. (due May 11, 2001).
55%: Final Project Demo/Presentation/Report– you need to report the status/progress on a weekly basis
using emails after the proposal is approved.– some will be invited to give a presentation in class.
05%: Participation– Default: you get 5%.– Deducted if missed more than three sessions.
04/03/2001 ecs298k spring 2001 17
GradingGrading This is a graduate course and we should respect each
other….– You need to motivate yourself to learn…
If your proposal is approved in time, and you put efforts to accomplish “something” (running code, experimental results, or analysis), you should expect an A.– I will make sure your success in the proposal stage as well
as weekly check points. But, I won’t take ANY incomplete.
04/03/2001 ecs298k spring 2001 18
About the TAAbout the TA We don’t have any :-( But, I have two PhD students (at NCSU)
will be available to help..– Experiments/simulations/ideas….
Equipment: (we will arrange…)
04/03/2001 ecs298k spring 2001 19
How to move the packets?How to move the packets? In NSFNet, it is sort of centralized controlled. But, now we have so many different networks
and they intersect with each other in a fairly complicated way (and they belong to different nations or administrative domains)!!!
Solution:– address assignment and routing information updates
BGP Table GrowthBGP Table Growth
BGP Table Growth – 12 year history
BGP Table Growth – 2 year & 6 month trends
50000
60000
70000
80000
90000
100000
110000
120000
Jan-99 Mar-99 May-99 Jul-99 Sep-99 Nov-99 Jan-00 Mar-00 May-00 Jul-00 Sep-00 Nov-00 Jan-01
50000
100000
150000
200000
250000
300000
350000
400000
450000
Sep-00 Dec-00 Mar-01 Jun-01 Sep-01 Dec-01 Mar-02 Jun-02 Sep-02 Dec-02 Mar-03 Jun-03 Sep-03 Dec-03 Mar-04 Jun-04
BGP Table Growth – Projections
04/03/2001 ecs298k spring 2001 23
How to handle the size?How to handle the size? Please think….
04/03/2001 ecs298k spring 2001 24
Source AccountabilitySource Accountability Security versus performance IP versus ATM
– connectionless versus connection-oriented?
04/03/2001 ecs298k spring 2001 25
Example Problem:Example Problem:
Source IP address is not trusted!
IP PayloadIP Header
SRC: sourceDST: destination
SRC: 128.59.10.8DST: 152.1.61.120 Is it really from Columbia Univ?
04/03/2001 ecs298k spring 2001 26
Similar to US Mail (or E-Mail)Similar to US Mail (or E-Mail)
from:Dr. S. Felix WuNCSU
To:William SmithM.I.B. Corp.
04/03/2001 ecs298k spring 2001 27
Routing in Internet ProtocolRouting in Internet Protocol
128.59.10.xx
152.1.61.xx
Rtr
Rtr
src:128.59.10.8dst:152.1.61.120
Columbia
NCSU36.190.0.xx Rtr
src:128.59.10.8dst:152.1.61.120Stanford
04/03/2001 ecs298k spring 2001 28
Current IPv4 InfrastructureCurrent IPv4 Infrastructure
No guarantee for the source. Various adhoc approaches to resolve this
issue.– Router Filtering.– TCP Handshake.
A systematic fix: IPSec (Internet Security Architecture)
04/03/2001 ecs298k spring 2001 29
Router FilteringRouter Filtering Very effective (Internet Service Provider should
“always” do that!!) At least, I am sure that this packet is from some
particular subnet. Problems:
– configuration management. (adaptivity)– politics. (why should I restrict my customers?)– mobileIP. (bi-directional tunneling)– trustable router. (network infrastructure attack)
04/03/2001 ecs298k spring 2001 30
TCP HandshakeTCP Handshake
128.59.10.xx
152.1.61.xx
Rtr
RtrColumbia
NCSU36.190.0.xx Rtr
src:128.59.10.8dst:152.1.61.120Stanford
x
seq=y, ACK x+1
Oh!, I don’t know y to generatey+1.
04/03/2001 ecs298k spring 2001 31
End-to-End ArgumentEnd-to-End Argument
Let’s keep the “core” simple, fast. And, anything else should be done by the
end hosts.
Active Networks??
How to draw the line??
04/03/2001 ecs298k spring 2001 32
Four S’sFour S’s
Scalability Security Stability Service Quality
04/03/2001 ecs298k spring 2001 33
Final RemarksFinal Remarks I do not claim that I understand this
monster. There are various issues to be considered at
the same time -- it is a networking system. We will learn, discuss and work together
this quarter through the process of opening cans of worms….