MSc WLAN, IP/TCP and COMM NETWORK Topics
-
Upload
rahim-chapman -
Category
Documents
-
view
20 -
download
1
description
Transcript of MSc WLAN, IP/TCP and COMM NETWORK Topics
MSc WLAN, IP/TCP and COMM NETWORK
Topics
ByProf R A Carrasco
School of Electrical ,Electronic and Computer Engineering
University of Newcastle Upon Tyne
[email protected]: 7332
MSc WLAN, IP/TCP and COMM NETWORK
ReferencesReferences
[1][1] Tanenbaum, Andrew S., Tanenbaum, Andrew S., Computer NetworksComputer Networks, Fourth Edition ed: Pearson , Fourth Edition ed: Pearson Education International, 2003,Education International, 2003, ISBN: 0-13-038488-7.ISBN: 0-13-038488-7.
[2][2] Comer, Douglas E, Comer, Douglas E, Computer Networks and Internets with Internet Computer Networks and Internets with Internet ApplicationsApplications, Third Edition ed: Prentice Hall, 2001, ISBN: 0-13-091449-5., Third Edition ed: Prentice Hall, 2001, ISBN: 0-13-091449-5.
[3][3] Peterson, Larry L. & Davie, Bruce S., Peterson, Larry L. & Davie, Bruce S., Computer Networks, A Systems Computer Networks, A Systems ApproachApproach: Morgan Kaufman Publishers, 2000, ISBN: 1-55860-577-0.: Morgan Kaufman Publishers, 2000, ISBN: 1-55860-577-0.
[4][4] Halsall, Fred, Halsall, Fred, Data Communications, Computer Networks and Open Data Communications, Computer Networks and Open SystemsSystems: Adison-Wesley Publishing, 1995, ISBN: 0-201-42293-X: Adison-Wesley Publishing, 1995, ISBN: 0-201-42293-X
• Advanced Research Projects Agency Network (ARPAnet), 1969.
• The protocols in the TCP/IP suite either use transport control protocols (TCP) or user datagram protocol (UDP) as the transport protocol.
• Low level functions such as File Transfer Protocol (FTP), the Internet Terminal Protocol (TELNET) and Electronic Mail (E-Mail), remote logon.
• IP is responsible for moving packets of data from node to node. IP forwards each packet based on a four byte destination address (the IP number), different organisation, IP operates on a gateway machine.
• TCP is responsible for verifying the correct delivery of data from client to server. TCP adds support to detect errors or lost data to trigger retransmission until the data is correctly and completely received.
• Sockets is a name given to the package of subroutines that provide access to TCP/IP on most systems
Internet and Protocols
• The Internet Protocol was developed to create a Network of Networks (the Internet). Individual machines are first connected to a LAN (Ethernet or Token Ring). TCP/IP shares the LAN with other users. One device provides the TCP/IP connection between the LAN and the rest of the World.
• A Network consisting of two or more far-apart LANs is a Wide Area Network (WAN)
• Typical Network consisting of Switches, Hubs and Routers are intermediary devices between clients and servers
The Network Layer in the Internet
The Internet can be viewed as a collection of sub-networks The Internet can be viewed as a collection of sub-networks or autonomous systems (AS) that are connected togetheror autonomous systems (AS) that are connected together
There is not real structure, but several major backbones There is not real structure, but several major backbones existexist
These are constructed from high-bandwidth lines and fast These are constructed from high-bandwidth lines and fast routersrouters
Attached to the backbones are regional networks, and Attached to the backbones are regional networks, and attached to these regional networks are LANs attached to these regional networks are LANs (Universities, companies etc.)(Universities, companies etc.)
The glue that holds the Internet together is the network The glue that holds the Internet together is the network layer protocol, IPlayer protocol, IP
The Network Layer in the Internet
The Internet transmits data by packet switching The Internet transmits data by packet switching using a standardised Internet Protocol (IP)using a standardised Internet Protocol (IP)
IP DatagramIP Datagram
The header has a 20-byte fixed part and a variable The header has a 20-byte fixed part and a variable length optional partlength optional part
It is transmitted in big edian order from left to It is transmitted in big edian order from left to right with higher-order bit of the version field right with higher-order bit of the version field going firstgoing first
Ethernet hub is a device for connecting multiple twisted pair or fibre Ethernet devices together.
D. E. Comer, "Computer Networks and Internets with Internet Applications," Prentice Hall, 2001, pp. 157-167.
[2]
Ethernet bridge connects multiple network segments at the data link layer ( layer 2 ) of the OSI model.
http://netbook.cs.purdue.edu/anmtions/anim09_2.htm
A router is a computer networking device that forwards data across
networks towards their destination, through a process known as routing.
http://netbook.cs.purdue.edu/anmtions/anim09_3.htm
Modem is a device that modulates an analogue carrier signal to encode digital information and also demodulate such a carrier signal to decode the transmitted information.
Popular Wired LAN Standards
High-Level Data Link Control (HDLC)High-Level Data Link Control (HDLC) Ethernet (IEEE 802.3)Ethernet (IEEE 802.3) Token Bus (IEEE 802.4)Token Bus (IEEE 802.4) Token Ring (IEEE 802.5)Token Ring (IEEE 802.5)
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 234-243, pp. 16-26, pp. 271-291.
[1]
HIGH LEVEL DATA LINK CONTROLA. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 234-243.
[1]
Frame format for bit-oriented protocols.
8 8 >08 816
01111110 address control Data Checksum 01111110
HIGH LEVEL DATA LINK CONTROL(2)
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 234-243.
[1]
0 Seq P/F Next(a)
1 13 3
0 Type P/F Next(b)
1 13 3
0 Type P/F Modifier(c)
1 13 3
Control Field of
(a) An information frame
(b) A supervisory frame
(c) An unnumbered frame
PPP- Point to Point Protocol
Bytes
Flag
01111110
Address
11111111
Control
00000011Protocol Payload checksum
Flag
01111110
1 1 1 1 or 2 Variable 2 or 4 1
The PPP full frame format for unnumbered mode operation
Ethernet (IEEE 802.3)
Bus TopologyBus Topology Carrier Sense Multiple Access with Carrier Sense Multiple Access with
Collision Detection (CSMA/CD)Collision Detection (CSMA/CD) 10 Bases denoting 10 Mbit/s10 Bases denoting 10 Mbit/s
http://netbook.cs.purdue.edu/anmtions/anim06_1.htm
Ethernet (IEEE 802.3)
MAC Unit
Protocol Firmware
Network Service
Drop cable
Transceiver
Tap
Ethernet (IEEE 802.3)
PR = Preamble SFD = Start Frame Data DA = Destination Address SA = Source Address TYPE = Type of data FCS = Frame Checksum
PR SFD DA SA FCSTYPE INFORMATION
Data frame
CSMA/CD MAC Protocol
Station checks if there is data being currently Station checks if there is data being currently transmitted (carrier sense)transmitted (carrier sense)
If no data is present, station begins to transmit dataIf no data is present, station begins to transmit data
If two or more stations begin this process If two or more stations begin this process simultaneously, there will be a collision of framessimultaneously, there will be a collision of frames
Station monitors its own receiver output and Station monitors its own receiver output and compares with transmitted signal to detect when compares with transmitted signal to detect when this occurs (collision detection)this occurs (collision detection)
http://netbook.cs.purdue.edu/anmtions/anim06_2.htm
http://netbook.cs.purdue.edu/anmtions/anim06_5.htm
CSMA/CD MAC Protocol
If a collision is detected, the station aborts the If a collision is detected, the station aborts the transmission and sends a jamming signal to inform transmission and sends a jamming signal to inform all other stations that a collision has occurredall other stations that a collision has occurred
Transmitting stations that have caused the Transmitting stations that have caused the collision wait a randomly generated time interval collision wait a randomly generated time interval before reattempting to transmitbefore reattempting to transmit
This avoids step-lock in terms of retransmission This avoids step-lock in terms of retransmission causing repeated collisionscausing repeated collisions
Capacity Calculations
delay
A B
Time
TX - A TX - B
T = Transmitted frame length
Capacity Calculations
TX-A TX-B 2
Sensing time
Time to detect collision
Collision interval
Time to transfer information
a = / T The maximum propagation delay to frame length ratio
The figure above allows a new frame to be transmitted immediately following the previous one, giving a frame rate of 1/T frames/sec
Capacity Calculations
If, on average If, on average KK retries are necessary before retries are necessary before the next frame can be transmitted (in a lightly the next frame can be transmitted (in a lightly loaded network loaded network kk=0), then the average time =0), then the average time for transmitting one frame, for transmitting one frame, ttvv, is given by: , is given by:
ttvv = = TT + + + 2 + 2KK
= = TT + + (1 + 2(1 + 2KK))
= = TT [1 + [1 + //TT(1 +2(1 +2KK)] = )] = TT[1 + [1 + aa(1+(1+2K2K)])]Where Where a=a=//TT
Capacity Calculations
The utilisation factor, The utilisation factor, UU, of the transmission , of the transmission medium is given by:medium is given by:
UU = = TT//ttvv = 1/(1+ = 1/(1+aa(1+2(1+2kk)))) Let Let PPtt be the probability constant for all be the probability constant for all
stations over all time that any particular stations over all time that any particular station wishes to transmit at the end of a station wishes to transmit at the end of a specific 2specific 2 collision detection interval collision detection interval
PPtt = 2 = 2 λλ ,(where ,(where λλ is the rate of packets/s) is the rate of packets/s)
Capacity Calculations
For a successful event, one station transmits, but For a successful event, one station transmits, but nn-1 stations do not-1 stations do not
The probability of n successful transmissions The probability of n successful transmissions pp is is therefore given by:therefore given by:
pp = = nPnPtt(1 - (1 - PPtt))nn-1-1
It can be shown by differentiating It can be shown by differentiating pp with respect with respect to to PPtt that the maximum value of the probability that the maximum value of the probability PPtt is:is:
PPtt = = 11/n/nWhere Where nn is the number of stations is the number of stations
Capacity Calculations
Consequently the maximum value of p is given by:Consequently the maximum value of p is given by: ppmaxmax= n = n 1/ 1/nn(1 – 1/(1 – 1/nn))nn-1-1 = (1 – 1/ = (1 – 1/nn) ) nn-1-1
If If nn→∞→∞ then then ppmaxmax → 1/e where e = 2.718…→ 1/e where e = 2.718… At the end of a 2At the end of a 2 collision detection interval, a further collision detection interval, a further
collision occurs with probability 1-collision occurs with probability 1-pp, while a successful , while a successful transmission occurs with probability transmission occurs with probability PP
Thus, a sequence of K collision intervals occupying a time Thus, a sequence of K collision intervals occupying a time 22K sec, occurs with probability:K sec, occurs with probability:
PP ( (kk) = ) = pp(1-(1-pp))KK-1-1 at least one collision occurring at least one collision occurring
Capacity Calculations
The average number of collisions is The average number of collisions is therefore given by:therefore given by:
kk= = ΣΣkk=1=1
kpkp((kk) = ) = ΣΣkk=1=1
kpkp(1-(1-pp) ) kk-1-1
From this it can be proven that From this it can be proven that kk=1/=1/pp, and , and we obtain the limiting utilisation:we obtain the limiting utilisation:
UU = = TT//ttvv = 1/(1+ = 1/(1+aa(1+2(1+2kk))))
UUmaxmax = 1 / (1+ = 1 / (1+aa(1+2(1+22.718)) = 1/(1+6.442.718)) = 1/(1+6.44aa))
Utilisation with different values for the a parameter
Max Utilisation for different values of
0
0.2
0.4
0.6
0.8
1
0 0.2 0.4
parameter
Max
Uti
lisa
tio
na
a
Ethernet Exercises
Problem: A certain Ethernet system has a Problem: A certain Ethernet system has a maximum bus delay of 16 maximum bus delay of 16 μμsec, and operates with sec, and operates with a bit rate of 10 Mbit/sec. Each frame is 576 bits in a bit rate of 10 Mbit/sec. Each frame is 576 bits in length. Determine the maximum utilisation factor length. Determine the maximum utilisation factor of the medium under collision conditionsof the medium under collision conditions
For the system above, calculate the actual capacity For the system above, calculate the actual capacity if there are 15 active stations, each with an equal if there are 15 active stations, each with an equal amount of data to transmitamount of data to transmit
Token Ring (IEEE 802.5)
Ring Structure
SD AC FC DA SA FCS ED FSINFORMATION
Data frame
SD AC ED
Token framehttp://netbook.cs.purdue.edu/anmtions/anim06_4.htm
Token Ring Frame Structures
SD = Start Delimited (1 octet)SD = Start Delimited (1 octet) AC = Access Control (1 octet)AC = Access Control (1 octet) FC = Frame Control (1 octet)FC = Frame Control (1 octet) DA = Destination Address (2/6)DA = Destination Address (2/6) FCS = Frame Check (4)FCS = Frame Check (4) ED = End Delimiter (1)ED = End Delimiter (1) FS = Frame Status (1)FS = Frame Status (1)
Token Ring
MAC Unit
Protocol Firmware
Network Service
Drop cable
Ring cable
Trunk Coupling Unit (TCU)
Token Ring
AC
B
DFree Token
AC
B
D
AC
B
D
AC
B
D
Busy Token Free Token
A generates data frame
for station A
A removes the data frame
Capacity Calculations
Empty RingEmpty Ring CC = Capacity (bits/sec) = Capacity (bits/sec) = Propagation time around ring= Propagation time around ring NN = Number of stations = Number of stations LL = Delay of = Delay of LL bits in each station on the bits in each station on the
ring (station latency)ring (station latency)
Capacity Calculations
The ring latency is given by:The ring latency is given by: TTLL = = + ( + (NLNL)/)/CC
The free token is 24 bits (3 bytes) in length, The free token is 24 bits (3 bytes) in length, thus the maximum waiting time, if no other thus the maximum waiting time, if no other station is transmitting, is given by:station is transmitting, is given by:
TTmax,emptymax,empty = (24/ = (24/CC + + TTLL))
Capacity Calculations
Full RingFull Ring Consider a full ring, where all stations have Consider a full ring, where all stations have
data to transmitdata to transmit Each station can only transmit when it has the Each station can only transmit when it has the
tokentoken If each frame is limited to M bytes, the If each frame is limited to M bytes, the
transmission time is:transmission time is: TT = 8 = 8MM//CC The maximum waiting time is:The maximum waiting time is: TTmax, Fullmax, Full = ( = (NN-1)(-1)(TT++TTLL))
Capacity Calculations
ExerciseExercise A 4Mbit/s ring has 50 stations, each with a A 4Mbit/s ring has 50 stations, each with a
latency of 2 bits, the total length of the ring is latency of 2 bits, the total length of the ring is 2km, and the propagation delay of the cable is 2km, and the propagation delay of the cable is 55μμs/kms/km
Determine the maximum waiting time when the Determine the maximum waiting time when the ring is empty, and when all stations are ring is empty, and when all stations are transmitting. A full frame is 64 bytes in lengthtransmitting. A full frame is 64 bytes in length
Capacity Calculations
Loaded RingLoaded Ring Traffic load of Traffic load of λλii frame/sec frame/sec TT = Time when transmitted on the ring = Time when transmitted on the ring
for each framefor each frame TTcc = time interval elapsed before the free = time interval elapsed before the free
token arrivestoken arrives ttii = = λλiiTTccTT
Capacity Calculations
The maximum waiting time experienced by The maximum waiting time experienced by every station on the ring Tc is given by:every station on the ring Tc is given by:
TTcc = = TTLL + + ΣΣNNi=1i=1 ttii = = TTLL + + ttcc ΛΛTT
Where Where ΛΛ = = ΣΣNNi=1i=1 λ λii
Here the parameter Here the parameter ΛΛ represents the gross represents the gross input to the ring in frame/secinput to the ring in frame/sec
TTcc//TTLL = 1 / (1- = 1 / (1-UU) and ) and UU = = ΛΛTT
Tutorial: Network Systems and Technologies by Professor R. A. Carrasco
1) 1) Describe the basic differences between a wide area network and a local area network in terms of:Describe the basic differences between a wide area network and a local area network in terms of: a) Structurea) Structure b) Operationb) Operation 2) 2) The techniques of passing information from node to node across a broadcast network differ according The techniques of passing information from node to node across a broadcast network differ according to to
the type of configuration employed.the type of configuration employed.Compare the methods used for bus and ring networks.Compare the methods used for bus and ring networks.
