Circuit Switching
- Communication
over one maintained path
- Three
phases
- Circuit
establishment
- Data
transfer
- Circuit
disconnection
- Overhead
for call set-up, no overhead for use
- Connection
breaks if any link or switch on route fails
- Charging
typically by time
Packet Switching
- Communication
path calculated for each packet
- Packets
arrive out of sequence
- Switches
may store and forward data
- All
data has addressing and control overhead
- No
initial overhead
- Route
discovery may have to occur, but rarely global
- Failures
accommodated transparently
- But
new route may have different properties
- Packets
may be lost / retransmitted due to failures
- Charging
typically by packet
Internet Protocol (IP)
- Connectionless
service
- Framing
- Version
- Header Length - Service - Total Length - ID - Flags - Fragment - Of
fs
et
- TTL - Protocol - Header Checksum - SA - DA - Options - Data
- IP
packets may be split or fragmented
- Each
packets has a Time-to-Live (TTL)
- Internet
Control Message Protocol (ICMP) allows routers to send control or error messages
to other routers or hosts.
- Network
Mask (Class B) 255.255.0.0
- Subnet
Mask (Class B) 255.255.255.0
- Allows
for 254 subnets with 254 hosts each, (not 256 as alls 0s and all 1s
reserved)
- Classless
InterDomain Routing (CIDR)
- Partitions
world into four zones and allocate Class C networks
-
Europe
-
North
America
- Central
& South America
- Asia
& Pacific
- Plus
some reserved for future use
- More
efficient allocation
- Works
along side previous allocations without change
- Geographical
distribution may aid routing
- IPv6
- 128
bit addresses (vs. 32 in IPv4)
- A
lot of effect to implement
- Not
well supported yet, currently only within some organisations
- Network
Address Translation (NAT)
- Popular
way of hiding a large network in a small internet address range
- Good
when only a fraction of hosts in network require external access at any
time
- Requires
gateway box that translates internal addresses to dynamically allocated
external addresses
- An
external address may be shared by multiple hosts over time, which can
lead to problems
- Address
Resolution Protocol (ARP)
- Network
Layer Protocol
- Hosts
maintain a cache of IP to physical address mappings for other hosts on
same LAN.
- If
a host cannot find an entry in its ARP table then it sends an ARP
request. When a host recognizes its own IP address it sends a reply.
- Reverse
ARP (RARP)
- A
machine may need to determine its own IP address when it is restarted.
- It
can issue a RARP request, specifying itself as Target as well as Sender.
- One
or more RARP servers may respond, 1st reply used others
discarded
- Limited
broadcast of requests means a RARP server is required on each network.
BOOTP (Boot Protocol) and DHCP (Dynamics Host Configuration Protocol) can
solve this problem.
- Mobile
IP
- Allows
transparent routing of IP datagrams to roaming hosts
- Transport
and higher layers not affected
- Parties
communicating with mobile nodes do not see any change
Hub / Repeater (Physical Layer)
Bridge / Switch (Data Link Layer)
- Switch
is wire speed Bridge
- Isolates
LANs
- Separate
collision domains
- Reduce
traffic
- Separate
data rates
- Interconnect
LANs
- Source Routing Bridge
§
Issue discovery frame
o Copies
down every possible path
o Two
options
§
Destination chooses route
§
Destination returns discovery frame & source
chooses route
§
Connection-oriented (routing in frame)
§
Not transparent at hosts
§
Requires manual configuration of bridges (LAN
& Bridge ID)
§
Optimal routing
§
Overhead of discovery on first frame
§
Failures handled by host
§
Complexity in hosts
- Transparent (Spanning Tree) Bridge
§
Stores table of addresses for each link
§
Over time receives packets from hosts and fills
