Chapter_1_part_4.pptx
Document Details
Full Transcript
Chapter 1: roadmap What is the Internet? What is a protocol? Network edge: hosts, access network, physical media Network core: packet/circuit switching, internet structure Performance: loss, delay, throughput Security Protocol layers, service models History...
Chapter 1: roadmap What is the Internet? What is a protocol? Network edge: hosts, access network, physical media Network core: packet/circuit switching, internet structure Performance: loss, delay, throughput Security Protocol layers, service models History Introduction: 1-1 How do packet delay and loss occur? packets queue in router buffers, waiting for turn for transmission queue length grows when arrival rate to link (temporarily) exceeds output link capacity packet loss occurs when memory to hold queued packets fills up packet being transmitted (transmission delay) A B packets in buffers (queueing delay) free (available) buffers: arriving packets dropped (loss) if no free buffers Introduction: 1-2 Packet delay: four sources transmission A propagation B nodal processingqueueing dnodal = dproc + dqueue + dtrans + dprop dproc: nodal dqueue: queueing delay processing time waiting at output link for check bit errors transmission determine output depends on congestion level link of router Introduction: 1-3 Packet delay: four sources transmission A propagation B nodal processingqueueing dnodal = dproc + dqueue + dtrans + dprop dprop: propagation delay: dtrans: transmission delay: d: length of physical link L: packet length (bits) s: propagation speed (~2x108 R: link transmission rate m/sec) (bps) dtrans and dprop dprop = d/s dtrans = L/R very Introduction: 1-4 Caravan analogy 100 100 km km ten-car toll booth toll booth toll booth caravan (aka link) (aka 10-bit carpacket) ~ bit; caravan ~ packet; time to “push” entire toll service ~ link transmission caravan through toll toll booth takes 12 sec to booth onto highway = service car (bit transmission 12*10 = 120 sec time) “propagate” at 100 km/hr time for last car to Q: How long until caravan is propagate from 1st to lined up before 2nd toll 2nd toll both: booth? 100km/(100km/hr) = 1 hr Introduction: 1-5 Caravan analogy 100 100 km km ten-car toll booth toll booth caravan (aka router) (aka 10-bit packet) suppose cars now “propagate” at 1000 km/hr and suppose toll booth now takes one min to service a car Q: Will cars arrive to 2nd booth before all cars serviced at first booth? A: Yes! after 7 min, first car arrives at second booth; three cars still at first booth Introduction: 1-6 Packet queueing delay (revisited) a: average packet arrival rate average queueing L: packet length (bits) delay R: link bandwidth (bit transmission rate) L. a arrival rate of bits “traffic : R service rate of bits intensity” traffic intensity = La/R 1 La/R ~ 0: avg. queueing delay La/R ~ 0 small La/R -> 1: avg. queueing delay large La/R > 1: more “work” arriving La/R -> 1 is more than can be serviced - Introduction: 1-7 “Real” Internet delays and routes what do “real” Internet delay & loss look like? traceroute program: provides delay measurement from source to router along end-end Internet path towards destination. For all i: sends three packets that will reach router i on path towards destination (with time-to-live field value of i) router i will return packets to sender sender measures time interval between transmission and reply 3 probes 3 probes 3 probes Introduction: 1-8 Real Internet delays and routes traceroute: gaia.cs.umass.edu to www.eurecom.fr 3 delay measurements from gaia.cs.umass.edu to cs-gw.cs.umass.edu 1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms 3 delay measurements 2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms 3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms to border1-rt-fa5-1- 4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms 0.gw.umass.edu 5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms 6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms 7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms trans-oceanic link 8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms 9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms 10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms looks like delays 11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms 12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms decrease! Why? 13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms 14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms 15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms 16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms 17 * * * 18 * * * * means no response (probe lost, router not replying) 19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms * Do some traceroutes from exotic countries at www.traceroute.org Introduction: 1-9 Packet loss queue (aka buffer) preceding link in buffer