Internet of Things

Module 4: Wired
UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN
Is wireless enough?
• Wireless communication isn’t appropriate for long distances,
low-latency, high reliability, high-bandwidth, etc.

Office building IoT Mobile and infrastructure Service Infrastructure

backhaul
Wired Networking Introduces New
Challenges
• First line of defense from public internet
• Larger sizes
• Distributed over wide areas
• High bandwidth, reliability; low-latency

• We will learn technologies used to solve these

challenges
• How to configure and use them
Reference Architecture:
Smart Home IoT Protocols (Zigbee, Zwave,
BTE, WeMo, Thread, etc.)
IoT Hub

• Controlled devices
connected to 802.11
(Wifi)
“gateway”/“hub” Hue SmartBulb

• Currently, few accepted Wifi

Access

industry standards Point (to DOCSIS

Headend)

• Poor documentation hinders Ethernet

(wired)
DOCSIS
independent development Cable Modem
802.11
• Poor release/patching SmartFridge
(Wifi)

practices lead to security

issues
• Estimated 87% of devices
vulnerable Smart Lock Laptop
 Reference Architecture: Smart Building
Intra-building
Switches
(Ethernet/IP
Routing)

Per-Floor
Distribution
Switches
(Ethernet)

Building
Management Lighting Alarm Security
System (BMS) Controller Panel Headend

Variable Air CCTV Communication

Volume (VAV) DALI Pull Hubs,
Interface Station Controllers, and
Devices (BACnet,
Building Operations Center Fan Coil Unit Fingerprint/
Zigbee, BPL, Wifi,
(FCU) Access Card
Smoke/ etc.)
Occupancy
Sensor Therm (Power over
Sensor Ethernet: PoE)
Heat Pump Door
Controller

Horn/ Microwave/
Chilled Beam Lights IR/Laser Sensor
Strobe

Energy and Lighting Fire Alarm Access

Power Metering Control System Control
 Reference Architecture: Smart City
Emergency Plan Command

Applications
border E-Governance
routers firewall IPS
Fiduciary/Accounting
3rd Party/Citizen Apps
Internet
IP Core
(Ring)

IPS
firewall

Service Data center/Cloud

Domains
(computing, data, analysis)

Electrical power Traffic control Critical services Medical services Operation center
services (smart grid, (monitoring, (fire, police, (hospital,
smart metering) parking) security) paramedics,
medivac)
[title: Enterprise
Networking]
[week X: video X]
[status: done]
How Layer 2 and Layer 3 Networking Fit
Together To upstream ISPs or
regional IP backbone

Core (Layer 3
forwarding)
IP backbone
(ISP, intra-network
backbone, VPN)

Edge (Layer 2
forwarding)
Ethernet Ethernet Ethernet

Site 1 Site 2 Site 3

To end devices or
local networks
Ethernet (Layer 2) vs. IP (Layer 3) Routing
• Ethernet is “plug and play”
• Easy to build networks
• May optionally configure ACLs, SSIDs (wireless), spanning tree
properties, etc.

• Each host assigned a topology independent MAC address

• E.g., 00-14-22-01-23-45

• Uses “dumb” flooding (broadcast) to get packets where they

need to go
• Less efficient than link-state (unicast)
L2 Switching vs. L3 Routing:
Routing Proactively Builds State
Dest Nexthop Dest Nexthop
Control 17.0.0.0/24 fe3/0 17.0.0.0/24 fe0/1
Messages

0D:73:CA:F3
Dest Nexthop
17.3.6.2
17.0.0.0/24 fe0/1

F5:5A:21:03
Dest Nexthop
29.51.130.9
17.0.0.0/24 fe7/1
Hey everybody –
I own Dest Nexthop
17.3.6.0/24! 17.0.0.0/24 fe0/0
L2 Switching vs. L3 Routing:
Switching Relies on Broadcast
Dest Nexthop
Data 0D:73:CA:F3 fe0/1
Messages

0D:73:CA:F3
17.3.6.2

F5:5A:21:03
29.51.130.9

Here is a data Say… I received a data packet with src MAC

packet I want to address 0D:73:CA:F3 on fe0/1… next time I
send to F5:5A:21:03! get a packet destined to 0D:73:CA:F3 I know
what direction they are…
Ethernet Forwarding
Dst=F0:4D:A2:3A,
Ethernet Payload (Data)
Src=0D:73:CA:F3
Frame
Cable

End Host

0D:73:CA:F3

Switch

• Problem: Broadcast Storms F0:4D:A2:3A

• How to flood with stateless switches?

13
Ethernet Forwarding
Root Switch

0D:73:CA:F3

• Solution: Construct a Spanning Tree F0:4D:A2:3A

• Elect a “root” switch; Root-facing ports are active, others disabled

14
 Avoiding Flooding
• Flooding packets throughout network
introduces problems
• Scalability, privacy, resource isolation, lack
of access control

• Scalability requirement is growing

quickly with advent of IoT
• Large enterprises: 50k end hosts
• Data centers: 100k servers, 5k switches
• Metro-area Ethernet: over 1M subscribers

15
Avoiding Flooding
• Suppose source sends a frame to a destination
• Which links should a frame be forwarded on?
• Trivial algorithm
• Forward all frames on all (other) LANs
• Problem: Wastes bandwidth to flood everything everywhere
• Better approach: “Learn” where hosts are
• Listen to broadcasts, remember which direction source is
dest

A B

source
Learning Switches
• Switch learns table entries based on source address
• When receive frame from host on port 1, add host to list of hosts on port 1
• Time out entries to avoid stale entries

