A Whirlwind Introduction to the Internet

CS312 Spring 2009 Overview

Internet Concepts
‹ What’s the Internet
» What’s a protocol? local ISP
Lecture 03 ‹ Network structure
Intro to the Internet – part B » Network edge
regional ISP
» Access networks and physical media
Thursday, January 22nd 2009
» Network core
‹ Performance: loss and delay
Christopher Boyle
‹ Protocol layering
Department of Computer Science
‹ Networks under attack! company
Old Dominion University network
cboyle@cs.odu.edu

CS312 - Internet Concepts Old Dominion University Spring 2009 1 2

Understanding the Performance of the Internet Understanding the Performance of the Internet
Delay in packet-switched networks Delay in packet-switched networks
transmission transmission
A propagation A propagation

B B
nodal queuing nodal queuing
processing processing
Beware: s and R are very
‹ Packets experience variable delays along the path from source to
destination dnodal = dproc + dqueue + dtrans + dprop different quantities!
‹ Four sources of delay at each hop
» Nodal processing: ‹ Transmission delay = time ‹ Propagation delay = d/s
™ Check for bit errors » Transmission » d = length of physical link
™ Determine the output interface to “put bits onto the link”
» s = signal propagation speed in
to forward packet on = L/R medium (~2x108 m/sec)
» Queuing: » Propagation
™ Time spent waiting at outbound interface for transmission » R = link bandwidth (bps)
™ Duration depends on the level of congestion at the interface » L = packet length (bits)
3 4
Transmission & Propagation Example Transmission & Propagation Example
Transmission on a “slow” link Transmission on a “fast” link
Time = 0 1,544,000 bps (T-1) 622,080,000 bps (OC-12)
1,000,000 193 bytes/ms Time = 0 77,760 bytes/ms
bytes to 1,000,000
send bytes to
30 ms propagation latency send
Time = 10 ms 30 ms propagation latency

998,070 1,930 bytes in the link Time = 10 ms 777,600 bytes in the link
bytes to 222,400
send bytes to
send
Time = 30 ms
5,790 bytes in the link
Tme = 30 ms 1,000,000 bytes in the link
994,210
bytes to 0
send bytes to send

Time = 5,181.4 ms Bandwidth-Delay Product (BDP) Time = 42.86 ms 0 bytes in the link
0 5,790 bytes in the link 994,210
bytes to bytes 0 1,000,000
send recv’d bytes to send bytes recv’d
5
Understanding the Performance of the Internet Understanding the Performance of the Internet
Delay in packet-switched networks Delay in packet-switched networks
transmission transmission
A propagation A propagation
Transmission delay = 120 Ps
Propagation delay = 10 Ps
Queuing delay = k x 120 Ps
B B Processing delay = 100 Ps
nodal queuing nodal queuing
processing processing

Whatisisk?
What k
k?
‹ Typical transmission delay: 120 Ps ‹ Typical processing delay: ‹ What dominates end-to-end delay?
» 1,500 byte packet on a 100 Mbps
Ethernet » ??
‹ Typical propagation delay: ‹ Note that processing, transmission, and queuing delays are
» ื 1 Ps on a small campus encountered at each hop
‹ Typical queuing delay: » End-to-end delay is largely a function of the number of routers
» ป 25 ms to the West coast
» ?? encountered along the path from source to destination

7 8
Questions Questions
‹ What is the transmission delay for a 2000-byte ‹ What are the four types of delay that are
packet over a 1 Mbps link? (potentially) encountered at every router/hop?
Which one may not be encountered?

‹ Where is the last bit of the packet after the

‹ What is the difference between transmission delay
transmission delay has passed? and propagation delay?

‹ What is the transmission delay for a 250,000-bit ‹ What two things affect the duration of queuing
packet over a 1 Mbps link? delay for a particular packet?

9 10
 Understanding the Performance of the Internet
Question Example: What was the delay from my house?

How long would it take a 5000-bit packet to travel from ‹ Virginia Beach (11 mile drive from campus,.... )
source to destination over the following network?

2.5 Mbps / 10 ms 10 Mbps / 20 ms 5 Mbps / 10 ms

11 12
Understanding the Performance of the Internet Understanding the Performance of the Internet
Example: What was the delay from a house 1 mile away? Example: What was the path from the same house?

