Transcript CS 291 Special Topics on Network Security

CS 283 Computer Networks
Spring 2013
Instructor: Yuan Xue
@Yuan Xue ([email protected])
Review  what we’ve learnt
Final preparation  what will be tested?
Homework and Lab review
@Yuan Xue ([email protected])
Course Scope
All about “Network”


Network itself: Local Area Network  Internet
Networking Applications/Services
Applications
Network Services
Network
@Yuan Xue ([email protected])
Course Focus
Basic: first basic class in computer networks
Principle + Practice (half and half)
 Principle – how the network is built and why it is built
this way
 Practice – lots of hands-on experience – what I can do
on a network?
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Internet: “nuts and bolts” view



hosts = end systems
 running network apps
routers:
 forward packets (chunks of data)
Internet: “network of networks”
 loosely hierarchical
 network edge: applications and hosts
 access networks: wireless/wireline
 network core:
 interconnected routers
 network of networks


Tier 1, 2, 3
public Internet versus private intranet
@Yuan Xue ([email protected])
Access network
Local ISP
Access network
Regional ISP
Institutional network
Internet structure: network of networks

at center: small # of well-connected large networks
 “Tier-1” commercial ISPs (e.g., Verizon, Sprint, AT&T, Qwest,
Level3), national & international coverage
 large content distributors (Google, Akamai, Microsoft)
 treat each other as equals (no charges)
IXP
Tier-1 ISPs &
Large Content
Content
Distributor
Distributors,
(e.g., Akamai)
interconnect (peer)
privately … or at
Internet Exchange
Points IXPs
@Yuan Xue ([email protected])
IXP
Tier 1 ISP
Tier 1 ISP
Large Content
Distributor
(e.g., Google)
Tier 1 ISP
Internet is a packet switching network
100 Mb/s
Ethernet
A
C
statistical multiplexing
1.5 Mb/s
B
queue of packets
waiting for output
link
D

sequence of A & B packets has no fixed timing pattern



E
bandwidth shared on demand: statistical multiplexing.
TDM: each host gets same slot in revolving TDM frame.
store and forward: entire packet must arrive at router before it can be
transmitted on next link
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Organize the implementation of networking
functions – Layered Architecture


Internet is a complex system  lots of jobs
 Media access, routing, packet forwarding, error
detection/correction (reliability), congestion control, etc…
Modularization eases maintenance and facilitate deployment
 Clearly defined interface
 Change of implementation of layer’s service transparent to
rest of system
 Different modules can be developed by different parties.
(MS., Cisco, Linksys, etc…)
@Yuan Xue ([email protected])
Internet protocol stack

application: supporting network applications
 FTP, SMTP, HTTP

transport: end-to-end (process-process) data
transfer
 TCP, UDP

network: forward datagrams from source to
destination
 IP, routing protocols

link: data transfer between neighboring
network elements
 Ethernet, 802.11 (WiFi), PPP

physical: bits “on the wire”
Lower layer provides service to upper layer
@Yuan Xue ([email protected])
application
transport
network
link
physical
Internet Protocol Dependency
HTTP
FTP
SMTP
IMAP
DNS
POP
Application
BGP
Transport
TCP
Link
Note: Different views from different sources
http://en.wikipedia.org/wiki/Internet_Protocol_Suite

http://technet.microsoft.com/en-us/library/bb726993.aspx

http://www.protocols.com/pbook/tcpip1.htm
@Yuan Xue ([email protected])

DHCP
UDP
ICMP
OSPF
Network
RIP
IP
IGMP
Layered Architecture Deployment
Internet
Application
Application
Transport
Transport
Transport
Transport
Network
(IP)
Network
(IP)
Network
(IP)
Network
(IP)
Link
Link
Link
Link
Physical
Physical
Physical
@Yuan Xue ([email protected])
…
Physical
End
host
network
Implementation
payload
Skype
FTP
HTTP
SMTP
Application
Stream
CW
Tran payload
port
port
port
CW
Congestion window Congestion window
port
port
Multi/Demultiplex
UDP
IP Tran payload
Forward
Fragment/Reassemble
MAC IP Tran payload
@Yuan Xue ([email protected])
IEEE 802.11
Routing table
Forwarding table
IP Address
port
TCP
Transport
Routing
Datagram
Network
Frame
Link
source
message
segment
M
Ht
M
datagram Hn Ht
M
frame Hl Hn Ht
M
application
transport
network
link
physical
link
physical
switch
destination
M
Ht
M
Hn Ht
Hl Hn Ht
M
M
application
transport
network
link
physical
@Yuan Xue ([email protected])
Hn Ht
Hl Hn Ht
M
M
network
link
physical
Hn Ht
M
router
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Naming
How to find the entity on a network?

