ppt - Oklahoma State University
Download
Report
Transcript ppt - Oklahoma State University
ECEN5553 Telecom Systems
Dr. George Scheets
Week 6
Readings:
Read [8] "IPv6: A Catalyst and Evasion Tool for Botnets"
Read [9a] "DARPA: Nobody's Safe on the Internet"
[9b] "Could You Fall for a Scam?"
[9c & d] Two Network World articles
Read [10] "The Real Story of Stuxnet"
Exam #1: No later than 23 September (Remote DL)
Outline: Lecture 22, 5 October (Live)
No later than 12 October (Remote DL)
Exam #2: 24 October (Live & Local DL)
No Later than 31 October (Remote DL)
Outlines
Received
due 5 October (local)
12 October (remote)
14 %
Exam #1
Grading
Lost points? No comments? → Insufficient info provided
Rule of Thumb: "X" point question needs > "X" facts
Lost
points? Comments? Your score ≈ % correct
Not happy with your score? Did you…
Start studying at the last minute?
Read assigned articles?
Answer the question asked?
Use the space provided?
Leave the instructor with impression you could've said more
There is plenty of time to Recover
365 points remain to be claimed
Traditional Videoconferencing
384 Kbps fixed
rate output
(video + audio)
Camera
Codec
Audio
Video
Codec
Dedicated Bandwidth
Network:
Circuit Switched TDM
6 Bytes @ 8000 times/sec
*State Owned Fiber
*ISDN
2002 Videoconferencing V2.0
384 Kbps fixed
rate output
(video + audio)
Now > 784 Kbps
Camera
Codec
Packet Switched
StatMuxed
Prioritized
*State Owned Fiber
Audio
Video
Codec
This is technique being
used in this class for
video to & from Tulsa &
Stillwater.
Internet Video Streaming
The Internet
Quality of
Received Stream
depends on:
(1) Size of your
pipe.
(2) Internet
congestion.
PC
(3) Server
congestion.
Disk Drive
Internet Video Streaming
Disk Drive
Stillwater
Video Server
generates
packets.
Fairly steady generation if server not swamped.
Rate depends on pipe size.
Internet Video Streaming
Internet
Video Server
Packets exit at an irregular rate.
Random delays.
Non-Dedicated Bandwidth
(Packet Switched, Stat Muxing)
Disk Drive
ISP Routes can be Roundabout
Launched 30 January 2007, 2 miles from OSU campus
1 Dr. Scheets' home router
6 SBC routers
adsl-70-233-191-254.dsl.okcyok.sbcglobal.net
ex2-p11-0.eqchil.sbcglobal.net
Using DiffServe,
End-to-End
7 Level3 routers
performance on
Te-3-2.Chicago1.Level3.net
this 22 router
kscymo2wcx010-pos9-0-oc48.wcg.net
path ...
tulsok6wcx2-pos11-0-oc48.wcg.net
5 ONENET routers
at least 1 in Oklahoma City
3 Oklahoma State routers
ISP Routes can be Roundabout
Launched 5 September 2008, 2 miles from OSU campus
1 Scheets' home router
4 SBC routers
adsl-70-233-191-254.dsl.okcyok.sbcglobal.net
bb1-g1-0-2.rcfril.sbcglobal.net
1 Equinix router
1 Transitrail router
...may be worse
onenet.chcgil01.transitrail.net
than End-to-End
3 ONENET routers
performance on
at least 1 in Oklahoma City
this 14 router
path when not
4 Oklahoma State routers
using DiffServ.
rtt = 55 msec
Internet Service Provider Network
LAN
PC
Router
Corporate sites using Internet as WAN.
Can pay ISP extra $$ →
Traffic between sites gets preferential treatment.
LAN
PC
Interactive VOICE & VIDEO
over the commodity INTERNET
(Best Effort, No Priorities)
Is not ready for Prime Time
Delay & Quality problems difficult to
solve under the current system...
...although throwing Bandwidth at the
problem will alleviate
Has a place for the user whose main
concern is $$$$ or convenience
Internet Service Provider Network
LAN
PC
Router
Routers operate at Layers 1-3.
PC’s operate at Layers 1-7.
Routers do not monitor opening of TCP
Logical Connections. RSVP would change this.
LAN
PC
Multi-Protocol
Label Switching
Enables Virtual Circuits
End-to-End
Paths nailed down
Traffic Engineering Easier
Resource Reservation Easier
Seeing fairly widespread ISP deployment
Internet QoS
Most every ISP is installing or testing one
or more of following...
DiffServ
MPLS
Resource
Reservation capability
Pricing structure to reflect different QoS
... but they are not yet widely deployed.
