OS Overview 4/13/2015 . 1 Block Diagram of the System Kernel User Program Traps/ Interrupts User Level User Libraries Kernel Level System Call Interface Security Interface Confidentiality Authentication Mobility Interface File System Process Control system Inter process Communication MIPv4 Buffer Cache Intra process Communication MIPv6 Integrity Nonrepudiation VoIP & PTT Support character block Device Driver Access Control Availability Scheduler Scheduler Memory Management Hardware Control Hardware 4/13/2015 . 2 Algorithm Analysis Notations 4/13/2015 . 3 Big O Notation cg(n) f(n) k Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = O(g(n)) means it is less than some constant multiple of g(n). Formal Definition: f(n) = O(g(n)) means there are positive constants c and k, such that 0 ≤ f(n) ≤ cg(n) for all n ≥ k. The values of c and k must be fixed for the function f and must not depend on n. 4/13/2015 . 4 Big ω Notation f(n) cg(n) k Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = ω (g(n)) means g(n) becomes insignificant relative to f(n) as n goes to infinity. Formal Definition: f(n) = ω (g(n)) means that for any positive constant c, there exists a constant k, such that 0 ≤ cg(n) < f(n) for all n ≥ k. The value of k must not depend on n, but may depend on c. 4/13/2015 . 5 Big Θ Notation c2g(n) f(n) c1g(n) k Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = Θ (g(n)) means it is within a constant multiple of g(n). The equation is read, "f of n is theta g of n". Formal Definition: f(n) = Θ (g(n)) means there are positive constants c1, c2, and k, such that 0 ≤ c1g(n) ≤ f(n) ≤ c2g(n) for all n ≥ k. The values of c1, c2, and k must be fixed for the function f and must not depend on n. 4/13/2015 . 6 Process Management 4/13/2015 . 7 Process Definition • A process is an entity which is created by the operating system and consists of a sequence of bytes which is interpreted by the CPU as 1. Machine instruction. 2. Data 3. Stack. Many processes appear to execute simultaneously as the kernel schedules them for execution and several processes may be an instance of one program. In UNIX fork is used to create a process. 4/13/2015 . 8 Process State & Transition User Running Trap/interrupt return Interrupt/Interrupt Return Kernel Schedule Process sleep Wakeup Ready to run Sleep 4/13/2015 . 9 Process Structure text Data Stack Process consists of 3 regions. Region is a contiguous area of the virtual address space 4/13/2015 . 10 Data structure for a process U Area Per process region table Region table Process table text data stack memory Per process region table allows independent processes to share regions. 4/13/2015 . 11 File System 4/13/2015 . 12 File System Definition 1. The collection of files and file management structures on a physical or logical mass storage device, such as a diskette or disk 2. the way the files are organized on the disk and the methods and data structures that an operating system uses to keep track of files on a disk or partition. 3. A data structure that translates the logical (files, directories) structure into physical (sector); it helps both computers and users to locate files. 4/13/2015 . 13 File System Architecture for UNIX / bin etc unix user dev tty00 mike jim z 4/13/2015 tty01 y x . 14 File System Layout Boot block Super block Inode list Data Blocks Boot Block : first sector, contains bootstrap code to initialize the operating system Super Block : how many file it can store, where to find free space Inode List : The list of inode in the file system. Each Inode may represent a file or a directory. Data Blocks : The list of data blocks to carry the files information. 4/13/2015 . 