‹A house in Larchmont (less than 1 mile from campus)

% ping fast.cs.odu.edu 1 home54g.larcmnt.home Home cable modem router
2 10.11.184.1 Cox Cable default router
Pinging fast.cs.odu.edu [128.82.4.4] with 32 bytes of data: 3 68.10.14.137
4 nrfkdsrj01-ge0705.rd.hr.cox.net Cox network - Hampton Roads
Reply from 128.82.4.4: bytes=32 time=30ms TTL=238 5 12.118.122.77 What’s this?
Reply from 128.82.4.4: bytes=32 time=40ms TTL=238 6 tbr1-p010401.wswdc.ip.att.net AT&T network - Rockville, MD
Reply from 128.82.4.4: bytes=32 time=28ms TTL=238
7 ar5-p3110.wswdc.ip.att.net
Reply from 128.82.4.4: bytes=32 time=32ms TTL=238
8 att-gw.dc.sprint.net AT&T Gateway - Sprint network - DC
Ping statistics for 128.82.4.4: 9 sl-st22-ash-15-0.sprintlink.net Sprint network - Ashburn, VA
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 10 sl-bb24-rly-8-0.sprintlink.net Sprint network - Relay, MD
Approximate round trip times in milli-seconds: 11 sl-gw21-rly-9-0.sprintlink.net
Minimum = 28ms, Maximum = 40ms, Average = 32ms 12 sl-vwan-9-0.sprintlink.net ODU’s Sprint default router
13 128.82.254.198 ODU’s campus router

13 14
Understanding the Performance of the Internet
Example: What was the path from my house?
Cox network - Hampton Roads
Cox - Ashburn, VA
Understanding the Performance of the Internet
Traceroute
‹ Traceroute program: provides delay measurement
from source to router along end-end Internet path
towards destination.
‹ For all i:
» sends three packets that will reach router i on path
towards destination
» router i will return packets to sender
» sender times interval between transmission and reply

3 probes 3 probes
ODU’s campus router 3 probes

15 16
Understanding the Performance of the Internet Understanding the Performance of the Internet
Packet Loss Throughput

‹ Queue (aka buffer) preceding the link has finite ‹ throughput: rate (bits/time unit) at which bits
capacity transferred between sender/receiver
‹ Packet arriving to full queue dropped (aka lost)
» instantaneous: rate at given point in time
» average: rate over long(er) period of time
‹ Lost packet may be retransmitted by previous node, by
source end system, or not at all
buffer
(waiting area) packet being transmitted
A

server,
server sendswith link
bits pipe capacity
that can carry link that
pipe capacity
can carry
file of
(fluid) F bits
into pipe R bits/sec
fluid
s at rate Rfluid
c bits/sec
at rate
B
packet arriving to to send to client Rs bits/sec Rc bits/sec
full buffer is lost

17 18
Understanding the Performance of the Internet Understanding the Performance of the Internet
Throughput Throughput: Internet Scenario

‹ Rs < Rc What is average end-end throughput? ‹ Per-connection end-to-end

throughput: Rs
» min(Rc,Rs,R/10) Rs
Rs bits/sec Rc bits/sec Rs

‹ Rs > Rc What is average end-end throughput? ‹ In practice: R

» Rc or Rs is often bottleneck
Rc Rc
Rs bits/sec Rc bits/sec
Rc

bottleneck link
link on end-end path that constrains end-end throughput 10 connections (fairly) share
backbone bottleneck link R bits/sec
19 20
A Whirlwind Introduction to the Internet Protocol Layering in the Internet
Overview Internet protocol layers (“stack”)
‹ Application layer
‹ What’s the Internet » Supporting network applications
local ISP ™ FTP, SMTP, HTTP
» What’s a protocol?
‹ Transport layer
‹ Network structure » Host-host data transfer
» Network edge ™ TCP, UDP
regional ISP ‹ Network layer
» Access networks and physical media
» Routing of packets from source to
» Network core destination
™ IP, routing protocols
‹ Performance: loss and delay ‹ Link layer
‹ Protocol layering » Data transfer between directly
connected network elements
‹ Networks under attack! company ™ Ethernet, 802.11, SONET, … Different services
network
‹ Physical layer specified at each
» The insertion of individual bits “on the wire”
layer interface
™ Manchester encoding

21 22
Protocol Layering in the Internet Protocol Layering in the Internet
Internet protocol layers (“stack”) Airline Example
‹ Each layer implements a protocol with its peer layer ‹ Layers: each layer implements a service
in a distributed system » via its own internal-layer actions
» relying on services provided by layer below
Application protocol

Transport protocol

Network protocol ticket

tick
titickett (purchase)
((p
(purc
purch
hase))
has ticket
tick
tic
ti kett (complain)
(c
(comp
plai
l in)) ticket

baggage
baggage (check)
baggag (che
h ck)
k) baggag
baggage (claim
baggage (cla
clai
l im
im baggage

