Mobile Computing Lab. Computer Network 2009/Fall 1 Gihwan Cho Computer Networks 2009/Fall Division of Computer Science & Engineering Chonbuk University.

Mobile Computing Lab. Computer Network 2009/Fall 1 Gihwan Cho Computer Networks 2009/Fall Division of Computer Science & Engineering Chonbuk University

Mobile Computing Lab. Computer Network 2009/Fall 2 Gihwan Cho Lecture Topic I Overall Introduction Dream as if you will live forever Live as if you will die today Never too late! Movie “ The bucket list”

Mobile Computing Lab. Computer Network 2009/Fall 3 Gihwan Cho Chapter 1 : Data Communications & Networking Overview  Simplified communications model

Mobile Computing Lab. Computer Network 2009/Fall 4 Gihwan Cho Key Communications Tasks  Transmission system utilization  Interfacing  Signal generation  Synchronization  Exchange management  Error detection and correction  Addressing and routing  Recovery  Message formatting  Security  Network management

Mobile Computing Lab. Computer Network 2009/Fall 5 Gihwan Cho Simplified Data Communications Model

Mobile Computing Lab. Computer Network 2009/Fall 6 Gihwan Cho Why Data Networking  Background growth of number & power of computers is driving need for interconnection also seeing rapid integration of voice, data, image & video technologies  Point to point communication not usually practical devices are too far apart large set of devices would need impractical number of connections  Solution is a communications network Wide Area Network (WAN) Local Area Network (LAN)

Mobile Computing Lab. Computer Network 2009/Fall 7 Gihwan Cho Simplified Network Model Source Trans- mitter Trans- mission System Receiver Destination Local area network Wide-area network Source SystemDestination System Switching node

Mobile Computing Lab. Computer Network 2009/Fall 8 Gihwan Cho Chapter 2 : Protocol Architecture  Protocol Architectures and Networks

Mobile Computing Lab. Computer Network 2009/Fall 9 Gihwan Cho Operation of a Protocol Architecture

Mobile Computing Lab. Computer Network 2009/Fall 10 Gihwan Cho Standardized Protocol Architectures  Required for devices to communicate  Vendors have more marketable products  Customers can insist on standards based equipment  Two standards: OSI reference model  never lived up to early promises TCP/IP protocol suite  most widely used  Also: IBM Systems Network Architecture (SNA)

Mobile Computing Lab. Computer Network 2009/Fall 11 Gihwan Cho Layered Model

Mobile Computing Lab. Computer Network 2009/Fall 12 Gihwan Cho The OSI Environment

Mobile Computing Lab. Computer Network 2009/Fall 13 Gihwan Cho TCP/IP Protocol Architecture  Dominant commercial (Internet) protocol architecture specified and extensively used before OSI developed by research funded US department of defense  No official model but a working one application layer  communication between processes or applications end to end or transport layer (TCP/UDP/ … )  end to end transfer of data Internet layer (IP)  addressing, and routing of data network layer  logical interface between end system and network physical layer  transmission medium, signal rate and encoding

Mobile Computing Lab. Computer Network 2009/Fall 14 Gihwan Cho PDUs in TCP/IP

Mobile Computing Lab. Computer Network 2009/Fall 15 Gihwan Cho Some Protocols in TCP/IP Suite

Mobile Computing Lab. Computer Network 2009/Fall 16 Gihwan Cho Lecture Topic III Wide Area Networks 사자는 사냥감이 토끼냐 말이냐에 따라서 사냥방법을 달리하지 않는다. 단지 최선을 다할 뿐이다.

Mobile Computing Lab. Computer Network 2009/Fall 17 Gihwan Cho Chapter 10 : Circuit Switching & Packet Switching  Simple switched network

Mobile Computing Lab. Computer Network 2009/Fall 18 Gihwan Cho Nodes  Long distance transmission is typically done over a network of switched nodes a collection of nodes and connections is a communication network data routed by being switched from node to node  Nodes nodes may connect to other nodes only, or to stations and other nodes network is usually partially connected  some redundant connections are desirable have two different switching technologies  circuit switching  packet switching

Mobile Computing Lab. Computer Network 2009/Fall 19 Gihwan Cho Circuit Switching  Uses a dedicated path between two stations  Has three phases establish transfer disconnect  Inefficient channel capacity dedicated for duration of connection if no data, capacity wasted  Set up (connection) takes time  Once connected, transfer is transparent developed for voice traffic (phone)

Mobile Computing Lab. Computer Network 2009/Fall 20 Gihwan Cho Public Circuit Switched Network

Mobile Computing Lab. Computer Network 2009/Fall 21 Gihwan Cho Telecommunications Components  Subscriber devices attached to network  Local loop subscriber loop connection to network twist-pair wire  Exchange switching centers end office - supports subscribers  Trunks branches between exchanges multiplexed

Mobile Computing Lab. Computer Network 2009/Fall 22 Gihwan Cho Circuit Switch Elements  Circuit establishment  Circuit switch elements

Mobile Computing Lab. Computer Network 2009/Fall 23 Gihwan Cho Blocking or Non-blocking  Blocking may be unable to connect stations because all paths are in use used on voice systems  short duration calls  Non-blocking permits all stations to connect (in pairs) at once used for some data connections

Mobile Computing Lab. Computer Network 2009/Fall 24 Gihwan Cho Space Division Switching  Developed for analog environment  Separate physical paths  Crossbar switch number of crosspoints grows as square of number of stations loss of crosspoint prevents connection inefficient use of crosspoints  all stations connected, only a few crosspoints in use  Multistage switch reduced number of crosspoints more than one path through network  increased reliability more complex control may be blocking

Mobile Computing Lab. Computer Network 2009/Fall 25 Gihwan Cho Crossbar Matrix

Mobile Computing Lab. Computer Network 2009/Fall 26 Gihwan Cho Three Stage Switch

Mobile Computing Lab. Computer Network 2009/Fall 27 Gihwan Cho Time Division Switching  Modern digital systems rely on intelligent control of space and time division elements  Use digital time division techniques to set up and maintain virtual circuits  Partition low speed bit stream into pieces that share higher speed stream  Individual pieces manipulated by control logic to flow from input to output

Mobile Computing Lab. Computer Network 2009/Fall 28 Gihwan Cho Packet Switching  Circuit switching was designed for voice  Packet switching was designed for data  Transmitted in small packets  Packets contains user data and control info user data may be part of a larger message control info includes routing (addressing) info  Packets are received, stored briefly (buffered) and past on to the next node

Mobile Computing Lab. Computer Network 2009/Fall 29 Gihwan Cho Advantages  Line efficiency dynamic sharing of link by many packets over time packets queued and transmitted as fast as possible  Data rate conversion each station connects to the local node at proper speed nodes buffer data if required to equalize rates  No blocking of calls packets are accepted even when network is busy delivery may slow down - delivery delay increases  Priorities can be used

Mobile Computing Lab. Computer Network 2009/Fall 30 Gihwan Cho Switching Technique  Station breaks long message into packets  Packets sent one at a time to the network  Packets handled in two ways datagram virtual circuit

Mobile Computing Lab. Computer Network 2009/Fall 31 Gihwan Cho Datagram Diagram

Mobile Computing Lab. Computer Network 2009/Fall 32 Gihwan Cho Virtual Circuit Diagram

Mobile Computing Lab. Computer Network 2009/Fall 33 Gihwan Cho Virtual Circuits vs. Datagram  Virtual circuits network can provide sequencing and error control packets are forwarded more quickly  no routing decisions to make less reliable  failure of a node lose all circuits through that node  Datagram no call setup phase  better if few packets more flexible  routing can be used to avoid congested parts of the network more reliable  if a node fails, find an alternate route

Mobile Computing Lab. Computer Network 2009/Fall 34 Gihwan Cho Packet Size

Mobile Computing Lab. Computer Network 2009/Fall 35 Gihwan Cho Circuit vs. Packet Switching

Mobile Computing Lab. Computer Network 2009/Fall 36 Gihwan Cho X.25 (I)  ITU-T standard for interface between an attached device and a packet switched network it is a traditional packet switched networks  Defines three layers physical link packet

Mobile Computing Lab. Computer Network 2009/Fall 37 Gihwan Cho X.25 (II)  Physical interface between DTE and DCE physical layer specification is X.21 can substitute alternative such as EIA-232  Link Link Access Protocol Balanced (LAPB) as a subset of HDLC  Packet provides a logical connections (virtual circuit) between subscribers all data in this connection form a single stream between the end stations established on demand

Mobile Computing Lab. Computer Network 2009/Fall 38 Gihwan Cho X.25 (III)  Use of virtual circuits

Mobile Computing Lab. Computer Network 2009/Fall 39 Gihwan Cho Issues with X.25  Key features include call control packets, in band signaling multiplexing of virtual circuits at layer 3 layers 2 and 3 include flow and error control  So, it has considerable overhead not appropriate for modern digital systems with high reliability  Frame relay designed to eliminate most X.25 overhead

Mobile Computing Lab. Computer Network 2009/Fall 40 Gihwan Cho Frame Relay  Key differences are call control carried in separate logical connection multiplexing and switching at layer 2 no hop by hop error or flow control, hence end to end flow and error control (if used) are done by higher layer  It can be used for access speeds up to and over 2Mbps  With frame relay not protected by flow or error control uses separate connection for call control overall results in significantly less work in network  Replaced with a much matured standard, ATM

Mobile Computing Lab. Computer Network 2009/Fall 41 Gihwan Cho Chapter 11 : Asynchronous Transfer Mode  Similarities between ATM and packet switching transfer of data in discrete chunks multiple logical connections over single physical interface  In ATM flow on each logical connection is in fixed sized packets called cells  Minimal error and flow control reduced overhead  Data rates (physical layer) 622.08Mbps 155.52Mbps 51.84Mbps 25.6Mbps

Mobile Computing Lab. Computer Network 2009/Fall 42 Gihwan Cho Protocol Architecture

Mobile Computing Lab. Computer Network 2009/Fall 43 Gihwan Cho Reference Model Planes  User plane provides for user information transfer  Control plane call and connection control  Management plane plane management  whole system functions layer management  resources and parameters in protocol entities

Mobile Computing Lab. Computer Network 2009/Fall 44 Gihwan Cho ATM Logical Connections  Virtual channel connections (VCC) analogous to virtual circuit in X.25 basic unit of switching between two end users full duplex flow of fixed size cells data, user-network exchange (control) and network-network exchange (network management and routing)  Virtual path connection (VPC) bundle of VCC with same end points reduce the control cost by grouping connections sharing common paths into a single unit

