Transcript 28-roundup

15-441 Roundup
7-layer or 4-layer dip?
• Layering: Reuse, interoperability
• OSI 7-layer model
7
Application
Application
6 Presentation
Presentation
5
Session
Session
4
Transport
Transport
3
Network
Network
Network
2
Data link
Data link
Data link
1
Physical
Physical
Physical
OSI Functions
• (1) Physical: transmission of a bit stream.
• (2) Data link: flow control, framing, error
detection.
• (3) Network: switching and routing.
• (4) Transport: reliable end to end delivery.
• (5) Session: managing logical connections.
• (6) Presentation: data transformations.
• (7) Application: specific uses, e.g. mail, file
transfer, telnet, network management.
Multiplexing takes place in multiple layers
The TCP/IP Model
Application
Presentation
Application
(plus
libraries)
Session
Transport
TCP/UDP
IP/ICMP
Network
Data link
Data link
Physical
Physical
Layering and stacks
• Some layers - particularly in the OSI
model - not so well defined
• Layer “violations” often useful for
performance reasons.
– Buffer management
– Reduce redundant information between
headers
The lower layers - concepts
Analog Signal
“Digital” Signal
Bit Stream
Packets
0 0 1 0 1 1 1 0 0 0 1
0100010101011100101010101011101110000001111010101110101010101101011010111001
Header/Body
Packet
Transmission
Sender
Header/Body
Header/Body
Receiver
Limits to Speed and Distance
• Noise: “random” energy is
added to the signal.
• Attenuation: some of the
energy in the signal leaks
away.
• Dispersion: attenuation and
propagation speed are
frequency dependent.


Effects
limit the
that a channel can sustain.
– Changes
the data
shaperate
of the
» But
affects different technologies in different ways
signal
Effects become worse with distance.
» Tradeoff between data rate and distance
Why Do We Need Encoding?
• Meet certain electrical constraints.
– Receiver needs enough “transitions” to keep track
of the transmit clock
– Avoid receiver saturation
• Create control symbols, besides regular data
symbols.
– E.g. start or end of frame, escape, ...
• Error detection or error corrections.
– Some codes are illegal so receiver can detect
certain classes of errors
– Minor errors can be corrected by having multiple
adjacent signals mapped to the same data symbol
• Encoding can be very complex, e.g. wireless.
Encodings
• NRZ - “Non-Return to Zero”
– Simple: 0 = low, 1 = high
– Long runs of 0s and 1s lose synch
• NRZI - transition on 1
– Long runs of 0s lose sync
• Manchester - low/high = 0, high/low = 1
– Uses 2x as many transitions
• 4B/5B, etc – Encode multiple 0s and 1s. Efficient. Used in
Ethernet.
• SONET - many observations of flag pattern.
Datalink Functions
• Framing: encapsulating a network layer
datagram into a bit stream.
– Add header, mark and detect frame
boundaries, …
• Media access: controlling which frame
should be sent over the link next.
– Easy for point-to-point links; half versus full
duplex
– Harder for multi-access links: who gets to
send?
• Error control: error detection and
correction to deal with bit errors.
– May also include other reliability support, e.g.
retransmission
• Flow control: avoid that the sender
CSMA/CD Algorithm
• Carrier Sense Multiple Access / with Collision
Detection
• Sense for carrier.
• If carrier present, wait until carrier ends.
• Send packet and sense for collision.
• If no collision detected, done transmitting
• Otherwise, abort immediately, perform
“exponential back off” and send packet again.
– Start to send at a random time picked from an
interval
– Length of the interval increases with every
Collision Detection:
A
B
Implications
•
•
•
All nodes must be able to detect the
collision.
– Any node can be sender
=> Must either have short wires, long
packets, or both.
Can calculate length/distance based
on transmission rate and propagation
speed.
– Messy: propagation speed is
media-dependent, low-level
protocol details, ..
– Minimum packet size is 64 bytes
• Cable length ~256 bit times
– Example: maximum coax cable
length is 2.5 km
C
Internetworking Options
7
6
5
4
3
2
1
physical
1
7
6
5
4
3
2
1
repeater
7
6
5
4
3
2
1
network
3
2
2
1
1
router
7
6
5
4
3
2
1
data link
2
1
1
7
6
5
4
3
2
1
Switching/bridging
(e.g. 802 MAC)
7
6
5
4
3
2
1
7
6
5
4
3
2
1
...
3
2
1
3
2
1
gateway
7
6
5
4
3
2
1
Internetworking
• Repeaters: Physical link. One big collision /
transmission domain.
• Bridges: Datalink. Can separate broadcast
domains and selectively forward traffic.
Transparent - preserve MAC addresses.
• Routers: Separate addressing domains.
Forward through diff. MAC addresses.
IP
• CIDR - Classless Inter-Domain Routing
• 192.4.16/24 == 255.255.255.0
– == 24 bits of network, 8 bits of host
– Covers 192.4.16.0 - 192.4.16.255
• 192.4.16./23 == 25.255.254.0
– Covers 192.4.16.0 - 192.4.17.255
• Enables more efficient use of address space
through aggregation.