Link protocol gates

g tes (load)
gat ( ad)
(lo
(l d)) gates
g tes (unload)
gat (unload)
(unload)) gate

runway (takeoff)
runway (take
k off
off)
ff) runway
runway (land)
(land
and)
d) takeoff/landing

airplane
airpl ne routing
i pla routitin
routing g airplane
airpla
airp ne rou
pla routin
routing
ting
g airplane
airpla
airp ne rou
pla routin
routing
ting
g airplane
p ne routing
airpla
airpla routin
routing
g airplane routing
Physical (signaling)
protocol departure intermediate air-traffic arrival
airport control centers airport
End system A End system B
23 24
Protocol Layering in the Internet Logical Communication Example
Logical communication The transport layer
application data
application ‹ Receive data from
transport
transport
application application
‹ The implementation network
network
application
transport
transport
transport
of each layer is link
link ‹ Add transport- network
network
physical
physical
distributed network layer protocol link
link
network
net
two or physical network
network
net
two or
throughout the information physical
...

application link
llink
lin
inkk link
link
lin
linkk
application
network transport
transport
physical
physical ‹ Send to peer application data
physical
physical
network application
» Some layers just network transport layer transport
transport ack
link
link
distributed on the network
network data
physical
physical application
application application
applicationn ‹ Wait for peer
end-systems link
link
transport transport
transport
network
network
... transport
network
network
transport layer to physical
physical application
application application
applicationn
link respond transport
transport ... transport
transport
transport
‹ Thedistributed components link
link link network network
physical network network
physical physica
physical ‹ Peer transport
perform actions, exchange physical link
link link
link
messages with peers delivers data to its physical
physical physical
physica
physical
application layer
25 26
Protocol Layering in the Internet Protocol Layering in the Internet
Data flow through protocol layers Protocol layering and data formats
data ‹ At sender, each layer takes data from above
application
» Adds header information to create new data unit
application » Passes new data unit to layer below
transport
transport
network ‹ Process reversed at receiver
network
link
link link Receive
physical physical network
network
net
two or Message
physical Send
link
llink
lin
inkk
physical Message Source Destination
application physical
application
transport M application application M Message
transport
network
network data Htrans M transport transport Htrans M Segment
link
link
physical
physical application
application application
application Hnet Htrans M network network Hnet Htrans M Datagram
transport transport
transport
network
network
... transport
network
network
Hlink Hnet Htrans M link link Hlink Hnet Htrans M Frame
link
link link
link physical physical
physical
physical
ph physical
cal
physical

27 28
Protocol Layering in the Internet
Common logical functions in most layers Questions
‹ Error control
» Make the logical channel between layers ‹ What are the five network protocol layers?
reliable (or simply more reliable)
‹ Flow control
» Avoid overwhelming a peer with data ‹ Which layers do end systems use?
‹ Segmentation and reassembly
» Partitioning large messages into smaller ‹ Which layers do routers use?
ones at the sender and reassembling them
at the receiver
‹ Multiplexing
» Allowing several higher-level sessions to
share a single lower-level connection
‹ Connection setup
» Handshaking with a peer
29 30
A Whirlwind Introduction to the Internet
Overview Networks Under Attack!
‹ What’s the Internet ‹ Attacks on Internet infrastructure:
» What’s a protocol? local ISP » infecting/attacking hosts: malware, spyware, worms, unauthorized
access (data stealing, user accounts)
‹ Network structure
» denial of service: deny access to resources (servers, link bandwidth)
» Network edge
regional ISP
» Access networks and physical media
‹ Internet not originally designed with (much) security in mind
» Network core
» original vision: “a group of mutually trusting users attached to a
‹ Performance: loss and delay transparent network” -
‹ Protocol layering » Internet protocol designers playing “catch-up”
» Security considerations in all layers!
‹ Networks under attack! company
network

31 32
What Can Bad Guys Do?
Malware
‹ Spyware:
» infection by downloading
web page with spyware
» records keystrokes, web
sites visited, upload info to
collection site
‹ Virus
» infection by receiving
object (e.g., e-mail
attachment), actively
executing
» self-replicating: propagate
itself to other hosts, users
What Can Bad Guys Do?
Denial of service (DoS) attacks
‹ Worm: ‹ Attackers make resources
» infection by passively (server, bandwidth)
receiving object that gets unavailable to legitimate
itself executed
traffic by overwhelming
» self-replicating: propagates resource with bogus traffic
to other hosts, users
Sapphire Worm: aggregate scans/sec
in first 5 minutes of outbreak (CAIDA, UWisc data) ‹ Distributed DoS
1. select target target
2. break into hosts around the
network (see malware)
3. send packets toward target
from compromised hosts
33 34
What Can Bad Guys Do? What Can Bad Guys Do?
Sniff, modify, delete your packets Masquerade as you

