KTN Notes
KTN Notes
KTN Notes
og Nett
Chapter 1 - Computer networks and the internet
1.1 What is the internet?
A Nuts.and-Bolts description
- Host (end system), server, mobile, router, link-layer switch, modem, base station, smartphone,
cell phone tower.
- End systems are connected together by a network of communication links and packet switches.
Communication links can be cable, copper wire, optical fiber and radio.
one of its outgoing communication links. The two most common packet switches are routers and
link-layer switches.
Just like trucks moving from a warehouse to its delivery location using roads and intersections,
data travels in packages trough a computer network.
Internet Service Providers (ISPs) is what end systems access the internet trough.
End systems, packet switches and other pieces of the internet runs protocols that control the
sending and receiving of information on the internet. Transmission Control Protocol (TCP) and
internet Protocol (IP) are two of the most important. IP specifies the format of the packages.
To make sure that everyone agrees on what each protocol means the Internet standards was
developed. They define the protocols.
A Service description
What is a protocol?
- A protocol defines a set of actions to take when sending and receiving messages, much like how
people communicate, saying 'Hi' first, and based on the response decides what to do next.
also referred to as hosts because they host applications. Hosts are divided into two categories,
servers and clients.
Access network is the network connecting edge systems to the first router, known as edge
router.
Frequency-division multiplexing (FDM), splitting up the frequency spectre so that several
things can use the same wire (DSL using the same as the telephone).
Hybrid fiber coax (HFC), connecting trough the cable television companys existing cable.
Uses a special modem, to exchange between analog signals and digital.
Fiber, promises much faster speed than cable and DSL.
- Twisted-pair copper wires is the most used wires, it is two wires twisted around each other. This
is done to prevent interference from other wires. The width and length of the wire decides the
bandwidth, reaching up to 10 Gbps.
- Fiber optics are better on long distance, it uses flashes of light to represent bits. It has a higher
cost.
- Each packet switch has multiple links attached to it, and each link has its own output buffer. If an
arriving packet finds a link busy with another packet, its placed in the output buffer to wait for
the link to open up. If the output buffer is already full, either the incoming packet or the packet in
the buffer willl be dropped, this is called packet loss.
- Each router has a forwarding table, mapping destinations to outgoing links.
The internet has a number of special routing protocols, using some shortest path algorithm to
decide the shortest path from each router to every destination.
- There are two fundamental approaches to moving data through a network of links and switches:
Circuit switching and packet switching.
In circuit, the resources needed along a path (buffers, link transmission rate) to provide
communication are reserved, in packet s they are not. Telephone is an example of circuit
switching.
- The internet works as a network of networks. It is build on several layers of ISPs (internet service
providers). No ISP is present in every city in the world, rather, the top layer consist of about
10-15 Tier-1 ISPs, which provide to region ISPs and so forth. An ISP can multi-home into an ISP
provider above it self, meaning it connect its router to more than one of the ISP providers
routers. This means that it can continue transmitting data even if one of the providers has a
failure.
- Internet Exchange Point (IXP), a meeting point where ISPs can peer together.
- Processing delay, the time to examine the packets header and determine where to direct it.
Microseconds or less.
- Queuing delay, the time while a packet waits to be transmitted onto the link.
In practice it varies between micro- to milliseconds.
- Transmission delay, a packet can only be transmitted after all before-coming packets have
been transmitted. The delay is the bit-length of packet/transmission rate between router A and B.
(L/R)
micro- to milliseconds.
- Propagation delay, the time required to propagate from A to B. Depends on the medium which
it travels trough. The delay is the distance/propagation speed.
- A layer n protocol can be distributed among the end system, packet switches and other
components of the network.
- One drawback of this layering model is that one layer might duplicate lower-level functionality.
- Five-layer internet protocol: Physical - Link - Network - Transport - Application
Application layer, here lies HTTP, SMTP and FTP. A packet of information at this level is called
message.
Includes the IP Protocol. All network layers must run the IP Protocol. This layer is often
referred to as the IP-layer.
Link layer, this layer routes a datagram trough all the routers from sender to receiver. At each
node the network layer passes the datagram down to the link layer who which then delivers it
to the next node along the route. A packet at this level is called a frame.
Physical layer, moves the individual bits from one node to another.
- When taken together, the protocols of the various layers are called the protocol stack, like the
internet protocol stack above.
- Worms are malware that can enter a device without explicit interaction.
- A packet sniffer stores a copy of every packet that flies by it.
Because packet sniffers are passive they are hard to detect.
