EE579S Computer Security
Download
Report
Transcript EE579S Computer Security
ECE537 Advanced and High
Performance Networks
8: Frame Relay, ATM, and Other High-Speed
Networks
Professor Richard A. Stanley, P.E.
Spring 2009
© 2000-2009, Richard A. Stanley
ECE537/8 #1
Overview of Tonight’s Class
• Student presentations/discussions on
TEMPEST
• Review of last time
• Overview of frame relay, ATM, and other
networking protocols of interest
ECE537/8 #2
Last time
• While TEMPEST is a uniquely government
program, the issue of compromising
emanations is not; it affects all systems
• Sensitive information is not limited to
government systems
• Networks exacerbate the compromising
emanations problem, and they must be
considered in network design
ECE537/8 #3
Packet-Switching Networks
• Basic technology the same as in the 1970s
• One of the few effective technologies for long
distance data communications
• Frame relay and ATM are variants of packetswitching
• Advantages:
– flexibility, resource sharing, robust, responsive
• Disadvantages:
– Time delays in distributed network, overhead penalties
– Need for routing and congestion control
ECE537/8 #4
Circuit-Switching
• Long-haul telecom network designed for
voice
• Network resources dedicated to one call
• Shortcomings when used for data:
– Inefficient (high idle time)
– Constant data rate
ECE537/8 #5
Packet-Switching
• Data transmitted in short blocks, or packets
• Packet length < 1000 octets
• Each packet contains user data plus control
info (routing)
• Store and forward
ECE537/8 #6
Figure 4.1 The Use of Packets
ECE537/8 #7
Figure 4.2 Packet
Switching:
Datagram Approach
ECE537/8 #8
Advantages over Circuit-Switching
• Greater line efficiency (many packets can
go over shared link)
• Data rate conversions
• Non-blocking under heavy traffic (but
increased delays)
ECE537/8 #9
Disadvantages relative to CircuitSwitching
• Packets incur additional delay with every
node they pass through
• Jitter: variation in packet delay
• Data overhead in every packet for routing
information, etc
• Processing overhead for every packet at
every node traversed
ECE537/8 #10
Figure 4.3 Simple Switching
Network
ECE537/8 #11
Switching Technique
• Large messages broken up into smaller packets
• Datagram
– Each packet sent independently of the others
– No call setup
– More reliable (can route around failed nodes or
congestion)
• Virtual circuit
– Fixed route established before any packets sent
– No need for routing decision for each packet at each
node
ECE537/8 #12
Figure 4.4 Packet
Switching: VirtualCircuit Approach
ECE537/8 #13
Routing
• Adaptive routing
• Node/trunk failure
• Congestion
ECE537/8 #14
X.25
•
•
•
•
3 levels
Physical level (X.21)
Link level (LAPB, a subset of HDLC)
Packet level (provides virtual circuit
service)
ECE537/8 #15
Figure 4.5 The Use of Virtual
Circuits
ECE537/8 #16
Figure 4.6 User Data and X.25
Protocol Control Information
ECE537/8 #17
Frame Relay Networks
• Designed to eliminate much of the overhead in
X.25
• Call control signaling on separate logical
connection from user data
• Multiplexing/switching of logical connections at
layer 2 (not layer 3)
• No hop-by-hop flow control and error control
• Throughput an order of magnitude higher than
X.25
ECE537/8 #18
Figure 4.7 Comparison of X.25 and
Frame Relay Protocol Stacks
ECE537/8 #19
Figure 4.8 Virtual Circuits and
Frame Relay Virtual Connections
ECE537/8 #20
