330 likes | 447 Views
ecs298k: Internet Architecture lecture #1. Dr. S. Felix Wu Computer Science Department University of California, Davis http://www.cs.ucdavis.edu/~wu/ wu@cs.ucdavis.edu. My slides have been/will be on-line available!. What is “Internet”?. 1969: 4 node network (56K).
E N D
ecs298k:Internet Architecturelecture #1 Dr. S. Felix Wu Computer Science Department University of California, Davis http://www.cs.ucdavis.edu/~wu/ wu@cs.ucdavis.edu ecs298k spring 2001
My slides have been/will be on-line available! ecs298k spring 2001
What is “Internet”? • 1969: 4 node network (56K). • MILNET in US and MINET in Europe • Arpanet (government and universities) • 1985/86: NSFNet (56K) • connecting 6 super-computing centers. • 1988 (T1: 1.544 Mbps, 13 sites) • 1990: Merit: Policy Routing • 1991: (T3: 45 Mbps) ecs298k spring 2001
Internet Protocol payload header src addr: 32 bits dst addr: 32 bits A router and its routing table dst addr filter 169.237.*.* /16 132.30.7.* /24 ecs298k spring 2001
NSFNet-Based Internet campus NSF-core backbone Regional backbone ecs298k spring 2001
Commercialization • ISP (Internet Service Provider) • connecting end-users to NSF backbone • connecting end-users to their own backbone • NAP (Network Access Points) • inter-connecting ISPs • first, at least 100 MB ecs298k spring 2001
Today’s Internet ecs298k spring 2001
traceroute: Warning: www.yahoo.com has multiple addresses; using 204.71.200.68 traceroute to www.yahoo.akadns.net (204.71.200.68), 30 hops max, 38 byte packets 1 fnh254.cs.ucdavis.edu (169.237.6.254) 0.537 ms 0.446 ms 0.349 ms 2 169.237.246.238 (169.237.246.238) 1.096 ms 1.342 ms 1.058 ms 3 area14-gw.ucdavis.edu (169.237.1.30) 2.022 ms 1.436 ms 1.407 ms 4 border-m20-gw.ucdavis.edu (169.237.2.2) 1.478 ms 1.403 ms 1.511 ms 5 BERK--ucd2.ATM.calren2.net (198.32.249.33) 5.017 ms 5.427 ms 5.297 ms 6 BERK--SUNV.POS.calren2.net (198.32.249.13) 5.398 ms 5.362 ms 5.213 ms 7 BERK--BERK-7507.POS.calren2.net (198.32.249.70) 5.523 ms 5.721 ms 5.281 ms 8 acr1-serial2-3-0-0.SanFranciscosfd.cw.net (206.24.211.133) 6.563 ms 5.933 ms 5.877 ms 9 bpr1.pax.cw.net (206.24.210.8) 7.789 ms 7.857 ms 7.553 ms 10 206.24.241.2 (206.24.241.2) 16.055 ms 15.746 ms 15.649 ms 11 so1-0-0-622M.cr1.pao2.gblx.net (208.50.169.141) 15.973 ms 15.992 ms 15.708 ms 12 pos6-0-2488M.cr1.SNV.gblx.net (208.50.169.62) 16.461 ms 16.270 ms 16.615 ms 13 ge0-0-1000M.hr8.SNV.gblx.net (206.132.254.37) 16.152 ms 16.060 ms 16.339 ms 14 bas1r-ge3-0-hr8.snv.yahoo.com (208.178.103.62) 16.135 ms 16.242 ms 15.936 ms 15 www3.yahoo.com (204.71.200.68) 16.643 ms 17.199 ms 15.787 ms ecs298k spring 2001
traceroute to www.gatech.edu (130.207.244.203), 30 hops max, 38 byte packets 1 fnh254.cs.ucdavis.edu (169.237.6.254) 0.539 ms 0.436 ms 0.370 ms 2 169.237.246.238 (169.237.246.238) 1.045 ms 1.077 ms 1.078 ms 3 area14-gw.ucdavis.edu (169.237.1.30) 1.670 ms 1.412 ms 1.345 ms 4 border-m20-gw.ucdavis.edu (169.237.2.2) 1.371 ms 2.225 ms 1.901 ms 5 BERK--ucd3.ATM.calren2.net (198.32.249.37) 4.147 ms 4.464 ms 4.403 ms 6 SUNV--BERK.POS.calren2.net (198.32.249.14) 5.862 ms 5.239 ms 5.136 ms 7 abilene--QSV.POS.calren2.net (198.32.249.162) 5.427 ms 5.280 ms 5.463 ms 8 scrm-snva.abilene.ucaid.edu (198.32.8.70) 8.239 ms 8.263 ms 8.271 ms 9 dnvr-scrm.abilene.ucaid.edu (198.32.8.2) 30.391 ms 30.413 ms 29.956 ms 10 kscy-dnvr.abilene.ucaid.edu (198.32.8.14) 40.933 ms 40.685 ms 40.475 ms 11 ipls-kscy.abilene.ucaid.edu (198.32.8.6) 49.493 ms 49.682 ms 49.584 ms 12 atla-ipls.abilene.ucaid.edu (198.32.8.42) 60.006 ms 59.522 ms 59.452 ms 13 sox-rtr.abilene.sox.net (199.77.193.9) 59.728 ms 60.715 ms 59.595 ms 14 199.77.194.6 (199.77.194.6) 60.302 ms 60.407 ms 60.662 ms 15 www.gatech.edu (130.207.244.203) 61.592 ms 62.205 ms 62.824 ms ecs298k spring 2001
