# CS 456

# 1. Computer Network and the Internet

## 1.1 What is the Internet

### 1.1.1 A Nuts-and-Bolts Description

Devices connected to the Internet are **host** (equivalently, **end systems**).

End systems are connected together via **communication links** and **packet switches**.  

**Transmission rate** (or **bandwidth**), measured in bits/second, is the rate of data being transmitted over a link.  
**Packets** are packages of information sent over a link.

A _packet switch_ takes a _packet_ arriving on one of its incoming communication links and forward that packet on one of its outgoing communication links.  
Two prominent packet switches are **routers** and **link-layer switches**.  
_Link-layer switches_ are typically used in access networks, while _routers_ are typically used in the network core.

The sequence of communication links and packet switches traversed by a packet from the sending end system to the receiving end system is known as a **route** or **path** through the network.

End systems access the Internet through **Internet Service Providers** (**ISPs**).  
The Internet is all about connecting end systems to each other, so the ISPs that provide access to end systems must also be interconnected.  
Lower-tier ISPs are interconnected through national and international upper-tier ISPs.  
An upper-tier ISP consists of high-speed routers interconnected with high-speed fiber-optic links.

End systems, packet switches, and other pieces of the Internet run **protocols** that control the sending and receiving of information within the Internet.  
Two most important protocols: **Transmission Control Protocol** (**TCP**) and the **Internet Protocol** (**IP**).  
IP specifies the format of the packets.  
The Internet’s principal protocols are collectively known as **TCP/IP**.

**Internet standards** are developed by the Internet Engineering Task Force (IETF).  
To ensure systems and products can inter-operate with each other.  
The IETF standards documents are called **requests for comments** (**RFCs**).

### 1.1.2 A Services Description

Internet in another angle: _an infrastructure that provides services to applications_.  
**Distributed applications**, applications that involve multiple end systems that exchange data with each other.

End systems attached to the Internet provide an **Application Programming Interface** (**API**) that specifies how a program running on one end system asks the Internet infrastructure to _deliver data_ to a _specific destination_ program running on another end system.


### 1.1.3 What is a Protocol?

> A **protocol** defines the _format_ and the _order_ of messages exchanged between two or more communicating entities, as well as the _actions taken_ on the transmission and/or receipt of a message or other event.


## 1.2 The Network Edge

Applications and end systems are at the _edge of the network_.

_Host = end system._

Hosts can be divided into two categories: **clients** and **servers**.

### 1.2.1 Access Networks

_Access network_-- the network that physically connects an end system to the first router (also known as _edge router_) on a path from the end system to any other distant end system.

#### Home Access: DSL, Cable, FTTH, Dial-up, and Satellite

Two most prevalent types of broadband residential access are **digital subscriber line** (**DSL**) and cable.

When DSL is used, a customer's telco is also its ISP.  
Each customer's DSL modem uses the existing telephone line to exchange data with a _digital subscriber line access multiplexer_ (DSLAM) located in the telco's local central office (CO).

Residential telephone line carries both data and telephone signals simultaneously (asynchronous):

* A high-speed downstream channel, in the 50 kHz to 1 MHz band
* A medium-speed upstream channel, in the 4 kHz to 50 kHz band
* An ordinary two-way telephone channel, in the 0 to 4 kHz band

---

**Cable Internet access** utilizes cable television company's existing cable television infrastructure.  
Fiber optics connect the cable head end to neighborhood-level junctions, from which traditional coaxial cable is then used to reach individual houses and apartments.  
Both fiber and coaxial cable are employed in this system, it is often referred to as _hybrid fiber coax_ (HFC).

Cable Internet access requires a cable modem.  
At the cable head end, the _cable modem termination system_ (CMTS) serves a similar function as a DSLAM -- turning the analog signal sent from the cable modems in many downstream homes back into digital format.  
Cable modems divide the HFC network into two channels, a downstream and an upstream channel, with asynchronous access.

One important characteristic of cable Internet access is that it is a _shared broadcast medium_.  
If several users are simultaneously using the downstream channel, the actual rate at which each user receives its content will be significantly lower than the aggregate cable downstream rate.  
Because the upstream channel is also shared, a distributed multiple access protocol is needed to coordinate transmissions and avoid collisions.