Frame Relay Architecture
• X.25 has 3 layers: physical, link, network
• Frame Relay has 2 layers: physical and data
link (or LAPF)
• LAPF core: minimal data link control
– Preservation of order for frames
– Small probability of frame loss
• LAPF control: additional data link or
network layer end-to-end functions
ECE537/8 #21
LAPF Core
• Frame delimiting, alignment and
transparency
• Frame multiplexing/demultiplexing
• Inspection of frame for length constraints
• Detection of transmission errors
• Congestion control
ECE537/8 #22
LAPF-core Formats
ECE537/8 #23
User Data Transfer
• No control field, which is normally used
for:
– Identify frame type (data or control)
– Sequence numbers
• Implication:
– Connection setup/teardown carried on separate
channel
– Cannot do flow and error control
ECE537/8 #24
Frame Relay Call Control
• Frame Relay Call Control
• Data transfer involves:
– Establish logical connection and DLCI
– Exchange data frames
– Release logical connection
ECE537/8 #25
Frame Relay Call Control
4 message types needed
• SETUP
• CONNECT
• RELEASE
• RELEASE COMPLETE
ECE537/8 #26
ATM Protocol Architecture
• Fixed-size packets called cells
• Streamlined: minimal error and flow control
• 2 protocol layers relate to ATM functions:
– Common layer providing packet transfers
– Service dependent ATM adaptation layer
(AAL)
• AAL maps other protocols to ATM
ECE537/8 #27
Protocol Model has 3 planes
• User
• Control
• management
ECE537/8 #28
ATM Protocol Architecture
ECE537/8 #29
Logical Connections
• VCC (Virtual Channel Connection): a
logical connection analogous to virtual
circuit in X.25
• VPC (Virtual Path Connection): a bundle of
VCCs with same endpoints
ECE537/8 #30
ATM Connection Relationships
ECE537/8 #31
Advantages of Virtual Paths
• Simplified network architecture
• Increased network performance and
reliability
• Reduced processing and short connection
setup time
• Enhanced network services
ECE537/8 #32
Table 5.1
ECE537/8 #33
VCC Uses
• Between end users
• Between an end user and a network entity
• Between 2 network entities
ECE537/8 #34
Figure 5.3
ECE537/8 #35
VPC/VCC Characteristics
• Quality of Service (QoS)
• Switched and semi-permanent virtual
channel connections
• Cell sequence integrity
• Traffic parameter negotiation and usage
monitoring
• (VPC only) virtual channel identifier
restriction within a VPC
ECE537/8 #36
Control Signaling
• A mechanism to establish and release VPCs
and VCCs
• 4 methods for VCCs:
–
–
–
–
Semi-permanent VCCs
Meta-signaling channel
User-to-network signaling virtual channel
User-to-user signaling virtual channel
ECE537/8 #37
Control Signaling
• 3 methods for VPCs
– Semi-permanent
– Customer controlled
– Network controlled
ECE537/8 #38
ATM Cells
•
•
•
•
Fixed size
5-octet header
48-octet information field
Small cells reduce delay for high-priority
cells
• Fixed size facilitate switching in hardware
ECE537/8 #39
Header Format
•
•
•
•
•
•
Generic flow control
Virtual path identifier (VPI)
Virtual channel identifier (VCI)
Payload type
Cell loss priority
Header error control
ECE537/8 #40
Figure 5.4
ECE537/8 #41
Generic Flow Control
• Control traffic flow at user-network interface
(UNI) to alleviate short-term overload
conditions
• When GFC enabled at UNI, 2 procedures used:
– Uncontrolled transmission
– Controlled transmission
ECE537/8 #42
Table 5.3
ECE537/8 #43
Header Error Control