15 File System Data Structure User File Descriptor File Table Inode Table User File Descriptor: For each process. identify all open files for specific process File table: Shared between all processes in the system . Contains how many bytes read or written, access rights allowed for the file Inode Table: access rights and file blocks location 4/13/2015 . 16 Intra process communication 4/13/2015 . 17 signals Kill (pid, SIGSTOP) P1 P2 1. Signals are limited form of IPC that are used to notify a process that a given event has taken place. 2. Each signal has a unique positive integer representing it as well as a symbolic name (that is usually defined in the file /usr/include/signal.h. 3. Amount of information that can be conveyed via a signal is very limited (basically only the signal number). 4/13/2015 . 18 signals (continue) When a signal interrupts a process, the signal is handled as follows: 1. Ignore the signal. 2. Catch the signal. 3. default action apply. 4/13/2015 . 19 Sending Signals 1. Using the keyboard: the Ctrl-C key causes the operating system to send a SIGINT signal to the running process 2. From the command line: kill -INT 3333 3. Using system calls: #include <unistd.h> /* standard unix functions, like getpid() */ #include <sys/ types.h> /* various type definitions, like pid_t */ #include <signal.h> /* signal name macros, and the kill() prototype */ /* first, find my own process ID */ pid_t my_pid = getpid(); /* now that i got my PID, send myself the SIGSTOP signal. */ int rc = kill(my_pid, SIGSTOP); if (rc != 0) /* unsuccessful */ { printf ("The \"kill\" system call failed with rc: %d\n", rc); } 4/13/2015 . 20 Catching Signals #include <stdio.h> /* standard I/O functions */ #include <unistd.h> /* standard unix functions, like getpid() */ #include <sys/types.h> /* various type definitions, like pid_t */ #include <signal.h> /* signal name macros, and the signal() prototype */ /* The signal handler definition. */ void sigintHandler(int sig_num) { /* Register signal handler for SIGINT next time */ signal(SIGINT, sigintHandler); /* Print the message */ printf ("Don't you dare interrupt me\n"); } /* The main function. */ int main (int argc, char* argv[]) { /* Register signal handler for SIGINT */ signal(SIGINT, sigintHandler); /* Go into an infinite loop */ for ( ;; ) pause(); } 4/13/2015 . 21 pipes Fd[1] Fd[0] write read P1 P2 Pipes allows transfer of stream of data between processes in a first-in-first-out manner (FIFO), and also allow synchronization of process execution. 4/13/2015 . 22 Pipes (continue) #include <stdio.h> #include <stdlib.h> #include <errno.h> #include <unistd.h> int main() { int pfds[2]; char buf[30]; if (pipe(pfds) == -1) { perror("pipe"); exit(1); } printf ("writing to file descriptor #%d\n", pfds[1]); write(pfds[1], "test", 5); printf ("reading from file descriptor #%d\n", pfds[0]); read(pfds[0], buf, 5); printf ("read \"%s\“ \n", buf); } 4/13/2015 . 23 message queues msgrcv msgsnd P1 P2 Message queues allows transfer of user defined messages between processes in a first-in-first-out manner (FIFO), and they also allow synchronization of process execution. 4/13/2015 . 24 msgsnd & msgrcv example #include <sys/types.h> #include <sys/ipc.h> #include <sys/msg.h> #define MSGKEY 75 struct msgform{ long msgtype; char mtext [256]; } main () { struct msgform msg; int msgid, pid; pid = getpid (); msg.mtext [0] = pid; msg.mtype = 1; msgid = msgget (MSGKEY,0777); msgsend (msgid, &msg,sizeof (int),0); msgrcv (msgid, &msg,256,pid,0); } 4/13/2015 . 25 Shared memory example (continue) Shared memory strncpy strncpy P1 P2 a segment of memory that is shared between processes no synchronization of processes is provided. 4/13/2015 . 