3) 3) a) What is a baseband LAN?a) What is a baseband LAN? What is a broadband LAN?What is a broadband LAN?
b) What are the advantages of using a star ring architecture in a computer network? What are its b) What are the advantages of using a star ring architecture in a computer network? What are its disadvantages?disadvantages?
4) 4) Describe the effects of a complete failure of a node in the operation of the following network Describe the effects of a complete failure of a node in the operation of the following network configurations:configurations:
a busa bus a ring a ring a stara star
5) 5) List the seven layers of the CCITT ISO architecture for network communications.List the seven layers of the CCITT ISO architecture for network communications.
a) Describe their function and justify the existence of each one.a) Describe their function and justify the existence of each one. b) Which layers are essential to LAN communications and why?b) Which layers are essential to LAN communications and why?
6) 6) Assuming HDLC protocolAssuming HDLC protocol a) Distinguish between the normal response mode and the asynchronous mode of working. How are they a) Distinguish between the normal response mode and the asynchronous mode of working. How are they
defined in the HDLC frame structure?defined in the HDLC frame structure? b) How is flow control achieved through this frame structure?b) How is flow control achieved through this frame structure?
7) 7) Describe the function of the logical link control and medium access control layers as defined in the Describe the function of the logical link control and medium access control layers as defined in the IEEE IEEE
802 standards and indicate their relationship with the lower protocol layers in the ISO 802 standards and indicate their relationship with the lower protocol layers in the ISO seven-layer reference model.seven-layer reference model. 8) 8) a) Describe the basic differences between circuit switching, message switching and packet a) Describe the basic differences between circuit switching, message switching and packet
switching.switching.b) Give examples of each switching technique. Advantages and disadvantages of switching techniques.b) Give examples of each switching technique. Advantages and disadvantages of switching techniques.c) For packet switching technique: give an example. How will the network handle stream of packets?c) For packet switching technique: give an example. How will the network handle stream of packets?
9) 9) i) Discuss IEEE 802 standards and frame format for CSMA/CD, token bus, token ring, 802.2 i) Discuss IEEE 802 standards and frame format for CSMA/CD, token bus, token ring, 802.2 (logical link (logical link
control), 802.3, 802.4 and 802.5 standards.control), 802.3, 802.4 and 802.5 standards.ii) Briefly discuss the comparison of 802.3, 802.4 and 802.5 standards.ii) Briefly discuss the comparison of 802.3, 802.4 and 802.5 standards.
10) 10) Imagine two LAN bridges, both connecting a pair of 802.4 networks. The first bridge is faced with Imagine two LAN bridges, both connecting a pair of 802.4 networks. The first bridge is faced with 1000 1000
512-byte frames per second that must be forwarded. The second is faced with 200 4096-byte 512-byte frames per second that must be forwarded. The second is faced with 200 4096-byte frames per second. frames per second. Which bridge do you think will need the faster CPU? Discuss.Which bridge do you think will need the faster CPU? Discuss.
11) 11) Suppose that the two bridges of the previous problem each connected an 802.4 LAN to an 802.5 Suppose that the two bridges of the previous problem each connected an 802.4 LAN to an 802.5 LAN. Would that LAN. Would that
change have any influence on the previous answer?change have any influence on the previous answer?
12) 12) A bridge between an 802.3 LAN and an 802.4 LAN has a problem with intermittent memory A bridge between an 802.3 LAN and an 802.4 LAN has a problem with intermittent memory errors. Can this problem cause undetected errors with transmitted frames, or will these errors. Can this problem cause undetected errors with transmitted frames, or will these
all be all be caught by the frame checksums?caught by the frame checksums? 13) 13) A large FDDI ring has 100 stations and a token rotation time of 40 msec. The token holding A large FDDI ring has 100 stations and a token rotation time of 40 msec. The token holding
time time is 10 msec. What is the maximum achievable efficiency of the ring?is 10 msec. What is the maximum achievable efficiency of the ring?
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 26-49.
[1]
• The Internet uses almost exclusively TCP for layer 4 and IP for layer 3
Clients and servers typically implement all of the seven OSI layers whilst hubs and switches are only aware of MAC addresses
Routers are aware of network address (IP addresses), a layer 3 switch is really a fast router
• Routing protocols differ from routed protocols since they dynamically determine routing and the route taken by one packet can be different to that of another packet taking place in the same transaction.
• Transmission Control Protocol (TCP) is a transport layer protocol layered on top of IP and below the application layer SMTP, Telnet, FTP, HTTP(web) etc.
Transmission Control Protocol (TCP)(RFC 793)• Van Jacobson’s algorithm• Karn’s algorithm• Nagle’s Algorithm
IEEE 802.x, TCP/IP and ISO/OSIArchitecture Comparison
IEEE 802.2
IEEE 802.3 IEEE 802.4 IEEE 802.5 IEEE 802.6
Application
Presentation
Session
Transport
Network
Data Link
Physical
ISO/OSI
Application
Transport
Network (IP)
Ethernet
TCP/IP
IEEE 802.x
SMTP (Simple Mail Transfer Protocol)Simple Mail Transfer Protocol is the de facto standard for e-mail transmission across Simple Mail Transfer Protocol is the de facto standard for e-mail transmission across the internet. This is a text based protocol. SMTP uses TCP port 25.the internet. This is a text based protocol. SMTP uses TCP port 25.
FTP (File Transfer Protocol)FTP is used to connect two computers over the internet so that users of one computer FTP is used to connect two computers over the internet so that users of one computer can transfer files and perform file commands on the other computer.can transfer files and perform file commands on the other computer.
TELNET (TELe type NETwork)
TELNET is a network protocol based on the internet or the local area network (LAN) TELNET is a network protocol based on the internet or the local area network (LAN) connections. The term telnet also refers to software which implements the client part connections. The term telnet also refers to software which implements the client part of the protocol.of the protocol.
DNS (Domain Name System)Domain Name System ( DNS) stores and associates many types of information with Domain Name System ( DNS) stores and associates many types of information with translation of domain names ( computer host names ) to IP addresses.translation of domain names ( computer host names ) to IP addresses.
SNMP (Simple Network Management Protocol)
SNMP is used by network management system to monitor network attached devices SNMP is used by network management system to monitor network attached devices for conditions that warrant administrative attention ( Application Layer, database for conditions that warrant administrative attention ( Application Layer, database scheme, date objects)scheme, date objects)
TFTP (Trivial File Transfer Protocol)TFTP is a very simple file transfer protocol ( basic form of TFTP). TFTP is therefore TFTP is a very simple file transfer protocol ( basic form of TFTP). TFTP is therefore useful for booting computers such as routers which doesn’t have any mass storage useful for booting computers such as routers which doesn’t have any mass storage devices.devices.
ARP (Address Resolution Protocol)ARP is a protocol used by the internet protocol (IP) specifically IPV4, to map P ARP is a protocol used by the internet protocol (IP) specifically IPV4, to map P network addresses to the hardware addresses used by the data link protocol. network addresses to the hardware addresses used by the data link protocol.
RARP (Reverse Address Resolution Protocol)RARP is a network layer protocol used t resolve an IP address from a given hardware RARP is a network layer protocol used t resolve an IP address from a given hardware address. It has been rendered obsolete by BOOTP and modern DHCP ( Dynamic Host address. It has been rendered obsolete by BOOTP and modern DHCP ( Dynamic Host Control Protocol ).Control Protocol ).
ICMP (Internet Control Message Protocol)ICMPICMP is one of the core protocols of the internet protocol suite.is one of the core protocols of the internet protocol suite.
IGMP (Internet Group Message Protocol)IGMP is a communication protocol used to manage the membership if internet IGMP is a communication protocol used to manage the membership if internet protocol multicast groups.protocol multicast groups.
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 431-449.
[1]
IPThe IP is the internetworking protocol that offers a The IP is the internetworking protocol that offers a
service with the following characteristics:service with the following characteristics:
It is connectionless, so units of network layer data It is connectionless, so units of network layer data protocol ,denominated datagram in the IP context, protocol ,denominated datagram in the IP context, are dealt with in an individual way from the are dealt with in an individual way from the source host up to the destination hostsource host up to the destination host
It is not reliable. The data-grams can be lost, It is not reliable. The data-grams can be lost, duplicated, or disordered, and the network does duplicated, or disordered, and the network does not detect or report this problemnot detect or report this problem
A. S. Tanenbaum, "Computer Networks," Pearson Education, 2003, pp. 431-448.
[1]
http://netbook.cs.purdue.edu/anmtions/anim17_1.htm
IP Header format
The version fieldThe version field keeps track of which version of the keeps track of which version of the protocol the datagram belongs to. protocol the datagram belongs to.
Hlen Hlen is provided to tell how long the header is in 32-bit is provided to tell how long the header is in 32-bit wordswords
The type of service fieldThe type of service field allows the host to tell the subnet allows the host to tell the subnet what kind of service it wants. Various combinations of what kind of service it wants. Various combinations of reliability and speed are possible. The three flag bits allow reliability and speed are possible. The three flag bits allow the host to specify what it cares most about from the net the host to specify what it cares most about from the net [delay, throughput, reliability][delay, throughput, reliability]
The total lengthThe total length includes everything in the datagram – includes everything in the datagram – both header and databoth header and data
IP Header Format The identification fieldThe identification field is needed to allow the destination host to is needed to allow the destination host to
determine which datagram a newly arrived fragment belongs to. All determine which datagram a newly arrived fragment belongs to. All the fragments of a datagram contain the same identification valuethe fragments of a datagram contain the same identification valueDF = Don’t FragmentDF = Don’t FragmentMF = More FragmentMF = More Fragment
The fragment offsetThe fragment offset tells where in the current datagram this fragment tells where in the current datagram this fragment belongsbelongs
The time to live fieldThe time to live field is a counter used to limit packet lifetimes is a counter used to limit packet lifetimes
The protocol field tells it which transport process to give it to, TCP, The protocol field tells it which transport process to give it to, TCP, UDP and some othersUDP and some others
IP Header Format The header checksum verifies the header only. Checksum is useful to detecting The header checksum verifies the header only. Checksum is useful to detecting
errors generated by bad memory words inside a routererrors generated by bad memory words inside a router The source address and destination address indicate the network number and The source address and destination address indicate the network number and
host numbershost numbers The option field was designed to provide an escape to allow subsequent version The option field was designed to provide an escape to allow subsequent version
of the protocol to include information not present in the original designof the protocol to include information not present in the original design
Option Description
Security
Strict source routing
Loose source routingRecord routeTimestamp
Specifies how secret the datagram is
Gives the complete path to be followed
Gives a list of routers not to be missedMakes each router append its IP addressMakes each router append its address and timestamp
Fragmentation The IP-level datagram must be encapsulated in a lower The IP-level datagram must be encapsulated in a lower
network level packet to travel in the networknetwork level packet to travel in the network The rules for the fragmentation are as follows:The rules for the fragmentation are as follows:
The size of the resulting fragments must be a multiple The size of the resulting fragments must be a multiple of an octet so that the data displacement records, offset, of an octet so that the data displacement records, offset, within the datagram are done correctlywithin the datagram are done correctly
The size of the fragments are freely chosenThe size of the fragments are freely chosen The gateway must accept datagram with a greater size The gateway must accept datagram with a greater size
than that of the network they are connected to. This is than that of the network they are connected to. This is so larger datagram can be admitted to the networkso larger datagram can be admitted to the network
The host and gateways must handle datagram larger The host and gateways must handle datagram larger than 576 octetsthan 576 octets
D. E. Comer, "Computer Networks and Internets with Internet Applications," Prentice Hall, 2001, pp. 283-297.
[2]
http://netbook.cs.purdue.edu/anmtions/anim16_1.htm
ARP Address Resolution Protocol The IP packet are sent encapsulated in LAN or The IP packet are sent encapsulated in LAN or
WAN frame such as Ethernet, token ring or ATM WAN frame such as Ethernet, token ring or ATM Q. How does the host needs to know the correct Q. How does the host needs to know the correct
Ethernet destination address to put in the frame?Ethernet destination address to put in the frame?
EtherDes EtherSour length IP header PayloadEtherDes EtherSour length IP header Payload
A. It uses ARP to map from the IP destination A. It uses ARP to map from the IP destination address to the Ethernet destination addressaddress to the Ethernet destination address
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 450-452.
[1]
http://netbook.cs.purdue.edu/anmtions/anim15_1.htm
ARP cont
The host broadcasts an APR request packet The host broadcasts an APR request packet which contains the IP address of the which contains the IP address of the required stationrequired station
The station which has that IP address The station which has that IP address replies directly (unicast) returning the replies directly (unicast) returning the correct IP addresscorrect IP address
Now the IP packet can be sent directly to Now the IP packet can be sent directly to the correct Ethernet addressthe correct Ethernet address
Reverse Address Resolution Protocol (RARP) Allows a station to determine its IP address from Allows a station to determine its IP address from
its hardware addressits hardware address A server can be configured to respond to RARP A server can be configured to respond to RARP
request automatically allocating IP address across request automatically allocating IP address across the networkthe network
Not used much nowadays, replaced instead by Not used much nowadays, replaced instead by more powerful auto configuration protocols such more powerful auto configuration protocols such as DHCP (Dynamic Host Configuration Protocol)as DHCP (Dynamic Host Configuration Protocol)
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 453-454.