• 8-bit field calculated based on remaining 32
bits of header
• error detection
• in some cases, error correction of single-bit
errors in header
• 2 modes:
– error detection
– Error correction
ECE537/8 #44
Figure 5.5
ECE537/8 #45
Figure 5.6
ECE537/8 #46
Figure 5.7
ECE537/8 #47
Service Categories
• Real-time service
– Constant bit rate (CBR)
– Real-time variable bit rate (rt-VBR)
• Non-real-time service
–
–
–
–
Non-real-time variable bit rate (nrt-VBR)
Available bit rate (ABR)
Unspecified bit rate (UBR)
Guaranteed frame rate (GFR)
ECE537/8 #48
Figure 5.8
ECE537/8 #49
ATM Adaptation Layer (AAL)
• Support non-ATM protocols
– e.g., PCM voice, LAPF
• AAL Services
–
–
–
–
Handle transmission errors
Segmentation/reassembly (SAR)
Handle lost and misinserted cell conditions
Flow control and timing control
ECE537/8 #50
Applications of AAL and ATM
• Circuit emulation (e.g., T-1 synchronous TDM
circuits)
• VBR voice and video
• General data services
• IP over ATM
• Multiprotocol encapsulation over ATM (MPOA)
• LAN emulation (LANE)
ECE537/8 #51
AAL Protocols
• AAL layer has 2 sublayers:
– Convergence Sublayer (CS)
• Supports specific applications using AAL
– Segmentation and Reassembly Layer (SAR)
• Packages data from CS into cells and unpacks at
other end
ECE537/8 #52
Figure 5.9
ECE537/8 #53
Figure 5.10
ECE537/8 #54
AAL Type 1
• Constant-bit-rate source
• SAR simply packs bits into cells and
unpacks them at destination
• One-octet header contains 3-bit SC field to
provide an 8-cell frame structure
• No CS PDU since CS sublayer primarily for
clocking and synchronization
ECE537/8 #55
AAL Type 2
• Variable bitrate, connection-oriented, low latency
(delay) service
– Takes advantage of existing SDH/PDH transport
bandwidth by multiplexing small (voice and control)
packets into standard ATM cells which would
otherwise be largely unfilled
• Basic component is the CPS packet
– Unanchored unit of data that can cross ATM cells, and
starts from any location within the payload of the ATM
cell, other than the STF
ECE537/8 #56
AAL Type 3/4
• May be connectionless or connection
oriented
• May be message mode or streaming mode
ECE537/8 #57
Figure 5.11
ECE537/8 #58
AAL Type 5
• Streamlined transport for connection
oriented protocols
– Reduce protocol processing overhead
– Reduce transmission overhead
– Ensure adaptability to existing transport
protocols
ECE537/8 #59
Figure 5.13
ECE537/8 #60
Emergence of High-Speed LANs
• 2 Significant trends
– Computing power of PCs continues to grow
rapidly
– Network computing
• Examples of requirements
– Centralized server farms
– Power workgroups
– High-speed local backbone
ECE537/8 #61
Classical Ethernet
•
•
•
•
Bus topology LAN
10 Mbps
CSMA/CD medium access control protocol
2 problems:
– A transmission from any station can be
received by all stations
– How to regulate transmission
ECE537/8 #62
Solution to First Problem
• Data transmitted in blocks called frames:
– User data
– Frame header containing unique address of
destination station
ECE537/8 #63
Figure 6.1
ECE537/8 #64
CSMA/CD
Carrier Sense Multiple Access/ Carrier Detection
1. If the medium is idle, transmit.
2. If the medium is busy, continue to listen until
the channel is idle, then transmit immediately.
3. If a collision is detected during transmission,
immediately cease transmitting.
4. After a collision, wait a random amount of time,
then attempt to transmit again (repeat from step
1).
