MSc WLAN, IP/TCP and COMM NETWORK Topics By Prof R A Carrasco School of Electrical,Electronic and Computer Engineering University of Newcastle Upon Tyne.

MSc WLAN, IP/TCP and COMM NETWORK

Topics

ByProf R A Carrasco

School of Electrical ,Electronic and Computer Engineering

University of Newcastle Upon Tyne

[email protected]: 7332

MSc WLAN, IP/TCP and COMM NETWORK

ReferencesReferences

[1][1] Tanenbaum, Andrew S., Tanenbaum, Andrew S., Computer NetworksComputer Networks, Fourth Edition ed: Pearson , Fourth Edition ed: Pearson Education International, 2003,Education International, 2003, ISBN: 0-13-038488-7.ISBN: 0-13-038488-7.

[2][2] Comer, Douglas E, Comer, Douglas E, Computer Networks and Internets with Internet Computer Networks and Internets with Internet ApplicationsApplications, Third Edition ed: Prentice Hall, 2001, ISBN: 0-13-091449-5., Third Edition ed: Prentice Hall, 2001, ISBN: 0-13-091449-5.

[3][3] Peterson, Larry L. & Davie, Bruce S., Peterson, Larry L. & Davie, Bruce S., Computer Networks, A Systems Computer Networks, A Systems ApproachApproach: Morgan Kaufman Publishers, 2000, ISBN: 1-55860-577-0.: Morgan Kaufman Publishers, 2000, ISBN: 1-55860-577-0.

[4][4] Halsall, Fred, Halsall, Fred, Data Communications, Computer Networks and Open Data Communications, Computer Networks and Open SystemsSystems: Adison-Wesley Publishing, 1995, ISBN: 0-201-42293-X: Adison-Wesley Publishing, 1995, ISBN: 0-201-42293-X

• Advanced Research Projects Agency Network (ARPAnet), 1969.

• The protocols in the TCP/IP suite either use transport control protocols (TCP) or user datagram protocol (UDP) as the transport protocol.

• Low level functions such as File Transfer Protocol (FTP), the Internet Terminal Protocol (TELNET) and Electronic Mail (E-Mail), remote logon.

• IP is responsible for moving packets of data from node to node. IP forwards each packet based on a four byte destination address (the IP number), different organisation, IP operates on a gateway machine.

• TCP is responsible for verifying the correct delivery of data from client to server. TCP adds support to detect errors or lost data to trigger retransmission until the data is correctly and completely received.

• Sockets is a name given to the package of subroutines that provide access to TCP/IP on most systems

Internet and Protocols

• The Internet Protocol was developed to create a Network of Networks (the Internet). Individual machines are first connected to a LAN (Ethernet or Token Ring). TCP/IP shares the LAN with other users. One device provides the TCP/IP connection between the LAN and the rest of the World.

• A Network consisting of two or more far-apart LANs is a Wide Area Network (WAN)

• Typical Network consisting of Switches, Hubs and Routers are intermediary devices between clients and servers

The Network Layer in the Internet

The Internet can be viewed as a collection of sub-networks The Internet can be viewed as a collection of sub-networks or autonomous systems (AS) that are connected togetheror autonomous systems (AS) that are connected together

There is not real structure, but several major backbones There is not real structure, but several major backbones existexist

These are constructed from high-bandwidth lines and fast These are constructed from high-bandwidth lines and fast routersrouters

Attached to the backbones are regional networks, and Attached to the backbones are regional networks, and attached to these regional networks are LANs attached to these regional networks are LANs (Universities, companies etc.)(Universities, companies etc.)

The glue that holds the Internet together is the network The glue that holds the Internet together is the network layer protocol, IPlayer protocol, IP

The Network Layer in the Internet

The Internet transmits data by packet switching The Internet transmits data by packet switching using a standardised Internet Protocol (IP)using a standardised Internet Protocol (IP)

IP DatagramIP Datagram

The header has a 20-byte fixed part and a variable The header has a 20-byte fixed part and a variable length optional partlength optional part

It is transmitted in big edian order from left to It is transmitted in big edian order from left to right with higher-order bit of the version field right with higher-order bit of the version field going firstgoing first

Ethernet hub is a device for connecting multiple twisted pair or fibre Ethernet devices together.

D. E. Comer, "Computer Networks and Internets with Internet Applications," Prentice Hall, 2001, pp. 157-167.

[2]

Ethernet bridge connects multiple network segments at the data link layer ( layer 2 ) of the OSI model.

http://netbook.cs.purdue.edu/anmtions/anim09_2.htm

A router is a computer networking device that forwards data across

networks towards their destination, through a process known as routing.


Modem is a device that modulates an analogue carrier signal to encode digital information and also demodulate such a carrier signal to decode the transmitted information.

Popular Wired LAN Standards

High-Level Data Link Control (HDLC)High-Level Data Link Control (HDLC) Ethernet (IEEE 802.3)Ethernet (IEEE 802.3) Token Bus (IEEE 802.4)Token Bus (IEEE 802.4) Token Ring (IEEE 802.5)Token Ring (IEEE 802.5)

A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 234-243, pp. 16-26, pp. 271-291.

[1]

HIGH LEVEL DATA LINK CONTROLA. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 234-243.

[1]

Frame format for bit-oriented protocols.

8 8 >08 816

01111110 address control Data Checksum 01111110

HIGH LEVEL DATA LINK CONTROL(2)

A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 234-243.

[1]

0 Seq P/F Next(a)

1 13 3

0 Type P/F Next(b)

1 13 3

0 Type P/F Modifier(c)

1 13 3

Control Field of

(a) An information frame

(b) A supervisory frame

(c) An unnumbered frame

PPP- Point to Point Protocol

Bytes

Flag

01111110

Address

11111111

Control

00000011Protocol Payload checksum

Flag

01111110

1 1 1 1 or 2 Variable 2 or 4 1

The PPP full frame format for unnumbered mode operation

Ethernet (IEEE 802.3)

Bus TopologyBus Topology Carrier Sense Multiple Access with Carrier Sense Multiple Access with

Collision Detection (CSMA/CD)Collision Detection (CSMA/CD) 10 Bases denoting 10 Mbit/s10 Bases denoting 10 Mbit/s



MAC Unit

Protocol Firmware

Network Service

Drop cable

Transceiver

Tap


PR = Preamble SFD = Start Frame Data DA = Destination Address SA = Source Address TYPE = Type of data FCS = Frame Checksum

PR SFD DA SA FCSTYPE INFORMATION

Data frame

CSMA/CD MAC Protocol

Station checks if there is data being currently Station checks if there is data being currently transmitted (carrier sense)transmitted (carrier sense)

If no data is present, station begins to transmit dataIf no data is present, station begins to transmit data

If two or more stations begin this process If two or more stations begin this process simultaneously, there will be a collision of framessimultaneously, there will be a collision of frames

Station monitors its own receiver output and Station monitors its own receiver output and compares with transmitted signal to detect when compares with transmitted signal to detect when this occurs (collision detection)this occurs (collision detection)



CSMA/CD MAC Protocol

If a collision is detected, the station aborts the If a collision is detected, the station aborts the transmission and sends a jamming signal to inform transmission and sends a jamming signal to inform all other stations that a collision has occurredall other stations that a collision has occurred

Transmitting stations that have caused the Transmitting stations that have caused the collision wait a randomly generated time interval collision wait a randomly generated time interval before reattempting to transmitbefore reattempting to transmit

This avoids step-lock in terms of retransmission This avoids step-lock in terms of retransmission causing repeated collisionscausing repeated collisions

Capacity Calculations

delay

A B

Time

TX - A TX - B

T = Transmitted frame length


TX-A TX-B 2

Sensing time

Time to detect collision

Collision interval

Time to transfer information

a = / T The maximum propagation delay to frame length ratio

The figure above allows a new frame to be transmitted immediately following the previous one, giving a frame rate of 1/T frames/sec


If, on average If, on average KK retries are necessary before retries are necessary before the next frame can be transmitted (in a lightly the next frame can be transmitted (in a lightly loaded network loaded network kk=0), then the average time =0), then the average time for transmitting one frame, for transmitting one frame, ttvv, is given by: , is given by:

ttvv = = TT + + + 2 + 2KK

= = TT + + (1 + 2(1 + 2KK))

= = TT [1 + [1 + //TT(1 +2(1 +2KK)] = )] = TT[1 + [1 + aa(1+(1+2K2K)])]Where Where a=a=//TT


The utilisation factor, The utilisation factor, UU, of the transmission , of the transmission medium is given by:medium is given by:

UU = = TT//ttvv = 1/(1+ = 1/(1+aa(1+2(1+2kk)))) Let Let PPtt be the probability constant for all be the probability constant for all

stations over all time that any particular stations over all time that any particular station wishes to transmit at the end of a station wishes to transmit at the end of a specific 2specific 2 collision detection interval collision detection interval

PPtt = 2 = 2 λλ ,(where ,(where λλ is the rate of packets/s) is the rate of packets/s)


For a successful event, one station transmits, but For a successful event, one station transmits, but nn-1 stations do not-1 stations do not

The probability of n successful transmissions The probability of n successful transmissions pp is is therefore given by:therefore given by:

pp = = nPnPtt(1 - (1 - PPtt))nn-1-1

It can be shown by differentiating It can be shown by differentiating pp with respect with respect to to PPtt that the maximum value of the probability that the maximum value of the probability PPtt is:is:

PPtt = = 11/n/nWhere Where nn is the number of stations is the number of stations


Consequently the maximum value of p is given by:Consequently the maximum value of p is given by: ppmaxmax= n = n 1/ 1/nn(1 – 1/(1 – 1/nn))nn-1-1 = (1 – 1/ = (1 – 1/nn) ) nn-1-1

If If nn→∞→∞ then then ppmaxmax → 1/e where e = 2.718…→ 1/e where e = 2.718… At the end of a 2At the end of a 2 collision detection interval, a further collision detection interval, a further

collision occurs with probability 1-collision occurs with probability 1-pp, while a successful , while a successful transmission occurs with probability transmission occurs with probability PP

Thus, a sequence of K collision intervals occupying a time Thus, a sequence of K collision intervals occupying a time 22K sec, occurs with probability:K sec, occurs with probability:

PP ( (kk) = ) = pp(1-(1-pp))KK-1-1 at least one collision occurring at least one collision occurring


The average number of collisions is The average number of collisions is therefore given by:therefore given by:

kk= = ΣΣkk=1=1

kpkp((kk) = ) = ΣΣkk=1=1

kpkp(1-(1-pp) ) kk-1-1

From this it can be proven that From this it can be proven that kk=1/=1/pp, and , and we obtain the limiting utilisation:we obtain the limiting utilisation:

UU = = TT//ttvv = 1/(1+ = 1/(1+aa(1+2(1+2kk))))

UUmaxmax = 1 / (1+ = 1 / (1+aa(1+2(1+22.718)) = 1/(1+6.442.718)) = 1/(1+6.44aa))

Utilisation with different values for the a parameter

Max Utilisation for different values of

0

0.2

0.4

0.6

0.8

1

0 0.2 0.4

parameter

Max

Uti

lisa

tio

na

a

Ethernet Exercises

Problem: A certain Ethernet system has a Problem: A certain Ethernet system has a maximum bus delay of 16 maximum bus delay of 16 μμsec, and operates with sec, and operates with a bit rate of 10 Mbit/sec. Each frame is 576 bits in a bit rate of 10 Mbit/sec. Each frame is 576 bits in length. Determine the maximum utilisation factor length. Determine the maximum utilisation factor of the medium under collision conditionsof the medium under collision conditions

For the system above, calculate the actual capacity For the system above, calculate the actual capacity if there are 15 active stations, each with an equal if there are 15 active stations, each with an equal amount of data to transmitamount of data to transmit

Token Ring (IEEE 802.5)

Ring Structure

SD AC FC DA SA FCS ED FSINFORMATION

Data frame

SD AC ED

Token framehttp://netbook.cs.purdue.edu/anmtions/anim06_4.htm

Token Ring Frame Structures

SD = Start Delimited (1 octet)SD = Start Delimited (1 octet) AC = Access Control (1 octet)AC = Access Control (1 octet) FC = Frame Control (1 octet)FC = Frame Control (1 octet) DA = Destination Address (2/6)DA = Destination Address (2/6) FCS = Frame Check (4)FCS = Frame Check (4) ED = End Delimiter (1)ED = End Delimiter (1) FS = Frame Status (1)FS = Frame Status (1)

Token Ring

MAC Unit

Protocol Firmware

Network Service

Drop cable

Ring cable

Trunk Coupling Unit (TCU)

Token Ring

AC

B

DFree Token

AC

B

D

AC

B

D

AC

B

D

Busy Token Free Token

A generates data frame

for station A

A removes the data frame


Empty RingEmpty Ring CC = Capacity (bits/sec) = Capacity (bits/sec) = Propagation time around ring= Propagation time around ring NN = Number of stations = Number of stations LL = Delay of = Delay of LL bits in each station on the bits in each station on the

ring (station latency)ring (station latency)


The ring latency is given by:The ring latency is given by: TTLL = = + ( + (NLNL)/)/CC

The free token is 24 bits (3 bytes) in length, The free token is 24 bits (3 bytes) in length, thus the maximum waiting time, if no other thus the maximum waiting time, if no other station is transmitting, is given by:station is transmitting, is given by:

TTmax,emptymax,empty = (24/ = (24/CC + + TTLL))


Full RingFull Ring Consider a full ring, where all stations have Consider a full ring, where all stations have

data to transmitdata to transmit Each station can only transmit when it has the Each station can only transmit when it has the

tokentoken If each frame is limited to M bytes, the If each frame is limited to M bytes, the

transmission time is:transmission time is: TT = 8 = 8MM//CC The maximum waiting time is:The maximum waiting time is: TTmax, Fullmax, Full = ( = (NN-1)(-1)(TT++TTLL))


ExerciseExercise A 4Mbit/s ring has 50 stations, each with a A 4Mbit/s ring has 50 stations, each with a

latency of 2 bits, the total length of the ring is latency of 2 bits, the total length of the ring is 2km, and the propagation delay of the cable is 2km, and the propagation delay of the cable is 55μμs/kms/km

Determine the maximum waiting time when the Determine the maximum waiting time when the ring is empty, and when all stations are ring is empty, and when all stations are transmitting. A full frame is 64 bytes in lengthtransmitting. A full frame is 64 bytes in length


Loaded RingLoaded Ring Traffic load of Traffic load of λλii frame/sec frame/sec TT = Time when transmitted on the ring = Time when transmitted on the ring

for each framefor each frame TTcc = time interval elapsed before the free = time interval elapsed before the free

token arrivestoken arrives ttii = = λλiiTTccTT


The maximum waiting time experienced by The maximum waiting time experienced by every station on the ring Tc is given by:every station on the ring Tc is given by:

TTcc = = TTLL + + ΣΣNNi=1i=1 ttii = = TTLL + + ttcc ΛΛTT

Where Where ΛΛ = = ΣΣNNi=1i=1 λ λii

Here the parameter Here the parameter ΛΛ represents the gross represents the gross input to the ring in frame/secinput to the ring in frame/sec

TTcc//TTLL = 1 / (1- = 1 / (1-UU) and ) and UU = = ΛΛTT

Tutorial: Network Systems and Technologies by Professor R. A. Carrasco

1) 1) Describe the basic differences between a wide area network and a local area network in terms of:Describe the basic differences between a wide area network and a local area network in terms of: a) Structurea) Structure b) Operationb) Operation 2) 2) The techniques of passing information from node to node across a broadcast network differ according The techniques of passing information from node to node across a broadcast network differ according to to

the type of configuration employed.the type of configuration employed.Compare the methods used for bus and ring networks.Compare the methods used for bus and ring networks.

