1 01-Overview

Previous: 00-Inspiration.html

1.1 Audio-recording

1.2 Reading

  1. Overview
  2. Structure and function
  3. Delay, protocols, security

1.3 Intro

Our goal for today:
* get “feel” for big picture and terminology
* more depth, detail later in course
* approach: use Internet as example

* what’s the Internet?
* what’s a protocol?
* network edge:
* hosts, access net, physical media
* network core:
* packet/circuit switching, Internet structure
* performance:
* loss, delay, throughput
* protocol layers, service models
* security


1.4 What is the internet


1.4.1 Perspective 1: Physical and information infrastructure

Billions of connected computing devices:
* hosts = end systems
* running network apps
* smart devices

Communication links:
* fiber, copper, radio, satellite
* transmission rate: bandwidth

Packet switches:
* forward packets (chunks of data)
* routers and switches

Inter-networked networks:
* Interconnected ISPs

* control sending, receiving of messages
* e.g., TCP, IP, HTTP, 802.11

Internet standards:
* RFC: Request for comments
* IETF: Internet Engineering Task Force

1.4.2 Perspective 2: Service

Infrastructure that provides services to applications:
* Web, VoIP, email, games, e-commerce, social nets, …

Provides programming interface to apps:
* hooks that allow sending and receiving app programs to “connect” to Internet
* provides service options, analogous to postal service

1.4.3 Human protocols versus Network protocols

What do you do if you accidentally interrupt someone?
What are some other human protocols?

A network protocol is similar to a human protocol, except that the entities exchanging messages and taking actions are hardware or software components of some device (for example, computer, smartphone, tablet, router, or other network-capable device).

A protocol defines the format and the order of messages exchanged between two or more communicating entities, as well as the actions taken on the transmission and/or receipt of a message or other event.

All communication activity in Internet governed by protocols, public or proprietary.

1.5 Packet order

Arrival order packet joke!
is critical to good a make

1.6 Network edge

Network edge:
* hosts: clients and servers
* servers often in data centers

Access networks, physical media:
* wired, wireless communication links

Network core:
* interconnected routers network of networks

1.6.1 End systems

Hosts = end systems, BOTH clients and servers
Routers = core

1.6.2 Access networks

Q: How to connect end systems to edge router?
* residential access nets
* institutional access networks (school, company)
* mobile access networks

keep in mind:
* bandwidth (bits per second) of access network?
* shared or dedicated?

01-Overview/k04.png DSL ISP

* use existing telephone line to central office DSLAM
* data over DSL phone line goes to Internet
* voice over DSL phone line goes to telephone net
* < 2.5 Mbps upstream transmission rate (typically < 1 Mbps)
* < 24 Mbps downstream transmission rate (typically < 10 Mbps) Cable ISP

frequency division multiplexing:
different channels transmitted in different frequency bands Fiber / FTTH ISP

01-Overview/k07.png Home network

01-Overview/k09.png Ethernet (like campus)

* typically used in companies, universities, etc.
* 10 Mbps, 100Mbps, 1Gbps, 10Gbps transmission rates
* today, end systems typically connect into Ethernet switch Wireless

Two uses of the term:

  1. Shared wireless access network connects end system to router
  2. Wide-area wireless access Terms

Computer networks are often classified in function of the geographical area that they cover
* LAN : a local area network typically interconnects hosts that are up to a few or maybe a few tens of kilometers apart.
* MAN : a metropolitan area network typically interconnects devices that are up to a few hundred kilometers apart
* WAN : a wide area network interconnect hosts that can be located anywhere on Earth

1.6.3 Topology Full mesh

* To allow any host to send messages to any other host in the network, the easiest solution is to organize them as a full-mesh, with a direct and dedicated link between each pair of hosts.
* Such a physical topology is sometimes used, especially when high performance and high redundancy is required for a small number of hosts.
* However, it has two major drawbacks.
* For a network containing n hosts, each host must have n-1 physical interfaces.
* In practice, the number of physical interfaces on a node will limit the size of a full-mesh network that can be built. Bus

* The second possible physical organization, which is also used inside computers to connect different extension cards, is the bus.
* In a bus network, all hosts are attached to a shared medium, usually a cable through a single interface.
* When one host sends an electrical signal on the bus, the signal is received by all hosts attached to the bus.
* A drawback of bus-based networks is that if the bus is physically cut, then the network is split into two isolated networks.
* For this reason, bus-based networks are sometimes considered to be difficult to operate and maintain, especially when the cable is long and there are many places where it can break.
* Such a bus-based topology was used in early Ethernet networks. Star