26 Shared memory example #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/types.h> #include <sys/ipc.h> #include <sys/shm.h> #define SHM_SIZE 1024 /* make it a 1K shared memory segment */ int main (int argc, char *argv[]) { key_t key; int shmid; char *data; int mode; /* make the key: */ if ((key = ftok ("shmdemo.c", 'R')) == -1) { perror("ftok"); exit(1); } 4/13/2015 . 27 Shared memory (continue) /* connect to (and possibly create) the segment: */ if ((shmid = shmget(key, SHM_SIZE, 0644 | IPC_CREAT)) == -1) { perror ("shmget"); exit(1); } /* attach to the segment to get a pointer to it: */ data = shmat (shmid, (void *)0, 0); if (data == (char *)(-1)) { perror ("shmat"); exit(1); } /* read or modify the segment, based on the command line: */ strncpy (data, argv[1], SHM_SIZE); printf ("segment contains: \"%s\"\n", data); /* detach from the segment: */ if (shmdt(data) == -1) { perror ("shmdt"); exit(1); } return 0; } 4/13/2015 . 28 sockets Fd[1] Fd[0] write read P1 P2 Sockets are used for inter and intra process communication. It is based on TCP or UDP, and also allow synchronization of process execution. 4/13/2015 . 29 UDP Socket system calls for client/server Client Side Server Side socket socket connect bind write read read write close close 4/13/2015 . 30 Conceptual OS Data Structure for UDP socket Family : PF_INET File Descriptor Table One per process Service: SOCK_DGRAM Local IP: 47.12.121.13 stdin stdout Local port: 5000 stderr 4/13/2015 . 31 TCP Socket system calls for client/server Client Side Server Side socket socket connect bind write listen read accept close read write close 4/13/2015 . 32 Conceptual OS Data Structure for TCP socket Family : PF_INET File Descriptor Table One per process Service: SOCK_STREAM Local IP: 47.12.121.13 stdin stdout stderr Remote IP: 47.12.121.100 Local Port: 5000 Remote Port: 5100 4/13/2015 . 33 UDP/TCP Server #include <sys/types.h> #include <sys/socket.h > #include <netinet/in.h> #include <arpa/inet.h > #include <netdb.h > #include <stdio.h> #include <unistd.h> /* close() */ #include <string.h> /* memset() */ #define LOCAL_SERVER_PORT 1500 #define MAX_MSG 100 int server (char *protocol,int argc, char *argv[]) { int sd, rc, n, cliLen; struct sockaddr_in servAddr; char msg[MAX_MSG]; /* socket creation */ if (strcmp (protocol, ”udp”) == 0) sd =socket (AF_INET, SOCK_DGRAM, 0); else sd =socket (AF_INET, SOCK_STREAM, 0); /* bind local server port */ servAddr.sin_family = AF_INET; servAddr.sin_addr.s_addr = htonl(INADDR_ANY); servAddr.sin_port = htons(LOCAL_SERVER_PORT); rc = bind (sd, (struct sockaddr *) &servAddr,sizeof(servAddr)); if (strcmp (protocol, ”udp”) != 0) listen (sd,5); return sd; } 4/13/2015 . 34 UDP/TCP Client #include <sys/types.h> #include <sys/socket.h > #include <netinet/in.h> #include <arpa/inet.h > #include <netdb.h > #include <stdio.h> #include <unistd.h> /* close() */ #include <string.h> /* memset() */ #define REMOTE_SERVER_PORT 1500 int client (int protocol,int argc, char *argv[]) { int sd, rc, i; struct sockaddr_in sin; struct hostent *h; /* get server IP address*/ h = gethostbyname(argv[1]); sin.sin_family = h->h_addrtype; // AF_INET memcpy ((char *) &sin.sin_addr.s_addr, h->h_addr_list[0], h->h_length); sin.sin_port = htons(REMOTE_SERVER_PORT); /* socket creation */ if (strcmp (“udp”, protocol) == 0) sd = socket(AF_INET,SOCK_DGRAM,0); else sd = socket(AF_INET,SOCK_STREAM,0); if ((rc = connect (sd, (struct sockaddr *) &sin, sizeof(sin))<0) return -1; return sd; } 4/13/2015 . 35 UDP Server /* server infinite loop */ int main (int argc, char *argv[]) ( int sd =0, cliLen; struct sockaddr_in cliAddr; sd = server (“udp”, argc, argv); while(1) { /* init buffer */ memset(msg,0x0,MAX_MSG); /* receive message */ cliLen = sizeof(cliAddr); n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) &cliAddr, &cliLen); if (n<0) { printf("%s: cannot receive data \n",argv[0]); exit (-1); } /* print rcv message */ print ("%s: from %s:UDP%u : %s \n", argv[0],inet_ntoa(cliAddr.sin_addr), ntohs(cliAddr.sin_port),msg); }/* end of server infinite loop */ return 0; } 4/13/2015 . 