Networked Apps Notes PDF
Document Details
Uploaded by ChivalrousCamellia7394
Carleton University
Tags
Summary
This document contains notes on networked applications, covering topics like email, DNS, and network management. It includes a section on message types for a protocol, as well as examples of how network resources can be managed. It does not appear to be a past paper.
Full Transcript
**[Application Layer]** **E-mail** - - - - - - - - - **E-mail: mail servers** - - - - - - **SMTP RFC (5321)** - - - - - - - - - **Scenario: Alice sends e-mail to Bob** 1. 2. 3. 4. 5. 6. **SMTP: observations** - - -...
**[Application Layer]** **E-mail** - - - - - - - - - **E-mail: mail servers** - - - - - - **SMTP RFC (5321)** - - - - - - - - - **Scenario: Alice sends e-mail to Bob** 1. 2. 3. 4. 5. 6. **SMTP: observations** - - - - - - - - - **Mail message format** - - - - - - - - **Retrieving email: mail access protocols** - - - - **IMAP** - - - - - - - - - **The Domain Name System DNS** - - - - - - - - - - - - - - - **Name translated into address** **DNS: services, structure** - - - - - - - - - - - - - - - **Thinking about the DNS** - - - - - - - - **DNS: a distributed, hierarchical database**  - - - - **DNS: root name servers** - - - - - - **Top-Level Domain, and authoritative servers** - - - - - - - **Hierarchy of Name Servers - zone to NS** **Local DNS name servers** - - - - - - - - **DNS name resolution** - - - - - - - - **Caching DNS Information** - - - - - - - **DNS records** - - - - - - - - - - - - - - **DNS protocol messages** - - - - - - - - **Getting info into the DNS** - - - - - - - **DNS security** - - - - - - - - - - - **What is network management?** - - - - **Components of network management** - - - - **Network operator approaches to management** - - - - - - - - - **SNMP protocol: message types** +-----------------------------------+-----------------------------------+ | **Message type** | **Function** | +===================================+===================================+ | GetRequest | manager-to-agent: "get me data" | | | (data instance, next data in | | GetNextRequest | list, block of data). | | | | | GetBulkRequest | | +-----------------------------------+-----------------------------------+ | SetRequest | manager-to-agent: set MIB value | +-----------------------------------+-----------------------------------+ | InformRequest | manager-to-manager: inform remote | | | entity of MIB values remote to | | | its access | +-----------------------------------+-----------------------------------+ | Response | Agent-to-manager: value, response | | | to Request | +-----------------------------------+-----------------------------------+ | Trap | Agent-to-manager: inform manager | | | of exceptional event | +-----------------------------------+-----------------------------------+ **SNMP protocol: message formats** **SNMP: Management Information Base (MIB)** - - - - - **Remote Procedure Call (RPC)** - - - - - - - **identifiers in RPC** - - - - - - - - - - - - - **RPC implementations** - - - - - - - - - **gRPC - streaming** - - - - - - - - **Zero-touch management** - - - - **NETCONF overview** - - - - - - - - - - - - - - - - - - - - **NETCONF protocol layers**  **YANG - Yet Another Next Generation** - - - **YANG and NETCONF** - - - - - **[Network Layer and SDN]** **Network-layer services and protocols** - - - - - - - **Two key network-layer functions** - - - - - - - **Network layer: data plane, control plane** - - - - - - - - - **Network-layer functions** - - - - - - - - - **Network Layer: Internet** **IP Datagram format**  **IPv6: motivation** - - - - **IPv6 datagram format** **IP addressing: introduction** - - - - **IP addresses: how to get one?