Mobile Computing Lab. Computer Network 2009/Fall 45 Gihwan Cho ATM Connection Relationships  VPC : bundle of VCC with same end points  Advantages of virtual paths simplified network architecture increased network performance and reliability reduced processing short connection setup time enhanced network services

Mobile Computing Lab. Computer Network 2009/Fall 46 Gihwan Cho ATM Cells  Fixed size 5 octet header 48 octet information field  Small cells reduce queuing delay for high priority cells  Small cells can be switched more efficiently  Easier to implement switching of small cells in hardware

Mobile Computing Lab. Computer Network 2009/Fall 47 Gihwan Cho ATM Cell Format

Mobile Computing Lab. Computer Network 2009/Fall 48 Gihwan Cho ATM Adaptation Layer  Support for information transfer protocol not based on ATM  PCM (voice) assemble bits into cells re-assemble into constant flow  IP (Internet Protocol) map fragmented IP packets onto ATM cells use LAPF (Link Access Procedure for Frame-Mode Bearer Services) over ATM to retain all IP infrastructure  Issues with ATM currently, most users are used to make use of TCP/IP it is well known the adaptation overhead is too high even, TCP/IP never utilizes the good features of ATM so, ATM is getting to be disappeared from the early 2000’s

Mobile Computing Lab. Computer Network 2009/Fall 49 Gihwan Cho Chapter 12 : Routing in Switched Network  Many connections will need paths through more than one switch  Need to find a route efficiency resilience  Public telephone switches are a tree structure static routing uses the same approach all the time  Dynamic routing allows for changes in routing depending on traffic situations uses a peer structure for nodes

Mobile Computing Lab. Computer Network 2009/Fall 50 Gihwan Cho Routing in Packet Switched Network  Complex, crucial aspect of packet switched networks  Characteristics required correctness simplicity robustness stability fairness optimality efficiency

Mobile Computing Lab. Computer Network 2009/Fall 51 Gihwan Cho Performance Criteria  Used for selection of route  Approach for the optimum route minimum-hop (least number of nodes) least-cost(more common)  the higher data rate, the lower the cost  the lower delay, the lower the cost least-cost algorithms  Dijkstra ’ s algorithm  Bellman-Ford algorithm

Mobile Computing Lab. Computer Network 2009/Fall 52 Gihwan Cho Example Packet Switched Network

Mobile Computing Lab. Computer Network 2009/Fall 53 Gihwan Cho Decision Time and Place  Time packet or virtual circuit basis  Place distributed routing  made by each node centralized routing  made by some designated node  network control center source routing  made by source station  allows the user to dictate a route

Mobile Computing Lab. Computer Network 2009/Fall 54 Gihwan Cho Network Information Source and Update Timing  Routing decisions usually based on knowledge of network (not always)  Distributed routing nodes use local knowledge, i.e., the cost of outgoing link may collect information from adjacent nodes  Central routing collect information from all nodes  Update timing when network information is used, updated fixed routing : never updated, simple, not sensible adaptive routing : regular updates, more overload

Mobile Computing Lab. Computer Network 2009/Fall 55 Gihwan Cho Routing Strategies (I)  Fixed routing single permanent route for each source to destination pair determine routes using a least cost algorithm route fixed, at least until a change in network topology no difference between routing for datagram and virtual circuits simplicity reliable network with a stable load lack of flexibility  dose not react to network congestion or failures

Mobile Computing Lab. Computer Network 2009/Fall 56 Gihwan Cho Fixed Routing Tables 5 2

Mobile Computing Lab. Computer Network 2009/Fall 57 Gihwan Cho Routing Strategies (II)  Flooding no network information required packet sent to every neighbor incoming packets retransmitted on every link except incoming link eventually a number of copies will arrive at destination nodes can remember packets already forwarded to keep network load in bounds each packet is uniquely numbered so duplicates can be discarded include a hop count in packets  each time a node passes on a packet, decrements the count by one  count reaches zero, the packet is discarded

Mobile Computing Lab. Computer Network 2009/Fall 58 Gihwan Cho Flooding Example

Mobile Computing Lab. Computer Network 2009/Fall 59 Gihwan Cho Properties and Disadvantage  All possible routes are tried very robust, military network  At least one packet will have taken minimum hop count route can be used to set up virtual circuit  All nodes are visited useful to distribute information  High traffic load

Mobile Computing Lab. Computer Network 2009/Fall 60 Gihwan Cho  Random Routing node selects one outgoing path for retransmission of incoming packet selection can be random or round robin can select outgoing path based on probability calculation (based on data rate) no network info needed route is typically not least cost nor minimum hop Routing Strategies (III)

Mobile Computing Lab. Computer Network 2009/Fall 61 Gihwan Cho  Adaptive routing used by almost all packet switching networks routing decisions change as conditions on the network change due to failure or congestion requires information about network disadvantages  decisions more complex  tradeoff between quality of network info and overhead  reacting too quickly can cause oscillation  reacting too slowly means info may be irrelevant advantages  improved performance  aid congestion control  due to its complexity, it may not realize theoretical benefits Routing Strategies (IV)

Mobile Computing Lab. Computer Network 2009/Fall 62 Gihwan Cho ARPANET Routing Evolution (I)  1st generation : 1969 distributed adaptive using estimated delay, such as queue length use Bellman-ford algorithm  doesn ’ t consider line speed, just queue length  queue length not a good measurement of delay  responds slowly to congestion  2 nd generation : 1979 distributed adaptive using measured delay, such as timestamps of arrival, departure & ACK times re-computes average delays every 10secs any changes are flooded to all other nodes use Dijkstra’s algorithm  good under light, medium loads, but under heavy loads, little correlation between reported delays and those experienced

Mobile Computing Lab. Computer Network 2009/Fall 63 Gihwan Cho ARPANET Routing Evolution (II)  3 rd generation : 1987 link cost calculations changed  to damp routing oscillations  and reduce routing overhead measure average delay over last 10 secs and transform into link utilization estimate normalize this based on current value and previous results set link cost as function of average utilization

Mobile Computing Lab. Computer Network 2009/Fall 64 Gihwan Cho Least Cost Algorithms  Basis for routing decisions can minimize hop with each link cost 1 can have link value inversely proportional to capacity  Given network of nodes connected by bi-directional links each link has a cost in each direction  Define cost of path between two nodes as sum of costs of links traversed  For each pair of nodes, find path with least cost nb. link costs in different directions may be different  Alternatives: Dijkstra or Bellman-Ford algorithms

Mobile Computing Lab. Computer Network 2009/Fall 65 Gihwan Cho Dijkstra’s Algorithm Definitions  Find shortest paths from given source node to all other nodes, by developing paths in order of increasing path length N = set of nodes in the network s = source node T = set of nodes so far incorporated by the algorithm  w(i, j) = link cost from node i to node j w(i, i) = 0 w(i, j) =  if the two nodes are not directly connected w(i, j)  0 if the two nodes are directly connected  L(n) = cost of least-cost path from node s to node n currently known at termination, L(n) is cost of least-cost path from s to n

Mobile Computing Lab. Computer Network 2009/Fall 66 Gihwan Cho Dijkstra’s Algorithm Method  Step 1 [initialization] T = {s} set of nodes so far incorporated consists of only source node L(n) = w(s, n) for n ≠ s initial path costs to neighboring nodes are simply link costs  Step 2 [get next node] find neighboring node not in T with least-cost path from s incorporate node into T also incorporate the edge that is incident on that node and a node in T that contributes to the path  Step 3 [update least-cost paths] L(n) = min[L(n), L(x) + w(x, n)] for all n  T if latter term is minimum, path from s to n is path from s to x concatenated with edge from x to n  Algorithm terminates when all nodes have been added to T

Mobile Computing Lab. Computer Network 2009/Fall 67 Gihwan Cho Example of Dijkstra’s Algorithm

Mobile Computing Lab. Computer Network 2009/Fall 68 Gihwan Cho Results of Example Dijkstra’s Algorithm IterationTL(2)PathL(3)PathL(4)PathL(5)PathL(6)Path 1{1}2 1–21–2 51-31 1–41–4  -  - 2{1,4}2 1–21–2 41-4-31 1–41–4 2 1-4 – 5  - 3{1, 2, 4}2 1–21–2 41-4-31 1–41–4 2 1-4 – 5  - 4{1, 2, 4, 5} 2 1–21–2 3 1-4-5 – 3 1 1–41–4 2 1-4 – 5 4 1-4-5 – 6 5{1, 2, 3, 4, 5} 2 1–21–2 3 1-4-5 – 3 1 1–41–4 2 1-4 – 5 4 1-4-5 – 6 6{1, 2, 3, 4, 5, 6} 21-231-4-5-311-42 1-4 – 5 41-4-5-6

Mobile Computing Lab. Computer Network 2009/Fall 69 Gihwan Cho Bellman-Ford Algorithm Definitions  Idea find shortest paths from given node subject to constraint that paths contain at most one link find the shortest paths with a constraint of paths of at most two links …  s =source node  w(i, j) = link cost from node i to node j w(i, i) = 0 w(i, j) =  if the two nodes are not directly connected w(i, j)  0 if the two nodes are directly connected  L h (n) = cost of least-cost path from s to n under constraint of no more than h links h = maximum # of links in path at current stage of the algorithm

Mobile Computing Lab. Computer Network 2009/Fall 70 Gihwan Cho Bellman-Ford Algorithm Method  Step 1 [initialization] L 0 (n) = , for all n  s L h (s) = 0, for all h  Step 2 [update] for each successive h  0, n ≠ s  compute L h+1 (n)= min j [L h (j)+w(j,n)] connect n with predecessor node j that achieves minimum eliminate any connection of n with different predecessor node formed during an earlier iteration path from s to n terminates with link from j to n

Mobile Computing Lab. Computer Network 2009/Fall 71 Gihwan Cho Example of Bellman-Ford Algorithm

Mobile Computing Lab. Computer Network 2009/Fall 72 Gihwan Cho Results of Bellman-Ford Example hL h (2)PathL h (3)PathL h (4)PathL h (5)PathL h (6)Path 0  -  -  -  -  - 121-251-311-4  -  - 221-241-4-311-421-4-5101-3-6 321-231-4-5-311-421-4-541-4-5-6 421-231-4-5-311-421-4-541-4-5-6

