Chapter_1_part_4.pptx

Full Transcript

Chapter 1: roadmap
 What is the Internet?
 What is a protocol?
 Network edge: hosts, access
network, physical media
 Network core: packet/circuit
switching, internet structure
 Performance: loss, delay,
throughput
 Security
 Protocol layers, service models
 History
Introduction: 1-1
How do packet delay and loss occur?
 packets queue in router buffers, waiting for turn for
transmission
 queue length grows when arrival rate to link (temporarily)
exceeds output link capacity
 packet loss occurs when memory to hold queued packets
fills up packet being transmitted (transmission delay)

A

B
packets in buffers (queueing delay)
free (available) buffers: arriving packets
dropped (loss) if no free buffers
Introduction: 1-2
Packet delay: four sources
transmission
A propagation

B
nodal
processingqueueing

dnodal = dproc + dqueue + dtrans +
dprop
dproc: nodal dqueue: queueing delay
processing  time waiting at output link for
 check bit errors transmission
 determine output  depends on congestion level
link of router
Introduction: 1-3
Packet delay: four sources
transmission
A propagation

B
nodal
processingqueueing

dnodal = dproc + dqueue + dtrans +
dprop dprop: propagation delay:
dtrans: transmission
delay:  d: length of physical link
 L: packet length (bits)  s: propagation speed (~2x108
 R: link transmission rate m/sec)
(bps) dtrans and dprop  dprop = d/s
 dtrans = L/R very Introduction: 1-4
Caravan analogy
100 100
km km
ten-car toll booth toll booth toll booth
caravan (aka link)
(aka 10-bit
 carpacket)
~ bit; caravan ~ packet;  time to “push” entire
toll service ~ link
transmission caravan through toll
 toll booth takes 12 sec to booth onto highway =
service car (bit transmission 12*10 = 120 sec
time)
 “propagate” at 100 km/hr  time for last car to
 Q: How long until caravan is propagate from 1st to
lined up before 2nd toll 2nd toll both:
booth? 100km/(100km/hr) = 1
hr Introduction: 1-5
Caravan analogy
100 100
km km
ten-car toll booth toll booth
caravan (aka router)
(aka 10-bit
packet)
 suppose cars now “propagate” at 1000 km/hr
 and suppose toll booth now takes one min to service a car
 Q: Will cars arrive to 2nd booth before all cars serviced at first
booth?
A: Yes! after 7 min, first car arrives at second booth;
three cars still at first booth

Introduction: 1-6
Packet queueing delay (revisited)
 a: average packet arrival rate

average queueing
 L: packet length (bits)

delay
 R: link bandwidth (bit
transmission rate)
L. a arrival rate of bits “traffic
:
R service rate of bits intensity” traffic intensity = La/R 1

 La/R ~ 0: avg. queueing delay La/R ~ 0
small
 La/R -> 1: avg. queueing delay
large
 La/R > 1: more “work” arriving La/R -> 1
is more than can be serviced - Introduction: 1-7
“Real” Internet delays and routes
 what do “real” Internet delay & loss look like?
 traceroute program: provides delay measurement
from source to router along end-end Internet path
towards destination. For all i:
sends three packets that will reach router i on path towards
destination (with time-to-live field value of i)
router i will return packets to sender
sender measures time interval between transmission and
reply

3 probes 3 probes

3 probes

Introduction: 1-8
Real Internet delays and routes
traceroute: gaia.cs.umass.edu to
www.eurecom.fr 3 delay measurements from
gaia.cs.umass.edu to cs-gw.cs.umass.edu
1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms 3 delay measurements
2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms
3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms to border1-rt-fa5-1-
4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms 0.gw.umass.edu
5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms
6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms
7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms trans-oceanic link
8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms
9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms
10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms looks like delays
11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms
12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms decrease! Why?
13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms
14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms
15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms
16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms
17 * * *
18 * * * * means no response (probe lost, router not
replying)
19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms

* Do some traceroutes from exotic countries at www.traceroute.org
Introduction: 1-9
 Packet loss
 queue (aka buffer) preceding link in buffer has finite
 capacity
packet arriving to full queue dropped (aka lost)
 lost packet may be retransmitted by previous node,
by source end system, or not at all
buffer
(waiting area)packet being transmitted
A