traceroute to www.nortelnetworks.com (192.122.98.80), 30 hops max, 38 byte packets 1 fnh254.cs.ucdavis.edu (169.237.6.254) 3.574 ms 1.891 ms 1.813 ms 2 169.237.246.238 (169.237.246.238) 1.860 ms 1.929 ms 1.838 ms 3 area14-gw.ucdavis.edu (169.237.1.30) 1.887 ms 1.962 ms 1.754 ms 4 border-m20-gw.ucdavis.edu (169.237.2.2) 1.891 ms 1.902 ms 1.879 ms 5 BERK--ucd2.ATM.calren2.net (198.32.249.33) 5.347 ms 5.141 ms 5.568 ms 6 QSV-7507-2--QSV.POS.calren2.net (198.32.249.94) 6.706 ms 5.397 ms 5.364 ms 7 QSV-7507-1--QSV-7507-2.POS.calren2.net (198.32.249.86) 7.811 ms 5.521 ms 5.909 ms 8 63-237-208-1.cust.qwest.net (63.237.208.1) 6.035 ms 5.792 ms 5.789 ms 9 svl-core-03.inet.qwest.net (205.171.14.85) 6.548 ms 6.170 ms 6.640 ms 10 svl-core-01.inet.qwest.net (205.171.14.121) 5.987 ms 5.999 ms 6.624 ms 11 kcm-core-01.inet.qwest.net (205.171.8.9) 41.143 ms 41.302 ms 41.179 ms 12 kcm-core-02.inet.qwest.net (205.171.29.126) 40.710 ms 41.459 ms 42.047 ms 13 dca-core-01.inet.qwest.net (205.171.5.57) 89.903 ms 90.169 ms 90.870 ms 14 dca-core-02.inet.qwest.net (205.171.9.6) 90.226 ms 90.830 ms 90.716 ms 15 atl-core-02.inet.qwest.net (205.171.8.153) 105.970 ms 105.829 ms 105.741 ms 16 atl-brdr-03.inet.qwest.net (205.171.21.102) 106.000 ms 105.761 ms 105.615 ms 17 205.171.4.42 (205.171.4.42) 102.066 ms 101.935 ms 102.183 ms 18 so-2-0-0.atlnga1-br2.bbnplanet.net (4.24.8.5) 103.153 ms 102.801 ms 101.990 ms 19 p11-0.crtntx1-br2.bbnplanet.net (4.24.6.42) 94.830 ms 94.641 ms 94.916 ms 20 p2-0.crtntx1-cr2.bbnplanet.net (4.24.5.18) 95.186 ms 95.127 ms 95.170 ms ecs298k spring 2001
About the Instructor • S. Felix Wu (wu@cs.ucdavis.edu, x4-7070) • Office: 3057 Engineering II • Office Hours: • 1:00-2:00 p.m. on Monday • 1:00-2:00 p.m. on Friday • by appointment ecs298k spring 2001
about Web site • http://www.cs.ucdavis.edu/~wu/ecs289k/index.html • all lectures, notes, announcements, homework assignments, tools, papers will be there. ecs298k spring 2001
Textbook • No required textbooks, but a long list recommended books/readings for different subjects…. ecs298k spring 2001
Prerequisites • Computer Networks: • you should already know subjects such as TCP/IP and other basic network stuff. • Computer Security: • you should have some basic ideas about security and cryptography such as symmetric and asymmetric key protocols or one way hash function. • Please talk to me if you have any concern. ecs298k spring 2001
Syllabus • Internet Architecture [1 lectures] • BGP (Border Gateway Routing Protocol) [4 lectures] • OSPF (Open Shortest Path First) [2 lectures] • Source Tracing and DDoS [2 lectures] • IPSec and VPN Policy [4 lectures] • QoS: DiffServ, MPLS, and VoIP [3 lectures] • Network Management: SNMP, LDAP, MIB, PIB, and DEN. [1 lecture] • Other topics: MobileIP, Ad Hoc, DHCP, DNS…. ecs298k spring 2001
