AResC63-2013 en PDF

Master Informatique de lUniversite Pierre & Marie Curie
COMNET
Computer Networks
1
0
0
1
0
1
... ... ...

00
11
11
00
00
11
10
0 1
... ...
1
0
0
1
11
00
0
1
... 10
0
...
11
00 1
...
Lecture notes
(version 6.3)
Olivier Fourmaux & Timur Friedman

({olivier.fourmauxktimur.friedman}@upmc.fr)
Course presentation Course presentation
Administrative questions Administrative questions
Course introduction Course introduction
ComNet: course 1/5 outline
1 Course presentation
Course objectives
Computer Networks (ComNet) 1/5 : Introduction Pedagogical approach
Instructional methodology
2 Administrative questions
Olivier Fourmaux (olivier.fourmaux@upmc.fr)
Schedule
Evaluation
Version 6.3 3 Course introduction
Network components
Protocol hierarchy
TCP/IP example
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 1/5 : Introduction Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 1/5 : Introduction
Course presentation Course objectives Course presentation Course objectives

Administrative questions Pedagogical approach Administrative questions Pedagogical approach
Course introduction Instructional methodology Course introduction Instructional methodology
ComNet: course 1/5 outline Reinforce your understanding of networking
Course objectives
Pedagogical approach Deepen and extend beyond a first course in networking
Instructional methodology example: LI310 course from the UPMC Licence dInformatique
prerequisites, both theoretical and technical:
the vocabulary
Schedule
introduction to signal processing
Evaluation basic protocol mechanisms
classical protocols (HDLC, X25, IP, routing, UDP, TCP)
3 Course introduction ISO layered model
Network components
Protocol hierarchy
TCP/IP example
Understand fundamental technologies Basis for further courses in networking

Prerequisite for advanced networking courses
In M1-S2: for required courses for students in the networking
Study the principal current network architecture and its speciality, and for elective courses for other students
environment TCP/IP and Internet
IPv6, multicast, QoS, security U.E. ING
standardized applications (web, DNS, e-mail, . . . ) mobility, autonomous, wireless U.E. MOB
dynamic mechanisms (congestion control, . . . ) In M2: for students in the networking speciality (either
industry or research)
IPv4 adressing (CIDR, DHCP, NAT, tunnels, . . . )
multimedia applications U.E. APMM
advanced routing (AS hierarchy, OSPF, BGP, . . . ) multimedia transmission over IP U.E. MMIP
media architectures (Ethernet, point-to-point links, . . . ) multimedia and quality of service U.E. MMQoS
routing and routers U.E. ROUT
local loop (CATV, ADSL, FTTH, . . . ) network security U.E. SECUR
mobile services U.E. SMOB
network supervision U.E. SUPERV
network trafic and control U.E. TCONT . . .

Course content Labs

Four-hour labs consisting of written exerices (TDs) and practical
Top down approach: ones (TMEs):
interlacing of theoretical and practical aspects
Part 1/5 Introduction illustrated by concrete examples on a networking testbed
Part 2/5 Application: Telnet, FTP, SMTP, HTTP, using real hardware:
... DNS, SNMP, peer-to-peer.
Salle M2-RES de 2003 2009 Salle M2-RES depuis 2009
Part 3/5 Transport: services, UDP and TCP examples,
Internet Internet
... congestion control. via ARI via ARI ctrl console ctrl alim.
Part 4/5 Network: IPv4, CIDR adressing, NAT...
... hierarchical routing, OSPF and BGP. X 16 X 16 PC 1U "sonde"
Commutateur
Part 5/5 Link: Switched Ethernet, Routeur
... point-to-point, local loop. PC 1U "client"
PC 1U "serveur"
Lab schedule (tentative) Course organization
week content lab 13 weeks, within which. . .

1 Introduction to the networking testbed n1 Lectures: 10 2 hrs.
2 Applications (1): Telnet, FTP, and web analysis n2 O. Fourmaux, T. Friedman
3 Applications (2): SMTP, DNS, and SNMP analysis n3 Labs: 10 4 hrs.
4 Transport (1): analysis of mechanisms n4 T. Bourgeau, O. Fourmaux, T. Friedman, R.
5 Review/completion of previous weeks labs Hu, K. Thai
6 Transport (2): congestion control n5
7 Network (1): IP/ICMP (begin) n6 Course website:
8 Network (2): IP/ICMP (end) n6 Information and updates:
9 Network (3): routing n7 http://www-rp.lip6.fr/~fourmaux/index-cours.html
10 Review/completion of previous weeks labs

Networking testbed for the labs Supporting traces and documents
Network traffic traces, on which to test your knowledge

The testbed hardware rack, located in the generated on the networking testbed during the labs
M2-RES computer lab, room 31-208 generated by the students (on the testbed or elsewhere)
pre-recorded (to use in case the testbed is down, or you wish
Each pair of students has access to: to work elsewhere), available here:
a classical ARI host machine http://www-rp.lip6.fr/~fourmaux/Traces/labV6.html
dedicated hardware for configuring Documents available on the course website:
networks, and capturing and analyzing course slides
traffic: lab handouts (including optional exercises)
1 Cisco switch past exams
1 Cisco router Textbooks
3 VMs in on 1U rackable server
available in the Math/Info libraries
Course presentation Course objectives Course presentation
Schedule
Administrative questions Pedagogical approach Administrative questions
Evaluation
Course introduction Instructional methodology Course introduction
Bibliography ComNet: course 1/5 outline
James F. Kurose, Keith W. Ross 1 Course presentation

Computer Networking: A Top-down Approach Featuring Course objectives
the Internet, 6th edition (Pearson, 2013) Pedagogical approach
Andrew S. Tanenbaum, David J. Wetherall
Computer Networks, 5th edition (Prentice Hall, 2011) 2 Administrative questions
Schedule
Douglas Comer
Evaluation
Internetworking with TCP/IP Vol 1: Principles, Protocols
and Architectures, 5th edition (Prentice Hall, 2006) 3 Course introduction
Olivier Bonaventure Network components
Computer Networking: Principles, Protocols and
Protocol hierarchy
Practice, http://inl.info.ucl.ac.be/CNP3 TCP/IP example

Schedule Schedule
Evaluation Evaluation
Tentative schedule for 2013-2014 Weekly schedule
dates lecture lab comments

16-20/9 1
23-27/9 2 1
30/9-4/10 3 2
7-11/10 4 3
14-18/10 5 4
21-25/10 6 5
28-31/10 + 15/11 7 6
4-8/11 midterm exam
12-15+18/11 8 7
19-21/11
25-29/11 9 8
2-6/12 10 9
9-13/12 10
6-10/1 final exam
19-23/5 makeup exam
Schedule Schedule
Evaluation Evaluation
Exam details Calculating the grade for the course

1st session: midterm and final exams
Three exams: NARES1 = 0.4Nmidterm + 0.6Nfinal
Midterm exam (application and transport layers only)
Note: If you pass the course in the first session (NARES1 > 50),
Final exam (the whole course) you may not take the makeup exam.
Makeup (the whole course)
2nd session: makeup (you didnt pass the course in the 1st
Exam rules session)
no electronic equipment (mobile phone, calculator, etc.) If your grade is officially compensated for by passing grades in
other courses: by default, you keep your grade NARES1 < 50
no documents except one handwritten A4 page You may sit the makeup exam iff you explicitly sign up to do
so with the RES secretariat
Definition
If your grade is not compensated for, you must take the
handwritten: entirely written by hand (no photocopies)
makeup exam (if you do not, NARES2 = 0)
NARES2 = Nmakeup
Course presentation Course presentation Network components

Schedule
Administrative questions Administrative questions Protocol hierarchy
Evaluation
Course introduction Course introduction TCP/IP example
Final grade adjustments ComNet: course 1/5 outline
The week after the final exam (1st session) or the makeup exam Course objectives
(2nd session): Pedagogical approach
exams graded and a curve is applied
grades posted on DBUFR 2 Administrative questions
students consult their graded exams Schedule
juries Evaluation
course jury (determines passing or failing)
3 Course introduction
Networking speciality jury (grade compensation)
Masters program jury (final decision) Network components
Protocol hierarchy
TCP/IP example
Course presentation Network components Course presentation Network components
Administrative questions Protocol hierarchy Administrative questions Protocol hierarchy
Course introduction TCP/IP example Course introduction TCP/IP example
The environment we discuss in this lecture Internet components
The Internet 1
0
What are the basic elements of the Internet?
0
1
0
1
omnipresent ... ... ... communications links

00
11
heterogeneous 11
00
00
11 routers (packet forwarding)
evolving hosts (end systems):
complex. . . 10
0 1
Unix workstations
... ... classical PCs
difficult to 1
0
0
1
mobile phones
11
00
characterize! an Internet toaster. . .
... ... networked applications
Lets look at an 0
1
11
00 10
0 1
... communication protocols. . .
example:

Protocols: analogy Protocol: definition
Definition
Temps
Demande douverture
Protocol: protocols define format, order of messages sent and
Bonjour 1
0
0
1 de connexion TCP received among network entities, and actions taken upon message
0
1
transmission and receipt.
Rponse positive et
Bonjour tablissement de la connexion Remark
any interaction between entities over the Internet is
based on protocols
O est la gare ? GET http://www.upmc.fr this course focuses mainly on protocols
Examples
Deuxime rue gauche Envoi de la page daccueil web request
resolving name queries into IP addresses
... ...
route computation
congestion control. . .
Application services Network services
Applications are based on two types of services:

connectionless
Internet users use distributed applications:
analogy with the postal service
World Wide Web
electronic mail connection oriented
peer-to-peer file sharing analogy with telephone service
distributed games
and have correspondingly different characteristics:
audio and video streaming
reliability
real-time audio and video. . .
ordering
flow control

Quality of service Internet standardisation
IAB
Qualite de Service (QoS) in the Internet

IRSG
The Internet offers a best effort service IESG
... ...
no guarantees; the main concern is connectivity! Working Areas Working Groups
how many end-systems? ... ... ... IRTF
9 9 Working Groups ISOC : Internet SOCiety
many of the 1.510 PCs + 1.510 smartphones. . . IETF IAB : Internet Architecture Board
2.5109 users active in 2012 IRSG : Internet Research Steering Group
IRTF : Internet Research Task Force
ISOC
Internet traffic >>> telephone traffic IESG : Internet Engineering Steering Group
IETF : Internet Engineering Task Force
multimedia applications must adapt to the uncertain

conditions. . . IETF (Internet Engineering Task Force) working groups
over 6000 RFCs (Requests For Comments)
U.E. ING (M1-S2) mostly de facto rather than de jure standards
IP, TCP, SMTP, SNMP, HTTP...
http://www.rfc-editor.org/
Some websites ComNet: course 1/5 outline
ISOC (Internet SOCiety), http://www.isoc.org/ 1 Course presentation

IETF (Internet Engineering Task Force), Course objectives
http://www.ietf.org/ Pedagogical approach
IAB (Internet Architecture Board), http://www.iab.org/
W3C (World Wide Web Consortium), http://www.w3.org/ 2 Administrative questions
ACM SIGCOMM (Association for Computing Machinery Schedule
Special Interest Group in Data Communication), Evaluation
http://www.sigcomm.org/ 3 Course introduction
IEEE Communications Society, http://www.comsoc.org/ Network components
IEEE Computer Society, http://www.computer.org/ Protocol hierarchy
http://www-npa.lip6.fr/~fourmaux TCP/IP example

Network edge Network edge (abstraction)
1
0
0
1
0
1 1
0
0
1
0
1
... ... ... ...
00
11
11
00
00
11 11
00
00
11
00
11
10
0 1
... ... 10
0 1
... ...
1
0
0
1
11
00 1
0
0
1
11
00
... ...
0
1
11
00 10
0 1
... 0
1
... 10
0
...
11
00 1
...
Distributed applications Application protocols

Client machine Server machine
Client Server
process process
Heterogeneous environment standardised interactions

Network
R eq u e s t
web: HTTP, HTML
client/server model Rep l y e-mail: SMTP, MIME, POP, IMAP
the client sends requests remote access: Telnet, NVT
receives service from an always-on server file transfer: FTP
web directory: DNS
e-mail management: SNMP, MIB
DNS. . .
peer-to-peer model
minimal use of dedicated servers Part 2/5: Applications
symmetrical communication

End-to-end services Impact of end-to-end control

What is the shape of traffic generated by TCP?
seq (Ko) / cwin (Ko/10)
Types of service that the network offers to end-hosts:
tcptahoe.seq
800.0000
connection oriented service tcptahoe.cwnd
reliability 700.0000
ordering 600.0000
flow control
500.0000
TCP 400.0000
connectionless service 300.0000
simple 200.0000
basis for other protocols
100.0000
UDP
0.0000
t (s)
0.0000 2.0000 4.0000 6.0000 8.0000
Part 3/5: Transport

Inside the network Communication links
1
0
Physical media
0
1
0
1
media with waveguide
... ... ... twisted pair (UTP5+, UTP6,. . . )
11
00
00
11
00
11 coaxial cables (baseband, broadband,. . . )
optical fibers (multimode, monomode,. . . )
media without waveguide
10
0 1
satellite links (geostationary, constellation, . . . )
... ... terrestrial links (radio-waves, micro-waves, infrared,
optical,. . . )
1
0
0
1
11
00 Access technology
shared medium
0
1
... 10
0
... framing
11
00 1
...
Intermediate elements. . .

Data forwarding Virtual circuit transmission

Circuit switching or packet switching? 3
Physical copper 2
1
connection set up
when call is made
(a)
3
2
1
(b)
(a)
Switching office
3 2 1
Computer Packets queued up
for subsequent
transmission (c)
3
2
1
(d)
Computer
(b) pictures from Stallings W. High Speed Networks
pictures from Tanenbaum A. S. Computer Networks 3rd edition

Message transmission Datagram transmission

3 2
1
(a) (a)
3
2
1
(b) (b)
2
1
(c) (c)
2 1
(d) (d)
pictures from Stallings W. High Speed Networks pictures from Stallings W. High Speed Networks

Comparing the three types of transmission Delay recap

Call request signal
Pkt 1
Propagation
delay Msg
Pkt 2
Types of delays in packet switching:
Pkt 1
Pkt 3 nodal processing delay
Pkt 2
Msg Queuing Pkt 1 uncompressible (Dn )
delay Pkt 3
Time
spent
Pkt 2 queuing delay
Time
hunting
for an
outgoing
Pkt 3 depends on congestion (Dq = 0 if no congestion)
Msg
trunk
Call transmission delay
accept
signal depends on the size of the packet (Dt = L/R)
Data
propagation delay
AB BC CD
v = 2.108 m/s to 3.108 m/s (Dp = d/v )
trunk trunk trunk
Formula for end-to-end delay?
A B C D A B C D A B C D
(a) (b) (c)

Internet addressing Routing mechanisms

Packets travel from source to destination hop-by-hop, with an
When and how to determine the route taken by data?
address-based forwarding decision made at each intermediate node
(router). the type of path followed depends upon the type of network:
initially
IPv4 protocol circuit switching
universal virtual circuits
for each packet
virtual addressing
datagram
abstracts out the lower layer technologies
calculating the information
each technology provides encapsulation
fragmentation routing algorithms
routing tables
address conversion
local or centralized
Protocols have evolved to adapt to the present network static or dynamic
classless addressing: CIDR information exchange
address translation: NAT routing protocols. . .
auto-configuration: DHCP
filtering.
Olivier Fourmaux .(olivier.fourmaux@upmc.fr)
. Computer Networks (ComNet) 1/5 : Introduction Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 1/5 : Introduction

Routing in the Internet Network core
1
0
0
1
0
1
... ... ...

Datagram network
11
00
00
11
00
11
routing of each packet
Hierarchical structure of the network (ASes)
internal routing: OSPF
10
0 1
external routing: BGP ... ...
1
0
0
1
11
00
Part 4/5: Network
0
1
... 10
0
...
11
00 1
...
Ethernet technology MPLS technology

CiscoSystems Cisco 7000 SERIES
VLAN 1
VLAN 2
1 Gbps VLAN 3 VLAN 2
VLAN 1
1 Gbps
1 Gbps CiscoSystems Cisco 7000 SERIES
Ethernet CiscoSystems Cisco 7000 SERIES

Switch
Ethernet
Switch 1 Gbps VLAN 1
10 Gbps
1 Gbps 10 Gbps
Ethernet
Switch Ethernet
Switch
10 Gbps 100 Mbps VLAN 1
10 Gbps
Ethernet
Switch
Ethernet
Switch
VLAN 1
VLAN 3
VLAN 1 100 Mbps 100 Mbps
VLAN 3
LAN evolution towards the WAN with Fast Ethernet, Gigabit

Integrating switching mechanisms at the network level (ATM,
Ethernet, 10Gigabit Ethernet and 100Gigabit Ethernet.
MPLS,. . . ).
Integrating switching and structuring through VLANs. . .
U.E. RTEL (M1-S1)
Part 5/5 (1): Ethernet

Point-to-point technology Access networks
1
0
0
1
0
1
... ... ...

11
00
00
11
00
11
TCP/IP connection
using PPP
10
0 1
PPP only for old serial connections? ...
...
PPP over SONET: POS
1
0
0
1
PPP over Ethernet: PPPoE 11
00
PPP over ATM: PPPoA

PPP over IP: L2TP . . . 0
1
... 10
0
...
11
00 1
...
Part 5/5 (2): Point-to-point
Entreprise networks Wireless

1
0 1
0
0
1
0
1 0
1
0
1
0
1 0
1
0
1
0
1
0
1
0
1 Depending upon the degree of mobility:
111111111111111111
000000000000000000 111111111111111111
000000000000000000
000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111 micro-mobility
Bluetooth/WPAN (IEEE 802.15)
wireless local network
11
00
00
11
00
11
00
11
00
11
Wi-Fi/WLAN (IEEE 802.11)
00
11
11111111111111111
00000000000000000 wireless local network
00000000000011111
11111111111100000
00000
11111
BLR/WMAN (IEEE 802.16)
mobile phone
... GSM, GPRS, i-mode,. . .
1
0
0
1
0
1
1
0
0
1
0
1
UMTS
0
1 0
1
0
1
0
1 0
1
0
1
1111111111111
000000000000000000
11111 1111111111111
000000000000000000
11111
000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111 U.E. MOB (M1-S2)

Wired ComNet: course 1/5 outline
Switching High-bandwidth Junction House

office fiber trunk box
Course objectives
Pedagogical approach
Fiber
Copper
twisted pair
(a)
Switch High-bandwidth Copper

fiber trunk
Junction box
cable TV
wire Schedule
Evaluation
Fiber House
3 Course introduction
Network components
(b)
Protocol hierarchy
Residential (PSTN/ADSL, cable, optical fiber,. . . ) TCP/IP example
Part 5/5 (3): Local loop
Protocols, layers, and interfaces Anthropological analogy

Location A Location B
Host 1 Host 2
Layer 5 protocol
I like J'aime
Layer 5 Layer 5 rabbits
Message Philosopher
les
lapins
3 3
Layer 4/5 interface
Layer 4 protocol
Layer 4 Layer 4
Layer 3/4 interface Information

L: Dutch L: Dutch
Layer 3 protocol Ik hou
for the remote Translator
Ik hou
Layer 3 Layer 3 translator
van van
2 2
konijnen konijnen
Layer 2/3 interface
Layer 2 protocol
Layer 2 Layer 2
Information
Layer 1/2 interface Fax #--- for the remote Fax #---
L: Dutch secretary L: Dutch
Layer 1 protocol Secretary
Layer 1 Layer 1 Ik hou Ik hou
1 1
van van
konijnen konijnen
Physical medium
picture from Tanenbaum A. S. Computer Networks 3rd edition picture from Tanenbaum A. S. Computer Networks 3rd edition

Repeated encapsulation OSI (Open Systems Intercon. Reference Model 1983)

Layer Name of unit
Layer exchanged
Layer 5 protocol Application protocol
5 M M 7 Application Application APDU
Interface
Presentation protocol
Layer 4 protocol 6 Presentation Presentation PPDU
4 H4 M H4 M
Interface
Session protocol
Layer 3 5 Session Session SPDU
protocol
3 H 3 H 4 M1 H 3 M2 H 3 H 4 M1 H 3 M2
Transport protocol
4 Transport Transport TPDU
Layer 2 Communication subnet boundary
protocol Internal subnet protocol
2 H2 H3 H4 M1 T2 H2 H3 M2 T2 H2 H3 H4 M1 T2 H2 H3 M2 T2
3 Network Network Network Network Packet
1 2 Data link Data link Data link Data link Frame
1 Physical Physical Physical Physical Bit

Host A Router Router Host B
Source machine Destination machine
Network layer host-router protocol
picture from Tanenbaum A. S. Computer Networks 3rd edition Data link layer host-router protocol
Physical layer host-router protocol
TCP/IP reference model (1974) TCP/IP: comparison

OSI TCP/IP
OSI TCP/IP Application
7 Application Application Application

Presentation
User
6 Presentation Not present Space
in the model Session
5 Session Software
Transport
4 Transport Transport Transport (hosttohost)
3 Network Internet Internet

Network Firmware
2 Data link Host-to-network Network
Operating
Data Link Access Hardware
1 Physical System
Physical Physical
picture from Tanenbaum A. S. Computer Networks 3rd edition
these pictures and to the end are from Stallings W. High Speed Networks

ComNet: course 1/5 outline TCP/IP: example
Workstation
Frame
Course objectives Router
Relay
Network
Pedagogical approach
Instructional methodology IEEE 802 LAN
Server
Schedule
Application Application
Evaluation
TCP TCP
3 Course introduction IP IP IP
Network components Frame Frame

LLC LLC
Relay Relay
Protocol hierarchy MAC MAC
TCP/IP example Physical Physical Physical Physical
TCP/IP: concept TCP/IP: sender actions

Host A Host B
App X Port or App Y

App Y App X
service access point (SAP)
Application
Logical connection
(TCP connection)
TCP TCP Data
Global network
IP address IP TCP
Network Access Network Access

Protocol #1 Protocol #2 T Data
Physical Subnetwork attachment Physical

Logical connection
point address IP
(e.g., virtual circuit)
Router J
I T Data
IP
Network 1 Network 2
Frame
NAP 1 NAP 2 Relay
Physical F I T Data F

TCP/IP: router actions TCP/IP: receiver actions
Application
Data
TCP
IP T Data
I T Data
IP
I T Data
LLC
L I T Data LLC
L I T Data
Frame
MAC
F I T Data F Relay M L I T Data M
Physical Physical
MAC
M L I T Data M Physical
Legacy applications Legacy applications
Contemporary applications Contemporary applications
Support applications Support applications
1 Legacy applications
Introduction
Computer Networks (ComNet) 2/5 : Application Remote login
File transfer
2 Contemporary applications
World Wide Web
Electronic mail
Peer-to-peer
Version 6.3
3 Support applications
Directory (DNS)
Network management
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 2/5 : Application Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 2/5 : Application
Legacy applications Introduction Legacy applications Introduction

Contemporary applications Remote login Contemporary applications Remote login
Support applications File transfer Support applications File transfer
ComNet: course 2/5 outline Applications
1 Legacy applications 1
0
0
1
0
1
Introduction ... ... ...
Remote login
00
11
11
00
File transfer 00
11
World Wide Web 10
0 1
Electronic mail ... ...
Peer-to-peer
1
0
0
1
11
00
Directory (DNS)
0
1
... 10
0
...
Network management 11
00 1
...
Application layer Application layer: OSI model

Application protocol
7 Application Application
APDU
Interface Interface
Definition Presentation protocol
6 Presentation Presentation
The application layer: All high-level programs and protocols that
allow users to communicate Session protocol
5 Session Session
Remarks:
Transport protocol
standardizes the exchanges of the most common applications 4 Transport Transport
web access (HTTP), e-mail (SMTP, POP, IMAP) . . .

3 Network Network Network Network
application 6= application layer protocol
defines the user-network interface
2 Data link Data link Data link Data link
relies on the end-to-end services defined in the lower layers
supports heterogeneous environments
1 Physical Physical Physical Physical

Application layer: TCP/IP model (1) Application layer: TCP/IP model (2)
TELNET FTP SMTP DNS
OSI TCP/IP
TCP UDP
IP
6 Presentation
Packet#
ARPANET SATNET radio LAN
5 Session
In the Internet, there are hundreds of application layer protocols!
4 Transport Transport
TELNET to log in to a remote host
3 Network Internet FTP to transfer files
2 Data link Hosttonetwork SMTP to exchange e-mail
1 Physical
HTTP to surf the web
DNS to resolve names on the Internet
SNMP to manage the network. . .
ComNet: course 2/5 outline Remote login applications
From a terminal open on local host, connect to a remote host

Introduction several protocols:
Remote login TELNET
File transfer RLOGIN
SSH. . .
2 Contemporary applications client/server applications
World Wide Web client: interacts with the user and the network protocols
Electronic mail server: interacts with the network protocols and an
Peer-to-peer always-running process
must be interactive
3 Support applications everything typed on the local keyboard is quickly sent over the
Directory (DNS) network connection
Network management everything received from the connection is quickly displayed
on the local screen

TELNET (TELecommunication NETwork protocol) TELNET: options
Application present since 1969 (RFC 15) and standardized by the Several setup exchanges dedicated to options (RFC 855):
IETF in 1983 (RFC 854 and Internet Standard STD 8) the client sends requests (WILL WONT DO DONT)
based on a TCP connection (server port n 23) Command: Do Suppress Go Ahead
optional negotiation mechanisms Command: Will Terminal Type
Command: Will Negotiate About Window Size
virtual terminal service Command: Will Terminal Speed...
no confidentiality (password in the clear. . . ) the server answers with replies (DO DONT WILL WONT)
Command: Do Terminal Type
Command: Will Suppress Go Ahead
Command: Dont Negotiate About Window Size
TELNET
8
TELNET
Command: Do Terminal Speed...
Client Server
3
4
tty
10
9 2 3 each end-point implements basic NVT functionality
1
0 1
0
tty 7
App.
App. 2
1 4
6
5
option negotiation for more sophisticated hosts
1 Pseudo tty
TELNET: NVT TELNET: accessing various servers

Example of web server access via TELNET
Unix> telnet hobbes.lip6.fr 80
Network Virtual Terminal (NVT) Trying 137.86.111.77...
describes a standard way to encode data Connected to hobbes.lip6.fr.
all end-hosts can encode/decode Escape character is ^].
GET /index.html HTTP/1.0
local real terminal network virtual terminal
HTTP/1.1 200 OK
Example:
Date: Tue, 24 Sep 2002 15:33:07 GMT
local: cc maa<bs>x.c Server: Apache/1.3.9 (Unix) Debian/GNU
NVT: c . x IAC EC a a m c c Connection: close
IAC = Interpret As Command (byte value 255) Content-Type: text/html; charset=iso-8859-1
it is not necessary to know how to convert for all types of
machines <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
enables communication in heterogeneous environments <HTML>
in-band control ...
</HTML>
Connection closed by foreign host.
raw TCP connection for 7-bit ASCII


RLOGIN (Remote LOGIN) SSH (Secure SHell)
Standard BSD Unix application (RFC 1282) encrypted communication, ensuring:

much simpler than TELNET; no negotiation authentification
privacy
TCP-based (server port n 513)
integrity
some in-band commands, and urgent data TCP-based connection (server port n 22)
no privacy (password in clear text); trust (.rhost) adds an intermediate transport layer
encrypted authentification
algorithms are negotiated
\0 toto \0 toto \0 dumb/9600 \0 (sessions, tunnels muxed: X11, port forwarding, SOCKS. . . )
\0 0X80 (URG)
recently standardized (Jan. 2006): RFCs 4251-4254
rlogin (window size info) rlogin
Client Server
multiple implementations
Password:
tty
x
OpenSSH (native on BSDs, GNU/Linux, MacOSX, Cygwin. . . )
y Pseudo tty PuTTY (Windows and Unixes). . .
6
ComNet: course 2/5 outline File transfer applications
1 Legacy applications Copy a file from one system to another in a heterogeneous

Introduction environment
Remote login several protocols:
File transfer FTP
TFTP
2 Contemporary applications RCP, SCP, SFTP,. . .
World Wide Web client/server style of application
Electronic mail client: interacts with the user, the local filesystem, and the
Peer-to-peer network protocols
server: interacts with the network protocols and the remote
3 Support applications filesystem
Directory (DNS) not to be confused with network filesystems
Network management NFS (Sun, TCP/IP), SMB (Microsoft),. . .

