DOC PREVIEW
CMU 15441 Computer Networking - Lecture

This preview shows page 1-2-3-18-19-36-37-38 out of 38 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 38 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

15-441 Computer NetworkingTCP Overview RevisitedQueuing DisciplinesPacket Drop DimensionsTypical Internet QueuingFIFO + Drop-tail ProblemsActive Queue ManagementInternet ProblemsDesign ObjectivesLock-out ProblemFull Queues ProblemRandom Early Detection (RED)RED AlgorithmRED OperationExplicit Congestion Notification (ECN)ECN in TCPUse of ECN with TCPAttacks and Security ThreatsPacket SniffingIP SpoofingSlide 21TCP Connection SpoofingSequence Number Guessing AttackMore TCP AttacksRoutingICMPDNSDenial of ServiceSYN Flooding AttackBandwidth DOS AttacksIP TracebackSlide 32Edge SamplingFirewallsTypical Firewall TopologyTypes of FirewallsSlide 37Slide 3815-441 Computer NetworkingOther Transport Issues,Attacks and Security Threats,FirewallsLecture #17: 11-01-01 2TCP Overview Revisited•TCP modern loss recovery•TCP options•TCP interactions•TCP modeling•Workload changes•TCP & routers•TCP header compressionLecture #17: 11-01-01 3Queuing Disciplines•Each router must implement some queuing discipline•Queuing allocates both bandwidth and buffer space:•Bandwidth: which packet to serve (transmit) next •Buffer space: which packet to drop next (when required)•Queuing also affects latencyLecture #17: 11-01-01 4Packet Drop DimensionsAggregationPer-connection stateSingle classDrop positionHeadTailRandom locationClass-based queuingEarly dropOverflow dropLecture #17: 11-01-01 5Typical Internet Queuing•FIFO + drop-tail•Simplest choice•Used widely in the Internet•FIFO (first-in-first-out) •Implies single class of traffic•Drop-tail•Arriving packets get dropped when queue is full regardless of flow or importance•Important distinction:•FIFO: scheduling discipline•Drop-tail: drop policyLecture #17: 11-01-01 6FIFO + Drop-tail Problems•Leaves responsibility of congestion control to edges (e.g., TCP)•Does not separate between different flows•No policing: send more packets  get more service•Synchronization: end hosts react to same eventsLecture #17: 11-01-01 7Active Queue Management•Design active router queue management to aid congestion control •Why?•Router has unified view of queuing behavior•Routers can distinguish between propagation and persistent queuing delays•Routers can decide on transient congestion, based on workloadLecture #17: 11-01-01 8Internet Problems•Full queues•Routers are forced to have have large queues to maintain high utilizations•TCP detects congestion from loss•Forces network to have long standing queues in steady-state•Lock-out problem•Drop-tail routers treat bursty traffic poorly•Traffic gets synchronized easily  allows a few flows to monopolize the queue spaceLecture #17: 11-01-01 9Design Objectives•Keep throughput high and delay low•Accommodate bursts•Queue size should reflect ability to accept bursts rather than steady-state queuing•Improve TCP performance with minimal hardware changesLecture #17: 11-01-01 10Lock-out Problem•Random drop•Packet arriving when queue is full causes some random packet to be dropped•Drop front•On full queue, drop packet at head of queue•Random drop and drop front