Transcript bridge

Datakommunikasjon
høsten 2002
Forelesning nr 10,
mandag 21. oktober
Hub, bridge, switch and router.
Wireless links and LANs (802.11x)
PPP (Point-to-Point Protocol)
Datakom høsten 2002
1
Øvingsoppgaver
Oppgave 1
Per og Kari benytter hvert sitt sett med asymmetriske nøkler, dvs en privat nøkkel og en offentlig
nøkkel.
a)
b)
Forklar hvordan Per kan sende en kryptert fil til Kari som bare Kari kan dekryptere.
Kari ønsker å være sikker på at filen kommer fra Per. Hva kan Per gjøre for at dette skal være
tilfelle? Forklar.
Oppgave 2
a)
b)
c)
Hva er IPSec?
Hvilke sikkerhetstjenester tilbyr IPSec.
Forklar forskjellen på ”Transport mode” og ”tunnel mode”.
Oppgave 3.
Forklar hvordan ping og traceroute fungerer. Angi hvilke typer ICMP meldinger som blir brukt og
hvordan.
Datakom høsten 2002
2
Hubs, bridges, and switches
Datakom høsten 2002
3
Internetworking devices
Datakom høsten 2002
4
Interconnecting LAN segments
Repeater
Hubs
Bridges
Switches
Remark: switches are essentially multi-port bridges.
What we say about bridges also holds for switches!
Routers
Datakom høsten 2002
5
Datakom høsten 2002
6
Datakom høsten 2002
7
Interconnecting with hubs
 Backbone hub interconnects LAN segments
 Extends max distance between nodes
 But individual segment collision domains become one
large collision domian
if a node in CS and a node EE transmit at same time: collision
 Can’t interconnect 10BaseT & 100BaseT
Datakom høsten 2002
8
Bridges
 Link layer device
stores and forwards Ethernet frames
examines frame header and selectively forwards
frame based on MAC dest address
when frame is to be forwarded on segment, uses
CSMA/CD to access segment
 transparent
hosts are unaware of presence of bridges
 plug-and-play, self-learning
bridges do not need to be configured
Datakom høsten 2002
9
Datakom høsten 2002
10
Bridges: traffic isolation
 Bridge installation breaks LAN into LAN segments
 bridges filter packets:
same-LAN-segment frames not usually forwarded
onto other LAN segments
segments become separate collision domains
collision
domain
collision
domain
bridge
LAN segment
= hub
= host
LAN segment
LAN (IP network)
Datakom høsten 2002
11
Bridges
Datakom høsten 2002
12
Forwarding
How do determine to which LAN segment to
forward frame?
Datakom høsten 2002
13
Self learning
 A bridge has a bridge table
 entry in bridge table:
(Node LAN Address, Bridge Interface, Time Stamp)
stale entries in table dropped (TTL can be 60 min)
 bridges learn which hosts can be reached through which
interfaces
when frame received, bridge “learns” location of
sender: incoming LAN segment
records sender/location pair in bridge table
Datakom høsten 2002
14
Filtering/Forwarding
When bridge receives a frame:
index bridge table using MAC dest address
if entry found for destination
then{
if dest on segment from which frame arrived
then drop the frame
else forward the frame on interface indicated
}
forward on all but the interface
else flood
on which the frame arrived
Datakom høsten 2002
15
Bridge example
Suppose C sends frame to D and D replies back with
frame to C.
 Bridge receives frame from from C
notes in bridge table that C is on interface 1
because D is not in table, bridge sends frame into interfaces
2 and 3
 frame received by D
Datakom høsten 2002
16
Bridge Learning: example
 D generates frame for C, sends
 bridge receives frame
notes in bridge table that D is on interface 2
bridge knows C is on interface 1, so selectively forwards
frame to interface 1
Datakom høsten 2002
17
Interconnection without backbone
Not recommended for two reasons:
- single point of failure at Computer Science hub
- all traffic between EE and SE must path over CS
segment
Datakom høsten 2002
18
Backbone configuration
Recommended !