[1]
Dynamic Host Configuration Protocol DHCP Allows a client to be configured Allows a client to be configured
automatically over the network.automatically over the network. Means that machines do not have to have Means that machines do not have to have
configured by handconfigured by hand New machines can be added to the IP New machines can be added to the IP
network more easily network more easily Less chance of error (for example duplicate Less chance of error (for example duplicate
IP addresses being configured)IP addresses being configured)
Domain Name Service DNS
IP addresses are very difficult to rememberIP addresses are very difficult to remember DNS translates easier to remember text DNS translates easier to remember text
names www.soc.ncl.ac.uknames www.soc.ncl.ac.uk
into IP address 128.10.20.30into IP address 128.10.20.30 When a host requires a domain name When a host requires a domain name
translation it makes the request to its local translation it makes the request to its local Domain Name ServerDomain Name Server
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 579-588,.
[1]
Domain Naming
Each name in DNS can be split up a series of Each name in DNS can be split up a series of domainsdomains
E.g. E.g. www.soc.ncl.ac.ukwww.soc.ncl.ac.uk uk=domain of the UKuk=domain of the UK ac.uk= academic domain within the UKac.uk= academic domain within the UK ncl.ac.uk=Newcastle University domain within ncl.ac.uk=Newcastle University domain within
UK academicUK academic soc.ncl.ac.uk School of computing domain within soc.ncl.ac.uk School of computing domain within
Newcastle University within UK academicNewcastle University within UK academic
Domain Name Servers Each domain name server is responsible domainEach domain name server is responsible domain The first request will go to the server which is the local machine The first request will go to the server which is the local machine
domaindomain DNS server can react in 3 different wayDNS server can react in 3 different way
-DIRECT just send back the correct IP address-DIRECT just send back the correct IP address
-RECURSIVE if it doesn’t know the IP address make a request to another -RECURSIVE if it doesn’t know the IP address make a request to another DNS server for the IP address then send back the IP addressDNS server for the IP address then send back the IP address
-INDIRECT send back the IP address of another DNS server-INDIRECT send back the IP address of another DNS server
The change from IPv4 to IPv6 falls primarily into the following categories:
• Expanded Addressing Capabilities IP address size from 32 bits to 128• Header format simplification• Improved support for extensions and options• Flow labelling capability•Authentication and privacy capabilities
IPv6 extension headers
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 464-473.
[1] D. E. Comer, "Computer Networks and Internets with Internet Applications," Prentice Hall, 2001, pp. 339-348.
[2]
Order of extension headers for IPv6
Option header formats
Hop-by-hop extension IPv6 options header
Routing Extension IPv6 header
Routing type 0 header
Fragment extension IPv6 header
TCP and UDP “pseudo-header” for IPv6
Tutorial Sheet: Network Systems and Technologies by Prof R. A. Carrasco
1) 1) What is the principal difference between connectionless communication and connection-oriented What is the principal difference between connectionless communication and connection-oriented communication?communication?
2) 2) Two networks each provide reliable connection-oriented service. One of them offers a reliable byte Two networks each provide reliable connection-oriented service. One of them offers a reliable byte
stream and the other offers a reliable message stream. Are these identical? If so, why is the distinction stream and the other offers a reliable message stream. Are these identical? If so, why is the distinction mode? If not, give an example of how they differ.mode? If not, give an example of how they differ.
3) 3) What are two reasons for using layered protocols?What are two reasons for using layered protocols? 4) 4) Give two example applications for which connection-oriented service is appropriate. Now give two Give two example applications for which connection-oriented service is appropriate. Now give two
examples for which connectionless service is best.examples for which connectionless service is best. 5) 5) Are there any circumstances when a virtual circuit service will (or at least should) deliver packets out of Are there any circumstances when a virtual circuit service will (or at least should) deliver packets out of
order? Explain.order? Explain. 6) 6) Datagram subnets route each packet as a separate unit, independent of all others. Virtual circuit subnets Datagram subnets route each packet as a separate unit, independent of all others. Virtual circuit subnets
do not have to do this, since each data packet follows a predetermined route. Does this observation mean do not have to do this, since each data packet follows a predetermined route. Does this observation mean that virtual circuit subnets do not need the capability to route isolated packets from an arbitrary source to that virtual circuit subnets do not need the capability to route isolated packets from an arbitrary source to an arbitrary destination? Explain your answer.an arbitrary destination? Explain your answer.
7) 7) What does ‘negotiation’ mean when discussing network protocols? Give an example of it.What does ‘negotiation’ mean when discussing network protocols? Give an example of it.
8) 8) Give three examples of protocol parameters that might be negotiated when a connection is set up.Give three examples of protocol parameters that might be negotiated when a connection is set up. 9) 9) Discuss the advantages and disadvantages of message switching over circuit switching and Discuss the advantages and disadvantages of message switching over circuit switching and
performance comparison.performance comparison. 10) 10) Discuss the advantages/disadvantages of packet switching over circuit switching (and performance Discuss the advantages/disadvantages of packet switching over circuit switching (and performance
comparison)comparison) 11) 11) Discuss the characteristics and medium access control techniques of Broadcast Networks.Discuss the characteristics and medium access control techniques of Broadcast Networks. 12) 12) Describe the routing functions attributes and their elements.Describe the routing functions attributes and their elements. 13) 13) Describe the following routing strategies:Describe the following routing strategies:
Fixed RoutingFixed RoutingFloodingFloodingRandom RoutingRandom RoutingAdaptive RoutingAdaptive Routing
TCP Transmission Control Protocol
ServicesServices
-Guarantees end to end delivering of packets-Guarantees end to end delivering of packets
-Control the flow of data from host to host -Control the flow of data from host to host and host into the networkand host into the network
-Multiplexing, the TCP header has a port -Multiplexing, the TCP header has a port number which is used to determine which number which is used to determine which application should receive the packetapplication should receive the packet
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 41-49.
[1] http://netbook.cs.purdue.edu/anmtions/anim20_1.htm
TCP Datagram Format, RFC 793A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 532-553.
[1]
TCP Client Ports
Q. If you have a computer running an e-mail Q. If you have a computer running an e-mail package, 2 web browsers (e.g. Netscape and IE) package, 2 web browsers (e.g. Netscape and IE) how does the compute know when a TCP/IP how does the compute know when a TCP/IP packet arrives which application should receive packet arrives which application should receive the packet?the packet?
A. Each application sets up its connection using a A. Each application sets up its connection using a different port number, when the replies come back different port number, when the replies come back from the server the port number is used to send the from the server the port number is used to send the packet to the current connection.packet to the current connection.
TCP SERVER PORTS
The server must respond to client requestsThe server must respond to client requests Q. How does the client know which port to Q. How does the client know which port to
send its request to?send its request to? A. “Well known port numbers” are assigned A. “Well known port numbers” are assigned
to particular servicesto particular services
TCP Error control
The acknowledgment (ack) and sequence number fields The acknowledgment (ack) and sequence number fields are used to guarantee delivery of packets to the destinationare used to guarantee delivery of packets to the destination
For each packet sent out an ack must be sent back.For each packet sent out an ack must be sent back. If no ack is sent back within a certain time the packet is If no ack is sent back within a certain time the packet is
sent again.sent again. Each new packet to be transmitted is allocated a new Each new packet to be transmitted is allocated a new
sequence no. the returning ack no. informs the sender of sequence no. the returning ack no. informs the sender of the next expected sequence no.the next expected sequence no.
The sequence no. is used to keep the packets in orderThe sequence no. is used to keep the packets in order
http://netbook.cs.purdue.edu/anmtions/anim20_5.htm
TCP flow control
The window size field is used by the receiver to The window size field is used by the receiver to control the flow of packets from the sender.control the flow of packets from the sender.
If the receiver sets the window size to 400 the If the receiver sets the window size to 400 the sender is only allowed to send 400 bytes before sender is only allowed to send 400 bytes before stopping.stopping.
The receiver can stop the sender by setting the The receiver can stop the sender by setting the window size to 0window size to 0
http://netbook.cs.purdue.edu/anmtions/anim20_3.htm
http://netbook.cs.purdue.edu/anmtions/anim20_3.htm
TCP congestion control
TCP uses a slow start algorithm to initially TCP uses a slow start algorithm to initially limit a new connection’s bandwidth.limit a new connection’s bandwidth.
This is so that the connection does not This is so that the connection does not overload the network infrastructureoverload the network infrastructure
TCP increases the flow of data into the TCP increases the flow of data into the network until an ack timeout occurs it will network until an ack timeout occurs it will then cut backthen cut back
UDP User Datagram Protocol
ServicesServices
-provides port allocations the same as TCP-provides port allocations the same as TCP
-does NOT guarantee delivery-does NOT guarantee delivery
-does not guarantee sequencing-does not guarantee sequencing
-useful when speed is more important than -useful when speed is more important than reliability e.g. Internet telephonyreliability e.g. Internet telephony
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp. 524-532.
[1]
User Datagram Protocol (UDP), RFC 768
• Source Port Destination Port Length Field The Checksum
• Internet Protocol IP RFC 791, RFC 792, RFC 826
IPv4, IPv6
Applications of UDP
Appropriate whenAppropriate when
- transport layer overhead must be - transport layer overhead must be minimized or minimized or
- data reliability is not crucial- data reliability is not crucial
- Services such as NFS, DNS, SNMP and - Services such as NFS, DNS, SNMP and Voice over IP (VoIP) use UDPVoice over IP (VoIP) use UDP
Sockets
1 2 65535 1 2 65535
TCP UDP
TCP ports UDP ports
Sockets bound to ports
UDP sockets
Socket references
TCP sockets
Applications
IP
A socket allows applications to send and receive data. It allows an application to connect to a network and communicate with other applications on that network Stream sockets use TCP as the end-to-end protocol with IP underneath Datagram sockets use UDP end-to-end with IP underneath A TCP/IP socket is uniquely identified by an Internet address, type of protocol and a port number
Relationship of Socket Classes
TcpListener TcpClientClass
UdpClientClass
Socket Class
WinSock 2.0 Implementation
WinSock was developed by Microsoft and provides standard socket functions.
The .NET framework provides higher level classes to simplify programming tasks.
The .NET socket class allows access to the underlying sockets interface.
TcpListener, TcpClient and UdpClient are higher level .NET socket classes that are implemented using the .NET Socket wrapper class.
.NETFramework
Classes
UnderlyingImplementatio
n
TCP Sockets The .NET framework provides two classes for TCP: The .NET framework provides two classes for TCP:
TcpClientTcpClient and and TcpListenerTcpListener
..NET uses the NET uses the EndPoint EndPoint class and class and IPEndPoint IPEndPoint subclass subclass to represent the TCP channel.to represent the TCP channel.
Communication with a TCP client is initiated in three Communication with a TCP client is initiated in three steps:steps:
1.1. Construct an instance of Construct an instance of TcpClientTcpClient2.2. Communicate using the socket’s streamCommunicate using the socket’s stream3.3. Close the connectionClose the connection
TCP Client and Echo server in C#0. using System; //For string, Int32, Console, ArgumentException
1. using System.text; //For Encoding
2. using System.IO; //For IOException
3. using System.Net.Sockets //For TcpClient, NetworkStream, SocketException
4.
5. class TcpEchoClient{
6.
7. static void Main(string[] args){
8.
9. if ((args.Length < 2) || (args.Length > 3)) { // Test for correct no of args
10. throw new ArgumentException(“Parameters: <Server> <Word> [<Port>]”);
11. }
12.
13. String server = args[0]; // Server name or IP address
14.
15.// Convert input String to bytes
16. byte[] byteBuffer = Encoding.ASCII.Getbytes(args[1]);
17.
18. //Use port argument if supplied, otherwise default to 7
19. Int servPort = (args.Length == 3) ? Int32.Parse(args[2]) : 7;
20.
TCP Client and Echo server in C#
21. TcpClient client = null;
22. NetworkStream netStream = null;
23.
24. try{
25. // Create socket that is connected to server on specified port
26. client = new TcpClient(server, servPort);
27.
28. Console.WriteLine(“Connected to server… sending echo string”);
29.
30. netStream = client.GetStream();
31.
32. // Send the encoded string to the server
33. netStream.Write(byteBuffer, 0, byteBuffer.Length);
34.
35. Console.WriteLine(“Sent {0} bytes to server…”, byteBuffer.Length);
36.
37. int totalBytesRcvd = 0; // Total bytes received so far
38. int bytesRcvd = 0; // Bytes received in last read
39.
TCP Client and Echo server in C#
40. //Receive the same string back from the server41. while(totalBytesRcvd < byteBuffer.Length){42. if((bytesRcvd = netStream.Read(byteBuffer, totalBytesRcvd, byteBuffer.Length – totalBytesRcvd)) == 0){43. Console.WriteLine(“Connection closed prematurely.”);45. break;46. }47. totalBytesRcvd += bytesRcvd;48. }49.50. Console.WriteLine(“Received {0} bytes from server: {1}”, totalBytesRcvd, 51. Encoding.ASCII.Getstring(byteBuffer, 0, totalBytesRcvd));52. 53. } catch (Exception e){54. Console.WriteLine(e.Message);55. } finally {56. netStream.Close();57. client.Close();58. }59. }60.}
TCP Client and Echo server in C#
Lines 15-16 convert the echo string to bytesLines 15-16 convert the echo string to bytes Line 19 finds the echo server portLine 19 finds the echo server port Lines 25-26 create the TCP socketLines 25-26 create the TCP socket Line 30 gets the socket streamLine 30 gets the socket stream Lines 32-33 send the string to the echo serverLines 32-33 send the string to the echo server Line 40-48 receive the reply from the echo serverLine 40-48 receive the reply from the echo server Lines 50-51 print the echoed stringLines 50-51 print the echoed string Lines 53-54 handle errorsLines 53-54 handle errors Lines 55-58 close the stream and socketLines 55-58 close the stream and socket
UDP Sockets The .NET framework provides UDP sockets The .NET framework provides UDP sockets
functionality using the class UdpClient. This allows for functionality using the class UdpClient. This allows for both sending and receiving UDP packets, and can be both sending and receiving UDP packets, and can be used to construct a UDP client and server.used to construct a UDP client and server.
The UDP client works in the following way:The UDP client works in the following way:
1.1. Construct an instance of UdpClientConstruct an instance of UdpClient
2.2. Communicate using the Send() and Receive() methods of UdpClientCommunicate using the Send() and Receive() methods of UdpClient
3.3. Use the Close() method of UdpClient to deallocate the socket.Use the Close() method of UdpClient to deallocate the socket.