As a result, currently the Commodity
Internet remains mostly
Best
Effort, FIFO Routing
Thinking of moving large amounts
of high quality, time sensitive
traffic over the
Commodity Internet?
Check back in 2-3 years when...
Priorities Enabled (IPv6 and/or DiffServ)
Resources Guaranteed
(Resource Reservation Protocol (RSVP)
or equivalent is deployed)
Flat rate pricing is gone
The Internet Is...
A
superb information source
Sometimes
difficult to separate wheat from chaff
IEEE Communications or Proceedings
Peer
IEEE
Reviewed
Spectrum
Reviewed
Jane
Doe's Web site
Reviewed
A
by editor
by Jane Doe
good marketing tool
The Internet Is...
a Security Nightmare
Any-to-Any connectivity is both strength and
weakness
Tracert yields Router IP Addresses
Could Telnet or HTTP to many. Password?
Espionage
Read “The Cuckoo’s Egg” by Cliff Stoll
Former #1 on New York Times Best Seller
Recommended by Dr. Scheets’ Mom
The Internet Is...
a Security Nightmare
Bad
things have been out there for years
Viruses,
Worms, Trojans, Denial of Service, etc.
November
2, 1988 Internet Worm
Network
shut down for 2-3 days
Took advantage of
Unix
buffer overflow problems
Poor password choices
2009-2010
State
Stuxnet Worm
sponsored?
Seemed to target Iran's nuclear bomb program
The Internet Is...
a Security Nightmare
TCOM5223
Information Assurance Management
TCOM5233
Applied Information Systems Security
TCOM5243
Information Technology Forensics
“Remember, when you connect with another
computer, you're connecting to every computer
that computer has connected to.”
Dennis
Miller, Saturday Night Live
Pros of Using the Internet
Any-to-Any Connectivity
It’s Inexpensive (save $$$$)
Tons of valuable information available
Excellent marketing/sales tool
Cons of Using the Commodity Internet
Any-to-Any Connectivity
puts all attached machines at risk
WARNING: SECURITY HAZARD!
Slightly higher risk of Theft of Traffic
Tons of Worthless Information Available
No QoS guarantees or Guaranteed Bandwidth
May have trouble rapidly moving large files
May have trouble reliably moving time
sensitive traffic
802.3 Ethernet Packet Format
Bytes: 7
1
6
6
MAC
Destination
Address
40
IPv6
20
TCP
2
MAC
Source
Address
6-1440
Data +
Padding
4
CRC
Connectionless vs.
Connection Oriented
Connectionless
* Packet delivery may be out of order
* Packet delivery NOT guaranteed
* Packets may be mangled
* End User’s responsibility to fix any
problems
Connection Oriented
* Packet delivery in order
* Packet delivery usually guaranteed
IP is Connectionless
20
IP
20
TCP
up to 1,460
Data + Padding
I/O decisions based on IP address & look-up table.
Tables updated independent of traffic.
Wide Area Connectivity Options
Leased Line (a.k.a. Private Line) Network
Switches
are byte aware
Circuit is assigned trunk BW via TDM
BW
Route
required is based on peak input rates
through system determined in advance.
Pricing function of distance & peak rate
Most expensive connectivity option
Highest quality connectivity option
Leased Line Usage
U.S. Revenues still around
$34 Billion in 2009
Drop
in Corporate
Increase in wireless
backhaul
$30 Billion in 2014
Shift
is to Internet Services
source: Insight Research
Switched Ethernet LAN's
Edge
Router
PC
Switched
Hub
PC
PC
PC
PC
Switched
Hub
Switched
Hub
PC
PC
Ex) Corporate Leased Line Connectivity
Detroit
OKC
Carrier Leased
Line Network
128 Kbps
NYC
Telecom Carriers
dedicate 320, 128, and 256 Kbps links for
our sole use via Circuit Switching.
Router
Ex) Corporate Leased Line Connectivity
Detroit
384 Kbps
Carrier Leased
Line Network
OKC
320 Kbps
From/To
OKC
DET
NYC
OKC
-
144
76
DET
88
-
28
NYC
112
34
-
NYC
Router
How will company connect to Internet?
Configuration
Every
site connect locally?
All sites connect thru, say, OKC?
Type of connection
Leased
Line
DSL?
Cable
Modem?
Other?
Ex) Internet thru OKC
Detroit
ISP
OKC
Carrier Leased
Line Network
NYC
Traffic matrix should expand to include
ISP. Faster line speeds likely required.
Router
Ex) Internet thru OKC
Detroit
ISP
640 Kbps
OKC
From\To OKC
Carrier Leased
Line Network
DET NYC ISP
OKC
-
144
76
60
DET
88
-
28
50
NYC
112
34
-
40
ISP
110
100
90
-
NYC
Router
How big should the pipe
to the ISP be?