FTP (File Transfer Protocol) FTP: connections
The standard TCP/IP file transfer application (RFC 959) Two parallel TCP connections:
out-of-band signaling, two TCP connections control connection
permanent (created at the start of the FTP session)
interactive access full duplex, initiated by the client (server port n 21)
access control (but password in clear type) purely for exchanging requests and responses
requires interactivity (and reliability)
data transfer connection
TCP control connection
port 21 temporary (created for each file transfer)
FTP FTP
Server
full duplex, initiated by the server
Client
11
00 11
00
port 20
client port number communicated ahead of time
10 TCP data connection
send both files and lists of files/directories
FTP
user
Local Remote requires bandwidth (and reliability)
FS file
interface system released at the end of each file transfer
FTP: data FTP: requests
Many ways to represent data (heterogeneous hosts): ASCII NVT encoding printable, so interactive is possible
file structures: Unix> telnet galion.ufr-info-p6.jussieu.fr 21
unstructured Trying 197.18.176.12...
record structure Connected to localhost.
page structure Escape character is ^].
220 ProFTPD 1.2.0pre10 Server (Debian) [galion.ufr-info-p6.jussieu.fr]
data types: help
ASCII (American Standard Code for Information Interchange) 214-The following commands are recognized (* =>s unimplemented).
EBCDIC (Extended Binary-Coded Decimal Interchange Code) 214-USER PASS ACCT* CWD XCWD CDUP XCUP SMNT*
binary 214-QUIT REIN* PORT PASV TYPE STRU* MODE* RETR
transmission modes: 214-STOR STOU* APPE ALLO* REST RNFR RNTO ABOR
214-DELE MDTM RMD XRMD MKD XMKD PWD XPWD
stream 214-SIZE LIST NLST SITE SYST STAT HELP NOOP
block 214 Direct comments to root@galion.ufr-info-p6.jussieu.fr.
compressed

verify the type of data being transferred Do not confuse the control commands with the ftp user interface ones

ftp software user commands FTP: replies

Unix> ftp Standard encoding: status code + text
ftp> help status description status description
Commands may be abbreviated. Commands are: x0z Syntax
! debug mdir sendport site 1yz Positive Preliminary reply x1z Information
$ dir mget put size 2yz Positive Completion reply x2z Connections
account disconnect mkdir pwd status 3yz Positive Intermediate reply x3z Authentication
append exit mls quit struct
4yz Transient Negative Completion
ascii form mode quote system
5yz Permanent Negative Completion x5z File system
bell get modtime recv sunique
binary glob mput reget tenex 150 Opening BINARY mode data connection
bye hash newer rstatus tick
200 Command successful
case help nmap rhelp trace
cd idle nlist rename type 220 ProFTPD 1.2.0pre10 Server (Debian)
cdup image ntrans reset user 226 Transfer complete
chmod lcd open restart umask 230 User toto logged in
close ls prompt rmdir verbose 331 Username OK, Password required
cr macdef passive runique ? 425 Cant open data connection
delete mdelete proxy send
500 Syntax error (Unknown command)...
FTP: example FTP: miscellaneous
Anonymous: guest account on certain FTP servers:

ftp software (user interface) FTP protocol (control connection) username: anonymous
[toto@hobbes]$ ftp calvin.lip6.fr password: e-mail@address.org
Connected to calvin.lip6.fr.
220 FTPD 1.2pre8 Server (Debian)
220 FTPD 1.2pre8 Server (Debian)
Name (calvin.lip6.fr):toto
331 Password required for toto.
USER toto
331 Password required for toto.
Passive mode: reverse direction data connection
Password:
PASS AB]Ga!9F
230 User toto logged in.
230 User toto logged in. if it is impossible to open a normal data connection
ftp> get toinst.txt
local: toinst.txt remote: toinst.txt address filtering (firewall)
200 PORT command successful.
PORT 192,33,82,12,4,15
200 PORT command successful.
address translation (NAT)
150 Opening BINARY mode data connection
RETR toinst.txt
150 Opening BINARY mode data connection
the PASV command (RFC 1579)
for toinst.txt (1 bytes).
226 Transfer complete.
for toinst.txt (1 bytes).
226 Transfer complete.
the client sends the PASV command to the server a.b.c.d
1 bytes received in 0.377s (0.0026 KB/s)
ftp> quit the server allocates port 256x+y, opens this port in passive
QUIT
221 Goodbye.
[toto@hobbes]$
221 Goodbye. mode, and informs the client via a reply
227 Entering passive mode (a,b,c,d,x,y)
the client opens an active connection towards port 256x+y

TFTP (Trivial File Transfer Protocol) TFTP: example
lightweight file transfer protocol (version 2: RFC 1350) [toto@hobbes]$ tftp calvin.lip6.fr
UDP datagrams sent to port 69 tftp> get config
Received 5220 bytes in 0.377 secs
opcode name description tftp> quit
1 RRQ Read request [toto@hobbes]$
2 WRQ Write request
5 messages:
3 DATA Data RRQ config0 octet 0
4 ACK Acknowledgement 2o No 1 Mo 1
ACK 0
5 ERREUR Error 2o 2o
...
DATA messages each contain 512 bytes (except the last one,
1111111111111
0000000000000
which is smaller or empty) DATA X
2o
0000000000000
1111111111111
2o 512o
stop-and-wait protocol ACK X

11
00 11
00 10 2o 2o
numbered DATA messages
1111111
0000000
...
immediate acknowledgement with ACK DATA Y1111111
0000000
2o
0000000
1111111
2o 0511o
no access control (in Unix, often limited to /tftpboot) ACK Y
2o 2o
Legacy applications Introduction Legacy applications World Wide Web
Contemporary applications Remote login Contemporary applications Electronic mail
Support applications File transfer Support applications Peer-to-peer
RCP, SCP, SFTP ComNet: course 2/5 outline
RCP: rcp
Introduction
A Berkeley r command (along with rlogin, rsh,. . . )
Remote login
the rcp client works with the rshd server
File transfer
idem rlogin: obsolete, security problems,. . .
Secure protocols: SCP, SFTP 2 Contemporary applications
scp: copies files like rcp, but encapsulated in SSH World Wide Web
sftp: like FTP, but easily encapsulated Electronic mail
SFTP is a new protocol (IETF IPSEC working group) Peer-to-peer
SFTP can work over SSH (the default for many sftp clients)
SFTP is not the same as FTPS, which secures connections
with SSL/TLS (Secure Socket Layer/Transport Layer Security) Directory (DNS)
Network management
Legacy applications World Wide Web Legacy applications World Wide Web
Contemporary applications Electronic mail Contemporary applications Electronic mail
Support applications Peer-to-peer Support applications Peer-to-peer
World Wide Web HTTP: overview

90s: Internet = academic network Server Server
90s : World Wide Web Client
Current page
abc.com xyz.com
simple and intuitive (graphic) data access system displayed by

browser
developed at CERN by Tim Berners-Lee, starting in 1990 Hyperlink
first killer app for the general public
to abc.com Hyperlink
browser:
NCSA Mosaic in 1993 (U. Illinois Urbana-Champagne) Browser to xyz.com
program
only 200 sites on the WWW
pioneered integrated images Disk Disk HTTP
HTTP
exponential popularity growth! Server Server
Netscape Navigator in 1994 ( Mozilla in 1998) HTTP used over
Microsoft Internet Explorer in 1995 (start of the browser wars) this TCP connection
and many more (see the W3C website)

server (web server):
The Internet
NCSA httpd Web Server ( Apache in 1998)
Microsoft IIS (Internet Information Service) in 1995 pictures from Tanenbaum A. S. Computer Networks 3rd edition
one protocol: HTTP
HTTP: terminology HTTP: protocol

a web page or document is made up of objects HyperText Transfer Protocol
text files in HTML or XHTML
GIF, JPEG,. . . images TCP connection on port 80
Java applets defined exchanges:
... requests for objects (client server)
a document is generally an HTML file that refers to other transfers of requested objects (server client)
objects using URLs HTTP versions:
HTML (HyperText Markup Language) is a structured markup 97 HTTP/1.0 (RFC 1945)
language for describing documents that contain hyperlinks that non-persistent connections, one connection per object, high
are identified by URLs overhead and latency (TCP three-way handshake and slow
a URL (Uniform Resource Locator) identifies a protocol to be start)
used in order to retrieve an object, and a location at which to
98 HTTP/1.1 (RFC 2616)
retrieve it
http://www.lip6.fr/info/linux.html greater compatibility, persistent connections, parallel requests
ftp://ftp.lip6.fr/pub/linux/disrib/debian/ls-lR.txt possible (pipelining)
file:/public/image/penguin.jpeg no stored state in the server (stateless protocol)
mailto:olivier.fourmaux@lip6.fr
HTTP: example HTTP: request structure

Browser:
<META NAME="Author" CONTENT="johnie@debian.o... Example
GET /index.html HTTP/1.1 <META NAME="Description" CONTENT="The initia...
Connection: Keep-Alive <TITLE>Welcome to Your New Home Page!</TITLE>
User-Agent: Mozilla/4 [en] (X11; I; Linux 0.99 i486) </HEAD> GET /index.html HTTP/1.1
<BODY TEXT="#000000" BGCOLOR="#FFFFFF" LINK="#0...
Host: calvin.lip6.fr
Accept: image/gif, image/jpeg, image/png, */* <BR> Classical message structure Connection: Keep-Alive
Accept-Encoding: gzip <H1>Welcome to Your New Home in Cyberspace!</H1> User-Agent: Mozilla/4 [en] (X11;...)
Accept-Language: fr-FR, fr, en <BR> Request line
Accept-Charset: iso-8859-1,*,utf-8 <IMG SRC="icons/openlogo-25.jpg" ALT="Debian"> Host: calvin.lip6.fr
<IMG SRC="icons/apache_pb.gif" ALT="Apache"></P> Method sp URL sp Version cr lf Accept: image/gif, image/jpeg, */*
Web server: <P>This is a placeholder page installed by the Header field name : Value cr lf
Accept-Encoding: gzip
<A HREF="http://www.debian.org/">Debian</A> Accept-Language: fr-FR, fr, en
HTTP/1.1 200 OK release of the Header field name : Value cr lf
Date: Tue, 24 Sep 2002 12:59:28 GMT <A HREF="http://www.apache.org/">Apache</A> Web Accept-Charset: iso-8859-1,*,utf-8
Server: Apache/1.3.9 (Unix) Debian/GNU server package, because no home page was installed ...
Last-Modified: Sat, 29 Apr 2000 07:07:45 GMT on this host. You may want to replace this as soon Header lines
ETag: "1382c-ffe-390a8a41" as possible with your own web pages, of course.... ...
Accept-Ranges: bytes
Content-Length: 4094 <BLOCKQUOTE>
Header field name : Value cr lf Method
Keep-Alive: timeout=15, max=100 This computer has installed the Debian GNU/Linux cr lf GET
Connection: Keep-Alive operating system but has nothing to do with the
Entity
Content-Type: text/html; charset=iso-8859-1 Debian GNU/Linux project. If you want to report body
POST (forms)
something about this hosts behavour or domain,
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> please contact the ISPs involved directly, HEAD (page test)
<HTML> <strong>not</strong> the Debian Project. <P>
<HEAD> </BLOCKQUOTE> Connection
<META HTTP-EQUIV="Content-Type" CONTENT="tex... ...............................
<META NAME="GENERATOR" CONTENT="Mozilla/4.05... </HTML> Close
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 2/5 : Application Olivier Fourmaux (olivier.fourmaux@upmc.fr) Keep-Alive
Computer Networks (ComNet) 2/5 : Application
HTTP: answer structure HTTP: user identification (1)

Example
HTTP/1.1 200 OK
Classical message structure Date: Tue, 24 Sep 2002 12:59:28 GMT Authentication (RFC 2617)
Server: Apache/1.3.9 (Unix) Debian/GNU
Last-Modified: Sat, 29 Apr 2000 07:07:45 GMT 2 methods: simple (Basic) or via MD5 signature (Digest)
Status line Content-Length: 4094
Version sp Status code sp Phrase cr lf

... client page request with basic authentication:
Content-Type: text/html; charset=iso-8859-1
server responds with an empty page, with header:
Header field name : Value cr lf <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML> 401 Authorisation Required
Header field name : Value cr lf ...............................
</HTML>
WWW-Authenticate: authorization method details
...
Header lines client request for the same page, with header:
...
Header field name : Value cr lf
Authorization: username password
status + description: server response:
cr lf
200 OK if OK the requested page
Entity
body 301 Move permanently else 401 Authorisation Required. . .
400 Bad Request
404 Not Found
505 HTTP Version Not
Supported ...
HTTP: user identification (2) HTTP: Conditional GET
1st HTTP request:
GET /carte/france.jpg HTTP/1.1

Cookies (RFC 2109) Host: www.atlas.org 2nd HTTP request:
identifier associated with a user at a particular machine GET /carte/france.jpg HTTP/1.1
1st HTTP answer:
the server identifies the cookie with a header: Host: www.atlas.org
If-modified-since: Sat, 29 Apr 2005 ...
Set-cookie: id number HTTP/1.1 200 OK
the cookie is stored by the client, who, when asking for the Date: Mon, 2 Oct 2005 23:56:18
Server: Apache/1.3.9 (Unix) 2nd HTTP answer:
same page from the same server, sends it via the header:
Last-Modified: Sat, 29 Apr 2005 ...
Cookie: id number Content-Type: image/jpeg HTTP/1.1 304 Not Modified
Date: Mon, 3 Oct 2005 00:06:43
Donnees............................. Server: Apache/1.3.9 (Unix) Debian/GNU
....................................
....................................
....................................
HTTP: cache and proxy HTTP: CDN
Origin servers Duplicated servers
Public Internet Public Internet
2Mbps
11 0
00 1 11 0
00 1
... ... ... ...
1
0
0
1 1
0
11
00 0
1
11
00
100 Mbps
0
1
... 10
0 0
1
... 10
0
11
00 1
... 11
00 1
...
The HTTP environment ComNet: course 2/5 outline

Optimizing access to resources
cache hierarchy 1 Legacy applications
load balancing Introduction
a distributed systems subject Remote login
Content File transfer
automatic generation: PHP, ASP, servlet. . .
event-driven programming 2 Contemporary applications
database linking World Wide Web
a databases subject, also information structuring via XML Electronic mail
Security Peer-to-peer
HTTPS (RFC 2818): uses SSL on port 443 (or TLS)
applets. . .
Directory (DNS)
Generic transport protocol
Network management
XML, SOAP,. . .
encapsulation (firewalls. . . )
E-mail applications SMTP: introduction

POP
0 UA
1
1
0
Asynchronous message exchange across the Internet
0
1
... the original killer app.

... ...
11
00 UA
three basic elements
00
11
00
11 UA (User Agent)
mail, elm, pine, mutt,. . .
Mail server
Eudora, Outlook and MS Mail, Mail.app, Mozilla
UA
SMTP Thunderbird,ldots
10
0 1
SMTP ... mail server, or MTA (Mail Transfer Agent)
...
sendmail. . .
UA
1
0
0
1
11
00
makes up the infrastructure of the mail distribution system
Mail server
local user mailboxes
Mail serveur queue of outgoing messages or messages in transit
UA UA
0
1
... 10
0
... UA timeout and retry if the destination is unreachable
11
00 1
... a protocol: SMTP
SMTP
SMTP: overview SMTP: example

Simple Mail Transfer Protocol (RFC 821 - STD 10, updated by 220 hobbes.lip6.fr SMTP Sendmail 8.9.3; Wed, 22 Sep 2008 00:59:49 +0200
RFC 5321) HELO calvin.lip6.fr
client/server application 250 hobbes.lip6.fr Hello calvin.lip6.fr, pleased to meet you
MAIL FROM: pere-noel@hobbes.lip6.fr
based on reliable TCP connections 250 pere-noel@hobbes.lip6.fr... Sender ok
old RCPT TO: totu@hobbes.lip6.fr
4 widely used 550 totu@hobbes.lip6.fr... User unknown
RCPT TO: toto@hobbes.lip6.fr
8 messages coded in ASCII NVT
250 toto@hobbes.lip6.fr... Recipient ok
connection to mail servers on port 25 DATA
354 Enter mail, end with "." on a line by itself
Cher Toto,
SMTP
Noubliez pas de menvoyer votre liste de cadeaux
Le Pere Noel.
.
250 BAA01090 Message accepted for delivery
QUIT
Alices mail server
221 hobbes.lip6.fr closing connection
Bobs mail server
SMTP: commands (1) SMTP: commands (2)

SMTP server interactive mode
Unix> telnet galion.ufr-info-p6.jussieu.fr 25
Trying 192.133.82.123... Basic SMTP commands (RFC 821), minimum implementation:
Connected to galion.ufr-info-p6.jussieu.fr HELO Communicates the clients domain name
Escape character is ^].
MAIL Specifies the e-mail address of the sender
220 galion.ufr-info-p6.jussieu.fr SMTP Sendmail 8.9.3; Wed, 25 Sep 2002 00:54:15 +0200
help RCPT Specifies the e-mail address of the receiver
214-This is Sendmail version 8.9.3 DATA Starts content transfer, until a line with only .
214-Topics: QUIT Closes the connection
214- HELO MAIL RCPT DATA
214- QUIT VRFY NOOP RSET
VRFY Confirms that the receiver address is valid
214- HELP NOOP No operation, checks that the server is alive
214-For more info use "HELP <topic>". RSET Cancels the current transaction
214-To report bugs in the implementation send email to
214- sendmail-bugs@sendmail.org.
214-For local information send email to Postmaster at your site.
214 End of HELP info
SMTP: replies SMTP: legacy message structure

Messages encoded via ASCII NVT (RFC 822)
the envelope
updated by each successive SMTP entity
MAIL FROM: and RCPT TO: comands
Standard text-based encoding the message
status + description: mainly inserted by the user agent
DATA command
220 SMTP Sendmail 8.9.3
header
221 Closing connection
each field on one line name: value
250 Command successful From: Toto at Paris 13 <toto@galere.univ-paris13.fr>
354 Enter mail, end with "." on a line by itself Date: Mon, 22 Sep 2003 01:13:20 +0200
550 User Unknown To: Titi at Paris 6 <titi@hypnos.lip6.fr>
Subject: rapport TER
X-Scanned-By: isis.lip6.fr
a blank line
body
end with a line containing only .
Evolution of the envelope: ESMTP Evolution of the header structure

Some ESMTP (RFC 1425) commands:
Non-ASCII characters in the header:
EHLO Signals use of ESMTP and introduces the client =?charset?encode?encoded-text?=
SIZE Declares the maximum message size
8BITMIME Signals possibility of 8 bit coding charset: us-ascii, iso-8859-x, ...
X??? Local SMTP extensions encode: le coded form of the text must still be ASCII NVT
Negotiation of ESMTP extensions: Quoted-printable (Q) for Latin character sets:
characters > 128 encoded with 3 characters (= hex coding)
EHLO hobbes.lip6.fr.
space character always =20
250-hobbes.lip6.fr Hello [62.62.169.227], pleased to meet you
250-ENHANCEDSTATUSCODES Base64 (B):
250-PIPELINING three bytes of text (24 bits) encoded with 4 ASCII chars.
250-EXPN 6 bit values (0, 1, 2... 63) ABC...YZab...yz01...9+/
250-VERB padded with = to complete 4 characters
250-8BITMIME encoded-text:
250-SIZE
=?iso-8859-2?Q?Igen,=20k=F6sz=F6n=F6m?=
250-DSN
250-DELIVERBY =?iso-8859-1?B?QnJhdm8sIHZvdXMgYXZleiBy6XVzc2kgIQo=?=
250 HELP
MIME (Multipurpose Internet Mail Extensions) MIME: types and subtypes

New MIME headers (RFC 2045 and RFC 2046)
multipart/mixed
Mime-Version: 1.0 /etc/mime.types audio/midi multipart/parallel
Content-Type: type/sous-type;parametres audio/mpeg multipart/signed
application/mac-binhex40 audio/x-wav
simple: text/plain; charset="ISO-8859-1"
application/msword text/html
text/html, image/jpeg,. . . application/octet-stream image/jpeg text/plain
structured: multipart/mixed; Boundary=hjfdskjhfdshf application/postscript image/png text/richtext
each message block begins with: hjfdskjhfdshf application/vnd.hp-PCL image/tiff text/rtf
nesting is possible application/vnd.ms-excel text/xml
Content-Disposition: presents a block (RFC 2183) application/x-debian-package message/delivery-status text/x-java
application/x-doom message/external-body text/x-tex
Content-Transfer-Encoding: coding of the block application/x-gnumeric message/http text/x-vcard
7 bits is compatible with legacy MTAs (RFC 821) application/x-java-applet message/partial
7bit (ASCII NVT) application/x-javascript message/rfc822 video/mpeg
quoted-printable (recommended for all text) application/x-msdos-program video/quicktime
base64 (recommended for byte streams) application/x-tar multipart/alternative video/x-msvideo
8 bits if the 8BITMIME command is accepted multipart/digest
8bit et Binary (lines or blocks of 8 bit data) audio/basic multipart/encrypted
ESMTP: MIME message example Completing message delivery
From: Olivier Fourmaux <olivier.fourmaux@lip6.fr> Machine only connects to the network sporadically?
Date: Wed, 20 Feb 2002 01:21:01 +0100
To: Toto <toto@free.fr> Messages stored on the last MTA (e.g., that of the ISP)
Subject: Document no 3.02
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="/9DWx/yDrRhgMJTb"
several possibilities:
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
direct server access (mount an NFS or SMB volume)
User-Agent: Mutt/1.2.5i POP
--/9DWx/yDrRhgMJTb IMAP
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline HTTP
Content-Transfer-Encoding: 8bit
Voici le document secret que vous mavez demande...
--/9DWx/yDrRhgMJTb SMTP
Content-Type: application/pdf
Content-Disposition: attachment; filename="sujet-exam-RES.pdf"
?
Content-Transfer-Encoding: base64
?
JVBERi0xLjIKJcfsj6IKNSAwIG9iago8PC9MZW5ndGggNiAwIFIvRmlsdGVyIC9GbGF0ZURl
Y29kZT4+CnN0cmVhbQp4nO1dy7YdtRGd3684Mx6L07T63ZkBdghgXvYlJFlMHNsYm+sHhkCS...
Alices mail server Bobs mail server
POP3 IMAP4
Post Office Protocol Version 3 (RFC 1939) Internet Mail Access Protocol version 4 (RFC 2060)
simple complex
TCP connection on port 110 TCP connection on port 143
three states: same functionality as POP, with:
AUTHORIZATION (client identification) attribute-based access (12th e-mail from Alice)
TRANSACTION (client requests and server actions) partial message retrieval (3rd attachment)
UPDATE (server releases resources) synchronization of mailboxes
SMTP SMTP
POP 3 IMAP 4
UA UA
Alices mail server Bobs mail server Alices mail server Bobs mail server
Web-mail E-mail and security

The underlying protocols are not secure
text-based exchanges lacking confidentiality (control or data)
Accessing the SMTP server via a web interface
no authentication under SMTP
various web-based services: username and password in clear type over POP and IMAP
Hotmail, Yahoo!, GMail. . . Some solutions:
an alternative means to access corporate or ISP e-mail: PGP (Pretty good privacy) in unfriendly environments:
horde/IMP, Squirrelmail, Zimbra. . . authentication, integrity, and confidentiality (signed and/or
encrypted data)
OpenPGP (RFC 2440): GPG (Gnu Privacy Guard)
Web server
SMTP securing the connection to a trusted remote site:
if the site is accessible via SSH
remote access via SSH (text-based)
HTTP
SSH tunnels
Alices mail server Bobs mail server
Web client
if the client and server support SSL (or TLS)
POP3S (RFC 2595): port 995
IMAPS (RFC 2595): port 993
HTTPS for securing web-mail. . .
ComNet: course 2/5 outline Peer-to-peer file sharing application
1 Legacy applications 1
0
0
1
0
1
Introduction ... ... ...
Remote login
00
11
11
00
File transfer 00
11
World Wide Web 10
0 1
Electronic mail ... ...
Peer-to-peer
1
0
0
1
11
00
Directory (DNS)
0
1
... 10
0
...
Network management 11
00 1
...
Numerous peer-to-peer applications P2P: questions

Peer-to-peer applications: Basic principles
file sharing
generic nodes (neither client nor server)
Napster, eDonkey, BitTorrent...
FastTrack (KaZaA, Grokster et Imesh), Gnutella2... resource aggregation (networks/processors/storage)
Gnutella... application-layer protocols
BitTorrent 0
1
1
0
0
1
anonymous storage 11
00
11
00
11
00
Freenet, Entropy... 1
0
0
1
11
00
audio/video streaming
Standards? 10
0 1
VoD : Peercast, Joost...

Cant everything be client/server?
P2PTV : Coolstreaming, TVants, PPLive...
other network services lifted to the application layer is this just networking at the application layer?
IP routing protocols what new sorts of services? applications?
ad-hoc networks what are the new technical challenges?
multicast communications. . .
P2P: architectures (1) P2P: architectures (2)
Classical centralised client/server Client/server with server replication
P2P: architectures (3) P2P: client/server comparison

RPC/RMI P2P messages
Classical peer-to-peer synchronous asynchronous
asymmetric symmetric
language-oriented service oriented
identification anonymous
authentication high availability
Client_call(args) Peer_main_loop()
while (true)
Server_main_loop() await(event)
while (true) switch(event.type)
await(call) case timer_expire:
switch(call.procid) do_some_P2P_work()
case 0: call.ret=proc0(call.arg) randomize_timers()
case 1: call.ret=proc1(call.arg) case inbound_mesg:
... handle_mesg()
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 2/5 : Application default: exception
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 2/5 : Application
P2P: features P2P: existing applications

Characteristics of peer-to-peer systems
Peer-to-peer is not new:
no clear separation of roles IP routers
avoid bottlenecks or defective nodes topology discovery
need for distributed algorithms neighbor state maintenance
service discovery (naming, addressing, metric calculation) autonomy and fault tolerance
maintaining neighbor state
distributed routing algorithm. . .
application-layer routing (linked to content)
robustness, management of link or node failure. . . CiscoSystems Cisco 7000SERIES
CiscoSystems Cisco 7000SERIES


Napster Napster: basic design
Program for sharing MP3 files Combined approach

not the first, but the best-known client/server based search with a central list
highly informative regarding the significance of peer-to-peer
systems. . . direct exchange of files between peers
. . . along technical, legal, political, and economic lines point-to-point TCP connections (port 7777 or 8888)
a disruptive technology? 4 steps:
timeline
end 98: Shawn Fanning (19 years old) starts developing the
Connection to the Napster server
system Peer sends its file list to the server (push)
05/99: creation of the Napster Online Music Service Peer sends keywords and retrieves a list of peers
06/99: initial testing of the application Selection of the best peer (pings)
12/99: first lawsuits (Metallica, RIAA...)
mid 00: more than 60M users
a significant portion of university traffic (30% to 50%)
02/01: US 9th Circuit Cout of Appeals ruling
mid 01: 160K users. . .
Napster: Upload Napster: Search
Peers send their lists of files to share A peer sends a search request
The server replies with a list of possible locations
napster.com
napster.com
Napster: Pings Napster: Download
Pinging possible peers (searching for the best bandwidth) The peer obtains the file directly from its chosen peer
napster.com napster.com
Napster: remarks Gnutella: background (1)

centralized server
single point of failure
congestion risk
load balancing using round-robin DNS
enterprise-controlled
no security Completely distributed file sharing
clear-type password
no authentication
corrects the perceived defects of Napster
no anonymity Open source
proprietary codebase no servers; no global index
automatic download of updates purely local knowledge
evolution: but still the same legal and economic issues. . .
OpenNap: no direct responsibility for the service
open source lacks anonymity
inter-server communications RIAA goes after the users directly!
all data types
Gnutella: background (2) Gnutella: principle

Search by flooding
Peer-to-peer networking if I do not have the requested file:
I ask 7 peers if they have the file
direct connection between peer applications if they dont have it, they each contact 7 of their neighboring
problem: peers
decentralized file search recursive search limited to N hops
each application: loop detection through temporary memorization of requests
messages can be received twice
stocks a variety of files
routes queries to and from its peers
serves file transfer requests
timeline
03/00 freelance project abandoned after just a few days by B
AOL (Nullsoft)
too late: already more than 20K users. . . A
TTL=0 STOP!
Gnutella: messages Gnutella: identifying peers (1)

Gnutella control message structure:
Gnode ID Type TTL Hops Length Data... Active peer detection
(16 bytes) (1 byte) (1 byte) (1 byte) (4 bytes) Ping request
Gnode ID : identifies the node in the Gnutella network no data
Type : action to perform restrictions on sending so as not to saturate the network
Ping (looking for a peer) creates state in the routing table (Pong return path)
reply and transfer to connected peers (TTL limit)
Pong (reply to a Ping, IP address)
Query (criteria-based file search) Pong reply
Query-Hit (reply with a list of files and IPs) data:
Port IP address No. of files KB shared
Push (mecanisme de passage de firewall) (2 bytes) (4 bytes) (4 bytes) (4 bytes)
TTL : number of hops remaining Port : port number on which the peer is listening
Hops : number of hops taken IP address : address at which the peer is reachable
TTLn + Hopsn = TTLinitial No. files : number of files shared by the peer
Length : data block size in bytes KB shared : amount of data shared by the peer
Data : may be empty
Gnutella: identifying peers (2) Gnutella: file search (1)
Active peer detection

Information search request
TTL=0 STOP! request Query:
Minimum speed Search criteria
Pong (2 bytes) (N bytes)
TTL=1 Speed : peers minimum bandwidth for response (kB/s)
Ping Criteria : character string terminated by 0x00
A creates state in the routing table (Query-Hit return path)
TTL=2 TTL=0 STOP!
transfer to connected peers (TTL limit)
reply Query-Hit...
Gnutella: file search (2) Gnutella: file search (3)
Request to obtain information

reply Query-Hit
No. Hits Port IP Address Speed Results Peer GID
(1 byte) (2 bytes) (4 bytes) (4 bytes) (N bytes) (16 bytes)
No. Hits : the number of Results fields
Port : port number on which the peer is listening Hit
IP address : address at which the peer is reachable
Speed : minimum bandwith requested (kB/s) Query
Results : a series of No. Hits fields: A
File index File size Filename (string
(4 bytes) (4 bytes) ending in 0x0000)
Peer GID : identity for a Push
routed along the reverse path established by Query requests B
DATA
Gnutella: getting around firewalls (1) Gnutella: getting around firewalls (2)
Reversing the data connection

Reversing the data connection
Push request
data:
Peer GID File index IP Address Port
(16 bytes) (4 bytes) (4 bytes) (2 bytes)
Hit
Peer GID : peer identifier
Index : unique identifier of the file at the peer Query
IP Address : address to which the file should be sent Push
A
Port : port on which the receiver is listening
routed along the reverse path established by Query-Hit
responses
allows the creation of the data connection from the peer DATA
B
Gnutella: connection management Gnutella: remarks

TCP-based control connection
connection request:
GNUTELLA CONNECT/0.6 Lessons learned:
Node: 201.33.182.178:6346 saturation of low bandwidth peers (modems)
User-Agent: gtk-gnutella/0.80 beta2 - 22/01/2002 ability to indicate that one has a file but that one is saturated
peer reply: reachable network size is limited (connections broken due to
GNUTELLA/0.6 200 OK modems)
User-Agent: Morpheus 2.0.1.7 creation of a hierarchy of peers
Remote-IP: 181.185.36.178 anonymity?
confirmation: the peer from which you retrieve the file knows your identity
protocols in which it is possible not to know the receiver
GNUTELLA/0.6 200 OK
Data retrieval via HTTP
independently from the Gnutella network:
direct connection between the peers and sending of a GET
P2P evolution BitTorrent (1)