Using a name (address, ID, ...)
Name at application layer  application dependent


HTTP  URL, URI
Email  Email address
Name at transport layer

Port
Name at network layer

IP address
How to define a name?


Port?
IP address ( facilitate routing and forwarding)  Hierarchical
How to get a name?


Port?
IP address
@Yuan Xue ([email protected])
IP Address Classes
Subnetted Address

Class A, B, C
7
(a)
0
24
Network
Host
14
(b)
1
0
16
Network
Host
21
(c)
1
1
0
@Yuan Xue ([email protected])
Network
8
Host
IP addressing: CIDR
CIDR: Classless InterDomain Routing


subnet portion of address of arbitrary length
address format: a.b.c.d/x, where x is # bits in
subnet portion of address
host
subnet
part
part
11001000 00010111 00010000 00000000
200.23.16.0/23
@Yuan Xue ([email protected])
IP addresses: how to get one?
Q: How does a host get IP address?
hard-coded by system admin in a file
DHCP: Dynamic Host Configuration Protocol:
dynamically get address from as server
 “plug-and-play”
@Yuan Xue ([email protected])
IP addresses: how to get one?
Q: How does network get subnet part of IP addr?
A: gets allocated portion of its provider ISP’s
address space
ISP's block
11001000 00010111 00010000 00000000
Organization 0 11001000 00010111 00010000 00000000
Organization 1 11001000 00010111 00010010 00000000
Organization 2 11001000 00010111 00010100 00000000
...
…..
….
Organization 7 11001000 00010111 00011110 00000000
@Yuan Xue ([email protected])
200.23.16.0/20
200.23.16.0/23
200.23.18.0/23
200.23.20.0/23
….
200.23.30.0/23
NAT: Network Address Translation
2: NAT router
changes datagram
source addr from
10.0.0.1, 3345 to
138.76.29.7, 5001,
updates table
2
NAT translation table
WAN side addr
LAN side addr
1: host 10.0.0.1
sends datagram to
128.119.40.186, 80
138.76.29.7, 5001 10.0.0.1, 3345
……
……
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
S: 138.76.29.7, 5001
D: 128.119.40.186, 80
138.76.29.7
S: 128.119.40.186, 80
D: 138.76.29.7, 5001
3: Reply arrives
dest. address:
138.76.29.7, 5001
@Yuan Xue ([email protected])
3
1
10.0.0.4
S: 128.119.40.186, 80
D: 10.0.0.1, 3345
10.0.0.1
10.0.0.2
4
10.0.0.3
4: NAT router
changes datagram
dest addr from
138.76.29.7, 5001 to 10.0.0.1, 3345
Hierarchical addressing
Organization 0
200.23.16.0/23
Organization 2
200.23.20.0/23
Organization 7
.
.
.
.
.
.
Fly-By-Night-ISP
“Send me anything
with addresses
beginning
200.23.16.0/20”
Internet
200.23.30.0/23
ISPs-R-Us
Organization 1
200.23.18.0/23
@Yuan Xue ([email protected])
“Send me anything
with addresses
beginning 199.31.0.0/16
or 200.23.18.0/23”
Longest prefix matching
Longest prefix matching
when looking for routing/forwarding table entry for
given destination address, use longest address prefix
that matches destination address.
Destination Address Range
Link interface
11001000 00010111 00010*** *********
0
11001000 00010111 00011000 *********
1
11001000 00010111 00011*** *********
2
otherwise
3
Examples:
DA: 11001000 00010111 00010110 10100001
Which interface?
DA: 11001000 00010111 00011000 10101010
Which interface?
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Key functions
Transport
 Multiplexing and demultiplexing
 Connection-oriented transport
 reliable data transfer
 flow control
 connection management
 congestion control
Network
 Routing
 Forwarding
 Unicast, multicast, broadcast
@Yuan Xue ([email protected])
Related Protocols
Transport
 Multiplexing and demultiplexing  UDP, TCP
 Connection-oriented transport  TCP
 reliable data transfer
 flow control
 connection management
 congestion control
Network
 Routing  RIP, OSPF, BGP
 Forwarding  scheduling method (FIFO, Fair, Priority), queue management
 Unicast, multicast (DVMRP,…), broadcast
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Reliable Data Delivery (Summary)
Stop-and-wait