• Routing by longest-prefix match
– /29 is “longer” (more 1s) than /24.
Routing Protocols
•
•
Intra-domain:
– RIP: Routing Information Protocol
• Distance-Vector.
– Send information about table to neighbors (per-dest cost)
– Count to infinity problem.
» Split horizon - Don’t advertise routes back to next-hop
» Poison reverse: Advertise infinite metric to next-hop
» Neither of these solves all loop problems!
– OSPF: Open Shortest Path First
• Link-state.
– Flood neighbor info to entire network
– Each node generates own routing table
• Fast convergence, but lots of traffic for large nets
Inter-domain:
– BGP: Border Gateway Protocol
• Path-Vector. Send full AS path along with announcement.
– Solves loop problems with DV.
BGP
• Internet divided into Autonomous Systems.
Each has unique #.
• Each AS sends routes with BGP
• Remember: IBGP full-mesh. Why?
– No AS # to distinguish loops.
• ASes route internally with an IGP (OSPF,
etc).
• Some terms:
– MED (Multi-Exit Discriminator): Peers send to
influence remote peer’s routing.
– Localpref: One AS configures to change routing to
a peer.
AS relationships
• Transit: I pay you, you carry my traffic
to anyone
• Peering: (Often) free, you carry my
traffic to your customers and vise-versa.
• “Valley-free” routing
– A formalization of the above.
Multicast
• A lot of multicast on project1, so
• Won’t be on the final exam.
– (Aren’t you glad you came to class today?)
• Multicast today
– Deployed inside organizations / etc.
– Iffy if you want to use across Internet
– Concepts useful! E.g., overlay multicast
Tunnels, NATs, etc
• Things to remember:
• NAT - network address translator
– Lets you use private addresses inside net
– May let you share one external address
• (Port-translating NAT)
– Can break end-to-end reachability & naming
• IPv6:
– 128 bit address space
– Cleaned up header, no fragmentation, no
checksum, fixed option processing.
• For faster router processing
Cont’d.
• Tunnels - wrap packets in an extra IP
header
– Send indirectly
– Implement overlay networks (e.g., overlay
multicast, etc.)
DNS
• The Domain Name System
– Distributed name -> IP (and back) database
• Addresses returned by “A” records
– Hierarchical. Goes from the root (“.”) down. Each
level can delegate an “NS” (name server) record.
• Recursive resolvers - answer a query
completely. Iterative resolvers - give you the
next step.
• Caching: TTL-based.
Transport & TCP
• Duties may include:
– Reliability, in-order, demultiplexing,
message boundaries, congestion control
– UDP (User Datagram Protocol): Just
demux & checksum. Unreliable, etc.
– TCP (Transmission Conrol Protocol):
Reliable, in order byte-stream
w/congestion control.
Transport Demux
• TCP & UDP both use “ports” - 16 bit #s
- as demux keys
ARQ
• “Automatic Repeat Request”
– (ARR would have endorsed piracy?)
• Simplest: Stop-and-Wait
– Send packet, wait for response, iterate…
– Slow.
• Go-back-N
– Uses a window. Usually along with…
• Sliding window flow control
– Use more capacity.
– How to size that window? There’s the rub.
Sizing Windows
• Optimal window size: bw * rtt
– Why? Capacity of the pipe, in both directions.
– Must keep sending pkts until first ACK gets back to
you (one RTT).
• BW is available bw.
– Must not blast traffic: Congestion Collapse
• More work -> more wasted packet retransmissions
• In the limit: no useful packets get through!
• How do we find a good window size?
Congestion Control
• Fair and efficient use
– Network based (ECN, etc) or end-to-end
(TCP)
• AIMD: Additive Increase, Multiplicative
Decrease
– Converges to fair & efficient use. Cool!
– What TCP does. MD = cut by half. AI =
add one per RTT.
TCP
• Three-way Handshake: SYN / SYNACK / ACK.
• ISN - Initial Sequence Number
– Each side picks one
– TCP is byte-oriented
• Tear down with FIN (finshed)
• Signal error with RST (reset)
TCP 2
• Timeouts: Should be familiar
– EWMA = Exponential Weighted Moving
Average = Low-pass filter
• srtt = (alpha * srtt) + (1 - alpha) * new_sample
– Track RTT and linear deviation
• Linear deviation always > std. dev
– Why? RTT variation is high under high
loads because buffers fill, adding queueing
delay
Pacing
• ACK clocking sends pkts out more
slowly
• Avoid huge bursts (fill buffers -> loss ->
bad)
• Slow Start: Get up to “operating range”
quickly (exponential growth).
SACK & Enhancements
• Selective ACKnowledgements
– Bitmap of received backets
– Help recover from multiple losses in window
• All TCP variants need large enough window
to recover from losses
• Nagel’s Algorithm: Delay briefly to coalesce
small packets - one outstanding small packet.