UDP Client and Echo Server in C#0. using System; //For String, Int32, Console
1. using System.Text; //For Encoding
2. using System.Net; //For IPEndPoint
3. using System.Net.Sockets //For UdpClient, SocketException
4.
5. class UdpEchoClient {
6.
7. static void Main(string[] args) {
8.
9. if((args.Length < 2) || (args.Length > 3)) { // Test for correct no of args
10. throw new System.ArgumentException(“Parameters: <Server> <Word> [<Port>]”);
11. }
12.
13. String server = args[0]; // Server name or IP address
14.
15. // Use port argument if supplied, otherwise default to 7
16. int servPort = (args.Length == 3) ? Int32.Parse(args[2]) : 7;
17.
18. // Convert input String to an array of bytes
19. byte[] sendPacket = Encoding.ASCII.GetBytes(args[1]);
20.
21. // Create a UdpClient instance
22. UdpClient client = new UdpClient();
UDP Client and Echo Server in C#
23 try {24. // Send the echo string to the specified host and port25. client.Send(sendPacket, sendPacket.Length, server, servPort);26. 27. Console.WriteLine(“Sent {0} bytes to the server…”, sendPacket.Length);28.29. // This IPEndPoint instance will be populated with the remote sender’s endpoint information after the
Receive() call30. IPEndPoint remoteIPEndPoint = new IPEndPoint(IPAddress.Any, 0);31.32. // Attempt echo reply receive33. byte[] rcvPacket = client.Receive(ref remoteIPEndPoint);34.35. Console.Writeline(“Received {0} bytes from {1}: {2}”, rcvPacket.Length, remoteIPEndPoint, 36. Encoding.ASCII.Getstring(rcvPacket, 0,
rcvPacket.Length));37.38. } catch (SocketException se) {39. Console.WriteLine(se.ErrorCode + “: “ + se.Message);40. }41.42. client.Close();43. }44. }
UDP Client and Echo Server in C#
Lines 21-22 create the UDP socketLines 21-22 create the UDP socket Lines 24-25 send the datagramLines 24-25 send the datagram Lines 29-30 create a remote IP end point for Lines 29-30 create a remote IP end point for
receivingreceiving Lines 32-33 handle datagram receptionLines 32-33 handle datagram reception Lines 35-36 print reception resultsLines 35-36 print reception results Line 42 closes the socketLine 42 closes the socket
Voice over IP (VoIP)
VoIP is the routing of voice signals over an VoIP is the routing of voice signals over an IP-based network.IP-based network.
The analogue voice signal is converted to a The analogue voice signal is converted to a digital signal.digital signal.
The digital signal is compressed using a The digital signal is compressed using a codec (G.7xxx for voice, H.26xx for video)codec (G.7xxx for voice, H.26xx for video)
The digital signal is then split into packets The digital signal is then split into packets by a process called by a process called PacketizationPacketization
Voice over IP (VoIP)
Advantages:Advantages:
Incoming calls can be routed to a VoIP phone anywhere on Incoming calls can be routed to a VoIP phone anywhere on the networkthe network
Lower cost especially for international callsLower cost especially for international calls
Disadvantages:Disadvantages:
Received IP packets can arrive in any order or even be Received IP packets can arrive in any order or even be missing resulting in poor QoS.missing resulting in poor QoS.
Susceptible to power cuts Susceptible to power cuts
RTSPAudio/VideoApplications
ENUMCodecs
G.xxx, H.26x SDP
H.323 MEGACO/H.248 DNS RTP SAPRTCP MGCP RSVPSIP
TCP UDP
IP
Network Interface Layer Protocols
Voice over IP Protocols
Protocols supporting VoIP
Multicast IPMulticast IP Real-Time Transport Protocol (RTP)Real-Time Transport Protocol (RTP) Real-Time Control Protocol (RTCP)Real-Time Control Protocol (RTCP) Resource Reservation Protocol (RSVP)Resource Reservation Protocol (RSVP) Real-Time Streaming Protocol (RTSP)Real-Time Streaming Protocol (RTSP) Session Description Protocol (SDP)Session Description Protocol (SDP) Session Initiation Protocol (SIP)Session Initiation Protocol (SIP) Electronic Numbers (ENUM)Electronic Numbers (ENUM)
Protocols supporting VoIP
Multicast IPMulticast IP efficiently sends data to multiple receivers at the same efficiently sends data to multiple receivers at the same time on TCP/IP networks.time on TCP/IP networks.
RTPRTP provides end-to-end delivery services for data that requires real- provides end-to-end delivery services for data that requires real-time support.time support.
RTCPRTCP monitors the QoS and conveys information about each user in monitors the QoS and conveys information about each user in the communication session.the communication session.
RSVPRSVP requests an appropriate level of service from the network. requests an appropriate level of service from the network.
RTSPRTSP controls the delivery of data that has real-time properties. controls the delivery of data that has real-time properties.
SDPSDP describes a multimedia session for the purposes of session describes a multimedia session for the purposes of session announcement and invitation. announcement and invitation.
Protocols supporting VoIP
SIPSIP establishes a communication session establishes a communication session between two end-points. It creates, modifies between two end-points. It creates, modifies and terminates sessions between and terminates sessions between participants. participants.
ENUMENUM bridges the gap between telephone bridges the gap between telephone numbers and IP addresses.numbers and IP addresses.
Real-Time Transport Protocol (RTP)
V=2
Contributing Source (CSRC) Identifier(0 to 15 items)
20 ms Voice Sample
PX CC M PT Sequence Number
Timestamp
Synchronisation Source (SSRC) Identifier
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 11 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
Bits
V = Version (currently 2)
CC = CSRC Count. Counts the number of CSRC identifiers in the RTP header
CSRC – Identifies contributing sources (conferencing) in the payload. There can only be a maximum of 15 contributing sources. These are inserted by a mixer.
SSRC – Identifies synchronisation sources. It is chosen randomly so that two or more synchronisation sources in the same RTP session have the same SSRC identifier.
Voice over IP Packet Format
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 11 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
VER
Identifier
Time to live
Source Address
Destination Address
Options + Padding
Source Port
V=2
Contributing Source (CSRC) Identifier(0 – 15 items)
20 ms Voice Sample
IHL Type of service Total Length
Flags Fragment Offset
Protocol Header Checksum
Destination Port
Length Checksum
PX CC M PT Sequence Number
Timestamp
Synchronisation Source (SSRC) Identifier
Bits
IPv4 Header20 octets
+Options
+Padding
UDP Header8 Octets
RTP Header12 octets
+Identifiers
Data20 octets
References
““TCP/IP Illustrated, Volume 1, The Protocols”, W. TCP/IP Illustrated, Volume 1, The Protocols”, W. Richard Stevens, Addison-Wesley Professional Computing Richard Stevens, Addison-Wesley Professional Computing Series, 1994Series, 1994
““TCP/IP Sockets in C#, Practical Guide for Programmers”, TCP/IP Sockets in C#, Practical Guide for Programmers”, David B. Makofske, Michael J. Donahoo, Kenneth L. David B. Makofske, Michael J. Donahoo, Kenneth L. Calvert, The Practical Guide Series, Elsevier, 2004Calvert, The Practical Guide Series, Elsevier, 2004
““Voice over IP Technologies, Building the Converged Voice over IP Technologies, Building the Converged Network”, Mark A. Miller, M&T Books, 2002Network”, Mark A. Miller, M&T Books, 2002
ALOHA and Packet Broadcasting Channel
Prof. R. A. CarrascoProf. R. A. Carrasco
School of Electrical, Electronic and Computer engineeringSchool of Electrical, Electronic and Computer engineering20062006
University of Newcastle-upon-TyneUniversity of Newcastle-upon-Tyne
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.251-264.
[1]
Packet Broadcasting Related Works by Metcalfe and Abransom1) 1970: N. Abramson, “The ALOHA System – 1) 1970: N. Abramson, “The ALOHA System –
Another alternative for computer Another alternative for computer communications.”, in Proc. AFIPS Press, vol 37, communications.”, in Proc. AFIPS Press, vol 37, 19701970
2) 1973: R. M. Metcalfe, “Packet communication,” 2) 1973: R. M. Metcalfe, “Packet communication,” MIT, Cambridge, MA, Rep. MAC TR-114, July 1973.MIT, Cambridge, MA, Rep. MAC TR-114, July 1973.
3) 1977: N. Abramson, “The Throughput of Packet 3) 1977: N. Abramson, “The Throughput of Packet Broadcasting Channels,” IEEE Trans. Commun., Broadcasting Channels,” IEEE Trans. Commun., vol. COM-25, no. 10, Jan 1977vol. COM-25, no. 10, Jan 1977
4) 1985: N. Abramson, “Development of the 4) 1985: N. Abramson, “Development of the ALOAHANET,” IEEE Trans. Info. Theory., March ALOAHANET,” IEEE Trans. Info. Theory., March 19851985
IEEE Transactions on Information Theory, March 1985
Development of the ALOHANETDevelopment of the ALOHANET
ALOHA Project
Started In September 1968Started In September 1968 GoalGoal
To build computer network in University of To build computer network in University of Hawaii.Hawaii.
To investigate the use of radio communications To investigate the use of radio communications as an alternative to the telephone system for as an alternative to the telephone system for computer communication.computer communication.
To determine those situations where radio To determine those situations where radio communications are preferable to conventional communications are preferable to conventional wire communicationswire communications
Problem
Limited Resource: ChannelLimited Resource: Channel Intermittent operation typical of Intermittent operation typical of
interactive computer terminal interactive computer terminal don’t need point-to-point channels. don’t need point-to-point channels. (FDMA or TDMA)(FDMA or TDMA)
Spread Spectrum is not Spread Spectrum is not appropriate to share the channel.appropriate to share the channel.
Approach
Packet Broadcasting ChannelsPacket Broadcasting Channels Each user transmits its packets over the Each user transmits its packets over the
common broadcast channel.common broadcast channel. Key innovationKey innovation of ALOHANET. of ALOHANET.
There are basically two types of ALOHA There are basically two types of ALOHA systemssystems
--Synchronized or slotted and--Synchronized or slotted and
--Unsynchronized or unslotted--Unsynchronized or unslotted
System Design
1968, they decided main approach (Packet 1968, they decided main approach (Packet Broadcasting) for Broadcasting) for design simplicitydesign simplicity. .
Frequency Band: two 100KHz bandwidth Frequency Band: two 100KHz bandwidth channels at 407.350MHz and 413.475MHz.channels at 407.350MHz and 413.475MHz.
TCU (Terminal Control Unit):TCU (Terminal Control Unit): Formatting of the ALOHA packets.Formatting of the ALOHA packets. Retransmission protocol.Retransmission protocol. A Terminal attached TCU by means of RS232.A Terminal attached TCU by means of RS232. Half duplex mode. (too expensive memory)Half duplex mode. (too expensive memory)
History 1971: start operation in University of Hawaii.1971: start operation in University of Hawaii.
1971-72: build additional TCUs.1971-72: build additional TCUs.
1972: connect to ARPANET using satellite channel. (56kbps)1972: connect to ARPANET using satellite channel. (56kbps)
1973: Metcalfe’s doctorial dissertation about packet broadcasting. 1973: Metcalfe’s doctorial dissertation about packet broadcasting.
1973: PACNET, international satellite networks. (9600 bits/s)1973: PACNET, international satellite networks. (9600 bits/s)
1973 ~ : Many researches about “packet broadcasting”.1973 ~ : Many researches about “packet broadcasting”. 1976: slotted ALOHA.1976: slotted ALOHA.
1984: unslotted ALOHA in the UHF band by Motorola.1984: unslotted ALOHA in the UHF band by Motorola.
Strategic Theoretical Realities An appreciation of the basic capacity of the channels and the An appreciation of the basic capacity of the channels and the
matching of that capacity to the information rate of the signals.matching of that capacity to the information rate of the signals.
In data network, distinguish between the average data rate and In data network, distinguish between the average data rate and the burst data ratethe burst data rate
Network design: to handle different kinds of signals from Network design: to handle different kinds of signals from different source.different source.
Deals with the problem of scaling for large system.Deals with the problem of scaling for large system.
Packet broadcasting channel is more scalable than point-to-Packet broadcasting channel is more scalable than point-to-point channel or switching.point channel or switching.
Theoretical analysis give good guide to design network, but the Theoretical analysis give good guide to design network, but the converse also is true.converse also is true. The operation of a real network can be a valuable guide to the The operation of a real network can be a valuable guide to the
selection of theoretical problems.selection of theoretical problems.
Packet Switching and Packet Broadcasting Packet switching can provide a powerful means of Packet switching can provide a powerful means of
sharing communication resources.sharing communication resources. But it employ point-to-point channels and large But it employ point-to-point channels and large
switches for routing.switches for routing. By use of packet broadcastingBy use of packet broadcasting
Elimination of routing and switches.Elimination of routing and switches. System simplicitySystem simplicity Some channels are basically broadcast channel. Some channels are basically broadcast channel.
(satellite, ..)(satellite, ..)
• Needs unified presentation of packet broadcasting Needs unified presentation of packet broadcasting theory.theory.
Packet Broadcasting Channel Each user transmits packets over the Each user transmits packets over the
common broadcast channel completely common broadcast channel completely unsynchronized.unsynchronized.
Loss due to the overlap. Loss due to the overlap. How many users can share a channel?How many users can share a channel?
Recovery of Lost Packets
Positive Acknowledgements.Positive Acknowledgements.
Transponder Packet Broadcasting.Transponder Packet Broadcasting.
Carrier Sense Packet Broadcasting.Carrier Sense Packet Broadcasting.
Packet Recovery CodesPacket Recovery Codes
ALOHA Systems and Protocols We assume that the start time of packets/s that are We assume that the start time of packets/s that are
transmitted is a Poisson point processtransmitted is a Poisson point process
An average rate of An average rate of λλ packets packets
Let TLet Tpp denote the time duration of a packet denote the time duration of a packet
The normalised channel traffic G is definedThe normalised channel traffic G is defined G=G=λλTTpp
It also called the offered channel trafficIt also called the offered channel traffic
ALOHA Capacity
Errors reduce the ALOHA CapacityErrors reduce the ALOHA Capacity Random noise errorsRandom noise errors Errors caused by packet overlap.Errors caused by packet overlap.
Statistical Analysis:
S: Channel ThroughputG: Channel Traffic
Throughput is maximum 1/2e when channel traffic equals 0.5.
ALOHA Capacity
Meaning of the resultMeaning of the result ALOHA: 9600 bits/sALOHA: 9600 bits/s Terminal: 5bits/sTerminal: 5bits/s
9600 X 1/2e = about 1600 bits/s9600 X 1/2e = about 1600 bits/s The channel can handle the traffic of The channel can handle the traffic of
over 300 active terminals and each over 300 active terminals and each terminal will operate at a peak data terminal will operate at a peak data rate 9600 bits/srate 9600 bits/s
Slotted ALOHA Channel Capacity
Each user can start his packet only Each user can start his packet only at certain fixed instants.at certain fixed instants.