B
packet arriving to
full buffer is lost

* Check out the Java applet for an interactive animation (on publisher’s website) of queuing and loss
Introduction: 1-10
 Throughput
 throughput: rate (bits/time unit) at which bits are being
sent from sender to receiver
instantaneous: rate at given point in time
average: rate over longer period of time

link capacity
pipe that can link capacity
pipe that can
server sends R carry
bits/sec carry
Rc bits/sec
server, with fluid
s
at rate fluid at rate
bits
file of F bits
to (fluid)
send to client (Rs bits/sec)
into (Rc bits/sec)
pipe Introduction: 1-11
Throughput
Rs < Rc What is average end-end
throughput?
Rs bits/sec Rc bits/sec

Rs > Rc What is average end-end
throughput?
Rs bits/sec Rc bits/sec

bottleneck
link onlink
end-end path that constrains end-end
throughput
Introduction: 1-12
Throughput: network scenario
 per-connection
Rs end-end
Rs Rs throughput:
min(Rc,Rs,R/10)
R  in practice: Rc or Rs
Rc Rc
is often bottleneck
Rc
* Check out the online interactive exercises for more
examples: http://gaia.cs.umass.edu/kurose_ross/

10 connections (fairly) share
backbone bottleneck link R
bits/sec Introduction: 1-13
Chapter 1: roadmap
 What is the Internet?
 What is a protocol?
 Network edge: hosts, access
network, physical media
 Network core: packet/circuit
switching, internet structure
 Performance: loss, delay,
throughput
 Security
 Protocol layers, service models
 History
Introduction: 1-14
Network security
 Internet not originally designed with (much)
security in mind
original vision: “a group of mutually trusting users
attached to a transparent network” 
Internet protocol designers playing “catch-up”
security considerations in all layers!
 We now need to think about:
how bad guys can attack computer networks
how we can defend networks against attacks
how to design architectures that are immune to
attacks
Introduction: 1-15
Network security
 Internet not originally designed with (much)
security in mind
original vision: “a group of mutually trusting users
attached to a transparent network” 
Internet protocol designers playing “catch-up”
security considerations in all layers!
 We now need to think about:
how bad guys can attack computer networks
how we can defend networks against attacks
how to design architectures that are immune to
attacks
Introduction: 1-16
Bad guys: packet interception
packet “sniffing”:
 broadcast media (shared Ethernet, wireless)
 promiscuous network interface reads/records all
packets (e.g., including passwords!) passing by

A C

src:B dest:A payload
B

Wireshark software used for our end-of-chapter labs is a (free)
packet-sniffer
Introduction: 1-17
Bad guys: fake identity
IP spoofing: injection of packet with false
source address

A C

src:B dest:A payload

B

Introduction: 1-18
Bad guys: denial of service
Denial of Service (DoS): attackers make resources
(server, bandwidth) unavailable to legitimate
traffic by overwhelming resource with bogus
traffic
1. select target
2. break into hosts
around the
network (see
target
3. send packets to
botnet)
target from
compromised hosts
Introduction: 1-19
Lines of defense:
 authentication: proving you are who you say you are
cellular networks provides hardware identity via SIM card; no
such hardware assist in traditional Internet
 confidentiality: via encryption
 integrity checks: digital signatures prevent/detect
tampering
 access restrictions: password-protected VPNs
 firewalls: specialized “middleboxes” in access and core
networks:
 off-by-default: filter incoming packets to restrict senders,
receivers, applications
 detecting/reacting to DOS attacks
… lots more on security (throughout, Chapter 8) Introduction: 1-20
Chapter 1: roadmap
 What is the Internet?
 What is a protocol?
 Network edge: hosts, access
network, physical media
 Network core: packet/circuit
switching, internet structure
 Performance: loss, delay,
throughput
 Security
 Protocol layers, service models
 History
Introduction: 1-21
Protocol “layers” and reference
models
Networks are complex, Question: is there
with many “pieces”: any hope of
 hosts organizing structure
 routers of network?
 links of various media  and/or our
 applications discussion of
networks?
 protocols
 hardware, software

Introduction: 1-22
Example: organization of air travel
end-to-end transfer of person plus baggage
ticket (purchase) ticket (complain)
baggage (check) baggage (claim)
gates (load) gates (unload)
runway takeoff runway landing
airplane routing airplane routing
airplane routing