** - 1. 2. - - - - **DHCP: Dynamic Host Configuration Protocol** - - - - - - - - - **DHCP client-server scenario**  **DHCP: more than IP addresses** - - - - - - - - - - - - **Generalized forwarding: match plus action** - - - - - - **Flow table abstraction** - - - - - - **OpenFlow: flow table entries**  **OpenFlow: examples**  **OpenFlow abstraction** - - - - - - - - - - - - - **OpenFlow examples** +-----------------------------------+-----------------------------------+ | |  | +===================================+===================================+ | \- Orchestrated tables can create | | | network-wide behavior, e.g.,: | | | | | | \- datagrams from hosts h5 and h6 | | | should be sent to h3 or h4, via | | | s1 and from there to s2 | | +-----------------------------------+-----------------------------------+ **Generalized forwarding: summary** - - - - - - - **Software defined networking (SDN)** - - - - - - - - - - - - **SDN analogy: mainframe to PC** **Traffic engineering: difficult with traditional routing**  - - - - - - - - **Software defined networking (SDN)** - - - - - - - - - - - - - - **Components of SDN controller** - - - **OpenFlow protocol** - - - - - - - - - **OpenFlow messages** - - - - - - - - - **SDN: control/data plane interaction example** 1. 2. 3. 4. 5. 6. **OpenDaylight (ODL) controller**  - - **ONOS controller** - - - **SDN: Selected Challenges** - - - - - - - **A day in the life: connecting to the Internet** - - - - - - - - **A day in the life\...** - - - - - - - - - - - - - - - - - - - - **[Network Security]** **Security: overview** - - - - - - - - **Tasks in designing a security service** - - - - **Friends and enemies: Alice, Bob, Trudy** - - - - - - - - - - **There are bad actors out there!** - - - - - - - **What does "communicate securely" mean?** - - - - - **What is network security?** - - - - - - **Network Security - Mission** - - - - **Cryptography** - - - - **The language of cryptography** - - - **Symmetric key cryptography** - - - - - - - **Simple encryption scheme** - - - **Breaking an encryption scheme** - - - - - - - **A more sophisticated encryption approach** - - - - - - - - **Block Ciphers** - - - - - - - - - **Cipher-Block Chaining (CBC)** - - - - - - - **Symmetric key crypto: DES** - - - - - - - - - **AES: Advanced Encryption Standard** - - - - **Stream Cipher** - - - **Public Key Cryptography** - - - - - - - - **Public Key Cryptography**  - - - - - - - **RSA in practice: session keys** - - - - - - Prerequisite: modular arithmetic - - - - - - - - - - **RSA: getting ready** - - - - - - **RSA: Creating public/private key pair** 1. 2. 3. 4. 5. **RSA: encryption, decryption** 1. 2. - 3. - **RSA example:** **Why does RSA work?** - - - - - **RSA: another important property** - - - **Why is RSA secure?** - - - **[Network Security]** **Message Integrity** - - - - - **Message Authentication** - - - - **Message digests** - - - - - - **Cryptographic Hash Function** - - - **Internet checksum: poor crypto hash function** - - - -  **Hash function algorithms** - - - - - - - - - **Use of Hash Function for Message Authentication** **Other use of hash function** - - - - **Message Authentication Code (MAC)** - - - - - - - - - - - - **Digital signatures** - - - - - - - - - - - - - - - **Comparing MAC and Digital Signatures** - - - - - - - - **Public key Certification Authorities (CA)** - - - - - - - **Standards for CA** - - - - - - - - **Security in the Internet** - - - - - - - - **Securing E-mail** - - - - **Pretty Good Privacy (PGP)** - - - - - - **PGP Summary**  **PGP Cryptographic function** **S/MIME** - - **Transport-level Security** - - - - - - - **Transport-layer security (TLS)** - - - - - - - - - - - - - - - - - - - **Transport-layer security: what's needed?