h Accs.hac.ac.il/staff/martin/Networks/networks-1.pdf · Computer Networks — Hadassah College — Fall 2015 Overview Dr. Martin Land 3 What is Computer Networking? Local computation

1Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015

Overview

of

Computer Networking


What is Computer Networking?Logical separation of tasks in digital systems

Data exchange between computation unitsCommunication:

Local operations (ALU, load, store, branch, OS, …)Computation:

Local computationRequest information

Receive informationLocal computation

Accept requestProcess requestLocal computationSend response

communication

communication


What is Computer Networking?

Local computationRequest information

Receive informationLocal computation

Accept requestProcess requestLocal computationSend response

Making this workRules — lots of rules!Special hardwareSpecial software

Logical separation of tasks in a digital system

Data exchange between computation unitsCommunication:

Local operations (ALU, load, store, branch, OS, …)Computation:

communication

communication


Approaches to NetworkingWhat's required

Understanding how people and machines communicate

What's technically possibleNetwork topology (graph theory)Message encoding (information theory)Speed and delay (performance theory)

Historical engineering solutionsDivision of laborHierarchy (top-down)Security


Topology

Node Host node

Network edge — user systemsComputer, workstation, …

Intermediate node Hardware/software systems for data communicationModem, hub, switch, concentrator, multiplexor, router, …

LinkTransmission path between neighboring nodes

HopData transfer between neighboring nodes over one link

ChannelTransmission path between nodesMay include intermediate nodes

Computer network as directed or undirected graph

Link

Channel

HostNode

HostNode

IntermediateNode Host

Node


Network Topologies

Bus

Tree

Star

IrregularCompletely Connected

Ring


How People (and Machines) CommunicateRequirements

LanguageMediumNames Rules of conversation (protocols)

PreferencesKeep it simpleWork with minimum details necessary for specific taskObtain details dynamically as needed

Models Define roles in computation processDefine roles in communication processDefine rules of behavior for each role


Models Typical roles in computation

Application programCalling function / called functionOS serviceClass or object

Typical roles in communication

Example — client/server model

both roles Primary and SecondaryBalanced

swap roles Primary ←→ SecondarySymmetric

responds to requestSecondary

initiates request and accepts responsePrimary

Responds to client request (Secondary)Server

Initiates request to server (Primary)Client

Concurrent application programs / threadsClient and Server


Transaction Model

Transaction → request + response

Send Request

Send ResponseReceive Response

Accept RequestRequest

Response

Primary Secondary

Processing

General model with many casesFamiliar examples

main() calls function(x)Procedural transaction

Browser requests page from websiteClient / Server transaction


Layered SystemsSystem divided into logical layersWithin layer

Subsystems interact tightlyExample

Between layersSubsystems interact through programming interfaceExample

// subsystems: i, a[i], b[i], c[i]for ( i = 0 ; i < 1024 ; i++){

a[i] = b[i] + c[i] ;}

// subsystems: main(), f(x)main(){

y = f(x) ;}f(x){

return y;}

main()

Calling function, Primary f(x)

Called function, Secondary


Standard Agent RelationshipsAgent

Software or hardware entity

Peer relationshipTwo+ independent agents at same layer in layered modelExamples

Independent user application layer programsMicrosoft Word + PowerPointWeb Client (browser) + Web Server (website)

Independent OS layer programsUSB driverWiFi driver

Service relationshipmain() calls function(x)Microsoft Word calls printer driverApplication program opens socket (OS call)


Peer‐to‐Peer TransactionPeer-to-Peer (P2P)

Transaction between agents of equal level or statusUsually CLIENT / SERVER model (not necessarily)

ExampleWeb service

Browser and web server — application programs (equal status)

Request Browser (web client) sends page request to web server

Response Web server sends page content to browser

http://www.domain/page.html

page.html

Primary —web client Secondary —web server


Protocol ExamplesTransaction protocols

Hypertext Transfer Protocol (HTTP)Browser requests web page from web serverWeb server provides page as response

Post Office Protocol version 3 (POP3)Client system requests email messages from email serverEmail server provides messages as a response

Protocols


Service TransactionService

Transaction between agents of unequal level or statusExample

User program makes OS call to open fileUser program is application running above OSOS performs performs low-level services for applications

RequestApplication program issues OS call

ResponseOS opens file and returns file descriptor

Primary — user program

Secondary —OS

open file

filedescriptor


Service Transaction ExampleCalling function → Called function

Request Caller invokes called function with parameter

ResponseCalled function returns with result

user(){local workresponse = provider(parameters)local work

}provider(parameters){

local workreturn response

}

Service transactionService request

+Service response


General Layered Service ModelTask divided into layers

Layer n

Provider to layer n + 1User to layer n – 1

Interface

Boundary between layers

Simple example

Two service transactionsLayer 3 calls layer 2Layer 2 calls layer 1

Layer 2 Provider to layer 3User to layer 1

layer_3(){local workresponse-2 = layer_2(p3-2)local work

}layer_2(p3-2){

local workresponse-1 = layer_1(p2-1)local workreturn response-2

}layer_1(p2-1){

local workreturn response-1

}


ProtocolProtocol

Rules for transaction between peersExamples

SyntaxSemanticsSynchronizationProceduresAlgorithms Naming

Layered communicationCommunication task divided into layers

Protocol stackSpecific peer-to-peer protocol defined at each layer

Protocols


Protocol Stack

Tanenbaum (3rd ed) Figure 1‐9, p. 17


Services and Protocols


Protocol Stack Example

Tanenbaum (3rd ed) Figure 1‐10, p. 19


Layered Protocol ModelLayer n protocol

Performs VIRTUAL COMMUNICATION between layer n peers Exchanges layer n information with layer n peer

Layer n serviceReceives request from layer n + 1Passes request to layer n – 1 for communication serviceReceives response from layer n – 1

Layer 1

…

Layer n – 2

Layer n – 1

Layer n

Layer 1

…

Layer n – 2

Layer n – 1

Layer nLayer n protocol

Virtual peer transaction

Layer 1 protocol

Physical peer transaction

ServiceTransactions Layer n – 2 protocol

Virtual peer transaction


Encapsulation — Protocol HeadersLayer n – 1 protocol

Receives service request from layer nRequest = message to layer n peer agent

Adds layer n – 1 HEADER

Header = message to layer n – 1 peer agent

Protocol Data Unit (PDU) at layer n – 1 Message output from layer n – 1 protocolLayer n PDU + layer n – 1 header

Service Data Unit (SDU) at layer n – 1 Layer n PDU = random data for layer n – 1

Layer n – 1

Layer n

Layer n – 1

Layer n

Layer n – 1 SDU = Layer n PDULayer n –1 Header

Layer n PDU

Layer n – 1 PDU


Functional Analysis of CommunicationOpen System Interconnection Model (OSI)

DescriptionFunctionLayer

Physical

Data Link

Network

Transport

Session

Presentation

Application

Data transmission between neighboring hardware agents on physical channels (electrical, optical, radio, …)1

Control of data transmission between neighboring hardware agents (one hop)2

End-to-end data routing between host nodes via multiple hops3

Reliable end-to-end data exchange between host nodesPrevents data loss, errors, repetitions, ordering errors

4

Identification, separation, and continuity of multiple ongoing data transactions between software agents5

Syntax and semantics of exchanged data6

Exchange of data between user applications7


Example of OSI Functional LayersHypothetical OSI web browser

Example FunctionsLayer

Physical

Data Link

Network

Transport

Session

Presentation

Application

Data bits exchanged with next-hop data communication hardware on physical channels

Data bytes exchanged between host computer and next-hop data communication hardware

Find route to web server by network addressFile requests/data exchanged with server by network address

Each request/response checked for errors and completenessEach requested file provided to session layer without errors

Web page includes multiple graphic filesEach file requested and received as separate conversation

Encoding standard for Hebrew (Windows, UTF, ISO, …)

Browser provides GUI — requests web pages by URL


Internet Functional Model

Physical

Data Link

Network

Transport

Session

Presentation

Application

OSI Function CommentInternet

LayerOSI

Layer

Infrastructure

Network

Transport

Application

1

Internet protocols do not discuss physical data transmission

2

End-to-end data routing as in OSI3

4

Internet session management can be:Reliable — with transport serviceUnreliable — without transport service

5

6Application provides presentation service and some session service (transactions)

7

Ref: http://tools.ietf.org/html/rfc4949


Example of Internet Functional LayersTypical web browser

Example FunctionsLayer

Infrastructure

Network

Transport

Application

Network layer messages sent to Internet data communication equipment

File requests/data exchanged with server by network routing (RIP, OSPF, IGRP, BGP)Transfer data across network by network address (IP)

Each file request conversation identified for error control (TCP)Each requested file provided to session layer without errors

Browser provides GUI — requests web pages by URLTranslate (DNS) URL into network address (IP) for web server

Encoding standard for Hebrew (Windows, UTF, ISO, …)Web page includes graphic files

Each file requested/received as separate conversation (HTTP)


Internet PDUsProtocol Data Unit (PDU)

PDUMessageLayer

Signal

Frame

Datagram

Segment

Message

Bits

Header + Trailer

Header

Header

Data

Physical

Data Link

Network

Transport

Application

T-DLApplication DataH-TH-NH-DL

Headers added by layers 2, 3, 4 Trailer

Host-to-host data frame

network datagram

transport segment


Internet EndpointsNetwork Endpoint

Address of SOFTWARE AGENT running in HARDWARE AGENT

Network Address + Port

Physical connection

Identifies hardware device (node) in local network

Identifies computing node in global network

Software address identifies program exchanging data

Associates file descriptor with network endpoint

Communication IDLayerSystem Level

Physical

Data Link

Network

Transport

Application

Attachment

Hardware Address

Network (IP) Address

Port

Socket

Hardware

OperatingSystem

User

Well-known portsStandard services defined on ports 0 – 1023


Data Communication Equipment (DCE)

Physical

Data Link

Network

Layer

Modulator/demodulator (modem)Transmits and receives digital bits over physical medium

Manages physical transmission layerExchanges Frames among neighboring hardware agents

Receives Network Datagrams in Data Link FramesSends Datagrams in Data Link Frames to next hop on path to destination

Function DCE

Network Interface

Card

Switch(Hub)

Router

Ethernet Hub

WiFi Hub

Internet Router

Internet Core


Internet Hops

Host nodesApplication data (message) sent to Transport for reliable exchangeTransport segment sent to Network for addressing and routing

Intermediate nodesExamine Network datagrams for addressing and routingTreat Transport segment as meaningless data

Physical

Data Link

Network

Transport

Application

Physical

Data Link

Network

Transport

Application

Physical

Data Link

Network

Physical

Data Link

Network

Host Node

Host Node

Intermediate Nodes

hop hop hop


Network Zoo

Wide Area Networks (WAN)Public Switched Telephone Network (PSTN)

Local loop, backbone, PDH/SDH, ESS, ISDNPublic Switched Data Network (PSDN) — X.25

Broadband Integrated NetworkATM, B-ISDN, Frame Relay

Cellular 2.5G (GPRS/EDGE), 3G (UMTS, CDMA2000), 4G (WCDMA)

Local Area Networks (LAN < 2 km)Ethernet, WiFi, VLAN, token ring, token bus, FDDI, …

Personal Area Network (PAN < 20 m)Bluetooth, ZigBee, IrDA, …

Commercial network protocol stacksSNA, DECnet, Windows Networking, AppleNet, Netware, …

Many network types with specific protocol stacks


So, what is 'The Internet'?Internet = Inter-Networking

Protocols for connecting heterogeneous networks

Autonomous System (AS)Any network running its own protocol stack

Internet Gateway Runs network-specific protocol stack on ASRuns Internet protocols on connection to Internet core

Internet coreBackbone network of Internet routersConnected by dedicated links

Typical implementationHosts run network-specific protocols on internal ASHosts use Internet protocols for external messagesNo difference at infrastructure level

Gateway

Gateway

Internet Core

AS

AS


Intranet?Intranet

Using internet protocols in ASPure intranet

Internet protocols above Ethernet/WiFi LANWindows network

Uses Internet protocols for transport and addressingUses Microsoft protocols for message syntax, node location, …

Gateway

Gateway

Internet Core

Intranet AS

AS

Internet protocolsover Ethernet


Hey! Hey! You! You! Get Off of My Cloud

Cloud ≠ Internet ≠ NetworkNetwork

Collection of agents with single defined protocol stack

Internet Collection of agents using inter-networking protocols at layers 3 & 4

Cloud Business modelOrganization A rents computing service from provider COrganization A offers service to user B via provider C network

words and music: Mick Jagger and Keith Richards

ProviderC

Massive Computing

Infrastructure

OrganizationA

No Computing Infrastructure

UserB

Client Computing

Infrastructure

BusinessContract

ServiceOffer

ServiceUse

ServiceConfiguration


Why Cloud Computing?Outsourcing service model

User gets computing services from service providerService Level Agreement (SLA) guarantees customer serviceProvider handles operations+administration+maintenance (OAM)

Business advantages to organization Economies of scale — large provider can do it cheaperCuts labor/capital costs from balance sheet → happy investors

Based on standard technologiesCloud service organized from conventional resources

Hardware + software + networkProvider offers menu of services

Not a fundamentally different computing technologyUnique technological issues

Service reliability — provider committed to SLAOptimization of provider-side resource configurationOptimization of user-side resource configuration


Service Configuration in Cloud ComputingInfrastructure as a service (IaaS)

Organization sees virtual hardware environment Real hardware or hypervisor / system virtual machine

Organization installs OS → installs software → user runs jobs

Platform as a service (PaaS)Organization sees virtual OS environment

OS on single hardware platform or virtual OS

Organization installs software → user runs jobs

Software as a service (SaaS)Organization sees virtual application software environment

Applications running on private OS or "sandboxed" on shared OSSandbox — private execution environment per application instance

User runs jobsStorage as a service (STaaS)

User sees virtual mounted storage device


Centralize → Decentralize → Centralize → ?1950s — 60s

Centralized mainframe computer + multiple OS instances over hypervisorTimesharing OS serves multiple usersUser sees OS environment via dumb terminal (thin client)

1970s User applications offloaded to minicomputers + timesharing servicesUser sees timeshared OS environment via dumb terminal

1980sUser applications offloaded to personal workstations (PC)User sees single-user OS environment running locally

1990sNetwork single user workstations User sees single-user OS environment running locally

2000sCentralized control of local OS environment by IT departments

2010sCloud + netbook / tablet / smart phone — dumb terminal with high-res GUI


Issues in Cloud ComputingCost

Provider issuesEconomies of scale ⇒ lower cost per compute job

Organization issuesCapital + OAM costs → operating costsLower start-up costs ⇒ operating debt

Reliability Provider issues

Redundant infrastructure → continuity + disaster recoveryCentralized management of OAM, security, performanceVirtualization → serve multiple users on physical serverMultitenancy → provide multiple sandboxed application instances on OS

User sees guaranteed serviceAgility

Organization / provider reconfigure service as needed Growth, load balancing, time-zone serving


Cloud OwnershipPublic cloud

Service provider as public utility — sells / rents computing serviceInitial providers leverage large existing infrastructureAmazon, Microsoft, Google, IBM

Menu of services at fixed prices

Private cloudCloud infrastructure for private organizationManaged internally or outsourcedIsolates service developers from implementation issues

Standard development platform

Requirements for economic justificationLarge organization Technology-based servicesFrequent new serviceExample — internet content provider


Programming in the CloudDepends on environment

IaaS — Organization sees virtual hardware environmentPaaS — Organization sees virtual OS environmentSaaS — Organization sees virtual application software environment

IBM BluemixSaaS from IBMFree accounts for students using [email protected] addressBluemix DevOps Services

Develop, track, plan, and deploy software on IBM cloud serviceCollaboration tools — Git, Jazz SCM, GitHubBuild application → deploy to IBM cloud Supports

Arduino, C, C#, C++, CSHTML, Embedded, JavaScript (ejs) Erlang, Go, HTML, abstraction markup language (Haml) Jade, Java, JSON, Lua Objective‐C PHP, Python, Ruby, Swift, Virtual, Basic (vb) VMHTML, XHTML, XML, Xquery, yaml, Launch, file Dockerfile, gitignore, git config, cfignore

"You can go from source code to a running app in minutes."


Some Internet ProtocolsApplication layer transactions

Hypertext Transfer Protocol (HTTP)

Transport layer Transport Control Protocol (TCP)

Reliable transport service

User Datagram Protocol (UDP)Unreliable transport service

Network layerInternet Protocol (IP)

Node addressing

Internet Control Message Protocol (ICMP)Messages about messaging

Routing protocols (RIP, OSPF, IGRP, BGP)Learn network topology for message forwarding

792ICMP

791IP

768UDP

793TCP

2616HTTP

RFCProtocol

RFC — Internet standard


What Internet Protocols Do

Hypertext Transfer Protocol (HTTP)Application layer transactions

Some examples

Responses

Requests

Status of transactionStatus

Contents of requested fileData

Delete file by nameDelete

Replace file by namePost

Retrieve file by nameGet



Domain Name Service (DNS)Translates node name to Internet address (and vice versa)

Example

Some examples

c:\> nslookup www.hadassah.ac.ilName: www.hadassah.ac.ilAddress: 212.179.79.228



Transport Control Protocol (TCP)Reliable transport service

SenderLabel source and destination software by port numberNumber outgoing segmentsWait for ACK (acknowledgment) for outgoing segmentsRetransmit segments if no ACK before timeout Negotiate segment size (for error and congestion control)

ReceiverCheck completeness and order of incoming segments Check incoming segments for errorsSend ACK for good segmentsProvide good incoming segment to destination software

Some examples



Internet Protocol (IP)Best effort network serviceNo guarantee of delivery

IP version 4 addressFour octets 0.0.0.0 to 255.255.255.255 (many reserved addresses)

SenderAttach source and destination network addresses to segmentRoute IP datagram to next hop along route

Receiver Intermediate node — route IP datagram to next hop along routeHost node — provide segment to transport layer

Some examples


Network Infrastructure

ScaleWide Area Network (WAN < earth)Local Area Network (LAN < 2 km)Personal Area Network (PAN < 30 m)

Medium

Traffic statisticsConstant Bit Rate (CBR) — peak data rate = average data rateVariable Bit Rate (VBR) — peak data rate > average data rate

Layers 1 + 2 — bits, bytes, signals, cables, electronics

Copper wire and cableElectrical signals

Requires legal right to transmit radioOpen space

Radio wave signals

Requires legal right to install cablesOptical fiber

Light wave signals


Connectivity = Medium + Topology Point-to-point

Dedicated link from node to nodeFastest and most complex

SwitchDedicated link from node to switchSwitch connects nodes on request

Non-blocking provides n × (n – 1) connectivityBlocking provides n × m connectivity (m < n – 1)

Shared mediumNodes share medium accessContention

Nodes compete for access

PollingCentral controller polls nodes

bus

wireless


Physical Transmission Serial data rate at physical layer

Bits per second = bps = b/sBytes per second = B/s1 B/s = 8 b/s

Capacity (bandwidth)Maximum data rate on mediumFixed by transmitter / medium / receiverLimits

Speed of circuitsSignal to noise ratio (SNR)

01


Physical Transmission Throughput

Takes account ofUtilization = % time transmitter sendingErrors ⇒ re-transmission ⇒ more data on same capacityDelays ⇒ less data received on same capacity

2 3 1 4

utilization = 10 / 16 = 62.5%

0 16

bit errors

bits received

error-free data received per secondthroughput

capacity=


Baud Rate

SymbolPhysical signal that encodes bits

Symbol rate (Baud rate)Symbols transmitted per second

Bit transmission rateBits transmitted per second = (symbols / second) × (bits / symbol)

ExamplePulse amplitude modulation (PAM)Define 2N electrical levels from 0 to 11…1Each symbol (level) transmits N data bits

0001

1011

N = 2 (4 Level) PAM1.00 V

0.50 V

0.75 V

0.25 V

Symbols per second


Baud Rate

33 kbps dial-up modemDefine 210 = 1024 electrical symbols (max for SNR on phone line)Baud rate = 3300 symbols / second

Bits transmitted per secondData rate = (3300 symbols / second) × (10 bits / symbol)

= 33,000 bps

0000000000

00000000010000000010

1111111111

N = 10 (1024 Level) PAM

...

Symbols per second


Data Concentration High capacity link

No single node can utilize link capacityExample

Optical fiber cable with 4 fibers at 25 Gbps = 100 Gbps

Multiplexing Combine multiple nodes onto one linkExample

Optical fiber with 25 Gbps data rateCombine 25 nodes transmitting at 1 Gbps

25 inputsat 1 Gb/s

1 output at25 Gb/s

Multiplexor


Multiplexing MethodsFrequency Division Multiplexing (FDM)

Divide available frequencies (bandwidth) among nodesNodes transmit simultaneously on different frequencies

ExampleFM radio uses 88 MHz to 108 MHz = 20 MHz bandwidthDivide 20 MHz into 100 channels = 200 kHz per FM channel

88 91.3 93.9 95.5 96.6 97.8 101 104.8 MHz

88 מ וס י קה צ"ג ל ' ב צ"ג ל ' ג י ר ושל ים ' ד


Multiplexing MethodsTime Division Multiplexing (TDM)

Divide capacity into time slotsNode transmits in assigned time slot

ExampleE1 digital line transmits at 2048 kbpsDivide 2048 kbps line into 32 time slots = 64 kbps per node

32 x 64 kbps = 2048 kbps = 2.048 Mbps

32 inputsat 64 kbps

1 output at2.048 Mbps

Multiplexor

32 outputsat 64 kbps

1 input at2.048 Mbps

Demultiplexor


E1 Multiplex

1125 s/sample

8000 samples/second= μ

32 inputsat

8000samples/sec

1 output at32 x 8000 x 8 bps = 2.048 Mbps

byte from line 0

byte from line 1

byte from line 2

byte from line 31

0 1 2 ... 31

125 sμ

Every 125 sec multiplexor (MUX)

receives 8‐bit sample from each line

(isochronous)

μ

125 sec/frame3.91 sec/sample

32 samples/frameμ

= μ


GSM CellularMixed Multiplexing

Time Division Multiple Access (TDMA)Used on GSM / UMTS phones — 2G and 3GCombines FDM and TDM

Frequency Division Multiplexing (FDM)GSM bands = 25 MHzDivide 25 MHz into 125 channels = 200 kHz per channelTransmit 270 kbps over 200 kHz channel

Time Division Multiplexing (TDM)Divide 270 kbps into 8 times slots = 33 kbps per user33 kbps = 23 kbps for voice + 10 kbps control


Data Statistics — CBRConstant Bit Rate (CBR)

Isochronous data Equal time interval between bitsBits per second = constant

Average data rateAverage data rate = peak data rate = minimum data rate

ExampleUncompressed digital audioSample analog signal every T seconds

Round-off sample to N-bit number from 0 to 2N – 1

Digital audio stream at N / T bps


Digital Voice on Telco Telephone Sample analog voice signal every 0.125 ms

0.125 ms per voice sample ⇒ 8000 voice samples / second

Round-off sample to 8-bit data

Data ∈ {0, 1, 2, ... , 255}Sample = {158.276, 158.879, 159.724, 159.821, 159.312, 158.791}Data = {158, 159, 160, 160, 159, 159}

DS-0 stream(8000 samples / second) × (8 bits / sample) = 64 kbps64 kbps digitized voice (no compression)

158159

160 160159 159

157

158

159

160

161

t


Multiplexing StatisticsDeterministic multiplexing (CBR)

N Nodes = N time slotsNode reserves fixed time slot

Guaranteed transmission capacityNode transmits in assigned time slot

Example E1 multiplex for wired telephone — 32 x 64 kbps = 2048 kbpsE2 multiplex — 4 x 2048 kbps = 8192 kbps

N Nodesassigned

fixedtime slot

DeterministicMultiplexor

N time slots at B bps

N x B bps


Data Statistics — VBR Variable Bit Rate (VBR)

Bursty dataPeak data rate B > average data rate λAssume packets are independent (Poisson statistics)

ExampleData sent by time-of-day client

Request time-of-day (1000 bits) once every hour (3600 seconds)Average data rate = 1000 bits / 3600 seconds = 0.28 bps

Peak data rate = 55 Mbps on 802.11g WiFiPeak data rate 55 Mbps > average data rate = 0.28 bps

( )

( ) ( )

, ,

, ,!

kT

P k T kT

TP k T e

kλ

λ

λ

λλ −

=

=

probability of bits arriving

in seconds when average rate =


Multiplexing StatisticsStatistical multiplexing (VBR)

M nodes > N time slotsBursty data

Average data rate λ < peak data rate B

Average traffic rate = M x λ < capacity rate = N x BActual traffic < capacity ⇒ OK

Actual traffic > capacity ⇒ data delayed or lost

Example Internet routers

M Nodesrequest

time slots

StatisticalMultiplexor

M > N time slots at B bps

N x B bps


Overflow in VBROverflow

Actual traffic > capacity Short time (a few time slots) ⇒ data delayed

Long time (many time slots) ⇒ buffer overflow ⇒ data lost

Overflow probabilityAverage traffic rate = M x λ

Average data arriving in time T = M x λ x T

Capacity rate = N x BData capacity in time T = N x λ x T

Overflow in time TActual data arriving in time T > N x λ x T

N x λ x T + 1 or N x λ x T +2 or N x λ x T +3 or ...Independent outcomes

( ) ( ) ( ) ( )

1

1 2 ...!

overflow∞

− λ

= λ +

λ= λ + λ + = ∑

k

k

P P or or ek

M T

N T

M TN T N T


SwitchingSwitch

Multiplexor + DemultiplexorData at input_porti → output portji,j = 0, 1, 2, ... , N - 1

Example

N inputs x B bps= N x B bps

N outputs x B bps= N x B bps

Capacity = C bps

switch

1

2

3

4 1

2

3

4


Circuit SwitchingDeterministic multiplexing

Capacity C = N × BDedicated (reserved) link

input_porti → output portjNo competitionGuaranteed capacity B — if used or not

ExampleBezeq phone call64 kbps from telephone to telephone (even if no one speaks)



Capacity = C bps

switch


Packet SwitchingStatistical multiplexing

Capacity C = M × B < N × BDynamical time slot assignment (on request)

input_porti → output portjCompetition

More ports than capacity

Demand > capacity ⇒ delay

ExampleInternet routerPacket queue — first come first served



Capacity = C bps

switch


Connection TypesConnection

State machine associated with data exchange

Connection-orientedFirst set-up data channelMultiple data transactions associated with connection stateMonitor channel state during data exchangeClose channel after data exchangeExample — phone call

Enter number → answer call → extended conversation → disconnect

ConnectionlessTransmit data with no prior channel set-upNo channel state defined by nodesEach message independentExample — email message