* A third organization of a computer network is a star topology.
* In such topologies, hosts have a single physical interface and there is one physical link between each host and the center of the star.
* The node at the center of the star can be either a piece of equipment that amplifies an electrical signal, or an active device, such as a piece of equipment that understands the format of the messages exchanged through the network.
* Of course, the failure of the central node implies the failure of the network.
* However, if one physical link fails (e.g. because the cable has been cut), then only one node is disconnected from the network.
* In practice, star-shaped networks are easier to operate and maintain than bus-shaped networks.
* Many network administrators also appreciate the fact that they can control the network from a central point.
* Administered from a Web interface, or through a console-like connection, the center of the star is a useful point of control (enabling or disabling devices) and an excellent observation point (usage statistics). Ring

* A fourth physical organization of a network is the Ring topology.
* Like the bus organization, each host has a single physical interface connecting it to the ring.
* Any signal sent by a host on the ring will be received by all hosts attached to the ring.
* From a redundancy point of view, a single ring is not the best solution, as the signal only travels in one direction on the ring;
* thus if one of the links composing the ring is cut, the entire network fails.
* In practice, such rings have been used in local area networks, but are now often replaced by star-shaped networks.
* In metropolitan networks, rings are often used to interconnect multiple locations.
* In this case, two parallel links, composed of different cables, are often used for redundancy.
* With such a dual ring, when one ring fails all the traffic can be quickly switched to the other ring. Tree

* A fifth physical organization of a network is the tree.
* Such networks are typically used when a large number of customers must be connected in a very cost-effective manner.
* Cable TV networks are often organized as trees. Hybrid

* In practice, most real networks combine part of these topologies.
* For example, a campus network can be organized as a ring between the key buildings, while smaller buildings are attached as a tree or a star to important buildings.
* An ISP network may have a full mesh of devices in the core of its network, and trees to connect remote users.

1.6.4 Physical media Wire Radio

1.7 Network core

1.7.1 Two key network-core functions

* determines source-destination route taken by packets
* a variety of routing algorithms
* operates on longer time-scales

* move packets from router’s input to appropriate router output
* chooses instant path of packet

Difference between routing and forwarding?

1.7.2 Packet switching

* In a network application, end systems exchange messages with each other.
* Messages can contain anything the application designer wants.
* Messages may perform a control function (for example, the “Hi” messages in our handshaking example in or can contain data, such as an email message, a JPEG image, or an MP3 audio file.
* To send a message from a source end system to a destination end system, the source breaks long messages into smaller chunks of data known as packets.
* Between source and destination, each packet travels through communication links and packet switches (for which there are two predominant types, routers and link-layer switches). To whom? broadcast

In TV and radio transmission, broadcast is often used to indicate a technology that sends a video or radio signal to all receivers in a given geographical area. Broadcast is sometimes used in computer networks, but only in local area networks where the number of recipients is limited. unicast

The first and most widespread transmission mode is called unicast. In the unicast transmission mode, information is sent by one sender to one receiver. The example shows a network with two types of devices: hosts (drawn as computers) and intermediate nodes (drawn as cubes). Hosts exchange information via the intermediate nodes. In the example below, when host S uses unicast to send information, it sends it via three intermediate nodes. Each of these nodes receives the information from its upstream node or host, then processes and forwards it to its downstream node or host. This is called store and forward and we will see later that this concept is key in computer networks. multicast

A second transmission mode is multicast transmission mode. This mode is used when the same information must be sent to a set of recipients. It was first used in LANs but later became supported in wide area networks. When a sender uses multicast to send information to N receivers, the sender sends a single copy of the information and the network nodes duplicate this information whenever necessary, so that it can reach all recipients belonging to the destination group. anycast

The last transmission mode is the anycast transmission mode. It was initially defined in RFC 1542. In this transmission mode, a set of receivers is identified. When a source sends information towards this set of receivers, the network ensures that the information is delivered to one receiver that belongs to this set. Routing and forwarding

* Every end system has an address called an IP address.
* Source includes the destination’s IP address in the packet’s header.
* Address has a hierarchical structure.
* router examines a portion of the packet’s destination address and forwards the packet to best adjacent router.
* Each router has a forwarding table that maps destination addresses (or portions of the destination addresses) to that router’s outbound links.
* When a packet arrives at a router, the router examines the address and searches its forwarding table, using this destination address, to find the appropriate outbound link.
* Multiple routing protocols that are used to automatically develop the forwarding tables themselves.
* E.g., determine the shortest path from each router to each destination and use the shortest path results to configure the forwarding tables in the routers. Store-and-forward packet switching