limited network utilization (how to calculate? )
Solution  pipelining
Pipelining




Improve network utilization (what is the window size?)
Go-back-N
Selective ACK
TCP
 Similar to Go-back-N: use cumulative ACK
 Difference: TCP uses a receiver buffer to buffer out-of-order packets
(refer to [JK] P 260)
 Note the TCP sequence number/ACK number definition
(review question: [homework 2] question 2, 3, 4)
@Yuan Xue ([email protected])
rdt3.0: stop-and-wait operation
sender
receiver
first packet bit transmitted, t = 0
last packet bit transmitted, t = L / R
first packet bit arrives
last packet bit arrives, send ACK
RTT
ACK arrives, send next
packet, t = RTT + L / R
U
=
L/R
RTT + L / R
@Yuan Xue ([email protected])
=
.008
30.008
= 0.00027
microsec
onds
Pipelining: increased utilization
sender
receiver
first packet bit transmitted, t = 0
last bit transmitted, t = L / R
first packet bit arrives
last packet bit arrives, send ACK
last bit of 2nd packet arrives, send ACK
last bit of 3rd packet arrives, send ACK
RTT
ACK arrives, send next
packet, t = RTT + L / R
Increase utilization
by a factor of 3!
U
sender
=
3*L/R
RTT + L / R
@Yuan Xue ([email protected])
=
.024
30.008
= 0.0008
microsecon
ds
Pipelining Protocols
Go-back-N: overview
sender: up to N unACKed
pkts in pipeline
receiver: only sends
cumulative ACKs

doesn’t ACK pkt if there’s a
gap
sender: has timer for oldest
unACKed pkt

if timer expires: retransmit all
unACKed packets
@Yuan Xue ([email protected])
Selective Repeat: overview
sender: up to N unACKed
packets in pipeline
receiver: ACKs individual
pkts
sender: maintains timer for
each unACKed pkt

if timer expires: retransmit
only unACKed packet
TCP reliable data transfer
TCP creates rdt service on
top of IP’s unreliable
service
pipelined segments
cumulative ACKs
TCP uses single
retransmission timer
retransmissions are
triggered by:


initially consider simplified
TCP sender:


@Yuan Xue ([email protected])
timeout events
duplicate ACKs
ignore duplicate ACKs
ignore flow control,
congestion control
TCP Connection Management
Three way handshake:
Recall: TCP sender, receiver
establish “connection” before
exchanging data segments
initialize TCP variables:
 seq. #s
 buffers, flow control info
(e.g. RcvWindow)
client: connection initiator
connect(sockfd, (struct sockaddr *) &serveraddr,
sizeof(serveraddr));
server: contacted by client
childfd = accept(parentfd, (struct sockaddr *)
&clientaddr, (socklen_t*) &clientlen);
Step 1: client host sends TCP SYN
segment to server
 specifies initial seq #
 no data
Step 2: server host receives SYN,
replies with SYNACK segment
server allocates buffers
 specifies server initial seq.
#
Step 3: client receives SYNACK,
replies with ACK segment,
which may contain data

(review question: [homework 2] question 3, )
@Yuan Xue ([email protected])
TCP Flow Control
sender won’t overflow
receiver’s buffer by
transmitting too much,
too fast
receive side of TCP
connection has a
receive buffer:
IP
datagrams
(currently)
unused buffer
space
TCP data
(in buffer)
flow control
application
process
speed-matching service:
matching send rate to
receiving application’s
drain rate
r app process may be
slow at reading from
buffer
(review question: [Lab 2] question 3, )
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Principles of Congestion Control:
A Rate Allocation Problem
l :
lout
Host A
in
original data
unlimited shared
output link buffers
Host B
10Mbps
What should be the sending rate from Host A and Host B?

