Transcript Document

OS Overview
4/13/2015
.
1
Block Diagram of the System Kernel
User Program
Traps/ Interrupts
User Level
User Libraries
Kernel Level
System Call Interface
Security
Interface
Confidentiality
Authentication
Mobility
Interface
File System
Process Control
system
Inter process
Communication
MIPv4
Buffer Cache
Intra process
Communication
MIPv6
Integrity
Nonrepudiation
VoIP & PTT
Support
character
block
Device Driver
Access Control
Availability
Scheduler
Scheduler
Memory
Management
Hardware Control
Hardware
4/13/2015
.
2
Algorithm Analysis Notations
4/13/2015
.
3
Big O Notation
cg(n)
f(n)
k
Definition: A theoretical measure of the execution of an algorithm,
usually the time or memory needed, given the problem size n, which is
usually the number of items. Informally, saying some equation f(n) =
O(g(n)) means it is less than some constant multiple of g(n).
Formal Definition: f(n) = O(g(n)) means there are positive constants c
and k, such that 0 ≤ f(n) ≤ cg(n) for all n ≥ k. The values of c and k must
be fixed for the function f and must not depend on n.
4/13/2015
.
4
Big ω Notation
f(n)
cg(n)
k
Definition: A theoretical measure of the execution of an algorithm,
usually the time or memory needed, given the problem size n, which is
usually the number of items. Informally, saying some equation f(n) = ω
(g(n)) means g(n) becomes insignificant relative to f(n) as n goes to
infinity.
Formal Definition: f(n) = ω (g(n)) means that for any positive constant
c, there exists a constant k, such that 0 ≤ cg(n) < f(n) for all n ≥ k. The
value of k must not depend on n, but may depend on c.
4/13/2015
.
5
Big Θ Notation
c2g(n)
f(n)
c1g(n)
k
Definition: A theoretical measure of the execution of an algorithm,
usually the time or memory needed, given the problem size n, which is
usually the number of items. Informally, saying some equation f(n) = Θ
(g(n)) means it is within a constant multiple of g(n). The equation is read,
"f of n is theta g of n".
Formal Definition: f(n) = Θ (g(n)) means there are positive constants
c1, c2, and k, such that 0 ≤ c1g(n) ≤ f(n) ≤ c2g(n) for all n ≥ k. The values
of c1, c2, and k must be fixed for the function f and must not depend on
n.
4/13/2015
.
6
Process Management
4/13/2015
.
7
Process Definition
• A process is an entity which is created by the
operating system and consists of a sequence of bytes
which is interpreted by the CPU as
1. Machine instruction.
2. Data
3. Stack.
Many processes appear to execute simultaneously as the
kernel schedules them for execution and several
processes may be an instance of one program. In UNIX
fork is used to create a process.
4/13/2015
.
8
Process State & Transition
User
Running
Trap/interrupt
return
Interrupt/Interrupt
Return
Kernel
Schedule
Process
sleep
Wakeup
Ready to
run
Sleep
4/13/2015
.
9
Process Structure
text
Data
Stack
Process consists of 3 regions. Region is a
contiguous area of the virtual address space
4/13/2015
.
10
Data structure for a process
U Area
Per process region
table
Region table
Process table
text
data
stack
memory
Per process region table allows independent processes to
share regions.
4/13/2015
.
11
File System
4/13/2015
.
12
File System Definition
1. The collection of files and file management structures on a
physical or logical mass storage device, such as a diskette or
disk
2. the way the files are organized on the disk and the methods and
data structures that an operating system uses to keep track of
files on a disk or partition.
3. A data structure that translates the logical (files, directories)
structure into physical (sector); it helps both computers and
users to locate files.
4/13/2015
.
13
File System Architecture for UNIX
/
bin
etc
unix
user
dev
tty00
mike
jim
z
4/13/2015
tty01
y
x
.
14
File System Layout
Boot block
Super block
Inode list
Data Blocks
Boot Block : first sector, contains bootstrap code to
initialize the operating system
Super Block : how many file it can store, where to find
free space
Inode List : The list of inode in the file system. Each
Inode may represent a file or a directory.
