Introduction to Networks Khaled Harras School of Computer Science Carnegie Mellon University 15-349 Computer and Network Security Fall 2012 Some material borrowed from Hui Zhang and Adrian Perrig 1
Early Internet In the beginning there were two hosts connected to the Internet Trustworthy environment, everyone knew everyone else Network protocols were designed for such a trustworthy environment Internet 2
Current Internet But then, Internet continued to double in size for several years Today, about 1 Billion hosts connected to Internet 3
What Is In a Network? End system Switch (router)» Access switch» Core switch Access line: linking switch and end systems Trunk line» Between switches» Multiple connections simultaneously Multiplexing/demultiplexing 4
How are Networks different? Distributed system: Avoids single point of failure, is fault tolerant Network Environment» Anonymity (Who s behind the machine?)» Automation (Are humans needed?)» Distance (So where is google exactly?)» Opaqueness (Am I talking to the same entity?)» Routing Diversity (How many routes are there to google?) Network Topology» The way in which networks are configured» Boundary, Ownership, Control» LANs, WANs, internets (not I nternet) 5
What is a Protocol? Friendly greeting An agreement between parties on how communication should take place. Protocols may have to define many aspects of the communication. Syntax:» Data encoding, language, etc. Semantics:» Error handling, termination, ordering of requests, etc. Muttered reply Destination? Pittsburgh Thank you 6
Interfaces Each protocol offers an interface to its users, and expects one from the layers on which it builds» Syntax and semantics strike again Data formats Interface characteristics, e.g. IP service model Protocols build upon each other» Add value E.g., a reliable protocol running on top of IP» Reuse E.g., OS provides TCP, so apps don t have to rewrite 7
Why do networking people love layers? 8
The Idea of ing Each layer relies on services from layer below and exports services to layer above Interface defines interaction Hides implementation - layers can change without disturbing other layers (black box) 9
A Fine Grain ing Model The Open Systems Interconnection (OSI) Model. 7 Application Application 6 Presentation Presentation 5 Session Session 4 Transport Transport 3 Network Network Network 2 Data Data link link Data Data link link Data Data link link 1 Physical Physical Physical 10
OSI Functions (1) Physical: transmission of a bit stream. (2) Data link: flow control, framing, error detection. (3) Network: switching and routing. (4) Transport: reliable end to end delivery. (5) Session: managing logical connections. (6) Presentation: data transformations. (7) Application: specific uses, e.g. mail, file transfer, telnet, network management. Multiplexing takes place in multiple layers 11
Simpler ing User A User B Application Transport Network Link Host Host ing: technique to simplify complex systems 12
Encapsulation User A User B Get index.html Connection ID Source/Destination Link Address 13
s and Locations Application Presentation Session Transport Network Data Link Physical Host Switch Router Host 14
Power of ing Solution: Intermediate layer that provides a single abstraction for various network technologies» O(1) work to add app/media» variation on add another level of indirection Application SMTP SSH NFS HTTP Intermediate layer Transmission Media Coaxial cable Fiber optic 802.11 LAN 15
TCP/IP Protocol Suite The complete TCP/IP protocol suite contains many protocols. Not even the following graph is a complete list. User Process User Process User Process User Process Application TCP UDP Transport ICMP IP IGMP Network ARP Hardware Interface RARP Link Media 16
Encapsulation As data is moving down the protocol stack, each protocol is adding layer-specific control information. Application User data Application Header User data TCP TCP Header Application data IP TCP segment Ethernet Driver Ethernet Header IP Header IP Header TCP Header TCP Header IP datagram Ethernet frame Application data Application data Ethernet Trailer 17
Protocol Demultiplexing Multiple choices at each layer FTP HTTP NV TFTP TCP UDP IPX IP Network IP TCP/UDP NET 1 NET 2 NET n Type Field Protocol Field Port Number 18
Internet Protocol Architecture FTP program FTP protocol FTP program TCP TCP protocol TCP IP IP protocol IP IP protocol IP Ethernet Driver Ethernet protocol Ethernet Driver ATM Driver ATM protocol ATM Driver 19
Internet Protocol Architecture MPEG Servier program RTP protocol MPEG Player program UDP UDP protocol UDP IP IP protocol IP IP protocol IP Ethernet Driver Ethernet protocol Ethernet Driver ATM Driver ATM protocol ATM Driver 20
What are some Internet Challenges? Which layer is responsible for addressing this challenge? 21
Domain Name System What s the IP address for www.cmu.edu? It is 128.2.11.43 Computer 1 Local DNS Server DNS server IP address configured in OS 22
Naming Humans use readable host names» E.g. www.cmu.edu» Globally unique (can correspond to multiple hosts) Naming system translates to physical address» E.g. DNS translates name to IP Address (e.g. 128.2.11.43)» Address reflects location in network 23
Application» Service: Handles details of application programs.» Functions:» Depends on what you want to do??? Application Transport telnet, ftp, email www, AFS TCP, UDP Network IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 24
What if the Data gets Lost? Problem: Lost Data GET index.html Internet Solution: Timeout and Retransmit GET index.html GET index.html Internet GET index.html 25
What if the Data is Out of Order? Problem: Out of Order ml inde x.ht GET GET x.htindeml Solution: Add Sequence Numbers ml 4 inde 2 x.ht 3 GET 1 GET index.html 26
What if the Data gets Corrupted? Problem: Data Corruption GET index.html Internet GET windex.html Solution: Add a checksum X 0,9 9 6,7,8 21 4,5 7 1,2,3 6 27
Transport Service: Controls end-to-end delivery of data between hosts. Functions: Connection Establishment, Termination, Error control, flow control, Congestion control, reordering. Application Transport Network telnet, ftp, email www, AFS TCP, UDP IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 28
How do I reach x.y.z.k? Routing is crucial Forwarding tables at each router populated by routing protocols Original Internet: manually updated Routing protocols update tables based on cost» Exchange tables with neighbors or everyone» Use neighbor leading to shortest path What happens if a router is overwhelmed? 29
Network s» Service: Moves packets inside the network.» Functions: Routing, addressing, switching, congestion control. Application Transport telnet, ftp, email www, AFS TCP, UDP Network IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 30
What if the Data Doesn t Fit? Problem: Packet size On Ethernet, max IP packet is 1.5kbytes Typical web page is 10kbytes Solution: Fragment data across packets ml x.ht inde GET GET index.html 31
Data Link» Service: Transfer of frames over a link.» Functions: Synchronization, error control, flow control Medium Access Control (MAC) Application Transport telnet, ftp, email www, AFS TCP, UDP Network IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 32
Degradation of Internet Security Internet has become communication infrastructure for government, economy, society, even for safety-critical uses Unfortunately, trust assumptions of the early Internet do not scale to billions of users Indeed, hackers, criminals, terrorists, military all use the Internet for their activities All this, and so much more, was designed without considering security issues What do we do now????????? 33