Internet structure: network of networks
 a packet passes through many networks!
local
ISP
Tier 3
ISP
Tier-2 ISP
local
ISP
local
ISP
local
ISP
Tier-2 ISP
Tier 1 ISP
Tier 1 ISP
Tier-2 ISP
local
local
ISP
ISP
NAP
Tier 1 ISP
Tier-2 ISP
local
ISP
Tier-2 ISP
local
ISP
Introduction
1-1
Internet protocol stack
 application: supporting network
applications

FTP, SMTP, HTTP
 transport: process-process data
transfer

TCP, UDP
 network: routing of datagrams from
source to destination

IP, routing protocols
 link: data transfer between
application
transport
network
link
physical
neighboring network elements

PPP, Ethernet
 physical: bits “on the wire”
Introduction
1-2
Encapsulation
source
message
segment
M
Ht
M
datagram Hn Ht
M
frame Hl Hn Ht
M
application
transport
network
link
physical
link
physical
switch
destination
M
Ht
M
Hn Ht
Hl Hn Ht
M
M
application
transport
network
link
physical
Hn Ht
Hl Hn Ht
M
M
network
link
physical
Hn Ht
M
router
Introduction
1-3
Chapter 2: applications
Introduction
1-4
Architectures
 Client-server
 Peer-to-peer
 Hybrid
Introduction
1-5
HTTP overview
Linux running
Firefox
HTTP: hypertext
transfer protocol
 Web’s application layer
protocol
 client/server model
 client: browser that
requests, receives,
“displays” Web objects
 server: Web server
sends objects in
response to requests
 HTTP 1.0: RFC 1945
 HTTP 1.1: RFC 2068
PC running
Explorer
Server
running
Apache Web
server
Mac running
Navigator
Introduction
1-6
HTTP Review
 TCP
 “Stateless”
 Non-persistent  44 messages, 22 RTT
 Persistent  24 messages
 Non-pipelined  12 RTT
 Pipelined  3 RTT
 HTTP Commands (GET, POST, HEAD, etc)
 HTTP Fields (User-agent, Connection, etc)
 Telnet as a command-line TCP connection
Introduction
1-7
Cookies: keeping “state” (cont.)
client
Cookie file
server
usual http request msg
usual http response +
ebay: 8734
Cookie file
amazon: 1678
ebay: 8734
Set-cookie: 1678
usual http request msg
cookie: 1678
usual http response msg
one week later:
Cookie file
amazon: 1678
ebay: 8734
usual http request msg
cookie: 1678
usual http response msg
server
creates ID
1678 for user
cookiespecific
action
cookiespectific
action
Introduction
1-8
Optimization example (cont)
origin
servers
Install cache
 suppose hit rate is .4
Consequence
public
Internet
 40% requests will be
satisfied almost immediately
 60% requests satisfied by
origin server
 utilization of access link
reduced to 60%, resulting in
negligible delays (say 10
msec)
 total avg delay = Internet
delay + access delay + LAN
delay = .6*(2.01) secs +
.4*milliseconds < 1.4 secs
1.5 Mbps
access link
institutional
network
10 Mbps LAN
institutional
cache
Introduction
1-9
Scenario: Alice sends message to Bob
1) Alice uses UA to compose
message and “to”
bob@someschool.edu
2) Alice’s UA sends message
to her mail server; message
placed in message queue
3) Client side of SMTP opens
TCP connection with Bob’s
mail server
1
user
agent
2
mail
server
3
4) SMTP client sends Alice’s
message over the TCP
connection
5) Bob’s mail server places the
message in Bob’s mailbox
6) Bob invokes his user agent
to read message
mail
server
4
5
6
user
agent
Introduction
1-10
Distributed, Hierarchical Database
Root DNS Servers
com DNS servers
yahoo.com
amazon.com
DNS servers DNS servers
org DNS servers
pbs.org
DNS servers
edu DNS servers
poly.edu
umass.edu
DNS serversDNS servers
Client wants IP for www.amazon.com; 1st approx:
 Client queries a root server to find com DNS
server
 Client queries com DNS server to get amazon.com
DNS server
 Client queries amazon.com DNS server to get IP
address for www.amazon.com
Introduction
1-11
Iterative Queries vs Recursive Queries
root DNS server
root DNS server
2
3
2
TLD DNS server
4
3
7
6
TLD
DNS
server
5
local DNS server
local DNS server
Cs.virginia.edu
1
8
requesting host
7
Cs.virginia.edu
6
1
4
8
authoritative DNS server
dns.cs.umass.edu
requesting host
Cs.virginia.edu
5
authoritative DNS serve
dns.cs.umass.edu
Cs.virginia.edu
gaia.cs.umass.edu
gaia.cs.umass.edu
Introduction
1-12
P2P: centralized directory
original “Napster” design
1) when peer connects, it
informs central server:


