因特网
连接到因特网的设备:主机(host)或端系统(end system)
端系统通过通信链路(communication link)和分组交换机(parket switch)连接到一起
路由器(router) 链路层交换机(link-layer switch)
端系统通过因特网服务提供商(Internet Service Provider, ISP)接入因特网
因特网部件运行一系列协议(protocol),协议控制因特网中信息的接受和发送
Reliable Stream Transport Service:
Sends a large amount of data across a reliable “connection”Connectionless Packet Delivery Service:
Routes small messages from one computer to another
TCP(Transmission Control Protocol, 传输控制协议)
IP(Internet Protocol, 网际协议)定义在路由器和端系统之间发送和接受的分组格式
因特网标准(Internet standard)由因特网工程任务组(Internet Engineering task Force, IETF)研发
IETF标准文档称请求评论(Request For Comment, RFC)
分布式应用程序(distributed application)涉及多台相互交换数据的端系统
应用程序编程接口(Application Programming Interface, API)
网络边缘
主机(hosts) = 端系统: 客户(client)和服务器(server)
数据中心(data center)由许多服务器构成
接入网(access network)指将端系统连接到其边缘路由器(edge router)的物理链路
- residential access nets
- institutional access networks (school, company)
- mobile access networks
bandwidth(bit per second, bps); shared / dedicated(专用)
数字用户线(Digital Subscriber Line, DSL):
- existing telephone line to central office DSLAM
- < 2.5 Mbps upstream transmission rate (typically < 1 Mbps)
- < 24 Mbps downstream transmission rate (typically < 10 Mbps)
- frequency division multiplexing: different channels transmitted in different frequency bands
电缆因特网接入(cable Internet access) 有线电视
HFC: hybrid fiber coax
- asymmetric: up to 30Mbps downstream transmission rate, 2 Mbps upstream transmission rate
以太网Ethernet
光纤到户(Fiber To The Home, FTTH)
- 光纤分布体系结构:主动光纤网络(Active Optical Network, AON)和被动光纤网络(Passive Optical Network, PON)
光纤网络端接器(Optical Network Terminator, ONT)
分配器(splitter)
光纤线路端接器(Optical Line Terminator, OLT)
无线网络wireless network
wireless LANs:
- within building (100 ft.)
- 802.11b/g/n (WiFi): 11, 54, 450 Mbps transmission rate
wide-area wireless access
- provided by telco (cellular) operator, 10’s km
- between 1 and 10 Mbps
- 3G, 4G: LTE
host sending function:
- takes application message
- breaks into smaller chunks, known as packets, of length L bits
- transmits packet into access network at transmission rate R
- link transmission rate, aka link capacity, aka link bandwidth
- 物理媒体(physical medium): 双绞铜线、同轴电缆、多模光纤缆、陆地无线电频谱、卫星无线电频谱
- bit: propagates between transmitter/receiver pairs
- physical link: what lies between transmitter & receiver
导引型媒体(guided media):
- signals propagate in solid media: copper, fiber, coax
非导引型媒体(unguided media):
- signals propagate freely, e.g., radio
双绞铜线 twisted pair (TP):
- two insulated copper wires
- Category 5: 100 Mbps, 1 Gbps Ethernet
- Category 6: 10Gbps
两根隔离的铜线以规则的螺旋形式排列组成;两根线绞合起来以减少邻近类似双绞线的电气干扰
一对电线构成一个通信链路;通常许多双绞线捆扎在一起成电缆
无屏蔽双绞线(Unshielded Twisted Pair, UTP) 常用于建筑物内网络
同轴电缆 coaxial cable:
- two concentric copper conductors
- bidirectional
- broadband:
- multiple channels on cable
- HFC
光纤 fiber optic cable:
- glass fiber carrying light pulses, each pulse a bit
- high-speed operation: high-speed point-to-point transmission (e.g., 10’s-100’s Gbps transmission rate)
- low error rate:
- repeaters spaced far apart
- immune to electromagnetic noise(不受电磁干扰)
单模光纤速率高,价格贵; 多模光纤速率低,价格便宜
电磁波 ratio
- signal carried in electromagnetic spectrum
- no physical “wire”
- bidirectional
- propagation environment effects:
- reflection
- obstruction by objects
- interference
adio link types:
- terrestrial microwave
e.g. up to 45 Mbps channels - LAN (e.g., WiFi)
54 Mbps - wide-area (e.g., cellular)
4G cellular: ~ 10 Mbps - satellite
- Kbps to 45Mbps channel (or multiple smaller channels)
- 270 msec end-end delay
- geosynchronous versus low altitude
同步卫星(geostationary satellite); 近地轨道(Low-Earth Orbiting, LEO)卫星
编码(encoding)
Non-return to Zero Inverted (NRZI):
- make a transition from current signal to encode a one; stay at current signal to encode a zero
- solves the problem of consecutive ones
经网络传输数据会产生时钟同步问题
Manchester:
- transmit XOR of the NRZ encoded data and the clock
- only 50% efficient (bit rate = 1/2 baud rate)
包含丰富的时钟信息
4B/5B:
- every 4 bits of data encoded in a 5-bit code
- 5-bit codes selected to have no more than one leading 0 and no more than two trailing 0s