Send email → hope message arrives → hope message is found / read


Datagram Service Network of routers and links

Packet switchingConnectionless

Each datagramHas source and destination address in header

Data Link header or Network header

Routed individually through networkDatagrams may follow separate routesExample

B → 1 → 4 → 6 → FB → 1 → 5 → 6 → F

AB

C

E

F

D

1

2 3

4

5

6

datasrc = B dest = F


Switched Virtual Circuit (SVC) Network of switches and links

Circuit switching or packet switchingConnection-oriented

Switched Virtual Circuit (SVC) Set-up / close messages carry source and destination addresses

Example

Packet routing by VC ID in header (layer 2 or layer 3)Every packet follows same VC route Example

AB

C

E

F

D

1

2 3

4

5

6

Set-up VC – 1: B → 1 → 4 → 6 → F

dataVC – 1


A to D — circuit mode (deterministic SVC)B to E — packet mode (statistical SVC)B to F — packet mode (statistical SVC)C to F — packet mode (datagram service)

Switching Example

AB

C

E

F

D

1

2 3

4

5

6


Transmission Delay

Transmission delay TT

TT = Time to inject bits into line = (bits in packet) / (bits per second)

Processing delay Tproc

Packet process time in intermediate nodeSVC with fixed route ⇒ shorter delay than datagram routing

Propagation delay Tprop

Tprop = (length of cable) / (signal speed)

Queuing delay TQ

Time packet waits in buffer for previous packets (congestion)TQ = (service time per packet) × (packets waiting in buffer)

Example: 1000 Mb / 100 Mbps = 10 sec

Example: 4 km / (2 × 108 km/s) = 2 × 10-8 sec << 10 sec

TT TpropTQ NodeTprocNode


Example of Queuing Delay

Queuing delay TQ

TQ = (service time per packet) × (packets waiting in buffer) Packets waiting in buffer = 1 / (1 – utilization)

Queuing delay exampleService time per packet = 10 ms / packet

Service rate = 1 / (10 ms / packet) = 100 packets / secondAverage traffic = S = 85 packets / second

Utilization = (85 packets / second) / (100 packets / second) = 0.85Buffer level = 1 / (1 – 0.85) = 6.67

TQ = (10 ms / packet) × 6.67 packets = 67 msC = switch capacity = service rate = 100 packets / second

Demand > 100 buffer ⇒ overflow ⇒ excess delay

( ) ( ) 85

1 1 101

85 0.05! !

demand demand k k

S

k C k C k

SP C P k e ek k

∞ ∞ ∞− −

= + = + =

> = = = = =∑ ∑ ∑

TT TpropTQ NodeTprocNode


Error ControlBit error

Data 1 received as 0 or data 0 received as 1

Packet LossCongestion or buffer overflow → packet discarded

Error detectionError correction code / redundancy code / checksumChecksum transmitted with data in header / trailerReceiver compares independent hash with transmitted code

Error controlRequired

Discard corrupt packet

Optional Retransmit discarded / missing packets

bit errors in received dataBit Error Rate (BER)

bits in received data=

packets lostPacket loss rate

packets transmitted=


Network ScalePrivate network

Small Office / Home Office (SOHO) Small number of computers in a few roomsSimple Ethernet / WiFi LAN

EnterpriseMany nodes in large building / campusComplex Intranet

Access networkProvide user connection to Internet coreInfrastructure provider manages layers 1 and 2Internet Service Provider (ISP) manages layers 3 and 4

Internet coreNetwork of routers and links at layer 3Infrastructure provider manages links at layers 1 and 2Links are typically built over complex network systems


Private Networks Simple Ethernet / WiFi LAN

Ethernet switching hub4 to 16 nodesFull connectivity (non-blocking)10 / 100/ 1000 Mbps

WiFi hubMore nodes lowers performanceNodes compete to transmit to hub11 / 54 / 100+ Mbps

Complex IntranetMultiple LAN hubsHubs connected

Directly (bridging)Indirectly (routing)


Non‐Private Networks

Service infrastructure Routing + accounting nodes in office buildings

Link infrastructure Cables + radio channels on public / private property

Legal and licensing issues

Controlled by companies in cable businessesTelephone companies (Telco)Cable TV companies Electric companies Railroads companies

Choices for small business Intranet at 3 locationsPay service provider monthly Or

Purchase LAN hubs and routersLease cables from Telco

Access + core


Telephone Network

Local loopWired connection to most buildingsCan carry 1 Mbps (up to 4 km) to 25 Mbps (up to 300 m)Voice network

Analog voice channel from 300 to 3300 HzDigitized voice at 64 kbps

Local presence (central office) in every neighborhoodLocal loop attached to non-blocking switches

Tree network of switchesCentral offices connect to regional offices on fiber optic backbone

Global broadband switched virtual circuit (SVC) networkCircuit mode switches (ESS7) for 64 kbps voiceCircuit / Packet mode layer 2 switches (ATM) up to 2.5 GbpsPrivate routers throughout network for Internet traffic

It's everywhere


Telephone Network

local loop

fiber optic cables

fiber optic cablesup to 40 Gbps

ESS ATM

Central Office

Router

local loop

ESS ATM

Central Office

Router

local loop

ESS ATM

Central Office

Router

switched virtual circuit (SVC)network

up to 2.5 Gbps


Cellular NetworkWireless to base station — uses Telco network for WAN service

Base System (BS)

Telco VoiceNetwork

CellController

ClusterController

Mobile SwitchingCenter (MSC)

Public Land Mobile Network

Mobile Station(MS)

HLRVLR

CellCluster

GPRS

Internet

SGSN

GGSN

Voice

Data


SOHO Access Networks Dial-up modem (modulator / demodulator)

Converts digital bits from computer to analog signals for phone lineUser modem connects to ISP modem by phone call56 kbps downstream / 33 kbps upstream

Digital Subscriber Line (DSL)FDM on local loopVoice channel connected to telephone voice networkData channel — 15 Mbps downstream / 750 kbps upstream

ATM link between DSL modem and Telco central officeDatagrams routed to ISP on Telco router network

Cable modemFDM on TV cableTV channels connected to TVData channel — 30 Mbps downstream / 2 Mbps upstream (shared)

Ethernet link between cable modem and cable head officeDatagrams routed to ISP on Telco router network


Enterprise Access Networks Leased line

Telco line to DCE on customer premises2.048 Mbps to 40 GbpsCarrier Ethernet — Ethernet extensions for metropolitan networks

Asynchronous Transfer Mode (ATM)Telco system for broadband switched virtual circuits (SVC)Optimized for multimedia transmissionLayer 2 ATM switch on customer premisesTelco line up to 2.5 Gbps

Frame Relay (FR)Telco system for broadband permanent virtual circuits (PVC)Layer 2 FR switch on customer premisesTelco line up to 45 Mbps

WiMaxWireless metropolitan networkApplies cellular technology for 40 Mbps data


Internet Core Internet backbone

Collection of core routers and fast links

Core routerFast router with very high I/O capacityUp-to-date routing protocolsHandle multiple layer 1 and layer 2 protocols

Fast linksVarious layer 2 protocolsSome simpleSome complex

Simple Layer 2 ProtocolFiber Optic Cable

Complex Mixture of Protocolsand Physical Media

Internet Core


Documentation Standards

Formal documentation of systems, algorithms, protocolsAdopted by international committeesRecord technical background and implementation requirements

Standards organizations

American National Standards InstituteUS government standards organization

ANSI

Association of Computing Machinery ACM

Internet Engineering Task ForceThe Internet Society inherited Internet from US government in 1989Internet standards called RFC (request for comment)Available at http://www.ietf.org/rfc.html

IETF

Institute of Electrical and Electronics EngineersIEEE

International Telecommunications Union - Telecommunications SectorUnited Nations standards organization (formerly CCITT)

ITU-T

International Standards OrganizationOrganization of governmental standards organizations

ISO

1Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015

Application

Layer


Application LayerApplication layer

Application layer issuesWhat data transport service does application need?

Quality of service (QoS)Measurable network parametersQoS requirements determine transport requirements

How does application hand data to transport layer for delivery?Socket interface

OS call opens Internet connection to program on remote nodeSocket API — application sees remote program as open file

"The user runs an application program. The program selects the data transport service it needs — either a sequence of data messages or a continuous stream of data — and hands application data to the Transport Layer for delivery."

RFC 4949 — Internet Security Glossary


Quality of Service (QoS) Network parameters

Bit error rate (BER)< 10-9 on fiber optic cable< 10-3 on wireless

Packet loss rateDepends on congestion control policy

Error control

Dynamic variations inData rate / propagation delay ΔTtrans

Queuing delay ΔTQ

Processing delay ΔTproc

Delay variation(jitter)

End-to-end transmission time for one bitHigh data rate ⇒ lower transmission delay Ttrans

Congestion / priority ⇒ longer queuing delay TQ

Datagram service ⇒ longer processing delay Tproc

Delay

Physical transmission speed in bpsData rate


QoS and Network PoliciesData Rate

DelayTimeDelay

Variation

ErrorControl

TransmissionSpeed

AccessDelay

CongestionControl

PriorityControl

ConnectionType


QoS Requirements for Various Services

Service Speed Error Control

Delay Delay

Variation

e‐mail — good — —

file transfer

NFS

database access

reasonable maximum reasonable reasonable

voice fast good very small very small

video

real time control very fast good very small very small


QoS and Transport Trade-Off

Reliable TransportGenerally preferred when possible

Unreliable TransportUsed when

Some data loss tolerable Delay or jitter intolerableExample — video delivery

Datagram StreamSocket type

None Error correction, packet ordering, congestion control, session state

management

Processing overhead

Connectionless Connection-orientedConnection

No error correction Error-freeError control

UDPTCPProtocol

Unreliable TransportReliable Transport


Application / Transport InterfaceApplication requests service from transport layer

Receives Application layer PDU — data for transportInterface Control Information (ICI)

Service requirements Local + remote endpoints

Prepare Transport service requirementsData for transportLocal endpoint — node address + service portRemote endpoint — node address + service port

Transport Layer

Application Layer


Berkeley Sockets Networking API

De facto standard on Unix / Linux / Apple systemsApplication performs communication like file I/O

Description of connection between client / server processesProtocol + source endpoint + destination endpoint

Association

Address + port of software process (local / remote)Endpoint

Remote (foreign) nodeDestination

Local nodeSource

Internet address of local / remote node Address

OS resources associated with protocol + endpointServer side — socket ID points to service offered to remote nodesClient side — socket ID points to connection to remote service

Socket

ID number of client / server softwarePort


Socket System Calls

Open connection to remote service and associate with socket

Client Side

Connect

Associate port with socketBind

Terminate socket

Local process reads data from socket (OS buffer from remote node)

Local process sends data to socket (OS forwards to remote node)

Create new socket associated with protocol at local address

Client and Server

Socket

Send

Receive

Close

Accept remote connection to local service socketAccept

Prepare to accept remote connections to local service socketListen

Server Side


Socket Calls — Between App and OSSocket, Bind

OS creates resources for network connectionOS returns to App socket descriptor (socket ID)

Listen Server OS makes service available

ConnectClient OS attempts connection to service

AcceptServer OS creates new connection socketServer OS returns new descriptor to AppListen socket continues to listen

SendApp sends data to OS, pointed at socketOS transmits data on associated connection

ReceiveApp requests data from OS socket bufferOS returns data to AppPHY

OS

App

call

return

SocketCalls

OSActivity

Socket ID points to OS resources


ConnectionServerClient

= socket(domain, type, protoc_ID col)

connect( , service_endpoc_ID int)

connection set‐up

address type service type

= socket(domas_ in, type, protID ocol)

bind( , s_endpoint, s_endpoint_s_ID len)

s_IDlisten( , backlog)

= accept( , c_endpoint, endpoint_s s_ID len)

send( , data, len, s flags)

data

receive( , buffer, len, flc_ID ags)

bind( , c_endpoint, c_endpoint_c_ID len) If client skips bind()OS sets a default port


Node AddressesIPv4 — Internet Protocol version 4

32-bit address 4 octets (bytes) written in decimal — A.B.C.D

0 ≤ A, B, C, D ≤ 255Disconnected intranet addresses 10.x.x.x and 192.168.0.x

Usable in any local intranetNot used in global Internet (between intranets)Network Address Translation (NAT) at gateway router

Permits sharing one external IP address for entire Intranet

127.0.0.1Loopback address used for testingAddress alias for "this node"

IPv6 — Internet Protocol version 6128-bit address Repairs service flaws in IPv4


PortsClient (source) port

Client can assign any unused port number 1024 ≤ port ≤ 65,535Well-known port (destination port) — standard services

Assigned by Internet Assigned Numbers Authority (IANA) Examples

Domain Name Service53dns

Comment PortService

http protocol over TLS/SSL443https

Internet Message Access Protocol143imap

Post Office Protocol ‐ Version 3110pop3

World Wide Web HTTP80http

Simple Mail Transfer25smtp

Telnet23telnet

The Secure Shell (SSH) Protocol22ssh

File Transfer [Control]21ftp

File Transfer [Default Data]20ftp‐data


TelnetTelnet Protocol — RFC 854

Text-oriented reliable communication over TCPTelnet client forwards user text to serverTelnet server provides remote login

Command line user interface (CLI) on remote node

Telnet programImplements telnet client protocolConnect to telnet server (port 23) on server node

$ telnet node

Connect to port port on server node$ telnet node port

Example Connect to Google web server on HTTP (port 80)$ telnet www.google.com 80


HTTP — Hypertext Transfer ProtocolStateless transaction protocol

Client request formulated in ASCII (printable) textServer response formulated in MIME structuresNo stored data on prior transactions

MIME — Multipurpose Internet Mail ExtensionsText in non-ASCII character setsNon-text attachmentsMultipart message bodies

HTTP/1.0Non-persistent connection

One transaction per TCP connection

HTTP/1.1Persistent connection

Multiple transactions on same TCP socket

Pipelined transactionsMultiple requests without waiting for response


HTTP Requests Simple requests

Defined in HTTP1.1 for HTTP/1.0 compatibilityRequest: single line — GET, POST, HEADResponse: raw page without MIME headers

Full requestsMulti-line request format

Request-Line format

Incidence Line

OptionalMessage-body

Blank lineCRLF

Zero or moreMessage-header CRLF

One Request-Line

CRLFHTTP-VersionSpRequest-URISpMethod

Function Method

tunneling via proxyCONNECT

echo back messageTRACE

delete pageDELETE

append to resourcePOST

store pagePUT

get page headerHEAD

get pageGET


Full Request Example

CRLF

Header lines

Request line

\r\n

Connection: keep-alive\r\n

Keep-Alive: 115\r\n

Accept-Charset: ISO-8859-1,utf-8;q=0.7\r\n

Accept-Encoding: gzip,deflate\r\n

Accept-Language: en-us,en;q=0.5\r\n

Accept: text/html,application/xhtml+xml\r\n

User-Agent: Firefox/3.6.10\r\n

Host: www-net.cs.umass.edu\r\n

GET /index.html HTTP/1.1\r\n


HTTP ResponsesGeneral structure

Status line structure

ExampleHTTP/1.1 200 OK\r\nDate: Sun, 26 Sep 2010 20:09:20 GMT\r\nServer: Apache/2.0.52 (CentOS)\r\nLast-Modified: Tue, 30 Oct 2007 17:00:02 GMT\r\nETag: "17dc6-a5c-bf716880"\r\nAccept-Ranges: bytes\r\nContent-Length: 2652\r\nKeep-Alive: timeout=10, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=ISO-8859-1\r\n\r\ndata data data data data ...

Zero or moreData

Zero or moremessage-header CRLF

One Status Line

IncidenceLine

CRLFdescriptionSpstatus codeSpHTTP version

Headers

Status line

Data


HTTP Response Codes

HTTP Version not supported505Forbidden403

Gateway Time-out504Payment Required402

Service Unavailable503Unauthorized401

Bad Gateway502Bad Request400

Not Implemented501Temporary Redirect307

Internal Server Error500Use Proxy305

Expectation Failed417Not Modified304

Requested range not satisfiable416See Other303

Unsupported Media Type415Found302

Request-URI Too Large414Moved Permanently301

Request Entity Too Large413Multiple Choices300

Precondition Failed412Partial Content206

Length Required411Reset Content205

Gone410No Content204

Conflict409Non-Authoritative Information203

Request Time-out408Accepted202

Proxy Authentication Required407Created201

Not Acceptable406OK200

Method Not Allowed405Switching Protocols101

Not Found404Continue100


Telnet into Web Server$ telnet www.hadassah.ac.il 80Trying 212.179.79.228...Connected to hathi.hadassah.ac.il.Escape character is '^]'.GET / HTTP/1.0

HTTP/1.1 301 Moved PermanentlyContent-Length: 158Content-Type: text/htmlLocation: http://www.hadassah.ac.il/main.htmlServer: Microsoft-IIS/6.0X-Powered-By: ASP.NETDate: Tue, 05 Jul 2011 09:01:35 GMTConnection: close

<head><title>Document Moved</title></head><body><h1>Object Moved</h1>This document may be found <a

HREF="http://www.hadassah.ac.il/main.html">here</a></body>Connection closed by foreign host.

open connection to Hadassah web server

Simple request for index page CRLF

Server response


emailSimple Mail Transfer Protocol (SMTP)

Defined in RFC 5321

OS

SMTP clientLocal user mailboxPOP/IMAP server

OS

SMTP server

mail

Post Office Protocol (POP3)Defined in RFC 1939 + 2449 + 1734Server access with user authenticationDownload / delete messages

Internet Message Access Protocol (IMAP)Defined in RFC 2060Server access with user authenticationRead / delete / organize messages


email Use CasesUnix/Linux mail

Mailbox assigned to each user accountSMTP client sends message → SMTP server → local user mailbox

Outlook/Thunderbird mailUser mailboxes on mail server (host)Outlook/Thunderbird runs SMTP client + POP3/IMAP clientsSMTP client sends message → SMTP server on user-1 mail hostSMTP client sends message → SMTP server on user-2 mail hostPOP3/IMAP client gets message ← POP3/IMAP server on mail host

WebmailUser composes mail on web serviceWeb service sends mail from SMTP client → user-2 SMTP serverUser read mail on web service IMAP client

user‐1 mail host mail host user‐1SMTP SMTP POP3

SMTPclient

SMTPclient

POPclient

SMTPserver

SMTPserver

POPserver


Telnet to SMTP Server$ telnet mail.bezeqint.net 25Trying 192.115.106.15...Connected to mail.bezeqint.net.Escape character is '^]'.220 sa14.bezeqint.net ESMTP Bezeq International SMTP out Mail Server

helo [email protected]

250 sa14.bezeqint.netmail from:<[email protected]>250 2.1.0 Okrcpt to:<[email protected]>250 2.1.5 Okdata354 End data with <CR><LF>.<CR><LF>this is a line of a message

.

250 2.7.1 Ok, discarded, id=13560-10 - SPAM500 5.5.2 Error: bad syntaxquit221 2.0.0 ByeConnection closed by foreign host.

open connection to Bezeqint SMTP server

introduce user

begin new message

recipient

begin message body

message body

give up

busted!


Telnet to POP3 Server — 1$ telnet mail.bezeqint.net 110Trying 192.115.106.15...Connected to mail.bezeqint.net.Escape character is '^]'.+OK Bezeqint POP3PROXY Ready 00020c4fuser **********+OK USER ********** set, matepass **********+OK Maildrop locked and readylist+OK scan listing follows1 5007802 4432.

open connection to Bezeqint POP3 server

POP3 commands

end sessionQUIT

undeleteRSET

deleteDELE msg

download header + linesTOP msg lines

download messageRETR msg

size of messagesLIST

number of messagesSTAT

passwordPASS

user idUSER


Telnet to POP3 Server — 2top 1 0+OK 500780 octetsReturn-Path: <[email protected]>Received: from m5.bezeqint.net (m5.bezeqint.net [192.115.104.85])

by mas27.bezeqint.net (MOS 3.8.6-GA)with ESMTP id HRK58842;Mon, 4 Jul 2011 14:19:51 +0300 (IDT)

Received: from baloo-new.hadassah-col.ac.il (EHLO bagheera.hadassah.ac.il) ([212.179.79.229])by m5.bezeqint.net (MOS 4.1.9-GA FastPath queued)with ESMTP id KHN24377;Mon, 04 Jul 2011 14:19:50 +0300 (IDT)

Content-class: urn:content-classes:messageMIME-Version: 1.0Content-Type: multipart/mixed;

boundary="----_=_NextPart_001_01CC3A3C.603293DC"Subject: =?windows-1255?B?5Obu8OQ=?=Date: Mon, 4 Jul 2011 14:18:25 +0300Message-ID: <27B903C4A7521E47B76F1C36B1CE5ED903044469@arathorn.hadassah-col.ac.il>From: "Simcha Rozen" <[email protected]>To: <[email protected]>, <[email protected]>, <[email protected]>,

<[email protected]>.quit+OKConnection closed by foreign host.

request header of message 1 with 0 lines of message body

end session


File TransferFile Transfer Protocol (FTP)

Transfer files between client and serverSeparate control (port 21) and data (port 20) connections

FTP server Accesses file system on server nodeProvides Unix-like directory services to clientOpens, reads, copies file contents to service socketCreates, writes file contents from client socket

FTP clientRequests directory servicesSends / receives files

Active modeClient sends client IP address and port number to server Server initiates TCP data connection

Passive modeServer sends IP address and port number to client Client initiates TCP data connection


FTP CommandsAbout 80 commands

ftp> helpCommands may be abbreviated. Commands are:! dir mdelete qc site$ disconnect mdir sendport sizeaccount exit mget put statusappend form mkdir pwd structascii get mls quit systembell glob mode quote suniquebinary hash modtime recv tenexbye help mput reget tickcase idle newer rstatus tracecd image nmap rhelp typecdup ipany nlist rename userchmod ipv4 ntrans reset umaskclose ipv6 open restart verbosecr lcd prompt rmdir ?delete ls passive runiquedebug macdef proxy send

Some common commands

Change local directorylcdTransfer multiple files using wildcardsmget / mputTransfer local file to remote system putTransfer remote file to local systemgetTerminate ftp sessioncloseConnect to remote ftpopenSend command to local system!


Domain Name System (DNS)Address resolution

Converts between node name and node IP address

$ nslookup www.hadassah.ac.ilServer: 10.0.0.180Address: 10.0.0.180#53

Non-authoritative answer:Name: hathi.hadassah.ac.ilAddress: 212.179.79.228

$ nslookup 212.179.79.228Server: 10.0.0.180Address: 10.0.0.180#53

Non-authoritative answer:228.79.179.212.in-addr.arpaname = bzq-179-79-228.static.bezeqint.net


Domain Name SpaceHierarchal tree

Tanenbaum, p. 623

hathi.hadassah.ac.il

)ISOC-IL(איגוד האינטרנט הישראלי

)א"מ חב (הבינאוניברסיטאימ רכז ה חישובים

Hadassah College domain

Named server in Hadassah College domain

countryil

academicac

organizationhadassah

serverhathi


Address Resolution Hierarchy

Local Node

NameCache

Resolverrequest

response

Resolver

Default Name Server

Foreign Name Server

request

response

Local Hierarchy

Forwarder Higher in hierarchy


Hierarchical Name ResolutionHost OS

Resolves addresses using default name server

c:\>ipconfig /allEthernet adapter Ethernet:

...IP Address. . . . . . . . . : 10.0.0.5Default Gateway . . . . . . : 10.0.0.138DNS Servers . . . . . . . . : 10.0.0.11

c:\>nslookup www.hadassah.ac.ilServer: dns.homeAddress: 10.0.0.11Non-authoritative answer:Address: 212.179.79.228Name: www.hadassah.ac.il

$ cat /etc/resolv.conf# Generated by NetworkManagersearch homenameserver 10.0.0.180nameserver 10.0.0.11

$ nslookup www.hadassah.ac.ilServer: 10.0.0.11Address: 10.0.0.11#53

Non-authoritative answer:www.hadassah.ac.il Name: www.hadassah.ac.ilAddress: 212.179.79.228

LinuxWindows XP

DNS serverResolves refers unknown address up the tree

$ cat /etc/bind/named.conf.options

forwarders { 192.115.106.10;62.219.186.7;

};


Resources Records (RR)

RDLENGTHRR-specific dataRDATA

2Length of RDATA fieldRDLENGTH4Time to liveTTL2Class code (class = Internet)CLASS

2RR type (see table)TYPE

Length of node nameNode nameNAME

Length (octets)DescriptionRR Field

Pointer to canonical name (for reverse DNS)pointerPTR12List of email agents for that domainmail exchangeMX15

Authoritative information about DNS zone: primary name server, email of domain, ...

start of authoritySOA6

Authoritative DNS name servers for domainname serverNS2

16

5

1

Type Value

Additional information

Canonical node name

32-bit IPv4 address

Function

text

name

address

Description

TXT

CNAME

A

Field Name


DNS Request / Response Packets

supplied by questioner and echoed unchanged by responder

number of resource records in additional records section

number of name server resource records in authority section

number of resource records in answer section

number of entries in question section

ARCOUNT

NSCOUNT

ANCOUNT

QDCOUNT

RCODEres3res2res1RARDTCAAOPCODEQR

Message ID

1514131211109876543210

Response type0 No error condition 1 Format error 2 Server failure3 Name Error 4 Not Implemented 5 Refused

RCODE

1 = Recursion AvailableRA1 = Recursion DesiredRD1 = Message truncated (too long for channel)TC1 = Authoritative AnswerAA

Request operation type 0 = standard query 1 = inverse query 2 = status request

OPCODE

Query = 0 / Response = 1QR


Client Socket in PerlPerl IO::Socket package

Provides simplified implementation of socket APIOpen new socket

use IO::Socket;$sock = IO::Socket::INET->new(

Proto => "Protocol",PeerAddr => "Destination Address",PeerPort => "Port Number",)

or die "cannot connect to port at localhost";

Read data from server$data = <$sock>;print $data;

Send data to serverprint $sock "hello server!\n";


Perl Client Socket Example

#!/usr/bin/perluse IO::Socket;

$sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "www.hadassah.ac.il",PeerPort => "80",)

or die "Couldn’t connect!";

print $sock "GET /main.html HTTP/1.0\n\n";

print <$sock>;

close($sock);

include perl Socket packageopen connection to Hadassah web serverOS returns socket descriptor to variable $sock

send server request for home page

display on screen data returned from server

close connection

Read Hadassah College homepage


Perl Client Socket Example

#!/usr/bin/perluse IO::Socket; $sock = IO::Socket::INET->new(

Proto => "tcp",PeerAddr => "www.hadassah.ac.il",PeerPort => "80",)

or die "Couldn’t connect!";print $sock "GET /main.html HTTP/1.0\n\n";print <$sock>;close($sock);

Read Hadassah College homepage

Save file as hadassah.pl

$ perl hadassah.plHTTP/1.1 302 FoundCache-Control: privateContent-Type: text/html; charset=utf-8Location: http://www.hadassah.ac.il/en/error-page/X-AspNet-Version: 4.0.30319Date: Wed, 19 Nov 2014 17:47:18 GMTConnection: close

<html><head><title>Object moved</title></head><body><h2>Object moved to <ahref="http://www.hadassah.ac.il/en/error-page/">here</a>.</h2></body></html>

At command line


Server Socket in Perl#!/usr/bin/perluse IO::Socket;

$sock = IO::Socket::INET->new(LocalHost => 'IP_address',

LocalPort => port_number,

Listen => 1,

Reuse => 1,

Proto => 'tcp') || die "Error\n";

$client = $sock->accept();

assign server address

assign service port number

listen system call

reuse port number when process stops

protocol = TCP

accept system call

open listening socket on server


Perl Server Socket Example#!/usr/bin/perl$flag = "1";use IO::Socket; $sock = IO::Socket::INET->new(

LocalHost => '127.0.0.1',LocalPort => 1234, Listen => 1, Reuse => 1, Proto => 'tcp') || die "Error creating socket\n";

$client = $sock->accept(); while($flag == "1") { $line = <$client>;print $line; print $client "Received\n"; if ($line =~ /bye/) {$flag = "0";}

} close($sock);

Server Prints data from client EchoesReceivedCloses on data bye

In CLI run perl script$perl servlet.pl

In second CLI enter:$telnet 127.0.0.1 1234Trying 127.0.0.1...Connected to 127.0.0.1.Escape character is '^]'.