---

**Fiber to the home** (**FTTH**) provides even higher speed.  
The FTTH concept is simple -- provide an optical fiber path from the CO directly to the home.

The simplest optical distribution network is _direct fiber_, with one fiber leaving the CO for each home.  
More commonly, each fiber leaving the central office is actually shared by many homes;
it is not until the fiber gets relatively close to the homes that it is split into individual customer-specific fibers.

Two competing optical-distribution network architectures that perform splitting:

* active optical networks (AONs) -- essentially switched Ethernet
* passive optical networks (PONs)

In a PON, each home has an _optical network terminator_ (ONT), which is connected by dedicated optical fiber to a neighbourhood splitter.  
Splitter connects to an _optical line terminator_ (OLT) in the telco's CO.  
In the PON architecture, all packets sent from OLT to the splitter are replicated at the splitter.

---

In locations where DSL, cable, and FTTH are not available, a satellite link can be used to connect a residence to the Internet at speeds of more than 1 Mbps.

Dial-up access over traditional phone lines is based on the same model as DSL -- a home modem connects over a phone line to a modem in the ISP.  
Dial-up access is excruciatingly slow at 56 kbps.

#### Access in the Enterprise (and the Home): Ethernet and WiFi

Wireless LAN access based on IEEE 802.11 technology, more colloquially known as WiFi, is now just about everywhere.

#### Wide-Area Wireless Access: 3G and LTE

3G -- third-generation wireless

LTE -- Long-term Evolution

### 1.2.2 Physical Media

**Bit**: propagates between transmitter/receiver pairs.

**Physical link**: what lies between transmitter & receiver.

For each transmitter-receiver pair, the bit is sent by propagating electromagnetic waves or optical pulses across a **physical medium**.

Physical media fall into two categories:

* **guided media**: the waves are guided along a solid medium         
* **unguided media**: the waves propagate in the atmosphere and in outer space

#### Twisted-Pair Copper Wire

Least expensive and most commonly used guided transmission medium.  
Two insulated copper wires.

A Wire pair constitutes as a single communication link.

**Unshielded twisted pair** (**UTP**) is commonly used for computer networks within a building.

#### Coaxial Cable

Two concentric copper conductors.  
Bidirectional.  
Can be used as a guided **shared medium**.

Multiple channels on cable; HFC.

#### Fiber Optics

Glass fiber carrying light pulses, each pulse represents a bit.  
High-speed operation, high-speed point-to-point transmission.

Low error rate:

* repeaters spaced far apart
* immune to electromagnetic noise

#### Terrestrial Radio Channels

Bidirectional.

Radio channels carry signals in the electromagnetic spectrum.  
No installation of physical wires, can penetrate walls, provide connectivity to a mobile user, and can potentially carry a signal for long distances.

Propagation environment effects:

* reflection
* obstruction by objects
* interference

#### Satellite Radio Channels

A communication satellite links two or more Earth-based microwave transmitter/receivers, known as ground stations.  
Satellite receives transmission on one frequency band, regenerates the signal using a repeated, and transmits the signal on another frequency.

Two types of satellites used:

* **geostationary satellites**
    * permanently remain above the same spot on Earth
    * end-to-end delay of 280 ms
* **low-earth orbiting** (**LEO**) **satellites**
    * rotate around Earth and may communicate with each other
    * many satellites required to continuously provide coverage to an area

## 1.3 The Network Core

### 1.3.1 Packet Switching

Long messages are broken into smaller chunks of data known as **packets**, of length $L$.  
Each packet travels through communication links and **packet switches** from source to destination.  
Packets are transmitted over each communication link at a rate equal to the _full_ transmission rate of the link, at rate $R$ bits/s.

$$\text{packet transmission delay} = \text{time needed to transmit L-bit packet into link} = \frac{L\text{ (bits)}}{R\text{(bits/sec)}}$$

Link transmission rate = link **capacity** = **link bandwidth**.

#### Store-and-Forward Transmission

The packet switch must receive the _entire_ packet before it can begin to transmit the first bit of the packet onto the outbound link.