Data Blocks : The list of data blocks to carry the files
information.
4/13/2015
.
15
File System Data Structure
User File Descriptor
File Table
Inode Table
User File Descriptor: For each process. identify all open files for
specific process
File table: Shared between all processes in the system . Contains
how many bytes read or written, access rights allowed for the file
Inode Table: access rights and file blocks location
4/13/2015
.
16
Intra process communication
4/13/2015
.
17
signals
Kill (pid, SIGSTOP)
P1
P2
1. Signals are limited form of IPC that are used to notify a process that a given
event has taken place.
2. Each signal has a unique positive integer representing it as well as a symbolic
name (that is usually defined in the file /usr/include/signal.h.
3. Amount of information that can be conveyed via a signal is very limited
(basically only the signal number).
4/13/2015
.
18
signals (continue)
When a signal interrupts a process, the signal is handled as follows:
1. Ignore the signal.
2. Catch the signal.
3. default action apply.
4/13/2015
.
19
Sending Signals
1. Using the keyboard: the Ctrl-C key causes the operating system to send a
SIGINT signal to the running process
2. From the command line: kill -INT 3333
3. Using system calls:
#include <unistd.h> /* standard unix functions, like getpid() */
#include <sys/ types.h> /* various type definitions, like pid_t */
#include <signal.h> /* signal name macros, and the kill() prototype */
/* first, find my own process ID */
pid_t my_pid = getpid(); /* now that i got my PID, send myself the SIGSTOP signal. */
int rc = kill(my_pid, SIGSTOP);
if (rc != 0) /* unsuccessful */
{
printf ("The \"kill\" system call failed with rc: %d\n", rc);
}
4/13/2015
.
20
Catching Signals
#include <stdio.h> /* standard I/O functions */
#include <unistd.h> /* standard unix functions, like getpid() */
#include <sys/types.h> /* various type definitions, like pid_t */
#include <signal.h> /* signal name macros, and the signal() prototype */
/* The signal handler definition. */
void sigintHandler(int sig_num) { /* Register signal handler for SIGINT next time */
signal(SIGINT, sigintHandler); /* Print the message */
printf ("Don't you dare interrupt me\n");
}
/* The main function. */
int main (int argc, char* argv[]) {
/* Register signal handler for SIGINT */
signal(SIGINT, sigintHandler);
/* Go into an infinite loop */
for ( ;; ) pause();
}
4/13/2015
.
21
pipes
Fd[1]
Fd[0]
write
read
P1
P2
Pipes allows transfer of stream of data between processes in
a first-in-first-out manner (FIFO), and also allow
synchronization of process execution.
4/13/2015
.
22
Pipes (continue)
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
int main()
{
int pfds[2];
char buf[30];
if (pipe(pfds) == -1)
{
perror("pipe");
exit(1);
}
printf ("writing to file descriptor #%d\n", pfds[1]);
write(pfds[1], "test", 5);
printf ("reading from file descriptor #%d\n", pfds[0]);
read(pfds[0], buf, 5);
printf ("read \"%s\“ \n", buf);
}
4/13/2015
.
23
message queues
msgrcv
msgsnd
P1
P2
Message queues allows transfer of user defined messages
between processes in a first-in-first-out manner (FIFO), and
they also allow synchronization of process execution.
4/13/2015
.
24
msgsnd & msgrcv example
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/msg.h>
#define MSGKEY 75
struct msgform{
long msgtype;
char mtext [256];
}
main ()
{
struct msgform msg;
int msgid, pid;
pid = getpid ();
msg.mtext [0] = pid;
msg.mtype = 1;
msgid = msgget (MSGKEY,0777);
msgsend (msgid, &msg,sizeof (int),0);
msgrcv (msgid, &msg,256,pid,0);
}
4/13/2015
.
25
Shared memory example (continue)
Shared memory
strncpy
strncpy
P1
P2
a segment of memory that is shared between processes no
synchronization of processes is provided.
