Introduction to Networks
advertisement
Introduction to Networks Khaled Harras School of Computer Science Carnegie Mellon University 15-349 Computer and Network Security Fall 2012 Some material borrowed from Hui Zhang and Adrian Perrig 1 Early Internet In the beginning there were two hosts connected to the Internet Trustworthy environment, everyone knew everyone else Network protocols were designed for such a trustworthy environment Internet 2 Current Internet But then, Internet continued to double in size … for several years … Today, about 1 Billion hosts connected to Internet 3 What Is In a Network? End system Switch (router) » Access switch » Core switch Access line: linking switch and end systems Trunk line » Between switches » Multiple connections simultaneously – Multiplexing/demultiplexing 4 How are Networks “different”? Distributed system: Avoids single point of failure, is fault tolerant Network Environment » » » » » Anonymity (Who’s behind the machine?) Automation (Are humans needed?) Distance (So where is google exactly?) Opaqueness (Am I talking to the same entity?) Routing Diversity (How many routes are there to google?) Network Topology » The way in which networks are configured » Boundary, Ownership, Control » LANs, WANs, internets (not “I”nternet) 5 What is a Protocol ? Friendly greeting An agreement between parties on how communication should take place. Protocols may have to define many aspects of the communication. Syntax: » Data encoding, language, etc. Muttered reply Destination? Semantics: » Error handling, termination, ordering of requests, etc. Pittsburgh Thank you 6 Interfaces Each protocol offers an interface to its users, and expects one from the layers on which it builds » Syntax and semantics strike again – Data formats – Interface characteristics, e.g. IP service model Protocols build upon each other » Add value – E.g., a reliable protocol running on top of IP » Reuse – E.g., OS provides TCP, so apps don’t have to rewrite 7 Why do networking people love layers? 8 The Idea of Layering Each layer relies on services from layer below and exports services to layer above Interface defines interaction Hides implementation - layers can change without disturbing other layers (black box) 9 A Fine Grain Layering Model The Open Systems Interconnection (OSI) Model. 7 Application Application Application Application 6 Presentation Presentation Presentation Presentation 5 Session Session Session Session 4 Transport Transport Transport Transport 3 Network Network Network Network Network Network 2 Data Datalink link Data Datalink link Data Datalink link 1 Physical Physical Physical Physical Physical Physical 10 OSI Functions (1) Physical: transmission of a bit stream. (2) Data link: flow control, framing, error detection. (3) Network: switching and routing. (4) Transport: reliable end to end delivery. (5) Session: managing logical connections. (6) Presentation: data transformations. (7) Application: specific uses, e.g. mail, file transfer, telnet, network management. Multiplexing takes place in multiple layers 11 Simpler Layering User A User B Application Transport Network Link Host Host Layering: technique to simplify complex systems 12 Layer Encapsulation User A User B Get index.html Connection ID Source/Destination Link Address 13 Layers and Locations Application Presentation Session Transport Network Data Link Physical Host Switch Router Host 14 Power of Layering Solution: Intermediate layer that provides a single abstraction for various network technologies » O(1) work to add app/media » variation on “add another level of indirection” Application SMTP SSH NFS HTTP Intermediate layer Transmission Media Coaxial cable Fiber optic 802.11 LAN 15 TCP/IP Protocol Suite The complete TCP/IP protocol suite contains many protocols. Not even the following graph is a complete list. User Process User Process User Process TCP User Process UDP Application Layer Transport Layer ICMP IP IGMP Network Layer ARP Hardware Interface RARP Link Layer Media 16 Encapsulation As data is moving down the protocol stack, each protocol is adding layer-specific control information. User data Application Application Header User data TCP TCP Header IP Application data TCP segment IP Header Ethernet Driver TCP Header Application data IP datagram Ethernet Header IP Header TCP Header Application data Ethernet frame Ethernet Trailer 17 Protocol Demultiplexing Multiple choices at each layer FTP HTTP NV TCP IPX NET1 TFTP UDP Network IP Type Field Protocol Field TCP/UDP IP NET2 … NETn Port Number 18 Internet Protocol Architecture FTP program FTP protocol FTP program TCP TCP protocol TCP IP Ethernet Driver IP protocol Ethernet protocol Ethernet Driver IP IP protocol ATM Driver ATM protocol IP ATM Driver 19 Internet Protocol Architecture MPEG Servier program UDP IP Ethernet Driver MPEG Player program RTP protocol UDP protocol IP protocol Ethernet protocol Ethernet Driver IP UDP IP protocol ATM Driver ATM protocol IP ATM Driver 20 What are “some” Internet Challenges? Which layer is responsible for addressing this challenge? 21 Domain Name System What’s the IP address for www.cmu.edu? It is 128.2.11.43 Computer 1 Local DNS Server DNS server IP address configured in OS 22 Naming Humans use readable host names » E.g. www.cmu.edu » Globally unique (can correspond to multiple hosts) Naming system translates to physical address » E.g. DNS translates name to IP Address (e.g. 128.2.11.43) » Address reflects location in network 23 Application Layer » Service: Handles details of application programs. » Functions: » Depends on what you want to do??? Application telnet, ftp, email Layer www, AFS Transport Layer Network Layer TCP, UDP IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 Layer 24 What if the Data gets Lost? Problem: Lost Data GET index.html Internet Solution: Timeout and Retransmit GET index.html Internet GET index.html GET index.html 25 What if the Data is Out of Order? Problem: Out of Order ml inde x.ht GET GET x.htindeml Solution: Add Sequence Numbers ml 4 inde 2 x.ht 3 GET 1 GET index.html 26 What if the Data gets Corrupted? Problem: Data Corruption GET index.html Internet GET windex.html Solution: Add a checksum 0,9 9 6,7,8 21 X 4,5 7 1,2,3 6 27 Transport Layer Service: Controls end-to-end delivery of data between hosts. Functions: Connection Establishment, Termination, Error control, flow control, Congestion control, reordering. Application Layer telnet, ftp, email www, AFS Transport Layer TCP, UDP Network Layer IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 Layer 28 How do I reach x.y.z.k? Routing is crucial Forwarding tables at each router populated by routing protocols Original Internet: manually updated Routing protocols update tables based on “cost” » Exchange tables with neighbors or everyone » Use neighbor leading to shortest path What happens if a router is overwhelmed? 29 Network Layers » Service: Moves packets inside the network. » Functions: Routing, addressing, switching, congestion control. Application telnet, ftp, email Layer www, AFS Transport TCP, UDP Layer Network Layer IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi PoS, T1 Layer 30 What if the Data Doesn’t Fit? Problem: Packet size On Ethernet, max IP packet is 1.5kbytes Typical web page is 10kbytes Solution: Fragment data across packets ml x.ht inde GET GET index.html 31 Data Link Layer » Service: Transfer of frames over a link. » Functions: Synchronization, error control, flow control Medium Access Control (MAC) Application telnet, ftp, email Layer www, AFS Transport Layer TCP, UDP Network Layer IP, ICMP, OSPF RIP, BGP (Data) Link Ethernet, WiFi Layer PoS, T1 32 Degradation of Internet Security Internet has become communication infrastructure for government, economy, society, even for safety-critical uses Unfortunately, trust assumptions of the early Internet do not scale to billions of users Indeed, hackers, criminals, terrorists, military all use the Internet for their activities All this, and so much more, was designed without considering security issues What do we do now????????? 33
