TCP/IP Lecture 2 cs193i – Internet Technologies Summer 2004
advertisement
TCP/IP Lecture 2 cs193i – Internet Technologies Summer 2004 Stanford University Announcements Lab #1 due Wednesday HW #1 assigned Extra perl session tomorrow Tuesday, June 29, 2:15-3:05pm, Skilling 193 Broadcast live on E2, Stanford Online Silas’ Thursday office hours moved to Wednesday this week Sweet Hall, 6:30-8:30pm Communicating with Anyone How’s the weather in Seattle, Mar? kashaw@cs.stanford.edu Ethernet Network Tokenring MSN Messenger mar@cs.washington.edu What is FDDI? Fiber Data Distributed Interface (FDDI) is a fiber-optic networking technology utilizing a ring topology to provide local area network connectivity at up to 200 Mbps. FEATURES Fiber Optic Connections Single or Dual Ring Topology Token passing for media access control 100 Mbps or 200 Mbps 4,352 byte frame size Ring sizes in miles Dual Ring Counter rotating What is FDDI Functions? FUNCTION Media Access Control (MAC) Physical Layer (PHY) Physical Layer, Medium Dependant (PMD) Station Management (SMT) Concepts of FDDI Operation FDDI utilizes fiber optic technology as the communications media. FDDI transmits light through glass or clear plastic strands that are thinner than a human hair. These strands carry signals from place to place and are connected to laser-light emitters. The strands are lit and unlit to provide data communication. This makes FDDI very expensive however, and so you rarely see it in a computer LAN. You will more often see it in a cross campus network, but even this too is fading with the advent of gigabit fiber-optic ethernet (gig-e) Local Area Network (LAN) High speed, data network over small region Network technologies: Few thousand meters Ethernet FDDI Token ring LAN 1 Ethernet Tokenring Data link layer Packets routed based on physical address (MAC) LAN 2 Local Area Network (LAN) High speed, data network over small region Network technologies: Few thousand meters Ethernet FDDI Token ring LAN 1 Ethernet ? Tokenring Data link layer Packets routed based on physical address (MAC) LAN 2 What is Data Link Layer DLL? Data Link Layer Sublayers: Logical Link Control (LLC) and Media Access Control (MAC) What is Data Link Layer Functions? Logical Link Control (LLC): Logical link control refers to the functions required for the establishment and control of logical links between local devices on a network. Media Access Control (MAC): This refers to the procedures used by devices to control access to the network medium. Data Framing: The data link layer is responsible for the final encapsulation of higher-level messages into frames that are sent over the network at the physical layer. Addressing: The data link layer is the lowest layer in the OSI model that is concerned with addressing: labeling information with a particular destination location. Error Detection and Handling: The data link layer handles errors that occur at the lower levels of the network stack. For example, a cyclic redundancy check (CRC) field is often employed to allow the station receiving data to detect if it was received correctly. What is CAM table? CAM Table Content addressable memory (CAM) table is a term referring to the dynamic content-addressable memory in an Ethernet switch. What is the operation of CAM? A Ethernet switch's role is to copy Ethernet frames from one port to another. The presence of a CAM table is one attribute) ( صفةthat differentiates) ( للتفرقة بينa switch from a hub. Without a functional CAM table, all frames received by a network switch would be echoed back out to all other ports, much like an Ethernet hub. A switch should only emit a frame on the port where the destination network device resides (unicast), unless the frame is for all nodes on the switch (broadcast) or multiple nodes (multicast). Generally, the CAM table is a system