Use encryption, because it is likely that someone is reading your packets.
1960s, trough the development of TCP and IP and into the internet explosion in the 1990s when
the world wide web first popped up.
- When designing a network application one must choose an application architecture to use.
Normally one would use either Client-server architecture or peer-to-peer architecture.
- We always label one of the communicating parts as a client and the other as host. On a p2p
architecture, the host that is downloading is labeled as client and the one uploading is labeled as
server.
- We talk about client and server processes and the communication between two processes
operating on divergent end systems. A process sends and receives messages trough a software
interface called a socket. A process can be seen as a house and the socket as its door.
- A socket is the interface between the application layer and the transport layer within a host. It is
also referred to as the Application Programming Interface (API)
- The internet provides more than one transport-layer protocol, so you have to choose which one
to use. You choice is based on what your application needs, we can broadly classify the possible
services along four dimensions:
reliable data transfer
- If a protocol guarantees that sent data is delivered correctly and completely to the other end
of the application it is said to provide reliable data transfer.
- Some loss-tolerant applications, like multimedia, doesnt need this.
throughput
- The transport-layer protocol can guarantees a certain amount of throughput. Applications
that have throughput requirements are said to be bandwidth-sensitive applications
(Multimedia), the ones who does not are called elastic applications (mail, file transfer).
timing
- Guarantees that bits pumped into the socket arrives at the receiving end in no more than,
for example, 100 msec later. This is good for real-time applications (Skype).
security
- Encryption and decryption.
- The internet provides two types of transport-layer protocols, TCP () and UDP (User datagram
protocol).
data begins to flow. After a handshake a TCP connection is said to exist between the two.
Messages can be sent both ways at the same time during a connection.
The communication process can rely on CP to deliver all data sent with our error and in the
proper order.
- UDP is a no-frills, lightweight transport protocol, providing minimal services.
UDP is connectionless, so there is no handshaking.
It does not provide reliable data transfer, so data may be lost and may arrive out of order.
- Todays internet cannot provide any timing or throughput guarantees, but there are services that
provide satisfactory service for applications in need of such guarantees. More in chapter 7.
and therefore in the public domain, for example HTTP. If a browser follows the HTTP RFC then it
will be able to retrieve web pages from any server also following the rules of HTTP RFC.
- It is important to distinguish between network applications and application-layer protocols. An
application-layer protocol is only a piece of a network application.
An example is the Web consisting of many components: a standard for document format
(HTML), web browsers, web servers, and an application-layer protocol (HTTP).
program and server program, operating on different end systems, talk to each other by
exchanging HTTP messages. HTTP defines the structure of these messages and how they are
exchanged.
- HTTP uses TCP.
- The socket interface is the door between the client and the server. The client sends HTTP
request to the socket interface and receives HTTP responses back.
- The server does not store any state information about the client, so if a client requests the same
file twice in a row the server will respond with the same file twice instead of saying 'I just sent
you that file'. HTTP is said to be stateless protocol
- Using TCP the developer must decide on either sending all request/responds on one TCP
connection or use separate TCP connections for each request. E.g persistent connection or
non-persistent connection.
- The first line is called the request line, the subsequent lines are called the header lines. The
request line has three fields: method, URL and HTTP version.
- It has three sections: a status line, six header lines and then the entity body. The status line
has three fields: protocol version, status code and corresponding status message.
- HTTP uses cookies, this makes it possible for a website to keep track of users. There is a cookie
header line in both the request and response, on the users end system there is a file keeping
track of the cookies and backend there is a database also keeping track.
opposite side of the world compared to the receiver, a TCP connection is made directly between
the two. If the receivers server is down, the message is kept in the senders mail server queue
until it can be sent.
- A mail access protocol (POP3, IMAP) is used to transfer mail from the recipients mail server to
the recipients user agent.
- IMAP is used to create a remote folder structure which can be accessed with more than one
device. It has commands that permit a user agent to obtain only parts of messages, this is good
if there is a low bandwidth and the user only wants to download say the head of each mail.
- When using web mail the user communicates with the mail server using HTTP.
- DNS is also used for Host aliasing, Mail server aliasing and Load distribution. The latter
meaning that the server retrieving IP address of a busy site (distributed over more than one
server) rearranges the order so that user are distributed over all the IP addresses of that site.
- DNS also uses caching, since IP addresses often are changed the cache is refreshed after a
certain amount of time (usually two days). The time is decided based on the type.
- Read more on page 164-170.
- The distribution time is the time it takes to get a copy of the file to all N peers.