Course Requirements • 40%: Final Research Project Proposal • we need to work together on this task and I need to approve it. (due May 11, 2001). • 55%: Final Project Demo/Presentation/Report • you need to report the status/progress on a weekly basis using emails after the proposal is approved. • some will be invited to give a presentation in class. • 05%: Participation • Default: you get 5%. • Deducted if missed more than three sessions. ecs298k spring 2001
Grading • This is a graduate course and we should respect each other…. • You need to motivate yourself to learn… • If your proposal is approved in time, and you put efforts to accomplish “something” (running code, experimental results, or analysis), you should expect an A. • I will make sure your success in the proposal stage as well as weekly check points. • But, I won’t take ANY incomplete. ecs298k spring 2001
About the TA • We don’t have any :-( • But, I have two PhD students (at NCSU) will be available to help.. • Experiments/simulations/ideas…. • Equipment: (we will arrange…) ecs298k spring 2001
How to move the packets? • In NSFNet, it is sort of centralized controlled. • But, now we have so many different networks and they intersect with each other in a fairly complicated way (and they belong to different nations or administrative domains)!!! • Solution: • address assignment and routing information updates ecs298k spring 2001
BGP Table Growth – 12 year history BGP Table Growth
How to handle the size? • Please think…. ecs298k spring 2001
Source Accountability • Security versus performance • IP versus ATM • connectionless versus connection-oriented? ecs298k spring 2001
Example Problem: • Source IP address is not trusted! SRC: source DST: destination IP Header IP Payload SRC: 128.59.10.8 DST: 152.1.61.120 Is it really from Columbia Univ? ecs298k spring 2001
Similar to US Mail (or E-Mail) from: Dr. S. Felix Wu NCSU To: William Smith M.I.B. Corp. ecs298k spring 2001
Routing in Internet Protocol src:128.59.10.8 dst:152.1.61.120 128.59.10.xx Rtr Columbia 152.1.61.xx Rtr NCSU 36.190.0.xx Rtr src:128.59.10.8 dst:152.1.61.120 Stanford ecs298k spring 2001
Current IPv4 Infrastructure • No guarantee for the source. • Various adhoc approaches to resolve this issue. • Router Filtering. • TCP Handshake. • A systematic fix: IPSec (Internet Security Architecture) ecs298k spring 2001
Router Filtering • Very effective (Internet Service Provider should “always” do that!!) • At least, I am sure that this packet is from some particular subnet. • Problems: • configuration management. (adaptivity) • politics. (why should I restrict my customers?) • mobileIP. (bi-directional tunneling) • trustable router. (network infrastructure attack) ecs298k spring 2001
TCP Handshake seq=y, ACK x+1 128.59.10.xx Rtr Columbia 152.1.61.xx Rtr NCSU 36.190.0.xx Rtr x src:128.59.10.8 dst:152.1.61.120 Oh!, I don’t know y to generate y+1. Stanford ecs298k spring 2001
End-to-End Argument • Let’s keep the “core” simple, fast. • And, anything else should be done by the end hosts. • Active Networks?? • How to draw the line?? ecs298k spring 2001
Four S’s • Scalability • Security • Stability • Service Quality ecs298k spring 2001
Final Remarks • I do not claim that I understand this monster. • There are various issues to be considered at the same time -- it is a networking system. • We will learn, discuss and work together this quarter through the process of opening cans of worms…. ecs298k spring 2001