Link utilization + fairness
What will happen if A/B sends faster than this rate?

Congestion
 lost packets (buffer overflow at routers)
 long delays (queueing in router buffers)
How should A/B finds out? Two approaches

Find out by themselves (probing)

Let the network routers tell them
different from flow control!
@Yuan Xue ([email protected])
Approaches towards congestion control
two broad approaches towards congestion control:
end-end congestion
control:
• no explicit feedback from
network
• congestion inferred from
end-system observed loss,
delay
• approach taken by TCP
network-assisted
congestion control:
routers provide feedback to
end systems
 single bit indicating
congestion
 TCP/IP ECN  active
queue managment

@Yuan Xue ([email protected])
explicit rate sender
should send at
Summary: TCP Congestion Control
when cwnd < ssthresh, sender in slow-start
phase, window grows exponentially.
when cwnd >= ssthresh, sender is in congestionavoidance phase, window grows linearly.
when triple duplicate ACK occurs, ssthresh set to
cwnd/2, cwnd set to ~ ssthresh
when timeout occurs, ssthresh set to cwnd/2,
cwnd set to 1 MSS.
@Yuan Xue ([email protected])
cwnd window size (in
segments)
Popular “flavors” of TCP
TCP Reno
ssthresh
ssthresh
TCP Tahoe
Transmission
round
@Yuan Xue ([email protected])
Routing Algorithm
Simple graph model
Routing Objective
 Minimum cost (each link is associated with a cost)
 How to define cost? [Lab assignment 7]
the link cost is independent of the amount of traffic routed on the link

Routing Algorithm
 Centralized  Link-state: Dijkstra
 Distributed  Distance-vector: Bellman-Ford
@Yuan Xue ([email protected])
Internet Routing
Hierarchical routing
 The tasks of intra-AS/inter-AS routing
 Routing message propogation
 Setting forwarding table
intra- AS routing algorithm
 OSPF : link state
 RIP : distance vector
inter-AS routing algorithm
 BGP
 iBGP, eBGP
 [homework 3]
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Application architectures
Client-server
Peer-to-peer (P2P)
Hybrid of client-server and P2P
@Yuan Xue ([email protected])
Service Models
More than one transport
protocol (service) available to
apps
reliable, in-order delivery
(TCP)
 congestion control
 flow control
 connection setup
unreliable, unordered delivery:
UDP
 extension of “best-effort”
IP
Which to use?
@Yuan Xue ([email protected])
application
transport
network
data link
physical
network
data link
physical
network
data link
physical
network
data link
physicalnetwork
data link
physical
network
data link
physical
network
data link
physical
application
transport
network
data link
physical
What is a socket?
An interface between application and
network
 The application creates a socket
 The socket type dictates the style
of communication
 reliable vs. best effort
 connection-oriented vs.
connectionless
 Packet-based vs. stream based
Once configured the application can
 pass data to the socket for
network transmission
 receive data from the socket
(transmitted through the network
by some other host)
@Yuan Xue ([email protected])
host or
server
host or
server
controlled by
app developer
process
process
socket
socket
TCP /UDP
w/ buffers.
variables
controlled
by OS
Internet
TCP /UDP
w/ buffers.
variables
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
HTTP overview
HTTP: hypertext transfer
protocol
Web’s application layer protocol
client/server model
 client: browser that requests,
receives, “displays” Web
objects
 server: Web server sends
objects in response to
requests
PC running
Explorer
Server
running
Apache Web
server
Mac running
Navigator
@Yuan Xue ([email protected])
HTTP overview
Uses TCP:
HTTP is “stateless”
• client initiates TCP connection
• server maintains no
(creates socket) to server,
port 80
• server accepts TCP connection
from client
• Then client sends HTTP
request as application-layer
message, server replies with
HTTP responses.
• How TCP is used?
•
Persistent vs. non-persistent
@Yuan Xue ([email protected])
information about past
client requests
Session management
Keep state information
• Cookie
• And more
Non-Persistent HTTP: Response time
Definition of RTT: time for a
small packet to travel
from client to server and
initiate TCP
back.
connection
Response time:
RTT
request
• one RTT to initiate TCP
file
connection
RTT
• one RTT for HTTP request
file
and first few bytes of
received
HTTP response to return
• file transmission time
time
total = 2RTT+transmit time
Homework 1
@Yuan Xue ([email protected])
time to
transmit
file
time
Electronic Mail: mail servers
Mail Servers
mailbox contains incoming
messages for user
messagequeue of outgoing (to
be sent) mail messages
SMTP protocol between mail
servers to send email messages
 client: sending mail server
 “server”: receiving mail
server
Access protocols
 POP, IMAP
 between the server and user
agenet
@Yuan Xue ([email protected])
user
agent
mail
server
user
agent
SMTP
SMTP
SMTP
mail
server
user
agent
user
agent
mail
server
user
agent
user
agent
Web-Based Mail Access
Comparison of webmail providers
http://en.wikipedia.org/wiki/Comparison_of_webmail_providers