Statistical Analysis
It increase the throughput
Mixed Data Rates
Unslotted ALOHA: Variable Packet LengthsUnslotted ALOHA: Variable Packet Lengths = Long Packet Length/ Short Packet Length= Long Packet Length/ Short Packet Length G1 = Short Packet TrafficG1 = Short Packet Traffic G2 = Long Packet TrafficG2 = Long Packet Traffic
Total channel throughput can undergo a significant decrease.
Slotted ALOHA: Variable Packet Rates Assume ALOHA used by Assume ALOHA used by nn users with different channel users with different channel
traffic.traffic.
ALOHA
Meaning of the resultMeaning of the result In a lightly loaded slotted ALOHA In a lightly loaded slotted ALOHA
channel, a single user can transmit channel, a single user can transmit data at rates above the limit 1/e. data at rates above the limit 1/e. : Excess Capacity.: Excess Capacity.
Important for the network consisting Important for the network consisting of many interactive terminal users of many interactive terminal users and small number of users who send and small number of users who send large but infrequent files.large but infrequent files.
Question 1
In a pure ALOHA system, the channel bit In a pure ALOHA system, the channel bit rate is 2400bits/s. Suppose that each rate is 2400bits/s. Suppose that each terminal transmits a 100-bit message every terminal transmits a 100-bit message every minute on average.minute on average.
i) Determine the maximum number of i) Determine the maximum number of terminals that can use the channelterminals that can use the channel
ii) Repeat (i) if slotted ALOHA is usedii) Repeat (i) if slotted ALOHA is used
Question 2
An alternative derivation for theAn alternative derivation for the
throughput in a pure ALOHA system throughput in a pure ALOHA system
may be obtained from the relationmay be obtained from the relation
G=S+A, where A is the average G=S+A, where A is the average
(normalised) rate of retransmission. Show that(normalised) rate of retransmission. Show that
A=G(1-A=G(1-ee-2G-2G ) and then solve for S. ) and then solve for S.
Question 3
Consider a pure ALOHA system that is Consider a pure ALOHA system that is operating with a throughput S=0.1operating with a throughput S=0.1
and packets are generated with a and packets are generated with a
Poisson arrival rate Poisson arrival rate λλ. Determine: . Determine:
i)i) The value of GThe value of G
ii)ii) The average number of attempted The average number of attempted
transmissions to send a packet.transmissions to send a packet.
Question 4 Consider a CSMA/CD system in which the Consider a CSMA/CD system in which the
transmission rate on the bus is 10 Mtransmission rate on the bus is 10 Mττbits/s. The bits/s. The bus is 2 Km and the propagation delay is 5 bus is 2 Km and the propagation delay is 5 μμs/Km. s/Km.
Packets are 1000 bits long. Packets are 1000 bits long. Determine:Determine:
i) The end-to-end delay i) The end-to-end delay dd..
ii) The packet duration Tii) The packet duration Tpp
iii) The ratio iii) The ratio dd/T/Tpp
iv) The maximum utilization of the bus and the maximum bit iv) The maximum utilization of the bus and the maximum bit rate.rate.
MSc Telecommunications Questions
by Professor R. A. Carrasco 1.1. Describe the evolution of the Internet and protocols for a communication network. Describe the evolution of the Internet and protocols for a communication network.
2.2. Explain the concept of a hub, bridge, router and modem for local area networks. Explain the concept of a hub, bridge, router and modem for local area networks.
3.3. Explain the concept and protocols of Ethernet (IEEE 802.3), Token Bus (IEEE 820.4) and Token Ring Explain the concept and protocols of Ethernet (IEEE 802.3), Token Bus (IEEE 820.4) and Token Ring (IEEE 802.5) (IEEE 802.5)
4.4. Describe how you can determine the utilisation for IEEE 802.3 and proveDescribe how you can determine the utilisation for IEEE 802.3 and prove
5.5. Give advantages and disadvantages of a wireless LAN Give advantages and disadvantages of a wireless LAN
6.6. Describe the criteria for LAN design Describe the criteria for LAN design
7.7. Explain the architecture for IEEE 802.Explain the architecture for IEEE 802.xx, TCP/IP and ISO/OSI , TCP/IP and ISO/OSI
8.8. Describe the OSI and TCP/IP model Describe the OSI and TCP/IP model
9.9. Explain each feature of the IP datagram Explain each feature of the IP datagram
10.10. Explain the Internet classes and give an example of how to design an IP address for a networkExplain the Internet classes and give an example of how to design an IP address for a network
))21(1(
1
kat
TU
v
11.11. Explain the concept of ARP, RARP, DHCP and DNS Explain the concept of ARP, RARP, DHCP and DNS
12.12. Explain IPv4 and IPv6 and how they differ Explain IPv4 and IPv6 and how they differ
13.13. Explain TCP, TCP Client Ports, TCP Server Ports, Error Control, Flow Control and Congestion Explain TCP, TCP Client Ports, TCP Server Ports, Error Control, Flow Control and Congestion Control Control
14.14. Describe UDP Describe UDP
15.15. Explain the concept of TCP sockets and what their relation is with the different socket classes Explain the concept of TCP sockets and what their relation is with the different socket classes
16.16. Repeat for UDP Repeat for UDP
17.17. Give advantages and disadvantages of Voice over IP (VoIP) Give advantages and disadvantages of Voice over IP (VoIP)
18.18. Explain VoIP protocols and how they are related to each other Explain VoIP protocols and how they are related to each other
19.19. Give an overview of the IEEE 802 and IEEE 802.11 working group Give an overview of the IEEE 802 and IEEE 802.11 working group
20.20. Give an example of an IEEE 802.11 WLAN architecture and explain stations and access points Give an example of an IEEE 802.11 WLAN architecture and explain stations and access points
21.21. Explain how to determine the channel utilisation expression to evaluate the performance of IEEE Explain how to determine the channel utilisation expression to evaluate the performance of IEEE 802.11b 802.11b
22.22. Describe the concept of a fragment burst Describe the concept of a fragment burst
23.23. Make comparisons between WiMax, WLAN and Bluetooth Make comparisons between WiMax, WLAN and Bluetooth
24.24. For security in communication networks, describe private and public key cryptography for Internet For security in communication networks, describe private and public key cryptography for Internet browsers. browsers.
25.25. Why is the ALOHA project important in a broadcasting system? Why is the ALOHA project important in a broadcasting system?
26.26. Explain how to determine the ALOHA capacity and channel throughput Explain how to determine the ALOHA capacity and channel throughput
Wireless LANs
AdvantagesAdvantages Increased mobility of usersIncreased mobility of users Increased flexibility and fluidity, Increased flexibility and fluidity,
including ad-hoc networksincluding ad-hoc networks Instant networkingInstant networking Availability of LAN technologyAvailability of LAN technology
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.292-302.
[1]
Wireless LANs
DisadvantagesDisadvantages Higher CostHigher Cost Lower PerformanceLower Performance Lower Reliability (Variable Channel Lower Reliability (Variable Channel
Characteristics)Characteristics) Multiple StandardsMultiple Standards Poor Inherent SecurityPoor Inherent Security
LAN Design
IEEE 802.11 Wireless LAN Draft Standard
Professor R. A. CarrascoProfessor R. A. Carrasco
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.292-317.
[1]
Introduction
IEEE 802.11 Draft 5.0 is a draft standard for Wireless IEEE 802.11 Draft 5.0 is a draft standard for Wireless Local Area Network (WLAN) communication.Local Area Network (WLAN) communication.
This tutorial is intended to describe the relationship This tutorial is intended to describe the relationship between 802.11 and other LANs, and to describe some of between 802.11 and other LANs, and to describe some of the details of its operation.the details of its operation.
It is assumed that the audience is familiar with serial data It is assumed that the audience is familiar with serial data communications, the use of LANs and has some communications, the use of LANs and has some knowledge of radios.knowledge of radios.
802.11 Data Frame
Address 1FrameControl Duration Address 2 Address 3 Seq Address 4 Data
Check-sum
Bytes 2 2 6 6 6 2 6 0-2312 4
Version Type SubtypeToDS
FromDS MF
Re-try
Pwr More W O
Bits 2 2 4 1 1 1 1 1 1 1 1
Frame Control
Contents Glossary of 802.11 Wireless TermsGlossary of 802.11 Wireless Terms OverviewOverview 802.11 Media Access Control (MAC)802.11 Media Access Control (MAC) Frequency Hopping and Direct Sequence Spread Spectrum Frequency Hopping and Direct Sequence Spread Spectrum
TechniquesTechniques 802.11 Physical Layer (PHY)802.11 Physical Layer (PHY) SecuritySecurity PerformancePerformance Inter Access Point ProtocolInter Access Point Protocol Implementation SupportImplementation Support Raytheon ImplementationRaytheon Implementation
Glossary of 802.11 Wireless Terms Station (STA): A computer or device with a wireless network Station (STA): A computer or device with a wireless network
interface.interface. Access Point (AP): Device used to bridge the wireless-wired Access Point (AP): Device used to bridge the wireless-wired
boundary, or to increase distance as a wireless packet repeater.boundary, or to increase distance as a wireless packet repeater. Ad Hoc Network: A temporary one made up of stations in mutual Ad Hoc Network: A temporary one made up of stations in mutual
range.range. Infrastructure Network: One with one or more Access Points.Infrastructure Network: One with one or more Access Points. Channel: A radio frequency band, or Infrared, used for shared Channel: A radio frequency band, or Infrared, used for shared
communication.communication. Basic Service Set (BSS): A set of stations communicating wirelessly Basic Service Set (BSS): A set of stations communicating wirelessly
on the same channel in the same area, Ad Hoc or Infrastructure.on the same channel in the same area, Ad Hoc or Infrastructure. Extended Service Set (ESS): A set BSSs and wired LANs with Extended Service Set (ESS): A set BSSs and wired LANs with
Access Points that appear as a single logical BSS.Access Points that appear as a single logical BSS.
Glossary of 802.11 Wireless Terms, cont. BSSID & ESSID: Data fields identifying a stations BSS & BSSID & ESSID: Data fields identifying a stations BSS &
ESS.ESS. Clear Channel Assessment (CCA): A station function used Clear Channel Assessment (CCA): A station function used
to determine when it is OK to transmit.to determine when it is OK to transmit. Association: A function that maps a station to an Access Association: A function that maps a station to an Access
Point.Point. MAC Service Data Unit (MSDU): Data Frame passed MAC Service Data Unit (MSDU): Data Frame passed
between user & MAC.between user & MAC. MAC Protocol Data Unit (MPDU): Data Frame passed MAC Protocol Data Unit (MPDU): Data Frame passed
between MAC & PHY.between MAC & PHY. PLCP Packet (PLCP_PDU): Data Packet passed from PLCP Packet (PLCP_PDU): Data Packet passed from
PHY to PHY over the Wireless Medium.PHY to PHY over the Wireless Medium.