Bob
centralized
directory server
1
peers
IP address
content
2) Alice queries for “Hey
Jude”
3) Alice requests file from
Bob
1
3
1
2
1
Alice
Introduction
1-13
Gnutella: protocol
 Query message
sent over existing TCP
connections
 peers forward
Query message
 QueryHit
sent over
reverse
Query
path
File transfer:
HTTP
Query
QueryHit
QueryHit
Scalability:
limited scope
flooding
Introduction
1-14
Exploiting heterogeneity: KaZaA
 Each peer is either a
group leader or assigned
to a group leader.


TCP connection between
peer and its group leader.
TCP connections between
some pairs of group
leaders.
 Group leader tracks the
content in all its
children.
ordinary peer
group-leader peer
neighoring relationships
in overlay network
Introduction
1-15
Chapter 3: transport
Introduction
1-16
Transport Layer Review
 Connection-oriented (TCP)
 Acknowledgements (can have retries)
 Flow control
 Congestion control
 Better for most protocols
 Connectionless (UDP)
 No acknowledgements
 Send as fast as needed
 Some packets will get lost
 Better for video, telephony, etc
 Human speech?
Introduction
1-17
Connectionless demux (cont)
DatagramSocket serverSocket = new DatagramSocket(6428);
P2
SP: 6428
SP: 6428
DP: 9157
DP: 5775
SP: 9157
client
IP: A
P1
P1
P3
DP: 6428
SP: 5775
server
IP: C
DP: 6428
Client
IP:B
SP provides “return address”
Introduction
1-18
Connection-oriented demux:
Threaded Web Server
P1
P2
P4
P1P3
SP: 5775
DP: 80
S-IP: B
D-IP:C
SP: 9157
client
IP: A
DP: 80
S-IP: A
D-IP:C
SP: 9157
server
IP: C
DP: 80
S-IP: B
D-IP:C
Client
IP:B
Introduction
1-19
Notice:
 TCP sockets:
Server port required to create listening socket
 Server address and port needed by client for
connection setup
 Nodes can talk freely after that

 UDP sockets
 Server port required to create listening socket
 Every message requires dest address/port
 All reads provide source address/port
Introduction
1-20
Internet Checksum Example
 Note

When adding numbers, a carryout from the
most significant bit needs to be added to the
result
 Example: add two 16-bit integers
1 1 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0
1 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
wraparound 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1
sum 1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 0
checksum 1 0 1 0 0 0 1 0 0 0 1 0 0 0 0 1 1
Introduction
1-21
Reliable Transport
 Mechanisms for Reliable Transport
Packet Corruption  Acks/Nacks
 Ack corruption  Sequence #s
 Loss  Timeouts

 Pipelining
 Go-Back-N: cumulative acks, no rxr buffering
 Selective Repeat: individual acks, rxr buffering
• Must be careful that rxrWindow <= max seq no / 2
Introduction
1-22
Pipelining: increased utilization
sender
receiver
first packet bit transmitted, t = 0
last bit transmitted, t = L / R
first packet bit arrives
last packet bit arrives, send ACK
last bit of 2nd packet arrives, send ACK
last bit of 3rd packet arrives, send ACK
RTT
ACK arrives, send next
packet, t = RTT + L / R
Increase utilization
by a factor of 3!
U
sender
=
3*L/R
RTT + L / R
=
.024
30.008
= 0.0008
microsecon
ds
Introduction
1-23
Go-Back-N
Sender:
 ACK(n): ACKs all pkts up to, including seq # n - “cumulative ACK”
may receive duplicate ACKs (see receiver)
 timer for each in-flight pkt
 timeout(n): retransmit pkt n and all higher seq # pkts in window