300 Kbps is outbound from ISP
> 640 Kbps circuit needed.
Ex) Internet thru OKC
Detroit
ISP
640 Kbps
OKC
From\To OKC DET
OKC
-
144
Carrier Leased
Line Network
NYC ISP
76
DET
88
-
28
NYC
112
34
-
ISP
110
100
90
NYC
60
Router
50
Need to bump size of other
40 2 pipes.
194/186 I/O @ NYC → 448 Kbps
278/166 I/O @ DET → 576 Kbps
WAN Design (Link Reduction)
Start with Traffic Matrix
Examine Full Mesh
Consider eliminating lightly used links
Reroute
affected traffic
Compare costs at each iteration
WAN Connectivity Options
Internet
Routers
are packet aware
Datagrams are assigned trunk BW via StatMux
BW
Each
required based more so on average input rates
packet individually routed
MPLS
Pricing
&
enabled networks can use Virtual Circuits
a function of connection size
Possibly QoS if MPLS and/or DiffServe used
Ex) Commodity Internet
Corporate Connectivity
Detroit
ISP Network
OKC
Router
Local Carriers dedicate bandwidth
to our use. ISP provides random Packet Switched
StatMux connectivity via datagrams.
NYC
Ex) Commodity Internet
Corporate & Internet Connectivity
Detroit
576 Kbps
OKC
From/To OKC
640 Kbps
DETRouter
NYC ISP
ISP Network
448 Kbps
NYC
OKC
-
144
76
60
DET
88
-
28
50 310/280 I/O @ OKC → 640 Kbps
NYC
112
34
-
40 194/186 I/O @ NYC → 448 Kbps
ISP
110
100
90
278/166 I/O @ DET → 576 Kbps
-
Ex) IP with QoS
Corporate & Commodity Internet
Connectivity
OKC
Detroit
576 Kbps
Internet Service
Provider Network
768 Kbps
448 Kbps
From/To OKC
DET
NYC ISP
OKC
-
144
76
60
DET
88
-
28
50
NYC
112
34
-
40
ISP
110
100
90
-
NYC
Detroit & NYC: No change.
OKC: Port Speed must be bumped to
relay Detroit ↔ NYC corporate traffic.
Leased Line at OKC ↔ ISP
Outbound
OKC→Det 144
OKC→NYC 76
OKC→ISP 60
Det →NYC 28
NYC → Det 34
From/To OKC
DET
Inbound
Det→OKC 88
Det→NYC 28
NYC→OKC 112
NYC→Det 34
ISP → OKC 110
NYC ISP
OKC
-
144
76
60
DET
88
-
28
50
NYC
112
34
-
40
ISP
110
100
90
-
Total Outbound = 342 Kbps
Total Inbound = 372 Kbps
Leased Line Size > 744 Kbps
Leased Line = 768 Kbps minimum.
Carrier Leased Line Network
Byte
Aware
Cross-Connect
Carrier reserves BW from pool for our use.
Ex) For a 384 Kbps connection, Cross-Connects assign 6 byte
sized TDM time slots 8000 times/second = 6*8*8000 = 384 Kbps.
Internet Service Provider Backbone
Packet
Aware
Router
ISP Routers assign BW for our use on Random,
as needed basis via StatMux & Packet Switching.
Internet Service Provider Network
LAN
PC
Router
LAN
Corporate customers might attach
via Edge Router & Leased Lines.
WS
Internet (Inside the Cloud)
Infinite Buffers
"OK"
so long as Average Offered Input Rate
< Output Line Speed
Internet
Router
?? 1.54 Mbps Connections
P(Access Line is Active) = 10%
100 Mbps
Trunk
How many access lines can this switch support?
100 Mbps/154 Kbps = 649 (theoretically)
Internet (Inside the Cloud)
Negligible Buffers
OK
so long as Instantaneous Offered Input Rate
< Output Line Speed
Internet
Router
?? 1.54 Mbps Connections
P(Access Line is Active) = 10%
100 Mbps
Trunk
How many access lines can this switch support?
With 404 users, 99.99% sure Input Rate < Line Speed
Instantaneous
Input < Line
Speed
Bounds on Packet Switch Carrying Capacity
100 Mbps Trunk, 1.54 Mbps Inputs
with 154 Kbps average loads
Lower
90%
553
99%
485
99.9% 439
99.99% 404
Where switch
probably operates
Upper
649
649
649
649
Where switch
could operate
Queue Size: Correlated vs Uncorrelated
Identical Loads (traffic carried/line speed)
mean(queue)=135.6
The negligible
buffer analysis
does not
account for long
term bursts.