- thus, never get more than three consecutive 0s
- resulting 5-bit codes are transmitted using NRZI
- achieves 80% efficiency
数据帧化Framing
- Break sequence of bits into a frame
- Typically implemented by network adaptor
Sentinel-based:
- delineate frame with special pattern: 01111110
- e.g., HDLC, SDLC, PPP
Beginning sequence(8) + Header(16) + Body + CRC(16) + Ending sequence(8)
- problem: special pattern appears in the payload
- solution: bit stuffing
- sender: insert 0 after five consecutive 1s
- receiver: delete 0 that follows five consecutive 1s
Counter-based:
- include payload length in header
- e.g., DDCMP
SYN(8) + SYN(8) + Class(8) + Count(14) + Header(42) + Body + CRC(16)
- problem: count field corrupted
- solution: catch when CRC fails
Clock-based:
- each frame is 125us long
- e.g., SONET: Synchronous Optical Network
- STS-n (STS-1 = 51.84 Mbps)
网络核心
Communication networks can be classified based on the way in which the nodes exchange information:
Communication Network:
Broadcast Communication Network
Switched Communication Network
Circuit-Switched Communication Network
Packet-Switched Communication Network
- Datagram Network
- Virtual Circuit Network
Connection Oriented(面向连接)
Has connection establish and release procedures
- Similar to circuit switched
Transmission in order
Bandwidth may be guaranteed
Flow control may exist
Error control may exist
Connectionless(无连接)
Each datagram may take a different path
Datagrams may arrive out of order
Link failures not a problem
problem in a Generic Switch
incoming links : how to demultiplex
switch : how to switch
outgoing links : how to multiplex
Packet Switching(分组交换)
各种网络应用中,端系统彼此交换报文(message)
分组(packet swicth): 源端系统像目的端系统发送报文,源将报文划分为较小的数据块
每个分组通过通信链路和分组交换机(packet switch)传送
- 两类交换机: 路由器和链路层交换机
packet-switching: hosts break application-layer messages into packets
Data from any conversation can be transmitted at any given time
- A single conversation can use the entire link capacity if it is alone
How to demultiplex?
- Use meta-data (header) to describe data
Data are sent as formatted bit-sequences
- so-called packets.
Packets have the following structure:
- Header + Data + Tailer
- Header and Trailer carry control information
- e.g., destination address, check sum
输出缓存(output buffer)(输出队列 output queue): 用于存储路由器准备发往相连的链路的分组;
Store-and-Forward Networks(存储转发传输):
- At each node the entire packet is received, stored briefly, and
- then forwarded to the next node based on the header information
- Allows statistical(统计的) multiplexing
在接收完所有的比特后进行查错,无误在再进行转发
“热土豆”传输: 一边接收,一边转发
- 适用于网络质量好,出错概率低的情况
通过N条速率均为R的链路组成的路径(源和目的地之间有N-1台路由器)发送一个分组,端到端时延:
$$d_{EndToEnd} = N \frac{L}{R}$$
takes L/R seconds to transmit
- L-bit packet into link at R bps
one-hop numerical example:
- L = 7.5 Mbits
- R = 1.5 Mbps
- one-hop transmission delay = 5 sec
packet-switching
- forward packets from one router to the next
- across links on path from source to destination
- Each packet is independently switched
- header contains destination address
- Two key network-core functions
- routing: determines source-destination route taken by packets
- routing algorithms
- forwarding: move packets from router’s input to appropriate router output
排队时延(queue delay):
到达的分组在链路忙于传输其他分组时必须在输出缓存中等待;
分组丢失(丢包 packet lost): 一个分组到达时缓存已被其他等待传输的分组完全充满,到达的分组或已经排队的分组之一将被丢弃
queuing and loss:
- if arrival rate exceeds transmission rate of link for a period of time
- packets will queue, wait to be transmitted on link
- can be dropped (lost) if memory (buffer) fills up
Circuit Switching(电路交换)
两台主机通信时网络在两台主机之间创建一条专用的端到端连接(end-to-end connection)
频分复用(Frequency-Division Multiplexing, FDM):
- 链路的频谱由跨越链路创建的所有连接所共享;
- 在连接期间链路为每条连接专用一个频段
时分复用(Time-Division Multiplexing, TDM):
- 时间被划分为固定区间的帧(frame),每帧划分为固定数量的时隙;
- 网络跨越一条链路创建一条连接时在每个帧中为该连接指定一个时隙(slot)
Time divided in frames and frames divided in slots
Relative slot position inside a frame determines which conversation the data belongs to
Needs synchronization(同步) between sender and receiver
If a conversation does not use its circuit the capacity is lost
