Chapter 1: Introduction

Adapted from the slides provided by J.F Kurose and K.W. Ross
All material copyright 1996-2009
J.F Kurose and K.W. Ross, All Rights Reserved
Chapter 1: roadmap
1.1 What is the Internet?
1.2 Network edge
 end systems, access networks, links
1.3 Network core
 circuit switching, packet switching, network structure
1.4 Delay, loss and throughput in packet-switched
networks
1.5 Protocol layers, service models
1.6 Networks under attack: security
1.7 History

Introduction 1-2
Internet Components
PC  millions of connected Mobile network
server computing devices: Global ISP
wireless hosts = end systems
laptop
 running network
cellular
handheld apps Home network
Regional ISP
 communication links
access  fiber, copper,
points
wired
radio, satellite Institutional network
links  transmission
rate = bandwidth
 routers: forward
router
packets (chunks of
data)
Introduction 1-3
Internet Components
Mobile network
 Internet: “network of
networks” Global ISP
 loosely hierarchical
 public Internet versus
private intranet Home network
 Internet standards Regional ISP
 RFC: Request for comments
 IETF: Internet Engineering
Institutional network
Task Force
 protocols control sending,
receiving of msgs
 e.g., TCP, IP, HTTP, Skype,
Ethernet

Introduction 1-4
What’s a protocol?
a human protocol and a computer network protocol:

Hi
TCP connection
request
Hi
TCP connection
Got the response
time? Get http://www.awl.com/kurose-ross
2:00
<file>
time

Introduction 1-5
What’s a protocol?
human protocols: network protocols:
 “what’s the time?”  machines rather than
 “I have a question” humans
 introductions  all communication
activity in Internet
governed by protocols
… specific msgs sent
… specific actions protocols define format,
taken when msgs order of msgs sent and
received, or other received among network
events entities, and actions
taken on msg
transmission, receipt
Introduction 1-6
What’s the Internet: a service view
 communication
infrastructure enables
distributed applications:
 Web, VoIP, email, games,
e-commerce, file sharing
 communication services
provided to apps:
 reliable data delivery
from source to
destination
 “best effort” (unreliable)
data delivery

Introduction 1-7
Chapter 1: roadmap
1.1 What is the Internet?
1.2 Network edge
 end systems, access networks, links
1.3 Network core
 circuit switching, packet switching, network structure
1.4 Delay, loss and throughput in packet-switched
networks
1.5 Protocol layers, service models
1.6 Networks under attack: security
1.7 History

Introduction 1-8
A closer look at network structure:
 network edge:
applications and
hosts
 access networks,
physical media:
wired, wireless
communication links
 network core:
 interconnected
routers
 network of
networks Introduction 1-9
 The network edge:
 end systems (hosts):
 run application programs
 e.g. Web, email
 at “edge of network” peer-peer
 client/server model
 client host requests, receives
service from always-on server
client/server
 e.g. Web browser/server;
email client/server
 peer-peer model:
 minimal (or no) use of
dedicated servers
 e.g. Skype, BitTorrent
Introduction 1-10
Access networks and physical media
Q: How to connect end
systems to edge router?
 residential access nets
 institutional access
networks (school,
company)
 mobile access networks

Keep in mind:
 bandwidth (bits per
second) of access
network?
 shared or dedicated?
Introduction 1-11
Dial-up Modem
central
office
telephone
network Internet

home ISP
home
dial-up modem
PC
modem (e.g., AOL)

 Uses existing telephony infrastructure

 Home is connected to central office
 up to 56Kbps direct access to router (often less)
 Can’t surf and phone at same time: not “always on”
Digital Subscriber Line (DSL)
Existing phone line: Internet
0-4KHz phone; 4-50KHz
home upstream data; 50KHz-1MHz
phone downstream data

DSLAM

telephone
splitter network

DSL
modem central
office
home
PC

 Also uses existing telephone infrastructure

 Very-high-speed DSL (VDSL) is up to 52 Mbit/s
downstream and 16 Mbit/s upstream
 Hong Kong Carriers: HGC and PCCW
Cable
 Does not use telephone infrastructure
 Instead uses cable TV infrastructure