Read about formula on p. 172.
- DHTs (distributed hash tables), each peer will only hold a small subset of the totality of the key,
value pairs.
'open' because all rules specifying its operations are well known. If one developer programs
the server program and one programs the client program, they will work together if they both
carefully follows the rules of the RFC.
The other type is a proprietary network application. Client and server program employ an
application-layer protocol that has not been published in any RFC.
- You have to choose between UDP or TCP.
- Using UDP a destination address must be attached to the packet before it can be pushed out the
door. When a socket is created a port number is attached to it, this number as well as the IP
address of the receiver is what is used in the destination address. Example with code on page
186.
- Using TCP we cannot just send packets out the door, TCP i a connection-oriented protocol so
there needs to be a handshake. With the TCP connection established one side just drops the
packet it wants to send into the TCP connection via its socket (Not like UDP where a destination
needed to be attached). With the server running the client can initiate a TCP connection by
creating a TCP socket specifying the server address. When the socket is established the client
initiate a three-way handshake and establishes a TCP connection with the server. The three-way
handshake takes plays in the transport-layer and is invisible to the client and server programs.
- The transport layer turns the application-layer messages into transport-layer packet, known as
transport-layer segments.
- The transport-layer moves messages from application processes to the network edge (network-
layer), it doesnt have anything to do with how the messages are moved within the network core.
Consider the example with the two families sending letters to each other, each family has one
person who is responsible for collecting and sending (via the postal service) outgoing letters and
distributing incoming letters to the right persons. This person is like the transport-layer protocol
and the postal service is like the network-layer protocol.
- The possible services a transport-layer protocol can provide are often constraint by the networklayer protocol. If the postal service cannot guarantee a certain maximum delivery time, nor can
the responsible person in each household.
- TCP provides reliable data transfer using flow control, sequence numbers, acknowledgments,
and timers. TCP converts IPs unreliable service between end systems to reliable service
between processes.
- TCP also provides congestion control, meaning links and routers in the connection wont get
swamped with excessive amount of traffic. This is done by regulating how much the sending side
of the connection can into the network.
the right socket, it does this by examining a set of fields which each transport-layer segment has.
This job of delivering transport-layer segments to the correct socket is called demultiplexing.
The job of gathering data chunks at the source host from different sockets, encapsulating eachh
data chunk with header information to create segments, and passing them to the network-layer
is called multiplexing.
Transport-layer multiplexing requires that sockets have unique identifiers and that each segment
have special fields that indicates the socket which it is to be delivered. These fields are named
the source port number field and the destination port number field.
Using UDP this process is straight forward. The client wraps the message in a destination
address containing IP address and port number to the recipient, the network layer encapsulate
the segment in an IP datagram and makes a best-effort to deliver it. If it reaches its destination,
the transport layer of that host reads the destination port number and forwards it to the socket
identified by that port number.
The difference with TCP is that it uses a four-tuple (source IP address, source port number,
destination IP address, destination port number) when demultiplexing an incoming segment.
- If, in addition to losing bits, the underlying channel also can lose packets as well, we have more
concerns to address. Namely, how to detect packet loss and how to handle it.
We can handle it by using checksum, sequence number, ACK packets and retransmission,
just like above. The detection is handled by the sender. A retransmission wait-time is set, the
number is based on probability and statistic, so if that time passes without the sender
receiving an ACK the probability that the packet is lost is high and the packet is therefore
retransmitted. This sometimes leads to duplicate packets, but we can handle that ass
described earlier.
- We have now assembled the key elements of a data transfer protocol: checksum, sequence
number, timers, ACK and NAK. We now have a working reliable data transfer protocol.
- This stop-and-wait system introduced is slow! If we introduce pipelining we can speed up the
process. Pipelining has the following consequences for reliable data transfer protocol:
The range of sequence number must be increased.
The sender and receiver sides of the protocols may have to buffer more than one packet.
The range of these two will depend on the manner in which a DTP responds to lost, corrupted
and overly delayed packets. The two basic approaches are Go-back-N and selective repeat.
- In a Go-Back-N (GBN)
- The GBN protocol allows the sender to potentially fill the pipeline with packets, which is good.
But GBN can in some scenarios itself suffer from performance problems. If the window size and
bandwidth delay are both large, a single packet error can cause GBN to retransmit a large
number of packets.
between host A and host B, data can flow freely both ways at the same time. It is also point-topoint, that is, between a single sender and a single receiver.