• Table is an “optimization”
• Improves performance but is not mandatory

• Always forward broadcast frames Host Port

A 1
Port 1 B 1
A B C Switch C 1
Port 2
X 2

X Y Z Y 2
Z 2
Scaling Ethernet with VLANs PCI
POS
VLAN PCI (credit
HVAC
• Divide up hosts into logical Controls System card) server
groups called VLANs
• Like virtual machines, but for
LANs (creates “virtual networks”)
• VLANs isolate traffic at layer 2
POS System
• Each VLAN corresponds to IP
subnet, single broadcast
domain
• Ethernet packet headers have
VLAN tag
HVAC Room
• Switches forward packet only HVAC Sensors
on subnets on corresponding VLAN
VLAN

18
Virtual LANs
• Downsides of VLANs
• Are (usually) manually configured, complicates network
management
• Hard to seamlessly migrate across VLAN boundaries due to
addressing restrictions

• Upsides of VLANs
• Limits scope of broadcasts
• Logical separation improves isolation, security
• Can change virtual topology without changing physical
topology
• E.g., used in data centers for VM migration
How VLANs Are Configured
Access ports
VLAN 2

Trunk ports
VLAN 1

• LAN switches can configure ports as access ports or trunk ports

• Access ports append tags on packets
• Trunk ports can multiplex several VLANs
• VLAN membership typically encoded (statically) in access switch’s
configuration file
20
How VLANs Are Implemented

• Packets are annotated with 12-bit VLAN tags

• Defined in VLAN specification (IEEE 802.1Q)
• Up to 4096 VLANs can be encapsulated within a single VLAN ID
21
How VLANs Are Implemented

• 802.1Q defines a few other fields too

• Ethertype of 0x8100 instructs switch to decode next 2 bytes as VLAN header
• 3 bits of priority (like IP ToS)
• 1 bit for compatibility with token ring
22
How VLANs Are Implemented

• What if 4096 VLANs aren’t enough?

• QinQ (802.1ad) – can encapsulate VLANs within VLANs by stacking VLAN tags
• Up to 4096 VLANs can be multiplexed within a single VLAN ID 4096^2
combinations
23
How VLANs Are Implemented
Access ports
VLAN 2

Trunk ports
VLAN 1

• Native mode
• IEEE likes to make specs that are backwards compatible
• 802.1Q allows trunk ports to carry both tagged and untagged frames
• Frames with no tags are said to be part of the switch’s native VLAN
24
Encapsulation
Encapsulation

• Each layer of protocol stack encapsulates data passed to it

• Each forwarding layer inspects data only at that encapsulation layer
• Switching only looks at Ethernet header, routing only looks at IP header, etc.
• Terminology: “Layer-3 switch,” “Layer-4 load balancer,” “Layer-7 load balancer”
 Ethernet Header
56-bit pattern used Destination Who sent
to sync clocks of this frame this frame

Priority (PCP)
Protocol ID DEI VLAN Identifier (VID)
1 (background), 0 (best-effort, default), 2
Set to 0x8100 to Indicates if frame 12 bits allows for 4096 VLANs
(excellent effort), 3 (critical application), 4
identity frame as a can be dropped 802.1ad allows for double
(video), 5 (voice), 6 (internetwork control),
802.1Q-tagged frame during congestion tagging
7 (network control)
 Used
Nobody really uses

IPv4 Header Offset of this

Explicit Congestion Length of IP fragment from
IP Version Size of Diffserv marking Notification: router header plus start of original
number (4) header (QoS priority) signals congestion user data datagram

Offsets Octet 0 1 2 3
Octet Bit 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

0 0 Version IHL DSCP ECN Total Length

4 32 Identification Flags Fragment Offset

Fragment flags
(Don’t Fragment,
8 64 Time To Live Protocol Header Checksum
More Fragments)
12 96 Source IP Address

16 128 Destination IP Address

20 160
Checksum
24 192
Options (if IHL > 5) computed over
28 224 header
32 256

Counter Identifies protocol Extensible functions: record

Sender/target of
decremented at Fragment # contained in route, source route, router
datagram
each IP hop datagram (e.g., TCP) “alerts,” quick-start, etc.
 Where the first byte of
this packet’s data falls
TCP Header within the entire
sequence of data set on
“address” of sending this connection (byte #). “address” of
application process. Used for reassembly. destination
Client-side may be ephemeral. application process
Next byte sender is
Offsets Octet 0 1 2 3
expecting
Octet Bit 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

0 0 Source port Destination port

Number of bytes
4 32 Sequence number
sender is willing to
8 64 Acknowledgment number (if ACK set) receive
N C E U A P R S F
Reserved
12 96 Data offset
000
W C R C S S Y I Window Size Set if segment
S R E G K H T N N
should be
16 128 Checksum Urgent pointer (if URG set) delivered to
application
20 160 Options (if data offset > 5. Padded at the end with "0" bytes if necessary.) immediately
… ... …
Extensible options.
Location in this Control flags Encryption negotiation,
Error check used in TCP
packet where multipath data,
covering header protocol
header ends and corruption experienced,
and payload data operation
data starts etc.
Data offset: size of TCP header
Addressing
Internet Addressing:
Different Layers Use Different Addresses
URLs (e.g., http://www.cs.Illinois.edu/index.html)
• Identifies “resources” – files, content
Application
Domain names (e.g., illinois.edu)
• Identifies groups of computers under single administrative control

Port numbers (e.g., 143 for IMAP, 22 for SSH)

Transport • Identifies application running on a computer

Networking IP Addresses (e.g., 18.220.149.166)

• Identifies location where a computer’s interface attaches to the Internet

Datalink & MAC Addresses (e.g., 9C-EF-D5-FE-27-72)

Physical • Identifies specific computer interface

 All these addresses are used for end-to-end communication

Medium Access Control (MAC) Address
• Numerical address associated with a NIC
• Flat name space of 48 bits (e.g., 00-15-C5-49-04-A9 in HEX)
• Unique, often hard-coded in the adapter when it is built

• Hierarchical Allocation
• Organizational Unique Identifier (OUI) – first 24 bits
• Assigned to vendors (e.g., Dell) by the IEEE
• Vendor-assigned address – last 24 bits
• Assigned by the vendor

