15 441 Roundup 7 layer or 4 layer

15 -441 Roundup

7 -layer or 4 -layer dip? • Layering: Reuse, interoperability • OSI 7 -layer model 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data link 1 Physical

OSI Functions • (1) Physical: transmission of a bit stream. • (2) Data link: flow control, framing, error detection. • (3) Network: switching and routing. • (4) Transport: reliable end to end delivery. • (5) Session: managing logical connections. • (6) Presentation: data transformations. • (7) Application: specific uses, e. g. mail, file transfer, telnet, network management. Multiplexing takes place in multiple layers

The TCP/IP Model Application Presentation Application (plus libraries) Session Transport Network TCP/UDP IP/ICMP Data link Physical

Layering and stacks • Some layers - particularly in the OSI model - not so well defined • Layer “violations” often useful for performance reasons. – Buffer management – Reduce redundant information between headers

The lower layers - concepts Analog Signal “Digital” Signal Bit Stream Packets Packet Transmission 0 0 1 1 1 0 0 0 1 01000101110010101110111000000111101010101011010111001 Header/Body Sender Header/Body Receiver

Limits to Speed and Distance • Noise: “random” energy is added to the signal. • Attenuation: some of the energy in the signal leaks away. • Dispersion: attenuation and propagation speed are frequency dependent. l l Effects limit the that a channel can sustain. – Changes the data shaperate of the » But affects different technologies in different ways signal Effects become worse with distance. » Tradeoff between data rate and distance

Why Do We Need Encoding? • Meet certain electrical constraints. – Receiver needs enough “transitions” to keep track of the transmit clock – Avoid receiver saturation • Create control symbols, besides regular data symbols. – E. g. start or end of frame, escape, . . . • Error detection or error corrections. – Some codes are illegal so receiver can detect certain classes of errors – Minor errors can be corrected by having multiple adjacent signals mapped to the same data symbol • Encoding can be very complex, e. g. wireless.

Encodings • NRZ - “Non-Return to Zero” – Simple: 0 = low, 1 = high – Long runs of 0 s and 1 s lose synch • NRZI - transition on 1 – Long runs of 0 s lose sync • Manchester - low/high = 0, high/low = 1 – Uses 2 x as many transitions • 4 B/5 B, etc – Encode multiple 0 s and 1 s. Efficient. Used in Ethernet. • SONET - many observations of flag pattern.

Datalink Functions • Framing: encapsulating a network layer datagram into a bit stream. – Add header, mark and detect frame boundaries, … • Media access: controlling which frame should be sent over the link next. – Easy for point-to-point links; half versus full duplex – Harder for multi-access links: who gets to send? • Error control: error detection and correction to deal with bit errors. – May also include other reliability support, e. g. retransmission • Flow control: avoid that the sender

CSMA/CD Algorithm • Carrier Sense Multiple Access / with Collision Detection • Sense for carrier. • If carrier present, wait until carrier ends. • Send packet and sense for collision. • If no collision detected, done transmitting • Otherwise, abort immediately, perform “exponential back off” and send packet again. – Start to send at a random time picked from an interval – Length of the interval increases with every

Collision Detection: A B Implications • • • All nodes must be able to detect the collision. – Any node can be sender => Must either have short wires, long packets, or both. Can calculate length/distance based on transmission rate and propagation speed. – Messy: propagation speed is media-dependent, low-level protocol details, . . – Minimum packet size is 64 bytes • Cable length ~256 bit times – Example: maximum coax cable length is 2. 5 km C

7 6 5 4 3 2 1 Internetworking Options physical 1 7 6 5 4 3 2 1 repeater 7 6 5 4 3 2 1 network 3 2 2 1 1 router 7 6 5 4 3 2 1 data link 2 1 1 7 6 5 4 3 2 1 Switching/bridging (e. g. 802 MAC) 7 6 5 4 3 2 1 . . . 3 2 1 gateway 7 6 5 4 3 2 1

Internetworking • Repeaters: Physical link. One big collision / transmission domain. • Bridges: Datalink. Can separate broadcast domains and selectively forward traffic. Transparent - preserve MAC addresses. • Routers: Separate addressing domains. Forward through diff. MAC addresses.

IP • CIDR - Classless Inter-Domain Routing • 192. 4. 16/24 == 255. 0 – == 24 bits of network, 8 bits of host – Covers 192. 4. 16. 0 - 192. 4. 16. 255 • 192. 4. 16. /23 == 25. 254. 0 – Covers 192. 4. 16. 0 - 192. 4. 17. 255 • Enables more efficient use of address space through aggregation. • Routing by longest-prefix match – /29 is “longer” (more 1 s) than /24.