3) 3) a) What is a baseband LAN?a) What is a baseband LAN? What is a broadband LAN?What is a broadband LAN?

b) What are the advantages of using a star ring architecture in a computer network? What are its b) What are the advantages of using a star ring architecture in a computer network? What are its disadvantages?disadvantages?

4) 4) Describe the effects of a complete failure of a node in the operation of the following network Describe the effects of a complete failure of a node in the operation of the following network configurations:configurations:

a busa bus a ring a ring a stara star

5) 5) List the seven layers of the CCITT ISO architecture for network communications.List the seven layers of the CCITT ISO architecture for network communications.

a) Describe their function and justify the existence of each one.a) Describe their function and justify the existence of each one. b) Which layers are essential to LAN communications and why?b) Which layers are essential to LAN communications and why?

6) 6) Assuming HDLC protocolAssuming HDLC protocol a) Distinguish between the normal response mode and the asynchronous mode of working. How are they a) Distinguish between the normal response mode and the asynchronous mode of working. How are they

defined in the HDLC frame structure?defined in the HDLC frame structure? b) How is flow control achieved through this frame structure?b) How is flow control achieved through this frame structure?

7) 7) Describe the function of the logical link control and medium access control layers as defined in the Describe the function of the logical link control and medium access control layers as defined in the IEEE IEEE

802 standards and indicate their relationship with the lower protocol layers in the ISO 802 standards and indicate their relationship with the lower protocol layers in the ISO seven-layer reference model.seven-layer reference model. 8) 8) a) Describe the basic differences between circuit switching, message switching and packet a) Describe the basic differences between circuit switching, message switching and packet

switching.switching.b) Give examples of each switching technique. Advantages and disadvantages of switching techniques.b) Give examples of each switching technique. Advantages and disadvantages of switching techniques.c) For packet switching technique: give an example. How will the network handle stream of packets?c) For packet switching technique: give an example. How will the network handle stream of packets?

9) 9) i) Discuss IEEE 802 standards and frame format for CSMA/CD, token bus, token ring, 802.2 i) Discuss IEEE 802 standards and frame format for CSMA/CD, token bus, token ring, 802.2 (logical link (logical link

control), 802.3, 802.4 and 802.5 standards.control), 802.3, 802.4 and 802.5 standards.ii) Briefly discuss the comparison of 802.3, 802.4 and 802.5 standards.ii) Briefly discuss the comparison of 802.3, 802.4 and 802.5 standards.

10) 10) Imagine two LAN bridges, both connecting a pair of 802.4 networks. The first bridge is faced with Imagine two LAN bridges, both connecting a pair of 802.4 networks. The first bridge is faced with 1000 1000

512-byte frames per second that must be forwarded. The second is faced with 200 4096-byte 512-byte frames per second that must be forwarded. The second is faced with 200 4096-byte frames per second. frames per second. Which bridge do you think will need the faster CPU? Discuss.Which bridge do you think will need the faster CPU? Discuss.

11) 11) Suppose that the two bridges of the previous problem each connected an 802.4 LAN to an 802.5 Suppose that the two bridges of the previous problem each connected an 802.4 LAN to an 802.5 LAN. Would that LAN. Would that

change have any influence on the previous answer?change have any influence on the previous answer?

12) 12) A bridge between an 802.3 LAN and an 802.4 LAN has a problem with intermittent memory A bridge between an 802.3 LAN and an 802.4 LAN has a problem with intermittent memory errors. Can this problem cause undetected errors with transmitted frames, or will these errors. Can this problem cause undetected errors with transmitted frames, or will these

all be all be caught by the frame checksums?caught by the frame checksums? 13) 13) A large FDDI ring has 100 stations and a token rotation time of 40 msec. The token holding A large FDDI ring has 100 stations and a token rotation time of 40 msec. The token holding

time time is 10 msec. What is the maximum achievable efficiency of the ring?is 10 msec. What is the maximum achievable efficiency of the ring?


[1]

• The Internet uses almost exclusively TCP for layer 4 and IP for layer 3

Clients and servers typically implement all of the seven OSI layers whilst hubs and switches are only aware of MAC addresses

Routers are aware of network address (IP addresses), a layer 3 switch is really a fast router

• Routing protocols differ from routed protocols since they dynamically determine routing and the route taken by one packet can be different to that of another packet taking place in the same transaction.

• Transmission Control Protocol (TCP) is a transport layer protocol layered on top of IP and below the application layer SMTP, Telnet, FTP, HTTP(web) etc.

Transmission Control Protocol (TCP)(RFC 793)• Van Jacobson’s algorithm• Karn’s algorithm• Nagle’s Algorithm

IEEE 802.x, TCP/IP and ISO/OSIArchitecture Comparison

IEEE 802.2

IEEE 802.3 IEEE 802.4 IEEE 802.5 IEEE 802.6

Application

Presentation

Session

Transport

Network

Data Link

Physical

ISO/OSI

Application

Transport

Network (IP)

Ethernet

TCP/IP

IEEE 802.x

SMTP (Simple Mail Transfer Protocol)Simple Mail Transfer Protocol is the de facto standard for e-mail transmission across Simple Mail Transfer Protocol is the de facto standard for e-mail transmission across the internet. This is a text based protocol. SMTP uses TCP port 25.the internet. This is a text based protocol. SMTP uses TCP port 25.

FTP (File Transfer Protocol)FTP is used to connect two computers over the internet so that users of one computer FTP is used to connect two computers over the internet so that users of one computer can transfer files and perform file commands on the other computer.can transfer files and perform file commands on the other computer.

TELNET (TELe type NETwork)

TELNET is a network protocol based on the internet or the local area network (LAN) TELNET is a network protocol based on the internet or the local area network (LAN) connections. The term telnet also refers to software which implements the client part connections. The term telnet also refers to software which implements the client part of the protocol.of the protocol.

DNS (Domain Name System)Domain Name System ( DNS) stores and associates many types of information with Domain Name System ( DNS) stores and associates many types of information with translation of domain names ( computer host names ) to IP addresses.translation of domain names ( computer host names ) to IP addresses.

SNMP (Simple Network Management Protocol)

SNMP is used by network management system to monitor network attached devices SNMP is used by network management system to monitor network attached devices for conditions that warrant administrative attention ( Application Layer, database for conditions that warrant administrative attention ( Application Layer, database scheme, date objects)scheme, date objects)

TFTP (Trivial File Transfer Protocol)TFTP is a very simple file transfer protocol ( basic form of TFTP). TFTP is therefore TFTP is a very simple file transfer protocol ( basic form of TFTP). TFTP is therefore useful for booting computers such as routers which doesn’t have any mass storage useful for booting computers such as routers which doesn’t have any mass storage devices.devices.

ARP (Address Resolution Protocol)ARP is a protocol used by the internet protocol (IP) specifically IPV4, to map P ARP is a protocol used by the internet protocol (IP) specifically IPV4, to map P network addresses to the hardware addresses used by the data link protocol. network addresses to the hardware addresses used by the data link protocol.

RARP (Reverse Address Resolution Protocol)RARP is a network layer protocol used t resolve an IP address from a given hardware RARP is a network layer protocol used t resolve an IP address from a given hardware address. It has been rendered obsolete by BOOTP and modern DHCP ( Dynamic Host address. It has been rendered obsolete by BOOTP and modern DHCP ( Dynamic Host Control Protocol ).Control Protocol ).

ICMP (Internet Control Message Protocol)ICMPICMP is one of the core protocols of the internet protocol suite.is one of the core protocols of the internet protocol suite.

IGMP (Internet Group Message Protocol)IGMP is a communication protocol used to manage the membership if internet IGMP is a communication protocol used to manage the membership if internet protocol multicast groups.protocol multicast groups.


[1]

IPThe IP is the internetworking protocol that offers a The IP is the internetworking protocol that offers a

service with the following characteristics:service with the following characteristics:

It is connectionless, so units of network layer data It is connectionless, so units of network layer data protocol ,denominated datagram in the IP context, protocol ,denominated datagram in the IP context, are dealt with in an individual way from the are dealt with in an individual way from the source host up to the destination hostsource host up to the destination host

It is not reliable. The data-grams can be lost, It is not reliable. The data-grams can be lost, duplicated, or disordered, and the network does duplicated, or disordered, and the network does not detect or report this problemnot detect or report this problem

A. S. Tanenbaum, "Computer Networks," Pearson Education, 2003, pp. 431-448.

[1]


IP Header format

The version fieldThe version field keeps track of which version of the keeps track of which version of the protocol the datagram belongs to. protocol the datagram belongs to.

Hlen Hlen is provided to tell how long the header is in 32-bit is provided to tell how long the header is in 32-bit wordswords

The type of service fieldThe type of service field allows the host to tell the subnet allows the host to tell the subnet what kind of service it wants. Various combinations of what kind of service it wants. Various combinations of reliability and speed are possible. The three flag bits allow reliability and speed are possible. The three flag bits allow the host to specify what it cares most about from the net the host to specify what it cares most about from the net [delay, throughput, reliability][delay, throughput, reliability]

The total lengthThe total length includes everything in the datagram – includes everything in the datagram – both header and databoth header and data

IP Header Format The identification fieldThe identification field is needed to allow the destination host to is needed to allow the destination host to

determine which datagram a newly arrived fragment belongs to. All determine which datagram a newly arrived fragment belongs to. All the fragments of a datagram contain the same identification valuethe fragments of a datagram contain the same identification valueDF = Don’t FragmentDF = Don’t FragmentMF = More FragmentMF = More Fragment

The fragment offsetThe fragment offset tells where in the current datagram this fragment tells where in the current datagram this fragment belongsbelongs

The time to live fieldThe time to live field is a counter used to limit packet lifetimes is a counter used to limit packet lifetimes

The protocol field tells it which transport process to give it to, TCP, The protocol field tells it which transport process to give it to, TCP, UDP and some othersUDP and some others

IP Header Format The header checksum verifies the header only. Checksum is useful to detecting The header checksum verifies the header only. Checksum is useful to detecting

errors generated by bad memory words inside a routererrors generated by bad memory words inside a router The source address and destination address indicate the network number and The source address and destination address indicate the network number and

host numbershost numbers The option field was designed to provide an escape to allow subsequent version The option field was designed to provide an escape to allow subsequent version

of the protocol to include information not present in the original designof the protocol to include information not present in the original design

Option Description

Security

Strict source routing

Loose source routingRecord routeTimestamp

Specifies how secret the datagram is

Gives the complete path to be followed

Gives a list of routers not to be missedMakes each router append its IP addressMakes each router append its address and timestamp

Fragmentation The IP-level datagram must be encapsulated in a lower The IP-level datagram must be encapsulated in a lower

network level packet to travel in the networknetwork level packet to travel in the network The rules for the fragmentation are as follows:The rules for the fragmentation are as follows:

The size of the resulting fragments must be a multiple The size of the resulting fragments must be a multiple of an octet so that the data displacement records, offset, of an octet so that the data displacement records, offset, within the datagram are done correctlywithin the datagram are done correctly

The size of the fragments are freely chosenThe size of the fragments are freely chosen The gateway must accept datagram with a greater size The gateway must accept datagram with a greater size

than that of the network they are connected to. This is than that of the network they are connected to. This is so larger datagram can be admitted to the networkso larger datagram can be admitted to the network

The host and gateways must handle datagram larger The host and gateways must handle datagram larger than 576 octetsthan 576 octets

D. E. Comer, "Computer Networks and Internets with Internet Applications," Prentice Hall, 2001, pp. 283-297.

[2]


ARP Address Resolution Protocol The IP packet are sent encapsulated in LAN or The IP packet are sent encapsulated in LAN or

WAN frame such as Ethernet, token ring or ATM WAN frame such as Ethernet, token ring or ATM Q. How does the host needs to know the correct Q. How does the host needs to know the correct

Ethernet destination address to put in the frame?Ethernet destination address to put in the frame?

EtherDes EtherSour length IP header PayloadEtherDes EtherSour length IP header Payload

A. It uses ARP to map from the IP destination A. It uses ARP to map from the IP destination address to the Ethernet destination addressaddress to the Ethernet destination address


[1]


ARP cont

The host broadcasts an APR request packet The host broadcasts an APR request packet which contains the IP address of the which contains the IP address of the required stationrequired station

The station which has that IP address The station which has that IP address replies directly (unicast) returning the replies directly (unicast) returning the correct IP addresscorrect IP address

Now the IP packet can be sent directly to Now the IP packet can be sent directly to the correct Ethernet addressthe correct Ethernet address

Reverse Address Resolution Protocol (RARP) Allows a station to determine its IP address from Allows a station to determine its IP address from

its hardware addressits hardware address A server can be configured to respond to RARP A server can be configured to respond to RARP

request automatically allocating IP address across request automatically allocating IP address across the networkthe network

Not used much nowadays, replaced instead by Not used much nowadays, replaced instead by more powerful auto configuration protocols such more powerful auto configuration protocols such as DHCP (Dynamic Host Configuration Protocol)as DHCP (Dynamic Host Configuration Protocol)


[1]

Dynamic Host Configuration Protocol DHCP Allows a client to be configured Allows a client to be configured

automatically over the network.automatically over the network. Means that machines do not have to have Means that machines do not have to have

configured by handconfigured by hand New machines can be added to the IP New machines can be added to the IP

network more easily network more easily Less chance of error (for example duplicate Less chance of error (for example duplicate

IP addresses being configured)IP addresses being configured)

Domain Name Service DNS

IP addresses are very difficult to rememberIP addresses are very difficult to remember DNS translates easier to remember text DNS translates easier to remember text

names www.soc.ncl.ac.uknames www.soc.ncl.ac.uk

into IP address 128.10.20.30into IP address 128.10.20.30 When a host requires a domain name When a host requires a domain name

translation it makes the request to its local translation it makes the request to its local Domain Name ServerDomain Name Server

A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 579-588,.

