1 Dr. Martin Land Overview Computer Networks — Hadassah College — Fall 2015 Overview of Computer Networking
1Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Overview
of
Computer Networking
2Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
What is Computer Networking?Logical separation of tasks in digital systems
Data exchange between computation unitsCommunication:
Local operations (ALU, load, store, branch, OS, …)Computation:
Local computationRequest information
Receive informationLocal computation
Accept requestProcess requestLocal computationSend response
communication
communication
3Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
What is Computer Networking?
Local computationRequest information
Receive informationLocal computation
Accept requestProcess requestLocal computationSend response
Making this workRules — lots of rules!Special hardwareSpecial software
Logical separation of tasks in a digital system
Data exchange between computation unitsCommunication:
Local operations (ALU, load, store, branch, OS, …)Computation:
communication
communication
4Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Approaches to NetworkingWhat's required
Understanding how people and machines communicate
What's technically possibleNetwork topology (graph theory)Message encoding (information theory)Speed and delay (performance theory)
Historical engineering solutionsDivision of laborHierarchy (top-down)Security
5Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Topology
Node Host node
Network edge — user systemsComputer, workstation, …
Intermediate node Hardware/software systems for data communicationModem, hub, switch, concentrator, multiplexor, router, …
LinkTransmission path between neighboring nodes
HopData transfer between neighboring nodes over one link
ChannelTransmission path between nodesMay include intermediate nodes
Computer network as directed or undirected graph
Link
Channel
HostNode
HostNode
IntermediateNode Host
Node
6Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Network Topologies
Bus
Tree
Star
IrregularCompletely Connected
Ring
7Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
How People (and Machines) CommunicateRequirements
LanguageMediumNames Rules of conversation (protocols)
PreferencesKeep it simpleWork with minimum details necessary for specific taskObtain details dynamically as needed
Models Define roles in computation processDefine roles in communication processDefine rules of behavior for each role
8Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Models Typical roles in computation
Application programCalling function / called functionOS serviceClass or object
Typical roles in communication
Example — client/server model
both roles Primary and SecondaryBalanced
swap roles Primary ←→ SecondarySymmetric
responds to requestSecondary
initiates request and accepts responsePrimary
Responds to client request (Secondary)Server
Initiates request to server (Primary)Client
Concurrent application programs / threadsClient and Server
9Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Transaction Model
Transaction → request + response
Send Request
Send ResponseReceive Response
Accept RequestRequest
Response
Primary Secondary
Processing
General model with many casesFamiliar examples
main() calls function(x)Procedural transaction
Browser requests page from websiteClient / Server transaction
10Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Layered SystemsSystem divided into logical layersWithin layer
Subsystems interact tightlyExample
Between layersSubsystems interact through programming interfaceExample
// subsystems: i, a[i], b[i], c[i]for ( i = 0 ; i < 1024 ; i++){
a[i] = b[i] + c[i] ;}
// subsystems: main(), f(x)main(){
y = f(x) ;}f(x){
return y;}
main()
Calling function, Primary f(x)
Called function, Secondary
11Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Standard Agent RelationshipsAgent
Software or hardware entity
Peer relationshipTwo+ independent agents at same layer in layered modelExamples
Independent user application layer programsMicrosoft Word + PowerPointWeb Client (browser) + Web Server (website)
Independent OS layer programsUSB driverWiFi driver
Service relationshipmain() calls function(x)Microsoft Word calls printer driverApplication program opens socket (OS call)
12Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Peer‐to‐Peer TransactionPeer-to-Peer (P2P)
Transaction between agents of equal level or statusUsually CLIENT / SERVER model (not necessarily)
ExampleWeb service
Browser and web server — application programs (equal status)
Request Browser (web client) sends page request to web server
Response Web server sends page content to browser
http://www.domain/page.html
page.html
Primary —web client Secondary —web server
13Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Protocol ExamplesTransaction protocols
Hypertext Transfer Protocol (HTTP)Browser requests web page from web serverWeb server provides page as response
Post Office Protocol version 3 (POP3)Client system requests email messages from email serverEmail server provides messages as a response
Protocols
14Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Service TransactionService
Transaction between agents of unequal level or statusExample
User program makes OS call to open fileUser program is application running above OSOS performs performs low-level services for applications
RequestApplication program issues OS call
ResponseOS opens file and returns file descriptor
Primary — user program
Secondary —OS
open file
filedescriptor
15Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Service Transaction ExampleCalling function → Called function
Request Caller invokes called function with parameter
ResponseCalled function returns with result
user(){local workresponse = provider(parameters)local work
}provider(parameters){
local workreturn response
}
Service transactionService request
+Service response
16Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
General Layered Service ModelTask divided into layers
Layer n
Provider to layer n + 1User to layer n – 1
Interface
Boundary between layers
Simple example
Two service transactionsLayer 3 calls layer 2Layer 2 calls layer 1
Layer 2 Provider to layer 3User to layer 1
layer_3(){local workresponse-2 = layer_2(p3-2)local work
}layer_2(p3-2){
local workresponse-1 = layer_1(p2-1)local workreturn response-2
}layer_1(p2-1){
local workreturn response-1
}
17Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
ProtocolProtocol
Rules for transaction between peersExamples
SyntaxSemanticsSynchronizationProceduresAlgorithms Naming
Layered communicationCommunication task divided into layers
Protocol stackSpecific peer-to-peer protocol defined at each layer
Protocols
18Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Protocol Stack
Tanenbaum (3rd ed) Figure 1‐9, p. 17
19Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Services and Protocols
20Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Protocol Stack Example
Tanenbaum (3rd ed) Figure 1‐10, p. 19
21Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Layered Protocol ModelLayer n protocol
Performs VIRTUAL COMMUNICATION between layer n peers Exchanges layer n information with layer n peer
Layer n serviceReceives request from layer n + 1Passes request to layer n – 1 for communication serviceReceives response from layer n – 1
Layer 1
…
Layer n – 2
Layer n – 1
Layer n
Layer 1
…
Layer n – 2
Layer n – 1
Layer nLayer n protocol
Virtual peer transaction
Layer 1 protocol
Physical peer transaction
ServiceTransactions Layer n – 2 protocol
Virtual peer transaction
22Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Encapsulation — Protocol HeadersLayer n – 1 protocol
Receives service request from layer nRequest = message to layer n peer agent
Adds layer n – 1 HEADER
Header = message to layer n – 1 peer agent
Protocol Data Unit (PDU) at layer n – 1 Message output from layer n – 1 protocolLayer n PDU + layer n – 1 header
Service Data Unit (SDU) at layer n – 1 Layer n PDU = random data for layer n – 1
Layer n – 1
Layer n
Layer n – 1
Layer n
Layer n – 1 SDU = Layer n PDULayer n –1 Header
Layer n PDU
Layer n – 1 PDU
23Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Functional Analysis of CommunicationOpen System Interconnection Model (OSI)
DescriptionFunctionLayer
Physical
Data Link
Network
Transport
Session
Presentation
Application
Data transmission between neighboring hardware agents on physical channels (electrical, optical, radio, …)1
Control of data transmission between neighboring hardware agents (one hop)2
End-to-end data routing between host nodes via multiple hops3
Reliable end-to-end data exchange between host nodesPrevents data loss, errors, repetitions, ordering errors
4
Identification, separation, and continuity of multiple ongoing data transactions between software agents5
Syntax and semantics of exchanged data6
Exchange of data between user applications7
24Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Example of OSI Functional LayersHypothetical OSI web browser
Example FunctionsLayer
Physical
Data Link
Network
Transport
Session
Presentation
Application
Data bits exchanged with next-hop data communication hardware on physical channels
Data bytes exchanged between host computer and next-hop data communication hardware
Find route to web server by network addressFile requests/data exchanged with server by network address
Each request/response checked for errors and completenessEach requested file provided to session layer without errors
Web page includes multiple graphic filesEach file requested and received as separate conversation
Encoding standard for Hebrew (Windows, UTF, ISO, …)
Browser provides GUI — requests web pages by URL
25Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Internet Functional Model
Physical
Data Link
Network
Transport
Session
Presentation
Application
OSI Function CommentInternet
LayerOSI
Layer
Infrastructure
Network
Transport
Application
1
Internet protocols do not discuss physical data transmission
2
End-to-end data routing as in OSI3
4
Internet session management can be:Reliable — with transport serviceUnreliable — without transport service
5
6Application provides presentation service and some session service (transactions)
7
Ref: http://tools.ietf.org/html/rfc4949
26Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Example of Internet Functional LayersTypical web browser
Example FunctionsLayer
Infrastructure
Network
Transport
Application
Network layer messages sent to Internet data communication equipment
File requests/data exchanged with server by network routing (RIP, OSPF, IGRP, BGP)Transfer data across network by network address (IP)
Each file request conversation identified for error control (TCP)Each requested file provided to session layer without errors
Browser provides GUI — requests web pages by URLTranslate (DNS) URL into network address (IP) for web server
Encoding standard for Hebrew (Windows, UTF, ISO, …)Web page includes graphic files
Each file requested/received as separate conversation (HTTP)
27Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Internet PDUsProtocol Data Unit (PDU)
PDUMessageLayer
Signal
Frame
Datagram
Segment
Message
Bits
Header + Trailer
Header
Header
Data
Physical
Data Link
Network
Transport
Application
T-DLApplication DataH-TH-NH-DL
Headers added by layers 2, 3, 4 Trailer
Host-to-host data frame
network datagram
transport segment
28Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Internet EndpointsNetwork Endpoint
Address of SOFTWARE AGENT running in HARDWARE AGENT
Network Address + Port
Physical connection
Identifies hardware device (node) in local network
Identifies computing node in global network
Software address identifies program exchanging data
Associates file descriptor with network endpoint
Communication IDLayerSystem Level
Physical
Data Link
Network
Transport
Application
Attachment
Hardware Address
Network (IP) Address
Port
Socket
Hardware
OperatingSystem
User
Well-known portsStandard services defined on ports 0 – 1023
29Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Data Communication Equipment (DCE)
Physical
Data Link
Network
Layer
Modulator/demodulator (modem)Transmits and receives digital bits over physical medium
Manages physical transmission layerExchanges Frames among neighboring hardware agents
Receives Network Datagrams in Data Link FramesSends Datagrams in Data Link Frames to next hop on path to destination
Function DCE
Network Interface
Card
Switch(Hub)
Router
Ethernet Hub
WiFi Hub
Internet Router
Internet Core
30Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Internet Hops
Host nodesApplication data (message) sent to Transport for reliable exchangeTransport segment sent to Network for addressing and routing
Intermediate nodesExamine Network datagrams for addressing and routingTreat Transport segment as meaningless data
Physical
Data Link
Network
Transport
Application
Physical
Data Link
Network
Transport
Application
Physical
Data Link
Network
Physical
Data Link
Network
Host Node
Host Node
Intermediate Nodes
hop hop hop
31Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Network Zoo
Wide Area Networks (WAN)Public Switched Telephone Network (PSTN)
Local loop, backbone, PDH/SDH, ESS, ISDNPublic Switched Data Network (PSDN) — X.25
Broadband Integrated NetworkATM, B-ISDN, Frame Relay
Cellular 2.5G (GPRS/EDGE), 3G (UMTS, CDMA2000), 4G (WCDMA)
Local Area Networks (LAN < 2 km)Ethernet, WiFi, VLAN, token ring, token bus, FDDI, …
Personal Area Network (PAN < 20 m)Bluetooth, ZigBee, IrDA, …
Commercial network protocol stacksSNA, DECnet, Windows Networking, AppleNet, Netware, …
Many network types with specific protocol stacks
32Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
So, what is 'The Internet'?Internet = Inter-Networking
Protocols for connecting heterogeneous networks
Autonomous System (AS)Any network running its own protocol stack
Internet Gateway Runs network-specific protocol stack on ASRuns Internet protocols on connection to Internet core
Internet coreBackbone network of Internet routersConnected by dedicated links
Typical implementationHosts run network-specific protocols on internal ASHosts use Internet protocols for external messagesNo difference at infrastructure level
Gateway
Gateway
Internet Core
AS
AS
33Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Intranet?Intranet
Using internet protocols in ASPure intranet
Internet protocols above Ethernet/WiFi LANWindows network
Uses Internet protocols for transport and addressingUses Microsoft protocols for message syntax, node location, …
Gateway
Gateway
Internet Core
Intranet AS
AS
Internet protocolsover Ethernet
34Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Hey! Hey! You! You! Get Off of My Cloud
Cloud ≠ Internet ≠ NetworkNetwork
Collection of agents with single defined protocol stack
Internet Collection of agents using inter-networking protocols at layers 3 & 4
Cloud Business modelOrganization A rents computing service from provider COrganization A offers service to user B via provider C network
words and music: Mick Jagger and Keith Richards
ProviderC
Massive Computing
Infrastructure
OrganizationA
No Computing Infrastructure
UserB
Client Computing
Infrastructure
BusinessContract
ServiceOffer
ServiceUse
ServiceConfiguration
35Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Why Cloud Computing?Outsourcing service model
User gets computing services from service providerService Level Agreement (SLA) guarantees customer serviceProvider handles operations+administration+maintenance (OAM)
Business advantages to organization Economies of scale — large provider can do it cheaperCuts labor/capital costs from balance sheet → happy investors
Based on standard technologiesCloud service organized from conventional resources
Hardware + software + networkProvider offers menu of services
Not a fundamentally different computing technologyUnique technological issues
Service reliability — provider committed to SLAOptimization of provider-side resource configurationOptimization of user-side resource configuration
36Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Service Configuration in Cloud ComputingInfrastructure as a service (IaaS)
Organization sees virtual hardware environment Real hardware or hypervisor / system virtual machine
Organization installs OS → installs software → user runs jobs
Platform as a service (PaaS)Organization sees virtual OS environment
OS on single hardware platform or virtual OS
Organization installs software → user runs jobs
Software as a service (SaaS)Organization sees virtual application software environment
Applications running on private OS or "sandboxed" on shared OSSandbox — private execution environment per application instance
User runs jobsStorage as a service (STaaS)
User sees virtual mounted storage device
37Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Centralize → Decentralize → Centralize → ?1950s — 60s
Centralized mainframe computer + multiple OS instances over hypervisorTimesharing OS serves multiple usersUser sees OS environment via dumb terminal (thin client)
1970s User applications offloaded to minicomputers + timesharing servicesUser sees timeshared OS environment via dumb terminal
1980sUser applications offloaded to personal workstations (PC)User sees single-user OS environment running locally
1990sNetwork single user workstations User sees single-user OS environment running locally
2000sCentralized control of local OS environment by IT departments
2010sCloud + netbook / tablet / smart phone — dumb terminal with high-res GUI
38Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Issues in Cloud ComputingCost
Provider issuesEconomies of scale ⇒ lower cost per compute job
Organization issuesCapital + OAM costs → operating costsLower start-up costs ⇒ operating debt
Reliability Provider issues
Redundant infrastructure → continuity + disaster recoveryCentralized management of OAM, security, performanceVirtualization → serve multiple users on physical serverMultitenancy → provide multiple sandboxed application instances on OS
User sees guaranteed serviceAgility
Organization / provider reconfigure service as needed Growth, load balancing, time-zone serving
39Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Cloud OwnershipPublic cloud
Service provider as public utility — sells / rents computing serviceInitial providers leverage large existing infrastructureAmazon, Microsoft, Google, IBM
Menu of services at fixed prices
Private cloudCloud infrastructure for private organizationManaged internally or outsourcedIsolates service developers from implementation issues
Standard development platform
Requirements for economic justificationLarge organization Technology-based servicesFrequent new serviceExample — internet content provider
40Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Programming in the CloudDepends on environment
IaaS — Organization sees virtual hardware environmentPaaS — Organization sees virtual OS environmentSaaS — Organization sees virtual application software environment
IBM BluemixSaaS from IBMFree accounts for students using [email protected] addressBluemix DevOps Services
Develop, track, plan, and deploy software on IBM cloud serviceCollaboration tools — Git, Jazz SCM, GitHubBuild application → deploy to IBM cloud Supports
Arduino, C, C#, C++, CSHTML, Embedded, JavaScript (ejs) Erlang, Go, HTML, abstraction markup language (Haml) Jade, Java, JSON, Lua Objective‐C PHP, Python, Ruby, Swift, Virtual, Basic (vb) VMHTML, XHTML, XML, Xquery, yaml, Launch, file Dockerfile, gitignore, git config, cfignore
"You can go from source code to a running app in minutes."
41Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Some Internet ProtocolsApplication layer transactions
Hypertext Transfer Protocol (HTTP)
Transport layer Transport Control Protocol (TCP)
Reliable transport service
User Datagram Protocol (UDP)Unreliable transport service
Network layerInternet Protocol (IP)
Node addressing
Internet Control Message Protocol (ICMP)Messages about messaging
Routing protocols (RIP, OSPF, IGRP, BGP)Learn network topology for message forwarding
792ICMP
791IP
768UDP
793TCP
2616HTTP
RFCProtocol
RFC — Internet standard
42Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
What Internet Protocols Do
Hypertext Transfer Protocol (HTTP)Application layer transactions
Some examples
Responses
Requests
Status of transactionStatus
Contents of requested fileData
Delete file by nameDelete
Replace file by namePost
Retrieve file by nameGet
43Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
What Internet Protocols Do
Domain Name Service (DNS)Translates node name to Internet address (and vice versa)
Example
Some examples
c:\> nslookup www.hadassah.ac.ilName: www.hadassah.ac.ilAddress: 212.179.79.228
44Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
What Internet Protocols Do
Transport Control Protocol (TCP)Reliable transport service
SenderLabel source and destination software by port numberNumber outgoing segmentsWait for ACK (acknowledgment) for outgoing segmentsRetransmit segments if no ACK before timeout Negotiate segment size (for error and congestion control)
ReceiverCheck completeness and order of incoming segments Check incoming segments for errorsSend ACK for good segmentsProvide good incoming segment to destination software
Some examples
45Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
What Internet Protocols Do
Internet Protocol (IP)Best effort network serviceNo guarantee of delivery
IP version 4 addressFour octets 0.0.0.0 to 255.255.255.255 (many reserved addresses)
SenderAttach source and destination network addresses to segmentRoute IP datagram to next hop along route
Receiver Intermediate node — route IP datagram to next hop along routeHost node — provide segment to transport layer
Some examples
46Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Network Infrastructure
ScaleWide Area Network (WAN < earth)Local Area Network (LAN < 2 km)Personal Area Network (PAN < 30 m)
Medium
Traffic statisticsConstant Bit Rate (CBR) — peak data rate = average data rateVariable Bit Rate (VBR) — peak data rate > average data rate
Layers 1 + 2 — bits, bytes, signals, cables, electronics
Copper wire and cableElectrical signals
Requires legal right to transmit radioOpen space
Radio wave signals
Requires legal right to install cablesOptical fiber
Light wave signals
47Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Connectivity = Medium + Topology Point-to-point
Dedicated link from node to nodeFastest and most complex
SwitchDedicated link from node to switchSwitch connects nodes on request
Non-blocking provides n × (n – 1) connectivityBlocking provides n × m connectivity (m < n – 1)
Shared mediumNodes share medium accessContention
Nodes compete for access
PollingCentral controller polls nodes
bus
wireless
48Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Physical Transmission Serial data rate at physical layer
Bits per second = bps = b/sBytes per second = B/s1 B/s = 8 b/s
Capacity (bandwidth)Maximum data rate on mediumFixed by transmitter / medium / receiverLimits
Speed of circuitsSignal to noise ratio (SNR)
01
49Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Physical Transmission Throughput
Takes account ofUtilization = % time transmitter sendingErrors ⇒ re-transmission ⇒ more data on same capacityDelays ⇒ less data received on same capacity
2 3 1 4
utilization = 10 / 16 = 62.5%
0 16
bit errors
bits received
error-free data received per secondthroughput
capacity=
50Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Baud Rate
SymbolPhysical signal that encodes bits
Symbol rate (Baud rate)Symbols transmitted per second
Bit transmission rateBits transmitted per second = (symbols / second) × (bits / symbol)
ExamplePulse amplitude modulation (PAM)Define 2N electrical levels from 0 to 11…1Each symbol (level) transmits N data bits
0001
1011
N = 2 (4 Level) PAM1.00 V
0.50 V
0.75 V
0.25 V
Symbols per second
51Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Baud Rate
33 kbps dial-up modemDefine 210 = 1024 electrical symbols (max for SNR on phone line)Baud rate = 3300 symbols / second
Bits transmitted per secondData rate = (3300 symbols / second) × (10 bits / symbol)
= 33,000 bps
0000000000
00000000010000000010
1111111111
N = 10 (1024 Level) PAM
...
Symbols per second
52Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Data Concentration High capacity link
No single node can utilize link capacityExample
Optical fiber cable with 4 fibers at 25 Gbps = 100 Gbps
Multiplexing Combine multiple nodes onto one linkExample
Optical fiber with 25 Gbps data rateCombine 25 nodes transmitting at 1 Gbps
25 inputsat 1 Gb/s
1 output at25 Gb/s
Multiplexor
53Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Multiplexing MethodsFrequency Division Multiplexing (FDM)
Divide available frequencies (bandwidth) among nodesNodes transmit simultaneously on different frequencies
ExampleFM radio uses 88 MHz to 108 MHz = 20 MHz bandwidthDivide 20 MHz into 100 channels = 200 kHz per FM channel
88 91.3 93.9 95.5 96.6 97.8 101 104.8 MHz
88 מ וס י קה צ"ג ל ' ב צ"ג ל ' ג י ר ושל ים ' ד
54Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Multiplexing MethodsTime Division Multiplexing (TDM)
Divide capacity into time slotsNode transmits in assigned time slot
ExampleE1 digital line transmits at 2048 kbpsDivide 2048 kbps line into 32 time slots = 64 kbps per node
32 x 64 kbps = 2048 kbps = 2.048 Mbps
32 inputsat 64 kbps
1 output at2.048 Mbps
Multiplexor
32 outputsat 64 kbps
1 input at2.048 Mbps
Demultiplexor
55Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
E1 Multiplex
1125 s/sample
8000 samples/second= μ
32 inputsat
8000samples/sec
1 output at32 x 8000 x 8 bps = 2.048 Mbps
byte from line 0
byte from line 1
byte from line 2
byte from line 31
0 1 2 ... 31
125 sμ
Every 125 sec multiplexor (MUX)
receives 8‐bit sample from each line
(isochronous)
μ
125 sec/frame3.91 sec/sample
32 samples/frameμ
= μ
56Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
GSM CellularMixed Multiplexing
Time Division Multiple Access (TDMA)Used on GSM / UMTS phones — 2G and 3GCombines FDM and TDM
Frequency Division Multiplexing (FDM)GSM bands = 25 MHzDivide 25 MHz into 125 channels = 200 kHz per channelTransmit 270 kbps over 200 kHz channel
Time Division Multiplexing (TDM)Divide 270 kbps into 8 times slots = 33 kbps per user33 kbps = 23 kbps for voice + 10 kbps control
57Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Data Statistics — CBRConstant Bit Rate (CBR)
Isochronous data Equal time interval between bitsBits per second = constant
Average data rateAverage data rate = peak data rate = minimum data rate
ExampleUncompressed digital audioSample analog signal every T seconds
Round-off sample to N-bit number from 0 to 2N – 1
Digital audio stream at N / T bps
58Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Digital Voice on Telco Telephone Sample analog voice signal every 0.125 ms
0.125 ms per voice sample ⇒ 8000 voice samples / second
Round-off sample to 8-bit data
Data ∈ {0, 1, 2, ... , 255}Sample = {158.276, 158.879, 159.724, 159.821, 159.312, 158.791}Data = {158, 159, 160, 160, 159, 159}
DS-0 stream(8000 samples / second) × (8 bits / sample) = 64 kbps64 kbps digitized voice (no compression)
158159
160 160159 159
157
158
159
160
161
t
59Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Multiplexing StatisticsDeterministic multiplexing (CBR)
N Nodes = N time slotsNode reserves fixed time slot
Guaranteed transmission capacityNode transmits in assigned time slot
Example E1 multiplex for wired telephone — 32 x 64 kbps = 2048 kbpsE2 multiplex — 4 x 2048 kbps = 8192 kbps
N Nodesassigned
fixedtime slot
DeterministicMultiplexor
N time slots at B bps
N x B bps
60Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Data Statistics — VBR Variable Bit Rate (VBR)
Bursty dataPeak data rate B > average data rate λAssume packets are independent (Poisson statistics)
ExampleData sent by time-of-day client
Request time-of-day (1000 bits) once every hour (3600 seconds)Average data rate = 1000 bits / 3600 seconds = 0.28 bps
Peak data rate = 55 Mbps on 802.11g WiFiPeak data rate 55 Mbps > average data rate = 0.28 bps
( )
( ) ( )
, ,
, ,!
kT
P k T kT
TP k T e
kλ
λ
λ
λλ −
=
=
probability of bits arriving
in seconds when average rate =
61Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Multiplexing StatisticsStatistical multiplexing (VBR)
M nodes > N time slotsBursty data
Average data rate λ < peak data rate B
Average traffic rate = M x λ < capacity rate = N x BActual traffic < capacity ⇒ OK
Actual traffic > capacity ⇒ data delayed or lost
Example Internet routers
M Nodesrequest
time slots
StatisticalMultiplexor
M > N time slots at B bps
N x B bps
62Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Overflow in VBROverflow
Actual traffic > capacity Short time (a few time slots) ⇒ data delayed
Long time (many time slots) ⇒ buffer overflow ⇒ data lost
Overflow probabilityAverage traffic rate = M x λ
Average data arriving in time T = M x λ x T
Capacity rate = N x BData capacity in time T = N x λ x T
Overflow in time TActual data arriving in time T > N x λ x T
N x λ x T + 1 or N x λ x T +2 or N x λ x T +3 or ...Independent outcomes
( ) ( ) ( ) ( )
1
1 2 ...!
overflow∞
− λ
= λ +
λ= λ + λ + = ∑
k
k
P P or or ek
M T
N T
M TN T N T
63Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
SwitchingSwitch
Multiplexor + DemultiplexorData at input_porti → output portji,j = 0, 1, 2, ... , N - 1
Example
N inputs x B bps= N x B bps
N outputs x B bps= N x B bps
Capacity = C bps
switch
1
2
3
4 1
2
3
4
64Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Circuit SwitchingDeterministic multiplexing
Capacity C = N × BDedicated (reserved) link
input_porti → output portjNo competitionGuaranteed capacity B — if used or not
ExampleBezeq phone call64 kbps from telephone to telephone (even if no one speaks)
N inputs x B bps= N x B bps
N outputs x B bps= N x B bps
Capacity = C bps
switch
65Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Packet SwitchingStatistical multiplexing
Capacity C = M × B < N × BDynamical time slot assignment (on request)
input_porti → output portjCompetition
More ports than capacity
Demand > capacity ⇒ delay
ExampleInternet routerPacket queue — first come first served
N inputs x B bps= N x B bps
N outputs x B bps= N x B bps
Capacity = C bps
switch
66Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Connection TypesConnection
State machine associated with data exchange
Connection-orientedFirst set-up data channelMultiple data transactions associated with connection stateMonitor channel state during data exchangeClose channel after data exchangeExample — phone call
Enter number → answer call → extended conversation → disconnect
ConnectionlessTransmit data with no prior channel set-upNo channel state defined by nodesEach message independentExample — email message
Send email → hope message arrives → hope message is found / read
67Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Datagram Service Network of routers and links
Packet switchingConnectionless
Each datagramHas source and destination address in header
Data Link header or Network header
Routed individually through networkDatagrams may follow separate routesExample
B → 1 → 4 → 6 → FB → 1 → 5 → 6 → F
AB
C
E
F
D
1
2 3
4
5
6
datasrc = B dest = F
68Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Switched Virtual Circuit (SVC) Network of switches and links
Circuit switching or packet switchingConnection-oriented
Switched Virtual Circuit (SVC) Set-up / close messages carry source and destination addresses
Example
Packet routing by VC ID in header (layer 2 or layer 3)Every packet follows same VC route Example
AB
C
E
F
D
1
2 3
4
5
6
Set-up VC – 1: B → 1 → 4 → 6 → F
dataVC – 1
69Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
A to D — circuit mode (deterministic SVC)B to E — packet mode (statistical SVC)B to F — packet mode (statistical SVC)C to F — packet mode (datagram service)
Switching Example
AB
C
E
F
D
1
2 3
4
5
6
70Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Transmission Delay
Transmission delay TT
TT = Time to inject bits into line = (bits in packet) / (bits per second)
Processing delay Tproc
Packet process time in intermediate nodeSVC with fixed route ⇒ shorter delay than datagram routing
Propagation delay Tprop
Tprop = (length of cable) / (signal speed)
Queuing delay TQ
Time packet waits in buffer for previous packets (congestion)TQ = (service time per packet) × (packets waiting in buffer)
Example: 1000 Mb / 100 Mbps = 10 sec
Example: 4 km / (2 × 108 km/s) = 2 × 10-8 sec << 10 sec
TT TpropTQ NodeTprocNode
71Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Example of Queuing Delay
Queuing delay TQ
TQ = (service time per packet) × (packets waiting in buffer) Packets waiting in buffer = 1 / (1 – utilization)
Queuing delay exampleService time per packet = 10 ms / packet
Service rate = 1 / (10 ms / packet) = 100 packets / secondAverage traffic = S = 85 packets / second
Utilization = (85 packets / second) / (100 packets / second) = 0.85Buffer level = 1 / (1 – 0.85) = 6.67
TQ = (10 ms / packet) × 6.67 packets = 67 msC = switch capacity = service rate = 100 packets / second
Demand > 100 buffer ⇒ overflow ⇒ excess delay
( ) ( ) 85
1 1 101
85 0.05! !