Overview, IEEE 802, and 802.11 Working Group IEEE Project 802 charter:IEEE Project 802 charter:
Local & Metropolitan Area NetworksLocal & Metropolitan Area Networks 1Mb/s to 100Mb/s and higher1Mb/s to 100Mb/s and higher 2 lower layers of 7 Layer OSI Reference Model2 lower layers of 7 Layer OSI Reference Model
IEEE 802.11 Working Group scope:IEEE 802.11 Working Group scope: Wireless connectivity for fixed, portable and moving stations Wireless connectivity for fixed, portable and moving stations
within a limited areawithin a limited area Appear to higher layers (LLC) the same as existing 802 Appear to higher layers (LLC) the same as existing 802
standardsstandards Transparent support of mobility (mobility across router Transparent support of mobility (mobility across router
ports is being address by a higher layer committee)ports is being address by a higher layer committee)
Overview, IEEE 802.11 Committee Committee formed in 1990Committee formed in 1990
Wide attendanceWide attendance Multiple Physical LayersMultiple Physical Layers
Frequency Hopping Spread SpectrumFrequency Hopping Spread Spectrum Direct Sequence Spread SpectrumDirect Sequence Spread Spectrum InfraredInfrared
2.4GHz Industrial, Scientific & Medical shared unlicensed band2.4GHz Industrial, Scientific & Medical shared unlicensed band 2.4 to 2.4835GHz with FCC transmitted power limits2.4 to 2.4835GHz with FCC transmitted power limits
2Mb/s & 1Mb/s data transfer2Mb/s & 1Mb/s data transfer 50 to 200 feet radius wireless coverage50 to 200 feet radius wireless coverage Draft 5.0 Letter Ballot passed and forwarded to Sponsor BallotDraft 5.0 Letter Ballot passed and forwarded to Sponsor Ballot
Published Standard anticipated 1997Published Standard anticipated 1997 Next 802.11 - November 11-14, Vancouver, BCNext 802.11 - November 11-14, Vancouver, BC
Chairman - Victor Hayes, [email protected] - Victor Hayes, [email protected]
Overview, 802.11 Architecture
STASTA
STA STA
STASTASTA STA
APAP
ESS
BSS
BSSBSS
BSS
Existing Wired LAN
Infrastructure Network
Ad Hoc Network
Ad Hoc Network
Overview, Wired vs. Wireless LANs 802.3 (Ethernet) uses CSMA/CD, Carrier Sense 802.3 (Ethernet) uses CSMA/CD, Carrier Sense
Multiple Access with 100% Collision Detect for Multiple Access with 100% Collision Detect for reliable data transferreliable data transfer
802.11 has CSMA/CA (Collision Avoidance)802.11 has CSMA/CA (Collision Avoidance) Large differences in signal strengthsLarge differences in signal strengths Collisions can only be inferred afterwardCollisions can only be inferred afterward
Transmitters fail to get a responseTransmitters fail to get a responseReceivers see corrupted data through a CRC errorReceivers see corrupted data through a CRC error
802.11 Media Access Control
Carrier Sense: Listen before talkingCarrier Sense: Listen before talking Handshaking to infer collisionsHandshaking to infer collisions
DATA-ACK packetsDATA-ACK packets Collision AvoidanceCollision Avoidance
RTS-CTS-DATA-ACK to request the mediumRTS-CTS-DATA-ACK to request the medium Duration information in each packetDuration information in each packet Random Backoff after collision is determinedRandom Backoff after collision is determined Net Allocation Vector (NAV) to reserve bandwidthNet Allocation Vector (NAV) to reserve bandwidth Hidden Nodes use CTS duration informationHidden Nodes use CTS duration information
802.11 Media Access Control, cont. FragmentationFragmentation
Bit Error Rate (BER) goes up with distance and decreases Bit Error Rate (BER) goes up with distance and decreases the probability of successfully transmitting long framesthe probability of successfully transmitting long frames
MSDUs given to MAC can be broken up into smaller MSDUs given to MAC can be broken up into smaller MPDUs given to PHY, each with a sequence number for MPDUs given to PHY, each with a sequence number for reassemblyreassembly
Can increase range by allowing operation at higher BERCan increase range by allowing operation at higher BER Lessens the impact of collisionsLessens the impact of collisions
• Trade overhead for overhead of RTS-CTSTrade overhead for overhead of RTS-CTS• Less impact from Hidden NodesLess impact from Hidden Nodes
802.11 Media Access Control, cont Beacons used convey network parameters such as Beacons used convey network parameters such as
hop sequencehop sequence Probe Requests and Responses used to join a Probe Requests and Responses used to join a
networknetwork Power Savings ModePower Savings Mode
Frames stored at Access Point or Stations for Frames stored at Access Point or Stations for sleeping Stationssleeping Stations
Traffic Indication Map (TIM) in Frames alerts Traffic Indication Map (TIM) in Frames alerts awaking Stationsawaking Stations
802.11 Protocol Stack
Logical Link Control
802.11Infrared
802.11FHSS
802.11DSSS
802.11aOFDM
802.11bHR-DSSS
802.11gOFDM
MACSub-layer
UpperLayers
DataLinkLayer
PhysicalLayer
Performance of IEEE802.11b
MAC Header30 Bytes
CRC4 Bytes
trt
MPDUsec5 contt
prt
DIFS BackoffPLCP
PreamblePLCP
HeaderMPDU SIFS
PLCP Preamble
Head
er Ack14 Bytes
sec10 prt ackt
Data
Performance of IEEE802.11b
Successful transmission of a signal frame Successful transmission of a signal frame PLCP = physical layer convergence protocol PLCP = physical layer convergence protocol
preamblepreamble
prt Header transmission time (varies according to the bit rate used by the host
SIFS = 10 sec (Short Inter Frame Space) is the MAC acknowledgement transmission time (10 sec if the selected rate is 11Mb/sec, as the ACK length is 112 bits
Performance of IEEE802.11b
DIFS = DIFS = sec5
trt = is the frame transmission time, when it transmits at 1Mb/s, the long PLCP header is used and
prt = sec192
If it uses 2, 5.5 or 11 Mb/s, then
prt = sec96 (Short PLCP header)
Performance of IEEE802.11b
For bit rates greater than 1Mb/s and the frame size of For bit rates greater than 1Mb/s and the frame size of 1500 Bytes of data (MPDU of total 1534 Bytes), 1500 Bytes of data (MPDU of total 1534 Bytes), proportion p of the useful throughput measured above proportion p of the useful throughput measured above the MAC layer will be:the MAC layer will be:
70.01534
1500
T
TP tr
So, a signal host sending long frames over a 11Mb/s So, a signal host sending long frames over a 11Mb/s radio channel will have a maximum useful radio channel will have a maximum useful throughput of 7.74Mb/sthroughput of 7.74Mb/s
Performance of IEEE802.11b
If we neglect propagation time, the overall transmission If we neglect propagation time, the overall transmission time is composed of the transmission time and a time is composed of the transmission time and a constant overheadconstant overhead
ovtr ttT
Where the constant overhead
ackprprov ttSIFStDIFSt
Performance of IEEE802.11b
The overall frame transmission time experienced by a The overall frame transmission time experienced by a single host when competing with N – 1 other hosts has single host when competing with N – 1 other hosts has to be increased by time interval to be increased by time interval ttcontcont that accounts for that accounts for
the time spent in contention proceduresthe time spent in contention procedures
Performance of IEEE802.11b
So the overall transmission timeSo the overall transmission time
22
)(1)(
)()(
minCW
N
NPSLOTNt
NtttNT
ccont
contovtr
Where )(NPc is the propagation of collision experienced for each packet successfully acknowledged at the MAC
Performance of IEEE802.11b
Consider how the situation in which N hosts of different Consider how the situation in which N hosts of different bit rate compete for the radio channel. N-1 hosts use the bit rate compete for the radio channel. N-1 hosts use the high transmission rate R = 11Mb/s and one host transmits high transmission rate R = 11Mb/s and one host transmits at a degraded rate R = 5.5, 2, or 1Mb/sat a degraded rate R = 5.5, 2, or 1Mb/s
T
ST
R
ST d
trd
tr or
dSWhere is the data frame length in bits
Performance of IEEE802.11b
The MAC layer ACK frame is also sent at the rate The MAC layer ACK frame is also sent at the rate that depends on the host speed, thus we denote by that depends on the host speed, thus we denote by
Rovt T
ovt
fT
contdR
ovf tR
StT
and the associated overhead time
Let be the overall transmission time for a “fast” host transmitting at rate R
Performance of IEEE802.11b
Similarly, let Ts be the corresponding time for a Similarly, let Ts be the corresponding time for a “slow” host transmitting at rate T:“slow” host transmitting at rate T:
contdT
ovs tT
StT
fsjam TN
TN
t )2
1(2
NtNPTTN
TU
jamcsf
ss
)()1(
We can express the channel utilization of the slow host as
where
Performance of IEEE802.11b
Study:Study:
The UDP traffic &The UDP traffic &
TCP traffic.TCP traffic.
Flows in IEEE 802.11 WLANsFlows in IEEE 802.11 WLANs
Frequency Hopping and Direct Sequence Spread Spectrum Techniques Spread Spectrum used to avoid interference from licensed and other non-Spread Spectrum used to avoid interference from licensed and other non-
licensed users, and from noise, e.g., microwave ovenslicensed users, and from noise, e.g., microwave ovens
Frequency Hopping (FHSS)Frequency Hopping (FHSS) Using one of 78 hop sequences, hop to a new 1MHz channel (out of Using one of 78 hop sequences, hop to a new 1MHz channel (out of
the total of 79 channels) at least every 400millisecondsthe total of 79 channels) at least every 400milliseconds Requires hop acquisition and synchronizationRequires hop acquisition and synchronization Hops away from interferenceHops away from interference
Direct Sequence (DSSS)Direct Sequence (DSSS) Using one of 11 overlapping channels, multiply the data by an 11-bit Using one of 11 overlapping channels, multiply the data by an 11-bit
number to spread the 1M-symbol/sec data over 11MHznumber to spread the 1M-symbol/sec data over 11MHz Requires RF linearity over 11MHzRequires RF linearity over 11MHz Spreading yields processing gain at receiverSpreading yields processing gain at receiver Less immune to interferenceLess immune to interference
802.11 Physical Layer Preamble Sync, 16-bit Start Frame Delimiter, PLCP Header including 16-bit Preamble Sync, 16-bit Start Frame Delimiter, PLCP Header including 16-bit
Header CRC, MPDU, 32-bit CRCHeader CRC, MPDU, 32-bit CRC
FHSSFHSS 2 & 4GFSK2 & 4GFSK Data Whitening for Bias SuppressionData Whitening for Bias Suppression
32/33 bit stuffing and block inversion32/33 bit stuffing and block inversion 7-bit LFSR scrambler7-bit LFSR scrambler
80-bit Preamble Sync pattern80-bit Preamble Sync pattern 32-bit Header32-bit Header
DSSSDSSS DBPSK & DQPSKDBPSK & DQPSK Data Scrambling using 8-bit LFSRData Scrambling using 8-bit LFSR 128-bit Preamble Sync pattern128-bit Preamble Sync pattern 48-bit Header48-bit Header
802.11 Physical Layer, cont. Antenna DiversityAntenna Diversity
Multipath fading a signal can inhibit receptionMultipath fading a signal can inhibit reception Multiple antennas can significantly minimizeMultiple antennas can significantly minimize Spacial Separation of OrthoganalitySpacial Separation of Orthoganality Choose Antenna during Preamble Sync patternChoose Antenna during Preamble Sync pattern
Presence of Preamble Sync patternPresence of Preamble Sync pattern Presence of energyPresence of energy
• RSSI - Received Signal Strength IndicationRSSI - Received Signal Strength Indication Combination of bothCombination of both
Clear Channel AssessmentClear Channel Assessment Require reliable indication that channel is in use to defer transmissionRequire reliable indication that channel is in use to defer transmission Use same mechanisms as for Antenna DiversityUse same mechanisms as for Antenna Diversity Use NAV informationUse NAV information
A Fragment Burst
Frag1
ACK
RTS Frag2 Frag3
CTS ACK ACK
NAV
NAV
A
B
C
D
Time
Fragment Burst
Security
Authentication: A function that determines Authentication: A function that determines whether a Station is allowed to participate in whether a Station is allowed to participate in network communicationnetwork communication Open System (null authentication) & Open System (null authentication) &
Shared KeyShared KeyWEP - Wired Equivalent PrivacyWEP - Wired Equivalent Privacy
• Encryption of dataEncryption of data
ESSID offers casual separation of trafficESSID offers casual separation of traffic
Performance, Theoretical Maximum Throughput Throughput numbers in Mbits/sec:Throughput numbers in Mbits/sec:
Assumes 100ms beacon interval, RTS, CTS used, no collisionAssumes 100ms beacon interval, RTS, CTS used, no collision Slide courtesy of Matt Fischer, AMDSlide courtesy of Matt Fischer, AMD
1 Mbit/sec 2 Mbit/sec
MSDU size(bytes)
DS FH (400mshop time)
DS FH (400mshop time)
128 0.364 0.364 0.517 0.474
512 0.694 0.679 1.163 1.088
512(frag size = 128)
0.503 0.512 0.781 0.759
2304 0.906 0.860 1.720 1.624
Background for broadband wireless technologies UWB – Ultra Wide Band UWB – Ultra Wide Band
High speed wireless personal area networkHigh speed wireless personal area network Wi-Fi – Wireless fidelity Wi-Fi – Wireless fidelity
Wireless technology for indoor environment (WLANS)Wireless technology for indoor environment (WLANS) broader range that WPANs broader range that WPANs
WiMAX – Worldwide Interoperability for Microwave Access WiMAX – Worldwide Interoperability for Microwave Access Wireless Metropolitan Area Networks (WMANs)Wireless Metropolitan Area Networks (WMANs) For outdoor coverage in LOS and NLOS environment For outdoor coverage in LOS and NLOS environment Fixed and Mobile standards Fixed and Mobile standards
3G – Third generation3G – Third generation Wireless Wide Area Networks (WMANs) are the broadest range wireless Wireless Wide Area Networks (WMANs) are the broadest range wireless
networks networks High speed data transmission and greater voice capacity for mobile usersHigh speed data transmission and greater voice capacity for mobile users
Bluetooth -Bluetooth -A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.310-317.
[1]
What is WiMax?
WiMAX is an IEEE802.16/ETSI HiperMAN WiMAX is an IEEE802.16/ETSI HiperMAN based certificate for equipments fulfilling the based certificate for equipments fulfilling the interoperability requirements set by WiMAX interoperability requirements set by WiMAX Forum.Forum.
WiMAX Forum comprises of industry leaders WiMAX Forum comprises of industry leaders who are committed to the open interoperability of who are committed to the open interoperability of all products used for broadband wireless access. all products used for broadband wireless access.
The technique or technology behind the standards The technique or technology behind the standards is often referred as WiMAXis often referred as WiMAX
A. S. TanenBaum, "Computer Networks," Pearson Education, 2003, pp.302-310.
[1]
What is WiMax?
Broadband is thus a Broadband Wireless Broadband is thus a Broadband Wireless Access (BWA) techniqueAccess (BWA) technique
WiMax offers fast broadband connections WiMax offers fast broadband connections over long distancesover long distances
The interpretability of different vendor’s The interpretability of different vendor’s product is the most important factor when product is the most important factor when comparing to the other techniques.comparing to the other techniques.
The IEEE 802.16 Standards
The IEEE 802.16 standards family The IEEE 802.16 standards family - broadband wireless wideband internet connection- broadband wireless wideband internet connection- wider coverage than any wired or wireless connection - wider coverage than any wired or wireless connection before before
Wireless system have the capacity to address broad Wireless system have the capacity to address broad geographic areas without the expensive wired geographic areas without the expensive wired infrastructureinfrastructure
For example, a study made in University of Oulu state that For example, a study made in University of Oulu state that WiMax is clearly more cost effective solution for WiMax is clearly more cost effective solution for providing broadband internet connection in Kainuu than providing broadband internet connection in Kainuu than xDSLxDSL
The IEEE 802.16 Standards
The IEEE 802.16 standards family The IEEE 802.16 standards family - broadband wireless wideband internet connection- broadband wireless wideband internet connection- wider coverage than any wired or wireless connection - wider coverage than any wired or wireless connection before before
Wireless system have the capacity to address broad Wireless system have the capacity to address broad geographic areas without the expensive wired geographic areas without the expensive wired infrastructureinfrastructure
For example, a study made in University of Oulu state that For example, a study made in University of Oulu state that WiMax is clearly more cost effective solution for WiMax is clearly more cost effective solution for providing broadband internet connection in Kainuu than providing broadband internet connection in Kainuu than xDSLxDSL
The IEEE 802.16 Standards 802.16, published in April 2002802.16, published in April 2002
- A set od air interfaces on a common MAC protocol - A set od air interfaces on a common MAC protocol - Addresses frequencies 10 to 66 GHz- Addresses frequencies 10 to 66 GHz- Single carrier (SC) and only LOS- Single carrier (SC) and only LOS
802.16a, published in January 2003802.16a, published in January 2003- A completed amendment that extends the physical layer to the 2 to 11 GHz - A completed amendment that extends the physical layer to the 2 to 11 GHz both licensed and lincensed-exempt frequencies both licensed and lincensed-exempt frequencies - SC, 256 point FFT OFDM and 2048 point FFT OFDMA- SC, 256 point FFT OFDM and 2048 point FFT OFDMA- LOS and NLOS- LOS and NLOS
802.16-2004, published in July 2004802.16-2004, published in July 2004- Revises and replaces 802.16, 802.16a and 802.16 REVd.- Revises and replaces 802.16, 802.16a and 802.16 REVd.- This announcements marks a significant milestone in the development of - This announcements marks a significant milestone in the development of future WiMax technology future WiMax technology - P802.16-2004/Corl published on 8.11.2005- P802.16-2004/Corl published on 8.11.2005
IEEE 802.16: Broadband Wireless MAN Standard (WiMAX) An 802.16 wireless service provides a communications path between a An 802.16 wireless service provides a communications path between a
subscriber site and a core network such as the public telephone subscriber site and a core network such as the public telephone network and the Internet. This wireless broadband access standard network and the Internet. This wireless broadband access standard provides the missing link for the "last mile" connection in provides the missing link for the "last mile" connection in metropolitan area networks where DSL, Cable and other broadband metropolitan area networks where DSL, Cable and other broadband access methods are not available or too expensive. access methods are not available or too expensive.
