CSE331: Introduction to Networks and Security Lecture 10

advertisement
CSE331:
Introduction to Networks
and Security
Lecture 10
Fall 2002
Announcements
• HW 2 Graded
– Mean 82
– Pick up after class
CSE331 Fall 2002
2
Recap
• Domain Name System
• IPv4 Routing
– RIP – Routing Information Protocol
– OSPF – Open Shortest Path First
CSE331 Fall 2002
3
Today
• Interdomain Routing
• IPv6
• UDP & TCP
CSE331 Fall 2002
4
Interdomain Routing
• EGP - Exterior Gateway Protocol
– Early; constrained Internet to tree and hence
shares some problems of bridging (scalability, path
exploitation, etc. ….. )
Internet tree structure circa 1990.
CSE331 Fall 2002
5
Today’s Multibackbone Internet
Peering
point
Large
Corporation
Consumer ISP
Backbone Service
Backbone
ProviderService
Backbone
ProviderService
Provider
Consumer ISP
Large
Corporation
Consumer ISP
Small
Company
CSE331 Fall 2002
6
BGP - Border Gateway Protocol
• Arbitrary topology
• Interconnected of Administrative Domains
–
–
–
–
–
local traffic: originates or terminates in A.D.
transit traffic: passes through
stub: one A.D.-A.D. link
multihomed: multiple A.D. links, no transit
transit: connections to other A.D.s; carry transit
CSE331 Fall 2002
7
BGP Continued
• AD Connectivity
– A border gateway is an IP router that forwards
packets between A.D.s
– A.D. has one “BGP speaker”
• Border Gateway Protocol
– Advertises reachability, not costs
– Advertises complete paths between A.D.s
• Needed for policy decisions like “Use provider B”
• Helps detect loops
– Not LSP or DV.
– Router state ~# A.D.s, hence large
CSE331 Fall 2002
8
Next Generation IP (IPv6 or IPng)
•
•
•
•
•
Lots of addresses (128 bits)
Real-time
Security
Autoconfiguration
Mobile hosts and other enhanced routing
functions
CSE331 Fall 2002
9
Packet Format
0
31
Ver. Prio
FlowLabel
PayloadLEN
NextHeader
HopLimit
Source Address (128 bits)
Destination Address (128 bits)
Next Header/Data
CSE331 Fall 2002
10
Protocol Stack Revisited
Application
Presentation
Session
Transport
UDP and TCP/IP
Network
Data Link
So far…
Physical
CSE331 Fall 2002
11
Application vs. Network
Application Needs
Network Char.
Reliable, Ordered, Single-Copy
Message Delivery
Drops , Duplicates and Reorders
Messages
Arbitrarily large messages
Finite message size
Allows Flow Control by Receiver Arbitrary Delay
Supports multiple applications
per-host
…
CSE331 Fall 2002
12
User Datagram Protocol (UDP)
0
16
31
SrcPort
DestPort
Length
Checksum
IP Packet Data
• Simplest transport-layer protocol
• Just exposes IP packet functionality to
application level
• Ports identify sending/receiving process
– Demultiplexing information
– (port, host) pair identifies a network process
CSE331 Fall 2002
13
UDP End-to-End Model
• Multiplexing/Demultiplexing with Port number
Application
Application
UDP Sender
(Multiplexer)
Application
Application
UDP Receiver
(Demultiplexer)
CSE331 Fall 2002
14
Using Ports
• Client contacts Server at a well-known port
–
–
–
–
DNS: port 53
POP3: port 110
Unix talk : port 517
In unix, ports are listed in /etc/services
• Sometimes Client and Server agree on a
different port for subsequent communication
• Ports are an abstraction
– Implemented differently on different OS’s
– Typically a message queue
CSE331 Fall 2002
15
Transmission Control Protocol (TCP)
• Most widely used protocol for reliable byte
streams
–
–
–
–
Reliable, in-order delivery of a stream of bytes
Full duplex: pair of streams, one in each direction
Flow and congestion control mechanisms
Like UDP, supports ports
• Built on top of IP (hence TCP/IP)
CSE331 Fall 2002
16
TCP End-to-End Model
• Buffering corrects errors but may introduce
delays
Application
Application
Application
TCP Sender:
Send Buffers
Application
TCP Receiver
Receive Buffers
segment
segment
CSE331 Fall 2002
segment
segment
17
Packet Format
• Flags
–
–
–
–
–
–
SYN
FIN
RESET
PUSH
URG
ACK
• Fields
0
15
SrcPort
31
DstPort
SequenceNum
Acknowledgment
HL
0 Flags Advert.Wind.
Checksum
UrgPtr
Options (variable)
DATA
CSE331 Fall 2002
18
Three-Way Handshake
CSE331 Fall 2002
19
TCP State Transitions
CSE331 Fall 2002
20
TCP Receiver
• Maintains a buffer from which application
reads
• Advertises < buffer size as the window for
sliding window
• Responds with Acknowledge and
AdvertisedWindow on each send; updates
byte counts when data O.K.
• Application blocked until read() O.K.
CSE331 Fall 2002
21
TCP Sender
• Maintains a buffer; sending application is
blocked until room in the buffer for its write
• Holds data until acknowledged by receiver as
successfully received
• Implement window expansion and
contraction; note difference between flow and
congestion control
CSE331 Fall 2002
22
Flow vs. Congestion Control
• Flow control protects the recipient from being
overwhelmed.
• Congestion control protects the network from
being overwhelmed.
CSE331 Fall 2002
23
TCP Congestion Control
• Additive Increase / Multiplicative Decrease
• Slow Start
• Fast Retransmit and Fast Recovery
CSE331 Fall 2002
24
Increase and Decrease
• A value CongestionWindow is used to control
the number of unacknowledged
transmissions.
• This value is increased linearly until timeouts
for ACKs are missed.
• When timeouts occur, CongestionWindow is
decreased by half to reduce the pressure on
the network quickly.
• The strategy is called “additive increase /
multiplicative decrease”.
CSE331 Fall 2002
25
Additive Increase
CSE331 Fall 2002
26
KB
TCP Sawtooth Pattern
Time
CSE331 Fall 2002
27
Slow Start
• Sending the entire window immediately could
cause a traffic jam in the network.
• Begin “slowly” by setting the congestion
window to one packet.
• When acknowledgements arrive, double the
congestion window.
• Continue until ACKs do not arrive or flow
control dominates.
CSE331 Fall 2002
28
Slow Start
CSE331 Fall 2002
29
Download