• Broadcast address (FF-FF-FF-FF-FF-FF)

• Send the frame to all adapters
Internet Protocol (IP) Address
• Numerical address associated with connection point to internet
• Hierarchical name space of 32 bits (e.g., 186.36.90.1)
• Network operators make sure they are assigned uniquely

• Hierarchical Allocation
• ICANN (previously IANA) manages global IPv4 and IPv6 space
• ICANN delegates blocks (prefixes) of addresses to regional internet
registries (RIRs)
• APNIC, ARIN, LACNIC, RIPE NCC
• ISPs request blocks from RIRs
• Enterprises and smaller ISPs request blocks from provider ISPs
Address Discovery
• A host starts up knowing only its MAC address

• It must discover some addressing information before it

can communicate with a destination
1. Its IP address
2. Destination’s IP address
3. Next-hop MAC address
a. Destination’s MAC address (if destination is local)
b. First-hop router’s MAC address (if destination is not local)
Address Discovery
• How to discover this address information?
• We have some protocols to do this
• ARP: discovers MAC address for a given IP address
• “Who has IP address XX.XX.XX.XX?”
• DHCP: automatically assigns IP addresses and other
configuration info to network devices
• “Hey, can someone give me an IP address?”
• These protocols run within a single LAN
• Leverage broadcast capability of LAN
Dynamic Host Configuration Protocol
(DHCP)
• Automatically configures host to use the network
• Assigns IP address, subnet mask, DNS server, default gateway
• Clients listen on UDP port 68, servers on port 67

• Information assigned for a lease time

• Information cached in host
• Considered stale and removed after lease time expires

• Defined in RFC 2131

Dynamic Host Configuration Protocol
(DHCP)
Client DHCP
Server
“Can anyone give
me an IP DHCP DISCOVER
address*?” (bcast) “Sure, you can
DHCP OFFER use 10.0.0.3”
(multiple offers
can arrive)
DHCP REQUEST
“Ok, I would like “Ok, you can
to use 10.0.0.3” DHCP ACK use 10.0.0.3”

10.0.0.3 acquired
DHCP RELEASE Returns
“I am done with
10.0.0.3” 10.0.0.3 to
available pool

*and other config information 37

Is DHCP enough?

Dest=4.4.4.4

IP=2.2.2.2 IP=4.4.4.4
MAC=AA:AA:AA:AA:AA MAC=CC:CC:CC:CC:CC

IP=5.5.5.5
IP=3.3.3.3 MAC=DD:DD:DD:DD:DD
MAC=BB:BB:BB:BB:BB
 Broadcast ARP reply:
IP MAC “I own 4.4.4.4, and
4.4.4.4 CC:CC:CC:CC:CC my MAC address is
Broadcast 5.5.5.5 DD:DD:DD:DD:DD CC:CC:CC:CC:CC”
ARP request:
“Who owns IP
address
4.4.4.4?”
IP=2.2.2.2 IP=4.4.4.4
MAC=AA:AA:AA:AA:AA MAC=CC:CC:CC:CC:CC

IP=3.3.3.3
MAC=BB:BB:BB:BB:BB

• ARP: determine mapping from IP to MAC address

• What if IP address not on subnet?
• Each host configured with “default gateway,” use ARP to resolve its IP address
 Broadcast ARP reply:
IP MAC “I own 4.4.4.4, and
4.4.4.4 CC:CC:CC:CC:CC my MAC address is
Broadcast 5.5.5.5 DD:DD:DD:DD:DD CC:CC:CC:CC:CC”
ARP request:
“Who owns IP
address
4.4.4.4?”
IP=2.2.2.2 IP=4.4.4.4
MAC=AA:AA:AA:AA:AA MAC=CC:CC:CC:CC:CC

Broadcast Gratuitous
ARP reply: IP=5.5.5.5
IP=3.3.3.3 MAC=BB:BB:BB:BB:BB
MAC=BB:BB:BB:BB:BB
“I own 5.5.5.5, and
my MAC address is
BB:BB:BB:BB:BB”

• What if hosts move?

• Gratuitous ARP: tell network your IP to MAC mapping
• Used to detect IP conflicts, IP address changes; update other machines’
ARP tables, update bridges’ learned information
ARP Cache
• End host maintains a cache of learned ARP resolutions:
Network Application
Programming
What happens inside a browser?
• Browser works with
operating system (OS)
to construct data
packets

• Browser communicates
with OS through API
(“system calls,” or
“sockets”)
 What the Computer Needs to Do Server

22.61.14.163
9C-EF-D5-FD-27-77

Laptop
10.7.18.96
00-14-22-01-23-45

1. Tell server what

data it wants
2. Tell internet
Layer 2 (LAN) Layer 3 (IP) Layer 7 (Application) where server is
Hey LAN: Hey internet:
Hey server:
3. Tell local area
Send my internet Send my server
Give me the web page for network what
request to MAC address request to IP next hop is
“www.illinois.edu/index.html”
9C-EF-D5-FD-27-77 address 10.7.18.96
 Layer 7 (Application)

Hey server:
Give me the web page for
Hyper Text Transfer Protocol:
“www.illinois.edu/index.html” Telling a Web Server What to Do
What you want What resource
server to do you are referring
HTTP Version
(HTTP Method) to (URL)

“GET /index.html HTTP/1.1” (Client request)

“HTTP/1.1 200 OK (Server response)

<html> Response Code
<head>
HTTP Version <title>MSNBC — Breaking News, Top Stories, &amp; Show Clips |
NBC News</title>
<link href="https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css" rel="stylesheet"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<meta name="apple-itunes-app" content="app-id=1438463967"/>
<a href="https://twitter.com/intent/tweet?text=&amp;via=msnbc&amp;url=
https://www.nbcnews.com/&amp;original_referer=https://www.nbcnews.com/"
target="_blank" rel="noopener noreferrer">
…
Sockets Programming:
How a Web Browser Is Written Sockets API

