19540 - Telematics 7th Tutorial - Media Access, & Wireshark

Bastian Blywis Department of Mathematics and Computer Science Institute of Computer Science 26. November, 2009

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 1 Outline

1. Frame Size

2. Packets and Cells

3. FDDI Performance

4. ATM

5. Tunneling

6. Bridge Classification

7. Virtual LANs

8. IEEE 802.1Q and IEEE 802.2

9. Features of Layer 2 Protocols

10. Security Considerations

11. IEEE 802.1D

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 2 Frame Size

Consider a 10 MBit/s CSMA/CD LAN with a bus of 50m length. The speed of the signal within the transmission medium is 2 ∗ 108m/s. 1. Calculate the upper bound of the collision detection time. 2. Specify the minimum frame length.

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 3 Frame Size Maximum time depends on maximum distance: AB

50m 5*10^-7s

– Worst case: station A senses a free medium and starts to transmit – Station B senses a free medium and starts to transmit just at the time the signal from A arrives at B – Signal from B has to travel through the whole network until A detects the collision – Maximum time until collision detection, is twice the time of the signal propagation time for the whole network buslength 50m t = 2 ∗ = 2 ∗ = 5 ∗ 10−7s 8 m signalspeed 2 ∗ 10 s

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 4 Frame Size

To ensure the stations are able to detect a collision, the frame has be take at least t to send: framelength min > t capacity 10MBit framelength > ∗ 5 ∗ 10−7s = 5Bit min s

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 5 Packets and Cells

– Discuss the difference between packet and cell switching. – Discuss what virtual switched circuits are and why they are required in some scenarios.

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 6 Packets and Cells

Packets: Cells: – Variable length – Fixed size ⇒ reduced jitter – Overhead depending on – High overhead due to header, see PDU/Packet Size ratio ATM – Bursty traffic, poisson distributed – Constant stream – Usually not empty – May be empty – Complex to handle – Easier to handle – Complex scheduling – Simplified scheduling

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 7 FDDI Performance

– 100 stations connected to FDDI ring – Token rotation time of 40ms, token holding time of 10ms – Calculate the maximum achievable efficiency

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 8 FDDI Performance

time used for data transmission Efficiency = total time

– One token circulation takes 100 ∗ 10ms + 40ms = 1040ms – Assumption: Every station has unlimited data to send – Assumption: Data is send for the whole token holding time 1000ms Efficiency = = 0.96 1040ms

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 9 ATM

– Size of ATM cell is compromise between requirements of voice and data transfer – Assume ATM would have cells of 1500 Bytes

1. How large is the time interval between two successive cells, if voice data would be generated at a rate of 64 kbit/s? 2. How large is the time interval between two successive cells with the normal ATM cell size? 3. The ATM checksum protects only the cell header. How many bit errors can be corrected with this checksum and why?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 10 ATM

The delay between two cells results from the time until enough data for transmission is available.

– 1500∗8Bit Payload of 1500 byte: 64000Bit/s = 187.5ms

– 48∗8Bit Payload of 48 byte: 64000Bit/s = 6ms

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 11 ATM To correct 1-bit errors the following equation must hold: (m + k + 1) ≤ 2k In the case of ATM with m = 32 header bits without the checksum and k = 8 checksum bits, the equation holds ⇒ 1-bit errors can be corrected. `n´ 2-bit errors can be detected but not corrected. For n = m + k there are 2 codewords which are differing in 2 bits from an original message. Each of the valid 2m codewords `n´ n(n−1) thus has to have a sphere of 2 = 2 (invalid) codewords to correct all 2-bit errors. Thus the following equation has to hold: n(n − 1) ∗ 2m ≤ 2n 2 n(n − 1) ∗ 2m ≤ 2m+k 2 n(n − 1) ∗ 2m ≤ 2m ∗ 2k 2 n(n − 1) ≤ 2k 2 780 6≤ 256 2-bit errors are not correctable.

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 12 Tunneling

– Discuss what tunneling means in the context of a layered protocol architecture. – Give an example. – What problems can arise when tunneling is applied? – Implement your example with Scapy.

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 13 Tunneling

Tunneling: encapsulating one network protocol in another

– Often encapsulation of layer x protocol in another layer x protocol – Delivery protocol for encapsulation of payload protocol – Carry payload protocol over incompatible network – Circumvent firewalls – Optimize routing – Provide virtual switched circuits, see MPLS – Provide intermediate layer protocols, e.g. layer 2.5

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 14 Tunneling

Figure: Generic Tunneling Example: Tunneling the “blue” protocol over a “red” network by encapsulation

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 15 Tunneling

Examples: – PPP over Ethernet (PPPoE), RFC 2516 – PPP over ATM (PPPoA), RFC 2364 – SMB over SSH – ATA over Ethernet – Ethernet over Ethernet (EoE) – Ethernet over IP over PPP over Ethernet

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 16 Tunneling

Problems: – Reduces MTU – Possibility of loops – Protocols can be used multiple times in packet, might be unnecessary – Might result in suboptimal routing – Header fields of encapsulated headers are not modified, e.g. TTL – Circumvents firewalls, requires deep packet inspection – RFC 1326 - Mutual Encapsulation Considered Dangerous

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 17 Tunneling

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 18 Bridge Classification

Bridges can be classified as local and remote bridges. Discuss their differences.

