Cosc 2150: Computer Organization Chapter 12: Network Organization and Architecture

Chapter 12 Objectives Become familiar with the fundamentals of network architectures. Learn the basic components of a local area network. Become familiar with the general architecture of the Internet.

Bandwidth Bit (b) = a unit of information, 0 or 1 —10 bits can represent 1024 different messages —20 bits represent > 1 million —30 bits > 1 billion messages The bandwidth of a communication channel = number of bits per second it transmits All channels have limited bandwidth One byte (B) = 8 bits (an octet) Transmitting 1 MB at 56K bps takes 143 sec. 1 GB = gigabyte takes 40 hours —at 7Mbps 19 minutes; at 1 Gbps takes 8 seconds) Latency = delay from first bit transmitted to first received

Progress of Technology Have more disk storage —1971: 10 MB —2001: 80,000 MB —2008: 1,000,000 MB (1 TB) Higher communication speeds —Human speech: 30 bits/sec —1971 Modem 300 bits/sec —2001 Modem: 56,000 bits/sec —T1 line: 1,544,000 bits/sec —Internet 2: 1,000,000,000 bits/sec —Nortel: 1,000,000,000,000 bits/sec in 1 fiber (entire U.S. telephone traffic) IMPROVEMENT: 8000 x IMPROVEMENT: 3 BILLION x

BANDWIDTH APPLICATION TECHNOLOGY Streaming Video + Voice Browsing, Audio , FTP Paging Video Conferencing, Multimedia Telnet ISDN FDDI T3/E3 T1/E1 New Modem Wireless WAN Old Modem K 128K T3 = 44.7 Mb OC3 = 155 Mb In Kbps Virtual Reality, Medical Imaging 1 gigabit ADSL Full-motion HDTV Gigabit Ethernet Copper Fiber Experimental 1 terabit All U.S. telephone conversations simultaneously T1 = Mb DSL ~ 7 Mb OC12 = 622 Mb Human speech = 30 bps

Early Academic and Scientific Networks In the 1960s, the Advanced Research Projects Agency funded research under the auspices of the U.S. Department of Defense. Computers at that time were few and costly. In 1968, the Defense Department funded an interconnecting network to make the most of these precious resources. The network, DARPANet, designed by Bolt, Beranek, and Newman, had sufficient redundancy to withstand the loss of a good portion of the network. DARPANet, later turned over to the public domain, eventually evolved to become today’s Internet.

Some humor first

OSI - The Model A layered model Each layer performs a subset of the required communication functions Each layer relies on the next lower layer to perform more primitive functions Each layer provides services to the next higher layer Changes in one layer should not require changes in other layers

OSI - The Model (2)

OSI Layers (1) Transmission media (Layer 0 Hardware) —cables between two network stations Physical (Layer 1 Hardware) —Physical interface between devices –Mechanical –Electrical –Functional –Procedural Data Link (Layer 2 Hardware) —Means of activating, maintaining and deactivating a reliable link —Error detection and control —Higher layers may assume error free transmission —transmits and receives frames, MAC protocol belongs to this layer

OSI Layers (2) Network (layer 3 Hardware) —Transport of information —Higher layers do not need to know about underlying technology —Not needed on direct links —Most high level Network protocols are in this layer Transport (layer 4) —Exchange of data between end systems —Error free —In sequence —No losses —No duplicates —Quality of service

OSI Layers (3) Session (layer 5) —Control of dialogues between applications —Dialogue discipline —Grouping —Recovery Presentation (layer 6) —Data formats and coding —Data compression —Encryption Application (layer 7) —Means for applications to access OSI environment

Network Hardware Outline layer 0: media —Cabling Layer 1: physical —repeaters, hubs Layer 2: Link layer —bridges, switches, and Collision domains Layer 3: Network layer —Router, router architecture.