Mail
Client
Mail
Client
Access
Protocol
(POP3/IMAP)
Access
Protocol
HTTP
(POP3/IMAP)
SMTP
HTTP
Web
browser
Web
server
SMTP
Server
Side
script
mail
server
@Yuan Xue ([email protected])
SMTP
mail
server
Server
Side
script
Web
server
Web
browser
DNS
Root DNS Servers
com DNS servers
yahoo.com amazon.com
DNS servers DNS servers
org DNS servers
pbs.org
DNS servers
Distributed Databases
 DNS record
DNS protocol:
 Using UDP
DNS cache
Tool: Nslookup; ipconfig /display
Programing API: gethostbyname()
@Yuan Xue ([email protected])
edu DNS servers
poly.edu umass.edu
DNS serversDNS servers
DNS name
resolution example
root DNS server
2
3
TLD DNS server
4
5
Iterative query
Recursive query
local DNS server
dns.poly.edu
1
8
requesting host
7
6
authoritative DNS server
dns.cs.umass.edu
cis.poly.edu
gaia.cs.umass.edu
@Yuan Xue ([email protected])
What you will learn from this course
 Network design/implementation/deployment
 How a network (e.g. the one at Internet Scale) is built
Architecture (Layer); Algorithm; Protocol
 Why it is built this way? Is it good/the best to build it this way? What if I build it?
 Network Usage, Management, Analysis
 How to use the networking service?
 Application Development
 Existing Network Applications/Tools

How can I understand the behavior of Internet (or my application)?!

What you have learnt so far
Network Design

Build a network that scales:
 Hierarchical: end host, end network, core network (AS, ISP)

Architecture (protocol layered stack – essential functions), deployment on network/system interface

Specific protocols at each layer (name, function and design)

Theory – reliable data transfer, congestion control, routing algorithm

Put things together:
 trip of a packet  understanding network performance (delay, loss, throughput)
 Advance topic  how different layers/protocols interact and affect network performance?
Network Usage (management)

Network application architecture  Client-Server, (P2P)

Socket programming

Network app design and usage (HTTP, Mail)

Utilities/tools (DNS, etc)

Understand/management the network performance: measure throughput, delay, loss
@Yuan Xue ([email protected])
Lifetime of a UDP packet
Unfortunate events

Delay, Loss, Throughput
Lifetime of a TCP packet

Throughput
How to measure?
How a web page is retrieved
@Yuan Xue ([email protected])
Lifetime of a UDP packet
if ((sockfd= socket(AF_INET, SOCK_DGRAM,0))< 0){
perror("socket");
exit(EXIT_FAILURE);
}
Preparation