[1]

Domain Naming

Each name in DNS can be split up a series of Each name in DNS can be split up a series of domainsdomains

E.g. E.g. www.soc.ncl.ac.ukwww.soc.ncl.ac.uk uk=domain of the UKuk=domain of the UK ac.uk= academic domain within the UKac.uk= academic domain within the UK ncl.ac.uk=Newcastle University domain within ncl.ac.uk=Newcastle University domain within

UK academicUK academic soc.ncl.ac.uk School of computing domain within soc.ncl.ac.uk School of computing domain within

Newcastle University within UK academicNewcastle University within UK academic

Domain Name Servers Each domain name server is responsible domainEach domain name server is responsible domain The first request will go to the server which is the local machine The first request will go to the server which is the local machine

domaindomain DNS server can react in 3 different wayDNS server can react in 3 different way

-DIRECT just send back the correct IP address-DIRECT just send back the correct IP address

-RECURSIVE if it doesn’t know the IP address make a request to another -RECURSIVE if it doesn’t know the IP address make a request to another DNS server for the IP address then send back the IP addressDNS server for the IP address then send back the IP address

-INDIRECT send back the IP address of another DNS server-INDIRECT send back the IP address of another DNS server

The change from IPv4 to IPv6 falls primarily into the following categories:

• Expanded Addressing Capabilities IP address size from 32 bits to 128• Header format simplification• Improved support for extensions and options• Flow labelling capability•Authentication and privacy capabilities

IPv6 extension headers


[1] D. E. Comer, "Computer Networks and Internets with Internet Applications," Prentice Hall, 2001, pp. 339-348.

[2]

Order of extension headers for IPv6

Option header formats

Hop-by-hop extension IPv6 options header

Routing Extension IPv6 header

Routing type 0 header

Fragment extension IPv6 header

TCP and UDP “pseudo-header” for IPv6

Tutorial Sheet: Network Systems and Technologies by Prof R. A. Carrasco

1) 1) What is the principal difference between connectionless communication and connection-oriented What is the principal difference between connectionless communication and connection-oriented communication?communication?

2) 2) Two networks each provide reliable connection-oriented service. One of them offers a reliable byte Two networks each provide reliable connection-oriented service. One of them offers a reliable byte

stream and the other offers a reliable message stream. Are these identical? If so, why is the distinction stream and the other offers a reliable message stream. Are these identical? If so, why is the distinction mode? If not, give an example of how they differ.mode? If not, give an example of how they differ.

3) 3) What are two reasons for using layered protocols?What are two reasons for using layered protocols? 4) 4) Give two example applications for which connection-oriented service is appropriate. Now give two Give two example applications for which connection-oriented service is appropriate. Now give two

examples for which connectionless service is best.examples for which connectionless service is best. 5) 5) Are there any circumstances when a virtual circuit service will (or at least should) deliver packets out of Are there any circumstances when a virtual circuit service will (or at least should) deliver packets out of

order? Explain.order? Explain. 6) 6) Datagram subnets route each packet as a separate unit, independent of all others. Virtual circuit subnets Datagram subnets route each packet as a separate unit, independent of all others. Virtual circuit subnets

do not have to do this, since each data packet follows a predetermined route. Does this observation mean do not have to do this, since each data packet follows a predetermined route. Does this observation mean that virtual circuit subnets do not need the capability to route isolated packets from an arbitrary source to that virtual circuit subnets do not need the capability to route isolated packets from an arbitrary source to an arbitrary destination? Explain your answer.an arbitrary destination? Explain your answer.

7) 7) What does ‘negotiation’ mean when discussing network protocols? Give an example of it.What does ‘negotiation’ mean when discussing network protocols? Give an example of it.

8) 8) Give three examples of protocol parameters that might be negotiated when a connection is set up.Give three examples of protocol parameters that might be negotiated when a connection is set up. 9) 9) Discuss the advantages and disadvantages of message switching over circuit switching and Discuss the advantages and disadvantages of message switching over circuit switching and

performance comparison.performance comparison. 10) 10) Discuss the advantages/disadvantages of packet switching over circuit switching (and performance Discuss the advantages/disadvantages of packet switching over circuit switching (and performance

comparison)comparison) 11) 11) Discuss the characteristics and medium access control techniques of Broadcast Networks.Discuss the characteristics and medium access control techniques of Broadcast Networks. 12) 12) Describe the routing functions attributes and their elements.Describe the routing functions attributes and their elements. 13) 13) Describe the following routing strategies:Describe the following routing strategies:

Fixed RoutingFixed RoutingFloodingFloodingRandom RoutingRandom RoutingAdaptive RoutingAdaptive Routing

TCP Transmission Control Protocol

ServicesServices

-Guarantees end to end delivering of packets-Guarantees end to end delivering of packets

-Control the flow of data from host to host -Control the flow of data from host to host and host into the networkand host into the network

-Multiplexing, the TCP header has a port -Multiplexing, the TCP header has a port number which is used to determine which number which is used to determine which application should receive the packetapplication should receive the packet


[1] http://netbook.cs.purdue.edu/anmtions/anim20_1.htm

TCP Datagram Format, RFC 793A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 532-553.

[1]

TCP Client Ports

Q. If you have a computer running an e-mail Q. If you have a computer running an e-mail package, 2 web browsers (e.g. Netscape and IE) package, 2 web browsers (e.g. Netscape and IE) how does the compute know when a TCP/IP how does the compute know when a TCP/IP packet arrives which application should receive packet arrives which application should receive the packet?the packet?

A. Each application sets up its connection using a A. Each application sets up its connection using a different port number, when the replies come back different port number, when the replies come back from the server the port number is used to send the from the server the port number is used to send the packet to the current connection.packet to the current connection.

TCP SERVER PORTS

The server must respond to client requestsThe server must respond to client requests Q. How does the client know which port to Q. How does the client know which port to

send its request to?send its request to? A. “Well known port numbers” are assigned A. “Well known port numbers” are assigned

to particular servicesto particular services

TCP Error control

The acknowledgment (ack) and sequence number fields The acknowledgment (ack) and sequence number fields are used to guarantee delivery of packets to the destinationare used to guarantee delivery of packets to the destination

For each packet sent out an ack must be sent back.For each packet sent out an ack must be sent back. If no ack is sent back within a certain time the packet is If no ack is sent back within a certain time the packet is

sent again.sent again. Each new packet to be transmitted is allocated a new Each new packet to be transmitted is allocated a new

sequence no. the returning ack no. informs the sender of sequence no. the returning ack no. informs the sender of the next expected sequence no.the next expected sequence no.

The sequence no. is used to keep the packets in orderThe sequence no. is used to keep the packets in order


TCP flow control

The window size field is used by the receiver to The window size field is used by the receiver to control the flow of packets from the sender.control the flow of packets from the sender.

If the receiver sets the window size to 400 the If the receiver sets the window size to 400 the sender is only allowed to send 400 bytes before sender is only allowed to send 400 bytes before stopping.stopping.

The receiver can stop the sender by setting the The receiver can stop the sender by setting the window size to 0window size to 0



TCP congestion control

TCP uses a slow start algorithm to initially TCP uses a slow start algorithm to initially limit a new connection’s bandwidth.limit a new connection’s bandwidth.

This is so that the connection does not This is so that the connection does not overload the network infrastructureoverload the network infrastructure

TCP increases the flow of data into the TCP increases the flow of data into the network until an ack timeout occurs it will network until an ack timeout occurs it will then cut backthen cut back

UDP User Datagram Protocol

ServicesServices

-provides port allocations the same as TCP-provides port allocations the same as TCP

-does NOT guarantee delivery-does NOT guarantee delivery

-does not guarantee sequencing-does not guarantee sequencing

-useful when speed is more important than -useful when speed is more important than reliability e.g. Internet telephonyreliability e.g. Internet telephony


[1]

User Datagram Protocol (UDP), RFC 768

• Source Port Destination Port Length Field The Checksum

• Internet Protocol IP RFC 791, RFC 792, RFC 826

IPv4, IPv6

Applications of UDP

Appropriate whenAppropriate when

- transport layer overhead must be - transport layer overhead must be minimized or minimized or

- data reliability is not crucial- data reliability is not crucial

- Services such as NFS, DNS, SNMP and - Services such as NFS, DNS, SNMP and Voice over IP (VoIP) use UDPVoice over IP (VoIP) use UDP

Sockets

1 2 65535 1 2 65535

TCP UDP

TCP ports UDP ports

Sockets bound to ports

UDP sockets

Socket references

TCP sockets

Applications

IP

A socket allows applications to send and receive data. It allows an application to connect to a network and communicate with other applications on that network Stream sockets use TCP as the end-to-end protocol with IP underneath Datagram sockets use UDP end-to-end with IP underneath A TCP/IP socket is uniquely identified by an Internet address, type of protocol and a port number

Relationship of Socket Classes

TcpListener TcpClientClass

UdpClientClass

Socket Class

WinSock 2.0 Implementation

WinSock was developed by Microsoft and provides standard socket functions.

The .NET framework provides higher level classes to simplify programming tasks.

The .NET socket class allows access to the underlying sockets interface.

TcpListener, TcpClient and UdpClient are higher level .NET socket classes that are implemented using the .NET Socket wrapper class.

.NETFramework

Classes

UnderlyingImplementatio

n

TCP Sockets The .NET framework provides two classes for TCP: The .NET framework provides two classes for TCP:

TcpClientTcpClient and and TcpListenerTcpListener

..NET uses the NET uses the EndPoint EndPoint class and class and IPEndPoint IPEndPoint subclass subclass to represent the TCP channel.to represent the TCP channel.

Communication with a TCP client is initiated in three Communication with a TCP client is initiated in three steps:steps:

1.1. Construct an instance of Construct an instance of TcpClientTcpClient2.2. Communicate using the socket’s streamCommunicate using the socket’s stream3.3. Close the connectionClose the connection

TCP Client and Echo server in C#0. using System; //For string, Int32, Console, ArgumentException

1. using System.text; //For Encoding

2. using System.IO; //For IOException

3. using System.Net.Sockets //For TcpClient, NetworkStream, SocketException

4.

5. class TcpEchoClient{

6.

7. static void Main(string[] args){

8.

9. if ((args.Length < 2) || (args.Length > 3)) { // Test for correct no of args

10. throw new ArgumentException(“Parameters: <Server> <Word> [<Port>]”);

11. }

12.

13. String server = args[0]; // Server name or IP address

14.

15.// Convert input String to bytes

16. byte[] byteBuffer = Encoding.ASCII.Getbytes(args[1]);

17.

18. //Use port argument if supplied, otherwise default to 7

19. Int servPort = (args.Length == 3) ? Int32.Parse(args[2]) : 7;

20.

TCP Client and Echo server in C#

21. TcpClient client = null;

22. NetworkStream netStream = null;

23.

24. try{

25. // Create socket that is connected to server on specified port

26. client = new TcpClient(server, servPort);

27.

28. Console.WriteLine(“Connected to server… sending echo string”);

29.

30. netStream = client.GetStream();

31.

32. // Send the encoded string to the server

33. netStream.Write(byteBuffer, 0, byteBuffer.Length);

34.

35. Console.WriteLine(“Sent {0} bytes to server…”, byteBuffer.Length);

36.

37. int totalBytesRcvd = 0; // Total bytes received so far

38. int bytesRcvd = 0; // Bytes received in last read

39.


40. //Receive the same string back from the server41. while(totalBytesRcvd < byteBuffer.Length){42. if((bytesRcvd = netStream.Read(byteBuffer, totalBytesRcvd, byteBuffer.Length – totalBytesRcvd)) == 0){43. Console.WriteLine(“Connection closed prematurely.”);45. break;46. }47. totalBytesRcvd += bytesRcvd;48. }49.50. Console.WriteLine(“Received {0} bytes from server: {1}”, totalBytesRcvd, 51. Encoding.ASCII.Getstring(byteBuffer, 0, totalBytesRcvd));52. 53. } catch (Exception e){54. Console.WriteLine(e.Message);55. } finally {56. netStream.Close();57. client.Close();58. }59. }60.}


Lines 15-16 convert the echo string to bytesLines 15-16 convert the echo string to bytes Line 19 finds the echo server portLine 19 finds the echo server port Lines 25-26 create the TCP socketLines 25-26 create the TCP socket Line 30 gets the socket streamLine 30 gets the socket stream Lines 32-33 send the string to the echo serverLines 32-33 send the string to the echo server Line 40-48 receive the reply from the echo serverLine 40-48 receive the reply from the echo server Lines 50-51 print the echoed stringLines 50-51 print the echoed string Lines 53-54 handle errorsLines 53-54 handle errors Lines 55-58 close the stream and socketLines 55-58 close the stream and socket

UDP Sockets The .NET framework provides UDP sockets The .NET framework provides UDP sockets

functionality using the class UdpClient. This allows for functionality using the class UdpClient. This allows for both sending and receiving UDP packets, and can be both sending and receiving UDP packets, and can be used to construct a UDP client and server.used to construct a UDP client and server.

The UDP client works in the following way:The UDP client works in the following way:

1.1. Construct an instance of UdpClientConstruct an instance of UdpClient

2.2. Communicate using the Send() and Receive() methods of UdpClientCommunicate using the Send() and Receive() methods of UdpClient

3.3. Use the Close() method of UdpClient to deallocate the socket.Use the Close() method of UdpClient to deallocate the socket.

UDP Client and Echo Server in C#0. using System; //For String, Int32, Console

1. using System.Text; //For Encoding

2. using System.Net; //For IPEndPoint

3. using System.Net.Sockets //For UdpClient, SocketException

4.

5. class UdpEchoClient {

6.

7. static void Main(string[] args) {

8.

9. if((args.Length < 2) || (args.Length > 3)) { // Test for correct no of args

10. throw new System.ArgumentException(“Parameters: <Server> <Word> [<Port>]”);

11. }

12.

13. String server = args[0]; // Server name or IP address

14.

15. // Use port argument if supplied, otherwise default to 7

16. int servPort = (args.Length == 3) ? Int32.Parse(args[2]) : 7;

17.