LOOPBACK ADDRESS (for testing)127.0.0.1

Local calls on this machine


Sockets in C

Header library Constants, data type, data structures, system calls

ConstantsProtocol parameters / sizes, address parameters /sizes, …

Data structuresstruct templates for addresses, ports, protocols, …addrinfo

struct template for connection informationProgrammer provides partial endpoint information to instance hintsSystem provides remaining information in instance res

System callsByte order for network standardEndpoint parameters based on OS operations Standard socket calls

Socket, bind, listen, accept, send, receive

Overview


Sockets in CHeaders

Functions for translating protocol and host names into numeric addresses

<netdb.h>

Functions for manipulating numeric IP addresses<arpa/inet.h >

PF_UNIX / PF_LOCAL address family

For communication between programs on same computer

<sys/un.h>

PF_INET / PF_INET6 protocol familiesAF_INET / AF_INET6 address families

Theory — multiple AF addresses per protocol familyPractice — AF = FP

<netinet/in.h>

Socket functions and data structures<sys/socket.h>


Sockets in CSome data types and constants

Datagram (connectionless) serviceSOCK_DGRAM

Allow OS to set local IP addressAI_PASSIVE

Stream (connection oriented) serviceSOCK_STREAM

Length of IP address string on OS INET_ADDRSTRLEN

Data type for length of data messagesize_t

Data type for size of endpoint structuresocklen_t

struct template for building sockaddrsockaddr_in

struct template for endpoint (address+port)sockaddr

struct template for description of connectionaddrinfo

IP version 6PF_INET6 = AF_INET6

IP protocol familyPF_INET = AF_INET


Sockets in CPredefined address information (ai) template

pointer to linked AI struct

canonical hostname

pointer to endpoint struct

size of ai_addr in bytes

protocol / 0

SOCK_STREAM / SOCK_DGRAM

AF_INET for IPv4

AI_PASSIVE—OS sets address

AI_CANONNAME— use hostname

};

struct addrinfo *ai_next;

char *ai_canonname;

struct sockaddr *ai_addr;

socklen_t ai_addrlen;

int ai_protocol;

int ai_socktype;

int ai_family;

int ai_flags;

struct addrinfo {


Sockets in CPredefined endpoint information templates

sin_zero[8];

sin_addr;

sin_port;

sin_family;

sa_data[14];

sa_family;

};

zeros (padding)unsigned char

IP address as structstruct in_addr

Port numberunsigned short int

AF_INETshort int

Access sockaddr fieldsstruct sockaddr_in {

struct sockaddr {

Socket address familyAF_INET (for IPv4)

unsigned short

};

protocol address

Port = 2 bytes

IP address = 4 bytes (IPv4)

Padding = 8 bytes (zeros)

char


Sockets in C

int getaddrinfo(const char *node,

const char *service,

const struct addrinfo *hints,

struct addrinfo **res);

getaddrinfo()

Status integer — check with function gai_strerror()Return

Output instance of addrinfo holding info set by OS resolutionres

Input instance of addrinfo holding info set by Apphints

Port number (client's requested service or server's offered service)NULL leaves service uninitialized

service

Remote node addressNULL (OS provides local node address)

node

System call Input instance (hints) ⎯→ output instance (res) using OS information


addrinfo

ClientRequires addrinfo instance to describe remote service

Writes remote server address string + remote service to hintsgetaddrinfo converts hints ⎯→ res using OS information

ServerRequires addrinfo instance to describe local service

Writes NULL address + local service to hintsgetaddrinfo converts hints ⎯→ res using OS information

sockaddrgetaddrinfo writes addrinfo.sockaddr as HEX endpoint

sockaddr_inUser copies addrinfo.sockaddr ⎯→ sockaddr_inReads port and IP address as separate members

Sockets in CWho uses address information (ai) templates?


Sockets in Cgetaddrinfo() example — setting endpoint for LOCAL HTTP server

fprintf(stderr, "getaddrinfo error: %s\n",gai_strerror(status));

nonzero status — check error

OS provides IP address

TCP stream

IPv4

initialize hints to zero

local_res = output struct

hints = input struct

status = getaddrinfo(NULL, "http", &hints, &local_res)

system fills local_res with local service endpoint = local_IP:http using hints and OS data

hints.ai_flags = AI_PASSIVE;

hints.ai_socktype = SOCK_STREAM;

hints.ai_family = AF_INET;

memset(&hints, 0, sizeof hints);

fill hints with partial information

struct addrinfo *local_res;

struct addrinfo hints;

int status;


Sockets in Cgetaddrinfo() example — setting endpoint for REMOTE server

fprintf(stderr, "getaddrinfo error: %s\n",gai_strerror(status));

nonzero status — check error

OS provides IP address

TCP stream

IPv4


remote_res = output struct

hints = input struct

status = getaddrinfo(remote_IP, 80, &hints, & remote _res)

system fills remote_res with local service endpoint = remote_IP:80 using hints and OS data

hints.ai_flags = AI_PASSIVE;




fill hints with partial information

struct addrinfo *remote_res;

struct addrinfo hints;

int status;


Sockets in C

Convert text form to struct (presentation to network)inet_pton()

Examplestruct sockaddr_in sa;

inet_pton(AF_INET, "10.0.0.1", &(sa.sin_addr));

Convert struct to text form (network to presentation)inet_ntop()

Examplechar ip4[INET_ADDRSTRLEN];struct sockaddr_in sa;

inet_ntop(AF_INET, &(sa.sin_addr), ip4, INET_ADDRSTRLEN);

Address conversion

define instance sa of struct sockaddr_in

convert address to struct and write into sa

INET_ADDRSTRLEN preset by system

convert address and write into ip4


Sockets in C

Big-endianInteger stored in memory with MSB in lowest addressStandard for network operations (Network Order)

Little-endianInteger stored in memory with LSB in lowest addressStandard on Intel processors

Conversion functionsConverts Host Order to Network OrderNo change if Host Order = big-endian

Byte order conversion

network to host longntohl()

network to host shortntohs()

host to network long (long = 4 bytes = 32 bits)htonl()

host to network short (short = 2 bytes = 16 bits)htons()


Sockets in C

/* showip.c show IP addresses for remote host */#include <stdio.h>#include <string.h>#include <sys/types.h>#include <sys/socket.h>#include <netdb.h>#include <arpa/inet.h>

int main(int argc, char *argv[]){

struct addrinfo hints, *remote_res, *p; int status;char ipstr[INET_ADDRSTRLEN];if (argc != 2) {

fprintf(stderr,"usage: showip hostname\n");return 1;

}

Example for setting remote endpoint — part 1

3 instances

character array to hold IP addresses


Sockets in C




if ((status = getaddrinfo(argv[1], NULL, &hints,&remote_res)) != 0) {

fprintf(stderr, "getaddrinfo: %s\n",

gai_strerror(status));

return 2;

}

printf("IP addresses for %s:\n\n", argv[1]);



set remote_res to system‐provided infoargv[1] = hostnameport = 0 (not set)

print error message on fail

print heading for list of addresses

set known hintsIPv4TCP


Sockets in C

for (p = remote_res; p != NULL; p = p->ai_next) {void *addr;char *ipver;

struct sockaddr_in *ipv4 = (struct sockaddr_in *)p->ai_addr;

addr = &(ipv4->sin_addr);ipver = "IPv4";

inet_ntop(p->ai_family, addr, ipstr, sizeof ipstr);

printf(" %s: %s\n", ipver, ipstr);

}freeaddrinfo(res);return 0;

}


loop over linked list

instance ipv4← instance p.ai_addrai_addr points to sockaddr = endpoint = IP:port

addr← IP address in p.ai_addr

convert addr = IP address to ipstr = character string

free linked list

print IPv4: ipstr


Sockets in C

$ showip www.google.co.ilIP addresses for www.google.co.il:

IPv4: 74.125.230.148IPv4: 74.125.230.144IPv4: 74.125.230.145IPv4: 74.125.230.146IPv4: 74.125.230.147

Running showip


Sockets in C

int socket(int domain, int type, int protocol);

socket() with hard coded endpoint type

int s;s = socket(PF_INET, SOCK_STREAM, 0);

Specify protocol or 0 default — TCP for STREAM or UDP for DGRAMprotocol

Service typetype

Address familydomain

PF_INET = AF_INET = IPv4SOCK_STREAM = reliable transport0 = use default service protocol — TCP for STREAM or UDP for DGRAM

No local or remote endpoint required to open socket

socket descriptor


Sockets in C

int socket(int domain, int type, int protocol);

int s;struct addrinfo hints, *res;



getaddrinfo("www.hadassah.ac.il", "http", &hints, &res);

// getaddrinfo(NULL, "http", &hints, &res);

s = socket(res->ai_family, res->ai_socktype,res->ai_protocol);

socket() using fields in struct res

Specify protocol or 0 default — TCP for STREAM or UDP for DGRAMprotocol

Service typetype

Address familydomain

socket call using res

set up hints

socket descriptor

client side for remote server

server side for local server


Sockets in C

int bind(int sockfd, const struct sockaddr *my_addr,socklen_t addrlen);

int s; struct addrinfo hints, *local_res; hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM;hints.ai_flags = AI_PASSIVE;

getaddrinfo(NULL, "http", &hints, &local_res);s = socket(local_res->ai_family, local_res->ai_socktype,

local_res->ai_protocol);

bind(s, local_res->ai_addr, local_res->ai_addrlen);

bind()

prepare hints

OS sets node IP address

bind socket to local service using ai_addressendpoint (instance of sockaddr)

resolve local address and port to local_res , open socket as server


Sockets in C

int listen(int sockfd, int backlog);

listen(s, backlog);

struct sockaddr_storage cliaddr;socklen_t addr_size;addr_size = sizeof cliaddr;

int accept(int sockfd, struct sockaddr *cliaddr,socklen_t *addrlen);

int c_s;

c_s = accept(s, (struct sockaddr *)&cliaddr,&addr_size);

listen() and accept()

listen on socket sallow connections ≤ backlog

sockaddr_storagestruct for connected endpoint designed for IPv4 and IPv6will be cast as sockaddr in accept()

create copy c_s of socket s for connection accept connection on socket c_scast cliaddr as sockaddr write client endpoint information to cliaddr


Sockets in Cconnect()

prepare hints, resolve remote addrinfo

resolve remote address and port to remote_res

int connect(int sockfd, const struct sockaddr *serv_addr,socklen_t addrlen);

int s;

struct addrinfo hints, *remote_res;

hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM;

getaddrinfo("www.google.com, "http", &hints, &remote_res);

s = socket(remote_res->ai_family, remote_res->ai_socktype,remote_res->ai_protocol);

connect(s, remote_res->ai_addr, remote_res->ai_addrlen)

open socket s for connecting to remote service using ai_address endpoint


Sockets in C

int send(int sockfd, const void *msg, size_t len,int flags);

char *msg = "Hello, world!";

size_t s_len,

int bytes_sent;

s_len = strlen(msg);

bytes_sent = send(c_s, msg, s_len, 0);

send()

send string on socket c_sreturns number of bytes actually sent


Sockets in C

int recv(int sockfd, void *buf, size_t len, int flags);

#define BUFFER_SIZE 100

char buffer[BUFFER_SIZE];

size_t r_len = BUFFER_SIZE;

int bytes_received;

bytes_received = recv(c_s, buffer, r_len, 0);

recv()

receive string on socket c_ sreturns number of bytes actually received

choose desired receive buffer size


Sockets in C

int send(int sockfd, const void *msg, size_t len,int flags);

int sendto(int sockfd, const void *msg, size_t len,

int flags, const struct sockaddr *to,

socklen_t tolen);

int recv(int sockfd, void *buf, size_t len, int flags);

int recvfrom(int sockfd, void *buf, size_t len,

int flags, struct sockaddr *from,

size_t *fromlen);

Connectionless data transfer — sendto() and recvfrom()

No accept() for local sockfdDefine source endpoint on the fly

No connect() for local sockfdDefine destination endpoint on the fly

1Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015

Transport

Layer


Application / Transport InterfaceApplication requests service from transport layer

ReceivesApplication layer PDU — data for transportInterface Control Information (ICI)

Service requirements Local + remote endpoints

Prepare Transport service requirementsData for transportLocal endpoint — node address + service portRemote endpoint — node address + service port

Transport Layer

Application Layer


Transport Layer ServicesConnection management

Maintain separate sessions between various user applications Label sessions with client / server port numbersProvide reliability services according to connection type

MultiplexingDivide outgoing data stream into segments Combine segments from multiple sessions into single output

DemultiplexingSeparate incoming segments by sessionsCombine incoming segments for each session into user data stream


Transport Layer ConnectionsReliable transport (TCP)

Connection-orientedTCP connection established before data transfer

Error-free deliveryData delivered

In original order No errors, duplications, omissions

Flow controlControl sender rate to prevent buffer overflow in receiver

Congestion controlControl sender rate to prevent buffer overflow in network

Unreliable transport (UDP)Connectionless Lower overhead ⇒ faster but no guarantees Segments with errors discarded with no warning to application


Source / Destination PortsClient

Opens socket to send requestsClient / OS binds port number to socket

1024 ≤ client port ≤ 65,535 identifies client application

Server Opens listen socket mapped to accept sockets for requestsBinds well-known port to service socket

0 ≤ well-known port ≤ 1023 identifies service application

Transport

Client Application

Bind socket to port 1025

Connect to port 80

Transport

Server Application

Bind socket to service port 80

Accept from 1025

Requestsrc: 1025 dest: 80

Responsesrc: 80 dest: 1025


Multiplexing / DemultiplexingApplications send / receive data on sockets

Multiple sockets ⇒ multiple conversationsTransport layer segment

Transport header + application data (PDU)TCP / UDP headers carry source + destination ports

Multiplexing / demultiplexingSegments transmitted on same infrastructure Sorted by destination port at destination

Transport

Client Applications

Transport

Server Application

1025 ← 80

10261025 80

1026 ← 80

1025 → 80 1026 → 80

1025 ← 80

1025 → 80

1026 ← 80

1026 → 80

1025 ← 80

1026 ← 80

1025 → 80

1026 → 80


User Datagram Protocol (UDP)Internet unreliable transport protocol

Defined in RFC 768Used when low delay / jitter more important than error controlStreaming multimedia, multiplayer games, ...

UDP segment

UDP header

Length Number of bytes in datagram < 216 = 65,536Maximum length = 64 KB – lengths of all headers

application dataheader

checksumlength

destination portsource port

32 bits


UDP / TCP ChecksumCalculation at source

Break UDP segment into sequence of 16-bit wordsAdd IP pseudo-header (IP src/dest addresses, protocol, length)Pad with zeros if necessaryAdd all 16 bit words (not counting checksum field)Add carry-out to 0-order bit (rotate)Perform 1's complement

Calculation at destinationRepeat calculation and compare

Example1 1 1 1 0 0 1 1 0 0 1 1 0 0 1 1 01 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1

1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 11

1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 0

1 0 1 0 0 0 1 0 0 0 1 0 0 0 0 1 1

rotate

sumchecksum


Using UDPServerClient

Server UDP Agent

Perform checksum

Error

Discard segment

No error

Pass data to socket by port

Application

Open socket

Bind service port

Listen on socket

Receive data from listen socket

Client UDP Agent

Accept data

Add header with checksum

Send to server

Application

Open socket

Send data on socket to endpoint (node address + service port)

If required — add reliability features at client / server application level


Transport Control Protocol (TCP)Reliable transport over unreliable layers

Network + infrastructure layers can introduce errorsBit errors (1 ↔ 0)Lost packetsDuplicate packetsOut-of-order packets

TCP detects and corrects errors

Layer 1

…

Network

TCP

Application

Layer 1

…

Network

TCP

ApplicationReliable Transfer

Physical Transfer

Unreliable Transfer


Basic Theory of Reliable Data Transfer (RDT)

Version 1.0 for error-free channelNo error checking necessary

Version 2.0Handles bit errors

Version 2.1 Bug fix of version 2.0

Version 2.2Simplification of version 2.1

Version 3.0Handles missing packets

Version 4.0Improved performance

Bottom‐up approach


Theory of Reliable Data Transfer (RDT)

Error-free channelData delivered reliably

Version 1.0 on error‐free channel

Sender Receiver

sndpkt 0

sndpkt 1

sndpkt 2


Handling Bit ErrorsError detection

Sender adds checksum to packet headerReceiver

Re-computes checksum Compares with checksum in header

Corrupt packets (packets with errors) discarded

Error controlReceiver provides sender with feedback about received data

Automatic Repeat Request (ARQ)Sender re-transmits on NAK

Negative acknowledgement

(reject)

Acknowledgement

Data received with bit errorsNAK

Data received without bit errorsACK


Theory of Reliable Data Transfer (RDT)Version 2.0 on channel with bit errors

Sender Receiver

sndpkt 0

sndpkt 1

sndpkt 2

ACK

ACK

NAK

sndpkt 2

error

sndpkt 3

ACK


Theory of Reliable Data Transfer (RDT)Version 2.0 on channel with bit errors

Sender Receiver

sndpkt 0

sndpkt 1

sndpkt 1

ACK

ACK

ACK

sndpkt 2

error Bug!

Receiver receives duplicate packet 1


Bug in Version 2.0Corrupt ACK / NAK packet

Option 1Sender interprets corrupt ACK / NAK = ACKReceiver misses data packet

Option 2Sender interprets corrupt ACK / NAK = NAKSender retransmits packetReceiver may receive duplicate packet

Bug fixLabel packet with sequence number (SEQ)

SEQ = packet_number mod 2 = 0 or 1 (sufficient for stop and wait)

Sender follows option 2Receiver gets duplicate packet

Re-transmits ACKDiscards duplicate packet


Theory of Reliable Data Transfer (RDT)Version 2.1 with SEQ

Sender Receiver

sndpkt 0

sndpkt 1

sndpkt 1

ACK

ACK

ACK

sndpkt 2

errorCorrected Version

Receiver discards duplicate packet 1

sndpkt 3

ACK


Complication in Version 2.1Version 2.1 — SEQ + ACK + NAK

SenderACK or NAK = response to last packetCorrupt ACK or NAK = NAKNAK ⇒ re-transmit packet

Receiver ACK or NAK for each packetCorrupt packet ⇒ re-transmit packetDuplicate SEQ ⇒ re-transmit ACK but discard packet

Version 2.2 — SEQ + ACK without transmitted NAKSender

ACK + SEQ = response to packet SEQCorrupt ACK || ACK to previous SEQ = implied NAKImplied NAK ⇒ re-transmit packet

Receiver ACK + SEQ for each packetCorrupt packet ⇒ re-transmit ACK for previous SEQDuplicate SEQ ⇒ re-transmit ACK but discard packet


Theory of Reliable Data Transfer (RDT)Version 2.2 with SEQ + ACK without NAK

Sender Receiver

sndpkt 0

sndpkt 1

sndpkt 2

ACK0

ACK1

ACK1

sndpkt 2

error

ACK0

Implied NAK:duplicate ACK for packet 1is NAK of packet 2


Lost PacketsPacket loss

Lost data packet or ACKDiscarded by intermediate system or lower network layerBuffer overflowAt receiver — no error or indication of lost packet

Handling lost packetsSender sets timeout counterTimeout || corrupt ACK || ACK to previous SEQ = implied NAKDuplicates handled by SEQ


Theory of Reliable Data Transfer (RDT)Version 3.0 with SEQ + ACK + Timeout

Sender Receiver

sndpkt 0

sndpkt 0

sndpkt 1

ACK0

sndpkt 1

ACK1

losttimeout

losttimeout ACK1

Receiver discards duplicate packet


Performance Problem with Stop‐and‐Wait

Sender Receiver

sndpkt 0

sndpkt 1

sndpkt 2

ACK0

ACK1

ACK0

Round Trip Time (RTT)

Wait too long

T

T T

T T

64 KB 8 bits/BT transmission delay 5 ms

10 Mbps

T T 5 msutilization 0.14

T network latency T RTT 5 ms 30 ms

×= ≈ =

= = ≈ =+ + +

Typical RTT > 30 ms


Sender transactionSend packetReceive ACK

Stop-and-wait protocolSend packet → wait → receive ACKFinish transaction n → begin transaction n + 1Transmitter idle while waiting for ACK

Pipelined protocolBegin new transaction before previous finishesReduce transmitter idle time

Source windowN = window sizeTransmit N packets before stop-and-waitN packets in process ("in flight" or "in pipeline") at any time

Theory of Reliable Data Transfer (RDT)Improving performance


Sender Receiver

sndpkt 0Round Trip Time (RTT)

× ×= ≈ =

+ +T

T

N T 3 5 msutilization 0.43

T RTT 5 ms 30 ms

Theory of Reliable Data Transfer (RDT)Pipelining with window size = 3

sndpkt 2

sndpkt 1

ACK 0

ACK 1

ACK 2

sndpkt 3

sndpkt 5

sndpkt 4

Typical RTT > 30 ms


Selective repeatSender

Buffers packet until ACKTimeout counter for each packetTimeout ⇒ sender re-transmits "unACKed" packet

Receiver ACKs received packetsReceived in order — passed to applicationReceived out-of-order — held in buffer

Window size = N"unACKed" packets < N Send N packets without ACK ⇒ stop sending N < receiver buffer size

Theory of Reliable Data Transfer (RDT)Pipelined protocol — error handling method 1


Sequence number (SEQ)k bit SEQ ⇒ 0 ≤ SEQ ≤ 2k – 1 (modulo 2k) Window size N ≤ 2k

Theory of Reliable Data Transfer (RDT)Selective repeat

window

0020

2waiting202210

1waiting10Error

3

210

110300323321

waiting21221011000

ACK 0

ACK 3

k = 2 ⇒ 0 ≤ SEQ ≤ 3N = 3

ACK 1ACK 2

ACK 1

ACK 1 without ACK 0 ⇒ resend packet 0


Bug in selective repeat

Sequence number (SEQ)k bits ⇒ 0 ≤ SEQ ≤ 2k – 1 (modulo 2k) Window size N ≤ 2k

window

210

210

221012100210

timeout210221011000

k = 2 ⇒ 0 ≤ SEQ ≤ 3N = 3

lostlost

lost

Receiver cannot distinguish cases: 1. Re‐transmission of duplicates2. New packets

Solution — long SEQ (≥ 32 bits)



Go Back N (GBN)Sender

Buffers packet until ACKTimeout counter for oldest "unACKed" packetTimeout ⇒ sender re-transmits all "unACKed" packets from buffer

Receiver sends CUMULATIVE ACK

ACK for last packetImplies ACK for all previous packets

No buffer for out-of-order packetsError or missing packet ⇒ no ACK packet or any subsequent packet

Window size = N"unACKed" packets < N Send N packets without ACK ⇒ stop sending N < transmit buffer size

Pipelined protocol — error handling method 2Theory of Reliable Data Transfer (RDT)


Sequence number (SEQ)k bits ⇒ 0 ≤ SEQ ≤ 2k – 1 (modulo 2k) Window size N ≤ 2k

Version 4.0 —Go Back N

window

332waiting21012210011030030

Error

210

3300333

waiting210221011000

ACK 2

ACK 3

ACK 2

k = 2 ⇒ 0 ≤ SEQ ≤ 3N = 3

ACK 2


duplicate ACK 2 ⇒ retransmit from 3


TCP as Reliable Transport ProtocolConnection-oriented

Set up connection before data transfer

Maximum Segment Size (MSS)64 KB (including IP header)

Error detectionChecksum as in UDP

Error controlARQ with ACK + SEQ + timeoutNo corrupt, missing, duplicate, or out-of-order dataPiggybacking — send ACK within data segment

PipeliningVariable window size at sender and receiverGBN cumulative ACK with optional selective repeat

Flow /congestion controlDynamic window size ⇒ control of sender utilization


TCP Header

Options

urgent pointerchecksum

window sizeflagsnot usedHLEN

acknowledgement number (ACK)

sequence number (SEQ)

destination portsource port

32 bits

Options fields + padding for multiple of 32 bits10 – 320 bitsOptions

Offset from SEQ points to last urgent data byte16 bitsUrgent pointer

Number of bytes receiver can receive now16 bitsWindow size

Control bits9 bitsFlags

Not used3 bitsReserved

Length of TCP header in 32-bit words4 bitsHLEN (data offset)


TCP HeaderFlags

No more data from senderFIN

Synchronize sequence numbersSYN

Reset connectionRST

Push buffered data to receiving applicationPSH

Acknowledgment field validACK

Urgent pointer field validURG

ECN-EchoIf SYN = 1 peer is ECN capableIf SYN = 0 packet with Congestion Experienced flag in IP header received during normal transmission

ECE

Congestion Window Reduced (CWR) flag Sender indicates receiving segment with ECE flag set

CWR

ECN-nonce concealment protectionNS


TCP Connection Set‐up

Client SYN segment SYN flag = 1SEQ = random number xNo data

Server SYN-ACK segmentSYN flag = ACK flag = 1SEQ = random number yACK = x + 1No data

Client ACK segmentSYN flag = 0ACK flag = 1SEQ = random number x + 1ACK = y + 1May contain data

Three‐way handshake

Client Server

SYN flag = 1ACK flag = 0SEQ = xACK = 0

SYN flag = 1

ACK flag = 1

SEQ = y

ACK = x + 1

SYN flag = 0ACK flag = 1SEQ = x +1ACK = y + 1data

Connection request(synchronize)

Accept

ACK


Initial sequence number (ISN)Random SEQ in 3-way handshake

Prevents counterfeit segments

At end of handshake SEQ = ISN + 1

SEQ — byte sequencingSEQ = previous SEQ + length(data bytes in previous segment)