4/13/2015
.
26
Shared memory example
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/shm.h>
#define SHM_SIZE 1024 /* make it a 1K shared memory segment */
int main (int argc, char *argv[])
{
key_t key;
int shmid;
char *data;
int mode;
/* make the key: */
if ((key = ftok ("shmdemo.c", 'R')) == -1) {
perror("ftok");
exit(1);
}
4/13/2015
.
27
Shared memory (continue)
/* connect to (and possibly create) the segment: */
if ((shmid = shmget(key, SHM_SIZE, 0644 | IPC_CREAT)) == -1) {
perror ("shmget");
exit(1);
}
/* attach to the segment to get a pointer to it: */
data = shmat (shmid, (void *)0, 0);
if (data == (char *)(-1)) {
perror ("shmat");
exit(1);
} /* read or modify the segment, based on the command line: */
strncpy (data, argv[1], SHM_SIZE);
printf ("segment contains: \"%s\"\n", data);
/* detach from the segment: */
if (shmdt(data) == -1) {
perror ("shmdt"); exit(1);
} return 0;
}
4/13/2015
.
28
sockets
Fd[1]
Fd[0]
write
read
P1
P2
Sockets are used for inter and intra process communication. It is
based on TCP or UDP, and also allow synchronization of process
execution.
4/13/2015
.
29
UDP Socket system calls for client/server
Client Side
Server Side
socket
socket
connect
bind
write
read
read
write
close
close
4/13/2015
.
30
Conceptual OS Data Structure for UDP socket
Family : PF_INET
File Descriptor Table
One per process
Service: SOCK_DGRAM
Local IP: 47.12.121.13
stdin
stdout
Local port: 5000
stderr
4/13/2015
.
31
TCP Socket system calls for client/server
Client Side
Server Side
socket
socket
connect
bind
write
listen
read
accept
close
read
write
close
4/13/2015
.
32
Conceptual OS Data Structure for TCP socket
Family : PF_INET
File Descriptor Table
One per process
Service: SOCK_STREAM
Local IP: 47.12.121.13
stdin
stdout
stderr
Remote IP: 47.12.121.100
Local Port: 5000
Remote Port: 5100
4/13/2015
.
33
UDP/TCP Server
#include <sys/types.h>
#include <sys/socket.h >
#include <netinet/in.h>
#include <arpa/inet.h >
#include <netdb.h >
#include <stdio.h>
#include <unistd.h> /* close() */
#include <string.h> /* memset() */
#define LOCAL_SERVER_PORT 1500
#define MAX_MSG 100
int server (char *protocol,int argc, char *argv[]) {
int sd, rc, n, cliLen;
struct sockaddr_in servAddr;
char msg[MAX_MSG]; /* socket creation */
if (strcmp (protocol, ”udp”) == 0)
sd =socket (AF_INET, SOCK_DGRAM, 0);
else
sd =socket (AF_INET, SOCK_STREAM, 0);
/* bind local server port */
servAddr.sin_family = AF_INET;
servAddr.sin_addr.s_addr = htonl(INADDR_ANY);
servAddr.sin_port = htons(LOCAL_SERVER_PORT);
rc = bind (sd, (struct sockaddr *) &servAddr,sizeof(servAddr));
if (strcmp (protocol, ”udp”) != 0)
listen (sd,5);
return sd;
}
4/13/2015
.
34
UDP/TCP Client
#include <sys/types.h>
#include <sys/socket.h >
#include <netinet/in.h>
#include <arpa/inet.h >
#include <netdb.h >
#include <stdio.h>
#include <unistd.h> /* close() */
#include <string.h> /* memset() */
#define REMOTE_SERVER_PORT 1500
int client (int protocol,int argc, char *argv[]) {
int sd, rc, i;
struct sockaddr_in sin;
struct hostent *h;
/* get server IP address*/
h = gethostbyname(argv[1]);
sin.sin_family = h->h_addrtype; // AF_INET
memcpy ((char *) &sin.sin_addr.s_addr, h->h_addr_list[0], h->h_length);
sin.sin_port = htons(REMOTE_SERVER_PORT);
/* socket creation */
if (strcmp (“udp”, protocol) == 0)
sd = socket(AF_INET,SOCK_DGRAM,0);
else
sd = socket(AF_INET,SOCK_STREAM,0);
if ((rc = connect (sd, (struct sockaddr *) &sin, sizeof(sin))<0)
return -1;
return sd;
}
4/13/2015
.
