CSC 401 Data and Computer Communications Networks Computer Networks and The Internet Sec 1.4-1.5 Prof. Lina Battestilli
Outline Computer Networks and the Internet (Ch 1) 1.1 What is the Internet? 1.2 network edge end systems, access networks, links 1.3 network core circuit switching, packet switching, network structure 1.4 delay, loss, throughput in networks 1.5 protocol layers, service models 1.6 networks under attack: security 1.7 history Previous Lecture NCSU CSC401 Lina Battestilli 3
Packet switching versus circuit switching is packet switching a slam dunk winner? great for bursty data resource sharing simpler, no call setup excessive congestion possible: packet delay and loss protocols needed for reliable data transfer, congestion control Q: How to provide circuit-like behavior? bandwidth guarantees needed for audio/video apps still an unsolved problem (ch 7, Multimedia Networking) Q: human analogies of reserved resources (circuit switching) versus on-demand allocation (packet-switching)?
Outline Computer Networks and the Internet (Ch 1) 1.1 What is the Internet? 1.2 network edge end systems, access networks, links 1.3 network core circuit switching, packet switching, network structure 1.4 delay, loss, throughput in networks 1.5 protocol layers, service models 1.6 networks under attack: security 1.7 history NCSU CSC401 Lina Battestilli 6
How do loss and delay occur? packets queue in router buffers packet arrival rate to link (temporarily) exceeds output link capacity packets queue, wait for turn packet being transmitted (delay) A B packets queueing (delay) free (available) buffers: arriving packets dropped (loss) if no free buffers NCSU CSC401 Lina Battestilli 7
Four sources of packet delay A transmission propagation B nodal processing queueing d nodal = d proc + d queue + d trans + d prop d proc : nodal processing check bit errors determine output link typically < < msec d queue : queueing delay time waiting at output link for transmission depends on congestion level of router/network 8
Four sources of packet delay A transmission propagation B nodal processing queueing d nodal = d proc + d queue + d trans + d prop d trans : transmission delay: L: packet length (bits) R: link bandwidth (bps) d trans = L/R d trans and d prop very different d prop : propagation delay: D: length of physical link s: propagation speed in medium (~2x10 8 m/sec) d prop = D/s * Check out the online interactive exercises for more examples: http://gaia.cs.umass.edu/kurose_ross/interactive/ 9
Caravan Analogy 100 km 100 km ten-car caravan toll booth toll booth cars propagate at 100 km/hr toll booth takes 12 sec to service car (bit transmission time) car~bit; caravan~packet Q: How long until caravan is lined up before 2nd toll booth? NCSU CSC401 Lina Battestilli 10
Caravan analogy (more) 100 km 100 km ten-car caravan toll booth toll booth suppose cars now propagate at 1000 km/hr and suppose toll booth now takes one min to service a car Q: Will cars arrive to 2nd booth before all cars are serviced at first booth? NCSU CSC401 Lina Battestilli 11
average queueing delay Queueing delay R: link bandwidth (bps) L: packet length (bits) a: average packet arrival rate traffic intensity = La/R utilization La/R ~ 0: avg. queueing delay small La/R -> 1: avg. queueing delay large La/R > 1: more work arriving than can be serviced, average delay infinite! La/R ~ 0 La/R -> 1 NCSU CSC401 Lina Battestilli 12
Packet loss queue (aka buffer) preceding link in buffer has finite capacity packet arriving to full queue are dropped (aka lost) lost packet may be retransmitted by previous node, by source end system, or not at all A buffer (waiting area) packet being transmitted B packet arriving to full buffer is lost NCSU CSC401 Lina Battestilli 13
Real Internet delays and routes what do real Internet delay & loss look like? traceroute program: provides delay measurement from source to router along end-end Internet path towards destination. For all i: sends three packets that will reach router i on path towards destination router i will return packets to sender sender times interval between transmission and reply. 3 probes 3 probes 3 probes NCSU CSC401 Lina Battestilli 14
Real Internet delays, routes traceroute: engr-ras-200.eos.ncsu.edu to www.google.com 3 delay measurements * means no response (probe lost, router not replying) Let s try a traceroute now: www.google.com www.eurocom.fr What about ping? www.ucsd.edu pku.edu.cn Try www.traceroute.org NCSU CSC401 Lina Battestilli 15
Throughput throughput: rate (bits/time unit) at which bits transferred between sender/receiver Instantaneous rate: at given point in time Average rate: over longer period of time A B server server, sends withbits (fluid) file of into F bits pipe to send to client link pipe capacity that can carry R s bits/sec fluid at rate R s bits/sec) link pipe capacity that can carry R c bits/sec fluid at rate R c bits/sec) Internet Phone, Real Time Video low delay, instantaneous throughput above some threshold File Transfer delay is not critical but large throughput is desirable NCSU CSC401 Lina Battestilli 20
Throughput R s < R c What is average end-end throughput? R s bits/sec R c bits/sec R s > R c What is average end-end throughput? R s bits/sec R c bits/sec bottleneck link link on end-end path that constrains end-end throughput NCSU CSC401 Lina Battestilli 21
Throughput: Internet scenario per-connection end-end throughput: min(r c, Rs, R/10) R s R s R s R in practice: R c or R s is often bottleneck, i.e. the access networks are the constraint R c R c R c Throughput depends transmission rates along the path Intervening traffic along the path 10 connections (fairly) share backbone bottleneck link R bits/sec NCSU CSC401 Lina Battestilli 22
Outline Computer Networks and the Internet (Ch 1) 1.1 What is the Internet? 1.2 network edge end systems, access networks, links 1.3 network core circuit switching, packet switching, network structure 1.4 delay, loss, throughput in networks 1.5 protocol layers, service models 1.6 networks under attack: security 1.7 history NCSU CSC401 Lina Battestilli 23