Comparison Overview of IEEE 802.16a
ParametersParameters 802.16a 802.16a (WiMax)(WiMax)
802.11 802.11 (WLAN) (WLAN)
802.15 802.15 (Bluetooth)(Bluetooth)
Frequency BandFrequency Band 2-11GHz2-11GHz 2.4GHz2.4GHz VariesVaries
RangeRange ~31miles~31miles ~100meters~100meters ~10meters~10meters
Data transfer rateData transfer rate 70 Mbps70 Mbps 11 Mbps – 55 11 Mbps – 55 MbpsMbps
20Kbps – 55 20Kbps – 55 MbpsMbps
Number of UsersNumber of Users ThousandsThousands DozensDozens DozensDozens
• IEEE 802.16 and WiMAX are designed as a complimentary technology to Wi-Fi and Bluetooth. The following table provides a quick comparison of 802.16a with to 802.11b
Protocol Structure -IEEE 802.16: Standard (WiMAX) IEEE 802.16 Protocol Architecture has 4 layers: Convergence, MAC, IEEE 802.16 Protocol Architecture has 4 layers: Convergence, MAC,
Transmission and physical, which can be map to two OSI lowest Transmission and physical, which can be map to two OSI lowest layers: physical and data linklayers: physical and data link
Internet Security
Prof. R. A. Carrasco
School of Electrical, Electronic and Computer EngineeringUniversity of Newcastle-upon-Tyne
Overview
Internet security is the practice of protecting and Internet security is the practice of protecting and preserving private resources and information on the preserving private resources and information on the Internet.Internet.
Computer and network security are challenging topics Computer and network security are challenging topics among executives and managers of computer corporations.among executives and managers of computer corporations.
Together, network security and a well-implemented Together, network security and a well-implemented security policy can provide a highly secure business security policy can provide a highly secure business solution.solution.
Introduction
Elements of Networking Security:Elements of Networking Security: Orange Book Security Levels & FirewallsOrange Book Security Levels & Firewalls PasswordsPasswords Encryption, Authentication & IntegrityEncryption, Authentication & Integrity
Developing a Site Security PolicyDeveloping a Site Security Policy Violation ResponseViolation Response Other Security ResourcesOther Security Resources ConclusionsConclusions
Elements of Networking Security: Orange Book Security Levels & Firewalls
Understand the need & outline a security policy relevant to any Understand the need & outline a security policy relevant to any company.company. Each business has a different threshold of well-being, Each business has a different threshold of well-being,
different:different: assets/culture/technology infrastructureassets/culture/technology infrastructure requirements for storing/sending/communicating requirements for storing/sending/communicating
informationinformation Many strong tools available to secure a computer network:Many strong tools available to secure a computer network:
Software applications, hardware productsSoftware applications, hardware products These alone do not comprise a security policy, but are These alone do not comprise a security policy, but are
essential elementsessential elements
Elements of Networking Security: Orange Book Security Levels & Firewalls
Protection tools evolved over last 2 decadesProtection tools evolved over last 2 decades Protect network at many levelsProtect network at many levels A well-guarded enterprise deploys many different security A well-guarded enterprise deploys many different security
measuresmeasures Elements of securityElements of security
Physical Security: controlling access to most sensitive Physical Security: controlling access to most sensitive components e.g network administration, access to server roomcomponents e.g network administration, access to server room
Operating System Security (OSS)Operating System Security (OSS)• Used in UNIXUsed in UNIX and Microsoft Windows NT and Microsoft Windows NT• C2 level: discretionary acces control file, C2 level: discretionary acces control file, control-file, control-file,
directory read and write permission, and auditing and directory read and write permission, and auditing and authentication controls. authentication controls.
Orange Book Security Levels
There are 7 levels of computer OSS in the There are 7 levels of computer OSS in the Trusted Computer Standards Evaluation Criteria Trusted Computer Standards Evaluation Criteria or Orange Book. or Orange Book.
Levels are used to evaluate protection for Levels are used to evaluate protection for hardware, software, and stored information.hardware, software, and stored information.
System is additive - higher ratings include the System is additive - higher ratings include the functionality of the levels below.functionality of the levels below.
definition centres around access control, definition centres around access control, authentication, auditing, and levels of trust authentication, auditing, and levels of trust
Orange Book Security Levels
D1: no security D1: no security C1: lowest level of securityC1: lowest level of security
File and directory read & write controls and authentication, root is File and directory read & write controls and authentication, root is insecure & auditing (system logging) is not availableinsecure & auditing (system logging) is not available
C2 features an auditing functionC2 features an auditing function records all security-related events & provides stronger protection on records all security-related events & provides stronger protection on
key system files, password file. key system files, password file. B-rated: multilevel security, such as secret, top secret, and mandatory B-rated: multilevel security, such as secret, top secret, and mandatory
access controlaccess control B2:every object & file is labelled, labels change dynamically B2:every object & file is labelled, labels change dynamically
depending on what is being used. depending on what is being used. B3: includes system hardware, terminals connect using trusted paths B3: includes system hardware, terminals connect using trusted paths
& specialised system hardware & specialised system hardware A1: highest level of security A1: highest level of security
Mathematically design verifiedMathematically design verified large amounts of processing power & disk space.large amounts of processing power & disk space.
Firewalls
In theory firewalls allow authorised communications between internal & external In theory firewalls allow authorised communications between internal & external networksnetworks
Properly implemented, are very effective at keeping out unauthorised users & Properly implemented, are very effective at keeping out unauthorised users & stopping unwanted activities on an internal network.stopping unwanted activities on an internal network.
Protect and facilitate network at a number of levelsProtect and facilitate network at a number of levels allow e-mail, file transfer protocol (FTP) & remote login as desired, whilst limiting allow e-mail, file transfer protocol (FTP) & remote login as desired, whilst limiting
access to the internal network. access to the internal network. Provide authorisation mechanismProvide authorisation mechanism
assures only specified users or applications can gain accessassures only specified users or applications can gain access address translation: masks name & address of a machineaddress translation: masks name & address of a machine
e.g. messages for anyone in technical support department have their address e.g. messages for anyone in technical support department have their address translated to translated to [email protected]@company.com..
encryption and virtual private network (VPN) capabilities. encryption and virtual private network (VPN) capabilities. Deployed in a network to segregate different servers & networksDeployed in a network to segregate different servers & networks
controlling access within the networkcontrolling access within the network e.g. separating the accounting and payroll server from the rest of the network to e.g. separating the accounting and payroll server from the rest of the network to
allow certain individuals to access the information. allow certain individuals to access the information. Performance degradation: as a system is busy checking/rerouting data packets, latency is Performance degradation: as a system is busy checking/rerouting data packets, latency is
increased.increased.
Elements of Networking Security:Passwords
Password MechanismsPassword Mechanisms identify and authenticate users as they access a computer systemidentify and authenticate users as they access a computer system A password can be compromised:A password can be compromised:
Eavesdroppers can listen for a username password & gain access over a Eavesdroppers can listen for a username password & gain access over a public networkpublic network
A potential intruder can attack the access gateway, entering an entire A potential intruder can attack the access gateway, entering an entire dictionary of words (or license plates or any other list) against a password dictionary of words (or license plates or any other list) against a password field.field.
Users may loan their password to a co-worker or inadvertently leave out a Users may loan their password to a co-worker or inadvertently leave out a list of system passwordslist of system passwords
Password technologies & tools to make a network more secure.Password technologies & tools to make a network more secure. Useful in ad hoc remote access situations,Useful in ad hoc remote access situations, one-time password generation assumes that a password will be compromised.one-time password generation assumes that a password will be compromised. Before leaving the internal network, a list of passwords that will work only one Before leaving the internal network, a list of passwords that will work only one
time against a given username is generated.time against a given username is generated. When logging into the system remotely, a password is used once and then will When logging into the system remotely, a password is used once and then will
no longer be valid. no longer be valid.
Elements of Networking Security:Passwords Password Aging & Policy EnforcementPassword Aging & Policy Enforcement
users required to create new passwords every so oftenusers required to create new passwords every so often passwords must be a minimum number of characters and a passwords must be a minimum number of characters and a
mix of letters & numbersmix of letters & numbers Smart cards provide extremely secure password protectionSmart cards provide extremely secure password protection
Unique passwords, based on a challenge-response Unique passwords, based on a challenge-response scheme, are created on a small credit-card devicescheme, are created on a small credit-card device
The password is then entered as part of the log-on process The password is then entered as part of the log-on process and validated against a password server, which logs all access and validated against a password server, which logs all access to the systemto the system
Expensive to implement. Expensive to implement.
Elements of Networking Security:Passwords
Single sign-on overcomes the ultimate irony in system security:Single sign-on overcomes the ultimate irony in system security: as a user gains more passwords, these become less secure, not as a user gains more passwords, these become less secure, not
more, and the system opens itself up for unauthorised access.more, and the system opens itself up for unauthorised access. Many company computer networks require users to have different Many company computer networks require users to have different
passwords to access different parts of the systempasswords to access different parts of the system As users acquire more passwords (some have more than 50) they As users acquire more passwords (some have more than 50) they
cannot help but write them down or create easy-to-remember cannot help but write them down or create easy-to-remember passwords. passwords.
A single sign-on system is a centralised access control list which A single sign-on system is a centralised access control list which determines who is authorised to access different areas of the computer determines who is authorised to access different areas of the computer network & a mechanism for providing the expected passwordnetwork & a mechanism for providing the expected password
A user need only remember a single password to sign onto the system. A user need only remember a single password to sign onto the system.
Elements of Networking Security:Good password procedures Do notDo not use your login name in any form (as is, reversed, capitalised, doubled, use your login name in any form (as is, reversed, capitalised, doubled,
etc.). etc.). Do notDo not use your first, middle, or last name in any form or use your spouse’s or use your first, middle, or last name in any form or use your spouse’s or
children’s names. children’s names. Do notDo not use other information easily obtained about you. This includes license use other information easily obtained about you. This includes license
plate numbers, telephone numbers, social security numbers, the make of your plate numbers, telephone numbers, social security numbers, the make of your automobile, the name of the street you live on, etc. automobile, the name of the street you live on, etc.
Do notDo not use a password of all digits or all the same letter. use a password of all digits or all the same letter. Do notDo not use a word contained in English or foreign language dictionaries, use a word contained in English or foreign language dictionaries,
spelling lists, or other lists of words. spelling lists, or other lists of words. Do notDo not use a password shorter than six characters. use a password shorter than six characters. Do useDo use a password with mixed-case alphabetics. a password with mixed-case alphabetics. Do useDo use a password with non-alphabetic characters (digits or punctuation). a password with non-alphabetic characters (digits or punctuation). Do useDo use a password that is easy to remember, so you don’t have to write it down. a password that is easy to remember, so you don’t have to write it down.
Elements of Networking Security:Encryption, Authentication & Integrity
the coding of data through an algorithm or transform table into the coding of data through an algorithm or transform table into
apparently unintelligible garbage apparently unintelligible garbage used on both data stored on a server or as data is communicated through used on both data stored on a server or as data is communicated through
a network a network a method of ensuring privacy of data and that only intended users may a method of ensuring privacy of data and that only intended users may
view the information view the information Many forms:Many forms:
The digital encryption standard (DES) has been endorsed by the National The digital encryption standard (DES) has been endorsed by the National Institute of Standards and Technology (NIST) since 1975 and is the most Institute of Standards and Technology (NIST) since 1975 and is the most readily available encryption standard. One major drawback with DES is readily available encryption standard. One major drawback with DES is that it is subject to U. S. export control; programs that deploy DES that it is subject to U. S. export control; programs that deploy DES technology are generally not available for export from the United States.technology are generally not available for export from the United States.
Elements of Networking Security:Encryption, Authentication & Integrity
Rivest, Shamir, and Adleman (RSA) encryption is a public-key encryption Rivest, Shamir, and Adleman (RSA) encryption is a public-key encryption system, is patented technology in the United States, and thus is not system, is patented technology in the United States, and thus is not available without a license.available without a license.
the DES algorithm was published before the patent filing, and RSA the DES algorithm was published before the patent filing, and RSA encryption may be used in Europe and Asia without a royalty.encryption may be used in Europe and Asia without a royalty.
growing in popularitygrowing in popularity considered quite secure from brute force attacks. considered quite secure from brute force attacks.
Emerging encryption mechanism is pretty good privacy (PGP)Emerging encryption mechanism is pretty good privacy (PGP) allows users to encrypt information stored on their system as well as allows users to encrypt information stored on their system as well as
to send and receive encrypted e-mailto send and receive encrypted e-mail provides tools and utilities for creating, certifying, and managing keysprovides tools and utilities for creating, certifying, and managing keys PGP should not be confused with privacy enhanced mail (PEM), a PGP should not be confused with privacy enhanced mail (PEM), a
protocol standard. protocol standard.
Elements of Networking Security:Encryption, Authentication & Integrity Encryption mechanisms rely on keys or passwordsEncryption mechanisms rely on keys or passwords The longer the password, the more difficult the encryption is to breakThe longer the password, the more difficult the encryption is to break DES relies on a 56-bit key length, and some mechanisms have keys that are DES relies on a 56-bit key length, and some mechanisms have keys that are
hundreds of bits longhundreds of bits long There are two kinds of encryption mechanisms used - private key and public There are two kinds of encryption mechanisms used - private key and public
keykey Private-key: the same key is used to encode and decode the dataPrivate-key: the same key is used to encode and decode the data Public-key: one key is used to encode the data and another to decode itPublic-key: one key is used to encode the data and another to decode it
Named after a unique property of this type of encryption mechanism: Named after a unique property of this type of encryption mechanism: one of the keys can be public without compromising the privacy of the one of the keys can be public without compromising the privacy of the message or the other key. message or the other key.
A trusted recipient, or a remote office network gateway, keeps a A trusted recipient, or a remote office network gateway, keeps a private key to decode data as it comes from the main officeprivate key to decode data as it comes from the main office
VPNs employ encryption to provide secure transmissions over public networks VPNs employ encryption to provide secure transmissions over public networks such as the Internet. such as the Internet.
Elements of Networking Security:Encryption, Authentication & Integrity
Authentication is making sure users are who they say they areAuthentication is making sure users are who they say they are Integrity is knowing that the data sent has not been altered along the wayIntegrity is knowing that the data sent has not been altered along the way
Of course, a message modified in any way would be highly suspect and Of course, a message modified in any way would be highly suspect and should be completely discounted.should be completely discounted.