Gnutella2, KaZaA (FastTrack network)... File sharing:
file broken into blocks of 64KB to 1MB (chunks)
heterogeneous hosts
creation of a .torrent
hierarchical topology metadata
Super-Nodes signature for each chunk
establishment of a tracker
machine that oversees the distribution
data exchange between all requesters (leechers)
the source (seed) only gets the exchange going
Characteristics:
no search feature
no direct downloading (HTTP style)
avantages:
inexpensive
redundancy
supports flash-crowds
BitTorrent (2) BitTorrent (3)

Strategies: Evolutions :
peer selection indexing/search
tit-for-tat + choking initially specialized search engines (web):
http://thepiratebay.org/
encourage cooperation and reduce free-riding
http://www.mininova.org/
choose the best contributors and suppress the others
http://www.demonoid.com/ (subscription)
periodic mechanism (10 secs)
...
optimistic unchoke distributed tracker (distributed hash table)
discover new peers based on Kademlia
supply a new peer at random
multitracker
periodic mechanism (30 secs)
redundancy
chunk selection: signaling overhead
rarest first encrypted exchanges
provide the rarest chunk first Protocol header encrypt (PHE)
maximize the entropy of each chunk Message stream encryption/Protocol encryption (MSE/PE)
random first content distribution (A/V streaming)
speed up the start phase for new peers many projects...
Legacy applications World Wide Web Legacy applications
Directory (DNS)
Contemporary applications Electronic mail Contemporary applications
Network management
Support applications Peer-to-peer Support applications
P2P: others ComNet: course 2/5 outline

Completely anonymous file sharing
Freenet 1 Legacy applications
decentralized peer-to-peer system (like Gnutella) Introduction
local awareness only
Remote login
access to resources is via neighbor-to-neighbor routing
anonymous source File transfer
anonymous receiver
resists attempts to limit access 2 Contemporary applications
Structured peer-to-peer systems for content-based search: World Wide Web
Chord Electronic mail
key-based identity (SHA-1 on a string) Peer-to-peer
key-based location (SHA-1 on the node address)
storage on the closest successor node 3 Support applications
Tapestry Directory (DNS)
route identifiers (hash) according to the node suffix Network management
CAN (Content Addressable Network)
virtual Cartesian space

Directory (DNS) Directory (DNS)
Network management Network management
Associating names and addresses Directory

http://www.test.org Converting written Internet host names into numerical addresses
1
0
0
1
0
1
initially
... one file
... ...
flat namespace
11
00
00
11
00
11 administration centralized by a NIC (Network Information
Center)
today: DNS
11 0
00 1 distributed database
... ... hierarchical namespace
decorrelated from the physical topology
1
0
0
1
11
00 system controlled byInterNIC (1992-1998), then ICANN
ftp
82.133.12.2 (Internet Corporation for Assigned Names and Numbers) and
its numerous subauthorities
0
1
... 10
0
... hierarchical delegation (close to the namespace structure)
11
00 1
...
delegating reasonable-sized pieces of the namespace
telnet linux01.test.org protocol...
DNS (Domain Name System) DNS: namespace

Standard directory for the Internet (RFC 1034 and RFC 1035) Hierarchical naming system
hierarchical namespace and system of delagation tree structure ( Unix filesystem)
name servers (DNS servers) node label: 63 chars. max. (A..Za..z- case insensitive)
physical components of the hierarchy that host the distributed domain name = list of labels, traversing the tree from root
database to leaf (total 255 chars. max. and . label separator):
handle DNS requests
absolute (FQDN): pc24.CS.keio.ac.jp.
transport via UDP or TCP, port 53
applications access them through the resolver (UNIX): relative names are handled locally (host)
gethostbyname (3), gethostbyaddr (3) Generic Countries
services:
name resolving
host aliasing int com edu gov mil org net jp us nl ...
mail server aliasing sun yale acm ieee ac co oce vu

load disribution... eng cs eng jack jill keio nec cs
example:
ai linda cs csl flits fluit
BIND (Berkeley Internet Name Domain)
named (UNIX) robot pc24

DNS: gTLD (generic Top Level Domain) DNS: ccTLD (country code Top Level Domain)
gTLD intro. description operator ccTLD (ISO 3166) 240 countries and external territories
.aero 2001 Air-transport industry * SITA .ac Ascension Island
.asia 2006 Asia-Pacific region * Afilias .af Afghanistan
.biz 2001 Unrestricted NeuLevel .aq Antarctica (-60S)
.cat 2005 Catalan lingu. & cult.* Asso. puntCAT .eu European Union
.com/.net 1985 Unrestricted VeriSign .fr France
.coop 2001 Cooperative * DotCooperation .gf French Guiana
.edu 1985 (US) educational inst. * VeriSign .gp Guadeloupe
.gov 1985 US government * US Admin. .mq Martinique
.info/.org 01/85 Unrestricted Afilias .pf French Polynesia + Clipperton
.int 1988 Internat. organisations ICANN .pm Saint-Pierre and Miquelon
.job 2005 Human resrc. managment* Employ Media .re Reunion
.mil 1985 US military * US DoD NIC .tf TAAF
.mobi 2005 Mobile device use * Mobi JV .ru Russia (+.su)
.museum 2001 Museums * MuseDoma .tv Tuvalu
.name 2001 Individuals VeriSign .uk United Kingdom (+.gb)
.pro 2001 Professionals RegistryPro .us United States
.tel 2005 Internet Tel. serv.* Telnic Limited .za South Africa
.travel 2005 Travel industry* Tralliance Corp. .zw Zimbabwe
DNS: .arpa domain DNS: zones (1)

ICANN administers the root and delegates the TLDs to domain
Lookup: pc24.cs.keio.ac.jp. ?
name registries
Reverse lookup: 24.57.237.198.in-addr.arpa. ? separately administered zones (subtrees to the DNS tree)
( physical partitions in a Unix filesystem)
gov arpa delegation of the names of the corresponding subdomains
edu fr jp
example: keio.ac.jp.
e164 ip6
inaddr each with its own name servers
ac
Generic Countries
keio 0 198 255
cs 0 237 255 int com edu gov mil org net jp us nl ...
sun yale acm ieee ac co oce vu

0 57 255
pc24 eng cs eng jack jill keio nec cs
ai linda cs csl flits fluit

0 24 255
robot pc24

DNS: zones (2) DNS: name servers

Do not confuse zone and domain! Different types of name server
authoritative servers for a zone:
gov primary name server
edu fr jp authoritative records
go aware of its descendants (delegations)
co configured locally (from disk)
ac
utokyo secondary name server
redundancy: completely separate from the primary
keio zone keio.ac.jp configured and updated by the primary (zone transfer)
www physically independent from the zone
domaine keio.ac.jp
cs humi
math local servers (providing access to the service)
zone humi.keio.ac.jp
www top-down resolving (from TLD to sub-domain)
pc24 www knowledge of root name servers
www sun3
1 primary and 12 secondaries, high availability (anycast)
hardwired (ftp.rs.internic.net/domain/named.root)
recursive or iterative queries
DNS: iterative query DNS: recursive query

10 pc24.cs.keio.ac.jp
Serveur pc24.cs.keio.ac.jp
198.237.57.24 Serveur DNS
Q: pc24.cs.keio.ac.jp ? DNS local 10 198.237.57.24
A: IP=198.237.57.24 entreprise 2
1
0
1 1
0
0 0 1
1 9 1
0 (connaissant ac.jp.)
0 0
1
10
1 0
1 10
1 0
0 A: IP=198.237.57.24
110
1 1 0
0 1 10
Q: pc24.cs.keio.ac.jp ?
Q: pc24.cs.keio.ac.jp ? Q: pc24.cs.keio.ac.jp ? Q: pc24.cs.keio.ac.jp ?
2 8 Serveur 6 A: IP=198.237.57.24
DNS local 8 4 7
A: jp.= Q: pc24.cs.keio.ac.jp ?
200.3.28.7, Q: pc24.cs.keio.ac.jp ? A: IP=198.237.57.24
4 Q: pc24.cs.keio.ac.jp ?
55.120.18.2, A: ac.jp.= 6
... Q: pc24.cs.keio.ac.jp ?
77.181.1.1, 5
3 77.180.4.1, A: keio.ac.jp.= 9
... A: IP=198.237.57.24
A: keio.ac.jp.=
198.237.19.1, 3 198.237.19.1,
5 2
80.4.90.1, Serveur Serveur
... 80.4.90.1,
keio.ac.jp. Q: pc24.cs.keio.ac.jp ? ... keio.ac.jp.
7 198.237.19.1 198.237.19.1
Serveur racine Serveur DNS
80.3.7.6 Serveur ac.jp. entreprise 1
Serveur ac.jp.
Serveur jp. 77.180.4.1
200.3.28.7

DNS: performance DNS: basic message structure

Can the DNS system support the load? flags:
0 15 16 bit 31
QR (1 bit): 0 = question,
problems from systematic consultation of the root identification flags
1 = response
does not take into accoun the locality of requests number of questions number of responses
number of servers num. of addl. info. opcode (4 bits) 0 = standard ...
local server generally distinct from the authoritative server
load on the root servers AA (1 bit): 1 = authoritative
Questions response
how many requests from the Internet as a whole?
availability of the root servers TC (1 bit): 1 = truncated (UDP
datagram < 512B)
all requests pass through these Response fields
RD (1 bit): 1 = recursion desired
the use of caches
(indicated by the client)
second-hand information (non-authoritative records) Authoritative server fields
response from an authoritative server includes a time limit on RA (1 bit): 1 = recursion available
its validity (TTL) (indicated by the server)
responses from the TLDs regarding the root servers are valid reserved (3 bits): 000
Additional information fields
48 hours rcode (4 bits): 0 = no error...
100,000 requests per second (2005) 3 = name error...
DNS: structure of one query field DNS: structure of one answer field
0 15 16 bit 31 0 15 16 bit 31
Name (not 32-bit aligned) Name (not 32-bit aligned)
Type Class Type Class

Name: N bytes, each label is preceded by a byte indicating its TTL
Data length (B)
length (or, if >0x3F, 0xC0ZZ is a pointer to ZZ bytes from the
start of the message). Terminated by 0x00. Data
4, p, c, 2, 4, 2, c, s, 4, k, e, i, o, 2, a, c, 2, j, p, 0
Type (16 bits): Name, Type, Class: idem
val name description val name description
1 A IPv4 addr 13 HINFO eqpt. info. TTL (32 bits): validity in seconds
2 NS serv. name 15 MX server msg. Data length (16 bits): in bytes
5 CNAME alias 28 AAAA IPv6 address Data (N bytes without padding):
6 SOA zone ...
Name (string encoded as for a question) NS, CNAME...
12 PTR name ptr. 255 * tt types (quest.)
Addresses (numerical value) A 4 bytes, AAAA 16 bytes...
Class (16 bits): 1 = Internet

DNS: inverse directory DNS: obtaining a delegation
Becoming the authoritative reference for an official subdomain:

Converting numerical addresses into literal names
reserve the name with a domain name registrar
queries of type name pointer (PTR) put in place servers that conform to the DNS standard
IPv4 address authoritative zone information
198.237.57.24 replication in at least one secondary server
conversion into the in-addr.arpa domain if there are sub-delegations:
24.57.237.198.in-addr.arpa knowledge of the servers descendants
often used to verify access rights
if managing the corresponding IP addresses:
authoritative name pointers
DNS: dynamic updates DNS: security

Dynamic DNS (RFC 2136)
host autoconfig compatibility (local DNS): No security in the basic protocol (RFC 3833)
update interception/modification of DNS messages
notification
false messages (DNS cache poisoning)
security problems... denial of service...
Dynamic DNS service (third-party provider) DNSSEC (RFC 4033 a 4035 + RFC 4310 + RFC 4641)
to operate with a dynamic address (residential access): extension of the DNS system, enabling:
server: dyndns.org, no-ip.org...
authentication of the origin of data
client indicates the address update (host/setupbox)
authentication of existance denial
virtual delegation (3rd level subdomain)
data integrity
toto123.myftp.biz
toto123.blogsite.org obligatory for securing DNS updates
toto123.homelinux.org beware of proprietary extensions...
toto123.dyn-o-saur.com
toto123.endofinternet.net...

DNS: example ComNet: course 2/5 outline
Unix> dig www.math.keio.ac.jp

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11895 Introduction
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 4
Remote login
;; QUESTION SECTION:
;www.math.keio.ac.jp. IN A
File transfer
;; ANSWER SECTION:
www.math.keio.ac.jp. 3600 IN CNAME sun3.math.keio.ac.jp. 2 Contemporary applications
sun3.math.keio.ac.jp. 3600 IN A 131.113.70.3
World Wide Web
;; AUTHORITY SECTION:
math.keio.ac.jp. 3600 IN NS relay.math.keio.ac.jp. Electronic mail
math.keio.ac.jp. 3600 IN NS ns.st.keio.ac.jp.
math.keio.ac.jp. 3600 IN NS ns0.sfc.keio.ac.jp. Peer-to-peer
;; ADDITIONAL SECTION:
relay.math.keio.ac.jp. 3600 IN A 131.113.70.1 3 Support applications
ns.st.keio.ac.jp. 127 IN A 131.113.1.8
ns0.sfc.keio.ac.jp. 1199 IN AAAA 3ffe:501:1085:8001::121 Directory (DNS)
ns0.sfc.keio.ac.jp. 2358 IN A 133.27.4.121
Network management
;; Query time: 577 msec MSG SIZE rcvd: 206
Network management Manageable equipement

Network evolution (many machines and devices to adminster)
Needs: 0
1
1
0
0
1
network supervision ... ... ...
fault detection
11
00
performance measurement 00
11
00
11
equipment control
activating (interfaces...)
configuring (routing tables...) 10
0 1
centralized control ... ...
Constraints: 1
0
0
1
11
00
heterogeneous devices
routers, hubs, switches...
computers, printers, probes... 0
1
... 10
0
...
11
00 1
...
multiple constructors
remotely deployed devices

TCP/IP management SNMP: design

Managing machines in a TCP/IP environment Information is stored in two types of databases:
instrumenting the devices (agents) agent bases (in the devices): The values are directly linked
supervision software (HP Openview, Cisco Works, Nagios...) to the internal records
management protocol SNMP centralized base (supervision platform): most recent values
received and history (statistics)
Management
Management process
Station Host Router Standardisation (for heterogeneous environments)
Printer MIB standards designate the types of information stored
Managed
A
SMI standards describe common structures and nomenclature
node
B A data format is ASN.1
SNMP protocol Agent the SNMP protocol for controlling agents enables:
A reading/writing of variables at governed entities
LAN
communication of alarms
Bridge listing the variables of the governed entities
pictures from Tanenbaum A. S. Computer Networks 3rd edition combined global view
SNMP: commands SNMP: message structure

version communaut type ident erreur erreur nom valeur nom valeur ...
PDU req. status index
The richness the MIBs! version: current version 1 (0 SNMPv1)

only 5 simple commands community: string defining access rights
generally public
uses UDP ports 161 and 162
PDU type: 0 (get), 1 (get-next), 2 (set),
get 161 3 (get-response)
Station Agent
getnext 161 we will explain type 4 (trap) messages later...
161 getresponse
ident. req.: link queries and responses
set 161
trap error status and error index: error type relating to the
162
variable being referenced (0 no error)
name and value: variables being described
Field sizes are not pre-set, as the structure is described in ASN.1
with BER coding.

SNMP: SMI (Structure for Management Information) OID (Object IDentifier)
types defined by SMIv1 (RFC 1155 et 1212)

namespace tree (unique name for each object)
NULL no value Internet objects start 1.3.6.1.
INTEGER signed integer (no limit)
Counter positive integer (0 to 232 1) wrapping uit(0) iso(1) uit+iso(2)
Gauge positive integer (0 to 232 1) bounded standard(0) org(3)

TimeTicks time in hundredths of a second
dod(6) iana(90)
OCTET STRING unrestricted byte string
Internet(1)
DisplayString string coded in NVT, 255 chars. max
dir(1) mgmt(2)
IpAddress 4-byte string private(4)
PhyAddress 6 byte string mibII(1) enterprise(1)
OBJECT ID. numeric identifier... system(1) interfaces(2) at(3) ip(4) icmp(5) tcp(6) udp(7) ...
SEQUENCE structure of named elements ... ... ... ... ... ... ...
SEQUENCE OF vector of identical elements
SNMP: MIB (Management Information Base) MIB: simple variable
object groups defined by MIB II (RFC 1213):

Four simple variables in the UDP group:
1.3.6.1.2.1.1 system
1.3.6.1.2.1.2 interfaces the MIB II relates SMI-defined types
1.3.6.1.2.1.3 at
udpInDatagrams Counter ro no. datagrams delivered to applications
1.3.6.1.2.1.4 ip udpNoPorts Counter ro no. datagrams for which no application
1.3.6.1.2.1.5 icmp udpInErrors Counter ro no. datagrams undelivered
1.3.6.1.2.1.6 tcp udpOutDatagrams Counter ro no. datagrams sent
1.3.6.1.2.1.7 udp
1.3.6.1.2.1.8 egp mibII(1)
1.3.6.1.2.1.10 transmission
udp(7)
1.3.6.1.2.1.11 snmp
UdpInDtg(1) UdpNoPorts(2) UdpInErrors(3) UdpOutDtg(4) UdpTable(5)
other groups and subgroups are defined (other RFCs):
UdpEntry(1)
1.3.6.1.2.1.17 bridge
1.3.6.1.2.1.43 printer ... UdpLocalAddress(1) UdpLocalPort(2)
These groups contain simple variables or tables


MIB: table variable SNMP: referring to variables

One table in the UDP group:
Referring to variables:
udpTable indicates the ports being supervised
simple: add .0 to the end
udpTable is a vector of udpEntry structures
table: add values to the index field
udpLocalAddress IpAddress ro adresse IP locale
traverse the tables OIDs in lexicographic order
udpLocalPorts [0..65535] ro port correspondant
short name OID value
mibII(1) udpInDatagrams.0 1.3.6.1.2.1.7.1.0 17625
udp(7) udpLocalAddress.0.0.0.0.53 1.3.6.1.2.1.7.5.1.1.0.0.0.0.53 0.0.0.0
udpLocalAddress.0.0.0.0.161 1.3.6.1.2.1.7.5.1.1.0.0.0.0.161 0.0.0.0
UdpInDtg(1) UdpNoPorts(2) UdpInErrors(3) UdpOutDtg(4) UdpTable(5)
udpLocalPort.0.0.0.0.53 1.3.6.1.2.1.7.5.1.2.0.0.0.0.53 53
UdpEntry(1)
udpLocalPort.0.0.0.0.161 1.3.6.1.2.1.7.5.1.2.0.0.0.0.161 161
UdpLocalAddress(1) UdpLocalPort(2)
this naming scheme allows objects to be specified in UDP
messages
the table index is: udpLocalAddress.udpLocalPorts only the OIDs and the values are transported
this index is specified at MIB creation
SNMP: get-next command SNMP: Trap

Operator for lexicographic traversal of the OIDs: Agent sends message to admin. port 162
returns the next terminal reference version communaut type entreprise adr. type code estamp. nom valeur ...
get-next udp udpInDatagrams.0 = 17625 =4 agent trap entr. temp.
allows one to iterate through variables... enterprise: identifies the agents creator
get-next udpInDatagrams.0 udpNoPorts.0 = 0 OID starting with 1.3.6.1.4.1.
... and tables agent addr.: IP address of the agent
get-next udpTable 0 coldStart agent initialised
udpLocalAddress.0.0.0.0.53 = 0.0.0.0 1 warmStart agent reinitialised
get-next udpLocalAddress.0.0.0.0.53 2 linkDown interface disactivated
udpLocalAddress.0.0.0.0.161 = 0.0.0.0 trap type:
3 linkUp interface activated
get-next udpLocalAddress.0.0.0.0.161 ...
udpLocalPort.0.0.0.0.53 = 53 ... 6 entr. specific see the field code entr.
end of table when the name changes: code entr.: sub-code specific to the enterprise
get-next udpLocalPort.0.0.0.0.161 timestamp: number of hundredths of a second since the
snmpInPkts.0 = 12 agent started

Abstract Syntax Notation ASN.1 ASN.1: PDU
OSI layer 6 (recommendation X.680 of the ITU) get message written in ASN.1:
properties: getRequest-PDU ::= [0]
universal information representation IMPLICIT SEQUENCE {
type associated with data request-id INTEGER,
designation by a unique identifier (OID) error-status INTEGER {
noError(0), tooBig(1),
BNF notation
noSuchName(2), badValue(3),
description of information exchanged over SNMP:
RFC1157-SNMP DEFINITIONS ::= BEGIN
readOnly(4), genErr(5), -- always 0
Message ::= SEQUENCE { }
version INTEGER {version-1(0)},
community OCTET STRING,
error-index INTEGER, -- always 0
data ANY variable-bindings SEQUENCE OF
}
PDUs ::= CHOICE { SEQUENCE {
get-request GetRequest-PDU, name ObjectName,
get-next-request GetNextRequest-PDU,
get-response GetResponse-PDU, value ObjectSyntax
set-request SetRequest-PDU, }
trap Trap-PDU
}... }
SNMP: BER encoding SNMP: example

TLV (type, length, value) encoding
types (1B): the two high bits determine the category
0x02 INTEGER
0020 30 82 00 f2 02 01 J...D... ..0.....
0x04 OCTET STRING
UNIVERSAL (00) 0x05 NULL 0030 00 04 06 70 75 62 6c 69 63 a2 82 00 e3 02 01 01 ...publi c.......
0x06 OBJECT IDENTIFIER 0040 02 01 00 02 01 00 30 82 00 d6 30 82 00 0d 06 08 ......0. ..0.....
0x30 SEQUENCE
0050 2b 06 01 02 01 02 01 00 02 01 03 30 82 00 0f 06 +....... ...0....
0x40 IpAddress
0060 0a 2b 06 01 02 01 02 02 01 08 01 02 01 01 30 82 .+...... ......0.
0x41 Counter
APPLICATION (01) 0070 00 0f 06 0a 2b 06 01 02 01 02 02 01 08 02 02 01 ....+... ........
0x42 Gauge
0x43 TimeTicks 0080 02 .. ..
CONTEXT (10) 0100 .. .. 30 82 00 10 ........ C..,0...
PRIVATE (11) 0110 06 0a 2b 06 01 02 01 02 02 01 09 01 43 02 01 2c ..+..... ....C...

data length (1 byte if si < 0x80, else see X.208)
length 49 0x31, length 242 0x8200F2...
data (value)
the OIDs (and successive integers A.B.C.D...) are coded in
bytes combining the first two: A*40+B, C, D...

MIB RMON Other IETF MIBs (1)
Remote MONitoring (RFC 2819 - STD 59) Printer MIB (RFC 1759 - RFC 3805)
Probe for obtaining statistics about an administered network
9 groups:
Ethernet statistics (21 attribute table)
network equipment (observed addresses...)
statistics matrix (between two stations) 274 objects (228 OIDs, including 16 tables)
frame capture
20 groups:
...
general group
many extensions input media group
RMON protocol identification (RFC 2895, 2896) output group
RMON for switched networks (SMON : RFC 2613) output dimensions group
interface management for RMON (IFTOPN : RFC 3144) cover table
RMON for DiffServ (DSMON: RFC 3287) ... marker supplies group
marker colorant group...
Other IETF MIBs (2) MIB constructor

RFC1230: IEEE 802.4 Token Bus MIB ... RFC4672: RADIUS Dynamic Authoriz. Client MIB
RFC1381: MIB Extension for X.25 LAPB RFC4673: RADIUS Dynamic Authoriz. Server MIB
RFC1559: DECnet Phase IV MIB Extensions RFC4711: Real-time Application QoS Monit. MIB
RFC1593: SNA APPN Node MIB RFC4747: The Virtual Fabrics MIB
RFC1611: DNS Server MIB Extensions RFC4807: IPsec Security Policy DB Conf. MIB
RFC1612: DNS Resolver MIB Extensions RFC4898: TCP Extended Statistics MIB
RFC1696: Modem MIB RFC4935: Fibre Channel Fabric Conf. Server MIB uit(0) iso(1) uit+iso(2)
RFC1697: Relational DB Mngmnt System MIB RFC4936: Fibre Channel Zone Server MIB
RFC1724: RIP Version 2 MIB RFC4983: Fibre Channel RSCN MIB
RFC5017: MIB Textual Conventions for URIs
standard(0) org(3)
RFC1748: IEEE 802.5 MIB
RFC2020: IEEE 802.12 Interface MIB RFC5060: Protocol Independent Multicast MIB
RFC2320: Classical IP and ARP Over ATM MIB RFC5066: EFMCu Interface MIB dod(6) iana(90)
RFC2564: Application Management MIB RFC5097: MIB for the UDP-Lite protocol
RFC1792: TCP/IPX Connection MIB RFC5098: Signaling MIB for PacketCable MTAs
RFC2605: Directory Server Monitoring MIB RFC5131: A MIB Textual Convention for Language Tags Internet(1)
RFC2707: Job Monitoring MIB RFC5132: IP Multicast MIB
RFC2720: Traffic Flow Measurement: Meter MIB 5RFC240: PIM Bootstrap Router MIB dir(1) mgmt(2) private(4)
RFC2788: Network Services Monitoring MIB RFC5324: MIB for Fibre-Channel Security Protocols
RFC2789: Mail Monitoring MIB RFC5428: Management Event MIB for PacketCable
mibII(1) enterprise(1)
RFC2790: Host Resources MIB RFC5519: Multicast Group Membership Discovery MIB
RFC2863: The Interfaces Group MIB RFC5525: Reliable Server Pooling MIB Module Definition
RFC2922: Physical Topology MIB RFC5601: Pseudowire (PW) MIB system(1) interfaces(2) at(3) cisco(9) sun(42) elf(830) ...
RFC2932: IPv4 Multicast Routing MIB RFC5602: Pseudowire (PW) over MPLS PSN MIB
RFC2933: IGMP MIB RFC5603: Ethernet Pseudowire (PW) MIB
RFC2934: PIM MIB for IPv4 RFC5728: The SatLabs Group DVB-RCS MIB ... ... ... ... ... ...
RFC2981: Event MIB RFC5813: ForCES MIB
RFC2982: Distributed Management Expression MIB RFC5833: CAPWAP Protocol Base MIB
RFC3014: Notification Log MIB RFC5834: CAPWAP Protocol Binding MIB for IEEE 802.11
RFC3144: RMon MIB Extensions for Interface RFC6240: SONET/SDH Circuit Emulation over Packet MIB
RFC3287: RMon MIB Extensions for DiffServ...... RFC6639: MPLS-TP MIB-Based Management Overview

SNMP versions SNMP: limitations
Several versions have been standardized:

SNMPv1 defined in RFC 1157 (1990) simple and not secure
still widely used measurement should not perturb the network
SNMPv2 defined in RFC 1901 to 1908 with extensions
latency
(get-bulk and inform queries, MIB SNMPv2 and
SNMPv2-M2M) and security but no constructor concensus MIB owners
SNMPv2c the new functionalities but without the security security
(community-based) (packet sniffing) to know the community
SNMPv2u simplified version of the new security mechanism (IP spoofing) facilitated by UDP
(user-based)
improvements with SNMPv3
SNMPv3 defined in RFC 3410 to 3418, again brings in
security
the only IETF standard is v3 (STD-62)
multi-version use: RFC 3584
Basic services Basic services
Reliable service Reliable service
Congestion control Congestion control
1 Basic services
Transport layer review
Computer Networks (ComNet) 3/5 : Transport Multplexing and demultiplexing
UDP: a connectionless mode protocol
2 Reliable service
Principles of reliable data transfer
TCP: a connection oriented protocol
Version 6.3 TCP: reliability mechanisms
3 Congestion control
General principles
TCP mechanisms
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 3/5 : Transport Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 3/5 : Transport
Basic services Transport layer review Basic services Transport layer review
Reliable service Multplexing and demultiplexing Reliable service Multplexing and demultiplexing
Congestion control UDP: a connectionless mode protocol Congestion control UDP: a connectionless mode protocol
Transport layer ComNet: course 3/5 outline
Understanding of basic principles of the transport layer1

1 Basic services
multiplexing Transport layer review
reliable transfer Multplexing and demultiplexing
flow control UDP: a connectionless mode protocol
congestion control 2 Reliable service
Study of transport protocols in the Internet Principles of reliable data transfer
UDP : connectionless transport TCP: reliability mechanisms
TCP : connection oriented transport
congestion control of TCP 3 Congestion control
General principles
1
Numerous borrowings from J. F. Kurose and K. W. Ross book, Computer TCP mechanisms
Networking : A Top Down Approach Featuring the Internet, 3d edition
(Addisson-Wesley)
Transport layer Transport layer
0
1
1
0
0
1 The transport layer allows two or more entities to directly
... ... ... communicate without having to take into account the various
11
00
00
11
network elements that are traversed:
00
11
virtual association between processes
end-to-end communications
1
0
00
1
abstract out the topology and the associated technologies
1
... present on end-hosts
...
sender: breaks down application layer messages and sends
00
11
11
00
them down to the network layer
receiver: reassembles network layer segments into messages
and sends them up to the application layer
11
00
00
11
... 1
0
00
1
... 2 models define the functionalities associated with each layer...
11
00 1
...
Transport layer: OSI Transport layer: TCP/IP

APDU
Interface Interface
6 Presentation Presentation
Session protocol
TELNET FTP SMTP DNS
5 Session Session
Transport protocol TCP UDP

IP
Packet#
ARPANET SATNET radio LAN

Transport layer: Internet Transport layer: 2 modes
2 standard transport layer protocols: TCP and UDP Connectionless mode

Network
ordered, reliable transmissions: TCP Sending host Receiving host
connection management
flow control
congestion control
unordered, unreliable transmissions: UDP Sending process
Datagram
Receiving process
best effort service
lightweight
Connection oriented mode
Network
unavailable: Sending host Receiving host
bandwidth guarantees
temporal guarantees
delays are unbounded
jitter is unpredictable
Sending process Virtual connection Receiving process
Transport layer: primitives Transport layer: connection automata