End-to-end delay of $N$ links each of rate $R$ is

$$ d_{\text{end-to-end}} = N \frac{L}{R}$$

#### Queuing Delays and Packet Loss

If an arriving packet needs to be transmitted onto a link but the link is busy with the transmission of another packet, the arriving packet suffers **output buffer**'s **queuing delays**.  
Since output buffer is finite in space, **packet loss** will occur -- either the arriving packet or one of the already-queued packets will be dropped.

#### Forwarding Tables and Routing Protocols

When a source end system sends a packet to a destination end system, it includes the destination's IP address in the packet's header.  
The router examines a portion of the packet's destination address and forwards the packet to an adjacent router.  
Each router has a **forwarding table** that maps destination addresses (or portions of the destination addresses) to that router's outbound links.

The Internet has a number of special **routing protocols** that are used to automatically set the forwarding tables.

### 1.3.2 Circuit Switching

An _alternate_ approach to moving data through a network of links and switches.  
Commonly used in traditional telephone networks.

End-to-end resources along a path (buffers, link transmission rate) reserved for the duration of the communication session between the end systems.

Before the sender can send the information, the network must establish a connection between the sender and the receiver.  
This is a _bona fide_ connection for which the switches along the path maintain connection state for that connection.  
This connection is called a **circuit**.  
Circuit segment idle if not used, i.e. no sharing.

A constant transmission rate is reserved, such that the data transfers at the _guaranteed_ constant rate.

#### Multiplexing in Circuit-Switched Networks

A circuit in a link is implemented in two ways:

* **frequency-division multiplexing** (**FDM**)
    * a frequency band is dedicated for the duration of the connection
    * the width of the band is called **bandwidth**
* **time-division multiplexing** (**TDM**)
    * time is divided into frames of fixed duration, and each frame is divided into a fixed number of time slots
    * each circuit gets all of the bandwidth periodically during brief intervals of time

#### Packet Switching Vs. Circuit Switching

Pros of packet switching:

* offers better sharing of transmission capacity
* simpler, more efficient, and less costly to implement
* great for burst-y data
    * resource sharing

Cons of packet switching:

* not suitable for real-time services
* excessive congestion possible: packet delay and loss
    * protocols needed for reliable data transfer, congestion control

### 1.3.3 A Network of Networks

Review slides.

## 1.4 Delay, Loss, and Throughput in Packet-Switched Networks

Packet _queue_ in router buffers, packet arrival rate to link (temporarily) exceeds output link capacity.  
PAckets queue, wait for turn.

### 1.4.1 Overview of Delay in Packet-Switched Networks

A packet can suffer from several types of delays at _each_ node along the path.  
The most important delays are:

* **nodal processing delay**, $d_{\text{proc}}$
    * examine the packet's header and determine output link
    * check for bit-level errors in the packet during receiving
    * typically on the order of microseconds or less
* **queuing delay**, $d_{\text{queue}}$
    * time waiting at output link for transmission
    * depends on congestion level of router, typically order of microseconds to milliseconds
* **transmission delay**, $d_{\text{trans}}$
    * amount of time to push all of the packet's bits into the link
    * $L$: _packet length_ in bits
    * $R$: _link bandwidth_ in bps
    * $\frac{L}{R}$
    * typically order of microseconds to milliseconds
* **propagation delay**, $d_{\text{prop}}$
    * time needed to _physically_ propagate from one node to another node
    * $d$: _length of physical link_
    * $s$: propagation speed (in the range from $2 \cdot 10^{8}$ m/s to $3 \cdot 10^{8}$ m/s)
    * $\frac{d}{s}$

Combined, they accumulate to **total nodal delay**, $d_{\text{nodal}}$,
$$d_{\text{nodal}} = d_{\text{proc}} + d_{\text{queue}} + d_{\text{trans}} + d_{\text{prop}}$$

### 1.4.2 Queuing Delay and Packet Loss

$R$: link bandwidth (bps)  
$L$: packet length (bits)  
$a$: _average_ packet arrival rate

The average rate at which bits arrive at the queue is $La$ bits/sec.  
The ratio $\frac{La}{R}$, called **traffic intensity**, plays an important role in estimating the extent of the queuing delay.