Protocol layers Networks are complex, with many pieces : hosts routers links of various media applications protocols hardware, software Question: is there any hope of organizing structure of network?. or at least our discussion of networks? NCSU CSC401 Lina Battestilli 24
Organization of air travel ticket (purchase) baggage (check) gates (load) runway takeoff airplane routing airplane routing ticket (complain) baggage (claim) gates (unload) runway landing airplane routing a series of steps Introduction 1-25
Layering of airline functionality ticket (purchase) ticket (complain) ticket baggage (check) baggage (claim baggage gates (load) gates (unload) gate runway (takeoff) runway (land) takeoff/landing airplane routing airplane routing airplane routing airplane routing airplane routing departure airport intermediate air-traffic control centers arrival airport layers: each layer implements a service via its own internal-layer actions relying on services provided by layer below NCSU CSC401 Lina Battestilli 26
Why layering? Helps us deal with complex systems explicit structure allows identification, relationship of complex system s pieces layered reference model for discussion reusable component design modularization eases maintenance, updating of system change of implementation of layer s service transparent to rest of system e.g., change in gate procedure doesn t affect rest of system layering considered harmful? NCSU CSC401 Lina Battestilli 27
The 5 Layer Internet Model Source End-Host Application HTTP, SMTP Transport Network Link Physical TCP, UDP IP, routing protocols Ethernet, WiFi Bits on the wire NCSU CSC401 Lina Battestilli 28
The 5 Layer Internet Model Source End-Host Destination End-Host Application Application Transport Router Router Transport Network Network Network Network Link Physical Link Physical Link Physical Link Physical NCSU CSC401 Lina Battestilli 29
The network layer is special We must use the Internet Protocol (IP) - IP makes a best-effort attempt to deliver our datagrams to the other end. But it makes no promises. - IP datagrams can get lost, can be delivered out of order, and can be corrupted. There are NO guarantees! CS144, Stanford University
The 5 Layer Internet Model Application Transport TCP, UDP Network Link Physical NCSU CSC401 Lina Battestilli 31
The 5 Layer Internet Model Application HTTP, SMTP Transport Network Link Physical NCSU CSC401 Lina Battestilli 32
Putting it all together Source End-Host Destination End-Host Application Application Transport Router Router Transport Network Network Network Network Link Physical Link Physical Link Physical Link Physical NCSU CSC401 Lina Battestilli 33
Summary of 5Layer Model Application Transport Network Link Physical Bi-directional reliable byte stream between two applications, using application-specific semantics (e.g. http, bit-torrent). Guarantees correct, in-order delivery of data endto-end. Controls congestion. Delivers datagrams end-to-end. Best-effort delivery no guarantees. Must use the Internet Protocol (IP). Delivers data over a single link between an end host and router, or between routers NCSU CSC401 Lina Battestilli 34
IP is the thin waist Application Transport Network Link Physical http smtp ssh ftp TCP UDP RTP IP Ethernet WiFi DSL 3G NCSU CSC401 Lina Battestilli 35
The 7-layer OSI Model Application http ASCII Application Presentation 7 6 Transport Network Link Physical TCP IP Ethernet Session Transport Network Link Physical 5 4 3 2 1 The 7-layer OSI Model 36
segment datagram frame message H l H t H n H t H n H t M M M M source application transport network link physical Encapsulation link physical switch H l H n H n H t H t H t M M M M destination application transport network link physical H l H n H n H t H t M M network link physical H n H t M router
Outline Computer Networks and the Internet (Ch 1) 1.1 What is the Internet? 1.2 network edge end systems, access networks, links 1.3 network core circuit switching, packet switching, network structure 1.4 delay, loss, throughput in networks 1.5 protocol layers, service models 1.6 networks under attack: security 1.7 history NCSU CSC401 Lina Battestilli 38
Network security field of network security: how bad guys can attack computer networks how we can defend networks against attacks how to design architectures that are immune to attacks Internet not originally designed with (much) security in mind original vision: a group of mutually trusting users attached to a transparent network Internet protocol designers playing catch-up security considerations in all layers!
Bad guys: put malware into hosts via Internet malware can get in host from: virus: self-replicating infection by receiving/executing object (e.g., e-mail attachment) worm: self-replicating infection by passively receiving object that gets itself executed spyware malware can record keystrokes, web sites visited, upload info to collection site infected host can be enrolled in botnet, used for spam. DDoS attacks
Bad guys: attack server, network infrastructure Denial of Service (DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic 1. select target 2. break into hosts around the network 3. send packets to target from compromised hosts target
Bad guys can sniff packets packet sniffing : broadcast media (shared ethernet, wireless) promiscuous network interface reads/records all packets (e.g., including passwords!) passing by A C src:b dest:a payload B wireshark is a (free) packet-sniffer
Bad guys can use fake addresses IP spoofing: send packet with false source address A C src:b dest:a payload B lots more on security ( Chapter 8)
Outline Computer Networks and the Internet (Ch 1) 1.1 What is the Internet? 1.2 network edge end systems, access networks, links 1.3 network core circuit switching, packet switching, network structure 1.4 delay, loss, throughput in networks 1.5 protocol layers, service models 1.6 networks under attack: security 1.7 history NCSU CSC401 Lina Battestilli 44
http://nsf.gov/news/special_reports/nsf-net NCSU CSC401 Lina Battestilli 45
References Some of the slides are identical or derived from 1. Slides for the 7 th edition of the book Kurose & Ross, Computer Networking: A Top-Down Approach, 2. Slides by Jim Kurose for his CSC453 course at Umass 3. Slides from Nick McKeown, CS144 at Stanford University NCSU CSC401 Lina Battestilli