table (“backwards learning”)
§
Loops make determination impossible
§
Connectionless
§
Transparent at hosts
§
No manual configuration of bridges
§
Sub-optimal routing
§
Low overhead for one frame, high for multiple
frames; overhead per frame
§
Failures handled by bridge
§
Complexity in bridge
Gateway / Router (Network Layer, IP)
- Router-to-Router
traffic uses Point-to-Point Protocol (PPP)
- Typically
for connecting physical and administration boundaries
- Not
end-node transparent
- Packets
addressed to router’s hardware
- Hosts
need to know which router
- Removes
IP Datagram from LAN Frame then re-encapsulates in new LAN Frame for next
hop (handles mixed LANs)
- Changes
IP fields
- Stop
packets circulating forever
- Changes
in Maximum Transfer Units (MTUs)
- Total
Length / Flags / Fragment Of
fs
et
- Every
router recomputes checksum
- Static Routing
- Fixed
(Directory of all hosts)
- Flooding
- Random
- Dynamic Routing
- Distance
Vector Routing (DVR)
- Internet
until 1979
- Slow
to convergence
- Prone
to oscillations
- Only
considers delays and not bandwidth
-
Link
State
Routing (LSR)
- More
reliable
- Less
bandwidth intensive
- More
complex
- More
memory intensive
- Compute
shortest path to every router in given region
- Open
Shortest Path First (OSPF)
- Inside
address spaces / Autonomous Systems (AS)
- Successor
to / form of LSR
- Interior
Gateway Protocol (IGP)
- Exterior
Gateway Routing Protocol
- Between
address spaces / AS
- Border
Gateway Protocol (BGP)
- Similar
to IGP but allows for added rules
- Allows
for political boundaries i.e. never put
Iraq
on a route starting at the Pentagon
Transmission Control Protocol (TCP)
- Connection
oriented
- Error
free byte stream
- Flow
and sequence control
- Handshake
required to set up WIN, SEQ & ACK numbers for flow and error control
- TCP
Frame Fields
- Sequence
number
- Increases
depending on packet size
- Acknowledgement
number
- Acknowledges
last sequence number
- Data
Of
fs
et
- Number
of 32-bit words in header, indicates were data starts
- Window
- Used
for flow control, indicates how much space left on buffers
- Control
- URG
– Urgent
- FIN
– Finished
- RST
– Reset
User Datagram Protocol (UDP)
- Connectionless
- Unreliable
- Loss
- Out
of order arrival
- Duplicates
- No
flow or sequence control
- Faster
than TCP
- Suitable
where loss is acceptable or handled by application
- No
handshake required as no SEQ or ACK
Examples of TCP & UDP
Ports and Sockets
- Ports
provide a set of abstract destination points for a given operating systems
- Standard
services usually run on well known ports so that other systems know which
port to address, i.e. Port 80 for Web
- Port
number and IP address make up a complete address
- Socket
is a network communications endpoint
- Active
socket is connected to a remote active socket via an open data
connection; closing the connection destroys active sockets at each
endpoint
- Passive
socket is not connected
- Waits
for a incoming connection, which will spawn a new active socket
- Two
kinds of IP socket
- Stream
socket, for using TCP
- Datagram
socket, for using UDP
Domain Name System (DNS)
- Internet
partitioned into domains (autonomous systems)
- Zones
form areas of the naming structure, which may include multiple domains
- IP
packets are forwarded between these domains, with the final router being
responsible for delivery to a specific host within that domain
- Naming
allows meaningful and user-friendly names for machine identification
rather than numbers
- DNS
allows look-up of the IP address on a name server which contains a table
of name-IP address pairs
- The
Domain Name System has a hierarchical structure, starting with several
top-level domains to break up the depth of the entire tree.
