* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Protocols & the TCP/IP Suite
Survey
Document related concepts
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Computer network wikipedia , lookup
Remote Desktop Services wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Deep packet inspection wikipedia , lookup
TCP congestion control wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Quality of service wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Chapter 3 – Protocols & the TCP/IP Suite Class 1 1 Protocols & the TCP/IP Suite The Need for a Protocol Architecture Communication between a set of networked systems can involve a very complex set of procedures Example tasks for file transfer: – – – – – Communication link setup Ensure the receiver is ready to accept data Make sure the file management application at the receiver is prepared to receive and store the file Do file translation if necessary Confirm delivery & check for errors Networking protocols use the concept of modularity well known in the software development arena 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 2 Protocols & the TCP/IP Suite The Need for a Protocol Architecture In Networking protocol architectures, the modules are arranged in a vertical stack – – – Each layer performs a distinct & essential set of tasks; more ‘primitive’ tasks are usually found in lower layers (‘closer’ to the transmission medium) Layers should be defined so changes in one layer do not necessitate changes in the other layers It takes at least two systems to communicate across a network and each of these systems need the same layers The peer layers on each system communicate with each other; the set of rules governing it is known as a protocol – Syntax Semantics – Timing – 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 3 Protocols & the TCP/IP Suite The TCP/IP Protocol Architecture The TCP/IP protocol suite is a large collection of public standards approved by the IAB (IETF) and used as the foundation for the Internet and similar private networks Communication across a network using TCP/IP protocols involves two general steps: – – Getting the data across the network to the destination systems Getting the data within the destination system to the right application Because of layering & the general steps above, the TCP/IP protocol suite was designed with five layers (lowest to highest): – Physical Layer: the physical interface between the network and the attached system; covers the nature of the data signals, characteristics of the transmission medium, the data rate, etc. 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 4 Protocols & the TCP/IP Suite The TCP/IP Layers Network Access Layer: specifies how data is exchanged between the attached system and the network; will include addressing, framing, and other features such as prioritization – – Details of this layer depends on the physical layer; separating this layer from higher layer functions allows higher layers to be used over a wide range of network technologies Concerned with delivering data across a single network only Internet Layer: specifies how data can be routed across multiple networks – – – All devices across an internet must share a common internetworking layer to relay the data Routers are the devices responsible for relaying data in an internet A global address space is an essential feature of this layer 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 5 Protocols & the TCP/IP Suite The TCP/IP Layers Transport Layer: specifies a set of end-to-end services usually common to a number of applications communicating across an internet (error-free, sequenced data delivery, etc.) – – – Currently there are two transport layer specifications in the TCP/IP suite: the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) TCP provides a reliable connection-oriented transport service UDP provides a low overhead transport service with no payload error checking, flow control, or sequencing Application Layer: specifies the functionality of the application itself (file transfer, remote terminal access, etc.) 