1CS514: Intermediate Course in Computer SystemsLecture 3: Sept. 8, 2003“Introduction to the Network”CS514Overview of LectureIntroduction to the network layer| Classic view of network layerz OSI stack| Classic view no longer (never was?) accurate| End-to-end argument| Internet components (hosts, routers, links, etc.)| Protocol layering fundamentals| IP, UDP, TCP, pros and cons, SCTP| Ethereal---nice protocol monitoring and debugging tool| Naming: Taxonomy, DNS, URIs2CS514Who recognizes this?int sockfd; struct sockaddr_in addr; addr.sin_family = AF_INET; addr.sin_addr.s_addr = inet_addr(SERV_HOST_ADDR); addr.sin_port = htons(SERV_TCP_PORT); sockfd = socket(AF_INET, SOCK_STREAM, 0);connect(sockfd, (struct sockaddr *) &addr, sizeof(serv_addr));do_stuff(stdin, sockfd);CS514Classic view of network API| Start with host name (maybe)foo.bar.com3CS514Classic view of network API| Start with host name| Get an IP addressfoo.bar.comgethostbyname()10.5.4.3CS514Classic view of network API| Start with host name| Get an IP address| Make a socket (protocol, address)foo.bar.comgethostbyname()10.5.4.3sock_idsocket();connect();…4CS514Classic view of network API| Start with host name| Get an IP address| Make a socket (protocol, address)| Send byte stream (TCP) or packets (UDP)foo.bar.comgethostbyname()10.5.4.3sock_idsocket();connect();…TCP sock UDP sockNetwork1,2,3,4,5,6,7,8,9 . . .…Eventually arrive in orderMay or may not arriveCS514Classic approach “broken” in many ways| IP address different depending on who asks for it| Address may be changed in the network| IP address may not be reachable (even though destination is up and attached)z Or may be reachable by you but not another host| IP address may change in a few minutes or hours| Packets may not come from who you think (network caches)5CS514Classic OSI stackCS514Useful abstraction or out-dated and misleading?6CS514Ethernet? Bridged Ethernet? XML? HTTP? CS514Example Microsoft VPN stack (PPTP)ApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEEthernet7CS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEThe link layerCS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEThe link layerA logical link layer8CS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEThe link layerA logical link layerA tunnelCS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEThe link layerA logical link layerA security layerA tunnel9CS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEThe link layerA logical link layerA security layerA network abstraction that Microsoft finds convenientA tunnelCS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoEThe link layerA logical link layerA security layerA network abstraction that Microsoft finds convenientThe actual end-to-end network and transport layersA tunnel10CS514EthernetExample Microsoft VPN stackApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoETCP: Transport Control ProtocolIP: Internet ProtocolPPP: Point-to-Point ProtocolL2TP: Layer 2 Tunneling ProtocolUDP: User Datagram ProtocolIPsec: Secure IPPPPoE: PPP over EthernetCS514What can we learn from this?| That the internet is a mature technologyz Kludges on kludgesEthernetApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoE11CS514What can we learn from this?| That the internet is a mature technologyz Kludges on kludges| Having the biggest company isn’t good enough for BillEthernetApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoECS514What can we learn from this?| That the internet is a mature technologyz Kludges on kludges| That having the biggest company isn’t good enough for BillThat the end-to-end argument actually works!EthernetApplicationTCPPPPL2TPUDPIPsecIPIPPPPPPPoE12CS514What is the end-to-end argument?In a nutshell:If you want something done right, you gotta do it yourself“End-To-End Arguments In System Design”, Saltzer, Reed, Clark, ACM Transactions on Computer Systems, 1984CS514End-to-end argument is mostly about reliability| Early 80’s: industry assumed that the network should do everythingz Guaranteed delivery, sequencing, duplicate suppressionz If the network does it, the end system doesn’t have toz X.25, for example13CS514The network doesn’t always work right| Applications had to check to see if the network really did its job…z … and repair the problem if the network didn’t do its job| End-to-end insight:If the application has to do it anyway, why do it in the network at all?| Keep the network simpleCS514So when should the network do more?| When you get performance gainsz Link-level retransmissions over a lossy link are faster than E2E retransmissions| Alsoz When the network doesn’t trust the end user• Corporation or military encrypt a link because the end user might not do itz Some things just can’t be done at the end• Routing algorithms• Billing• User authentication14CS514Fate sharing: a stronger statement of end-to-end| If the network has no state, network failures won’t screw you| Keep the state in the same box as the applicationz The fate of the communications is shared with the fate of the applicationCS514God, Motherhood, Apple Pie, and the E2E Principle| E2E followed with religious fervor in IETF| Often applied to addressing, which has nothing to do with the original E2E argumentz Reaction to NAT was to fix the network (IPv6), actively discourage “fixing” the hostz Laudable goal, but in a way opposite of E2E “spirit”| Sometimes performance hurt in deference to E2Ez Compression of Voice over IP (RTP, Real Time Protocol)z Mobile IP15CS514E2E vs. fault tolerance vs. high availability| E2E says minimize the number of boxes with statez Two endpoints = two boxes with state| Fault tolerance says maximize the number of boxes with (the same) statez Five boxes, four can crash| High available requires performance, which means fewer stateful boxesz While still achieving fault tolerance . . .CS514Network componentsRH H H H H HR RH H HH H HHost: Source and sink of IP packetsRouter: Forwards IP packetsPoint to point link: link with two nodes (router or host)Broadcast link: link with multiple nodes16CS514Network components| Network: Collection of hosts, links, and routers| Site: Stub network, typically in one location and under control of one administration| Firewall/NAT: Box between the site and ISP that provides filtering, security, and Network Address Translation| ISP: Internet
View Full Document
Unlocking...