Professional Documents
Culture Documents
2/6/22 4
OSI Architecture – SDU / PDU
At each layer (N)
o Two entities (layer N peers) talk via layer-N protocol
o Exchange protocol data units (PDUs)
o Exchange service data unit (SDU) is the payload of a
PDU
o PDU is transmitted unchanged to a peer
The PDU at a layer N thus becomes the SDU of
layer N-1
Layer N-1 might add a header or a footer or both
2/6/22 5
OSI Architecture – SDU / PDU
2/6/22 6
End to End Connectivity
2/6/22 9
OSI to TCP/IP Mapping
2/6/22 10
TCP/IP Architecture
Application Layer
o Groups the functions of OSI Application,
Presentation Layer and Session Layer
o Any process above the transport layer is called an
Application in the TCP/IP architecture
o Socket and port are used to describe the path over
which applications communicate
o Example Protocols: DNS, FTP, Gopher, HTTP, NFS,
NTP, NNTP, DHCP, SMPP, SMTP, SNMP, Telnet, SSH
2/6/22 11
TCP/IP Architecture
Transport Layer
o The Transmission Control Protocol (TCP)
guarantees information transmission.
o The User Datagram Protocol (UDP) transports
datagrams without end-to-end reliability checking.
o Both protocols are useful for different
applications.
o Example Protocols: TCP, UDP, SCTP, DCCP
o A step above transport: MIME, SSL, TLS, XDR
2/6/22 12
TCP/IP Architecture
Network Layer
o The Internet Protocol is the primary protocol in
the TCP/IP Network Layer.
o All upper and lower layer communications must
travel through IP as they are passed through the
TCP/IP protocol stack.
o There are many supporting protocols in the
Network Layer, such as ICMP, to facilitate and
manage the routing process.
o Example Protocols: IP, Ipsec, ICMP, IGMP, OSPF, RIP
2/6/22 13
TCP/IP Architecture
Host to Network Layer
o IP compatible with the existing data link protocols
such as Ethernet, Token Ring, FDDI, HSSI, and
ATM.
o The physical layer, which defines the hardware
communication properties, is not often directly
interfaced with the TCP/IP protocols in the
network layer and above.
o Example Protocols: PPP, SBTV, SLIP
2/6/22 14
IP Packet Structure
2/6/22 16
IP Packet Structure
Total Length = defines the entire packet (fragment) size, including
header and data, in bytes.
Identification - primarily used for uniquely identifying the group of
fragments of a single IP datagram.
Flags - A three-bit field follows and is used to control or identify
fragments.
Fragment Offset - specifies the offset of a particular fragment
relative to the beginning of the original un-fragmented IP
datagram.
Time To Live (TTL) - An eight-bit time to live field helps prevent
datagrams from persisting (e.g. going in circles) on an internet.
Protocol - This field defines the protocol used in the data portion of
the IP datagram.
2/6/22 17
IP Packet Structure
Header Checksum = The 16-bit checksum field is
used for error-checking of the header
Source address = This field is the IPv4 address of
the sender of the packet. This address may be
changed in transit by a network address
translation device.
Destination address = This field is the IPv4 address
of the receiver of the packet. As with the source
address, this may be changed in transit by a
network address translation device.
2/6/22 18
Topics
OSI Architecture
TCP / IP Architecture
TCP / and UDP
IP / Network Routing
Domain Name Service
Client Server / Peer to Peer models
The parts of an URL!
What is an IP Address ?
2/6/22 19
TCP and UDP
There are two main types of Transport for
Internet Protocol (IP) traffic:
o TCP or Transmission Control Protocol
o UDP or User Datagram Protocol
TCP is connection oriented – once a connection
is established, data can be sent bidirectional.
UDP is a simpler, connectionless Internet
protocol. Multiple messages are sent as
packets in chunks using UDP.