 HFC: hybrid fiber coax

 up to 30Mbps downstream, 2 Mbps upstream
 network of cable and fiber attaches homes to
ISP router
 homes share access to router
 unlike DSL, which has dedicated access
 Hong Kong Carrier: i-cable (130M downstream
service available)

Introduction 1-14
Fiber to the Home (FTTH)
ONT

Internet optical
fibers

ONT
optical
fiber
OLT
optical
central office splitter

ONT

 Optical links from central office to the home

 Much higher Internet rates; fiber also carries
television and phone services (100M in HK)
 Hong Kong Carriers: PCCW and HKBN
Ethernet Internet access
100 Mbps Institutional
router
Ethernet To Institution’s
switch ISP

100 Mbps

1 Gbps
100 Mbps

server
 Typically used in companies, universities, etc
 10 Mbs, 100Mbps, 1Gbps, 10Gbps Ethernet
 Today, end systems typically connect into Ethernet
switch
Wireless access networks
 shared wireless access
network connects end system
to router router
 via base station aka “access
point”
base
 wireless LANs: station
 802.11b/g (WiFi): 11 or 54 Mbps

 wider-area wireless access

 provided by telco operator
 ~1Mbps over cellular system
mobile
(EVDO, HSDPA)
hosts

Introduction 1-17
Home networks
Typical home network components:
 DSL or cable modem
 router/firewall/NAT
 Ethernet
 wireless access
point
wireless
to/from laptops
cable router/
cable
modem firewall
headend
wireless
access
Ethernet point

Introduction 1-18
Chapter 1: roadmap
1.1 What is the Internet?
1.2 Network edge
 end systems, access networks, links
1.3 Network core
 circuit switching, packet switching, network structure
1.4 Delay, loss and throughput in packet-switched
networks
1.5 Protocol layers, service models
1.6 Networks under attack: security
1.7 History

Introduction 1-19
 The Network Core
 mesh of interconnected
routers
 the fundamental
question: how is data
transferred through net?
 circuit switching:
dedicated circuit per
call: telephone net
 packet-switching: data
sent thru net in
discrete “chunks”

Introduction 1-20
 Network Core: Circuit Switching
End-end resources
reserved for “call”

 dedicated resources: no
sharing
 resource piece idle if not
used by owning call
 circuit-like (guaranteed)
performance
 call setup required

Introduction 1-21
Network Core: Packet Switching
each end-end data stream resource contention:
divided into packets  aggregate resource
 user A, B packets share demand can exceed
network resources amount available
 each packet uses full link  congestion: packets
bandwidth queue, wait for link use
 resources used as needed  store and forward:
packets move one hop
at a time
Bandwidth division into “pieces”  Node receives complete
Dedicated allocation packet before forwarding
Resource reservation

Introduction 1-22
 Packet Switching: Statistical Multiplexing
100 Mb/s
A Ethernet statistical multiplexing C

1.5 Mb/s
B
queue of packets
waiting for output
link

D E

Sequence of A & B packets does not have fixed pattern,

bandwidth shared on demand  statistical multiplexing.
TDM: each host gets same slot in revolving TDM frame.
Introduction 1-23
 Packet switching versus circuit switching
Packet switching allows more users to use network!
 1 Mb/s link
 each user:
 100 kb/s when “active”
 active 10% of time

N users
 circuit-switching: 1 Mbps link
 10 users
 packet switching:
 with 35 users, Q: how did we get value 0.0004?
probability > 10 active
at same time is less
than .0004
Introduction 1-24
 Packet switching versus circuit switching
Is packet switching a “slam dunk winner?”
 great for bursty data
 resource sharing
 simpler, no call setup
 excessive congestion: packet delay and loss
 protocols needed for reliable data transfer,
congestion control
 Q: How to provide circuit-like behavior?
 bandwidth guarantees needed for audio/video apps
 still an unsolved problem

Introduction 1-25
 Internet structure: network of networks
 “Tier-2” ISPs: smaller (often regional) ISPs
 Connect to one or more tier-1 ISPs, possibly other tier-2 ISPs