demand demand k k
S
k C k C k
SP C P k e ek k
∞ ∞ ∞− −
= + = + =
> = = = = =∑ ∑ ∑
TT TpropTQ NodeTprocNode
72Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Error ControlBit error
Data 1 received as 0 or data 0 received as 1
Packet LossCongestion or buffer overflow → packet discarded
Error detectionError correction code / redundancy code / checksumChecksum transmitted with data in header / trailerReceiver compares independent hash with transmitted code
Error controlRequired
Discard corrupt packet
Optional Retransmit discarded / missing packets
bit errors in received dataBit Error Rate (BER)
bits in received data=
packets lostPacket loss rate
packets transmitted=
73Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Network ScalePrivate network
Small Office / Home Office (SOHO) Small number of computers in a few roomsSimple Ethernet / WiFi LAN
EnterpriseMany nodes in large building / campusComplex Intranet
Access networkProvide user connection to Internet coreInfrastructure provider manages layers 1 and 2Internet Service Provider (ISP) manages layers 3 and 4
Internet coreNetwork of routers and links at layer 3Infrastructure provider manages links at layers 1 and 2Links are typically built over complex network systems
74Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Private Networks Simple Ethernet / WiFi LAN
Ethernet switching hub4 to 16 nodesFull connectivity (non-blocking)10 / 100/ 1000 Mbps
WiFi hubMore nodes lowers performanceNodes compete to transmit to hub11 / 54 / 100+ Mbps
Complex IntranetMultiple LAN hubsHubs connected
Directly (bridging)Indirectly (routing)
75Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Non‐Private Networks
Service infrastructure Routing + accounting nodes in office buildings
Link infrastructure Cables + radio channels on public / private property
Legal and licensing issues
Controlled by companies in cable businessesTelephone companies (Telco)Cable TV companies Electric companies Railroads companies
Choices for small business Intranet at 3 locationsPay service provider monthly Or
Purchase LAN hubs and routersLease cables from Telco
Access + core
76Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Telephone Network
Local loopWired connection to most buildingsCan carry 1 Mbps (up to 4 km) to 25 Mbps (up to 300 m)Voice network
Analog voice channel from 300 to 3300 HzDigitized voice at 64 kbps
Local presence (central office) in every neighborhoodLocal loop attached to non-blocking switches
Tree network of switchesCentral offices connect to regional offices on fiber optic backbone
Global broadband switched virtual circuit (SVC) networkCircuit mode switches (ESS7) for 64 kbps voiceCircuit / Packet mode layer 2 switches (ATM) up to 2.5 GbpsPrivate routers throughout network for Internet traffic
It's everywhere
77Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Telephone Network
local loop
fiber optic cables
fiber optic cablesup to 40 Gbps
ESS ATM
Central Office
Router
local loop
ESS ATM
Central Office
Router
local loop
ESS ATM
Central Office
Router
switched virtual circuit (SVC)network
up to 2.5 Gbps
78Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Cellular NetworkWireless to base station — uses Telco network for WAN service
Base System (BS)
Telco VoiceNetwork
CellController
ClusterController
Mobile SwitchingCenter (MSC)
Public Land Mobile Network
Mobile Station(MS)
HLRVLR
CellCluster
GPRS
Internet
SGSN
GGSN
Voice
Data
79Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
SOHO Access Networks Dial-up modem (modulator / demodulator)
Converts digital bits from computer to analog signals for phone lineUser modem connects to ISP modem by phone call56 kbps downstream / 33 kbps upstream
Digital Subscriber Line (DSL)FDM on local loopVoice channel connected to telephone voice networkData channel — 15 Mbps downstream / 750 kbps upstream
ATM link between DSL modem and Telco central officeDatagrams routed to ISP on Telco router network
Cable modemFDM on TV cableTV channels connected to TVData channel — 30 Mbps downstream / 2 Mbps upstream (shared)
Ethernet link between cable modem and cable head officeDatagrams routed to ISP on Telco router network
80Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Enterprise Access Networks Leased line
Telco line to DCE on customer premises2.048 Mbps to 40 GbpsCarrier Ethernet — Ethernet extensions for metropolitan networks
Asynchronous Transfer Mode (ATM)Telco system for broadband switched virtual circuits (SVC)Optimized for multimedia transmissionLayer 2 ATM switch on customer premisesTelco line up to 2.5 Gbps
Frame Relay (FR)Telco system for broadband permanent virtual circuits (PVC)Layer 2 FR switch on customer premisesTelco line up to 45 Mbps
WiMaxWireless metropolitan networkApplies cellular technology for 40 Mbps data
81Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Internet Core Internet backbone
Collection of core routers and fast links
Core routerFast router with very high I/O capacityUp-to-date routing protocolsHandle multiple layer 1 and layer 2 protocols
Fast linksVarious layer 2 protocolsSome simpleSome complex
Simple Layer 2 ProtocolFiber Optic Cable
Complex Mixture of Protocolsand Physical Media
Internet Core
82Dr. Martin LandOverviewComputer Networks — Hadassah College — Fall 2015
Documentation Standards
Formal documentation of systems, algorithms, protocolsAdopted by international committeesRecord technical background and implementation requirements
Standards organizations
American National Standards InstituteUS government standards organization
ANSI
Association of Computing Machinery ACM
Internet Engineering Task ForceThe Internet Society inherited Internet from US government in 1989Internet standards called RFC (request for comment)Available at http://www.ietf.org/rfc.html
IETF
Institute of Electrical and Electronics EngineersIEEE
International Telecommunications Union - Telecommunications SectorUnited Nations standards organization (formerly CCITT)
ITU-T
International Standards OrganizationOrganization of governmental standards organizations
ISO
1Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Application
Layer
2Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Application LayerApplication layer
Application layer issuesWhat data transport service does application need?
Quality of service (QoS)Measurable network parametersQoS requirements determine transport requirements
How does application hand data to transport layer for delivery?Socket interface
OS call opens Internet connection to program on remote nodeSocket API — application sees remote program as open file
"The user runs an application program. The program selects the data transport service it needs — either a sequence of data messages or a continuous stream of data — and hands application data to the Transport Layer for delivery."
RFC 4949 — Internet Security Glossary
3Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Quality of Service (QoS) Network parameters
Bit error rate (BER)< 10-9 on fiber optic cable< 10-3 on wireless
Packet loss rateDepends on congestion control policy
Error control
Dynamic variations inData rate / propagation delay ΔTtrans
Queuing delay ΔTQ
Processing delay ΔTproc
Delay variation(jitter)
End-to-end transmission time for one bitHigh data rate ⇒ lower transmission delay Ttrans
Congestion / priority ⇒ longer queuing delay TQ
Datagram service ⇒ longer processing delay Tproc
Delay
Physical transmission speed in bpsData rate
4Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
QoS and Network PoliciesData Rate
DelayTimeDelay
Variation
ErrorControl
TransmissionSpeed
AccessDelay
CongestionControl
PriorityControl
ConnectionType
5Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
QoS Requirements for Various Services
Service Speed Error Control
Delay Delay
Variation
e‐mail — good — —
file transfer
NFS
database access
reasonable maximum reasonable reasonable
voice fast good very small very small
video
real time control very fast good very small very small
6Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
QoS and Transport Trade-Off
Reliable TransportGenerally preferred when possible
Unreliable TransportUsed when
Some data loss tolerable Delay or jitter intolerableExample — video delivery
Datagram StreamSocket type
None Error correction, packet ordering, congestion control, session state
management
Processing overhead
Connectionless Connection-orientedConnection
No error correction Error-freeError control
UDPTCPProtocol
Unreliable TransportReliable Transport
7Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Application / Transport InterfaceApplication requests service from transport layer
Receives Application layer PDU — data for transportInterface Control Information (ICI)
Service requirements Local + remote endpoints
Prepare Transport service requirementsData for transportLocal endpoint — node address + service portRemote endpoint — node address + service port
Transport Layer
Application Layer
8Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Berkeley Sockets Networking API
De facto standard on Unix / Linux / Apple systemsApplication performs communication like file I/O
Description of connection between client / server processesProtocol + source endpoint + destination endpoint
Association
Address + port of software process (local / remote)Endpoint
Remote (foreign) nodeDestination
Local nodeSource
Internet address of local / remote node Address
OS resources associated with protocol + endpointServer side — socket ID points to service offered to remote nodesClient side — socket ID points to connection to remote service
Socket
ID number of client / server softwarePort
9Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Socket System Calls
Open connection to remote service and associate with socket
Client Side
Connect
Associate port with socketBind
Terminate socket
Local process reads data from socket (OS buffer from remote node)
Local process sends data to socket (OS forwards to remote node)
Create new socket associated with protocol at local address
Client and Server
Socket
Send
Receive
Close
Accept remote connection to local service socketAccept
Prepare to accept remote connections to local service socketListen
Server Side
10Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Socket Calls — Between App and OSSocket, Bind
OS creates resources for network connectionOS returns to App socket descriptor (socket ID)
Listen Server OS makes service available
ConnectClient OS attempts connection to service
AcceptServer OS creates new connection socketServer OS returns new descriptor to AppListen socket continues to listen
SendApp sends data to OS, pointed at socketOS transmits data on associated connection
ReceiveApp requests data from OS socket bufferOS returns data to AppPHY
OS
App
call
return
SocketCalls
OSActivity
Socket ID points to OS resources
11Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
ConnectionServerClient
= socket(domain, type, protoc_ID col)
connect( , service_endpoc_ID int)
connection set‐up
address type service type
= socket(domas_ in, type, protID ocol)
bind( , s_endpoint, s_endpoint_s_ID len)
s_IDlisten( , backlog)
= accept( , c_endpoint, endpoint_s s_ID len)
send( , data, len, s flags)
data
receive( , buffer, len, flc_ID ags)
bind( , c_endpoint, c_endpoint_c_ID len) If client skips bind()OS sets a default port
12Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Node AddressesIPv4 — Internet Protocol version 4
32-bit address 4 octets (bytes) written in decimal — A.B.C.D
0 ≤ A, B, C, D ≤ 255Disconnected intranet addresses 10.x.x.x and 192.168.0.x
Usable in any local intranetNot used in global Internet (between intranets)Network Address Translation (NAT) at gateway router
Permits sharing one external IP address for entire Intranet
127.0.0.1Loopback address used for testingAddress alias for "this node"
IPv6 — Internet Protocol version 6128-bit address Repairs service flaws in IPv4
13Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
PortsClient (source) port
Client can assign any unused port number 1024 ≤ port ≤ 65,535Well-known port (destination port) — standard services
Assigned by Internet Assigned Numbers Authority (IANA) Examples
Domain Name Service53dns
Comment PortService
http protocol over TLS/SSL443https
Internet Message Access Protocol143imap
Post Office Protocol ‐ Version 3110pop3
World Wide Web HTTP80http
Simple Mail Transfer25smtp
Telnet23telnet
The Secure Shell (SSH) Protocol22ssh
File Transfer [Control]21ftp
File Transfer [Default Data]20ftp‐data
14Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
TelnetTelnet Protocol — RFC 854
Text-oriented reliable communication over TCPTelnet client forwards user text to serverTelnet server provides remote login
Command line user interface (CLI) on remote node
Telnet programImplements telnet client protocolConnect to telnet server (port 23) on server node
$ telnet node
Connect to port port on server node$ telnet node port
Example Connect to Google web server on HTTP (port 80)$ telnet www.google.com 80
15Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
HTTP — Hypertext Transfer ProtocolStateless transaction protocol
Client request formulated in ASCII (printable) textServer response formulated in MIME structuresNo stored data on prior transactions
MIME — Multipurpose Internet Mail ExtensionsText in non-ASCII character setsNon-text attachmentsMultipart message bodies
HTTP/1.0Non-persistent connection
One transaction per TCP connection
HTTP/1.1Persistent connection
Multiple transactions on same TCP socket
Pipelined transactionsMultiple requests without waiting for response
16Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
HTTP Requests Simple requests
Defined in HTTP1.1 for HTTP/1.0 compatibilityRequest: single line — GET, POST, HEADResponse: raw page without MIME headers
Full requestsMulti-line request format
Request-Line format
Incidence Line
OptionalMessage-body
Blank lineCRLF
Zero or moreMessage-header CRLF
One Request-Line
CRLFHTTP-VersionSpRequest-URISpMethod
Function Method
tunneling via proxyCONNECT
echo back messageTRACE
delete pageDELETE
append to resourcePOST
store pagePUT
get page headerHEAD
get pageGET
17Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Full Request Example
CRLF
Header lines
Request line
\r\n
Connection: keep-alive\r\n
Keep-Alive: 115\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7\r\n
Accept-Encoding: gzip,deflate\r\n
Accept-Language: en-us,en;q=0.5\r\n
Accept: text/html,application/xhtml+xml\r\n
User-Agent: Firefox/3.6.10\r\n
Host: www-net.cs.umass.edu\r\n
GET /index.html HTTP/1.1\r\n
18Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
HTTP ResponsesGeneral structure
Status line structure
ExampleHTTP/1.1 200 OK\r\nDate: Sun, 26 Sep 2010 20:09:20 GMT\r\nServer: Apache/2.0.52 (CentOS)\r\nLast-Modified: Tue, 30 Oct 2007 17:00:02 GMT\r\nETag: "17dc6-a5c-bf716880"\r\nAccept-Ranges: bytes\r\nContent-Length: 2652\r\nKeep-Alive: timeout=10, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=ISO-8859-1\r\n\r\ndata data data data data ...
Zero or moreData
Zero or moremessage-header CRLF
One Status Line
IncidenceLine
CRLFdescriptionSpstatus codeSpHTTP version
Headers
Status line
Data
19Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
HTTP Response Codes
HTTP Version not supported505Forbidden403
Gateway Time-out504Payment Required402
Service Unavailable503Unauthorized401
Bad Gateway502Bad Request400
Not Implemented501Temporary Redirect307
Internal Server Error500Use Proxy305
Expectation Failed417Not Modified304
Requested range not satisfiable416See Other303
Unsupported Media Type415Found302
Request-URI Too Large414Moved Permanently301
Request Entity Too Large413Multiple Choices300
Precondition Failed412Partial Content206
Length Required411Reset Content205
Gone410No Content204
Conflict409Non-Authoritative Information203
Request Time-out408Accepted202
Proxy Authentication Required407Created201
Not Acceptable406OK200
Method Not Allowed405Switching Protocols101
Not Found404Continue100
20Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Telnet into Web Server$ telnet www.hadassah.ac.il 80Trying 212.179.79.228...Connected to hathi.hadassah.ac.il.Escape character is '^]'.GET / HTTP/1.0
HTTP/1.1 301 Moved PermanentlyContent-Length: 158Content-Type: text/htmlLocation: http://www.hadassah.ac.il/main.htmlServer: Microsoft-IIS/6.0X-Powered-By: ASP.NETDate: Tue, 05 Jul 2011 09:01:35 GMTConnection: close
<head><title>Document Moved</title></head><body><h1>Object Moved</h1>This document may be found <a
HREF="http://www.hadassah.ac.il/main.html">here</a></body>Connection closed by foreign host.
open connection to Hadassah web server
Simple request for index page CRLF
Server response
21Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
emailSimple Mail Transfer Protocol (SMTP)
Defined in RFC 5321
OS
SMTP clientLocal user mailboxPOP/IMAP server
OS
SMTP server
Post Office Protocol (POP3)Defined in RFC 1939 + 2449 + 1734Server access with user authenticationDownload / delete messages
Internet Message Access Protocol (IMAP)Defined in RFC 2060Server access with user authenticationRead / delete / organize messages
22Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
email Use CasesUnix/Linux mail
Mailbox assigned to each user accountSMTP client sends message → SMTP server → local user mailbox
Outlook/Thunderbird mailUser mailboxes on mail server (host)Outlook/Thunderbird runs SMTP client + POP3/IMAP clientsSMTP client sends message → SMTP server on user-1 mail hostSMTP client sends message → SMTP server on user-2 mail hostPOP3/IMAP client gets message ← POP3/IMAP server on mail host
WebmailUser composes mail on web serviceWeb service sends mail from SMTP client → user-2 SMTP serverUser read mail on web service IMAP client
user‐1 mail host mail host user‐1SMTP SMTP POP3
SMTPclient
SMTPclient
POPclient
SMTPserver
SMTPserver
POPserver
23Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Telnet to SMTP Server$ telnet mail.bezeqint.net 25Trying 192.115.106.15...Connected to mail.bezeqint.net.Escape character is '^]'.220 sa14.bezeqint.net ESMTP Bezeq International SMTP out Mail Server
helo [email protected]
250 sa14.bezeqint.netmail from:<[email protected]>250 2.1.0 Okrcpt to:<[email protected]>250 2.1.5 Okdata354 End data with <CR><LF>.<CR><LF>this is a line of a message
.
250 2.7.1 Ok, discarded, id=13560-10 - SPAM500 5.5.2 Error: bad syntaxquit221 2.0.0 ByeConnection closed by foreign host.
open connection to Bezeqint SMTP server
introduce user
begin new message
recipient
begin message body
message body
give up
busted!
24Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Telnet to POP3 Server — 1$ telnet mail.bezeqint.net 110Trying 192.115.106.15...Connected to mail.bezeqint.net.Escape character is '^]'.+OK Bezeqint POP3PROXY Ready 00020c4fuser **********+OK USER ********** set, matepass **********+OK Maildrop locked and readylist+OK scan listing follows1 5007802 4432.
open connection to Bezeqint POP3 server
POP3 commands
end sessionQUIT
undeleteRSET
deleteDELE msg
download header + linesTOP msg lines
download messageRETR msg
size of messagesLIST
number of messagesSTAT
passwordPASS
user idUSER
25Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Telnet to POP3 Server — 2top 1 0+OK 500780 octetsReturn-Path: <[email protected]>Received: from m5.bezeqint.net (m5.bezeqint.net [192.115.104.85])
by mas27.bezeqint.net (MOS 3.8.6-GA)with ESMTP id HRK58842;Mon, 4 Jul 2011 14:19:51 +0300 (IDT)
Received: from baloo-new.hadassah-col.ac.il (EHLO bagheera.hadassah.ac.il) ([212.179.79.229])by m5.bezeqint.net (MOS 4.1.9-GA FastPath queued)with ESMTP id KHN24377;Mon, 04 Jul 2011 14:19:50 +0300 (IDT)
Content-class: urn:content-classes:messageMIME-Version: 1.0Content-Type: multipart/mixed;
boundary="----_=_NextPart_001_01CC3A3C.603293DC"Subject: =?windows-1255?B?5Obu8OQ=?=Date: Mon, 4 Jul 2011 14:18:25 +0300Message-ID: <27B903C4A7521E47B76F1C36B1CE5ED903044469@arathorn.hadassah-col.ac.il>From: "Simcha Rozen" <[email protected]>To: <[email protected]>, <[email protected]>, <[email protected]>,
<[email protected]>.quit+OKConnection closed by foreign host.
request header of message 1 with 0 lines of message body
end session
26Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
File TransferFile Transfer Protocol (FTP)
Transfer files between client and serverSeparate control (port 21) and data (port 20) connections
FTP server Accesses file system on server nodeProvides Unix-like directory services to clientOpens, reads, copies file contents to service socketCreates, writes file contents from client socket
FTP clientRequests directory servicesSends / receives files
Active modeClient sends client IP address and port number to server Server initiates TCP data connection
Passive modeServer sends IP address and port number to client Client initiates TCP data connection
27Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
FTP CommandsAbout 80 commands
ftp> helpCommands may be abbreviated. Commands are:! dir mdelete qc site$ disconnect mdir sendport sizeaccount exit mget put statusappend form mkdir pwd structascii get mls quit systembell glob mode quote suniquebinary hash modtime recv tenexbye help mput reget tickcase idle newer rstatus tracecd image nmap rhelp typecdup ipany nlist rename userchmod ipv4 ntrans reset umaskclose ipv6 open restart verbosecr lcd prompt rmdir ?delete ls passive runiquedebug macdef proxy send
Some common commands
Change local directorylcdTransfer multiple files using wildcardsmget / mputTransfer local file to remote system putTransfer remote file to local systemgetTerminate ftp sessioncloseConnect to remote ftpopenSend command to local system!
28Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Domain Name System (DNS)Address resolution
Converts between node name and node IP address
$ nslookup www.hadassah.ac.ilServer: 10.0.0.180Address: 10.0.0.180#53
Non-authoritative answer:Name: hathi.hadassah.ac.ilAddress: 212.179.79.228
$ nslookup 212.179.79.228Server: 10.0.0.180Address: 10.0.0.180#53
Non-authoritative answer:228.79.179.212.in-addr.arpaname = bzq-179-79-228.static.bezeqint.net
29Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Domain Name SpaceHierarchal tree
Tanenbaum, p. 623
hathi.hadassah.ac.il
)ISOC-IL(איגוד האינטרנט הישראלי
)א"מ חב (הבינאוניברסיטאימ רכז ה חישובים
Hadassah College domain
Named server in Hadassah College domain
countryil
academicac
organizationhadassah
serverhathi
30Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Address Resolution Hierarchy
Local Node
NameCache
Resolverrequest
response
Resolver
Default Name Server
Foreign Name Server
request
response
Local Hierarchy
Forwarder Higher in hierarchy
31Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Hierarchical Name ResolutionHost OS
Resolves addresses using default name server
c:\>ipconfig /allEthernet adapter Ethernet:
...IP Address. . . . . . . . . : 10.0.0.5Default Gateway . . . . . . : 10.0.0.138DNS Servers . . . . . . . . : 10.0.0.11
c:\>nslookup www.hadassah.ac.ilServer: dns.homeAddress: 10.0.0.11Non-authoritative answer:Address: 212.179.79.228Name: www.hadassah.ac.il
$ cat /etc/resolv.conf# Generated by NetworkManagersearch homenameserver 10.0.0.180nameserver 10.0.0.11
$ nslookup www.hadassah.ac.ilServer: 10.0.0.11Address: 10.0.0.11#53
Non-authoritative answer:www.hadassah.ac.il Name: www.hadassah.ac.ilAddress: 212.179.79.228
LinuxWindows XP
DNS serverResolves refers unknown address up the tree
$ cat /etc/bind/named.conf.options
forwarders { 192.115.106.10;62.219.186.7;
};
32Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Resources Records (RR)
RDLENGTHRR-specific dataRDATA
2Length of RDATA fieldRDLENGTH4Time to liveTTL2Class code (class = Internet)CLASS
2RR type (see table)TYPE
Length of node nameNode nameNAME
Length (octets)DescriptionRR Field
Pointer to canonical name (for reverse DNS)pointerPTR12List of email agents for that domainmail exchangeMX15
Authoritative information about DNS zone: primary name server, email of domain, ...
start of authoritySOA6
Authoritative DNS name servers for domainname serverNS2
16
5
1
Type Value
Additional information
Canonical node name
32-bit IPv4 address
Function
text
name
address
Description
TXT
CNAME
A
Field Name
33Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
DNS Request / Response Packets
supplied by questioner and echoed unchanged by responder
number of resource records in additional records section
number of name server resource records in authority section
number of resource records in answer section
number of entries in question section
ARCOUNT
NSCOUNT
ANCOUNT
QDCOUNT
RCODEres3res2res1RARDTCAAOPCODEQR
Message ID
1514131211109876543210
Response type0 No error condition 1 Format error 2 Server failure3 Name Error 4 Not Implemented 5 Refused
RCODE
1 = Recursion AvailableRA1 = Recursion DesiredRD1 = Message truncated (too long for channel)TC1 = Authoritative AnswerAA
Request operation type 0 = standard query 1 = inverse query 2 = status request
OPCODE
Query = 0 / Response = 1QR
34Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Client Socket in PerlPerl IO::Socket package
Provides simplified implementation of socket APIOpen new socket
use IO::Socket;$sock = IO::Socket::INET->new(
Proto => "Protocol",PeerAddr => "Destination Address",PeerPort => "Port Number",)
or die "cannot connect to port at localhost";
Read data from server$data = <$sock>;print $data;
Send data to serverprint $sock "hello server!\n";
35Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Perl Client Socket Example
#!/usr/bin/perluse IO::Socket;
$sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "www.hadassah.ac.il",PeerPort => "80",)
or die "Couldn’t connect!";
print $sock "GET /main.html HTTP/1.0\n\n";
print <$sock>;
close($sock);
include perl Socket packageopen connection to Hadassah web serverOS returns socket descriptor to variable $sock
send server request for home page
display on screen data returned from server
close connection
Read Hadassah College homepage
36Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Perl Client Socket Example
#!/usr/bin/perluse IO::Socket; $sock = IO::Socket::INET->new(
Proto => "tcp",PeerAddr => "www.hadassah.ac.il",PeerPort => "80",)
or die "Couldn’t connect!";print $sock "GET /main.html HTTP/1.0\n\n";print <$sock>;close($sock);
Read Hadassah College homepage
Save file as hadassah.pl
$ perl hadassah.plHTTP/1.1 302 FoundCache-Control: privateContent-Type: text/html; charset=utf-8Location: http://www.hadassah.ac.il/en/error-page/X-AspNet-Version: 4.0.30319Date: Wed, 19 Nov 2014 17:47:18 GMTConnection: close
<html><head><title>Object moved</title></head><body><h2>Object moved to <ahref="http://www.hadassah.ac.il/en/error-page/">here</a>.</h2></body></html>
At command line
37Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Server Socket in Perl#!/usr/bin/perluse IO::Socket;
$sock = IO::Socket::INET->new(LocalHost => 'IP_address',
LocalPort => port_number,
Listen => 1,
Reuse => 1,
Proto => 'tcp') || die "Error\n";
$client = $sock->accept();
assign server address
assign service port number
listen system call
reuse port number when process stops
protocol = TCP
accept system call
open listening socket on server
38Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Perl Server Socket Example#!/usr/bin/perl$flag = "1";use IO::Socket; $sock = IO::Socket::INET->new(
LocalHost => '127.0.0.1',LocalPort => 1234, Listen => 1, Reuse => 1, Proto => 'tcp') || die "Error creating socket\n";
$client = $sock->accept(); while($flag == "1") { $line = <$client>;print $line; print $client "Received\n"; if ($line =~ /bye/) {$flag = "0";}
} close($sock);
Server Prints data from client EchoesReceivedCloses on data bye
In CLI run perl script$perl servlet.pl
In second CLI enter:$telnet 127.0.0.1 1234Trying 127.0.0.1...Connected to 127.0.0.1.Escape character is '^]'.