2/6/22 20
TCP and UDP Functions
TCP - As a message makes its way across
the internet from one computer to
another within a context of a session
UDP - is also a protocol used in message
transport or transfer. This is not
connection based which means that one
program can send a load of packets to
another and that would be the end of the
relationship
2/6/22 21
TCP and UDP Usage
TCP - is suited for applications that require
high reliability, and transmission time is
relatively less critical
UDP - is suitable for applications that need
fast, efficient transmission, such as games.
UDP's stateless nature is also useful for
servers that answer small queries from
huge numbers of clients
2/6/22 22
TCP and UDP
Based protocols
o TCP - HTTP, HTTPs, FTP, SMTP, Telnet
o UDP – DNS, DHCP, TFTP, SNMP, RIP, VOIP
Speed
o The speed for TCP is slower than UDP.
o UDP is faster because there is no error-
checking for packets
2/6/22 23
TCP and UDP Ordering of data packets
TCP - rearranges data packets in the order
specified
UDP - has no inherent order as all packets
are independent of each other. If ordering
is required, it has to be managed by the
application layer
2/6/22 24
TCP and UDP Reliability
TCP - There is absolute guarantee that the
data transferred remains intact and arrives
in the same order in which it was sent
UDP - There is no guarantee that the
messages or packets sent would reach at
all
2/6/22 25
TCP and UDP Streaming of data
TCP - Data is read as a byte stream, no
distinguishing indications are transmitted
to signal message (segment) boundaries
UDP - Packets are sent individually and are
checked for integrity only if they arrive.
Packets have definite boundaries which
are honored upon receipt, meaning a read
operation at the receiver socket will yield
an entire message as it was originally sent
2/6/22 26
TCP and UDP Error Checking
TCP - TCP is heavy-weight. TCP requires three
packets to set up a socket connection, before
any user data can be sent. TCP handles
reliability and congestion control.
o Yes to error checking and recovery
UDP - UDP is lightweight. There is no ordering
of messages, no tracking connections, etc. It is
a small transport layer designed on top of IP.
o Yes to error checking but No to error recovery
2/6/22 27
TCP session establishment
TCP session establishment is a three-way
handshake
2/6/22 28
Topics
OSI Architecture
TCP / IP Architecture
TCP / and UDP
IP / Network Routing
Domain Name Service
Client Server / Peer to Peer models
The parts of an URL!
What is an IP Address ?
2/6/22 29
Routing Protocols
• Goal:
– Determine path or route
– Packet switching networks: determine routing
table
• Routing Table Requirements:
– Used for forwarding each packet
– Scalable, adaptive, stable
2/6/22 30
Route Construction
• Static
– Listed Manually: change route slowly
– not robust: reachability is independent of network
condition
– stable
• Dynamic
– Learn route via routing protocols
– React to topology, traffic or configuration changes
directly
– Might not converge or oscillate
– Might have loop
2/6/22 31
Dynamic Routing Algorithms
• Global or Link state algorithm
– Use global knowledge about topology and cost
2/6/22 32
Global or Link State Algorithm
Each node floods the entire network with information about the
other nodes it can connect to.
Each node independently assembles this information into a map.
Using this map, each router independently determines the least-
cost path from itself to every other node using a standard
shortest paths algorithm such as Dijkstra's algorithm.
The result is a tree graph rooted at the current node, such that
the path through the tree from the root to any other node is the
least-cost path to that node.
This tree then serves to construct the routing table, which
specifies the best next hop to get from the current node to any
other node.
2/6/22 33
Link State Algorithm Issues
Processing power
o Heavier processing in terms of ASIC
Flooding
o Heavier in terms of sending updates
to each node
2/6/22 34
Distance Vector Algorithms
Distance Vector Routing involves two factors:
o The distance, or metric, of a destination
o The vector, or direction to take to get there.
Routing information is only exchanged between
directly connected neighbors.
This means a router knows from which neighbor a
route was learned, but it does not know where that
neighbor learned the route; a router can't see beyond
its own neighbors.
This aspect of distance vector routing is sometimes
referred to as "routing by rumor."