Layer 0: Transmission media 10BASE2 standard —uses coax cable (like Cable TV wiring). component pieces include BNC T connectors and BNC terminators —Segments of cable had a maximum length of 185 meters —Why 10BASE2? standards committee rounded 185 to 200, then shorten it. —The 10 is for 10Mbps (megabits per second)

Layer 0: Transmission media (2) 10BASE-T —The T is for “twisted”, as in twisted-pair wires —The wire is normally called Category 3 (CAT3) or better like CAT5 —maximum length is 100 meters (328 feet), 10BASE-F —F stands for Fiber, or fiber optic media

Layer 0: Transmission media (3) 100BASE-T —covers the entire range of 100Mbps systems, all twisted pair and fiber media —100BASE-TX, uses twisted pair cat-5 wire (100 meters max length) —100BASE-FX, uses fiber. 1000BASE-T or Gigabit or GigE —covers the entire range of 1000Mbps systems. —Uses both Cat-5, Cat-5e and fiber

Layer 0: Transmission media (4) Multi-Gigabit Ethernet —10 Gbps Standard and working on faster, 50 to 100 Gbps standards —Cisco Announce 1 Zettabyte edge routers (2008) –Fiber optic cabling. Cable connectors for Cat3 and Cat5 —RJ-11 4 wire modular connected. Also used in standard telephone cables. Cat 3 wires only. —RJ-45 8 wire connected. RJ-45 can be used to connect 4 wire as well.

What if the max length is to short? The max length is where the signal degrades past the point of usefulness You will need to put a piece of network hardware. —What do you use? –Depends on where it is connecting to

Distance Limitations Copper = Cat 5 wiring MMF = Multimode fiber SMF = Single-mode fiber

Fiber Optic Optical fiber supports three different transmission modes depending on the type of fiber used. —Single-mode fiber provides the fastest data rates over the longest distances. It passes light at only one wavelength, typically, 850, 1300 or 1500 nanometers. —Multimode fiber can carry several different light wavelengths simultaneously through a larger fiber core.

Fiber Optic Multimode graded index fiber also supports multiple wavelengths concurrently, but it does so in a more controlled manner than regular multimode fiber Unlike regular multimode fiber, light waves are confined to the area of the optical fiber that is suitable to propagating its particular wavelength. —Thus, different wavelengths concurrently transmitted through the fiber do not interfere with each other.

When an STS signal is passed over an optical carrier network, the signal is called OCx, where x is the carrier speed. The fundamental SDH signal is STM-1, which conveys signals at a rate of Mbps. The SONET hierarchy along with SDH is shown in the table. High Capacity Digital Links

Ethernet “dominant” Network/LAN technology: cheap $20 for 1000Mbs! first widely used LAN technology Simpler, cheaper than token LANs and ATM Kept up with speed race: 10, 100, 1000 Mbps Metcalfe’s Ethernet sketch

Ethernet Interface Card NIC for short. —The piece of hardware you put into your computer to talk to the network. —Can be 10Mb, 100Mb, even 1Gb card now. —10/100Mb cards run anywhere from $20 to $100+ for pcmcia cards.

Ethernet Technologies: 10Base2 thin coaxial cable in a bus topology repeaters used to connect up to multiple segments

Repeaters A hardware device that connects to segments together. —repeater repeats bits it hears on one interface to its other interfaces — (Layer 1) physical layer device only!

Signal attenuation is corrected by repeaters that amplify signals in physical cabling. Repeaters are part of the network medium (Layer 1). —In theory, they are dumb devices functioning entirely without human intervention. However, some repeaters now offer higher-level services to assist with network management and troubleshooting. Repeaters

Interconnecting LANs Q: Why not just one big LAN? Limited amount of supportable traffic: on single LAN, all stations must share bandwidth limited length: specifies maximum cable length large “collision domain” (can collide with many stations)

Collision Domains When network devices share the same, physical transmission media, it is more than possible packets of data will collide —Collision Domain –Network Devices use CSMA/CD +A devices listens to see if the media is available, then it been transmitting. –More then possible two devices will attempt to transmit at the same time. +This area is called a collision domain

Hubs Physical Layer devices: essentially repeaters operating at bit levels: repeat received bits on one interface to all other interfaces Hubs can be arranged in a hierarchy (or multi-tier design), with backbone hub at its top

Hubs (more) Each connected LAN referred to as LAN segment Hubs do not isolate collision domains: node may collide with any node residing at any segment in LAN Hub Advantages: —simple, inexpensive device —Multi-tier provides graceful degradation: portions of the LAN continue to operate if one hub malfunctions —extends maximum distance between node pairs (100m per Hub) —can connect different Ethernet types (e.g., 10BaseT and 100baseT)