Digital signatures used to maintain message integrity Digital signatures used to maintain message integrity performs both an authentication and message integrity functionperforms both an authentication and message integrity function
a block of data at the end of a message that verifies to the authenticity of the a block of data at the end of a message that verifies to the authenticity of the file.file.
If any change is made to the file, the signature will not verifyIf any change is made to the file, the signature will not verify Available in PGP and when using RSA encryption.Available in PGP and when using RSA encryption. Kerberos: an add-on system used with any existing network.Kerberos: an add-on system used with any existing network. validates a user through its authentication system and uses DES when validates a user through its authentication system and uses DES when
communicating sensitive informationcommunicating sensitive information
Developing a Site Security Policy Rule 1: Rule 1: that which is not expressly permitted is prohibitedthat which is not expressly permitted is prohibited A security policy should deny access to all network resources and then A security policy should deny access to all network resources and then
add back access on a specific basisadd back access on a specific basis Goal: define the organisation's expectations for proper computer & Goal: define the organisation's expectations for proper computer &
network use & to define procedures to prevent and respond to security network use & to define procedures to prevent and respond to security incidentsincidents
Specific aspects of the organisation must be considered & agreed upon Specific aspects of the organisation must be considered & agreed upon by the policy-making groupby the policy-making group A military base may have very different security concerns from A military base may have very different security concerns from
those of a universitythose of a university Even departments within the same organisation will have different Even departments within the same organisation will have different
requirementsrequirements
Developing a Site Security Policy Who will make the network site security policy???Who will make the network site security policy???
joint effort by a representative group of decision-makers, technical personnel, joint effort by a representative group of decision-makers, technical personnel, and day-to-day users from different levels within the organization.and day-to-day users from different levels within the organization.
Decision-makers: power to enforce the policyDecision-makers: power to enforce the policy Technical personnel: advise on the ramifications of the policyTechnical personnel: advise on the ramifications of the policy Day-to-day users: have a say in how usable the policy is.Day-to-day users: have a say in how usable the policy is.
A site security policy that is unusable, un-implementable, or unenforceable is A site security policy that is unusable, un-implementable, or unenforceable is worthless. worthless.
Developing a security policy comprisesDeveloping a security policy comprises identifying the organisational assetsidentifying the organisational assets identifying the threatsidentifying the threats assessing the riskassessing the risk implementing the tools and technologies available to meet the risksimplementing the tools and technologies available to meet the risks developing a usage policy.developing a usage policy.
Auditing procedure: reviews network and server usageAuditing procedure: reviews network and server usage Policy should be communicated to everyone who uses the computer network.Policy should be communicated to everyone who uses the computer network.
Developing a Site Security Policy:Identifying organisational assets
Create a list of things to be protected, which is Create a list of things to be protected, which is easily & regularly easily & regularly updatedupdated:: HardwareHardware - CPUs, boards, keyboards, terminals, workstations, - CPUs, boards, keyboards, terminals, workstations,
personal computers, printers, disk drives, communication lines, personal computers, printers, disk drives, communication lines, terminal servers, routers terminal servers, routers
SoftwareSoftware - source programs, object programs, utilities, diagnostic - source programs, object programs, utilities, diagnostic programs, operating systems, communication programs programs, operating systems, communication programs
DataData - during execution, stored on-line, archived off-line, - during execution, stored on-line, archived off-line, backups, audit logs, databases, in transit over communication backups, audit logs, databases, in transit over communication media media
DocumentationDocumentation - on programs, hardware, systems, and local - on programs, hardware, systems, and local administrative proceduresadministrative procedures
Developing a Site Security Policy:Assessing the risk The loss from people within the organisation is significantly greater than that The loss from people within the organisation is significantly greater than that
from intruders.from intruders. Risk analysis: what must be protected, from what it must be protected, and how to Risk analysis: what must be protected, from what it must be protected, and how to
protect it. Possible risks to a network include the following: protect it. Possible risks to a network include the following: unauthorised access unauthorised access unavailable service, corruption of data, or a slowdown due to a virus unavailable service, corruption of data, or a slowdown due to a virus disclosure of sensitive information, especially that which gives someone else a disclosure of sensitive information, especially that which gives someone else a
particular advantage, or theft of information such as credit card informationparticular advantage, or theft of information such as credit card information Weight the risk against the importance of the resourceWeight the risk against the importance of the resource
allows site policy makers to determine how much effort should be spent allows site policy makers to determine how much effort should be spent protecting the resource.protecting the resource.
Security analysis tool for auditing networks (SATAN): a tool that hackers use in Security analysis tool for auditing networks (SATAN): a tool that hackers use in order to find system weaknesses.order to find system weaknesses. Discover weaknesses before the fact, protective action implemented to fend Discover weaknesses before the fact, protective action implemented to fend
off certain attacks.off certain attacks.
Developing a Site Security Policy:Auditing & review To determine if there is a violation of a security policy:To determine if there is a violation of a security policy:
use tools that are included in computers and networksuse tools that are included in computers and networks Most operating systems store numerous bits of information in log files:Most operating systems store numerous bits of information in log files:
Examine log files on a regular basisExamine log files on a regular basis Compare lists of currently logged in users and historiesCompare lists of currently logged in users and histories
Users typically log in & out at the same time each day. An account logged in Users typically log in & out at the same time each day. An account logged in outside the normal time may be being used by an intruder. outside the normal time may be being used by an intruder.
Accounting records can be used to determine usage patternsAccounting records can be used to determine usage patterns unusual accounting records unusual accounting records UNIX "syslog" utility: checked for unusual error messages from system softwareUNIX "syslog" utility: checked for unusual error messages from system software A large number of failed login attempts in a short period of time may indicate A large number of failed login attempts in a short period of time may indicate
someone trying to guess passwords.someone trying to guess passwords. Operating system commands that list currently executing processes can be used Operating system commands that list currently executing processes can be used
to detect users running programs they are not authorised to use, as well as to to detect users running programs they are not authorised to use, as well as to detect unauthorized programs that have been started by an intruder. detect unauthorized programs that have been started by an intruder.
Violation Response Planning responses for different violation scenarios Planning responses for different violation scenarios Define actions based on the type of violation and have solutions ready based on Define actions based on the type of violation and have solutions ready based on
the anticipated kind of user violating the computer security policy. the anticipated kind of user violating the computer security policy. Answers to the following questions should be a part of a company's site security Answers to the following questions should be a part of a company's site security
plan: plan: What outside agencies should be contacted, by whom? What outside agencies should be contacted, by whom? Who may talk to the press? Who may talk to the press? When to contact law enforcement and investigative agencies? When to contact law enforcement and investigative agencies? If a connection is made from a remote site, is the system manager authorised If a connection is made from a remote site, is the system manager authorised
to contact that site?to contact that site? What are our responsibilities to our neighbours and other Internet sites? What are our responsibilities to our neighbours and other Internet sites?
Whenever a site suffers an incident that may compromise computer security, Whenever a site suffers an incident that may compromise computer security, the strategies for reacting may be influenced by two opposing pressures. the strategies for reacting may be influenced by two opposing pressures.
Violation Response There are two different strategies: Protect & Proceed or Pursue & There are two different strategies: Protect & Proceed or Pursue &
Prosecute.Prosecute. Protect & Proceed – used if a site is vulnerableProtect & Proceed – used if a site is vulnerable
Protects & preserves site facilitiesProtects & preserves site facilities Provide normality to users as quickly as possibleProvide normality to users as quickly as possible Attempt to interfere with intruder’s processes, prevent further Attempt to interfere with intruder’s processes, prevent further
access & begin immediate damage assessment & recovery.access & begin immediate damage assessment & recovery. Shuts down facilities, closes off access to network.Shuts down facilities, closes off access to network. Unless intruders are identified, they can revisit the site via a Unless intruders are identified, they can revisit the site via a
different path.different path. Pursue & Prosecute - opposite philosophyPursue & Prosecute - opposite philosophy
Violation Response:Protect & proceed
if assets are not well protected if assets are not well protected
if continued penetration could result in great financial risk if continued penetration could result in great financial risk
if there is no possibility or willingness to prosecute if there is no possibility or willingness to prosecute
if user base is unknown if user base is unknown
if users are unsophisticated and their work is vulnerable if users are unsophisticated and their work is vulnerable
if the site is vulnerable to lawsuits from users, e.g., if their resources if the site is vulnerable to lawsuits from users, e.g., if their resources
are undermined are undermined
Violation Response: Pursue & prosecute if assets and systems are well protected if assets and systems are well protected if good backups are available if good backups are available if the risk to the assets is outweighed by the disruption caused by if the risk to the assets is outweighed by the disruption caused by
the present and potential future penetrations the present and potential future penetrations if this is a concentrated attack occurring with great frequency and if this is a concentrated attack occurring with great frequency and
intensity intensity if the site has a natural attraction to intruders and consequently if the site has a natural attraction to intruders and consequently
regularly attracts intruders regularly attracts intruders if the site is willing to incur the financial (or other) risk to assets by if the site is willing to incur the financial (or other) risk to assets by
allowing the perpetrator to continue allowing the perpetrator to continue if intruder access can be controlled if intruder access can be controlled if the monitoring tools are sufficiently well developed to make the if the monitoring tools are sufficiently well developed to make the
pursuit worthwhile pursuit worthwhile
Violation Response: Pursue & prosecute if the support staff is sufficiently clever and knowledgeable about the if the support staff is sufficiently clever and knowledgeable about the
operating system, related utilities, and systems to make the pursuit operating system, related utilities, and systems to make the pursuit worthwhile worthwhile
if management is willing to prosecute if management is willing to prosecute if the system administrators know what kind of evidence would lead to if the system administrators know what kind of evidence would lead to
prosecution prosecution if there is established contact with knowledgeable law enforcement if there is established contact with knowledgeable law enforcement if there is a site representative versed in the relevant legal issues if there is a site representative versed in the relevant legal issues if the site is prepared for possible legal action from its own users if if the site is prepared for possible legal action from its own users if
their data or systems become compromised during the pursuittheir data or systems become compromised during the pursuit
Violation Response:Capturing lessons learned Once you believe that a system has been restored to a safe Once you believe that a system has been restored to a safe
state:state: possibility that holes and even traps could be lurkingpossibility that holes and even traps could be lurking system should be monitored for items that may have been system should be monitored for items that may have been
missed during the clean-up stage. missed during the clean-up stage. It would be prudent to utilise some of the tools previously It would be prudent to utilise some of the tools previously
mentionedmentioned These tools do not replace continual system monitoring and These tools do not replace continual system monitoring and
good systems administration proceduresgood systems administration procedures A security log can be most valuable during this phase of A security log can be most valuable during this phase of
removing vulnerabilities.removing vulnerabilities.
Violation Response:Capturing lessons learned There are two considerations here, keep logs of:There are two considerations here, keep logs of:
Procedures that have been used to make the system secure Procedures that have been used to make the system secure again. This should include command procedures (e.g., again. This should include command procedures (e.g., shell scripts) that can be run on a periodic basis to recheck shell scripts) that can be run on a periodic basis to recheck the security.the security.
Important system events. These can be referenced when Important system events. These can be referenced when trying to determine the extent of the damage of a given trying to determine the extent of the damage of a given incident. incident.
Write a report after an incidentWrite a report after an incident describing the incidentdescribing the incident method of discoverymethod of discovery correction procedurecorrection procedure monitoring proceduremonitoring procedure a summary of lessons learneda summary of lessons learned
Other Security Resources BooksBooks
Chapman, D. Brent and Elizabeth D. Zwicky. Chapman, D. Brent and Elizabeth D. Zwicky. Building Internet FirewallsBuilding Internet Firewalls. . O'Reilly and Associates, Inc., 1995.O'Reilly and Associates, Inc., 1995.
Garfinkel, Simson. Garfinkel, Simson. PGP—Pretty Good PrivacyPGP—Pretty Good Privacy. O'Reilly and Associates, . O'Reilly and Associates, Inc., 1995.Inc., 1995.
Garfinkel, Simson and Gene Spafford. Garfinkel, Simson and Gene Spafford. Practical UNIX SecurityPractical UNIX Security. O'Reilly . O'Reilly and Associates, Inc., 1991.and Associates, Inc., 1991.
Siyan, Karanjit and Chris Hare. Siyan, Karanjit and Chris Hare. Internet Firewalls and Network SecurityInternet Firewalls and Network Security. . New Riders Publishing, 1995.New Riders Publishing, 1995.
Vacca, John. Vacca, John. Internet Security SecretsInternet Security Secrets. IDG Books, 1996. . IDG Books, 1996. Security newsgroups & mailing lists Security newsgroups & mailing lists available on the USENET news system: available on the USENET news system:
comp.security.announcecomp.security.announce comp.security.misccomp.security.misc comp.security.unixcomp.security.unixalt.securityalt.securitymisc.securitymisc.security
Other Security Resources The Bugtraq list discusses security holes & software bugsThe Bugtraq list discusses security holes & software bugs
To subscribe, send e-mail to To subscribe, send e-mail to [email protected]@crimelab.com. In the body of . In the body of the message include the following line: subscribe bugtraq-list firstname the message include the following line: subscribe bugtraq-list firstname lastname. lastname.
Computer Emergency Response Team (CERT) is an organisation that helps Computer Emergency Response Team (CERT) is an organisation that helps Internet users identify and rectify damage done to their system by hackers and Internet users identify and rectify damage done to their system by hackers and crackers.crackers. To subscribe to the CERT advisory mailing list, send e-mail to cert-To subscribe to the CERT advisory mailing list, send e-mail to cert-
[email protected] and put the following in the body of the message: [email protected] and put the following in the body of the message: subscribe cert firstname lastname.subscribe cert firstname lastname.
CERT also maintains a CERT–TOOLS list for the purpose of exchanging CERT also maintains a CERT–TOOLS list for the purpose of exchanging information on tools and techniques that increase the secure operation of information on tools and techniques that increase the secure operation of Internet systems.Internet systems. To subscribe, send e-mail to To subscribe, send e-mail to [email protected]@cert.sei.cmu.edu and put the and put the
following in the body of the message: subscribe cert-tools firstname following in the body of the message: subscribe cert-tools firstname lastname.lastname.
Glossary CERT: computer emergency response teamCERT: computer emergency response team CPU: central processing unitCPU: central processing unit DES: digital encryption standardDES: digital encryption standard DOD: U.S. Department of DefenceDOD: U.S. Department of Defence FTP: file transfer protocolFTP: file transfer protocol NIST: National Institute of Standards and TechnologyNIST: National Institute of Standards and Technology OSS: operating system securityOSS: operating system security PEM: privacy enhanced mailPEM: privacy enhanced mail PGP: pretty good privacyPGP: pretty good privacy RFC: request for commentRFC: request for comment SATAN: security analysis tool for auditing networksSATAN: security analysis tool for auditing networks VPN: virtual private networkVPN: virtual private network