has finite capacity packet arriving to full queue dropped (aka lost) lost packet may be retransmitted by previous node, by source end system, or not at all buffer (waiting area)packet being transmitted A B packet arriving to full buffer is lost * Check out the Java applet for an interactive animation (on publisher’s website) of queuing and loss Introduction: 1-10 Throughput throughput: rate (bits/time unit) at which bits are being sent from sender to receiver instantaneous: rate at given point in time average: rate over longer period of time link capacity pipe that can link capacity pipe that can server sends R carry bits/sec carry Rc bits/sec server, with fluid s at rate fluid at rate bits file of F bits to (fluid) send to client (Rs bits/sec) into (Rc bits/sec) pipe Introduction: 1-11 Throughput Rs < Rc What is average end-end throughput? Rs bits/sec Rc bits/sec Rs > Rc What is average end-end throughput? Rs bits/sec Rc bits/sec bottleneck link onlink end-end path that constrains end-end throughput Introduction: 1-12 Throughput: network scenario per-connection Rs end-end Rs Rs throughput: min(Rc,Rs,R/10) R in practice: Rc or Rs Rc Rc is often bottleneck Rc * Check out the online interactive exercises for more examples: http://gaia.cs.umass.edu/kurose_ross/ 10 connections (fairly) share backbone bottleneck link R bits/sec Introduction: 1-13 Chapter 1: roadmap What is the Internet? What is a protocol? Network edge: hosts, access network, physical media Network core: packet/circuit switching, internet structure Performance: loss, delay, throughput Security Protocol layers, service models History Introduction: 1-14 Network security Internet not originally designed with (much) security in mind original vision: “a group of mutually trusting users attached to a transparent network” Internet protocol designers playing “catch-up” security considerations in all layers! We now need to think about: how bad guys can attack computer networks how we can defend networks against attacks how to design architectures that are immune to attacks Introduction: 1-15 Network security Internet not originally designed with (much) security in mind original vision: “a group of mutually trusting users attached to a transparent network” Internet protocol designers playing “catch-up” security considerations in all layers! We now need to think about: how bad guys can attack computer networks how we can defend networks against attacks how to design architectures that are immune to attacks Introduction: 1-16 Bad guys: packet interception packet “sniffing”: broadcast media (shared Ethernet, wireless) promiscuous network interface reads/records all packets (e.g., including passwords!) passing by A C src:B dest:A payload B Wireshark software used for our end-of-chapter labs is a (free) packet-sniffer Introduction: 1-17 Bad guys: fake identity IP spoofing: injection of packet with false source address A C src:B dest:A payload B Introduction: 1-18 Bad guys: denial of service Denial of Service (DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic 1. select target 2. break into hosts around the network (see target 3. send packets to botnet) target from compromised hosts Introduction: 1-19 Lines of defense: authentication: proving you are who you say you are cellular networks provides hardware identity via SIM card; no such hardware assist in traditional Internet confidentiality: via encryption integrity checks: digital signatures prevent/detect tampering access restrictions: password-protected VPNs firewalls: specialized “middleboxes” in access and core networks: off-by-default: filter incoming packets to restrict senders, receivers, applications detecting/reacting to DOS attacks … lots more on security (throughout, Chapter 8) Introduction: 1-20 Chapter 1: roadmap What is the Internet? What is a protocol? Network edge: hosts, access network, physical media Network core: packet/circuit switching, internet structure Performance: loss, delay, throughput Security Protocol layers, service models History Introduction: 1-21 Protocol “layers” and reference models Networks are complex, Question: is there with many “pieces”: any hope of hosts organizing structure routers of network? links of various media and/or our applications discussion of networks? protocols hardware, software Introduction: 1-22 Example: organization of air travel end-to-end transfer of person plus baggage ticket (purchase) ticket (complain) baggage (check) baggage (claim) gates (load) gates (unload) runway takeoff runway landing airplane routing airplane routing airplane routing How would you define/discuss the system of airline travel? a series of steps, involving many services Introduction: 1-23 Example: organization of air travel ticket (purchase) ticketing service ticket (complain) baggage (check) baggage service baggage (claim) gates (load) gate service gates (unload) runway takeoff