2/6/22 35
Decentralized or Distance Vector Algorithm
2/6/22 36
Distance Vector Algorithm Issues
Robustness:
o node can advertise incorrect path cost
o each node’s table used by others
• error propagate thru network
May have routing loops
o Split horizon and poison reverse are employed to
avoid routing loops.
Convergence Times:
o Count-to-infinity problem
2/6/22 37
Split Horizon
Split-horizon route advertisement is a method of preventing routing loops in
distance-vector routing protocols by prohibiting a router from advertising a route
back onto the interface from which it was learned.
Consider the following example where A learns from B how to reach C
According to the split-horizon rule, node A does not advertise its route for C (namely
A to B to C) back to B.
On the surface, this seems redundant since B will never route via node A because
the route costs more than the direct route from B to C. However, if the link between
B and C goes down, and B had received a route from A to C, B could end up using
that route via A. A would send the packet right back to B, creating a loop.
This is the Count to Infinity Problem. With the split-horizon rule in place, this
particular loop scenario cannot happen, improving convergence time in complex,
highly-redundant environments.
2/6/22 38
Split Horizon with Poison Reverse
Split-horizon routing with poison reverse is a variant of split-
horizon route advertising in which a router actively advertises
routes as unreachable over the interface over which they were
learned by setting the route metric to infinite (16 for RIP).
2/6/22 39
Internet Architecture
2/6/22 40
Inter-AS and Intra-AS Routing
Intra-AS routing
2/6/22 41
Why different Inter-AS and Intra-AS routing
protocols?
2/6/22 42
Inter-AS Routing Protocols
• Use EGP in NSFNET
2/6/22 43
Intra-AS Routing
• Routing Information Protocol (RIP)
– Distance Vector Algorithm
• Open Shortest Path First (OSPF)
– Link State Algorithm
• IS-IS
– Link State Algorithm
2/6/22 44
Topics
OSI Architecture
TCP / IP Architecture
TCP / and UDP
IP / Network Routing
Domain Name Service
Client Server / Peer to Peer models
The parts of an URL!
What is an IP Address ?
2/6/22 45
DNS – Domain Name Service
Translates a Hostname to its Internet IP
A lookup mechanism for translating objects into other
objects
A globally distributed, loosely coherent, scalable,
reliable, dynamic database
Comprised of three components
A “name space”
Servers making that name space available
Resolvers (clients) which query the servers about the name
space
2/6/22 46
Global Distribution and Loose Coherency
Global Distribution
o Data is maintained locally, but retrievable globally
• No single computer has all DNS data
o DNS lookups can be performed by any device
o Remote DNS data is locally cacheable to improve performance
Loose Coherency
o The database is always internally consistent
Each version of a subset of the database (a zone) has a serial number
The serial number is incremented on each database change
o Changes to the master copy of the database are replicated according
to timing set by the zone administrator
o Cached data expires according to timeout set by zone administrator
2/6/22 47
Reliability and Dynamicity
Reliability
o Data is replicated
• Data from master is copied to multiple slaves
o Clients can query
• Master server
• Any of the copies at slave servers
o Clients will typically query local caches
o DNS protocols can use either UDP or TCP
• If UDP, DNS protocol handles retransmission, sequencing, etc.
Dynamicity
o Database can be updated dynamically
• Add/delete/modify of any record
o Modification of the master database triggers replication
• Only master can be dynamically updated
– Creates a single point of failure
2/6/22 48
DNS Tree
2/6/22 51
Zones and Delegations
Zones are “administrative spaces”
Zone administrators are responsible for portion of a
domain’s name space
Authority is delegated from a parent and to a child
•
net zone
net edu com
net domain • • •
bing
bubi.net zone •
bubi isi cnn kcchiefs
nfl •
www work
work.bubi.net zone www
•
ftp
2/6/22 ws2 ws1 52
Name Servers
Name servers answer ‘DNS’ questions.
2/6/22 54
Security Concerns
DNS responses are traditionally not cryptographically
signed which leads to many attack possibilities
Domain Name System Security Extensions (DNSSEC)
modify DNS to add support for cryptographically signed
responses.
DNSCurve has been proposed as an alternative to DNSSEC.