LOOPBACK ADDRESS (for testing)127.0.0.1
Local calls on this machine
39Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
Header library Constants, data type, data structures, system calls
ConstantsProtocol parameters / sizes, address parameters /sizes, …
Data structuresstruct templates for addresses, ports, protocols, …addrinfo
struct template for connection informationProgrammer provides partial endpoint information to instance hintsSystem provides remaining information in instance res
System callsByte order for network standardEndpoint parameters based on OS operations Standard socket calls
Socket, bind, listen, accept, send, receive
Overview
40Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in CHeaders
Functions for translating protocol and host names into numeric addresses
<netdb.h>
Functions for manipulating numeric IP addresses<arpa/inet.h >
PF_UNIX / PF_LOCAL address family
For communication between programs on same computer
<sys/un.h>
PF_INET / PF_INET6 protocol familiesAF_INET / AF_INET6 address families
Theory — multiple AF addresses per protocol familyPractice — AF = FP
<netinet/in.h>
Socket functions and data structures<sys/socket.h>
41Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in CSome data types and constants
Datagram (connectionless) serviceSOCK_DGRAM
Allow OS to set local IP addressAI_PASSIVE
Stream (connection oriented) serviceSOCK_STREAM
Length of IP address string on OS INET_ADDRSTRLEN
Data type for length of data messagesize_t
Data type for size of endpoint structuresocklen_t
struct template for building sockaddrsockaddr_in
struct template for endpoint (address+port)sockaddr
struct template for description of connectionaddrinfo
IP version 6PF_INET6 = AF_INET6
IP protocol familyPF_INET = AF_INET
42Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in CPredefined address information (ai) template
pointer to linked AI struct
canonical hostname
pointer to endpoint struct
size of ai_addr in bytes
protocol / 0
SOCK_STREAM / SOCK_DGRAM
AF_INET for IPv4
AI_PASSIVE—OS sets address
AI_CANONNAME— use hostname
};
struct addrinfo *ai_next;
char *ai_canonname;
struct sockaddr *ai_addr;
socklen_t ai_addrlen;
int ai_protocol;
int ai_socktype;
int ai_family;
int ai_flags;
struct addrinfo {
43Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in CPredefined endpoint information templates
sin_zero[8];
sin_addr;
sin_port;
sin_family;
sa_data[14];
sa_family;
};
zeros (padding)unsigned char
IP address as structstruct in_addr
Port numberunsigned short int
AF_INETshort int
Access sockaddr fieldsstruct sockaddr_in {
struct sockaddr {
Socket address familyAF_INET (for IPv4)
unsigned short
};
protocol address
Port = 2 bytes
IP address = 4 bytes (IPv4)
Padding = 8 bytes (zeros)
char
44Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int getaddrinfo(const char *node,
const char *service,
const struct addrinfo *hints,
struct addrinfo **res);
getaddrinfo()
Status integer — check with function gai_strerror()Return
Output instance of addrinfo holding info set by OS resolutionres
Input instance of addrinfo holding info set by Apphints
Port number (client's requested service or server's offered service)NULL leaves service uninitialized
service
Remote node addressNULL (OS provides local node address)
node
System call Input instance (hints) ⎯→ output instance (res) using OS information
45Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
addrinfo
ClientRequires addrinfo instance to describe remote service
Writes remote server address string + remote service to hintsgetaddrinfo converts hints ⎯→ res using OS information
ServerRequires addrinfo instance to describe local service
Writes NULL address + local service to hintsgetaddrinfo converts hints ⎯→ res using OS information
sockaddrgetaddrinfo writes addrinfo.sockaddr as HEX endpoint
sockaddr_inUser copies addrinfo.sockaddr ⎯→ sockaddr_inReads port and IP address as separate members
Sockets in CWho uses address information (ai) templates?
46Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in Cgetaddrinfo() example — setting endpoint for LOCAL HTTP server
fprintf(stderr, "getaddrinfo error: %s\n",gai_strerror(status));
nonzero status — check error
OS provides IP address
TCP stream
IPv4
initialize hints to zero
local_res = output struct
hints = input struct
status = getaddrinfo(NULL, "http", &hints, &local_res)
system fills local_res with local service endpoint = local_IP:http using hints and OS data
hints.ai_flags = AI_PASSIVE;
hints.ai_socktype = SOCK_STREAM;
hints.ai_family = AF_INET;
memset(&hints, 0, sizeof hints);
fill hints with partial information
struct addrinfo *local_res;
struct addrinfo hints;
int status;
47Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in Cgetaddrinfo() example — setting endpoint for REMOTE server
fprintf(stderr, "getaddrinfo error: %s\n",gai_strerror(status));
nonzero status — check error
OS provides IP address
TCP stream
IPv4
initialize hints to zero
remote_res = output struct
hints = input struct
status = getaddrinfo(remote_IP, 80, &hints, & remote _res)
system fills remote_res with local service endpoint = remote_IP:80 using hints and OS data
hints.ai_flags = AI_PASSIVE;
hints.ai_socktype = SOCK_STREAM;
hints.ai_family = AF_INET;
memset(&hints, 0, sizeof hints);
fill hints with partial information
struct addrinfo *remote_res;
struct addrinfo hints;
int status;
48Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
Convert text form to struct (presentation to network)inet_pton()
Examplestruct sockaddr_in sa;
inet_pton(AF_INET, "10.0.0.1", &(sa.sin_addr));
Convert struct to text form (network to presentation)inet_ntop()
Examplechar ip4[INET_ADDRSTRLEN];struct sockaddr_in sa;
inet_ntop(AF_INET, &(sa.sin_addr), ip4, INET_ADDRSTRLEN);
Address conversion
define instance sa of struct sockaddr_in
convert address to struct and write into sa
INET_ADDRSTRLEN preset by system
convert address and write into ip4
49Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
Big-endianInteger stored in memory with MSB in lowest addressStandard for network operations (Network Order)
Little-endianInteger stored in memory with LSB in lowest addressStandard on Intel processors
Conversion functionsConverts Host Order to Network OrderNo change if Host Order = big-endian
Byte order conversion
network to host longntohl()
network to host shortntohs()
host to network long (long = 4 bytes = 32 bits)htonl()
host to network short (short = 2 bytes = 16 bits)htons()
50Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
/* showip.c show IP addresses for remote host */#include <stdio.h>#include <string.h>#include <sys/types.h>#include <sys/socket.h>#include <netdb.h>#include <arpa/inet.h>
int main(int argc, char *argv[]){
struct addrinfo hints, *remote_res, *p; int status;char ipstr[INET_ADDRSTRLEN];if (argc != 2) {
fprintf(stderr,"usage: showip hostname\n");return 1;
}
Example for setting remote endpoint — part 1
3 instances
character array to hold IP addresses
51Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
memset(&hints, 0, sizeof hints);
hints.ai_family = AF_INET;
hints.ai_socktype = SOCK_STREAM;
if ((status = getaddrinfo(argv[1], NULL, &hints,&remote_res)) != 0) {
fprintf(stderr, "getaddrinfo: %s\n",
gai_strerror(status));
return 2;
}
printf("IP addresses for %s:\n\n", argv[1]);
Example for setting remote endpoint — part 2
initialize hints to zero
set remote_res to system‐provided infoargv[1] = hostnameport = 0 (not set)
print error message on fail
print heading for list of addresses
set known hintsIPv4TCP
52Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
for (p = remote_res; p != NULL; p = p->ai_next) {void *addr;char *ipver;
struct sockaddr_in *ipv4 = (struct sockaddr_in *)p->ai_addr;
addr = &(ipv4->sin_addr);ipver = "IPv4";
inet_ntop(p->ai_family, addr, ipstr, sizeof ipstr);
printf(" %s: %s\n", ipver, ipstr);
}freeaddrinfo(res);return 0;
}
Example for setting remote endpoint — part 3
loop over linked list
instance ipv4← instance p.ai_addrai_addr points to sockaddr = endpoint = IP:port
addr← IP address in p.ai_addr
convert addr = IP address to ipstr = character string
free linked list
print IPv4: ipstr
53Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
$ showip www.google.co.ilIP addresses for www.google.co.il:
IPv4: 74.125.230.148IPv4: 74.125.230.144IPv4: 74.125.230.145IPv4: 74.125.230.146IPv4: 74.125.230.147
Running showip
54Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int socket(int domain, int type, int protocol);
socket() with hard coded endpoint type
int s;s = socket(PF_INET, SOCK_STREAM, 0);
Specify protocol or 0 default — TCP for STREAM or UDP for DGRAMprotocol
Service typetype
Address familydomain
PF_INET = AF_INET = IPv4SOCK_STREAM = reliable transport0 = use default service protocol — TCP for STREAM or UDP for DGRAM
No local or remote endpoint required to open socket
socket descriptor
55Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int socket(int domain, int type, int protocol);
int s;struct addrinfo hints, *res;
hints.ai_family = AF_INET;
hints.ai_socktype = SOCK_STREAM;
getaddrinfo("www.hadassah.ac.il", "http", &hints, &res);
// getaddrinfo(NULL, "http", &hints, &res);
s = socket(res->ai_family, res->ai_socktype,res->ai_protocol);
socket() using fields in struct res
Specify protocol or 0 default — TCP for STREAM or UDP for DGRAMprotocol
Service typetype
Address familydomain
socket call using res
set up hints
socket descriptor
client side for remote server
server side for local server
56Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int bind(int sockfd, const struct sockaddr *my_addr,socklen_t addrlen);
int s; struct addrinfo hints, *local_res; hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM;hints.ai_flags = AI_PASSIVE;
getaddrinfo(NULL, "http", &hints, &local_res);s = socket(local_res->ai_family, local_res->ai_socktype,
local_res->ai_protocol);
bind(s, local_res->ai_addr, local_res->ai_addrlen);
bind()
prepare hints
OS sets node IP address
bind socket to local service using ai_addressendpoint (instance of sockaddr)
resolve local address and port to local_res , open socket as server
57Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int listen(int sockfd, int backlog);
listen(s, backlog);
struct sockaddr_storage cliaddr;socklen_t addr_size;addr_size = sizeof cliaddr;
int accept(int sockfd, struct sockaddr *cliaddr,socklen_t *addrlen);
int c_s;
c_s = accept(s, (struct sockaddr *)&cliaddr,&addr_size);
listen() and accept()
listen on socket sallow connections ≤ backlog
sockaddr_storagestruct for connected endpoint designed for IPv4 and IPv6will be cast as sockaddr in accept()
create copy c_s of socket s for connection accept connection on socket c_scast cliaddr as sockaddr write client endpoint information to cliaddr
58Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in Cconnect()
prepare hints, resolve remote addrinfo
resolve remote address and port to remote_res
int connect(int sockfd, const struct sockaddr *serv_addr,socklen_t addrlen);
int s;
struct addrinfo hints, *remote_res;
hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM;
getaddrinfo("www.google.com, "http", &hints, &remote_res);
s = socket(remote_res->ai_family, remote_res->ai_socktype,remote_res->ai_protocol);
connect(s, remote_res->ai_addr, remote_res->ai_addrlen)
open socket s for connecting to remote service using ai_address endpoint
59Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int send(int sockfd, const void *msg, size_t len,int flags);
char *msg = "Hello, world!";
size_t s_len,
int bytes_sent;
s_len = strlen(msg);
bytes_sent = send(c_s, msg, s_len, 0);
send()
send string on socket c_sreturns number of bytes actually sent
60Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int recv(int sockfd, void *buf, size_t len, int flags);
#define BUFFER_SIZE 100
char buffer[BUFFER_SIZE];
size_t r_len = BUFFER_SIZE;
int bytes_received;
bytes_received = recv(c_s, buffer, r_len, 0);
recv()
receive string on socket c_ sreturns number of bytes actually received
choose desired receive buffer size
61Dr. Martin LandApplication LayerComputer Networks — Hadassah College — Fall 2015
Sockets in C
int send(int sockfd, const void *msg, size_t len,int flags);
int sendto(int sockfd, const void *msg, size_t len,
int flags, const struct sockaddr *to,
socklen_t tolen);
int recv(int sockfd, void *buf, size_t len, int flags);
int recvfrom(int sockfd, void *buf, size_t len,
int flags, struct sockaddr *from,
size_t *fromlen);
Connectionless data transfer — sendto() and recvfrom()
No accept() for local sockfdDefine source endpoint on the fly
No connect() for local sockfdDefine destination endpoint on the fly
1Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Transport
Layer
2Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Application / Transport InterfaceApplication requests service from transport layer
ReceivesApplication layer PDU — data for transportInterface Control Information (ICI)
Service requirements Local + remote endpoints
Prepare Transport service requirementsData for transportLocal endpoint — node address + service portRemote endpoint — node address + service port
Transport Layer
Application Layer
3Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Transport Layer ServicesConnection management
Maintain separate sessions between various user applications Label sessions with client / server port numbersProvide reliability services according to connection type
MultiplexingDivide outgoing data stream into segments Combine segments from multiple sessions into single output
DemultiplexingSeparate incoming segments by sessionsCombine incoming segments for each session into user data stream
4Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Transport Layer ConnectionsReliable transport (TCP)
Connection-orientedTCP connection established before data transfer
Error-free deliveryData delivered
In original order No errors, duplications, omissions
Flow controlControl sender rate to prevent buffer overflow in receiver
Congestion controlControl sender rate to prevent buffer overflow in network
Unreliable transport (UDP)Connectionless Lower overhead ⇒ faster but no guarantees Segments with errors discarded with no warning to application
5Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Source / Destination PortsClient
Opens socket to send requestsClient / OS binds port number to socket
1024 ≤ client port ≤ 65,535 identifies client application
Server Opens listen socket mapped to accept sockets for requestsBinds well-known port to service socket
0 ≤ well-known port ≤ 1023 identifies service application
Transport
Client Application
Bind socket to port 1025
Connect to port 80
Transport
Server Application
Bind socket to service port 80
Accept from 1025
Requestsrc: 1025 dest: 80
Responsesrc: 80 dest: 1025
6Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Multiplexing / DemultiplexingApplications send / receive data on sockets
Multiple sockets ⇒ multiple conversationsTransport layer segment
Transport header + application data (PDU)TCP / UDP headers carry source + destination ports
Multiplexing / demultiplexingSegments transmitted on same infrastructure Sorted by destination port at destination
Transport
Client Applications
Transport
Server Application
1025 ← 80
10261025 80
1026 ← 80
1025 → 80 1026 → 80
1025 ← 80
1025 → 80
1026 ← 80
1026 → 80
1025 ← 80
1026 ← 80
1025 → 80
1026 → 80
7Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
User Datagram Protocol (UDP)Internet unreliable transport protocol
Defined in RFC 768Used when low delay / jitter more important than error controlStreaming multimedia, multiplayer games, ...
UDP segment
UDP header
Length Number of bytes in datagram < 216 = 65,536Maximum length = 64 KB – lengths of all headers
application dataheader
checksumlength
destination portsource port
32 bits
8Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
UDP / TCP ChecksumCalculation at source
Break UDP segment into sequence of 16-bit wordsAdd IP pseudo-header (IP src/dest addresses, protocol, length)Pad with zeros if necessaryAdd all 16 bit words (not counting checksum field)Add carry-out to 0-order bit (rotate)Perform 1's complement
Calculation at destinationRepeat calculation and compare
Example1 1 1 1 0 0 1 1 0 0 1 1 0 0 1 1 01 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 11
1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 0
1 0 1 0 0 0 1 0 0 0 1 0 0 0 0 1 1
rotate
sumchecksum
9Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Using UDPServerClient
Server UDP Agent
Perform checksum
Error
Discard segment
No error
Pass data to socket by port
Application
Open socket
Bind service port
Listen on socket
Receive data from listen socket
Client UDP Agent
Accept data
Add header with checksum
Send to server
Application
Open socket
Send data on socket to endpoint (node address + service port)
If required — add reliability features at client / server application level
10Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Transport Control Protocol (TCP)Reliable transport over unreliable layers
Network + infrastructure layers can introduce errorsBit errors (1 ↔ 0)Lost packetsDuplicate packetsOut-of-order packets
TCP detects and corrects errors
Layer 1
…
Network
TCP
Application
Layer 1
…
Network
TCP
ApplicationReliable Transfer
Physical Transfer
Unreliable Transfer
11Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Basic Theory of Reliable Data Transfer (RDT)
Version 1.0 for error-free channelNo error checking necessary
Version 2.0Handles bit errors
Version 2.1 Bug fix of version 2.0
Version 2.2Simplification of version 2.1
Version 3.0Handles missing packets
Version 4.0Improved performance
Bottom‐up approach
12Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Theory of Reliable Data Transfer (RDT)
Error-free channelData delivered reliably
Version 1.0 on error‐free channel
Sender Receiver
sndpkt 0
sndpkt 1
sndpkt 2
13Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Handling Bit ErrorsError detection
Sender adds checksum to packet headerReceiver
Re-computes checksum Compares with checksum in header
Corrupt packets (packets with errors) discarded
Error controlReceiver provides sender with feedback about received data
Automatic Repeat Request (ARQ)Sender re-transmits on NAK
Negative acknowledgement
(reject)
Acknowledgement
Data received with bit errorsNAK
Data received without bit errorsACK
14Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Theory of Reliable Data Transfer (RDT)Version 2.0 on channel with bit errors
Sender Receiver
sndpkt 0
sndpkt 1
sndpkt 2
ACK
ACK
NAK
sndpkt 2
error
sndpkt 3
ACK
15Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Theory of Reliable Data Transfer (RDT)Version 2.0 on channel with bit errors
Sender Receiver
sndpkt 0
sndpkt 1
sndpkt 1
ACK
ACK
ACK
sndpkt 2
error Bug!
Receiver receives duplicate packet 1
16Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Bug in Version 2.0Corrupt ACK / NAK packet
Option 1Sender interprets corrupt ACK / NAK = ACKReceiver misses data packet
Option 2Sender interprets corrupt ACK / NAK = NAKSender retransmits packetReceiver may receive duplicate packet
Bug fixLabel packet with sequence number (SEQ)
SEQ = packet_number mod 2 = 0 or 1 (sufficient for stop and wait)
Sender follows option 2Receiver gets duplicate packet
Re-transmits ACKDiscards duplicate packet
17Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Theory of Reliable Data Transfer (RDT)Version 2.1 with SEQ
Sender Receiver
sndpkt 0
sndpkt 1
sndpkt 1
ACK
ACK
ACK
sndpkt 2
errorCorrected Version
Receiver discards duplicate packet 1
sndpkt 3
ACK
18Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Complication in Version 2.1Version 2.1 — SEQ + ACK + NAK
SenderACK or NAK = response to last packetCorrupt ACK or NAK = NAKNAK ⇒ re-transmit packet
Receiver ACK or NAK for each packetCorrupt packet ⇒ re-transmit packetDuplicate SEQ ⇒ re-transmit ACK but discard packet
Version 2.2 — SEQ + ACK without transmitted NAKSender
ACK + SEQ = response to packet SEQCorrupt ACK || ACK to previous SEQ = implied NAKImplied NAK ⇒ re-transmit packet
Receiver ACK + SEQ for each packetCorrupt packet ⇒ re-transmit ACK for previous SEQDuplicate SEQ ⇒ re-transmit ACK but discard packet
19Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Theory of Reliable Data Transfer (RDT)Version 2.2 with SEQ + ACK without NAK
Sender Receiver
sndpkt 0
sndpkt 1
sndpkt 2
ACK0
ACK1
ACK1
sndpkt 2
error
ACK0
Implied NAK:duplicate ACK for packet 1is NAK of packet 2
20Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Lost PacketsPacket loss
Lost data packet or ACKDiscarded by intermediate system or lower network layerBuffer overflowAt receiver — no error or indication of lost packet
Handling lost packetsSender sets timeout counterTimeout || corrupt ACK || ACK to previous SEQ = implied NAKDuplicates handled by SEQ
21Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Theory of Reliable Data Transfer (RDT)Version 3.0 with SEQ + ACK + Timeout
Sender Receiver
sndpkt 0
sndpkt 0
sndpkt 1
ACK0
sndpkt 1
ACK1
losttimeout
losttimeout ACK1
Receiver discards duplicate packet
22Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Performance Problem with Stop‐and‐Wait
Sender Receiver
sndpkt 0
sndpkt 1
sndpkt 2
ACK0
ACK1
ACK0
Round Trip Time (RTT)
Wait too long
T
T T
T T
64 KB 8 bits/BT transmission delay 5 ms
10 Mbps
T T 5 msutilization 0.14
T network latency T RTT 5 ms 30 ms
×= ≈ =
= = ≈ =+ + +
Typical RTT > 30 ms
23Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Sender transactionSend packetReceive ACK
Stop-and-wait protocolSend packet → wait → receive ACKFinish transaction n → begin transaction n + 1Transmitter idle while waiting for ACK
Pipelined protocolBegin new transaction before previous finishesReduce transmitter idle time
Source windowN = window sizeTransmit N packets before stop-and-waitN packets in process ("in flight" or "in pipeline") at any time
Theory of Reliable Data Transfer (RDT)Improving performance
24Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Sender Receiver
sndpkt 0Round Trip Time (RTT)
× ×= ≈ =
+ +T
T
N T 3 5 msutilization 0.43
T RTT 5 ms 30 ms
Theory of Reliable Data Transfer (RDT)Pipelining with window size = 3
sndpkt 2
sndpkt 1
ACK 0
ACK 1
ACK 2
sndpkt 3
sndpkt 5
sndpkt 4
Typical RTT > 30 ms
25Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Selective repeatSender
Buffers packet until ACKTimeout counter for each packetTimeout ⇒ sender re-transmits "unACKed" packet
Receiver ACKs received packetsReceived in order — passed to applicationReceived out-of-order — held in buffer
Window size = N"unACKed" packets < N Send N packets without ACK ⇒ stop sending N < receiver buffer size
Theory of Reliable Data Transfer (RDT)Pipelined protocol — error handling method 1
26Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Sequence number (SEQ)k bit SEQ ⇒ 0 ≤ SEQ ≤ 2k – 1 (modulo 2k) Window size N ≤ 2k
Theory of Reliable Data Transfer (RDT)Selective repeat
window
0020
2waiting202210
1waiting10Error
3
210
110300323321
waiting21221011000
ACK 0
ACK 3
k = 2 ⇒ 0 ≤ SEQ ≤ 3N = 3
ACK 1ACK 2
ACK 1
ACK 1 without ACK 0 ⇒ resend packet 0
27Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Bug in selective repeat
Sequence number (SEQ)k bits ⇒ 0 ≤ SEQ ≤ 2k – 1 (modulo 2k) Window size N ≤ 2k
window
210
210
221012100210
timeout210221011000
k = 2 ⇒ 0 ≤ SEQ ≤ 3N = 3
lostlost
lost
Receiver cannot distinguish cases: 1. Re‐transmission of duplicates2. New packets
Solution — long SEQ (≥ 32 bits)
Theory of Reliable Data Transfer (RDT)
28Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Go Back N (GBN)Sender
Buffers packet until ACKTimeout counter for oldest "unACKed" packetTimeout ⇒ sender re-transmits all "unACKed" packets from buffer
Receiver sends CUMULATIVE ACK
ACK for last packetImplies ACK for all previous packets
No buffer for out-of-order packetsError or missing packet ⇒ no ACK packet or any subsequent packet
Window size = N"unACKed" packets < N Send N packets without ACK ⇒ stop sending N < transmit buffer size