Connection request Connect primitive
TPDU received executed
IDLE
PASSIVE ACTIVE
Programming interface (applications or developers) ESTABLISHMENT ESTABLISHMENT
PENDING PENDING
examples of connection-oriented mode primitives:
LISTEN ESTABLISHED
Connect primitive Connection accepted
CONNECT executed TPDU received
SEND Disconnection request Disconnect primitive
TPDU received executed
RECEIVE PASSIVE ACTIVE
DISCONNECT DISCONNECT DISCONNECT
PENDING PENDING
IDLE
Disconnect Disconnection request
primitive executed TPDU received
Transport layer: call setup ComNet: course 3/5 outline

Host 1 Host 2 Host 1 Host 2
Old duplicate
CR (s
eq = CR (s
x) eq = x)
1 Basic services
= x) = x)
CK CK
Time
y, A y, A
ACK
(s eq =
ACK
(s eq = Multplexing and demultiplexing
DAT
A (seq REJEC
= x, T (AC
ACK K = y)
= y)
2 Reliable service
(a) (b) Principles of reliable data transfer
Host 1
CR (s
Host 2 TCP: a connection oriented protocol
eq =
Old duplicate
x) TCP: reliability mechanisms
)
=x
CK
,A
=y
AC
K (se
q 3 Congestion control
DAT
A (s
ACK eq = x,
= z)
General principles
Old duplicate
TCP mechanisms
REJ
ECT
(ACK
= y)
(c)
Multiplexing/demultiplexing Demultiplexing in connectionless mode
Application-level processes transmit their data to the system via Association of a socket with a port number
sockets: multiplexing is the mixing of these data.
identifying the DatagramSocket: (@IPdest, numPortDest)
mux (at the sender): receiving a datagram at a host:
add a header to each block of data at a socket verify its numPortDest
collect data from several sockets send to the socket corresponding to numPortDest
demux (at the receiver): @IPsource, numPortSource
provide the data to the correct socket A B C
A B C P1 P3 P2
P1 P2 P4 P3
111
000 111
000
000
111 000
111
000
111 000
111
DA:@B DP : 1201 DP : 1201 DA:@B
Multiplexing in connection oriented mode Demultiplexing in connection oriented mode (1)
Classic webserver (Apache 1.x)

one socket per connection
A connection associating two processes
HTTP in non-persistant mode: one socket per request!
a StreamSocket is identified by a four-tuple: A B C
source address: @IPsource
P1 P4 P5 P6 P2 P3
source port: numPortSource
destination address: @IPdest
destination port: numPortDest
SP : 2411
receiving a segment at a host: DP : 80
verification of the four-tuple 1111
0000
@C>@B
forwarding to the corresponding socket SP : 1417 0000
1111
0000
1111
DP : 80 0000
1111
0000
1111
there can be many simultaneous connections to a web server @A>@B
SP : 3012
1111
0000 DP : 80
0000
1111
0000
1111
0000
1111 11111
00000
@C>@B
00000
11111
00000
11111
00000
11111
00000
11111
Demultiplexing in connection oriented mode (2) Multiplexing: OSI names

Host 1 Host 2
Server 1 Server 2
Multi-threaded webserver (Apache 2.x) Application TSAP 1208 Application
A B C process layer
P1 P4 P2 P3
Transport
Transport layer TSAP 1522 TSAP1836
connection
SP : 3011 NSAP Network

layer NSAP
DP : 80
SP : 1417 1111
0000
@C>@B
0000
1111
DP : 80
0000
1111
0000
1111 Data link
SP : 3012 0000
1111 layer
@A>@B
1111
0000
0000
1111
DP : 80
0000
1111
0000
1111 11111
00000
@C>@B
00000
11111 Physical
00000
11111
00000
11111
layer
00000
11111
ComNet: course 3/5 outline UDP
1 Basic services 0
1
1
0
0
1
Transport layer review ... ... ...
Multplexing and demultiplexing
11
00
00
11
UDP: a connectionless mode protocol 00
11
2 Reliable service
Principles of reliable data transfer 10
0 1
DATA
TCP: a connection oriented protocol ... ...
TCP: reliability mechanisms
1
0
0
1
11
00
General principles ... ...
0
1 10
0
TCP mechanisms 11
00 1
...
UDP UDP datagram

32 bits (4 octets)
2 lignes (8 octets)
User Datagram Protocol [RFC 768] Source port Destination port
basic, unembellished, Internet transport protocol
Datagram length Checksum
best effort service:
datagrams in transit can. . .
be lost
Message
be duplicated
arrive out of order
(application data)
unconnected service:
no initial exchange
no state information at the end-hosts
each datagram is handled independently
1st bit last bit
UDP: source port UDP: destination port

32 bits (4 octets) 32 bits (4 octets)
2 lignes (8 octets)
2 lignes (8 octets)
Source port Destination port Source port Destination port
Datagram length Checksum Datagram length Checksum
16 bits (65535 ports) 16 bits (65535 ports)

multiplexing at the source demultiplexing at the destination
identify the socket for an eventual reply the receiver must listen on this port
negotiation of well-known ports (reserved ports):
fixed allocation, or dynamic (generally for clients) Unix> cat \etc\services |grep udp domain 53/udp
division of the port number space: echo 7/udp tftp 69/udp
0 6 numPort 1023: available to the administrator discard 9/udp gopher 70/udp
server sockets (generally) daytime 13/udp www 80/udp
chargen 19/udp kerberos 88/udp
1024 numPort: available to users
ssh 22/udp snmp 161/udp
client sockets (generally) time 37/udp .. snmp-trap 162/udp ....
UDP: datagram length UDP: checksum
16 bits
32 bits (4 octets)
error control optional
2 lignes (8 octets)
32 bits (4 octets)
Source port Destination port
sender:
2 lignes (8 octets)
Datagram length Checksum add a pseudo-header
Datagram length Checksum
checksuma =
P
word16bits
receiver:
Data Data add a pseudo-header
P
recalculate the word16bits
00000000 Protocol Datagram Length = 0: no error detected
16 bits (64 KB maximum) still possible...
IP source address 6= 0: error (silently
total length, with the data, expressed in bytes destroyed)
IP destination address
a
Binary sum over 16 bits, carrying the
overflow
to the least significant bit
UDP: arguments for connectionless transport UDP: example applications

Motivation for choosing connectionless transport: classical applications:
limited resources at the end-hosts name resolution (DNS)
limited TCP/IP stack network administration (SNMP)
lack of state in the hosts routing protocol (RIP)
limited processing power clock synchronization protocol (NTP)
need for a rapid exchange remote filesystem (NFS)
no connection establishment implicit reliability through temporal rendundancy
explicit reliability through application layer mechanisms
need for efficiency
multicast applications U.E. ING
smaller header
multimedia applications U.E. MMQOS
temporal constraints
multimedia transmissions, audio or video streaming
retransmissions not appropriate
voice over IP
no sending bandwidth control
video conferencing
need for new functionalities temporal constraints
handled by the application layer. . . loss tolerance
Basic services Transport layer review Basic services Principles of reliable data transfer
Reliable service Multplexing and demultiplexing Reliable service TCP: a connection oriented protocol
Congestion control UDP: a connectionless mode protocol Congestion control TCP: reliability mechanisms
UDP: socket interface ComNet: course 3/5 outline
#include <sys/types.h>
1 Basic services
#include <sys/socket.h>
# Create a descriptor
int socket(int domain, int type, int protocol);
#
#
domain : PF_INET for IPv4 Internet Protocols
type : SOCK_DGRAM Supports datagrams (connectionless, unreliable msg of a fixed max length)
# protocol : UDP (/etc/protocols)
# Bind local IP and port 2 Reliable service

int bind(int s, struct sockaddr *my_addr, socklen_t addrlen);
# Send an outgoing datagram to a destination address
int sendto(int s, const void *msg, size_t len, int flags, TCP: a connection oriented protocol
const struct sockaddr *to, socklen_t tolen);
# Receive the next incoming datagram and record is source address
int recvfrom(int s, void *buf, size_t len, int flags,
struct sockaddr *from, socklen_t *fromlen); 3 Congestion control
# End : dealocate General principles
int close(int s);
TCP mechanisms
Basic services Principles of reliable data transfer Basic services Principles of reliable data transfer
Reliable service TCP: a connection oriented protocol Reliable service TCP: a connection oriented protocol
Congestion control TCP: reliability mechanisms Congestion control TCP: reliability mechanisms
Transport layer and reliability (1) Transport layer and reliability (2)
Multilayer problem: application, transport and link layer Real channels are usually unreliable
Transport layer and reliability (3) Reliable data transfer (RDT)
Characteristics of unreliable channel will determine complexity of

reliable data transfer protocol (RDT)
RDT and FSM RDT 1.0
Well incrementally develop the reliable data transfer protocol Reliable transfer over a reliable channel
(RDT)
underlying channel perfectly reliable
consider only unidirectional data transfer no bit errors
control info flow on both directions no loss of packets
use finite state machines (FSM) to specify sender, receiver: separate FSMs for sender and receiver:
event causing state transition rdt_send(data) rdt_rcv(packet)
Wait for Wait for
actions taken on state transition
call from call from
above packet = make_pkt(data) below
state state udt_send(packet)
1 event
2
actions
sender receiver
RDT 2.0 RDT 2.0

Reliable transfer on a channel with bit errors
underlying channel may flip bits in packet rdt_send(data) receiver
snkpkt = make_pkt(data, checksum) rdt_rcv(rcvpkt) &&
checksum to detect bit errors: udt_send(sndpkt) corrupt(rcvpkt)
checksum: redundancy added in the packet rdt_rcv(rcvpkt) &&
isNAK(rcvpkt) udt_send(NAK)
how to recover from errors? Wait for call Wait for
from above ACK or udt_send(sndpkt)
acknowledgements (ACKs): receiver explicitly tells sender NAK Wait for call
that packet received OK from below
negative acknowledgements (NAKs): receiver explicitly tells
sender that packet had errors rdt_rcv(rcvpkt) && isACK(rcvpkt)
sender retransmits packet on receipt of NAK rdt_rcv(rcvpkt) &&
new mechanisms in RDT 2.0: sender notcorrupt(rcvpkt)
error detection extract(rcvpkt,data)
deliver_data(data)
notcorrupt(pkt): true if the pkt checksum is correct udt_send(ACK)
corrupt(pkt): true if the pkt is not correct
receiver feedback (ACK and NAK control messages)
RDT 2.0: ACK RDT 2.0: NAK
Reliable transfer during operation with no errors: Reliable transfer during error scenario:
rdt_send(data) rdt_send(data)
snkpkt = make_pkt(data, checksum) snkpkt = make_pkt(data, checksum)
udt_send(sndpkt) udt_send(sndpkt)
rdt_rcv(rcvpkt) && rdt_rcv(rcvpkt) &&
isNAK(rcvpkt) isNAK(rcvpkt)
Wait for call Wait for rdt_rcv(rcvpkt) && Wait for call Wait for rdt_rcv(rcvpkt) &&
from above ACK or udt_send(sndpkt) corrupt(rcvpkt) from above ACK or udt_send(sndpkt) corrupt(rcvpkt)
NAK NAK
udt_send(NAK) udt_send(NAK)
rdt_rcv(rcvpkt) && isACK(rcvpkt) rdt_rcv(rcvpkt) && isACK(rcvpkt)

Wait for call Wait for call
from below from below
rdt_rcv(rcvpkt) && rdt_rcv(rcvpkt) &&

notcorrupt(rcvpkt) notcorrupt(rcvpkt)
extract(rcvpkt,data) extract(rcvpkt,data)
deliver_data(data) deliver_data(data)
udt_send(ACK) udt_send(ACK)
RDT v2.0: discussion RDT 2.1: sender
rdt_send(data)
RDT 2.0 is a stop and wait protocol:
sndpkt = make_pkt(0, data, checksum)
sender sends one packet, then waits for receiver response udt_send(sndpkt) rdt_rcv(rcvpkt) &&
poor performance ( corrupt(rcvpkt) ||
Wait for call Wait for
ACK or NAK
isNAK(rcvpkt) )
RDT 2.0 has a fatal flaw! 0 from
0 udt_send(sndpkt)
above
What happens if ACK/NAK corrupted? rdt_rcv(rcvpkt)
rdt_rcv(rcvpkt)
&& notcorrupt(rcvpkt)
sender doesnt know what happened at receiver! && isACK(rcvpkt) && notcorrupt(rcvpkt)
retransmission alone not sufficient: possible duplicates && isACK(rcvpkt)
Handling duplicates: Wait for Wait for

sender retransmits current packet if ACK/NAK garbled ACK or call 1 from
rdt_rcv(rcvpkt) && NAK 1 above
sender adds sequence number to each packet ( corrupt(rcvpkt) ||
receiver discards duplicate packet isNAK(rcvpkt) ) rdt_send(data)
udt_send(sndpkt) sndpkt = make_pkt(1, data, checksum)

include in RDT 2.1
udt_send(sndpkt)
RDT 2.1: receiver RDT 2.1: discussion

End host behavior with RDT 2.1
rdt_rcv(rcvpkt) && notcorrupt(rcvpkt)
&& has_seq0(rcvpkt) Sender
extract(rcvpkt,data) sequence number added to packet
deliver_data(data)
sndpkt = make_pkt(ACK, chksum) two numbers will suffice (0 and 1)
udt_send(sndpkt)
rdt_rcv(rcvpkt) && (corrupt(rcvpkt) rdt_rcv(rcvpkt) && (corrupt(rcvpkt)
must check if received ACK/NAK corrupted
sndpkt = make_pkt(NAK, chksum) sndpkt = make_pkt(NAK, chksum) twice as many states
udt_send(sndpkt) udt_send(sndpkt)
Wait for
Receiver
Wait for
rdt_rcv(rcvpkt) && 0 from 1 from rdt_rcv(rcvpkt) && must check if received packet is duplicate
not corrupt(rcvpkt) && below below not corrupt(rcvpkt) &&
has_seq1(rcvpkt)
state indicates whether 0 or 1 is expected packet seqnum
has_seq0(rcvpkt)
sndpkt = make_pkt(ACK, chksum)
udt_send(sndpkt)
sndpkt = make_pkt(ACK, chksum) Could we remove the NAK?
udt_send(sndpkt)
rdt_rcv(rcvpkt) && notcorrupt(rcvpkt)
&& has_seq1(rcvpkt) instead of NAK, receiver sends ACK for last packet received
extract(rcvpkt,data)
OK
deliver_data(data) receiver must explicitly include seqnum of packet being ACKed
sndpkt = make_pkt(ACK, chksum)
udt_send(sndpkt) duplicate ACK at sender results in same action as NAK
(retransmit current packet)
included in RDT 2.2
RDT 2.2: sender fragment RDT 2.2: receiver frament
rdt_send(data) rdt_rcv(rcvpkt) &&

sndpkt = make_pkt(0, data, checksum) (corrupt(rcvpkt) ||
udt_send(sndpkt) has_seq1(rcvpkt)) Wait for receiver FSM
rdt_rcv(rcvpkt) && 0 from
Wait for call Wait for
( corrupt(rcvpkt) || udt_send(sndpkt) below fragment
ACK isACK(rcvpkt,1) )
0 from
above 0 udt_send(sndpkt) rdt_rcv(rcvpkt) && notcorrupt(rcvpkt)
&& has_seq1(rcvpkt)
rdt_rcv(rcvpkt) extract(rcvpkt,data)
&& notcorrupt(rcvpkt) deliver_data(data)
&& isACK(rcvpkt,0) sndpkt = make_pkt(ACK1, chksum)
udt_send(sndpkt)
RDT 3.0 RDT 3.0: sender

Reliable transmission on a channel with errors and losses rdt_send(data)
rdt_rcv(rcvpkt) &&
sndpkt = make_pkt(0, data, checksum) ( corrupt(rcvpkt) ||
underlying channel can also lose packets (data or ACKs) udt_send(sndpkt) isACK(rcvpkt,1) )
checksum + seqnum + ACK + retransmission rdt_rcv(rcvpkt) start_timer
not sufficient: a missing packet will stop the FSM! Wait for Wait
for timeout
call 0from
Retransmission Timeout ACK0 udt_send(sndpkt)
above
start_timer
rdt_rcv(rcvpkt)
estimating a reasonable time to wait for an ACK && notcorrupt(rcvpkt) rdt_rcv(rcvpkt)
sender waits reasonable amount of time for ACK && isACK(rcvpkt,1) && notcorrupt(rcvpkt)
stop_timer && isACK(rcvpkt,0)
start timer
stop_timer
ACK before timeout nothing Wait Wait for
timeout for call 1 from
stop timer
udt_send(sndpkt) ACK1 above
no ACK before timeout retransmission start_timer rdt_rcv(rcvpkt)
timeout rdt_send(data)
rdt_rcv(rcvpkt) &&
if ACK is only late... ( corrupt(rcvpkt) || sndpkt = make_pkt(1, data, checksum)
isACK(rcvpkt,0) ) udt_send(sndpkt)
retransmission = duplication start_timer
use of seqnum already handles this
RDT 3.0: no loss RDT 3.0: lost packet
RDT 3.0: lost ACK RDT 3.0: premature timeout
RDT 3.0: performance RDT 3.0: stop and wait
RDT 3.0 works, but poor performance...

sender receiver
transmission example: first packet bit transmitted, t = 0
link transmission rate: R = 1 Gbps, last packet bit transmitted, t = L / R
end to end propagation delay: d = 40 ms (RTT = 80 ms)
packet length: L = 1000 B = 8000 b first packet bit arrives
RTT last packet bit arrives, send ACK
Ttransmit = L/R = 8.103 /109 = 8 s
Usage ratio (Usender ):
L/R 8.106 1 ACK arrives, send next
Usender = RTT +L/R
= 8.102 +8.106
= 10000 packet, t = RTT + L / R
L 8.103
Raverage = RTT = 8.102 = 100 Kbps (over 1 Gbps link)
network protocol limits use of physical resources!
Pipelined protocols Pipelining performance
sender receiver
ACK first packet bit transmitted, t = 0
last bit transmitted, t = L / R
Data Data
first packet bit arrives

RTT last packet bit arrives, send ACK
last bit of 2nd packet arrives, send ACK
last bit of 3rd packet arrives, send ACK
ACK arrives, send next
packet, t = RTT + L / R
sender allows multiple (in-flight), yet-to-be-acknowledged
packets
range of sequence numbers must be increased
buffering at sender and/or receiver
Two generic forms of pipelined protocol: Go-Back-N and
Selective repeat
Go-Back-N: sender RDT 4.0: sender

rdt_send(data)
Sender with Go-Back-N management if (nextseqnum < base+N) {

sndpkt[nextseqnum] = make_pkt(nextseqnum,data,chksum)
udt_send(sndpkt[nextseqnum])
packet headers with k bit sequence numbers if (base == nextseqnum)
cumulative acknowledgements start_timer
nextseqnum++
ACK(n) acknowledges all packets up to sequence number n }
else
window of at most N unacknowledged packets: base=1
refuse_data(data)
nextseqnum=1
timeout
start_timer
Wait udt_send(sndpkt[base])
rdt_rcv(rcvpkt) udt_send(sndpkt[base+1])
&& corrupt(rcvpkt)
udt_send(sndpkt[nextseqnum-1])
timer for packets still (in-flight) rdt_rcv(rcvpkt) &&
notcorrupt(rcvpkt)
timeout(n): retransmission of packet n and all those with base = getacknum(rcvpkt)+1
higher sequence numbers If (base == nextseqnum)
stop_timer
else
start_timer
Go-Back-N: receiver RDT 4.0: receiver

rdt_send(data)
if (nextseqnum < base+N) {
sndpkt[nextseqnum] = make_pkt(nextseqnum,data,chksum)
Receiver with Go-Back-N management. udt_send(sndpkt[nextseqnum])
if (base == nextseqnum)
ACKs only: start_timer
always send an ACK with the highest seqnum of valid in-order nextseqnum++
}
packets received else
can generate duplicate ACKs refuse_data(data)
base=1
only expectedseqnum is stored nextseqnum=1
timeout
out-of-order packets: Wait
start_timer
udt_send(sndpkt[base])
discard out-of-order packets rdt_rcv(rcvpkt) udt_send(sndpkt[base+1])
no receiver-side buffer && corrupt(rcvpkt)
udt_send(sndpkt[nextseqnum-1])
resend ACK with the highest seqnum of valid in-order packets rdt_rcv(rcvpkt) &&
received notcorrupt(rcvpkt)
base = getacknum(rcvpkt)+1
If (base == nextseqnum)
stop_timer
else
start_timer
RDT 4.0: example Selective repeat: sender
Sender with selective repeat management (receiver individually

acknowledges all correctly received packets)
sender only resends packets for which ACK not received
sender window limited to N consecutive seqnums
algorithm:
rdt send(data)
if next available seqnum in window, send packet
timeout(n)
resend packet n
init timer(n)
ACK(n) in [send base,send base+N]
mark packet n as received
if n smallest unACKed packet, advance window base to next
unACKed seqnum
Selective repeat: receiver Selective repeat: overview
Receiver with selective repeat management:

receiver individually acknowledges all correctly received
packets
out-of-order: buffer
algorithm:
rdt rcv(n) with n in [send base,send base+N-1]
ACK(n)
out-of-order: buffer
in-order: send app(data), advance window to next
not-yet-received packet
rdt rcv(n) with n in [send base-N,send base-1]
ACK(n)
otherwise
ignore
Selective repeat: example ComNet: course 3/5 outline
1 Basic services
2 Reliable service
General principles
TCP mechanisms
TCP TCP (Transmission Control Protocol)

SYN [RFCs: 793, 1122-1123, 2474, 3168, 3260, 4379, 5462, and 5681]
SYN+ACK
reliable service
1
0 ACK
0
1
0
1 ARQ mechanisms
... ... ... point-to-point
two processes (generally a client and a server)
11
00
00
11
00
11 continuous byte stream
no message boundaries
connection oriented
DATA three-way handshake for opening connections
10
0 1
state created at the end-points prior to the data exchange
... ...
graceful or abrupt connection closure
1
0
0
1
bidirectional (full duplex) connection
11
00
data streamed in both directions
MSS (Maximun Segment Size)
... ... pipeline
0
1 10
0
11
00 1
... send and receive buffers
windows for flow and connection control
TCP: segment TCP: source port

32 bits (4 octets)
Source port Destination port 16 bits (65,535 ports)

32 bits (4 octets)
min 5 lignes (min 20 octets)
Sequence number
multiplexing at the source
partial socket identification

Acknowledgment number Sequence number (local half-association)
111111
000000
000000
111111
000000
111111
G
K
H
T
N
N
Hlen 111111
000000000000
111111 generally dynamically allocated
R
C
S
S
Y
I
Rcv window size Acknowledgment number

max 65 Koctets
000000
111111
U
A
P
R
S
F
000000
111111000000
111111 111111
000000
000000
111111
000000
111111
(clients)
G
K
H
T
N
N
000000
111111
000000
111111
R
C
S
S
Y
I
Checksum Urgent data ptr Hlen 000000
111111 Rcv window size port number space allocation:
U
A
P
R
S
F
000000
111111
000000
111111
Checksum Urgent data ptr 0 6 numPort 6 1023:

max 10 l.
Options available to the adminstrator

Options
typical server sockets
1024 6 numPort:
Message available to users
(application data) typical client sockets
TCP: destination port TCP: sequence number (1)

32 bits (4 octets)
Source port Destination port 16 bits (65,535 ports)

demultiplexing at the 32 bits (4 octets)

Sequence number
destintion Source port Destination port 32 bits
Acknowledgment number

partial identification of the Sequence number associated with each byte (and
111111
000000
000000
111111
000000
111111 socket (remote half-association) not a segment)
G
K
H
T
N
N
000000
111111
000000
111111
R
C
S
S
Y
I
Hlen 000000
111111 Rcv window size
U
A
P
R
S
F
000000
111111 Acknowledgment number
000000
111111
destination listens on the port number the first byte of data
111111
000000
000000
111111
Checksum Urgent data ptr 000000
111111 implicit numbering of the
G
K
H
T
N
N
000000
111111
upon its creation 000000
111111
R
C
S
S
Y
I
Hlen 000000
following bytes
U
A
P
R
S
F
000000
111111
000000
111111
Options port negotiation or well-known Checksum Urgent data ptr loop after 4 GB
(reserved): loss detection
Unix> cat \etc\services|grep tcp telnet 23/tcp Options
ordering
tcpmux 1/tcp smtp 25/tcp
chargen 19/tcp gopher 70/tcp
ftp-data 20/tcp finger 79/tcp
ftp 21/tcp www 80/tcp
ssh 22/tcp .. kerberos 88/tcp ....
TCP: sequence number (2) TCP: acknowledgement number (1)
Numbering of each byte of the data flow

32 bits (4 octets)
Host A Host B
Seq=4000 32 bits

200 Sequence number piggybacking
Acknowledgment number indicates the number of the
111111
000000 next byte expected
000000
111111
000000
111111
G
K
H
T
N
N
000000
111111
000000
111111
R
C
S
S
Y
I
Seq=4200 Hlen 000000
U
A
P
R
S
F
000000
111111
000000
111111 cumulative, indicating the first
200 Checksum Urgent data ptr non-received byte (other, higher
Seq=4400
sequence number, bytes might
200 Options have been received)
1st byte = 4400
last byte = 4599
TCP: acknowledgement number (2) TCP: acknowledgement number (3)

Piggybacking
Acknowledgment of each bytes of the data flow
Host A Host B
Host A Host B
Seq=4000 Seq=4000 Ack=11200
200 ACK 200
Ack=4200 Seq=11200 Ack=4200
Seq=4200 ACK Seq=4200 Ack=11200 ACK 200 ACK 100
200 Seq=4400 Ack=11300 Seq=11300 Ack=4400
Ack=4400 ACK
Seq=4400 ACK 100
200 Seq=4400 Ack=11300
Ack=4600 ACK 200
Seq=11400 Ack=4600
ACK ACK 100
TCP: TELNET example (1) TCP: TELNET example (2)
Sending a key stroke and server reply for display ACKs can be more rapid than the application
Host A Host B Host A Host B
Seq=80 Ack=210 Seq=80 Ack=210
the user type "a" ACK data="a" the user type "a" ACK data="a"
the server receive "a" Seq=210 Ack=81
Seq=210 Ack=81 the server receive "a"
ACK data="a" ... and return "a" ACK Seq=210 Ack=81
Seq=81 Ack=211 ACK data="a" ...and return "a"
Seq=81 Ack=211
ACK
ACK
TCP: delayed ACK TCP: header length
waiting for two segments or max 500 ms 4 bits (15 possible values)
Host A Host B 32 bits (4 octets)
number of 32-bit words in the
Seq=21000 Ack=677
Source port Destination port TCP header
ACK 1000 octets
Seq=667 Ack=22000
Sequence number
necessary because the option
Seq=22000 Ack=677 ACK field is of variable length
ACK 1000 octets Acknowledgment number value of 5...
000000
111111
Seq=23000 Ack=677 111111
000000
000000
111111 no options
G
K
H
T
N
N
000000
111111
000000
111111
R
C
S
S
Y
I
Hlen 000000
111111 Rcv window size minimum TCP header
ACK 1000 octets
U
A
P
R
S
F
000000
111111
000000
111111
Seq=667 Ack=24000 length: 20 bytes
Seq=24000 Ack=677 ACK Checksum Urgent data ptr
... to 15
ACK 1000 octets
Seq=25000 Ack=677 10 words of options
Options
maximum 40 bytes of
ACK 1000 octets
Seq=667 Ack=26000 options
ACK maximum TCP header
length: 60 bytes
TCP: flags TCP: receiver window size

The 1 bit flags signal:
32 bits (4 octets) URG: urgent data 32 bits (4 octets)
Source port Destination port ACK: validity of the Source port Destination port 16 bits
acknowledgement number

Sequence number Sequence number
the receiver can announce up
field to 64 KB
Acknowledgment number PSH: immediate sending, Acknowledgment number piggybacking
000000
111111 111111
000000
111111
000000 000000
111111
000000
111111 clearing the buffer 000000
111111
G
K
H
T
N
N
G
K
H
T
N
N
000000
111111 000000
111111
000000
111111 flow control
R
C
S
S
Y
I
Hlen Rcv window size 000000

111111
R
C
S
S
Y
I
000000
111111 Hlen 000000
U
A
P
R
S
F
000000
111111
U
A
P
R
S
F
000000
111111 000000
111111
000000
111111
RST: abrupt connection indicates the number of bytes
Checksum Urgent data ptr termination Checksum Urgent data ptr available in the receiver buffer
SYN: synchronisation during dimension the size of the
Options Options senders sliding window
connection opening
FIN: graceful connection
closure

U.E. ING
TCP: segment checksum TCP: urgent pointer

32 bits (4 octets)

32 bits (4 octets)

Sequence number 16 bits
16 bits Source port Destination port
Acknowledgment number for sending special data (not

111111
000000 same as for UDP Sequence number
000000
111111
000000
111111 out-of-band)
G
K
H
T
N
N
000000
111111
000000
111111
R
C
S
S
Y
I
Hlen 000000
111111 Rcv window size sender:
U
A
P
R
S
F
000000
111111
000000
111111
Acknowledgment number designates data for priority
Checksum Urgent data ptr ajout pseudo-header 000000
111111
111111
000000
000000
111111 treatment
G
K
H
T
N
N
P
checksum= word16bits 000000
111111
000000
111111
R
C
S
S
Y
I
Options Hlen 000000
U
A
P
R
S
F
000000
111111
receiver: 000000
111111 points to the end of the urgent
Data Checksum Urgent data ptr data
adds pseudo-header
recalculates
P
word16bits application-specific
00000000 Protocol Segment Lenght
= 0: Ok Options interpretation of these data
IP source address 6= 0: destruction and their role
TCP: options TCP: connection management