Three phases(三个阶段)
- circuit establishment
- data transfer
- circuit termination
If circuit not available: busy
Examples
- Telephone networks
- ISDN (Integrated Services Digital Networks)(综合业务数字网)
end-end resources allocated to, reserved for “call” between source & dest
dedicated resources: no sharing
- circuit-like (guaranteed) performance
circuit segment idle(闲置) if not used by call (no sharing)
Packet-Switching vs. Circuit-Switching
Most important advantage of packet-switching:
- Ability to exploit statistical multiplexing
- More efficient bandwidth usage
However, packet-switching needs to buffer and deal with congestion
- More complex switches
- Harder to provide good network services (e.g., delay and bandwidth guarantees)
packet switching allows more users to use network
example:
- 1 Mb/s link
each user: - 100 kb/s when “active”
active 10% of time
circuit-switching: 10 users
- packet switching: with 35 users, probability > 10 active at same time is less than .0004 *
packet switching:
great for bursty data
- resource sharing
- simpler, no call setup
excessive congestion possible:
- packet delay and loss
- protocols needed for reliable data transfer, congestion control
Q: How to provide circuit-like behavior?
- bandwidth guarantees needed for audio/video apps
Virtual-Circuit Packet Switching(虚电路交换)
Hybrid of circuit switching and packet switching
- Data is transmitted as packets
- All packets from one packet stream are sent along a pre-established path (=virtual circuit)
- Guarantees in-sequence delivery of packets
Packet header only contains local virtual circuit identifier (VCI)
Demultiplexing and switching based on VCI
- Note: packet headers don’t need to contain the full destination address of the packet
Example: ATM networks
Communication with virtual circuits takes place in three phases
- VC establishment
- data transfer
- VC disconnect
Internet structure: network of networks(网络的网络)
End systems connect to Internet via access ISPs (Internet Service Providers)
- residential, company and university ISPs
Access ISPs in turn must be interconnected.
- so that any two hosts can send packets to each other
Resulting network of networks is very complex
- evolution was driven by economics and national policies
Question: given millions of access ISPs, how to connect them together?
Option: connect each access ISP to every other access ISP?
Option: connect each access ISP to one global transit ISP?
- Customer and provider ISPs have economic agreement.
at center: small # of well-connected large networks
- “tier-1” commercial ISPs (e.g., Level 3, Sprint, AT&T, NTT), national & international coverage
- content provider network (e.g., Google): private network that connects it data centers to Internet, often bypassing tier-1, regional ISPs
分组交换网中的时延、丢包和吞吐量(delay, loss, throughput in networks)
时延
结点处理时延(nodal processing delay): 检查分组首部和决定出口链路、查错校验
排队时延(queuing delay): 分组在出口链路队列上等待传输
传输时延(transmission delay): L/R(分组长度/链路传输速率); 将所有分组比特推(传输)向链路所需时间
传播时延(propagation delay): d/s(距离/传播速率),介质相关
结点总时延(total nodal delay)
$$d{nodal} = d{proc} + d{queue} + d{trans} + d_{prop}$$
How do loss and delay occur:
packets queue in router buffers
- packet arrival rate to link (temporarily) exceeds output link capacity
- packets queue, wait for turn
$d_{proc}$: nodal processing
- check bit errors
- determine output link
- typically < msec
$d_{queue}$: queueing delay
- time waiting at output link for transmission
- depends on congestion level of router
$d_{trans}$: transmission delay
- L: packet length (bits)
- R: link bandwidth (bps)
- $d_{trans} = L/R$
$d_{prop}$: propagation delay
- d: length of physical link
- s: propagation speed (~2x108 m/sec)
- $d_{prop} = d/s$
$d{trans}$ and $d{prop}$ are very different
排队时延和丢包
流量强度(traffic intensity): La/R;
- a: 分组到达队列的平均速率(pkt/s)(a: average packet arrival rate)
- R: link bandwidth (bps)
- L: packet length (bits)
- La/R ~ 0: avg. queueing delay small
- La/R -> 1: avg. queueing delay large
- La/R > 1: more “work” arriving
than can be serviced, average delay infinite!