• Sockets API: how applications Applications

communicate with the OS
networking stack System Libraries

• Introduced in 1981 by BSD 4.1 System Call Interface

VFS Sockets
Scheduler
• Implemented as library and set File Systems TCP/UDP
of system calls Volume Manager IP Virtual
Block Device Ethernet Memory

Network Memory
• Provides similar interfaces for HDD Device Driver Device Device
TCP and UDP Driver Driver

SDD
NIC Memory
Sockets API: What functions to expose?
• Data structures to store information about connections
and hosts
• IP address and port (struct sockaddr_in), socket
number (int)
• Functions to establish and tear down connections
• Get available socket number (socket()) associates socket
with network address (bind())
• Functions to send and receive data
• Send data string (send()), receive data string (recv())
Example Sockets Program: Web Client
Socket descriptor: index into per-
process table of connections
int main (){
maintained by kernel
int sockfd = 0, numbytes = 0;
Information about host:
char buf[MAXDATASIZE + 1];
Domain name
struct hostent* he = NULL; List of addresses

if (argc != 2) {
fprintf (stderr, “usage: client hostname\n”);
exit (1); Performs DNS lookup to get IP
} address for specified hostname
if ((he = gethostbyname (“www.msnbc.com”)) == NULL) {
perror (“gethostbyname”);
exit (1);
}
Example Sockets Program: Web Client
if ((sockfd = socket (AF_INET, SOCK_STREAM, 0)) == -1) {
Returns available
perror (“socket”); socket descriptor
exit (1);
}
struct sockaddr_in their_addr;
Specifies identity of
their_addr.sin_family = AF_INET; server we will connect to,
their_addr.sin_port = htons (PORT); using data we got from
DNS lookup
their_addr.sin_addr = *((struct in_addr*)he->h_addr);
bzero (&(their_addr.sin_zero), 8);
if (connect (sockfd, (struct sockaddr*)&their_addr,
sizeof (struct sockaddr)) == -1) {
Forms logical connection
perror (“connect”); to server; initiates TCP 3-
exit (1); way handshake

}
Example Sockets Program: Web Client
if (send(new_fd,“GET /index.html HTTP/1.1\n\n", 27, 0) == -1) {
perror("send");
}
Sends string of text
to server
buf[numbytes] = ‘\0’;
printf (“Received: %s”, buf);
close (sockfd);
return 0;
}
Tell OS we are done with this socket,
which will clean up state and tears
down any connections (TCP FIN)
 Putting Things Together:
How a Packet Is Sent across Networks
User types: 22.22.22.163
“www.illinois.edu” 9C-EF-D5-FD-27-77

Laptop Server
11.11.11.96
00-14-22-01-23-45

1. Tell server what

data it wants
2. Tell internet
where server is
Layer 2 (LAN) Layer 3 (IP) Layer 7 (Application)
3. Tell local area
dest: 9C-EF-D5-FD-27-77 dest: 11.11.11.96 “GET /index.html HTTP/1.1” network what
next hop is
 Putting Things Together:
How a Packet Is Sent across Networks
Layer 2 (LAN) Layer 3 (IP) Layer 7 (App)
User types: “GET
dest MAC: dest IP:
“www.illinois.edu” DNS Cache: /index.html
9C-EF-D5-FD-27-77 11.11.11.96
www.illinois.edu HTTP/1.1”
 11.11.11.96
11.11.11.96
DHCP Interface Table: BC-15-59-B5-4F-1A
DHCP server: 22.22.22.254
IPv4 addr: 22.22.22.3 Laptop ARP who-has 22.22.22.163? tell 22.22.22.163
Subnet mask: 22.22.22.0/24 22.22.22.3 9C-EF-D5-FD-27-77
Default Gateway: 22.22.22.163
Server
22.22.22.3
44-7B-C1-2D-28-81
ARP Table: 22.22.22.0/24 11.11.11.0/24
22.22.22.163
9C-EF-D5-82-06-B8
22.22.22.163 is at
9C-EF-D5-82-06-B8
18.22.14.163
9C-EF-D5-82-06-B8

22.22.22.18 11.11.11.72
24-E3-0A-7A-B7-38 5B-F0-23-C8-F9-2E
Local DNS Server
Putting Things Together:
How a Packet Is Sent across Networks

11.11.11.96
dest MAC: dest IP: “GET /index.html
BC-15-59-B5-4F-1A
9C-EF-D5-FD-27-77 11.11.11.96 HTTP/1.1”

Laptop
22.22.22.163
9C-EF-D5-FD-27-77

Server
22.22.22.3
44-7B-C1-2D-28-81
22.22.22.0/24 11.11.11.0/24

18.22.14.163
9C-EF-D5-82-06-B8

22.22.22.18 11.11.11.72
24-E3-0A-7A-B7-38 5B-F0-23-C8-F9-2E
Local DNS Server
Putting Things Together:
How a Packet Is Sent across Networks
Forwarding Table
Next Hop Interface
22.22.22.0/24 Ge0/1
11.11.11.0/24 Ge0/2
dest MAC: dest IP: “GET /index.html
11.11.11.96
BC-15-59-B5-4F-1A 11.11.11.96
9C-EF-D5-FD-27-77 HTTP/1.1”
BC-15-59-B5-4F-1A
Laptop 22.22.22.163 is at
22.22.22.163
9C-EF-D5-FD-27-77 9C-EF-D5-82-06-B8

Server
22.22.22.3
44-7B-C1-2D-28-81
Ge0/2
22.22.22.0/24 11.11.11.0/24
Ge0/1
ARP who-has 11.11.11.96? tell
11.11.11.163
ARP Table:
11.11.11.96 11.11.11.163
BC-15-59-B5-4F-1A 9C-EF-D5-82-06-B8