* Takes L/R seconds to transmit (push out) L-bit packet into link at R bps
* Store and forward: entire packet must arrive at router before it can be transmitted on next link
* End-end delay = 2L/R (assuming zero propagation delay)

one-hop numerical example:
L = 7.5 Mb
R = 1.5 Mb/s
one-hop transmission delay = 5 sec Packet queuing and loss

* If arrival rate (in bits) to link exceeds transmission rate of link for a period of time, packets will queue, wait to be transmitted on link.
* Packets can be dropped (lost) if memory (buffer) fills up

1.7.3 Circuit switching

* end-end resources allocated to, reserved for “call” between source & dest:
* in diagram, each link has four circuits.
* a call gets 2nd circuit in top link and 1st circuit in right link.
* dedicated resources: no sharing
* circuit-like (guaranteed) performance
* circuit segment idle if not used by call (no sharing)
* commonly used in traditional telephone networks

How does this compare to packet switching?

A circuit in a link is implemented with either:
* frequency-division multiplexing (FDM) or
* time-division multiplexing (TDM).

1.7.4 Packet versus circuit switching

Packet switching
* great for bursty data
* resource sharing
* simpler, no call setup (reserving a line)
* excessive congestion possible: packet delay and loss
* protocols needed for reliable data transfer, congestion control
* Q: How to provide circuit-like behavior?
* bandwidth guarantees needed for audio/video apps
* still an unsolved problem
* Q: human analogies of reserved resources (circuit switching) versus on-demand allocation (packet-switching)?

+++++++++++++ Cahoot-01-1

1.7.5 Global network structure Internet structure: network of networks Network of ISPs

Not just technical considerations: corporate, historical, collusive, regulatory

++++++++++++++ Cahoot-01-2

1.8 Delay, loss, throughput

1.8.1 Nodal delay at router A

How does loss and delay occur?

All delay is not the same.
If we let d_proc, d_queue, d_trans, and d_prop denote the processing, queuing, transmission, and propagation delays, then the total nodal delay is given by:

`d_nodal = d_proc + d_queue + d_trans + d_prop`

Network load
The impact of increasing network load is super-linear on delay

R: link bandwidth (bps)
L: packet length (bits)
a: average packet arrival rate

La/R ~ 0: avg. queueing delay small
La/R -> 1: avg. queueing delay large
La/R > 1: more “work” arriving than can be serviced, average delay infinite!

1.8.2 What do “real” Internet delay and loss look like?

The traceroute program provides delay measurement from source to router along end-end Internet path towards destination.

For all i:
* sends three packets that will reach router i on path towards destination
* router i will return packets to sender
* sender times interval between transmission and reply. Commands to try

(watch with Wireshark too):
$ traceroute mst.edu
$ traceroute www.mst.edu
$ traceroute efpl.ch
$ traceroute www.epfl.ch

Alternative fancier program:
$ mtr epfl.ch

1.8.3 Dropped packets

With no place to store such a packet, a router will drop that packet; that is, the packet will be lost.

1.9 Throughput

These could reasonably often have the same throughput, but which likely has worse delay?

Bottleneck throughput limitations tend to be servers and local ISPs (edge), not the backbone (core).

1.10 Protocol layers, service models

Analogy: horizontal layering of airline functionality
* layers:
* each layer implements a service
* via its own internal-layer actions
* relying on services provided by layer below

1.10.1 Layered protocols

1.10.2 Layering

Why layering?

Internet protocol stack

  1. Application:
  2. Transport:
  3. Network:
  4. Link:
  5. Physical:
01-Overview/pasted_image003.png Application


Supporting network applications
* Network applications and their application-layer protocols reside here
* Examples:
* HTTP Hypertext Transfer Protocol provides for Web document request and transfer (example Wireshark http://httpforever.com/)
* SMTP Simple Mail Transfer Protocol provides for the transfer of e-mail messages
* FTP (which provides for the transfer of files between two end systems).
* DNS provides translation of human-friendly names for Internet end systems like https://www.ietf.org to a 32-bit network address (ipv4). This is also done with the help of a specific application-layer protocol, namely, the Domain Name System (DNS).
* An application-layer protocol is distributed over multiple end systems, with the application in one end system using the protocol to exchange packets of information with the application in another end system.
* Packet of information at application layer is a message.
* Encryption often implemented at this layer (though it should at least as low as the Network/IP-layer).