‹ Packet sniffing: ‹ IP spoofing: send packet with false source address

» broadcast media (shared Ethernet, wireless)
» promiscuous network interface reads/records all packets A C
(e.g., including passwords!) passing by
src:B dest:A payload
A C
B

src:B dest:A payload

B
» Ethereal software used for end-of-chapter labs is a
(free) packet-sniffer
» more on modification, deletion later
35 36
What Can Bad Guys Do? What Can Bad Guys Do?
Masquerade as you Masquerade as you

‹ IPspoofing: send packet with false source address ‹ IPspoofing: send packet with false source address
‹ Record-and-playback: sniff sensitive info (e.g., ‹ Record-and-playback: sniff sensitive info (e.g.,
password), and use later password), and use later
» password holder is that user from system point of view » password holder is that user from system point of view

later …..
C C
A A

src:B dest:A user: B; password: foo src:B dest:A user: B; password: foo

B B

37 38
 Internet History Lesson
Internet History Lesson 1961-1972: Early packet-switching principles

‹ 1961-1972: Early packet-switching principles ‹ 1961: Kleinrock - queueing ‹ 1972:

theory shows effectiveness of » ARPAnet public
packet-switching demonstration
‹ 1964: Baran - packet-switching
‹ 1972-1980: Internetworking, new and proprietary nets » NCP (Network Control
in military nets Protocol) first host-host
‹ 1967: ARPAnet conceived by protocol
Advanced Research Projects » first e-mail program
‹ 1980-1990: New protocols, a proliferation of networks Agency
» ARPAnet has 15 nodes
‹ 1969: first ARPAnet node
operational
‹ 1990-2007: commercialization, the Web, new apps

39 40
Internet History Lesson Internet History Lesson
1972-1980: Internetworking, new and proprietary nets 1980-1990: new protocols, a proliferation of networks

‹ 1970: ALOHAnet satellite
network in Hawaii
‹ 1974: Cerf and Kahn -
architecture for interconnecting
networks
‹ 1976: Ethernet at Xerox PARC
‹ late 70’s: proprietary
architectures: DECnet, SNA,
XNA
‹ late 70’s: switching fixed
length packets (ATM precursor)
‹ 1979: ARPAnet has 200 nodes
‹ Cerf and Kahn’s
internetworking principles:
» minimalism, autonomy - no
internal changes required to
interconnect networks
» best effort service model
» stateless routers
» decentralized control
‹ 1982: SMTP e-mail protocol
defined
‹ 1983: deployment of TCP/IP
‹ 1983: DNS defined for name-
to-IP-address translation
‹ 1985: FTP protocol defined
‹ 1988: TCP congestion control
‹ New national networks:
Csnet, BITnet, NSFnet,
Minitel
‹ 100,000 hosts connected
to confederation of
networks

41 42
Internet History Lesson
1990, 2000’s: commercialization, the Web, new apps
‹ Early 1990’s: ARPAnet
decommissioned
‹ 1991: NSF lifts restrictions
on commercial use of NSFnet
(decommissioned, 1995)
‹ early 1990s: Web
» hypertext [Bush 1945, Nelson
1960’s]
» HTML, HTTP: Berners-Lee
» 1994: Mosaic, later Netscape
» late 1990’s: commercialization
of the Web
Internet History Lesson
2007
‹ Late 1990’s – 2000’s: ‹ ~500 million hosts
» more killer apps: instant
messaging, P2P file sharing
‹ Voice, Video over IP
» network security to
forefront
» est. 50 million host, 100 ‹ P2P applications: BitTorrent (file sharing) Skype (VoIP),
million+ users PPLive (video)
» backbone links running at
Gbps
‹ more applications: YouTube, gaming
‹ wireless, mobility
43 44
A Whirlwind Introduction to the Internet
Summary CS312 Spring 2009
‹ Covered a “ton” of Internet Concepts
‹ You now hopefully have:
material » Context, overview, “feel” of
» Internet overview networking
» What’s a protocol? » More depth, detail later in
» Network edge, core, access course
network
» Performance: loss, delay ‹ Something dangerous to
Questions?
» Layering and service mumble at parties!
models
» Backbones, NAPs, ISPs
» Network security
» History

45 Old Dominion University – Chris Boyle – Computer Science Department 46