1 / 45

15-441 Roundup

15-441 Roundup. 7-layer or 4-layer dip?. Layering: Reuse, interoperability OSI 7-layer model. Application. Application. 7. Presentation. Presentation. 6. Session. Session. 5. Transport. Transport. 4. Network. Network. Network. 3. Data link. Data link. Data link. 2.

bdickens
Télécharger la présentation

15-441 Roundup

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 15-441 Roundup

  2. 7-layer or 4-layer dip? • Layering: Reuse, interoperability • OSI 7-layer model Application Application 7 Presentation Presentation 6 Session Session 5 Transport Transport 4 Network Network Network 3 Data link Data link Data link 2 Physical Physical Physical 1

  3. OSI Functions • (1) Physical: transmission of a bit stream. • (2) Data link: flow control, framing, error detection. • (3) Network: switching and routing. • (4) Transport: reliable end to end delivery. • (5) Session: managing logical connections. • (6) Presentation: data transformations. • (7) Application: specific uses, e.g. mail, file transfer, telnet, network management. Multiplexing takes place in multiple layers

  4. The TCP/IP Model Application Application (plus libraries) Presentation Session TCP/UDP IP/ICMP Transport Network Data link Data link Physical Physical

  5. Some layers - particularly in the OSI model - not so well defined Layer “violations” often useful for performance reasons. Buffer management Reduce redundant information between headers Layering and stacks

  6. Analog Signal “Digital” Signal 0 0 1 0 1 1 1 0 0 0 1 Bit Stream Packet Transmission 0100010101011100101010101011101110000001111010101110101010101101011010111001 Packets Sender Receiver Header/Body Header/Body Header/Body The lower layers - concepts

  7. Limits to Speed and Distance • Noise: “random” energy is added to the signal. • Attenuation: some of the energy in the signal leaks away. • Dispersion: attenuation and propagation speed are frequency dependent. • Changes the shape of the signal • Effects limit the data rate that a channel can sustain. • But affects different technologies in different ways • Effects become worse with distance. • Tradeoff between data rate and distance

  8. Why Do We Need Encoding? • Meet certain electrical constraints. • Receiver needs enough “transitions” to keep track of the transmit clock • Avoid receiver saturation • Create control symbols, besides regular data symbols. • E.g. start or end of frame, escape, ... • Error detection or error corrections. • Some codes are illegal so receiver can detect certain classes of errors • Minor errors can be corrected by having multiple adjacent signals mapped to the same data symbol • Encoding can be very complex, e.g. wireless.

  9. Encodings • NRZ - “Non-Return to Zero” • Simple: 0 = low, 1 = high • Long runs of 0s and 1s lose synch • NRZI - transition on 1 • Long runs of 0s lose sync • Manchester - low/high = 0, high/low = 1 • Uses 2x as many transitions • 4B/5B, etc - • Encode multiple 0s and 1s. Efficient. Used in Ethernet. • SONET - many observations of flag pattern.

  10. Datalink Functions • Framing: encapsulating a network layer datagram into a bit stream. • Add header, mark and detect frame boundaries, … • Media access: controlling which frame should be sent over the link next. • Easy for point-to-point links; half versus full duplex • Harder for multi-access links: who gets to send? • Error control: error detection and correction to deal with bit errors. • May also include other reliability support, e.g. retransmission • Flow control: avoid that the sender outruns the receiver.

  11. CSMA/CD Algorithm • Carrier Sense Multiple Access / with Collision Detection • Sense for carrier. • If carrier present, wait until carrier ends. • Send packet and sense for collision. • If no collision detected, done transmitting • Otherwise, abort immediately, perform “exponential back off” and send packet again. • Start to send at a random time picked from an interval • Length of the interval increases with every retransmission

  12. Collision Detection: Implications A B C • All nodes must be able to detect the collision. • Any node can be sender • => Must either have short wires, long packets, or both. • Can calculate length/distance based on transmission rate and propagation speed. • Messy: propagation speed is media-dependent, low-level protocol details, .. • Minimum packet size is 64 bytes • Cable length ~256 bit times • Example: maximum coax cable length is 2.5 km

  13. Internetworking Options 7 7 7 7 6 6 6 6 5 5 5 5 4 4 4 4 data link 3 3 3 3 physical 2 2 2 2 2 1 1 1 1 1 1 1 repeater Switching/bridging (e.g. 802 MAC) 7 7 7 7 6 6 6 6 5 5 5 5 . . . network 4 4 4 4 3 3 3 3 3 3 3 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 router gateway

  14. Internetworking • Repeaters: Physical link. One big collision / transmission domain. • Bridges: Datalink. Can separate broadcast domains and selectively forward traffic. Transparent - preserve MAC addresses. • Routers: Separate addressing domains. Forward through diff. MAC addresses.

