Unit One Objectives, CSCI 561, Computer Networks I Tobin Maginnis Updated: 1-Oct-08 Lecture Omit)Give an overview of the Internet (topology, addressing, and naming) and explain how it interacts with an internet, intranet, & extranet. 2)Contrast the terms "LAN," "WAN," "T1," "SONET," "ATM," "ADSL," and "DSLAM." Omit)Describe how a client-server pair use the basic services of Tanenbaum's transport station. Omit)Explain how the same code, executing on both computers, allows networking. 5)Explain, and give an example of, how user-driven versus event-driven routines cooperate to allow networking. UNIX Network Programming - 3rd edition - W. R. Stevens, et. al. Appendix A - Internet Fundamentals 1)Describe the data encapsulation that requires up to 111 bytes to send one data byte through the Internet in a virtual terminal session. 2)Contrast the frame/packet sizes of a TCP control packet, ICMP ping request, and TCP data block. 3)Contrast an IP segment and IP packet. Contrast congestion versus flow- control. a)An Internet protocol (IP) packet largest logical size is 65,535 bytes or an IP segment. However, the network layer may choose to fragment these logical segments into physical IP packets where the M bit in the header is set true indicating more fragments are coming. An M bit of 0, or false, indicates the last IP packet of the segment. The offset field in the header provides the proper relative position in the segment. b)Congestion... 4)Describe the self-regulating nature of TCP ACKs versus UDP datagrams. 5)Explain how IP prevents routing loops. Omit)Describe the overall design of Internet addresses and give the tradeoff. 7)Define "classless" "subnet" addressing. Describe the role of addresses "0", "1", "-1", & "255" a)A class address reserves a block of sequential addresses for an organization entity. Classless addresses are a series of non-sequential addresses assigned to an organization. b)A subnet is the set of sequential addresses allocated within a class. c)When used in the least significant part of an IP address, one or more zeros are used as place holder for "any number." It usually represents the largest possible size of the subnet. d)A IP address with its least significant byte set to the number "1" is normally reserved for the router of a subnet. More recently DSL modems, which act as a router, have been using the least significant byte address of "254". e)A negative one is a shorthand notation for all ones in a IP address. All ones is a broadcast address. f)An octet set to 255 is all ones for that octet and indicates the broadcast address for the subnet or a mask to used to extract the subnet host address from the full IP address. http://en.wikipedia.org/Subnetwork 8)Describe the design of 127.0.0.1 and explain how the address 127.0.0.1 assists with writing network code. 9)Describe the "old" versus "new" definition of "multihomed" and explain why it is required (see also p. 103 and the "weak end" system model). 10)Contrast "encapsulation," "multiplexing," and "tunneling." a)Encapsulation is the idea of keeping each network protocol layer independent by having the next lower layer place its own administrative control information outside of the higher layer information. In this way the lower layer protocol wraps around the higher layer protocol and treats it as data. b)Smart switches and routers violate the principle of encapsulation by snooping the higher layer protocol headers to make routing decisions. c)Multiplexing combines two or more logical network exchanges, such as virtual circuits or datagrams or both, onto one physical connection. d)Tunneling requires an intermediate network "A" with two gateways. Each gateway has two interfaces that accept packets from another network "B" using a protocol that is incompatible with the intermediate network protocol "A". Each gateway also encapsulates the incompatible protocol "B" with an intermediate protocol "A" packet and sends the incompatible protocol "B" packet as data to the other gateway on network "A". This gateway removes the "A" protocol and sends the resulting "B" protocol packet out the "B" network interface. UNIX Network Programming - 3rd edition - W. R. Stevens, et. al. Chapter 1 - Introduction 1)Contrast "repeater," "bridge," "router," "switch," and "gateway." http://en.wikipedia.org/wiki/Repeater http://en.wikipedia.org/wiki/Network_bridge http://en.wikipedia.org/wiki/Router http://en.wikipedia.org/wiki/Network_switch http://en.wikipedia.org/wiki/Gateway_(telecommunications) 2)Contrast "netstat," "ifconfig," "ping," "traceroute," "nslookup," and "tcpdump." Omit)Be able to comment a section of code from the TCP Daytime Client/Server examples. 