- Name
can remain constant despite IP address changes
- Alias
names can identify services independent of the machine(s) providing that
service
- Server
Redundancy in Zones
- As
DNS resolution is fundamental to normal operation there will usually be
more that one name server per zone
- Primary
(with records on disk)
- Secondary
(one or more, which ask the primary)
- Some
may be located outside the network zone
- The
local database of names is maintained manually
- Server
Hierarchy
- If
the name cannot be resolved a new request is made to a server up the
hierarchy – recursive lookup
- When
top level is reached go down to required domain
- This
is repeated until a server knows the required name or it is determined
that the name is not resolvable
- Top
level domains are replicated round the world to make queries which reach
these servers faster and gives load sharing
- Servers
cache responses as name are often needed again (locality of reference)
- Cached
answers are non-authorative and may be wrong
- They
are given time to live based on volatility
Open Systems Interconnect (OSI)
- Medium
Access Control (MAC) sub-layer
- Static
- Guaranteed
access
- Efficient
for high traffic rates (no arbitration)
- Bounded
delay
- Frequency
Division Multiplexing (FDM)
- Continuous
signal but low bandwidth
- Lose
overall bandwidth to guard bands
- Time
Division Multiplexing (TDM)
- Full
bandwidth but only for a time slot
- Requires
synchronization of time slots
- Code
Division Multiple Access (CDMA)
- Only
practical for communication with central station which must control
interference
- Requires
power management
- Dynamic
- Allocate
on demand
- Connectionless
service
- Fair
- Efficient
for low traffic rates
- Unbounded
delay
- ALOHA
- 18%
maximum channel utilisation
- Slotted
ALOHA
- 37%
maximum channel utilisation
- Carrier
Sense Multiple Access (CSMA)
- If
channel busy wait until idle
- Collision
Detection (CD)
- If
collision wait random time and try again
- Ethernet
CSMA/CD
- CD
& CA Comparison
- Both
back off
- CD
after collision
- CA
before transition
- CD
- Less
delay
- Higher
peak rate for bursty traffic
- Less
attractive for high load due to arbitration
- CA
- More
practical where collision can not be detected (Wireless LAN)
- Tokens
/ TDMA / FDMA give bounded delay
- Logical
Link Control (LLC) sub-layer
- Control
flow and sequencing
- Data-Link
Layer Services
- Unacknowledged
Connectionless (Ethernet LAN)
- Acknowledged
Connectionless (Wireless LAN)
- Acknowledged
Connection-oriented
- Framing
- Serial
- FLAG-Header-Data-Tail-FLAG
- Ethernet
- Preamble-SD-DA-SA-Length-Data-Pad-FCS
- Token
Ring
- SD-AC-ED
- SD-AC-FC-DA-SA-Data-FCS-ED-FS
- GSM
- Network Layer
- Transport Layer
- Session Layer
- Presentation Layer
- Application Layer
Internet (ARPANET)
- Host-to-Host Layer (Physical &
Data Link Layers)
- Internet (Network) Layer
- Transport Layer
§
TCP
§
UDP
§
Transport Layer Security (TLS)
o IEEE
Standardized modern version of SSL
§
Secure Socket Layer (SSL)
o Uses
X.509 certificates and
o Triple
Data Encryption Standard (DES)
§
128 bit key
§
Only 44 bits allowed to be secret outside US
- Application Layer (includes Session & Presentation Layers)
- HyperText
Markup Language (HTML)
- HyperText
Transfer Protocol (HTTP)
- HTTP
is a stateless, transaction-oriented protocol
- Client
contacts server at port 80, using TCP
- Request
from client to server
- Reply
from server to client
- Status
line (status code, text phrase)
- Header
(additional info)
- Body
- TCP
connection closed
- To
maintain state cookies are used
- HTTP
1.0 opens a new connection for every transaction (i.e
file)
- If
web page contains 10 images HTTP 1.0 opens 11 TCP connections
- Particularly
problem as TCP connections have “slow-start” algorithm, necessary for proper