ECE537/8 #65
Figure 6.2
ECE537/8 #66
Figure 6.3
ECE537/8 #67
Medium Options at 10Mbps
• <data rate> <signaling method> <max length>
• 10Base5
– 10 Mbps
– 50-ohm coaxial cable bus
– Maximum segment length 500 meters
• 10Base-T
– Twisted pair, maximum length 100 meters
– Star topology (hub or multipoint repeater at central point)
ECE537/8 #68
Figure 6.4
ECE537/8 #69
Hubs and Switches
Hub
• Transmission from a station received by central
hub and retransmitted on all outgoing lines
• Only one transmission at a time
Layer 2 Switch
• Incoming frame switched to one outgoing line
• Many transmissions at same time
ECE537/8 #70
Figure 6.5
ECE537/8 #71
Bridge
Layer 2 Switch
• Frame handling done
in software
• Analyze and forward
one frame at a time
• Store-and-forward
• Frame handling done
in hardware
• Multiple data paths
and can handle
multiple frames at a
time
• Can do cut-through
ECE537/8 #72
Layer 2 Switches
• Flat address space
• Broadcast storm
• Only one path between any 2 devices
• Solution 1: subnetworks connected by routers
• Solution 2: layer 3 switching, packet-forwarding
logic in hardware
ECE537/8 #73
Figure 6.6
ECE537/8 #74
Figure 6.7
ECE537/8 #75
Figure 6.8
ECE537/8 #76
Figure 6.9
ECE537/8 #77
Figure 6.10
ECE537/8 #78
Figure 6.11
ECE537/8 #79
10 Gbps Ethernet Benefits over ATM
• No expensive, bandwidth consuming conversion
between Ethernet packets and ATM cells
• Network is Ethernet, end to end
• IP plus Ethernet offers QoS and traffic policing
capabilities approach that of ATM
• Wide variety of standard optical interfaces for 10
Gbps Ethernet
ECE537/8 #80
Fibre Channel
• 2 methods of communication with
processor:
– I/O channel
– Network communications
• Fibre channel combines both
– Simplicity and speed of channel
communications
– Flexibility and interconnectivity of network
communications
ECE537/8 #81
Figure 6.12
ECE537/8 #82
I/O channel
• Hardware based, high-speed, short distance
• Direct point-to-point or multipoint
communications link
• Data type qualifiers for routing payload
• Link-level constructs for individual I/O
operations
• Protocol specific specifications to support
e.g. SCSI
ECE537/8 #83
Fibre Channel Network-Oriented
Facilities
• Full multiplexing between multiple
destinations
• Peer-to-peer connectivity between any pair
of ports
• Internetworking with other connection
technologies
ECE537/8 #84
Fibre Channel Requirements
•
•
•
•
•
•
•
•
•
Full duplex links with 2 fibres/link
100 Mbps – 800 Mbps
Distances up to 10 km
Small connectors
High-capacity
Greater connectivity than existing multidrop channels
Broad availability
Support for multiple cost/performance levels
Support for multiple existing interface command sets
ECE537/8 #85
Figure 6.13
ECE537/8 #86
Fibre Channel Protocol Architecture
•
•
•
•
•
FC-0 Physical Media
FC-1 Transmission Protocol
FC-2 Framing Protocol
FC-3 Common Services
FC-4 Mapping
ECE537/8 #87
Summary
• There are many networking protocols other
than IP, and each is suited to one or more
particular needs
• Because of the proliferation of IP at the
desktop, viable networking protocols must
support encapsulation of virtually any sort
of end protocol
• Efficiency is important
ECE537/8 #88
Homework
• You must interconnect two tactical networks, separated by
from 15 to 100 kM. IP is used for services at the user
desktop, and is 100Base-T extended by a combination of
WiFi and WiMAX links, but IP is not deemed suitable for
backbone use. What protocol would you select for
backbone trunking? Why? Would you argue for IP
backbone despite the first direction not to use it? Why?
What problems do you anticipate? Why?
• Be prepared to discuss your findings with the class for 510 minutes next week. You may use slides if you desire.
Spring 2009
© 2000-2009, Richard A. Stanley
ECE537/8 #89
Disclaimer
• Parts of the lecture slides contain original work of
William Stallings and Prentice-Hall, and remain
copyrighted materials by the original owner(s).
The slides are intended for the sole purpose of
instruction in computer networks at Worcester
Polytechnic Institute.
Spring 2009
© 2000-2009, Richard A. Stanley
ECE537/8 #90