4)Describe three aspects of the Unix error reporting design. (indication, type, & presentation) a)Indication: By convention, the Unix kernel returns a "-1" indicating an error occurred. The calling program, therefore, is required to check the returned value for an error condition after *every* service call. b)Type: When a system error does occur, the type of error is held in the global variable errno (error number), otherwise the value of errno is said to be undefined. c)Error types are declared in /usr/include/sys/errno.h and all begin with an "E." So when Stevens says: "The connect function returned ECONNREFUSED," he really means that the connect function returned a -1 and errno contained the constant associated with the connection refused error message. d)Presentation: To simplify the code, yet perform due diligence in error checking, Stevens provides a series of wrapper functions with the same name as the service, except the first letter is capitalized. These wrapper functions accept arguments, perform the requested service, check for error upon return, if appropriate, display an error message, and exit the program. Omit)Contrast "POSIX," "UNIX 98," "IETF," and "RFC." UNIX Network Programming - 3rd edition - W. R. Stevens, et. al. Chapter 2 - The Transport Layer: TCP and UDP 1)Describe four basic layers of network functionality and relate them to the Internet modules in Figure 2.1. 2)Contrast UDP, TCP, and SCTP based upon connection strategy, delivery method, data delimiting, and implementation. UDP TCP SCTP a)Connection N/A Virtual Cir Multi Virtual Circuit strategy Un-Reliable Reliable Reliable No Sequencing Ordered Ordered within each VC No Flow Ctrl Flow Ctrl Flow Ctrl w/i each VC One Way Full Duplex Full Duplex w/i each VC b)Delivery method Packet Byte Stream Message Streams c)Delimiting N/A N/A Yes d)Implementation UDP TCP UDP 3)Describe four ways to lose data in a network and explain how data loss leads to data duplication. a)Unable to read Universal Asynchronous Receiver/Transmitter (UART) before arrival of next character. b)Unable to read the device driver buffer before the driver fills the buffer. c)Unable to allocate a Boundary Zone buffer when packet arrival occurs. d)Unable to schedule network application so that it can read from the network. e)The fear of data loss leads to early application time-out and packet retransmission and subsequent duplication of data. 4)Explain how TCP options MSS, Window scale & Time stamp overcome the long fat pipe problem. Explain why this may not work. See also TCP_MAXSEG on p. 219. 5)Describe the basic (3) steps to complete a 3-way TCP handshake and explain how it overcomes duplicate packets. 6)Describe the basic (4) steps to close a TCP connection. 7)Describe the relationship among the five "major" TCP states and explain how this can lead to a "denial of service" attack. 8)Explain the confusion of the TIME_WAIT state and explain how it solves a basic problem in the TCP close sequence. 9)Describe the basic (4) steps to complete a 4-way SCTP handshake and explain what it was designed to overcome. 10)Define "port" and contrast "well-known," "registered," "ephemeral," and "masquerade" port numbers. a)Port is the term for a program's (client or server) address relative to its local host. b)Well-known ports are defined in the /etc/services file. They vary between 0-1023 and are maintained by the IANA. c)Registered ports vary between 1024-49151 are listed by the IANA as a convenience to network users. d)Even though UDP & TCP port numbers are independent, both protocols are listed with the same service (port number) by convention. e)Ephemeral port numbers are used by clients, automatically assigned by the transport station, and only used for the duration of the virtual circuit. f)Masquerade ports are assigned by a public gateway or router in the place of ephemeral ports used on a private network. In this way, when a public server responds to a private client, the gateway compares the received masquerade port to its table of outstanding masquerade port numbers. If a match occurs, then the original private ephemeral port and host address place back in the packet and it is sent out on the private LAN interface. http://www.iana.org/assignments/port-numbers 11)Contrast half versus full associations and duplicated versus unique associations. Explain how the same client/server pair acquires and maintains multiple unique associations. a)A full association is all the information required to create a virtual circuit and it consists of: a protocol, local host address, local program address, remote host address, and remote program address. b)A half association is the view from either the client or server side where only the protocol, local host address and local program address are known. c)A duplicated association occurs when multiple clients on the same host connect with the same server. Even though four of the five parameters are duplicated, the association is still unique because the client's transport station issued different ephemeral port numbers to each client. 