connections
- TCP
is required to maintain “state” information about closed connections
for 240 seconds, to ensure stray packets are handled, but requires
large buffers on server
- HTTP
1.1
- Backwards
compatible
- Allows
document caching
- Only
open one persistent TCP connection, then can pipeline HTTP requests
- Can
send several requests before existing requests have been satisfied
- Secure
HTTP (HTTPS)
- File
Transfer Protocol (FTP)
- Secure
FTP (SFTP)
- Simple
Mail Transfer Protocol (SMTP)
- Two
parties
- Sender
(client)
- Receiver
(server)
- Three
steps
- Start
- Open
TCP connection
- Server
responds with “Service Ready” message
- Client
replies identifying its domain
- Data
exchange
- Client
sends one or more message
- First
giving identity information
- The
sends DATA message including subject
- Serve
responds to each message
- Complete
- Mail-servers
only deal with mail in the same domain if they deal with mail outside
domain then they are blacklisted by other mail-servers
- Mail
Relays
- These
are used to spool mail when destination is not reachable, usually in
the same domain as sender
- Post
Office Protocol (POP)
- Designed
to allow mail to be delivered to a mailbox on user desktop system,
rather than mainframe mail agent as with SMTP i.e. Unix host using SMTP
and later (at the recipient's convenience) download the contents of the
mailbox to own system
- Multipurpose
Internet Mail Extensions (MIME)
- Extends
SMTP to allow attachments
- Can
be arbitrary data not just text, but always encoded as ASCII text for
transfer
Security
- Secret
Keys
- Same
algorithm applied for encryption and decryption
- Data
Encryption Standard (DES)
- Advanced
Encryption Standard (AES)
- Improvement
on DES
- 128,
192, 256 bit keys
- Rivest, Shalmir & Adleman (RSA)
- Public
key for encryption
- Private
key for decryption
- Key
generated using prime numbers
- No
key management required
- 1000x
more computationally intensive than secret keys; therefore often used at
top of key hierarchy
- Public
Key Signatures
- Encrypt
with senders private key for signing
- Encrypt
with receivers public key for secrecy
- Message
Digests
- Faster
than Public Key Signatures
- Detects
message modifications but does not provide security
- Secure
Hashing Algorithm (SHA)
- Message
Digest (MD5)
- Fifth
version by Ronald Rivest
- Hashing
function
- X.509
certificates
- Associate
public key with user or service that us signed by Certificate Authority
(CA)
- Issuer
can revoke
- Not
forgeable
- Notarised
Signatures
- Non
repudiation of origin
- Verify
author, date and time
- Signature
is verified by third party, i.e. Notarisation Service
- A ®
Notary ®
B
§
A, B, Kab(m),
Kan
(A,
Ta, H{Kab(m)} )
§
N, Kbn(A, Ta,
Tn), Kab(m),
Kan
(A,
Ta, Tn, H{Kab(m)} )
§
B, Kbn(A, Tb,
H{Kab(m)} )
§
B, Kbn(A, B,
Tb, Tn, H{Kab(m)} )
§
B, Kbn(A, B,
Tb, Tn, H{Kab(m)} )
§
B, Kbn(A, Ta,
Kab(m)),
Kan
(A,
Ta, Tn, H{Kab(m)} )
- Kerberos
Authentication Service
- Three
servers
- Authentication
Server (AS)
- Verifies
user during logon
- Ticket
Granting Server (TGS)
- Issues
“proof of ID” tickets
- Sever
that does actual work
- Authentication
but no authorisation
- Separated
by realms, local TGS will give ticket to talk to TGS in other realm
Digital Signals
- Bit
rate – rate of transfer of bits
- Baud
rate – rate of changes of signal i.e. 1®
0
- Data
rate – rate of transfer of useful data
- FSK
– Frequency Shift Keying
- ASK
– Amplitude Shift Keying
- PSK
– Phase Shift Keying
Transistor-Transistor Logic
- High
Voltage 1
- Low
Voltage 0
- Word
synchronous only (bit asynchronous)
- If
signal week
- 1®
undefined ®
0
- Very
problematic
Differential Signal
- Positive
Voltage 1
- Negative
Voltage 0
- Word
synchronous only (bit asynchronous)