Datakom høsten 2002
19
Svitsj (lag 2) og ruter
Datakom høsten 2002
20
Eksempel (1)
BRIDGE
Datakom høsten 2002
21
Eksempel (2)
BRIDGE
Datakom høsten 2002
22
Eksempel (3)
Datakom høsten 2002
23
Eksempel (4)
Datakom høsten 2002
24
Bridges Spanning Tree
 for increased reliability, desirable to have redundant,
alternative paths from source to dest
 with multiple paths, cycles result - bridges may
multiply and forward frame forever
 solution: organize bridges in a spanning tree by
disabling subset of interfaces
Disabled
Datakom høsten 2002
25
Some bridge features
 Isolates collision domains resulting in higher total
max throughput
 Can connect different Ethernet types
 Transparent (“plug-and-play”): no configuration
necessary
Datakom høsten 2002
26
Bridges vs. Routers
 both store-and-forward devices
routers: network layer devices (examine network layer
headers)
bridges are link layer devices
 routers maintain routing tables, implement routing
algorithms
 bridges maintain bridge tables, implement filtering,
learning and spanning tree algorithms
Datakom høsten 2002
27
Routers vs. Bridges
Bridges + and + Bridge operation is simpler requiring less packet
processing
+ Bridge tables are self learning
- All traffic confined to spanning tree, even when
alternative bandwidth is available
- Bridges do not offer protection from broadcast storms
Datakom høsten 2002
28
Routers vs. Bridges
Routers + and + arbitrary topologies can be supported, cycling is limited
by TTL counters (and good routing protocols)
+ provide protection against broadcast storms
- require IP address configuration (not plug and play)
- require higher packet processing
 bridges do well in small (few hundred hosts) while
routers used in large networks (thousands of hosts)
Datakom høsten 2002
29
Ethernet Switches
 Essentially a multi-interface
bridge
 layer 2 (frame) forwarding,
filtering using LAN addresses
 Switching: A-to-A’ and B-toB’ simultaneously, no
collisions
 large number of interfaces
 often: individual hosts, starconnected into switch
Ethernet, but no
collisions!
Datakom høsten 2002
30
Ethernet Switches
cut-through switching: frame forwarded from
input to output port without awaiting for
assembly of entire frame
slight reduction in latency
store and forward switching
combinations of shared/dedicated, 10/100/1000
Mbps interfaces
Datakom høsten 2002
31
Datakom høsten 2002
32
Ruter
Datakom høsten 2002
33
Ethernet
Datakom høsten 2002
34
Routing to another LAN
walkthrough: send datagram from A to B via R
assume A know’s B IP address
A
R
B
 Two ARP tables in router R, one for each IP network
(LAN)
Datakom høsten 2002
35
 A creates datagram with source A, destination B
 A uses ARP to get R’s MAC address for 111.111.111.110
 A creates link-layer frame with R's MAC address as dest, frame
contains A-to-B IP datagram
 A’s data link layer sends frame
 R’s data link layer receives frame
 R removes IP datagram from Ethernet frame, sees its destined
to B
 R uses ARP to get B’s physical layer address
 R creates frame containing A-to-B IP datagram sends to B
A
R
Datakom høsten 2002
B
36
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other
network layer protocol packet) in Ethernet frame
Preamble:
 7 bytes with pattern 10101010 followed by one byte
with pattern 10101011
 used to synchronize receiver, sender clock rates
Datakom høsten 2002
37
Ethernet Frame Structure
(more)
 Addresses: 6 bytes
if adapter receives frame with matching destination address, or
with broadcast address (eg ARP packet), it passes data in frame
to net-layer protocol
otherwise, adapter discards frame
 Type: indicates the higher layer protocol, mostly IP but
others may be supported such as Novell IPX and
AppleTalk)
 CRC: checked at receiver, if error is detected, the frame
is simply dropped
Datakom høsten 2002
38
5. 6 Wireless links and LANs
Datakom høsten 2002
39
IEEE 802.11 Wireless LAN
 802.11b
2.4-5 GHz unlicensed radio
spectrum
up to 11 Mbps
widely deployed, using
base stations
 802.11a
5-6 GHz range
up to 54 Mbps
 802.11g
2.4-5 GHz range
up to 54 Mbps
•All use CSMA/CA for multiple access
(CSMA/CA – Carrier Sense Multiple Access /
Collision Avoidance)
•All have base-station and ad-hoc network versions
Datakom høsten 2002
40
Base station approch
 Wireless host communicates with a base station
base station = access point (AP)
 Basic Service Set (BSS) (a.k.a. “cell”) contains:
wireless hosts
access point (AP): base station
 BSS’s combined to form distribution system (DS)
Datakom høsten 2002
41
Ad Hoc Network approach
 No Access Point (i.e., base station)
 wireless hosts communicate with each other
to get packet from wireless host A to B may need
to route through wireless hosts X,Y,Z
 Applications:
“laptop” meeting in conference room, car
interconnection of “personal” devices
battlefield
 IETF MANET
(Mobile Ad hoc Networks)
working group
Datakom høsten 2002
42
IEEE 802.11: multiple access
 Collision if 2 or more nodes transmit at same time
 CSMA makes sense:
get all the bandwidth if you’re the only one transmitting
shouldn’t cause a collision if you sense another transmission
 Collision detection doesn’t work: hidden terminal
problem
Signal
strength
Location
Datakom høsten 2002
43
IEEE 802.11 MAC Protocol: CSMA/CA
802.11 CSMA: sender
- if sense channel idle for DISF
sec. (Distributed Inter Frame Space)
then transmit entire frame (no
collision detection)
-if sense channel busy
then binary backoff
802.11 CSMA receiver
- if received OK
return ACK after SIFS (Short
Inter Frame Spacing)
(ACK is needed due to hidden
terminal problem) Datakom høsten 2002
44
Collision avoidance mechanisms
 Problem:
two nodes, hidden from each other, transmit complete
frames to base station
wasted bandwidth for long duration !