35
UDP Server
/* server infinite loop */
int main (int argc, char *argv[])
(
int sd =0, cliLen;
struct sockaddr_in cliAddr;
sd = server (“udp”, argc, argv);
while(1) { /* init buffer */
memset(msg,0x0,MAX_MSG); /* receive message */
cliLen = sizeof(cliAddr);
n = recvfrom(sd, msg, MAX_MSG, 0,
(struct sockaddr *) &cliAddr, &cliLen);
if (n<0) {
printf("%s: cannot receive data \n",argv[0]);
exit (-1);
} /* print rcv message */
print ("%s: from %s:UDP%u : %s \n",
argv[0],inet_ntoa(cliAddr.sin_addr),
ntohs(cliAddr.sin_port),msg);
}/* end of server infinite loop */
return 0;
}
4/13/2015
.
36
Inter process communication
4/13/2015
.
37
Inter process communication protocols
•TCP
•UDP
•IP4
•IP6
4/13/2015
–
-
Transport Communication Protocol.
User Defined Protocol.
Internet Protocol version 4.
Internet Protocol version 6.
.
38
Protocol Stack
Application (MIPv4)
Transport (UDP,TCP)
Internet Protocol (MIP6,MIPv4,IP4,IP6)
Kernel
Data Link Layer
Physical Layer
4/13/2015
.
39
TCP Protocol Procedure
4/13/2015
.
40
TCP- Transport Communication Protocol
•Byte stream service with no structure.
•Full Duplex.
•Connection Oriented.
•Reliable Service.
4/13/2015
.
41
TCP Connection Opened
User B
User A
TCP:SYNC – (port 5060)
TCP:SYNC+ACK – (port 5060)
TCP:ACK – (port 5060)
4/13/2015
.
42
TCP Connection Closed
User A
User B
TCP:FIN – (port 5060)
TCP:ACK – (port 5060)
Connection Closed
TCP:FIN – (port 5060)
TCP:ACK – (port 5060)
4/13/2015
.
43
TCP Sliding Window
Initial window
1
2
3
4
5
6
7
8
9
10
7
8
9
10
Window slides
1
2
3
4
5
6
A sliding window protocol with 8 packets in the window. The
window slides so that packet 9 can be sent when an
acknowledgment has been received for packet 1. Only non
acknowledged packets are retransmitted.
4/13/2015
.
44
TCP Positive Acknowledgement
User A
User B
Send Packet 1
Send Packet 2
Send Packet 3
Recv Packet 1
Send ACK1
Recv Packet 2
Send ACK 2
Recv Packet 3
Send ACK 3
Recv Ack 1
Recv Ack 2
Recv Ack 3
4/13/2015
.
45
UDP Protocol
4/13/2015
.
46
User Datagram Protocol (UDP)
Host:: x1.y1.z1.w1
p1
p1
p2
p2
p3
p3
Multiple applications
distinguished by port
numbers
Host:: x2.y2.z2.w2
Multiple applications
distinguished by port
numbers
The UDP protocol provides an unreliable connectionless delivery
service using IP to transport messages between machines. It uses
IP to carry messages, but adds the ability to distinguish among
multiple destinations within the given host computer
4/13/2015
.
47
UDP Header
Source Port
Destination Port
UDP Checksum
UDP Message Length
Data
4/13/2015
.
48
UDP Checksum
Received Packet
Checksum
Calculate
Checksum
=
If changed or not
Verify the integrity of the packet
4/13/2015
.
49
IP4 Protocol
4/13/2015
.
50
Type of Addresses for IPv4
Unicast Address
An address for a single interface. Packet sent to this address is
delivered to the interface identified by this address.