- When data comes through the door, TCP places it in the send-buffer. The maximum amount of
data that can be grabbed from this buffer and placed in a segment is limited by the maximum
segment size (MSS).
- The TCP segment consist of header fields and a data field. The data field contains a chunk of
application data.
- Two of the most important fields in the TCP segment header are the sequence number field and
the acknowledgment number field. The sequence number for a segment is the byte-stream
number of the first byte in the segment.
- TCP only acknowledges bytes up to the first missing byte in the stream, TCP is said to provide
cumulative acknowledgments (if 0-500 and 1000-1500
has been received, it still says it is waiting for 501).
- Each time TCP retransmit it sets the timeout interval
to twice the previous value. When the timer is
started again after a successful transmit it is again
derived from recent values of estimatedRTT and
DevRTT. This provides a limited form of
congestion control.
- When a TCP connection is established a flag-bit in the header called SYN is set to 1. This
indicates that a connection is being set up. on the third message (the second from client to
server) and for the rest of the connection lifetime the SYN bit is set to 0.
- For the connection to be closed both Hosts must send a segment containing a FIN bit set to 1
and both must acknowledge the other hosts shutdown message.
- TCP perceives the amount of congestion and adjust its send rate accordingly. This is done by
looking at the number of loss events (either a timeout or three duplicate ACKs).
- TCP starts slow and increases the sending rate every time a segment is acknowledged, it does
this until a loss event occurs.
- More about the three phases (slow start, congestion avoidance and fast recovery) on page 301.
- Tcps congestion control consist of linear increase in cwnd (congestion window size) of 1 MSS
(maximum segment size) per RTT and then halving of cwnd on a loss event. TCP congestion
control is therefore often referred to as an additive-increase, multiplicative decrease (AIMD)
form of congestion control.
- Packet switch
A device that transfers a packet from input link interface to output link interface.
For ex. a link-layer switch and a router.
- In some computer networks there is a third network-layer function (the first two are forwarding
and routing), connection setup. Some network-layer architectures require the routers on the
path from sender to receiver to handshake before data is sent. Much like the three-way
handshake.
ATM, frame relay and MPLS.
- CBR (constant bit rate) ATM (asynchronous transfer mode ) network service
delay, variability in end-to-end delay (jitter) and the fraction of cells that are lost or delivered
late are guaranteed to less than a specified value.
- A VC consist of a path(links and routers) between source and host ,VC numbers, in number for
each link along the path, and entries the forwarding table in each router along the path. A packet
belonging to a VC will carry a VC number in its header. Because a virtiual circuit may have a
different VC number on each link, each intervening router must replace the VC number of each
traversing packet with a new VC number. The new VC number is obtained from the forwarding
table.
- Three phases in a virtiual circuit:
VC setup
Data transfer
VC teardown
- Datagram networks
Networks that only provide connectionless services.
- VC and DN are two fundamental classes of computer networks.
Each time an end system wants to send a package it stamps it with the address and sends it
into the network.
Each router has a forwarding table that links destination addresses to interfaces.
because forwarding tables can be modified any time, different packages sent from one system
to another can take different routes trough the network.
- The lookup function is also performed here (consulting the forwarding table).
Switching fabric.
- Connects the input ports to the output ports.
Output ports.
- Stores packets received from the switching fabric and transmits these packets on the
outgoing link by performing the necessary link-layer and physical-layer functions.
Routing processor.
- Execute the routing protocols, maintains routing tables and attached link state information
and commutes the forwarding table for the router.
- A routers input ports, output ports and switching fabric together implement the forwarding
function and are almost always implemented in hardware. These are often collectively referred to
as the router forwarding plane.
operating system. This was done in the simplest and earliest routers, but is still being used
with some modifications.
switching via a bus. An input port transfers a packet directly to the output port over a shared
bus, without intervention by the routing processor. This is normally done by attaching some
header information with output port number. The packet is received by all ports but only the
one matching the header will keep it. Only one packet can use the bus at any given time.
switching via an interconnection network. A crossbar switch is an interconnection network
consisting of 2N buses that connect N inputs ports to N output ports. Each vertical bus
intersects each horizontal bus at a crosspoint, which can be opened or closed at any time by
the switch fabric controller.
- Output port processing takes packets that have been stored in the output ports memory and
transmits them over the output link. This includes selecting and equeueing packets for
transmission, and performing the needed link-layer and physical-layer transmission functions.
- A consequence of output port queuing is that a packet scheduler at the output port must choose
one packet among those queued for transmission. This can be done in either a simple manner or
width some weighting taken in to consideration.