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 19 Bridge Classification

Local: Local bridges provide a direct connection between multiple LAN segments in the same area. Remote: Remote bridges connect multiple LAN segments in different areas, usually over telecommunication lines.

A X HDLC Internet PPP Y B Ethernet Ethernet Payload Payload Payload Payload L3 L3 L3 L3 L2 L2 L2 L2

L3 L3 L2 L2

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 20 Virtual LANs

– What is the purpose of a layer 2 VLAN? – What information can be used to assign hosts to a particular VLAN?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 21 Virtual LANs

Virtual LAN – Logical network topology on physical topology – IEEE 802.11Q, additional header with VLAN-tag – Limited broadcast domain – Security – Load balancing / scheduling

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 22 Virtual LANs

Assignment based on: – Port – MAC address – Layer 3 protocol – Time

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 23 IEEE 802.1Q and IEEE 802.2

1. Create, inject, and capture an that uses an IEEE 802.1Q header with the following values: – Priority = Excellent Effort – Canonical Format Indicator set to 1 – VLAN ID = 0xA0 – Type set to the value of ARP 2. Add a Logical Link Control header and adapt the frame as required. Use the following values: – Unnumbered Frame Type – DSAP = Novell NetWare – SSAP = Xerox Network Systems – I/G = 0 – C/R = 0 – Choose any value for the command field 3. Add a SNAP header and adapt the frame as required. Use the following values for the SNAP header: – OUI = 0xABCD – Type = 0x88CE 4. Which layer 3 protocol would you have to use as PDU? 5. How large is your total layer 2 header?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 24 IEEE 802.1Q and IEEE 802.2

Service Access Point identifiers: – 0x04 - IBM SNA – 0x06 - IP – 0x80 - Xerox Network Systems – 0xAA - SubNetwork Access Protocl (SNAP) – 0xBC - Banyan – 0xE0 - Novell NetWare – 0xF4 - Lan Manager FE -CLNS

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 25 IEEE 802.1Q and IEEE 802.2

Ethertype 0x88CE, Remote Direct Memory Access over Ethernet (RDMAoE): A protocol for low-latency, low-overhead memory-to-memory communications among hosts interconnected by Ethernet.

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 26 IEEE 802.1Q and IEEE 802.2

– IEEE 802.3 header = 14 Byte – IEEE 802.2 header = 8 Byte – FCS = 4 Byte – (IEEE 802.1Q header = 4 Byte)

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 27 Features of Layer 2 Protocols

– List the features and services of a layer 2 protocol. – Do Ethernet, IEEE 802.2, ATM, and PPP provide these features and services? Are any additional features and services provided?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 28 Features of Layer 2 Protocols

Data Link Layer protocol: – Framing – Error detection – Flow control – Acknowledgement – Retransmission – Medium access – Addressing – Multiplexing

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 29 Features of Layer 2 Protocols

Ethernet IEEE 802.2 ATM PPP Framing × × × × Error detection × (×) × Flow control (×) × Acknowledgement × (×) Retransmission × Medium access × × Addressing × × (×) Multiplexing × × × ×

Table: Features of some protocols, up for discussion

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 30 Features of Layer 2 Protocols

Ethernet flow control, IEEE 802.3x – Only for full-duplex – PAUSE frames – = 0x8808 (MAC Control) – MAC Control opcode = 0x0001 – Send to 01:80:C2:00:00:01 – Frame is not forwarded – Two byte quanta, length of pause in 512 bit times

DA SA Type Opcode Quanta

0x8808 0x0001 ???

Figure: Ethernet pause frame

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 31 Features of Layer 2 Protocols

Additional features: – Ethernet – Extensible, many optional features – – Virtual LANs – see IEEE 802.1 and IEEE 802.2 standards and substandards – IEEE 802.2 – Connection oriented service – Acknowledged datagram service – ATM – Virtual switched circuits – Guarantee of quality criteria – Services classes – PPP – Session initiation, testing, termination – Compression

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 32 Security Considerations

– Discuss what kind of security is provided in the technologies introduced in the lecture. – How can the security be improved?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 33 Security Considerations

– Physical topology: Star vs. bus – Passive attacks – Medium: Copper vs. fiber – Authentication – Encryption

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 34 IEEE 802.1D

– What is the task of the ? – How does it work? – What are the disadvantages of the original Spanning Tree Protocol (STP)? – Capture or try to create a STP packet. – In which types of networks can STP be used?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 35 IEEE 802.1D

Spanning Tree Protocol: – Creates loop-free topology for bridged LANs – Data Link Layer protocol – Based on IEEE 802.2, LLC – Procedure: – Root bridge selection based on priority and MAC address – Determination of least cost paths to root bridge using root port – Disabling of all other root paths – Network segments select designated ports to designated bridges – Disabling of all other port but designated ports by network segments

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 36 IEEE 802.1D

Problems: – Slow convergence (30 - 50s) – Excessive loss of BPDUs – Duplex mismatch – Unidirectional links – Root bridge spoofing – Location and properties of root bridge

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 37 The Last SlideTM

Thank you for your attention. Questions?

Institute of Computer Science – Telematics Tutorial – 26. November, 2009 38