  15. IP • CIDR - Classless Inter-Domain Routing • 192.4.16/24 == 255.255.255.0 • == 24 bits of network, 8 bits of host • Covers 192.4.16.0 - 192.4.16.255 • 192.4.16./23 == 25.255.254.0 • Covers 192.4.16.0 - 192.4.17.255 • Enables more efficient use of address space through aggregation. • Routing by longest-prefix match • /29 is “longer” (more 1s) than /24.

  16. Routing Protocols • Intra-domain: • RIP: Routing Information Protocol • Distance-Vector. • Send information about table to neighbors (per-dest cost) • Count to infinity problem. • Split horizon - Don’t advertise routes back to next-hop • Poison reverse: Advertise infinite metric to next-hop • Neither of these solves all loop problems! • OSPF: Open Shortest Path First • Link-state. • Flood neighbor info to entire network • Each node generates own routing table • Fast convergence, but lots of traffic for large nets • Inter-domain: • BGP: Border Gateway Protocol • Path-Vector. Send full AS path along with announcement. • Solves loop problems with DV.

  17. BGP • Internet divided into Autonomous Systems. Each has unique #. • Each AS sends routes with BGP • Remember: IBGP full-mesh. Why? • No AS # to distinguish loops. • ASes route internally with an IGP (OSPF, etc). • Some terms: • MED (Multi-Exit Discriminator): Peers send to influence remote peer’s routing. • Localpref: One AS configures to change routing to a peer.

  18. AS relationships • Transit: I pay you, you carry my traffic to anyone • Peering: (Often) free, you carry my traffic to your customers and vise-versa. • “Valley-free” routing • A formalization of the above.

  19. Multicast • A lot of multicast on project1, so • Won’t be on the final exam. • (Aren’t you glad you came to class today?) • Multicast today • Deployed inside organizations / etc. • Iffy if you want to use across Internet • Concepts useful! E.g., overlay multicast

  20. Tunnels, NATs, etc • Things to remember: • NAT - network address translator • Lets you use private addresses inside net • May let you share one external address • (Port-translating NAT) • Can break end-to-end reachability & naming • IPv6: • 128 bit address space • Cleaned up header, no fragmentation, no checksum, fixed option processing. • For faster router processing

  21. Cont’d. • Tunnels - wrap packets in an extra IP header • Send indirectly • Implement overlay networks (e.g., overlay multicast, etc.)

  22. DNS • The Domain Name System • Distributed name -> IP (and back) database • Addresses returned by “A” records • Hierarchical. Goes from the root (“.”) down. Each level can delegate an “NS” (name server) record. • Recursive resolvers - answer a query completely. Iterative resolvers - give you the next step. • Caching: TTL-based.

  23. Transport & TCP • Duties may include: • Reliability, in-order, demultiplexing, message boundaries, congestion control • UDP (User Datagram Protocol): Just demux & checksum. Unreliable, etc. • TCP (Transmission Conrol Protocol): Reliable, in order byte-stream w/congestion control.

  24. Transport Demux • TCP & UDP both use “ports” - 16 bit #s - as demux keys

  25. ARQ • “Automatic Repeat Request” • (ARR would have endorsed piracy?) • Simplest: Stop-and-Wait • Send packet, wait for response, iterate… • Slow. • Go-back-N • Uses a window. Usually along with… • Sliding window flow control • Use more capacity. • How to size that window? There’s the rub.

  26. Sizing Windows • Optimal window size: bw * rtt • Why? Capacity of the pipe, in both directions. • Must keep sending pkts until first ACK gets back to you (one RTT). • BW is available bw. • Must not blast traffic: Congestion Collapse • More work -> more wasted packet retransmissions • In the limit: no useful packets get through! • How do we find a good window size?

  27. Congestion Control • Fair and efficient use • Network based (ECN, etc) or end-to-end (TCP) • AIMD: Additive Increase, Multiplicative Decrease • Converges to fair & efficient use. Cool! • What TCP does. MD = cut by half. AI = add one per RTT.

  28. TCP • Three-way Handshake: SYN / SYN-ACK / ACK. • ISN - Initial Sequence Number • Each side picks one • TCP is byte-oriented • Tear down with FIN (finshed) • Signal error with RST (reset)

  29. TCP 2 • Timeouts: Should be familiar • EWMA = Exponential Weighted Moving Average = Low-pass filter • srtt = (alpha * srtt) + (1 - alpha) * new_sample • Track RTT and linear deviation • Linear deviation always > std. dev • Why? RTT variation is high under high loads because buffers fill, adding queueing delay

  30. Pacing • ACK clocking sends pkts out more slowly • Avoid huge bursts (fill buffers -> loss -> bad) • Slow Start: Get up to “operating range” quickly (exponential growth).