- The maximum amount of data that a link-layer frame can carry is called the maximum
transmission unit (MTU), since IP datagrams are encapsulated inside link-layer frames the MTU
places a hard limit on the length of IP datagrams.
- Because of this a datagram might suddenly be to big to be sent over a link on the route. The
solution then is to fragment the datagram into two or more smaller datagrams. Each of these
smaller datagrams are referred to as a fragment. The job of reassembling is given to the end
systems, so that the network core is kept simple. The identifier, flag and fragmentation offset is
used to determine how to piece things back together. The last fragment has the flag bit set to 0,
the rest has it set to 1. If one or more of the fragments are lost the incomplete datagram is
discarded and not sent to the transport layer.
- A host typically only has one link into the network. The boundary between the host and the
physical link is called an interface. Because a routers job is to pass datagrams from one link to
another it must necessarily have atlas two links and therefore more than one interface. IP
requires each host and router interface to have its own IP address. Thus, an IP address is
technically associated with an interface, rather than with the host or router containing that
interface.
- IP addresses are managed under the authority of the Internet Corporation for Assigned
Names and Numbers (ICANN). ICANN also manages the DNS root servers.
- The NAT (network address translation) router behaves to the outside world as a single device
with a single IP address. Every home device connected to the NAT router sends data to the
internet trough the same IP address. In practice the NAT-enabled router is hiding the home
network from the outside world. The router know which internal host to direct incoming data to
base on the NAT translation table and port numbers as well as IP addresses in the table
entries. Many people object to the use of NAT because ports should be used for addressing
processes, routers are supposed to process packets only up to layer 3, and the NAT protocol
violates the so-called end-to-end argument (hosts should be talking directly to each other). They
also say that we should use IPv6 to solve the lack-of-addresses problem.
- NAT interfere with P2P because a TCP connection cant be set up with a host inside a NAT,
because it cannot act as a server (that is, a hack called connection reversal solves this problem,
UPnP).
- Internet Control Message Protocol (ICMP) is used by hosts and routers to communicate
network-layer information to each other. ICMP messages have a type and a code field, and
contain the header and the first 8 bytes of the IP datagram that caused the ICMP message to be
generated (for example an error message when a router does not find a route to your
destination).
- Transitioning from IPv4 to IPv6 is hard because IPv4-capable systems are not capable of
routers. Looking at in like a graph with weighted edges, it all boils down to finding the shortest
path. It is a little more tricky than a simple shortest path algorithm, because there are more
factors playing a role. For example datagrams from a host in network A should not be sent
through network B, but rather through C and so forth.
- A routing algorithm is either global or centralized.
A global routing algorithm computes the least-cost path using complete, global knowledge
about the network. Referred to as link-state (LS) algorithms, since the alg. must be aware of
the cost of all links in the network.
In a decentralized routing algorithm, the calculation of the least-cost path is carried out in
an iterative, distributed manner. No node has complete information about the cost of all
network links. Instead, each node begins with only the knowledge of the cost of its on directly
attached links. Referred to as a distance-vector (DV) algorithm.
- A routing algorithm can also be classified as either static (slow changing, manually by humans)
or dynamic (fast changing, runs either periodically or topological).
- It can also be either load-sensitive or load-insensitive. In a load-sensitive algorithm the link
cost vary dynamically based on the amount of congestion.
- The details of provided services can vary from one link-layer protocol to the next. Possible
- The link layer is implemented in a network adapter, also sometimes known as a network
interface card (NIC).
- Most of the link layer is implemented in hardware, but a part is implemented in software that runs
on the hosts CPU. The software components of the link layer implement higher-level link-layer
functionality such as assembling link-layer addressing information and activating the controller
hardware.
- The link layer is the place in the protocol stack were hardware meets software.
receiver to both detect and correct errors is known as a forward error correction (FEC). FEC
reduces the number of retransmissions.
Checksumming Methods. The d-bits data are treated as a sequence of k-bit integers. They are
summed and the sum is used for error detection. The Internet checksum is based on this
technique. Checksumming requires little overhead (TCP/UDP checksums uses only 16 bit).
This is mostly used in the transport-layer because error detection is implemented in the
software and therefore needs to be executed fast, but in the link-layer it is the hardware doing
the job and it can work much faster, therefore a better method is used (CRC).