memory construct used by Ethernet switch logic to dereference ) (يوصلMedia Access Control (MAC) addresses of stations to the ports on which they connect to the switch. This allows switches to facilitate communications between connected stations at high speed regardless of how many devices are connected to the switch. The CAM table is consulted to make the frame forwarding decision. Switches learn MAC addresses from the source address of Ethernet frames on the ports, such as Address Resolution Protocol response packets. What is MAC? Media Access Control (MAC) technology provides unique identification and access control for computers on an Internet Protocol (IP) network. What is MAC address? Short for Media Access Control address, Media Access Control assigns a unique number to each IP network adapter called the MAC address. A MAC address is 48 bits long. The MAC address is commonly written as a sequence of 12 hexadecimal digits as follows: 48-3F-0A -91-00-BC Manufacturing company serial number What is MAC flooding In a typical MAC flooding attack, a switch is fed many Ethernet frames, each containing different source MAC addresses, by the attacker. The intention is to consume the limited memory set aside in the switch to store the MAC address table Connecting Below Internet Level Hub Bridge Center of star topology In Ethernet, multiport repeater or concentrator Connects 2 networks of same technology – extended LAN Filters/forwards/floods based on MAC Link layer - frames Hub Ethernet Ethernet Bridge Switch Connects 2+ networks – packet-switched network Reduces collisions Ethernet Ethernet CISCOSYSTEMS CISCOSYSTEMS T3 Switch CISCOSYSTEMS STS-N Connecting at the Internet Level Router Originally gateway Forwards packets based on network layer info (IP) Separate broadcast domains In each domain, IP packet encapsulated in domainspecific packet Ethernet Ethernet CISCOSYSTEMS CISCOSYSTEMS Router CISCOSYSTEMS Tokenring Internet Society Governing body for Internet since 1992 http://www.isoc.org Domain names and addresses assigned Upper level: Internet Assigned Numbers Authority Regional: Latin America / Caribbean Asia Pacific America Europe How Does Everyone Work Together? Networks Network Service Provider MCI Worldcom, Sprint, Earthlink, … Exchange points provide connections between networks Network Access Points – open access policies Build national or global networks Lease space at NAPs Sell bandwidth to regional NSPs Regional NSP sell bandwidth to ISP Internet Service Provider sells bandwidth to end users How Does Everyone Work Together? OSI Reference Model for Network Design Application (Layer 7) Presentation Session Transport Network Data Link Physical (Layer 1) OSI vs. TCP/IP Stack Layering: FTP Example Application Presentation FTP Application ASCII/Binary Session Transport Network Link Physical The 7-layer OSI Model TCP Transport IP Network Ethernet Link The 4-layer Internet model Internet Protocol Protocol Stack App Transport TCP / UDP Network IP Link Data Data TCP Segment Hdr Hdr IP Datagram IP Datagram Header 10101011101010101010010101010100101010100 11010010101010010101111111010000011101111 10100001011101010100110101011110100000101 00100000000010101000011010000111111010101 ......... 1011011001010100011001001010110 Data IP Addresses 4 8-bit numbers (Hierarchical) 18.26.0.1 network 32-bits host Specifies both network and host Number of bits allocated to specify network varies Three classes: A 0 net 1 7 B host 24 bits C 1 0 net host 110 net host 2 16 bits 3 21 8 bits 14 IP Addresses IP (Version 4) Addresses are 32 bits long IP Addresses Assigned Statically or Dynamically (DHCP) IPv6 addresses are 128 bits long IP Address Space Originally, 3 Classes Problem A, B, C Classes too rigid (C too small, B too big) Solution Subnetting (e.g. within Stanford) Classless Interdomain Routing (CIDR) Subnetting IP Address plus subnet mask (netmask) IP Addr: 171.64.15.82 Netmask: 0xFFFFFF00 (111...1100000000) First 24 bits are the Subnet ID (the neighborhood) Last 8 bits are Host ID (the street address) Can be written as “Prefix + Length” 171.64.15.0/24 or 171.64.15/24 Subnetting at Stanford To: cenic.net dcl-rtr 171.64.74.0/24 171.64.1.132 171.64.1.132/30 171.64.1.133 Stanford Class B Address 171.64.1.161 171.64.1.178 bbr2-rtr 171.64.0.0/16 171.64.1.160/27 171.64.1.152 171.64.1.144/28 To: cogentco.com border-rtr 171.64.1.145 171.64.74.1 Gates-rtr 171.64.74.58 yuba IP Routing Routers are not omniscient Next-Hop Hop-by-Hop Thus IP makes no guarantees except to try it’s best (”Best Effort”) packets may get there out of order, garbled, duplicated may not get there at all! Unreliable datagram service IP Routing Hop-by-Hop 128.17.20.1 1 R1 2 3 R2 R3 R4 128.17.16.1 e.g. 128.9.16.14 => Port 2 Prefix 65/8 128.9/16 128.9.16/20 128.9.19/24 128.9.25/24 128.9.176/20 142.12/19 Next-hop 128.17.16.1 128.17.14.1 128.17.14.1 128.17.10.1 128.17.14.1 128.17.20.1 128.17.16.1 Port 3 2 2 7 2 1 3 Forwarding/routing table How a Router Forwards Datagrams Classless Interdomain Routing (CIDR) 0 232-1 Classless Interdomain Routing (CIDR) 128.9.0.0 65/8 0 128.9.16.14 142.12/19 128.9/16 216 232-1 Classless Interdomain Routing (CIDR) 128.9.19/24 128.9.25/24 128.9.16/20 128.9.176/20 128.9/16 0 232-1 128.9.16.14 Classless Interdomain Routing (CIDR) 128.9.19/24 128.9.25/24 128.9.16/20 128.9.176/20 128.9/16 0 232-1 128.9.16.14 Five Minute Break Network Programs host ping traceroute nslookup Summary of IP Connectionless/Datagram Unreliable/Best Effort Transmission Control Protocol Protocol Stack App Transport TCP / UDP Network IP Link Data Data TCP Segment Hdr Hdr IP Datagram Characteristics Connection-Oriented Reliable Byte-Stream Flow Control (aka Congestion Control) Three Phases Establish Connection Data Transfer Terminate Connection Establishing the Connection (Active) Client Syn (Passive) Server Syn + Ack Ack Connection Setup 3-way handshake Data Transfer Host A Byte 80 Byte 3 Byte 2 Byte 1 Byte 0 Host B Byte 80 Byte 3 Byte 2 Byte 1 Byte 0 Data Transfer Host A TCP Data Host B Byte 80 Byte 3 Byte 2 Byte 1 Byte 0 TCP Data Byte 80 Byte 3 Byte 2 Byte 1 Byte 0 Maintaining the “Connection” IP Data TCP Data 0 TCP Hdr 15 Src port 31 Dst port Sequence # Ack Sequence # RSVD 6 Flags URG ACK PSH RST SYN FIN HLEN 4 Checksum IP Hdr Window Size Urg Pointer (TCP Options) TCP Data Src/dst port numbers and IP addresses uniquely identify socket Terminating the Connection (Active) Client Fin (Passive) Server (Data +) Ack Fin Ack Connection Close/Teardown 2 x 2-way handshake Connection-Oriented Reliable Byte-Stream Flow Control (aka Congestion Control) Reliability & Flow Control Sequence numbers & Acknowledgements (ACKs) Receiver detects Corrupt, Lost, Duplicated, Out-oforder Tell sender which packets it has received correctly Sender can resend In Flight Window (Window Size) Sender only has N unacknowledged packets “in Sending a Message Leland.Stanford.edu Application Layer Arachne.Berkeley.edu Leslie Ron Transport Layer O.S. D Data Header Data O.S. Header Network Layer H D H D D H H D D H Link Layer H Connection-Oriented Reliable Byte-Stream Flow Control (aka Congestion Control) UDP Protocol Stack App Transport TCP / UDP Network IP Link Data Data TCP Segment Hdr Hdr IP Datagram User Datagram Protocol (UDP) Like TCP, in the Transport Layer Characteristics Connectionless, Datagram, Unreliable Adds only application multiplexing/demultiplexing and checksumming to IP Good for Streaming Media, Real-time Multiplayer Networked Games, VoIP Summary IP is the basis of Internetworking TCP builds on top of IP adds reliable, congestion-controlled, connectionoriented byte-stream. UDP builds on top of IP allows access to IP functionality