18. // Convert input String to an array of bytes

19. byte[] sendPacket = Encoding.ASCII.GetBytes(args[1]);

20.

21. // Create a UdpClient instance

22. UdpClient client = new UdpClient();

UDP Client and Echo Server in C#

23 try {24. // Send the echo string to the specified host and port25. client.Send(sendPacket, sendPacket.Length, server, servPort);26. 27. Console.WriteLine(“Sent {0} bytes to the server…”, sendPacket.Length);28.29. // This IPEndPoint instance will be populated with the remote sender’s endpoint information after the

Receive() call30. IPEndPoint remoteIPEndPoint = new IPEndPoint(IPAddress.Any, 0);31.32. // Attempt echo reply receive33. byte[] rcvPacket = client.Receive(ref remoteIPEndPoint);34.35. Console.Writeline(“Received {0} bytes from {1}: {2}”, rcvPacket.Length, remoteIPEndPoint, 36. Encoding.ASCII.Getstring(rcvPacket, 0,

rcvPacket.Length));37.38. } catch (SocketException se) {39. Console.WriteLine(se.ErrorCode + “: “ + se.Message);40. }41.42. client.Close();43. }44. }

UDP Client and Echo Server in C#

Lines 21-22 create the UDP socketLines 21-22 create the UDP socket Lines 24-25 send the datagramLines 24-25 send the datagram Lines 29-30 create a remote IP end point for Lines 29-30 create a remote IP end point for

receivingreceiving Lines 32-33 handle datagram receptionLines 32-33 handle datagram reception Lines 35-36 print reception resultsLines 35-36 print reception results Line 42 closes the socketLine 42 closes the socket

Voice over IP (VoIP)

VoIP is the routing of voice signals over an VoIP is the routing of voice signals over an IP-based network.IP-based network.

The analogue voice signal is converted to a The analogue voice signal is converted to a digital signal.digital signal.

The digital signal is compressed using a The digital signal is compressed using a codec (G.7xxx for voice, H.26xx for video)codec (G.7xxx for voice, H.26xx for video)

The digital signal is then split into packets The digital signal is then split into packets by a process called by a process called PacketizationPacketization

Voice over IP (VoIP)

Advantages:Advantages:

Incoming calls can be routed to a VoIP phone anywhere on Incoming calls can be routed to a VoIP phone anywhere on the networkthe network

Lower cost especially for international callsLower cost especially for international calls

Disadvantages:Disadvantages:

Received IP packets can arrive in any order or even be Received IP packets can arrive in any order or even be missing resulting in poor QoS.missing resulting in poor QoS.

Susceptible to power cuts Susceptible to power cuts

RTSPAudio/VideoApplications

ENUMCodecs

G.xxx, H.26x SDP

H.323 MEGACO/H.248 DNS RTP SAPRTCP MGCP RSVPSIP

TCP UDP

IP

Network Interface Layer Protocols

Voice over IP Protocols

Protocols supporting VoIP

Multicast IPMulticast IP Real-Time Transport Protocol (RTP)Real-Time Transport Protocol (RTP) Real-Time Control Protocol (RTCP)Real-Time Control Protocol (RTCP) Resource Reservation Protocol (RSVP)Resource Reservation Protocol (RSVP) Real-Time Streaming Protocol (RTSP)Real-Time Streaming Protocol (RTSP) Session Description Protocol (SDP)Session Description Protocol (SDP) Session Initiation Protocol (SIP)Session Initiation Protocol (SIP) Electronic Numbers (ENUM)Electronic Numbers (ENUM)


Multicast IPMulticast IP efficiently sends data to multiple receivers at the same efficiently sends data to multiple receivers at the same time on TCP/IP networks.time on TCP/IP networks.

RTPRTP provides end-to-end delivery services for data that requires real- provides end-to-end delivery services for data that requires real-time support.time support.

RTCPRTCP monitors the QoS and conveys information about each user in monitors the QoS and conveys information about each user in the communication session.the communication session.

RSVPRSVP requests an appropriate level of service from the network. requests an appropriate level of service from the network.

RTSPRTSP controls the delivery of data that has real-time properties. controls the delivery of data that has real-time properties.

SDPSDP describes a multimedia session for the purposes of session describes a multimedia session for the purposes of session announcement and invitation. announcement and invitation.


SIPSIP establishes a communication session establishes a communication session between two end-points. It creates, modifies between two end-points. It creates, modifies and terminates sessions between and terminates sessions between participants. participants.

ENUMENUM bridges the gap between telephone bridges the gap between telephone numbers and IP addresses.numbers and IP addresses.

Real-Time Transport Protocol (RTP)

V=2

Contributing Source (CSRC) Identifier(0 to 15 items)

20 ms Voice Sample

PX CC M PT Sequence Number

Timestamp

Synchronisation Source (SSRC) Identifier

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 11 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3

Bits

V = Version (currently 2)

CC = CSRC Count. Counts the number of CSRC identifiers in the RTP header

CSRC – Identifies contributing sources (conferencing) in the payload. There can only be a maximum of 15 contributing sources. These are inserted by a mixer.

SSRC – Identifies synchronisation sources. It is chosen randomly so that two or more synchronisation sources in the same RTP session have the same SSRC identifier.

Voice over IP Packet Format

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 11 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3

VER

Identifier

Time to live

Source Address

Destination Address

Options + Padding

Source Port

V=2

Contributing Source (CSRC) Identifier(0 – 15 items)

20 ms Voice Sample

IHL Type of service Total Length

Flags Fragment Offset

Protocol Header Checksum

Destination Port

Length Checksum

PX CC M PT Sequence Number

Timestamp

Synchronisation Source (SSRC) Identifier

Bits

IPv4 Header20 octets

+Options

+Padding

UDP Header8 Octets

RTP Header12 octets

+Identifiers

Data20 octets

References

““TCP/IP Illustrated, Volume 1, The Protocols”, W. TCP/IP Illustrated, Volume 1, The Protocols”, W. Richard Stevens, Addison-Wesley Professional Computing Richard Stevens, Addison-Wesley Professional Computing Series, 1994Series, 1994

““TCP/IP Sockets in C#, Practical Guide for Programmers”, TCP/IP Sockets in C#, Practical Guide for Programmers”, David B. Makofske, Michael J. Donahoo, Kenneth L. David B. Makofske, Michael J. Donahoo, Kenneth L. Calvert, The Practical Guide Series, Elsevier, 2004Calvert, The Practical Guide Series, Elsevier, 2004

““Voice over IP Technologies, Building the Converged Voice over IP Technologies, Building the Converged Network”, Mark A. Miller, M&T Books, 2002Network”, Mark A. Miller, M&T Books, 2002

ALOHA and Packet Broadcasting Channel

Prof. R. A. CarrascoProf. R. A. Carrasco

School of Electrical, Electronic and Computer engineeringSchool of Electrical, Electronic and Computer engineering20062006

University of Newcastle-upon-TyneUniversity of Newcastle-upon-Tyne

A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.251-264.

[1]

Packet Broadcasting Related Works by Metcalfe and Abransom1) 1970: N. Abramson, “The ALOHA System – 1) 1970: N. Abramson, “The ALOHA System –

Another alternative for computer Another alternative for computer communications.”, in Proc. AFIPS Press, vol 37, communications.”, in Proc. AFIPS Press, vol 37, 19701970

2) 1973: R. M. Metcalfe, “Packet communication,” 2) 1973: R. M. Metcalfe, “Packet communication,” MIT, Cambridge, MA, Rep. MAC TR-114, July 1973.MIT, Cambridge, MA, Rep. MAC TR-114, July 1973.

3) 1977: N. Abramson, “The Throughput of Packet 3) 1977: N. Abramson, “The Throughput of Packet Broadcasting Channels,” IEEE Trans. Commun., Broadcasting Channels,” IEEE Trans. Commun., vol. COM-25, no. 10, Jan 1977vol. COM-25, no. 10, Jan 1977

4) 1985: N. Abramson, “Development of the 4) 1985: N. Abramson, “Development of the ALOAHANET,” IEEE Trans. Info. Theory., March ALOAHANET,” IEEE Trans. Info. Theory., March 19851985

IEEE Transactions on Information Theory, March 1985

Development of the ALOHANETDevelopment of the ALOHANET

ALOHA Project

Started In September 1968Started In September 1968 GoalGoal

To build computer network in University of To build computer network in University of Hawaii.Hawaii.

To investigate the use of radio communications To investigate the use of radio communications as an alternative to the telephone system for as an alternative to the telephone system for computer communication.computer communication.

To determine those situations where radio To determine those situations where radio communications are preferable to conventional communications are preferable to conventional wire communicationswire communications

Problem

Limited Resource: ChannelLimited Resource: Channel Intermittent operation typical of Intermittent operation typical of

interactive computer terminal interactive computer terminal don’t need point-to-point channels. don’t need point-to-point channels. (FDMA or TDMA)(FDMA or TDMA)

Spread Spectrum is not Spread Spectrum is not appropriate to share the channel.appropriate to share the channel.

Approach

Packet Broadcasting ChannelsPacket Broadcasting Channels Each user transmits its packets over the Each user transmits its packets over the

common broadcast channel.common broadcast channel. Key innovationKey innovation of ALOHANET. of ALOHANET.

There are basically two types of ALOHA There are basically two types of ALOHA systemssystems

--Synchronized or slotted and--Synchronized or slotted and

--Unsynchronized or unslotted--Unsynchronized or unslotted

System Design

1968, they decided main approach (Packet 1968, they decided main approach (Packet Broadcasting) for Broadcasting) for design simplicitydesign simplicity. .

Frequency Band: two 100KHz bandwidth Frequency Band: two 100KHz bandwidth channels at 407.350MHz and 413.475MHz.channels at 407.350MHz and 413.475MHz.

TCU (Terminal Control Unit):TCU (Terminal Control Unit): Formatting of the ALOHA packets.Formatting of the ALOHA packets. Retransmission protocol.Retransmission protocol. A Terminal attached TCU by means of RS232.A Terminal attached TCU by means of RS232. Half duplex mode. (too expensive memory)Half duplex mode. (too expensive memory)

History 1971: start operation in University of Hawaii.1971: start operation in University of Hawaii.

1971-72: build additional TCUs.1971-72: build additional TCUs.

1972: connect to ARPANET using satellite channel. (56kbps)1972: connect to ARPANET using satellite channel. (56kbps)

1973: Metcalfe’s doctorial dissertation about packet broadcasting. 1973: Metcalfe’s doctorial dissertation about packet broadcasting.

1973: PACNET, international satellite networks. (9600 bits/s)1973: PACNET, international satellite networks. (9600 bits/s)

1973 ~ : Many researches about “packet broadcasting”.1973 ~ : Many researches about “packet broadcasting”. 1976: slotted ALOHA.1976: slotted ALOHA.

1984: unslotted ALOHA in the UHF band by Motorola.1984: unslotted ALOHA in the UHF band by Motorola.

Strategic Theoretical Realities An appreciation of the basic capacity of the channels and the An appreciation of the basic capacity of the channels and the

matching of that capacity to the information rate of the signals.matching of that capacity to the information rate of the signals.

In data network, distinguish between the average data rate and In data network, distinguish between the average data rate and the burst data ratethe burst data rate

Network design: to handle different kinds of signals from Network design: to handle different kinds of signals from different source.different source.

Deals with the problem of scaling for large system.Deals with the problem of scaling for large system.

Packet broadcasting channel is more scalable than point-to-Packet broadcasting channel is more scalable than point-to-point channel or switching.point channel or switching.

Theoretical analysis give good guide to design network, but the Theoretical analysis give good guide to design network, but the converse also is true.converse also is true. The operation of a real network can be a valuable guide to the The operation of a real network can be a valuable guide to the

selection of theoretical problems.selection of theoretical problems.

Packet Switching and Packet Broadcasting Packet switching can provide a powerful means of Packet switching can provide a powerful means of

sharing communication resources.sharing communication resources. But it employ point-to-point channels and large But it employ point-to-point channels and large

switches for routing.switches for routing. By use of packet broadcastingBy use of packet broadcasting

Elimination of routing and switches.Elimination of routing and switches. System simplicitySystem simplicity Some channels are basically broadcast channel. Some channels are basically broadcast channel.

(satellite, ..)(satellite, ..)

• Needs unified presentation of packet broadcasting Needs unified presentation of packet broadcasting theory.theory.

Packet Broadcasting Channel Each user transmits packets over the Each user transmits packets over the

common broadcast channel completely common broadcast channel completely unsynchronized.unsynchronized.

Loss due to the overlap. Loss due to the overlap. How many users can share a channel?How many users can share a channel?

Recovery of Lost Packets

Positive Acknowledgements.Positive Acknowledgements.

Transponder Packet Broadcasting.Transponder Packet Broadcasting.

Carrier Sense Packet Broadcasting.Carrier Sense Packet Broadcasting.

Packet Recovery CodesPacket Recovery Codes

ALOHA Systems and Protocols We assume that the start time of packets/s that are We assume that the start time of packets/s that are

transmitted is a Poisson point processtransmitted is a Poisson point process

An average rate of An average rate of λλ packets packets

Let TLet Tpp denote the time duration of a packet denote the time duration of a packet

The normalised channel traffic G is definedThe normalised channel traffic G is defined G=G=λλTTpp

It also called the offered channel trafficIt also called the offered channel traffic

ALOHA Capacity

Errors reduce the ALOHA CapacityErrors reduce the ALOHA Capacity Random noise errorsRandom noise errors Errors caused by packet overlap.Errors caused by packet overlap.

Statistical Analysis:

S: Channel ThroughputG: Channel Traffic

Throughput is maximum 1/2e when channel traffic equals 0.5.

ALOHA Capacity

Meaning of the resultMeaning of the result ALOHA: 9600 bits/sALOHA: 9600 bits/s Terminal: 5bits/sTerminal: 5bits/s

9600 X 1/2e = about 1600 bits/s9600 X 1/2e = about 1600 bits/s The channel can handle the traffic of The channel can handle the traffic of

over 300 active terminals and each over 300 active terminals and each terminal will operate at a peak data terminal will operate at a peak data rate 9600 bits/srate 9600 bits/s

Slotted ALOHA Channel Capacity

Each user can start his packet only Each user can start his packet only at certain fixed instants.at certain fixed instants.

Statistical Analysis

It increase the throughput

Mixed Data Rates

Unslotted ALOHA: Variable Packet LengthsUnslotted ALOHA: Variable Packet Lengths = Long Packet Length/ Short Packet Length= Long Packet Length/ Short Packet Length G1 = Short Packet TrafficG1 = Short Packet Traffic G2 = Long Packet TrafficG2 = Long Packet Traffic

Total channel throughput can undergo a significant decrease.