Cyclic redundancy check (CRC). CRC codes operates as followed. Consider the d-bit piece
of data, D, that the sending node wants to be send to the receiving node. The sender must
first agree on an r + 1 bit pattern, known as a generator, which is denoted G. The key idea is
that for a given amount of data, D, the sender will choose r additional bits, R, and append
them to D such that the resulting d + r bit pattern is exactly divisible by G (no remainder) using
modulo-2 arithmetic. When the data reaches the receiver it checks to see if this is still the
case, if not it knows an error has occurred.
- A broadcast link can have multiple sending and receiving nodes all connected to the same link.
Here we have the multiple access protocols. Almost all MAPs can be classified as either
channel partitioning protocols, random access protocols or taking-turns protocols.
- Channel partitioning protocols. Recall from section 1.3 that time-division multiplexing and
frequency-division multiplexing are two techniques that can be used to partition a broadcast
channels bandwidth among all nodes sharing that channel. TDM divides time into time frames
and further divides time frames into N time slots. Slot sizes are chosen so that a single packet
can be transmitted during a slot time. This is not good when a node has to wait for its turn even
though it is the only node sending frames.
- FDM shares both the advantages and drawbacks of TDM.
- A third option is code division multiple access (CDMA). CDMA assigns a different code to
each node, making it possible for them all to send data at the same time.
- In a random access protocols, a transmitting node always transmits at the full rate of the
channel, R bits. When there is a collision, each node involved repeatedly retransmits its frame
until its frame gets through without a collision. Each node waits a random amount of time before
retransmitting.
- One RAP is slotted ALOHA. It devides time into slots. When a node has a frame to send it waits
until the start of the next slot and sends the frame, if there is a collision it is detected before the
slots end and retransmitted in the next slots with a probability of p ( between 0 and 1). A slot
which exactly one node transmits is called a successful slot. The efficiency of ALOHA is based
on the percentage of slots being successful slots.
- In the carrier sense multiple access (CSMA) and CSMA with collision detections (CSMA/CD)
carrier sending (listen before speaking) and collision detecting (if someone else begins
talking at the same time, stop talking) are both embodied.
- The efficiency of CSMA/CD is the long-run fraction of time during which frames are being
transmitted on the channel without collisions when there is a large number of active nodes, with
each node having a large number of frames to send.
- With taking turn protocol there is always one node transmitting R bps. There are ceveral taking-
turn protocols.
Polling protocol. One node is designated as a master node and polls each of the nodes in a
round-robin fashion. The master node tells node 1 that it can transmit up to a maximum
number of frames, next it does the same with node 2 (the master node can determine when a
node has finished by observing the lack of signals on the channel). This eliminates the
collisions and empty slots delay, but has a few drawbacks: a polling delay, and if the master
node fails the entire channel becomes idle.
Token-passing protocol. There is no master node. Instead a token (I can send) is passed
between the nodes. A node only keeps the token if it has frames to send. Still we have the
problem of a single node failing causing the entire channel to crash.
- Consider the case where a host wants to send a datagram to another host on another subnet.
The sending host must first send the datagram to the router interface on the router connecting
the to subnets, so the frame needs to include that address. It also needs to include the address
of the receiving host in the other subnet, but the sender does not know the MAC address so it
uses the IP address. The interface on the 'correct side of the router (which has its own ARP
table) finds the matching MAC address and forwards the datagram to the correct host in the
other subnet.
twisted-pair copper wire. A hub is a physical-layer device that acts on individual bits rather than
frames. When a bit arrives from one interface, the hub simply re-creates the bit, boosts it energy
strength, and transmits the bit onto all the other interfaces.
- in the 2000s the hub was replaced with a switch, which was collision-less. More on the switch
later.
- The sending adapter encapsulates the IP datagram with an Ethernet frame and passes the
frame to the physical layer. The receiver extracts the datagram and passes it to the network
layer.
- The fields of the Ethernet frame are:
Data field. Carries the IP
datagram. The maximum
transmission unit (MTU) of
Ethernet is 1500 bytes.
Destination address. Contains
the MAC address, 6 bytes.
Source address. MAC address
of the sending adapter.
Type field. The receiving
adapter needs to know which
network-layer protocol (it doesn't have to be IP) it should pass the content of the data field.
Cyclic redundant check. Used to detect bit errors in the frame.
Preamble (8 bytes). The first 7 bytes has a value of 10101010 and the last is 10101011. The
first 7 serve to 'wake up' the receiving adapters and to synchronize their clocks. The last to
bits of the 8 byte says 'important stuff is coming'.
- All of the Ethernet technologies provide connectionless service. It is also unreliable. It does
retransmit only if the application uses TCP.