 Solution:
small reservation packets
nodes track reservation interval with internal
“network allocation vector” (NAV)
Datakom høsten 2002
45
Collision Avoidance: RTS-CTS
exchange
 sender transmits short RTS
(request to send) packet:
indicates duration of
transmission
 receiver replies with short
CTS (clear to send) packet
notifying (possibly hidden)
nodes
 hidden nodes will not
transmit for specified
duration: NAV (Network
Allocation Vector)
Datakom høsten 2002
46
Collision Avoidance: RTS-CTS
exchange
 RTS and CTS short:
collisions less likely, of
shorter duration
end result similar to
collision detection
 IEEE 802.11 allows:
CSMA
CSMA/CA: reservations
 polling from AP
Datakom høsten 2002
47
Bluetooth
 Low-power, small radius,
wireless networking
technology
10-100 meters
 Interference from
wireless LANs, digital
cordless phones,
microwave ovens:
frequency hopping helps
 omnidirectional
not line-of-sight infared
 Interconnects gadgets
 2.4-2.5 GHz unlicensed
radio band
 up to 721 kbps
 MAC protocol supports:
error correction
ARQ (Automatic Repeat
reQuest)
 Each node has a 12-bit
address
Datakom høsten 2002
48
5.8 PPP
Datakom høsten 2002
49
Point to Point Data Link Control
 one sender, one receiver, one link: easier than
broadcast link:
no Media Access Control
no need for explicit MAC addressing
e.g., dialup link, ISDN line
 popular point-to-point Data Link Control protocols:
PPP (point-to-point protocol)
HDLC: High level data link control (Data link used
to be considered “high layer” in protocol stack!
Datakom høsten 2002
50
PPP Design Requirements [RFC 1557]
 packet framing: encapsulation of network-layer
datagram in data link frame
carry network layer data of any network layer
protocol (not just IP) at same time
ability to demultiplex upwards
 bit transparency: must carry any bit pattern in the
data field
 error detection (no correction)
 connection liveness: detect, signal link failure to
network layer
 network layer address negotiation: endpoint can
learn/configure each other’s network address
Datakom høsten 2002
51
PPP non-requirements
 no error correction/recovery
 no flow control
 out of order delivery OK
 no need to support multipoint links (e.g., polling)
Error recovery, flow control, data re-ordering
all relegated to higher layers!
Datakom høsten 2002
52
PPP Data Frame
 Flag: delimiter (framing)
 Address: does nothing (only one option)
 Control: does nothing; in the future possible multiple
control fields
 Protocol: upper layer protocol to which frame delivered
(eg, PPP-LCP, IP, IPCP, etc)
Datakom høsten 2002
53
PPP Data Frame
 info: upper layer data being carried
 check: cyclic redundancy check for error detection
Datakom høsten 2002
54
Byte Stuffing
 “data transparency” requirement: data field must be
allowed to include flag pattern <01111110>
Q: is received <01111110> data or flag?
 Sender: adds (“stuffs”) extra < 01111110> byte after
each < 01111110> data byte
 Receiver:
two 01111110 bytes in a row: discard first byte,
continue data reception
single 01111110: flag byte
Datakom høsten 2002
55
PPP Data Control Protocol
Before exchanging network-layer
data, data link peers must
 configure PPP link (max.
frame length, authentication)
 learn/configure network
layer information
for IP: carry IP Control
Protocol (IPCP) msgs
(protocol field: 8021) to
configure/learn IP address
Datakom høsten 2002
56