Manchester
Encoding
- Low-to-High
1
- High-to-Low
0
- Half
data rate for same Baud (compared to TTL or Differential Signal)
- Bit
& Word synchronous
- Ethernet
Differential
Manchester
Encoding
- No
transition at start 1
- Transition
at start 0
- Half
data rate for same Baud (compared to TTL or Differential Signal)
- Bit
& Word synchronous
- More
complex equipment but better noise immunity (compared to Manchester
Encoding)
- Token
Ring
Wireless LAN
- MB/s
- Directional
(Point-to-Point)
- Omni-Directional
(Broadcast)
Twisted-Pair
- Category
3: ~MB/s
- Category
5: ~10MB/s
- Cheep
and reasonable interference resistance, due to twisted pair layout
Baseband
- ~100Mb/s
- Compared
to Twisted Pair
- Higher
data rate
- More
expensive
- Better
shielding
Parallel
- Transistor-Transistor
Logic
- 8
bits at a time 100kB/s
Serial (RS 232)
- Differential
Signal
- 32 kB/s
- Word
synchronous / Bit asynchronous
USB
SCSI
IEEE 1394 FireWire
Asymmetric Digital Subscriber Line (ADSL)
- Slower
sending than receiving
Integrated Services Digital Network (ISDN)
- Basic
Rate Interface
- Primary
Rate Interface (T1)
Modem
- For
internet connections to Internet Service Provider (ISP)
- Point-to-Point
Protocol (PPP) for “home user”-to-ISP traffic
IEEE 802.4 / 802.5 Token
Ring
- Avoids
collision through tokens but need to manage tokens
- Not
instantaneous access, but bounded and allows access priorities
- Framing
- Token:
SD-AC-ED
- SD-AC-FC-DA-SA-Data-FCS-ED-FS
IEEE 802.3 Ethernet
- (min
frame 64 bytes / max 1526 bytes / pad ≤ 46 bytes / overhead 18
bytes)
- CSMA
/ CD
- Interval
between frames (InterFrame Spacing) allows other hosts to get a chance
-
Manchester
Encoding
- Framing
- Preamble-SD-DA-SA-Length-Data-Pad-FCS
IEEE 802.11b Wireless
LAN
- Industrial
Science & Medicine (ISM) band - 2.4 GHz - unlicensed radio band
- Interferes
with other 2.4 GHz transmitters
- Bluetooth
(IEEE 802.15)
- Microwave
Ovens
- CSMA
/ CA but no CD (not possible)
- Hidden
station problem
- Stations
not always in range of each other
- Most
stations are only half duplex
- Distributed
Access Control
- Good
for ad-hoc peer networks with bursty traffic
- Centralised
Access Control (GSM)
- Good
where data is time sensitive or priorities required
- Suffers
limitation of centralisation
- Basic
Service Set (BSS) c.f. subnet
- Extended
Service Set (ESS) c.f. LAN
- Two
or more BSS, appears as a single LAN
- Direct
Sequence Spread Spectrum (DSSS)
- Frequency
Hopping Spread Spectrum (FHSS)
- Provides
some security, if dwell time and hopping sequence secret
- Distributed
Foundation Wireless MAC (DFWMAC)
- Distributed
Coordination Function (DCF)
- CSMA/CA
- Stay
quite until next ACK indicated by RTS or CTS
- Point
Coordination Function (PCF)
- Use
base station to coordinate
- DCF
& PCF
- Short
InterFrame Spacing (SIFS)
- Continue
dialog
- Poll
response
- Clear-to-Send
(CTS) response to previous RTS
- PCF InterFrame Spacing (PIFS)
- Point
Coordination Function frame
- Beacon
or Poll
- DCF InterFrame Spacing (DIFS)
- Distributed
Coordination Function frame
- CSMA
/ CA
- Any
station can try to acquire medium, i.e. send RTS
- Request-to-Send
(RTS)
- Extended
InterFrame Spacing (EIFS)
Global System for
Mobile
Communications (GSM) 2G
- TDM
& FDM
- Mobile
(SIM) – BTS – BSC – MSC
- Subscriber
Identity Module (SIM)
- Base
Transceiver Station (BTS)
- Base
Station Controller (BSC)
- Manages
several BTSs
- Channels
- Frequency
hopping
- Handovers
-
Mobile
services Switching Centre (MSC)
- Acts
like Public Switch Telephone Network
- Handle
subscription
- Registration
- Authentication
- Handovers
- Error
Detection / Correction
- Three
levels of correction gives usable voice most of the time
- Bottom
level - no error detection or correction
- Top
level - forward error correction