4/13/2015
.
51
Type of Addresses for IPv4 (continue)
Broadcast Address
An address for a set of interfaces, which belongs to different nodes.
A Packet sent to this address is delivered to all nodes in the network
4/13/2015
.
52
Type of Addresses for IPv4 (continue)
Multicast Address
An address for a set of interfaces, which belongs to different
nodes. A Packet sent to this address is delivered to interfaces
identified by this address
4/13/2015
.
53
IPv4 Header
version
IHL
Type of service
Total length
Identification
Time to live
flags
Protocol
Fragment Offset
checksum
Source IP Address
Destination IP Address
IF OPTIONS (IF ANY)
PADDING
Data
4/13/2015
.
54
TOS field description
Differential Service Code Point DSCP
Unused
Different queue for services
•Delay Sensitive
•Rate Sensitive
4/13/2015
.
55
IPv4 Header Checksum
version
IHL
Type of service
Total length
Identification
Time to live
flags
Protocol
Fragment Offset
0
Source IP Address
Destination IP Address
IF OPTIONS (IF ANY)
PADDING
Data
IP checksum is formed by treating the header as a sequence of
16-bit integers (in network byte order), adding them together
using one’s complement arithmetic, and then taking the one’s
complement of the result.
4/13/2015
.
56
IP6 Protocol
4/13/2015
.
57
Type of Addresses for IPv6
Unicast Address
An address for a single interface. Packet sent to this address is
delivered to the interface identified by this address.
4/13/2015
.
58
Type of Addresses for IPv6 (continue)
Anycast Address
An address for a set of interfaces, which belongs to different nodes.
A Packet sent to this address is delivered to only one node in this set.
4/13/2015
.
59
Type of Addresses for IPv6 (continue)
Multicast Address
An address for a set of interfaces, which belongs to different
nodes. A Packet sent to this address is delivered to interfaces
identified by this address
4/13/2015
.
60
IPv6 Header Format
01234567012345670123456701234567
Version
Flow Label
Traffic Class
Next Header
Payload Length
Hop Limit
Source IP (128 bits)
Destination IP (128 bits)
4/13/2015
.
61
Order of Extension Header
IPv6 Header
Hop-By-Hop
Destination Header
Routing Header
Processed by all the intermediate Nodes
To be processed by the first destination that appears
in the IPv6 Destination Address field plus subsequent
destinations listed in the Routing header.
Fragmentation Header
AH
ESP
Destination Header
Upper Layer Header
4/13/2015
for options to be processed only by the final
destination of the packet.
e.g. UDP TCP ICMP
.
62
Routing Header
01234567012345670123456701234567
Next Header
Hdr Ext Len
Routing Type
Segment Left
Type-specific data
The Routing Header is used by an IPv6 source to list one or
more intermediate nodes to be “visited” on the way to the
packet’s destination. The Routing header is identified by the
value 43 in the Next Header field of the IPv6 Header
4/13/2015
.
63
Routing Header (continue)
01234567012345670123456701234567
Next Header
Hdr Ext Len
Routing Type
Segment Left
Type-specific data
Routing Type – 8 bits identifier of a particular routing header variant.
Segments Left– 8 bits unsigned integer. Number of explicitly listed
intermediate nodes still to be visited before reaching the final destination.
Type-specified data– Variable-length field, of format determined by the
routing type, and of length such that the complete routing header is an
integer multiple of 8 octets long.
4/13/2015
.
64
Routing Header Routing Type = 0 (continue)
01234567012345670123456701234567
Next Header
Hdr Ext Len
Routing Header
=0
Segment Left
Address [1] (128 bits)
Address [2] (128 bits)
Address [n] (128 bits)
4/13/2015
.
65
IPv4 vs IPv6
1. IPv4 address is 32 bits, IPv6 address is 128 bits.
2. IPv4 header is variable size, at least 20 bytes. IPv6 header size is fixed 40 bytes.
This feature will make router header processing more efficient.