22.22.22.18 11.11.11.72
24-E3-0A-7A-B7-38 5B-F0-23-C8-F9-2E
Local DNS Server
Putting Things Together:
How a Packet Is Sent across Networks

11.11.11.96
BC-15-59-B5-4F-1A
Laptop
22.22.22.163
9C-EF-D5-FD-27-77

Server
22.22.22.3
44-7B-C1-2D-28-81 dest MAC:
BC-15-59-B5-4F-1A
dest IP:
11.11.11.96
“GET /index.html
HTTP/1.1”
Ge0/2
22.22.22.0/24 11.11.11.0/24
Ge0/1

11.11.11.163
9C-EF-D5-82-06-B8

22.22.22.18 11.11.11.72
24-E3-0A-7A-B7-38 5B-F0-23-C8-F9-2E
Local DNS Server
Steps in Creating a Packet (Summary)
• On bootup, use DHCP to discover NIC configuration
• On gethostbyname() resolution request
• Use DNS lookup to determine IP address
• Check subnet mask to determine if IP address is on local subnet
• If so, use ARP if local DNS server’s MAC address not in ARP table
• If not, use ARP if subnet gateway’s MAC address not in ARP table
• Send DNS lookup in UDP packet with corresponding IP and MAC address
destinations
• Return discovered IP address to caller
• On send() call:
• Use similar steps to above to discover MAC address and send packet
[title: Network
Infrastructure]
[week X: video X]
[status: done]
How do you design a network?
• A network has goals
• Connect sensors to internet
• Filter bad traffic
• Provide voice over IP functionality

• These goals are realized through network design

• Part of this is done by configuring devices…
• … but first step is to design the topology

• Network functions are enabled by devices

• You choose devices that do what you want to happen
• You put them where you want those things to happen
 Variants of Routers
Transcoder Fabric Extender
Signaling
Controller

L3 Switch Access Point Access

PBX Switch Location
Intrusion Control Identity Services
Detection Service Appliance Appliance
System
Router WLAN
Controller
Voice
Gateway Network
Directory DSLAM
Softswitch Admission
Load Service Controller
Balancer Wireless Router
Voice Router

Optical Amplifier Traffic

BRAS NAS
Analyzer
Appliance
Voice Switch
Wireless Bridge
Firewall
Wavelength
Router CMTS DDoS
Satellite Voice Mitigation Storage Array
NAT Gateway

Label- Optical Transport Deep Packet Application

WAN Dish Controller Switched
Reverse Proxy Inspection Proxy
Accelerator Router
Device Types
• Think of “functionality” separate from devices
• Functions like switching and inspection used to be tied to specific
device types
• Functions increasingly available on shared hardware
• Network function virtualization (NFV) taking this idea further

• Several key device function types

• Forwarding (where to send traffic?)
• Processing (changing contents of traffic)
• Translation (changing format of traffic)
• Isolation (blocking bad traffic)
Device Types: Forwarding

Router Load Voice Switch Wavelength

Balancer Softswitch
Router

• Decide next hop based on header or traffic contents

• May construct forwarding tables in advance to speed lookups

• Run-time:
1. Determine if self is responsible next-hop for flow
2. Lookup/determine next hop
3. Forward out appropriate outbound interface
Device Types: Processing

Application Reverse Location Transcoder

Signaling
Proxy Proxy Appliance
Controller

• Manipulate or intercept content in flow

• Change data, encrypt, cache, etc.

• May require application-layer knowledge

• Run-time:
1. Receive flow
2. Perform operations on flow (intercept, cache, mark, manipulate
headers/data/packets)
Device Types: Translation
NAT PBX Switch Wireless DSLAM Optical
Bridge Transport

• Convert headers and/or data to different format or proxy data

• May maintain table of translations

• Run-time:
1. Determine if self is responsible next-hop for flow
2. Lookup/determine translation
3. Modify packets
Device Types: Isolation

Access Intrusion DDoS Network

Firewall Control Admission
Detection Mitigation
Service System Controller

• Prevent information/data/packets from going to certain locations

• Configure access control and prioritization policies in advance

• Run-time:
1. Select appropriate header fields or content in flow
2. Traverse policy list, process (usually first) matching rule
3. Forward or filter traffic appropriately
Scenario: Hospital IoT
Deployment
Scenario: Hospital IoT Deployment

Points of Sale (POS) Medical Computers Networked Implants

Patient Monitoring Guest Wireless Medical Automation and AI

Example Network: Healthcare IoT
Network Segments:
10.10.96.0/24 VLAN11 (POS/PCI)
10.10.97.0/24 VLAN12 (Data)
10.10.98.0/24 VLAN13 (Voice)
10.10.99.0/24 VLAN14 (Wireless)
10.10.100.0/24 VLAN15 (Wireless POS/PCI)
10.10.101.0/24 VLAN16 (Partner)
10.10.102.0/24 VLAN17 (Wireless Guest)
10.10.103.0/24 VLAN18 (Wireless Control)
10.10.104.0/24 VLAN19 (WAE)
10.10.105.0/24 VLAN20 (Security Systems)
10.10.106.0/24 VLAN21 (HIPAA)
10.10.107.0/24 VLAN22 (Wireless HIPAA-Users)
10.10.108.0/24 VLAN23 (Wireless HIPAA-Devices)
10.10.109.0/24 Other-Misc
10.10.110.0/24 Future
10.10.110.40/30 VLAN1000 (Management)
Example Network:
ISP 2
Hospital/Enterprise ISP 1
WAN Routers Site 1 Site 2

Firewall
NAT/Firewall
Permit ip *.*.3.* *.*.3.*
Deny ip *.*.3.* 10.*.*.*
Permit ip *.*.3.* *.*.*.*
Firewall/IDS/IPS
L3 Switch
VRF IT
Core L3 Switches VRF HVAC
VRF Manufacturing
Switch 1:
Voice: Vlan 3 Distribution
 10.1.3.0/24
POS: Vlan 8 Switches
 10.1.8.0/24

