200 likes | 338 Views
“Vision for Trustworthy Computing”, Bill Gates, 15 Jan 2002. “…now, when we face a choice between adding features and resolving security issues, we need to choose security.”. Internet Technologies. An example of how the system works* Assume:
E N D
“Vision for Trustworthy Computing”, Bill Gates, 15 Jan 2002 “…now, when we face a choice between adding features and resolving security issues, we need to choose security.”
Internet Technologies An example of how the system works* Assume: FTP is our application example. Ethernet is the underlying technology at the data link layer. * Two slides of revision for some of you.
Application(say FTP) TCP IP Ethernet Driver Physical Layer Ethernet
SS User Data SS SS App. User Header Data SS SS TCP App. User Header Header Data SS SS IP TCP App. User Header Header Header Data SS SS Ethernet IP TCP App. User Ethernet Header Header Header Header Data Trailer SS 46 to 1500 bytes for Ethernet
Original Internet Principles • End-to-End Design: Based on the assumption that end-points can trust one another. • To move the functionality • away from the network, and, • towards the edges of the system. • Reduces the complexity of the network. • Reduces the cost of future upgrades • New applications can be added without modifying the network.
Original Internet Principles • Packet Switched Communication facility • Different Networks connected through Routers (used essentially for routing only). • Internet communication to continue despite loss of networks or routers. • Cater to distributed management of resources.
Original Internet Principles (continued) • Addresses that are simple, hierarchical and that can be overloaded for both naming a node and for routing to it. • Higher level functionality at the edges and dumb network • A single data delivery service (IP) to cater to both connectionless, unreliable datagram service (UDP) as well as to a reliable stream service (TCP).
New Environment • Untrustworthy end-points • Denial of service attacks • Spam e-mails • More demanding applications • Requirement for high throughput • Requirement for guaranteed delivery (e.g. audio or streaming video) • ISPs view wide BW and/or guaranteed data transport services as a competitive differentiator.
New Environment • Islands of wide BW and/or guaranteed service along with content servers, designed for technologists. Responses to the new environment: • Modify the end-nodes • Add functions to the core of the network • Firewalls • NATs • Traffic Filters
The Internet Internet Characteristics & Architecture as it exists today
Table1:Internet Traffic Characteristics C: client;DNS: Domain Name System;S: Server;MBONE:Multicast Backbone Source: Antonio Rodriquez-Moral, “LIBRA.” Bell Labs Technical Journal, 2(2): 42-67, Spring 1997.
Table2: Routing Persistence Source: Vern Paxson, “End-to-End Routing Behaviour in the Internet”, IEEE/ACM Transactions on communications, 5(5), October 1997.
Table3: Internet Traffic Characteristics • Round Trip Delay (RTT) Most RTTs are within 70-160 ms ITU-T G.114: limit RTT to 300 ms or less However…Surveys show some people tolerate large RTTs of 800 ms • Packet Loss Very bursty Affects contiguous packets • Order of Packet Arrival Studies underway, but…Paxson study shows out-of sequence arrival not unusual Source: Ulyees Black, “Advanced Internet Technologies”, pages 70-71, 1999.
Packet Loss • Data transmission: masked by TCP • Audio/Video: ears and eyes catch it • Audio System: G.T23.1 masks a loss of up to 10% if the loss is random and independent. It uses the previous packet to simulate the lost packet. • But the packet loss in Internet is bursty.
Packet Loss • Forward Error Correction system: uses the technology used in mobile wireless system --by sending many copies of the coded voice. If even one copy arrives safely, the operation is effective. • Since UDP is used for audio/video, the out-of-sequence arrival is also a problem.
Internet: Example of a small part HA HB HX For point-to-point (relay-type) connections through T1/SONET lines, PPP (Point to Point Protocol) is used. * SLIP (Serial Line IP) is now rarely used. Ethernet R1 45 Mbps T1 Line R2 155 Mbps SONET Internet SONET T1 Line R3 R4 H1 H2 HN Ethernet
T Lines • Frame: carries 24 channels of 8 bits + 1 bit for sync.=193 bits • T1: 8000 frames per second 1.544 Mbps => DS1 • T2: 4 DS1’s 6.312 Mbps => DS2 • T3: 7 DS2’s 44.376 45 Mbps => DS3 • T4: 6 DS3’s 274.176 Mbps
T Lines • ANSI – Synchronous Optical Network SONET • ITU-T – Synchronous Digital Hierarchy SDH • SONET rates: • OC1 51.84 Mbps • OC3 155.520 Mbps • OC12 622.080 Mbps • OC-24 1.244 Gbps • OC-48 2.488 Gbps • OC-192 9.953 Gbps
DNS FTP TELNET SMTP RIP OSPF BGP UDP TCP ICMP IP ARP RARP ETHERNET PPP Physical Layer
Ethernet Type ARP 080616 RARP 803516 IP 080016 IP Protocol OSPF 89 UDP 17 TCP 6 ICMP 1 UDP Ports RIP 520 DNS 53 TCP Ports BGP 179 DNS 53 SMTP 25 TELNET 23 FTP 21 HTTP 80 Lotus Notes 1352 HTTP PROXY 8080