runway service runway landing airplane routing routing service airplane routing airplane routing layers: each layer implements a service via its own internal-layer actions relying on services provided by layer below Introduction: 1-24 Why layering? Approach to designing/discussing complex systems: explicit structure allows identification, relationship of system’s pieces layered reference model for discussion modularization eases maintenance, updating of system change in layer's service implementation: transparent to rest of system e.g., change in gate procedure doesn’t affect rest of system Introduction: 1-25 Layered Internet protocol stack application: supporting network applications HTTP, IMAP, SMTP, DNS application application transport: process-process data transfer TCP, UDP transport transport network: routing of datagrams from network source to destination IP, routing protocols link link: data transfer between neighboring network elements physical Ethernet, 802.11 (WiFi), PPP physical: bits “on the wire” Introduction: 1-26 Services, Layering and Encapsulation M Application exchanges messages to implement applicatio some application service using services of applicatio transport layer Ht M n Transport-layer protocol transfers M (e.g., n reliably) from one process to another, using services of network layer transport transport-layer protocol transport encapsulates application-layer message, M, with transport layer- network network layer header Ht to create a transport-layer segment link Ht used by transport layer link protocol to implement its service source physical destination physical Introduction: 1-27 Services, Layering and Encapsulation M applicatio applicatio Ht M n Transport-layer protocol transfers M (e.g., n reliably) from one process to another, using services of network layer Hn Ht M transport Network-layer protocol transfers transport-layer transport segment [Ht | M] from one host to another, using link layer services network network-layer protocol network encapsulates transport-layer link segment [Ht | M] with network link layer-layer header Hn to create a source physical network-layer datagram destination physical Hn used by network layer protocol to implement its service Introduction: 1-28 Services, Layering and Encapsulation M applicatio applicatio Ht M n n Hn Ht M transport Network-layer protocol transfers transport-layer transport segment [Ht | M] from one host to another, using Hl Hlink n Ht layer M services network network Link-layer protocol transfers datagram [Hn| [Ht |M] from host to neighboring host, using network-layer services link link-layer protocol encapsulates link network datagram [Hn| [Ht |M], with source physical link-layer header Hl to create a destination physical link-layer frame Introduction: 1-29 Encapsulation Matryoshka dolls (stacking dolls) messagesegment datagram frame Credit: https://dribbble.com/shots/7182188-Babushka-Boi Introduction: 1-30 Services, Layering and Encapsulation message M applicatio M applicatio segment Ht M n Ht M n datagram Hn Ht M Hn Ht M transport transport frame Hl Hn Ht M Hl Hn Ht M network network link link source physical destination physical Introduction: 1-31 source Encapsulation: message segment M application an end-end Htt M transport datagram Hn Ht M network view frame Hl Hn Ht M link physical link physical switch destination Hn Ht M network M application Hl Hn Ht M link Hn Ht M Ht M transport physical Hn Ht M network Hl Hn Ht M link router physical Introduction: 1-32 Chapter 1: summary We’ve covered a “ton” of material! Internet overview what’s a protocol? You now have: network edge, access network, context, core overview, packet-switching versus circuit- vocabulary, switching “feel” of Internet structure networking performance: loss, delay, more depth, throughput detail, and fun to layering, service models follow! security history Introduction: 1-33 Additional Chapter 1 slides Introduction: 1-34 ISO/OSI reference model Two layers not found in Internet protocol stack! application presentation: allow applications to presentation interpret meaning of data, e.g., session encryption, compression, machine- specific conventions transport session: synchronization, network checkpointing, recovery of data link exchange Internet stack “missing” these layers! physical these services, if needed, must be The seven layer OSI/ISO implemented in application reference model needed? Introduction: 1-35 Services, Layering and Encapsulation M applicatio M applicatio message Ht M n Ht M n segment Hn Ht M Hn Ht M transport transport datagram Hl Hn Ht M Hl Hn Ht M network network frame link link source physical destination physical Introduction: 1-36 Wireshark application (www browser, packet email client) analyzer application OS packet Transport (TCP/UDP) capture copy of all Network (IP) Ethernet frames Link (Ethernet) (pcap) sent/received Physical Introduction: 1-37