Access Switches

V H H
Switch 3:
IT: Vlan 3  10.3.3.0/24
Voice Security HIPAA Finance: Vlan 8  10.3.8.0/24
Manufacturing: Vlan 44  10.3.44.0/24
Example Network: Broadband Access

Receiver
DOCSIS 3.0 Internet

Node Edge QAM Router

Amp CMTS
(turns
fiber to
coax) PSTN
TV Bcast DTI Server
Headend NAS
Hub
Facility

• Access network largest in terms of physical size,

monetary investment
• TWC: 1130 Hubs, 95600 Nodes, 1.9M Amps, 30M Coax
Example Network: Broadband Access

DOCSIS 3.0 Receiver Interne

t

Node Edge QAM Router

Amp CMTS
(turns
fiber to
coax) PSTN
TV Bcast DTI Server
Headend NAS
Hub
Facility

• Access network largest in terms of physical size,

monetary investment
• TWC: 1130 Hubs, 95600 Nodes, 1.9M Amps, 30M Coax
[title: Device Internals]
[week X: video X]
[status: done]
What is a network device?
• Entity used to forward packets
• May be physical or virtual
 Line card Chassis

Fan module

LED status
indicators Power
module
Optical
port

Console port Ethernet

SFP port port
What is a router, exactly?
• Special-purpose computer
• Traditional computer
architecture (CPU, DRAM, bus) Network Router
• Coupled with high-speed packet
forwarding hardware (ASIC)
• Router consists of
Backplane
• Interfaces where packets arrive
• Interfaces where packets leave
• Set of queues to handle bursts
of congestion
• Backplane to forward packets
between them Input Input Output Output
interfaces queues queues interfaces
Typical Router Architecture
• Input and output interfaces,
connected via a backplane
Network Router

• Backplane can be
implemented in different ways:
Backplane
• Shared memory (low-capacity
routers, e.g., software routers)
• Shared bus
• Switched bus (highest-capacity
routers)
Input Input Output Output
interfaces queues queues interfaces
76
Backplane Speedup Backplane
Aggregate
Transfer Capacity
• Backplane needs to be fast (BT)
enough to handle offered Network Router
load from all ports
• Router architects perform
calculations to provision Backplane

resources within router

• Backplane Speedup = B/C
• Input Speedup = CP,i/C Port Capacity (Cp,i) Port Capacity (Cp,o)
• Output Speedup = CP,o /C
Backplane Input Backplane Output
Capacity (Bi) Capacity (Bo)
77
What do pieces of a router do?
• Input interfaces:
• Perform lookup (deciding which
interface to send out) Network Router
• May enqueue packets
• May perform scheduling
• Backplane: Backplane
• Move packets from input to output
interfaces
• Output interfaces:
• May enqueue packets
• May perform scheduling Input Input Output Output
interfaces queues queues interfaces
78
Common Router Architectures
• One key question is where to put queues
• Need fast memory (expensive)
• Need to perform complicated functions (deciding which packets to
drop)
• Three key architectures:
Combined Input-Output
Input-Queued (IQ) Output-Queued (OQ) Queued (COIQ)

Backplane Backplane Backplane

 Common Router Architectures Combined Input-Output
Input-Queued (IQ) Output-Queued (OQ) Queued (COIQ)

Backplane Backplane Backplane

• Queue packets at • Queue packets at • Queue packets at

inputs outputs both inputs and
outputs
• Easy to design • Problem: What if
• Can queue packets all inputs send to • Can achieve higher
if backplane or same output? utilization
outputs are • Requires speedup • Downsides: harder
overloaded of [# ports] to design algorithms
• Downsides: head- • Not very feasible • e.g., distributed
of-line blocking design backpressure
Backplane
• Point-to-point switch inside
the router
• Allows (simultaneous) transfer of
packet between any two disjoint
pairs of interfaces
• Like a little network inside a
router
• Packets fragmented into fixed-
size cells (e.g., 64B)
• Simplifies hardware, eliminates
wastage due to idle cycles
Router Components
• On a PC router:
• Interconnection network is the PCI bus
• Interface cards are the NICs (e.g., Ethernet
cards)
• All forwarding and routing is done on a
commodity CPU

• On commercial routers:
• Interconnection network and interface
cards are sophisticated, special-purpose
hardware
• Packet forwarding often implemented in a
custom ASIC
• Only routing (control plane) is done on
the commodity CPU (route processor)
Head-of-Line Blocking

Input 1 Output 1

Input 2 Output 2

Input 3 Output 3

Backplane

• Cell at the head of the queue can’t be sent, blocking

cells behind it that could otherwise be sent
Head-of-Line Blocking

Input 1 Output 1

Input 2 Output 2

Input 3 Output 3

Backplane
Head-of-Line Blocking
• Cell at the head of the queue can’t be sent, blocking
cells behind it that could otherwise be sent

86
Head-of-Line Blocking
Maintain at each input up
Input 1
to N virtual queues, e.g.,
one per output

X Output 1

Input 2 Output 2

Output 3

Backplane
Input 3
Downsides: increases port cost
Mitigating Head-of-Line Blocking with
Virtual Queues
• Maintain at each input N virtual queues, i.e., one per output

88
How the Control and Data Planes Work
Together (Logical View)
Update
12.0.0.0/8
Protocol daemon
Control
Plane
RIB
12.0.0.0/8  IF 2

IF 1 Data
FIB 12.0.0.0/8  IF 2
Plane
IF 2

12.0.0.0/8
Data packet
Physical Layout of a High-End Router
Routing vs. Forwarding
• Routing is done in software (“control plane”)
• Computing paths the packet will follow
• Computation performed on router’s CPU
• Creates forwarding table as output