 k-bit seq # in pkt header
 “window” of up to N, consecutive unack’ed pkts allowed
Introduction
1-24
Selective repeat: sender, receiver windows
Introduction
1-25
TCP ACK generation
[RFC 1122, RFC 2581]
Event at Receiver
TCP Receiver action
Arrival of in-order segment with
expected seq #. All data up to
expected seq # already ACKed
Delayed ACK. Wait up to 500ms
for next segment. If no next segment,
send ACK
Arrival of in-order segment with
expected seq #. One other
segment has ACK pending
Immediately send single cumulative
ACK, ACKing both in-order segments
Arrival of out-of-order segment
higher-than-expect seq. # .
Gap detected
Buffer packet.
Immediately send duplicate ACK,
indicating seq. # of next expected byte
Arrival of segment that
partially or completely fills gap
Immediate send ACK, provided that
segment starts at lower end of gap
Introduction
1-26
TCP Flow control: how it works
 Rcvr advertises spare
(Suppose TCP receiver
discards out-of-order
segments)
 spare room in buffer
room by including value
of RcvWindow in
segments
 Sender limits unACKed
data to RcvWindow

guarantees receive
buffer doesn’t overflow
= RcvWindow
= RcvBuffer-[LastByteRcvd LastByteRead]
Introduction
1-27
Causes/costs of congestion: scenario 3
H
o
s
t
A
l
o
u
t
H
o
s
t
B
Another “cost” of congestion:
 when packet dropped, any “upstream transmission
capacity used for that packet was wasted!
Introduction
1-28
Conservative on Timeout
 After 3 dup ACKs:


CongWin is cut in half
window then grows
linearly
 But after timeout event:



CongWin instead set to
1 MSS;
window then grows
exponentially
to a threshold, then
grows linearly
Philosophy:
 3 dup ACKs indicates
network capable of
delivering some segments
 timeout indicates a “more
alarming” congestion scenario
Introduction
1-29
Summary: TCP Congestion Control
 When CongWin is below Threshold, sender in
slow-start phase, window grows exponentially.
 When CongWin is above Threshold, sender is in
congestion-avoidance phase, window grows linearly.
 When a triple duplicate ACK occurs, Threshold
set to CongWin/2 and CongWin set to
Threshold.
 When timeout occurs, Threshold set to
CongWin/2 and CongWin is set to 1 MSS.
Introduction
1-30
TCP sender congestion control
State
Event
TCP Sender Action
Commentary
Slow Start
(SS)
ACK receipt
for previously
unacked
data
CongWin = CongWin + MSS,
If (CongWin > Threshold)
set state to “Congestion
Avoidance”
Resulting in a doubling of
CongWin every RTT
Congestion
Avoidance
(CA)
ACK receipt
for previously
unacked
data
CongWin = CongWin+MSS *
(MSS/CongWin)
Additive increase, resulting
in increase of CongWin by
1 MSS every RTT
SS or CA
Loss event
detected by
triple
duplicate
ACK
Threshold = CongWin/2,
CongWin = Threshold,
Set state to “Congestion
Avoidance”
Fast recovery,
implementing multiplicative
decrease. CongWin will not
drop below 1 MSS.
SS or CA
Timeout
Threshold = CongWin/2,
CongWin = 1 MSS,
Set state to “Slow Start”
Enter slow start
SS or CA
Duplicate
ACK
Increment duplicate ACK count
for segment being acked
CongWin and Threshold not
changed
Introduction
1-31
Why is TCP fair?
Two competing sessions:
 Additive increase gives slope of 1, as throughout increases
 multiplicative decrease decreases throughput proportionally
R
equal bandwidth share
loss: decrease window by factor of 2
congestion avoidance: additive increase
loss: decrease window by factor of 2
congestion avoidance: additive increase
Connection 1 throughput R
Introduction
1-32
Fixed congestion window (2)
Second case:
 WS/R < RTT + S/R: wait
for ACK after sending
window’s worth of data
sent
delay = 2RTT + O/R
+ (K-1)[S/R + RTT - WS/R]
 K is number of windows
that cover the object
 For fixed W

K=O/(WS)
Introduction
1-33
TCP Delay Modeling (3)
S
 RTT  time from when server starts to send segment
R
until server receives acknowledg ement
initiate TCP
connection
2k 1
S
 time to transmit the kth window
R

request
object
S
k 1 S 

RTT

2
 idle time after the kth window
 R
R 
first window
= S/R
RTT
second window
= 2S/R
third window
= 4S/R
P
O
delay   2 RTT   idleTime p
R
p 1
P
O
S
S
  2 RTT   [  RTT  2 k 1 ]
R
R
k 1 R
O
S
S
  2 RTT  P[ RTT  ]  (2 P  1)
R
R
R
fourth window
= 8S/R
complete
transmission
object
delivered
time at
client
time at
server
Introduction
1-34
Chapter 4: Network Layer
Introduction
1-35
Virtual circuits: signaling protocols
 used to setup, maintain teardown VC
 used in ATM, frame-relay, X.25
 not used in today’s Internet
application
transport 5. Data flow begins
network 4. Call connected
data link 1. Initiate call
physical
6. Receive data application
3. Accept call transport
2. incoming call network
data link
physical
Introduction
1-36
Datagram networks
 no call setup or network-level concept of
“connection”
 packets forwarded using destination host address

packets between same source-dest pair may take
different paths
application
transport
network
data link 1. Send data
physical
application
transport
2. Receive data network
data link
physical
Introduction
1-37
Comparison
 Circuit Switching
Dedicated resources  guarantees
  wasted resource
  setup delays