- 设计系统时流量强度不能大于1
随着流量强度接近于1,平均排队时延迅速增加
丢包: 分组到达时路由器链路队列已满,路由器丢弃(drop)该分组,该分组会丢失(lost)
- queue (aka buffer) preceding link in buffer has finite capacity
- packet arriving to full queue dropped (aka lost)
- lost packet may be retransmitted by previous node, by source end system, or not at all
吞吐量(throughput)
瞬时吞吐量(instantaneous throughput): 主机接收到文件的速率(bps)
平均吞吐量(average throughput): F/T秒; 接收总共F比特用去T秒
瓶颈链路(bottleneck link): 系统中传输速率最小的链路
throughput: rate (bits/time unit) at which bits transferred between sender/receiver
- instantaneous: rate at given point in time
- average: rate over longer period of time
bottleneck link:
link on end-end path that constrains end-end throughput
协议层次 服务模型(protocol layers, service models)
分层(layer)
layers: each layer implements a service
- via its own internal-layer actions
- relying on services provided by layer below
协议栈(protocol stack)
应用层(第七层):
运输层(四层):
网络层(三层):
链路层(二层): 帧(frame)
物理层(一层): 将帧中的比特一个一个从一个结点移动到下一个结点
OSI(Open System Interconnect Reference Model, 开放系统互联参考模型)
表示层: 数据压缩、数据加密、数据描述
会话层: 数据交换定界、同步功能,建立检查点和恢复方案
Internet protocol stack:
application: supporting network applications
- FTP, SMTP, HTTP
transport: process-process data transfer
- TCP, UDP
network: routing of datagrams from source to destination
- IP, routing protocols
link: data transfer between neighboring network elements
- Ethernet, 802.111 (WiFi), PPP
physical: bits “on the wire
ISO/OSI reference model: (two more layer)
presentation: allow applications to interpret meaning of data, e.g., encryption, compression, machine-specific conventions
session: synchronization, checkpointing, recovery of data exchange
Internet stack “missing” these layers!these services, if needed, must be implemented in application
封装(encaosulation):
应用层报文(application-layer message) -> 运输层报文段(transport-layer segment) -> 网络层数据报(network-layer datagram) -> 链路层帧(link-layer frame)
分组 : 首部字段 + 有效载荷字段(payload field)(来自上一层的分组)
面对攻击的网络(networks under attack: security)
Internet not originally designed with (much) security in mind
- original vision: “a group of mutually trusting users attached to a transparent network”
- Internet protocol designers playing “catch-up”
- security considerations in all layers!
恶意软件(malware)
僵尸网络(botnet)
病毒(virus): 需要某种形式的用户交互感染用户设备的恶意软件
蠕虫(worm): 无需任何明显用户交互就能进入设备的恶意软件
malware can get in host from:
- virus: self-replicating infection by receiving/executing object (e.g., e-mail attachment)
- worm: self-replicating infection by passively receiving object that gets itself executed
spyware malware can record keystrokes, web sites visited, upload info to collection site
infected host can be enrolled in botnet, used for spam. DDoS attacks
拒绝服务攻击(Denial-of-Service (DoS) attack)
- 弱点攻击: 向一台目标主机上运行的易受攻击的应用程序或操作系统发送制作精细的报文
- 带宽洪泛: 向目标主机发送大量的分组使目标接入链路拥塞
- 连接洪泛: 在目标主机中创建大量半开或全开TCP连接
分布式Dos(Distributed DoS, DDoS): 攻击者控制多个源向目标发送大量流量
Denial of Service(DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic
select target
break into hosts around the network (see botnet)
send packets to target from compromised hosts
分组嗅探器(packet sniffer)
packet “sniffing”:
- broadcast media (shared Ethernet, wireless)
- promiscuous network interface reads/records all packets (e.g., including passwords!) passing by
- wireshark software is a (free) packet-sniffer
IP哄骗(IP spooning)
IP spoofing: send packet with false source address
~ history