  31. SACK & Enhancements • Selective ACKnowledgements • Bitmap of received backets • Help recover from multiple losses in window • All TCP variants need large enough window to recover from losses • Nagel’s Algorithm: Delay briefly to coalesce small packets - one outstanding small packet.

  32. TCP Performance • Single link, need router buffers • 75% link utilization vs 100% link utilization • How big buffer? Conservatively, BW * RTT • There’s that number again. So common, it can’t help but show up on the final in some form. • Simple model: • (most ignore the constants)

  33. Queueing • FIFO: First In, First Out • Scheduling: Who goes out when? • Fairness, etc., entirely up to end hosts • Fair Queueing • Routers decide who gets to go (e.g., round-robin, Weighted Fair Queueing (WFQ), etc.) • Drop-Tail • Drop policy: drop new pkts if queue is full • Can synchronize flows • AQM: Active Queue Management • RED - Random Early Detection • Randomly marks (or drops) pkts before queue full

  34. Sharing • Max-Min Fairness • Small demands get what they want; • Large demands compromise • GPS: Generalized Processor Sharing • Fluid model for Max-Min fairness • Accounts for packet sizes • Fair Queueing: Compute virtual completion times, send accordingly • Complex, per-flow state. But nice results.

  35. QoS • Quality of Service • Differentiate between flows • Some get “good” service (guarantees, etc) • Some get best effort • Application utility curves • Elastic (file xfer) vs. Inelastic (hard realtime) • Requires admission control • Can’t over-promise! • Token Buckets • Rate: Let average amount of traffic through • Bucket: Accommodate some burstiness • RSVP - Resource reServVtion Protocol • Set up QoS / token bucket state at routers on path

  36. Wireless • Mobility • Routing solution: excess global state • Mobile IP: Triangle routing, tunneling via “home agent” that proxies for mobile node • TCP solution: Re-bind connection • Link layer: Learning bridges • Noisy -> losses • Link-layer retransmission (802.11) • End-to-end approach (SACK, ELN - Explicit Loss Notification).

  37. Wireless MAC issues • CSMA/CD doesn’t work too well • Hard to listen while transmitting • Hidden terminal - clobber someone else • Exposed terminal - mistakenly think you’ll clobber • Solution: RTS / CTS • Ready To Send / Clear To Send

  38. Ad Hoc Networks • Routing harder: No fixed infrastructure • Protocols • DSR - Dynamic Source Routing • AODV - Ad Hoc On-Demand Distance Vector • Sensor Networks • Limited battery life drives everything • Multi-hop can save power (Tx power proportional to distance squared) • Aggregation holds the big promise. Don’t do n^2 communication…

  39. HTTP • HyperText Transfer Protocol • Stateless request-response protocol over TCP • Persistent HTTP: Optimizes for fewer TCP connection setups. • Fewer slow starts, 3-way handshakes • Caching • Expires: header, Get-If-Modified-Since request • ETags (“Entity Tags”) help identify version of document when using cookies, etc.

  40. Web Caching • Proxy Caches • Client-based. • Content Distribution Networks • Server-driven. • Usually use DNS to send client to replica • Mapping problem • Example: Akamai • Big benefit: Coping with flash crowds • Much content (50%?) uncacheable • Dynamic • Unpopular

  41. P2P • Search techniques: Centralized (napster), broadcast (gnutella), superpeers (KaZaA), routing (Chord) • Consistent Hashing • Goal: Don’t move all content around when # of buckets changes slightly • Used in Chord to do routing in log(n) hops using finger table • Points 1/2, 1/4, 1/8, … way around the ring

  42. Security • Private Key • E.g., DES (“Data Encryption Standard”), or newer AES (“Advanced Encryption Standard”) • Must have a shared secret. • Public Key • E.g., RSA, Diffie-Hellman • Can encrypt to a public key, and not read • Must have the public key. *really* slow. • Key Distribution - big challenge! • Private: Kerberos (andrew) • Public: Certificiate Authorities (mozilla)

  43. Security 2 • Hash functions • One-way. We hope. • Digital signature: Sign a hash of the data • SSL - “Secure Sockets Layer” • Pre-packaged encryption/etc. routines • Now “TLS” (Transport Layer Security) • Used in HTTPS/etc. • IPSEC - ip-layer security

  44. Network Security • IP model assumed “much trust” • Spoofing source IPs • DoS - “Denial of Service” attacks • DDoS - “Distributed DoS” • - Hundreds/thousands+ of attack machines • TCP ISN adds some protection • As long as it’s really random. :)

  45. Firewalls! • Filter traffic in network • Stateless - match static traffic rules • Stateful - remember more about connections • Basic: Match src, dst, ports, flags • Expect a question about filtering to specific CIDR blocks • Set up rules to do the right things • Create CIDR blocks to match the right ranges of IP addresses… • IDS = “Intrusion Detection System” • Tell you when you’ve been hacked. :) (Or who’s trying to hack you)

More Related