Pipelined protocol — error handling method 2Theory of Reliable Data Transfer (RDT)
29Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Sequence number (SEQ)k bits ⇒ 0 ≤ SEQ ≤ 2k – 1 (modulo 2k) Window size N ≤ 2k
Version 4.0 —Go Back N
window
332waiting21012210011030030
Error
210
3300333
waiting210221011000
ACK 2
ACK 3
ACK 2
k = 2 ⇒ 0 ≤ SEQ ≤ 3N = 3
ACK 2
Theory of Reliable Data Transfer (RDT)
duplicate ACK 2 ⇒ retransmit from 3
30Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP as Reliable Transport ProtocolConnection-oriented
Set up connection before data transfer
Maximum Segment Size (MSS)64 KB (including IP header)
Error detectionChecksum as in UDP
Error controlARQ with ACK + SEQ + timeoutNo corrupt, missing, duplicate, or out-of-order dataPiggybacking — send ACK within data segment
PipeliningVariable window size at sender and receiverGBN cumulative ACK with optional selective repeat
Flow /congestion controlDynamic window size ⇒ control of sender utilization
31Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Header
Options
urgent pointerchecksum
window sizeflagsnot usedHLEN
acknowledgement number (ACK)
sequence number (SEQ)
destination portsource port
32 bits
Options fields + padding for multiple of 32 bits10 – 320 bitsOptions
Offset from SEQ points to last urgent data byte16 bitsUrgent pointer
Number of bytes receiver can receive now16 bitsWindow size
Control bits9 bitsFlags
Not used3 bitsReserved
Length of TCP header in 32-bit words4 bitsHLEN (data offset)
32Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP HeaderFlags
No more data from senderFIN
Synchronize sequence numbersSYN
Reset connectionRST
Push buffered data to receiving applicationPSH
Acknowledgment field validACK
Urgent pointer field validURG
ECN-EchoIf SYN = 1 peer is ECN capableIf SYN = 0 packet with Congestion Experienced flag in IP header received during normal transmission
ECE
Congestion Window Reduced (CWR) flag Sender indicates receiving segment with ECE flag set
CWR
ECN-nonce concealment protectionNS
33Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Connection Set‐up
Client SYN segment SYN flag = 1SEQ = random number xNo data
Server SYN-ACK segmentSYN flag = ACK flag = 1SEQ = random number yACK = x + 1No data
Client ACK segmentSYN flag = 0ACK flag = 1SEQ = random number x + 1ACK = y + 1May contain data
Three‐way handshake
Client Server
SYN flag = 1ACK flag = 0SEQ = xACK = 0
SYN flag = 1
ACK flag = 1
SEQ = y
ACK = x + 1
SYN flag = 0ACK flag = 1SEQ = x +1ACK = y + 1data
Connection request(synchronize)
Accept
ACK
34Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Initial sequence number (ISN)Random SEQ in 3-way handshake
Prevents counterfeit segments
At end of handshake SEQ = ISN + 1
SEQ — byte sequencingSEQ = previous SEQ + length(data bytes in previous segment)
= ISN + 1 + data bytes sent in all previous segments
ACK — byte acknowledgementACK = next (expected) SEQACK = x + 1
Acknowledge x — now expect x+1
SEQ = x+501 ACK = y+1data = 400 bytes
TCP SEQ + ACK
Client Server
SEQ = y+1 ACK = x+501
First data segment after handshake
SEQ = y+1 ACK = x+901
SEQ = x+1 ACK = y+1data = 500 bytes
35Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Send and Receive WindowsSend buffer
Holds sent segments until ACKedOn timeout resend segments from send buffer
Send windowAvailable space in send buffer
Receive bufferHolds received segments until requested by application
Send window Available space in send buffer
Full
Send Window
SendingApplication
Network Layer
Send Buffer
Full
Receive Window
ReceivingApplication
Receive Buffer
36Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Basic TCP Sender BehaviorStart
SEQ = SendBase = ISN + 1
Receive data from applicationPrepare segment with SEQ Send segment when unACKed bytes < SendWindowSEQ = SEQ + length(segment data)Start timer
Receive ACK = yy > SendBase ⇒ SendBase = yunACKed bytes > 0 ⇒ restart timer
TimeoutResend segments starting from SendBaseRestart timer
37Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Typical Control Programdefault_inits ;while ( true ) { /* main loop */
if ( condition_1 ) {handle_condition_1 ;
}
if ( condition_2 ) {handle_condition_1 ;
}
if ( condition_3 ) {handle_condition_1 ;
}
default_updates ;}
38Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Simplified TCP Sender — 1// initialize
SEQ = ISN + 1SendBase = ISN + 1 // last byte ACKedInFlight = 0 // unACKed bytes sentRTO // timeout intervalSendWindow, RecvWindow // send & receive windows
// main loopif (new data from application)
Prepare data segmentsequence number = SEQSEQ = SEQ + length(data)
if InFlight < min{SendWindow,RecvWindow}Pass segment to IP InFlight = InFlight + length(data)if !(timer running) timer = RTO
39Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Simplified TCP Sender — 2if (receive ACK = y)
stop timerif (y > SendBase)
newACKs = y – SendBase // bytes ACKedSendBase = yInFlight = InFlight – newACKs if (InFlight > 0) timer = RTO
if (timeout)SEQ = SendBase = min{unACKed SEQ} and resendtimer = RTO
40Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Basic TCP Receiver BehaviorStart
Expected = ISN + 1 // sender ISNReceive error-free segment with SEQ < Expected
Resend ACK = ExpectedIgnore packet
Receive segment with error || SEQ > ExpectedResend ACK = Expected (implied NACK)Ignore packet
Receive error-free segment with SEQ = Expected Expected = Expected + length(segment data)Buffer ACKSend ACK = Expected if
Delayed ACK timer > maximumBuffered ACKs > maximumACK following implied NACK
41Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Simplified TCP Receiver — 1// initialize
Set RecvWindow = receiver buffer sizeexpected = Sender ISN + 1ack_buffer = 0 // received unACKed segmentsack_max // delayed ACK triggerack_delay = 250 msec // local policy: < 500 msecStart ACK delay timer = ack_delay
// main loopif (ACK delay timer = 0 && ack_buffer > 0)
Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0
42Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Simplified TCP Receiver — 2if (receive SEQ = x) // new packet arrives
if (x = expected && error-free)expected = expected + length(data)if (NACK = 1)
Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0NACK = 0
else if (ack_buffer < ack_max)nextACK = expectedack_buffer++
else if (ack_buffer = ack_max)Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0
elseSend ACK = expected with updated RecvWindowACK delay timer = ack_delayNACK = 1
43Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP SEQ + ACK
Sender Receiver
ACK = 100
No errors
Timeo
utSEQ = 92 8 data bytes
ACK = 120
SEQ = 100 20 data bytes
ACK = 180
SEQ = 120 20 data bytes SEQ = 140 20 data bytes SEQ = 160 20 data bytes
SEQ = 180 20 data bytes
44Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP SEQ + ACK
Sender Receiver
ACK = 100
Bit errorsTimeo
ut
SEQ = 92 8 data bytes
ACK = 120
SEQ = 100 20 data bytes
ACK = 160
SEQ = 120 20 data bytes SEQ = 140 20 data bytes SEQ = 160 20 data bytes
SEQ = 160 20 data bytes
Corruptpacket
discarded
error
45Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP SEQ + ACK
Sender Receiver
SEQ = 92 8 data bytes
ACK = 100
Timeout
Timeo
ut
error
SEQ = 92 8 data bytes
SEQ = 100 20 data bytes
46Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP SEQ + ACK
Sender Receiver
ACK = 100
Lost ACKTimeo
ut
error
SEQ = 92 8 data bytes
SEQ = 100 20 data bytes
SEQ = 92 8 data bytes
ACK = 100
Receiver discards duplicate packet
47Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP SEQ + ACK
Sender Receiver
Missed ACKTimeo
ut SEQ = 100 20 data bytes
SEQ = 120 10 data bytes
SEQ = 92 8 data bytes
ACK = 100
ACK = 120
ACK = 120
SEQ = 92 8 data bytes Receiver discards duplicate packet
ACK 120 acknow
ledges all bytes
< 120
48Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP SEQ + ACK
Sender Receiver
ACK = 100
Cumulative ACK
Timeo
ut
error
SEQ = 100 20 data bytes
SEQ = 120 10 data bytes
SEQ = 92 8 data bytes
ACK = 120
ACK all previous bytes
49Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Selective Acknowledgment OptionSelective ACK (SACK)
Permits ACK for segments with gapsOption negotiated between hostsDefined in RFC 2018
ExampleLast ACK = 5000Send 8 segments × 500 data bytes / segmentCase 1
First 4 segments received and last 4 droppedReceiver returns normal ACK = 5000 + 4 * 500 = 7000No SACK option field
Case 2First segment lost and 7 segments receivedFor each segment receiver returns segment with
ACK = 5000 SACK option field with start + end ACK
Option Field
9000550050008500850055005000800080005500500075007500550050007000700055005000650065005500500060006000550050005500———5000EndStart
ACKData
50Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Setting Retransmission Timeout (RTO) ValueRTO > RTT
RTT = round trip time = minimum time to receive ACKTimeout too short
Too many missed ACKsTimeout too long
Waste too much time before re-transmissionMethod
Measure RTTOn each new ACK updateRTO ← max{(1 - α)* RTO + α * measured_RTT, 1 sec}Typical: α = 0.125
Sender Receiver
SEQRTT
ACK
51Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Connection CloseSymmetric
Client or server may close connection
FIN segment FIN flag = 1SEQ = cumulative SEQ number
ACK segmentACK flag = 1ACK = SEQ + 1
FIN segmentFIN flag = 1SEQ' = cumulative SEQ number
ACK segmentACK flag = 1ACK = SEQ' + 1
Client Server
FIN flag = 1SEQ
FIN flag = 1
SEQ'
ACK flag = 1ACK SEQ'+1
ACK flag = 1
ACK SEQ+1
52Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Flow Control and Congestion ControlFlow control
Sender avoids overflow of receiver bufferCongestion control
All sender avoid overflow of intermediate network buffersBuffer fill rate
Bytes / second arriving from networkBuffer empty rate
Bytes / second leaving to network or application layerBuffer file time
Example
Full
EmptyArriving bytes
Leaving bytes
=−overflow
buffer sizeT
buffer fill rate buffer empty rate
= = =−overflow
64 KB 64 KBT 16 seconds
8 KB/sec 4 KB/sec 4 KB/sec
53Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Flow ControlSource window
Initial source window = maximum number of "unACKed" bytesDetermined by congestion + flow control
Destination windowNumber of bytes receiver can acceptDetermined by available space in receiver bufferBuffer level = Previous level + arriving bytes – bytes read by AppApplication reads too slowly ⇒ decrease destination window
Sliding windowWindows field in TCP header Number of bytes receiver will acceptReceiver discards bytes above window size Full
EmptyArriving bytes
Bytes read by App
54Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Flow Control Example
04 KB
Persist Timeout4 KB4 KB
App reads 4 KB
00
08 KB6 KB00 KB6 KB
App reads 4 KB6 KB2 KB
04 KB
2 KB6 KB2 KB2 KB
4 KB4 KB4 KB64 KB6 KB2 KB4 KB64 KB8 KB02 KB64 KB8 KB0—64 KB
Dest Window
Buffer LevelIn FlightDest
Window
2 KB2 KB
ACK 4 KB window = 4 KB
2 KB
ACK 6 KB window = 6 KB
6 KB
ACK 12 KB window = 0 KB
ACK 12 KB + 1B window = 4 KB
1 B
2+2 = 4
2+4 = 6
6+6 = 12
55Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Receive Window Bugs — 1Bug — deadlock
Receiver advertises window = 0Window update with window > 0 is lost → deadlock
Fix — persist timeoutSender attempts small segmentACK contains new window size
Sender Receiver
win = 0
win > 0
error
1 byte
ACK
win > 0
56Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Receive Window Bugs — 2Silly Window Problem
Application reads received data slowlyReceiver advertises small window Data bytes ~ header bytesMore segments / file transfer ⇒ larger total traffic (data + headers)
Nagle Algorithm — bug fix for Silly WindowSender accumulates application data — sends large segmentsWorks badly with Telnet (requires small segments)
Receiver side bug fixReceiver keeps 0 window size until it can advertise large window
57Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Congestion Control
AssumptionsSegments arrive independently (Poisson statistics)
Random length (bytes)Average arrival rate in steady state
Segments leave independently (Poisson statistics)Average emptying rate in steady state
Results
Queuing theory
ρ
ρρρ
= =
⎛ ⎞= = ⎜ ⎟− −⎝ ⎠
= × =−
arrival rateUtilization
empty rate
1 1 1Latency
empty rate arrival rate empty rate 1
Buffer Level Latency arrival rate1
0
2
4
6
8
10
12
14
16
18
20
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9
Utilization
latencybuffer level
ρ
58Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Congestion Control
(Over)-simplified throughput model
Realistic throughput behaviorHigh arrival rate at bufferLonger latency + overflowSender timeoutsRe-transmit ⇒ more segments ⇒ higher arrival rate at buffer
Buffer throughput
1
buffer utilization(from all senders)
latency
buffer utilization(from all senders)
latency
1
throughput
at receivers
1
1
=receive rate
throughtputmaximum receive rate
arrival ratebuffer utilization
empty rate=
throughput
at receivers
59Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Congestion ControlEnd-to-end congestion control
Based on host estimatesNo feedback from intermediate network nodes
Slow-startBegin session with low transmission rateIncrease rate until timeouts begin
Fast retransmitDo not wait for timeoutRe-transmit after duplicate ACKs (dupACKs)
Congestion avoidanceLimit transmission rate after duplicate ACKsTransmission rate → initial slow-start rate
Fast recoveryCongestion avoidance with larger transmission rate
60Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Slow‐StartCongestion window (cwnd)
Source windowMaximum number of "unACKed" bytes
Initial cwnd = 1 MSS (maximum segment size)
Data rate = 1 MSS / RTTMaximum cwnd = destination window
Exponential growthOn (ACK)
cwnd ← cwnd + size of data ACKedif (cwnd > maximum cwnd)
cwnd ← max cwndOn (ACK timeout)
cwnd ← initial cwnd = 1 MSS
Sender Receiver
RTT
Timeout
ACK 1 MSS
ACK 2 MSS
ACK 3 MSS
61Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Behavior of cwnd in Slow Start
SEQ
cwnd
1
timeout timeout timeout
62Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Fast RetransmitBetter performance with RTO >> RTT
3 duplicate ACKs (dupACKs) for segment ⇒ re-send segment
Sender Receiver
Timeo
ut
error
SEQ = 100
SEQ = 200
SEQ = 300
SEQ = 400
SEQ = 200 (duplicate)
ACK = 200
ACK = 200 (duplicate
)SEQ = 500
ACK = 200 (duplicate
)
ACK = 200 (duplicate
)
ACK = 600
63Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Congestion Avoidance
Slow start thresholdssthresh ← large initial value (possibly maximum cwnd)
Slow start phaseOn (ACK && cwnd < ssthresh)
cwnd ← cwnd + size of data ACKed
Congestion avoidance phaseOn (ACK && cwnd > ssthresh)
cwnd ← cwnd + 1 MSS (exponential → linear growth)
Fast retransmitOn (ACK timeout || 3 dupACKs)
ssthresh ← cwnd (pre-timeout value)
cwnd ← initial cwnd = 1 MSS
Tahoe protocol
64Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Behavior of cwnd in Tahoe
SEQ
cwnd
1
3 dupACKs timeout3 dupACKs
SlowStart
CongestionAvoidance
Fast Retransmit
65Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Congestion Avoidance
Slow start phaseOn (ACK && cwnd < ssthresh)
cwnd ← cwnd + size of data ACKedOn (ACK timeout)
ssthresh ← cwndcwnd ← initial cwnd = 1 MSSRTO ← 2 * RTO
Congestion avoidance phaseOn (ACK && cwnd > ssthresh)
cwnd ← cwnd + 1 MSSFast retransmit with fast recovery
On (3 dupACKs)ssthresh ← cwndcwnd ← cwnd / 2
Reno protocol
Retransmit lost packetWait 1 RTT → continue sending
For > 3 dupACKscwnd++ on each new dupACK
66Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
Behavior of cwnd in Reno
SEQ
cwnd
1
3 dupACKs timeout3 dupACKs
SlowStart
CongestionAvoidance
Fast Retransmit
3 dupACKs
67Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Sender with Reno — 1// initialize
SEQ = ISN + 1SendBase = ISN + 1InFlight = 0cwnd = 1 MSSSet ssthreshold large (local policy)RTO = timeout
// main loopon (new data from application)
Prepare data segment:sequence number = SEQif InFlight < min{cwnd,SendWindow,RecvWindow)
Pass segment to IP SEQ = SEQ + length(data)InFlight = InFlight + length(data)if !(timer running) timer = RTO
68Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Sender with Reno — 2if (receive ACK = y)
stop timerif (y > SendBase)
dupACK = 0newACKs = y – SendBase // bytes ACKedSendBase = yInFlight = InFlight – newACKsif (cwnd < ssthresh) cwnd = cwnd + newACKs else cwnd = cwnd + 1 MSSif (InFlight > 0) timer = RTO
69Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Sender with Reno — 3// if (y > SendBase)else
dupACK++if (dupACK = 3)
SEQ = SendBase = min{unACKed SEQ} and resendtimer = RTOssthresh = cwndcwnd = cwnd / 2wait 1 RTT // wait for ACK of resent packet
if (dupACK > 3)cwnd = cwnd + 1 MSS
if (timeout)SEQ = SendBase = min{unACKed SEQ} and resendssthresh = cwndcwnd = initial cwnd = 1 MSSRTO = 2 * RTOtimer = RTO
70Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Receiver with Reno — 1// initialize
Set RecvWindow = receiver buffer sizeexpected = Sender ISN + 1ack_buffer = 0ack_max (local policy: delayed ACK trigger)ack_delay = 250 msec (local policy: < 500 msec)Start ACK delay timer = ack_delay
// main loopif (ACK delay timer = 0 && ack_buffer > 0)
Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0
71Dr. Martin LandTransport LayerComputer Networks — Hadassah College — Fall 2015
TCP Receiver with Reno — 2if (receive SEQ = x)
if (x = expected && error-free)expected = expected + length(data)if (NACK = 1)
Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0NACK = 0
else if (ack_buffer < ack_max)nextACK = expectedack_buffer++
else if (ack_buffer = ack_max)Send ACK = expected with updated RecvWindowACK delay timer = ack_delayack_buffer = 0
else Send ACK = expected with updated RecvWindowACK delay timer = ack_delayNACK = 1
1Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Network
Layer
2Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Transport / Network InterfaceTransport layer requests service from network layer
Receives Transport layer PDU — data + transport headerInterface Control Information (ICI)
Service requirements Local + remote node addresses
Prepare Network service requirementsTransport segment for transfer across network
Application data + transport header Local node addressRemote node address
Network Layer
Transport Layer
3Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Connection TypesConnection
State machine associated with data exchange
Connection-orientedSet-up end-to-end network channel before data any exchangeMonitor channel state during data exchangeMultiple transactions associated with connection stateClose channel after data exchangeExample — phone call
Enter number → answer call → extended conversation → disconnect
ConnectionlessData transmitted with no prior channel set-upNo channel state defined by nodesEach message independentExample — email message
Send email → hope message arrives → hope message is found / read
4Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Datagram Service Network of routers and links
Packet switchingConnectionless
Every datagramHas source and destination address in header
Data Link header or Network header
Routed individually through networkDatagrams may follow separate routesBest effort delivery — unreliable service at layer 3Example
B → 1 → 4 → 6 → FB → 1 → 5 → 6 → F
AB
C
E
F
D
1
2 3
4
5
6
datasrc = B dest = F
5Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Switched Virtual Circuit (SVC) Network of switches and links
Circuit switching or packet switchingConnection-oriented
Switched Virtual Circuit (SVC) Set-up / close messages carry source and destination addresses
Example
Packet routing by VC ID in header (layer 2 or layer 3)Every packet follows same VC route Example
AB
C
E
F
D
1
2 3
4
5
6
Set-up VC–1: B → 1 → 4 → 6 → F
dataVC – 1
6Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
A to D — circuit mode (deterministic SVC)B to E — packet mode (statistical SVC)B to F — packet mode (statistical SVC)C to F — packet mode (datagram service)
Switching Example
AB
C
E
F
D
1
2 3
4
5
6
7Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Virtual Circuit LabelingRouting
VC number assigned at each switchSource-to-destination label on one hopCan change at each switch
VC in packet header identifies pathExample
X.25 network packet
A
B C
1
23 1 2
Switch 1 Switch 214
23 3442
59 72
DataType VCFormat
8Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Virtual Circuit Routing TableRouting pair
Interface numberVC
Routing table for VCVC set-up = write table entriesMap input pair → output pair
A
B C
1
23 1 2
Switch 1 Switch 214
23 3442
59 72
Switch 1 Routing Table
422593
141233
593422
233141
OutputInput
VCInterfaceVCInterface
Switch 2 Routing Table
591722
231342
722591
342231
OutputInput
VCInterfaceVCInterface
9Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Datagram ForwardingRouting
Source address + destination address in IP headerDestination pair identifies next hop
ExampleIP
A
B C
1
23 1 2
Router 1 Router 2
DataOther Fields DestSrc
10Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Datagram ForwardingRouting table for datagram
Routing algorithm → table entriesMap destination address → output interface
Routing algorithm1 tells 2 "I have A + B" 2 tells 1 "I have C"
A
B C
1
23 1 2
Router 1 Router 2
Router 1 Table
3Other1B2A
InterfaceDestination
Address Range
Router 2 Table
1Other2C
InterfaceDestination
Address Range
11Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Connection‐Oriented / Connectionless NetworksConnection-oriented network services
Connectionless network serviceInternet Protocol (IP)
384 kbps – 1.9 Mbps cellular data networkGPRS / EDGE
Cellular voice networkGSM / UMTS
64 kbps – 625 Mbps replacement for ESS#7 + Frame RelayATM
2.048 – 45 Mbps replacement for X.25Frame relay
64 kbps pubic switched data network (PSDN)X.25
64 kbps pubic switched telephone network (PSTN)ESS#7
12Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internet Protocol version 4 (IPv4)IP datagram format
16 bits8 bits4 bits4 bits
Data
Options
Destination IP Address
Source IP Address
Header ChecksumProtocolTime to Live
Fragment Offset (13 bits)FlagsIdentification
Total Length (header + data in bytes)Service TypeHlen Version
MF (More Fragments — all frags but last)DF (Don't Fragment)0FlagsOffset in 8‐byte units from start of original datagram (fragmented)Fragment Offset
Protocol of data carried by datagramProtocolRouters perform: {if (--TTL == 0) delete datagram}Time To Live (TTL)
Provides unique datagram IDIdentification
Differentiated Services Code Point (DSCP)Explicit Congestion Notification (ECN)
Service typeHeader length in 32‐bit fieldsHlen
13Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Maximum Transmission Unit (MTU)Largest datagram accepted by Layer 2 links
Fragmentation Divide datagram longer than MTU into < 213 = 8192 datagrams If DF = 1 datagram discarded
ReassemblyOriginal datagram reassembled at final destination
ExampleMTU = 1500 bytes = 20 (header) + 1480 (data)Total Length = 4000 bytes = header + 3980
3980 – 2 * 1480 = 1020
3 fragments with original header except1 — Length = 1500 bytes MF = 1 offset = 02 — Length = 1500 bytes MF = 1 offset = 1480 / 8 = 1853 — Length = 1040 bytes MF = 0 offset = 2*1480 / 8 = 370
Internet Protocol version 4 (IPv4)Fragmentation & Reassembly
14Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internet address32-bit address4 octets (8-bit decimal numbers) separated by dotsExample
www.hadassah.ac.il ↔ 212.179.79.228
Network / HostHost address = 212.179.79.228Host address = Network.Host
Network number = 212.179.79.0Host number = 228
Internet Protocol version 4 (IPv4)IPv4 Addressing
15Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Network / Subnet / HostDivide hosts into sub-networks
Example Subnet 0 = 212.179.79.1 – 212.179.79.127
Host address range = 212.179.79.XX = 0xxxxxxx (binary)
Subnet 1 = 212.179.79.128 – 212.179.79.254Host address range = 212.179.79.XX = 1xxxxxxx (binary)
Internet Protocol version 4 (IPv4)Network / Subnet / Host
⎧⎪⎪= ⎨⎪⎪⎩
0, ... , A-1 (subnet 0)
A, ... , 2A-1 (subnet 1)Host number
2A, ... , 3A-1 (subnet 2)
...
16Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
3 main address classesA — small number of large networks (up to 224 = 16 Mhosts)C — large number of small networks (up to 28 = 256 hosts)
Internet Protocol version 4 (IPv4)Address classes
class octet 1 octet 2 octet 3 octet 4 network range
A 0 7 bits 8 bits 8 bits 8 bits
1.0.0.0 to 127.0.0.0
network host B
10 6 bits 8 bits 8 bits 8 bits 128.0.0.0 to 191.255.0.0
network host C
110 5 bits 8 bits 8 bits 8 bits 192.0.0.0 to 223.255.255.0
network host D
1110 4 bits 8 bits 8 bits 8 bits 240.0.0.0 to
247.255.255.255 multicast address
17Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Address formatOctet1.Octet2.Octet3.Octet4/bits_in_network_numberbits_in_network_number = 1, 2, 3, … , 31 (unrestricted)
Examples Class A address — 10.0.1.5/8
8-bit network number = 10.0.0.0
Class C address — 192.168.0.37/24
24-bit network number = 192.168.0.0
General node address — 192.168.0.33/27
Network address = 192.168.0.32 Host number = 0 — 31Host addresses = 192.168.0.32 — 192.168.0.63
Internet Protocol version 4 (IPv4)Classless Inter‐Domain Routing (CIDR)
00001330168192
host27-bit network address001000000001010100011000000
18Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Forming subnet mask1 in all bits of network number0 in all bits of host numberEncodes same information as number of bits in network number
ExampleGeneral node address — 192.168.0.33/27
27-bit network numberMask
11111111.11111111.11111111.11100000255.255.255.224
Using maskMask AND IP address = network number
Example255.255.255.224 AND 192.168.0.33 = 192.168.0.32
Internet Protocol version 4 (IPv4)Subnet mask
19Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internet Protocol version 4 (IPv4)Subnet example
subnet 0
194.30.5.1 194.30.5.2
194.30.5.33
194.30.5.35
194.30.5.34
subnet 1
194.30.5.3
194.30.5.65
194.30.5.66 194.30.5.67
subnet 2
194.30.5.99
194.30.5.97
194.30.5.98
subnet 3
194.30.5.129
194.30.5.130 194.30.5.131
subnet 4
194.30.5.32/27255.255.255.224
194.30.5.0/27255.255.255.224
194.30.5.64/27255.255.255.224
194.30.5.128/27255.255.255.224
Octet4 = 3-bit_subnet _number.5-bit_host_number
20Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internet Protocol version 4 (IPv4)Reserved addresses
Reserved240.0.0.0/4
Multicast (Class D)224.0.0.0/4
Private network192.168.0.0/16
Private network172.16.0.0/12
Loopback (destination = this node)127.0.0.0/8
Private network10.0.0.0/8
Current network (source address)0.0.0.0/8
DescriptionCIDR address block
Broadcast on CIDR networkIP address = octet1.octet2.octet3.octet4/nw_bits
Network number = MASK AND IP Broadcast = MASK' OR IP
MASK32 – nw_bitsnw_bits00...011...1
MASK'32 – nw_bitsnw_bits11...100...0
21Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
CIDR Routing Table
Router 0Default gatewayEdge router
Router 3194.30.5.128/27Router 3194.30.5.96/27
Router 1 Table
Router 0Other
Router 2194.30.5.64/27LAN194.30.5.32/27
InterfaceDestination
Router 3194.30.5.64/27Router 3194.30.5.96/27Router 0Other
LAN194.30.5.128/27
Router 4 TableInterfaceDestination
subnet 0
194.30.5.1 194.30.5.2
194.30.5.33
194.30.5.35
194.30.5.34
subnet 1
194.30.5.3
194.30.5.65
194.30.5.66 194.30.5.67
subnet 2
194.30.5.99
194.30.5.97
194.30.5.98
subnet 3
194.30.5.129
194.30.5.130 194.30.5.131
subnet 4
22Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Routing AlgorithmsApplication of graph theory
Model network as undirected graph G(N,E)Nodes N = switches / routersEdges E = one-hop links between nodesWeight = metric (cost, distance) > 0
Weighted average of path parametersPath length, queuing and transmission delay, cost, etc
Shortest path routing by standard algorithmsStatic routing
Apply Dijkstra algorithmLink State RoutingRequires knowledge of all weights
Dynamic routingSolve Bellman-Ford equation locallyNearest neighbor nodes exchange weight parametersDistance Vector Routing
23Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Router GraphNodes
N = {u, v, w, x, y, z}
Weightsc(i,j) = link metric from i to j
Optimal pathPath from x to y with minimum cost dx(y) = metric of optimal path from x to y
11
2 5
2
1
3
2 3
v
u
x
w
y
z5
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
24Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Bellman‐Ford EquationPrinciple of optimality
Node v on optimal path from x to y ⇒ xv and vy = optimal paths
Corollary
Bellman-Ford equation
Basis for static and dynamic routing algorithms
( ) ( ) ( ){ }x vv
d y min c x,v d y= +
x yv
( ) ( ) ( ) ( ) ( )x v xxvy optimal d y c x,v d y c x,v d v⇒ = + ⇒ =
25Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Dijkstra Algorithm
{ } ( ) ( ) ( )
( )
( ) ( )( )( )
( )( )
,,0,,u uv is a linkc u,v uv is a link
N' u D v p votherwiseotherwise
(N\N' )
find w N\N' with minimum D w
m
N\N') {
ove w f
r
L w c v,
om N
w
if L v {
D
to N'
for
v L
p
(
D
v w
v
D
}
}
⎧ ⎧= = =⎨ ⎨
∞ ⎩⎩≠ φ
∈
∈
= +
<
=
=
Initialize
While
26Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Dijsktra ExampleSource u
N = {u, v, w, x, y, z}
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
D(w) = 3D(y) = 2D(v) = 2D(x) = 1
Minimum D
{u, y, u, x, y}{2, 3, 1, 2, 4}{w, u, v, x, y}{z}{u, y, u, x, y}{2, 3, 1, 2, 4}{u, v, x, y}{w, z}{u, x, u, x, 0}{2, 4, 1, 2, ∞}{u, v, x}{w, y, z}
{u, x}{u}N'
{u, x, u, x, 0}{2, 4, 1, 2, ∞}{v, w, y, z}{u, u, u, 0, 0}{2, 5, 1, ∞, ∞}{v, w, x, y, z}p{v, w, x, y, z}D{v, w, x, y, z}N
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
27Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Distance Vector RoutingRouting table in each node
Index = known nodesEntry = metric to node
Information exchange Nodes pass routing tables to one-hop neighbors
Table entriesOne-hop node
Metric = measured cost parameters
Multi-hop nodesMetric = min{measured cost to neighbor + neighbor entry to node}
Bellman-Ford routingAssume route information from node v to node y is dv(y)At node x choose route to y via v where
( ) ( ) ( )x vv
d y min {c x,v d y }= +
28Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
DV Example — Exchange 1Initial tables
Exchange 1Node u gets routing information from v, x, w
1
1
2 5
2
1
3
2 3
5
v w
z
yx
usource
—2—5——z
2—5——z—11——y1—321x13—35w—23—2v—152—uyxwvudest
92142—
Metric
wxxxv—
Next hop
zyxwvu
—5—11——323—323—152xwv
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
29Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
DV Example — Exchange 2After Exchange 1 at v, x, w
Exchange 2Node u gets routing information from v, x, w
42132—
Metric
xxxxv—
Next hop
zyxwvu
zyxwvu
3,y3,y8,w11,y3,x—2,y2,x2,y—3,w2,v3,v—1,u4,x2,vxwv
338113—222—323—142xwv
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
30Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Spanning TreeSpanning tree
Subgraph of G(N,E') ⊆ G(N,E)Includes every nodeUnique path from root node u to any nodeNo cycles (loops)
Dijkstra and DV routing Converge to spanning tree for simple graphs
Minimal spanning treeMinimal cost from root to any node
1
1
2 5
2
1
3
2 3
5
v w
z
yx
u
31Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Distance Vector Metric Updates
Metric Hops to node u
Link uv recovers from failure
v w yxu
Routing Table Entries for Node u
4,x3,w2,v1,u3∞3,w2,v1,u2∞∞2,v1,u1∞∞∞1,u0 yxw v exchange
Good news travels fast
32Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Distance Vector Metric Updates
Link uv fails
Circular table updates
Count to infinity Nmax hops Metric > Nmax ⇒ no linkInformation on failed link
propagates slowly
v w yxu
2 3 4
2 3 4
2+1=3
3+1=4 3 4
34 4+1=5 4
4+1=55+1=6 5 5+1=6
5
6,x5,w6,v5,w4
Routing Table Entries for Node u
4,x5,w4,v5,w34,x3,w4,v3,w24,x3,w2,v3,w14,x3,w2,v1,u0 yxw v exchange
Bad news travels slowly
33Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internet RoutingAutonomous System (AS)
Nodes managed by one organizationHierarchical routing
Interior Gateway Protocols (IGP) Routing protocols within one AS (Intra-AS)
Exterior Gateway Protocols (EGP)Routing protocols between ASs (Inter-AS)
Edge router (gateway router)Router within AS linked to router in different AS
AS‐1AS‐2Edge Routers
IGP IGPEGP
AS‐3
IGP
34Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internal Gateway Protocols (IGP)Intra-AS tasks
Optimize internal routingExchange routing tables with IGP nodesLink to primary gateway (edge router)
IGP protocolsRouting Information Protocol (RIP)
RFC 1058, RFC 2453
Open Shortest Path First (OSPF)RFC 2328
Interior Gateway Routing Protocol (IGRP)Cisco proprietary
35Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Routing Information Protocol (RIP)Older protocol
Introduced in BSD-UNIX (1982)Distance Vector (DV) algorithmRouting information sent as data in UDP segments
DV advertisementsRouting information exchanged with 1-hop neighbor nodesExchanged every 30 secondsNo routing update in 180 seconds ⇒ node = unreachable
Metric = hopsTable entry = 1 hop to neighbor + neighbor table entryNmax = 15N > Nmax ⇒ node = unreachable
36Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Open Shortest Path First (OSPF)Newer protocol (1998)
Link State algorithmIndependent network layer protocol (not data over UDP)
LS advertisements (LSAs)Start
Routing metrics exchanged among 1-hop neighbors
ContinueRouting tables synchronized among all routers in AS
Shortest Path First (SPF)Dijkstra algorithm among routers in ASSub-optimal next hop permitted for load balancing
MetricsHops, speed, delays, connections from destinationMultiple service-dependent metrics permitted
37Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Hierarchical Open Shortest Path First (OSPF)Divide AS into hierarchy of areas
Routers in area perform OSPF among themselvesReduces overall routing information traffic
Area hierarchyEdge routerBackboneArea border routersInternal area routers
LS advertisements (LSAs)Internal routers + area border routers
Perform full OSPFOptimal routing within area
Area border routers + backboneExchange summary metrics Basic topology
Backbone + edge perform OSPF as an area
EdgeRouter
BackboneRouters
Area BorderRouters
InternalRouters
Backbone Area
Area‐1
Area‐2
Area‐3
38Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Exterior Gateway Protocols (EGP)Inter-AS tasks
Exchange routing information among EGP nodesDetermine routes for inter-AS trafficManage economic, political, security considerationsAvoid global instabilities (routing cycles)
EGP protocolsExterior Gateway Protocol (EGP)
Obsolete RFC 827, RFC 904
Border Gateway Protocol (BGP) RFC 4271
39Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
eBGP Exchange routing information between AS edge routersDetermine routes for inter-AS traffic
iBGP Exchange routing information within ASDetermine preferred gateway for inter-AS traffic
OSPF (or other IGP) Exchange routing information within ASDetermine routes for intra-AS traffic
AS‐1AS‐2
iBGPOSPF
eBGP
AS‐3
iBGPOSPF
iBGPOSPF
Routing hierarchy
40Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
Stub network1 edge routerCannot carry transit traffic
All incoming / outgoing traffic has dest / src in AS
Multi-homed network More than 1 edge routerRefuses transit traffic
All incoming / outgoing traffic has dest / src in AS
Typically large corporate network or commercial ISPUnwilling to accept traffic burden
Transit network More than 1 edge routerAccepts transit trafficInternet backbone
AS classification
AS reachable viaOne hop linkTransit network
transit
41Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)Routing information exchange
NLRI with network attributes
AS path
List of ASNs describing path to NLRI
Next‐Hop
IP address of next hop edge router
AS route
CIDR description of reachable Internet destination ASNetwork Layer Reachability Information (NLRI)
16‐bit number to identify ASAS number (ASN)
Persistent TCP session between two BGP peers
Used to exchange routing informationBGP session
Two BGP speakers exchanging routing informationBGP peersRouter supporting BGPBGP speaker
42Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
No routing cyclesRouter eliminates path that includes itself as transit network
Local preference attributeAdministrator policy sets preference value for pathsLower preference paths eliminated
Shortest AS path Path with least transit networksPaths with longer AS path eliminated
Closest Next-Hop routerPossibly multiple routes to next ASDetermine minimum cost link to router in next ASRoutes with higher cost route to next hop router eliminated
Path selection
43Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
Path from A to BA receives paths from peers
No loopsA eliminates path AvAuwB
No routing cycles
1u w
zyv
A x
B2
vAuwBv
xwBx
uwBu
PeerRecommends
Peer
44Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
Path from A to BA receives paths from peers
No loopsA eliminates path AvAuwB
Local administrator sets preferencesAS u preferred to AS x as transit networkExample — data security questionsA eliminates path AxwB
Local preference attribute
2
2
1
Local Preference
vAuwBv
xwBx
uwBu
PeerRecommends
Peer
1u w
zyv
A x
B2
45Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
Path from A to BA receives update from v
Local administrator sets preferencesAS u preferred to AS x as transit networkExample — data security questionsA eliminates path AxwB
Shortest AS pathAvyzB longer than AuwBA eliminates AvyzB
Shortest AS path
2
2
1
Local Preference
vyzBv
xwBx
uwBu
PeerRecommends
Peer
1u w
zyv
A x
B2
46Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
Path from A to BA receives update from u
Local administrator sets preferencesAS u preferred to AS x as transit networkExample — data security questionsA eliminates path AxwB
Shortest AS pathAvyzB longer than AuwBA eliminates AvyzB
Closest Next‐Hop router
2
2
1
Local Preference
vyzBv
xwBx
uwBu
PeerRecommends
Peer
1u w
zyv
A x
B2
w
1
2
Path 1 closer than path 2
47Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Border Gateway Protocol (BGP)
Transit policyCommercial ISP A
Revenue from attached customersCustomers require forwarding
Transit trafficAdds load to ISP networkProduces no revenue
A does not advertiseConnection Ax to u or vConnection Av to u or xConnection Au to x or v
Refusing transit traffic
1u w
zyv
A x
B2
48Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Broadcast / Multicast ServicesBroadcast
Forward datagrams to all nodesMulticast
Forward datagrams to group of nodesLocal broadcast / multicast
Among nodes attached to one router Server advertisements
DHCPDNSRouter services
Handled as layer 3 / layer 2 transactionsGlobal broadcast / multicast
Among multiple routersFile sharingContent distributionMedia streaming
49Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Broadcast IssuesNode-level broadcast
Multiple unicast Requires list of all nodesNot practical
Uncontrolled flooding Each router forwards all packets to all routersBroadcast storm
Traffic multiplies exponentiallyNetwork paralyzed
Controlled flooding methodsTag packets
Transmit each packet one time
Time to Live (TTL) Delete packets after N_max hops
Broadcast only on spanning tree No cycles in graph
v w
z
yx
u
v w
z
yx
u
50Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Spanning Tree BroadcastReverse Path Forwarding (RPF)
Only forward packet arriving on default node-to-source pathNode uses default routing table
Does not know full spanning tree
ExampleNode broadcast u arrives at node x
Arrives on u-xNode x forwards to y on x-y
Arrives on y-x, w-x, v-xNode x deletes
Center-based forwardingDesignated center nodeNodes send join messages to center node by conventional routingCenter node broadcasts to group members
v w
z
yx
u
Node x Routing Table
yzywv
uu
51Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
MulticastMulticast group
Subset of all routers / hosts receiving multicast datagrams
Multicast routerMaintains group membership information for multicast distribution
Multicast addressClass D address refers to multicast groupMulticast datagrams addressed to multicast addressMulticast routers distribute to group members
Internet Group Management Protocol (RFC 3376)Nodes report multicast group memberships to multicast routers
Protocol Independent Multicast (PIM)Dense mode — multicast routers closely distributed
RPF spanning tree construction
Sparse mode — multicast routers widely distributedCenter-based forwarding
52Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Network Address Translation (NAT)Router
Receives IP datagram Exchanges IP source / destination address in headerForwards datagramMaintains list of translations
Autonomous systemsAllocate private network addresses internally
10.0.0.0 and 192.168.0.0
Only gateway and backbone devices require unique IP addressesLocal nodes on AS re-use private addresses
Example10.0.0.1
10.0.0.2
10.0.0.3109.65.228.42
209.85.229.147
138.76.29.7
10.0.0.1
10.0.0.2
10.0.0.3
53Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Network Address Translation (NAT)
No translation required on traffic internal to ASLocal addresses = real IP addresses
Local node to external nodeOutgoing packet
Source endpoint = local IP address + application source port numberDest endpoint = remote IP address + well-known port number
Gateway router NAT Replaces
Local IP address with gateway IP address Local application source port with unique unused NAT port
Records mappingNAT source port → local IP address + source port number
Forwards packet
External node to local nodeGateway router replaces NAT port → local IP + app source port
Translation details
54Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Host A HTTP request to Server SSource port = 1025 Source IP = 10.0.0.2Destination port = 80 Destination IP = 209.85.229.147
Outgoing NAT at Gateway router BSource port = 3745 Source IP = 109.65.228.42Destination port = 80 Destination IP = 209.85.229.147
Server S HTTP response to Host ASource port = 80 Source IP = 209.85.229.147Destination port = 3745 Destination IP = 109.65.228.42
Incoming NAT at Gateway router BSource port = 80 Source IP = 209.85.229.147Destination port = 1025 Destination IP = 10.0.0.2
Network Address Translation (NAT)Example
10.0.0.110.0.0.2
10.0.0.3109.65.228.42
209.85.229.147
138.76.29.7
10.0.0.1
10.0.0.2
10.0.0.3
Host AServer S
router B
55Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
ProblemHow to operate service behind NAT
SolutionsStatic router referral
Define service port on Server QRefer all incoming traffic at gateway for service port to Server Q
Relay serverServer Q connects to Server E with public address (no NAT)Host M requests service from Server Q via Server E Server Q replies via Server E
Universal Plug and Play (UPnP)Specialized protocols for NAT traversal
Network Address Translation (NAT)Traversal problem
10.0.0.110.0.0.2
10.0.0.3109.65.228.42
209.85.229.147
138.76.29.7
10.0.0.1
10.0.0.2
138.76.29.18
Host M
Server Q Server E
56Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Assistive Protocols used with IP LayerDomain Name System (DNS)
Convert between node name and network address
Address Resolution Protocol (ARP)Convert between network and hardware addressesDiscover local subnet topology
Dynamic Host Configuration Protocol (DHCP)IP address allocation on request from DHCP server
Server typically in gateway router
Server allocates IP address from pool of available addressesDHCP message types
DHCP server discovery (host broadcast)DHCP offer (server response)DHCP request (host request)DHCP ACK (server provides address)
57Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
IP Configuration Examplec:\>ipconfig /allWindows IP Configuration
Host Name . . . . . . . . . . . . : ******Primary Dns Suffix . . . . . . . :Node Type . . . . . . . . . . . . : UnknownIP Routing Enabled. . . . . . . . : NoWINS Proxy Enabled. . . . . . . . : NoDNS Suffix Search List. . . . . . : ******
Ethernet adapter Local Area Connection:Connection-specific DNS Suffix . : ******Description . . . . . . . . . . . : ******Physical Address. . . . . . . . . : ******Dhcp Enabled. . . . . . . . . . . : NoIP Address. . . . . . . . . . . . : 10.0.0.5Subnet Mask . . . . . . . . . . . : 255.0.0.0Default Gateway . . . . . . . . . : 10.0.0.138DNS Servers . . . . . . . . . . . : 10.0.0.11
10.0.0.138c:\>arp -aInterface: 10.0.0.5 --- 0x2Internet Address Physical Address Type10.0.0.7 70-1a-04-95-a4-4f dynamic10.0.0.11 00-50-fc-b1-6f-ff dynamic10.0.0.138 5c-d9-98-06-26-36 dynamic
58Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Internet Control Message Protocol (ICMP)Control protocol
Network management informationError reporting
Unreachable host / network / port / protocol
Echo request / replyPackets carried in IP datagrams
Packet structure
Rest of Header — message specificPadding — data field
Padding64
Rest of Header32
ChecksumCode
(subtype)Type0
24 – 3116 – 238 – 150 – 7Offset
Selected Message Types
bad IP header012TTL expired011
router discovery010
route advertisement
09
echo request08
dest host unknown
7
dest network unknown
6
dest port unreachable
3
dest protocol unreachable
2
dest host unreachable
1
dest network unreachable
0
3
echo reply00descriptionCodeType
59Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
PingClient application program
Client sends echo request packets to destination IP addressType = 8 Code = 0 16-bit ID number 16-bit sequence number
OS dependentLinux ping
Default = continuous packets with 56 padding bytes Windows ping.exe
Default = 5 packets with 32 padding bytes
Ping server (OS service)Responds to each echo request packet with echo rely packet
Type = 0 Code = 0 16-bit ID number 16-bit sequence number
Ping clientMeasures round trip time (RTT)Reports packet losses, RTTs and average RTT
UDP pingUses UDP instead of ICMP
60Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Ping Examplec:\>ping www.hadassah.ac.il
Pinging hathi.hadassah.ac.il [212.179.79.228] with 32 bytes of data:
Reply from 212.179.79.228: bytes=32 time=32ms TTL=119Reply from 212.179.79.228: bytes=32 time=70ms TTL=119Reply from 212.179.79.228: bytes=32 time=135ms TTL=119Reply from 212.179.79.228: bytes=32 time=83ms TTL=119
Ping statistics for 212.179.79.228:Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:Minimum = 32ms, Maximum = 135ms, Average = 80ms
61Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Traceroute Client application program
Multiple echo request packets to destination IP addressFirst packet TTL = 1Each subsequent packet has TTL++
OS dependentLinux traceroute / tracepath
UDP to unlikely port number (port typically not defined)Windows tracert.exe
ICMP echo request packets
Intermediate routersif (--TTL == 0){delete ; ICMP type 11 to client}
ICMP packet carries router name + IP address
ICMP sequence = list of intermediate routers (hops = 1, 2, … )Destination node
UDP segment — ICMP port undefined (type 3 code 3) message ICMP packet — ICMP echo reply message
62Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
Traceroute Examplec:\>tracert www.hadassah.ac.il
Tracing route to hathi.hadassah.ac.il [212.179.79.228]over a maximum of 30 hops:
1 2 ms 1 ms 2 ms 10.0.0.1382 18 ms 19 ms 17 ms bzq-179-37-1.static.bezeqint.net [212.179.37.1]3 18 ms 17 ms 17 ms bzq-179-48-201.static.bezeqint.net [212.179.48.201]4 17 ms 17 ms 17 ms bzq-179-80-241.static.bezeqint.net [212.179.80.241]5 17 ms 18 ms 17 ms bzq-179-124-201.static.bezeqint.net [212.179.124.201]6 17 ms 17 ms 17 ms bzq-179-124-138.static.bezeqint.net [212.179.124.138]7 19 ms 18 ms 18 ms bzq-179-59-1.static.bezeqint.net [212.179.59.1]8 32 ms 36 ms 41 ms 10.20.110.189 105 ms 84 ms 71 ms bzq-179-79-228.static.bezeqint.net [212.179.79.228]
10 73 ms 88 ms 150 ms bzq-179-79-228.static.bezeqint.net [212.179.79.228]
Trace complete.
c:\>
63Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
IPv6 (RFC 2460)Motivation
IPv6 address = 128 bits (16 octets)Service-specific fields
Quality of ServiceMulticasting SecurityMobility
HeaderFixed 40-byte header
10 × 4 bytes
Optional header fieldsService-specific
Next Header fieldIdentifies optional header or protocol of carried data
Header daisy chainEach optional IPv6 header contains Next Header field
Data
Optional Headers
4 octets
Destination address (4 × 4 octets)
Source address (4 × 4 octets)
Hop limitNext headerPayload lengthFlow labelTraffic classVersion
64Dr. Martin LandNetwork LayerComputer Networks — Hadassah College — Fall 2015
IPv4 To IPv6 Transition IPv4 routers
Replaced graduallyWork with IPv6 routers
IP tunnelingEncapsulate IPv6 datagram as data in IPv4 datagram
IPv6Router A
IPv6Router B
IPv4Router C
IPv6RouterD
IPv6Router E
tunnel
Data IPv6
HeaderA to E
IPv4 HeaderB to D
Data IPv6
HeaderA to E
Data IPv6
HeaderA to E
1Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Infrastructure
Layers
2Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Infrastructure
Change in point of viewInternet standards do not discuss Data Link + Physical LayersHardware developers define standards
Not Internet Aware
Internet Aware
Internet Layer Model
Data Link Layer — hardware managementPhysical Layer — hardware
Infrastructure
End-to-end IP routing + forwardingNetwork
Local + remote portsService requirements
Transport
Internet application Expects Internet services from OS
Application
Internet perspective
3Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Infrastructure layersBottom-up design
Physical layer (PHY)Defines physical transmission of bitsExploits a physical technology
Data Link layer (DL) defines management of Physical LayerHow to make physical technology do what we want
Infrastructure managementDelivering data messages — 10% of effortMaking hardware work correctly — 90% of effort
OAM = Operations+Administration+MaintenanceApplication assumes infrastructure "just works""Just works" ⇒
Reliability, availability, stability, serviceability, growth
InfrastructureEngineering perspective
physical bits
4Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Enormous investment in existing equipmentGlobal network of hardware nodes + transmission lines
Developed to provide many servicesInternet (IP-based unreliable connectionless) just one service
Most developed before Internet Telegraph — 1794Telephone — 1876Teletype modem — 1943Digital telephone — 1962Internet opened to public — 1992
Hardware updates Replacement of manufactured hardwareSlower than software updatesMore expensive than software updates
InfrastructureEconomic perspective
5Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Data Link FunctionsSimilar to transport layer functions
FramingAssemble network PDUs into hardware packetsAttach header + trailer for Data Link and Physical layers
Medium access + flow control + congestion control When / how transmitter sends data onto linkTransmitter avoids overflow of receiver bufferTransmitters avoid interfering with other transmitters
Error controlDetect / correct transmission bit errors
Local addressingConvert network addresses to hardware local addresses
Transport Reliability
Data LinkReliability
Data LinkReliability
6Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Data Link SublayersLogical Link Control (LLC) sublayer
Multiplexing of data sources / destinationsPacket type identificationError correctionFlow control
Medium Access (MAC) sublayerNetwork topologyMedium access management
Sharing medium among nodesPermission to transmit
Data frame structureHardware (MAC) addressingError detection
1
2MAC
Sublayer
Physical Layer
Data Link Layer
LLC Sublayer
7Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Interface to Data Link LayerInfrastructure layers
Typically implemented in hardware PHY — physical circuits for transmitter / link / receiverDL — embedded program in firmware (ROM) + controller
Host nodeNetwork interface Card (NIC)
Connection port to medium (link)ControllerTransceiver
Switching nodeSwitching fabricController + multiple transceivers + connection ports to medium (link)
DL layer interfaceInterface to OS level hardware driverNetwork PDU ↔ OS driver ↔ NIC / switch controller ↔ transceiver
8Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
FramingData frame format
Data link protocol managementHeader / Trailer format
Similar to headers at network and transport layersAddressing, error control, flow control, …
Physical layer hardware managementTransmission parameters
Bit rate, Baud rate, modulation method, …Transmitter / receiver synchronization
Clock training bits1010101010 … allows receiver clock to sync
Frame markingStart / Stop Fields Start field / byte countLose sync ⇒ drop frame + wait for new Start Field
TrailerDataHeader
9Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Frame Marking MethodsSTX / ETX
ASCII control codes
DLE in data streamByte stuffingTransmitter sends DLE as DLE DLEReceiver removes extra DLE
0x10Data Link EscapeDLE
0x03End of TextETX
0x02Start of TextSTX
DLE ETXRest of TrailerData Rest of HeaderDLE STX
10Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Frame Marking MethodsFlags
Start = Stop = 01111110 = 0x7E
7E in data streamByte / bit stuffingByte stuffing
Send 7E as 7E 7E — receiver removes extra 7E
Bit stuffingSend 11111 as 111110 — receiver removes extra 0
01111110Rest of TrailerData Rest of Header01111110
11Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Error ControlCheck sequence
Transmitter Calculates hash of data Includes sequence in transmitted header / trailer
Receiver Calculates hash of data Compares received sequence with calculated sequence
12Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Error ControlParity (even parity)
Parity bit = XOR of data bits Data + parity = even number of 1 bits
Cyclic Redundancy Code (CRC)D = Data fieldG = Generator
Predetermined pattern of r+1 bits
R = Remainder of (D × 2r) / G (modulo 2 division) = CRC fieldGenerally (D × 2r + R) / G = 0
R = (D × 2r) / GD = data
13Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Modulo 2 Polynomial ArithmeticRepresent data bits as coefficients of polynomial
Arithmetic modulo 2 in each order (XOR)
Polynomial addition = subtraction
Polynomial multiplication / divisionMultiply / divide as usualModulo 2 arithmetic in each orderExamples
( )1 2 0
1 2 01 2 0
...
...n n
n nn n
D a a a
D x a x a x a x− −
− −− −
=
= × + × + ×
( ) ( ) ( )( ) ( )
1 0 1 01 0 1 0
1 01 1 0 0
... ...
...
n nn n
nn n
A x B x a x a x b x b x
a b x a b x
− −− −
−− −
± = × + + × ± × + + ×
= ⊕ × + + ⊕ ×
0 0 1 1 0 0 1 1 0 1+ = + = + = + =
( )( ) ( )
( ) ( )
3 2 5 3 3 5 3 5
5 2 3
1 1 1
1
x x x x x x x x x x x x
x x x x x
+ + = + + + = + + + = +
+ ÷ + = +
14Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Modulo 2 Long Division
5
2
2 5
3
5 3
3
3
1
1
0
x xx
x x xx
x x
x xx
x
x
++
++
++
++
15Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Cyclic Redundancy Code (CRC)Why it works
Data
Shift left D r bits ⇒ D → D × 2r
Divide by G ⇒ D × 2r → D × 2r / G = Q + R / GQuotient QRemainder R
Transmit T = D × 2r + R
Receiver calculates T / GT / G = D × 2r / G + R / G = (Q + R / G) + R / G = Q + (R + R) / G
= Q + 0 / G = Q
D = data
0 … 0D = data
RD = data
16Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
CRC ExampleData stream
D = 1101011011Generator
G = 10011
Remainder R = 1110
TransmitT = 1101011011 1110
CRC check at receiver
1 1 0 0 0 0 1 0 1 0 1 0 0 1 1 1 1 0 1 0 1 1 0 1 1 0 0 0 0 1 0 0 1 1 1 0 0 1 1 1 0 0 1 1 0 1 0 1 1 0 1 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 1 1 1 1 0
1 1 0 0 0 0 1 0 1 0 1 0 0 1 1 1 1 0 1 0 1 1 0 1 1 1 1 1 0 1 0 0 1 1 1 0 0 1 1 1 0 0 1 1 0 1 0 1 1 1 1 0 0 1 1 0 0 1 0 0 1 1 1 0 0 1 1 Zero remainder ⇒ no error 0 0
17Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
CRC Standards
12 11 3 2 1
16 15 2
16 15 5
32 26 23 22 16 12 11 10 8 7 5 4 2
( ) 1
( ) 1
( ) 1
( ) 1
CRC‐12
CRC‐16
CRC‐CCITT
CRC‐32
G x x x x x x
G x x x x
G x x x x
G x x x x x x x x x x x x x x x
= + + + + +
= + + +
= + + +
= + + + + + + + + + + + + + +
18Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Flow ControlGo Back N (GBN)
Transmit N frames Wait for ACKPiggybacking — transmit ACK signals in data frame
Sliding WindowN-bit SEQ numberWindow size — number of unACKed frames before stoppingSource window
SEQ numbers of unACKed framesFrames buffered at transmitter until ACKed
Destination windowSEQ numbers of frames to be acceptedFrames passed to network layer in SEQ order
Out-of-order frames bufferedFrames too far ahead of window rejected
Timeout — retransmit if no ACK after fixed time
19Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
High‐Level Data Link Control (HDLC)Family of data link protocols
Based on IBM SDLC Layer 2 protocol in mainframe SNA Originally for communication between CPUs and peripherals
Link Access Protocol (LAP)Versions of HDLC used in public network architectures
SLIP, PPPInternet point‐to‐point
IEEE 802.2Ethernet Logical Link Control (LLC)
LAPDISDN
LAPFFrame Relay
LAPBX.25
20Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
High‐Level Data Link Control (HDLC)Data link attributes in HDLC
Information, Supervisory, UnnumberedFrame types
3‐bit SEQ numberFlow control
16‐bit CRC‐CCITT or 32‐bit CRC‐32Error control
hardware level addressing possibleAddressing
0x7E flag with byte / bit stuffingFraming
21Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
HDLC Frame StructureGeneral HDLC frame
Address8 bit address ⇒ 256 hardware addresses
Control fieldSpecifies frame type / control
01111110 Address Control data CRC 01111110
8 8 8 ≥ 0 16 / 32 8
7 6 5 4 3 2 1 0
Information (data) 0 SEQ N(S) p/f NEXT N(R)
7 6 5 4 3 2 1 0
Supervisory (flow control) 1 0 type p/f NEXT N(R)
7 6 5 4 3 2 1 0
Unnumbered (management / connectionless) 1 1 type p/f subtype
22Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
HDLC Control FieldsFlow control
SEQ — sequence number of data frameNEXT — next expected SEQ (ACK all previous frames)
Type00 — ACK + Receiver Ready (RR)01 — Reject (REJ): retransmit all frames from N(R) 10 — Receiver Not Ready (RNR): ACK N(R) but stop sending11 — Selective Reject (SREJ): retransmit N(R)
7 6 5 4 3 2 1 0
Information (data) 0 SEQ N(S) p/f NEXT N(R)
7 6 5 4 3 2 1 0
Supervisory (flow control) 1 0 type p/f NEXT N(R)
7 6 5 4 3 2 1 0
Unnumbered (management / connectionless) 1 1 type p/f subtype
23Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
HDLC PollingPolling
Primary host initiates communicationSecondary host responds
Poll / Final (p/f) bitInvitation — primary to secondary with p = 1Response
Secondary sends I-frames to primary with f = 0Secondary sets f = 1 on last response frame
7 6 5 4 3 2 1 0
Information (data) 0 SEQ N(S) p/f NEXT N(R)
7 6 5 4 3 2 1 0
Supervisory (flow control) 1 0 type p/f NEXT N(R)
7 6 5 4 3 2 1 0
Unnumbered (management / connectionless) 1 1 type p/f subtype
24Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
HDLC Internet Dial‐Up ProtocolsSerial Line Internet Protocol (SLIP)
RFC 1055
Point-to-Point Protocol (PPP)Layer 2 protocol used between
Internet routersHost and Internet service provider (ISP)
Address = 11111111 = broadcastHDLC control = 11000000 = Unnumbered (connectionless data)Protocol
Protocol in data fieldNetwork protocol or link negotiation protocol (upper layer 2 sublayer)
0xC0IP datagram with byte stuffing (C0 → DB DC, DB→ DB DB)0xC0
01111110 11111111 11000000 Protocol Data CRC 01111110 8 8 8 8 or 16 ≥ 0 16 / 32 8
25Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
PPP Protocol OptionsStandard network protocols
IP, IPX, AppleTalk, …Datagram in data field
Control ProtocolsLink Control Protocol (LCP)
PPP optionsHeader compression (remove control / address fields)Size of protocol / CRC fields and data
Test Terminate
Network Control Protocol (NCP)Network layer options
ProtocolAddressHeader compression (encode header fields)
Authentication (ISP user / password exchange)
01111110 11111111 11000000 Protocol Data CRC 01111110 8 8 8 8 or 16 ≥ 0 16 / 32 8
26Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Shared Medium NetworksPhysical layer
Multiple nodes transmit on single mediumTime divisionFrequency divisionCode division
Shared physical medium ⇒ local area network (LAN)
Data link layerMedium access (MAC) sublayer
Allocates medium capacity among nodesError detectionNetwork topology
Logical link control (LLC) sublayerFrame typesFlow controlError correctionProtocol negotiation
1
2MAC
Sublayer
Physical Layer
Data Link Layer
LLC Sublayer
27Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Medium Access SharingTime division
Each host granted full bandwidth in allocated time slotTime slot allocated statistically or deterministically
ExamplesDeterministic — telephone switchingStatistical — Ethernet, WiFi, …
Frequency divisionEach host granted partial bandwidth in all time slotsExamples
Commercial radio / TVBluetooth
Code divisionEach host granted full bandwidth in all time slotsEach host transmits using different coding schemeExample
Cellular CDMA
28Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Common Shared Medium Networks
ITU 2G / 3G cellular network
Wireless code‐division accessCDMA / CDMA2000
ITU 2G / 3G cellular network
Wireless time/frequency‐division accessGSM / UTMS
IEEE 802.16 metropolitan area network
Wireless time/frequency‐division accessWiMAX
IEEE 802.15 personal area network
Wireless frequency‐division accessBluetooth
IEEE 802.11 local area network
Wireless time‐division access
IEEE 802.3 local area network
Wired time‐division access
WiFi
Ethernet
29Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
What are IEEE 802 and ITU?Institute of Electrical and Electronics Engineers (IEEE)
Professional organization Coordinates technical standards for electronic equipment
IEEE 802 CommitteeStandards committee for Data Link and Physical LayerOEMs (original equipment manufacturers)
Develop hardware / software systems at infrastructure layersRequest standardization (recognition) from 802 committee
Other 802 standards802.1 — bridging (interconnecting different 802 LANs)802.2 — LLC sublayer for 802 LANs802.4 — Token Bus (LAN for manufacturing environments)802.5 — Token Ring (ring topology LAN)
International Telecommunication Union (ITU)UN standards committee Sets telephone and (non-Internet) WAN standards
30Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Time Division Medium Access Deterministic
PollingPrimary node initiates session (sends data to secondary)Secondary node responds (sends data to primary)Optional mode in WiFi
Token passingToken message passes from host to hostHost with token may transmit Token Ring, Token Bus, FDDI
Statistical Aloha
Hosts transmit at random / hope to avoid collisions
Carrier senseHosts listen for other transmissions / try to avoid collisions
ArbitrationDeterministic procedure chooses among random group of hosts
token
1 2
31Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
ALOHAnetBackground
First wireless packet data network (1971)Low data volume Connected University of Hawaii campuses (separate islands)
Protocol Host transmits when readyTwo frames overlap in time
Collision ⇒ both frames corruptedRetransmit after random wait
time
Node1234
t1 t2 t3 t4
collisions
32Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Utilization and Throughput
0
1time (seconds) to transmit 1 packet
maximum packets/second on medium =
actual packets/second transmitted by hosts
probability success (packet trans
R
GR
P
τ =
=τ
λ =
λ= = λτ
=
Capacity
Traffic
Utilization
Collisions
0
00
'
'
mitted without collision)
uncorrupted packets/secondP
PS GPR R
λ = λ =
λλ= = =
At receiver
Throughput
33Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
ALOHA ThroughputSuccess = no collisions
Previous packet starts at t2 < t3 – τNext packet starts at t4 > t3 + τInterval of no transmissions = t4 – t2 > 2τ
Packets obey Poisson statistics
time
Node1234
t1 t2 t3 t4
collisions
( ) ( ) ( )02 2 2
0
2! 0!