3. Addressing modes for IPv4 are: Broadcast, Multicast, Unicast. IPv6 addressing
modes are Multicast, Anycast, Unicast. IPv6 eliminate the Broadcast mode for
security reasons. IPv6 added Anycast which was not in IPv4.
4. Security is built in feature in the IPv6 protocol. In IPv4 it is not.
5. IPv6 has more support for QoS. It has two Fields Traffic Class & Flow Label
fields. IPv4 has only a TOS field.
6. Fragmentation is done by any node in IPv4. In IPv6 the fragmentation is done
by the source.
7. Improvement support for extensions & options. New extension encoding allow
flexibility in introducing new options & easy processing for those options.
8. Stateless & stateful address configuration for IPv6, Stateful address
configuration for IPv4
4/13/2015
.
66
Acronym
HA Home Agent
FA Foreign Agent
HoA Home IP Address.
CCoA collocated Care-of Address
FCoA Foreign Agent Care-of Address.
MIPv4 Mobile IP version 4.
MIPv6 Mobile IP version 6.
MN Mobile Node.
CN Correspondent Node.
4/13/2015
.
67
Mobility Problem
Mobile Node
move
Home Link Link A
Link B
路由器
路由器
Router
Internet
Router
Link C
路由器
Router
工作站
Home Agent
4/13/2015
電腦
Correspondent Node
.
68
MIP Conceptual Model
HoA
CoA
MN
HA
Interne
t
Visiting Network
Home Network
CN
4/13/2015
.
69
MIPv4
4/13/2015
.
70
MIP4: Protocol Stack
Application (MIPv4)
Transport (UDP,TCP)
Internet Protocol (MIP4,IP4)
Kernel
Data Link Layer
Physical Layer
4/13/2015
.
71
MIP4:Registration With Home Agent- CCoA –Ref [1]
MN
RRQ
CCoA
RRP
IP4
Foreign Network
HA
FA
Home Network
CN
4/13/2015
.
72
MIP4:Forward Traffic-FCoA
MN
CoA
IP4
Foreign Network
HA
FA
Home Network
Outer IP Header:
•Src = HAIP
•Dst = FCoA
Inner IP header
•Src = CNIP
•Dst = HoA
4/13/2015
.
2
CN
1
IP header
•Src = CNIP
•Dst = HoA
73
MIP4:Forward Traffic-Tunneling-CCoA
MN
CCoA
IP4
HA
Foreign Network
Home Network
Outer IP Header:
•Src = HAIP
•Dst = CCoA
Inner IP header
•Src = CNIP
•Dst = HoA
4/13/2015
.
2
CN
1
IP header
•Src = CNIP
•Dst = HoA
74
MIP4:Reverse Traffic-FCoA
MN
FCoA
IP4
Foreign Network
HA
FA
Home Network
1
CN
IP header
•Src = HoA
•Dst = CNIP
4/13/2015
.
75
MIP4:Reverse Traffic-CCoA
MN
CCoA
IP4
Foreign Network
HA
FA
Home Network
IP header
•Src = CCoA
•Dst = CNIP
4/13/2015
1
.
CN
76
MIP4:Reverse Traffic-Tunneling-FCoA
MN
FCoA
IP4
Foreign Network
HA
FA
Home Network
Outer IP Header:
•Src = FCoA
•Dst = HAIP
Inner IP header
•Src = HoA
•Dst = CNIP
4/13/2015
.
1
CN
2
IP header
•Src = HoA
•Dst = CNIP
77
MIP4:Reverse Traffic-CCoA
MN
CCoA
IP4
HA
Foreign Network
Home Network
Outer IP Header:
•Src = CCoA
•Dst = HAIP
Inner IP header
•Src = HoA
•Dst = CNIP
4/13/2015
.
1
CN
2
IP header
•Src = HoA
•Dst = CNIP
78
MIP4:Going Back Home
MN
Agent
Advertisement
Gratuitous ARP
RRQ [lifetime=0]
gratuitous ARP
RRP[lifetime = 0]
IP6
HA
Foreign Network
Home Network
CN
4/13/2015
.