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 6 Protocols & the TCP/IP Suite The Operation of TCP & IP For successful communication across an internet, each system must have at least one globally unique address Also, each host process needs a locally unique address An example TCP/IP based data transfer [Figure 3.1] 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 7 Protocols & the TCP/IP Suite The Operation of TCP & IP The key to operation of the protocol stack is encapsulation 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 8 Protocols & the TCP/IP Suite Examples of TCP/IP Applications Electronic Mail relies on the Simple Mail Transfer Protocol (SMTP) – this covers the addressing and delivery of messages; other standards cover e-mail message format File Transfer functionality relies on the File Transfer Protocol (FTP), which provides an authenticated means for accessing and transferring files to and from a remote system Remote Terminal Access functionality relies on the TELNET protocol; it emulates a variety a hardwired terminals over a network connection Other important TCP/IP Applications include the World Wide Web (HTTP or the Hypertext Transfer Protocol), Network News (NNTP or the Network News Transfer Protocol), and Directory Services (LDAP or the Lightweight Directory Access Protocol) 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 9 •NV Monitoring of UDP Ports for Applications (NetView to monitor the different UDP ports for applications) •TFTP Trivial File Transfer Protocol, a simple form of ftp, with most of the security and advanced commands stripped off, used for diskless workstations, router configuration data, and any device that boots up, and requires information it cannot store permanently. As such it presents a rather large security hole, just imagine if someone were to connect to your tftp server and grab the boot file for your main Cisco router. 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 10 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 11 Protocols & the TCP/IP Suite The OSI Protocol Architecture The ISO (an international standards body) has also developed a network protocol reference standard called the OSI model While useful to know and important in the context of some international networks, the OSI model has not flourished for two primary reasons: – – The TCP/IP have matured and equipment using these protocols were widely adopted before the OSI model was finished The OSI model and standards developed using it tend to be very complex, making them harder to implement and operate 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 12 Protocols & the TCP/IP Suite The OSI Protocol Architecture The OSI model consists of seven layers (from bottom up): – – – – – – – Physical: concerned with the transmission and signaling across the physical media (same as TCP/IP model) Data Link: provides reliable transfer on a physical link by formatting data in frames; providing timing, error, & flow control Network: provides a universal switching/routing layer to insulate upper layers from differing data link & physical layers Transport: provides reliable, transparent end-to-end delivery of data; may also provide end-to-end error recovery & flow control Session: establishes, manages, and terminates connections between communicating applications Presentation: specifies how data should be represented between communicating applications Application: provides user access to networked resources through a specific functional program 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 13 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 14 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 15 Protocols & the TCP/IP Suite Internetworking It is very common for an organization to have different varieties of LANs as well as geographically dispersed networks A quick review of Internetworking Terms – – – – – – – Communication Network Internet (internet) Intranet End System Intermediate System Bridge Router 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 16 Protocols & the TCP/IP Suite Routers Routers are key pieces of equipment that allow internetworking across dissimilar networks Essential functions for a router: – – – Provide links between physically distinct (and heterogeneous) networks Decide when and where to forward packets to attached networks Provide these functions in such a way that no modifications are required to the attached networks Networking issues routers must deal with: – – – – Layer 2 Addressing Schemes Maximum Packet sizes Interfaces Reliability 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 17 Protocols & the TCP/IP Suite An Internetworking Example [Figure 3.5] 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 18 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 19 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 20 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 21 Overall Path for Outgoing Packets 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 22 Overall Path for Incoming Packets 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 23 Protocols & the TCP/IP Suite Appendix: IP, TCP, and UDP IP version 4 (IPv4) – – – – – – – – – – – – – – – The current version of the network layer protocol used in the Internet IPv4 header fields: Version (4 bit) currently 4 Internet Header length (4 bits) 0101x 32 bits Type of service (8 bits): priority infor. to routers Total length (16 bits) IP packet in byte Indentification (16 bits) unique identifier Flags (3 bits): (1) “more bit” for fragments, (2) “don’t fragment”, (3) not used. Fragment offset (13 bits) offset in original packet of this packet. Time to live (8 bits) life time in Internet Protocol (8 bits): indicates next higher level protocol to receive packet Header checksum (16 bits) error detection done by routers Source address and Destination (32 bits) specifies network and end system. Option: security, record routing, and time-stamping. Padding: ensure header is multiple of 32 bit. 