Mobile Computing Lab. Computer Network 2009/Fall 73 Gihwan Cho Comparison  Results from two algorithms agree  Information gathered Bellman-Ford  calculation for node n involves knowledge of link cost to all neighboring nodes plus total cost to each neighbor from s  each node can maintain set of costs and paths for other node  can exchange information with direct neighbors  can update costs and paths based on information from neighbors and knowledge of link costs Dijkstra  each node needs complete topology  must know link costs of all links in network  must exchange information with all other nodes

Mobile Computing Lab. Computer Network 2009/Fall 74 Gihwan Cho Evaluation  Dependent on processing time of algorithms amount of information required from other nodes  Implementation specific  Both converge under static topology and costs  Converge to same solution  If link costs change, algorithms will attempt to catch up  If link costs depend on traffic, which depends on routes chosen, then feedback may result in instability

Mobile Computing Lab. Computer Network 2009/Fall 75 Gihwan Cho Chapter 13 : Congestion Control in Data Networks  Congestion occurs when the number of packets being transmitted through the network approaches the packet handling capacity of the network  Congestion control aims to keep number of packets below level at which performance falls off dramatically  Data network is a network of queues  Generally 80% utilization is critical  Finite queues mean data may be lost

Mobile Computing Lab. Computer Network 2009/Fall 76 Gihwan Cho Effects of Congestion  Packets arriving are stored at input buffers  Routing decision made  Packet moves to output buffer  Packets queued for output transmitted as fast as possible statistical time division multiplexing  If packets arrive to fast to be routed, or to be output, buffers will fill  Can discard packets  Can use flow control can propagate congestion through network

Mobile Computing Lab. Computer Network 2009/Fall 77 Gihwan Cho Interaction of Queues

Mobile Computing Lab. Computer Network 2009/Fall 78 Gihwan Cho Ideal vs. Practical Performance  Practical performance ideal assumes infinite buffers and no overhead buffers are finite overheads occur in exchanging congestion control messages

Mobile Computing Lab. Computer Network 2009/Fall 79 Gihwan Cho Effects of Congestion - No Control

Mobile Computing Lab. Computer Network 2009/Fall 80 Gihwan Cho Mechanisms for Congestion Control

Mobile Computing Lab. Computer Network 2009/Fall 81 Gihwan Cho Backpressure  If a node becomes congested it can slow down or halt flow of packets from other nodes may mean that other nodes have to apply control on incoming packet rates propagates back to source  Can restrict to logical connections generating most traffic  Used in connection oriented that allow hop by hop congestion control (e.g. X.25)  Not used in ATM nor frame relay  Only recently developed for IP

Mobile Computing Lab. Computer Network 2009/Fall 82 Gihwan Cho Choke Packet  Control packet generated at congested node sent to source node e.g. ICMP source quench  from router or destination  source cuts back until no more source quench message  sent for every discarded packet, or anticipated  Rather crude mechanism

Mobile Computing Lab. Computer Network 2009/Fall 83 Gihwan Cho Congestion Signaling  Implicit congestion signaling transmission delay may increase with congestion packet may be discarded source can detect these as implicit indications of congestion useful on connectionless (datagram) networks used in frame relay LAPF  Explicit congestion signaling network alerts end systems of increasing congestion end systems take steps to reduce offered load backwards  congestion avoidance in opposite direction to packet required forwards  congestion avoidance in same direction as packet required

Mobile Computing Lab. Computer Network 2009/Fall 84 Gihwan Cho Categories of Explicit Signaling  Binary a bit set in a packet indicates congestion  Credit based indicates how many packets source may send common for end to end flow control  Rate based supply explicit data rate limit e.g. ATM

Mobile Computing Lab. Computer Network 2009/Fall 85 Gihwan Cho Traffic Management  Fairness provide equal treatment of various flows  Quality of service different treatment for different connections  Reservations traffic contract between user and network carry best-effort or discard excess traffic

Mobile Computing Lab. Computer Network 2009/Fall 86 Gihwan Cho Congestion Control in Packet Switched Networks  Send control packet to some or all source nodes requires additional traffic during congestion  Rely on routing information may react too quickly  End to end probe packets adds to overhead  Add congestion info to packets as they cross nodes either backwards or forwards

Mobile Computing Lab. Computer Network 2009/Fall 87 Gihwan Cho Capter14 : Cellular Wireless Networks  Key technology for mobiles, wireless nets etc  Developed to increase mobile phone capacity  Based on multiple low power transmitters  Area divided into cells in a tiling pattern to provide full coverage each with own antenna each with own range of frequencies served by base station adjacent cells use different frequencies to avoid crosstalk

Mobile Computing Lab. Computer Network 2009/Fall 88 Gihwan Cho Cellular Network Organization  Multiple low power transmitters 100w or less  Area divided into cells each with own antenna each with own range of frequencies served by base station  transmitter, receiver, control unit adjacent cells on different frequencies to avoid crosstalk

Mobile Computing Lab. Computer Network 2009/Fall 89 Gihwan Cho Shape of Cells  Square width d cell has 4 neighbors at distance d and 4 at distance d better if all adjacent antennas equidistant  simplifies choosing and switching to new antenna  Hexagon provides equidistant antennas radius defined as radius of circum-circle  distance from center to vertex equals length of side distance between centers of cells radius R is R not always precise hexagons  topographical limitations  local signal propagation conditions  location of antennas

Mobile Computing Lab. Computer Network 2009/Fall 90 Gihwan Cho Cellular Geometries

Mobile Computing Lab. Computer Network 2009/Fall 91 Gihwan Cho Frequency Reuse (I)  Must manage reuse of frequencies  Power of base transceiver controlled allow communications within cell on given frequency limit escaping power to adjacent cells allow re-use of frequencies in nearby cells typically 10 – 50 frequencies per cell example for Advanced Mobile Phone Service (AMPS)  N cells all using same number of frequencies  K total number of frequencies used in systems  each cell has K/N frequencies  K=395, N=7 giving 57 frequencies per cell on average

Mobile Computing Lab. Computer Network 2009/Fall 92 Gihwan Cho  Pattern Frequency Reuse (II)

Mobile Computing Lab. Computer Network 2009/Fall 93 Gihwan Cho Increasing Capacity  Add new channels not all channels used to start with  Frequency borrowing taken from adjacent cells by congested cells  Cell splitting use smaller cells in high use areas  cell sectoring cell divided into wedge shaped sectors (3–6 per cell) directional antennas  microcells use reduced power to cover a much smaller area

Mobile Computing Lab. Computer Network 2009/Fall 94 Gihwan Cho Call Stages

Mobile Computing Lab. Computer Network 2009/Fall 95 Gihwan Cho Lecture Topic V Internet and Transport Protocols The fundamental problem of communication is that of reproducing at one point either exactly or approximately a message selected at another point the mathematical theory of communication, Claude Shannon

Mobile Computing Lab. Computer Network 2009/Fall 96 Gihwan Cho Chapter 18 : Internetwork Protocols  Protocol functions have a small set of functions that form basis of all protocols encapsulation fragmentation and reassembly connection control ordered delivery flow control error control addressing multiplexing transmission services

Mobile Computing Lab. Computer Network 2009/Fall 97 Gihwan Cho Encapsulation  Data usually transferred in blocks protocol data units (PDUs) each PDU contains data and control information some PDUs only control  Three categories of control address of sender and/or receiver error-detecting code, e.g. frame check sequence protocol control  additional information to implement protocol functions  Addition of control information to data is encapsulation  Data accepted or generated by entity and encapsulated into PDU containing data plus control information

Mobile Computing Lab. Computer Network 2009/Fall 98 Gihwan Cho Fragmentation and Reassembly (Segmentation – OSI)  Exchange data between two entities  Lower-level protocols may need to break data up into smaller blocks, so it is called fragmentation  For various reasons network only accepts blocks of a certain size, such as ATM 53 octets, Ethernet 1526 octets more efficient error control & smaller retransmission units fairer access to shared facilities smaller buffers

Mobile Computing Lab. Computer Network 2009/Fall 99 Gihwan Cho Disadvantages of Fragmentation  Make PDUs as large as possible because PDU contains some control information smaller block, larger overhead  PDU arrival generates interrupt smaller blocks, more interrupts  More time processing smaller, more numerous PDUs  Reassembly segmented data must be reassembled into messages more complex if PDUs out of order

Mobile Computing Lab. Computer Network 2009/Fall 100 Gihwan Cho PDUS and Fragmentation

Mobile Computing Lab. Computer Network 2009/Fall 101 Gihwan Cho Connection Control  Connectionless data transfer each PDU treated independently, e.g. datagram  Connection-oriented data transfer involves a logical association, or connection, established between entities preferred (even required) for lengthy data exchange or if protocol details are worked out dynamically  Three phases occur for connection-oriented connection establishment data transfer connection termination may be interrupt and recovery phases to handle errors

Mobile Computing Lab. Computer Network 2009/Fall 102 Gihwan Cho Phases of Connection Oriented Transfer

Mobile Computing Lab. Computer Network 2009/Fall 103 Gihwan Cho Connection Establishment  Entities agree to exchange data  Typically, one station issues connection request in connectionless fashion  Receiving entity accepts or rejects (simple)  May include negotiation  Syntax, semantics, and timing  Both entities must use same protocol  May allow optional features  Must be agreed e.g. protocol may specify max PDU size 8000 octets; one station may wish to restrict to 1000 octets

Mobile Computing Lab. Computer Network 2009/Fall 104 Gihwan Cho Data Transfer and Termination  Both data and control information exchanged e.g. flow control, error control  Data flow and acknowledgements may be in one or both directions  One side may send termination request  Or central authority might terminate

Mobile Computing Lab. Computer Network 2009/Fall 105 Gihwan Cho Sequencing  Many connection-oriented protocols use sequencing e.g. HDLC, IEEE 802.11  All connection-oriented protocols include some way of identifying connection unique connection identifier combination of source and destination addresses  PDUs numbered sequentially each side keeps track of outgoing and incoming numbers  Supports three main functions ordered delivery flow control error control