- The Ethernet standard includes the CSMA/CD protocol. But in a switch-based Ethernet LAN
there are no collisions and, therefore, there is no need for a MAC protocol.
- Link-layer switch. The role of the switch is to receive incoming link-layer frames an forward them
onto outgoing links. The switch itself is transparent to the hosts and routers in the subnet. The
rate of which frames arrive to any of the switchs output interface may exceed the link capacity,
to handle this the output interfaces have buffers.
- Filtering is the switch function that determines whether s from should be forwarded or dropped.
Switch filtering and forwarding is done with a switch table. An entry in the switch table contains
a MAC address, the switch interface that leads towards the MAC address and the time that the
entry was placed in the table. Note that switches forward packets based on the MAC address
rather than on IP addresses. When the switch receives a frame from interface x with a MAC
address, it uses that address to lookup its table, there is three possible outcomes:
There is no entry with that MAC address. In this case the switch broadcasts the frame.
There is an entry in the table, associating the MAC address with interface x. Because the
MAC address belongs to a adapter in the LAN segment it came from there is no need to
forward it, and it is dropped.
There is an entry in the table, associating the MAC address with interface y != x. The frae
forwards the frame to interface y.
- The switch table is built automatically, dynamically and autonomously, switches can be said to
be self-learning. The table is initially empty, but for each incoming frame the switch stores the
MAC address from the source field, the interface it came from and the time. The switch deletes
an entry if no frames are received from that address after some period of time (the aging time).
- Switches are also full-duplex, meaning they can send and receive at the same time.
- cons
The active topology is restricted to a spanning tree to prevent cycling of broadcasted
frames.
A large switch network would require a large ARP table, causing a substantial amount of
RP traffic and processing.
Susceptible to broadcast storms - if one host goes crazy and transmits an endless
stream of frames the switch would forward all of these frames, causing the entire network
to collapse.
Now consider routers
- pros
Packets do not normally
cycle because of the
hierarchical structure.
Not restricted to a spanning
tree, can therefore use the
best way from host to host.
Provide firewall protection
against broadcast storms.
- cons
Not plug-and-play. The host
that connect to them need
their IP address to be configured.
Has a larger per-packet processing time than switches.
- Virtual local area networks (VLANs) solves three problems (Lack of traffic isolation, inefficient
use of switches, managing users) of LAN. The VLAN can be set up and easily configured by a
network manager. Say a company is using this to split up its network into different VLANs. They
are then isolated and cannot send messages to each other. This problem is fixed by using a
single device that contains both a VLAN switch and a router. The router can then receive from
one department and forward it to another department. (read page 510 for a clearer picture)
- A more scalable approach to interconnecting VLAN switches is known as VLAN Trunking. The
trunk port belongs to all VLANs, and frames sent to any VLAN are forwarded over the trunk link
to other switches. The standard Ethernet frame has a four-byte VLAN tag that carries the identity
of the VLAN to which the frae belongs. The tag is added into the frame by the sending switch
and processed and removed by the receiving switch. .
using a fixed-length label. Another advantage is that a router using MPLS knows more than one
way through the network (with IP only one way is stored in the table), therefore a form of traffic
engineering can be done.
- MPLS has been used to implement virtual private networks (VPNs)
- When Bob types www.google.com into his web browser, the laptop starts by creating a TCP
socket that will be used to send the HTTP request. In order to create the socket he will have to
know the IP address of google. DNS provides this.
- Read all steps on page 523-526.
Base station. A base station is responsible for sending and reviewing data to and from a
wireless host that is associated with that base station. Host associated with a base station is
often said to be in infrastructure mode. When a mobile device moves between areas it often
have to change base station, this process is called handoff.
Network infrastructure. This is the larger network with which a wireless host may wish to
communicate.
- At the highest level we can classify wireless network according to two criteria: (1) whether a
packet in the wireless network crosses exactly one wireless hop or multiple wireless hop. (2)
whether there is infrastructure such as a base station in the network:
Single-hop, infrastructure-based.
Single-hop, infrastructure-less.
Multi-hop, infrastructure-based
Multi-hop, infrastructure-less
replace the hosts wired Ethernet interface. No changes would be needed at the network layer or
above.
We can find several differences in the link layer:
Decreasing signal strength. Electromagnetic radiation loses strength as i passes through
material, even just the air.
Interference from other sources.
Multipath propagation occurs when portion of the electromagnetic wave reflect off objects and
the ground, taking paths of different lengths between a sender and receiver. This results in
blurring of the signal.