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 24 Protocols & the TCP/IP Suite Appendix: IP version 6 (IPv6) Next generation version promises a number of improvements: – – – HUGE address space, with support for a many addressing schemes Different header structure and options to speed processing Built-in Quality of Service and security functionality IPv6 Header fields: 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 25 Protocols & the TCP/IP Suite Appendix: the Transmission Control Protocol (TCP) Provides a sophisticated connection-oriented transport service to networked applications on an IP network TCP provides reliable and sequenced streaming delivery of application-layer data TCP Header fields: 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 26 Protocols & the TCP/IP Suite Appendix: the User Datagram Protocol (UDP) Provides a basic low-overhead connectionless transport service to networked applications on an IP network UDP provides unreliable delivery of application-layer data in which delivery or duplication of data is not guaranteed UDP is good for applications that provide their own enhanced delivery services as well as multicast and streaming applications UDP Header fields: 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 27 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 28 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 29 Memory-Memory Copies Protocol processing overhead: – – Example: delay due to memory-memory copy – – – – Copy message from one layer to the next using e.g., memcpy() Often involves context switching: copying between user and kernel space Assume Data rate of 600Mbps=73MBps Assume 16MHz memory bus that is 16 bits wide 32MBps For a 1 MB message, one copy takes 1/32 sec max data rate 32MBps Two copies take 1/32 sec + 1/32 sec = 1/16 sec max data rate 16MBps Example: effective BW – – – – – Itanium 4 bus allows 1 GB/s bandwidth Each copy between layers takes a read and a write A message of 1 KB takes 2 msec effective BW = 500 MB/s Two copies of 1 KB takes 4 msec effective BW = 250 MB/s Four copies of 1 KB takes 8 msec effective BW = 125 MB/s 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 30 Berkeley Sockets A real implementation of transport layer primitives – – Implemented in BSD Unix Part of TCP implementation in TCP/IP stack Socket primitives for TCP – – – SOCKET: Creates new communication end point BIND: Attaches a local address to a socket LISTEN: Announce willingness to accept connections – ACCEPT: – – – – non-blocking call Blocks the caller until a connection attempt arrives Blocking call Server creates a new socket when connection request TPDU arrives and forks another process to handle subsequent requests CONNECT: Establishes a connection SEND: Send data over the connection RECEIVE: Receive data from the connection CLOSE: Release connection 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 31 BSD Sockets Example: Receiver Side /* Simple socket program: receiver side #include <iostream.h> #include <stdlib.h> #include <stdio.h> #include <stream.h> #include <ctype.h> #include <unistd.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h> #include <sys/time.h> */ void main ( int argc, char *argv[] ) { int sk ; // socket descriptor sockaddr_in remote ; // socket address for remote sockaddr_in local ; // socket address for us char buf[80] ; // buffer from remote int rlen = sizeof(remote);// length of remote address int len = sizeof(local); // length of local address int mesglen ; // actual length of message 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 32 // create the socket sk = socket(AF_INET,SOCK_DGRAM,0) ; // set up the socket local.sin_family = AF_INET ; // internet family local.sin_addr.s_addr = INADDR_ANY ; // wild card machine address local.sin_port = 0; // let system choose the port // bind the name (address) to a port bind(sk,(struct sockaddr *)&local,sizeof(local)) ; // get the port name and print it out getsockname(sk,(struct sockaddr *)&local,&len) ; cout << "socket has port " << local.sin_port << "\n" ; mesglen = recvfrom(sk,buf,80,0,(struct sockaddr *)&remote,&rlen); cout << buf << " len: " << mesglen << endl; /* close the socket */ close(sk); } 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 33 BSD Sockets Example: Sender Side /* A simple sockets program ... sender side */ #include <iostream.h> #include <stdio.h> #include <stream.