Mobile Computing Lab. Computer Network 2009/Fall 106 Gihwan Cho Ordered Delivery  PDUs may arrive out of order different paths through network  PDU order must be maintained so, number PDUs sequentially  Easy to reorder received PDUs  Use finite sequence number field numbers repeat modulo maximum number maximum sequence number greater than maximum number of PDUs that could be outstanding in fact, maximum number may need to be twice maximum number of PDUs that could be outstanding  e.g. selective-repeat ARQ

Mobile Computing Lab. Computer Network 2009/Fall 107 Gihwan Cho Flow Control  receiving entity limits amount / rate of data sent  simplest protocol is stop-and-wait  more efficient protocols use concept of credit amount of data sent without acknowledgment  Must be implemented in several protocols network traffic control buffer space application overflow  e.g. waiting for disk access

Mobile Computing Lab. Computer Network 2009/Fall 108 Gihwan Cho Error Control  To guard against loss or damage  Implemented as separate error detection and retransmission functions sender inserts error-detecting code in PDU receiver checks code on incoming PDU if error, discard if transmitter doesn’t get acknowledgment in reasonable time, retransmit  Can use an error-correction code enables receiver to detect and possibly correct errors  Performed at various protocol layers

Mobile Computing Lab. Computer Network 2009/Fall 109 Gihwan Cho TCP/IP Concepts : for Addressing

Mobile Computing Lab. Computer Network 2009/Fall 110 Gihwan Cho Addressing Level  Level in comm. architecture at which entity is named  Have unique address for each end system e.g., server and each intermediate system, e.g., router  Network-level address to route PDU through network IP address or internet address OSI - network service access point (NSAP)  At destination data must routed to some process each process assigned an identifier TCP/IP port service access point (SAP) in OSI

Mobile Computing Lab. Computer Network 2009/Fall 111 Gihwan Cho Addressing Scope  Global address which identifies unique system unambiguous synonyms permitted system may have more than one global address global applicability enables internet to route data between any two systems  Need unique address for each interface on network MAC address on IEEE 802 network and ATM host address enables network to route data units through network  Only relevant for network-level addresses  Port or SAP above network level is unique within system

Mobile Computing Lab. Computer Network 2009/Fall 112 Gihwan Cho Connection Identifiers  Used by both entities for future transmissions  Reduced overhead generally shorter than global identifiers  Routing connection identifier identifies route to intermediate systems  Multiplexing entity may wish more than one connection simultaneously PDUs must be identified by connection identifier  Once connection established, end systems can maintain state information about connection flow and error control using sequence numbers

Mobile Computing Lab. Computer Network 2009/Fall 113 Gihwan Cho Addressing Mode  Usually address refers to single system or port individual or unicast address  Address can refer to more than one entity or port multiple simultaneous recipients for data broadcast for all entities within domain multicast for specific subset of entities

Mobile Computing Lab. Computer Network 2009/Fall 114 Gihwan Cho Multiplexing  Multiple connections into single system e.g. frame relay, can have multiple data link connections terminating in single end system e.g. multiple TCP connections to given system  Upward multiplexing have multiple higher level connections over a single lower level connection  Downward multiplexing have single higher level connection built on multiple lower level connections

Mobile Computing Lab. Computer Network 2009/Fall 115 Gihwan Cho Transmission Services  Protocol may provide additional services to entities, as priority  connection basis  on message basis quality of service  e.g. minimum throughput or maximum delay threshold security  security mechanisms, restricting access  These services depend on underlying transmission system and lower-level entities

Mobile Computing Lab. Computer Network 2009/Fall 116 Gihwan Cho Internetworking Terms (I)  Communications network facility that provides data transfer service  An internet collection of communications networks interconnected by bridges and/or routers  The Internet (note upper case I) the global collection of thousands of individual machines and networks  Intranet corporate internet operating within the organization uses Internet (TCP/IP and http) technology to deliver documents and resources

Mobile Computing Lab. Computer Network 2009/Fall 117 Gihwan Cho Internetworking Terms (II)  End System (ES) device attached to one of the networks of an internet supports end-user applications or services  Intermediate System (IS) device used to connect two networks permits comm. between end systems attached to different networks  Bridge : OSI layer 2 (data link) IS used to connect two LANs using similar LAN protocols address filter passing on packets to the required network only  Router : OSI layer 3 (network) connects two (possibly dissimilar) networks uses internet protocol present in each router and end system

Mobile Computing Lab. Computer Network 2009/Fall 118 Gihwan Cho Requirements of Internetworking  Link between networks minimum physical and link layer  Routing and delivery of data between processes on different networks  Accounting services and status info  Independent of network architectures

Mobile Computing Lab. Computer Network 2009/Fall 119 Gihwan Cho Architectural Approaches (I)  Connection oriented virtual circuit  Connectionless datagram PDU’s routed independently from source ES to destination ES through routers and networks share common network layer protocol, e.g. IP below have network access on each node

Mobile Computing Lab. Computer Network 2009/Fall 120 Gihwan Cho  Connectionless internetworking (cont.) advantages  flexibility  robust  no unnecessary overhead unreliable  not guaranteed delivery  not guaranteed order of delivery  packets can take different routes  reliability is responsibility of next layer up (e.g. TCP) Architectural Approaches(II)

Mobile Computing Lab. Computer Network 2009/Fall 121 Gihwan Cho IP Operation

Mobile Computing Lab. Computer Network 2009/Fall 122 Gihwan Cho The Internet as a Network  Design issues routing datagram lifetime fragmentation error control flow control

Mobile Computing Lab. Computer Network 2009/Fall 123 Gihwan Cho Design Issues (I)  Routing end systems and routers maintain routing tables  indicate next router to which datagram should be sent  static  may contain alternative routes  dynamic  flexible response to congestion and errors source routing  source specifies route as sequential list of routers to be followed  for the sake of security and/or priority route recording

Mobile Computing Lab. Computer Network 2009/Fall 124 Gihwan Cho Design Issues (II)  Datagram lifetime datagrams could loop indefinitely  consumes resources  transport protocol may need upper bound on datagram life datagram can be marked with lifetime  time to live field in IP  once lifetime expires, datagram discarded (not forwarded)  hop count  decrement time to live on passing through a each router  time count  need to know how long since last router

Mobile Computing Lab. Computer Network 2009/Fall 125 Gihwan Cho Design Issues (III-1)  Fragmentation and re-assembly may have different packet sizes on networks issue of when to re-assemble  at destination  results in packets getting smaller as data traverses internet  intermediate re-assembly  need large buffers at routers  buffers may fill with fragments  all fragments must go through same router  inhibits dynamic routing

Mobile Computing Lab. Computer Network 2009/Fall 126 Gihwan Cho Design Issues (III-2)  IP fragmentation IP re-assembles at destination only uses fields in header  data unit identifier (ID)  identifies end system originated datagram  source and destination address  protocol layer generating data (e.g. TCP)  identification supplied by that layer  data length  length of user data in octets  offset  position of fragment of user data in original datagram  in multiples of 64 bits (8 octets)  more flag  indicates that this is not the last fragment

Mobile Computing Lab. Computer Network 2009/Fall 127 Gihwan Cho Fragmentation Example

Mobile Computing Lab. Computer Network 2009/Fall 128 Gihwan Cho Design Issues (III-3)  Dealing with failure re-assembly may fail if some fragments get lost need to detect failure re-assembly time out  assigned to first fragment to arrive  if timeout expires before all fragments arrive, discard partial data use packet lifetime (time to live in IP)  if time to live runs out, kill partial data

Mobile Computing Lab. Computer Network 2009/Fall 129 Gihwan Cho Design Issues (IV)  Error control not guaranteed delivery router should attempt to inform source if packet discarded  e.g. for time to live expiring source may modify transmission strategy may inform high layer protocol datagram identification needed see ICMP  Flow control allows routers and/or stations to limit rate of incoming data limited in connectionless systems send flow control packets  requesting reduced flow see ICMP

Mobile Computing Lab. Computer Network 2009/Fall 130 Gihwan Cho Internet Protocol (IP) Version 4  Part of TCP/IP, which is used by the Internet defined in RFC 791 specifies interface with higher layer, e.g. TCP specifies protocol format and mechanisms will (eventually) be replaced by IPv6  IP services primitives  functions to be performed  form of primitive implementation dependent  send : request transmission of data unit  deliver : notify user of arrival of data unit parameters  used to pass data and control info

Mobile Computing Lab. Computer Network 2009/Fall 131 Gihwan Cho IP Services : Parameters (I)  Source address  Destination address  Protocol recipient e.g. TCP  Type of Service specify treatment of data unit during transmission through networks  Identification source, destination address and user protocol uniquely identifies PDU needed for re-assembly and error reporting send only

Mobile Computing Lab. Computer Network 2009/Fall 132 Gihwan Cho IP Services : Parameters (II)  Don ’ t fragment indicator whether IP can fragment data if not, may not be possible to deliver  Time to live  Data length  Option data security source routing route recording stream identification timestamping  User data

Mobile Computing Lab. Computer Network 2009/Fall 133 Gihwan Cho IP Protocol

Mobile Computing Lab. Computer Network 2009/Fall 134 Gihwan Cho IP Protocol : Header Fields (I)  Version currently 4 IP v6 - see later  Internet header length in 32 bit words including options  Type of service  Total length of datagram, in octets  Identification sequence number used with addresses and user protocol to identify datagram uniquely

Mobile Computing Lab. Computer Network 2009/Fall 135 Gihwan Cho IP Protocol : Header Fields (II)  Flags more bit don ’ t fragment  Fragmentation offset  Time to live  Protocol next higher layer to receive data field at destination  Header checksum reverified and recomputed at each router 16 bit ones complement sum of all 16 bit words in header set to zero during calculation

Mobile Computing Lab. Computer Network 2009/Fall 136 Gihwan Cho IP Protocol : Header Fields (III)  Source address  Destination address  Options  Padding to fill to multiple of 32 bits long  Data carries user data from next layer up integer multiple of 8 bits long (octet) max length of datagram (header plus data) 65,535 octets

Mobile Computing Lab. Computer Network 2009/Fall 137 Gihwan Cho IP Address Formats

Mobile Computing Lab. Computer Network 2009/Fall 138 Gihwan Cho IP Addresses (I)  32 bit global Internet address  Network part and host part  Class A start with binary 0 all 0 reserved 01111111 (127) reserved for loopback range 1.x.x.x to 126.x.x.x all allocated