Server
…
Life starts with


Client
Sendto()
struct sockaddr_in my_addr;
my_addr.sin_family = AF_INET;
my_addr.sin_addr.s_addr = htonl(INADDR_ANY);
my_addr.sin_port = htons(portno);
if (bind(sockfd,(struct sockaddr *)&my_addr,sizeof(my_addr))<0){
perror("bind");
exit(EXIT_FAILURE);
}
if ((sockfd = socket(AF_INET,SOCK_DGRAM,0)) < 0 ){
perror("Error Creating Sending Socket");
exit(EXIT_FAILURE);
}
struct sockaddr_in server_addr;
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(server_portno);
inet_pton(AF_INET, hostname, &(server_addr.sin_addr));
memset(server_addr.sin_zero, 0, sizeof server_addr.sin_zero);
@Yuan Xue
int numbytes;
char msg[] = "Hello, Listener";
if ((numbytes = sendto(sockfd, msg, strlen(msg),0, (struct sockaddr *)&(server_addr), sizeof (server_addr)))==-1)
perror("sendto");
exit(EXIT_FAILURE);
}
([email protected])
Lifetime of a UDP packet: sever host
User space
server IP (ANY or a selected one)
Source port: bind to an available one
App
Kernel space
socket
CW
port
port
port
CW
Congestion window Congestion window
port
port
Multi/Demultiplex
UDP
Forward
Fragment/Reassemble
IEEE 802.11
@Yuan Xue ([email protected])
Application
port
TCP
Routing
Forwarding table
IP Address
Transport
Lifetime of a UDP packet: Client host
payload
App
Specifies Dest IP+port
Application
socket
CW
port payload
port
port
port
CW
Congestion window Congestion window
port
port
Multi/Demultiplex
UDP
IP
port payload
address
Forward
Fragment/Reassemble
MAC IP TCP payload
@Yuan Xue ([email protected])
IEEE 802.11
Forwarding table
: Default gateway
IP Address
port
TCP
Transport
Lifetime of a UDP packet: Network View
Access network
Local ISP
IP
port payload
address
Regional ISP
A
Institutional network
B
Packet gets forwarded hop by hop from one router to anther…
At each router: at input queue  forwarding table lookup  output queue
get buffered with other packets at output queue, wait to be scheduled
@Yuan Xue ([email protected])
Output Ports
switch
fabric
datagram
buffer
queueing
link
layer
protocol
(send)
line
termination
buffering required when datagrams arrive from fabric
faster than the transmission rate
scheduling discipline chooses among queued
datagrams for transmission
@Yuan Xue ([email protected])
Interplay between routing and forwarding
routing algorithm
local forwarding table
header value output link
0100
0101
0111
1001
3
2
2
1
value in arriving
packet’s header
1
0111
3 2
@Yuan Xue ([email protected])
• Routing algorithm
generates the
forwarding table
• Both routing and
forwarding use the
network port of the
IP address and
follow the longest
prefix matching
Lifetime of a UDP packet: arrival at server host
payload
App
Application
socket
CW
port payload
port
port
port
CW
Congestion window Congestion window
port
port
Multi/Demultiplex
UDP
IP
port payload
address
Forward
Fragment/Reassemble
MAC IP TCP payload
@Yuan Xue ([email protected])
IEEE 802.11
Forwarding table
: Default gateway
IP Address
port
TCP
Transport
That was a lucky packet
Now unlucky one…
@Yuan Xue ([email protected])
How do loss and delay occur?
packets queue in router buffers


packet arrival rate to link exceeds output link capacity
packets queue, wait for turn
packet being transmitted (delay)
A
B
packets queueing (delay)
free (available) buffers: arriving packets
dropped (loss) if no free buffers
@Yuan Xue ([email protected])
Introduction 1-66
Four sources of packet delay
transmission
A
propagation
B
nodal
processing
queueing
dtotal = dproc + dqueue + dtrans + dprop
dtrans: transmission delay:
 L: packet length (bits)
 R: link bandwidth (bps)
 dtrans = L/R
dtrans and dprop
very different
@Yuan Xue ([email protected])
dprop: propagation delay:
 d: length of physical link
 s: propagation speed in
medium (~2x108 m/sec)
 dprop = d/s
Introduction 1-67
Packet loss


queue (aka buffer) preceding link in buffer has finite capacity
packet arriving to full queue dropped (aka lost)



Queue management discipline decides which packet to drop (or mark as
dropped)
Droptail queue management will drop the new arrival packet
lost packet may be retransmitted by previous node, by source end
system, or not at all
buffer
(waiting area)
A
B
@Yuan Xue ([email protected])
packet being transmitted
packet will be drop
When buffer gets full
Introduction 1-68
Throughput

throughput: rate (bits/time unit) at which bits
transferred between sender/receiver
 instantaneous: rate at given point in time
 average: rate over longer period of time
link
capacity
that
can carry
server,
with
server
sends
bits pipe
Rs bits/sec
fluid
at rate
file of
F bits
(fluid)
into
pipe
Rs bits/sec)
to send to client
@Yuan Xue ([email protected])
link that
capacity
pipe
can carry
Rfluid
c bits/sec
at rate
Rc bits/sec)
Throughput