packets in secondsk
T GTP k T e P e e e
k−λ − τλ − τλ −λ τλ
= ⇒ = = =
S
G0.5
0.1842GS Ge−=
34Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Slotted ALOHA Central clock
Synchronize packet transmissionsTransmit new packet constructed between tk and tk + τ
CollisionTwo nodes construct packets in same interval
Probability of success (of my packet)No other packets constructed during interval τ
( )0
0 0! G GP e e e S Ge−τλ −τλ − −τλ
= = = ⇒ =
S
G1.0
0.368
35Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Carrier SenseCarrier Sense Multiple Access (CSMA)
Nodes listen for transmissions before transmittingNo transmission — node can transmitTransmission — node waits until end of transmission
Collision Multiple nodes transmit "at same time""Same time"
|t1 – t2| < Tpropagation
Collision Detection (CD)Nodes listen for collision
Corrupted data
On collisionAll nodes stop transmittingNodes jam transmissionNodes waits random backoff before retransmitting
Tpropagation
t1
t2
36Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
CSMA/CD Throughput
Tanenbaum, Fig. 4‐4
Persistent CSMANo carrier detected ⇒ node with data transmits
q-persistenceNode transmits with probability 0 < q < 1q < 1 ⇒ fewer collisions but longer latency
37Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Arbitration Deterministic medium access
Random group of nodes request accessOne node chosen by deterministic algorithm No collisionsEfficient throughput
Used within computer Peripheral Component Interconnect (PCI)
Multiple CPUs and peripherals compete for access to memoryPCI bridge allocates memory access efficiently
Intel Multibus IIMultiple nodes request bus access using pseudo-randomized IDHighest ID proceeds
Binary countdown switchMultiple hosts begin transmitting onto bus
Bus output = logical OR of all inputs
Host sends 0 but sees 1 on bus ⇒ host stops
38Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Ethernet Family of wired LAN systems
Defined at physical and data link layers Dominant / generic LAN technology
BackgroundDeveloped 1974 at Xerox PARCCommercialized by Xerox / Intel / Digital in 1980Standardized as IEEE 802.3 in 1982
10 Mb/s baseband transmissionBus topology — single coaxial cable < 2.5 kmCSMA/CD
Shared bus topology → CSMALong propagation delay on coaxial cable → CD
DevelopmentsBit rates: 10 Mbps → 100 Mbps → 1 Gbps → 10 Gbps → 100 Gbps Media: coaxial cable → hub (virtual bus on star) → switch
Ethernet switch — non-blocking N × N switch with no collisions
39Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Ethernet Topologies
Distributed CSMA/CD1980 – 1990 Original Ethernet design at 10 Mbps
Shared physical busCoaxial cable < 2.5 km
Coaxial cable
Tpropagation
t1
t2
( ) ( )
‐65
‐6
2.5 kmEnd‐to‐end propagation delay 8 10 sec
3 10 km/sec
Bits transmitted before carrier detect 10 Mb/s 8 10 sec 80 bits
= = ××
= × × =
40Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Ethernet Topologies
Centralized CSMA/CD1990 – presentFast Ethernet100 Mbps
Logical bus on physical starCentral hubMultiple cables < 100 mEach station (STA = node) receives logical OR of all inputsMultiple frames ⇒ collision
Passive hub
( ) ( )
‐78
‐7
200 mEnd‐to‐end propagation delay 7 10 sec
3 10 m/sec
Bits transmitted before carrier detect 100 Mb/s 7 10 sec 70 bits
= ≈ ××
= × × =
41Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Ethernet Topologies
Ethernet switch1995 – presentPhysical star100 Mbps → 1 Gbps → 10 Gbps → 100 GbpsFast N × N non-blocking switch
Hub learns MAC addresses at each switch portEach frame directed to port by destination address in frameLarge output buffer at each port
All stations can send at same timeNo collisions
Active hub
42Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
802.3 Ethernet Standards
1 Gb/s full duplex on 2 optical fibers
1000 Base SX1000 Base LX1000 Base BX1000 Base ZX
1 Gb/s full duplex on 2 twisted pairs1000 Base TX
100 Mb/s full duplex on 2 twisted pairs100 Base TX
100 Mb/s on 1 twisted pair100 Base T
100 Mb/s full duplex on optical fibers
100 Base FX100 Base SX100 Base BX100 Base LX
10 Mb/s on 1 twisted pair10 Base T
10 Mb/s on thin coaxial cable10 Base 2
10 Mb/s on thick coaxial cable10 Base 5
43Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Ethernet Frame
4 bytes46 – 1500 bytes2 bytes6 bytes6 bytes1 byte7 bytes
CRCDataType or Length
Src Address
Dest Address
StartPreamble
IP = 0x0800
AppleTalk = 0x809B
ARP = 0x0806
Length of data field (<1500)Length
CRC‐32CRC
Code identifying protocol in data field
Used in most Ethernet systems
Type codes > 1536 =0x600
Type
Hardware (MAC) address of node
48‐bit MAC addresses assigned by OEM and fixed in hardware
Broadcast address FF:FF:FF:FF:FF:FF (frame read by all STAs)
Address
10101011Start
7 bytes of 10101010 for sync of receiversPreamble
44Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
IEEE 802.2LLC sublayer for 802.3 Ethernet
Based on HDLCPermits connection oriented services at data link layer
802.2 I/S DSAP SSAP control data + pad
1 byte 1 byte 2 bytes 42 ‐ 1496 bytes
802.2 U DSAP SSAP control data + pad
1 byte 1 byte 1 bytes 43 ‐ 1497 bytes
Frame type + SEQ + ACK (I / S frames)
Frame type (U frame)Control
Source service access point (protocol / service at source)SSAP
Destination service access point (protocol / service at destination)DSAP
45Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Segmentation Ethernet bridge
2-port switchConnects 2 Ethernet segmentsReduces traffic in each segment
Initialization — promiscuous modeBridge passes every Ethernet frame
Listens as destination STARepeats Ethernet frame as source STA
Bridge learns network topologyBuilds table of source MAC addressesForwards only inter-segment frames
Ethernet LAN #1
Ethernet LAN #2
Bridge
46Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Relationship of Protocol LayersTypical network
Application Application 16‐bit
TCP Port
16‐bit TCP Port
32‐bit IP Address
32‐bit
IP Address 32‐bit
IP Address
32‐bit IP Address
32‐bit IP Address
32‐bit
IP Address 48‐bit
Ethernet Address
48‐bit
Ethernet Address
PPP PPP 48‐bit
Ethernet Address
48‐bit
Ethernet Address
Ethernet (PHY)
Ethernet (PHY)
PHY PHY Ethernet (PHY)
Ethernet (PHY)
Host Router Router Host
Locate router by IP address(uses default gateway)
Send to router by MAC addressEthernet always uses source / destination Ethernet addresses — not IP addresses
How does host find MAC address for router?
Point‐to‐point Locate host by IP addressSend to host by MAC address
47Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Address Resolution Protocol (ARP)Look-up MAC address by IP address (RFC 826)
Q: Who has IP = a.b.c.d ? (MAC layer broadcast)A: I am IP = a.b.c.d with MAC = u:v:w:x:y:z STAs store mappings in arp tableWindows / Linux arp –a prints arp table
ARP packet fields
Target protocol addressTPA
Target hardware address (ignored in requests)THA
Sender protocol addressSPA
Sender hardware addressSHA
1= request / 2 = replyOperation
Protocol length — length in octets of network addressPLEN
Hardware length — length in octets of MAC addressHLEN
Protocol type — network protocolPTYPE
Hardware type —MAC protocolHTYPE
48Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Example
STA‐1IP 207.2.45.7MAC 00:cd:ef:34:54:ab
Router‐AIP 207.2.45.1MAC ab:65:46:ad:98:fe
Router‐BIP 98.57.36.1MAC ab:65:46:54:23:12
STA‐2IP 98.57.36.32MAC 00:de:87:34:e5:b3
3
2
1
CRCTCP segmentSRC: 207.2.45.7
DST: 98.75.36.32
SRC: ab:65:46:54:23:12
DST: 00:de:87:34:e5:b3
CRCTCP segmentSRC: 207.2.45.7
DST: 98.75.36.32PPP
MAC Trailer
IP dataIP HeaderMAC Header
CRCTCP segmentSRC: 207.2.45.7
DST: 98.75.36.32
SRC: 00:cd:ef:34:54:ab
DST: ab:65:46:ad:98:fe
Frames between STA‐1 and STA‐2
1
2
3
49Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Advanced Switch / Router Interactions
Switch organizes STAs into LANIntra-LAN traffic
STAs use IP addresses as names for TCP/IP applicationsSTAs use ARP to translate IP to MAC addressSTAs send frames on LAN by MAC addressPackets contain MAC and IP address of local destination
Router organizes LAN into Internet ASInter-LAN traffic
STAs use IP addresses as names for TCP/IP applicationsLocal MAC addresses not available for remote STAs
STAs send frames via routerPackets contain
MAC address of router IP address of remote destination
Standard model
50Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Advanced Switch / Router Interactions
Standard subnetsubnet-1 and subnet-2 are LAN broadcast domains
Virtual LAN (VLAN)LAN switch configured to partition nodes into subnetsNo router needed for subnetting
Router Network
Subnet Subnet
Programmable Switch
Virtual LAN
51Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Advanced Switch / Router Interactions
Virtual Private Network (VPN)Private network implemented on public infrastructureAccess to private networks restricted by IPPossible encryption of data over public infrastructure
Internet
Private Network Private Network
Access Restricted by IP
Virtual Private Network
52Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Advanced Switch / Router Interactions
Standard IP model
Layer 3 switchingSwitched data link among routers
Connection-oriented virtual circuit networkFrame Relay, ATM, label switching, …
Traffic crosses router network at layer 2Saves time of layer 3 processingDatagram read / write, routing, TTLUsed for media streaming
Layer 3 Switching
Application TCP IP DL PHY
IP DL PHY
Application TCP IP DL PHY
IP DL PHY
IP DL PHY
IP DL PHY
Application TCP IP DL PHY
DL PHY
Application TCP IP DL PHY
DL PHY
DL PHY
DL PHY
53Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Advanced Switch / Router Interactions
Multiprotocol Label Switching (MPLS)
Header fieldsOne or more headers per frame — "stack" of labels
Connection-orientedSet (reserve) router path before data traffic beginsLabel Distribution Protocol (LDP)RSVP-TE — extension of Resource Reservation Protocol (RSVP)
MPLS-aware routersForward frames on preset route by label ID
Label switching
Data MAC trailerTCP HeaderIP HeaderMPLSMAC Header
8‐bit time to live fieldTTL1‐bit — if set, current label is last of "stack" of labels for frameStack flag3‐bit QoS (quality of service) fieldTraffic Class20‐bit IDLabel
54Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Tunneling in the OSI Model
NetworkLayer
(translation)
Data LinkLayer
(translation)
PhysicalLayer
(translation)
ApplicationLayer
PresentationLayer
SessionLayer
TransportLayer
NetworkLayer
Data LinkLayer
PhysicalLayer
Local PhysicalProtocol
ApplicationLayer
PresentationLayer
SessionLayer
TransportLayer
NetworkLayer
Data LinkLayer
End-to-End Application Protocol
End-to-End Presentation Protocol
End-to-End Session Protocol
End-to-End Transport Protocol
Local NetworkProtocol
Local Data LinkProtocol
Local PhysicalProtocol
End User Intermediate System
SessionLayer
TransportLayer
NetworkLayer
Data LinkLayer
SessionLayer
TransportLayer
NetworkLayer
Data LinkLayer
Local SessionProtocol
Local TransportProtocol
Local NetworkProtocol
Local Data LinkProtocol
Host / Server
PhysicalLayer
Local NetworkProtocol
Local Data LinkProtocol
PhysicalLayer
(translation)
Proxy / Gateway
SessionLayer
TransportLayer
NetworkLayer
Data LinkLayer
Local PhysicalProtocol
Local SessionProtocol
Local TransportProtocol
Local NetworkProtocol
Local Data LinkProtocol
55Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Small Office / Home Office (SOHO)LAN (Local Area Network) to WAN (Wide Area Network)
Ethernet
WiFi
ADSL
WiFi Access PointEthernet Switch
IP RouterADSL Modem
Cable‐based transmission protocol defined at PHY layerG.992.5ADSL
802.11
802.3
Wireless LAN protocol defined at DATA LINK and PHY layersWiFi
Cable‐based LAN protocol defined at DATA LINK and PHY layersEthernet
Internet
56Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Laptop Browser to Web Server — Simplified View
Access
IP
ADSL
WiFi Router
WiFi
IP
ADSL
Access
IP
ServerInternetLaptop
PHYPHY
Data LinkData LinkWiFi
IPIPIP
TCPTCP
HTTPHTTP
57Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
ADSL — Asymmetric Digital Subscriber LineHigh speed transmission on standard voice line
POTS — plain old telephone service24 Mbps downstream3.3 Mbps upstream
Ref: JDSU, ADSL Technology, JDS Uniphase Corporation, 2005
58Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
ADSL Access Network
Ref: Vodaphone, Wholesale Layer2 DSL (W‐DSL‐L2I), VTCW011 ‐ I 03/13
59Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Typical Bezeq ATU‐R
ADSL
33 MbpsIP
Routing802.3
Ethernet802.11WiFi
60Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Fast Internet Access
usermanagement
and IP datagramforwarding
IP datagramforwarding
Bezeq ISP
Internet routing
ADSL modem onpoint-to-point
channel
Server
IPnetwork
telephonenetwork
Client
switchedATM
network
61Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Fast Internet Protocols — Typical Campus CasePPP
Point to Point Protocol
Logon + connection management
PPPoE
PPP over Ethernet
Virtual point‐to‐point connection over shared LAN
Client opens private session with ISP
Client
Ethernet
802.3
PPPoE
PPP
IP
TCP
App
Router
802.3
PPPoE
PPP
62Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Fast Internet Protocols — Typical Campus CaseATM
Asynchronous Transfer Mode
Data Link protocol for broadband telephone services
Permits real time QoS
MPOA + AAL5
Adaptation protocols for ATM
ADSL
Physical bit transmission
Client
Ethernet
802.3
PPPoE
PPP
IP
TCP
App
802.3
ADSL
ATM
AAL5
MPOA
PPPoE
Router
802.3
PPPoE
PPP
802.3
ADSL
ATM
AAL5
MPOA
PPPoE
Bezeq
63Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Fast Internet Protocols — Typical Campus Case
Connection to ISP
Client runs Network Control Protocol (NCP) over PPP
CHAP (challenge handshake authentication protocol) —User Name + Password
ISP authorizes user and engages IP forwarding
Client
Ethernet
802.3
PPPoE
PPP
IP
TCP
App
802.3
ADSL
ATM
AAL5
MPOA
PPPoE
Router
802.3
PPPoE
PPP
802.3802.3
PHY
PPPoE
ADSL
ATM
AAL5
MPOA
PPPoE
Bezeq
802.3
PHY
PPPoE
PPP
ISP
Connection to ISP
64Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Fast Internet Protocols — Typical Campus Case
IP forwarding
ISP forwards IP datagrams to server via Internet backbone
Client
Ethernet
802.3
PPPoE
PPP
IP
TCP
App
802.3
ADSL
ATM
AAL5
MPOA
PPPoE
Router
802.3
PPPoE
PPP
802.3802.3
PHY
PPPoE
ADSL
ATM
AAL5
MPOA
PPPoE
Bezeq
802.3
PHY
PPP
IP
PHY
PPPoE
PPP
ISP
PHY
Server
PPP
IP
TCP
App
Connection to ISP
IP Routing
65Dr. Martin LandInfrastructure LayersComputer Networks — Hadassah College — Fall 2015
Fast Internet Protocols — Typical SOHO Case
Router/modem initiates connection to ISP
Runs NCP over PPP over PPPoE over Ethernet
Router provides always‐on Internet access over WiFi + Ethernet
Client
WiFi
802.11
IP
TCP
App
802.3
ADSL
ATM
AAL5
MPOA
PPPoE
PPP
Router
WiFi
802.3802.3
PHY
PPPoE
ADSL
ATM
AAL5
MPOA
PPPoE
Bezeq
802.3
PHY
PPP
IP
PHY
PPPoE
PPP
ISP
PHY
Server
PPP
IP
TCP
App
Connection to ISP
IP Routing
1Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Network
Security
and
Management
2Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Network SecurityConfidentiality
Sender encrypts messageReceiver decrypts messageOnly sender + receiver understand contents
AuthenticationSender confirms identity to receiver
Message integrityMessage not changed between sender and receiver
Service availabilityPrevent Denial of Service (DoS) attacks
3Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Friends and EnemiesBob + Alice
Legitimate system usersCommunicate securely
Mallory + Trudy IntrudersIntercept / delete / add / change messages
securesender
securereceiver
channel
data + control messages
data data
Alice Bob
Mallory / Trudy
Philology of cryptologyAlice — party ABob — party BMallory —maliciousTrudy — intruder
4Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Malicious Network ActivityEavesdrop
Intercept legitimate messages for unauthorized reading
Message injectionInsertion of unauthorized messages into legitimate channel
ImpersonationFake (spoof) source address in packet
HijackingReplacing legitimate sender or receiver in existing connection
Denial of Service (DoS)Prevent access to service Overloading server resourcesReplacing legitimate server software / content
5Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
CryptographyPlaintext
Original message m Ciphertext
Message m encrypted with key KA
Ciphertext C = KA(m)Decipher
Recover plaintext by decryption with key KB
Plaintext m = KB(C) = KB(KA(m))
KA KB
encryptionalgorithm
ciphertextC = KA(m)
plaintextm
plaintextm = KB(C)
Alice Bob
Mallory / Trudy
decryption algorithm
6Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Symmetric Key CryptographyOne secret key K
Encryption C = K(m)Decryption m = K(C) = K(K(m))Alice + Bob share secret key KTypical algorithm
Ciphertext = m ⊕ KCiphertext ⊕ K = (m ⊕ K) ⊕ K = m ⊕ (K ⊕ K) = m ⊕ 0 = m
K K
encryptionalgorithm
ciphertextC = K(m)
plaintextm
plaintextm = K(C)
Alice Bob
Mallory / Trudy
decryption algorithm
7Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Asymmetric Key CryptographyPublic key cryptography
Public encryption key K+
C = K+ (m)
Private decryption key K– ≠ K+
m = K– (C) = K– (K+ (m))
No shared keyAlice encrypts with Bob's published K+
Bob decrypts with private K–
K+ K–
encryptionalgorithm
ciphertextC = K+(m)
plaintextm
plaintextm = K– (C)
Alice Bob
Mallory / Trudy
decryption algorithm
Rivest, Shamir and Adleman (RSA) algorithmm = K– (K+ (m)) = K+ (K– (m))Cannot obtain K– from K+ or K+ from K–
8Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Message IntegrityMessage content not altered
Not corrupted / maliciously changedMessage digest
Public hash function h = H(m)m ≠ m' ⇒ small probability of H(m) = H(m') MD5 (RFC 1321) / SHA-1 (US NIST standard)
Alice Computes h = H(m)Sends (m,h)
BobComputes h = H(m) and compares with received hH(m) = h ⇒ high probability of message integrity
H
h = H(m)m
H
h = H(m)m
compare
Alice Bob
9Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
AuthenticationAAA Protocols
AuthenticationCheck that user identity is authentic (as claimed)Login, password, …
AuthorizationGranting access / service rights
AccountingTracking resource consumption by usersLogins, disk usage, …
Common AAA systemsTerminal Access Controller Access-Control System (TACACS)KerberosRemote Authentication Dial In User Service (RADIUS)
10Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Challenge / Response AuthenticationUnencrypted
Encrypted
Compare password with database
Check user name in database
System ActionResponseChallenge
********Password:
AliceLogin:
Correct value ⇒ correct password
Check user name in database
Set key K = password in database
Set nonce R (one‐time value)
Send encrypted K(R)
System ActionResponseChallenge
********Set key K = ********Decrypt R = K(K(R))
Send R + 1 unencrypted
Password:
AliceLogin:
11Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Message Authentication Code (MAC)Authentication key
Alice and Bob share secret key s
Authenticated messageAlice
Computes h = H(m, s)Sends (m, h)
BobComputes h = H(m, s) and compares with received hH(m,s) = h ⇒ high probability of message integrity + authenticity
H
h = H(m, s)m
H
h = H(m, s)m
compare
Alice Bob
s s
12Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Playback AttackAuthenticated message
Alice sends Bob legitimate message with MACBob
Receives messageConfirms secret shared key
Mallory Captures Alice's messageResends Alice's message to Bob
Bob Receives messageConfirms secret shared key
ExampleElectronic funds transfer (EFT)
Defense Nonce (one-time use number)
13Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
MAC with Nonce
H
h = H(m, s)m
H
h = H(m, s)m
compare
Alice Bob
H
h = H(R, s)R
H
h = H(R, s)R
compare
Hello
Nonce R
Protected against replayNonce ⇒ correct 3-step handshake
Hello → R → ContentNo 3-step handshake ⇒ ignore content message
s s
s s
H
h = H(m, R, s)m
H
h = H(m, R, s)m
compare
Content
s s
14Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Digital SignatureMAC with public key cryptography
Exploits RSA symmetry m = K– (K+ (m)) = K+ (K– (m))
Signed messageBob
Computes hash h = H(m)Encrypts ch = K– (h) using private key K– (only Bob can encrypt)Sends (m, ch)
Alice Decrypts h = K+ (ch) using Bob's public key K+
Computes H(m) and compares with hh = H(m) ⇒ message hash was signed using Bob's private key
H
chm
Bob Alice
K– H
chm K+
compare
15Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Public Key CertificationVulnerability of digital signature
Alice Receives (m, ch) from Trudy calling herself "Bob"Requests public key from "Bob"Confirms m sent by "Bob"
QuestionIs "Bob" really Bob
Certification Authority (CA)Trusted organization Certifies real-world identity of userShifts question to
Reliability of CA Deviousness of intruder
Issues certificate to user Certificate = real-world user information + user public key K+
Digitally signed with CA private key K–CA (only CA can encrypt)
16Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
certificatechm
Certified MessageBob
Calculates hash h = H(m)Encrypts ch = K– (h) using private key K– (only Bob can encrypt)Sends (m, ch, certificate)
Alice Decrypts K+ = K+
CA(certificate) using CA's public key K+CA
Decrypts h = K+ (ch) using Bob's public key K+
Computes H(m) and compares with hh = H(m) ⇒ message hash was encrypted using Bob's private key
certificate
H
chm
Bob Alice
K– K+
compareK+ K–CA H
K+CA
17Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Secure SocketsSecurity layer between application and transport
Secure Sockets Layer (SSL) Netscape browser (1993)
Transport Layer Security (TLS) RFC 2246 (1999 – 2011)
Services to application layerConfidentiality (RSA encryption)Authentication (certificates)Integrity (MAC hash protection)
Data fragmentationRecord = header + encrypted data fragment
Key management sublayer
Record cryptography sublayer
SSL / TLS
Infrastructure
Network (IP)
Transport (TCP)
Application
18Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Secure Sockets
Programmer perspective
Socket call invokes SSL / TLS instead of TCP
SSL / TLS passes encrypted / protected data to TCP
FTPS — FTP client / server over SSL / TLS
HTTPS — client / server over SSL / TLSKey
management sublayer
Record cryptography sublayer
SSL / TLS
Infrastructure
Network (IP)
Transport (TCP)
Application
19Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
SSL / TLS OverviewSession initialization
ApplicationClient opens secure socket for channel to server
SSL / TLSOpens TCP session between client / serverClient / server negotiate certificates + keys + optionsEstablish secure channel over TCP
Confidentiality + authentication + integrityReturn socket descriptor to application
SSL / TLS
TCP
Application
20Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
SSL / TLS OverviewData exchange
Application Sends data to open socket
SSL / TLSServer receives records from TCP
Checks / removes record header
Decrypts data fragments + MAC
Reassembles fragments to app data
Client fragments app data
Encrypts data fragments + MAC
Adds record header
Forwards records to TCP
SSL / TLS
TCP
Application
21Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Network Layer SecuritySecurity layer at network layer
IPsec — RFC 4301 (2005)Service options for IP datagrams
Modes of operationTransport mode
IP data encrypted / authenticatedIP header not modified / encrypted
Tunnel modeEncrypted / authenticated datagram = data field of new datagram
IPsec
Infrastructure
Network (IP)
Transport (TCP)
Application
√√Replay protection √√Authentication√√Integrity√Confidentiality
Encapsulating Security Payload (ESP)
Authentication Header (AH)
22Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Virtual Private Network (VPN)Private network
Dedicated physically separate infrastructureSwitches / routers / cables
Most secure at highest costVirtual Private Network
Secure network implemented in shared public infrastructureSecurity options
Proprietary encryption softwareIPsec in tunnel modeTLSTraffic segregation in shared physical hardware
VPN tunnel App
TCP
IP
DL
PHY
IP
Security
IP
DL
PHY publicnetwork
App
TCP
IP
Security
IP
DL
PHYnon‐IPsechost IPsec host
23Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Security Association (SA) Managing AH / ESP connections
Internet Security Association & Key Management Protocol (ISAKMP)Security Association (SA)
Establish SA from sending to receiving entity before sending dataSimplex SA
Each direction sets up separate SA
Connection-oriented stateful mechanism over IPExample — SA for R1 to R2
R1 state table entries32-bit SA identifier: Security Parameter Index (SPI)Source / destination interfaces — 200.168.1.105 / 193.68.2.23Encryption method / keyIntegrity check method / authentication key
publicnetwork
non‐IPsechost H1
200.168.1.105
IPsec R1 non‐IPsechost H2
193.68.2.23
IPsec R2
200.168.1.1 193.68.2.1
24Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
IP Encapsulation
ESP headerSecurity Parameter Index (SPI)SEQ
ESP trailerPadding (for block cypher) + length of paddingNext header — protocol in original datagram
Authenticated
Encrypted
Original H1 to H2 datagram
ESPAuth
(MAC)
ESPtrailer
TCP segment
IP header
src: H1
dest: H2
ESPheader
IP header
src: R1
dest: R2
publicnetwork
non‐IPsechost H1
200.168.1.105
IPsec R1 non‐IPsechost H2
193.68.2.23
IPsec R2
200.168.1.1 193.68.2.1
25Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
FirewallSoftware / hardware based filter
Blocks packets based on protocol criteriaIntended to prevent
Unauthorized access to internal network from WANUnauthorized access to WAN by internal software
Stateless packet filteringBlock packets based on
Source / destination IP addressTCP/UDP source / destination port numbersICMP message typeTCP SYN and ACK bits (prevent any incoming TCP connections)
Stateful packet filteringTrack status of TCP connections from SYN to FIN
Block packets inconsistent with TCP state machineBlock inactive connections
26Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Intrusion Detection Systems (IDS)Deep packet inspection
Compare packet contents with database of virus / attack signatures
Correlations among multiple packetsPort scanning
TCP SYN sequence of ports — map open ports
Network mappingPing sequence IP addresses — map responding hosts
Denial of Service (DoS) attackReplayed packet to overload server
Statistical anomalyCompare traffic with statistical norms
Bandwidth demandProtocols and service portsUser accessFile updates
27Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Data Management Zone (DMZ)Term of military origin
DMZ — Demilitarized ZoneBorder area between military powersMilitary activity not permitted
Network DMZBorder zone of AS (perimeter network)Unrestricted access from WAN
DMZ servicesPublic web server Other unsecured services
Incoming mail serverAnonymous FTP server
Secure authentication server to internal networkReported intrusions to Pentagon network (1995)
DMZ — 250,000 Internal — 0
28Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
DMZ ConfigurationsSingle Firewall DMZ
publicnetwork
DMZ
InternalNetwork
WebServer
AuthenticationServer
publicnetwork
DMZ
InternalNetwork
WebServer
AuthenticationServer
Double Firewall DMZ
public
authenticated
public
authenticatedauthenticated
29Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Network ManagementOAM