 Packet Switching
On-demand resources  no guarantees
  congestion
  store and forward delays

Introduction
1-38
Four sources of packet delay
 1. nodal processing:
 check bit errors
 determine output link
 2. queueing
 time waiting at output
link for transmission
 depends on congestion
level of router
A
B
nodal
processing
queueing
Introduction
1-39
Delay in packet-switched networks
3. Transmission delay:
 R=link bandwidth (bps)
 L=packet length (bits)
 time to send bits into
link = L/R
transmission
A
4. Propagation delay:
 d = length of physical link
 s = propagation speed in
medium (~2x108 m/sec)
 propagation delay = d/s
Note: s and R are very
different quantities!
propagation
B
nodal
processing
queueing
Introduction
1-40
How does loss occur?
 packet arrival rate to link exceeds output link capacity
 Queue grows
 When no more space in queue, packets are lost
 lost packet may be retransmitted by previous node, by
source end system, or not retransmitted at all
A
B
packets queueing (delay)
free (available) buffers: arriving packets
dropped (loss) if no free buffers
Introduction
1-41
Input Port Queuing
 Fabric slower than input ports combined -> queueing
may occur at input queues
 Head-of-the-Line (HOL) blocking: queued datagram
at front of queue prevents others in queue from
moving forward
 queueing delay and loss due to input buffer
overflow!
Introduction
1-42
Output port queueing
 buffering when arrival rate via switch exceeds
output line speed
 queueing (delay) and loss due to output port
buffer overflow!
Introduction
1-43
IP addressing: CIDR
CIDR: Classless InterDomain Routing
subnet portion of address of arbitrary length
 address format: a.b.c.d/x, where x is # bits in
subnet portion of address