= ISN + 1 + data bytes sent in all previous segments

ACK — byte acknowledgementACK = next (expected) SEQACK = x + 1

Acknowledge x — now expect x+1

SEQ = x+501 ACK = y+1data = 400 bytes

TCP SEQ + ACK

Client Server

SEQ = y+1 ACK = x+501

First data segment after handshake

SEQ = y+1 ACK = x+901

SEQ = x+1 ACK = y+1data = 500 bytes


Send and Receive WindowsSend buffer

Holds sent segments until ACKedOn timeout resend segments from send buffer

Send windowAvailable space in send buffer

Receive bufferHolds received segments until requested by application

Send window Available space in send buffer

Full

Send Window

SendingApplication

Network Layer

Send Buffer

Full

Receive Window

ReceivingApplication

Receive Buffer


Basic TCP Sender BehaviorStart

SEQ = SendBase = ISN + 1

Receive data from applicationPrepare segment with SEQ Send segment when unACKed bytes < SendWindowSEQ = SEQ + length(segment data)Start timer

Receive ACK = yy > SendBase ⇒ SendBase = yunACKed bytes > 0 ⇒ restart timer

TimeoutResend segments starting from SendBaseRestart timer


Typical Control Programdefault_inits ;while ( true ) { /* main loop */

if ( condition_1 ) {handle_condition_1 ;

}


}


}

default_updates ;}


Simplified TCP Sender — 1// initialize

SEQ = ISN + 1SendBase = ISN + 1 // last byte ACKedInFlight = 0 // unACKed bytes sentRTO // timeout intervalSendWindow, RecvWindow // send & receive windows

// main loopif (new data from application)

Prepare data segmentsequence number = SEQSEQ = SEQ + length(data)

if InFlight < min{SendWindow,RecvWindow}Pass segment to IP InFlight = InFlight + length(data)if !(timer running) timer = RTO


Simplified TCP Sender — 2if (receive ACK = y)

stop timerif (y > SendBase)

newACKs = y – SendBase // bytes ACKedSendBase = yInFlight = InFlight – newACKs if (InFlight > 0) timer = RTO

if (timeout)SEQ = SendBase = min{unACKed SEQ} and resendtimer = RTO


Basic TCP Receiver BehaviorStart

Expected = ISN + 1 // sender ISNReceive error-free segment with SEQ < Expected

Resend ACK = ExpectedIgnore packet

Receive segment with error || SEQ > ExpectedResend ACK = Expected (implied NACK)Ignore packet

Receive error-free segment with SEQ = Expected Expected = Expected + length(segment data)Buffer ACKSend ACK = Expected if

Delayed ACK timer > maximumBuffered ACKs > maximumACK following implied NACK


Simplified TCP Receiver — 1// initialize

Set RecvWindow = receiver buffer sizeexpected = Sender ISN + 1ack_buffer = 0 // received unACKed segmentsack_max // delayed ACK triggerack_delay = 250 msec // local policy: < 500 msecStart ACK delay timer = ack_delay

// main loopif (ACK delay timer = 0 && ack_buffer > 0)

Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0


Simplified TCP Receiver — 2if (receive SEQ = x) // new packet arrives

if (x = expected && error-free)expected = expected + length(data)if (NACK = 1)

Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0NACK = 0

else if (ack_buffer < ack_max)nextACK = expectedack_buffer++

else if (ack_buffer = ack_max)Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0

elseSend ACK = expected with updated RecvWindowACK delay timer = ack_delayNACK = 1


TCP SEQ + ACK

Sender Receiver

ACK = 100

No errors

Timeo

utSEQ = 92 8 data bytes

ACK = 120

SEQ = 100 20 data bytes

ACK = 180

SEQ = 120 20 data bytes SEQ = 140 20 data bytes SEQ = 160 20 data bytes



TCP SEQ + ACK

Sender Receiver

ACK = 100

Bit errorsTimeo

ut


ACK = 120


ACK = 160

SEQ = 120 20 data bytes SEQ = 140 20 data bytes SEQ = 160 20 data bytes


Corruptpacket

discarded

error


TCP SEQ + ACK

Sender Receiver


ACK = 100

Timeout

Timeo

ut

error




TCP SEQ + ACK

Sender Receiver

ACK = 100

Lost ACKTimeo

ut

error




ACK = 100

Receiver discards duplicate packet


TCP SEQ + ACK

Sender Receiver

Missed ACKTimeo

ut SEQ = 100 20 data bytes



ACK = 100

ACK = 120

ACK = 120

SEQ = 92 8 data bytes Receiver discards duplicate packet

ACK 120 acknow

ledges all bytes

< 120


TCP SEQ + ACK

Sender Receiver

ACK = 100

Cumulative ACK

Timeo

ut

error




ACK = 120

ACK all previous bytes


Selective Acknowledgment OptionSelective ACK (SACK)

Permits ACK for segments with gapsOption negotiated between hostsDefined in RFC 2018

ExampleLast ACK = 5000Send 8 segments × 500 data bytes / segmentCase 1

First 4 segments received and last 4 droppedReceiver returns normal ACK = 5000 + 4 * 500 = 7000No SACK option field

Case 2First segment lost and 7 segments receivedFor each segment receiver returns segment with

ACK = 5000 SACK option field with start + end ACK

Option Field

9000550050008500850055005000800080005500500075007500550050007000700055005000650065005500500060006000550050005500———5000EndStart

ACKData


Setting Retransmission Timeout (RTO) ValueRTO > RTT

RTT = round trip time = minimum time to receive ACKTimeout too short

Too many missed ACKsTimeout too long

Waste too much time before re-transmissionMethod

Measure RTTOn each new ACK updateRTO ← max{(1 - α)* RTO + α * measured_RTT, 1 sec}Typical: α = 0.125

Sender Receiver

SEQRTT

ACK


TCP Connection CloseSymmetric

Client or server may close connection

FIN segment FIN flag = 1SEQ = cumulative SEQ number

ACK segmentACK flag = 1ACK = SEQ + 1

FIN segmentFIN flag = 1SEQ' = cumulative SEQ number

ACK segmentACK flag = 1ACK = SEQ' + 1

Client Server

FIN flag = 1SEQ

FIN flag = 1

SEQ'

ACK flag = 1ACK SEQ'+1

ACK flag = 1

ACK SEQ+1


Flow Control and Congestion ControlFlow control

Sender avoids overflow of receiver bufferCongestion control

All sender avoid overflow of intermediate network buffersBuffer fill rate

Bytes / second arriving from networkBuffer empty rate

Bytes / second leaving to network or application layerBuffer file time

Example

Full

EmptyArriving bytes

Leaving bytes

=−overflow

buffer sizeT

buffer fill rate buffer empty rate

= = =−overflow

64 KB 64 KBT 16 seconds

8 KB/sec 4 KB/sec 4 KB/sec


Flow ControlSource window

Initial source window = maximum number of "unACKed" bytesDetermined by congestion + flow control

Destination windowNumber of bytes receiver can acceptDetermined by available space in receiver bufferBuffer level = Previous level + arriving bytes – bytes read by AppApplication reads too slowly ⇒ decrease destination window

Sliding windowWindows field in TCP header Number of bytes receiver will acceptReceiver discards bytes above window size Full

EmptyArriving bytes

Bytes read by App


Flow Control Example

04 KB

Persist Timeout4 KB4 KB

App reads 4 KB

00

08 KB6 KB00 KB6 KB

App reads 4 KB6 KB2 KB

04 KB

2 KB6 KB2 KB2 KB

4 KB4 KB4 KB64 KB6 KB2 KB4 KB64 KB8 KB02 KB64 KB8 KB0—64 KB

Dest Window

Buffer LevelIn FlightDest

Window

2 KB2 KB

ACK 4 KB window = 4 KB

2 KB


6 KB


ACK 12 KB + 1B window = 4 KB

1 B

2+2 = 4

2+4 = 6

6+6 = 12


Receive Window Bugs — 1Bug — deadlock

Receiver advertises window = 0Window update with window > 0 is lost → deadlock

Fix — persist timeoutSender attempts small segmentACK contains new window size

Sender Receiver

win = 0

win > 0

error

1 byte

ACK

win > 0


Receive Window Bugs — 2Silly Window Problem

Application reads received data slowlyReceiver advertises small window Data bytes ~ header bytesMore segments / file transfer ⇒ larger total traffic (data + headers)

Nagle Algorithm — bug fix for Silly WindowSender accumulates application data — sends large segmentsWorks badly with Telnet (requires small segments)

Receiver side bug fixReceiver keeps 0 window size until it can advertise large window


Congestion Control

AssumptionsSegments arrive independently (Poisson statistics)

Random length (bytes)Average arrival rate in steady state

Segments leave independently (Poisson statistics)Average emptying rate in steady state

Results

Queuing theory

ρ

ρρρ

= =

⎛ ⎞= = ⎜ ⎟− −⎝ ⎠

= × =−

arrival rateUtilization

empty rate

1 1 1Latency

empty rate arrival rate empty rate 1

Buffer Level Latency arrival rate1

0

2

4

6

8

10

12

14

16

18

20

0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9

Utilization

latencybuffer level

ρ


Congestion Control

(Over)-simplified throughput model

Realistic throughput behaviorHigh arrival rate at bufferLonger latency + overflowSender timeoutsRe-transmit ⇒ more segments ⇒ higher arrival rate at buffer

Buffer throughput

1

buffer utilization(from all senders)

latency

buffer utilization(from all senders)

latency

1

throughput

at receivers

1

1

=receive rate

throughtputmaximum receive rate

arrival ratebuffer utilization

empty rate=

throughput

at receivers


TCP Congestion ControlEnd-to-end congestion control

Based on host estimatesNo feedback from intermediate network nodes

Slow-startBegin session with low transmission rateIncrease rate until timeouts begin

Fast retransmitDo not wait for timeoutRe-transmit after duplicate ACKs (dupACKs)

Congestion avoidanceLimit transmission rate after duplicate ACKsTransmission rate → initial slow-start rate

Fast recoveryCongestion avoidance with larger transmission rate


Slow‐StartCongestion window (cwnd)

Source windowMaximum number of "unACKed" bytes

Initial cwnd = 1 MSS (maximum segment size)

Data rate = 1 MSS / RTTMaximum cwnd = destination window

Exponential growthOn (ACK)

cwnd ← cwnd + size of data ACKedif (cwnd > maximum cwnd)

cwnd ← max cwndOn (ACK timeout)

cwnd ← initial cwnd = 1 MSS

Sender Receiver

RTT

Timeout

ACK 1 MSS

ACK 2 MSS

ACK 3 MSS


Behavior of cwnd in Slow Start

SEQ

cwnd

1

timeout timeout timeout


Fast RetransmitBetter performance with RTO >> RTT

3 duplicate ACKs (dupACKs) for segment ⇒ re-send segment

Sender Receiver

Timeo

ut

error

SEQ = 100

SEQ = 200

SEQ = 300

SEQ = 400

SEQ = 200 (duplicate)

ACK = 200

ACK = 200 (duplicate

)SEQ = 500


)


)

ACK = 600


Congestion Avoidance

Slow start thresholdssthresh ← large initial value (possibly maximum cwnd)

Slow start phaseOn (ACK && cwnd < ssthresh)

cwnd ← cwnd + size of data ACKed

Congestion avoidance phaseOn (ACK && cwnd > ssthresh)

cwnd ← cwnd + 1 MSS (exponential → linear growth)

Fast retransmitOn (ACK timeout || 3 dupACKs)

ssthresh ← cwnd (pre-timeout value)

cwnd ← initial cwnd = 1 MSS

Tahoe protocol


Behavior of cwnd in Tahoe

SEQ

cwnd

1

3 dupACKs timeout3 dupACKs

SlowStart

CongestionAvoidance

Fast Retransmit


Congestion Avoidance

Slow start phaseOn (ACK && cwnd < ssthresh)

cwnd ← cwnd + size of data ACKedOn (ACK timeout)

ssthresh ← cwndcwnd ← initial cwnd = 1 MSSRTO ← 2 * RTO

Congestion avoidance phaseOn (ACK && cwnd > ssthresh)

cwnd ← cwnd + 1 MSSFast retransmit with fast recovery

On (3 dupACKs)ssthresh ← cwndcwnd ← cwnd / 2

Reno protocol

Retransmit lost packetWait 1 RTT → continue sending

For > 3 dupACKscwnd++ on each new dupACK


Behavior of cwnd in Reno

SEQ

cwnd

1

3 dupACKs timeout3 dupACKs

SlowStart

CongestionAvoidance

Fast Retransmit

3 dupACKs


TCP Sender with Reno — 1// initialize

SEQ = ISN + 1SendBase = ISN + 1InFlight = 0cwnd = 1 MSSSet ssthreshold large (local policy)RTO = timeout

// main loopon (new data from application)

Prepare data segment:sequence number = SEQif InFlight < min{cwnd,SendWindow,RecvWindow)

Pass segment to IP SEQ = SEQ + length(data)InFlight = InFlight + length(data)if !(timer running) timer = RTO


TCP Sender with Reno — 2if (receive ACK = y)

stop timerif (y > SendBase)

dupACK = 0newACKs = y – SendBase // bytes ACKedSendBase = yInFlight = InFlight – newACKsif (cwnd < ssthresh) cwnd = cwnd + newACKs else cwnd = cwnd + 1 MSSif (InFlight > 0) timer = RTO


TCP Sender with Reno — 3// if (y > SendBase)else

dupACK++if (dupACK = 3)

SEQ = SendBase = min{unACKed SEQ} and resendtimer = RTOssthresh = cwndcwnd = cwnd / 2wait 1 RTT // wait for ACK of resent packet

if (dupACK > 3)cwnd = cwnd + 1 MSS

if (timeout)SEQ = SendBase = min{unACKed SEQ} and resendssthresh = cwndcwnd = initial cwnd = 1 MSSRTO = 2 * RTOtimer = RTO


TCP Receiver with Reno — 1// initialize

Set RecvWindow = receiver buffer sizeexpected = Sender ISN + 1ack_buffer = 0ack_max (local policy: delayed ACK trigger)ack_delay = 250 msec (local policy: < 500 msec)Start ACK delay timer = ack_delay

// main loopif (ACK delay timer = 0 && ack_buffer > 0)

Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0


TCP Receiver with Reno — 2if (receive SEQ = x)

if (x = expected && error-free)expected = expected + length(data)if (NACK = 1)

Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0NACK = 0

else if (ack_buffer < ack_max)nextACK = expectedack_buffer++

else if (ack_buffer = ack_max)Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0

else Send ACK = expected with updated RecvWindowACK delay timer = ack_delayNACK = 1

1Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015

Network

Layer


Transport / Network InterfaceTransport layer requests service from network layer

Receives Transport layer PDU — data + transport headerInterface Control Information (ICI)

Service requirements Local + remote node addresses

Prepare Network service requirementsTransport segment for transfer across network

Application data + transport header Local node addressRemote node address

Network Layer

Transport Layer


Connection TypesConnection

State machine associated with data exchange

Connection-orientedSet-up end-to-end network channel before data any exchangeMonitor channel state during data exchangeMultiple transactions associated with connection stateClose channel after data exchangeExample — phone call

Enter number → answer call → extended conversation → disconnect

ConnectionlessData transmitted with no prior channel set-upNo channel state defined by nodesEach message independentExample — email message

Send email → hope message arrives → hope message is found / read


Datagram Service Network of routers and links

Packet switchingConnectionless

Every datagramHas source and destination address in header

Data Link header or Network header

Routed individually through networkDatagrams may follow separate routesBest effort delivery — unreliable service at layer 3Example

B → 1 → 4 → 6 → FB → 1 → 5 → 6 → F

AB

C

E

F

D

1

2 3

4

5

6

datasrc = B dest = F


Switched Virtual Circuit (SVC) Network of switches and links

Circuit switching or packet switchingConnection-oriented

Switched Virtual Circuit (SVC) Set-up / close messages carry source and destination addresses

Example

Packet routing by VC ID in header (layer 2 or layer 3)Every packet follows same VC route Example

AB

C

E

F

D

1

2 3

4

5

6

Set-up VC–1: B → 1 → 4 → 6 → F

dataVC – 1


A to D — circuit mode (deterministic SVC)B to E — packet mode (statistical SVC)B to F — packet mode (statistical SVC)C to F — packet mode (datagram service)

Switching Example

AB

C

E

F

D

1

2 3

4

5

6


Virtual Circuit LabelingRouting

VC number assigned at each switchSource-to-destination label on one hopCan change at each switch

VC in packet header identifies pathExample

X.25 network packet

A

B C

1

23 1 2

Switch 1 Switch 214

23 3442

59 72

DataType VCFormat


Virtual Circuit Routing TableRouting pair

Interface numberVC

Routing table for VCVC set-up = write table entriesMap input pair → output pair

A

B C

1

23 1 2

Switch 1 Switch 214

23 3442

59 72

Switch 1 Routing Table

422593

141233

593422

233141

OutputInput

VCInterfaceVCInterface

Switch 2 Routing Table

591722

231342

722591

342231

OutputInput

VCInterfaceVCInterface


Datagram ForwardingRouting

Source address + destination address in IP headerDestination pair identifies next hop

ExampleIP

A

B C

1

23 1 2

Router 1 Router 2

DataOther Fields DestSrc


Datagram ForwardingRouting table for datagram

Routing algorithm → table entriesMap destination address → output interface

Routing algorithm1 tells 2 "I have A + B" 2 tells 1 "I have C"

A

B C

1

23 1 2

Router 1 Router 2

Router 1 Table

3Other1B2A

InterfaceDestination

Address Range

Router 2 Table

1Other2C


Address Range


Connection‐Oriented / Connectionless NetworksConnection-oriented network services

Connectionless network serviceInternet Protocol (IP)

384 kbps – 1.9 Mbps cellular data networkGPRS / EDGE

Cellular voice networkGSM / UMTS

64 kbps – 625 Mbps replacement for ESS#7 + Frame RelayATM

2.048 – 45 Mbps replacement for X.25Frame relay

64 kbps pubic switched data network (PSDN)X.25

64 kbps pubic switched telephone network (PSTN)ESS#7


Internet Protocol version 4 (IPv4)IP datagram format

16 bits8 bits4 bits4 bits

Data

Options

Destination IP Address

Source IP Address

Header ChecksumProtocolTime to Live

Fragment Offset (13 bits)FlagsIdentification

Total Length (header + data in bytes)Service TypeHlen Version

MF (More Fragments — all frags but last)DF (Don't Fragment)0FlagsOffset in 8‐byte units from start of original datagram (fragmented)Fragment Offset

Protocol of data carried by datagramProtocolRouters perform: {if (--TTL == 0) delete datagram}Time To Live (TTL)

Provides unique datagram IDIdentification

Differentiated Services Code Point (DSCP)Explicit Congestion Notification (ECN)

Service typeHeader length in 32‐bit fieldsHlen


Maximum Transmission Unit (MTU)Largest datagram accepted by Layer 2 links

Fragmentation Divide datagram longer than MTU into < 213 = 8192 datagrams If DF = 1 datagram discarded

ReassemblyOriginal datagram reassembled at final destination

ExampleMTU = 1500 bytes = 20 (header) + 1480 (data)Total Length = 4000 bytes = header + 3980

3980 – 2 * 1480 = 1020

3 fragments with original header except1 — Length = 1500 bytes MF = 1 offset = 02 — Length = 1500 bytes MF = 1 offset = 1480 / 8 = 1853 — Length = 1040 bytes MF = 0 offset = 2*1480 / 8 = 370

Internet Protocol version 4 (IPv4)Fragmentation & Reassembly


Internet address32-bit address4 octets (8-bit decimal numbers) separated by dotsExample

www.hadassah.ac.il ↔ 212.179.79.228

Network / HostHost address = 212.179.79.228Host address = Network.Host

Network number = 212.179.79.0Host number = 228

Internet Protocol version 4 (IPv4)IPv4 Addressing


Network / Subnet / HostDivide hosts into sub-networks

Example Subnet 0 = 212.179.79.1 – 212.179.79.127

Host address range = 212.179.79.XX = 0xxxxxxx (binary)

Subnet 1 = 212.179.79.128 – 212.179.79.254Host address range = 212.179.79.XX = 1xxxxxxx (binary)

Internet Protocol version 4 (IPv4)Network / Subnet / Host

⎧⎪⎪= ⎨⎪⎪⎩

0, ... , A-1 (subnet 0)

A, ... , 2A-1 (subnet 1)Host number

2A, ... , 3A-1 (subnet 2)

...


3 main address classesA — small number of large networks (up to 224 = 16 Mhosts)C — large number of small networks (up to 28 = 256 hosts)

Internet Protocol version 4 (IPv4)Address classes

class octet 1 octet 2 octet 3 octet 4 network range

A 0 7 bits 8 bits 8 bits 8 bits

1.0.0.0 to 127.0.0.0

network host B

10 6 bits 8 bits 8 bits 8 bits 128.0.0.0 to 191.255.0.0

network host C

110 5 bits 8 bits 8 bits 8 bits 192.0.0.0 to 223.255.255.0

network host D

1110 4 bits 8 bits 8 bits 8 bits 240.0.0.0 to

247.255.255.255 multicast address


Address formatOctet1.Octet2.Octet3.Octet4/bits_in_network_numberbits_in_network_number = 1, 2, 3, … , 31 (unrestricted)

Examples Class A address — 10.0.1.5/8

8-bit network number = 10.0.0.0

Class C address — 192.168.0.37/24

24-bit network number = 192.168.0.0

General node address — 192.168.0.33/27

Network address = 192.168.0.32 Host number = 0 — 31Host addresses = 192.168.0.32 — 192.168.0.63

Internet Protocol version 4 (IPv4)Classless Inter‐Domain Routing (CIDR)

00001330168192

host27-bit network address001000000001010100011000000


Forming subnet mask1 in all bits of network number0 in all bits of host numberEncodes same information as number of bits in network number

ExampleGeneral node address — 192.168.0.33/27

27-bit network numberMask

11111111.11111111.11111111.11100000255.255.255.224

Using maskMask AND IP address = network number

Example255.255.255.224 AND 192.168.0.33 = 192.168.0.32

Internet Protocol version 4 (IPv4)Subnet mask


Internet Protocol version 4 (IPv4)Subnet example

subnet 0

194.30.5.1 194.30.5.2

194.30.5.33

194.30.5.35

194.30.5.34

subnet 1

194.30.5.3

194.30.5.65

194.30.5.66 194.30.5.67

subnet 2

194.30.5.99

194.30.5.97

194.30.5.98

subnet 3

194.30.5.129

194.30.5.130 194.30.5.131

subnet 4

194.30.5.32/27255.255.255.224

194.30.5.0/27255.255.255.224

194.30.5.64/27255.255.255.224

194.30.5.128/27255.255.255.224

Octet4 = 3-bit_subnet _number.5-bit_host_number


Internet Protocol version 4 (IPv4)Reserved addresses

Reserved240.0.0.0/4

Multicast (Class D)224.0.0.0/4

Private network192.168.0.0/16


Loopback (destination = this node)127.0.0.0/8


Current network (source address)0.0.0.0/8

DescriptionCIDR address block

Broadcast on CIDR networkIP address = octet1.octet2.octet3.octet4/nw_bits

Network number = MASK AND IP Broadcast = MASK' OR IP

MASK32 – nw_bitsnw_bits00...011...1

MASK'32 – nw_bitsnw_bits11...100...0


CIDR Routing Table

Router 0Default gatewayEdge router

Router 3194.30.5.128/27Router 3194.30.5.96/27

Router 1 Table

Router 0Other

Router 2194.30.5.64/27LAN194.30.5.32/27


Router 3194.30.5.64/27Router 3194.30.5.96/27Router 0Other

LAN194.30.5.128/27

Router 4 TableInterfaceDestination

subnet 0

194.30.5.1 194.30.5.2

194.30.5.33

194.30.5.35

194.30.5.34

subnet 1

194.30.5.3

194.30.5.65

194.30.5.66 194.30.5.67

subnet 2

194.30.5.99

194.30.5.97

194.30.5.98

subnet 3

194.30.5.129

194.30.5.130 194.30.5.131

subnet 4


Routing AlgorithmsApplication of graph theory

Model network as undirected graph G(N,E)Nodes N = switches / routersEdges E = one-hop links between nodesWeight = metric (cost, distance) > 0

Weighted average of path parametersPath length, queuing and transmission delay, cost, etc

Shortest path routing by standard algorithmsStatic routing

Apply Dijkstra algorithmLink State RoutingRequires knowledge of all weights

Dynamic routingSolve Bellman-Ford equation locallyNearest neighbor nodes exchange weight parametersDistance Vector Routing


Router GraphNodes

N = {u, v, w, x, y, z}

Weightsc(i,j) = link metric from i to j

Optimal pathPath from x to y with minimum cost dx(y) = metric of optimal path from x to y

11

2 5

2

1

3

2 3

v

u

x

w

y

z5

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u


Bellman‐Ford EquationPrinciple of optimality

Node v on optimal path from x to y ⇒ xv and vy = optimal paths

Corollary

Bellman-Ford equation

Basis for static and dynamic routing algorithms

( ) ( ) ( ){ }x vv

d y min c x,v d y= +

x yv

( ) ( ) ( ) ( ) ( )x v xxvy optimal d y c x,v d y c x,v d v⇒ = + ⇒ =


Dijkstra Algorithm

{ } ( ) ( ) ( )

( )

( ) ( )( )( )

( )( )

,,0,,u uv is a linkc u,v uv is a link

N' u D v p votherwiseotherwise

(N\N' )

find w N\N' with minimum D w

m

N\N') {

ove w f

r

L w c v,

om N

w

if L v {

D

to N'

for

v L

p

(

D

v w

v

D

}

}

⎧ ⎧= = =⎨ ⎨

∞ ⎩⎩≠ φ

∈

∈

= +

<

=

=

Initialize

While


Dijsktra ExampleSource u

N = {u, v, w, x, y, z}

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u

D(w) = 3D(y) = 2D(v) = 2D(x) = 1

Minimum D

{u, y, u, x, y}{2, 3, 1, 2, 4}{w, u, v, x, y}{z}{u, y, u, x, y}{2, 3, 1, 2, 4}{u, v, x, y}{w, z}{u, x, u, x, 0}{2, 4, 1, 2, ∞}{u, v, x}{w, y, z}

{u, x}{u}N'

{u, x, u, x, 0}{2, 4, 1, 2, ∞}{v, w, y, z}{u, u, u, 0, 0}{2, 5, 1, ∞, ∞}{v, w, x, y, z}p{v, w, x, y, z}D{v, w, x, y, z}N

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u


Distance Vector RoutingRouting table in each node

Index = known nodesEntry = metric to node

Information exchange Nodes pass routing tables to one-hop neighbors

Table entriesOne-hop node

Metric = measured cost parameters

Multi-hop nodesMetric = min{measured cost to neighbor + neighbor entry to node}

Bellman-Ford routingAssume route information from node v to node y is dv(y)At node x choose route to y via v where