Tier-2 ISPs
Tier-2 ISP pays Tier-2 ISP also peer
Tier-2 ISP privately with
tier-1 ISP for
connectivity to Tier 1 ISP each other.
rest of Internet
 tier-2 ISP is
customer of
tier-1 provider Tier 1 ISP Tier 1 ISP Tier-2 ISP

Tier-2 ISP Tier-2 ISP

Introduction 1-26
 Internet structure: network of networks
 “Tier-3” ISPs and local ISPs
 last hop (“access”) network (closest to end systems)

local
ISP Tier 3 local
local local
ISP ISP
ISP ISP
Local and tier- Tier-2 ISP Tier-2 ISP
3 ISPs are
customers of Tier 1 ISP
higher tier
ISPs
connecting
them to rest
Tier 1 ISP Tier 1 ISP Tier-2 ISP
of Internet
local
Tier-2 ISP Tier-2 ISP
ISP
local local local
ISP ISP ISP Introduction 1-27
 Internet structure: network of networks
 a packet passes through many networks!

local
ISP Tier 3 local
local local
ISP ISP
ISP ISP
Tier-2 ISP Tier-2 ISP

Tier 1 ISP

Tier 1 ISP Tier 1 ISP Tier-2 ISP

local
Tier-2 ISP Tier-2 ISP
ISP
local local local
ISP ISP ISP Introduction 1-28
Chapter 1: roadmap
1.1 What is the Internet?
1.2 Network edge
 end systems, access networks, links
1.3 Network core
 circuit switching, packet switching, network structure
1.4 Delay, loss and throughput in packet-switched
networks
1.5 Protocol layers, service models
1.6 Networks under attack: security
1.7 History

Introduction 1-29
How do loss and delay occur?
packets queue in router buffers
 packet arrival rate to link exceeds output link
capacity
 packets queue, wait for turn

packet being transmitted (delay)

B
packets queueing (delay)
free (available) buffers: arriving packets
dropped (loss) if no free buffers
Introduction 1-30
Four sources of packet delay
 1. nodal processing:  2. queueing
 check bit errors  time waiting at output
 determine output link link for transmission
 depends on congestion
level of router

transmission
A propagation

B
nodal
processing queueing

Introduction 1-31
Delay in packet-switched networks
3. Transmission delay: 4. Propagation delay:
 R=link bandwidth (bps)  d = length of physical link
 L=packet length (bits)  s = propagation speed in
 time to send bits into medium (~2x108 m/sec)
link = L/R  propagation delay = d/s

Note: s and R are very

different quantities!
transmission
A propagation

B
nodal
processing queueing
Introduction 1-32
Nodal delay
d nodal  d proc  d queue  d trans  d prop

 dproc = processing delay

 typically a few microsecs or less
 dqueue = queuing delay
 depends on congestion
 dtrans = transmission delay
 = L/R, significant for low-speed links
 dprop = propagation delay
 a few microsecs to hundreds of msecs

Introduction 1-33
Queueing delay (revisited)

 R=link bandwidth (bps)

 L=packet length (bits)
 a=average packet
arrival rate

traffic intensity = La/R

 La/R ~ 0: average queueing delay small

 La/R -> 1: delays become large
 La/R > 1: more “work” arriving than can be
serviced, average delay infinite!
Introduction 1-34
 Packet loss
 queue (aka buffer) preceding link in buffer has
finite capacity
 packet arriving to full queue dropped (aka lost)
 lost packet may be retransmitted by previous
node, by source end system, or not at all
buffer
(waiting area) packet being transmitted
A

B
packet arriving to
full buffer is lost
Introduction 1-35
 Throughput
 throughput: rate (bits/time unit) at which
bits transferred between sender/receiver
 instantaneous: rate at given point in time
 average: rate over longer period of time

server,
server sendswith link
bits pipe capacity
that can carry link that
pipe capacity
can carry
file of
(fluid) F bits
into pipe fluid at rate
Rs bits/sec Rfluid at rate
c bits/sec
to send to client Rs bits/sec) Rc bits/sec)

Introduction 1-36
 Throughput (more)
 Rs < Rc What is average end-end throughput?