Hub limitations single collision domain results in no increase in max throughput —multi-tier throughput same as single segment throughput individual LAN restrictions pose limits on number of nodes in same collision domain and on total allowed geographical coverage

Bridges ( Layer 2 ) Link Layer devices: operate on Ethernet frames, examining frame header and selectively forwarding frame based on its destination Bridge isolates collision domains since it buffers frames When frame is to be forwarded on segment, bridge uses CSMA/CD to access segment and transmit

Bridges (more) Bridge advantages: —Isolates collision domains resulting in higher total max throughput, and does not limit the number of nodes nor geographical coverage —Transparent: no need for any change to hosts LAN adapters bridges filter packets —same-LAN -segment frames not forwarded onto other LAN segments forwarding: —how to know which LAN segment on which to forward frame? —looks like a routing problem

Backbone Bridge

Ethernet Switches layer 2 forwarding, filtering using LAN addresses Switching: A-to-B and A’-to-B’ simultaneously, no collisions large number of interfaces often: individual hosts, star- connected into switch —Ethernet, but no collisions!

Ethernet Switches Store and forward: frame is completely received, and then sent. cut-through switching: frame forwarded from input to output port without awaiting for assembly of entire frame —slight reduction in latency —Does not isolate collision domains. combinations of shared/dedicated, 10/100/1000 Mbps interfaces

Full & Half Duplex Full Duplex: —Communication that takes place simultaneously, in both directions, between sender and receiver. —No collisions possible in full duplex mode. —Available on switches, double the speed, 100Mbps line can pass 200Mbps at a time. Half Duplex: —two-way communication occurring in only one direction at a time. Standard communication method. Line speeds are rated at half duplex speed.

Auto sensing networking devices Most networking devices auto sense whether they can talk 10Mb, 100Mb, and 1Gb. Simple for configuration, plug it in, let the computer and hub/switch figure it out. Does not take into account transmission media 2 devices that can “speak” at 100Mbps on cat 3 (10Mbps) will attempt to use 100Mbps.

Routers NORTEL CISCO 3COM Function at layer 3, network layer. Able to route based on IP, instead of MAC See previous lecture for routing.

WWF Bridges vs. Routers both store-and-forward devices —routers: network layer devices (examine network layer headers) —bridges are Link Layer devices routers maintain routing tables, implement routing algorithms bridges maintain filtering tables, implement filtering, learning and spanning tree algorithms

network routers A router is a device that operates at network layer or layer 3. Routers actually looks at the message and determine what to do with it. For broadcast traffic, it drops the message It allows you to design more complex networks with multiple network protocols. It also routes between multiple IP domains

Routers are complex devices because they contain buffers, switching logic, memory, and processing power to calculate the best way to send a packet to its destination. network routers

Routing Using Subnets

Routers vs. Bridges Bridges + and - + Bridge operation is simpler requiring less processing bandwidth - Topologies are restricted with bridges: a spanning tree must be built to avoid cycles - Bridges do not offer protection from broadcast storms (endless broadcasting by a host will be forwarded by a bridge)

Routers vs. Bridges Routers + and - + arbitrary topologies can be supported, cycling is limited by TTL counters (and good routing protocols) + provide firewall protection against broadcast storms - require IP address configuration (not plug and play) - require higher processing bandwidth bridges do well in small (a hundred hosts) while routers used in large networks (thousands of hosts)

IEEE Wireless LAN wireless LANs: untethered (often mobile) networking IEEE standard: —MAC protocol —unlicensed frequency spectrum: 900Mhz, 2.4Ghz Basic Service Set (BSS) (a.k.a. “cell”) contains: —wireless hosts —access point (AP): base station BSS’s combined to form distribution system (DS)

Ad Hoc Networks Ad hoc network: IEEE stations can dynamically form network without AP Applications: —“ laptop” meeting in conference room, car —interconnection of “personal” devices —battlefield IETF MANET (Mobile Ad hoc Networks) working group

LANs and WANs Local Area Networks (LAN) —A set of computer connected in a geographically close network, such as in the same building, campus or office building. Wide Area Networks (WAN) —A computer network that uses long-range telecommunications links to connect the networked computers over long distances. The line between two is blurry, since LANs can cover geography then some WANs

Network Firewalls Definition: A system that can not be broken in to. —Monitors traffic and "protects" the computers behind it. –Configure so that only certain inbound and outbound ports are "open" +Blocking port 6000, means that nothing can remotely connect to that port –Configure so that IP are not allowed "through" the firewall (inbound, outbound, or both) —Firewalls are a layer 4 device, because it works on Port numbers as well as IP number, and even MAC addresses.