subnet
part
host
part
11001000 00010111 00010000 00000000
200.23.16.0/23
Introduction
1-44
Hierarchical addressing: route aggregation
Hierarchical addressing allows efficient advertisement of routing
information:
Organization 0
200.23.16.0/23
Organization 1
200.23.18.0/23
Organization 2
200.23.20.0/23
Organization 7
.
.
.
.
.
.
Fly-By-Night-ISP
“Send me anything
with addresses
beginning
200.23.16.0/20”
Internet
200.23.30.0/23
ISPs-R-Us
“Send me anything
with addresses
beginning
199.31.0.0/16”
Introduction
1-45
NAT: Network Address Translation
2: NAT router
changes datagram
source addr from
10.0.0.1, 3345 to
138.76.29.7, 5001,
updates table
2
NAT translation table
WAN side addr
LAN side addr
1: host 10.0.0.1
sends datagram to
128.119.40.186, 80
138.76.29.7, 5001 10.0.0.1, 3345
……
……
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
S: 138.76.29.7, 5001
D: 128.119.40.186, 80
138.76.29.7
S: 128.119.40.186, 80
D: 138.76.29.7, 5001
3: Reply arrives
dest. address:
138.76.29.7, 5001
3
1
10.0.0.1
10.0.0.4
S: 128.119.40.186, 80
D: 10.0.0.1, 3345
10.0.0.2
4
10.0.0.3
4: NAT router
changes datagram
dest addr from
138.76.29.7, 5001 to 10.0.0.1, 3345
Introduction
1-46
Tunneling
Logical view:
Physical view:
A
B
IPv6
IPv6
A
B
C
IPv6
IPv6
IPv4
Flow: X
Src: A
Dest: F
data
A-to-B:
IPv6
E
F
IPv6
IPv6
D
E
F
IPv4
IPv6
IPv6
tunnel
Src:B
Dest: E
Src:B
Dest: E
Flow: X
Src: A
Dest: F
Flow: X
Src: A
Dest: F
data
data
B-to-C:
IPv6 inside
IPv4
B-to-C:
IPv6 inside
IPv4
Flow: X
Src: A
Dest: F
data
E-to-F:
IPv6
Introduction
1-47
Interplay between routing and forwarding
routing algorithm
local forwarding table
header value output link
0100
0101
0111
1001
3
2
2
1
value in arriving
packet’s header
0111
1
3 2
Introduction
1-48
Dijkstra’s algorithm
Step
0
1
2
3
4
5
N'
u
ux
uxy
uxyv
uxyvw
uxyvwz
D(v),p(v) D(w),p(w)
2,u
5,u
2,u
4,x
2,u
3,y
3,y
D(x),p(x)
1,u
2
u
2
1
x
D(z),p(z)
∞
∞
4,y
4,y
4,y
How to convert this
into a routing table?
5
v
D(y),p(y)
∞
2,x
3
w
3
1
5
z
1
y
2
Introduction
1-49
Dijkstra’s algorithm, discussion
Oscillations possible:
 e.g., link cost = amount of carried traffic
D
1
1
0
A
0 0
C
e
1+e
e
initially
B
1
2+e
A
0
D 1+e 1 B
0
0
C
… recompute
routing
0
D
1
A
0 0
C
2+e
B
1+e
… recompute
2+e
A
0
D 1+e 1 B
e
0
C
… recompute
Human Analogy?
Introduction
1-50
node x table
cost to
x y z
x ∞∞ ∞
y ∞∞ ∞
z 71 0
from
from
from
from
x 0 2 7
y 2 0 1
z 7 1 0
cost to
x y z
x 0 2 7
y 2 0 1
z 3 1 0
x 0 2 3
y 2 0 1
z 3 1 0
cost to
x y z
x 0 2 3
y 2 0 1
z 3 1 0
x
2
y
1
7
z
cost to
x y z
from
from
from
x ∞ ∞ ∞
y 2 0 1
z ∞∞ ∞
node z table
cost to
x y z
x 0 2 3
y 2 0 1
z 7 1 0
cost to
x y z
cost to
x y z
from
from
x 0 2 7
y ∞∞ ∞
z ∞∞ ∞
node y table
cost to
x y z
cost to
x y z
x 0 2 3
y 2 0 1
z 3 1 0
time
Introduction
1-51
Puzzle: link goes bad
x 0 4 5
y 4 0 1
z 5 1 0
x 0 4 5
y 6 0 1
z 5 1 0
x 0 4 5
y 6 0 1
z 7 1 0
from
x y z
cost to
x y z
cost to
x y z
x 0 4 5
y 6 0 1
z 5 1 0
x 0 4 5
y 8 0 1
z 7 1 0
from
from
x y z
cost to
x y z
cost to
x y z
x 0 4 5
y 6 0 1
z 7 1 0
x 0 4 5
y 4 0 1
z 7 1 0
from
from
from
x 0 4 5
y 6
4 0 1
z 5 1 0
node z table
cost to
x y z
from
from
x 0 4 5
y 4 0 1
z 5 1 0
node y table
cost to
x y z
from
node x table
cost to
x y z
How many iterations
until convegence?
60
x
4
y
50
Introduction
1
z
1-52
Comparison of LS and DV algorithms
Message complexity
 LS: with n nodes, E links,
O(nE) msgs sent
 DV: exchange between
neighbors only
 convergence time varies
Speed of Convergence
 LS: O(n2) algorithm requires
O(nE) msgs
 may have oscillations
 DV: convergence time varies
 may be routing loops
 count-to-infinity problem
Robustness: what happens
if router malfunctions?
LS:


node can advertise
incorrect link cost
each node computes only
its own table
DV:


DV node can advertise
incorrect path cost
each node’s table used by
others
• error propagate thru
network
Introduction
1-53
Example: Choosing among multiple ASes
 Now suppose AS1 learns from the inter-AS protocol
that subnet x is reachable from AS3 and from AS2.
 To configure forwarding table, router 1d must
determine towards which gateway it should forward
packets for dest x.
 This is also the job on inter-AS routing protocol!
3c
3a
3b
AS3
1a
2a
1c
1d
1b
2c
AS2
2b
AS1
Introduction
1-54
Example: Choosing among multiple ASes
 Now suppose AS1 learns from the inter-AS protocol
that subnet x is reachable from AS3 and from AS2.
 To configure forwarding table, router 1d must
determine towards which gateway it should forward
packets for dest x.
 This is also the job on inter-AS routing protocol!
 Hot potato routing: send packet towards closest of
two routers.
Learn from inter-AS
protocol that subnet
x is reachable via
multiple gateways
Use routing info
from intra-AS
protocol to determine
costs of least-cost
paths to each
of the gateways
Hot potato routing:
Choose the gateway
that has the
smallest least cost
Determine from
forwarding table the
interface I that leads
to least-cost gateway.
Enter (x,I) in
forwarding table
Introduction
1-55
Hierarchical OSPF
Introduction
1-56
BGP routing policy
legend:
B
W
provider
network
X
A
customer
network:
C
Y
Figure 4.5-BGPnew: a simple BGP scenario
 A,B,C are provider networks
 X,W,Y are customer (of provider networks)
 X is dual-homed: attached to two networks
X does not want to route from B via X to C
 .. so X will not advertise to B a route to C