solve the lock-out problem but not the full-queues problemLecture #17: 11-01-01 11Full Queues Problem•Drop packets before queue becomes full (early drop)•Intuition: notify senders of incipient congestion•Example: early random drop (ERD):•If qlen > drop level, drop each new packet with fixed probability p•Does not control misbehaving usersLecture #17: 11-01-01 12Random Early Detection (RED)•Detect incipient congestion, allow bursts•Keep power (throughput/delay) high•Keep average queue size low•Assume hosts respond to lost packets•Avoid window synchronization•Randomly mark packets•Avoid bias against bursty traffic•Some protection against ill-behaved usersLecture #17: 11-01-01 13RED Algorithm•Maintain running average of queue length•If avg < minth do nothing•Low queuing, send packets through•If avg > maxth, drop packet•Protection from misbehaving sources•Else mark packet in a manner proportional to queue length•Notify sources of incipient congestionLecture #17: 11-01-01 14RED OperationMin threshMax threshAverage Queue LengthminthmaxthmaxP1.0Avg queue lengthP(drop)Lecture #17: 11-01-01 15Explicit Congestion Notification(ECN)•The goal is to provide explicit congestion notification to senders.•Complements the implicit feedback through packet drops•Bits 6-7 of the TOS bit form the ECN field.•The ECN-Capable Transport (ECT) bit is set by the sender to indicate that the end-points are ECN-capable•The Congestion Experience (CE) bit is set by the router to signal congestion•The ECN is received by the receiver, who is responsible for forwarding the information to the senderV/HLV/HLTOSTOSLengthLengthIDIDFlags/OffsetFlags/OffsetTTLTTLProt.Prot.H. ChecksumH. ChecksumSource IP addressSource IP addressDestination IP addressDestination IP addressOptions..Options..DSCPDSCPECT/CEECT/CELecture #17: 11-01-01 16ECN in TCP•Receiver signals congestion to the sender by setting the ECN-Echo flag in the TCP header.•Bit 9 in the reserved field of the TCP header•Handles asymmetric routes•ECN-Echo flag also used to negotiate ECN useSource PortSource PortDest. PortDest. PortSequence NumberSequence NumberAcknowledgmentAcknowledgmentHL/FlagsHL/FlagsWindowWindowD. ChecksumD. ChecksumUrgent PointerUrgent PointerOptions..Options..HLHLECE/CWRECE/CWRFlagsFlagsIPTCPLecture #17: 11-01-01 17Use of ECN with TCP•The TCP sender should respond to ECN feedback as if a single packet loss occurred.•Reduce the congestion window size•Send “Congestion Window Reduced” flag (Bit 8) to ack•So receiver knows to stop ECE bit•ECN and RED can leverage each other.•The router should set the CE bit if it would otherwise have dropped the packet (for a non-ECN enabled flow)•When RED is used, this happens before the queues fill up so ECN and RED combined can result in congestion notification without packet loss•Deployment seems quite practical.•Can be introduced one router at a time•Strong incentive for end-points to adopt ECNLecture #17: 11-01-01 18Attacks and Security Threats•Packet Sniffing•IP Spoofing•TCP Connection Spoofing•Denial of ServiceLecture #17: 11-01-01 19Packet Sniffing•broadcast media•promiscuous NIC reads all packets passing by•can read all unencrypted data (e.g. passwords)•e.g.: C sniffs B’s packets•many protocols (ftp, telnet) send passwords