( ) ( ) ( )x vv

d y min {c x,v d y }= +


DV Example — Exchange 1Initial tables

Exchange 1Node u gets routing information from v, x, w

1

1

2 5

2

1

3

2 3

5

v w

z

yx

usource

—2—5——z

2—5——z—11——y1—321x13—35w—23—2v—152—uyxwvudest

92142—

Metric

wxxxv—

Next hop

zyxwvu

—5—11——323—323—152xwv

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u


DV Example — Exchange 2After Exchange 1 at v, x, w

Exchange 2Node u gets routing information from v, x, w

42132—

Metric

xxxxv—

Next hop

zyxwvu

zyxwvu

3,y3,y8,w11,y3,x—2,y2,x2,y—3,w2,v3,v—1,u4,x2,vxwv

338113—222—323—142xwv

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u


Spanning TreeSpanning tree

Subgraph of G(N,E') ⊆ G(N,E)Includes every nodeUnique path from root node u to any nodeNo cycles (loops)

Dijkstra and DV routing Converge to spanning tree for simple graphs

Minimal spanning treeMinimal cost from root to any node

1

1

2 5

2

1

3

2 3

5

v w

z

yx

u


Distance Vector Metric Updates

Metric Hops to node u

Link uv recovers from failure

v w yxu

Routing Table Entries for Node u

4,x3,w2,v1,u3∞3,w2,v1,u2∞∞2,v1,u1∞∞∞1,u0 yxw v exchange

Good news travels fast


Distance Vector Metric Updates

Link uv fails

Circular table updates

Count to infinity Nmax hops Metric > Nmax ⇒ no linkInformation on failed link

propagates slowly

v w yxu

2 3 4

2 3 4

2+1=3

3+1=4 3 4

34 4+1=5 4

4+1=55+1=6 5 5+1=6

5

6,x5,w6,v5,w4

Routing Table Entries for Node u

4,x5,w4,v5,w34,x3,w4,v3,w24,x3,w2,v3,w14,x3,w2,v1,u0 yxw v exchange

Bad news travels slowly


Internet RoutingAutonomous System (AS)

Nodes managed by one organizationHierarchical routing

Interior Gateway Protocols (IGP) Routing protocols within one AS (Intra-AS)

Exterior Gateway Protocols (EGP)Routing protocols between ASs (Inter-AS)

Edge router (gateway router)Router within AS linked to router in different AS

AS‐1AS‐2Edge Routers

IGP IGPEGP

AS‐3

IGP


Internal Gateway Protocols (IGP)Intra-AS tasks

Optimize internal routingExchange routing tables with IGP nodesLink to primary gateway (edge router)

IGP protocolsRouting Information Protocol (RIP)

RFC 1058, RFC 2453

Open Shortest Path First (OSPF)RFC 2328

Interior Gateway Routing Protocol (IGRP)Cisco proprietary


Routing Information Protocol (RIP)Older protocol

Introduced in BSD-UNIX (1982)Distance Vector (DV) algorithmRouting information sent as data in UDP segments

DV advertisementsRouting information exchanged with 1-hop neighbor nodesExchanged every 30 secondsNo routing update in 180 seconds ⇒ node = unreachable

Metric = hopsTable entry = 1 hop to neighbor + neighbor table entryNmax = 15N > Nmax ⇒ node = unreachable


Open Shortest Path First (OSPF)Newer protocol (1998)

Link State algorithmIndependent network layer protocol (not data over UDP)

LS advertisements (LSAs)Start

Routing metrics exchanged among 1-hop neighbors

ContinueRouting tables synchronized among all routers in AS

Shortest Path First (SPF)Dijkstra algorithm among routers in ASSub-optimal next hop permitted for load balancing

MetricsHops, speed, delays, connections from destinationMultiple service-dependent metrics permitted


Hierarchical Open Shortest Path First (OSPF)Divide AS into hierarchy of areas

Routers in area perform OSPF among themselvesReduces overall routing information traffic

Area hierarchyEdge routerBackboneArea border routersInternal area routers

LS advertisements (LSAs)Internal routers + area border routers

Perform full OSPFOptimal routing within area

Area border routers + backboneExchange summary metrics Basic topology

Backbone + edge perform OSPF as an area

EdgeRouter

BackboneRouters

Area BorderRouters

InternalRouters

Backbone Area

Area‐1

Area‐2

Area‐3


Exterior Gateway Protocols (EGP)Inter-AS tasks

Exchange routing information among EGP nodesDetermine routes for inter-AS trafficManage economic, political, security considerationsAvoid global instabilities (routing cycles)

EGP protocolsExterior Gateway Protocol (EGP)

Obsolete RFC 827, RFC 904

Border Gateway Protocol (BGP) RFC 4271


Border Gateway Protocol (BGP)

eBGP Exchange routing information between AS edge routersDetermine routes for inter-AS traffic

iBGP Exchange routing information within ASDetermine preferred gateway for inter-AS traffic

OSPF (or other IGP) Exchange routing information within ASDetermine routes for intra-AS traffic

AS‐1AS‐2

iBGPOSPF

eBGP

AS‐3

iBGPOSPF

iBGPOSPF

Routing hierarchy



Stub network1 edge routerCannot carry transit traffic

All incoming / outgoing traffic has dest / src in AS

Multi-homed network More than 1 edge routerRefuses transit traffic

All incoming / outgoing traffic has dest / src in AS

Typically large corporate network or commercial ISPUnwilling to accept traffic burden

Transit network More than 1 edge routerAccepts transit trafficInternet backbone

AS classification

AS reachable viaOne hop linkTransit network

transit


Border Gateway Protocol (BGP)Routing information exchange

NLRI with network attributes

AS path

List of ASNs describing path to NLRI

Next‐Hop

IP address of next hop edge router

AS route

CIDR description of reachable Internet destination ASNetwork Layer Reachability Information (NLRI)

16‐bit number to identify ASAS number (ASN)

Persistent TCP session between two BGP peers

Used to exchange routing informationBGP session

Two BGP speakers exchanging routing informationBGP peersRouter supporting BGPBGP speaker



No routing cyclesRouter eliminates path that includes itself as transit network

Local preference attributeAdministrator policy sets preference value for pathsLower preference paths eliminated

Shortest AS path Path with least transit networksPaths with longer AS path eliminated

Closest Next-Hop routerPossibly multiple routes to next ASDetermine minimum cost link to router in next ASRoutes with higher cost route to next hop router eliminated

Path selection



Path from A to BA receives paths from peers

No loopsA eliminates path AvAuwB

No routing cycles

1u w

zyv

A x

B2

vAuwBv

xwBx

uwBu

PeerRecommends

Peer



Path from A to BA receives paths from peers

No loopsA eliminates path AvAuwB

Local administrator sets preferencesAS u preferred to AS x as transit networkExample — data security questionsA eliminates path AxwB

Local preference attribute

2

2

1

Local Preference

vAuwBv

xwBx

uwBu

PeerRecommends

Peer

1u w

zyv

A x

B2



Path from A to BA receives update from v


Shortest AS pathAvyzB longer than AuwBA eliminates AvyzB

Shortest AS path

2

2

1

Local Preference

vyzBv

xwBx

uwBu

PeerRecommends

Peer

1u w

zyv

A x

B2



Path from A to BA receives update from u


Shortest AS pathAvyzB longer than AuwBA eliminates AvyzB

Closest Next‐Hop router

2

2

1

Local Preference

vyzBv

xwBx

uwBu

PeerRecommends

Peer

1u w

zyv

A x

B2

w

1

2

Path 1 closer than path 2



Transit policyCommercial ISP A

Revenue from attached customersCustomers require forwarding

Transit trafficAdds load to ISP networkProduces no revenue

A does not advertiseConnection Ax to u or vConnection Av to u or xConnection Au to x or v

Refusing transit traffic

1u w

zyv

A x

B2


Broadcast / Multicast ServicesBroadcast

Forward datagrams to all nodesMulticast

Forward datagrams to group of nodesLocal broadcast / multicast

Among nodes attached to one router Server advertisements

DHCPDNSRouter services

Handled as layer 3 / layer 2 transactionsGlobal broadcast / multicast

Among multiple routersFile sharingContent distributionMedia streaming


Broadcast IssuesNode-level broadcast

Multiple unicast Requires list of all nodesNot practical

Uncontrolled flooding Each router forwards all packets to all routersBroadcast storm

Traffic multiplies exponentiallyNetwork paralyzed

Controlled flooding methodsTag packets

Transmit each packet one time

Time to Live (TTL) Delete packets after N_max hops

Broadcast only on spanning tree No cycles in graph

v w

z

yx

u

v w

z

yx

u


Spanning Tree BroadcastReverse Path Forwarding (RPF)

Only forward packet arriving on default node-to-source pathNode uses default routing table

Does not know full spanning tree

ExampleNode broadcast u arrives at node x

Arrives on u-xNode x forwards to y on x-y

Arrives on y-x, w-x, v-xNode x deletes

Center-based forwardingDesignated center nodeNodes send join messages to center node by conventional routingCenter node broadcasts to group members

v w

z

yx

u

Node x Routing Table

yzywv

uu


MulticastMulticast group

Subset of all routers / hosts receiving multicast datagrams

Multicast routerMaintains group membership information for multicast distribution

Multicast addressClass D address refers to multicast groupMulticast datagrams addressed to multicast addressMulticast routers distribute to group members

Internet Group Management Protocol (RFC 3376)Nodes report multicast group memberships to multicast routers

Protocol Independent Multicast (PIM)Dense mode — multicast routers closely distributed

RPF spanning tree construction

Sparse mode — multicast routers widely distributedCenter-based forwarding


Network Address Translation (NAT)Router

Receives IP datagram Exchanges IP source / destination address in headerForwards datagramMaintains list of translations

Autonomous systemsAllocate private network addresses internally

10.0.0.0 and 192.168.0.0

Only gateway and backbone devices require unique IP addressesLocal nodes on AS re-use private addresses

Example10.0.0.1

10.0.0.2

10.0.0.3109.65.228.42

209.85.229.147

138.76.29.7

10.0.0.1

10.0.0.2

10.0.0.3


Network Address Translation (NAT)

No translation required on traffic internal to ASLocal addresses = real IP addresses

Local node to external nodeOutgoing packet

Source endpoint = local IP address + application source port numberDest endpoint = remote IP address + well-known port number

Gateway router NAT Replaces

Local IP address with gateway IP address Local application source port with unique unused NAT port

Records mappingNAT source port → local IP address + source port number

Forwards packet

External node to local nodeGateway router replaces NAT port → local IP + app source port

Translation details


Host A HTTP request to Server SSource port = 1025 Source IP = 10.0.0.2Destination port = 80 Destination IP = 209.85.229.147

Outgoing NAT at Gateway router BSource port = 3745 Source IP = 109.65.228.42Destination port = 80 Destination IP = 209.85.229.147

Server S HTTP response to Host ASource port = 80 Source IP = 209.85.229.147Destination port = 3745 Destination IP = 109.65.228.42

Incoming NAT at Gateway router BSource port = 80 Source IP = 209.85.229.147Destination port = 1025 Destination IP = 10.0.0.2

Network Address Translation (NAT)Example

10.0.0.110.0.0.2

10.0.0.3109.65.228.42

209.85.229.147

138.76.29.7

10.0.0.1

10.0.0.2

10.0.0.3

Host AServer S

router B


ProblemHow to operate service behind NAT

SolutionsStatic router referral

Define service port on Server QRefer all incoming traffic at gateway for service port to Server Q

Relay serverServer Q connects to Server E with public address (no NAT)Host M requests service from Server Q via Server E Server Q replies via Server E

Universal Plug and Play (UPnP)Specialized protocols for NAT traversal

Network Address Translation (NAT)Traversal problem

10.0.0.110.0.0.2

10.0.0.3109.65.228.42

209.85.229.147

138.76.29.7

10.0.0.1

10.0.0.2

138.76.29.18

Host M

Server Q Server E


Assistive Protocols used with IP LayerDomain Name System (DNS)

Convert between node name and network address

Address Resolution Protocol (ARP)Convert between network and hardware addressesDiscover local subnet topology

Dynamic Host Configuration Protocol (DHCP)IP address allocation on request from DHCP server

Server typically in gateway router

Server allocates IP address from pool of available addressesDHCP message types

DHCP server discovery (host broadcast)DHCP offer (server response)DHCP request (host request)DHCP ACK (server provides address)


IP Configuration Examplec:\>ipconfig /allWindows IP Configuration

Host Name . . . . . . . . . . . . : ******Primary Dns Suffix . . . . . . . :Node Type . . . . . . . . . . . . : UnknownIP Routing Enabled. . . . . . . . : NoWINS Proxy Enabled. . . . . . . . : NoDNS Suffix Search List. . . . . . : ******

Ethernet adapter Local Area Connection:Connection-specific DNS Suffix . : ******Description . . . . . . . . . . . : ******Physical Address. . . . . . . . . : ******Dhcp Enabled. . . . . . . . . . . : NoIP Address. . . . . . . . . . . . : 10.0.0.5Subnet Mask . . . . . . . . . . . : 255.0.0.0Default Gateway . . . . . . . . . : 10.0.0.138DNS Servers . . . . . . . . . . . : 10.0.0.11

10.0.0.138c:\>arp -aInterface: 10.0.0.5 --- 0x2Internet Address Physical Address Type10.0.0.7 70-1a-04-95-a4-4f dynamic10.0.0.11 00-50-fc-b1-6f-ff dynamic10.0.0.138 5c-d9-98-06-26-36 dynamic


Internet Control Message Protocol (ICMP)Control protocol

Network management informationError reporting

Unreachable host / network / port / protocol

Echo request / replyPackets carried in IP datagrams

Packet structure

Rest of Header — message specificPadding — data field

Padding64

Rest of Header32

ChecksumCode

(subtype)Type0

24 – 3116 – 238 – 150 – 7Offset

Selected Message Types

bad IP header012TTL expired011

router discovery010

route advertisement

09

echo request08

dest host unknown

7

dest network unknown

6

dest port unreachable

3

dest protocol unreachable

2

dest host unreachable

1

dest network unreachable

0

3

echo reply00descriptionCodeType


PingClient application program

Client sends echo request packets to destination IP addressType = 8 Code = 0 16-bit ID number 16-bit sequence number

OS dependentLinux ping

Default = continuous packets with 56 padding bytes Windows ping.exe

Default = 5 packets with 32 padding bytes

Ping server (OS service)Responds to each echo request packet with echo rely packet

Type = 0 Code = 0 16-bit ID number 16-bit sequence number

Ping clientMeasures round trip time (RTT)Reports packet losses, RTTs and average RTT

UDP pingUses UDP instead of ICMP


Ping Examplec:\>ping www.hadassah.ac.il

Pinging hathi.hadassah.ac.il [212.179.79.228] with 32 bytes of data:

Reply from 212.179.79.228: bytes=32 time=32ms TTL=119Reply from 212.179.79.228: bytes=32 time=70ms TTL=119Reply from 212.179.79.228: bytes=32 time=135ms TTL=119Reply from 212.179.79.228: bytes=32 time=83ms TTL=119

Ping statistics for 212.179.79.228:Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:Minimum = 32ms, Maximum = 135ms, Average = 80ms


Traceroute Client application program

Multiple echo request packets to destination IP addressFirst packet TTL = 1Each subsequent packet has TTL++

OS dependentLinux traceroute / tracepath

UDP to unlikely port number (port typically not defined)Windows tracert.exe

ICMP echo request packets

Intermediate routersif (--TTL == 0){delete ; ICMP type 11 to client}

ICMP packet carries router name + IP address

ICMP sequence = list of intermediate routers (hops = 1, 2, … )Destination node

UDP segment — ICMP port undefined (type 3 code 3) message ICMP packet — ICMP echo reply message


Traceroute Examplec:\>tracert www.hadassah.ac.il

Tracing route to hathi.hadassah.ac.il [212.179.79.228]over a maximum of 30 hops:

1 2 ms 1 ms 2 ms 10.0.0.1382 18 ms 19 ms 17 ms bzq-179-37-1.static.bezeqint.net [212.179.37.1]3 18 ms 17 ms 17 ms bzq-179-48-201.static.bezeqint.net [212.179.48.201]4 17 ms 17 ms 17 ms bzq-179-80-241.static.bezeqint.net [212.179.80.241]5 17 ms 18 ms 17 ms bzq-179-124-201.static.bezeqint.net [212.179.124.201]6 17 ms 17 ms 17 ms bzq-179-124-138.static.bezeqint.net [212.179.124.138]7 19 ms 18 ms 18 ms bzq-179-59-1.static.bezeqint.net [212.179.59.1]8 32 ms 36 ms 41 ms 10.20.110.189 105 ms 84 ms 71 ms bzq-179-79-228.static.bezeqint.net [212.179.79.228]

10 73 ms 88 ms 150 ms bzq-179-79-228.static.bezeqint.net [212.179.79.228]

Trace complete.

c:\>


IPv6 (RFC 2460)Motivation

IPv6 address = 128 bits (16 octets)Service-specific fields

Quality of ServiceMulticasting SecurityMobility

HeaderFixed 40-byte header

10 × 4 bytes

Optional header fieldsService-specific

Next Header fieldIdentifies optional header or protocol of carried data

Header daisy chainEach optional IPv6 header contains Next Header field

Data

Optional Headers

4 octets

Destination address (4 × 4 octets)

Source address (4 × 4 octets)

Hop limitNext headerPayload lengthFlow labelTraffic classVersion


IPv4 To IPv6 Transition IPv4 routers

Replaced graduallyWork with IPv6 routers

IP tunnelingEncapsulate IPv6 datagram as data in IPv4 datagram

IPv6Router A

IPv6Router B

IPv4Router C

IPv6RouterD

IPv6Router E

tunnel

Data IPv6

HeaderA to E

IPv4 HeaderB to D

Data IPv6

HeaderA to E

Data IPv6

HeaderA to E

1Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015

Infrastructure

Layers


Infrastructure

Change in point of viewInternet standards do not discuss Data Link + Physical LayersHardware developers define standards

Not Internet Aware

Internet Aware

Internet Layer Model

Data Link Layer — hardware managementPhysical Layer — hardware

Infrastructure

End-to-end IP routing + forwardingNetwork

Local + remote portsService requirements

Transport

Internet application Expects Internet services from OS

Application

Internet perspective


Infrastructure layersBottom-up design

Physical layer (PHY)Defines physical transmission of bitsExploits a physical technology

Data Link layer (DL) defines management of Physical LayerHow to make physical technology do what we want

Infrastructure managementDelivering data messages — 10% of effortMaking hardware work correctly — 90% of effort

OAM = Operations+Administration+MaintenanceApplication assumes infrastructure "just works""Just works" ⇒

Reliability, availability, stability, serviceability, growth

InfrastructureEngineering perspective

physical bits


Enormous investment in existing equipmentGlobal network of hardware nodes + transmission lines

Developed to provide many servicesInternet (IP-based unreliable connectionless) just one service

Most developed before Internet Telegraph — 1794Telephone — 1876Teletype modem — 1943Digital telephone — 1962Internet opened to public — 1992

Hardware updates Replacement of manufactured hardwareSlower than software updatesMore expensive than software updates

InfrastructureEconomic perspective


Data Link FunctionsSimilar to transport layer functions

FramingAssemble network PDUs into hardware packetsAttach header + trailer for Data Link and Physical layers

Medium access + flow control + congestion control When / how transmitter sends data onto linkTransmitter avoids overflow of receiver bufferTransmitters avoid interfering with other transmitters

Error controlDetect / correct transmission bit errors

Local addressingConvert network addresses to hardware local addresses

Transport Reliability

Data LinkReliability

Data LinkReliability


Data Link SublayersLogical Link Control (LLC) sublayer

Multiplexing of data sources / destinationsPacket type identificationError correctionFlow control

Medium Access (MAC) sublayerNetwork topologyMedium access management

Sharing medium among nodesPermission to transmit

Data frame structureHardware (MAC) addressingError detection

1

2MAC

Sublayer

Physical Layer

Data Link Layer

LLC Sublayer


Interface to Data Link LayerInfrastructure layers

Typically implemented in hardware PHY — physical circuits for transmitter / link / receiverDL — embedded program in firmware (ROM) + controller

Host nodeNetwork interface Card (NIC)

Connection port to medium (link)ControllerTransceiver

Switching nodeSwitching fabricController + multiple transceivers + connection ports to medium (link)

DL layer interfaceInterface to OS level hardware driverNetwork PDU ↔ OS driver ↔ NIC / switch controller ↔ transceiver


FramingData frame format

Data link protocol managementHeader / Trailer format

Similar to headers at network and transport layersAddressing, error control, flow control, …

Physical layer hardware managementTransmission parameters

Bit rate, Baud rate, modulation method, …Transmitter / receiver synchronization

Clock training bits1010101010 … allows receiver clock to sync

Frame markingStart / Stop Fields Start field / byte countLose sync ⇒ drop frame + wait for new Start Field

TrailerDataHeader


Frame Marking MethodsSTX / ETX

ASCII control codes

DLE in data streamByte stuffingTransmitter sends DLE as DLE DLEReceiver removes extra DLE

0x10Data Link EscapeDLE

0x03End of TextETX

0x02Start of TextSTX

DLE ETXRest of TrailerData Rest of HeaderDLE STX


Frame Marking MethodsFlags

Start = Stop = 01111110 = 0x7E

7E in data streamByte / bit stuffingByte stuffing

Send 7E as 7E 7E — receiver removes extra 7E

Bit stuffingSend 11111 as 111110 — receiver removes extra 0

01111110Rest of TrailerData Rest of Header01111110


Error ControlCheck sequence

Transmitter Calculates hash of data Includes sequence in transmitted header / trailer

Receiver Calculates hash of data Compares received sequence with calculated sequence


Error ControlParity (even parity)

Parity bit = XOR of data bits Data + parity = even number of 1 bits

Cyclic Redundancy Code (CRC)D = Data fieldG = Generator

Predetermined pattern of r+1 bits

R = Remainder of (D × 2r) / G (modulo 2 division) = CRC fieldGenerally (D × 2r + R) / G = 0

R = (D × 2r) / GD = data


Modulo 2 Polynomial ArithmeticRepresent data bits as coefficients of polynomial

Arithmetic modulo 2 in each order (XOR)

Polynomial addition = subtraction

Polynomial multiplication / divisionMultiply / divide as usualModulo 2 arithmetic in each orderExamples

( )1 2 0

1 2 01 2 0

...

...n n

n nn n

D a a a

D x a x a x a x− −

− −− −

=

= × + × + ×

( ) ( ) ( )( ) ( )

1 0 1 01 0 1 0

1 01 1 0 0

... ...

...

n nn n

nn n

A x B x a x a x b x b x

a b x a b x

− −− −

−− −

± = × + + × ± × + + ×

= ⊕ × + + ⊕ ×

0 0 1 1 0 0 1 1 0 1+ = + = + = + =

( )( ) ( )

( ) ( )

3 2 5 3 3 5 3 5

5 2 3

1 1 1

1

x x x x x x x x x x x x

x x x x x

+ + = + + + = + + + = +

+ ÷ + = +


Modulo 2 Long Division

5

2

2 5

3

5 3

3

3

1

1

0

x xx

x x xx

x x

x xx

x

x

++

++

++

++


Cyclic Redundancy Code (CRC)Why it works

Data

Shift left D r bits ⇒ D → D × 2r

Divide by G ⇒ D × 2r → D × 2r / G = Q + R / GQuotient QRemainder R

Transmit T = D × 2r + R

Receiver calculates T / GT / G = D × 2r / G + R / G = (Q + R / G) + R / G = Q + (R + R) / G

= Q + 0 / G = Q

D = data

0 … 0D = data

RD = data


CRC ExampleData stream

D = 1101011011Generator

G = 10011

Remainder R = 1110

TransmitT = 1101011011 1110

CRC check at receiver

1 1 0 0 0 0 1 0 1 0 1 0 0 1 1 1 1 0 1 0 1 1 0 1 1 0 0 0 0 1 0 0 1 1 1 0 0 1 1 1 0 0 1 1 0 1 0 1 1 0 1 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 1 1 1 1 0

1 1 0 0 0 0 1 0 1 0 1 0 0 1 1 1 1 0 1 0 1 1 0 1 1 1 1 1 0 1 0 0 1 1 1 0 0 1 1 1 0 0 1 1 0 1 0 1 1 1 1 0 0 1 1 0 0 1 0 0 1 1 1 0 0 1 1 Zero remainder ⇒ no error 0 0


CRC Standards

12 11 3 2 1

16 15 2

16 15 5

32 26 23 22 16 12 11 10 8 7 5 4 2

( ) 1

( ) 1

( ) 1

( ) 1

CRC‐12

CRC‐16

CRC‐CCITT

CRC‐32

G x x x x x x

G x x x x

G x x x x

G x x x x x x x x x x x x x x x

= + + + + +

= + + +

= + + +

= + + + + + + + + + + + + + +


Flow ControlGo Back N (GBN)

Transmit N frames Wait for ACKPiggybacking — transmit ACK signals in data frame

Sliding WindowN-bit SEQ numberWindow size — number of unACKed frames before stoppingSource window

SEQ numbers of unACKed framesFrames buffered at transmitter until ACKed

Destination windowSEQ numbers of frames to be acceptedFrames passed to network layer in SEQ order

Out-of-order frames bufferedFrames too far ahead of window rejected

Timeout — retransmit if no ACK after fixed time


High‐Level Data Link Control (HDLC)Family of data link protocols

Based on IBM SDLC Layer 2 protocol in mainframe SNA Originally for communication between CPUs and peripherals

Link Access Protocol (LAP)Versions of HDLC used in public network architectures

SLIP, PPPInternet point‐to‐point

IEEE 802.2Ethernet Logical Link Control (LLC)

LAPDISDN

LAPFFrame Relay

LAPBX.25


High‐Level Data Link Control (HDLC)Data link attributes in HDLC

Information, Supervisory, UnnumberedFrame types

3‐bit SEQ numberFlow control

16‐bit CRC‐CCITT or 32‐bit CRC‐32Error control

hardware level addressing possibleAddressing

0x7E flag with byte / bit stuffingFraming


HDLC Frame StructureGeneral HDLC frame

Address8 bit address ⇒ 256 hardware addresses

Control fieldSpecifies frame type / control

01111110 Address Control data CRC 01111110

8 8 8 ≥ 0 16 / 32 8

7 6 5 4 3 2 1 0

Information (data) 0 SEQ N(S) p/f NEXT N(R)

7 6 5 4 3 2 1 0

Supervisory (flow control) 1 0 type p/f NEXT N(R)

7 6 5 4 3 2 1 0

Unnumbered (management / connectionless) 1 1 type p/f subtype


HDLC Control FieldsFlow control

SEQ — sequence number of data frameNEXT — next expected SEQ (ACK all previous frames)

Type00 — ACK + Receiver Ready (RR)01 — Reject (REJ): retransmit all frames from N(R) 10 — Receiver Not Ready (RNR): ACK N(R) but stop sending11 — Selective Reject (SREJ): retransmit N(R)