Introduction
1-57
Chapter 5: link layer
Introduction
1-58
Parity Checking
Single Bit Parity:
Detect single bit errors
How Big for Perfect Detection?
Two Dimensional Bit Parity:
Detect and correct single bit errors
• Even parity: numbers of 1’s
is even
• Odd parity: number of 1’s
is odd
•Not robust to burst errors
0
0
Can we do error correction?
Introduction
1-59
CRC Example
R = remainder[
D.2r ]
G
Now, we transmit
< D, R > = < 101110, 011 >
Convince yourself that:
remainder[< D, R> / G ] = 0
Introduction
1-60
Channel Partitioning MAC protocols: TDMA
TDMA: time division multiple access
 access to channel in "rounds"
 each station gets fixed length slot (length = pkt
trans time) in each round
 unused slots go idle
 example: 6-station LAN, 1,3,4 have pkt, slots 2,5,6
idle
Human Analogy?
Introduction
1-61
Channel Partitioning MAC protocols: FDMA
FDMA: frequency division multiple access
 channel spectrum divided into frequency bands
 each station assigned fixed frequency band
 unused transmission time in frequency bands go idle
 example: 6-station LAN, 1,3,4 have pkt, frequency
Human Analogy?
frequency bands
bands 2,5,6 idle
Introduction
1-62
Random Access Protocols
 When node has packet to send
 transmit at full channel data rate R.
 no a priori coordination among nodes
 two or more transmitting nodes ➜ “collision”,
 random access MAC protocol specifies:
 how to detect collisions
 how to recover from collisions (e.g., via delayed
retransmissions)
Human Analogy?
 Examples of random access MAC protocols:
 slotted ALOHA
 ALOHA
 CSMA, CSMA/CD, CSMA/CA
Introduction
1-63
Slotted ALOHA
Pros
 single active node can
continuously transmit
at full rate of channel
 highly decentralized:
only slots in nodes
need to be in sync
 simple
Cons
 collisions, wasting slots
 idle slots
 nodes may be able to
detect collision in less
than time to transmit
packet
 clock synchronization
Introduction
1-64
Pure (unslotted) ALOHA
 unslotted Aloha: simpler, no synchronization
 when frame first arrives
 transmit immediately
 collision probability increases:
 frame sent at t0 collides with other frames sent in [t0-1,t0+1]
Introduction
1-65
Sharing the Medium
FDM or TDM make it easy
Send
But what about packet switching?
packet
1 234567
Ethernet protocol:
1. Listen
Collision
2. If channel is clear, send
3. If collision, back off a random time
cable headend
cable distribution
network (simplified)
home
Introduction
1-66
CSMA collisions
spatial layout of nodes
collisions can still occur:
propagation delay means
two nodes may not hear
each other’s transmission
collision:
entire packet transmission
time wasted
note:
role of distance & propagation
delay in determining collision
probability
Introduction
1-67
CSMA varieties
 CSMA/CD: After a collision, wait a random
period and transmit again
Collisions can be detected, so are cheap
 … be aggressive!

 CSMA/CA: wait a random period even
before transmitting the first packet
Collisions cannot be detected, and are
expensive
 … be conservative!

Introduction
1-68
“Taking Turns” MAC protocols
Token passing:
Polling:
 control token passed from
 master node
one node to next
“invites” slave nodes
sequentially.
to transmit in turn
 token message
 concerns:
 concerns:
 polling overhead


latency
single point of
failure (master)



token overhead
latency
single point of failure (token)
Introduction
1-69
 A creates datagram with source A, destination B
 A uses ARP to get R’s MAC address for 111.111.111.110
 A creates link-layer frame with R's MAC address as dest,