View Full Document

CMU 15441 Computer Networking - Lecture

Documents in this Course
Lecture

Lecture

14 pages

Lecture

Lecture

19 pages

Lecture

Lecture

14 pages

Lecture

Lecture

78 pages

Lecture

Lecture

35 pages

Lecture

Lecture

4 pages

Lecture

Lecture

4 pages

Lecture

Lecture

29 pages

Lecture

Lecture

52 pages

Lecture

Lecture

40 pages

Lecture

Lecture

44 pages

Lecture

Lecture

41 pages

Lecture

Lecture

38 pages

Lecture

Lecture

40 pages

Lecture

Lecture

13 pages

Lecture

Lecture

47 pages

Lecture

Lecture

49 pages

Lecture

Lecture

7 pages

Lecture

Lecture

18 pages

Lecture

Lecture

15 pages

Lecture

Lecture

74 pages

Lecture

Lecture

35 pages

Lecture

Lecture

17 pages

lecture

lecture

13 pages

Lecture

Lecture

21 pages

Lecture

Lecture

14 pages

Lecture

Lecture

53 pages

Lecture

Lecture

52 pages

Lecture

Lecture

40 pages

Lecture

Lecture

11 pages

Lecture

Lecture

20 pages

Lecture

Lecture

39 pages

Lecture

Lecture

10 pages

Lecture

Lecture

40 pages

Lecture

Lecture

25 pages

lecture

lecture

11 pages

lecture

lecture

7 pages

Lecture

Lecture

10 pages

lecture

lecture

46 pages

lecture

lecture

7 pages

Lecture

Lecture

8 pages

lecture

lecture

55 pages

lecture

lecture

45 pages

lecture

lecture

47 pages

lecture

lecture

39 pages

lecture

lecture

33 pages

lecture

lecture

38 pages

lecture

lecture

9 pages

midterm

midterm

16 pages

Lecture

Lecture

39 pages

Lecture

Lecture

14 pages

Lecture

Lecture

46 pages

Lecture

Lecture

8 pages

Lecture

Lecture

40 pages

Lecture

Lecture

11 pages

Lecture

Lecture

41 pages

Lecture

Lecture

38 pages

Lecture

Lecture

9 pages

Lab

Lab

3 pages

Lecture

Lecture

53 pages

Lecture

Lecture

51 pages

Lecture

Lecture

38 pages

Lecture

Lecture

42 pages

Lecture

Lecture

49 pages

Lecture

Lecture

63 pages

Lecture

Lecture

7 pages

Lecture

Lecture

51 pages

Lecture

Lecture

35 pages

Lecture

Lecture

29 pages

Lecture

Lecture

65 pages

Lecture

Lecture

47 pages

Lecture

Lecture

41 pages

Lecture

Lecture

41 pages

Lecture

Lecture

32 pages

Lecture

Lecture

35 pages

Lecture

Lecture

15 pages

Lecture

Lecture

52 pages

Lecture

Lecture

16 pages

Lecture

Lecture

4 pages

lecture

lecture

27 pages

lecture04

lecture04

46 pages

Lecture

Lecture

46 pages

Lecture

Lecture

13 pages

lecture

lecture

41 pages

lecture

lecture

38 pages

Lecture

Lecture

40 pages

Lecture

Lecture

25 pages

Lecture

Lecture

38 pages

lecture

lecture

11 pages

Lecture

Lecture

42 pages

Lecture

Lecture

12 pages

Lecture

Lecture

36 pages

Lecture

Lecture

46 pages

Lecture

Lecture

35 pages

Lecture

Lecture

34 pages

Lecture

Lecture

9 pages

lecture

lecture

49 pages

class03

class03

39 pages

Lecture

Lecture

8 pages

Lecture 8

Lecture 8

42 pages

Lecture

Lecture

20 pages

lecture

lecture

29 pages

Lecture

Lecture

9 pages

lecture

lecture

46 pages

Lecture

Lecture

12 pages

Lecture

Lecture

24 pages

Lecture

Lecture

41 pages

Lecture

Lecture

37 pages

lecture

lecture

59 pages

Lecture

Lecture

47 pages

Lecture

Lecture

34 pages

Lecture

Lecture

28 pages

Exam

Exam

17 pages

Lecture

Lecture

21 pages

Lecture

Lecture

15 pages

Lecture

Lecture

9 pages

Project

Project

20 pages

Lecture

Lecture

40 pages

L13b_Exam

L13b_Exam

17 pages

Lecture

Lecture

48 pages

Lecture

Lecture

10 pages

Lecture

Lecture

52 pages

21-p2p

21-p2p

16 pages

lecture

lecture

77 pages

Lecture

Lecture

18 pages

Lecture

Lecture

62 pages

Lecture

Lecture

25 pages

Lecture

Lecture

24 pages

Project

Project

20 pages

Lecture

Lecture

47 pages

Lecture

Lecture

38 pages

Lecture

Lecture

35 pages

Roundup

Roundup

45 pages

Lecture

Lecture

47 pages

Lecture

Lecture

39 pages

Lecture

Lecture

13 pages

Midterm

Midterm

22 pages

Project

Project

26 pages

Lecture

Lecture

11 pages

Project

Project

27 pages

Lecture

Lecture

10 pages

Lecture

Lecture

50 pages

Lab

Lab

9 pages

Lecture

Lecture

30 pages

Lecture

Lecture

6 pages

r05-ruby

r05-ruby

27 pages

Lecture

Lecture

8 pages

Lecture

Lecture

28 pages

Lecture

Lecture

30 pages

Project

Project

13 pages

Lecture

Lecture

11 pages

Lecture

Lecture

12 pages

Lecture

Lecture

48 pages

Lecture

Lecture

55 pages

Lecture

Lecture

36 pages

Lecture

Lecture

17 pages

Load more
Download Lecture
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?