Correlated: Long Term Bursts
mean(queue)=32.80
Real world switches
have finite buffers.
Required size to
prevent dropped
packets depends on
length of burst.
Uncorrelated: Random Input
Carrier Leased Line Network
LAN
PC
Byte
Aware
Cross-Connect
Corporate customers might attach
via Edge Router & Leased Lines.
LAN
WS
Leased Lines (TDM)
3 3 2 2 1 1
Leased
Line
Cross-Connect
TDM time slots are moved from input to output
TDM switch is not "packet aware"
Time slots are allocated whether or not there is any
traffic on them
Circuit Switched connections waste
bandwidth for bursty traffic.
traffic
NYC
to OKC
1.54 Mbps Line Speed
146 Kbps Average
time
Idle Time >> Active Time
Leased Lines (Inside the Cloud)
Example
Leased
Line
Cross-Connect
?? 1.54 Mbps Connections
P(Access Line is Active) = 10%
100 Mbps
Trunk
How many access lines can this switch support?
64 (100% input bps < trunk bps)
Given 100 Mbps of Bandwidth...
1.54 Mbps Circuit Switched
TDM Customers with
64 x 154 Kbps =
154 Kbps average load &
9.856 Mbps
100% availability
404 - 649
1.54 Mbps Packet Switched
StatMux Customers with
404 x 154 Kbps =
154 Kbps average load &
62.22 Mbps
99.99% availability
More Bursty Data Traffic can be moved
with the Packet Switched StatMux network.
64
Switched Network Carrying Capacities
Packet Switch
StatMux
Circuit Switch
TDM
0% Bursty
100% Bursty
Offered Load
100% Fixed Rate
0% Fixed Rate
Network Cost...
Can be spread over 64 Leased Line customers
Can be spread over 404 Internet customers
The Internet
Is a Packet Switched StatMux network
Largely hauling bursty data traffic
Effectively hauling bursty data traffic
Inexpensive (compared to a Leased Line)
Internet Performance
This type of plot valid for all
real world full duplex
statistically multiplexed switches:
Ethernet, Internet, Frame Relay
Number of
dropped packets
Average Delay for
delivered packets
0%
Trunk Offered Load
100%
Internet Performance
Effect of priorities
Average Delay for
low priority packets
Average Delay for all
delivered packets
Average Delay for
high priority packets
0%
Trunk Offered Load
100%
Internet Performance
Effect of priorities
Number of
low priority drops
Number
of dropped packets
Number of
high priority drops
0%
Trunk Offered Load
100%
Internet Backbone Engineering
Option
A)
Deploy ‘best effort’ Routers
Rapidly Deploy Trunk Bandwidth
Keep Trunks Lightly Loaded
Delays
will be small
Dropped packets will be few
Quality fine for all traffic
Backbone Engineering: Option A
Number of
dropped packets
Average Delay for
delivered packets
0%
100%
Keep Trunks Lightly Loaded
Internet Backbone Engineering
Option B)
Deploy more complex QoS enabled
Routers
Deploy fewer, more heavily loaded
Trunks
Give preferential treatment to
interactive Voice/Video
Option A seems to be preferred today
Backbone Engineering: Option B
High Priority delay at 50% Load =
Delay for all traffic at 20% Load
Average Delay for
low priority packets
Average Delay for all
delivered packets
Average Delay for
high priority packets
0%
Heavier Trunk Load
70%
Frame Relay
ANSI Standard covering OSI Layer 2
Accessed by Routers
Derived from X.25 Protocol
Dumps almost all error checking
Requires fiber on the long haul
Uses Virtual Circuits (VC’s)
VC differs from Datagram
Path thru network set up in advance
Requires Carrier intervention
Frame Relay
1st Commercial Deployment 1990
WilTel
→ Worldcom→ bankrupt → Verizon
Cheaper alternative to Leased Lines
Faster alternative to X.25
Internet a small network in 1990
Academia
Military
Some
See
commercial traffic
CUCKOO'S EGG to get a flavor
Frame Relay
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
TCP
TCP
IP
Frame Relay
Frame Relay
Committed Information Rate (CIR)
Is a Quality of Service Guarantee
"Guaranteed" minimum Bandwidth
Should be set > average traffic during
appropriate peak period
Port Connection Speed
a.k.a. Port Speed or Burst Speed
Bandwidth you can burst to provided
network capacity exists.
Set = Bit Rate of Access Line
Frame Relay Packet Format
3
20
20
up to 8,146
3
FR
Header
IP
TCP
Data + Padding
FR
Trailer
Header includes 10 bit Data Link Connection
Identifier (DLCI) - Locally Unique (FR ports)
Trailer includes 2 byte CRC Sequence that only
checks Header
I/O decisions based on FR address & look-up table.