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h> #include <fcntl.h> #include <errno.h> #include <sys/ipc.h> #include <sys/time.h> void main ( int argc, char *argv[] ) { int sockaddr_in side hostent int message sk ; remote ; // socket descriptor // socket address *hp ; // address of remote mesglen ; // actual length of // for remote // host // the char buf[80]; 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 34 BSD Sockets Example: Sender Side // create the socket sk = socket(AF_INET,SOCK_DGRAM,0) ; // designate the addressing family remote.sin_family = AF_INET ; // get the address of the remote host and store hp = gethostbyname(argv[1]) ; memcpy(&remote.sin_addr,hp->h_addr,hp->h_length) ; // get the port used on the remote side and store remote.sin_port = atoi(argv[2]) ; cout << "Enter the info to transmit: "; cin.getline( buf, 80); mesglen = strlen(buf)+ 1; cout << buf << " len: " << mesglen << endl; sendto(sk,buf,mesglen,0,(struct sockaddr *)&remote, sizeof(remote)) ; close(sk); } 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 35 BSD Sockets Example Compile and execute the two programs – Save these programs on a Unix machine as recv.cc and send.cc – Compile and link them: E.g., on a Solaris workstation use: gcc –o recv recv.cc –lsocket –lnsl and gcc –o send send.cc –lsocket –lnsl – – You’ll get two executables: recv and send Execute them on two different workstations: E.g., recv on one workstation and send on another using rlogin to that workstation Try the connection-oriented case now – – – Use SOCK_STREAM instead of SOCK_DGRAM in socket() call Use listen() and accept() calls Also try spawning a new receiver after accept() to handle multiple clients 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 36 Network supports process-to-process channels; e.g., Latency = Propagation + Transmit + Queue Propagation = Distance / SpeedOfLight 3.0 x 108 meters/second in a vacuum 2.3 x 108 meters/second in a cable 2.0 x 108 meters/second in a fiber Transmit = Size / Bandwidth Request/Reply: for file access and digital libraries • Message Stream: for video applications – video: sequence of frames – resolution:1/4 TV-size image = 352 x 240 pixels; – 24-bit color: frame=(352 x 240 x 24)/8 = 247.5KB; – frame rate: 30 fps = 7500KBps = 60Mbps – video on-demand versus video-conferencing 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 37 DNS Hierarchical. Dot used as a separator. Right-most component is the top-most domain. Top-level domains: .edu, .gov, .mil, .com, .arpa, .org, .net, plus the country domains (.uk, .de, .no, .il, etc...), and the.us hierarchy. New TLDs include .info, .biz, .name, … FQDN: frobozzica.merit.edu vs. relative name frobozzica (relative to a default domain, in this case merit.edu). The reverse mapping from IP addresses to host names is performed under the auspices of the IN-ADDR.ARPA pseudo-domain. – 100.61.108.198.IN-ADDR.ARPA 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 38 DNS - Resolver DNS - Resolver The DNS resolver (client library) generates queries for domain name information sent to a name server. Completely separate from the name server function. Configured via /etc/resolv.conf domain merit.edu search org.merit.edu, itss.umich.edu nameserver 127.0.0.1 nameserver 198.108.1.42 DNS - Server Answers DNS queries sent by resolvers. Listens at UDP and TCP port 53 – – UDP used for routine queries TCP used for zone transfers A zone is part of the name space (merit.edu) delegated to a single server. A domain is also part of the name space, but it may cover several zones (e.g., umich.edu covers engin.umich.edu, eecs.umich.edu). 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 39 DNS - Server Configurations – – – Caching-only: relies on other name servers for authoritative answers Primary: Contains the writeable authoritative copy for the zones that it is primary for Secondary: Contains a mirror copy of the data from a primary name server. No updates take place here; used to provide redundancy 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 40 DNS - Operation what is the IP address of www.merit.edu? local DNS sends query to DNS @ merit.edu, www.merit.edu? local DNS sends query to root DNS server DNS @ merit.edu returns IP address of www.merit.edu 198.108.1.48 to local DNS root DNS server returns IP address of DNS server at merit.edu local DNS returns answer to resolver, www.merit.edu is 198.108.1.48 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 41 Distributed Switching and Routing Architecture Control Module Slot 1 Main Memory 10BseT DUART R5000 Line Card Slot 2 Flash Card EE Prom Line Card Slot 3 Line Card Slot 4 PHY PHY PHY L2 L2 L2 L3 L3 L3 Switching Fabric L3 L3 L3 L3 L2 L2 L2 L2 PHY PHY PHY PHY Slot 5 635.412 Spring 