36 Inter process communication 4/13/2015 . 37 Inter process communication protocols •TCP •UDP •IP4 •IP6 4/13/2015 – - Transport Communication Protocol. User Defined Protocol. Internet Protocol version 4. Internet Protocol version 6. . 38 Protocol Stack Application (MIPv4) Transport (UDP,TCP) Internet Protocol (MIP6,MIPv4,IP4,IP6) Kernel Data Link Layer Physical Layer 4/13/2015 . 39 TCP Protocol Procedure 4/13/2015 . 40 TCP- Transport Communication Protocol •Byte stream service with no structure. •Full Duplex. •Connection Oriented. •Reliable Service. 4/13/2015 . 41 TCP Connection Opened User B User A TCP:SYNC – (port 5060) TCP:SYNC+ACK – (port 5060) TCP:ACK – (port 5060) 4/13/2015 . 42 TCP Connection Closed User A User B TCP:FIN – (port 5060) TCP:ACK – (port 5060) Connection Closed TCP:FIN – (port 5060) TCP:ACK – (port 5060) 4/13/2015 . 43 TCP Sliding Window Initial window 1 2 3 4 5 6 7 8 9 10 7 8 9 10 Window slides 1 2 3 4 5 6 A sliding window protocol with 8 packets in the window. The window slides so that packet 9 can be sent when an acknowledgment has been received for packet 1. Only non acknowledged packets are retransmitted. 4/13/2015 . 44 TCP Positive Acknowledgement User A User B Send Packet 1 Send Packet 2 Send Packet 3 Recv Packet 1 Send ACK1 Recv Packet 2 Send ACK 2 Recv Packet 3 Send ACK 3 Recv Ack 1 Recv Ack 2 Recv Ack 3 4/13/2015 . 45 UDP Protocol 4/13/2015 . 46 User Datagram Protocol (UDP) Host:: x1.y1.z1.w1 p1 p1 p2 p2 p3 p3 Multiple applications distinguished by port numbers Host:: x2.y2.z2.w2 Multiple applications distinguished by port numbers The UDP protocol provides an unreliable connectionless delivery service using IP to transport messages between machines. It uses IP to carry messages, but adds the ability to distinguish among multiple destinations within the given host computer 4/13/2015 . 47 UDP Header Source Port Destination Port UDP Checksum UDP Message Length Data 4/13/2015 . 48 UDP Checksum Received Packet Checksum Calculate Checksum = If changed or not Verify the integrity of the packet 4/13/2015 . 49 IP4 Protocol 4/13/2015 . 50 Type of Addresses for IPv4 Unicast Address An address for a single interface. Packet sent to this address is delivered to the interface identified by this address. 4/13/2015 . 51 Type of Addresses for IPv4 (continue) Broadcast Address An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to all nodes in the network 4/13/2015 . 52 Type of Addresses for IPv4 (continue) Multicast Address An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to interfaces identified by this address 4/13/2015 . 53 IPv4 Header version IHL Type of service Total length Identification Time to live flags Protocol Fragment Offset checksum Source IP Address Destination IP Address IF OPTIONS (IF ANY) PADDING Data 4/13/2015 . 54 TOS field description Differential Service Code Point DSCP Unused Different queue for services •Delay Sensitive •Rate Sensitive 4/13/2015 . 55 IPv4 Header Checksum version IHL Type of service Total length Identification Time to live flags Protocol Fragment Offset 0 Source IP Address Destination IP Address IF OPTIONS (IF ANY) PADDING Data IP checksum is formed by treating the header as a sequence of 16-bit integers (in network byte order), adding them together using one’s complement arithmetic, and then taking the one’s complement of the result. 4/13/2015 . 56 IP6 Protocol 4/13/2015 . 57 Type of Addresses for IPv6 Unicast Address An address for a single interface. Packet sent to this address is delivered to the interface identified by this address. 