If $\frac{La}{R} > 1$, the queuing delay will approach infinity!  
More bits arrive into the queue than the bits can be transmitted from the queue.

If $\frac{La}{R} \sim{>} 1$, average queuing delay large.

If $\frac{La}{R} \sim 0$, average queuing delay small.

#### Packet Loss

Queue capacity is finite, packet delays do not approach infinity as the traffic intensity approaches 1.  
Instead, a router will **drop** the packet, resulting in a **packet loss**.

The fraction of lost packets increases as the traffic intensity increases.

Lost packet _may_ be retransmitted by previous node, by source end system, or not at all.

### 1.4.3 End-to-End Delay

`traceroute` program: provides delay measurement from source to router along path towards destination.  
For all $i$:

* sends three packets that will reach router $i$ on path towards destination
* router $i$ will return packets to sender
* sender times the interval between transmission and reply

### 1.4.4 Throughput in Computer Networks

**throughput**: rate (bits/time unit) at which bits transferred between sender/receiver

* **instantaneous**: rate at a given point in time
* **average**: rate over longer period of time

The node with the lowest throughput is the **bottleneck link**.

## 1.5 Protocol Layers and Their Service Models

The Internet is a complicated system with many pieces: hosts, routers, links of various media, applications, protocols, hardware, and software.

### 1.5.1 Layered Architecture

A layered architecture allows us to discuss a well-defined, specific part of a large and complex system.  
Modularization eases maintenance, updating of system (change of implementation of layer's service transparent to rest of system).

The ability to change the implementation of a service without affecting other components of the system is another important advantage of layering.

Each layer implements a service (provide to the layer above) via its own internal-layer actions, while relying on services provided by layer below.

#### Protocol Layering

Each protocol belongs to one of the layers.  
Interested in the **services** that a layer offers to the layer above -- the so-called **service model** of a layer.

A protocol layer can be implemented in software, in hardware, or both.

Application-layer protocols are almost always implemented in software in the end systems; so are transport-layer protocols.

When taken together, the protocols of the various layers are called the **protocol stack**.

#### Internet Protocol Stack

* **Application**
    * supporting network applications
        * FTP, SMTP, HTTP
    * distributed over multiple hosts
        * packet of information exchanged amongst hosts is a **message**
* **Transport**
    * process data transfer
        * TCP, UDP
    * a transport-layer packet is a **segment**
* **Network**
    * routing of **datagrams** (network-layer packets) from source to destination
        * IP, routing protocols
* **Link**
    * data transfer between neighbouring network elements
        * Ethernet, 802.11 (WiFi), PPP
    * link-layer packets is a **frame**
* **Physical**
    * bits "on the wire"

#### The ISO/OSI Model

* **Application**
* **Presentation**
    * allow applications to interpret meaning of data
        * e.g. encryption, compression, machine-specific conventions
* **Session**
    * synchronization, checkpointing, recovery of data exchange
* **Transport**
* **Network**
* **Link**
* **Physical**

### 1.5.2 Encapsulation

![encapsulation](Assets/network-1.24.png)

Routers only implements Network, Link, and Physical layers.  
Link-layer switches only implement Link and Physical layers; unable to recognize IP addresses.  
Host implements all 5 layers.

At each layer, a packet has two types of fields: header fields and a **payload field**.  
The payload is typically a packet form the layer above.

The process of encapsulation can be more complex than that described above.  
For example, a large message may be divided into multiple transport-layer segments (which might themselves each be divided into multiple network-layer datagrams).  
At the receiving end, such a segment must then be reconstructed from its constituent datagrams.

## 1.6 Networks Under Attack

Fields in network security:

* how bad guys can attack computer networks
* how we can defend networks against attacks
* how to design architectures that are immune to attacks

Internet not originally designed with (much) security in mind.  
Original vision,
> a group of mutually trusting users attached to a transparent network

Internet protocol designers playing "catch-up".  
Security considerations in _all_ layers.