Slotted ALOHA: Variable Packet Rates Assume ALOHA used by Assume ALOHA used by nn users with different channel users with different channel

traffic.traffic.

ALOHA

Meaning of the resultMeaning of the result In a lightly loaded slotted ALOHA In a lightly loaded slotted ALOHA

channel, a single user can transmit channel, a single user can transmit data at rates above the limit 1/e. data at rates above the limit 1/e. : Excess Capacity.: Excess Capacity.

Important for the network consisting Important for the network consisting of many interactive terminal users of many interactive terminal users and small number of users who send and small number of users who send large but infrequent files.large but infrequent files.

Question 1

In a pure ALOHA system, the channel bit In a pure ALOHA system, the channel bit rate is 2400bits/s. Suppose that each rate is 2400bits/s. Suppose that each terminal transmits a 100-bit message every terminal transmits a 100-bit message every minute on average.minute on average.

i) Determine the maximum number of i) Determine the maximum number of terminals that can use the channelterminals that can use the channel

ii) Repeat (i) if slotted ALOHA is usedii) Repeat (i) if slotted ALOHA is used

Question 2

An alternative derivation for theAn alternative derivation for the

throughput in a pure ALOHA system throughput in a pure ALOHA system

may be obtained from the relationmay be obtained from the relation

G=S+A, where A is the average G=S+A, where A is the average

(normalised) rate of retransmission. Show that(normalised) rate of retransmission. Show that

A=G(1-A=G(1-ee-2G-2G ) and then solve for S. ) and then solve for S.

Question 3

Consider a pure ALOHA system that is Consider a pure ALOHA system that is operating with a throughput S=0.1operating with a throughput S=0.1

and packets are generated with a and packets are generated with a

Poisson arrival rate Poisson arrival rate λλ. Determine: . Determine:

i)i) The value of GThe value of G

ii)ii) The average number of attempted The average number of attempted

transmissions to send a packet.transmissions to send a packet.

Question 4 Consider a CSMA/CD system in which the Consider a CSMA/CD system in which the

transmission rate on the bus is 10 Mtransmission rate on the bus is 10 Mττbits/s. The bits/s. The bus is 2 Km and the propagation delay is 5 bus is 2 Km and the propagation delay is 5 μμs/Km. s/Km.

Packets are 1000 bits long. Packets are 1000 bits long. Determine:Determine:

i) The end-to-end delay i) The end-to-end delay dd..

ii) The packet duration Tii) The packet duration Tpp

iii) The ratio iii) The ratio dd/T/Tpp

iv) The maximum utilization of the bus and the maximum bit iv) The maximum utilization of the bus and the maximum bit rate.rate.

MSc Telecommunications Questions

by Professor R. A. Carrasco 1.1. Describe the evolution of the Internet and protocols for a communication network. Describe the evolution of the Internet and protocols for a communication network.

2.2. Explain the concept of a hub, bridge, router and modem for local area networks. Explain the concept of a hub, bridge, router and modem for local area networks.

3.3. Explain the concept and protocols of Ethernet (IEEE 802.3), Token Bus (IEEE 820.4) and Token Ring Explain the concept and protocols of Ethernet (IEEE 802.3), Token Bus (IEEE 820.4) and Token Ring (IEEE 802.5) (IEEE 802.5)

4.4. Describe how you can determine the utilisation for IEEE 802.3 and proveDescribe how you can determine the utilisation for IEEE 802.3 and prove

5.5. Give advantages and disadvantages of a wireless LAN Give advantages and disadvantages of a wireless LAN

6.6. Describe the criteria for LAN design Describe the criteria for LAN design

7.7. Explain the architecture for IEEE 802.Explain the architecture for IEEE 802.xx, TCP/IP and ISO/OSI , TCP/IP and ISO/OSI

8.8. Describe the OSI and TCP/IP model Describe the OSI and TCP/IP model

9.9. Explain each feature of the IP datagram Explain each feature of the IP datagram

10.10. Explain the Internet classes and give an example of how to design an IP address for a networkExplain the Internet classes and give an example of how to design an IP address for a network

))21(1(

1

kat

TU

v

11.11. Explain the concept of ARP, RARP, DHCP and DNS Explain the concept of ARP, RARP, DHCP and DNS

12.12. Explain IPv4 and IPv6 and how they differ Explain IPv4 and IPv6 and how they differ

13.13. Explain TCP, TCP Client Ports, TCP Server Ports, Error Control, Flow Control and Congestion Explain TCP, TCP Client Ports, TCP Server Ports, Error Control, Flow Control and Congestion Control Control

14.14. Describe UDP Describe UDP

15.15. Explain the concept of TCP sockets and what their relation is with the different socket classes Explain the concept of TCP sockets and what their relation is with the different socket classes

16.16. Repeat for UDP Repeat for UDP

17.17. Give advantages and disadvantages of Voice over IP (VoIP) Give advantages and disadvantages of Voice over IP (VoIP)

18.18. Explain VoIP protocols and how they are related to each other Explain VoIP protocols and how they are related to each other

19.19. Give an overview of the IEEE 802 and IEEE 802.11 working group Give an overview of the IEEE 802 and IEEE 802.11 working group

20.20. Give an example of an IEEE 802.11 WLAN architecture and explain stations and access points Give an example of an IEEE 802.11 WLAN architecture and explain stations and access points

21.21. Explain how to determine the channel utilisation expression to evaluate the performance of IEEE Explain how to determine the channel utilisation expression to evaluate the performance of IEEE 802.11b 802.11b

22.22. Describe the concept of a fragment burst Describe the concept of a fragment burst

23.23. Make comparisons between WiMax, WLAN and Bluetooth Make comparisons between WiMax, WLAN and Bluetooth

24.24. For security in communication networks, describe private and public key cryptography for Internet For security in communication networks, describe private and public key cryptography for Internet browsers. browsers.

25.25. Why is the ALOHA project important in a broadcasting system? Why is the ALOHA project important in a broadcasting system?

26.26. Explain how to determine the ALOHA capacity and channel throughput Explain how to determine the ALOHA capacity and channel throughput

Wireless LANs

AdvantagesAdvantages Increased mobility of usersIncreased mobility of users Increased flexibility and fluidity, Increased flexibility and fluidity,

including ad-hoc networksincluding ad-hoc networks Instant networkingInstant networking Availability of LAN technologyAvailability of LAN technology


[1]

Wireless LANs

DisadvantagesDisadvantages Higher CostHigher Cost Lower PerformanceLower Performance Lower Reliability (Variable Channel Lower Reliability (Variable Channel

Characteristics)Characteristics) Multiple StandardsMultiple Standards Poor Inherent SecurityPoor Inherent Security

LAN Design

IEEE 802.11 Wireless LAN Draft Standard

Professor R. A. CarrascoProfessor R. A. Carrasco


[1]

Introduction

IEEE 802.11 Draft 5.0 is a draft standard for Wireless IEEE 802.11 Draft 5.0 is a draft standard for Wireless Local Area Network (WLAN) communication.Local Area Network (WLAN) communication.

This tutorial is intended to describe the relationship This tutorial is intended to describe the relationship between 802.11 and other LANs, and to describe some of between 802.11 and other LANs, and to describe some of the details of its operation.the details of its operation.

It is assumed that the audience is familiar with serial data It is assumed that the audience is familiar with serial data communications, the use of LANs and has some communications, the use of LANs and has some knowledge of radios.knowledge of radios.

802.11 Data Frame

Address 1FrameControl Duration Address 2 Address 3 Seq Address 4 Data

Check-sum

Bytes 2 2 6 6 6 2 6 0-2312 4

Version Type SubtypeToDS

FromDS MF

Re-try

Pwr More W O

Bits 2 2 4 1 1 1 1 1 1 1 1

Frame Control

Contents Glossary of 802.11 Wireless TermsGlossary of 802.11 Wireless Terms OverviewOverview 802.11 Media Access Control (MAC)802.11 Media Access Control (MAC) Frequency Hopping and Direct Sequence Spread Spectrum Frequency Hopping and Direct Sequence Spread Spectrum

TechniquesTechniques 802.11 Physical Layer (PHY)802.11 Physical Layer (PHY) SecuritySecurity PerformancePerformance Inter Access Point ProtocolInter Access Point Protocol Implementation SupportImplementation Support Raytheon ImplementationRaytheon Implementation

Glossary of 802.11 Wireless Terms Station (STA): A computer or device with a wireless network Station (STA): A computer or device with a wireless network

interface.interface. Access Point (AP): Device used to bridge the wireless-wired Access Point (AP): Device used to bridge the wireless-wired

boundary, or to increase distance as a wireless packet repeater.boundary, or to increase distance as a wireless packet repeater. Ad Hoc Network: A temporary one made up of stations in mutual Ad Hoc Network: A temporary one made up of stations in mutual

range.range. Infrastructure Network: One with one or more Access Points.Infrastructure Network: One with one or more Access Points. Channel: A radio frequency band, or Infrared, used for shared Channel: A radio frequency band, or Infrared, used for shared

communication.communication. Basic Service Set (BSS): A set of stations communicating wirelessly Basic Service Set (BSS): A set of stations communicating wirelessly

on the same channel in the same area, Ad Hoc or Infrastructure.on the same channel in the same area, Ad Hoc or Infrastructure. Extended Service Set (ESS): A set BSSs and wired LANs with Extended Service Set (ESS): A set BSSs and wired LANs with

Access Points that appear as a single logical BSS.Access Points that appear as a single logical BSS.

Glossary of 802.11 Wireless Terms, cont. BSSID & ESSID: Data fields identifying a stations BSS & BSSID & ESSID: Data fields identifying a stations BSS &

ESS.ESS. Clear Channel Assessment (CCA): A station function used Clear Channel Assessment (CCA): A station function used

to determine when it is OK to transmit.to determine when it is OK to transmit. Association: A function that maps a station to an Access Association: A function that maps a station to an Access

Point.Point. MAC Service Data Unit (MSDU): Data Frame passed MAC Service Data Unit (MSDU): Data Frame passed

between user & MAC.between user & MAC. MAC Protocol Data Unit (MPDU): Data Frame passed MAC Protocol Data Unit (MPDU): Data Frame passed

between MAC & PHY.between MAC & PHY. PLCP Packet (PLCP_PDU): Data Packet passed from PLCP Packet (PLCP_PDU): Data Packet passed from

PHY to PHY over the Wireless Medium.PHY to PHY over the Wireless Medium.

Overview, IEEE 802, and 802.11 Working Group IEEE Project 802 charter:IEEE Project 802 charter:

Local & Metropolitan Area NetworksLocal & Metropolitan Area Networks 1Mb/s to 100Mb/s and higher1Mb/s to 100Mb/s and higher 2 lower layers of 7 Layer OSI Reference Model2 lower layers of 7 Layer OSI Reference Model

IEEE 802.11 Working Group scope:IEEE 802.11 Working Group scope: Wireless connectivity for fixed, portable and moving stations Wireless connectivity for fixed, portable and moving stations

within a limited areawithin a limited area Appear to higher layers (LLC) the same as existing 802 Appear to higher layers (LLC) the same as existing 802

standardsstandards Transparent support of mobility (mobility across router Transparent support of mobility (mobility across router

ports is being address by a higher layer committee)ports is being address by a higher layer committee)

Overview, IEEE 802.11 Committee Committee formed in 1990Committee formed in 1990

Wide attendanceWide attendance Multiple Physical LayersMultiple Physical Layers

Frequency Hopping Spread SpectrumFrequency Hopping Spread Spectrum Direct Sequence Spread SpectrumDirect Sequence Spread Spectrum InfraredInfrared

2.4GHz Industrial, Scientific & Medical shared unlicensed band2.4GHz Industrial, Scientific & Medical shared unlicensed band 2.4 to 2.4835GHz with FCC transmitted power limits2.4 to 2.4835GHz with FCC transmitted power limits

2Mb/s & 1Mb/s data transfer2Mb/s & 1Mb/s data transfer 50 to 200 feet radius wireless coverage50 to 200 feet radius wireless coverage Draft 5.0 Letter Ballot passed and forwarded to Sponsor BallotDraft 5.0 Letter Ballot passed and forwarded to Sponsor Ballot

Published Standard anticipated 1997Published Standard anticipated 1997 Next 802.11 - November 11-14, Vancouver, BCNext 802.11 - November 11-14, Vancouver, BC

Chairman - Victor Hayes, [email protected] - Victor Hayes, [email protected]

Overview, 802.11 Architecture

STASTA

STA STA

STASTASTA STA

APAP

ESS

BSS

BSSBSS

BSS

Existing Wired LAN

Infrastructure Network

Ad Hoc Network

Ad Hoc Network

Overview, Wired vs. Wireless LANs 802.3 (Ethernet) uses CSMA/CD, Carrier Sense 802.3 (Ethernet) uses CSMA/CD, Carrier Sense

Multiple Access with 100% Collision Detect for Multiple Access with 100% Collision Detect for reliable data transferreliable data transfer

802.11 has CSMA/CA (Collision Avoidance)802.11 has CSMA/CA (Collision Avoidance) Large differences in signal strengthsLarge differences in signal strengths Collisions can only be inferred afterwardCollisions can only be inferred afterward

Transmitters fail to get a responseTransmitters fail to get a responseReceivers see corrupted data through a CRC errorReceivers see corrupted data through a CRC error

802.11 Media Access Control

Carrier Sense: Listen before talkingCarrier Sense: Listen before talking Handshaking to infer collisionsHandshaking to infer collisions

DATA-ACK packetsDATA-ACK packets Collision AvoidanceCollision Avoidance

RTS-CTS-DATA-ACK to request the mediumRTS-CTS-DATA-ACK to request the medium Duration information in each packetDuration information in each packet Random Backoff after collision is determinedRandom Backoff after collision is determined Net Allocation Vector (NAV) to reserve bandwidthNet Allocation Vector (NAV) to reserve bandwidth Hidden Nodes use CTS duration informationHidden Nodes use CTS duration information

802.11 Media Access Control, cont. FragmentationFragmentation

Bit Error Rate (BER) goes up with distance and decreases Bit Error Rate (BER) goes up with distance and decreases the probability of successfully transmitting long framesthe probability of successfully transmitting long frames

MSDUs given to MAC can be broken up into smaller MSDUs given to MAC can be broken up into smaller MPDUs given to PHY, each with a sequence number for MPDUs given to PHY, each with a sequence number for reassemblyreassembly