** - - - - - - **t-tls: initial handshake** - - - - - - **t-tls: cryptographic keys** - - - - - - - - - **t-tls: encrypting data** - - - - - - -  - - - - - - **t-tls: connection close** - - - - - - **Transport-layer security (TLS)** - -  **TLS: 1.3 cipher suite** - - - - - - - **TLS 1.3 handshake: 1 RTT** 1. - - 2. - - - 3. - - - **TLS 1.3 handshake: 0 RTT** - - - - - **HTTPS** - - - - - - - - - **Secure Shell (SSH)** - - **Network-Layer Security** - - - - - **Benefits of IPsec** - - - - - **IP Sec** - - - - - - - - **Two IPsec protocols** - - - - - **Security associations (SAs)** - - - - - - - - - - - - - - - - - - - - - - - **Basic Combinations of SAs** **IP Sec modes** - - - - - - **IPsec datagram** - - - - - **ESP tunnel mode: actions at R1:** - - - - - - **Tunnel and Transport Mode**  **IPsec sequence numbers** - - - - - - - - - - **ESP tunnel mode: actions at R2:** - 1. 2. a. 3. 4. 5. 6. **IPsec Architecture** **IPsec Security Databases** - - - - - - - - - - - - - **IPsec services** - - - - - **IKE: Internet Key Exchange** - - - - - - - - - **IKE: PSK and PKI** - - - - - - - - **IKE Phases** - - - - - - - - **IPsec summary** - - - - - **Firewalls** - - - - - - - - - - - - **Stateless packet filtering** - - - - - - - - - - - **Access Control Lists** - **Stateful packet filtering** - - - - - - **Application gateways** - - 1. 2. - 3. **Limitations of firewalls, gateways** - - - - - - - **Intrusion detection systems** - - - - - - - - - -  **[Cloud Computing]** **Introduction to Cloud Computing** - - - - - - **What is Cloud Computing?** - - - **Business Drivers** - - - - - **Technology Inovations** - - - - - - - - - - **Basic Concepts and Terminology** - - - - - - - - - - - - - - - - - - - **Cloud Computing Characteristics** - - - - - - - - - - - - - - - - - - **Cloud-Enabling Technology** - - - - - - **Cloud Delivery Models** - - - - - - - - - - - - - **Cloud Delivery Sub-Models** - - - - - - - **Cloud Deployment Models** - - - - - - - - - - **Cloud Infrastructure Mechanisms** - - - - - - - - - - - **Virtual Server** - - - 1. 2. 3. 4. 5. - **Hypervisor** - - - - - - - - - - - - **Hypervisor types** - - **Containers** - - - - - - - - **Container Definitions** - - - - - - - - - - - - - - - **Containers - benefits** - - - - - - **Containers - risk and challenges** - - - - - **Virtual Switch (vSwitch)** - - - - - - - **Network Functions Virtualization (NFV)** - - - - - - - - - - - - - - - **Input-Output (I/O)** - - - - - - - - - - **Packet flow** - - - - - - - 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. - - - - - - - - - - - - - - - - - - - **Load Balancer** - - - - - - - - - - - - **Automated Scaling Listener** - - - - - - - - **Failover Mechanisms** - - - - - - - - - **Resource Replication** - - - **Cloud Usage Monitor** - - - - - - - **Monitoring Agent** - - - - **Resource Agent** - - **Polling Agent** - - - **Container Networks** - - - - - - **Container Images** - - - - - - - - - - - - - **Container Build Files** - - - - - - - - - - **Container Orchestration** - - - - - - - - - - **Container - Orchestration steps** - - - - - - **Container - Orchestration key components** - - - - - - - **Cloud Computing - Workload Distribution Architecture** - - - - - - - - - **Cloud Computing - Dynamic Scalability Architecture** - - - - - - - - - - - - - - - - - - - - **Cloud Computing - Virtual Private Cloud Architecture** - - - - - - - - - **Cloud Computing - Zero Downtime Architecture** - - - - - - - - - - - - - **Denial of Service** - - - **Virtualization Attack** - - **Containerization Attack** - - - - - **Security Mechanisms** - - - - - - - - - - - - - - - **Emerging Trends in Cloud Computing** - - - - - -