How would you define/discuss the system of airline travel?
 a series of steps, involving many services
Introduction: 1-23
Example: organization of air travel

ticket (purchase) ticketing service ticket (complain)
baggage (check) baggage service baggage (claim)
gates (load) gate service gates (unload)
runway takeoff runway service runway landing
airplane routing routing service
airplane routing airplane routing

layers: each layer implements a
service
 via its own internal-layer actions
 relying on services provided by layer
below Introduction: 1-24
Why layering?
Approach to designing/discussing complex
 systems:
explicit structure allows
identification, relationship of
system’s pieces
layered reference model for discussion
 modularization eases maintenance,
updating of system
change in layer's service
implementation: transparent to rest of
system
e.g., change in gate procedure doesn’t
affect rest of system
Introduction: 1-25
Layered Internet protocol stack
 application: supporting network
applications
HTTP, IMAP, SMTP, DNS application
application
 transport: process-process data transfer
TCP, UDP transport
transport
 network: routing of datagrams from network
source to destination
IP, routing protocols
link
 link: data transfer between neighboring
network elements physical
Ethernet, 802.11 (WiFi), PPP
 physical: bits “on the wire”
Introduction: 1-26
 Services, Layering and Encapsulation
M
Application exchanges messages to implement
applicatio some application service using services of applicatio
transport layer
Ht M
n Transport-layer protocol transfers M (e.g., n
reliably) from one process to another, using
services of network layer
transport  transport-layer protocol transport
encapsulates application-layer
message, M, with transport layer-
network network
layer header Ht to create a
transport-layer segment
link Ht used by transport layer link
protocol to implement its service
source physical destination
physical
Introduction: 1-27
 Services, Layering and Encapsulation
M

applicatio applicatio
Ht M
n Transport-layer protocol transfers M (e.g., n
reliably) from one process to another, using
services of network layer
Hn Ht M
transport Network-layer protocol transfers transport-layer
transport
segment [Ht | M] from one host to another,
using link layer services
network  network-layer protocol network
encapsulates transport-layer
link segment [Ht | M] with network link
layer-layer header Hn to create a
source physical network-layer datagram destination
physical
Hn used by network layer
protocol to implement its service Introduction: 1-28
 Services, Layering and Encapsulation
M

applicatio applicatio
Ht M
n n
Hn Ht M
transport Network-layer protocol transfers transport-layer
transport
segment [Ht | M] from one host to another,
using
Hl Hlink
n Ht
layer
M services
network network
Link-layer protocol transfers datagram [Hn| [Ht
|M] from host to neighboring host, using
network-layer services
link  link-layer protocol encapsulates link
network datagram [Hn| [Ht |M], with
source physical link-layer header Hl to create a destination
physical
link-layer frame
Introduction: 1-29
 Encapsulation
Matryoshka dolls (stacking dolls)

messagesegment datagram frame

Credit: https://dribbble.com/shots/7182188-Babushka-Boi Introduction: 1-30
 Services, Layering and Encapsulation

message M
applicatio M applicatio

segment Ht M
n Ht M
n
datagram Hn Ht M Hn Ht M
transport transport

frame Hl Hn Ht M Hl Hn Ht M
network network

link link

source physical destination
physical
Introduction: 1-31
 source Encapsulation:
message
segment
M application an end-end
Htt M transport
datagram Hn Ht M network view
frame Hl Hn Ht M link
physical
link
physical

switch

destination Hn Ht M network
M application Hl Hn Ht M link Hn Ht M
Ht M transport physical
Hn Ht M network
Hl Hn Ht M link router
physical
Introduction: 1-32
Chapter 1: summary
We’ve covered a “ton” of
material!
 Internet overview
 what’s a protocol? You now have:
 network edge, access network,  context,
core overview,
packet-switching versus circuit- vocabulary,
switching “feel” of
Internet structure networking
 performance: loss, delay,  more depth,
throughput detail, and fun to
 layering, service models follow!
 security
 history
Introduction: 1-33
Additional Chapter 1 slides

Introduction: 1-34
 ISO/OSI reference model
Two layers not found in Internet
protocol stack! application
 presentation: allow applications to presentation
interpret meaning of data, e.g., session
encryption, compression, machine-
specific conventions transport
 session: synchronization, network
checkpointing, recovery of data link
exchange
 Internet stack “missing” these layers! physical
these services, if needed, must be The seven layer OSI/ISO
implemented in application reference model
needed?
Introduction: 1-35
 Services, Layering and Encapsulation
M

applicatio M applicatio
message
Ht M
n Ht M
n
segment
Hn Ht M Hn Ht M
transport transport
datagram

Hl Hn Ht M Hl Hn Ht M
network network
frame

link link

source physical destination
physical
Introduction: 1-36
Wireshark
application
(www browser,
packet
email client)
analyzer
application

OS
packet Transport (TCP/UDP)
capture copy of all Network (IP)
Ethernet frames
Link (Ethernet)
(pcap) sent/received
Physical

Introduction: 1-37