This means that bit errors are more common in wireless networks. Therefore, wireless link
protocols employ both powerful CRC error detection
codes and link-level reliable-data-transfer protocols
that retransmits corrupted frames.
The signal-to-noise ratio (SNR) is a relative
measure of the strength of the received signal and
this noise. A larger SNR makes it easier for the
receiver to extract the transmitted signal from the
background noise.
The hidden terminal problem and fading of a
signals strength is when two stations, A and C, are
both sending to station B. A and Cs signals are not
strong enough to detect each others transmission,
yet they are strong enough to interfere with each
other at station B.
- CDMA encodes the data being transmitted so that different senders can still send on the same
frequency and at the same time. The receiver has the 'key that unlocks the message.
- Each wireless station needs to associate with an AP before it can send or receive network data.
- When a network administrator installs an AP, the administrator assigns a one- or two-word
Service Set ID (SSID) to the access point.
- A WiFi jungle is a is any physical location were a wireless station receives a strong signal from
two ore more APs.
- APs regularly sends beacon frames, including SSID and MAC address. The wireless station on
a device scans the 11 channels looking for those beacons and that is how it finds out which
wireless networks are available.
- Inspired by Ethernet and its random access protocol, wireless LAN uses a random access
protocol referred to as CSMA with collision avoidance (CSMA/CA). "carrier sense multiple
access", meaning that each station senses the channel before transmitting, and does not
transmit when the channel is busy. Due to hidden terminal problem and fading this is not
straightforward but the steps below explains the process.
Distributed Inter-frame Space (DIFS) is the time from the station senses the channel is idle
until it start sending a frame.
If it is not idle, a random backoff value is chosen. This value is counted down while the
channel is idle, if it is busy the time is frozen.
When the counter reaches zero the station transmits and wait for an acknowledgment.
If an acknowledgment is received and the station has more frames to send it starts at step 2. If
it is not received the station reenters the backoff phase in step 2, with the random value
chosen from a larger interval.
- Differently from CSMA/CD the CSMA/CA protocol does not start sending at the moment it
senses the channel to be idle, it counts down the backoff time
first. This is done because CSMA/CA cannot detect collision
and if two channels start sending at the same time then they
will both send the entire frame (and collide), waisting a lot of
time. This can also lead to collision if the two stations are
hidden rom each other or they chose backoff times that are
close to each other.
- UDP uses normally a small client-side buffer holding no more than a second of video.
- UDP encapsulate the data chunk within transports packet designed for transporting video
and audio, using the real time transport protocol (RTP).
- The client also sends messages to the server with info regarding pauses, resume,
- The video is simply stored in an HTTP server as an ordinary file with a specific URL.
- A full client application buffer indirectly imposes a limit on the rate that video can be sent
from server when streaming over HTTP.
- HTTP make use of the HTTP byte-range header in the HTTP GET request message, it
specifies the range of bytes the client currently wants to receive. This is useful when jumps
in the video is performed.
Dynamic
Adaptive HTTP streaming (DASH)
- In DASH, the video is encoded into several different version, with different qualities level.
- The client dynamically request chunks of video segment of a few seconds in length from the
different versions based on its current bandwidth.
- Each version is stored in the HTTP server, each with a different URL. The server also has a
manifest file with its different versions and the related bandwidth . The client request this
file and learns which version it should use when.
- The two latest are the most used.
- Client buffering is when the client stores a part of the video not yet shown in the buffer, to
absorb variations in server-to-client delay.
7.3 Voice-over-IP
- Most existing VoIP runs over UDP, including Skype (unless the user is behind a firewall blocking
UDP).
- The time from when a packet is generated at the source until it is received at the receiver can
fluctuate from packet to packet. This phenomenon is called jitter. Jitter can often be removed by
adding sequence number, timestamps and a playout delay.
- It is not easy to recover from packet loss and retransmitting lost packet may not be feasible in a
real-time conversational application such as VoIP.
- Because of this VoIP often uses some sort of loss anticipation scheme:
Forward Error Correction (FEC). The basic idea of FEC is to add redundant information to the
original packet stream. For the cost of marginally increasing the transmission rate, the
redundant information can be used to reconstruct approximations or exact versions of some of
the lost packets.
Interleaving. Meaning sending unit 1,5,9,13 in one chunk and 2,6,10,14 in another. This
means that if one chunk is lost then it is less noticeable. This increases latency and may
therefore be better for streaming stored audio.
Error concealment. The packet that came before the lost packet is duplicatet and replaces the
lost packet.