79
MIP4:Security
MN
MN-HA AE
FCoA
MN-FA AE
IP4
Foreign Network
HA
FA
Home Network
FA-HA AE
4/13/2015
.
80
MIP4:Authentication Calculation
UDP payload
Message Digest
SPI
HMAC_MD5
Auth Type
Shared Security Key
4/13/2015
.
81
MIP4: Registration With Home Agent-FCoA –Ref [1]
MN
RRQ(HoA,FCoA,HA)
FCoA
Gratuitous ARP
IP4
Foreign Network
FA
RRP(HoA,FCoA,HA)
HA
Home Network
CN
4/13/2015
.
82
MIP4:Registration With Dynamic HoA Allocation –Ref [3]
MN
FCoA
RRQ(NAI,HoA=?,FCoA,HA)
IP4
Foreign Network
FA
RRP(NAI,HoA,FCoA,HA)
HA
Home Network
CN
4/13/2015
.
83
MIP4: Registration With Dynamic HA Allocation –Ref [2]
MN
FCoA
RRQ(NAI,HoA,FCoA,HA=?)
IP4
Foreign Network
FA
RRP(NAI,HoA,FCoA,HA)
HA
Home Network
CN
4/13/2015
.
84
MIP4:Registration With Dynamic HA Allocation-Ref [2] (Cont)
MN
RRQ(NAI,HoA,FCoA,HA=?)
FCoA
RRP(NAI,HoA,FCoA,HA=HA2)
HA1
RRQ(NAI,HoA,FCoA,HA=HA2)
IP4
Foreign Network
FA RRP(NAI,HoA,FCoA,HA=HA2)
HA2
Home Network
CN
4/13/2015
.
85
MIP4:Registration With Dynamic HA & HoA Allocation –Ref [2],[3]
MN
FCoA
RRQ(NAI,HoA=?,FCoA,HA=?)
IP4
Foreign Network
FA
RRP(NAI,HoA,FCoA,HA)
HA
Home Network
CN
4/13/2015
.
86
MIPv6
4/13/2015
.
87
Registration With Home Agent
HoA
MN
BU
CoA
BA
Interne
t
HA
Foreign Network
CN
4/13/2015
.
Home Network
88
Bidirectional Tunneling -Forward Traffic
HoA
MN
CoA
Interne
t
HA
Foreign Network
Home Network
Outer IP Header:
•Src = HAIP
•Dst = CoA
Inner IP header
•Src = CNIP
•Dst = HoA
4/13/2015
.
2
CN
1
IP header
•Src = CNIP
•Dst = HoA
89
Bidirectional Tunneling –Reverse Traffic
HoA
MN
CoA
Interne
t
HA
Foreign Network
Home Network
Outer IP Header:
•Src = CoA
•Dst = HAIP
Inner IP header
•Src = HoA
•Dst = CNIP
4/13/2015
.
1
CN
2
IP header
•Src = HoA
•Dst = CNIP
90
Route Optimization-Forward Traffic
HoA
MN
CoA
Interne
t
HA
Foreign Network
2
IP Header:
•Src = CNIP
•Dst = HoA
4/13/2015
Home Network
1
IP Header:
•Src = CNIP
•Dst = CoA
Type 2 Routing Header
• HoA
.
CN
91
Route Optimization-Reverse Traffic
HoA
MN
CoA
Interne
t
HA
Foreign Network
Home Network
1
IP Header:
•Src = CoA
•Dst = CNIP
Destination Option Header
•Home Address Option with HoA
4/13/2015
.
CN
IP Header:
•Src = HoA
•Dst = CNIP
2
92
Basic Address Stealing
New Data Flow
Original Data Flow
MN
CN
Victim
BU <HoA = IPMN, CoA = IPvictim >
attacker
4/13/2015
.
93
Round Routability
HoA
MN
HoTI
1
2
HoT
CoA
Foreign Network
4
3
2
1
Interne
t
HA
Home Network
CN
4/13/2015
.
1
2
94