Routing Protocols • • Intra-domain: – RIP: Routing Information Protocol • Distance-Vector. – Send information about table to neighbors (per-dest cost) – Count to infinity problem. » Split horizon - Don’t advertise routes back to next-hop » Poison reverse: Advertise infinite metric to next-hop » Neither of these solves all loop problems! – OSPF: Open Shortest Path First • Link-state. – Flood neighbor info to entire network – Each node generates own routing table • Fast convergence, but lots of traffic for large nets Inter-domain: – BGP: Border Gateway Protocol • Path-Vector. Send full AS path along with announcement. – Solves loop problems with DV.

BGP • Internet divided into Autonomous Systems. Each has unique #. • Each AS sends routes with BGP • Remember: IBGP full-mesh. Why? – No AS # to distinguish loops. • ASes route internally with an IGP (OSPF, etc). • Some terms: – MED (Multi-Exit Discriminator): Peers send to influence remote peer’s routing. – Localpref: One AS configures to change routing to a peer.

AS relationships • Transit: I pay you, you carry my traffic to anyone • Peering: (Often) free, you carry my traffic to your customers and vise-versa. • “Valley-free” routing – A formalization of the above.

Multicast • A lot of multicast on project 1, so • Won’t be on the final exam. – (Aren’t you glad you came to class today? ) • Multicast today – Deployed inside organizations / etc. – Iffy if you want to use across Internet – Concepts useful! E. g. , overlay multicast

Tunnels, NATs, etc • Things to remember: • NAT - network address translator – Lets you use private addresses inside net – May let you share one external address • (Port-translating NAT) – Can break end-to-end reachability & naming • IPv 6: – 128 bit address space – Cleaned up header, no fragmentation, no checksum, fixed option processing. • For faster router processing

Cont’d. • Tunnels - wrap packets in an extra IP header – Send indirectly – Implement overlay networks (e. g. , overlay multicast, etc. )

DNS • The Domain Name System – Distributed name -> IP (and back) database • Addresses returned by “A” records – Hierarchical. Goes from the root (“. ”) down. Each level can delegate an “NS” (name server) record. • Recursive resolvers - answer a query completely. Iterative resolvers - give you the next step. • Caching: TTL-based.

Transport & TCP • Duties may include: – Reliability, in-order, demultiplexing, message boundaries, congestion control – UDP (User Datagram Protocol): Just demux & checksum. Unreliable, etc. – TCP (Transmission Conrol Protocol): Reliable, in order byte-stream w/congestion control.

Transport Demux • TCP & UDP both use “ports” - 16 bit #s as demux keys

ARQ • “Automatic Repeat Request” – (ARR would have endorsed piracy? ) • Simplest: Stop-and-Wait – Send packet, wait for response, iterate… – Slow. • Go-back-N – Uses a window. Usually along with… • Sliding window flow control – Use more capacity. – How to size that window? There’s the rub.

Sizing Windows • Optimal window size: bw * rtt – Why? Capacity of the pipe, in both directions. – Must keep sending pkts until first ACK gets back to you (one RTT). • BW is available bw. – Must not blast traffic: Congestion Collapse • More work -> more wasted packet retransmissions • In the limit: no useful packets get through! • How do we find a good window size?

Congestion Control • Fair and efficient use – Network based (ECN, etc) or end-to-end (TCP) • AIMD: Additive Increase, Multiplicative Decrease – Converges to fair & efficient use. Cool! – What TCP does. MD = cut by half. AI = add one per RTT.

TCP • Three-way Handshake: SYN / SYNACK / ACK. • ISN - Initial Sequence Number – Each side picks one – TCP is byte-oriented • Tear down with FIN (finshed) • Signal error with RST (reset)

TCP 2 • Timeouts: Should be familiar – EWMA = Exponential Weighted Moving Average = Low-pass filter • srtt = (alpha * srtt) + (1 - alpha) * new_sample – Track RTT and linear deviation • Linear deviation always > std. dev – Why? RTT variation is high under high loads because buffers fill, adding queueing delay

Pacing • ACK clocking sends pkts out more slowly • Avoid huge bursts (fill buffers -> loss -> bad) • Slow Start: Get up to “operating range” quickly (exponential growth).

SACK & Enhancements • Selective ACKnowledgements – Bitmap of received backets – Help recover from multiple losses in window • All TCP variants need large enough window to recover from losses • Nagel’s Algorithm: Delay briefly to coalesce small packets - one outstanding small packet.