Operation — service availability and statistics monitoringAdministration — Network resource accounting / assignmentMaintenance — Repairs, upgrades
Provisioning Resource configuration to support services
Typical management tasksResource
Controlling, planning, allocation, deployment, coordination, monitoring Traffic routing, load balancing, performance managementSecurity managementFault managementAccount management
Management toolsMonitoring agents installed on infrastructureActivity logs Sniffers
30Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Simple Network Management Protocol (SNMP)Management agents
Hardware / software feature of network infrastructure Permits remote management of device
Monitor device activityConfigure device parameters
Role of SNMPManagement Information Base (MIB)
Object-orient database record describing network entity
Structure of Management Information (SMI)Data definition language for MIB objects (subset of ASN.1)
SNMP protocolManage entity by read (monitor) / write (control) of MIB informationTransaction mode
Manager request + agent responseTrap mode
Agent message on specified condition
31Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Management Information Base (MIB)MIB classification
Tree hierarchyInternet MIB = 1.3.6.1
MIBSet of all MIB objects for managed device
MIB moduleSet of related MIB objects
Managed objectSpecific feature of managed deviceUniquely identified by object IDLeaf level
32Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
Example —UDP MIB module
udpEntry1.3.6.1.2.1.7.5.1
udpTable entry — PortudpLocalPort1.3.6.1.2.1.7.5.1.2
udpTable entry — IP addressudpLocalAddress1.3.6.1.2.1.7.5.1.1
Entry for each port in use by appudpTable1.3.6.1.2.1.7.5
Datagrams sentUDPOutDatagrams1.3.6.1.2.1.7.4
Undeliverable datagrams — other reasonsUDInErrors1.3.6.1.2.1.7.3
Undeliverable datagrams — no server at portUDPNoPorts1.3.6.1.2.1.7.2
Datagrams delivered at nodeUDPInDatagrams1.3.6.1.2.1.7.1
ObjectNameObject ID
33Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
SNMP Message Types Manager to agent
GetRequestRetrieve value of variable or list
SetRequestChange value of variable or list
GetNextRequestDiscover available variables and their values
GetBulkRequestMultiple iterations of GetNextRequest
Agent to manager Response
Returns variable / acknowledgement forGetRequest, SetRequest, GetNextRequest, GetBulkRequest
TrapAsynchronous notification of trapped event
Manager to managerInformRequest
Asynchronous notification of trapped event
34Dr. Martin LandNetwork Security + ManagementComputer Networks — Hadassah College — Fall 2015
SNMP PacketsSNMP an application layer protocol
Messages send over UDP
FieldsVersion — SNMP version Community — environment for group of management systemsPDU type — message typeRequest ID — associate requests / responsesError Status — indicates error type in response operationError Index — associates error object instanceObject name — name of object to set / monitorObject value — value of object
Object value
Variable bindings
SNMP PDUSNMP header
communityversionError index
Object name
Error status
Request ID
PDU type
UDP header
IP header
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 1
Wireless
Networks
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 2
Some Basic ObservationsWireless
Free-space electromagnetic transmissionRadio, optical, IR
Differs from wired at infrastructure layersPhysical transmission / receptionMedium access issues
Application programmer usually ignores infrastructureGenerally sees OS-provided network API (sockets)Special case — telephone / PDA applications
Special issues in wireless infrastructuresMobility managementBroadcast infrastructureChannel reliability
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 3
Wireless Personal Area Network (wPAN)Short range broadcast transmission Standard technologies
BluetoothInfrared Data Association (IrDA)Wireless USB
Applications Wireless computer peripheralsBluetooth earpiece Transfer interface for laptops,
PDAs, cellphonesRemote control
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 4
Wireless Local Area NetworksWireless equivalent to local Ethernet
Wireless network cardDefines user authentication and encryptionNo external connection
Standard technologiesIEEE 802.11 (WiFi)BluetoothIrDA
Basic Wireless LAN
station
station
station
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 5
Wireless LAN with WAN InfrastructureExtension of wireless LAN
Allows mobile access to external networksAllows roaming between wLAN groups
Standard technologiesIEEE 802.11 (WiFi)
DistributionSystem
Wireless LAN
station
station
gateway
Wireless LAN
station
station
gateway
Internet
Wireless LAN Access to WAN
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 6
Cellular TelephonyMedium range broadcast with private channel assignmentStandard technologies
AMPS / TACS (1G)GSM / d-AMPS (2G)CDMA (2G)UMTS / CDMA2000 (3G)WCDMA (4G)
ApplicationWireless voice network
Cellular Telephone Networks
Public Switched Telephone Networks
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 7
Cellular Data Networks and Wireless IPWireless wide area data network (wWAN)
Data WAN over cellular telephone network
Standard technologiesCDPD (1.5G)GPRS (2G)EDGE (2.5G)UMTS (3G)
Cellular Telephone Network
Internet
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 8
Wireless Application Protocol (WAP)Protocol stack for mobile web interface
Adapts web for Phone screens PDA keypad
WML interactive scripting languageProtocol stack for mobile web interface
Adapts web forPhone screens PDA keypad
WML interactive scripting language
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 9
Wireless Metropolitan Area Network (wMAN)Cellular broadband data access
WAN access via wireless network
Standard technologiesIEEE 802.16 (WiMAX)
Wireless MANInternet
Wireless LANAccess Point
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 10
Radio Wave PropagationTransmitter generates radio waves
Waves propagate (spread out) through spacePart of radiated power may be obstructedPart of radiated power is detected by receiver
ionotropic wave
line of sight wave
ground wave
tropospheric wave
Transmitter Receiver
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 11
Interference with Radio Signals
absorption
reflection
refraction
medium
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 12
Multipath FadingObstacles reflect radio waves
Receiver gets signals from multiple pathsTime-to-arrive depends on path taken by signalReceiver gets signals transmitted at different times
ExampleThree signals sent at times t1 < t2 < t3
Antenna receives all three signals at time tSignal 1 ⎯ sent first and followed longest path d1
Signal 2 ⎯ sent second and followed second longest path d2 < d1
Signal 3 ⎯ sent last and followed shortest path d3 < d2
Sum of waves can cancel out signals
d3
d1
d2
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 13
0G (1970) Mobile Phone System (MPS) One central transceiver (transmitter/receiver)
Mobile telephones communicate via central transceiverTransmit at high power for maximum distanceSystem covers 65 to 80 km
Modulation is standard analog FM Supports 12 simultaneous mobile phone calls If 12 channels busy, other calls are blocked
Requires 24 carrier frequencies2 frequencies per phone:
Dedicated transmit frequency Dedicated receive frequency
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 14
Cellular ConceptDivide coverage area into cells
In each cellCentral cell transceiver serves all clients in cellMobile Stations communicate via cell transceiver
Transmit at low power (just enough to cover a cell)Use same frequencies in many cellsNo interference between cells
Handoff Telephone can move from cell to cell during a callRequires cell-to-cell infrastructure and coordination
B
C
A
C
C
B
A
B
A
B
A
C
B
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 15
Cell ImplementationDivide region into clusters
Divide cluster into seven cellsA, B, ... , G
In each cellOne central transceiverMany mobile stations (telephones)A frequency group (set of dedicated frequencies)
Each telephone has a private link with central transceiverDedicated transmit frequencyDedicated receive frequency
7 cell reuseFrequency group A assigned to every A cellFrequency group B to every B cell, …At least two cells separate every pair of A cells, etc.
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 16
Transmission DirectionsDownlink
Base Station (BS) transmit frequencyMobile Station receive frequencyForward Channel
UplinkMobile Station (MS) transmit frequencyBase Station receive frequencyReverse Channel
UplinkReverse Channel
DownlinkForward Channel
MS
BS
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 17
HandoffUser moves between cells
Hard HandoffOld cell transfers control to new cell Break-Before-Make sequence
Transceiver in old cell stops transmitting to userTransceiver in new cell begins transmitting to user
New BS assigns user frequency pair from its frequency group
Soft HandoffCentral transceiver coordinates with nearest cellsDetermines which transmitter is receiving strongest signal from userMake-Before-Break sequence
Transceiver in old cell transmitting to userTransceiver in new cell begins transmitting to user Transceiver in old cell stops transmitting to user
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 18
Reuse Patterns
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
A
C
C
B
A
B
A
B
A
C
B
7 cell reuse
3 cell reuse
4 cell reuse
B
D
A
C
B
C
D
D
C
A
B
A
A
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 19
Mobile Network Switching HierarchyMobile Service Provider
Service Areas or Registration AreasClusters
Cells
Mobile ServiceProvider
Mobile ServiceProvider
ServiceArea
ServiceArea
ServiceArea
ServiceArea
BC
DE
F
GA
BC
DE
F
GA
BC
DE
F
GA
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
AB
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
Cluster
Cell
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 20
The Cellular and Wired Telephone Network
Mobile Station(MS)
Base System(BS)
Public SwitchedTelephoneNetwork(PSTN)
Base TransceiverSite (BTS)
BTSBase
StationController
(BSC)
Mobile SwitchingCenter (MSC)
PLMN
BSS
Base System(BS)
Mobile Station(MS)
Base Station Subsystem
Public Land Mobile Network
HLRVLR
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 21
Elements of GSM Mobile Network HierarchyMobile Station (MS)
The telephone/terminal
Base Transceiver Site (BTS) Fixed radio transmitter/receiverManages channels for with MSs in one cell
Base Station Controller (BSC)Coordinates cluster of cells
Base Station Subsystem (BSS)One BCS and all BTSs it controls
Mobile Switching Center (MSC)Telephone Central Office for one Service AreaHandles local calls and Routes calls out of Service Area
Public Land Mobile Network (PLMN)The wired portion of one Service Area (BTSs, BCSs, and MCS)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 22
Mobility ServiceHome Service Area
Service Area in which MS subscribes to cellular service
Home SubscriberMS operating in its Home Service Area
Roamer MS operating outside its Home Service Area
Handoff Call control transfer when MS moves between cells in Service Area
RoamingCall control transfer when MS moves between Service Areas
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 23
Problems of MobilityMS must locate service provider access point
User must authenticate to service provider
Service provider must locate the MSProvider must verify user's access rights
Home Location Register (HLR)Located in MSC of Home Service AreaMaintains user's account informationMaintains location information for active MSs
Visitor Location Register (VLR)Located in MSC for each Service AreaCache of HLR data on active roamers
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 24
Registration ProcessMS enters Service Area
Establishes low bit-rate control channel with service provider
MS requests serviceBS allocates a frequency pair
MS reports to Mobile Switching Center (MSC)Location, Status, and Identity
Dedicated hardware ID code in phoneSubscriber Identity Module (SIM) card identifies customer in GSMMobile Station generates access code to network
Transmits code by public key encryption (PKE) algorithm
Mobile Switching Center (MSC)Authenticates customer identity with HLRFor roaming subscriber, creates VLR entry Updates Home Location Register (HLR) and billing database
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 25
Mobility Elements in the Cellular Network
Base System(BS)
BTSBSC MSC
PLMN
BSS
HomeSubscribers
BTSBSC MSC
PLMN
BSS
Base System(BS)
Service Area
Service Area
Roamer
HLRVLR
HLRHome
Subscribers
Home SubscriberRegistration
Roaming SubscriberRegistration
Query to HomeMSC HLR
for VLR Entry
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 26
1G — Advance Mobile Phone Systems (AMPS)North American first generation analog system — IS-553
25 MHz transmission band per directionMobile Station (uplink): 825 - 849 MHzBase Station (downlink): 870 - 895 MHz
Frequency Division Multiple Access (FDMA) Divide band into 30 kHz RF voice channels
7 cell frequency reuse pattern (A, B, …, G)832 channels / 7 cells < 118 channels per cell Typically 90 useful channels per cell
B
C
D
E
F
G
A
B
C
D
E
F
G
A
B
C
D
E
F
G
A
25 MHz per cluster832 channels per cluster
30 kHz per channel=
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 27
Second Generation Systems2G Analog systems
Triple number of channels per cellMotorola proprietary products
Narrowband Advance Mobile Phone Systems (N-AMPS)Motorola Integrated Radio System (MIRS)
Time Division Multiple Access (TDMA)Divide FDMA radio channel into time slotsMS transmits digitized voice in one time slot on one frequencyNorth American d-AMPS European GSM
Code Division Multiplex Access (CDMA)Create orthogonal binary digital transmission codesMS transmits in one code on one frequency
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 28
GSMGlobal System for Mobile Communications
European Union 2G digital cellular
ChannelizationDivide band into 200 kHz RF channels25 MHz per cluster / 200 kHz per channel = 125 channels per cluster
Digital transmissionTransmit 270.883 kbps in each 200 kHz radio channelVoice and control modulation
Gaussian minimum-shift keying (GMSK) — optimized FSK
Time Division Multiple Access (TDMA)Divide each channel into 8 time slotsAllocate 1 time slot per user
270.883 kbps per channel / 8 users per channel = 33,086 bps per user
Standards European Telecommunications Standards Institute (ETSI)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 29
GSM Voice Transmission Summary
Voice 8000Samples/sec
3300 HzFilter
13-bitQuantization
8:1Compression
104 kbps
13 kbps 260-bitbuffer
104 kbps 20 msec = 2080 bits
13 kbps 20 msec = 260 bits
CRCGenerator260:456
13 kbps 456 bits = 8 blocks 57 bits/block
57 57
24
1 2 3 4 5 6 7 8
16 17 18 19 20 21 22 238 9 10 11 13 14 150 1 2 3 4 5 6 7
57 user bits per field 2 fields per frame 24 frames per multiframe = 2736 user bits per multiframe
2736 bits per multiframe / 120 ms per multiframe = 22.8 kbps
22.8 kbps / (456/260) = 13 kbps
1 user time slot / frame
24 frames / multiframe
×
××
××
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 30
Direct Sequence Spread Spectrum (DSSS)Transmit data bit as chip sequence
ChipShortest binary pulse on transmission channeln-chip sequence is symbol for one data bit
Multiplies transmission rateUser generates data at m bits per secondTransmit n-chip sequence for every user bitExample
1-sequence for data 1 = 101101000-sequence for data 0 = 01001011
Chip rate = m bps × n chips per bit = n × m chips per second (cps)
Receiver easily distinguishes 1-sequence from 0-sequence Bit error requires > n / 2 chip errorsWorks well in noisy environment
data 1 chip sequence
data 0 chip sequence
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 31
CDMACode Division Multiple Access
Commercial system developed by Qualcomm Operates on AMPS frequencies
Channelization25 MHz radio band per directionDivide band into 1.25 MHz RF channels25 MHz per cluster / 1.25 MHz per channel = 20 channels per cluster
DSSS digital transmissionTransmit 1.2288 Mcps in 1.25 MHz radio channelVoice and control modulation — QPSK
Code divisionUsers transmit simultaneously using independent chip sequences
Orthogonal (Walsh) Codes / Pseudorandom noise (PN) codes
Receiver separates channels by decoding chip sequencesStandards
IS-95 — now called CDMAone
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 32
Orthogonal CDMA Codesm-dimensional vector space with inner product
m orthonormal basis vectors
Code schemeBasis vector Si is code assigned to station iStation i transmits ti × Si with coefficientTotal transmission from all stations
1
1 mi ii
U Vm =
⋅ = ×∑U V
( )
1
1 1 1
, 1, ... ,
,
0,,
1 1 1
with coefficient for any vector
i
mi i ii
i j ij
m m mi i i j j j i j j ij ij j j
S i m
t S t
i jS S m
m i j
t S S t S t S S t m tm m m
δ
δ
=
= = =
=
= ×
≠⎧⋅ = × = ⎨ =⎩
= ⋅ = ⋅ × = × ⋅ = × =
∑
∑ ∑ ∑
T T
T
1 ,0 ,
1 ,
data 0
no transmission
data 1it
−⎧⎪= ⎨⎪+⎩
1
mi iit S
== ×∑T
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 33
Example ⎯ 4‐Chip CDMACode vectors for m = 4 stations
4-bit transmission levels (chips)
Radio signal amplitudes added together
1 2 3 4
1 1 1 11 1 1 11 1 1 11 1 1 1
S S S S
− − − −⎡ ⎤ ⎡ ⎤ ⎡ ⎤ ⎡ ⎤⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥− + − +⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥= = = =− + + −⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥⎢ ⎥ ⎢ ⎥ ⎢ ⎥ ⎢ ⎥− − + +⎣ ⎦ ⎣ ⎦ ⎣ ⎦ ⎣ ⎦
Binary 1 Binary 0 Station 1 –1 –1 –1 –1 +1 +1 +1 +1 Station 2 –1 +1 +1 –1 +1 -1 -1 +1 Station 3 –1 –1 +1 +1 +1 +1 -1 -1 Station 4 –1 +1 -1 +1 +1 -1 +1 -1
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 34
Example ⎯ 2‐bit Transmission
Data 0 1Station 1
Signal +1 +1 +1 +1 -1 -1 -1 -1 Data 0 1
Station 2 Signal +1 -1 -1 +1 -1 +1 +1 -1 Data no data 1
Station 3 Signal 0 0 0 0 -1 -1 +1 +1 Data 0 1
Station 4 Signal +1 -1 +1 -1 -1 +1 -1 +1
Total Transmission Signal +3 -1 +1 +1 -4 0 0 0
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 35
Example ⎯ 2‐bit Transmission
1
2
3
4
T
+3 -1 +1 +1 -4 0 0 0
Data
Chip
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 36
Example ⎯ DecodingInner Product
4
1
14 i ii
U V=
⋅ = ∑U V T Sj jt = ⋅
( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]
1 11 4 4
1 12 4 4
1 13 4 4
1 14 4 4
3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 1 0
3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 1 0
3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 0
3, 1, 1, 1 1, 1, 1, 1 3 1 1 1 1 0
no data
t
t
t
t
= − + + ⋅ − − − − = − + − − = − ⇒
= − + + ⋅ − + + − = − − + − = − ⇒
= − + + ⋅ − − + + = − + + + = ⇒
= − + + ⋅ − + − + = − − − + = − ⇒
( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]( ) ( ) [ ]
1 11 4 4
1 12 4 4
1 13 4 4
1 14 4 4
4,0,0,0 1, 1, 1, 1 4 1 1
4,0,0,0 1, 1, 1, 1 4 1 1
4,0,0,0 1, 1, 1, 1 4 1 1
4,0,0,0 1, 1, 1, 1 4 1 1
t
t
t
t
= − ⋅ − − − − = = + ⇒
= − ⋅ − + + − = = + ⇒
= − ⋅ − − + + = = + ⇒
= − ⋅ − + − + = = + ⇒
First bitT = (+3, -1,+1,+1)
Second bit T = (-4,0,0,0)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 37
Orthogonal Walsh CodesWalsh 0
Walsh 1
Walsh 2
Walsh 3
Walsh N
W0 = 1 W0' = - 1
W1 =W0 W0
W0 W0'=
1 1
1 -1
=1 1 1 1
1 -1 1 -1
1 1 -1 -1
1 -1 -1 1
W2 =W1 W1
W1 W1'
W3 =W2 W2
W2 W2'
WN =WN-1 WN-1
WN-1 WN-1'
=S1
S4
S3
S2
Walsh N is 2N × 2N matrix
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 38
Pseudo‐Noise (PN) CodingPseudorandom Bernoulli sequence of 1 or –1
Equivalent to sequence of m coin tossesNearly equal number of 1 and –1 in each code
By central limit theorem
Codes are "nearly orthogonal"For codes A and B with chip patterns Ci
(A) and Ci(B)
( ) ( ) [ ]2
1 1
1 1 1 1m mA Bi ii i
A B C Cm m= =
= ⇒ × = ± =∑ ∑
( ) ( )
[ ]
1
21 1 1 -1 -1 1 -1 -11
1
1 44
m A Bi ii
m
i
A B C Cm
P P P P P P P Pm m
δ
=
+ + + +=
≠ ⇒ ×
= × − × − × + × = <
∑
∑
( ) ( )1 11 1 11 12 2
P P P Pm
δ δ δ− += − = + = + = − <
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 39
Channel CodingForward channels
64 orthogonal Walsh codes to 64 usersTheoretically perfect separation between users
All signals in same cell scrambled using PN sequence Reduces interference between same Walsh code in neighboring cellsShort PN sequence uses cell ID as seedPaging and traffic scrambled with long PN sequence before Walsh
Reverse channels Orthogonal codes not applicable in uplink
Orthogonality requires time synchronizationMSs transmit asynchronously
Long PN sequenceStream is scrambled using short PN sequence Carries cell ID
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 40
Data over AMPS
digital bits
modem
modulated(analog)
data
AMPS Networkanalog channels(300 - 3300 Hz)
digital bits
modem
modulated(analog)
data
POTS Networkanalog channels(300 - 3300 Hz)
modem
digital bits
PSTN
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 41
Cellular Circuit Mode Data Services
digital bits
POTS Networkanalog channel(300 - 3300 Hz)
modem
digital bits
digital bits
modem
ISDNdigital channel
(64 kbps)
digital bits
PSTN
Cellular Networkdigital voice/data
circuit mode channels(9.6 - 19.2 kbps)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 42
Cellular Packet Mode Data Services
Internet
IPDatagrams
IPDatagrams
Cellular Networkdigital voice/data circuit mode channels
andpacket mode datagram forwarding
(19.2 kbps - 2 Mbps)Cellular service provider acts directly as ISP AMPS: CDPD
GSM: GPRS / EDGE
IPDatagrams
ISPUser makes dial-up call to Internet Service Provider (ISP)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 43
Cellular Data Terminals
Laptop using cellular phone as modem
Laptop with integrated cellular modem
Smartphone with integrated cellular
modem
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 44
General Packet Radio Service (GPRS)Provides packet mode data access for GSM
IP-based architectureConsidered 2.5G enhancement
IP datagrams separated from circuit mode traffic at cluster Packet Control Unit (PCU)
Packet mode function in BSC to handle IP datagrams
Circuit mode voice/data routed to MSC Forwarded to other MSC or PSTN
Packet mode data is routed to Serving GPRS Support Node (SGSN)Forwarded to Internet or X.25 PSDNPCU to SGSN runs IP over Frame Relay
Mobility managementCircuit mode traffic uses PSTN / PLMN routingPacket mode traffic uses IP routing
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 45
GSM Circuit Mode and GPRS Packet Mode Data
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 46
GPRS System Architecture
Base System(BS)
Base TransceiverSite (BTS)
BTS
BaseStation
Controller(BSC)
Mobile SwitchingCenter (MSC)
PLMN
BSS
Base System(BS)
MS
Base Station Subsystem
Public Land Mobile Network
FrameRelay
InternetServing GPRSSupport Node
(SGSN)
Gateway GPRSSupport Node
(GGSN)
PSTN
PacketControl
Unit (PCU)GPRS
Backbone(IP)MS
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 47
Short Message Service (SMS)Transmission of short text messages
Up to 160 bytes of alphanumeric data160 English ASCII characters16-bit unicode for non-English alphabets ⇒ 80 characters
GSM permits message concatenation
Supported by GSM, d-AMPS, and CDMA
Out-of-band signalingSMS sent over signaling channel — not traffic channelSMS can be sent during a voice callShort messages do not create a heavy traffic load
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 48
SMS in GSM Architecture
GMSCSMSC
IWMSC
SME
SMSC
SME: Short Messaging EntitySMSC: Short Message Service CenterGMSC: Gateway Message Service CenterIWMSC: Interworking Message Service Center
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 49
SMS NodesShort Messaging Entity (SME)
Any entity that can receive or send short messagesFixed network elementMobile StationAnother service center
Short Message Service Center (SMSC)Store and forwarding of SMS between SME and MS
Gateway Message Service Center (GMSC)Receives SMS from SMSCInterrogates HLR for routing informationDelivers SMS to MSC for destination SME
Interworking Message Service Center (IWMSC)Receives SMS from MSC Delivers SMS to appropriate SMSC for forwarding
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 50
SMS Delivery to MS
SME SMSC HLR MSC VLR BSSSMS
Submit RouteRequest
Route
SMSForward
MS
UserInfo
ACK
UserInfo Page
ACKACK
SMSForward SMS
Forward
ACKACK
DeliveryReport
DeliveryReport
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 51
High Speed Circuit Switched Data (HSCSD)Circuit Switched Data (CSD)
14.4 kbps circuit mode data connection in 2G GSM User data replaces digitized voice in 1 time slot
High Speed Circuit Switched Data (HSCSD)2.5G enhancementUp to 8 slots (full user frame) allocated to one data channelUp to 115.2 kbps
Transparent data transmissionUser data stream can contain signaling to network
Allows dynamic reconfiguration of data connection (data rate, QoS)
HSCSD data frames carry data sub-stream numbers Maintains order of transmission over GSM
Non-transparent data transmissionOnly user data in data stream
No signaling or reconfiguration
LLC functions performed by GSM protocols
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 52
Telecommunication Market Evolution — 1 Late 20th century
Voice traffic >> data trafficData traffic over analog / digital voice infrastructure
Access V.35 / ADSL modem over telephone local loop
Backbone Routers / switches on leased telco trunk lines
Separate PSTN and cellular networksCellular backhaul
PLMN infrastructure on leased telco trunk linesMost profitable market sectors
PSTNLong distance voice calls
Cellular Air time
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 53
Telecommunication Market Evolution — 2 Early 21st century
Voice traffic < data traffic
Integrated networks — voice / data + fixed / mobile
IP over voice infrastructure → Voice over IP (VoIP)
Most profitable market sectors
PSTNLeasing lines for data infrastructure
Cellular Messaging, ring tones, multimedia services
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 54
Implications for Third GenerationSystem goals
Global mobility Wide range of services
Voice telephonyMessaging + pagingInternet (WWW + email) access
Broadband data transportGateways among incompatible radio systemsMore flexible PLMN routing infrastructure
Migration pathsTDMA d-AMPS → retirementGSM → UMTS
More efficient radio spectrum utilization (CDMA replaces TDMA)
CDMA → cdma2000More efficient radio spectrum utilization (higher capacity CDMA)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 55
3G StandardizationInternal Mobile Telecommunications (IMT-2000)
International Telecommunications Union (ITU) standards for 3GDefines multiple competing (incompatible) systems
Universal Mobile Telecommunications System (UMTS)GSM/GPRS replacement using CDMA radio interfaceThird Generation Partnership Project (3GPP)
Consortium of manufacturers (www.3gpp.com)
CDMA 2000CDMA replacement using cdma2000 radio interfaceThird Generation Partnership Project 2 (3GPP2)
Consortium of manufacturers (www.3gpp2.org)
WiMAXBroadband wireless data access using cellular technologyWiMAX Forum
Consortium of manufacturers (www.wimaxforum.org)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 56
UMTSPhysical layer
User access: GSM TDMA → W-CDMA or TD-CDMASimilar to cdmaOne and cdma2000 but not compatible