Options are in Type, Length (bytes),
Value format:
Opening the connection prior to data exchange:
32 bits (4 octets) END: end of the option list
(T=0, not required) initialize TCP parameters
NOOP: no operation synchronize sequence numbers
Sequence number (T=1, padding) allocate buffers

initialize flow control
MSS: MSS negotiation
111111
000000
000000
111111
(T=2, L=4, V=MSS) client: initiates the connection
000000
111111
G
K
H
T
N
N
000000
111111
000000
111111 N
R
C
S
S
Y
I
Hlen 000000
111111 Rcv window size WSIZE: scale window by a factor of 2 serveur: waits for a connection request
U
A
P
R
S
F
000000
111111
000000
111111
(T=3, L=3, V=N)
Checksum Urgent data ptr
SACK: request selective Closing the connection following the data exchange:
acknowledgement
Options (T=4,L=2, upon open) wait, or not, for remaining data to be sent
SACK: selective acknowledgement of n free the buffers
blocks (T=5, L=2 + 8n, 2n sequence
numbers) ...
TCP: three-way handshake (1) TCP: three-way handshake (2)
Opening exchange, with three segments Initial exchange based on three segments
1 client server: TCP segment with the SYN flag Host A Host B
indicates the clients initial sequence number (ISN)
sending the SYN increments the future sequence number S=3000
no data SYN
2 server client: TCP segment with the SYN + ACK flags S=7000 A=3001
receipt of a SYN has incremented the acknowledgement number SYN + ACK
S=3001 A=7001
indicates the servers initial sequence number (ISN)
sending the SYN increments the future sequence number ACK 200
S=7001 A=3201
server buffer allocated ACK 300
3 client server: TCP segment with the ACK flag S=7301 A=3201
ACK 100
receipt of a SYN has incremented the acknowledgement number
may contain data
TCP: three-way handshake (3) TCP: graceful release (1)

1 le client sends a TCP segment with FIN
Handling simultaneous connection opening sending the FIN increments the future sequence number
Host 1 Host 2 Host 1 Host 2
may contain data
SYN (SEQ SYN (SE
= x) Q = x)
2 le server receives the FIN segment
y)
SYN (SEQ =
receipt of the FIN increments the sequence number
sends a TCP ACK segment
x + 1) closes the connection (sends remaining data)
Time
x + 1) CK =
Q=y , ACK = = y, A
S YN (SE (SEQ sends a TCP FIN segment
SYN
SYN sending the FIN increments the future sequence number
(SE
Q=
x,A
CK
3 the client receives the FIN segment
= y+
(SEQ = x
+ 1, 1) receipt of the FIN increments the sequence number
ACK = y +
1) sends a TCP ACK segment
closes the connection
(a) (b) set a timer
pictures from Tanenbaum (duplicate
A. S. Computer FINs)
Networks 3rd edition
4 le server receives the FIN segment

TCP: graceful release (2) TCP: shutdown

Disconnection: graceful release
Host A Host B Disconnection: unilateral close
S=4000 A=11200 (for all abnormal or undesired circumstances)
ACK 200 Host A case 1) Host B
S=4200 A=11200
release ACK +FIN 100 S=4000
S=11200 A=4301 SYN
ACK 500 S=0 A=4000
S=4301 A=11700 S=11700 A=4301 ACK + RST
ACK ACK 500
S=4301 A=12200 S=12200 A=4301
ACK S=2200 A=7300 case 2)
ACK + FIN 500 release
S=4301 A=12701 ACK 200
ACK S=7300
closing timer
closed RST
closed
TCP: finite state machine ComNet: course 3/5 outline

(Start)
CONNECT/SYN
CLOSED
LISTEN/ CLOSE/
CLOSE/
1 Basic services
SYN/SYN + ACK
LISTEN Transport layer review
SYN
RST/ SEND/SYN
SYN
RCVD SENT
SYN/SYN + ACK (simultaneous open) UDP: a connectionless mode protocol
(Data transfer state)
ACK/
ESTABLISHED
SYN + ACK/ACK
2 Reliable service
CLOSE/FIN (Step 3 of the three-way handshake)
CLOSE/FIN FIN/ACK
(Active close) (Passive Close) TCP: a connection oriented protocol
FIN
WAIT 1
FIN/ACK
CLOSING
CLOSE
WAIT
ACK/ ACK/ CLOSE/FIN
FIN
FIN + ACK/ACK
TIME LAST
WAIT 2
FIN/ACK
WAIT ACK
General principles
(Timeout/) TCP mechanisms
ACK/
CLOSED
(Go back to start)
Reliable transfer with TCP TCP: calculating RTT
TCP is a protocol for reliable transfer over the unreliable IP service RTT = Round Trip Time
base mechanisms: Estimating the retransmission timeout:
pipeline greater than the RTT... but RTT varies!
cumulative ACKs too small: unnecessary retransmissions
single retransmission timer too large: slow reaction to losses
retransmissions triggered by:
Estimating the RTT:
timeouts
duplicate ACKs RTTmeasured = (sending of a segment to reception of the
ACK)
furthermore... RTTmesured can vary rapidly smoothing
simplified TCP sender: RTT = RTTmesured + (1 )RTTold
no duplicate ACKs with typical = 1/8
no flow control
exponentially weighted moving average
no congestion control
TCP: example of RTT calculation TCP: Timers

500
"RTT_calcul" Managing multiple timers:
"RTT_mesure"
450 retransmission timer (detects losses)
RTO = RTT + D
400
with = 4 and an initially high RTT value (3 secs.)
350 D = (|RTTmeasured RTTold |) + (1 )Dold
mean deviation calculation with typical = 1/4
ms
300
Karns algorithm
250
do not take into account retransmitted packets and double the
RTO with each failure (exponential backoff)
200 persistence timer (avoid blockage)
send an acknowledgement with a window of 0
150
keep alive timer (verify that the other end-host is still there)
100
0 20 40 60 80 100 120 closing timer
temps (ACK)
TCP: sender events TCP: retransmission (1)
data received from the layer above Scenario with a lost ACK
creation of a segment with numSeq Host A Host B
numSeq is the number, in the data stream, of the segments S=4000 A=1100
first byte
ACK 200
start the timer if it is not already set S=1100 A=4200
RTO
the timer is for the oldest non-acknowledged segment ACK
timeout
retransmit the segment associated with the timer retrans. S=4000 A=1100
restart the timer ACK 200
S=1100 A=4200
acknowledgement received (ACK) ACK
if it acknowledges as-yet anacknowledged segments:
S=4200 A=1100
update the base of the transmission window (base emis)
ACK 50
restart the timer if waiting on other ACKs
TCP: retransmission (2) TCP: retransmission (3)
Scenario with an under-estimated timer

Host A Host B Scenario with cumulative ACKs
Host A Host B
S=4000 A=1100
S=4000 A=1100
S=4200 A=1100 ACK 200
S=1100 A=4200 ACK 200
ACK 200 S=4200 A=1100
RTO S=1100 A=4400 ACK 200 S=1100 A=4200
retrans. S=4000 A=1100 ACK ACK
ACK
RTO
S=1100 A=4400
ACK 200 ACK
S=1100 A=4400
ACK
S=4400 A=1100
S=4400 A=1100 ACK 200
ACK 200
TCP: receiver events TCP: fast retransmit (1)

Generating ACKs (receiver actions)
arrival of an in-order segment with the expected seqnum: Optimizing the retransmission mechanism
the prior segments have already been acknowledged
timers are often set relatively high
delayed ACK, wait up to 500 ms
if there are no other segments, send an ACK
long delays before retransmission
another segment is waiting to be acknowledged detection of lost segments due to duplicate ACKs
immediately send a cumulative ACK for these two in-order segments typically arrive in groups
segments if a segment is lost many duplicate ACKs
arrival of an out-of-order segment: if the sender receives 3 duplicate ACKs (4 identical ACKs)
seqnum above what was expected (gap detected) TCP assumes that the segment following one being
immediately send a duplicate ACK acknowledged has been lost
reminder of the next expected seqnum fast retransmit: retransmit the segment prior to timer
partly or wholly fills a gap expiration
immediately send an ACK
new expected seqnum following the filling of the gap
TCP: fast retransmit (2) TCP: receiver control

Host A Host B
flow control
S=4000 A=1100
ACK 200 the sender should not overflow the receivers buffer
RTO
S=4200 A=1100 learning the available space in the receivers buffer:
ACK 200 S=1100 A=4200
ACK RwndSize
S=4400 A=1100 Data read by the
ACK 200 application
S=4600 A=1100 S=1100 A=4200 (dup. 1)
ACK 200 ACK TCP
S=4800 A=1100
free
S=1100 A=4200 (dup. 2) data
ACK 200 ACK memory
S=5000 A=1100 S=1100 A=4200 (dup. 3) in the
ACK Segments buffer
ACK 200 data
retrans. S=4200 A=1100 S=1100 A=4200 (dup. 4)
ACK 200 ACK
S=5200 A=1100 S=1100 A=5200 Receiving buffer
ACK 200 ACK
RwndSize = BufferSize - LastByteReceived +
LastByteRead
TCP: sender limitation TCP: flow control

Sender Receiver Receiver's
Application buffer
Sliding window: the sender limits its sending of unacknowledged does a 2K
write
0 4K
data 2K S
Empty
Application writes data EQ =

0
Window size 2K
ACK = 2048 WIN = 2048
Application
does a 3K
Data Data Data Data write 2K SEQ = 2048
sent and sent but not not sent but not Full
acknowledged acknowledged usable usable Sender is

IN = 0
Application
blocked 4096 W reads 2K
ACK =
048
IN = 2
4096 W
ACK =
2K
Sender may
send up to 2K
Ack base Send base

1K
SEQ =
4096
1K 2K
Data sent to the receiver

Ack from the receiver
TCP: re-opening receiver window timer TCP: flow control optimisation
Send-side silly window syndrome

Nagles Algorithm (RFC 896)
Persistence timer aggregation of small packets (nagling)
avoids having the window size remain at 0 waiting for an ACK or an MSS before sending a segment
possible if an ACK announcing a non-zero window is lost TELNET: avoid sending one packet per typed character
avoided by sending a probe packet after a timer expiry can be disactivated with the TCP NODELAY socket option
timer initialized to RTT, doubles with each expiry, up to 60 s Receiver silly window syndrome
(then stays at 60 s)
the probe packet contains one byte of data Clarks Algorithm
limit announcements of small windows
close the window while waiting for there to be sufficient space
for an entire segment
TCP: usage examples TCP: special cases
TCP doit sadapter a des flots de qqs bps a plusieurs Gbps:

The following applications are typically based on TCP: LFN (Long Fat Network)
remote login (TELNET, rlogin, and ssh) network capacity = bandwidth * propagation delay
limited window size (WSIZE option, up to a factor of 214 )
file transfer (FTP, rcp, scp, and sftp)
sequence number wrapping (PAWS, Protect Against Wrapped
inter-domain routing (BGP) Sequence, using the TIMESTAMP option)
selective ACKs to avoid too many unnecessary retransmissions
instant messaging (IRC, ICQ, AIM, ...)
(SACK option)
web (HTTP) satellites
new HTTP-based applications such as network access transoceanic fiber
allowing one to traverse firewalls
asymmetric networks (ADSL, cable)
underutilization of the high capacity link
Basic services Principles of reliable data transfer Basic services

General principles
Reliable service TCP: a connection oriented protocol Reliable service
TCP mechanisms
Congestion control TCP: reliability mechanisms Congestion control
TCP: socket interface ComNet: course 3/5 outline
#include <sys/types.h>
#include <sys/socket.h>
1 Basic services
# create a descriptor and bind local IP and port
int socket(int domain, int type, int protocol);
# domain : PF_INET for IPv4 Internet Protocols
# type : SOCK_STREAM Provides sequenced, reliable, 2-way, connection-based byte streams. UDP: a connectionless mode protocol
# An out-of-band data transmission mechanism may be supported.
# protocol : TCP (/etc/protocols)
int bind(int s, struct sockaddr *my_addr, socklen_t addrlen);
2 Reliable service
# Server : passive queuing mode and connection acceptance
int listen(int s, int backlog);
int accept(int s, struct sockaddr *addr, socklen_t *addrlen);
# Client : active connection
int connect(int sockfd, const struct sockaddr *serv_addr, socklen_t addrlen);
# Send and receive data
int send(int s, const void *msg, size_t len, int flags); 3 Congestion control
int recv(int s, void *buf, size_t len, int flags);
General principles
# End : dealocate
int close(int s); TCP mechanisms
General principles General principles
TCP mechanisms TCP mechanisms
Congestion control Congestion: scenario 1a

A C
Application d_in (data) d_out Application
Transport Transport
Congestion
too much data saturates one or more network elements
different from flow control B D
infinite
TCP does not operate within the network Application queue Application
Transport Transport
signs:
high delays
queueing in router buffers 2 senders, 2 receivers
packet losses 1 router
saturated router buffers infinite buffers
no retransmissions
What happens as d in grows?

Congestion: scenario 1b Congestion: scenario 2a

A C
delai
Application d_in (data) d_out Application

C/2
Transport d_in (data + retransmissions) Transport

d_out
B finite D
Application queue Application
Transport Transport
d_in C/2 d_in C/2
the cost of congestion:

2 senders, 2 receivers
maximum possible bandwidth
d in = C/2
1 router
high delay, close to the maximum finite buffers
infinite buffer growth retransmission of lost segments
What happens as d in grows?
Congestion: scenario 2b Congestion: scenario 3a

A C
C/2
d_in (data)
d_in (data + retransmissions)
d_out
B D
d_out
d_in C/2
d in = d out (goodput)
retransmission cost
useful retransmissions: losses only 4 senders, 4 receivers
d in greater than d out 4 routers
useless retransmissions: late segments multi-hop paths
d in even greater than d out finite buffers
congestion cost:
much more traffic for a given d out
retransmission
duplications of useless segments What happens as d in grows?

Congestion: scenario 3b Congestion control solutions
Two approaches:
congestion control by the network
C/2
routers inform the end-hosts

congestion notification bit (SNA, DECbit, ATM,
d_out
TCP/IP ECN...)
explicit signalling of available bandwidth (ATM ABR,
TCP/IP RSVP + IntServ...)
d_in
congestion control at the end-systems (end-to-end)
no explicit signalling from the network
additional costs associated with congestion: inference based upon observations at the end-systems
when a packet is lost, all upstream capacity is wasted losses
delays
approach taken by TCP
ComNet: course 3/5 outline TCP: AIMD algorithms

AIMD = Additive Increase, Multiplicative Decrease
1 Basic services steady increase in sender bandwidth (cwnd) as long there are
Transport layer review no losses
Multplexing and demultiplexing Additive Increase
UDP: a connectionless mode protocol increase cwnd by 1 MSS with each RTT as long as no losses
have been detected
2 Reliable service Multiplicative Decrease
Principles of reliable data transfer divide cwnd by 2 following a loss
TCP: a connection oriented protocol sawtooth behaviour
TCP: reliability mechanisms cwnd
30Ko
General principles 20Ko
TCP mechanisms 10Ko
t

TCP: congestion control TCP: slow start
based on sender-side limitation Slow start in fact grows rapidly!

lastByteSent - lastByteAcked 6 cwnd at the start of a connection
approximate bandwidth:
RTT
cwnd= 2 to 4 MSS
cwnd
dTCP = RTT when restarting (after a loss or
cwnd = varies dynamically with detected congestion inactivity)
MSS
congestion detection by the receiver: cwnd = 1 MSS (dinit = RTT )
timeout (RTO) then exponential growth until
triple duplicate ACK the first loss
3 mechanisms: double cwnd / RTT
AIMD implemented by:
Slow Start cwnd ++ / ACK
caution following timer expiry
MSS
dpotentiel RTT
TCP: optimisation TCP: inferring loss

cwnd (MSS)
16
14 TCP Reno
12
Duplicate ACKs are not as bad as timeouts
10 3 duplicate ACKs:
ssthresh
8
6
ssthresh indicate that the network continues to transmit segments
4 TCP Tahoe cwnd divided by 2
2 t (RTT) cwnd then grows linearly
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 a timeout:
From exponential to linear growth indicates that the network is blocked
cwnd > old value of cwnd prior to the loss cwnd = 1 MSS
Slow Start (exponential growth)
implemented with a varying limit:
to ssthresh = cwnd/2 (linear growth)
ssthresh = cwndpriort ol oss /2
more precisely calculated over unacknowledged segments:
ssthresh = flightsize/2

TCP congestion control: synthesis TCP: fairness among flows

cwnd (Ko)
RFC 5681 100.0000

tcpduo1.cwnd
tcpduo2.cwnd
when cwnd < ssthresh: 90.0000
sender in the Slow Start phase 80.0000
cwnd grows exponentially 70.0000
when cwnd > ssthresh: 60.0000
sender is in the Congestion Avoidance phase 50.0000

cwnd grows linearly 40.0000
when there are 3 duplicate ACKs: 30.0000
ssthresh = last cwnd / 2 20.0000
cwnd = ssthresh 10.0000
when there is a timeout: 0.0000

t(s)
0.0000 10.0000 20.0000 30.0000 40.0000 50.0000 60.0000
ssthresh = last cwnd / 2
cwnd = 1 MSS oscillation of two congested flows
Implementations TCP: Tahoe

seq (Ko) / cwin (Ko/10)
tcptahoe.seq
A trip to Nevada: 800.0000
tcptahoe.cwnd
TCP Tahoe 1988 700.0000
slow start + congestion avoidance + multiplicative decrease 600.0000

fast retransmit (retransmit a segment after 3 duplicate ACKs,
500.0000
before timeout)
as just described. . . problem when just 1 seg. lost 400.0000
TCP Reno 1990 (RFC 2582) 300.0000
like TCP Tahoe, with. . . 200.0000

fast recovery (no slow start after a fast retransmit) 100.0000
TCP newReno 1996 (RFC 3782)
0.0000
like TCP Reno, with. . . t (s)
0.0000 2.0000 4.0000 6.0000 8.0000
no slow start when first congested, with cwnd adjustment
SACK (RFC 2018) slow start + congestion avoidance + multiplicative decrease
+ fast retransmit

TCP: Reno TCP: newReno

seq (Ko) / cwnd (Ko/10) seq (Ko) / cwnd (Ko/10)
tcpreno.seq tcpnewreno.seq
600.0000
700.0000 tcpreno.cwnd tcpnewreno.cwnd
550.0000
600.0000 500.0000
450.0000
500.0000 400.0000
350.0000
400.0000
300.0000
300.0000 250.0000
200.0000
200.0000
150.0000
100.0000 100.0000
50.0000
0.0000 0.0000
t (s) t (s)
0.0000 2.0000 4.0000 6.0000 8.0000 0.0000 2.0000 4.0000 6.0000 8.0000
TCP Tahoe + fast recovery TCP Reno - initial slow start
The network layer The network layer
IPv4 addressing and control IPv4 addressing and control
Routing Routing

1 The network layer
Background
TCP/IP integration
Computer Networks (ComNet) 4/5 : Network IPv4 packet structure
2 IPv4 addressing and control
CIDR addressing
Control messages
Related mechanisms
Version 6.3 3 Routing
Basic algorithms
Routing hierarchy
An interior gateway protocol: OSPF
An exterior gateway protocol : BGP
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 4/5 : Network Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 4/5 : Network
The network layer The network layer Background

IPv4 addressing and control IPv4 addressing and control TCP/IP integration
Routing Routing IPv4 packet structure
Network layer ComNet: course 4/5 outline

1 The network layer
The network layer forward packets from the source to the Background
destination by doing hops between the intermediate nodes. TCP/IP integration
IPv4 packet structure
end-to-end
topology knowledge
CIDR addressing
route computation (routing) Control messages
virtual adressing Related mechanisms
underlying technology abstraction 3 Routing
underlying dedicated encapsulation Basic algorithms
fragmentation
Routing hierarchy
addresses translation
The network layer Background The network layer Background
IPv4 addressing and control TCP/IP integration IPv4 addressing and control TCP/IP integration
Routing IPv4 packet structure Routing IPv4 packet structure
Network layer: OSI Network layer: virtual circuit or datagram approach

SNA
APDU Multiprotocol
Interface Interface router
Presentation protocol 1
6 Presentation Presentation M M ATM Router
X. 25
Session protocol OSI

5 Session Session
M
M 2
Host
End-to-end concatenated
Transport protocol
4 Transport Transport virtual circuits

1
M M
2 Data link Data link Data link Data link Packets travel individually
Router
and can take different routes
M
M
1 Physical Physical Physical Physical 2
Multiprotocol
Host
Host A Router Router Host B router

Network layer: encapsulation Network layer: fragmentation

Network 1 Network 2
The network layer make abstraction of the underlying technologies Packet
G1 G2 G3 G4
data must be able to be forwarded from networks to networks
G2 G4
upper layers should not make any hypothesis about the G1 fragments reassembles G3 fragments reassembles
underlying layers a large packet the fragments again again
1
0
0
1
0
1
0
1
ATM ? Ethernet
Packet
(a)
0000000000011111
00000
11111111111
00000
11111 00
11
11
00
G1 G2 G3 G4
G1 fragments The fragments are not reassembled

a large packet until the final destination (a host) is reached
more in course 5/5 Support architectures (b)
Network layer: addressing Network layer: routing

The network layer provides a virtual adressing scheme usable on
every underlying network technology
Calculating routes
unique identifier for each device
initial (virtual circuits)
masks technology-specific addressing mechanisms
for each packet (without memory)
requires translation of addresses
47.00918100000000000CA79E01.00000CA79E01.00 Routing decisions based on:
163218239200400
routing table
1
0
0
1
0
1
0
1
ATM ? Ethernet
static
dynamic
0000000000011111
00000
11111111111
00000
11111 00
11
11
00 routing algorithms
routing protocols...
08:00:69:02:01:FC
to be examined in greater detail
also more details in course 5/5 Support architectures
supports

ComNet: course 4/5 outline Network layer: TCP/IP

1 The network layer
Background
TCP/IP integration
TELNET FTP SMTP DNS
2 IPv4 addressing and control TCP UDP
CIDR addressing
Control messages IP
Related mechanisms
Packet#
ARPANET SATNET LAN
3 Routing radio
Basic algorithms
IP interface is universal
Routing hierarchy
IPv4 ComNet: course 4/5 outline

Routers 1 The network layer
1
0
0
1
0
1
Background
... ... ... TCP/IP integration
00
11
11
00
00
11
CIDR addressing
10
0 1
Packets Control messages
... ... Related mechanisms
1
0
0
1
11
00 3 Routing
Basic algorithms
0
1
... 10
0
... Routing hierarchy
11
00 1
... An interior gateway protocol: OSPF
Connectionless best effort service An exterior gateway protocol : BGP

IPv4: packet structure IPv4: versions

32 bits (4 octets)
Ver Hlen TOS Packet Length 32 bits (4 octets)
1
0
0
1
0
1
0
1 Ver Hlen TOS Packet Length
D F
M F
Identifier 0
1 Frag. offset
0
1 0
1
0
1
0
1 1
0

0
1
0
1
D F
M F
Identifier 0
1
0
1 Frag. offset
TTL Protocol Header checksum 0
1
0
1
4 bits
IP source address TTL Protocol Header checksum
max 65 Koctets
present IP: version 4

IP destination address IP source address
IP next generation: version 6
IP destination address see ING course
max 10 l.
Options
Options
Segment / datagram / ...
(transport data)
IPv4: header length IPv4: Type Of Service (TOS)
8 bits
32 bits (4 octets)
32 bits (4 octets) 3 bits for precedence
Ver Hlen TOS Packet Length (priority)
Ver Hlen TOS Packet Length 1
0
0
1 Routine
4 bits (max value: 15) 000:

1
0
0
1 0
1
0
1
D F
M F
0
1
0
1 Identifier 0
1 Frag. offset
D F
M F 0
1
Identifier 0
1
0
1 Frag. offset indicates the number of 0
1
0
1
001: Priority
0
1
0
1
32 bits lines in the IP header 010: Immediate
TTL Protocol Header checksum TTL Protocol Header checksum 011: Flash
mandatory because the
100: Flash override
IP source address option files is variable IP source address
110: Internetwork control
length (20 a 60 bytes)
IP destination address 111: Network control
IP destination address value from 5 (no option)
to 15 (10 lines of options: 3 bits for service
40 bytes) Options Delay
Options
Throughput
Reliability
(Cost)

not used... U.E. ING (DiffServ Byte)

IPv4: packet size IPv4: identifier

32 bits (4 octets)
Ver Hlen TOS Packet Length 32 bits (4 octets)
0
1
1
0
0
1
0
1
16 bits (64 Kbytes maximum) Ver Hlen TOS Packet Length
D F
M F
Identifier 0
1
0
1
0
1
Frag. offset 0
1
16 bits (loops every 64 K
0
1 1
0

0
1
total packet size with header 0
1 packets)
D F
M F
Identifier 0
1
0
1 Frag. offset
TTL Protocol Header checksum expressed in bytes 0
1
0
1
meant to be a unique value for
IP source address the network must allow an TTL Protocol Header checksum
MTUa > 576 bytesb each packet
IP destination address IP source address for reassembling the fragments
a
MTU: Maximum Transmission Unit
b of the same packet
max 10 l.
576 bytes = 512 application level data IP destination address

Options
+ typically, increment a counter
64 protocol overhead Options for each successive packet
Segment / datagram / ... (IP and transport headers)
(transport data)
IPv4: fragmentation IPv4: fragmentation

Number of the first elementary fragment in this packet
Non transparent fragmentation Packet End of
32 bits (4 octets)
number packet bit 1 byte
1 bit reserved
Ver Hlen TOS Packet Length
0
1
1 bit DF: Dont Fragment (1 = 27 0 1 A B C D E F G H I J
1
0

0
1
0
1 fragmentation forbiden)
D F
M F
Identifier 0
1
0
1 Frag. offset Header
0
1
0
1 (a)
1 bit MF: More Fragment (0 =
TTL Protocol Header checksum
for the last fragment) 27 0 0 A B C D E F G H 27 8 1 I J
IP source address 13 bits fragment offset in 8 Header Header
IP destination address bytes blocs (shift 3) (b)
examples:
27 0 0 A B C D E 27 5 0 F G H 27 8 1 I J
Options 0x0000 full packet (offset=0)
0x2000 first fragment (offset=0) Header Header Header
0x20A0 middle fragment (offset=1280) (c)
0x00B0 last fragment (offset=1408)
Beware the offset use single bytes in this example taken from Tanenbaum A. S. Computer Networks 3rd edition

IPv4: Time To Live (TTL) IPv4: carried protocol
32 bits (4 octets) 32 bits (4 octets)

8 bits
Ver Hlen TOS Packet Length Ver Hlen TOS Packet Length demultiplexing for the upper
0
1
1
0
8 bits 1
0
0
1 0
1

0
1 0
1 layer protocols:
D F
M F
0
1
D F
M F
Identifier 0
1 Frag. offset unitial unit: seconds 0
1
0
1
0
1 Identifier 0
1
0
1
Frag. offset
0
1 0
1
maximum value set by the Unix> cat /etc/protocols
icmp 1 # internet control message protocol
TTL Protocol Header checksum sender (255, 128, 64...) TTL Protocol Header checksum ggp 3 # gateway-gateway protocol
ipencap 4 # IP encapsulated in IP
decremented in each router st 5 # ST datagram mode
IP source address IP source address tcp 6 # transmission control protocol
minimum 1 per routeur egp 8 # exterior gateway protocol
IP destination address number of hops IP destination address udp 17 # user datagram protocol
rdp 27 # "reliable datagram" protocol
max 255 seconds or hops iso-tp4 29 # ISO Transport Protocol class 4
xtp 36 # Xpress Tranfer Protocol
Options avoid loops Options idrp 45 # Inter-Domain Routing Protocol
rsvp 46 # Reservation Protocol
gre 47 # General Routing Encapsulation
ospf 89 # Open Shortest Path First IGP...
IPv4: header checksum IPv4: source address
32 bits (4 octets)
16 bits 32 bits (4 octets)

similar to UDP/TCP checksum Ver Hlen TOS Packet Length
1
0
1
0 but only on the header 0
1

0
1 0
1

0
1 0
1
D F
M F
0
1 Identifier 0
1 Frag. offset
D F
M F
Identifier 0
1 Frag. offset 0
1
0
1 sender: 0
1
0
1
0
1
0
1
32 bits (IPv4 address)
checksuma =
P
TTL Protocol Header checksum word16bits TTL Protocol Header checksum
identifies the packet sender
receiver: IP source address
IP source address P
allows a message to be returned
recompute the word16bits
IP destination address = 0: no error detected (yet IP destination address to the sender (ICMP, UDP...)
still possible)
6= 0: error (silent discard) Options
Options
a
Binary sum over 16 bits with overflow
carried to the least significant bit

IPv4: destination address IPv4: options
32 bits (4 octets)
32 bits (4 octets)
0 to 40 bytes (aligned on a 32
Ver Hlen TOS Packet Length bit boundary)
0
1
1
0 0
1 TLV value identical to TCPs
0
1 1
0
0
1

D F
M F
0
1 0
1
Identifier Frag. offset 0
1
D F
M F
0
1 Identifier 0
1 Frag. offset
0
1
0
1 32 bits (IPv4 address) 0
1
0
1
0
1 examples:
TTL Protocol Header checksum used for routing TTL Protocol Header checksum record route
indicates the network (or strict source routing
IP source address IP source address
network prefix) of the receiver loose source routing
IP destination address identifies the interface of the time stamps
receiver in its network security
Options ...
Options
examined by each router
To avoid!
The network layer CIDR addressing The network layer CIDR addressing
IPv4 addressing and control Control messages IPv4 addressing and control Control messages
Routing Related mechanisms Routing Related mechanisms
ComNet: course 4/5 outline Addressing: principles

1 The network layer 2 variable size parts
Background network identifier (netId) and host identifier (hostId)
TCP/IP integration associated in the IPv4 address:
IPv4 packet structure Ad. IPv4 : netId hostId
2 IPv4 addressing and control 132.77 12.2
CIDR addressing
Control messages
Related mechanisms
3 Routing
Basic algorithms
Routing hierarchy
Addressing: classes Addressing: netmask
32 Bits Binary mask usage

class binairy mask netmask prefix
Range of host A 11111111000000000000000000000000 255.0.0.0 /8
Class addresses B 11111111111111110000000000000000 255.255.0.0 /16
1.0.0.0 to C 11111111111111111111111100000000 255.255.255.0 /24
A 0 Network Host 127.255.255.255
B 10 Network Host
128.0.0.0 to Extracting the netId
191.255.255.255
132.227. 60.135 netId.hostId
192.0.0.0 to
C 110 Network Host 223.255.255.255
&& 255.255. 0. 0 && netmask
132.227. 0. 0 netId. 0. 0
224.0.0.0 to
D 1110 Multicast address 239.255.255.255
Extracting the hostId
240.0.0.0 to 132.227. 60.135 netId.hostId
E 11110 Reserved for future use 247.255.255.255
&& 0. 0.255.255 && !netmask
60.135 hostId
Addressing: specific addresses Addressing: subnetting (1)
Initial size of the identifier of network (netId):