7 6 5 4 3 2 1 0


7 6 5 4 3 2 1 0


7 6 5 4 3 2 1 0



HDLC PollingPolling

Primary host initiates communicationSecondary host responds

Poll / Final (p/f) bitInvitation — primary to secondary with p = 1Response

Secondary sends I-frames to primary with f = 0Secondary sets f = 1 on last response frame

7 6 5 4 3 2 1 0


7 6 5 4 3 2 1 0


7 6 5 4 3 2 1 0



HDLC Internet Dial‐Up ProtocolsSerial Line Internet Protocol (SLIP)

RFC 1055

Point-to-Point Protocol (PPP)Layer 2 protocol used between

Internet routersHost and Internet service provider (ISP)

Address = 11111111 = broadcastHDLC control = 11000000 = Unnumbered (connectionless data)Protocol

Protocol in data fieldNetwork protocol or link negotiation protocol (upper layer 2 sublayer)

0xC0IP datagram with byte stuffing (C0 → DB DC, DB→ DB DB)0xC0

01111110 11111111 11000000 Protocol Data CRC 01111110 8 8 8 8 or 16 ≥ 0 16 / 32 8


PPP Protocol OptionsStandard network protocols

IP, IPX, AppleTalk, …Datagram in data field

Control ProtocolsLink Control Protocol (LCP)

PPP optionsHeader compression (remove control / address fields)Size of protocol / CRC fields and data

Test Terminate

Network Control Protocol (NCP)Network layer options

ProtocolAddressHeader compression (encode header fields)

Authentication (ISP user / password exchange)

01111110 11111111 11000000 Protocol Data CRC 01111110 8 8 8 8 or 16 ≥ 0 16 / 32 8


Shared Medium NetworksPhysical layer

Multiple nodes transmit on single mediumTime divisionFrequency divisionCode division

Shared physical medium ⇒ local area network (LAN)

Data link layerMedium access (MAC) sublayer

Allocates medium capacity among nodesError detectionNetwork topology

Logical link control (LLC) sublayerFrame typesFlow controlError correctionProtocol negotiation

1

2MAC

Sublayer

Physical Layer

Data Link Layer

LLC Sublayer


Medium Access SharingTime division

Each host granted full bandwidth in allocated time slotTime slot allocated statistically or deterministically

ExamplesDeterministic — telephone switchingStatistical — Ethernet, WiFi, …

Frequency divisionEach host granted partial bandwidth in all time slotsExamples

Commercial radio / TVBluetooth

Code divisionEach host granted full bandwidth in all time slotsEach host transmits using different coding schemeExample

Cellular CDMA


Common Shared Medium Networks

ITU 2G / 3G cellular network

Wireless code‐division accessCDMA / CDMA2000

ITU 2G / 3G cellular network

Wireless time/frequency‐division accessGSM / UTMS

IEEE 802.16 metropolitan area network

Wireless time/frequency‐division accessWiMAX

IEEE 802.15 personal area network

Wireless frequency‐division accessBluetooth

IEEE 802.11 local area network

Wireless time‐division access

IEEE 802.3 local area network

Wired time‐division access

WiFi

Ethernet


What are IEEE 802 and ITU?Institute of Electrical and Electronics Engineers (IEEE)

Professional organization Coordinates technical standards for electronic equipment

IEEE 802 CommitteeStandards committee for Data Link and Physical LayerOEMs (original equipment manufacturers)

Develop hardware / software systems at infrastructure layersRequest standardization (recognition) from 802 committee

Other 802 standards802.1 — bridging (interconnecting different 802 LANs)802.2 — LLC sublayer for 802 LANs802.4 — Token Bus (LAN for manufacturing environments)802.5 — Token Ring (ring topology LAN)

International Telecommunication Union (ITU)UN standards committee Sets telephone and (non-Internet) WAN standards


Time Division Medium Access Deterministic

PollingPrimary node initiates session (sends data to secondary)Secondary node responds (sends data to primary)Optional mode in WiFi

Token passingToken message passes from host to hostHost with token may transmit Token Ring, Token Bus, FDDI

Statistical Aloha

Hosts transmit at random / hope to avoid collisions

Carrier senseHosts listen for other transmissions / try to avoid collisions

ArbitrationDeterministic procedure chooses among random group of hosts

token

1 2


ALOHAnetBackground

First wireless packet data network (1971)Low data volume Connected University of Hawaii campuses (separate islands)

Protocol Host transmits when readyTwo frames overlap in time

Collision ⇒ both frames corruptedRetransmit after random wait

time

Node1234

t1 t2 t3 t4

collisions


Utilization and Throughput

0

1time (seconds) to transmit 1 packet

maximum packets/second on medium =

actual packets/second transmitted by hosts

probability success (packet trans

R

GR

P

τ =

=τ

λ =

λ= = λτ

=

Capacity

Traffic

Utilization

Collisions

0

00

'

'

mitted without collision)

uncorrupted packets/secondP

PS GPR R

λ = λ =

λλ= = =

At receiver

Throughput


ALOHA ThroughputSuccess = no collisions

Previous packet starts at t2 < t3 – τNext packet starts at t4 > t3 + τInterval of no transmissions = t4 – t2 > 2τ

Packets obey Poisson statistics

time

Node1234

t1 t2 t3 t4

collisions

( ) ( ) ( )02 2 2

0

2! 0!

packets in secondsk

T GTP k T e P e e e

k−λ − τλ − τλ −λ τλ

= ⇒ = = =

S

G0.5

0.1842GS Ge−=


Slotted ALOHA Central clock

Synchronize packet transmissionsTransmit new packet constructed between tk and tk + τ

CollisionTwo nodes construct packets in same interval

Probability of success (of my packet)No other packets constructed during interval τ

( )0

0 0! G GP e e e S Ge−τλ −τλ − −τλ

= = = ⇒ =

S

G1.0

0.368


Carrier SenseCarrier Sense Multiple Access (CSMA)

Nodes listen for transmissions before transmittingNo transmission — node can transmitTransmission — node waits until end of transmission

Collision Multiple nodes transmit "at same time""Same time"

|t1 – t2| < Tpropagation

Collision Detection (CD)Nodes listen for collision

Corrupted data

On collisionAll nodes stop transmittingNodes jam transmissionNodes waits random backoff before retransmitting

Tpropagation

t1

t2


CSMA/CD Throughput

Tanenbaum, Fig. 4‐4

Persistent CSMANo carrier detected ⇒ node with data transmits

q-persistenceNode transmits with probability 0 < q < 1q < 1 ⇒ fewer collisions but longer latency


Arbitration Deterministic medium access

Random group of nodes request accessOne node chosen by deterministic algorithm No collisionsEfficient throughput

Used within computer Peripheral Component Interconnect (PCI)

Multiple CPUs and peripherals compete for access to memoryPCI bridge allocates memory access efficiently

Intel Multibus IIMultiple nodes request bus access using pseudo-randomized IDHighest ID proceeds

Binary countdown switchMultiple hosts begin transmitting onto bus

Bus output = logical OR of all inputs

Host sends 0 but sees 1 on bus ⇒ host stops


Ethernet Family of wired LAN systems

Defined at physical and data link layers Dominant / generic LAN technology

BackgroundDeveloped 1974 at Xerox PARCCommercialized by Xerox / Intel / Digital in 1980Standardized as IEEE 802.3 in 1982

10 Mb/s baseband transmissionBus topology — single coaxial cable < 2.5 kmCSMA/CD

Shared bus topology → CSMALong propagation delay on coaxial cable → CD

DevelopmentsBit rates: 10 Mbps → 100 Mbps → 1 Gbps → 10 Gbps → 100 Gbps Media: coaxial cable → hub (virtual bus on star) → switch

Ethernet switch — non-blocking N × N switch with no collisions


Ethernet Topologies

Distributed CSMA/CD1980 – 1990 Original Ethernet design at 10 Mbps

Shared physical busCoaxial cable < 2.5 km

Coaxial cable

Tpropagation

t1

t2

( ) ( )

‐65

‐6

2.5 kmEnd‐to‐end propagation delay 8 10 sec

3 10 km/sec

Bits transmitted before carrier detect 10 Mb/s 8 10 sec 80 bits

= = ××

= × × =


Ethernet Topologies

Centralized CSMA/CD1990 – presentFast Ethernet100 Mbps

Logical bus on physical starCentral hubMultiple cables < 100 mEach station (STA = node) receives logical OR of all inputsMultiple frames ⇒ collision

Passive hub

( ) ( )

‐78

‐7

200 mEnd‐to‐end propagation delay 7 10 sec

3 10 m/sec

Bits transmitted before carrier detect 100 Mb/s 7 10 sec 70 bits

= ≈ ××

= × × =


Ethernet Topologies

Ethernet switch1995 – presentPhysical star100 Mbps → 1 Gbps → 10 Gbps → 100 GbpsFast N × N non-blocking switch

Hub learns MAC addresses at each switch portEach frame directed to port by destination address in frameLarge output buffer at each port

All stations can send at same timeNo collisions

Active hub


802.3 Ethernet Standards

1 Gb/s full duplex on 2 optical fibers

1000 Base SX1000 Base LX1000 Base BX1000 Base ZX

1 Gb/s full duplex on 2 twisted pairs1000 Base TX

100 Mb/s full duplex on 2 twisted pairs100 Base TX

100 Mb/s on 1 twisted pair100 Base T

100 Mb/s full duplex on optical fibers

100 Base FX100 Base SX100 Base BX100 Base LX

10 Mb/s on 1 twisted pair10 Base T

10 Mb/s on thin coaxial cable10 Base 2

10 Mb/s on thick coaxial cable10 Base 5


Ethernet Frame

4 bytes46 – 1500 bytes2 bytes6 bytes6 bytes1 byte7 bytes

CRCDataType or Length

Src Address

Dest Address

StartPreamble

IP = 0x0800

AppleTalk = 0x809B

ARP = 0x0806

Length of data field (<1500)Length

CRC‐32CRC

Code identifying protocol in data field

Used in most Ethernet systems

Type codes > 1536 =0x600

Type

Hardware (MAC) address of node

48‐bit MAC addresses assigned by OEM and fixed in hardware

Broadcast address FF:FF:FF:FF:FF:FF (frame read by all STAs)

Address

10101011Start

7 bytes of 10101010 for sync of receiversPreamble


IEEE 802.2LLC sublayer for 802.3 Ethernet

Based on HDLCPermits connection oriented services at data link layer

802.2 I/S DSAP SSAP control data + pad

1 byte 1 byte 2 bytes 42 ‐ 1496 bytes

802.2 U DSAP SSAP control data + pad

1 byte 1 byte 1 bytes 43 ‐ 1497 bytes

Frame type + SEQ + ACK (I / S frames)

Frame type (U frame)Control

Source service access point (protocol / service at source)SSAP

Destination service access point (protocol / service at destination)DSAP


Segmentation Ethernet bridge

2-port switchConnects 2 Ethernet segmentsReduces traffic in each segment

Initialization — promiscuous modeBridge passes every Ethernet frame

Listens as destination STARepeats Ethernet frame as source STA

Bridge learns network topologyBuilds table of source MAC addressesForwards only inter-segment frames

Ethernet LAN #1

Ethernet LAN #2

Bridge


Relationship of Protocol LayersTypical network

Application Application 16‐bit

TCP Port

16‐bit TCP Port

32‐bit IP Address

32‐bit

IP Address 32‐bit

IP Address

32‐bit IP Address

32‐bit IP Address

32‐bit

IP Address 48‐bit

Ethernet Address

48‐bit

Ethernet Address

PPP PPP 48‐bit

Ethernet Address

48‐bit

Ethernet Address

Ethernet (PHY)

Ethernet (PHY)

PHY PHY Ethernet (PHY)

Ethernet (PHY)

Host Router Router Host

Locate router by IP address(uses default gateway)

Send to router by MAC addressEthernet always uses source / destination Ethernet addresses — not IP addresses

How does host find MAC address for router?

Point‐to‐point Locate host by IP addressSend to host by MAC address


Address Resolution Protocol (ARP)Look-up MAC address by IP address (RFC 826)

Q: Who has IP = a.b.c.d ? (MAC layer broadcast)A: I am IP = a.b.c.d with MAC = u:v:w:x:y:z STAs store mappings in arp tableWindows / Linux arp –a prints arp table

ARP packet fields

Target protocol addressTPA

Target hardware address (ignored in requests)THA

Sender protocol addressSPA

Sender hardware addressSHA

1= request / 2 = replyOperation

Protocol length — length in octets of network addressPLEN

Hardware length — length in octets of MAC addressHLEN

Protocol type — network protocolPTYPE

Hardware type —MAC protocolHTYPE


Example

STA‐1IP 207.2.45.7MAC 00:cd:ef:34:54:ab

Router‐AIP 207.2.45.1MAC ab:65:46:ad:98:fe

Router‐BIP 98.57.36.1MAC ab:65:46:54:23:12

STA‐2IP 98.57.36.32MAC 00:de:87:34:e5:b3

3

2

1

CRCTCP segmentSRC: 207.2.45.7

DST: 98.75.36.32

SRC: ab:65:46:54:23:12

DST: 00:de:87:34:e5:b3


DST: 98.75.36.32PPP

MAC Trailer

IP dataIP HeaderMAC Header


DST: 98.75.36.32

SRC: 00:cd:ef:34:54:ab

DST: ab:65:46:ad:98:fe

Frames between STA‐1 and STA‐2

1

2

3


Advanced Switch / Router Interactions

Switch organizes STAs into LANIntra-LAN traffic

STAs use IP addresses as names for TCP/IP applicationsSTAs use ARP to translate IP to MAC addressSTAs send frames on LAN by MAC addressPackets contain MAC and IP address of local destination

Router organizes LAN into Internet ASInter-LAN traffic

STAs use IP addresses as names for TCP/IP applicationsLocal MAC addresses not available for remote STAs

STAs send frames via routerPackets contain

MAC address of router IP address of remote destination

Standard model



Standard subnetsubnet-1 and subnet-2 are LAN broadcast domains

Virtual LAN (VLAN)LAN switch configured to partition nodes into subnetsNo router needed for subnetting

Router Network

Subnet Subnet

Programmable Switch

Virtual LAN



Virtual Private Network (VPN)Private network implemented on public infrastructureAccess to private networks restricted by IPPossible encryption of data over public infrastructure

Internet

Private Network Private Network

Access Restricted by IP

Virtual Private Network



Standard IP model

Layer 3 switchingSwitched data link among routers

Connection-oriented virtual circuit networkFrame Relay, ATM, label switching, …

Traffic crosses router network at layer 2Saves time of layer 3 processingDatagram read / write, routing, TTLUsed for media streaming

Layer 3 Switching

Application TCP IP DL PHY

IP DL PHY


IP DL PHY

IP DL PHY

IP DL PHY


DL PHY


DL PHY

DL PHY

DL PHY



Multiprotocol Label Switching (MPLS)

Header fieldsOne or more headers per frame — "stack" of labels

Connection-orientedSet (reserve) router path before data traffic beginsLabel Distribution Protocol (LDP)RSVP-TE — extension of Resource Reservation Protocol (RSVP)

MPLS-aware routersForward frames on preset route by label ID

Label switching

Data MAC trailerTCP HeaderIP HeaderMPLSMAC Header

8‐bit time to live fieldTTL1‐bit — if set, current label is last of "stack" of labels for frameStack flag3‐bit QoS (quality of service) fieldTraffic Class20‐bit IDLabel


Tunneling in the OSI Model

NetworkLayer

(translation)

Data LinkLayer

(translation)

PhysicalLayer

(translation)

ApplicationLayer

PresentationLayer

SessionLayer

TransportLayer

NetworkLayer

Data LinkLayer

PhysicalLayer

Local PhysicalProtocol

ApplicationLayer

PresentationLayer

SessionLayer

TransportLayer

NetworkLayer

Data LinkLayer

End-to-End Application Protocol

End-to-End Presentation Protocol

End-to-End Session Protocol

End-to-End Transport Protocol

Local NetworkProtocol

Local Data LinkProtocol


End User Intermediate System

SessionLayer

TransportLayer

NetworkLayer

Data LinkLayer

SessionLayer

TransportLayer

NetworkLayer

Data LinkLayer

Local SessionProtocol

Local TransportProtocol



Host / Server

PhysicalLayer



PhysicalLayer

(translation)

Proxy / Gateway

SessionLayer

TransportLayer

NetworkLayer

Data LinkLayer


Local SessionProtocol

Local TransportProtocol




Small Office / Home Office (SOHO)LAN (Local Area Network) to WAN (Wide Area Network)

Ethernet

WiFi

ADSL

WiFi Access PointEthernet Switch

IP RouterADSL Modem

Cable‐based transmission protocol defined at PHY layerG.992.5ADSL

802.11

802.3

Wireless LAN protocol defined at DATA LINK and PHY layersWiFi

Cable‐based LAN protocol defined at DATA LINK and PHY layersEthernet

Internet


Laptop Browser to Web Server — Simplified View

Access

IP

ADSL

WiFi Router

WiFi

IP

ADSL

Access

IP

ServerInternetLaptop

PHYPHY

Data LinkData LinkWiFi

IPIPIP

TCPTCP

HTTPHTTP


ADSL — Asymmetric Digital Subscriber LineHigh speed transmission on standard voice line

POTS — plain old telephone service24 Mbps downstream3.3 Mbps upstream

Ref: JDSU, ADSL Technology, JDS Uniphase Corporation, 2005


ADSL Access Network

Ref: Vodaphone, Wholesale Layer2 DSL (W‐DSL‐L2I), VTCW011 ‐ I 03/13


Typical Bezeq ATU‐R

ADSL

33 MbpsIP

Routing802.3

Ethernet802.11WiFi


Fast Internet Access

usermanagement

and IP datagramforwarding

IP datagramforwarding

Bezeq ISP

Internet routing

ADSL modem onpoint-to-point

channel

Server

IPnetwork

telephonenetwork

Client

switchedATM

network


Fast Internet Protocols — Typical Campus CasePPP

Point to Point Protocol

Logon + connection management

PPPoE

PPP over Ethernet

Virtual point‐to‐point connection over shared LAN

Client opens private session with ISP

Client

Ethernet

802.3

PPPoE

PPP

IP

TCP

App

Router

802.3

PPPoE

PPP


Fast Internet Protocols — Typical Campus CaseATM

Asynchronous Transfer Mode

Data Link protocol for broadband telephone services

Permits real time QoS

MPOA + AAL5

Adaptation protocols for ATM

ADSL

Physical bit transmission

Client

Ethernet

802.3

PPPoE

PPP

IP

TCP

App

802.3

ADSL

ATM

AAL5

MPOA

PPPoE

Router

802.3

PPPoE

PPP

802.3

ADSL

ATM

AAL5

MPOA

PPPoE

Bezeq


Fast Internet Protocols — Typical Campus Case

Connection to ISP

Client runs Network Control Protocol (NCP) over PPP

CHAP (challenge handshake authentication protocol) —User Name + Password

ISP authorizes user and engages IP forwarding

Client

Ethernet

802.3

PPPoE

PPP

IP

TCP

App

802.3

ADSL

ATM

AAL5

MPOA

PPPoE

Router

802.3

PPPoE

PPP

802.3802.3

PHY

PPPoE

ADSL

ATM

AAL5

MPOA

PPPoE

Bezeq

802.3

PHY

PPPoE

PPP

ISP

Connection to ISP


Fast Internet Protocols — Typical Campus Case

IP forwarding

ISP forwards IP datagrams to server via Internet backbone

Client

Ethernet

802.3

PPPoE

PPP

IP

TCP

App

802.3

ADSL

ATM

AAL5

MPOA

PPPoE

Router

802.3

PPPoE

PPP

802.3802.3

PHY

PPPoE

ADSL

ATM

AAL5

MPOA

PPPoE

Bezeq

802.3

PHY

PPP

IP

PHY

PPPoE

PPP

ISP

PHY

Server

PPP

IP

TCP

App

Connection to ISP

IP Routing


Fast Internet Protocols — Typical SOHO Case

Router/modem initiates connection to ISP

Runs NCP over PPP over PPPoE over Ethernet

Router provides always‐on Internet access over WiFi + Ethernet

Client

WiFi

802.11

IP

TCP

App

802.3

ADSL

ATM

AAL5

MPOA

PPPoE

PPP

Router

WiFi

802.3802.3

PHY

PPPoE

ADSL

ATM

AAL5

MPOA

PPPoE

Bezeq

802.3

PHY

PPP

IP

PHY

PPPoE

PPP

ISP

PHY

Server

PPP

IP

TCP

App

Connection to ISP

IP Routing

1Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015

Network

Security

and

Management


Network SecurityConfidentiality

Sender encrypts messageReceiver decrypts messageOnly sender + receiver understand contents

AuthenticationSender confirms identity to receiver

Message integrityMessage not changed between sender and receiver

Service availabilityPrevent Denial of Service (DoS) attacks


Friends and EnemiesBob + Alice

Legitimate system usersCommunicate securely

Mallory + Trudy IntrudersIntercept / delete / add / change messages

securesender

securereceiver

channel

data + control messages

data data

Alice Bob

Mallory / Trudy

Philology of cryptologyAlice — party ABob — party BMallory —maliciousTrudy — intruder


Malicious Network ActivityEavesdrop

Intercept legitimate messages for unauthorized reading

Message injectionInsertion of unauthorized messages into legitimate channel

ImpersonationFake (spoof) source address in packet

HijackingReplacing legitimate sender or receiver in existing connection

Denial of Service (DoS)Prevent access to service Overloading server resourcesReplacing legitimate server software / content


CryptographyPlaintext

Original message m Ciphertext

Message m encrypted with key KA

Ciphertext C = KA(m)Decipher

Recover plaintext by decryption with key KB

Plaintext m = KB(C) = KB(KA(m))

KA KB

encryptionalgorithm

ciphertextC = KA(m)

plaintextm

plaintextm = KB(C)

Alice Bob

Mallory / Trudy

decryption algorithm


Symmetric Key CryptographyOne secret key K

Encryption C = K(m)Decryption m = K(C) = K(K(m))Alice + Bob share secret key KTypical algorithm

Ciphertext = m ⊕ KCiphertext ⊕ K = (m ⊕ K) ⊕ K = m ⊕ (K ⊕ K) = m ⊕ 0 = m

K K

encryptionalgorithm

ciphertextC = K(m)

plaintextm

plaintextm = K(C)

Alice Bob

Mallory / Trudy



Asymmetric Key CryptographyPublic key cryptography

Public encryption key K+

C = K+ (m)

Private decryption key K– ≠ K+

m = K– (C) = K– (K+ (m))

No shared keyAlice encrypts with Bob's published K+

Bob decrypts with private K–

K+ K–

encryptionalgorithm

ciphertextC = K+(m)

plaintextm

plaintextm = K– (C)

Alice Bob

Mallory / Trudy


Rivest, Shamir and Adleman (RSA) algorithmm = K– (K+ (m)) = K+ (K– (m))Cannot obtain K– from K+ or K+ from K–


Message IntegrityMessage content not altered

Not corrupted / maliciously changedMessage digest

Public hash function h = H(m)m ≠ m' ⇒ small probability of H(m) = H(m') MD5 (RFC 1321) / SHA-1 (US NIST standard)

Alice Computes h = H(m)Sends (m,h)

BobComputes h = H(m) and compares with received hH(m) = h ⇒ high probability of message integrity

H

h = H(m)m

H

h = H(m)m

compare

Alice Bob


AuthenticationAAA Protocols

AuthenticationCheck that user identity is authentic (as claimed)Login, password, …

AuthorizationGranting access / service rights

AccountingTracking resource consumption by usersLogins, disk usage, …

Common AAA systemsTerminal Access Controller Access-Control System (TACACS)KerberosRemote Authentication Dial In User Service (RADIUS)


Challenge / Response AuthenticationUnencrypted

Encrypted

Compare password with database

Check user name in database

System ActionResponseChallenge

********Password:

AliceLogin:

Correct value ⇒ correct password

Check user name in database

Set key K = password in database

Set nonce R (one‐time value)

Send encrypted K(R)

System ActionResponseChallenge

********Set key K = ********Decrypt R = K(K(R))

Send R + 1 unencrypted

Password:

AliceLogin:


Message Authentication Code (MAC)Authentication key

Alice and Bob share secret key s

Authenticated messageAlice

Computes h = H(m, s)Sends (m, h)

BobComputes h = H(m, s) and compares with received hH(m,s) = h ⇒ high probability of message integrity + authenticity

H

h = H(m, s)m

H

h = H(m, s)m

compare

Alice Bob

s s


Playback AttackAuthenticated message

Alice sends Bob legitimate message with MACBob

Receives messageConfirms secret shared key

Mallory Captures Alice's messageResends Alice's message to Bob

Bob Receives messageConfirms secret shared key

ExampleElectronic funds transfer (EFT)

Defense Nonce (one-time use number)


MAC with Nonce

H

h = H(m, s)m

H

h = H(m, s)m

compare

Alice Bob

H

h = H(R, s)R

H

h = H(R, s)R

compare

Hello

Nonce R

Protected against replayNonce ⇒ correct 3-step handshake

Hello → R → ContentNo 3-step handshake ⇒ ignore content message

s s

s s

H

h = H(m, R, s)m

H

h = H(m, R, s)m

compare

Content

s s


Digital SignatureMAC with public key cryptography

Exploits RSA symmetry m = K– (K+ (m)) = K+ (K– (m))

Signed messageBob

Computes hash h = H(m)Encrypts ch = K– (h) using private key K– (only Bob can encrypt)Sends (m, ch)

Alice Decrypts h = K+ (ch) using Bob's public key K+

Computes H(m) and compares with hh = H(m) ⇒ message hash was signed using Bob's private key

H

chm

Bob Alice

K– H

chm K+

compare


Public Key CertificationVulnerability of digital signature

Alice Receives (m, ch) from Trudy calling herself "Bob"Requests public key from "Bob"Confirms m sent by "Bob"

QuestionIs "Bob" really Bob

Certification Authority (CA)Trusted organization Certifies real-world identity of userShifts question to

Reliability of CA Deviousness of intruder

Issues certificate to user Certificate = real-world user information + user public key K+

Digitally signed with CA private key K–CA (only CA can encrypt)


certificatechm

Certified MessageBob

Calculates hash h = H(m)Encrypts ch = K– (h) using private key K– (only Bob can encrypt)Sends (m, ch, certificate)

Alice Decrypts K+ = K+

CA(certificate) using CA's public key K+CA

Decrypts h = K+ (ch) using Bob's public key K+

Computes H(m) and compares with hh = H(m) ⇒ message hash was encrypted using Bob's private key

certificate

H

chm

Bob Alice

K– K+

compareK+ K–CA H

K+CA


Secure SocketsSecurity layer between application and transport

Secure Sockets Layer (SSL) Netscape browser (1993)

Transport Layer Security (TLS) RFC 2246 (1999 – 2011)

Services to application layerConfidentiality (RSA encryption)Authentication (certificates)Integrity (MAC hash protection)