Mobile Computing Lab. Computer Network 2009/Fall 139 Gihwan Cho IP Addresses (II)  Class B start 10 range 128.x.x.x to 191.x.x.x second octet also included in network address 2 14 = 16,384 class B addresses all allocated  Class C start 110 range 192.x.x.x to 223.x.x.x second and third octet also part of network address 2 21 = 2,097,152 addresses nearly all allocated  see IPv6

Mobile Computing Lab. Computer Network 2009/Fall 140 Gihwan Cho Subnets and Subnet Masks  Internet allows arbitrary complexity of internetworked LANs within organization insulate overall Internet from growth of network numbers and routing complexity site looks to rest of Internet like single network  Each LAN has to be assigned an IP address it required the central authority to handle all requests for address for networks, of which there were many more than anticipated  One possible way is that host portion of IP address is partitioned into subnet number and host number local routers route within subnetted network  Subnet mask indicates which bits are subnet number and which are host number

Mobile Computing Lab. Computer Network 2009/Fall 141 Gihwan Cho IP Addresses and Subnet Masks (a) Dotted Decimal and binary representations of IP address and subnet masks (b) Default Subnet Masks

Mobile Computing Lab. Computer Network 2009/Fall 142 Gihwan Cho Routing Using Subnets

Mobile Computing Lab. Computer Network 2009/Fall 143 Gihwan Cho Mapping IP Addresses to the DL q Consider an 802.3 LAN running IP recall DL has it’s own 48-bit addresses used to identify LLC entities on the LAN NL superimposes an internetwork on top of the LAN and provides it’s own 32-bit IP address space DL knows nothing about IP addresses q How do these two sets of addresses get mapped to each other? ABCD Who is 1.2.3.4? That’s me! Ethernet

Mobile Computing Lab. Computer Network 2009/Fall 144 Gihwan Cho Address Resolution Protocol (ARP) (I) q Another control protocol which resides at the NL is ARP ARP builds a DL broadcast frame with a packet “what’s the DL address for IP address w.x.y.z?” and sends it broadcast frame is received by all hosts and one says “that’s me!” or another says “I know”  ARP is a low-level protocol that hides the underlying network physical addressing, permitting one to assign an arbitrary IP address to every machine  Now, the broadcasting is too expensive. How can it be solved? when a host receives an ARP reply, it saves the sender’s IP address and corresponding physical address in its cache for successive lookups

Mobile Computing Lab. Computer Network 2009/Fall 145 Gihwan Cho Address Resolution Protocol (ARP) (II)  Is it be possible more refinement? the sender’s IP-to-physical address binding is included in every ARP broadcast; receivers update the binding in their cache  ARP is a part of the physical network system, and is not a part of the Internet protocols q Reverse address resolution protocol (RARP) ARP finds out Ethernet address that corresponds to a given IP RARP finds the IP address of the host using an Ethernet address associated with the Ethernet card  when the machine is booted, it broadcasts its 48-bit Ethernet address and ask for its IP address  RARP server that is available at each network responds with the IP address

Mobile Computing Lab. Computer Network 2009/Fall 146 Gihwan Cho Table Driven IP Routing  IP routing algorithm employs an Internet routing table on each machine (host and router), which contains info. about the possible destinations and how to reach them  It consults the table to decide where to send the datagram  Then, what information should be kept in routing tables? minimal information principle : keep network prefix only - makes routing efficient and keeps routing table small information hiding principle : the details of specific hosts confined to the local environment : next-hop routing - the routing table in a router only specifies one step along the path from the router to a destination  Default routing : If no route appears in the table, the routing routines send the datagram to a default router it makes their routing decisions efficiently to possible distant dest.

Mobile Computing Lab. Computer Network 2009/Fall 147 Gihwan Cho Table Driven IP Routing (An Example) To reach hosts on network 30.0.0.0 Route to this address Default 40.0.0.0 20.0.0.0Deliver Directly 20.0.0.5 30.0.0.7 Internet Q Network 20.0.0.0 R Network 30.0.0.0 S Network 40.0.0.0 40.0.0.720.0.0.5 20.0.0.6 30.0.0.6 30.0.0.700.0.0.5 T Network 50.0.0.0 50.0.0.8 40.0.0.8 50.0.0.030.0.0.7

Mobile Computing Lab. Computer Network 2009/Fall 148 Gihwan Cho IP Routing Algorithm Route_IP_Datagram(datagram, routing_table) Extract destination IP address, I D, from datagram Compute IP address of destination network, I N if I N matches any directly connected network address send datagram to destination over that network; else if I D appears as a host-specific route route datagram as specified in the table; else if I N appears in routing table route datagram as specified in the table; else if a default route has been specified route datagram to the default gateway; else declare a routing error;

Mobile Computing Lab. Computer Network 2009/Fall 149 Gihwan Cho Routing Protocols in IPv4  IP routing is based on the destination network ID alone, ? all IP traffic for a given network tales the same path regardless to the delay or throughput of physical network only the final router can determine if the destination exists or is operational, the router only can report the delivery to the sender each router routes traffic independently - someone should find out if two-way communication is always possible  IP routing selects the next hop to be sent the datagram, ? where does IP store the next hop address? not IP itself! IP simply passes the datagram and the next hop address to the network interface software (so-called network driver) the driver software responsible for the physical network over which the datagram must be sent - binds the next hop IP address to a physical address, forms a frame, and sends it

Mobile Computing Lab. Computer Network 2009/Fall 150 Gihwan Cho ICMP  Internet Control Message Protocol  RFC 792 (get it and study it)  Transfer of (control) messages from routers and hosts to hosts  Feedback about problems e.g. time to live expired  Encapsulated in IP datagram not reliable

Mobile Computing Lab. Computer Network 2009/Fall 151 Gihwan Cho ICMP Message Formats

Mobile Computing Lab. Computer Network 2009/Fall 152 Gihwan Cho Why Change IP?  Address space exhaustion two level addressing (network and host) wastes space network addresses used even if not connected to Internet growth of networks and the Internet extended use of TCP/IP single address per host  Requirements for new types of service  IPv6 RFCs 1752 - recommendations for the IP Next Generation Protocol 2460 - overall specification 2373 - addressing structure

Mobile Computing Lab. Computer Network 2009/Fall 153 Gihwan Cho  Expanded address space 128 bit  Improved option mechanism separate optional headers between IPv6 header and transport layer header (most are not examined by intermediate routes)  Address auto-configuration dynamic assignment of addresses  Increased addressing flexibility anycast - delivered to one of a set of nodes  Support for resource allocation replaces type of service labeling of packets to particular traffic flow IPv6 Enhancements

Mobile Computing Lab. Computer Network 2009/Fall 154 Gihwan Cho IPv6 Packet Structure

Mobile Computing Lab. Computer Network 2009/Fall 155 Gihwan Cho IPv6 Header

Mobile Computing Lab. Computer Network 2009/Fall 156 Gihwan Cho IPv6 Flow Label  Related sequence of packets  Needing special handling  Identified by src & dest addr + flow label  Router treats flow as sharing attributes e.g. path, resource allocation, discard requirements, accounting, security  May treat flows differently buffer sizes, different forwarding precedence, different quality of service  Alternative to including all info in every header  Have requirements on flow label processing

Mobile Computing Lab. Computer Network 2009/Fall 157 Gihwan Cho IPv6 Addresses  128 bits long  Assigned to interface  Single interface may have multiple unicast addresses  Three types of address unicast  single interface anycast  set of interfaces (typically different nodes)  delivered to any one interface, usually the “ nearest ” multicast  set of interfaces  delivered to all interfaces identified

Mobile Computing Lab. Computer Network 2009/Fall 158 Gihwan Cho Extension Headers  Hop-by-hop options require processing at each router  Routing similar to v4 source routing  Fragmentation only allowed at source, no fragmentation at intermediate routers  Authentication  Encapsulating security payload  Destination options carries optional information for destination node

Mobile Computing Lab. Computer Network 2009/Fall 159 Gihwan Cho IPv6 Extension Headers

Mobile Computing Lab. Computer Network 2009/Fall 160 Gihwan Cho Virtual Private Network  Set of computers interconnected using an insecure network e.g. linking corporate LANs over Internet  Using encryption & special protocols to provide security to stop eavesdropping & unauthorized users  Proprietary solutions are problematical  Hence development of IPSec standard

Mobile Computing Lab. Computer Network 2009/Fall 161 Gihwan Cho IPSEC  RFC 1636 (1994) identified security need  Encryption & authentication to be IPv6 but designed also for use with current IPv4  Applications needing security include: branch office connectivity remote access over Internet electronic commerce security  Benefits provides strong security for external traffic resistant to bypass can be transparent to applications as well as end users can provide security for individual users if needed

Mobile Computing Lab. Computer Network 2009/Fall 162 Gihwan Cho IPSEC Functions  Authentication header for authentication only  Encapsulating Security Payload (ESP) for combined authentication/encryption  A key exchange function manual or automated  VPNs usually need combined function

Mobile Computing Lab. Computer Network 2009/Fall 163 Gihwan Cho IPSEC Scenario

Mobile Computing Lab. Computer Network 2009/Fall 164 Gihwan Cho Chapter 19 : Internetwork Operation  Consider mechanisms for handing growth in network traffic from low-volume text based terminal/email to high volume multi-media web/voice/video  Historically, IP protocols gave best-effort datagram delivery to all services  Now, want variety of QoS in IP networks  Explore some new network services / functions

Mobile Computing Lab. Computer Network 2009/Fall 165 Gihwan Cho Multicasting  Multicast means the act of sending a packet from a source to a number of members of a multicast group  Uses multimedia “ broadcast ” teleconferencing database distributed computing real time workgroups  Have design issues in addressing / routing

Mobile Computing Lab. Computer Network 2009/Fall 166 Gihwan Cho LAN Multicast  LAN multicast is easy send to IEEE 802 multicast MAC address since broadcast all stations will see packet those in multicast group will accept it only single copy of packet is needed  But much harder in internetwork  IP includes addresses that refer to group of hosts on one or more networks =: multicast address cf) IP address refers to an individual host on a particular network

Mobile Computing Lab. Computer Network 2009/Fall 167 Gihwan Cho Multicast Example

Mobile Computing Lab. Computer Network 2009/Fall 168 Gihwan Cho Broadcast, Multiple Unicast, Multicast  Broadcast a copy of packet to each network requires 13 copies of packet  Multiple unicast send packet only to networks that have hosts in group 11 packets  True multicast determine least cost path to each network that has host in group  gives a spanning tree configuration containing networks with group members transmit single packet along spanning tree routers replicate packets at branch points of spanning tree 8 packets required