132.77.0.0 /16 (prefix notation)
for each network (netId), 2 reserved addresses: 132.77.0.0 netmask 255.255.0.0 (mask notation)
netId.000....000 identifies this network Subdivision possible:
netId.111....111 this network broadcast
132.77.12.0 /22
others:
000....000 source address unknown 132.77.12.0 netmask 255.255.252.0
32 Bits
111....111 local broadcast
127.x.y.z software loopback
10 Network Subnet Host
Subnet
mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0
Addressing: subnetting (2) Addressing: subnetting (3)
Ad. IPv4 : netId subnetId hostId

132.77.4.0/22
132.77 12 7
0.5
132.77.12.0/22
11
00
001
110
0
1 0.3
11
00
3.254 001
110
0
1
3.254 0.5 0.11
Internet 0.7
3.254
132.77.0.0 0.3
0.1
132.77.0.0/22
Addressing: allocation IPv4: routing process

192.33.1.0 56.0.0.0 packet
1
0 56.1.3.0 56.2.8.0 destination direct send to the
0
1
0
1 address access
yes destination
56.17.8.0
... ... ... 56.1.4.0 56.2.2.0 route to the send to the next
10.0.0.0 56.1.5.0 yes
56.1.6.0 host router
11
00
00
11
00
11
route to the send to the next
56.1.7.0
network
yes router
192.33.1.0 56.17.45.0
send to the next
error no default route yes router
10
0 1
140.18.11.0
140.18.21.0
140.18.2.0 140.18.1.0
1
0
0
1
11
00 Destination Gateway Genmask Flags Metric Ref Use Iface
192.33.182.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
140.18.22.0 140.18.39.0 10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 atm0
0
1
... 10
0
... 154.18.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
11
00 1
... 132.77.0.0 154.18.2.254 255.255.0.0 UG 0 0 0 eth1
140.18.0.0 default 192.33.182.254 0.0.0.0 UG 0 0 0 eth0
Routing: longest prefix match Classless addressing
30.3.0.0 So-called class-based IP address allocation is inefficient

IPdest= 20.0.0.0 adresses allocated by blocks of 256, 65K, or 16M
50.2.9.3 30.1.2.3
if1 subnetting allows for better management
40.0.0.0 classless addressing allows greater flexibility in address
if3
if2
allocation:
30.0.0.0 the addresses:
192.77.16.0/24
192.77.17.0/24
Destination Gateway Genmask Flags Metric Ref Use Iface
192.77.18.0/24
20.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 if1
192.77.19.0/24
30.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 if2
40.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 if3 can be regrouped in:
30.3.0.0 20.1.2.3 255.255.0.0 UG 0 0 0 if1 prefix notation: 192.77.16.0/22
30.1.2.3 20.1.0.1 255.255.255.255 UGH 0 0 0 if1
60.126.6.0 30.0.0.1 255.255.255.0 UG 0 0 0 if2 mask notation: 192.77.16.0 netmask 255.255.252.0
default 30.0.0.1 0.0.0.0 UG 0 0 0 if2
Addressing: CIDR (Classless InterDomain Routing) Addressing: CIDR calculus

A CIDR block is the aggregation of a set of addresses
network bits (netId) of a CIDR block consist of the N
allows aggregation of continguous addresses (sharing a
leftmost bits (/N defines the network mask of the CIDR
common prefix)
block)
allows routers to maintain a single entry in a routing table host bits (hostId) of a CIDR block consist of the 32 N
initially used by ISPs for grouping class C addresses remaining bits
the default prefix for a class C address is /24 set of addresses that can be allocated in a CIDR block:
prefixes /23, /22, /21, etc. describe aggregations of class C first host: hostId = 000...0001
addresses
last host: hostId = 111...1110
197.88.0.0/16 aggregates 256 class C addresses broadcast address: hostId = 111...1111
used today for all possible address block sizes example:
in the full ex-class A, B, C address space CIDR block -> 192.77.20.0/22
81.152.12.0/22 @ first host : 192.77.20.1
...
@ last host : 192.77.23.254
@ broadcast : 192.77.23.255
Addressing: CIDR block split Addressing: allocation

81.33.1.0\22 56.2.0.0\24
56.2.0.16\30
CIDR blocks can be divided into sub-blocks through subnetting 0
1
1
0
0
1
56.2.0.24\30
192.77.20.0/25 ... ... ... 56.2.0.32\30
10.0.0.0\8
5 192.77.21.128/25 11
00
00
11
00
11
3
81.33.1.0\23 56.2.0.20\30
126
126 5 11 10
0 1
Internet
7 140.18.22.128\27 140.18.0.4\30
140.18.1.0\28
126 140.18.0.0\30
192.77.20.0/22 3 1
0
0
1
11
00
1 140.18.21.0\27
140.18.39.64\26
0
1
... 10
0
...
192.77.22.0/25 11
00 1
...
140.18.0.0\18
IPv4: public or private addresses IPv4: NAT (Network Address Translation)

Public addressing Packet before
Company translation
every Internet host must have a unique valid address LAN
Packet after
1 translation
Private addressing
2
for TCP/IP usage outside of the Internet 10.0.0.1 198.60.42.12
3
independent address management (unique addresses)
4
recommended address blocks:
Company 5
unrouted addresses (private addresses):
router 6
10.0.0.0/8 (1 ex-class A) PC NAT Leased ISPs
172.16.0.0/12 (16 ex-class Bs) 7 box/firewall line router
192.168.0.0/16 (256 ex-class Cs)
169.254.0.0/16 (link local block for auto-configuration) Server
Boundary of company premises
available for each private internet
not sent to the public Internet, even if connected
possible to communicate to the Internet (proxy, NAT,. . . )
IPv4: NAT, DNAT and NAPT IPv4: NAPT mechanisms

Several ways to convert addresses:
Where are addresses modified?
static NAT : preset address translation
+ at the interface card:
dynamic NAT : on the fly address translation
private address public adress
NAT on entry routing process NAT on exit
10.0.0.3 192.33.182.117
+ dynamic address table:
10.0.0.4 192.33.182.118
... ... Additional changes:
NAPT (CISCO NAT overload): on the fly translation with the header checksum must be recalculated
overload NAT IP, TCP et UDP (address + pseudo-header)
+ ports + dynamic table (for each protocol): NAPT IP, TCP et UDP (address + pseudo-header + port)
proto private addr. private port public addr. public port the address and port parameters of application-layer protocols
TCP 10.0.0.3 1027 192.33.182.117 1027 must also be modified (PORT command in FTP)
TCP 10.0.0.4 1027 192.33.182.117 1028
UDP 10.0.0.4 31765 192.33.182.117 31765 ICMP messages are analyzed
... ... ... ... ...
IPv4: NAT and IETF (RFC 1631) ComNet: course 4/5 outline
NAPT very widely used today 1 The network layer

companies (flexibility) Background
service providers (lack of addresses) TCP/IP integration
individuals (who only receive one address) IPv4 packet structure
creates some problems 2 IPv4 addressing and control
architectural: CIDR addressing
ports should identify processes and not machines Control messages
transport-layer changes made by the network
Related mechanisms
end-to-end principle: hosts should communicate directly
security: incompatible with authenication mechanisms 3 Routing
technical: how to enter a NATed network? Basic algorithms
solutions Routing hierarchy
short term static conversions conversions, middleboxes An interior gateway protocol: OSPF
long term IPv6 An exterior gateway protocol : BGP
IPv4: ICMP (Internet Control Message Protocol, RFC 792) ICMP: echo
Encapsulated in IP packets (but belonging to layer 3) ICMP : Echo Request
testing and diagnosing the network ping
ICMP Type Code Description 1

0
1
0 1
0
0 0 -echo reply
3 0 destination network unreachable ICMP : Echo Response
3 1 destination host unreachable Type Code Checksum Identifier Seq. Num. Data
3 2 destination protocol unreachable 8 (Echo Request) 0
3 3 destination port unreachable 0 (Echo Response) 0
3 6 destination network unknown 1 octet 1 2 2 2 ...
3 7 destination host unknown
4 0 source quench
Testing equipment reachability
8 0 7echo request used by the ping command:
9 0 router advertisement indicates that the destination is connected and reachable by IP
10 0 router discovery sending several probes allows one to estimate the RTT and
11 0 TTL expired loss rate
11 1 reassembly time exeeded
12 0 IP header bad
ICMP: destination unreachable ICMP: timeout

CiscoSystems
Cisco 7000 SERIES
Host
CiscoSystems
Cisco 7000 SERIES App
Cisco 7000 SERIES
Routeur CiscoSystems
TCP UDP CiscoSystems

Cisco 7000 SERIES
Host Unreach. Routeur

1
0 1
0
0
1
0
1 1
0
IP 1
0
Net Unreach. TTL Exceeded
Proto. Unreach.
Frag. Reass. Time Exceed
Port Unreach. Type Code Checksum Unused Data
Type Code Checksum Unused Data 11 0 (Time To Live Exceeded) IP Header
3 0 (Net Unreachable) IP Header 1 (Frag. Reass. Time Exceeded) + 64 bits
1 (Host Unreachable) + 64 bits 1 octet 1 4 2 (IHL * 4) + 8
2 (Protocol Unreachable)
3 (Port Unreachable) Message sent when the TTL or the reassembly time has expired
1 octet 1 4 2 (IHL * 4) + 8 the IP header and some transport layer information is returned
Message sent when the destination cannot be reached
the IP header and some transport layer information are @ source = initiator of the ICMP message
returned @ destination = @ source of the packet in question
@ source = originator of the ICMP message used by the traceroute command
@ destination = @ source of the packet in question
ICMP: other messages ComNet: course 4/5 outline

1 The network layer
Background
TCP/IP integration
Source Quench (Type 4) IPv4 packet structure
indicates congestion at the source
no signal to indicate that congestion has ended
CIDR addressing
Redirection (Type 5)
Control messages
signals that a better route is available
minimal host configuration
Related mechanisms
other messages mainly for autoconfiguration 3 Routing
Basic algorithms
Routing hierarchy
IPv4: RARP (Reverse Address Resol. Protocol, RFC 903) IPv4: BOOTP (BOOT Protocol, RFC 951 and 1542)
Inverse of the ARP protocol (broadcast networks)
obtaining an @ IP from a @ MAC on startup portable protocol, over UDP
diskless hosts (X terminals, printers,. . . ) query on port 68, reply on port 67
which IP addresses to use when none are known?
mobile hosts (laptops changing networks. . . )
broadcast @ IP (255.255.255.255)
use of a server (rarpd) default @ IP (0.0.0.0)
relating /etc/ethers and /etc/hosts allows a host to contact a server on another network
packet format identical to ARP via BOOTP relay agents
type Ethernet: 0x8035 many extensions (RFC 1533)
code 3 for an RARP request netmask
code 4 for an RARP reply list of routers in the subnet
autoconfiguration example: list of NTP servers
list of DNS name servers
new host starts an RARP exchange
list of print servers (LPD and others)
the host requests the netmask via ICMP hostname and domainname
the host requests its startup program from teh RARP server default TTL. . .
via tftp
IPv4: DHCP (Dynamic Host Config. Protocol, RFC 2131) IPv4: DHCP exchanges
New protocol replacing, and backward-compatible with, BOOTP Serveur

Serveur DHCP 2
DHCP 1 DHCPDISCOVER
dynamic attribution of IP addresses, on limited time leases DHCPDISCOVER
leases periodically renewed as necessary DHCPOFFER
DHCPOFFER
new DHCP options (extend BOOTP):
DHCPDISCOVER C S find server DHCPREQUEST
DHCPOFFER S C offer to client
Client
DHCPREQUEST C S confirm offer DHCP
DHCPACK S C acknowledge configuration
1
0
0
1 1
0
DHCPACK
DHCPNACK S C decline configuration 1
0
DHCPDECLINE C S refuse invalid configuration
DHCPRELEASE C S release configuration
DHCPINFORM C S request other than IP @ DHCPRELEASE
DHCPFORCERENEW S C request reconfiguration
Tunneling VPNs (Virtual Private Networks)
layer 3 VPN: integrates security and automation

IPSEC: confidentiality and integrity (RFC 4301 a 4309)
A
T1 T2
B AAA (Authentification, Autorisation, Accounting)
111
000 T1>T2 A>B
11
00 111
000 other VPN approaches at layer 2 (PPP. . . )
000
111 00
11 000
111
A>B A>B
Office 1 Office 2 Office 1 Office 2

Internet Leased line Firewall Internet
encapsulation, rather than translation Tunnel

cross zones governed by different protocols
e.g., connect islands of non-universal protocols (IP multicast,
IPv6,. . . ). Office 3 Office 3
flow control between T1 and T2 (IPv4 in IPv4, VPN,. . . ) (a) (b)
VPN. . . pictures from Tanenbaum A. S. Computer Networks 4rd edition
Basic algorithms
The network layer CIDR addressing The network layer
Routing hierarchy
IPv4 addressing and control Control messages IPv4 addressing and control
Routing Related mechanisms Routing
Address filtering ComNet: course 4/5 outline

1 The network layer
Firewall... Background
Packet Packet
filtering Application filtering
TCP/IP integration
router gateway router IPv4 packet structure
CIDR addressing
Control messages
Backbone
Connections
to outside
networks
Related mechanisms
3 Routing
Basic algorithms
Routing hierarchy
Corporate Security Inside Outside Firewall An interior gateway protocol: OSPF
network perimeter LAN LAN
Basic algorithms Basic algorithms
Routing hierarchy Routing hierarchy
An interior gateway protocol: OSPF An interior gateway protocol: OSPF
Routing Routing
An exterior gateway protocol : BGP An exterior gateway protocol : BGP
Network layer recap Routing

AS 9088 AS 890
The network layer conveys packets from source to destination 1
0
0
1 BGP
0
1
through a series of hops across intermediate nodes ... ... ...
end-to-end conveyance 00
11
OSPF
11
00
00
11
virtual addressing
local topological knowledge
information required in order to direct the PDUs
10
0 1
static: manual configuration ... ...
dynamic: routing algorithms and protocols RIP
1
0
scaling to the size of the network 0
1
11
00
hierarchical structure (ASes)

internal routing: RIP, EIGRP, OSPF, IS-IS ... ...
0
1 10
0
external routing: BGP-4 11
00 1
...
AS 7936

Routing Routing
Host routing: GNU/Linux Host routing: MS Windows

C:\Program Files\Support Tools>ipconfig
Unix> /sbin/ifconfig eth0 Ethernet carte Connexion au reseau local :
eth0 Link encap:Ethernet HWaddr 00:20:ED:87:FD:E6 Suffixe DNS spec. a la connexion. :
inet addr:132.227.61.122 Bcast:132.227.61.255 Mask:255.255.255.0 Adresse IP. . . . . . . . . . . . : 132.227.61.136
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1 Masque de sous-reseau . . . . . . : 255.255.255.0
RX packets:1115393 errors:0 dropped:0 overruns:0 frame:0 Passerelle par defaut . . . . . . : 132.227.61.200
TX packets:966470 errors:0 dropped:0 overruns:0 carrier:0
C:\Program Files\Support Tools>route print
collisions:0 txqueuelen:100 ===========================================================================
RX bytes:445681702 (425.0 Mb) TX bytes:370060277 (352.9 Mb) Liste dInterfaces
0x1 ........................... MS TCP Loopback interface
Interrupt:9 Base address:0x6f00 0x1000003 ...00 03 47 7c b9 d5 ...... Intel(R) PRO Adapter
===========================================================================
Itineraires actifs :
Unix> /sbin/route Destination reseau Masque reseau Adr. passerelle Adr. interface Metr.
0.0.0.0 0.0.0.0 132.227.61.200 132.227.61.136 1
Kernel IP routing table 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
Destination Gateway Genmask Flags Metric Ref Use Iface 132.227.61.0 255.255.255.0 132.227.61.136 132.227.61.136 1
132.227.61.136 255.255.255.255 127.0.0.1 127.0.0.1 1
132.227.61.0 * 255.255.255.0 U 0 0 0 eth0 132.227.61.255 255.255.255.255 132.227.61.136 132.227.61.136 1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo 224.0.0.0 224.0.0.0 132.227.61.136 132.227.61.136 1
255.255.255.255 255.255.255.255 132.227.61.136 132.227.61.136 1
default 132.227.61.200 0.0.0.0 UG 0 0 0 eth0 Passerelle par defaut : 132.227.61.200
===========================================================================
Routing Routing
Router Types of routing

In Routing Out Cisco 7000 SERIES
CiscoSystems
port port
111
000 11
00 11
00
00
11
000
111
000
111 00
11
00
11
00
11
00
11
1111
0000
00
11
000
111 00
11 0000
1111
0000000000000
1111111111111
Switching
000
111
000
111 00
11
00
11
00
11
11
00
00
11
000
111 matrix 00
11 00
11
00
11
000
111 00
11
000
111
000
111 00
11
00
11
CiscoSystemsCatalyst
Workgroup Switch
000
111 00
11 CiscoSystems
Cisco 7000SERIES
Routing and forwarding

Router configuration
interfaces (physical terminations, encapsulation...)
static
queues dynamic (in particular, when there are redundant links)
forwarding system (shared memory, bus, or crossbar) routing protocols and algorithms
routing system computers: Unix programs routed, gated, GNU Zebra,
Quagga...
table, routing algorithms and protocols dedicated hardware: Cisco, Juniper, Alcatel, HP, Huawei...

Routing Routing
ComNet: course 4/5 outline Routing algorithms

1 The network layer
Background Single criterion optimization
TCP/IP integration shortest path
IPv4 packet structure distance vector
2 IPv4 addressing and control link state
CIDR addressing routing policy
Control messages path vector
Related mechanisms multicast routing
3 Routing shortest path
Basic algorithms lowest cost (Steiner trees)
centered trees
Routing hierarchy
see the ING course for more details
Routing Routing
Distance vector routing Distance vector routing basics

E
Simple algorithm based on: C
A B
information exchanged between adjancent routers (direct D
connection)
Initially, routers only know their own links. They broadcast their
distance vector (6= routing table)
distance vectors (routing tables without interface information) to
neighbor-to-neighbor propagation of reachability information their neighbors.
Distributed Bellman-Ford (or Ford-Fulkerson 1962) algorithm
... but limited to small networks Upon receiving a vector, the router updates its routing table:
used in sites with just a few routers, to avoid manual add new entries, noting the arrival interface
configuration update the costs of entries
problem with second-hand information if a shorter path is proposed
if a longer path is proposed on the interface already selected
successive exchanges should lead to convergence

Routing Routing
Example of a table constructed from distance vectors Limits of distance vector routing
New estimated
Router delay from J
A B C D To A I H K Line
A 0 24 20 21 8 A These algorithms suffer from many problems:
B 12 36 31 28 20 A
C 25 18 19 36 28 I slow convergence
F G 40 27 8 24 20 H
E H D
E
risks of routing loops
14 7 30 22 17 I
F 23 20 19 40 30 I split horizon
G 18 31 6 31 18 H
H 17 20 0 19 12 H A=4 from E
I J K L
I21 0 14 22 10 I E
(a) J 9 11 7 10 0 C
A B
K 24 22 22 0 6 K A=infinite
L 29 33 9 9 15 K D
JA JI JH JK
delay delay delay delay
is is is is
New
routing
vectors sent for the routing tables entire network
8 10 12 6 table limited network size
for J
Vectors received from
J's four neighbors
(b)
Routing Routing
Link state routing Link state: learning ones neighbors
Goal: create an equivalent graph

send detection packets on each link
How to scale to large networks while avoiding neighbor-to-neighbor
information propagation? multi-access media (LANs) replaced by a single virtual node
know your neighbors CiscoSystems Cisco 7000SERIES CiscoSystems Cisco 7000SERIES
F G
summarize your local information CiscoSystems Cisco 7000SERIES
broadcast the local information to all routers CiscoSystems Cisco 7000SERIES

E D
create a graph representing the network

CiscoSystems Cisco 7000SERIES CiscoSystems Cisco 7000SERIES CiscoSystems Cisco 7000SERIES A B C
calculate the shortest path towards all routers
H
Measurements can be used to weight the links

Routing Routing
Link state: building control packets Link state: broadcasting control packets
B 2 C Link State Packets Each router must receive messages from all other routers:
A B C D E F
4 3 Seq. Seq. Seq. Seq. Seq. Seq. reliable distribution is necessary
A D Age Age Age Age Age Age sequence numbers
1 6 B 4 A 4 B 2 C 3 A 5 B 6 age of the connection
5 7
E 5 C 2 D 3 F 7 C 1 D 7
information conveyed from router to router without changing
E 8 F F 6 E 1 F 8 E 8
message content
(a) (b)
Problem of consistancy while a change is being broadcast
Hierarchical system for large networks
Routing Routing
Link state: route computation ComNet: course 4/5 outline

Dijkstras shortest path algorithm: 1 The network layer
B 7 C B (2, A) C (, ) Background
2 3
A
2
E 2 F
3
D A
E (, )
F (, ) D (, )
TCP/IP integration
1 2
6 4 2
G H G (6, A) H (, )
(a) (b)
B (2, A) C (9, B) B (2, A) C (9, B)
CIDR addressing
A
E (4, B)
F (, ) D (,) A
E (4, B)
F (6, E) D (,1) Control messages
Related mechanisms
G (6, A) H (, ) G (5, E) H (, )
(c) (d)
3 Routing
B (2, A) C (9, B) B (2, A) C (9, B)
Basic algorithms
E (4, B) E (4, B)
A F (6, E) D (,) A F (6,E) D (,) Routing hierarchy
G (5, E) H (9, G) G (5, E) H (8, F)
(e) (f)

Routing Routing
Wide area network organization: the Internet ASes (Autonomous Systems, RFC 1930)
AS "A" AS "D"
RIP 2
OSPF
"A" AS "C"
"D"
OSPF
"C" AS "B"
ISIS
AS "E"
AS "F" EIGRP
"B" RIP 2
"E" An AS consists of one or more IP address prefixes that are

"F" interconnected and managed by one or more network operators
and that deploy a single and clearly defined routing policy.
Routing Routing
ASes: external organization (1) ASes: external organization (2)

Economic relationships:
Inter-AS relationships are based on the notions of client and
Provider
provider
Peer Peer $$$
Provider Client
Telecom Telecom
operator "X" operator "Y" providers charge their clients
peers exchange traffic without charge
the contracts are secret!
Tier-1 providers are not anyones clients
11 tier-1s: L3 (Level(3), ex-Genuity/BBN), GBLX (Global
ISP "1" ISP "2"
Crossing), AT&T (Worldnet), NTT (ex-Verio), Quest,
Renater Sprint, Tata (ex-Teleglobe), Verizon (ex-UUnet), Savvis
(ex-MCI), TeliaSonera, Tinet (ex-Tiscali).
a network that can reach every other network on the Internet
without purchasing IP transit or paying settlements
Client Institution Enterprise CNRS University
large providers, who own their own physical global-scale
infrastructure

Routing Routing
ASes: simple routing ASes: routing across multiple ASes
For a stub network (on the edge of the Internet): For transit networks:
Telecom
operator "X"
Telecom Telecom
operator "X" operator "Y"
ISP "1"
Institution Stub network

ISP "1" ISP "2" Renater
Direct announcements:
its prefixes are announced so that it can receive arriving traffic
Institution Enterprise CNRS University
the stub network sends all of its departing traffic to the rest of
the Internet How to decide on one among many possible routes?
Routing Routing
ASes: routing criteria ASes: routing policies

Policy-based routing (commercial criteria): Taking policy constraints into account:
new rules:
an AS accepts traffic from or to its clients
AS A
Londre AS Y an AS refuses transit traffic between two of its competitors
Amsterdam clients
Londre
need for a new type of routing!
Baltimore
simple goal:
San Francisco an ISP routes traffic coming from one of its clients
the traffic is routed to a peer ISP or a provider AS
AS B New York
Bruxelle the ISP of the receiver routes the traffic to its client (the
receiver)
Paris Paris
AS X but there are complexities:
one client can be attached to several ISPs (multihoming)
Not necessarily the shortest path! often, there are many possible paths

Routing Routing
ASes: hierarchical routing ComNet: course 4/5 outline
AS "A" AS "D" 1 The network layer

BGP
RIP 2 BGP OSPF Background
AS "C" TCP/IP integration
OSPF
BGP IPv4 packet structure
AS "B" BGP BGP
ISIS 2 IPv4 addressing and control
AS "E"
BGP AS "F" EIGRP CIDR addressing
RIP 2 BGP
Control messages
Two types of protocol: Related mechanisms
IGPs (Interior Gateway Protocols) 3 Routing
Routing within an AS (based on shortest paths) Basic algorithms
RIP-2, EIGRP, IS-IS, OSPF Routing hierarchy
EGPs (Exterior Gateway Protocols) An interior gateway protocol: OSPF
Routing between ASes (based on policy considerations) An exterior gateway protocol : BGP
there is only one: BGP-4
Routing Routing
OSPF: Open Shortest Path First OSPF: areas (1)

AS X
A AS Y
created in 1988 by the IETF so as to:
go beyond the approach taken by RIP B D E
rapid convergence
scale to large networks OSPF F
take into account the most general case C
LANs (broadcast) G
NBMAs H
point-to-point networks
obtain the network topology
calculate the shortest paths on the network graph To limit the impact of changes (messages, recalculation. . . )
be non-proprietary areas: OSPF sub-zones of an AS
32 bit identifier
attached to a backbone (Zone 0)

Routing Routing
OSPF: areas (2) OSPF: areas (3)

AS X AS X
1111111111111111111
0000000000000000000
0000000000000000000
1111111111111111111 1111111111111111111
0000000000000000000
0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
Area 0
0000000000000000000
1111111111111111111A AS Y 0000000000000000000
1111111111111111111
Area 0
0000000000000000000
1111111111111111111A AS Y
0000000000000000000
1111111111111111111 0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111 0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111 0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111 0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111 0000000000000000000
1111111111111111111
0000000000000000000
1111111111111111111
11111111111
00000000000
0000000000000000000
1111111111111111111
B D E
0000000000000000
1111111111111111 11111111111
00000000000
0000000000000000000
1111111111111111111
B D E
0000000000000000
1111111111111111
00000000000
11111111111
00000000000
11111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111
00000000000
11111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111 00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 0000000000000000
1111111111111111
Area 1 1111111111111111
0000000000000000
Area 3 F 00000000000
11111111111 0000000000000000
1111111111111111
Area 1 1111111111111111
0000000000000000
Area 3 F
00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111 00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111
C
00000000000
11111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111
C
00000000000
11111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111 00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111 00000000000
11111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 G
0000000000000000
1111111111111111
0000000000000000
1111111111111111 00000000000
11111111111 G
0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 0000000000000000
1111111111111111
H
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
00000000000
11111111111 0000000000000000
1111111111111111
H
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111 0000000000000000
1111111111111111
0000000000000000
1111111111111111
0000000000000000
1111111111111111 0000000000000000
1111111111111111
3 types de area: 3 types of router:

stub area: without transit traffic (Area 1) AS border: talks to the outside (A and H)
NSSA: Not So Stubby Area area border: belonging to two areas (B, D, and E)
transit area: (Areas 0 and 3) internal: belonging to one area (C, F, and G)
Routing Routing
OSPF: intra-area routing OSPF: inter-area exchanges

AS X AS X
Area 0 A AS Y Area 0 A AS Y
B D E B D E
Area 1 Area 3 F Area 1 Area 3 F

C C
G G
H H
Broadcasting information within an area Announcements between areas

LAN (broadcast): designated router Area 1 receives announcements from the backbone and Area 3
from B
flooding (without retransmitting information already
B is the default router
received)
Area 3 receives announcements from the backbone and from
Gs announcements to D and F are redundant
Area 1 from D and E can choose D or E

Routing Routing
OSPF: communicating outside the AS OSPF: protocols
AS X
AS Y
Version 2 (RFC 2328) incompatible with OSPF v1
Area 0 A
complex definition with several sub-protocols
B D E
hello: test neighbors and elect a designated router (LAN)
Area 1
base transfer: synchronisation
Area 3 F
C update: send the link states
acknowledgement: confirm updates
G request the link states: know the areas routers (NBMA)
H
encapsulation in IP packets (protocol 89)
use of multicast if available:
Exchanging announcements outside the AS 224.0.0.5: all routers of the network
inform regarding local accessibility 224.0.0.6: the designated routers
careful not to transform the network into a transit network
Routing Routing
OSPF: generic header ComNet: course 4/5 outline

0 7 15 23 bit 31 1 The network layer
Version Type Packet length Background
Router ID
TCP/IP integration
Area ID
Checksum Authentication type IPv4 packet structure
Authentication 2 IPv4 addressing and control
CIDR addressing
Data Control messages
Related mechanisms
Version = 2
3 Routing
Type = 1 (Hello), 2 (database description), 3 (link state request), 4 (link state update), 5 (link state
acknowledgement)
Basic algorithms
Packet length = size with header Routing hierarchy
Router ID = unique even if there are multiple interfaces
Area ID = area where the router is located
Authentication = allows use of MD5 An exterior gateway protocol : BGP
Data... many structures: see RFC 2328

Routing Routing
BGP: introduction BGP: topology
De facto external routing protocol AS AS 7486

5511
chronology of standards:
EGP (1984): RFC 904
BGP-1 (1989): RFC 1195
BGP-2 (1990): RFC 1163
BGP-3 (1991): RFC 1267
AS 947 AS 24
BGP-4 (1995): RFC 1771, 1772, and 1773
CIDR support
large scale adoption as of 95, with the commercialization of BGP is based on a set of interconnected ASes
the Internet each AS has a unique 16 bit identifier
path vector protocol: attributed by a registrar (ARIN, RIPE-NCC...)
similar to distance vector protocols as for network prefixes
allows application of policy constraints approx. 25,000 have been assigned (64512 to 65535 are
private)
Routing Routing
BGP: AS/network relationship BGP: border gateway