Data fragmentationRecord = header + encrypted data fragment

Key management sublayer

Record cryptography sublayer

SSL / TLS

Infrastructure

Network (IP)

Transport (TCP)

Application


Secure Sockets

Programmer perspective

Socket call invokes SSL / TLS instead of TCP

SSL / TLS passes encrypted / protected data to TCP

FTPS — FTP client / server over SSL / TLS

HTTPS — client / server over SSL / TLSKey

management sublayer

Record cryptography sublayer

SSL / TLS

Infrastructure

Network (IP)

Transport (TCP)

Application


SSL / TLS OverviewSession initialization

ApplicationClient opens secure socket for channel to server

SSL / TLSOpens TCP session between client / serverClient / server negotiate certificates + keys + optionsEstablish secure channel over TCP

Confidentiality + authentication + integrityReturn socket descriptor to application

SSL / TLS

TCP

Application


SSL / TLS OverviewData exchange

Application Sends data to open socket

SSL / TLSServer receives records from TCP

Checks / removes record header

Decrypts data fragments + MAC

Reassembles fragments to app data

Client fragments app data

Encrypts data fragments + MAC

Adds record header

Forwards records to TCP

SSL / TLS

TCP

Application


Network Layer SecuritySecurity layer at network layer

IPsec — RFC 4301 (2005)Service options for IP datagrams

Modes of operationTransport mode

IP data encrypted / authenticatedIP header not modified / encrypted

Tunnel modeEncrypted / authenticated datagram = data field of new datagram

IPsec

Infrastructure

Network (IP)

Transport (TCP)

Application

√√Replay protection √√Authentication√√Integrity√Confidentiality

Encapsulating Security Payload (ESP)

Authentication Header (AH)


Virtual Private Network (VPN)Private network

Dedicated physically separate infrastructureSwitches / routers / cables

Most secure at highest costVirtual Private Network

Secure network implemented in shared public infrastructureSecurity options

Proprietary encryption softwareIPsec in tunnel modeTLSTraffic segregation in shared physical hardware

VPN tunnel App

TCP

IP

DL

PHY

IP

Security

IP

DL

PHY publicnetwork

App

TCP

IP

Security

IP

DL

PHYnon‐IPsechost IPsec host


Security Association (SA) Managing AH / ESP connections

Internet Security Association & Key Management Protocol (ISAKMP)Security Association (SA)

Establish SA from sending to receiving entity before sending dataSimplex SA

Each direction sets up separate SA

Connection-oriented stateful mechanism over IPExample — SA for R1 to R2

R1 state table entries32-bit SA identifier: Security Parameter Index (SPI)Source / destination interfaces — 200.168.1.105 / 193.68.2.23Encryption method / keyIntegrity check method / authentication key

publicnetwork

non‐IPsechost H1

200.168.1.105

IPsec R1 non‐IPsechost H2

193.68.2.23

IPsec R2

200.168.1.1 193.68.2.1


IP Encapsulation

ESP headerSecurity Parameter Index (SPI)SEQ

ESP trailerPadding (for block cypher) + length of paddingNext header — protocol in original datagram

Authenticated

Encrypted

Original H1 to H2 datagram

ESPAuth

(MAC)

ESPtrailer

TCP segment

IP header

src: H1

dest: H2

ESPheader

IP header

src: R1

dest: R2

publicnetwork

non‐IPsechost H1

200.168.1.105

IPsec R1 non‐IPsechost H2

193.68.2.23

IPsec R2

200.168.1.1 193.68.2.1


FirewallSoftware / hardware based filter

Blocks packets based on protocol criteriaIntended to prevent

Unauthorized access to internal network from WANUnauthorized access to WAN by internal software

Stateless packet filteringBlock packets based on

Source / destination IP addressTCP/UDP source / destination port numbersICMP message typeTCP SYN and ACK bits (prevent any incoming TCP connections)

Stateful packet filteringTrack status of TCP connections from SYN to FIN

Block packets inconsistent with TCP state machineBlock inactive connections


Intrusion Detection Systems (IDS)Deep packet inspection

Compare packet contents with database of virus / attack signatures

Correlations among multiple packetsPort scanning

TCP SYN sequence of ports — map open ports

Network mappingPing sequence IP addresses — map responding hosts

Denial of Service (DoS) attackReplayed packet to overload server

Statistical anomalyCompare traffic with statistical norms

Bandwidth demandProtocols and service portsUser accessFile updates


Data Management Zone (DMZ)Term of military origin

DMZ — Demilitarized ZoneBorder area between military powersMilitary activity not permitted

Network DMZBorder zone of AS (perimeter network)Unrestricted access from WAN

DMZ servicesPublic web server Other unsecured services

Incoming mail serverAnonymous FTP server

Secure authentication server to internal networkReported intrusions to Pentagon network (1995)

DMZ — 250,000 Internal — 0


DMZ ConfigurationsSingle Firewall DMZ

publicnetwork

DMZ

InternalNetwork

WebServer

AuthenticationServer

publicnetwork

DMZ

InternalNetwork

WebServer

AuthenticationServer

Double Firewall DMZ

public

authenticated

public

authenticatedauthenticated


Network ManagementOAM

Operation — service availability and statistics monitoringAdministration — Network resource accounting / assignmentMaintenance — Repairs, upgrades

Provisioning Resource configuration to support services

Typical management tasksResource

Controlling, planning, allocation, deployment, coordination, monitoring Traffic routing, load balancing, performance managementSecurity managementFault managementAccount management

Management toolsMonitoring agents installed on infrastructureActivity logs Sniffers


Simple Network Management Protocol (SNMP)Management agents

Hardware / software feature of network infrastructure Permits remote management of device

Monitor device activityConfigure device parameters

Role of SNMPManagement Information Base (MIB)

Object-orient database record describing network entity

Structure of Management Information (SMI)Data definition language for MIB objects (subset of ASN.1)

SNMP protocolManage entity by read (monitor) / write (control) of MIB informationTransaction mode

Manager request + agent responseTrap mode

Agent message on specified condition


Management Information Base (MIB)MIB classification

Tree hierarchyInternet MIB = 1.3.6.1

MIBSet of all MIB objects for managed device

MIB moduleSet of related MIB objects

Managed objectSpecific feature of managed deviceUniquely identified by object IDLeaf level


Example —UDP MIB module

udpEntry1.3.6.1.2.1.7.5.1

udpTable entry — PortudpLocalPort1.3.6.1.2.1.7.5.1.2

udpTable entry — IP addressudpLocalAddress1.3.6.1.2.1.7.5.1.1

Entry for each port in use by appudpTable1.3.6.1.2.1.7.5

Datagrams sentUDPOutDatagrams1.3.6.1.2.1.7.4

Undeliverable datagrams — other reasonsUDInErrors1.3.6.1.2.1.7.3

Undeliverable datagrams — no server at portUDPNoPorts1.3.6.1.2.1.7.2

Datagrams delivered at nodeUDPInDatagrams1.3.6.1.2.1.7.1

ObjectNameObject ID


SNMP Message Types Manager to agent

GetRequestRetrieve value of variable or list

SetRequestChange value of variable or list

GetNextRequestDiscover available variables and their values

GetBulkRequestMultiple iterations of GetNextRequest

Agent to manager Response

Returns variable / acknowledgement forGetRequest, SetRequest, GetNextRequest, GetBulkRequest

TrapAsynchronous notification of trapped event

Manager to managerInformRequest

Asynchronous notification of trapped event


SNMP PacketsSNMP an application layer protocol

Messages send over UDP

FieldsVersion — SNMP version Community — environment for group of management systemsPDU type — message typeRequest ID — associate requests / responsesError Status — indicates error type in response operationError Index — associates error object instanceObject name — name of object to set / monitorObject value — value of object

Object value

Variable bindings

SNMP PDUSNMP header

communityversionError index

Object name

Error status

Request ID

PDU type

UDP header

IP header

Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 1

Wireless

Networks


Some Basic ObservationsWireless

Free-space electromagnetic transmissionRadio, optical, IR

Differs from wired at infrastructure layersPhysical transmission / receptionMedium access issues

Application programmer usually ignores infrastructureGenerally sees OS-provided network API (sockets)Special case — telephone / PDA applications

Special issues in wireless infrastructuresMobility managementBroadcast infrastructureChannel reliability


Wireless Personal Area Network (wPAN)Short range broadcast transmission Standard technologies

BluetoothInfrared Data Association (IrDA)Wireless USB

Applications Wireless computer peripheralsBluetooth earpiece Transfer interface for laptops,

PDAs, cellphonesRemote control


Wireless Local Area NetworksWireless equivalent to local Ethernet

Wireless network cardDefines user authentication and encryptionNo external connection

Standard technologiesIEEE 802.11 (WiFi)BluetoothIrDA

Basic Wireless LAN

station

station

station


Wireless LAN with WAN InfrastructureExtension of wireless LAN

Allows mobile access to external networksAllows roaming between wLAN groups

Standard technologiesIEEE 802.11 (WiFi)

DistributionSystem

Wireless LAN

station

station

gateway

Wireless LAN

station

station

gateway

Internet

Wireless LAN Access to WAN


Cellular TelephonyMedium range broadcast with private channel assignmentStandard technologies

AMPS / TACS (1G)GSM / d-AMPS (2G)CDMA (2G)UMTS / CDMA2000 (3G)WCDMA (4G)

ApplicationWireless voice network

Cellular Telephone Networks

Public Switched Telephone Networks


Cellular Data Networks and Wireless IPWireless wide area data network (wWAN)

Data WAN over cellular telephone network

Standard technologiesCDPD (1.5G)GPRS (2G)EDGE (2.5G)UMTS (3G)

Cellular Telephone Network

Internet


Wireless Application Protocol (WAP)Protocol stack for mobile web interface

Adapts web for Phone screens PDA keypad

WML interactive scripting languageProtocol stack for mobile web interface

Adapts web forPhone screens PDA keypad

WML interactive scripting language


Wireless Metropolitan Area Network (wMAN)Cellular broadband data access

WAN access via wireless network

Standard technologiesIEEE 802.16 (WiMAX)

Wireless MANInternet

Wireless LANAccess Point


Radio Wave PropagationTransmitter generates radio waves

Waves propagate (spread out) through spacePart of radiated power may be obstructedPart of radiated power is detected by receiver

ionotropic wave

line of sight wave

ground wave

tropospheric wave

Transmitter Receiver


Interference with Radio Signals

absorption

reflection

refraction

medium


Multipath FadingObstacles reflect radio waves

Receiver gets signals from multiple pathsTime-to-arrive depends on path taken by signalReceiver gets signals transmitted at different times

ExampleThree signals sent at times t1 < t2 < t3

Antenna receives all three signals at time tSignal 1 ⎯ sent first and followed longest path d1

Signal 2 ⎯ sent second and followed second longest path d2 < d1

Signal 3 ⎯ sent last and followed shortest path d3 < d2

Sum of waves can cancel out signals

d3

d1

d2


0G (1970) Mobile Phone System (MPS) One central transceiver (transmitter/receiver)

Mobile telephones communicate via central transceiverTransmit at high power for maximum distanceSystem covers 65 to 80 km

Modulation is standard analog FM Supports 12 simultaneous mobile phone calls If 12 channels busy, other calls are blocked

Requires 24 carrier frequencies2 frequencies per phone:

Dedicated transmit frequency Dedicated receive frequency


Cellular ConceptDivide coverage area into cells

In each cellCentral cell transceiver serves all clients in cellMobile Stations communicate via cell transceiver

Transmit at low power (just enough to cover a cell)Use same frequencies in many cellsNo interference between cells

Handoff Telephone can move from cell to cell during a callRequires cell-to-cell infrastructure and coordination

B

C

A

C

C

B

A

B

A

B

A

C

B


Cell ImplementationDivide region into clusters

Divide cluster into seven cellsA, B, ... , G

In each cellOne central transceiverMany mobile stations (telephones)A frequency group (set of dedicated frequencies)

Each telephone has a private link with central transceiverDedicated transmit frequencyDedicated receive frequency

7 cell reuseFrequency group A assigned to every A cellFrequency group B to every B cell, …At least two cells separate every pair of A cells, etc.

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A


Transmission DirectionsDownlink

Base Station (BS) transmit frequencyMobile Station receive frequencyForward Channel

UplinkMobile Station (MS) transmit frequencyBase Station receive frequencyReverse Channel

UplinkReverse Channel

DownlinkForward Channel

MS

BS


HandoffUser moves between cells

Hard HandoffOld cell transfers control to new cell Break-Before-Make sequence

Transceiver in old cell stops transmitting to userTransceiver in new cell begins transmitting to user

New BS assigns user frequency pair from its frequency group

Soft HandoffCentral transceiver coordinates with nearest cellsDetermines which transmitter is receiving strongest signal from userMake-Before-Break sequence

Transceiver in old cell transmitting to userTransceiver in new cell begins transmitting to user Transceiver in old cell stops transmitting to user


Reuse Patterns

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

A

C

C

B

A

B

A

B

A

C

B

7 cell reuse

3 cell reuse

4 cell reuse

B

D

A

C

B

C

D

D

C

A

B

A

A


Mobile Network Switching HierarchyMobile Service Provider

Service Areas or Registration AreasClusters

Cells

Mobile ServiceProvider

Mobile ServiceProvider

ServiceArea

ServiceArea

ServiceArea

ServiceArea

BC

DE

F

GA

BC

DE

F

GA

BC

DE

F

GA

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

AB

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A

Cluster

Cell


The Cellular and Wired Telephone Network

Mobile Station(MS)

Base System(BS)

Public SwitchedTelephoneNetwork(PSTN)

Base TransceiverSite (BTS)

BTSBase

StationController

(BSC)


PLMN

BSS

Base System(BS)

Mobile Station(MS)

Base Station Subsystem


HLRVLR


Elements of GSM Mobile Network HierarchyMobile Station (MS)

The telephone/terminal

Base Transceiver Site (BTS) Fixed radio transmitter/receiverManages channels for with MSs in one cell

Base Station Controller (BSC)Coordinates cluster of cells

Base Station Subsystem (BSS)One BCS and all BTSs it controls

Mobile Switching Center (MSC)Telephone Central Office for one Service AreaHandles local calls and Routes calls out of Service Area

Public Land Mobile Network (PLMN)The wired portion of one Service Area (BTSs, BCSs, and MCS)


Mobility ServiceHome Service Area

Service Area in which MS subscribes to cellular service

Home SubscriberMS operating in its Home Service Area

Roamer MS operating outside its Home Service Area

Handoff Call control transfer when MS moves between cells in Service Area

RoamingCall control transfer when MS moves between Service Areas


Problems of MobilityMS must locate service provider access point

User must authenticate to service provider

Service provider must locate the MSProvider must verify user's access rights

Home Location Register (HLR)Located in MSC of Home Service AreaMaintains user's account informationMaintains location information for active MSs

Visitor Location Register (VLR)Located in MSC for each Service AreaCache of HLR data on active roamers


Registration ProcessMS enters Service Area

Establishes low bit-rate control channel with service provider

MS requests serviceBS allocates a frequency pair

MS reports to Mobile Switching Center (MSC)Location, Status, and Identity

Dedicated hardware ID code in phoneSubscriber Identity Module (SIM) card identifies customer in GSMMobile Station generates access code to network

Transmits code by public key encryption (PKE) algorithm

Mobile Switching Center (MSC)Authenticates customer identity with HLRFor roaming subscriber, creates VLR entry Updates Home Location Register (HLR) and billing database


Mobility Elements in the Cellular Network

Base System(BS)

BTSBSC MSC

PLMN

BSS

HomeSubscribers

BTSBSC MSC

PLMN

BSS

Base System(BS)

Service Area

Service Area

Roamer

HLRVLR

HLRHome

Subscribers

Home SubscriberRegistration

Roaming SubscriberRegistration

Query to HomeMSC HLR

for VLR Entry


1G — Advance Mobile Phone Systems (AMPS)North American first generation analog system — IS-553

25 MHz transmission band per directionMobile Station (uplink): 825 - 849 MHzBase Station (downlink): 870 - 895 MHz

Frequency Division Multiple Access (FDMA) Divide band into 30 kHz RF voice channels

7 cell frequency reuse pattern (A, B, …, G)832 channels / 7 cells < 118 channels per cell Typically 90 useful channels per cell

B

C

D

E

F

G

A

B

C

D

E

F

G

A

B

C

D

E

F

G

A

25 MHz per cluster832 channels per cluster

30 kHz per channel=


Second Generation Systems2G Analog systems

Triple number of channels per cellMotorola proprietary products

Narrowband Advance Mobile Phone Systems (N-AMPS)Motorola Integrated Radio System (MIRS)

Time Division Multiple Access (TDMA)Divide FDMA radio channel into time slotsMS transmits digitized voice in one time slot on one frequencyNorth American d-AMPS European GSM

Code Division Multiplex Access (CDMA)Create orthogonal binary digital transmission codesMS transmits in one code on one frequency


GSMGlobal System for Mobile Communications

European Union 2G digital cellular

ChannelizationDivide band into 200 kHz RF channels25 MHz per cluster / 200 kHz per channel = 125 channels per cluster

Digital transmissionTransmit 270.883 kbps in each 200 kHz radio channelVoice and control modulation

Gaussian minimum-shift keying (GMSK) — optimized FSK

Time Division Multiple Access (TDMA)Divide each channel into 8 time slotsAllocate 1 time slot per user

270.883 kbps per channel / 8 users per channel = 33,086 bps per user

Standards European Telecommunications Standards Institute (ETSI)


GSM Voice Transmission Summary

Voice 8000Samples/sec

3300 HzFilter

13-bitQuantization

8:1Compression

104 kbps

13 kbps 260-bitbuffer

104 kbps 20 msec = 2080 bits

13 kbps 20 msec = 260 bits

CRCGenerator260:456

13 kbps 456 bits = 8 blocks 57 bits/block

57 57

24

1 2 3 4 5 6 7 8

16 17 18 19 20 21 22 238 9 10 11 13 14 150 1 2 3 4 5 6 7

57 user bits per field 2 fields per frame 24 frames per multiframe = 2736 user bits per multiframe

2736 bits per multiframe / 120 ms per multiframe = 22.8 kbps

22.8 kbps / (456/260) = 13 kbps

1 user time slot / frame

24 frames / multiframe

×

××

××


Direct Sequence Spread Spectrum (DSSS)Transmit data bit as chip sequence

ChipShortest binary pulse on transmission channeln-chip sequence is symbol for one data bit

Multiplies transmission rateUser generates data at m bits per secondTransmit n-chip sequence for every user bitExample

1-sequence for data 1 = 101101000-sequence for data 0 = 01001011

Chip rate = m bps × n chips per bit = n × m chips per second (cps)

Receiver easily distinguishes 1-sequence from 0-sequence Bit error requires > n / 2 chip errorsWorks well in noisy environment

data 1 chip sequence

data 0 chip sequence


CDMACode Division Multiple Access

Commercial system developed by Qualcomm Operates on AMPS frequencies

Channelization25 MHz radio band per directionDivide band into 1.25 MHz RF channels25 MHz per cluster / 1.25 MHz per channel = 20 channels per cluster

DSSS digital transmissionTransmit 1.2288 Mcps in 1.25 MHz radio channelVoice and control modulation — QPSK

Code divisionUsers transmit simultaneously using independent chip sequences

Orthogonal (Walsh) Codes / Pseudorandom noise (PN) codes

Receiver separates channels by decoding chip sequencesStandards

IS-95 — now called CDMAone


Orthogonal CDMA Codesm-dimensional vector space with inner product

m orthonormal basis vectors

Code schemeBasis vector Si is code assigned to station iStation i transmits ti × Si with coefficientTotal transmission from all stations

1

1 mi ii

U Vm =

⋅ = ×∑U V

( )

1

1 1 1

, 1, ... ,

,

0,,

1 1 1

with coefficient for any vector

i

mi i ii

i j ij

m m mi i i j j j i j j ij ij j j

S i m

t S t

i jS S m

m i j

t S S t S t S S t m tm m m

δ

δ

=

= = =

=

= ×

≠⎧⋅ = × = ⎨ =⎩

= ⋅ = ⋅ × = × ⋅ = × =

∑

∑ ∑ ∑

T T

T

1 ,0 ,

1 ,

data 0

no transmission

data 1it

−⎧⎪= ⎨⎪+⎩

1

mi iit S

== ×∑T


Example ⎯ 4‐Chip CDMACode vectors for m = 4 stations

4-bit transmission levels (chips)

Radio signal amplitudes added together

1 2 3 4

1 1 1 11 1 1 11 1 1 11 1 1 1

S S S S

− − − −⎡ ⎤ ⎡ ⎤ ⎡ ⎤ ⎡ ⎤⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥− + − +⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥= = = =− + + −⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥− − + +⎣ ⎦ ⎣ ⎦ ⎣ ⎦ ⎣ ⎦

Binary 1 Binary 0 Station 1 –1 –1 –1 –1 +1 +1 +1 +1 Station 2 –1 +1 +1 –1 +1 -1 -1 +1 Station 3 –1 –1 +1 +1 +1 +1 -1 -1 Station 4 –1 +1 -1 +1 +1 -1 +1 -1


Example ⎯ 2‐bit Transmission

Data 0 1Station 1

Signal +1 +1 +1 +1 -1 -1 -1 -1 Data 0 1

Station 2 Signal +1 -1 -1 +1 -1 +1 +1 -1 Data no data 1

Station 3 Signal 0 0 0 0 -1 -1 +1 +1 Data 0 1

Station 4 Signal +1 -1 +1 -1 -1 +1 -1 +1

Total Transmission Signal +3 -1 +1 +1 -4 0 0 0


Example ⎯ 2‐bit Transmission

1

2

3

4

T

+3 -1 +1 +1 -4 0 0 0

Data

Chip


Example ⎯ DecodingInner Product

4

1

14 i ii

U V=

⋅ = ∑U V T Sj jt = ⋅

( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]

1 11 4 4

1 12 4 4

1 13 4 4

1 14 4 4

3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 1 0

3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 1 0

3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 0

3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 1 0

no data

t

t

t

t

= − + + ⋅ − − − − = − + − − = − ⇒

= − + + ⋅ − + + − = − − + − = − ⇒

= − + + ⋅ − − + + = − + + + = ⇒

= − + + ⋅ − + − + = − − − + = − ⇒

( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]

1 11 4 4

1 12 4 4

1 13 4 4

1 14 4 4

4,0,0,0 1, 1, 1, 1 4 1 1

4,0,0,0 1, 1, 1, 1 4 1 1

4,0,0,0 1, 1, 1, 1 4 1 1

4,0,0,0 1, 1, 1, 1 4 1 1

t

t

t

t

= − ⋅ − − − − = = + ⇒

= − ⋅ − + + − = = + ⇒

= − ⋅ − − + + = = + ⇒

= − ⋅ − + − + = = + ⇒

First bitT = (+3, -1,+1,+1)

Second bit T = (-4,0,0,0)


Orthogonal Walsh CodesWalsh 0

Walsh 1

Walsh 2

Walsh 3

Walsh N

W0 = 1 W0' = - 1

W1 =W0 W0

W0 W0'=

1 1

1 -1

=1 1 1 1

1 -1 1 -1

1 1 -1 -1

1 -1 -1 1

W2 =W1 W1

W1 W1'

W3 =W2 W2

W2 W2'

WN =WN-1 WN-1

WN-1 WN-1'

=S1

S4

S3

S2

Walsh N is 2N × 2N matrix


Pseudo‐Noise (PN) CodingPseudorandom Bernoulli sequence of 1 or –1

Equivalent to sequence of m coin tossesNearly equal number of 1 and –1 in each code

By central limit theorem

Codes are "nearly orthogonal"For codes A and B with chip patterns Ci

(A) and Ci(B)

( ) ( ) [ ]2

1 1

1 1 1 1m mA Bi ii i

A B C Cm m= =

= ⇒ × = ± =∑ ∑

( ) ( )

[ ]

1

21 1 1 -1 -1 1 -1 -11

1

1 44

m A Bi ii

m

i

A B C Cm

P P P P P P P Pm m

δ

=

+ + + +=

≠ ⇒ ×

= × − × − × + × = <

∑

∑

( ) ( )1 11 1 11 12 2

P P P Pm

δ δ δ− += − = + = + = − <


Channel CodingForward channels

64 orthogonal Walsh codes to 64 usersTheoretically perfect separation between users

All signals in same cell scrambled using PN sequence Reduces interference between same Walsh code in neighboring cellsShort PN sequence uses cell ID as seedPaging and traffic scrambled with long PN sequence before Walsh

Reverse channels Orthogonal codes not applicable in uplink

Orthogonality requires time synchronizationMSs transmit asynchronously

Long PN sequenceStream is scrambled using short PN sequence Carries cell ID


Data over AMPS

digital bits

modem

modulated(analog)

data

AMPS Networkanalog channels(300 - 3300 Hz)

digital bits

modem

modulated(analog)

data

POTS Networkanalog channels(300 - 3300 Hz)

modem

digital bits

PSTN


Cellular Circuit Mode Data Services

digital bits

POTS Networkanalog channel(300 - 3300 Hz)

modem

digital bits

digital bits

modem

ISDNdigital channel

(64 kbps)

digital bits

PSTN

Cellular Networkdigital voice/data

circuit mode channels(9.6 - 19.2 kbps)


Cellular Packet Mode Data Services

Internet

IPDatagrams

IPDatagrams

Cellular Networkdigital voice/data circuit mode channels

andpacket mode datagram forwarding

(19.2 kbps - 2 Mbps)Cellular service provider acts directly as ISP AMPS: CDPD

GSM: GPRS / EDGE

IPDatagrams

ISPUser makes dial-up call to Internet Service Provider (ISP)


Cellular Data Terminals

Laptop using cellular phone as modem

Laptop with integrated cellular modem

Smartphone with integrated cellular

modem


General Packet Radio Service (GPRS)Provides packet mode data access for GSM

IP-based architectureConsidered 2.5G enhancement

IP datagrams separated from circuit mode traffic at cluster Packet Control Unit (PCU)

Packet mode function in BSC to handle IP datagrams

Circuit mode voice/data routed to MSC Forwarded to other MSC or PSTN

Packet mode data is routed to Serving GPRS Support Node (SGSN)Forwarded to Internet or X.25 PSDNPCU to SGSN runs IP over Frame Relay

Mobility managementCircuit mode traffic uses PSTN / PLMN routingPacket mode traffic uses IP routing


GSM Circuit Mode and GPRS Packet Mode Data


GPRS System Architecture

Base System(BS)

Base TransceiverSite (BTS)

BTS

BaseStation

Controller(BSC)


PLMN

BSS

Base System(BS)

MS

Base Station Subsystem


FrameRelay

InternetServing GPRSSupport Node

(SGSN)

Gateway GPRSSupport Node

(GGSN)

PSTN

PacketControl

Unit (PCU)GPRS

Backbone(IP)MS


Short Message Service (SMS)Transmission of short text messages

Up to 160 bytes of alphanumeric data160 English ASCII characters16-bit unicode for non-English alphabets ⇒ 80 characters