Rs < Rc What is the end-end throughput?
Rs bits/sec

Rc bits/sec
Rs > Rc What is the end-end throughput?
Rs bits/sec
Rc bits/sec
bottleneck link
link on end-end path that constrains end-end throughput
@Yuan Xue ([email protected])
Measure UDP throughput
Sender: keeps sending as fast as it can to saturate
the bottleneck link for a (long) period of time [0,t]
Receiver: collect the data for a duration [t1,t2] 
[0,t].
Average throughput = B/(t2-t1), where B is the
amount of data collected.
In UDP, the sender may send more than the
amount received  packets get losed.
@Yuan Xue ([email protected])
Lifetime of a TCP packet: sender
User space
App
socket
payload
Application
Kernel space
When sender window runs out of available sequence number
(ack does not arrive), packet will be buffered at the sender
CW
port
port
port
CW
Congestion window Congestion window
port
port
Multi/Demultiplex
UDP
Forward
Fragment/Reassemble
IEEE 802.11
@Yuan Xue ([email protected])
port
TCP
Routing
Forwarding table
IP Address
Transport
TCP delay, loss, throughput
Packet may experience higher delay in TCP (compared with UDP) as they may
have to wait at the sender for next available sequence number  getting into
the sending window (with size min(cwnd,rwnd))
No loss to application payload
 If they get lost in network, they get retransmitted.
The amount of application payload sent from the sender =
the amount of application payload received at the receiver
Measure TCP throughput
 Application try to send a large amount of data as fast as possible
 Yet the application can not send with a speed at its will, the send() may get
blocked, if TCP is busy with packet transmission/retransmission based on its
window size (recall the relationship between the window size and the
sending rate of TCP)
 Measure the amount of time T used by the sender to send B byte data
 Throughput = B/T
@Yuan Xue ([email protected])
Measure TCP throughput
Sender: keeps sending as fast as it can to saturate
the bottleneck link for a (long) period of time [0,t]
Receiver: collect the data for a duration [t1,t2] 
[0,t].
Average throughput = B/(t2-t1), where B is the
amount of data collected.
@Yuan Xue ([email protected])
Synthesis: a day in the life of a web request
journey down protocol stack complete!

application, transport, network, link
putting-it-all-together: synthesis!


goal: identify, review, understand protocols (at all
layers) involved in seemingly simple scenario:
requesting www page
scenario: student attaches laptop to campus
network, requests/receives www.google.com
@Yuan Xue ([email protected])
A day in the life: scenario
DNS server
browser
Comcast network
68.80.0.0/13
school network
68.80.2.0/24
web page
web server
64.233.169.105
@Yuan Xue ([email protected])
Google’s network
64.233.160.0/19
A day in the life… connecting to the Internet
connecting laptop needs to
get its own IP address, addr
of first-hop router, addr of
DNS server: use DHCP
DHCP
UDP
IP
Eth
Phy
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
UDP
IP
Eth
Phy
router
(runs DHCP)
@Yuan Xue ([email protected])

DHCP request encapsulated
in UDP, encapsulated in IP,
encapsulated in Ethernet
frame

Ethernet frame broadcast
(dest: FFFFFFFFFFFF) on LAN,
received at router running
DHCP server

Ethernet demuxed to IP
demuxed, UDP demuxed to
DHCP
A day in the life… connecting to the Internet
DHCP
UDP
IP
Eth
Phy
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
DHCP
UDP
IP
Eth
Phy
DHCP server formulates
DHCP ACK containing
client’s IP address, IP
address of first-hop router
for client, name & IP
address of DNS server
router
(runs DHCP)

encapsulation at DHCP
server, frame forwarded (via
switch) through LAN,
demultiplexing at client

DHCP client receives DHCP
ACK reply
Client now has IP address, knows name & addr of DNS
server, IP address of its first-hop router
@Yuan Xue ([email protected])
A day in the life… ARP (before DNS, before HTTP)
DNS
DNS
DNS
ARP query
before sending HTTP request, need
IP address of www.google.com: DNS
DNS
UDP
IP
ARP
Eth
Phy