Different frequency bands Different pseudorandom noise (PN) coding scheme
Circuit mode data rates up to 1.92 Mbps144 kbps and 384 kbps on high-utilization systems
New PLMN node definitionsBSS (base station subsystem) → RNS (radio network system)BSC (base station controller) → RNC (radio network controller)BTS (base transceiver system) → Node B
ProtocolsNew internal network operationsFrame Relay in backbone infrastructure → ATM
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 57
High Speed Downlink Packet Access (HSDPA)Higher data rates for packet data
Downlink speeds of 1.8, 3.6, 7.2, 14.0 Mbps
HS-DSCH simplified for fast packet dataPower control and variable chip rate eliminated
Hybrid automatic repeat-request (HARQ)LLC layer added between PHY and MAC (not in RLC)Incremental redundancy
Corrupted packets not discardedRetransmitted packets combined until error-free packet assembledFaster than waiting for uncorrupted retransmitted packet
Fast packet scheduling2 ms scheduling granularity (instead of 10 ms)Transmission scheduled to UEs reporting highest power levels
Adaptive Modulation and Coding (AMC)Modulation scheme and code rate depend on channel quality
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 58
cdma2000Replacement for IS-95 CDMA (now called cdmaOne)
Same radio frequenciesNon-compatible pseudorandom noise (PN) coding schemeHigher data rates using improved modulation techniquesPacket mode data — Mobile IP on voice network (like CDPD)
Evolutionary change from cmdaOneMultiple upgrade pathsOperates in same radio frequencies
No new licensing costs for additional radio spectrum
Backward compatible with cmdaOneMinimum risk to existing operators
Third Generation Partnership Project 2 (3GPP2)Consortium of manufacturers (www.3gpp2.org)
StandardIS-2000
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 59
IS‐2000 Spreading Rates1xRTT
Same 1.25 MHz radio channel as IS-95Double IS-95 chip rate → 128 chips per bitDouble users → 128 users per channelRF compatible with IS-95 in same cell
Uses codes orthogonal to IS-95 codes
1xEV-DO (data only)Physical layer different from 1xRTTHigher data rates (3.1 Mbps forward / 1.8 Mbps reverse)No increase in voice capacity
3x (3xRTT)Uses 3.75-MHz radio channelsDirect Spread (DS) — one 3.75-MHz RF carrierMulticarrier (MC) — spreads data among 3 IS-95 1.25 MHz channels
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 60
Next Generation Networks (NGN)ITU initiative for long-term network planning
Standardizes current view of technology convergence
NGN definitionPacket-based network Provide telecommunication services Use multiple broadband QoS-enabled transport technologies Service functions independent of transport technologyEnables unfettered user choice of access to
Networks Competing service providers and/or services
Supports generalized MOBILITY
Allow consistent and ubiquitous provision of services to users
From ITU-T Recommendation Y.2001 (12/2004)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 61
NGN in the MarketplaceMobility
Basic feature of contemporary workflowImportant source of profit for telecommunications industry
ConvergenceWorkflow ⇒ universal access to services through any networksMultiple incompatible networks ⇒ market share + profits
Where do technologies converge?Most systems can interface service to infrastructure with TCP/IPInherently digital services → internetInherently analog services → A/D + compression → internet
NGN generally means all-IP networkAll services defined to work over IPAll infrastructures defined to work below IPProblem — QoS, reliability, mobility not natural in IP
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 62
NGN VisionsMigration of all existing voice networks
Most voice infrastructure is still hierarchicalDS-0 circuit switchingHigh speed trunk lines organized in tree topology among ESSsIsochronous circuit mode operation natural for voice traffic
NGN requires transforming voice networks to VoIP
Migration of local access from voice to DSLSingle fast digital interface to doorstepFiber to the door an expensive dream
Migration to flexible metropolitan area networks (MAN)"Carrier Ethernet" and cellular broadband (WiMAX) in urban areas
Improvement of QoS in IP networksMultiprotocol Label Switching (MPLS)Session Initiation Protocol (SIP)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 63
4G CellularInitial planning for 4th generation cellular systems
ITU working group planning IMT-2000 → IMT-AdvancedConceived as network supporting mobility — not telephones + dataConvergence with NGN
4G objectivesHigher network capacity than 3GSpectral efficiency (high bps / Hz and bps / Hz /site)100 Mbps for moving client and 1 Gbps for stationary client100 Mbps between any two points in worldSmooth handoff across heterogeneous networksGlobal roaming across multiple networksQoS for multimedia support — audio, HDTV, etcInteroperability with existing wireless standardsAll IPv6 packet switched network — eliminate circuit mode entirely
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 64
Long Term Evolution (LTE)3G standard
Upgrade of 3G UMTS Improved radio interfaceDownlink < 300 MbpsUplink < 75 Mbit/s
Marketed as 4G Does not conform to 4G standardsUpgrade path while waiting for 4G
Flat IP-based networkEvolved Packet Core (EPC) replaces GPRSVoice calls handled Voice over LTE (VoLTE)
Form of Voice over IP (VoIP)Routed over EPC packet switched networkNo separate circuit switched network for voice
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 65
IEEE 802.11Specified by IEEE 802 Committee for LAN/MAN
Standards for Infrastructure Layers (OSI 1 and 2)
Extends Ethernet for wireless physical layer
Data rates802.11 (1997) specified 1 or 2 Mbps (legacy)802.11a (1999) specifies 6 to 54 Mbps802.11b (1999) 5.5 Mbps and 11 Mbps (WiFi)802.11g (2003) 54 Mbps (WiFi)802.11n (2009) specifies up to 300 Mbps
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 66
Wireless Issues in LANsMobility
Addressable unit is a mobile station (STA)Dynamic topologiesMedium boundaries are neither absolute nor visible Lack full connectivity ⎯ STAs may be "hidden"
ReliabilityMedium less reliable than wired PHYTime-varying and asymmetric propagation
Power management
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 67
IEEE 802.11 wLAN ArchitecturesAd Hoc Mode
Simple Peer-To-Peer Mode (STA-to-STA)Limited to local communication
No WAN access or hand-off
Authentication and Registration Permitted but not required
Infrastructure ModeBasic topology
Permits forwarding to wired LANs and WANsAll communication via central Access Point (AP)Permits AuthenticationRequires Registration
Extended topologyPermits hand-off among WLAN segments
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 68
Ad Hoc Mode (Peer‐To‐Peer Mode)Independent Basic Service Set (IBSS)
Any set of 802.11 STAs (wireless stations)No connection to a wired network
Simple unmediated communicationSTAs communicate directly with one anotherUseful for quick set upAuthentication or Registration not required
Multiple IBSSs are independentNo bridgingNo hand-off
Independent Basic Service Set
station
station
station
station
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 69
Infrastructure ModeBasic Service Set (BSS)
A set of wireless end stations (STA)An Access Point (AP)
Connected to the wired network infrastructure Acts as base station for the wireless networkAll traffic flows through AP by Contention or Polling (CFP)
Stations must Associate with AP
AuthenticationRegistration
Basic Service Set
station
station
accesspoint
station
Wired LAN
Internet
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 70
Infrastructure ModeExtended Service Set (ESS)
Two or more BSSs Form single subnetwork (broadcast domain)Looks like one large BSS to LLC layer One Access Point (AP) in each BSS
BSSs connected via Distribution System (DS)DS is backbone networkDS performs MAC-level transport of MAC SDUs DS implementation not specified in 802.11
PortalSoftware gateway function in APBridges BSS to any non-802.11 DS protocol
DS services permit handoffStation moving from one BSS to another Requires coordination between APs
Basic Service Set
station
station AccessPoint
station
Basic Service SetAccessPoint
station
stationstation
DistributionSystem
Internet
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 71
802.11 Protocol LayersPHY Dependent Sublayer
Transmission typeModulation schemeData transmission rates
Physical Layer Convergence SublayerPHY medium dependentSpecifies header for PHY Dependent Sublayer
MAC layer Medium accessAddressingProcedures
Data Link
Layer
LLC802.2
LLC frame for SEQ/ACK/Control
Bridging Exchange of 802.2 PDUs
MAC
802.11
CSMA/CA, MACA, CFP
Physical Layer
Convergence PHY-Dependent Convergence Sublayer
PHY FHSS, DSSS, IR, Data rates
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 72
MAC Layer IssuesChannel Allocation Method
Contention (distributed control) Round Robin (deterministic)Polling (centralized control)
Collision Detection and Error Detection
Fragmentation
Addressing
Control and Management Frames
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 73
Hidden Node ProblemA transmits to BC cannot receive from A ⎯ out of rangeC is may interfere with A’s transmission
A B C D
transmit range
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 74
Exposed Node ProblemB transmits to AC receives B’s transmission and is not free to startC delays its transmission to D unnecessarily
A B C D
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 75
CSMA with Collision Avoidance (CSMA/CA)Carrier Sense Multiple Access (CSMA)
Stations listen for transmissionsDo not transmit if carrier is detectedCollision detection not possible
Hidden node problemAntenna cannot receive while transmitter active
Collision Avoidance (CA)Non-persistent accessRandom backoff
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 76
Multiple Access with Collision Avoidance (MACA)Channel set-up before data transmission
RTS — Request To SendCTS — Clear To SendACK — Acknowledgment of error-free transmission
Net Allocation Vector (NAV)Transmitted in RTSPredicted data transmission time
Improves behavior of Hidden Nodes and Exposed Nodes
RTS
CTS
DATA
ACK
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 77
Multiple Access with Collision Avoidance (MACA)B sends 30-byte RTS (request to send) packet to C
Includes a NAV for the data to be sentAll stations in B’s range hear RTS
C responds with CTS (clear to send) packet to B Echoes NAVAll stations in C’s range hear CTS
B in range of A but not DA receives RTS but not CTSA can transmit without interfering with B’s destination
C in range of B but not AD receives CTS but not RTSD waits data transmit time before transmitting
A B C D
RTS CTS
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 78
Station Services (SS) — 1Privacy in wired LAN
Design assumes physical closureIllegal access requires physical connection
Privacy in wLAN Any 802.11 receiver in range can receive all framesWired Equivalent Privacy (WEP) algorithm
Shared key encryptionNot secureNo worse than wire
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 79
Station Services (SS) — 2Authentication
Station provides proof of identity to AP or STAMethod not specified in 802.11Required before Association
DeauthenticationTerminate authentication of another stationDeauthentication invokes Disassociation
MAC Service Data Unit (MSDU) DeliveryEnd-to-end delivery of LLC packetsLLC packets (PDUs) are the SDUs of the MAC
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 80
Distribution System Services (DSS) — 1Association
Station associates with one APAssociation provides STA/AP mapping to the DSDS forwards to STA via unique AP association
ReassociationStation moves from BSS to New BSS Station associates with New AP in New BSS
Disassociation New AP informs Old AP of ReassociationOld AP terminates old associationAPs may also disassociate all STAs (for maintenance)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 81
Distribution System Services (DSS) — 2Distribution
Delivery of packets to stations through DSSTA sends to source AP
Logically invokes DSS Distribution Service
DS passes frame to Destination APDestination AP passes frame to Destination STA
IntegrationPortal services provided by DS Source AP sends frame to Portal Portal forwards to foreign (not 802.11) network
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 82
MAC Layer Address Fields4 Address Fields
5 possible MAC entities:BSS Identification Number (BSSID)Source Address (SA)
Station which initiated the message
Destination Address (DA)Final destination for the message
Transmitting Station Address (TA)Station sending the message on this hop
Receiving Station Address (RA)Destination for the message on this hop
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 83
Address Field Definitions
To DS
From DS Address 1 Address 2 Address 3 Address 4
0 0 DA SA BSSID ⎯ 0 1 DA BSSID SA ⎯ 1 0 BSSID SA DA ⎯ 1 1 RA TA DA SA
Address 1 Immediate destination address
Address 2 Immediate source address
Address 3 Final destination or source when DS performs distribution
Address 4 Source address for DS to DS messages (802.11 is also DS)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 84
Addressing in an IBSS
Independent Basic Service Set (IBSS) No Access Point (AP) and no DSFields To DS and From DS are 0
To DS
From DS Address 1 Address 2 Address 3
0 0 DA SA BSSID
Independent Basic Service Set
station
station
station
station
Address 1 Immediate destination address (DA)
Address 2 Immediate source address (SA)
Address 3BSSID Identifies Ad Hoc network Prevents message from reaching outside IBSS
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 85
Data Addressing in a BSS
Basic Service Set (BSS)All transmissions are sent To/From Access PointTo/From DS actually means To/From AP
To DS
From DS Address 1 Address 2 Address 3
0 1 DA BSSID SA 1 0 BSSID SA DA
Basic Service Set
station
station
accesspoint
station
Wired LAN
Address 1 Immediate destination address (DA)
Address 2 Immediate source address (SA)
Address 3 Final Destination or Source
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 86
BSS Addressing Example
Station A sends message to Station B via AP (BSSID)
To DS
From DS Address 1 Address 2 Address 3
0 1 DA BSSID SA 1 0 BSSID SA DA
Basic Service Set
stationA
stationB
accesspoint
To DS = 0From DS = 1
To DS = 1
From DS = 0
Wired LANAddress 1 = BSSID
Address 2 = Station AAddress 3 = Station B
Address 1 = Station BAddress 2 = BSSID
Address 3 = Station A
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 87
Control and Management Addressing in a BSS
Control and Management messages in a BSS: Only involve stations in the BSS and the APAre sent with To DS = From DS = 0Either the Source or the
Destination will be the AP (BSSID)
Address 3 in included as anerror check
Basic Service Set
station
station
accesspoint
station
Wired LAN
To DS
From DS Address 1 Address 2 Address 3
0 0 DA SA BSSID
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 88
Addressing in an ESS
Extended Service Set (ESS)All transmissions are sent via an APTo the stations, entire ESS looks like one BSSStations do not know if message passes via DS or not
To DS
From DS Address 1 Address 2 Address 3
0 1 DA BSSID SA 1 0 BSSID SA DA
Basic Service Set
station
station AccessPoint
station
Basic Service Set
AccessPoint
station
stationstation
DistributionSystem
Address 1 Immediate destination address (DA)
Address 2 Immediate source address (SA)
Address 3 Final Destination or Source
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 89
ESS Addressing Example
Station A sends message to Station B viaAP1 (BSSID1) → DS → AP2 (BSSID2)DS must forward Data, Sequence, SA, and DA
By some legal means
To DS
From DS Address 1 Address 2 Address 3
0 1 DA BSSID SA 1 0 BSSID SA DA
Basic Service Set
stationA
AccessPoint
1
Basic Service Set
AccessPoint
2
stationB
DistributionSystem
Extended Service Set
To DS = 1From DS = 0
Address 1 = BSSID1Address 2 = Station AAddress 3 = Station B
Address 1 = Station BAddress 2 = BSSID2
Address 3 = Station ATo DS = 0
From DS = 1
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 90
WEP Encryption/Decryption Procedure Plaintext
MAC Layer PDU (MPDU)CRC-32 Frame Check Sequence (FCS) on MPDU
Key Sequence Generated from Secret Key and Initialization Vector (IV)Key length is MPDU length + 4
TransmissionEncrypted PlaintextUnencrypted Initialization Vector (IV)
Receiver Generates Key Sequence from Secret Key and IVDeciphers Plaintext and checks FCS for errors
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 91
WEP Encryption Algorithm Secret Key distributed by some background process
Initialization Vector (IV) 24-bit suffix generated by transmitterIV may be changed as frequently as every MPDUIV transmitted unencrypted with message to receiver
Receiver needs IV to decrypt IV provides no information about secret key
Seed64-bit concatenation: Secret Key ## IV Seed input to Pseudo-Random Number Generator (PRNG)
Key Sequence k Pseudo-Random Number generated by PRNG using seed
Integrity Check Value (ICV)32-bit CRC on MPDU
Plaintext (MPDU ## ICV) encrypted with Key Sequence
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 92
WEP Encryption Algorithm
##Secret Key
InitializationVector (IV) Seed WEP
PRNG
Key Sequence k
Plaintext##Integrity Algorithm
(32-bit CRC)
⊕
IntegrityCheck
Value (ICV)
TransmittedMessage
IV
Ciphertext
Encryption
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 93
WEP Decryption AlgorithmKey Sequence generated from IV and Secret Key
DecryptionKey Sequence applied to Ciphertext Plaintext includes MPDU and ICV
Integrity check performed on Plaintext On error in received MPDU
Error indication is sent to MAC managementData not passed to LLC
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 94
Problems with WEP AlgorithmXOR encryption is not very strong
Secret Key is too easy to deducePart of MPDU may be easy to guess
Example: IP header fieldsCan find k from P and C
Encryption strength Depends on lifetime of Initialization Vector (IV)Best privacy when IV is changed for every MPDU
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 95
More Problems with WEPAP beacons
Announce service availabilityCan be found by unauthorized listeners
WEP not always implemented
Weak encryption40-bit secret keySimple XOR of key with plaintext
Weak authenticationSTA requests serviceAP sends random numberSTA returns number encrypted with key (password)
Authentication password is used as encryption keyEavesdropper can learn key from plaintext and encrypted number
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 96
Infrastructure Network Configurations — 1
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 97
Infrastructure Network Configurations — 2
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 98
Infrastructure Network Configurations — 3
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 99
Infrastructure Network Configurations — 4
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 100
The Bluetooth VisionUniversal wireless connectivity
Replace existing cables with radioConnect systems that have been separate
Ubiquitous computing environmentIntelligent devices performing distributed servicesRedesign hardware as object-oriented
Unconscious connectivity paradigmDevices interconnect automaticallyMinimal user intervention
Wireless Personal Area Network (wPAN)Small networks formed dynamicallyWireless internetworking among wPANs
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 101
Universal Wireless ConnectivityReplace existing cables with radio
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 102
Universal Wireless ConnectivityConnect systems that have been separate
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 103
Ubiquitous Computing EnvironmentIntelligence is local and communication is universal
Bluetooth devices Search for other compatible devicesShare information about services they provideExchange commonly defined data objects
Service provision is distributed over wPAN
Integrated automation of Central serversInformation repositoriesSensors Actuators
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 104
Unconscious Connectivity ParadigmConnectivity is a problem for the user
Inconvenient to establish connections manuallyAvailable devices change frequently Users may not remember how to connect
Devices connect automatically and dynamically Devices discover one anotherDevices determine when and why to connectUsers do not need to remember how to connect
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 105
Example of The VisionUser
Enters hotel lobbyPDA in user's pocket
Connects to hotel reservations system for check inReceives key code for doorDisplays room number Alerts laptop in suitcase to log onto hotel email server
User's Laptop Downloads messages while user waits for elevator
User's PDA Unlocks door of hotel room
User's laptop Uploads music to audio system
User's PDA Orders room service from menu user prepared on airplane
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 106
Example of a Real ProductThree-in-One Telephone
Automatic network selection by environment:Intercom at home or in office PSTN phone when a PSTN access point is availableCellular mobile phone otherwise
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 107
How is Bluetooth Different?In cellular and wLAN systems:
Base Stations and Mobile Stations are clearly distinctBase Stations handle services
Channel accessChannel allocationTraffic controlInterference problems
Mobile Stations are relatively simple clients
In Ad Hoc Bluetooth networks:Communication is peer to peer
No central controllerDevices in area self-organize in a shared channel
May be many Bluetooth devices in regionOnly a few need to communicate Mutual coordination is complex
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 108
Protocol Layers
Application
Application Profiles
L2CAP
HCI
LMP
Baseband
RadioPhysical Functions
Data Link(LLC + MAC)
Functions
Session/Transport Functions
Application Functions
Physical Layer
MAC Sublayer
Application Layer
BluetoothProtocols
Mapping toOSI
ActualFunctionality
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 109
Protocol Overview
Application Layer User application programs
Application Profiles User application support protocols: FTP, TCP, WAP, PPP, telephony, USB, Serial Port, etc
Logical Link Control and Adaptation Protocol (L2CAP)
Channel management (socket-type interface), Segmentation and Reassembly, QoS (speed, reliability, delay)
Host Controller Interface (HCI)
Supports standard I/O hardware standards (when Bluetooth device is external to PC)
Link Manager Protocol (LMP)
Manages Piconet membership and link activity
Baseband Layer Manages point-to-point links, handles security, and interfaces user data to the radio links
Radio Layer Physical data transmission (FHSS in ISM band, at 10 or 100 meter broadcast range)
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 110
Frequency Hopping Bluetooth transmits using Frequency Hopping (FHSS)
Group of RF frequencies = 2401 + k MHz, for k = 0, 1, … , 78
Specific Hop Sequence depends onBluetooth Service Bluetooth ClockBluetooth Device
Data transmission Pseudorandom hop sequence
Connection control Deterministic hop sequences
Frequency Hop SequenceTrain = sequence of integers {k0, k1, k2, …, kN} 0 ≤ ki ≤ 78, for i = 0, 1, …, N N = 16 or 32
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 111
Time SlotsBluetooth Clock is a 28-bit counter
Upper 27 bits define Bluetooth Time Slot2 Clock Cycles per Time SlotCounter creates 227 = 134,271,728 numbered Time SlotsCounts from 0 to 227 – 1 (then returns to 0)
Each Time Slot is 625 µs in length (1600 slots/second)Time slot number returns to 0 every 23.3 hours
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 112
Frequency HoppingPacket transmission begins on a Time Slot boundary
Packets may be up to 5 Time Slots in length
Frequency hop on each Time SlotUnless packet is longer than 1 SlotNo frequency hop during a multi-slot packet
t0 t1 t2 t3 t4 t5 t6 t7
f0 f1 f2 f3 f5 f6 f7
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 113
Piconet TopologiesPiconets (from pico = 10-12)
Physical Channel Specific Frequency Hop Sequence
Point-to-Point PiconetTwo devices on a common Physical ChannelFHS is unique to a given PiconetMaster device acts as clientSlave device acts as server
Master Slave
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 114
Synchronous Connection Oriented (SCO) LinksPoint-to-Point link between Master and Slave
Circuit-mode connection based on reserved slots Symmetric transmission rateSupports isochronous information like voice
Master can support 1 to 3 SCO links to one or more Slaves
Slave can support 1 to 3 SCO links with one Master1 or 2 SCO links from different Masters
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 115
Asynchronous Connectionless Link (ACL)Point-to-Multipoint link
Connects Master and all active Slaves in Piconet
Packet-mode connection Based on statistical multiplexingUses available slots not reserved for SCO links
Asynchronous and Isochronous services supported
Only one ACL link between a Master and a Slave
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 116
Bluetooth Connection Layers
radio radioConnection: synchronized frequency hop sequence
circuitswitch SCO: synchronous connection-oriented link
ACL: asynchronous connectionless link
SCO ACL SCO ACL SCO ACL packets over radio connection
circuitmodeservice circuit mode channel
circuitmodeservice
packetmodeservice
packetmodeservice packet mode channel
packetmodeservice
packet mode channel
C B A
A A A
B B B
packetmodeservice packet mode channel
packetmodeservice
C C C
packetswitch
circuitswitch
packetswitch
packetmodeservice
channelmultiplexing
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 117
State Relationships
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 118
RFCOMM
ACL SCOBluetooth Baseband
LMP
L2CAP
PPP
LAN Access Point Profile
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 119
Bluetooth EarpiecePhilips Semiconductor VWS26003
3 Integrated CircuitsBaseband processor (VWS26002)Ceramic Multi-chip RF module (PBA 31301)External Flash memory
NiMh or Lithium ion battery
Talk time ~4 hours
Size weight 75g, 15cc
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 120
Philips Semiconductor VWS26003VWS26002 Baseband processor
ARM7 TDMI 32-bit embedded RISC processor72 kbytes internal SRAM4 kbytes internal ROM4 kbytes internal SRAM instruction cacheTimers and watchdog.8 general purpose PIO pins.Voice Codec
PBA 31301 Radio Frequency Module
SoftwarePoint to Point Protocol stack
Systemsor NiMh or Li Ion battery
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 121
Philips Semiconductor VWS26003
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 122
Single Chip Bluetooth Device Controller
Philips PCD87750E
MTP = Multiple TimeProgrammable ROM
EBC = Ericsson Bluetooth Core
CVSD = Continuously Variable Slope Delta modulation
SPI = Security Parameter Index
Computer Networks — Hadassah College — Fall 2015 Wireless Networks Dr. Martin Land 123
Typical Earpiece Organization