12)Contrast MTU, path MTU, and path MTU discovery. a)Maximum Transmission Unit (MTU) is a data link layer designed to reflect the physical constraint set by the network interface adapter. b)But the MTU value is set by software and can vary up to the maximum allowed by the adapter. Ethernet can send packets up to 1,500 bytes for example. c)Generally point-to-point serial WAN interfaces do not have a physical limit set by the adapter and their MTUs can be very large. It should also be noted that these WAN adapters interface with a telephone company service which, in turn, tunnels the host packets as telephone calls. d)The smallest MTU packet size in a multi-hop route between two hosts is the path MTU and the path MTU may differ depending on the direction the packet takes in the sub-net. e)The sending side can make its own path MTU discovery by using the DF bit to test a packet size. Intermediate routers will return the ICMP error packet "destination unreachable" if the packet is too large. However, many firewalls drop ICMP packets, out of fear of a denial-of-service attack, which blocks path MTU discovery. 13)Describe the Minimum Reassembly Buffer sizes for V4 vs V6 and explain how this impacts UDP. a)Maximum IPv4 packet size is 65,535 including the 20 byte IP header. IPv6 is 65,575 including the 40 byte IP header. IPv6 also permits 4 billon byte (4,294,967,296) jumbo packet when the hardware and both sides agree. b)But the minimum implementation supported packet size is guaranteed to only be 576 bytes in IPv4 and 1,500 bytes in IPv6. c)Therefore, no assumptions can be made about the minimum reassembly buffer size on the remote host. IPv4 TCP applications use the MSS option in the 3-way handshake to negotiate a larger buffer and IPv4 UDP applications such as DNS, RIP, TFTP, DHCP, and SNMP limit UDP packet size to 576 bytes to insure delivery. 14)Contrast the output buffering for TCP, UDP, & SCTP. a)TCP & SCTP divide up the user buffer into chunks that will fit into the socket send buffer. Maximum Segment Size (MSS) chunks are then broken into Maximum Transmission Units (MTU) size chunks and placed in the data link output queue. But most often MSS <= MTU. b)If TCP or SCTP must manage multiple chunks of user buffer data, the user process is blocked until all the data has reached the output queue. c)Even though TCP or SCTP unblock and return to the user application, it does not mean that the packet has left the network interface adapter. d)UDP performs the same operations, but silently. Thus, the user buffer size, socket buffer data, and output queue data must all fit in one copy operation before the datagram will be sent. The UDP application is not blocked. 15)Define fragmentation. Explain why it leads to poor performance. And explain why the problem is so difficult to deal with (OS and net layers). Contrast the design of IPv4 versus IPv6 as they relate to fragmentation. a)Fragmentation is the process of sub-dividing a packet into two or more packets when the original packet size exceeds the MTU of given link in the subnet. b)Fragmentation leads to an explosion of packets and even though the amount of data does not change, each packet adds new header data which consumes network bandwidth. c)New packets must be held in buffers which drain buffer pools and starve existing virtual circuits operating in tandem with the fragmented virtual circuit. d)And new packets require extra processing and buffers when they arrive at the receiving host. e)It is a difficult problem because fragmentation occurs at the network layer hidden from the transport and application layers. f)IPv6 was designed with path MTU discovery to prevent fragmentation, but it continues to occur in IPv4. Omit)Explain the how the concept of a delivery service changes depending upon which layer is providing the service. a)The application layer employs sockets to request a datagram, virtual circuit, or stream control service. b)Regardless of the service provided, the transport layer breaks the data into packets for the network layer. c)The network layer may further adjust packet size to fit the needs of the data link layer. d)The telephone company, acting as physical layer, reformats the data link packets into a telephone call formated virtual circuit.