An AS is not necessarily a network
Tier-1s often split their networks:
AS AS 7486
ATT: 5074, 6341, 7018... 5511
MCI (UUnet): 284, 701, 702, 12199...
Sprint: 1239, 1240, 6211, 6242...
AS 5074 AS 6341 AS 7018

AS 947 AS 24
an AS number can be shared:
AS 7046: Crestar Bank + NJIT + Hood Clg (clients AS 701)
AS 701 passageways to other ASes
associated with two types of connection:
AS 7046 AS 7046 AS 7046 external (eBGP)
internal (iBGP)
and many stub networks have no need of BGP or an AS
number (static routing at the networks edge)

Routing Routing
BGP: eBGP connections BGP: iBGP connections
AS AS 7486
AS AS 7486
5511
5511
AS 947 AS 24
AS 947 AS 24
interior BGP
exterior BGP
interconnection between the border routers of an AS
interconnection between ASes by border routers
TCP connections on port 179, routed using the ASs IGP
BGP signaling over a direct TCP connection on port 179
full mesh
Routing Routing
BGP: information exchanged BGP: messages

81.217.16.0 /22 (723, 211, 9654)
AS 30 Only 4 BGP messages:
AS 723 OPEN: open the connection

KEEPALIVE: maintain the connection
81.217.16.0 /22 sent periodically
(1022,211,9654)
AS 211 AS 1022 NOTIFICATION: close the connection
UPDATE: exchange the prefixes with attributes
initially, all the information
AS 9654
later, updates
81.217.16.0 /22 AS 8327 announcing of new routes
withdrawing of previously announced routes
What information is exchanged between ASes?
mainly IP prefixes and the AS paths towards them

Routing Routing
BGP: attributes (1) BGP: attributes (2)
ORIGIN : where one has learned about the prefix

Value Code Reference IGP = from within the AS
----- --------------------------------- --------- EGP = from outside the AS
1 ORIGIN [RFC 1771] INCOMPLETE = manual configuration
2 AS_PATH [RFC 1771]
3 NEXT_HOP [RFC 1771] AS PATH : series of ASes traversed by the announcement
4 MULTI_EXIT_DISC [RFC 1771] allows loop detection
5 LOCAL_PREF [RFC 1771]
... NEXT HOP : to whom to send traffic for the announced prefix
8 COMMUNITY [RFC 1997] last router of the preceding AS
... 135.207.0.0 /16
19-254 Unassigned 12.125.33.9
255 reserved for development 80.132.50.7
AS 8524 AS 26
Announcement = prefix + some attributes (not all) AS 947
135.207.0.0 /16 135.207.0.0 /16 135.207.0.0 /16
NH =12.125.33.9 NH =12.125.33.9 NH =80.132.50.7
Routing Routing
BGP: attributes (3) BGP: attributes (4)
MULTI EXIT DISC : when there are many exits from an AS LOCAL PREF : administrative preference
prefer the smaller value prefer the highest value
192.33.182.0 \24
(24, 947) MED=300
AS 7486
AS 7486
AS 743 AS 24
192.33.182.0 \24
192.33.182.0 \24
AS 947
AS 947 AS 24 192.33.182.0 \24 AS 9611
(24, 947) MED=200
192.33.182.0 \24 (24, 743, 947) LP=80 Priority
Priority
192.33.182.0 \24 (9611, 947) LP=50

Routing Routing
BGP: advertisements BGP: route selection algorithm

Sending an UPDATE message
which prefixes to announce Strongest to weakest choice criteria:
senders choice
which attribute values to assign?
1 highest LOCAL PREF
it depends on the attribute 2 shortest AS PATH
AS PATH = prior AS PATH precedent + current ASs number but not necessarily the shortest path
MULTI EXIT DISC = depends upon the sender... 3 smallest MULTI EXIT DISC
Receiving an UPDATE message 4 priority to paths learned via eBGP over iBGP
which information to take into account? 5 shortest path to reach the NEXT HOP
prefix choice (filtering) IGP metrics
possible to modify the attributes
6 smallest router ID
what to do with the accepted information?
choose routes
use of a decision algorithm...
Routing Routing
BGP: policy choices? BGP: importing routes

Yet another attribute... F Provider route Providers
P Peer route F
COMMUNITY : allows coloring of routes C Client route F
F F
list of values indicating the communities to L Local route
which a prefix belongs
32 bits (16 bits AS coloring + 16 bits freely
C P FL
chosen) PL F L C
P P
announcements are usually colored upon entry C FC P L L
F P
to an AS Peers P PC F C P C P Peers
L L
client community
P LF P F F
peer community PL C P L
provider community L P
allows filtering at the AS exit
e.g., do not inject prefixes from one peer to C
another peer
C C
Clients
C C
(thereby turning the AS into a transit AS) C

Routing Routing
BGP: exporting routes BGP: connectivity
F Provider route L Providers

C Filter
P Peer route
C Client route L C C L anti
Does BGP guarantee connectivity?
L Local route C L L C P F
no, some networks can remain unreachable
C P FL depends upon the policies encountered on the announced paths:
PL F L
C P AS "X"
C L C C FC P L L
F
C L
Peers P C F P C L Peers L
CL F P LCL
F C C AS "A"
L L AS "B"
PL CFP L
L
C
F P LF C C if X does not announce A to B...
C L LP
P P
L P C C F CL
F P Clients
Routing Routing
BGP: convergence BGP: problems
errors carry throughout the Internet

a misconfigured AS can indicate that it has the best route for
Does BGP guarantee convergence to a stable route? all destinations...
without changes, there can be oscillations (route flapping) exponential growth in the number of announcements
one router announces a prefix, then abandons it more and more ASes
associated with broken links smaller and smaller prefixes
with changes, the number of annoncements is high no aggregation due to multihoming
some ASes cansee 106 UPDATE per day complex to manage
the graph of the ASes depends on ones perspective
attempt to dampen route flapping
use of route dampening
Ethernet architecture Ethernet architecture
Point-to-point architecture Point-to-point architecture
Computer Networks (ComNet) 5/5 : 1 Ethernet architecture

technology
Data link and physical layers hardware
IEEE standards
2 Point-to-point architecture
HDLC
Version 6.3 PPP: basic mechanisms
PPP: usages
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 5/5 : Data link and physical layers Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 5/5 : Data link and physical layers

Underlying technologies and OSI model OSI: the data link layer
7 Application Application The data link layer carries bits over a medium using a particular
APDU
Interface Interface transmission technique. The associated functions are:
6 Presentation Presentation framing and error control
sequencing, reliability, and flow control
5 Session
Session protocol
Session three technology types for the data link layer:
point-to-point
Transport protocol
multipoint without broadcast U.E. RTEL
multipoint with broadcast (shared medium)
Router

Data link Routing 2
layer process process

2 3 2 2 3
Data link
Frames Packets protocol
here here
Transmission
line to a router
OSI: physical layer Underlying technologies and TCP/IP

The physical layer is associated with signal transmission:
specification of the medium and the signaling
bit encoding, baseband or passband transmission HTTP SMTP SNMP DNS
characteristics of the electrical, optical, radio, signals. . .
characteristics of the media:
impedance of electrical cables, attenuation, max. length. . . TCP UDP
multimode, monomode fiber optics. . .
connector shapes, conduit colors. . .
IP
ere
Ground osph
Copper Insulating Braided Protective
wave Ion
core material outer
conductor
plastic
covering Ethernet ATM MPLS PPP
Earth's surface Earth's surface

(a) (b)
Sheath Jacket
Core
(glass)
OSI data link + physical layers layers underlying TCP/IP
Cladding Jacket
(glass) (plastic) Core Cladding
(a) (b)
technology technology
hardware hardware
IEEE standards IEEE standards
ComNet: course 5/5 outline Ethernet: introduction
Until the 1990s: many LAN technologies

1 Ethernet architecture Ethernet, Token Ring, FDDI, ATM...
technology
Today (for wired networks): LAN = Ethernet
hardware
IEEE standards Ethernet is to local networks what Internet is to
planetary-scale networks
why?
2 Point-to-point architecture appeared first (mid-1970s)
HDLC simple
PPP: basic mechanisms decentralized
PPP: usages autoconfigurable
economical and adaptable
hardware hardware
Ethernet: where? Ethernet: various flavors

Different types of Ethernet. . .
1
0
0
1
0
1 two topologies:
... ... ... bus, star
11
00
00
11
various media:
00
11
coaxial cables, twisted pair, fiber optics
wide range of bandwidths:
10
0 1
10 Mbps, 100 Mbps, 1 Gbps, 10 Gbps, 40 Gbps, 100 Gbps
... ...
. . . but all on the same basis:
1
0
0
1
11
00
LAN addresses
frame structure
... ...
0
1
11
00 10
0 1
... connectionless service with no reliability guarantees
generally, baseband (digital) transmission
hardware hardware
Ethernet: LAN addresses Ethernet: frame structure (1)

Delimiting the frame:
Interface addresses (6 bytes, hexadecimal notation) identifier beginning
also called: preamble
Ethernet addresses detecting the sending of a frame
synchronization to the senders clock
physical addresses
mark the start of the frame (8th byte)
MAC (Media Access Control) addresses
end
flat address space, administered by the IEEE no current during the interframe gap: IFS (Inter Frame
00:10:A4:87:BF:1A Spacing)
10
0 1 8 octets 6 octets 6 octets 2 46 1500 max octets 4 octets
00:04:76:21:25:EA
Prambule Adresse Adresse
Type Donnes CRC
101010101010....1011 destination source
00:19:78:27:94:1A
00
11
11
00 00:04:76:21:27:8E
3 octets 3 octets
00:78:77:0A:91:84
h
00:10:A4:86:2D:0B Code Code
00
11
11
00 10
0 1 constructeur unique
00:20:ED:87:FD:E6
1: Diffusion ou multipoint
0: Adresse individuelle
hardware hardware
Ethernet: frame structure (2) Ethernet: service
Destination and source addresses

Service offered to the network layer:
an interface only accepts frames that are addressed to it connectionless
Ethernet type (Ethertype) > 1500: datagram service (just like IP or UDP)
0x0800 = DoD Internet 0x0806 = ARP no setup exchange prior to sending data
0x0801 = X.75 Internet 0x8035 = RAP no reliability guarantees
0x0802 = NBS Internet 0x8098 = Appletalk error control (and discard without warning)
0x0803 = ECMA Internet 0x86DD = IPv6...
no error correction
Data: no acknowledgements
MTU (Maximum Transfer Unit) = 1500 bytes the sender does not know if the data has been delivered
minimum size = 46 bytes plus with, if necessary, the addition no flow control (except in switches)
no receiver window
of padding bytes (sent at the network layer) loss detection at the higher layers (e.g., TCP)
CRC-32 (Cyclic Redundancy Check), generator polynomial: simplicity
G (x) = x 32 + x 26 + x 23 + x 22 + x 16 + x 12 + x 11 + x 10 + x 8 + x 7 + x 5 + x 4 + x 2 + x + 1
hardware hardware
Ethernet: transmission Medium access protocole

Direct sender-receiver connections see following slides
Baseband Shared links:
direct sending of digital signals channel sharing protocols
Manchester coding for 10 Mbps bandwidth static bandwidth share (R/N per sender)
20 Mhz bandwidth required (1B/2B) frequency division multiplexing (FDM)
time division multiplexing (TDM)
for higher bandwidths, 4B/5B (FDDI), 8B/10B (Fiber
Channel), 64B/66B and various encapsulations (FR, ATM, resource sharing protocols (taking-turns protocols)
SONET...) deterministinc bandwidth share (R per sender)
Bit stream 1 0 0 0 0 1 0 1 1 1 1
polling
token-passing
(a) Binary encoding
random access protocols

(b) Manchester encoding
statistical bandwidth sharing (R per sender) but collisions are
possible
ALOHA
CSMA Ethernet
hardware hardware
ALOHA CSMA
University of Hawaii, 1970 Improvement over the random approach
datagram based radio network carrier sensing: CSMA (Carrier Sense Multiple Access)
random access protocol, completely decentralized wait before sending
if collision, retransmission after a random wait time collision detection: CSMA/CD (CSMA with Collision
User Detection) retransmissions
example with a mini frame size of 64 bytes
A T detection: 64 bytes at 10 Mbps = 512/107 = 51, 2sec
T prop. max: 2 * 2500m at 2.108 ms 1 = 25sec + 8 trepet
B Packet starts Packet almost
A B A B
at time 0 at B at -
C
(a) (b)
D
Noise burst gets
E back to A at 2
A B A B
Time
(c) Collision at (d)
time
hardware hardware
Ethernet access protocol (1) Ethernet access protocol (2)
Protocol steps carried out by interfaces:

1 build and store the frame
How interfaces function:
2 if activity detected, wait for end of signal
start sending at any moment: time not discretized 3 wait for 96 bit IFS (without detecting a signal)
no sending if activity is detected on the channel: CSMA 4 start transmission
stop sending if other activity is detected: /CD 1 if collision is detected
wait a (growing) random amount of time before 1 stop transmitting
retransmission: TBEB (Truncated Binary Exponential 2 32 bit jam sequence
3 exponential backoff (for the nth consecutive collision) of
Backoff) int(rand()*2min(10,n) )* 512 bits (exponential backoff phase)
then return to step 2.
2 if not, continue transmitting until the end
hardware hardware
Ethernet: 10Base5 Ethernet: 10Base2
bandwidth: 10 Mbps bandwidth: 10 Mbps

topology: extended bus, with hosts connected via topology: extended bus (51.2s max 4 repeaters and 925m
transceivers that are attached to a coaxial cable by a blue max. between 2 stations)
cable (51.2s max between 2 hosts 4 repeaters + 2500m medium: black coaxial cable of 200m (185m max) and 30
max.) hosts max per segment, BNC T-Connecters and 50
medium: yellow coax., 500m max., and 2 50 terminating terminating resistors
resistors 0
1
1
0
0
1
0
1
0
1
0
1
1
0
0
1
0
1
0
1
0
1 0
1
1
0
0
1
0
1
1
0
0
1
0
1 111111111111111111
000000000000000000
00000
11111 111111111111111111
000000000000000000
00000
11111
0
1
0
1
0
1
0
1
0
1
0
1
0000000000000
111111111111100000
11111 0000000000000
111111111111100000
11111
1111111111111
000000000000000000
11111 1111111111111
000000000000000000
11111
000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111
00
11
11
00
00
11
00
11
00
11
00
11
1
0
0
1 11111111111111111
00000000000000000
00000
11111
0
1
0
1
0
1
0
1
000000000000
11111111111100000
11111
000000
111111
1111111111111
0000000000000
0000000000000111111
000000
1111111111111
000000
111111
0
1
1
0 0
1
1
0
0
1 0
1
0
1 0
1
0
1 0
1
0
1 0
1
1
0 1
0
1111111111111
000000000000000000
11111 1111111111111
000000000000000000
11111
000000000000011111
00000 000000000000011111
00000
0
1 0
1
0
1 0
1
0
1
0
1
0
1
0
1
0
1
0
1
111111111111100000
11111 111111111111100000
11111
1111111111111
000000000000000000
11111 1111111111111
000000000000000000
11111
000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111
hardware hardware
Ethernet: 10BaseT Ethernet: 100BaseTX (Fast Ethernet, 1995)

bandwidth: 10 Mbps bandwidth: 100 Mbps
topology: star based at a hub topology: hub based star
medium: twisted pair, 100m max. (UTP3), RJ45
medium: twisted pair, 100m max (UTP5), RJ45 connectors
connectors
access: coding: 4B/5B (FDDI)
half duplex CSMA/CD access:
multiple cascading hubs possible (51.2s max) half duplex CSMA/CD, minimum 64 bytes
full duplex point-to-point bidirectional simultaneous 2 hubs can be linked (but 5.12s max: 210m max)
(without collisions) length limits and corporate networks... see switches
activity detection (Link Pulse every 168 ms) full duplex point-to-point simultaneous bidirectional
0
1
1
0
0
1
0
1
0
1
0
1
0
1
1
0
0
1
0
1
0
1
0
1
activity detection (Fast Link Pulse: 33 pulses/16 ms)
1111111111111
000000000000000000
11111 1111111111111
000000000000000000
11111
000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111 FLP consists of 16 bits for autonegotiation
00
11
detection of possible speeds, modes, and available mechanisms
11
00
00
11
00
11
00
11
00
11
11111111111100000
000000000000
111111111111
000000000000
11111
00000
11111
00000
11111
many variants:
100BaseT4: 4 UTP3 twisted pairs (no full duplex)
0
1
1
0
0
1
0
1
1
0
0
1
100BaseFX: 2 optical fibers (400m MMF, 20km SMF)
0
1
0
1 0
1
0
1
0
1 0
1
111111111111111111
000000000000000000
00000
11111 111111111111111111
000000000000000000
00000
11111
000000000000011111
1111111111111
Olivier Fourmaux (olivier.fourmaux@upmc.fr) 00000Computer1111111111111
0000000000000
Networks 00000
11111 (ComNet) 5/5 : Data link and physical layers Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 5/5 : Data link and physical layers
hardware hardware
Ethernet: 1000BaseT (Gigabit Ethernet, 1998) Ethernet: 10GBaseT (10Gigabit Ethernet, 2002)
bandwidth: 1000 Mbps (1 Gbps)

topology: hub based star bandwidth: 10 Gbps
medium: twisted pair, 100m max., UTP5+ (4 pairs) topology: switch based star
coding: 8B/10B (= Fiber Channel 1G) medium:
access: optical fiber:
half duplex CSMA/CD, min. 512 bytes (extend the MMF and SMF (from 65m to 40km max.)
medium if necessary) 4.01s rather than 0.512s! multiplex SONET/SDH : OC192 (10Gbit/s)
2 hubs can be connected (still 210m max) twisted pair:
performance? carrier extension plus burst 100m max. on Cat. 6e (FTP 500MHz), 6a (UTP 500MHz)
and 7 (STP 600MHz)
full duplex point-to-point simultaneous bidirectional
many variants: access: full duplex only (no more CSMA/CD)
1000BaseCX : 2 shielded twisted pairs (STPs): 25m coding: 64B/66B (= Fiber Channel 10G)
1000BaseSX : 850nm multimode optical fiber (MMF): 500m
1000BaseLX : 1300nm MMF and singlemode fiber (SMF): 5km
hardware hardware
Ethernet: 40/100G (100Gigabit Ethernet, 2009) Broadcast networks

IP transport:
address resolution
bandwidth: 40/100 Gbps
encapsulation format
topology: switch based star
Multiple access on a shared medium: implicit broadcast
medium:
optical fiber: B
11
00
100m on OM3 MMF 11
00
00
11 1
0
11
00 1
0
1
0
11
00 1
0
40km max. on SMF

multiplexed SONET/SDH: OC768 (40Gbit/s)
twisted pair:
a few meters (backplane)
access: only full duplex A
11
00
11
00 C
1
0 11
00 1
0
1
0
hardware hardware
ARP: Address Resolution Protocol ARP over Ethernet

ARP messages are transported directly in Ethernet frames:
Explicit broadcast (use of a broadcast address)
ARP request: destination address = broadcast
(FF:FF:FF:FF:FF:FF), source = requester
? ? @IPB
@HB ARP response: destination address = requester,
11
00
00
11
11
00 1
0
00
11 1
0
11
00 1
0
1
0 source = responder
6 octets 6 octets 2 46 1500 max octets 4 octets
Adresse Adresse
Type ARP CRC
destination source
Broadcast @H (@IPB)?
2 octets 2 octets 1 1 2 octets Hlen octets Plen octets Hlen octets Plen octets
@IPA ? HW Proto H P Oper

Sender HA Sender PA Target HA Target PA
@HA type type len len ation
11
00
11
00 @IPC 1: ethernet 1: request
1
0 11
00 1
0
0
1
@HC 0x0800 : IP 2: response
(ethernet=6)
(IP=4)
hardware hardware
IP over Ethernet ComNet: course 5/5 outline
Ethertype > 1500:
0x0800 = DoD Internet 1 Ethernet architecture

Data: technology
hardware
MTU: maximum IP packet size = 1500 bytes
IEEE standards
minimum size = 46 bytes (the IP packet can be smaller)
if necessary, add padding bytes
8 octets 6 octets 6 octets 2 46 1500 max octets 4 octets 2 Point-to-point architecture
Prambule Adr. MAC Adr. MAC HDLC
08 00 CRC
PPP: basic mechanisms
PPP: usages
Entte IP Donnes IP (bourrage)
hardware hardware
Ethernet hub Interconnecting hubs
physical layer entity (bit level) in a multilevel system (several hubs)

LAN = the entire local network (collision domain)
multiport repeater
segment = the equipment connected to a hub
a bit arriving on one interface is broadcast to the others
benefits:
administration through SNMP, RMON... 4 increases connectivity
interconnecting hubs 4 increases redundancy (in case hubs break down)
linearly 8 physical limitations (distance, number of machines. . . )
hierarchically with a federating hub... 8 reduces the bandwidth per host
1
0
0
1
0
1
1
0
0
1
0
1
8 increases collisions (and so reduces overall bandwidth)
0
1 0
1
0
1 0
1
0
1 0
1
00000
11111 00000
11111 11
00
00
11
1111111111111
0000000000000
000000000000011111
111111111111100000 1111111111111
0000000000000
000000000000011111
111111111111100000 00
11 11
00
00
11 1
0
0
1 11
00
00
11 1
0
0
1 11
00
00
11
00000
11111 00000
11111 00
11 00
11 0
1 00
11 0
1 00
11
000000000000
1111
11111111 0000000000
1111111111 000000000000
1111 000
11111111 11100000000
11111111 00000000000
111
11111111 0000000000
1111111111
11
00
00
11
00
11
00
11
00
11
00
11
00000
11111 11
00 11
00
00
11 00
11
1111111111
000 111
000
111111111111
000000000000
00000000000011111
00000 00
11 00
11
11111111111100000
11111 0000000 00011111111
00000000
0000000111
1111111000 111
00000000
11111111
hardware hardware
Ethernet bridge Bridge: filtering and forwarding

Filtering
link layer entity (frame level)
frame switching determining whether to accept or reject a frame
filters on the basis of destination address Forwarding
an arriving frame is sent out on the destination port only choosing the output interface
record + CSMA/CD (entities without address)
LAN address Interface Time
benefits: 00:10:A4:86:2D:0B 1 09: 32: 55
4 separation of collision domains table: 00:04:76:21:27:8E 3 09: 32: 55
4 multi-technology (10Base2 with 100BaseTX...) 00:04:76:21:1B:95 3 09: 32: 55
4 no more physical limitations ... ... ...
00
11
11
00 00
11 0
1 00
11 0
1 00
11
algorithm, using the table:
00
11
00
11 11
00 1
0 11
00 1
0 11
00
00
11 0
1 00
11 0
1 00
11 when a frame with @LAN dest arrives on If x, the table shows
000000000000
1111
11111111 0000000000
1111111111 000000000000
1111 000
11111111 11100000000
11111111 00000000000
111
11111111 0000000000
1111111111 output port IF y:
if IF x = IF y then the frame comes from the destination
11
00 11
00
00
11 00
11 segment filter
00
11
1111111
0000000000
111 111
000
00
11
0000000111
1111111000 00011111111
00000000
111
00000000
11111111 otherwise, send the frame on IF y forwarding
hardware hardware
Transparent bridging Bridge: redundancy
Autonomous learning
table creation algorithm: multiple paths
1 table initially empty 4 backup path
2 upon frame reception, insertion into the table of: 4 autoconfiguration
1 its @LAN source 8 loops (duplicate frames)
2 its arrival interface spanning tree protocol (STP)
3 its arrival time
3 the entry remains valid for a limited time only
11
00
00
11
00
11 11
00 1
0 11
00 1
0 11
00
note: 00
11 00
11
00
11
0
1
0
1
00
11
00
11
0
1
0
1
00
11
00
11
if @LAN dest is not in the table then broadcast (copy to the 000000000000
1111
11111111 0000000000
1111111111 000000000000
1111 000
11111111 11100000000
11111111 00000000000
111
11111111 0000000000
1111111111
other interfaces, record + CMSA/CD)
such bridges are called: 11
00 11
00
00
11 00
11
00
11
1111111
0000000000
111 111
000
00
11
plug and play (no configuration required) 0000000111
1111111000 00011111111
00000000
111
00000000
11111111
transparent (they do not themselves have addresses)
hardware hardware
Bridges: STP (Spanning Tree Protocol) Bridge or router

Bridge (layer 2): forwards frames
bridged LAN with redundancy graph (nodes = bridges) 4 autoconfigurable
graph without loop = tree construction of a spanning tree 4 forwarding performance
each bridge has an ID number: the smallest becomes the root
8 all frames follow the same tree (SPF)
exchange of BPDUs <id root, dst root, id snd,
num port>
8 global broadcasting
disable the ports that are not on the shortest path to the root limited network size (100 machines)
simple functionality
Router (layer 3): forwards packets
00
11
11
00
4 no loops (TTL-limited forwarding)
00
11 00
11
11
00 0
1
1
0 00
11
11
00 0
1
1
0 00
11
11
00
00
11 00
11 0
1 00
11 0
1 00
11 4 calculation of the best path (routing)
111111111111
0000
00000000 1111111111
0000000000 111111111111
0000 000
00000000 11100000000
11111111 00000000000
111
11111111 0000000000
1111111111 8 manual configuration
8 slower treatment of each PDU
11
00
00
11 11
00
00
11
00
11
1111111
0000000000
111 111
000
00
11 large networks (1000 machines)
0000000111
1111111000 00011111111
00000000
111
00000000
11111111 intelligent functionality: traffic isolation,
filtering. . .
hardware hardware
Ethernet switch Store and forward switching

high performance bridge (layer 2)
many interfaces ( hub)
Storing prior to forwarding the frame
high aggregate bandwidth switching fabric
multi-bandwidth bridge functionality
10 Mbps, 100 Mbps, 1 Gbps... storage of the complete frame (and CRC-32 calculation)
full duplex minimum latency LF /Ri (LF frame size, Ri output bandwidth)
00
11 11
00 00
11 11
00
possible to avoid CSMA/CD ( point-to-point links) 11
00
00
11
00
11
00
11
00
11
00
11
00
11
00
11
00
11
00
11
11
00
00
11
00
11
00
11
00
11
00
11
00
11
00
11
00
11
00
11
11111
00000 11111
00000
0000000000000
1111111111111
000000000000011111
00000 000000000000000000
111111111111111111 0000000000000
1111111111111
000000000000011111
00000 111111111111111111
000000000000000000
11
00
00
11
00
11
00
11
11
00
00
11
111111111111100000
11111 000000000000011111
111111111111100000
00000
11111 111111111111100000
11111 000000000000011111
111111111111100000
00000
11111
00
11
00
11 00
11
00
11 00
11
00
11
111111111111111111
000000000000000000 00000
11111
000000000000011111
00000 1111111111111
0000000000000
000000000000011111
00000
Workgroup Switch
1111111111111
Catalyst
00000
11111 1111111111111
CiscoSystems
100 00000
11111 00
11 00
11
00
11 00
11
00
11 11
00 00
11 11
00
10 11
00 00
11 11
00 00
11
00
11 00
11 00
11 00
11
00
11 00
11
00
11
00
11
00
11
111111111111
00000000000000000
11111
00000
11111
00
11
00
11
00
11
111111111111
00000000000000000
11111
00000
11111
111111111111111111
00000 111111111111111111
00000
Workgroup Switch
00000000000011111
111111111111 00000000000011111
111111111111
Catalyst
00000 00000
CiscoSystems
0000000000000 0000000000000
100
1000 000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111
00
11
11
00
11
00 00
11
00
11
00
11 00
11
00
11 00
11
00
11
00
11
111111111111
00000000000000000
11111
00000000000011111
00000
00
11
1111111111111
000000000000000000
11111 11111111111100000
11111
000000000000011111
111111111111100000
00000
11111
hardware hardware
Cut-through switching Ethernet hierarchy (1)
Direct transmission WAN
hub functionality Router
send as soon as the output buffer is empty

minimum latency = time to read the destination address
example: 100Mbps, 1518 frame gain 120s
no integrity check on the frame (CRC-32)
00
11 00
11 00
11 00
11
11
00 11
00 11
00 11
00
00
11 00
11 00
11 00
11
00
11 00
11 00
11 00
11
00
11 00
11 00
11 00
11
00
11 00
11 00
11 00
11
111111111111100000
000000000000011111
00000
11111 0000000000000
111111111111111111
00000 111111111111100000
000000000000011111
00000
11111 1111111111111
000000000000000000
11111
1111111111111
000000000000000000
11111 000000000000011111
111111111111100000
00000
11111 1111111111111
000000000000000000
11111 000000000000011111
111111111111100000
00000
11111
Workgroup Switch
CiscoSystems Catalyst
11
00
00
11 11
00
00
11
11
00 00
11
00
11 11
00 00
11
00
11
00
11
00
11 00
11 00
11
00
11 00
11
00
11 00
11
00
11
00
11
000000000000
11111111111111111
00000 00
11
00
11
111111111111
00000000000000000
11111
00000000000011111
00000 00000000000011111
00000
00
11 00
11
1111111111111
000000000000000000
11111 11111111111100000
11111 1111111111111
000000000000000000
11111 11111111111100000
11111
000000000000011111
111111111111100000
00000
11111 000000000000011111
111111111111100000
00000
11111
hardware hardware
Ethernet hierarchy (2) VLAN (1)

Additional functionality associated with full duplex: Generic cabling infrastructure
flow control (back pressure) logical LAN configuration: Virtual LAN
avoid frame loss due to switch overload Cable
duct
direct a PAUSE frame to the sender (IEEE 802.3x)
link aggregation (Ethernet trunk, NIC teaming, port Hub
channel, port teaming, port trunking, link bundling,

EtherChannel, Multi-link trunking, NIC bonding, network Corridor
bonding, Network Fault Tolerance...)
parallel use of several cables/ports to increase bandwidth and Switch
redundancy Hub
same switches, identical link bandwidths
late standardisation (IEEE 802.3ad in 2000, 802.1ax in 2008
with the Link Aggregation Control Protocol)
Twisted pair Office
to a hub
virtualisation ... picture from Tanenbaum A. S. Computer Networks 4rd edition
hardware hardware
VLAN (2) ComNet: course 5/5 outline

Configuration table in bridges and switches
assigns VLANs
by port 1 Ethernet architecture
by LAN address
by protocol or layer 3 network
technology
hardware
several VLANs per port for transit (Virtual STP)
IEEE standards
A B C D A B C D
G W W W
1
3 4
I GW M I
G W
M 2 Point-to-point architecture
J N J
G W
N HDLC
G W
K
B1
GW
B2
O K
G
S1
GW
S2
W
O
GW G PPP: usages
L L
2
G W G G
E F G H E F G H
hardware hardware
IEEE 802 standardization 802.1x
Definition de larchitecture de standardisation:

Some interesting standards:
802.1d MAC Bridges
802 Overview & Architecture
802.2 LLC STP...