• Forwarding is (usually) done in hardware (“data plane”)

• Directs packet to outbound interface
• Uses forwarding table created by control plane
Routing vs. Forwarding
• Control plane’s job:
• Running routing protocols
• Maintaining routing table

• On commercial routers,
control plane runs on
special-purpose “route
processor”
• IP forwarding is distributed
across the interface cards
Slotted Chassis
• Large routers are built in a
slotted chassis
• Interface (line) cards are inserted
in the slots
• Route processor is also on a line
card
Router with slotted chassis

• This simplifies repairs and

upgrades of components
• E.g., “hot-swapping” of
components
Line card
Device Protocols
• Routing: OSPF, BGP, IS-IS…
• Multicast: PIM-SM, DVMRP, PIM-DM, …
• VPN/Tunneling: GRE, MPLS, VXLAN, L2TP, …
• Forwarding: IPv4, IPv6, …
• Spanning tree: STP, RSTP, PVRSTP+, …
• Wireless: 802.11n, 802.11g, 802.11b, ….
• Router Failover: HSRP, VRRP, GSRP, …
• Link Failover: LACP, vPC, PortChannel, …
• QoS: CoS, DSCP, wrr, wred, …
• Administration: SSH, SNMP, …
• Tcp udp, sockets, http and displaying web pages
• Lec 1 is video+syllabus, 2 is Arduino, then ckts
[title: Wiring]
[week X: video X]
[status: done]
Physical IoT
Background: Electrical Current
• Usually free electrons hop around randomly
• However, outside forces can encourage them to flow in a particular direction
• Magnetic field, charge differential  this is called current
• We can vary properties of current to transmit information (via waves, like dominos, as
electron drift velocities are very slow)

_ +

No charge differential Charge differential

Conductors vs. Insulators
Conductors vs. Insulators
• Conductor: valence electrons wander
around easily
• Used to carry signal in cables
• Copper, aluminum
• Insulator: valence electrons tightly
bound to nucleus
• Separates conductors physically and
electrically
• Glass, plastic, rubber Material Resistivity
(ohm m)
• Semiconductor: conductivity between
insulator and conductor Glass 1012
• Used within electronic components, ICs Mica 9*1013
• Can be easily made more conductive by
adding impurities Quartz 5*1016
Copper 5*10-8
 Common conductors
Copper
• Cheap, lower strength
• Lower operating temperature
(subject to melting)
• Subject to corrosion from air
(oxidation) and water
• Better at conducting heat than
aluminum (worse at radiating it)
• Good for wiring, flexible parts
Aluminum
• Lower conductivity than copper,
harder to handle load surges
• Less malleable; leads to
creep/loosening at connection
sites, breaks easier, poor choice for
flexible wire
• Lightweight, reduced corrosion
• Good for cases, corrode-resistant
wiring/pipes/foils, heatsinks
Silver
• Of all metals – best thermal and
electrical conductor
• Can withstand high temperatures
• Very expensive. Poor corrosion.
• Very reflective – good for high
quality mirrors, optical storage
• Very pliable - good for very thin
wires and intricate parts
 Common conductors
Nickel
• Improved strength, corrosion
resistance. Very high melting point
(1453°C). Magnetic
• Tends to react with other materials
(catalytic) – good at forming alloys
• Very ductile – good for intricate
components
• Higher resistance to electricity and
heat.
Tin
• Very soft, malleable, ductile
• Improved durability and strength
• Worse corrosion resistance to
acids and alkalis. Good corrosion
resistance to water.
• Low melting point
• Good for joining connections
(solder), malleable enclosures
Steel
• Much worse thermal and electrical
conductivity than aluminum
• Much harder than aluminum
• Stronger, heavier
• Harder to create shapes
• Subject to rust/corrosion when
exposed to water
• Good for reinforcing infrastructure:
struts, cables, enclosures
Coating Copper to Improve Resilience
• Coating copper can provide additional properties
• Done by “hot dipping” or electroplating

• Tinned copper: corrosion protection, easier to solder

• Industrial Ethernet deployments, environments exposed to water such as ships

• Silver plated copper: better conduction, operation over wider temperature range
(-65°C to 200°C). Commonly used in aerospace applications

• Nickel-plated copper: corrosion protection, operation over wider temperature

range (thick plating can withstand 750 deg C), reduced high-frequency loss
Reducing Resistance from the Skin Effect
Reducing Resistance from the Skin Effect
• Alternating electric current flows mainly at
the “skin” of the conductor
• Due to “turbulent” eddy currents caused by
changing magnetic field

• Stranding helps, but not as much as you

might think
• Touching surface area acts like single conductor
• Individually-insulating strands (Litz wire) helps

• Coating with low-resistance material can

leverage this property
• E.g., silver-tinned copper

Photograph by Kreuzschnabel, distributed under a CC BY-SA 3.0 license

Improving Strength with Stranding

• Solid vs. Stranded conductors

• Solid: inexpensive and tough, solid seating into jacks and insulation
• Stranded: increased flexibility and flex-fatigue life, increased conductivity
Stranding Types
• Stranding type affects wire properties
• Bunched: inexpensive and simple to build,
can be bulkier (circle packing problem)
• Concentric:
• Unilay: lighter weight and smaller
diameter; greater torsional flex
• Contra-helical: greater mechanical
strength and crush resistance; greater
continuous flex
• More twists  improve strength
• Ethernet comes in both solid (plenum
and static runs) and stranded
(standard, patch panel, etc.)
Noise, Jamming, and Information Leakage
• When you move a conductor
through a magnetic field, electric
current is induced
(electromagnetic induction)
• EMI is produced from other
wires, devices
• Induces current fluctuations in
conductor
• Problem: crosstalk, conducting
noise to equipment, etc.
 Reducing Noise with Shielding
• Enclose insulated conductor with
an additional conductive layer
(shield)
• Reflect, absorb (Faraday cage), or
conduct EMF to ground
• Metallic foil vs. Braid shield
• Foil is cheaper but poorer flex lifetime
• Braid for low freq and EMI, foil for
high freq and RFI
• Foil widely used in commodity
Ethernet
• Combining foil+braid gives best
shielding
source destination
destination

destination
 Reducing Noise with Twisted Pairing

• Differential signaling: transmit complementary signals on two different wires

• Noise tends to affect both wires together, doesn’t change relative difference between
signals
• Receiver reads information as difference between wires
• Part of Ethernet standard, telegraph wires were first twisted pair
Reducing Noise with Twisted Pairing