Can increase range by allowing operation at higher BERCan increase range by allowing operation at higher BER Lessens the impact of collisionsLessens the impact of collisions

• Trade overhead for overhead of RTS-CTSTrade overhead for overhead of RTS-CTS• Less impact from Hidden NodesLess impact from Hidden Nodes

802.11 Media Access Control, cont Beacons used convey network parameters such as Beacons used convey network parameters such as

hop sequencehop sequence Probe Requests and Responses used to join a Probe Requests and Responses used to join a

networknetwork Power Savings ModePower Savings Mode

Frames stored at Access Point or Stations for Frames stored at Access Point or Stations for sleeping Stationssleeping Stations

Traffic Indication Map (TIM) in Frames alerts Traffic Indication Map (TIM) in Frames alerts awaking Stationsawaking Stations

802.11 Protocol Stack

Logical Link Control

802.11Infrared

802.11FHSS

802.11DSSS

802.11aOFDM

802.11bHR-DSSS

802.11gOFDM

MACSub-layer

UpperLayers

DataLinkLayer

PhysicalLayer

Performance of IEEE802.11b

MAC Header30 Bytes

CRC4 Bytes

trt

MPDUsec5 contt

prt

DIFS BackoffPLCP

PreamblePLCP

HeaderMPDU SIFS

PLCP Preamble

Head

er Ack14 Bytes

sec10 prt ackt

Data


Successful transmission of a signal frame Successful transmission of a signal frame PLCP = physical layer convergence protocol PLCP = physical layer convergence protocol

preamblepreamble

prt Header transmission time (varies according to the bit rate used by the host

SIFS = 10 sec (Short Inter Frame Space) is the MAC acknowledgement transmission time (10 sec if the selected rate is 11Mb/sec, as the ACK length is 112 bits


DIFS = DIFS = sec5

trt = is the frame transmission time, when it transmits at 1Mb/s, the long PLCP header is used and

prt = sec192

If it uses 2, 5.5 or 11 Mb/s, then

prt = sec96 (Short PLCP header)


For bit rates greater than 1Mb/s and the frame size of For bit rates greater than 1Mb/s and the frame size of 1500 Bytes of data (MPDU of total 1534 Bytes), 1500 Bytes of data (MPDU of total 1534 Bytes), proportion p of the useful throughput measured above proportion p of the useful throughput measured above the MAC layer will be:the MAC layer will be:

70.01534

1500

T

TP tr

So, a signal host sending long frames over a 11Mb/s So, a signal host sending long frames over a 11Mb/s radio channel will have a maximum useful radio channel will have a maximum useful throughput of 7.74Mb/sthroughput of 7.74Mb/s


If we neglect propagation time, the overall transmission If we neglect propagation time, the overall transmission time is composed of the transmission time and a time is composed of the transmission time and a constant overheadconstant overhead

ovtr ttT

Where the constant overhead

ackprprov ttSIFStDIFSt


The overall frame transmission time experienced by a The overall frame transmission time experienced by a single host when competing with N – 1 other hosts has single host when competing with N – 1 other hosts has to be increased by time interval to be increased by time interval ttcontcont that accounts for that accounts for

the time spent in contention proceduresthe time spent in contention procedures


So the overall transmission timeSo the overall transmission time

22

)(1)(

)()(

minCW

N

NPSLOTNt

NtttNT

ccont

contovtr

Where )(NPc is the propagation of collision experienced for each packet successfully acknowledged at the MAC


Consider how the situation in which N hosts of different Consider how the situation in which N hosts of different bit rate compete for the radio channel. N-1 hosts use the bit rate compete for the radio channel. N-1 hosts use the high transmission rate R = 11Mb/s and one host transmits high transmission rate R = 11Mb/s and one host transmits at a degraded rate R = 5.5, 2, or 1Mb/sat a degraded rate R = 5.5, 2, or 1Mb/s

T

ST

R

ST d

trd

tr or

dSWhere is the data frame length in bits


The MAC layer ACK frame is also sent at the rate The MAC layer ACK frame is also sent at the rate that depends on the host speed, thus we denote by that depends on the host speed, thus we denote by

Rovt T

ovt

fT

contdR

ovf tR

StT

and the associated overhead time

Let be the overall transmission time for a “fast” host transmitting at rate R


Similarly, let Ts be the corresponding time for a Similarly, let Ts be the corresponding time for a “slow” host transmitting at rate T:“slow” host transmitting at rate T:

contdT

ovs tT

StT

fsjam TN

TN

t )2

1(2

NtNPTTN

TU

jamcsf

ss

)()1(

We can express the channel utilization of the slow host as

where


Study:Study:

The UDP traffic &The UDP traffic &

TCP traffic.TCP traffic.

Flows in IEEE 802.11 WLANsFlows in IEEE 802.11 WLANs

Frequency Hopping and Direct Sequence Spread Spectrum Techniques Spread Spectrum used to avoid interference from licensed and other non-Spread Spectrum used to avoid interference from licensed and other non-

licensed users, and from noise, e.g., microwave ovenslicensed users, and from noise, e.g., microwave ovens

Frequency Hopping (FHSS)Frequency Hopping (FHSS) Using one of 78 hop sequences, hop to a new 1MHz channel (out of Using one of 78 hop sequences, hop to a new 1MHz channel (out of

the total of 79 channels) at least every 400millisecondsthe total of 79 channels) at least every 400milliseconds Requires hop acquisition and synchronizationRequires hop acquisition and synchronization Hops away from interferenceHops away from interference

Direct Sequence (DSSS)Direct Sequence (DSSS) Using one of 11 overlapping channels, multiply the data by an 11-bit Using one of 11 overlapping channels, multiply the data by an 11-bit

number to spread the 1M-symbol/sec data over 11MHznumber to spread the 1M-symbol/sec data over 11MHz Requires RF linearity over 11MHzRequires RF linearity over 11MHz Spreading yields processing gain at receiverSpreading yields processing gain at receiver Less immune to interferenceLess immune to interference

802.11 Physical Layer Preamble Sync, 16-bit Start Frame Delimiter, PLCP Header including 16-bit Preamble Sync, 16-bit Start Frame Delimiter, PLCP Header including 16-bit

Header CRC, MPDU, 32-bit CRCHeader CRC, MPDU, 32-bit CRC

FHSSFHSS 2 & 4GFSK2 & 4GFSK Data Whitening for Bias SuppressionData Whitening for Bias Suppression

32/33 bit stuffing and block inversion32/33 bit stuffing and block inversion 7-bit LFSR scrambler7-bit LFSR scrambler

80-bit Preamble Sync pattern80-bit Preamble Sync pattern 32-bit Header32-bit Header

DSSSDSSS DBPSK & DQPSKDBPSK & DQPSK Data Scrambling using 8-bit LFSRData Scrambling using 8-bit LFSR 128-bit Preamble Sync pattern128-bit Preamble Sync pattern 48-bit Header48-bit Header

802.11 Physical Layer, cont. Antenna DiversityAntenna Diversity

Multipath fading a signal can inhibit receptionMultipath fading a signal can inhibit reception Multiple antennas can significantly minimizeMultiple antennas can significantly minimize Spacial Separation of OrthoganalitySpacial Separation of Orthoganality Choose Antenna during Preamble Sync patternChoose Antenna during Preamble Sync pattern

Presence of Preamble Sync patternPresence of Preamble Sync pattern Presence of energyPresence of energy

• RSSI - Received Signal Strength IndicationRSSI - Received Signal Strength Indication Combination of bothCombination of both

Clear Channel AssessmentClear Channel Assessment Require reliable indication that channel is in use to defer transmissionRequire reliable indication that channel is in use to defer transmission Use same mechanisms as for Antenna DiversityUse same mechanisms as for Antenna Diversity Use NAV informationUse NAV information

A Fragment Burst

Frag1

ACK

RTS Frag2 Frag3

CTS ACK ACK

NAV

NAV

A

B

C

D

Time

Fragment Burst

Security

Authentication: A function that determines Authentication: A function that determines whether a Station is allowed to participate in whether a Station is allowed to participate in network communicationnetwork communication Open System (null authentication) & Open System (null authentication) &

Shared KeyShared KeyWEP - Wired Equivalent PrivacyWEP - Wired Equivalent Privacy

• Encryption of dataEncryption of data

ESSID offers casual separation of trafficESSID offers casual separation of traffic

Performance, Theoretical Maximum Throughput Throughput numbers in Mbits/sec:Throughput numbers in Mbits/sec:

Assumes 100ms beacon interval, RTS, CTS used, no collisionAssumes 100ms beacon interval, RTS, CTS used, no collision Slide courtesy of Matt Fischer, AMDSlide courtesy of Matt Fischer, AMD

1 Mbit/sec 2 Mbit/sec

MSDU size(bytes)

DS FH (400mshop time)

DS FH (400mshop time)

128 0.364 0.364 0.517 0.474

512 0.694 0.679 1.163 1.088

512(frag size = 128)

0.503 0.512 0.781 0.759

2304 0.906 0.860 1.720 1.624

Background for broadband wireless technologies UWB – Ultra Wide Band UWB – Ultra Wide Band

High speed wireless personal area networkHigh speed wireless personal area network Wi-Fi – Wireless fidelity Wi-Fi – Wireless fidelity

Wireless technology for indoor environment (WLANS)Wireless technology for indoor environment (WLANS) broader range that WPANs broader range that WPANs

WiMAX – Worldwide Interoperability for Microwave Access WiMAX – Worldwide Interoperability for Microwave Access Wireless Metropolitan Area Networks (WMANs)Wireless Metropolitan Area Networks (WMANs) For outdoor coverage in LOS and NLOS environment For outdoor coverage in LOS and NLOS environment Fixed and Mobile standards Fixed and Mobile standards

3G – Third generation3G – Third generation Wireless Wide Area Networks (WMANs) are the broadest range wireless Wireless Wide Area Networks (WMANs) are the broadest range wireless

networks networks High speed data transmission and greater voice capacity for mobile usersHigh speed data transmission and greater voice capacity for mobile users

Bluetooth -Bluetooth -A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.310-317.

[1]

What is WiMax?

WiMAX is an IEEE802.16/ETSI HiperMAN WiMAX is an IEEE802.16/ETSI HiperMAN based certificate for equipments fulfilling the based certificate for equipments fulfilling the interoperability requirements set by WiMAX interoperability requirements set by WiMAX Forum.Forum.

WiMAX Forum comprises of industry leaders WiMAX Forum comprises of industry leaders who are committed to the open interoperability of who are committed to the open interoperability of all products used for broadband wireless access. all products used for broadband wireless access.

The technique or technology behind the standards The technique or technology behind the standards is often referred as WiMAXis often referred as WiMAX


[1]

What is WiMax?

Broadband is thus a Broadband Wireless Broadband is thus a Broadband Wireless Access (BWA) techniqueAccess (BWA) technique

WiMax offers fast broadband connections WiMax offers fast broadband connections over long distancesover long distances

The interpretability of different vendor’s The interpretability of different vendor’s product is the most important factor when product is the most important factor when comparing to the other techniques.comparing to the other techniques.

The IEEE 802.16 Standards

The IEEE 802.16 standards family The IEEE 802.16 standards family - broadband wireless wideband internet connection- broadband wireless wideband internet connection- wider coverage than any wired or wireless connection - wider coverage than any wired or wireless connection before before

Wireless system have the capacity to address broad Wireless system have the capacity to address broad geographic areas without the expensive wired geographic areas without the expensive wired infrastructureinfrastructure

For example, a study made in University of Oulu state that For example, a study made in University of Oulu state that WiMax is clearly more cost effective solution for WiMax is clearly more cost effective solution for providing broadband internet connection in Kainuu than providing broadband internet connection in Kainuu than xDSLxDSL

The IEEE 802.16 Standards

The IEEE 802.16 standards family The IEEE 802.16 standards family - broadband wireless wideband internet connection- broadband wireless wideband internet connection- wider coverage than any wired or wireless connection - wider coverage than any wired or wireless connection before before

Wireless system have the capacity to address broad Wireless system have the capacity to address broad geographic areas without the expensive wired geographic areas without the expensive wired infrastructureinfrastructure

For example, a study made in University of Oulu state that For example, a study made in University of Oulu state that WiMax is clearly more cost effective solution for WiMax is clearly more cost effective solution for providing broadband internet connection in Kainuu than providing broadband internet connection in Kainuu than xDSLxDSL

The IEEE 802.16 Standards 802.16, published in April 2002802.16, published in April 2002

- A set od air interfaces on a common MAC protocol - A set od air interfaces on a common MAC protocol - Addresses frequencies 10 to 66 GHz- Addresses frequencies 10 to 66 GHz- Single carrier (SC) and only LOS- Single carrier (SC) and only LOS

802.16a, published in January 2003802.16a, published in January 2003- A completed amendment that extends the physical layer to the 2 to 11 GHz - A completed amendment that extends the physical layer to the 2 to 11 GHz both licensed and lincensed-exempt frequencies both licensed and lincensed-exempt frequencies - SC, 256 point FFT OFDM and 2048 point FFT OFDMA- SC, 256 point FFT OFDM and 2048 point FFT OFDMA- LOS and NLOS- LOS and NLOS

802.16-2004, published in July 2004802.16-2004, published in July 2004- Revises and replaces 802.16, 802.16a and 802.16 REVd.- Revises and replaces 802.16, 802.16a and 802.16 REVd.- This announcements marks a significant milestone in the development of - This announcements marks a significant milestone in the development of future WiMax technology future WiMax technology - P802.16-2004/Corl published on 8.11.2005- P802.16-2004/Corl published on 8.11.2005

IEEE 802.16: Broadband Wireless MAN Standard (WiMAX) An 802.16 wireless service provides a communications path between a An 802.16 wireless service provides a communications path between a

subscriber site and a core network such as the public telephone subscriber site and a core network such as the public telephone network and the Internet. This wireless broadband access standard network and the Internet. This wireless broadband access standard provides the missing link for the "last mile" connection in provides the missing link for the "last mile" connection in metropolitan area networks where DSL, Cable and other broadband metropolitan area networks where DSL, Cable and other broadband access methods are not available or too expensive. access methods are not available or too expensive.