frame contains A-to-B IP datagram
A’s adapter sends frame
R’s adapter receives frame
R removes IP datagram from Ethernet frame, sees its
destined to B
R uses ARP to get B’s MAC address
R creates frame containing A-to-B IP datagram sends to B
A
R
B
Introduction
1-70
DHCP client-server scenario
DHCP server: 223.1.2.5
DHCP discover
arriving
client
src : 0.0.0.0, 68
dest.: 255.255.255.255,67
yiaddr: 0.0.0.0
transaction ID: 654
DHCP offer
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 654
Lifetime: 3600 secs
DHCP request
time
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67
yiaddrr: 223.1.2.4
transaction ID: 655
Lifetime: 3600 secs
DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 655
Lifetime: 3600 secs
Introduction
1-71
Institutional network
to external
network
mail server
web server
router
switch
IP subnet
hub
hub
hub
Introduction
1-72
Chapter 6: wireless
Introduction
1-73
Review
 No Collision Detection
Hidden Terminal
 Fading

C
A
B
A
B
C
C’s signal
strength
A’s signal
strength
space
Introduction
1-74
Review
 No Collision Detection
 Hidden Terminal
 Fading
 CDMA
Introduction
1-75
Review
 No Collision Detection
Hidden Terminal
 Fading
sender
receiver

 CDMA
 CSMA/CA
DIFS
data
SIFS
ACK
Introduction
1-76
Review
 No Collision Detection
Hidden Terminal
 Fading