4/13/2015 . 58 Type of Addresses for IPv6 (continue) Anycast Address An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to only one node in this set. 4/13/2015 . 59 Type of Addresses for IPv6 (continue) Multicast Address An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to interfaces identified by this address 4/13/2015 . 60 IPv6 Header Format 01234567012345670123456701234567 Version Flow Label Traffic Class Next Header Payload Length Hop Limit Source IP (128 bits) Destination IP (128 bits) 4/13/2015 . 61 Order of Extension Header IPv6 Header Hop-By-Hop Destination Header Routing Header Processed by all the intermediate Nodes To be processed by the first destination that appears in the IPv6 Destination Address field plus subsequent destinations listed in the Routing header. Fragmentation Header AH ESP Destination Header Upper Layer Header 4/13/2015 for options to be processed only by the final destination of the packet. e.g. UDP TCP ICMP . 62 Routing Header 01234567012345670123456701234567 Next Header Hdr Ext Len Routing Type Segment Left Type-specific data The Routing Header is used by an IPv6 source to list one or more intermediate nodes to be “visited” on the way to the packet’s destination. The Routing header is identified by the value 43 in the Next Header field of the IPv6 Header 4/13/2015 . 63 Routing Header (continue) 01234567012345670123456701234567 Next Header Hdr Ext Len Routing Type Segment Left Type-specific data Routing Type – 8 bits identifier of a particular routing header variant. Segments Left– 8 bits unsigned integer. Number of explicitly listed intermediate nodes still to be visited before reaching the final destination. Type-specified data– Variable-length field, of format determined by the routing type, and of length such that the complete routing header is an integer multiple of 8 octets long. 4/13/2015 . 64 Routing Header Routing Type = 0 (continue) 01234567012345670123456701234567 Next Header Hdr Ext Len Routing Header =0 Segment Left Address [1] (128 bits) Address [2] (128 bits) Address [n] (128 bits) 4/13/2015 . 65 IPv4 vs IPv6 1. IPv4 address is 32 bits, IPv6 address is 128 bits. 2. IPv4 header is variable size, at least 20 bytes. IPv6 header size is fixed 40 bytes. This feature will make router header processing more efficient. 3. Addressing modes for IPv4 are: Broadcast, Multicast, Unicast. IPv6 addressing modes are Multicast, Anycast, Unicast. IPv6 eliminate the Broadcast mode for security reasons. IPv6 added Anycast which was not in IPv4. 4. Security is built in feature in the IPv6 protocol. In IPv4 it is not. 5. IPv6 has more support for QoS. It has two Fields Traffic Class & Flow Label fields. IPv4 has only a TOS field. 6. Fragmentation is done by any node in IPv4. In IPv6 the fragmentation is done by the source. 7. Improvement support for extensions & options. New extension encoding allow flexibility in introducing new options & easy processing for those options. 8. Stateless & stateful address configuration for IPv6, Stateful address configuration for IPv4 4/13/2015 . 66 Acronym HA Home Agent FA Foreign Agent HoA Home IP Address. CCoA collocated Care-of Address FCoA Foreign Agent Care-of Address. MIPv4 Mobile IP version 4. MIPv6 Mobile IP version 6. MN Mobile Node. CN Correspondent Node. 4/13/2015 . 67 Mobility Problem Mobile Node move Home Link Link A Link B 路由器 路由器 Router Internet Router Link C 路由器 Router 工作站 Home Agent 4/13/2015 電腦 Correspondent Node . 68 MIP Conceptual Model HoA CoA MN HA Interne t Visiting Network Home Network CN 4/13/2015 . 69 MIPv4 4/13/2015 . 70 MIP4: Protocol Stack Application (MIPv4) Transport (UDP,TCP) Internet Protocol (MIP4,IP4) Kernel Data Link Layer Physical Layer 4/13/2015 . 