CSE4471: Computer Network Review Network Layers TCP/UDP IP Ethernet Internet Layers application: supporting network applications ftp, smtp, http transport: host-host data transfer tcp, udp network: routing of datagrams from source to destination ip, routing protocols link: data transfer between neighboring network elements application transport network link physical ppp, ethernet physical: bits “on the wire” 2 OSI Network Layers Layering: logical communication Each layer: distributed “entities” implement layer functions at each node entities perform actions, exchange messages with peers application transport network link physical application transport network link physical network link physical application transport network link physical application transport network link physical 4 Layering: physical communication data application transport network link physical application transport network link physical network link physical application transport network link physical data application transport network link physical 5 Protocol layering and data Each layer takes data from above adds header information to create new data unit passes new data unit to layer below source M Ht M Hn Ht M Hl Hn Ht M application transport network link physical destination application transport network link physical M message Ht M Hn Ht M Hl Hn Ht M segment datagram frame 6 Internet structure: network of networks roughly hierarchical national/international local ISP backbone providers (NBPs) e.g. BBN/GTE, Sprint, AT&T, IBM, UUNet interconnect (peer) with each other privately, or at public Network Access Point (NAPs) regional ISPs connect into NBPs local ISP, company connect into regional ISPs regional ISP NBP B NAP NAP NBP A regional ISP local ISP 7 National Backbone Provider e.g. Sprint US backbone network 8 TCP Transport Control Protocol Flow control and Responds to congestion Reliable In-order delivery “Nice” Protocol TCP segment structure 32 bits URG: urgent data (generally not used) ACK: ACK # valid PSH: push data now (generally not used) RST, SYN, FIN: connection estab (setup, teardown commands) Internet checksum (as in UDP) source port # dest port # sequence number acknowledgement number head not UA P R S F len used checksum rcvr window size ptr urgent data Options (variable length) application data (variable length) counting by bytes of data (not segments!) # bytes rcvr willing to accept Reliable Delivery Sender, Receiver keep track of bytes sent and bytes received. Acks have an indication of next byte expected. Three duplicate acks considered a packet loss sender retransmits TCP seq. #’s and ACKs Seq. #’s: byte stream “number” of first byte in segment’s data ACKs: seq # of next byte expected from other side cumulative ACK Q: how receiver handles out-of-order segments A: TCP spec doesn’t say, - up to implementer Host A User types ‘C’ Host B host ACKs receipt of ‘C’, echoes back ‘C’ host ACKs receipt of echoed ‘C’ simple telnet scenario time TCP Flow Control Window based Sender cannot send more data than a window without acknowledgements. Window is a minimum of receiver’s buffer and ‘congestion window’. After a window of data is transmitted, in steady state, acks control sending rate. Flow Control UDP No reliability, flow control, congestion control. Sends data in a burst. Provides multiplexing and demultiplexing of sources. Most multimedia applications using UDP UDP: User Datagram Protocol [RFC 768] “no frills,” “bare bones” Internet transport protocol “best effort” service, UDP segments may be: lost delivered out of order to app connectionless: no handshaking between UDP sender, receiver each UDP segment handled independently of others Why is there a UDP? no connection establishment (which can add delay) simple: no connection state at sender, receiver small segment header no congestion control: UDP can blast away as fast as desired UDP segment structure often used for streaming multimedia apps loss tolerant rate sensitive Length, in bytes of UDP other UDP uses (why?): segment, including DNS header SNMP reliable transfer over UDP: add reliability at application layer application-specific error recover! 32 bits source port # dest port # length checksum Application data (message) UDP segment format IP datagram format IP protocol version number header length (bytes) “type” of data max number remaining hops (decremented at each router) upper layer protocol to deliver payload to 32 bits type of ver head. len service length fragment 16-bit identifier flgs offset time to upper Internet layer live checksum total datagram length (bytes) for fragmentation/ reassembly 32 bit source IP address 32 bit destination IP address Options (if any) data (variable length, typically a TCP or UDP segment) E.g. timestamp, record route taken, pecify list of routers to visit. ICMP: Internet Control Message Protocol used by hosts, routers, gateways to communication network-level information error reporting: unreachable host, network, port, protocol echo request/reply (used by ping) network-layer “above” IP: ICMP msgs carried in IP datagrams ICMP message: type, code plus first 8 bytes of IP datagram causing error Type 0 3 3 3 3 3 3 4 Code 0 0 1 2 3 6 7 0 8 9 10 11 12 0 0 0 0 0 description echo reply (ping) dest. network unreachable dest host unreachable dest protocol unreachable dest port unreachable dest network unknown dest host unknown source quench (congestion control - not used) echo request (ping) route advertisement router discovery TTL expired bad IP header Routing in the Internet The Global Internet consists of Autonomous Systems (AS) interconnected with each other: Stub AS: small corporation Multihomed AS: large corporation (no transit) Transit AS: provider Two-level routing: Intra-AS: administrator is responsible for choice: RIP, OSPF Inter-AS: unique standard: BGP Link Layer 21 Link Layer: setting the context two physically connected devices: host-router, router-router, host-host unit of data: frame M Ht M Hn Ht M Hl Hn Ht M application transport network link physical data link protocol phys. link adapter card network link physical Hl Hn Ht M frame 22 Link Layer Services Framing, link access: encapsulate datagram into frame, adding header, trailer implement channel access if shared medium, ‘physical addresses’ used in frame headers to identify source, dest • different from IP address! Reliable delivery between two physically connected devices: we learned how to do this already (chapter 3)! seldom used on low bit error link (fiber, some twisted pair) wireless links: high error rates • Q: why both link-level and end-end reliability? 23 Link Layer Services (more) Flow Control: pacing between sender and receivers Error Detection: errors caused by signal attenuation, noise. receiver detects presence of errors: • signals sender for retransmission or drops frame Error Correction: receiver identifies and corrects bit error(s) without resorting to retransmission 24 Multiple Access Links and Protocols Three types of “links”: point-to-point (single wire, e.g. PPP, SLIP) broadcast (shared wire or medium; e.g, Ethernet, Wavelan, etc.) switched (e.g., switched Ethernet, ATM etc) 25 Multiple Access protocols single shared communication channel two or more simultaneous transmissions by nodes: interference only one node can send successfully at a time multiple access protocol: distributed algorithm that determines how stations share channel, i.e., determine when station can transmit communication about channel sharing must use channel itself! what to look for in multiple access protocols: • • • • synchronous or asynchronous information needed about other stations robustness (e.g., to channel errors) performance 26 Ethernet: uses CSMA/CD A: sense channel, if idle then { transmit and monitor the channel; If detect another transmission then { abort and send jam signal; update # collisions; delay as required by exponential backoff algorithm; goto A } else {done with the frame; set collisions to zero} } else {wait until ongoing transmission is over and goto A} 27 A Summary on Network Layers and Their Vulnerabilities Network Layer Basic Functions Representative Protocols Security Vulnerability Examples Application Providing services such as WWW to end-users HTTP, SMTP, FTP JavaScript-based malware, Email spams Transport End-to-end message transmission independent of the underlying network TCP, UDP TCP SYN attack, UDP flooding attack Network Routing IP, ICMP, RIP, OSPF, BGP IP spoofing, Black hole attack to RIP Data Link Media access control Ethernet, Wi-Fi Eavesdropping attack Physical Transmitting raw bit stream Physical attack such as cut to cable 28 Acknowledgement Part of the slides are from Kurose and Ross’s book “Computer Networking: A Top-Down Approach”. 29