• Disadvantages:
• EMI protection depends on pair twisting staying intact  stringent requirements for
maximum pulling tension and minimum bend radius (bonded TP can help)
• Twisted pairs in cable often have different # of twists per meter  color defects and
ghosting on analog video (CCTV)
Insulators
• Insulators separate conductors, electrically and physically
• Avoid air gaps: ionization of air can degrade cable quality
•…
 Cable Ratings

• Plenum rated (toughest rating)

• National Fire Protection Standard (NFPA) 90A
• Jacketed with fire-retardant plastic (either low-smoke PVC or FEP)
• Cables include rope or polymer filament with high tensile
strength, helping to support weight of dangling cables
• Solid cable instead of stranded
• Restrictions on chemicals for manufacture of sheath  reduced
flexibility, higher bend radius, and higher cost
 Cable Ratings

• Riser cable: cable that rises between floors in non-plenum

areas

• Low smoke zero halogen: eliminates toxic gases when

burning, for enclosed areas with poor ventilation or around
sensitive equipment
 Marine Applications

© 2006 David Monniaux / CC BY-SA 3.0 / http://tinyurl.com/y4juntpn , © 1947 DCC Archives CC BY-SA 2.0 , © Richard Webb / CC BY-SA 2.0
Submarine Cabling
Undersea Cable Laying
Submarine Cabling: Threats
Submarine Cabling: Construction
Polyethylene
Mylar tape Stranded steel wires

Aluminum water barrier

Polycarbonate

Copper or aluminum tube

Petroleum jelly

Optical fibers
Submarine Cabling: Threats
Physical Tapping
Physical Tapping
• Conductive Taps
• Form conductive connection with
cable

• Inductive Taps
• Passively read signal from EM
induction
• No need for any direct physical
connection
• Harder to detect
• Harder to do with non-electric
conductors (e.g., fiber optics)
Tapping Cable: Countermeasures
• Physical inspection

• Physical protection
• E.g., encase cable in pressurized gas

• Use faster bitrate

• Monitor electrical properties of cable

• TDR: sort of like a hard-wired radar
• Power monitoring, spectrum analysis
 Case Study: Submarine Cable
(Ivy Bells)
• 1970: US learned of USSR undersea cable
• Connected Soviet naval base to fleet headquarters
• Joint US Navy, NSA, CIA operation to tap cable
in 1971
• Saturation divers installed a three-foot long
tapping device
• Coil-based design, wrapped around cable to register
signals by induction
• Signals recorded on tapes that were collected at
regular intervals
• Communication on cable was unencrypted
• Recording tapes collected by divers monthly
 Case Study: Submarine Cable
(Ivy Bells)
• 1972: Bell Labs develops next-gen tapping
device
• 20 feet long, 6 tons, nuclear power source
• Enabled
• No detection for over a decade
• Compromise to Soviets by Robert Pelton, former employee
of NSA
• Cable-tapping operations continue
• Tapping expanded into Pacific ocean (1980) and
Mediterranean (1985)
• USS Parche refitted to accommodate tapping equipment,
presidential commendations every year from 1994-97
• Continues in operation to today, but targets since 1990
remain classified
Locating Anomalies with Time-Domain
Reflectometry (TDR)
• A tool that can detect and localize variations in a cable
• Deformations, cuts, splice taps, crushed cable, termination points,
sloppy installations, etc.
• Anything that changes impedance

• Main idea: send pulse down wire and measure reflections

• Delay of reflection localizes location of anomaly
• Structure of reflection gives information about type of anomaly
Motivation: Wave Pulse on a String

UNSAFE
FIGURE (video)
Motivation:
Wave Pulse on a String

Reflection from Reflection from

No termination
soft boundary hard boundary

High to low speed Low to high speed

(impedance) (impedance)
136
TDR Examples

Melted cable (electrical short)

TDR: Inverted reflection

Cut cable (electrical open) TDR: Reflection 137

TDR Example: Cable Moisture

Water-soaked/flooded cable

138
TDR Examples

Faulty Amplifier

Wire Tap
139
Protection against Wildlife

Rodents Moths

Ants

Cicadas Crows 140

Protection against Wildlife

• Rodents (squirrels, rats, mice, gophers)

• Chew on cables to grind fore teeth to maintain proper length
• Insects (cicadas, ants, roaches, moths)
• Mistake cable for plants, burrow into it for egg laying/larvae
• Ants invade closures and chew cable and fiber
• Birds (crows, woodpeckers)
• Mistake cable for twigs, used to build nests
• Underground cables affected mainly by rats/termites, aerial cables by
rodents/moths, drop cables by crows, closures by ants 141
 Countermeasures against Wildlife
• Use high strength sheath cable Illustration by Jules of
wiki.openelectrical.org,

• PVC wrapping stainless steel sheath distributed by a CCA 3.0 license

• Performance studies on cable (gnathodynameter)

• Cable wrap
• Squirrel-proof covers: stainless steel mesh
surrounded by PVC sheet
• Fill in gaps and holes
142
• Silicone adhesive
• Use bad-tasting cord
• PVC infused with irritants
• Capsaicin: ingredient in pepper spray, irritant
• Denatonium benzoate: most known bitter compound