Network Firewalls (2) Packet Filtering —block certain types of packets, such only allowing TCP packets to port 25, but block UDP packets. —Blocking all ICMP packets —Allowing only ssh packets. Also can provide "Zones" of security —unrestricted access from/to internet, protected zones (called DMZs) from/to the internet, and no access zone from/to internet. –Or other section of the local network.

NAT Network Address Translation —The internal computers have a 10.x.x.x IP numbers —When a computer wants to access the internet, the NAT receives the packet, changes the IP to it's, then sends to the internet. On response, the NAT forwards it onto the computer again. —Since the NAT is acting as a go between, the computer is protected.

VPN Virtual Private Network —A method to provide a secure and encrypted connection between two trusted networks over an unsecured line –Where line could be the internet. —Example –A company has two locations, New York and LA. +They could pay for a private connection between, which is really expensive +Or use a VPN on each side to connect them over the internet.

VPN (2) A VPN client connects to the VPN server. —All networking from the client is directed to the server, which acts as the network gateway. –So the client functions as if it was behind a firewall and could access everything like normal. —Example –Employee goes on a business trip. Connect up to an unsecured network. Connects to the VPN server (via the client) and now has a secure connection to "work" over the unsecured network.

IDS Intrusion Detection System —Detects traffic matching a signature of a known attack. Similar to a Anti-Virus program. –alerts the admin to the attack —If it a NIPS (network Intrusion Prevention system), then it will initiate defensive response. –such as terminating the connection +by configuring the firewall to block it.

Putting it all together

Web Architecture SOURCE: INTERSHOP TIER 1 TIER 2 Server TIER 3 Applications TIER 4 Database

Deploying network equipment Minimize collision domains where ever possible Put biggest switches on top or where the most capacity is needed Always! plan to bandwidth to increase. —planning only for today, causes more problems tomorrow.

Internet a lot of WANs and LANs connected together to form the global access to computers via TCP/IP. Connected in a very chaotic manner, no real order. At the top of the internet hierarchy are National Service Providers (NSPs) that form the backbone of the internet. —Regional ISPs connect to an NSP. —Network Access Points (NAPs) are switching centers between the NSPs. Generally referred to as Metropolitan area exchanges (MAEs).

Internet hosts count 1981 – – – – 1, – 1, – 5, – 28, – 80, – 159, – 376, – 727, – 1,313, – 2,217, – 5,846, – 14,352, – 21,819, – 29,760, – 43,230, – 72,398, – 109,574, – 147,345, – 171,638, – 233,101, – 317,646, – 394,992, – 433,193, – 541,677,000 Internet host 1991 to 2007 Hosts in millions Reference:

Connecting to Internet Backbone SOURCE: HOWSTUFFWORKS.COMHOWSTUFFWORKS.COM MONEY

Structure of the Internet Europe Japan Backbone 1 Backbone 2 Backbone 3 Backbone 4, 5, N Australia Regional A Regional B NAP SOURCE: CISCO SYSTEMS MAPS UUNET MAP

Satellite Access (InterSatCom)

Home Networks Connecting via DSL or Cable Modem and assuming you are connecting 2 or more computers in your house. —You may want a firewall. –Most Cable Modem provide "no protection" from the internet —Connect DSL/Cable modem, then firewall, then a hub or wireless hub. –With Wireless don't forget to set the WEP, otherwise, you maybe providing internet access to your neighbors as well without your knowledge. —For Home use, you do not need the expensive switches and hubs. Many wireless hubs provide 10/100 connection as well. And may also include a firewall.

References See References inside this lecture The Internet Security Guidebook, from planning to deployment, Ellis and Speed, Academic Press, 2001 The CERT® Guide to System and Network Security Practices, Allen, Addison Wesley, 2001 TCP/IP Network Administration, Hunt, 3rd, O'Reilly, 2002 How the Internet Works, Gralla, QUE, 1999 The Essentails of Computer Organization and Architecture, chap12, Null Numerous websites

Q A &