Mobile Computing Lab. Computer Network 2009/Fall 169 Gihwan Cho Traffic Generated by Various Multicasting Strategies

Mobile Computing Lab. Computer Network 2009/Fall 170 Gihwan Cho Requirements for Multicasting  Router may have to forward more than one copy of packet  Need convention to identify multicast addresses (IPv4 Class D or IPv6 prefix) nodes translate between IP multicast addresses and list of networks containing group members router must translate between IP multicast address and network multicast address  Mechanism required for hosts to join/leave multicast group  Routers must exchange info which networks include members of given group sufficient info to work out shortest path to each network

Mobile Computing Lab. Computer Network 2009/Fall 171 Gihwan Cho Internet Group Management Protocol (IGMP) (I)  RFC 3376 (IGMP version 3) to exchange multicast group info between hosts & routers on a LAN hosts send messages to routers to subscribe to and unsubscribe from multicast group routers check which multicast groups of interest to which hosts  Join operation IGMP host wants to make itself known as group member to other hosts and routers on LAN to join send IGMP membership report message address field multicast address of group sent in IP datagram current group members receive & learn new member routers listen to all IP multicast addresses to hear all reports

Mobile Computing Lab. Computer Network 2009/Fall 172 Gihwan Cho Internet Group Management Protocol (IGMP) (II)  Keeping list valid routers periodically issue IGMP general query message in datagram with all-hosts multicast address hosts respond with report message router don’t know every host in a group each host in group sets timer with random delay if timer expires, host sends report only one member of each group reports to router  Leave operation host leaves group by sending leave group message to all-routers static multicast address  router determines if it have any remaining group members using group-specific query message

Mobile Computing Lab. Computer Network 2009/Fall 173 Gihwan Cho Routing Protocols  Routers receive and forward packets  Make decisions based on knowledge of topology and traffic/delay conditions  Use dynamic routing algorithm  Autonomous Systems (AS) a group of routers exchanging information via a common routing protocol set of routers and networks managed by single organization form a connected network  there is at least one route between any pair of nodes

Mobile Computing Lab. Computer Network 2009/Fall 174 Gihwan Cho Interior Router Protocol (IRP) Exterior Routing Protocol (ERP)  IRP passes routing information between routers within AS can be tailored to specific applications needs detailed model of network to function  May be more than one AS in an internetwork routing algorithms and tables may differ between different AS  Routers need information about networks outside their AS  Used exterior router protocol (ERP) supports summary information on AS reachability

Mobile Computing Lab. Computer Network 2009/Fall 175 Gihwan Cho Application of IRP and ERP

Mobile Computing Lab. Computer Network 2009/Fall 176 Gihwan Cho Approaches to Routing : Distance-vector  Each node (router or host) exchange information with neighboring nodes  First generation routing algorithm for ARPANET used by Routing Information Protocol (RIP)  Each node maintains vector of link costs for each directly attached network, and distance and next-hop vectors for each destination  Requires transmission of lots of information by each router distance vector to all neighbors contains estimated path cost to all networks in configuration  Changes take long time to propagate

Mobile Computing Lab. Computer Network 2009/Fall 177 Gihwan Cho Approaches to Routing : Link-state  Designed to overcome drawbacks of distance-vector  Each router determines link cost on each interface  Advertises set of link costs to all other routers in topology  If link costs change, router advertises new values  Each router constructs topology of entire configuration can calculate shortest path to each destination use to construct routing table with first hop to each destination  Do not use distributed routing algorithm, but any suitable alg. to determine shortest paths, eg. Dijkstra's algorithm  Open Shortest Path First (OSPF) is a link-state protocol

Mobile Computing Lab. Computer Network 2009/Fall 178 Gihwan Cho Exterior Router Protocols : Not Distance-vector, Not Link-state  Both are not effective for exterior router protocol  Not Distance-vector assumes routers share common distance metric but different ASs may have different priorities & needs but have no info on AS’s visited along route  Not link-state different ASs may use different metrics and have different restrictions flooding of link state information to all routers unmanageable

Mobile Computing Lab. Computer Network 2009/Fall 179 Gihwan Cho Exterior Router Protocols : Path-vector  Alternative path-vector routing protocol provides info about which networks can be reached by a given router and ASs crossed to get there does not include distance or cost estimate hence dispenses with concept of routing metrics  Have list of all ASs visited on a route  Enables router to perform policy routing eg. avoid path to avoid transiting particular AS eg. link speed, capacity, tendency to become congested, and overall quality of operation, security eg. minimizing number of transit ASs

Mobile Computing Lab. Computer Network 2009/Fall 180 Gihwan Cho Border Gateway Protocol (BGP)  Developed for use with TCP/IP internets is preferred EGP of the Internet uses messages sent over TCP connection  Current version is BGP-4 (RFC1771)  Functional procedures neighbor acquisition - when agree to exchange info neighbor reachability - to maintain relationship network reachability - to update database of routes

Mobile Computing Lab. Computer Network 2009/Fall 181 Gihwan Cho OSPF  IGP of Internet documented with RFC 2328 replaced Routing Information Protocol (RIP)  Uses Link State Routing Algorithm each router keeps list of state of local links to network transmits update state info little traffic as messages are small and not sent often  Uses least cost based on user cost metric  Topology stored as directed graph vertices or nodes (router, transit or stub network) edges (between routers or router to network)

Mobile Computing Lab. Computer Network 2009/Fall 182 Gihwan Cho Sample AS  Topology stored as directed graph  Vertices or nodes router network  Edges connect two router connect router to network

Mobile Computing Lab. Computer Network 2009/Fall 183 Gihwan Cho Directed Graph of AS

Mobile Computing Lab. Computer Network 2009/Fall 184 Gihwan Cho Operation  SFP tree for router 6  Dijkstra ’ s algorithm (Appendix 0A) used to find least cost path to all other networks  Next hop used in routing packets

Mobile Computing Lab. Computer Network 2009/Fall 185 Gihwan Cho Integrates Services Architecture (ISA)  Changes in traffic demands require variety of quality of service eg. internet phone, multimedia, multicast  New functionality required in routers  New means of requesting QoS  IETF developing a suite of Integrated Services Architecture (ISA) standards RFC 1633 defines overall view of ISA

Mobile Computing Lab. Computer Network 2009/Fall 186 Gihwan Cho Internet Traffic Categories  Elastic traffic can cope with wide changes in delay and/or throughput traditional TCP/IP traffic eg. FTP, email, telnet, SNMP, HTTP different sensitivity to throughput, delay, congestion  Inelastic traffic does not easily adapt to variations  e.g. real time traffic requirements  throughput  delay  jitter  packet loss

Mobile Computing Lab. Computer Network 2009/Fall 187 Gihwan Cho ISA Approach  IP nets control congestion by routing algorithms packet discard  Provides enhancements to traditional IP  ISA functions: admission control routing algorithm queuing discipline discard policy

Mobile Computing Lab. Computer Network 2009/Fall 188 Gihwan Cho Resource Reservation: RSVP  Resource ReSerVation Protocol RFC 2205  Unicast applications can reserve resources in routers to meet QoS if router can not meet request, application informed  Multicast is more demanding, its load may be reduced some members of group may not require delivery from particular source over given time some group members may only be able to handle a portion of the transmission reservation means routers can decide in advance if can meet requirements

Mobile Computing Lab. Computer Network 2009/Fall 189 Gihwan Cho Differentiated Services  Simple, easily implemented, low overhead tool to support a range of differentiated network services  IP Packets labeled for differing QoS using existing IPv4 Type of Service or IPv6 DS field  Have service level agreement established between provider and customer prior to use of DS  Built in aggregation good scaling to larger networks and loads  Implemented by queuing / forwarding based on DS octet no state information on packet flows stored

Mobile Computing Lab. Computer Network 2009/Fall 190 Gihwan Cho Chapter 20 : Transport Protocols  End-to-end data transfer service  Shield upper layers from network details  Reliable, connection oriented has greater complexity, eg. TCP  Best effort, connectionless Datagram, eg. UDP  Connection-oriented transport protocol mechanisms provides establishment, maintenance & termination of a logical connection most common service for a wide variety of applications is reliable, but complex

Mobile Computing Lab. Computer Network 2009/Fall 191 Gihwan Cho Reliable Sequencing Network Service  Assume virtually 100% reliable delivery by network service of arbitrary length messages eg. reliable packet switched network with X.25 eg. frame relay with LAPF control protocol eg. IEEE 802.3 with connection oriented LLC service  Transport service is a simple, end to end protocol between two systems on same network  Issues are: addressing, multiplexing, flow control, connection establishment and termination

Mobile Computing Lab. Computer Network 2009/Fall 192 Gihwan Cho Addressing (I)  Target user specified by: user identification (host, port)  a socket in TCP  port represents a particular transport service (TS) user transport entity identification (on host)  specify transport protocol (TCP, UDP) host address of attached network device  in the Internet, a global internet address network number  Transport layer passes host to network layer

Mobile Computing Lab. Computer Network 2009/Fall 193 Gihwan Cho Addressing (II) Network IP 06 TCP 2125 FTPSMTP Protocol “06” is the TCP protocol Port determines which application gets incoming data 17 UDP 7 ECHO 69 TFTP 203.234.18.72 IP address identifies this machine

Mobile Computing Lab. Computer Network 2009/Fall 194 Gihwan Cho Finding Addresses  Four methods know address ahead of time  e.g. collection of network device stats well known addresses  eg. common servers like FTP, SMTP etc name server  does directory lookup sending request to well known address which spawns new process to handle it

Mobile Computing Lab. Computer Network 2009/Fall 195 Gihwan Cho Multiplexing  Of upper layers (downward multiplexing) so multiple users employ same transport protocol user identified by port number or service access point  May also multiplex with respect to network services used (upward multiplexing) eg. multiplexing a single virtual X.25 circuit to a number of transport service user

Mobile Computing Lab. Computer Network 2009/Fall 196 Gihwan Cho Flow Control  Issues: longer transmission delay between transport entities compared with actual transmission time  due to the delays communication of flow control information variable transmission delay so difficult to use timeouts  Want TS flow control because: receiving user can not keep up receiving transport entity can not keep up  Which can result in buffer overflowing  Managing flow difficult because of gap between sender and receiver