802.10 Security
802.1f MIB IEEE 802

802.1 Management
802.1 Bridging
802.1g MAC distant bridging
802.3 802.5 802.11 802.15 802.16 LAN interconnection of LAN with WAN technologies
MAC MAC MAC MAC MAC
802.1h MAC Bridging of Ethernet V2 in IEEE 802 LAN
802.3 802.5 802.11 802.15 802.16
802.1q Virtual Bridged LAN...
PHY PHY PHY PHY PHY
CSMA/CD Token ring WLAN WPAN WMAN
hardware hardware
802.1q (1) 802.1q (2)
Adds a VLAN identifier to the frame: Evolution of the Ethernet frame structure: 1522 bytes max!
only 802.1q enabled equipment exchanges the new frames
VLANaware VLANaware Legacy Legacy
end domain core domain end domain PC possibility to identify 4096 VLANs
3 pirority bits
Destination Source Check

802.3 Length Data Pad
address address sum
Tagged Tagged Destination Source Check

802.1Q Tag Length Data Pad
frame frame address address sum
VLAN
aware VLANaware Switching done Legacy C
PC switch using tags frame VLAN protocol Pri F VLAN Identifier
picture from Tanenbaum A. S. Computer Networks 4rd edition ID (0x8100) I
hardware hardware
802.2 bridging IEEE 802.2

Subdivision into two sublayers of the OSI link layer Network layer Packet
LLC (Logical Link Control) sublayer

MAC (Medium Access Control) sublayer Data LLC LLC Packet
allows direct bridging of different IEEE 802 networks: link
layer MAC MAC LLC Packet MAC
Host A Host B
Network
Physical layer Network
Pkt Pkt
Bridge
LLC Pkt Pkt Pkt Destination Source Check

802.3 Length Data Pad
address address sum
MAC 802.3 Pkt 802.3 Pkt 802.4 Pkt 802.4 Pkt

Frame Dur Address Address Address Address Check
802.11 control Seq. Data
ation 1 2 3 4 sum
Physical 802.3 Pkt 802.3 Pkt 802.4 Pkt 802.4 Pkt
802.3 Pkt 802.4 Pkt E C Header Check

802.16 0 Type EK Length Connection ID Data
C I CRC sum
CSMA/CD LAN Token bus LAN
hardware hardware
IEEE 802.3: CSMA/CD IEEE 802.3: naming

802.3 1985 10Base5 thick coax 50
802.3a 1988 10Base2 thin coax 50
SNAP/LLC encapsulation: 802.3b 1985 10Broad36 coaxial TV 75
802.3i 1990 10BaseT on 2 UTP3 pairs
8 octets 6 octets 6 octets 2 46 1500 max octets 4 octets
802.3j 1993 10BaseF on MM/SM fibers
Prambule Adr. MAC Adr. MAC
Taille CRC 802.3u 1995 100BaseT4 on 4 UTP3 pairs
802.3x/y 1997 100BaseT2 on 2 UTP5 pairs
Code
Sous couche MAC 802.3z 1998 1000BaseX GBIC module
802.3ab 1999 1000BaseT on 4 UTP5 pairs
1 1 1 3 octets 2 octets 802.3ac 1998 VLAN for 802.3
DSAP SSAP Ctrl Organisation (Eth)
802.3ad 2000 Trunking
AA AA 03 00 00 00 Type Donnes 802.3ae 2002 10GBaseX on MM/SM fibers
802.3af 2003 Power-over-Ethernet
SNAP LLC
802.3ah 2004 Ethernet in the First Mile
Sous couche LLC 802.3an 2006 10GBASE-T on FTP6e or UTP7
802.3ap 2007 Backplane Ethernet
802.3av 2009 10 Gbits/s PHY EPON
802.3ba 2009 Ethernet 40 and 100 Gbits/s
hardware hardware
IEEE 802.5: Token Ring IEEE802.11: WLAN (Wireless Ethernet)

Ring Station
interface
1 bit
delay
Ring
interface service zone: cell or BSS (Basic Service Set)
wireless stations
Unidirectional
base station or AP (Access Point) acting as an 802 bridge
ring
To From To From MAC: CSMA/CA

station station station station
BSS
(a) (b) (c)
1 1 1
SD AC ED
(a)
AP
Bytes 1 1 1 2 or 6 2 or 6 No limit 4 1 1
Destination Source
SD AC FC Data Checksum ED FS
address address
Frame control
Access control
Ending delimiter
Frame status
...
Starting delimiter
(b)
HDLC HDLC
PPP: basic mechanisms PPP: basic mechanisms
PPP: usages PPP: usages
ComNet: course 5/5 outline Direct communication between two entities
Basic functionalities of point-to-point communications:

1 Ethernet architecture framing
technology functionalities similar to those found in the transport layer are
hardware also possible (except congestion control):
IEEE standards error control
flow control
sequencing (numbering)
2 Point-to-point architecture sliding window
HDLC reliability (acknowledgements and retransmissions)
PPP: basic mechanisms For transporting data:
PPP: usages
no address resolution
encapsulation format
HDLC HDLC
Point-to-point data link layer Point-to-point data link: where?

Point-to-point service defined in the OSI data link layer
Characteristics: 0
1
1
0
0
1
homogeneous interface technology
Router ... ... ...
11
00
00
11
Data link
layer process
Routing
process
2
00
11
2 3 2 2 3
Data link
Frames Packets protocol
here here
10
0 1
Transmission
line to a router
... ...
various transmission units 1
0
0
1
11
00
bits, bytes, cells...
various neighboring layers
can have layers between this layer and the physical layer ... ...
0
1 10
0
can have multiple active elements (multiplexers, modems, 11
00 1
...
bridges, switches, routers, application gateways. . . )
HDLC HDLC
ComNet: course 5/5 outline HDLC: protocol family
Most protocols from the data link layer are related to HDLC:
SDLC (Synchronous Data Link Control) from IBM for SNA
1 Ethernet architecture
technology ADCCP (Advance Data Communication Control Procedure)
hardware ANSI version of SDLC
IEEE standards HDLC (High-level Data Link Control) ISO version of SDLC
LAP (Link Access Procedure) ITU version of HDLC
LAP-B for X25
2 Point-to-point architecture
LAP-D for ISDN
HDLC LAP-F for Frame Relay ...
PPP (Point-to-Point Protocol) IETF standard
PPP: usages
These protocols function over a wide variety of physical media
that enable transmission of bits (or other signals) between two
hosts.
HDLC HDLC
HDLC: structure IP over serial line

Breakdown into bits or bytes SLIP (Serial Line Internet Protocol)
a (flag) used for delimitation (01111110)2 character oriented, delimited with the character 0xC0
series of bits: 01111110 (bit stuffing protection) basic: no control, no negotiation
byte of value 0x7E (byte stuffing protection)
PPP ...
3 frame types (control):
User's home Internet provider's office
Information: data transmission with a sliding window (max. PC
Modems
7 unacknowledged frames) Client process

using TCP/IP
Supervisory: flow control, non-piggybacked ACK, NACK, Dial-up
telephone line
request for selective retransmission. . .
Unumbered: for internal control in the data link layer Modem
TCP/IP connection
Bits 8 8 8 >0 16 8 using SLIP or PPP
01111110 Address Control Data Checksum 01111110 Router Routing

process
picture from Tanenbaum A. S. Computer Networks 3rd edition picture from Tanenbaum A. S. Computer Networks 3rd edition
HDLC HDLC
ComNet: course 5/5 outline PPP: (Point-to-Point Protocol, RFC 1661)
General protocol many features

multi-protocol
1 Ethernet architecture transports a variety of layer 3 traffic, not just IP
technology operates over a variety of technologies, not just serial lines
hardware negotiation
IEEE standards adaptation to the medium (detection and correction of errors,
protection of modems control codes, header compression. . . )
2 Point-to-point architecture automatic client configuration
HDLC IP
Couche rseau (3)
PAP Compression dentete NCP
PPP: usages Couche liaison (2) CHAP PPP LCP
authentification donnes Adaptation au support ngociation
Couche physique (1) ou assimile...
HDLC HDLC
PPP: protocol structure PPP: protocols carried

Simple encapsulation: adds 2 bytes (compressible to 1) Valeur Description
Protocol: indicates the type of information transported 0x0001 Padding protocol
LCP: control protocol at the link layer 0x0021 IP
negotation of parameters of the underlying medium 0x0029 AppelTalk
(compression, frame size. . . ) 0x002B IPX
PAP and CHAP: authentication protocols 0x002D/2F TCP/IP w/ Van Jacobson header compression
NCP: control protocol at the network layer 0x0057 IPv6
negotation of parameters of the protocol being transported 0x0281 MPLS
(addressing. . . ) specific to each network layer protocol that
0x8021 IPCP: IP configuration
is supported
0x8029 ATCP: AppleTalk configuration
IP, AppleTalk, IPX, IPv6... 0x802B IPXCP: IPX configuration
Payload: contains the frame data 0x8057 IPV6CP: IPv6 configuration
MRU (Maximum Receive Unit) negotiable (default: 1500 B) 0x8281 MPLS configuration
padding if the underlying medium requires it 0xC021 LCP: Link Control Protocol
Bytes 1 1 1 2 (1) Variable 2 1
0xC023 PAP: Password Authentification Protocol
Flag Address Control Flag 0xC025 LQR: Link Quality Report
Protocol Payload Checksum
0111111011111111 00000011 01111110 0xC223 CHAP: Challenge Handshake Authentification Protocol
HDLC HDLC
PPP: classical encapsulation PPP: flag protection

Similar to an HDLC frame for a bytestream: Deux types de liaison point-a-point:
a binary flag: 0111 1110 (0x7E) synchronous (bits: the flag is the sequence 0111 1110)
address (1 byte): 1111 1111 (0xFF, broadcast) bit stuffing protection
there is only one receiver (point-to-point) a 0 bit is added after every five 1 bits
control (1 octet): 01111110111110 0111110101111100
reliable link no control: 0000 0011 (0x03, UI frame, see
RFC 1662) asynchronous (bytes, the flag has the value 0x7E)
optimisation: field suppression Address and Control byte stuffing protection
unreliable link sequencing control (see HDLC, UA and escape byte with value 0x7D:
SABME frames, see RFC 1663) 0x7E 0x7D 0x5E
0x7D 0x7D 0x5D
Protocol and Payload: PPP encapsulation
special byte values for active control of the asynchronous
Checksum (2 bytes): CRC 16 bits connection (correspond to ASCII codes < 32), same protection
another binary flag: 0111 1110 principle:
Bytes 1 1 1 2 (1) Variable 2 1 0x11 (XON: restart the transfer) 0x7D 0x31
Flag Address Control Flag 0x13 (XOFF: stop the transfer) 0x7D 0x33
Protocol Payload Checksum
0111111011111111 00000011 01111110
The available bandwidth is variable!
HDLC HDLC
PPP: negotiation PPP: negotiation frames
Structure of a typical PPP negotiation frame:

0 7 15 bit 31 Val. Code Description LCP NCP
code identifier length 1 Configure-Request change default values [4] [4]
2 Configure-Ack receiver accepts all changes [4] [4]
data 3 Configure-Nak values refused, others proposed [4] [4]
4 Configure-Reject values nonnegotiable [4] [4]
code: indicates the type of negotiation 5 Terminate-Request a host wishes to terminate [4] [4]
6 Terminate-Ack confirm termination [4] [4]
identifier: associates queries with responses 7 Code-Reject code unknown [4] [4]
length: total frame size, with the LCP header 8 Protocol-Reject protocol unknown [4]
allows one to eliminate eventual padding bytes 9 Echo-Request request link state test [4]
10 Echo-Reply link state test reply [4]
data: parameters of the negotiation 11 Discard-Request silently discarded by the receiver [4]
Negotiation begins at the start of the connection
HDLC HDLC
LCP (Link Control Protocol) LCP: option types
Val. Code Length Description

Oversee the state of the link 1 MRU 4 maximum size of received frames
PPP frame protocol field: 0xC021 2 ACCM 6 table of transcoding values
3 authentification 4 type of auth. protocol
initial negotiation when connection is opened 4 qualite 6 type of QoS mgt. protocol
TLV style option definition 5 Magic Number 6 negotiation of this value
see RFC 1570 and RFC 1661 7 compression protocol 2 1 byte protocol field
format: 8 compression address 2 suppression of these fields
and control
1 byte 1 byte (Length - 2) bytes
10 self-describing padding 3 padding parameter that can be
Type Length Value
automatically eliminated
13 callback 3+ ...
HDLC HDLC
PAP (Password Authentication Protocol, RFC 1334) CHAP (CHallenge Authentication Protocol, RFC 1334)
Once the connection is established and the LCP parameters After LCP negotiation and during communication
negotiated identity verification
identity verification PPP frame protocol field: 0xC223
protocol field of the PPP frame: 0xC023 the 2 endpoints share a secret key
cleartext transmission of the identifier and password 4 types of negotiation frames (Configure-Request,
4 types of negotiation frame (Configure-Request, Configure-Ack, Configure-Nak or Configure-Reject)
Configure-Ack, Configure-Nak ou Configure-Reject) format identical to LCP, value of the code field:
format identical to LCP, code value:
1: challenge (binary sequence sent):
1: authentication request:
1B (FieldLgth) bytes
1B (IdLgth) bytes 1B (PassLgth) bytes
FieldLgth binary sequence
IdLgth Identifier PassLgth Password
2: positive acknowledgement: 2: response (sequence returned encrypted with the key
1B (IdLgth) bytes 1B (CCLgth) bytes
certificate):
IdLgth Client message CCLgth encrypted binary sequence
3: negative acknowledgement (retransmission required): 3: success: the received encrypted sequence and the one
1B (IdLgth) bytes calculated locally are identical
IdLgth Client message 4: failure (retransmission necessary)
HDLC HDLC
RADIUS (Remote Auth. Dial-In User Service, RFC 2865) RADIUS: message
Centralization of the information regarding a user: Connectionless service (UDP port 1812)
AAA functions: Authentication, Authorization, and reliability handled at the application layer
Accounting 0 7 16 bit 31
code identifier length
identity verification
authentifier
knowing ones rights and access configuration
format: digest = MD5(code+id.+lgth.+auth req+param+secret)
tracking the users actions
client/server model parameters
client can connect to different access points of an ISP
client: access point of an ISP (PPP endpoint, or other proto.) typical exchange:
server: supports a database of ISP users Access-Request client message
username, encrypted password
Serveur RADIUS
IP address of the access point, UDP port
CHAP FAI session type (PPP, rlogin, telnet...)
PPPoA PAP
10
10 PPP Access-Accept RADIUS server resonse
11
00
00
11 list of session attributes (address, servers. . . )
11
00 ADSL RTC
10 Access-Reject RADIUS server response
the user is not in the database, or does not have access rights
HDLC HDLC
NCP (Network Control Protocol) IPCP (Internet Protocol Control Protocol)

PPP frame protocol field: 0x8021
4 types of negotiation frames (Configure-Request,
After link configuration (LCP) and optional authentication (PAP Configure-Ack, Configure-Nak or Configure-Reject)
or CHAP), configuration of the layer 3 protocols format identical to LCP, value of code field:
2: header compression
one NCP per protocol that is carried:
2 bytes for the type of compression (0x002d for Van
IPCP for IPv4 configuration (RFC 1332) Jacobson; 0x0061 for extended, RFC 2507; 0x0003 for
IPV6CP for IPv6 configuration (RFC 2472) ROHC, RObust Header Compression, RFC 3241)
ATCP for AppleTalk configuration (RFC 1378) 1 byte for the max number of compressed connections
IPXCP for IPX configuration (RFC 1552) 1 byte to indicate the presence of a connection number
OSINLCP for OSI protocol configuration (RFC 1377) 3: 4 byte client IP address
... 4: permanent IP address (home address)
129: primary DNS server IP address
130: primary NBNS server IP address
131: secondary DNS server IP address
132: secondary NBNS server IP address
HDLC HDLC
TCP/IP header compression Differences between two segments

32 bits (4 octets)
PPP must make efficient use of low bandwidth links
Ver Hlen TOS Packet Lenght
interactive TCP/IP connection (telnet...) 11
00
00
11
D F
M F
Identifier 00
11 Frag. offset
Nagles algorithm 00
11
00
11
large headers TTL Protocol Header checksum
example:
trame 1 (A>B) IP source address
0000 45 00 IP destination address
0010 00 29 b5 8e 40 00 40 06 0f 78 84 e3 3d 7a cb 10
0020 ea 14 81 cf 00 15 52 40 18 64 52 65 10 0d 50 18 Source port Destination port
0030 ff ff bb 7b 00 00 64
Sequence number
trame 2 (A>B)
0000 45 00 1111111
0000000
0000000
1111111
G
K
H
T
N
N
0010 00 28 b5 8f 40 00 40 06 0d be 84 e3 3d 7a cb 10 Hlen1111111
0000000
0000000
R
C
S
S
Y
I
0000000
1111111
0000000
1111111
U
A
P
R
S
F
0020 ea 14 81 cf 00 15 52 40 18 65 52 65 10 0e 50 10
0030 ff ff aa 5f 00 00
Checksum Urgent data ptr
HDLC HDLC
Van Jacobson algorithm Compressed IP header

TCP/IP header compression algorithm (RFC 1144)
1st byte: presence of fields
classic headers preserved for SYN, RST, and FIN (protocol C bit: connection ID present
field value 0x0021) C I P S A W U not sent if same as previous
id. connexion
then, compression: U bit: copy
entire packet sent with a connection identifier (0x002F): checksum TCP W bit: window delta
for synchronization (first complete packet) pointeur urgent negative twos complement
for negative ACK or sequence numbers (error) delta fenetre
delta acquittement S/A bits: seq./acq. delta
difference between two headers (0x002D): delta squence no negative values
connection identifier delta id. IP I bit: IP ID delta
state maintained at each endpoint
only the fields that have changed are sent donnes absent = +1
the difference is usually encoded with one byte
8 bits
P bit: copy PUSH TCP bit
Emetteur Rcepteur
0x002D Only the first byte and the deltas encoded in 1 to 2 B
Comp.
inef. 0x002F TCP checksum are required 1 byte:0x01 to 0xFF
TCP/IP SYN TCP/IP
FIN
(3 B min.) 3 B: 0x000100 to 0x00FFFF
RST
UDP/IP 0x0021 UDP/IP
TCP checksum: copy
HDLC HDLC
Error detection ComNet: course 5/5 outline
TCP checsum used to validate the reconstituted packet:

1 Ethernet architecture
Hte A Hte B
technology
S=10 S reconstitu
hardware
S=12 002D|S+2 S=10
S=12 IEEE standards
S=15 002D|S+3
002D|S+2 S=15
S=17 2 Point-to-point architecture
002D|S+3 HDLC
rejet
RTO PPP: basic mechanisms
checksum TCP
non valide PPP: usages
002F| S=12......
HDLC HDLC
POS (Packet Over SONET) POS (2)
PPP Over SONET/SDH (RFC 2615)

PPP initially for low bandwidth PSTN links
also adapted to telecom high bandwidth links
hierarchy of SONET/SDH multiplexing ATM
OC-3c/STM-1 (155 Mbps)

OC-12c/STM-4c (622 Mbps)
OC-48c/STM-16c (2.5 Gbps)
OC-192c/STM-64c (10 Gbps)
OC-768c/STM-256c (40 Gbps)
PPP over synchronous byte-based links
byte-oriented serial connections
goal: closeness to the fiber POS
POS simplifies the IP/ATM/SONET approach
MPLS/POS more flexible (Traffic Eng.)
HDLC HDLC
PPPoA (PPP Over ATM/AAL5, RFC 2364) PPPoA: encapsulations
SNAP/LLC
Telecom operators last mile is usually ATM Destination SAP (0xFE)
VCMUX Source SAP (0xFE) LLC header
Use of AAL 5 ATM connections
Protocol Identifier Frame Type = UI (0x03)
no more HDLC framing (8 or 16 bits) NLPID = PPP (0xCF)
adaptation of CPCS PDU AAL 5 frames ... Protocol Identifier
padding (multiples of 48 bytes) PPP information field PPP payload (8 or 16 bits)
two RFC 1483 encapsulations: ... ...
VC-multiplexed PPP PAD ( 0 - 47 bytes) PPP information field PPP payload
the endpoints know that they are transporting PPP CPCS-UU (1 byte) ...
CPI (1 byte) PAD ( 0 - 47 bytes)
LLC encapsulated PPP
Length (2 bytes) CPCS-PDU CPCS-UU (1 byte)
protocol identification for each PDU CRC (4 bytes) Trailer CPI (1 byte)
Length (2 bytes) CPCS-PDU
CRC (4 bytes) Trailer
HDLC HDLC
PPPoA: remarks PPPoA over ADSL

Avantages:
dissociates the ADSL/ATM provider from the ISP
per-session authentication (PAP and CHAP) HTTP HTTP
user supervision (RADIUS) TCP TCP
per-session billing of users
IP IP IP
overbooking and timed disconnections
PPP PPP ? ?
attribution of an IP address to the client PPPoA
ATM
ATM ATM ATM ? ?
securing access without ATM-level management Internet
Tel Tel OF OF OF OF
ATM signaling too complex: use of PVC
Client DSL Access ATM Switch
VPNs handled by PPP tunnels (no end-to-end PVC) Multiplexer
adaptable to network evolution 111

000
000
111
1 0
ISP
000
111 Server
000
111
aggregation routers (high density of PPP terminations) 000
111 modem DSL
Disadvantages: Telephone Company
one connection per PVC

overall coplexity of the solution (IP, PPP, AAA, ATM...)
1 IP address NPAT limits the applications
HDLC HDLC
PPPoE (PPP Over Ethernet, RFC 2516) PPPoE: discovery messages

Point-to-point over a shared link: Encapsulated in PPPoE frames (Ethertype = 0x8863)
Ethernet has self-configuration: ARP, DHCP. . . Code field:
... but no remote handling, nor AAA 0x09: PADI (PPPoE Active Discovery Initiation) broadcast
Putting in place a point-to-point connection over Ethernet 0x07: PADO (PPPoE Active Discovery Offer) proposition
Ethertype values (with Session id)
0x8863 for discovery frames 0x19: PADR (PPPoE Active Discovery Request) selection
0x8864 for data frames 0x65: PADS (PPPoE Active Discovery Session-confirmation)
payload format for these Ethernet phase: 0xA7: PADT (PPPoE Active Discovery Terminate)
0 4 7 16 bit 31 champ PPPoE payload (TLV avec caracteres codees UTF-8):
Ver Type Code Session id 0 16 bit 31
Length Tag type Tag length
PPPoE payload...
Tag value ...
Ver and Type = 0x01
Code = 0x00 (data) and ... (discovery)
IRC name, name of last mile company, session identifier,
Session id = flow identifier (with MAC addr.)
validation cookie, error type
Length = data length (remove padding)
HDLC HDLC
PPPoE: remarks PPPoE over ADSL

Avantages:
similar to those of PPPoA
per-session authentification (PAP and CHAP) HTTP HTTP
in a LAN-type network type TCP TCP
user monitoring (RADIUS) IP IP IP
billing session users PPP PPP ? ?
overbooking and connections timing out Eth
PPPoE
LLC
Eth/LLC SNAP/LLC over ATM ? ?
uuser without direct access ATM (briding) TP TP ATM ATM ATM ATM
Internet
many connections per PVC Client
Tel Tel OF OF OF OF
giving an IP address to the client DSL Access ATM Switch

ISP
111
000 Multiplexer
000
111
maintain the point-to-point model on a shared medium 000
111
000
111
000
111 Brigde /
Server
modem DSL 1 0
Drawbacks:
LAN technology subject to broadcast bursts Telephone Company
solution complexity (IP, PPP, AAA, ATM, LAN...)

1 IP address NPAT still limits applications
HDLC HDLC
PPP tunnels L2TP: architecture

Example: ADSL access
the ADSL access provider (AAP) manages the link up to an
Carrying PPP frames access concentrator (AC)
L2F (Layer 2 Forwarding) how to reach the Internet service provider (ISP)?
proprietary to Cisco, Northern Telecom, and Shiva AC at the ISP (serving a single ISP)
from a Home Gateway to a Network Access Server the AAP manages IP configuration (delegated by the ISP)
the ISP has access to each AC (too heavy)
PPTP (Point-to-Point Tunneling Protocol) creating of an tunnel from the AC to the ISP
proprietary to Microsoft, 3Com, Ascend, US Robotics, and ECI carrying PPP across the network between the AAP and the
Telematics ISP
from a concentrator to an access server (software)
L2TP (Layer 2 Tunneling Protocol)
LAC Internet LNS
IETF standard Telecom
IP ISP
PPP
L2TP
L2TP Acces Concentrator L2TP Network Server
HDLC HDLC
L2TP (Layer 2 Tunneling Protocol, RFC 2661) ADSL and L2TP

Two communication channels:
Control Channel: exchange of tunnel control messages,
HTTP HTTP
with a dedicated reliability and flow control protocol TCP TCP
Data Channel: PPP frames encapsulated in unreliable, IP IP IP
unsecured L2TP messages PPP PPP PPP ? ?
telecom networks (ATM, FR...) Eth
PPPoE
LLC L2TP L2TP
Eth/LLC SNAP/LLC over ATM ? ?
Internet (UDP port 1702)
TP TP ATM ATM ATM UDP UDP
Client
+----------------------------+ Tel Tel OF OF IP IP
ISP
| PPP Frames | DSL Access ? ?
000
111
111
000 Multiplexer
+----------------------------+ +---------------------------------+ 000
111 Server
000
111
000
111 Brigde / ? ?
modem DSL
| L2TP Data Messages | | L2TP Control Messages | Internet
+----------------------------+ +---------------------------------+
Telephone Company 1 0
1 0
| L2TP Data Channel (unrel.) | | L2TP Control Channel (reliable) |

+-----------------------------------------------------------------+
| Packet Transport (UDP, FR, ATM, etc.) |
+-----------------------------------------------------------------+
HDLC
Ethernet architecture
Point-to-point architecture
PPP: usages
VPN (Virtual Private Network)
Virtual links between several entities

inexpensive private networks (shared infrastructure)
generally Internet
can carry other protocols
can concatenate several technologies (ATM-TCP/IP. . . )
based on tunnels between different endpoints
no network access
isolated machine
security
IPSEC U.E. ING
Olivier Fourmaux (olivier.fourmaux@upmc.fr) Computer Networks (ComNet) 5/5 : Data link and physical layers

AResC63-2013 en PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AResC63-2013 en PDF

Uploaded by

Copyright:

Available Formats

Master Informatique de lUniversite Pierre & Marie Curie

... ... ...

Olivier Fourmaux & Timur Friedman

ComNet: course 1/5 outline

Course presentation Course objectives Course presentation Course objectives

ComNet: course 1/5 outline Reinforce your understanding of networking

Understand fundamental technologies Basis for further courses in networking

Course presentation Course objectives Course presentation Course objectives

Course content Labs

Part 5/5 Link: Switched Ethernet, Routeur

... point-to-point, local loop. PC 1U "client"

Lab schedule (tentative) Course organization

week content lab 13 weeks, within which. . .

Course presentation Course objectives Course presentation Course objectives

Networking testbed for the labs Supporting traces and documents

Network traffic traces, on which to test your knowledge

Bibliography ComNet: course 1/5 outline

James F. Kurose, Keith W. Ross 1 Course presentation

Course presentation Course presentation

Tentative schedule for 2013-2014 Weekly schedule

dates lecture lab comments

Exam details Calculating the grade for the course

Course presentation Course presentation Network components

Final grade adjustments ComNet: course 1/5 outline

The environment we discuss in this lecture Internet components

omnipresent ... ... ... communications links

Course presentation Network components Course presentation Network components

Protocols: analogy Protocol: definition

Application services Network services

Applications are based on two types of services:

Course presentation Network components Course presentation Network components

Quality of service Internet standardisation

Qualite de Service (QoS) in the Internet

multimedia applications must adapt to the uncertain

Some websites ComNet: course 1/5 outline

ISOC (Internet SOCiety), http://www.isoc.org/ 1 Course presentation

Course presentation Network components Course presentation Network components

Network edge Network edge (abstraction)

Distributed applications Application protocols

Heterogeneous environment standardised interactions

Course presentation Network components Course presentation Network components

End-to-end services Impact of end-to-end control

connectionless service 300.0000

Part 3/5: Transport

Inside the network Communication links

Course presentation Network components Course presentation Network components

Data forwarding Virtual circuit transmission

pictures from Tanenbaum A. S. Computer Networks 3rd edition

Message transmission Datagram transmission

Course presentation Network components Course presentation Network components

Comparing the three types of transmission Delay recap

(a) (b) (c)

pictures from Tanenbaum A. S. Computer Networks 3rd edition

Internet addressing Routing mechanisms

Course presentation Network components Course presentation Network components

Routing in the Internet Network core

... ... ...

Ethernet technology MPLS technology

1 Gbps CiscoSystems Cisco 7000 SERIES

Ethernet CiscoSystems Cisco 7000 SERIES

LAN evolution towards the WAN with Fast Ethernet, Gigabit

Course presentation Network components Course presentation Network components

Point-to-point technology Access networks