Comparison Overview of IEEE 802.16a

ParametersParameters 802.16a 802.16a (WiMax)(WiMax)

802.11 802.11 (WLAN) (WLAN)

802.15 802.15 (Bluetooth)(Bluetooth)

Frequency BandFrequency Band 2-11GHz2-11GHz 2.4GHz2.4GHz VariesVaries

RangeRange ~31miles~31miles ~100meters~100meters ~10meters~10meters

Data transfer rateData transfer rate 70 Mbps70 Mbps 11 Mbps – 55 11 Mbps – 55 MbpsMbps

20Kbps – 55 20Kbps – 55 MbpsMbps

Number of UsersNumber of Users ThousandsThousands DozensDozens DozensDozens

• IEEE 802.16 and WiMAX are designed as a complimentary technology to Wi-Fi and Bluetooth. The following table provides a quick comparison of 802.16a with to 802.11b

Protocol Structure -IEEE 802.16: Standard (WiMAX) IEEE 802.16 Protocol Architecture has 4 layers: Convergence, MAC, IEEE 802.16 Protocol Architecture has 4 layers: Convergence, MAC,

Transmission and physical, which can be map to two OSI lowest Transmission and physical, which can be map to two OSI lowest layers: physical and data linklayers: physical and data link

Internet Security

Prof. R. A. Carrasco

School of Electrical, Electronic and Computer EngineeringUniversity of Newcastle-upon-Tyne

Overview

Internet security is the practice of protecting and Internet security is the practice of protecting and preserving private resources and information on the preserving private resources and information on the Internet.Internet.

Computer and network security are challenging topics Computer and network security are challenging topics among executives and managers of computer corporations.among executives and managers of computer corporations.

Together, network security and a well-implemented Together, network security and a well-implemented security policy can provide a highly secure business security policy can provide a highly secure business solution.solution.

Introduction

Elements of Networking Security:Elements of Networking Security: Orange Book Security Levels & FirewallsOrange Book Security Levels & Firewalls PasswordsPasswords Encryption, Authentication & IntegrityEncryption, Authentication & Integrity

Developing a Site Security PolicyDeveloping a Site Security Policy Violation ResponseViolation Response Other Security ResourcesOther Security Resources ConclusionsConclusions

Elements of Networking Security: Orange Book Security Levels & Firewalls

Understand the need & outline a security policy relevant to any Understand the need & outline a security policy relevant to any company.company. Each business has a different threshold of well-being, Each business has a different threshold of well-being,

different:different: assets/culture/technology infrastructureassets/culture/technology infrastructure requirements for storing/sending/communicating requirements for storing/sending/communicating

informationinformation Many strong tools available to secure a computer network:Many strong tools available to secure a computer network:

Software applications, hardware productsSoftware applications, hardware products These alone do not comprise a security policy, but are These alone do not comprise a security policy, but are

essential elementsessential elements

Elements of Networking Security: Orange Book Security Levels & Firewalls

Protection tools evolved over last 2 decadesProtection tools evolved over last 2 decades Protect network at many levelsProtect network at many levels A well-guarded enterprise deploys many different security A well-guarded enterprise deploys many different security

measuresmeasures Elements of securityElements of security

Physical Security: controlling access to most sensitive Physical Security: controlling access to most sensitive components e.g network administration, access to server roomcomponents e.g network administration, access to server room

Operating System Security (OSS)Operating System Security (OSS)• Used in UNIXUsed in UNIX and Microsoft Windows NT and Microsoft Windows NT• C2 level: discretionary acces control file, C2 level: discretionary acces control file, control-file, control-file,

directory read and write permission, and auditing and directory read and write permission, and auditing and authentication controls. authentication controls.

Orange Book Security Levels

There are 7 levels of computer OSS in the There are 7 levels of computer OSS in the Trusted Computer Standards Evaluation Criteria Trusted Computer Standards Evaluation Criteria or Orange Book. or Orange Book.

Levels are used to evaluate protection for Levels are used to evaluate protection for hardware, software, and stored information.hardware, software, and stored information.

System is additive - higher ratings include the System is additive - higher ratings include the functionality of the levels below.functionality of the levels below.

definition centres around access control, definition centres around access control, authentication, auditing, and levels of trust authentication, auditing, and levels of trust

Orange Book Security Levels

D1: no security D1: no security C1: lowest level of securityC1: lowest level of security

File and directory read & write controls and authentication, root is File and directory read & write controls and authentication, root is insecure & auditing (system logging) is not availableinsecure & auditing (system logging) is not available

C2 features an auditing functionC2 features an auditing function records all security-related events & provides stronger protection on records all security-related events & provides stronger protection on

key system files, password file. key system files, password file. B-rated: multilevel security, such as secret, top secret, and mandatory B-rated: multilevel security, such as secret, top secret, and mandatory

access controlaccess control B2:every object & file is labelled, labels change dynamically B2:every object & file is labelled, labels change dynamically

depending on what is being used. depending on what is being used. B3: includes system hardware, terminals connect using trusted paths B3: includes system hardware, terminals connect using trusted paths

& specialised system hardware & specialised system hardware A1: highest level of security A1: highest level of security

Mathematically design verifiedMathematically design verified large amounts of processing power & disk space.large amounts of processing power & disk space.

Firewalls

In theory firewalls allow authorised communications between internal & external In theory firewalls allow authorised communications between internal & external networksnetworks

Properly implemented, are very effective at keeping out unauthorised users & Properly implemented, are very effective at keeping out unauthorised users & stopping unwanted activities on an internal network.stopping unwanted activities on an internal network.

Protect and facilitate network at a number of levelsProtect and facilitate network at a number of levels allow e-mail, file transfer protocol (FTP) & remote login as desired, whilst limiting allow e-mail, file transfer protocol (FTP) & remote login as desired, whilst limiting

access to the internal network. access to the internal network. Provide authorisation mechanismProvide authorisation mechanism

assures only specified users or applications can gain accessassures only specified users or applications can gain access address translation: masks name & address of a machineaddress translation: masks name & address of a machine

e.g. messages for anyone in technical support department have their address e.g. messages for anyone in technical support department have their address translated to translated to [email protected]@company.com..

encryption and virtual private network (VPN) capabilities. encryption and virtual private network (VPN) capabilities. Deployed in a network to segregate different servers & networksDeployed in a network to segregate different servers & networks

controlling access within the networkcontrolling access within the network e.g. separating the accounting and payroll server from the rest of the network to e.g. separating the accounting and payroll server from the rest of the network to

allow certain individuals to access the information. allow certain individuals to access the information. Performance degradation: as a system is busy checking/rerouting data packets, latency is Performance degradation: as a system is busy checking/rerouting data packets, latency is

increased.increased.

Elements of Networking Security:Passwords

Password MechanismsPassword Mechanisms identify and authenticate users as they access a computer systemidentify and authenticate users as they access a computer system A password can be compromised:A password can be compromised:

Eavesdroppers can listen for a username password & gain access over a Eavesdroppers can listen for a username password & gain access over a public networkpublic network

A potential intruder can attack the access gateway, entering an entire A potential intruder can attack the access gateway, entering an entire dictionary of words (or license plates or any other list) against a password dictionary of words (or license plates or any other list) against a password field.field.

Users may loan their password to a co-worker or inadvertently leave out a Users may loan their password to a co-worker or inadvertently leave out a list of system passwordslist of system passwords

Password technologies & tools to make a network more secure.Password technologies & tools to make a network more secure. Useful in ad hoc remote access situations,Useful in ad hoc remote access situations, one-time password generation assumes that a password will be compromised.one-time password generation assumes that a password will be compromised. Before leaving the internal network, a list of passwords that will work only one Before leaving the internal network, a list of passwords that will work only one

time against a given username is generated.time against a given username is generated. When logging into the system remotely, a password is used once and then will When logging into the system remotely, a password is used once and then will

no longer be valid. no longer be valid.

Elements of Networking Security:Passwords Password Aging & Policy EnforcementPassword Aging & Policy Enforcement

users required to create new passwords every so oftenusers required to create new passwords every so often passwords must be a minimum number of characters and a passwords must be a minimum number of characters and a

mix of letters & numbersmix of letters & numbers Smart cards provide extremely secure password protectionSmart cards provide extremely secure password protection

Unique passwords, based on a challenge-response Unique passwords, based on a challenge-response scheme, are created on a small credit-card devicescheme, are created on a small credit-card device

The password is then entered as part of the log-on process The password is then entered as part of the log-on process and validated against a password server, which logs all access and validated against a password server, which logs all access to the systemto the system

Expensive to implement. Expensive to implement.

Elements of Networking Security:Passwords

Single sign-on overcomes the ultimate irony in system security:Single sign-on overcomes the ultimate irony in system security: as a user gains more passwords, these become less secure, not as a user gains more passwords, these become less secure, not

more, and the system opens itself up for unauthorised access.more, and the system opens itself up for unauthorised access. Many company computer networks require users to have different Many company computer networks require users to have different

passwords to access different parts of the systempasswords to access different parts of the system As users acquire more passwords (some have more than 50) they As users acquire more passwords (some have more than 50) they

cannot help but write them down or create easy-to-remember cannot help but write them down or create easy-to-remember passwords. passwords.

A single sign-on system is a centralised access control list which A single sign-on system is a centralised access control list which determines who is authorised to access different areas of the computer determines who is authorised to access different areas of the computer network & a mechanism for providing the expected passwordnetwork & a mechanism for providing the expected password

A user need only remember a single password to sign onto the system. A user need only remember a single password to sign onto the system.

Elements of Networking Security:Good password procedures Do notDo not use your login name in any form (as is, reversed, capitalised, doubled, use your login name in any form (as is, reversed, capitalised, doubled,

etc.). etc.). Do notDo not use your first, middle, or last name in any form or use your spouse’s or use your first, middle, or last name in any form or use your spouse’s or

children’s names. children’s names. Do notDo not use other information easily obtained about you. This includes license use other information easily obtained about you. This includes license

plate numbers, telephone numbers, social security numbers, the make of your plate numbers, telephone numbers, social security numbers, the make of your automobile, the name of the street you live on, etc. automobile, the name of the street you live on, etc.

Do notDo not use a password of all digits or all the same letter. use a password of all digits or all the same letter. Do notDo not use a word contained in English or foreign language dictionaries, use a word contained in English or foreign language dictionaries,

spelling lists, or other lists of words. spelling lists, or other lists of words. Do notDo not use a password shorter than six characters. use a password shorter than six characters. Do useDo use a password with mixed-case alphabetics. a password with mixed-case alphabetics. Do useDo use a password with non-alphabetic characters (digits or punctuation). a password with non-alphabetic characters (digits or punctuation). Do useDo use a password that is easy to remember, so you don’t have to write it down. a password that is easy to remember, so you don’t have to write it down.

Elements of Networking Security:Encryption, Authentication & Integrity

the coding of data through an algorithm or transform table into the coding of data through an algorithm or transform table into

apparently unintelligible garbage apparently unintelligible garbage used on both data stored on a server or as data is communicated through used on both data stored on a server or as data is communicated through

a network a network a method of ensuring privacy of data and that only intended users may a method of ensuring privacy of data and that only intended users may

view the information view the information Many forms:Many forms:

The digital encryption standard (DES) has been endorsed by the National The digital encryption standard (DES) has been endorsed by the National Institute of Standards and Technology (NIST) since 1975 and is the most Institute of Standards and Technology (NIST) since 1975 and is the most readily available encryption standard. One major drawback with DES is readily available encryption standard. One major drawback with DES is that it is subject to U. S. export control; programs that deploy DES that it is subject to U. S. export control; programs that deploy DES technology are generally not available for export from the United States.technology are generally not available for export from the United States.


Rivest, Shamir, and Adleman (RSA) encryption is a public-key encryption Rivest, Shamir, and Adleman (RSA) encryption is a public-key encryption system, is patented technology in the United States, and thus is not system, is patented technology in the United States, and thus is not available without a license.available without a license.

the DES algorithm was published before the patent filing, and RSA the DES algorithm was published before the patent filing, and RSA encryption may be used in Europe and Asia without a royalty.encryption may be used in Europe and Asia without a royalty.

growing in popularitygrowing in popularity considered quite secure from brute force attacks. considered quite secure from brute force attacks.

Emerging encryption mechanism is pretty good privacy (PGP)Emerging encryption mechanism is pretty good privacy (PGP) allows users to encrypt information stored on their system as well as allows users to encrypt information stored on their system as well as

to send and receive encrypted e-mailto send and receive encrypted e-mail provides tools and utilities for creating, certifying, and managing keysprovides tools and utilities for creating, certifying, and managing keys PGP should not be confused with privacy enhanced mail (PEM), a PGP should not be confused with privacy enhanced mail (PEM), a

protocol standard. protocol standard.

Elements of Networking Security:Encryption, Authentication & Integrity Encryption mechanisms rely on keys or passwordsEncryption mechanisms rely on keys or passwords The longer the password, the more difficult the encryption is to breakThe longer the password, the more difficult the encryption is to break DES relies on a 56-bit key length, and some mechanisms have keys that are DES relies on a 56-bit key length, and some mechanisms have keys that are

hundreds of bits longhundreds of bits long There are two kinds of encryption mechanisms used - private key and public There are two kinds of encryption mechanisms used - private key and public

keykey Private-key: the same key is used to encode and decode the dataPrivate-key: the same key is used to encode and decode the data Public-key: one key is used to encode the data and another to decode itPublic-key: one key is used to encode the data and another to decode it

Named after a unique property of this type of encryption mechanism: Named after a unique property of this type of encryption mechanism: one of the keys can be public without compromising the privacy of the one of the keys can be public without compromising the privacy of the message or the other key. message or the other key.

A trusted recipient, or a remote office network gateway, keeps a A trusted recipient, or a remote office network gateway, keeps a private key to decode data as it comes from the main officeprivate key to decode data as it comes from the main office

VPNs employ encryption to provide secure transmissions over public networks VPNs employ encryption to provide secure transmissions over public networks such as the Internet. such as the Internet.


Authentication is making sure users are who they say they areAuthentication is making sure users are who they say they are Integrity is knowing that the data sent has not been altered along the wayIntegrity is knowing that the data sent has not been altered along the way

Of course, a message modified in any way would be highly suspect and Of course, a message modified in any way would be highly suspect and should be completely discounted.should be completely discounted.

Digital signatures used to maintain message integrity Digital signatures used to maintain message integrity performs both an authentication and message integrity functionperforms both an authentication and message integrity function

a block of data at the end of a message that verifies to the authenticity of the a block of data at the end of a message that verifies to the authenticity of the file.file.