Mobile Computing Lab. Computer Network 2009/Fall 197 Gihwan Cho Coping with Flow Control Requirements  Do nothing segments that overflow are discarded sending transport entity will fail to get ACK and will retransmit  thus further adding to incoming data  Refuse further segments clumsy multiplexed connections are controlled on aggregate flow  Use fixed sliding window protocol (see chapter 7) works well on reliable network  failure to receive ACK is taken as flow control indication does not work well on unreliable network  can not distinguish between lost segment and flow control  Use credit scheme

Mobile Computing Lab. Computer Network 2009/Fall 198 Gihwan Cho Credit Scheme  Decouples flow control from ACK  Each octet has sequence number  Each transport segment has sequence number (SN), ack number (AN) and window size (W) in header  Sends sequence number of first octet in segment  ACK includes (AN=i, W=j) which means all octets through SN=i-1 acknowledged, want i next permission to send additional window of W=j octets

Mobile Computing Lab. Computer Network 2009/Fall 199 Gihwan Cho cf) An Example of Sliding Window

Mobile Computing Lab. Computer Network 2009/Fall 200 Gihwan Cho Credit Allocation

Mobile Computing Lab. Computer Network 2009/Fall 201 Gihwan Cho Sending and Receiving Perspectives

Mobile Computing Lab. Computer Network 2009/Fall 202 Gihwan Cho Connection Establishment and Termination  Need connection establishment and termination procedures to allow: each end to know the other exists negotiation of optional parameters triggers allocation of transport entity resources  By mutual agreement

Mobile Computing Lab. Computer Network 2009/Fall 203 Gihwan Cho Connection State Diagram

Mobile Computing Lab. Computer Network 2009/Fall 204 Gihwan Cho Connection Establishment

Mobile Computing Lab. Computer Network 2009/Fall 205 Gihwan Cho Connection Termination  Either or both sides by mutual agreement  Graceful or abrupt termination  If graceful, initiator must: send FIN to other end, requesting termination place connection in FIN WAIT state when FIN received, inform user and close connection  Other end must: when receives FIN must inform TS user and place connection in CLOSE WAIT state when TS user issues CLOSE primitive, send FIN & close connection

Mobile Computing Lab. Computer Network 2009/Fall 206 Gihwan Cho Unreliable Network Service  More difficult case for transport protocol since segments may get lost segments may arrive out of order  Examples include IP internet, frame relay using LAPF, IEEE 802.3 with unacknowledge connectionless LLC  Issues: ordered delivery, retransmission strategy, duplication detection, flow control, connection establishment & termination, crash recovery

Mobile Computing Lab. Computer Network 2009/Fall 207 Gihwan Cho Ordered Delivery  Segments may arrive out of order  Number segments sequentially  TCP numbers each octet sequentially  Segments are numbered by the first octet number in the segment

Mobile Computing Lab. Computer Network 2009/Fall 208 Gihwan Cho Retransmission Strategy  Retransmission of segment needed because segment damaged in transit segment fails to arrive  Transmitter does not know of failure  Receiver must acknowledge successful receipt can use cumulative acknowledgement for efficiency  Sender times out waiting for ACK triggers re-transmission

Mobile Computing Lab. Computer Network 2009/Fall 209 Gihwan Cho Timer Value  Fixed timer based on understanding of network behavior can not adapt to changing network conditions too small leads to unnecessary re-transmissions too large and response to lost segments is slow should be a bit longer than round trip time  Adaptive scheme keeps track of the time taken to ack., and sets its retransmission timer based on the average of the observed delays may not ACK immediately – may be cumulative ack. can not distinguish between ACK of original segment and re- transmitted segment network conditions may change suddenly

Mobile Computing Lab. Computer Network 2009/Fall 210 Gihwan Cho Duplication Detection  If ACK lost, segment is re-transmitted  Receiver must recognize duplicates  If duplicate received prior to closing connection receiver assumes ACK lost and ACKs the duplicate sender must not get confused with multiple ACKs sequence number space large enough to not cycle within maximum life of segment  Duplicate received after closing connection

Mobile Computing Lab. Computer Network 2009/Fall 211 Gihwan Cho Incorrect Duplicate Detection

Mobile Computing Lab. Computer Network 2009/Fall 212 Gihwan Cho Flow Control  Credit allocation quite robust with unreliable net can ack data & grant credit or just one or other lost ACK recovers on next received  Have problem if AN=i, W=0 closing window then send AN=i, W=j to reopen, but this is lost sender thinks window closed, receiver thinks it open  Solution is to use persist timer  If timer expires, send something could be re-transmission of previous segment

Mobile Computing Lab. Computer Network 2009/Fall 213 Gihwan Cho Connection Establishment  Two way handshake A send SYN, B replies with SYN lost SYN handled by re-transmission  can lead to duplicate SYNs ignore duplicate SYNs once connected  Lost or delayed data segments can cause connection problems segment from old connections start segment numbers far removed from previous connection  use SYN i, where i is the sequence # of the first data segment  need ACK to include i so, three way handshake

Mobile Computing Lab. Computer Network 2009/Fall 214 Gihwan Cho Two Way Handshake: Obsolete Data Segment

Mobile Computing Lab. Computer Network 2009/Fall 215 Gihwan Cho Two Way Handshake: Obsolete SYN Segment

Mobile Computing Lab. Computer Network 2009/Fall 216 Gihwan Cho Three Way Handshake: State Diagram

Mobile Computing Lab. Computer Network 2009/Fall 217 Gihwan Cho Three Way Handshake: Examples So, piggybacking

Mobile Computing Lab. Computer Network 2009/Fall 218 Gihwan Cho Connection Termination  Like connection need 3-way handshake  Misordered segments could cause: entity in CLOSE WAIT state sends last data segment, followed by FIN FIN arrives before last data segment ceceiver accepts FIN, closes connection, loses data  Need to associate sequence number with FIN  Receiver waits for all segments before FIN sequence number

Mobile Computing Lab. Computer Network 2009/Fall 219 Gihwan Cho Connection Termination : Graceful Close  Also have problems with loss of segments and obsolete segments  Need graceful close which will: send FIN i and receive AN i receive FIN j and send AN j  Wait twice maximum expected segment lifetime

Mobile Computing Lab. Computer Network 2009/Fall 220 Gihwan Cho Crash Recovery  After restart all state info is lost  May have half open connection as side that did not crash still thinks it is connected  Close connection using persistence timer wait for ACK for (time out) * (number of retries) when expired, close connection and inform user  Send RST i in response to any i segment arriving  User must decide whether to reconnect problems with lost or duplicate data

Mobile Computing Lab. Computer Network 2009/Fall 221 Gihwan Cho TCP  Transmission Control Protocol (RFC 793)  Connection oriented, reliable communication  Over reliable and unreliable (inter)networks  Two ways of labeling data:  Data stream push user requires transmission of all data up to push flag receiver will deliver in same manner avoids waiting for full buffers  Urgent data signal indicates urgent data is upcoming in stream user decides how to handle it

Mobile Computing Lab. Computer Network 2009/Fall 222 Gihwan Cho TCP Services  A complex set of primitives: incl. passive & active open, active open with data, send, allocate, close, abort, status passive open indicates will accept connections active open with data sends data with open  And parameters: incl. source port, destination port & address, timeout, security, data, data length, PUSH & URGENT flags, send & receive windows, connection state, amount awaiting ACK

Mobile Computing Lab. Computer Network 2009/Fall 223 Gihwan Cho TCP Header

Mobile Computing Lab. Computer Network 2009/Fall 224 Gihwan Cho TCP and IP  Not all parameters used by TCP are in its header  TCP passes some parameters down to IP precedence normal delay/low delay normal throughput/high throughput normal reliability/high reliability security  Min overhead for each PDU is 40 octets

Mobile Computing Lab. Computer Network 2009/Fall 225 Gihwan Cho TCP Mechanisms (I)  Connection establishment three way handshake : SYN, SYN-ACK, ACK connection determined by source and dest. sockets (host, port) can only have a connection between any unique pairs of ports but one port can connect to multiple different destinations (different ports)

Mobile Computing Lab. Computer Network 2009/Fall 226 Gihwan Cho TCP Mechanisms (II)  Data transfer data transfer a logical stream of octets octets numbered modulo 2 23 flow control uses credit allocation of number of octets data buffered at transmitter and receiver  sent when transport entity ready  unless PUSH flag used to force send can flag data as URGENT, sent immediately if receive data not for current connection, RST flag is set on next segment to reset connection

Mobile Computing Lab. Computer Network 2009/Fall 227 Gihwan Cho TCP Mechanisms (III)  Connection termination graceful close  TCP user issues CLOSE primitive  transport entity sets FIN flag on last segment sent with last of data abrupt termination by ABORT primitive  entity abandons all attempts to send or receive data  RST segment transmitted to other end

Mobile Computing Lab. Computer Network 2009/Fall 228 Gihwan Cho TCP Implementation Options (I)  TCP standard precisely specifies protocol  Have some implementation policy options: send deliver accept retransmit acknowledge  Implementations may choose alternative options which may impact performance

Mobile Computing Lab. Computer Network 2009/Fall 229 Gihwan Cho Implementation Policy Options (II)  Send if no push or close, TCP entity transmits at its own convenience in credit allocation may construct segment per batch of data from user  quick response but higher overheads may wait for certain amount of data  slower response but lower overheads  Deliver in absence of push, can deliver data at own convenience may deliver from each segment received  higher O/S overheads but more responsive may buffer data from multiple segments  less O/S overheads but slower

Mobile Computing Lab. Computer Network 2009/Fall 230 Gihwan Cho Implementation Policy Options (IV)  Retransmit TCP has a queue of segments transmitted but not acknowledged will retransmit if not ACKed in given time  first only - single timer, send one segment only when timer expires, efficient, has delays  batch - single timer, send all segments when timer expires, has unnecessary transmissions  individual - timer for each segment, complex effectiveness depends in part on receiver’s accept policy  Acknowledge immediate cumulative

Mobile Computing Lab. Computer Network 2009/Fall 231 Gihwan Cho TCP Congestion Control (I)  RFC 1122 & 2581 detail extensions Tahoe, Reno & NewReno implementations  Two categories of extensions: retransmission timer management window management  Retransmission timer management simple average  ARTT(k+1) = k*ARTT(k)/(k+1) + RTT(k+1)/(k+1) ARTT : Average RTT exponential average : RFC 793  give greater weight to more recent instances because they are more likely to reflect future behavior  SRTT(k+1) =  * SRTT(k) + (1-  ) * RTT(k+1) SRTT : Smoothed RTT