Other extensions, such as TSIG, add support for
cryptographic authentication between trusted peers and
are commonly used to authorize zone transfer or dynamic
update operations.
2/6/22 55
Topics
OSI Architecture
TCP / IP Architecture
TCP / and UDP
IP / Network Routing
Domain Name Service
Client Server / Peer to Peer models
The parts of an URL!
What is an IP Address ?
2/6/22 56
Client Server Model
Client can find server and initiate a dialogue
o Question-answer session
o Formally “request-response”
Server never initiates a dialogue.
Client may or may not know a servers
capability!
Question-answer sessions follow a standard,
but need not!
2/6/22 57
Client Server Model
The client initiates the connection with a request.
The server responds to this request, delivering the required
service or resource.
Most business-related networked applications operate on
this model.
Web browsers request web pages from web servers in the same
manner.
Email Services follow the same paradigm.
Client server was the only method of network
communication until peer-to-peer networking was
invented.
2/6/22 58
Peer to Peer Model
In a peer-to-peer network, both computers in a connection
are equals, or "peers."
Both computers in the connection are both clients and
servers simultaneously.
Usually, peer-to-peer networks involve more than two
computers.
This means that each computer in the network can maintain a
connection to more than one computer at the same time.
This provides a backup source for a file or service if the first
computer to be contacted is not available.
Perfect example is file sharing applications (Bit Torrent)
2/6/22 59
Comparisons / Differences
In client-server communication, the client only initiates the connection.
All computers in the peer-to-peer network can be both client and server,
they do not all perform both functions simultaneously all the time.
o One computer might be available and willing to serve files to others without
needing to receive files (Bit Torrent Application)
The key difference is that the clients in a client server system can only be
clients and the servers can only be servers because they do not have
software installed to perform the other function.
No theoretical limit to the size of a peer-to-peer network. Issues:
Performance
Security
Access
2/6/22 60
Topics
OSI Architecture
TCP / IP Architecture
TCP / and UDP
IP / Network Routing
Domain Name Service
Client Server / Peer to Peer models
The parts of an URL!
What is an IP Address ?
2/6/22 61
Parts of a URL
URL = Uniform Resource Locator
URL is how you “address” information and content on the
web
2/6/22 62
Parts of a URL
2/6/22 64
Topics
OSI Architecture
TCP / IP Architecture
TCP / and UDP
IP / Network Routing
Domain Name Service
Client Server / Peer to Peer models
The parts of an URL!
What is an IP Address ?
2/6/22 65
What in an IP address ?
2/6/22 67
Class A, B and C
Imagine a network as tree and each node having a network
address and within each node the leaves, if any, having a host
address.
Examples of network and host addresses (host is RED), classes
A / B / C:
– 222.200.201.35 (Class C)
– 164.43.22.178 (Class B)
– 10.34.182.2 (Class A)
Limitations on classes A / B / C => CIDR = Classless Inter
Domain Routing
2/6/22 68
CIDR = Classless Inter Domain Routing
CIDR (Classless Inter-Domain Routing) was introduced in 1993 (RCF 1517)
replacing the previous generation of IP address syntax – classful networks.
CIDR allowed for more efficient use of IPv4 address space and prefix
aggregation
Also is known as route summarization or super-netting.
CIDR introduction allowed for:
More efficient use of IPv4 address space
Prefix aggregation, which reduced the size of routing tables
With CIDR, IP addresses and their subnet masks are written as four octets,
separated by periods, followed by a forward slash and a two-digit number
that represents the subnet mask e.g. (in YELLOW used for hosts)
20.5.4.0/30 => 20.5.4.0, 20.5.4.1, 20.5.4.2, 20.5.4.3
20.5.4.4/30 => 20.5.4.4, 20.5.4.5, 20.5.4.6, 20.5.4.7
20.5.4.8/30 => 20.5.4.8, 20.5.4.9, 20.5.4.10, 20.5.4.11
2/6/22 69
CIDR = Classless Inter Domain Routing
2/6/22 70