#### The bad guys can put malware into your host via the Internet

Malware can get in the host from:

* **virus**: self-replicating infection by receiving/executing object (e.g., email attachment)
* **worm**: self-replicating infection by passively receiving object that gets itself executed

**Spyware** can record keystrokes, websites visited, upload info to collection site, etc.

Infected hosts can be enrolled in **botnet**, used for spam and **distributed** DoS (**DDoS**) attacks.

#### The bad guys can attack servers and network infrastructure

**Denial-of-service** (**DoS**) **attacks**: renders a network, host, or other piece of infrastructure unusable by legitimate traffic by overwhelming resource with bogus traffic.

Steps of attack:

1. Select target
2. Break into hosts around the network
3. Send packets to target from compromised hosts

In a DDoS attack, the attacker controls multiple sources and has each source blast traffic at the target.

Most DoS attacks fall into one of three categories:

* _Vulnerability attack_
    * exploits vulnerable applications
* _Bandwidth flooding_
    * prevent legitimate packets from reaching the server
* _Connection flooding_
    * establishes a large number of half-open or fully open TCP connections, preventing new legitimate connections

#### The bad guys can sniff packets

**packet sniffer**: a passive receiver that records a copy of every packet passing transmitted in a network.  
Sniffed packets contain sensitive information!

Some of the best defences against packet sniffing involves cryptography.

#### The bag guys can masquerade as someone you trust

The ability to inject packets into the Internet with a false source address is **IP spoofing**, and is but on of many ways in which one user can masquerade as another user.

To solve this problem, need _end-point authentication_.  
A mechanism to determine with certainty if a message from originates from where it should be.

## 1.7 History of Computer Networking and the Internet

### 1.7.1  The Development of Packet Switching: 1961 - 1972

* 1961: Kleinrock -- queuing theory shows effectiveness of packet-switching
* 1964: Baran -- packeting-switching in military nets
* 1967: ARPAnet conceived by Advanced Research Projects Agency
* 1969: first ARPAnet node operational
* 1972
    * ARPAnet public demo
    * NCP (Network Control Protocol) first host-host protocol
    * first email program
    * ARPAnet has 15 nodes

### 1.7.2 Proprietary Networks and Internetworking: 1972 - 1980

* 1970: ALOHAnet satellite network in Hawaii
* 1974: Cerf and Kahn - architecture for interconnecting networks
    * minimalism, autonomy -- no internal changes required to interconnect networks
    * best effort service model
    * stateless routers
    * decentralized control
* 1976: Ethernet at Xerox PARC
* late 70s
    * proprietary architectures: DECnet, SNA, XNA
    * switching fixed length packets (ATM precursor)
* 1979: ARPAnet has 200 nodes

Cerf and Kahn's internetworking principles define today's Internet architecture.

### 1.7.3 A Proliferation of Networks: 1980 - 1990

* 1982: SMTP email protocol defined
* 1983
    * deployment of TCP/IP
    * DNS defined for name-to-IP-address translation
* 1985: FTP protocol defined
* 1988: TCP congestion control

New national networks: CSnet, BITnet, NSFnet, Minitel.

100,000 hosts connected to confederation of networks.

### 1.7.4 The Internet Explosion: 1990s

* early 1990s: ARPAnet decommissioned
* 1991: NSF lifts restrictions on commercial use of NSFnet (decommissioned, 1995)
* early 1990s: Web
    * hypertext
    * HTML, HTTP
    * 1994: Mosaic, later Netscape
    * late 1990s: commercialization of the Web
* late 1990s to 2000s
    * more killer apps: instant messaging, P2P file sharing
    * network security to forefront
    * estimated 50 million hosts, 100+ million users
    * backbone links running at Gbps

### 1.7.5 The New Millennium

* 2005 to present
    * ~5B devices attached to Internet (2016)
        * includes smartphones and tablets
    * aggressive deployment of broadband access
    * increasing ubiquity of high-speed wireless access
    * emergence of online social network
    * service providers (Google, Microsoft) create their own networks
        * bypass Internet, providing "instantaneous" access to search, video content, email, etc.
    * e-commerce, universities, enterprises running their services in "cloud" (e.g. Amazon EC2)