Mobile Computing Lab. Computer Network 2009/Fall 232 Gihwan Cho TCP Congestion Control (II)  RTT variance estimation (Jacobson ’ s algorithm) RTT exhibits a relatively high variance  traffic conditions may change abruptly due to other sources  the TCP peer may not ack. each segment immediately with low variance of RTT, RTO is too high, whilst in an unstable environment,  =2 may be inadequate with unnecessary retrans. again, give greater weight to more recent instances because they are more likely to reflect future behavior  SRTT(k+1) = (1- g ) * SRTT(k) + g * RTT(k+1)  SERR(k+1) = RTT(k+1) - SRTT(k)  SDEV(k+1) = (1- h ) * SDEV(k) + h * |SERR(k+1)|  RTO (k+1) = SRTT(k+1) + f * SDEV(k+1)  typically g = 0.125, h = 0.25, f = 4

Mobile Computing Lab. Computer Network 2009/Fall 233 Gihwan Cho Jacobson’s RTO Calculation

Mobile Computing Lab. Computer Network 2009/Fall 234 Gihwan Cho Exponential RTO Backoff  Timeout probably due to congestion dropped packet or long round trip time  Hence maintaining RTO is not good idea  Better to increase RTO each time a segment is re-transmitted RTO = q*RTO commonly q=2 (binary exponential backoff) as in ethernet CSMA/CD

Mobile Computing Lab. Computer Network 2009/Fall 235 Gihwan Cho Karn ’ s Algorithm  If a segment is re-transmitted, the ACK arriving may be: for the first copy of the segment  RTT longer than expected for second copy  No way to tell  Do not measure RTT for re-transmitted segments  Calculate backoff when re-transmission occurs  Use backoff RTO until ACK arrives for segment that has not been re-transmitted

Mobile Computing Lab. Computer Network 2009/Fall 236 Gihwan Cho Window Management (I)  Slow start gradually expanding the window until ACKs are received awnd = MIN[credit, cwnd] start connection with cwnd=1 increment cwnd by 1 (actually 2) at each ACK, to some max

Mobile Computing Lab. Computer Network 2009/Fall 237 Gihwan Cho Window Management (II)  Dynamic windows sizing on congestion Jacobson points out that “it is easy to drive a network into saturation but hard for the net to recover” with the slow start, cwnd keeps growing exponential until it becomes equal to receiver window (credit) however, for the congestion, the exponential growth of cwnd may be too aggressive and may worsen the congestion  when a timeout occurs  set slow start threshold to half current congestion window  ssthresh=cwnd/2  set cwnd = 1 and slow start until cwnd=ssthresh  increasing cwnd by 1 for every ACK  for cwnd >=ssthresh, increase cwnd by 1 for each RTT

Mobile Computing Lab. Computer Network 2009/Fall 238 Gihwan Cho Illustration of Slow Start and Congestion Avoidance

Mobile Computing Lab. Computer Network 2009/Fall 239 Gihwan Cho UDP  Connectionless service for application level procedures specified in RFC 768 unreliable delivery & duplication control not guaranteed  Reduced overhead  Least common denominator service  Uses: inward data collection outward data dissemination request-response real time application

Mobile Computing Lab. Computer Network 2009/Fall 240 Gihwan Cho Chapter 21 : Network Security  Security requirements confidentiality  only be accessible for reading by authorized parties  can be achieved with conventional encryption integrity  protect data accuracy availability  ensure timely service authenticity  protect data origin

Mobile Computing Lab. Computer Network 2009/Fall 241 Gihwan Cho Passive Attacks  Eavesdropping on transmissions  To obtain information release of message contents outsider learns content of transmission traffic analysis by monitoring frequency and length of messages, even encrypted, nature of communication may be guessed  Difficult to detect  Can be prevented using encryption

Mobile Computing Lab. Computer Network 2009/Fall 242 Gihwan Cho Active Attacks  Masquerade pretending to be a different entity  Replay  Modification of messages  Denial of service  Easy to detect detection may lead to deterrent  Hard to prevent focus on detection and recovery

Mobile Computing Lab. Computer Network 2009/Fall 243 Gihwan Cho Symmetric Encryption  Terms plaintext encryption algorithm secret key ciphertext decryption algorithm

Mobile Computing Lab. Computer Network 2009/Fall 244 Gihwan Cho Requirements for Security  Strong encryption algorithm even if known, should not be able to decrypt or work out key even if a number of cipher texts are available together with plain texts of them  Key distribution sender and receiver must obtain secret key securely  Once key is known, all communication using this key is readable

Mobile Computing Lab. Computer Network 2009/Fall 245 Gihwan Cho Attacking Encryption  Crypt analysis relay on nature of algorithm plus some knowledge of general characteristics of plaintext attempt to deduce plaintext or key  Brute force try every possible key until plaintext is achieved  Encryption algorithms block cipher  most common symmetric algorithms  process plaintext in fixed block sizes producing block of cipher text of equal size  Data Encryption Standard (DES)  Advanced Encryption Standard (AES)

Mobile Computing Lab. Computer Network 2009/Fall 246 Gihwan Cho DES (Data Encryption Standard)  US standard 64 bit plain text blocks, 56 bit key

Mobile Computing Lab. Computer Network 2009/Fall 247 Gihwan Cho Strength of DES  Broken in 1998 by Electronic Frontier Foundation special purpose US$250,000 machine with detailed published description less than three days DES now worthless alternatives include TDEA  Triple DEA ANSI X9.17 (1985) incorporated in DEA standard 1999 uses 2 or 3 keys and 3 executions of DEA algorithm effective key length 112 or 168 bit slow block size (64 bit) now too small

Mobile Computing Lab. Computer Network 2009/Fall 248 Gihwan Cho AES (Advanced Encryption Standard)  NIST issued call for proposals in 1997 security strength equal to or better than 3DES significantly improved efficiency symmetric block cipher with block length 128 bits key lengths 128, 192, and 256 bits AES issued as FIPS 197 in 2001  Description input a 128-bit block (square matrix of bytes) 128-bit key (square matrix of bytes) byte ordering by column

Mobile Computing Lab. Computer Network 2009/Fall 249 Gihwan Cho AES Encryption and Decryption

Mobile Computing Lab. Computer Network 2009/Fall 250 Gihwan Cho Key Distribution  Symmetric encryption needs key distribution protected for access by others changed frequently  Possibilities for key distribution 1. key selected by A and delivered to B 2. third party selects key and delivers to A and B 3. use old key to encrypt & transmit new key from A to B 4. use old key to transmit new key from third party to A and B

Mobile Computing Lab. Computer Network 2009/Fall 251 Gihwan Cho Message Authentication  Protection against active attacks with falsification of data falsification of source  It allows receiver to verify that message is authentic message has not altered message is from authentic source message timeline  Authentication using symmetric encryption assumes sender and receiver are only entities that know key message must include one of error detection code, sequence number, time stamp only sender could have encrypted message for other party

Mobile Computing Lab. Computer Network 2009/Fall 252 Gihwan Cho Authentication Without Encryption  Authentication tag generated and appended to each message  Message not encrypted  useful when don’t want encryption because: messages broadcast to multiple destinations  have one destination responsible for authentication one side heavily loaded  encryption adds to workload  can authenticate random messages programs authenticated without encryption can be executed without decoding

Mobile Computing Lab. Computer Network 2009/Fall 253 Gihwan Cho Message Authentication Code (MAC)  Generate authentication code based on shared key and message  Common key shared between A and B  If only sender and receiver know key and code matches: receiver assured message has not altered receiver assured message is from alleged sender if message has sequence number, receiver assured of proper sequence

Mobile Computing Lab. Computer Network 2009/Fall 254 Gihwan Cho Message Authentication Using MAC

Mobile Computing Lab. Computer Network 2009/Fall 255 Gihwan Cho One Way Hash Function  Accepts variable size message and produces fixed size tag (message digest) but without use of a secret key  send digest with message  in manner that validates authenticity  Advantages of authentication without encryption encryption is slow encryption hardware expensive encryption hardware optimized to large data algorithms covered by patents algorithms subject to export controls (from USA)

Mobile Computing Lab. Computer Network 2009/Fall 256 Gihwan Cho Public Key Encryption  Based on mathematical algorithms infeasible to determine decryp. key given encryp. key and algorithm  Asymmetric : use two separate keys public key is used for encryption private key is used for decryption  steps: user generates pair of keys user places one key in public domain to send a message to user, encrypt using public key user decrypts using private key

Mobile Computing Lab. Computer Network 2009/Fall 257 Gihwan Cho Public Key Encryption

Mobile Computing Lab. Computer Network 2009/Fall 258 Gihwan Cho Digital Signature  Sender encrypts message with private key  Receiver decrypts with senders public key  Authenticates sender  Does not give privacy of data must send both original and encrypted copies  More efficient to sign authenticator a secure hash of message send signed hash with message

Mobile Computing Lab. Computer Network 2009/Fall 259 Gihwan Cho RSA Public-key Encryption  Developed in 1977 by Rivest, Shamir and Adleman

Mobile Computing Lab. Computer Network 2009/Fall 260 Gihwan Cho RSA Security  Brute force search of all keys given size of parameters is infeasible but larger keys do slow calculations  Factor n to recover p & q a hard problem well known 129 digit challenge broken in 1994 key size of 1024-bits (300 digits) currently secure for most apps

Mobile Computing Lab. Computer Network 2009/Fall 1 Gihwan Cho Computer Networks 2009/Fall Division of Computer Science & Engineering Chonbuk University.

Similar presentations

Presentation on theme: "Mobile Computing Lab. Computer Network 2009/Fall 1 Gihwan Cho Computer Networks 2009/Fall Division of Computer Science & Engineering Chonbuk University."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Mobile Computing Lab. Computer Network 2009/Fall 1 Gihwan Cho Computer Networks 2009/Fall Division of Computer Science & Engineering Chonbuk University.

Similar presentations

Presentation on theme: "Mobile Computing Lab. Computer Network 2009/Fall 1 Gihwan Cho Computer Networks 2009/Fall Division of Computer Science & Engineering Chonbuk University."— Presentation transcript:

Similar presentations

About project

Feedback