Rs bits/sec Rc bits/sec

 Rs > Rc What is average end-end throughput?

Rs bits/sec Rc bits/sec

bottleneck link
link on end-end path that constrains end-end throughput
Introduction 1-37
Throughput: Internet scenario

Rs
 per-connection
Rs Rs
end-end
throughput:
R
min(Rc,Rs,R/10)
 in practice: Rc or Rs Rc Rc
is often bottleneck Rc

10 connections (fairly) share

backbone bottleneck link R bits/sec
Introduction 1-38
Chapter 1: roadmap
1.1 What is the Internet?
1.2 Network edge
 end systems, access networks, links
1.3 Network core
 circuit switching, packet switching, network structure
1.4 Delay, loss and throughput in packet-switched
networks
1.5 Protocol layers, service models
1.6 Networks under attack: security
1.7 History

Introduction 1-39
Internet protocol stack
 application: supporting network
applications
 FTP, SMTP, HTTP
application
 transport: process-process data
transfer transport
 TCP, UDP
 network: routing of datagrams from network
source to destination
 IP, routing protocols link
 link: data transfer between neighboring
network elements physical
 PPP, Ethernet
 physical: bits “on the wire”

Introduction 1-40
 message M
source
application
Encapsulation
segment Ht M transport
datagram Hn Ht M network
frame Hl Hn Ht M link
physical
link
physical

switch

destination Hn Ht M network
M application
Hl Hn Ht M link Hn Ht M
Ht M transport physical
Hn Ht M network
Hl Hn Ht M link router
physical

Introduction 1-41
Chapter 1: roadmap
1.1 What is the Internet?
1.2 Network edge
 end systems, access networks, links
1.3 Network core
 circuit switching, packet switching, network structure
1.4 Delay, loss and throughput in packet-switched
networks
1.5 Protocol layers, service models
1.6 Networks under attack: security
1.7 History

Introduction 1-42
Network Security
 The field of network security is about:
 how bad guys can attack computer networks
 how we can defend networks against attacks
 how to design architectures that are immune to
attacks
 Internet not originally designed with
(much) security in mind
 original vision: “a group of mutually trusting
users attached to a transparent network” 
 Internet protocol designers playing “catch-up”
 Security considerations in all layers!

Introduction 1-43
Bad guys can put malware into
hosts via Internet
 Malware can get in host from a virus, worm, or
trojan horse.

 Spyware malware can record keystrokes, web

sites visited, upload info to collection site.

 Infected host can be enrolled in a botnet, used

for spam and DDoS attacks.

 Malware is often self-replicating: from an

infected host, seeks entry into other hosts

Introduction 1-44
Bad guys can put malware into
hosts via Internet
 Trojan horse  Worm:
 Hidden part of some  infection by passively
otherwise useful receiving object that gets
software itself executed
 Today often on a Web  self- replicating: propagates
page (Active-X, plugin) to other hosts, users
 Virus Sapphire Worm: aggregate scans/sec
 infection by receiving in first 5 minutes of outbreak (CAIDA, UWisc data)

object (e.g., e-mail

attachment), actively
executing
 self-replicating:
propagate itself to other
hosts, users
Introduction 1-45
 Bad guys can attack servers and
network infrastructure
 Denial of service (DoS): attackers make resources
(server, bandwidth) unavailable to legitimate traffic
by overwhelming resource with bogus traffic
1. select target
2. break into hosts
around the network
(see botnet)
3. send packets toward
target from target
compromised hosts

Introduction 1-46
The bad guys can sniff packets
Packet sniffing:
 broadcast media (shared Ethernet, wireless)
 promiscuous network interface reads/records all packets
(e.g., including passwords!) passing by

A C

src:B dest:A payload

B

Introduction 1-47
The bad guys can use false source
addresses
 IP spoofing: send packet with false source address
A C

src:B dest:A payload

Introduction 1-48
The bad guys can record and
playback
 record-and-playback: sniff sensitive info (e.g.,
password), and use later
 password holder is that user from system point of view

C
A

src:B dest:A user: B; password: foo

Introduction 1-49