GSM permits message concatenation

Supported by GSM, d-AMPS, and CDMA

Out-of-band signalingSMS sent over signaling channel — not traffic channelSMS can be sent during a voice callShort messages do not create a heavy traffic load


SMS in GSM Architecture

GMSCSMSC

IWMSC

SME

SMSC

SME: Short Messaging EntitySMSC: Short Message Service CenterGMSC: Gateway Message Service CenterIWMSC: Interworking Message Service Center


SMS NodesShort Messaging Entity (SME)

Any entity that can receive or send short messagesFixed network elementMobile StationAnother service center

Short Message Service Center (SMSC)Store and forwarding of SMS between SME and MS

Gateway Message Service Center (GMSC)Receives SMS from SMSCInterrogates HLR for routing informationDelivers SMS to MSC for destination SME

Interworking Message Service Center (IWMSC)Receives SMS from MSC Delivers SMS to appropriate SMSC for forwarding


SMS Delivery to MS

SME SMSC HLR MSC VLR BSSSMS

Submit RouteRequest

Route

SMSForward

MS

UserInfo

ACK

UserInfo Page

ACKACK

SMSForward SMS

Forward

ACKACK

DeliveryReport

DeliveryReport


High Speed Circuit Switched Data (HSCSD)Circuit Switched Data (CSD)

14.4 kbps circuit mode data connection in 2G GSM User data replaces digitized voice in 1 time slot

High Speed Circuit Switched Data (HSCSD)2.5G enhancementUp to 8 slots (full user frame) allocated to one data channelUp to 115.2 kbps

Transparent data transmissionUser data stream can contain signaling to network

Allows dynamic reconfiguration of data connection (data rate, QoS)

HSCSD data frames carry data sub-stream numbers Maintains order of transmission over GSM

Non-transparent data transmissionOnly user data in data stream

No signaling or reconfiguration

LLC functions performed by GSM protocols


Telecommunication Market Evolution — 1 Late 20th century

Voice traffic >> data trafficData traffic over analog / digital voice infrastructure

Access V.35 / ADSL modem over telephone local loop

Backbone Routers / switches on leased telco trunk lines

Separate PSTN and cellular networksCellular backhaul

PLMN infrastructure on leased telco trunk linesMost profitable market sectors

PSTNLong distance voice calls

Cellular Air time


Telecommunication Market Evolution — 2 Early 21st century

Voice traffic < data traffic

Integrated networks — voice / data + fixed / mobile

IP over voice infrastructure → Voice over IP (VoIP)

Most profitable market sectors

PSTNLeasing lines for data infrastructure

Cellular Messaging, ring tones, multimedia services


Implications for Third GenerationSystem goals

Global mobility Wide range of services

Voice telephonyMessaging + pagingInternet (WWW + email) access

Broadband data transportGateways among incompatible radio systemsMore flexible PLMN routing infrastructure

Migration pathsTDMA d-AMPS → retirementGSM → UMTS

More efficient radio spectrum utilization (CDMA replaces TDMA)

CDMA → cdma2000More efficient radio spectrum utilization (higher capacity CDMA)


3G StandardizationInternal Mobile Telecommunications (IMT-2000)

International Telecommunications Union (ITU) standards for 3GDefines multiple competing (incompatible) systems

Universal Mobile Telecommunications System (UMTS)GSM/GPRS replacement using CDMA radio interfaceThird Generation Partnership Project (3GPP)

Consortium of manufacturers (www.3gpp.com)

CDMA 2000CDMA replacement using cdma2000 radio interfaceThird Generation Partnership Project 2 (3GPP2)

Consortium of manufacturers (www.3gpp2.org)

WiMAXBroadband wireless data access using cellular technologyWiMAX Forum

Consortium of manufacturers (www.wimaxforum.org)


UMTSPhysical layer

User access: GSM TDMA → W-CDMA or TD-CDMASimilar to cdmaOne and cdma2000 but not compatible

Different frequency bands Different pseudorandom noise (PN) coding scheme

Circuit mode data rates up to 1.92 Mbps144 kbps and 384 kbps on high-utilization systems

New PLMN node definitionsBSS (base station subsystem) → RNS (radio network system)BSC (base station controller) → RNC (radio network controller)BTS (base transceiver system) → Node B

ProtocolsNew internal network operationsFrame Relay in backbone infrastructure → ATM


High Speed Downlink Packet Access (HSDPA)Higher data rates for packet data

Downlink speeds of 1.8, 3.6, 7.2, 14.0 Mbps

HS-DSCH simplified for fast packet dataPower control and variable chip rate eliminated

Hybrid automatic repeat-request (HARQ)LLC layer added between PHY and MAC (not in RLC)Incremental redundancy

Corrupted packets not discardedRetransmitted packets combined until error-free packet assembledFaster than waiting for uncorrupted retransmitted packet

Fast packet scheduling2 ms scheduling granularity (instead of 10 ms)Transmission scheduled to UEs reporting highest power levels

Adaptive Modulation and Coding (AMC)Modulation scheme and code rate depend on channel quality


cdma2000Replacement for IS-95 CDMA (now called cdmaOne)

Same radio frequenciesNon-compatible pseudorandom noise (PN) coding schemeHigher data rates using improved modulation techniquesPacket mode data — Mobile IP on voice network (like CDPD)

Evolutionary change from cmdaOneMultiple upgrade pathsOperates in same radio frequencies

No new licensing costs for additional radio spectrum

Backward compatible with cmdaOneMinimum risk to existing operators

Third Generation Partnership Project 2 (3GPP2)Consortium of manufacturers (www.3gpp2.org)

StandardIS-2000


IS‐2000 Spreading Rates1xRTT

Same 1.25 MHz radio channel as IS-95Double IS-95 chip rate → 128 chips per bitDouble users → 128 users per channelRF compatible with IS-95 in same cell

Uses codes orthogonal to IS-95 codes

1xEV-DO (data only)Physical layer different from 1xRTTHigher data rates (3.1 Mbps forward / 1.8 Mbps reverse)No increase in voice capacity

3x (3xRTT)Uses 3.75-MHz radio channelsDirect Spread (DS) — one 3.75-MHz RF carrierMulticarrier (MC) — spreads data among 3 IS-95 1.25 MHz channels


Next Generation Networks (NGN)ITU initiative for long-term network planning

Standardizes current view of technology convergence

NGN definitionPacket-based network Provide telecommunication services Use multiple broadband QoS-enabled transport technologies Service functions independent of transport technologyEnables unfettered user choice of access to

Networks Competing service providers and/or services

Supports generalized MOBILITY

Allow consistent and ubiquitous provision of services to users

From ITU-T Recommendation Y.2001 (12/2004)


NGN in the MarketplaceMobility

Basic feature of contemporary workflowImportant source of profit for telecommunications industry

ConvergenceWorkflow ⇒ universal access to services through any networksMultiple incompatible networks ⇒ market share + profits

Where do technologies converge?Most systems can interface service to infrastructure with TCP/IPInherently digital services → internetInherently analog services → A/D + compression → internet

NGN generally means all-IP networkAll services defined to work over IPAll infrastructures defined to work below IPProblem — QoS, reliability, mobility not natural in IP


NGN VisionsMigration of all existing voice networks

Most voice infrastructure is still hierarchicalDS-0 circuit switchingHigh speed trunk lines organized in tree topology among ESSsIsochronous circuit mode operation natural for voice traffic

NGN requires transforming voice networks to VoIP

Migration of local access from voice to DSLSingle fast digital interface to doorstepFiber to the door an expensive dream

Migration to flexible metropolitan area networks (MAN)"Carrier Ethernet" and cellular broadband (WiMAX) in urban areas

Improvement of QoS in IP networksMultiprotocol Label Switching (MPLS)Session Initiation Protocol (SIP)


4G CellularInitial planning for 4th generation cellular systems

ITU working group planning IMT-2000 → IMT-AdvancedConceived as network supporting mobility — not telephones + dataConvergence with NGN

4G objectivesHigher network capacity than 3GSpectral efficiency (high bps / Hz and bps / Hz /site)100 Mbps for moving client and 1 Gbps for stationary client100 Mbps between any two points in worldSmooth handoff across heterogeneous networksGlobal roaming across multiple networksQoS for multimedia support — audio, HDTV, etcInteroperability with existing wireless standardsAll IPv6 packet switched network — eliminate circuit mode entirely


Long Term Evolution (LTE)3G standard

Upgrade of 3G UMTS Improved radio interfaceDownlink < 300 MbpsUplink < 75 Mbit/s

Marketed as 4G Does not conform to 4G standardsUpgrade path while waiting for 4G

Flat IP-based networkEvolved Packet Core (EPC) replaces GPRSVoice calls handled Voice over LTE (VoLTE)

Form of Voice over IP (VoIP)Routed over EPC packet switched networkNo separate circuit switched network for voice


IEEE 802.11Specified by IEEE 802 Committee for LAN/MAN

Standards for Infrastructure Layers (OSI 1 and 2)

Extends Ethernet for wireless physical layer

Data rates802.11 (1997) specified 1 or 2 Mbps (legacy)802.11a (1999) specifies 6 to 54 Mbps802.11b (1999) 5.5 Mbps and 11 Mbps (WiFi)802.11g (2003) 54 Mbps (WiFi)802.11n (2009) specifies up to 300 Mbps


Wireless Issues in LANsMobility

Addressable unit is a mobile station (STA)Dynamic topologiesMedium boundaries are neither absolute nor visible Lack full connectivity ⎯ STAs may be "hidden"

ReliabilityMedium less reliable than wired PHYTime-varying and asymmetric propagation

Power management


IEEE 802.11 wLAN ArchitecturesAd Hoc Mode

Simple Peer-To-Peer Mode (STA-to-STA)Limited to local communication

No WAN access or hand-off

Authentication and Registration Permitted but not required

Infrastructure ModeBasic topology

Permits forwarding to wired LANs and WANsAll communication via central Access Point (AP)Permits AuthenticationRequires Registration

Extended topologyPermits hand-off among WLAN segments


Ad Hoc Mode (Peer‐To‐Peer Mode)Independent Basic Service Set (IBSS)

Any set of 802.11 STAs (wireless stations)No connection to a wired network

Simple unmediated communicationSTAs communicate directly with one anotherUseful for quick set upAuthentication or Registration not required

Multiple IBSSs are independentNo bridgingNo hand-off

Independent Basic Service Set

station

station

station

station


Infrastructure ModeBasic Service Set (BSS)

A set of wireless end stations (STA)An Access Point (AP)

Connected to the wired network infrastructure Acts as base station for the wireless networkAll traffic flows through AP by Contention or Polling (CFP)

Stations must Associate with AP

AuthenticationRegistration

Basic Service Set

station

station

accesspoint

station

Wired LAN

Internet


Infrastructure ModeExtended Service Set (ESS)

Two or more BSSs Form single subnetwork (broadcast domain)Looks like one large BSS to LLC layer One Access Point (AP) in each BSS

BSSs connected via Distribution System (DS)DS is backbone networkDS performs MAC-level transport of MAC SDUs DS implementation not specified in 802.11

PortalSoftware gateway function in APBridges BSS to any non-802.11 DS protocol

DS services permit handoffStation moving from one BSS to another Requires coordination between APs

Basic Service Set

station

station AccessPoint

station

Basic Service SetAccessPoint

station

stationstation

DistributionSystem

Internet


802.11 Protocol LayersPHY Dependent Sublayer

Transmission typeModulation schemeData transmission rates

Physical Layer Convergence SublayerPHY medium dependentSpecifies header for PHY Dependent Sublayer

MAC layer Medium accessAddressingProcedures

Data Link

Layer

LLC802.2

LLC frame for SEQ/ACK/Control

Bridging Exchange of 802.2 PDUs

MAC

802.11

CSMA/CA, MACA, CFP

Physical Layer

Convergence PHY-Dependent Convergence Sublayer

PHY FHSS, DSSS, IR, Data rates


MAC Layer IssuesChannel Allocation Method

Contention (distributed control) Round Robin (deterministic)Polling (centralized control)

Collision Detection and Error Detection

Fragmentation

Addressing

Control and Management Frames


Hidden Node ProblemA transmits to BC cannot receive from A ⎯ out of rangeC is may interfere with A’s transmission

A B C D

transmit range


Exposed Node ProblemB transmits to AC receives B’s transmission and is not free to startC delays its transmission to D unnecessarily

A B C D


CSMA with Collision Avoidance (CSMA/CA)Carrier Sense Multiple Access (CSMA)

Stations listen for transmissionsDo not transmit if carrier is detectedCollision detection not possible

Hidden node problemAntenna cannot receive while transmitter active

Collision Avoidance (CA)Non-persistent accessRandom backoff


Multiple Access with Collision Avoidance (MACA)Channel set-up before data transmission

RTS — Request To SendCTS — Clear To SendACK — Acknowledgment of error-free transmission

Net Allocation Vector (NAV)Transmitted in RTSPredicted data transmission time

Improves behavior of Hidden Nodes and Exposed Nodes

RTS

CTS

DATA

ACK


Multiple Access with Collision Avoidance (MACA)B sends 30-byte RTS (request to send) packet to C

Includes a NAV for the data to be sentAll stations in B’s range hear RTS

C responds with CTS (clear to send) packet to B Echoes NAVAll stations in C’s range hear CTS

B in range of A but not DA receives RTS but not CTSA can transmit without interfering with B’s destination

C in range of B but not AD receives CTS but not RTSD waits data transmit time before transmitting

A B C D

RTS CTS


Station Services (SS) — 1Privacy in wired LAN

Design assumes physical closureIllegal access requires physical connection

Privacy in wLAN Any 802.11 receiver in range can receive all framesWired Equivalent Privacy (WEP) algorithm

Shared key encryptionNot secureNo worse than wire


Station Services (SS) — 2Authentication

Station provides proof of identity to AP or STAMethod not specified in 802.11Required before Association

DeauthenticationTerminate authentication of another stationDeauthentication invokes Disassociation

MAC Service Data Unit (MSDU) DeliveryEnd-to-end delivery of LLC packetsLLC packets (PDUs) are the SDUs of the MAC


Distribution System Services (DSS) — 1Association

Station associates with one APAssociation provides STA/AP mapping to the DSDS forwards to STA via unique AP association

ReassociationStation moves from BSS to New BSS Station associates with New AP in New BSS

Disassociation New AP informs Old AP of ReassociationOld AP terminates old associationAPs may also disassociate all STAs (for maintenance)


Distribution System Services (DSS) — 2Distribution

Delivery of packets to stations through DSSTA sends to source AP

Logically invokes DSS Distribution Service

DS passes frame to Destination APDestination AP passes frame to Destination STA

IntegrationPortal services provided by DS Source AP sends frame to Portal Portal forwards to foreign (not 802.11) network


MAC Layer Address Fields4 Address Fields

5 possible MAC entities:BSS Identification Number (BSSID)Source Address (SA)

Station which initiated the message

Destination Address (DA)Final destination for the message

Transmitting Station Address (TA)Station sending the message on this hop

Receiving Station Address (RA)Destination for the message on this hop


Address Field Definitions

To DS

From DS Address 1 Address 2 Address 3 Address 4

0 0 DA SA BSSID ⎯ 0 1 DA BSSID SA ⎯ 1 0 BSSID SA DA ⎯ 1 1 RA TA DA SA

Address 1 Immediate destination address

Address 2 Immediate source address

Address 3 Final destination or source when DS performs distribution

Address 4 Source address for DS to DS messages (802.11 is also DS)


Addressing in an IBSS

Independent Basic Service Set (IBSS) No Access Point (AP) and no DSFields To DS and From DS are 0

To DS

From DS Address 1 Address 2 Address 3

0 0 DA SA BSSID

Independent Basic Service Set

station

station

station

station

Address 1 Immediate destination address (DA)

Address 2 Immediate source address (SA)

Address 3BSSID Identifies Ad Hoc network Prevents message from reaching outside IBSS


Data Addressing in a BSS

Basic Service Set (BSS)All transmissions are sent To/From Access PointTo/From DS actually means To/From AP

To DS


0 1 DA BSSID SA 1 0 BSSID SA DA

Basic Service Set

station

station

accesspoint

station

Wired LAN



Address 3 Final Destination or Source


BSS Addressing Example

Station A sends message to Station B via AP (BSSID)

To DS



Basic Service Set

stationA

stationB

accesspoint

To DS = 0From DS = 1

To DS = 1

From DS = 0

Wired LANAddress 1 = BSSID

Address 2 = Station AAddress 3 = Station B

Address 1 = Station BAddress 2 = BSSID

Address 3 = Station A


Control and Management Addressing in a BSS

Control and Management messages in a BSS: Only involve stations in the BSS and the APAre sent with To DS = From DS = 0Either the Source or the

Destination will be the AP (BSSID)

Address 3 in included as anerror check

Basic Service Set

station

station

accesspoint

station

Wired LAN

To DS


0 0 DA SA BSSID


Addressing in an ESS

Extended Service Set (ESS)All transmissions are sent via an APTo the stations, entire ESS looks like one BSSStations do not know if message passes via DS or not

To DS



Basic Service Set

station

station AccessPoint

station

Basic Service Set

AccessPoint

station

stationstation

DistributionSystem



Address 3 Final Destination or Source


ESS Addressing Example

Station A sends message to Station B viaAP1 (BSSID1) → DS → AP2 (BSSID2)DS must forward Data, Sequence, SA, and DA

By some legal means

To DS



Basic Service Set

stationA

AccessPoint

1

Basic Service Set

AccessPoint

2

stationB

DistributionSystem

Extended Service Set

To DS = 1From DS = 0

Address 1 = BSSID1Address 2 = Station AAddress 3 = Station B

Address 1 = Station BAddress 2 = BSSID2

Address 3 = Station ATo DS = 0

From DS = 1


WEP Encryption/Decryption Procedure Plaintext

MAC Layer PDU (MPDU)CRC-32 Frame Check Sequence (FCS) on MPDU

Key Sequence Generated from Secret Key and Initialization Vector (IV)Key length is MPDU length + 4

TransmissionEncrypted PlaintextUnencrypted Initialization Vector (IV)

Receiver Generates Key Sequence from Secret Key and IVDeciphers Plaintext and checks FCS for errors


WEP Encryption Algorithm Secret Key distributed by some background process

Initialization Vector (IV) 24-bit suffix generated by transmitterIV may be changed as frequently as every MPDUIV transmitted unencrypted with message to receiver

Receiver needs IV to decrypt IV provides no information about secret key

Seed64-bit concatenation: Secret Key ## IV Seed input to Pseudo-Random Number Generator (PRNG)

Key Sequence k Pseudo-Random Number generated by PRNG using seed

Integrity Check Value (ICV)32-bit CRC on MPDU

Plaintext (MPDU ## ICV) encrypted with Key Sequence


WEP Encryption Algorithm

##Secret Key

InitializationVector (IV) Seed WEP

PRNG

Key Sequence k

Plaintext##Integrity Algorithm

(32-bit CRC)

⊕

IntegrityCheck

Value (ICV)

TransmittedMessage

IV

Ciphertext

Encryption


WEP Decryption AlgorithmKey Sequence generated from IV and Secret Key

DecryptionKey Sequence applied to Ciphertext Plaintext includes MPDU and ICV

Integrity check performed on Plaintext On error in received MPDU

Error indication is sent to MAC managementData not passed to LLC


Problems with WEP AlgorithmXOR encryption is not very strong

Secret Key is too easy to deducePart of MPDU may be easy to guess

Example: IP header fieldsCan find k from P and C

Encryption strength Depends on lifetime of Initialization Vector (IV)Best privacy when IV is changed for every MPDU


More Problems with WEPAP beacons

Announce service availabilityCan be found by unauthorized listeners

WEP not always implemented

Weak encryption40-bit secret keySimple XOR of key with plaintext

Weak authenticationSTA requests serviceAP sends random numberSTA returns number encrypted with key (password)

Authentication password is used as encryption keyEavesdropper can learn key from plaintext and encrypted number


Infrastructure Network Configurations — 1








The Bluetooth VisionUniversal wireless connectivity

Replace existing cables with radioConnect systems that have been separate

Ubiquitous computing environmentIntelligent devices performing distributed servicesRedesign hardware as object-oriented

Unconscious connectivity paradigmDevices interconnect automaticallyMinimal user intervention

Wireless Personal Area Network (wPAN)Small networks formed dynamicallyWireless internetworking among wPANs


Universal Wireless ConnectivityReplace existing cables with radio


Universal Wireless ConnectivityConnect systems that have been separate


Ubiquitous Computing EnvironmentIntelligence is local and communication is universal

Bluetooth devices Search for other compatible devicesShare information about services they provideExchange commonly defined data objects

Service provision is distributed over wPAN

Integrated automation of Central serversInformation repositoriesSensors Actuators


Unconscious Connectivity ParadigmConnectivity is a problem for the user

Inconvenient to establish connections manuallyAvailable devices change frequently Users may not remember how to connect

Devices connect automatically and dynamically Devices discover one anotherDevices determine when and why to connectUsers do not need to remember how to connect


Example of The VisionUser

Enters hotel lobbyPDA in user's pocket

Connects to hotel reservations system for check inReceives key code for doorDisplays room number Alerts laptop in suitcase to log onto hotel email server

User's Laptop Downloads messages while user waits for elevator

User's PDA Unlocks door of hotel room

User's laptop Uploads music to audio system

User's PDA Orders room service from menu user prepared on airplane


Example of a Real ProductThree-in-One Telephone

Automatic network selection by environment:Intercom at home or in office PSTN phone when a PSTN access point is availableCellular mobile phone otherwise


How is Bluetooth Different?In cellular and wLAN systems:

Base Stations and Mobile Stations are clearly distinctBase Stations handle services

Channel accessChannel allocationTraffic controlInterference problems

Mobile Stations are relatively simple clients

In Ad Hoc Bluetooth networks:Communication is peer to peer

No central controllerDevices in area self-organize in a shared channel

May be many Bluetooth devices in regionOnly a few need to communicate Mutual coordination is complex


Protocol Layers

Application

Application Profiles

L2CAP

HCI

LMP

Baseband

RadioPhysical Functions

Data Link(LLC + MAC)

Functions

Session/Transport Functions

Application Functions

Physical Layer

MAC Sublayer

Application Layer

BluetoothProtocols

Mapping toOSI

ActualFunctionality


Protocol Overview

Application Layer User application programs

Application Profiles User application support protocols: FTP, TCP, WAP, PPP, telephony, USB, Serial Port, etc

Logical Link Control and Adaptation Protocol (L2CAP)

Channel management (socket-type interface), Segmentation and Reassembly, QoS (speed, reliability, delay)

Host Controller Interface (HCI)

Supports standard I/O hardware standards (when Bluetooth device is external to PC)

Link Manager Protocol (LMP)

Manages Piconet membership and link activity

Baseband Layer Manages point-to-point links, handles security, and interfaces user data to the radio links

Radio Layer Physical data transmission (FHSS in ISM band, at 10 or 100 meter broadcast range)


Frequency Hopping Bluetooth transmits using Frequency Hopping (FHSS)

Group of RF frequencies = 2401 + k MHz, for k = 0, 1, … , 78

Specific Hop Sequence depends onBluetooth Service Bluetooth ClockBluetooth Device

Data transmission Pseudorandom hop sequence

Connection control Deterministic hop sequences

Frequency Hop SequenceTrain = sequence of integers {k0, k1, k2, …, kN} 0 ≤ ki ≤ 78, for i = 0, 1, …, N N = 16 or 32


Time SlotsBluetooth Clock is a 28-bit counter

Upper 27 bits define Bluetooth Time Slot2 Clock Cycles per Time SlotCounter creates 227 = 134,271,728 numbered Time SlotsCounts from 0 to 227 – 1 (then returns to 0)

Each Time Slot is 625 µs in length (1600 slots/second)Time slot number returns to 0 every 23.3 hours


Frequency HoppingPacket transmission begins on a Time Slot boundary

Packets may be up to 5 Time Slots in length

Frequency hop on each Time SlotUnless packet is longer than 1 SlotNo frequency hop during a multi-slot packet

t0 t1 t2 t3 t4 t5 t6 t7

f0 f1 f2 f3 f5 f6 f7


Piconet TopologiesPiconets (from pico = 10-12)

Physical Channel Specific Frequency Hop Sequence

Point-to-Point PiconetTwo devices on a common Physical ChannelFHS is unique to a given PiconetMaster device acts as clientSlave device acts as server

Master Slave


Synchronous Connection Oriented (SCO) LinksPoint-to-Point link between Master and Slave

Circuit-mode connection based on reserved slots Symmetric transmission rateSupports isochronous information like voice

Master can support 1 to 3 SCO links to one or more Slaves

Slave can support 1 to 3 SCO links with one Master1 or 2 SCO links from different Masters


Asynchronous Connectionless Link (ACL)Point-to-Multipoint link

Connects Master and all active Slaves in Piconet

Packet-mode connection Based on statistical multiplexingUses available slots not reserved for SCO links

Asynchronous and Isochronous services supported

Only one ACL link between a Master and a Slave


Bluetooth Connection Layers

radio radioConnection: synchronized frequency hop sequence

circuitswitch SCO: synchronous connection-oriented link

ACL: asynchronous connectionless link

SCO ACL SCO ACL SCO ACL packets over radio connection

circuitmodeservice circuit mode channel

circuitmodeservice

packetmodeservice

packetmodeservice packet mode channel

packetmodeservice

packet mode channel

C B A

A A A

B B B

packetmodeservice packet mode channel

packetmodeservice

C C C

packetswitch

circuitswitch

packetswitch

packetmodeservice

channelmultiplexing


State Relationships


RFCOMM

ACL SCOBluetooth Baseband

LMP

L2CAP

PPP

LAN Access Point Profile


Bluetooth EarpiecePhilips Semiconductor VWS26003

3 Integrated CircuitsBaseband processor (VWS26002)Ceramic Multi-chip RF module (PBA 31301)External Flash memory

NiMh or Lithium ion battery

Talk time ~4 hours

Size weight 75g, 15cc


Philips Semiconductor VWS26003VWS26002 Baseband processor

ARM7 TDMI 32-bit embedded RISC processor72 kbytes internal SRAM4 kbytes internal ROM4 kbytes internal SRAM instruction cacheTimers and watchdog.8 general purpose PIO pins.Voice Codec

PBA 31301 Radio Frequency Module

SoftwarePoint to Point Protocol stack

Systemsor NiMh or Li Ion battery


Philips Semiconductor VWS26003


Single Chip Bluetooth Device Controller

Philips PCD87750E

MTP = Multiple TimeProgrammable ROM

EBC = Ericsson Bluetooth Core

CVSD = Continuously Variable Slope Delta modulation

SPI = Security Parameter Index


Typical Earpiece Organization

h Accs.hac.ac.il/staff/martin/Networks/networks-1.pdf · Computer Networks — Hadassah College — Fall 2015 Overview Dr. Martin Land 3 What is Computer Networking? Local computation

Documents