TCP Performance
• Single link, need router buffers
– 75% link utilization vs 100% link utilization
– How big buffer? Conservatively, BW * RTT
– There’s that number again. So common, it
can’t help but show up on the final in some
form.
MSS
BW 
• Simple model:
• (most ignore the constants)
RTT  2 p 3
Queueing
• FIFO: First In, First Out
– Scheduling: Who goes out when?
– Fairness, etc., entirely up to end hosts
• Fair Queueing
– Routers decide who gets to go (e.g., round-robin,
Weighted Fair Queueing (WFQ), etc.)
• Drop-Tail
– Drop policy: drop new pkts if queue is full
– Can synchronize flows
• AQM: Active Queue Management
– RED - Random Early Detection
• Randomly marks (or drops) pkts before queue full
Sharing
• Max-Min Fairness
– Small demands get what they want;
– Large demands compromise
• GPS: Generalized Processor Sharing
– Fluid model for Max-Min fairness
– Accounts for packet sizes
– Fair Queueing: Compute virtual completion times,
send accordingly
• Complex, per-flow state. But nice results.
QoS
• Quality of Service
• Differentiate between flows
– Some get “good” service (guarantees, etc)
– Some get best effort
• Application utility curves
– Elastic (file xfer) vs. Inelastic (hard realtime)
• Requires admission control
– Can’t over-promise!
• Token Buckets
– Rate: Let average amount of traffic through
– Bucket: Accommodate some burstiness
• RSVP - Resource reServVtion Protocol
– Set up QoS / token bucket state at routers on path
Wireless
• Mobility
– Routing solution: excess global state
– Mobile IP: Triangle routing, tunneling via “home
agent” that proxies for mobile node
– TCP solution: Re-bind connection
– Link layer: Learning bridges
• Noisy -> losses
– Link-layer retransmission (802.11)
– End-to-end approach (SACK, ELN - Explicit Loss
Notification).
Wireless MAC issues
• CSMA/CD doesn’t work too well
– Hard to listen while transmitting
– Hidden terminal - clobber someone else
– Exposed terminal - mistakenly think you’ll
clobber
• Solution: RTS / CTS
– Ready To Send / Clear To Send
Ad Hoc Networks
• Routing harder: No fixed infrastructure
• Protocols
– DSR - Dynamic Source Routing
– AODV - Ad Hoc On-Demand Distance Vector
• Sensor Networks
– Limited battery life drives everything
– Multi-hop can save power (Tx power proportional
to distance squared)
– Aggregation holds the big promise. Don’t do n^2
communication…
HTTP
• HyperT ext Transfer Protocol
• Stateless request-response protocol over
TCP
• Persistent HTTP: Optimizes for fewer TCP
connection setups.
– Fewer slow starts, 3-way handshakes
• Caching
– Expires: header, Get-If-Modified-Since request
– ETags (“Entity Tags”) help identify version of
document when using cookies, etc.
Web Caching
• Proxy Caches
– Client-based.
• Content Distribution Networks
– Server-driven.
• Usually use DNS to send client to replica
– Mapping problem
– Example: Akamai
– Big benefit: Coping with flash crowds
• Much content (50%?) uncacheable
– Dynamic
– Unpopular
P2P
• Search techniques: Centralized (napster),
broadcast (gnutella), superpeers (KaZaA),
routing (Chord)
• Consistent Hashing
– Goal: Don’t move all content around when # of
buckets changes slightly
• Used in Chord to do routing in log(n) hops
using finger table
– Points 1/2, 1/4, 1/8, … way around the ring
Security
• Private Key
– E.g., DES (“Data Encryption Standard”), or newer
AES (“Advanced Encryption Standard”)
– Must have a shared secret.
• Public Key
– E.g., RSA, Diffie-Hellman
– Can encrypt to a public key, and not read
– Must have the public key. *really* slow.
• Key Distribution - big challenge!
– Private: Kerberos (andrew)
– Public: Certificiate Authorities (mozilla)
Security 2
• Hash functions
– One-way. We hope.
– Digital signature: Sign a hash of the data
• SSL - “Secure Sockets Layer”
– Pre-packaged encryption/etc. routines
– Now “TLS” (Transport Layer Security)
– Used in HTTPS/etc.
• IPSEC - ip-layer security
Network Security
• IP model assumed “much trust”
– Spoofing source IPs
– DoS - “Denial of Service” attacks
– DDoS - “Distributed DoS”
• - Hundreds/thousands+ of attack machines
• TCP ISN adds some protection
– As long as it’s really random. :)
Firewalls!
• Filter traffic in network
– Stateless - match static traffic rules
– Stateful - remember more about connections
• Basic: Match src, dst, ports, flags
• Expect a question about filtering to specific
CIDR blocks
– Set up rules to do the right things
– Create CIDR blocks to match the right ranges of
IP addresses…
• IDS = “Intrusion Detection System”
– Tell you when you’ve been hacked. :) (Or who’s
trying to hack you)