If any change is made to the file, the signature will not verifyIf any change is made to the file, the signature will not verify Available in PGP and when using RSA encryption.Available in PGP and when using RSA encryption. Kerberos: an add-on system used with any existing network.Kerberos: an add-on system used with any existing network. validates a user through its authentication system and uses DES when validates a user through its authentication system and uses DES when

communicating sensitive informationcommunicating sensitive information

Developing a Site Security Policy Rule 1: Rule 1: that which is not expressly permitted is prohibitedthat which is not expressly permitted is prohibited A security policy should deny access to all network resources and then A security policy should deny access to all network resources and then

add back access on a specific basisadd back access on a specific basis Goal: define the organisation's expectations for proper computer & Goal: define the organisation's expectations for proper computer &

network use & to define procedures to prevent and respond to security network use & to define procedures to prevent and respond to security incidentsincidents

Specific aspects of the organisation must be considered & agreed upon Specific aspects of the organisation must be considered & agreed upon by the policy-making groupby the policy-making group A military base may have very different security concerns from A military base may have very different security concerns from

those of a universitythose of a university Even departments within the same organisation will have different Even departments within the same organisation will have different

requirementsrequirements

Developing a Site Security Policy Who will make the network site security policy???Who will make the network site security policy???

joint effort by a representative group of decision-makers, technical personnel, joint effort by a representative group of decision-makers, technical personnel, and day-to-day users from different levels within the organization.and day-to-day users from different levels within the organization.

Decision-makers: power to enforce the policyDecision-makers: power to enforce the policy Technical personnel: advise on the ramifications of the policyTechnical personnel: advise on the ramifications of the policy Day-to-day users: have a say in how usable the policy is.Day-to-day users: have a say in how usable the policy is.

A site security policy that is unusable, un-implementable, or unenforceable is A site security policy that is unusable, un-implementable, or unenforceable is worthless. worthless.

Developing a security policy comprisesDeveloping a security policy comprises identifying the organisational assetsidentifying the organisational assets identifying the threatsidentifying the threats assessing the riskassessing the risk implementing the tools and technologies available to meet the risksimplementing the tools and technologies available to meet the risks developing a usage policy.developing a usage policy.

Auditing procedure: reviews network and server usageAuditing procedure: reviews network and server usage Policy should be communicated to everyone who uses the computer network.Policy should be communicated to everyone who uses the computer network.

Developing a Site Security Policy:Identifying organisational assets

Create a list of things to be protected, which is Create a list of things to be protected, which is easily & regularly easily & regularly updatedupdated:: HardwareHardware - CPUs, boards, keyboards, terminals, workstations, - CPUs, boards, keyboards, terminals, workstations,

personal computers, printers, disk drives, communication lines, personal computers, printers, disk drives, communication lines, terminal servers, routers terminal servers, routers

SoftwareSoftware - source programs, object programs, utilities, diagnostic - source programs, object programs, utilities, diagnostic programs, operating systems, communication programs programs, operating systems, communication programs

DataData - during execution, stored on-line, archived off-line, - during execution, stored on-line, archived off-line, backups, audit logs, databases, in transit over communication backups, audit logs, databases, in transit over communication media media

DocumentationDocumentation - on programs, hardware, systems, and local - on programs, hardware, systems, and local administrative proceduresadministrative procedures

Developing a Site Security Policy:Assessing the risk The loss from people within the organisation is significantly greater than that The loss from people within the organisation is significantly greater than that

from intruders.from intruders. Risk analysis: what must be protected, from what it must be protected, and how to Risk analysis: what must be protected, from what it must be protected, and how to

protect it. Possible risks to a network include the following: protect it. Possible risks to a network include the following: unauthorised access unauthorised access unavailable service, corruption of data, or a slowdown due to a virus unavailable service, corruption of data, or a slowdown due to a virus disclosure of sensitive information, especially that which gives someone else a disclosure of sensitive information, especially that which gives someone else a

particular advantage, or theft of information such as credit card informationparticular advantage, or theft of information such as credit card information Weight the risk against the importance of the resourceWeight the risk against the importance of the resource

allows site policy makers to determine how much effort should be spent allows site policy makers to determine how much effort should be spent protecting the resource.protecting the resource.

Security analysis tool for auditing networks (SATAN): a tool that hackers use in Security analysis tool for auditing networks (SATAN): a tool that hackers use in order to find system weaknesses.order to find system weaknesses. Discover weaknesses before the fact, protective action implemented to fend Discover weaknesses before the fact, protective action implemented to fend

off certain attacks.off certain attacks.

Developing a Site Security Policy:Auditing & review To determine if there is a violation of a security policy:To determine if there is a violation of a security policy:

use tools that are included in computers and networksuse tools that are included in computers and networks Most operating systems store numerous bits of information in log files:Most operating systems store numerous bits of information in log files:

Examine log files on a regular basisExamine log files on a regular basis Compare lists of currently logged in users and historiesCompare lists of currently logged in users and histories

Users typically log in & out at the same time each day. An account logged in Users typically log in & out at the same time each day. An account logged in outside the normal time may be being used by an intruder. outside the normal time may be being used by an intruder.

Accounting records can be used to determine usage patternsAccounting records can be used to determine usage patterns unusual accounting records unusual accounting records UNIX "syslog" utility: checked for unusual error messages from system softwareUNIX "syslog" utility: checked for unusual error messages from system software A large number of failed login attempts in a short period of time may indicate A large number of failed login attempts in a short period of time may indicate

someone trying to guess passwords.someone trying to guess passwords. Operating system commands that list currently executing processes can be used Operating system commands that list currently executing processes can be used

to detect users running programs they are not authorised to use, as well as to to detect users running programs they are not authorised to use, as well as to detect unauthorized programs that have been started by an intruder. detect unauthorized programs that have been started by an intruder.

Violation Response Planning responses for different violation scenarios Planning responses for different violation scenarios Define actions based on the type of violation and have solutions ready based on Define actions based on the type of violation and have solutions ready based on

the anticipated kind of user violating the computer security policy. the anticipated kind of user violating the computer security policy. Answers to the following questions should be a part of a company's site security Answers to the following questions should be a part of a company's site security

plan: plan: What outside agencies should be contacted, by whom? What outside agencies should be contacted, by whom? Who may talk to the press? Who may talk to the press? When to contact law enforcement and investigative agencies? When to contact law enforcement and investigative agencies? If a connection is made from a remote site, is the system manager authorised If a connection is made from a remote site, is the system manager authorised

to contact that site?to contact that site? What are our responsibilities to our neighbours and other Internet sites? What are our responsibilities to our neighbours and other Internet sites?

Whenever a site suffers an incident that may compromise computer security, Whenever a site suffers an incident that may compromise computer security, the strategies for reacting may be influenced by two opposing pressures. the strategies for reacting may be influenced by two opposing pressures.

Violation Response There are two different strategies: Protect & Proceed or Pursue & There are two different strategies: Protect & Proceed or Pursue &

Prosecute.Prosecute. Protect & Proceed – used if a site is vulnerableProtect & Proceed – used if a site is vulnerable

Protects & preserves site facilitiesProtects & preserves site facilities Provide normality to users as quickly as possibleProvide normality to users as quickly as possible Attempt to interfere with intruder’s processes, prevent further Attempt to interfere with intruder’s processes, prevent further

access & begin immediate damage assessment & recovery.access & begin immediate damage assessment & recovery. Shuts down facilities, closes off access to network.Shuts down facilities, closes off access to network. Unless intruders are identified, they can revisit the site via a Unless intruders are identified, they can revisit the site via a

different path.different path. Pursue & Prosecute - opposite philosophyPursue & Prosecute - opposite philosophy

Violation Response:Protect & proceed

if assets are not well protected if assets are not well protected

if continued penetration could result in great financial risk if continued penetration could result in great financial risk

if there is no possibility or willingness to prosecute if there is no possibility or willingness to prosecute

if user base is unknown if user base is unknown

if users are unsophisticated and their work is vulnerable if users are unsophisticated and their work is vulnerable

if the site is vulnerable to lawsuits from users, e.g., if their resources if the site is vulnerable to lawsuits from users, e.g., if their resources

are undermined are undermined

Violation Response: Pursue & prosecute if assets and systems are well protected if assets and systems are well protected if good backups are available if good backups are available if the risk to the assets is outweighed by the disruption caused by if the risk to the assets is outweighed by the disruption caused by

the present and potential future penetrations the present and potential future penetrations if this is a concentrated attack occurring with great frequency and if this is a concentrated attack occurring with great frequency and

intensity intensity if the site has a natural attraction to intruders and consequently if the site has a natural attraction to intruders and consequently

regularly attracts intruders regularly attracts intruders if the site is willing to incur the financial (or other) risk to assets by if the site is willing to incur the financial (or other) risk to assets by

allowing the perpetrator to continue allowing the perpetrator to continue if intruder access can be controlled if intruder access can be controlled if the monitoring tools are sufficiently well developed to make the if the monitoring tools are sufficiently well developed to make the

pursuit worthwhile pursuit worthwhile

Violation Response: Pursue & prosecute if the support staff is sufficiently clever and knowledgeable about the if the support staff is sufficiently clever and knowledgeable about the

operating system, related utilities, and systems to make the pursuit operating system, related utilities, and systems to make the pursuit worthwhile worthwhile

if management is willing to prosecute if management is willing to prosecute if the system administrators know what kind of evidence would lead to if the system administrators know what kind of evidence would lead to

prosecution prosecution if there is established contact with knowledgeable law enforcement if there is established contact with knowledgeable law enforcement if there is a site representative versed in the relevant legal issues if there is a site representative versed in the relevant legal issues if the site is prepared for possible legal action from its own users if if the site is prepared for possible legal action from its own users if

their data or systems become compromised during the pursuittheir data or systems become compromised during the pursuit

Violation Response:Capturing lessons learned Once you believe that a system has been restored to a safe Once you believe that a system has been restored to a safe

state:state: possibility that holes and even traps could be lurkingpossibility that holes and even traps could be lurking system should be monitored for items that may have been system should be monitored for items that may have been

missed during the clean-up stage. missed during the clean-up stage. It would be prudent to utilise some of the tools previously It would be prudent to utilise some of the tools previously

mentionedmentioned These tools do not replace continual system monitoring and These tools do not replace continual system monitoring and

good systems administration proceduresgood systems administration procedures A security log can be most valuable during this phase of A security log can be most valuable during this phase of

removing vulnerabilities.removing vulnerabilities.

Violation Response:Capturing lessons learned There are two considerations here, keep logs of:There are two considerations here, keep logs of:

Procedures that have been used to make the system secure Procedures that have been used to make the system secure again. This should include command procedures (e.g., again. This should include command procedures (e.g., shell scripts) that can be run on a periodic basis to recheck shell scripts) that can be run on a periodic basis to recheck the security.the security.

Important system events. These can be referenced when Important system events. These can be referenced when trying to determine the extent of the damage of a given trying to determine the extent of the damage of a given incident. incident.

Write a report after an incidentWrite a report after an incident describing the incidentdescribing the incident method of discoverymethod of discovery correction procedurecorrection procedure monitoring proceduremonitoring procedure a summary of lessons learneda summary of lessons learned

Other Security Resources BooksBooks

Chapman, D. Brent and Elizabeth D. Zwicky. Chapman, D. Brent and Elizabeth D. Zwicky. Building Internet FirewallsBuilding Internet Firewalls. . O'Reilly and Associates, Inc., 1995.O'Reilly and Associates, Inc., 1995.

Garfinkel, Simson. Garfinkel, Simson. PGP—Pretty Good PrivacyPGP—Pretty Good Privacy. O'Reilly and Associates, . O'Reilly and Associates, Inc., 1995.Inc., 1995.

Garfinkel, Simson and Gene Spafford. Garfinkel, Simson and Gene Spafford. Practical UNIX SecurityPractical UNIX Security. O'Reilly . O'Reilly and Associates, Inc., 1991.and Associates, Inc., 1991.

Siyan, Karanjit and Chris Hare. Siyan, Karanjit and Chris Hare. Internet Firewalls and Network SecurityInternet Firewalls and Network Security. . New Riders Publishing, 1995.New Riders Publishing, 1995.

Vacca, John. Vacca, John. Internet Security SecretsInternet Security Secrets. IDG Books, 1996. . IDG Books, 1996. Security newsgroups & mailing lists Security newsgroups & mailing lists available on the USENET news system: available on the USENET news system:

comp.security.announcecomp.security.announce comp.security.misccomp.security.misc comp.security.unixcomp.security.unixalt.securityalt.securitymisc.securitymisc.security

Other Security Resources The Bugtraq list discusses security holes & software bugsThe Bugtraq list discusses security holes & software bugs

To subscribe, send e-mail to To subscribe, send e-mail to [email protected]@crimelab.com. In the body of . In the body of the message include the following line: subscribe bugtraq-list firstname the message include the following line: subscribe bugtraq-list firstname lastname. lastname.

Computer Emergency Response Team (CERT) is an organisation that helps Computer Emergency Response Team (CERT) is an organisation that helps Internet users identify and rectify damage done to their system by hackers and Internet users identify and rectify damage done to their system by hackers and crackers.crackers. To subscribe to the CERT advisory mailing list, send e-mail to cert-To subscribe to the CERT advisory mailing list, send e-mail to cert-

[email protected] and put the following in the body of the message: [email protected] and put the following in the body of the message: subscribe cert firstname lastname.subscribe cert firstname lastname.

CERT also maintains a CERT–TOOLS list for the purpose of exchanging CERT also maintains a CERT–TOOLS list for the purpose of exchanging information on tools and techniques that increase the secure operation of information on tools and techniques that increase the secure operation of Internet systems.Internet systems. To subscribe, send e-mail to To subscribe, send e-mail to [email protected]@cert.sei.cmu.edu and put the and put the

following in the body of the message: subscribe cert-tools firstname following in the body of the message: subscribe cert-tools firstname lastname.lastname.

Glossary CERT: computer emergency response teamCERT: computer emergency response team CPU: central processing unitCPU: central processing unit DES: digital encryption standardDES: digital encryption standard DOD: U.S. Department of DefenceDOD: U.S. Department of Defence FTP: file transfer protocolFTP: file transfer protocol NIST: National Institute of Standards and TechnologyNIST: National Institute of Standards and Technology OSS: operating system securityOSS: operating system security PEM: privacy enhanced mailPEM: privacy enhanced mail PGP: pretty good privacyPGP: pretty good privacy RFC: request for commentRFC: request for comment SATAN: security analysis tool for auditing networksSATAN: security analysis tool for auditing networks VPN: virtual private networkVPN: virtual private network

MSc WLAN, IP/TCP and COMM NETWORK Topics By Prof R A Carrasco School of Electrical,Electronic and Computer Engineering University of Newcastle Upon Tyne.

Documents

network of networks

computer networks

ip slide

systems internet

regional networks

network layer protocol

internet applications

data communications