2005 Line Card Slot 6 Line Card Slot 7 Line Card Class 1: Introduction to LANs & WANs Slot 8 Line Card Distributed Input/Output Processing Input Processing L2 Database L3/L4 Database Priority 635.412 Spring 2005 Encaps & Queuing Accounting Filters Accounting Crossbar Filters Class 1: Introduction to LANs & WANs Demux Priority Arbiter Bridge or Route Output Processing Encaps QoS Flow & Table Management CPU Module First Packet Bridging VLANs Routing Access Control QoS Policy RMON/ RMON2 Input Processing L2 Database Output Processing Priority Accounting L3/L4 Database Priority Accounting Encaps & Queuing Filters Crossbar Demux Bridge or Route Arbiter Subsequent Packets Encaps QoS Filters Flow classification and distribution is better than 25,000 flows per second 635.412 Spring 2005 Class 1: Introduction to LANs & WANs Crossbar 2.0 Gbps per channel (SSR8000/8600) 4 priority queues per input and output channel Packet switching Overspeed Overflow at output buffers Avoid Head Of Line - look 4 deep per queue Multicast packets replicated in hardware 635.412 Spring 2005 Class 1: Introduction to LANs & WANs Multicast Support Switch Fabric Output Module Input Module Output Module QoS ensures priority Output Module Standards based Multicast support – IGMP v2 (seamless integration with workstations/servers) – DVMRP v3 – PIM-DM, PIM-SM Efficient packet replication via switch fabric Expanding Ring TTL Support ACLs screen out hosts which attempt to join certain multicast groups 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 46 QoS - Packet Classification (Four Classes of Service) Switch Fabric ASIC based Layer-3/4 Packet Classifier Line Speed Gigabit Input Streams Buffer Queues Control Priority Layer-3: Layer-4 flows mapped to CoS High Priority Layer-2: 802.1p priority mapped to CoS Medium Priority Low Priority 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 47 QoS - Multiple Prioritization Schemes Dual MAC Buffer Queues Switch Fabric Weighted Fair Queuing (ex. 25% per queue) ASIC based Packet Encapsulating Engine Line Speed 100 Mbps Streams Buffer Queues Strict Priority Queuing Control Priority High Priority Layer-3: TOS/DiffServ Packet Marking Medium Priority Layer-2: 802.1p Packet Marking Low Priority 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 48 Per Flow Committed Access Rate (CAR) (Rate Limiting) Excess bandwidth discarded Buffer Queues HTTP Flow H H e FTP Flow F H H F eMail Flow HTTP Flow H H F e H H FTP Flow F H H H F H H H H H H ASIC Layer-3/4 Packet Classifier F H Switch Fabric F F F e Buffer Queues H H H H H H F F F eMail Flow H e CAR can be performed on - per port - per flow(s) - per application(s) - per host(s) in kilobits per second 635.412 Spring 2005 Excess Bandwidth reprioritized to a lower priority Class 1: Introduction to LANs & WANs Control Priority High Priority Medium Priority Low Priority 49 Random Early Detection (RED) Drop All Queue Depth Avg. Queue Depth Drop Probability Maximum Threshold Maximizes throughput under congestive conditions Provides fair bandwidth reduction between host connections thru implicit notification (dropped packets) Works for TCP only, use CAR for UDP Intelligently differentiates between transient bursts and excessive offered load Avoids TCP slow start oscillations Reduces overall nodal latency Minimum Threshold Time Weighted RED (WRED) is RED policies per Queue 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 50 Key Redundancy Features Fully hot swappable with redundant Control Modules and Switch Fabrics 5509 Aggregate links with SmartTRUNK Fully Interoperable with Cisco’s Fast Etherchannel and other Server trunking protocols Any number of links can be aggregated (ex. 7 Gig Ethernet links = 14 Gbps BW) Mix and match link speeds for incremental bandwidth Superior balancing based on flows rather than MAC address Can balance flows using “round robin” or link utilization algorithms VRRP Standby Router VRRP (Virtual Router Redundancy Protocol) protects clients using default gateways Equal Cost Multipath OSPF can multiply the effective bandwidth over 4 paths 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 51 Web Hosting with Gigabit Ethernet Server Array Load-balancing based on Layer 4 Application traffic: round robin, server utilization, server availability Transparent Web Caching: Redirect HTTP requests to a Web cache server Jumbo Frame Support with hardware IP Fragmentation support to lower MTU interfaces (“Don’t Fragment” bit not set) Large Packet Buffering to insure zero packet loss under any conditions Add a F5 Labs BIGip Server Array controller for added load balancing functionality Layer-4 Quality of Service and Access Control Lists plus support for Diff-serv Full RMON I & RMON II Supported along with LFAP for Accounting 635.412 Spring 2005 Class 1: Introduction to LANs & WANs 52