ARP
ARP reply
Eth
Phy
@Yuan Xue ([email protected])
DNS query created, encapsulated in
UDP, encapsulated in IP,
encapsulated in Eth. In order to
send frame to router, need MAC
address of router interface: ARP

ARP query broadcast, received
by router, which replies with ARP
reply giving MAC address of
router interface

client now knows MAC address of
first hop router, so can now send
frame containing DNS query
A day in the life… using DNS
DNS
DNS
DNS
DNS
DNS
UDP
IP
Eth
Phy
DNS
DNS
DNS
DNS
DNS
UDP
IP
Eth
Phy
DNS server
DNS
Comcast network
68.80.0.0/13


IP datagram containing DNS
query forwarded via LAN
switch from client to 1st hop
router


@Yuan Xue ([email protected])
IP datagram forwarded from
campus network into comcast
network, routed (tables created
by RIP, OSPF, IS-IS and/or
BGP routing protocols) to DNS
server
demuxed to DNS server
DNS server replies to client
with IP address of
www.google.com
A day in the life… TCP connection carrying HTTP
HTTP
HTTP
TCP
IP
Eth
Phy
SYNACK
SYN
SYNACK
SYN
SYNACK
SYN


SYNACK
SYN
SYNACK
SYN
SYNACK
SYN
TCP
IP
Eth
Phy
web server
64.233.169.105
@Yuan Xue ([email protected])


to send HTTP request,
client first opens TCP
socket to web server
TCP SYN segment (step 1
in 3-way handshake) interdomain routed to web
server
web server responds with
TCP SYNACK (step 2 in 3way handshake)
TCP connection established!
A day in the life… HTTP request/reply

HTTP
HTTP
HTTP
TCP
IP
Eth
Phy
HTTP
HTTP
HTTP
HTTP
HTTP
HTTP
HTTP
HTTP
HTTP
HTTP
HTTP
TCP
IP
Eth
Phy
web server
64.233.169.105
@Yuan Xue ([email protected])
web page finally (!!!)
displayed

HTTP request sent into
TCP socket

IP datagram containing
HTTP request routed to
www.google.com

web server responds with
HTTP reply (containing
web page)

IP datagram containing HTTP
reply routed back to client
Some Thoughts on Internet Design
Packet switching (sharing/multiplexing)
The end-to-end principle
 “whenever possible, protocol operations should be
defined to occur at the end-points of a communications
system, or as close as possible to the resource being
controlled.”
 one of the central design principles of the Internet
 E.g., IP multicast  application-layer multicast; reliability
at TCP and wireless network.
Network design (core) needs to be simple; push the
complexity to the end host (edge).
 Simple IP, complex application layer
@Yuan Xue ([email protected])
Some Thoughts on Internet Design
One idea to scalability  hierarchical design
No state and soft state is better than hard state

HTTP
Randomness can simplify management

CSMA
Being adaptive to handle dynamics


TCP
Ethernet/WiFi
What drives the Internet development?



Killer application
Economical/management consideration
Sometimes, principle and theory
@Yuan Xue ([email protected])
Move forward – from what we’ve learnt
How to use the Internet
How Internet is designed
-- journey down the protocol stack
Why Internet is designed so
-- design principle
@Yuan Xue ([email protected])
• Jobs everywhere..
• Manage network
-Troubleshooting
• Develop network app
• Develop web app
• Develop smartphone app
• ISP
• Cisco,huawei
• etc
• Networking research
Final Exam
Basic Concepts
Basic Protocol
How to use
How to troubleshoot
No
Complicated algorithm
Find shortest path is not considered as
complicated

Complicated state machine

@Yuan Xue ([email protected])
Homework
Lab assignment
Final Exam
Multiple Choice Question
 Which protocol runs on top
of UDP?
a) DNS, b) FTP, c) DHCP,
 Which tool to use to find your
local DNS server?
…
Design
 Transfer a video file, which
type of socket to use?
@Yuan Xue ([email protected])
Trouble shooting
 Your browser can not
connect to www.google.com
 What are the possibilities?
 what you will do to find out
what goes wrong?
Wireshark
 infer information from packet
traces