A
 CDMA
 CSMA/CA
reservation
collision
 RTS/CTS
A
B
C
B
AP
D
DATA
(A)
defer
time
Introduction
1-77
Components of cellular network architecture
MSC
cell
 connects cells to wide area net
 manages call setup (more later!)
 handles mobility (more later!)
 covers geographical
region
 base station (BS)
analogous to 802.11 AP
 mobile users attach
to network through BS
 air-interface:
physical and link layer
protocol between
mobile and BS
Mobile
Switching
Center
Public telephone
network, and
Internet
Mobile
Switching
Center
wired network
Introduction
1-78
Mobility via Indirect Routing
foreign agent
receives packets,
forwards to mobile
home agent intercepts
packets, forwards to
foreign agent
home
network
visited
network
3
wide area
network
correspondent
addresses packets
using home address
of mobile
1
2
4
mobile replies
directly to
correspondent
Introduction
1-79
Mobility via Direct Routing
correspondent forwards
to foreign agent
foreign agent
receives packets,
forwards to mobile
home
network
4
wide area
network
2
correspondent
requests, receives
foreign address of
mobile
visited
network
1
3
4
mobile replies
directly to
correspondent
Introduction
1-80
Accommodating mobility with direct routing
 anchor foreign agent: FA in first visited network
 data always routed first to anchor FA
 when mobile moves: new FA arranges to have data
forwarded from old FA (chaining)
foreign net visited
at session start
wide area
network
anchor
foreign
agent
1
2
4
5
correspondent
agent
correspondent
3
new foreign
agent
new
foreign
network
Introduction
1-81
Mobile IP: indirect routing
foreign-agent-to-mobile packet
packet sent by home agent to foreign
agent: a packet within a packet
dest: 79.129.13.2
dest: 128.119.40.186
dest: 128.119.40.186
Permanent address:
128.119.40.186
dest: 128.119.40.186
Care-of address:
79.129.13.2
packet sent by
correspondent
Introduction
1-82
GSM: indirect routing to mobile
home
network
HLR
2
home MSC consults HLR,
gets roaming number of
mobile in visited network
correspondent
home
Mobile
Switching
Center
1
3
VLR
Mobile
Switching
Center
4
Public
switched
telephone
network
call routed
to home network
home MSC sets up 2nd leg of call
to MSC in visited network
mobile
user
visited
network
MSC in visited network completes
call through base station to mobile
Introduction
1-83
GSM: handoff with common MSC
VLR Mobile
Switching
Center 2
4
1
8
old BSS
5
7
3
6
new BSS
Handset constantly sends info about
neighboring cells back to BSS
1. old BSS informs MSC of impending
handoff, provides list of 1+ new BSSs
2. MSC sets up path (allocates resources)
to new BSS
3. new BSS allocates radio channel for
use by mobile
4. new BSS signals MSC, old BSS: ready
5. old BSS tells mobile: perform handoff to
new BSS
6. mobile, new BSS signal to activate new
channel
7. mobile signals via new BSS to MSC:
handoff complete. MSC reroutes call
8 MSC-old-BSS resourcesIntroduction
released 1-84
Chapter 8: Security
Introduction
1-85
Symmetric key cryptography
KA-B
KA-B
plaintext
message, m
encryption ciphertext
algorithm
K (m)
A-B
decryption plaintext
algorithm
m = K ( KA-B(m) )
A-B
symmetric key crypto: Bob and Alice share same
(symmetric) key: K
A-B
 e.g., key is knowing substitution pattern in mono
alphabetic substitution cipher
 Q: how do Bob and Alice agree on key value?
Introduction
1-86
Symmetric key
crypto: DES
DES operation
initial permutation
16 identical “rounds” of
function application,
each using different
48 bits of key
final permutation
Introduction
1-87
Public key cryptography
+ Bob’s public
B key
K
K
plaintext
message, m
encryption ciphertext
algorithm
+
K (m)
B
- Bob’s private
B key
decryption plaintext
algorithm message
+
m = K B(K (m))
B
Introduction
1-88
RSA: How?
m = (m e mod n)
d
mod n
Useful number theory result: If p,q prime and
n = pq, then:
y
y mod (p-1)(q-1)
x mod n = x
mod n
e
(m mod n) d mod n = medmod n
= m
ed mod (p-1)(q-1)
mod n
(using number theory result above)
1
= m mod n
(So we choose ed to be divisible by
(p-1)(q-1) with remainder 1 )
= m
Introduction
1-89
Authentication: another try
Protocol ap3.1: Alice says “I am Alice” and sends her
encrypted secret password to “prove” it.
Alice’s encrypted
“I’m Alice”
IP addr password
Alice’s
IP addr
OK
record
and
playback
still works!
Alice’s encrypted
“I’m Alice”
IP addr password
Introduction
1-90
Authentication: ap5.0
ap4.0 requires shared symmetric key
 can we authenticate using public key techniques?
ap5.0: use nonce, public key cryptography
“I am Alice”
R
Bob computes
+ -
-
K A (R)
“send me your public key”
+
KA
KA(KA (R)) = R
and knows only Alice
could have the private
key, that encrypted R
such that
+ K (K (R)) = R
A A
Introduction
1-91
ap5.0: security hole
Man (woman) in the middle attack: Trudy poses as
Alice (to Bob) and as Bob (to Alice)
I am Alice
R
I am Alice
R
K (R)
T
K (R)
A
Send me your public key
+
K
T
Send me your public key
+
K
A
- +
m = K (K (m))
A A
+
K (m)
A
Trudy gets
- +
m = K (K (m))
T Alice
sends T
m to
+
K (m)
T
encrypted with
Alice’s public key
Introduction
1-92
Digital signature = signed message digest
Alice verifies signature and
integrity of digitally signed
message:
Bob sends digitally signed
message:
large
message
m
H: Hash
function
Bob’s
private
key
+
-
KB
encrypted
msg digest
H(m)
digital
signature
(encrypt)
encrypted
msg digest
KB(H(m))
large
message
m
H: Hash
function
KB(H(m))
Bob’s
public
key
+
KB
digital
signature
(decrypt)
H(m)
H(m)
equal
?
Introduction
1-93
Key Distribution Center (KDC)
Q: How does KDC allow Bob, Alice to determine shared
symmetric secret key to communicate with each other?
KDC
generates
R1
KA-KDC(A,B)
Alice
knows
R1
KA-KDC(R1, KB-KDC(A,R1) )
KB-KDC(A,R1)
Bob knows to
use R1 to
communicate
with Alice
Alice and Bob communicate: using R1 as
session key for shared symmetric encryption
Introduction
1-94
Certification Authorities
 Certification authority (CA): binds public key to
particular entity, E.
 E (person, router) registers its public key with CA.



E provides “proof of identity” to CA.
CA creates certificate binding E to its public key.
certificate containing E’s public key digitally signed by CA
– CA says “this is E’s public key”
Bob’s
public
key
Bob’s
identifying
information
+
KB
digital
signature
(encrypt)
CA
private
key
K-
CA
+
KB
certificate for
Bob’s public key,
signed by CA
Introduction
1-95
Certification Authorities
 When Alice wants Bob’s public key:
gets Bob’s certificate (Bob or elsewhere).
 apply CA’s public key to Bob’s certificate, get
Bob’s public key

+
KB
digital
signature
(decrypt)
CA
public
key
Bob’s
public
+
key
KB
+
K CA
Introduction
1-96
Secure e-mail (continued)
• Alice wants to provide secrecy, sender authentication,
message integrity.
-
KA
m
.
H( )
-
.
KA( )
-
KA(H(m))
+
KS
.
KS( )
+
m
KS
+
.
K B( )
+
Internet
+
KB(KS )
KB
Alice uses three keys: her private key, Bob’s public
key, newly created symmetric key
Introduction
1-97