TCP Performance • Single link, need router buffers – 75% link utilization vs 100% link utilization – How big buffer? Conservatively, BW * RTT – There’s that number again. So common, it can’t help but show up on the final in some form. • Simple model: • (most ignore the constants)

Queueing • FIFO: First In, First Out – Scheduling: Who goes out when? – Fairness, etc. , entirely up to end hosts • Fair Queueing – Routers decide who gets to go (e. g. , round-robin, Weighted Fair Queueing (WFQ), etc. ) • Drop-Tail – Drop policy: drop new pkts if queue is full – Can synchronize flows • AQM: Active Queue Management – RED - Random Early Detection • Randomly marks (or drops) pkts before queue full

Sharing • Max-Min Fairness – Small demands get what they want; – Large demands compromise • GPS: Generalized Processor Sharing – Fluid model for Max-Min fairness – Accounts for packet sizes – Fair Queueing: Compute virtual completion times, send accordingly • Complex, per-flow state. But nice results.

Qo. S • Quality of Service • Differentiate between flows – Some get “good” service (guarantees, etc) – Some get best effort • Application utility curves – Elastic (file xfer) vs. Inelastic (hard realtime) • Requires admission control – Can’t over-promise! • Token Buckets – Rate: Let average amount of traffic through – Bucket: Accommodate some burstiness • RSVP - Resource re. Serv. Vtion Protocol – Set up Qo. S / token bucket state at routers on path

Wireless • Mobility – Routing solution: excess global state – Mobile IP: Triangle routing, tunneling via “home agent” that proxies for mobile node� – TCP solution: Re-bind connection – Link layer: Learning bridges • Noisy -> losses – Link-layer retransmission (802. 11) – End-to-end approach (SACK, ELN - Explicit Loss Notification).

Wireless MAC issues • CSMA/CD doesn’t work too well – Hard to listen while transmitting – Hidden terminal - clobber someone else – Exposed terminal - mistakenly think you’ll clobber • Solution: RTS / CTS – Ready To Send / Clear To Send

Ad Hoc Networks • Routing harder: No fixed infrastructure • Protocols – DSR - Dynamic Source Routing – AODV - Ad Hoc On-Demand Distance Vector • Sensor Networks – Limited battery life drives everything – Multi-hop can save power (Tx power proportional to distance squared) – Aggregation holds the big promise. Don’t do n^2 communication…

HTTP • Hyper. T� ext Transfer Protocol • Stateless request-response protocol over TCP • Persistent HTTP: Optimizes for fewer TCP connection setups. – Fewer slow starts, 3 -way handshakes • Caching – Expires: header, Get-If-Modified-Since request – ETags (“Entity Tags”) help identify version of document when using cookies, etc. �

Web Caching • Proxy Caches – Client-based. • Content Distribution Networks – Server-driven. • Usually use DNS to send client to replica – Mapping problem – Example: Akamai – Big benefit: Coping with flash crowds • Much content (50%? ) uncacheable – Dynamic – Unpopular

P 2 P • Search techniques: Centralized (napster), broadcast (gnutella), superpeers (Ka. Za. A), routing (Chord) • Consistent Hashing – Goal: Don’t move all content around when # of buckets changes slightly • Used in Chord to do routing in log(n) hops using finger table – Points 1/2, 1/4, 1/8, … way around the ring

Security • Private Key – E. g. , DES (“Data Encryption Standard”), or newer AES (“Advanced Encryption Standard”) – Must have a shared secret. • Public Key – E. g. , RSA, Diffie-Hellman – Can encrypt to a public key, and not read – Must have the public key. *really* slow. • Key Distribution - big challenge! – Private: Kerberos (andrew) – Public: Certificiate Authorities (mozilla)

Security 2 • Hash functions – One-way. We hope. – Digital signature: Sign a hash of the data • SSL - “Secure Sockets Layer” – Pre-packaged encryption/etc. routines – Now “TLS” (Transport Layer Security) – Used in HTTPS/etc. • IPSEC - ip-layer security

Network Security • IP model assumed “much trust” – Spoofing source IPs – Do. S - “Denial of Service” attacks – DDo. S - “Distributed Do. S” • - Hundreds/thousands+ of attack machines • TCP ISN adds some protection – As long as it’s really random. : )

Firewalls! • Filter traffic in network – Stateless - match static traffic rules – Stateful - remember more about connections • Basic: Match src, dst, ports, flags • Expect a question about filtering to specific CIDR blocks� – Set up rules to do the right things – Create CIDR blocks to match the right ranges of IP addresses… • IDS = “Intrusion Detection System” – Tell you when you’ve been hacked. : ) (Or who’s trying to hack you)