The upper layer of our architecture is the Application layer.
This layer includes all the mechanisms and data structures that are necessary for the applications.
Our big-picture book calls these packets ADUs.

01-Overview/intro-figures-031-c.svg Transport


OS-Process to OS-process data transfer
* Transports application-layer messages between application endpoints
* In the current Internet, there are two primary transport protocols, TCP and UDP, either of which can transport application-layer messages.
* TCP (Transmission Control Protocol) provides a connection-oriented service to its applications.
* Guaranteed delivery of application-layer messages to the destination
* Flow control (that is, sender/receiver speed matching).
* Congestion-control mechanism, so that a source throttles its transmission rate when the network is congested.
* UDP (User Datagram Protocol) protocol provides a connectionless service to its applications.
* No-frills service that provides no reliability, no flow control, and no congestion control.
* Transport-layer packet is a segment.

01-Overview/intro-figures-030-c.svg Network


Routing of datagrams from source to destination
* Responsible for moving network-layer packets known as datagrams from one host to another.
* Transport-layer protocol (TCP or UDP) from source host passes a transport-layer segment and a destination address to the network layer
* Network layer then provides the service of delivering the segment to the transport layer in the destination host.
* Network layer includes the celebrated IP, which defines the fields in the datagram as well as how the end systems and routers act on these fields.
* There is only one IP protocol (or two…), and all Internet components that have a network layer must run it.
* Network layer also contains many routing protocols that determine the routes



Data transfer between adjacent nodes
* At each node, the network layer passes the datagram down to the link layer, which delivers the datagram to the next node along the route.
* At this next node, the link layer passes the datagram up to the network layer.
* Some link-layer protocols provide reliable delivery, from transmitting node, over one link, to receiving node.
* Examples of link-layer protocols include: Ethernet, WiFi, the cable access network’s DOCSIS protocol, and more
* A datagram may be handled by Ethernet on one link and by Wifi on the next link.
* The network layer (above) will receive a different service from each of the different link-layer protocols.
* link-layer packets are frames. Physical


Bits “on the wire”
* The protocols in this layer are again link dependent and further depend on the actual transmission medium of the link (for example, twisted-pair copper wire, single-mode fiber optics).
* For example, Ethernet has many physical-layer protocols: one for twisted-pair copper wire, another for coaxial cable, another for fiber, and so on.
* In each case, a bit is moved across the link in a different way.

An important point to note about the Physical layer is the service that it provides. This service is usually an unreliable connection-oriented service that allows the users of the Physical layer to exchange bits. The unit of information transfer in the Physical layer is the bit. The Physical layer service is unreliable because:
* the Physical layer may change, e.g. due to electromagnetic interferences, the value of a bit being transmitted
* the Physical layer may deliver more bits to the receiver than the bits sent by the sender
* the Physical layer may deliver fewer bits to the receiver than the bits sent by the sender

Does a packet go through all the layers in edge and the core?
What happens when the core meddles in layers higher than it is intended to?

1.10.3 OSI

IP vs. OSI stacks

ISO/OSI reference model extras


1.10.4 Actual layers (a graph/tree)

Actual graph/tree of protocols

Application on top
Physical on the bottom

1.10.5 Encapsulation and layering

Encapsulating packets


TCP/IP suite
Left two are theoretical, while right is closer to the actual system.


OSI levels


++++++++++++++ Cahoot-01-3

In this graph, what is most central?
What is hardest to change?
What is easiest to innovate with?


Tunneling here is a very interesting way to visualize network protocol interactions.
In some ways, this is the best way to make such a diagram:


+++++++++++++++++++ Cahoot-01-4

1.11 Network security


1.11.1 Types of attack Enumerating targets

# which ports are open?
nmap mst.edu
nmap epfl.ch
nmap www.epfl.ch
# Look at headers:
curl –head info.cern.ch
wget –server-response info.cern.ch
~~~ Malware Attack server, network infrastructure

Denial of Service (DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic

  1. Select target
  2. Break into hosts around the network (botnet)
  3. Send packets to target from compromised hosts

01-Overview/ddos.png Sniffing packets Faking addresses

IP spoofing: send packet with false source address

Next: 02-Application.html