71 MIP4:Registration With Home Agent- CCoA –Ref [1] MN RRQ CCoA RRP IP4 Foreign Network HA FA Home Network CN 4/13/2015 . 72 MIP4:Forward Traffic-FCoA MN CoA IP4 Foreign Network HA FA Home Network Outer IP Header: •Src = HAIP •Dst = FCoA Inner IP header •Src = CNIP •Dst = HoA 4/13/2015 . 2 CN 1 IP header •Src = CNIP •Dst = HoA 73 MIP4:Forward Traffic-Tunneling-CCoA MN CCoA IP4 HA Foreign Network Home Network Outer IP Header: •Src = HAIP •Dst = CCoA Inner IP header •Src = CNIP •Dst = HoA 4/13/2015 . 2 CN 1 IP header •Src = CNIP •Dst = HoA 74 MIP4:Reverse Traffic-FCoA MN FCoA IP4 Foreign Network HA FA Home Network 1 CN IP header •Src = HoA •Dst = CNIP 4/13/2015 . 75 MIP4:Reverse Traffic-CCoA MN CCoA IP4 Foreign Network HA FA Home Network IP header •Src = CCoA •Dst = CNIP 4/13/2015 1 . CN 76 MIP4:Reverse Traffic-Tunneling-FCoA MN FCoA IP4 Foreign Network HA FA Home Network Outer IP Header: •Src = FCoA •Dst = HAIP Inner IP header •Src = HoA •Dst = CNIP 4/13/2015 . 1 CN 2 IP header •Src = HoA •Dst = CNIP 77 MIP4:Reverse Traffic-CCoA MN CCoA IP4 HA Foreign Network Home Network Outer IP Header: •Src = CCoA •Dst = HAIP Inner IP header •Src = HoA •Dst = CNIP 4/13/2015 . 1 CN 2 IP header •Src = HoA •Dst = CNIP 78 MIP4:Going Back Home MN Agent Advertisement Gratuitous ARP RRQ [lifetime=0] gratuitous ARP RRP[lifetime = 0] IP6 HA Foreign Network Home Network CN 4/13/2015 . 79 MIP4:Security MN MN-HA AE FCoA MN-FA AE IP4 Foreign Network HA FA Home Network FA-HA AE 4/13/2015 . 80 MIP4:Authentication Calculation UDP payload Message Digest SPI HMAC_MD5 Auth Type Shared Security Key 4/13/2015 . 81 MIP4: Registration With Home Agent-FCoA –Ref [1] MN RRQ(HoA,FCoA,HA) FCoA Gratuitous ARP IP4 Foreign Network FA RRP(HoA,FCoA,HA) HA Home Network CN 4/13/2015 . 82 MIP4:Registration With Dynamic HoA Allocation –Ref [3] MN FCoA RRQ(NAI,HoA=?,FCoA,HA) IP4 Foreign Network FA RRP(NAI,HoA,FCoA,HA) HA Home Network CN 4/13/2015 . 83 MIP4: Registration With Dynamic HA Allocation –Ref [2] MN FCoA RRQ(NAI,HoA,FCoA,HA=?) IP4 Foreign Network FA RRP(NAI,HoA,FCoA,HA) HA Home Network CN 4/13/2015 . 84 MIP4:Registration With Dynamic HA Allocation-Ref [2] (Cont) MN RRQ(NAI,HoA,FCoA,HA=?) FCoA RRP(NAI,HoA,FCoA,HA=HA2) HA1 RRQ(NAI,HoA,FCoA,HA=HA2) IP4 Foreign Network FA RRP(NAI,HoA,FCoA,HA=HA2) HA2 Home Network CN 4/13/2015 . 85 MIP4:Registration With Dynamic HA & HoA Allocation –Ref [2],[3] MN FCoA RRQ(NAI,HoA=?,FCoA,HA=?) IP4 Foreign Network FA RRP(NAI,HoA,FCoA,HA) HA Home Network CN 4/13/2015 . 86 MIPv6 4/13/2015 . 87 Registration With Home Agent HoA MN BU CoA BA Interne t HA Foreign Network CN 4/13/2015 . Home Network 88 Bidirectional Tunneling -Forward Traffic HoA MN CoA Interne t HA Foreign Network Home Network Outer IP Header: •Src = HAIP •Dst = CoA Inner IP header •Src = CNIP •Dst = HoA 4/13/2015 . 2 CN 1 IP header •Src = CNIP •Dst = HoA 89 Bidirectional Tunneling –Reverse Traffic HoA MN CoA Interne t HA Foreign Network Home Network Outer IP Header: •Src = CoA •Dst = HAIP Inner IP header •Src = HoA •Dst = CNIP 4/13/2015 . 1 CN 2 IP header •Src = HoA •Dst = CNIP 90 Route Optimization-Forward Traffic HoA MN CoA Interne t HA Foreign Network 2 IP Header: •Src = CNIP •Dst = HoA 4/13/2015 Home Network 1 IP Header: •Src = CNIP •Dst = CoA Type 2 Routing Header • HoA . CN 91 Route Optimization-Reverse Traffic HoA MN CoA Interne t HA Foreign Network Home Network 1 IP Header: •Src = CoA •Dst = CNIP Destination Option Header •Home Address Option with HoA 4/13/2015 . CN IP Header: •Src = HoA •Dst = CNIP 2 92 Basic Address Stealing New Data Flow Original Data Flow MN CN Victim BU <HoA = IPMN, CoA = IPvictim > attacker 4/13/2015 . 93 Round Routability HoA MN HoTI 1 2 HoT CoA Foreign Network 4 3 2 1 Interne t HA Home Network CN 4/13/2015 . 1 2 94