DOCSLIB.ORG

Application, Transport, Network and Link Layers Roadmap

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Application, Transport, Network and Link Layers Roadmap Roadmap 16: Application, Transport, r Application Layer (User level) Network and Link Layers r Transport Layer (OS) r Network Layer (OS) Last Modified: r Link Layer (Device Driver, Adapter Card) 7/3/2004 1:46:53 PM -1 -2 Application Layer Applications and application-layer protocols Application: communicating, application transport r Network Applications Drive Network distributed processes network data link Design m running in network hosts in physical r Important to remember that network “user space” m exchange messages to applications are the reason we care about implement app building a network infrastructure m e.g., email, file transfer, r Applications range from text based the Web Application-layer protocols command line ones popular in the 1980s application m one “piece” of an app application transport (like telnet, ftp, news, chat, etc) to transport network network data link m define messages data link physical multimedia applications (Web browsers, physical exchanged by apps and audio and video streaming, realtime actions taken videoconferencing, etc.) m user services provided by lower layer protocols -3 -4 Client-server paradigm How do clients and servers communicate? Typical network app has two application pieces: client and server transport network API: application Q: how does a process data link Client: physical programming interface “identify” the other request r initiates contact with server r defines interface process with which it (“speaks first”) between application wants to communicate? r typically requests service from and transport layer m IP address of host server, running other process r socket: Internet API r for Web, client is implemented reply m “port number” - allows in browser; for e-mail, in mail m two processes receiving host to application communicate by sending reader transport determine to which network data into socket, data link local process the Server: physical reading data out of message should be r Running first (always?) socket delivered r provides requested service to client e.g., Web server sends requested Web page, mail … more on this later. server delivers e-mail -5 -6 1 Socket programming Sockets Goal: learn how to build client/server application that Socket: a door between application process communicate using sockets and end-end-transport protocol (UCP or Socket API socket TCP) r introduced in BSD4.1 UNIX, 1981 a host-local, application- created/owned, r Sockets are explicitly created, used, released by OS-controlled interface controlled by (a “door”) into which controlled by process application applications application process application process can developer r client/server paradigm developer socket socket both send and controlled by r two types of transport controlled by kernel kernel receive messages to/from buffers, operating service via socket API: operating buffers, internet another (remote or system variables system m unreliable datagram variables local) application process m reliable, byte stream- host or oriented host or server server -7 -8 Languages and Platforms Transport services and protocols r providelogical communication application transport r Socket API is available for many languages between app’ processes network data link network physical running on different hosts logical end data link on many platforms: network physical r transport protocols run in data link m C, Java,Perl, Python,… physical end systems network - data link end transport m *nix, Windows,… r physical network transport vs network layer data link services: physical r Socket Programs written in any language network r network layer:data transfer data link physical and running on any platform can between end systems application communicate with each other! r transport layer:data transport transfer between processes network r data link Client and server must agree on the type m relies on, enhances, network physical of socket, the server port number and the layer services protocol -9 -10 Services provided by Internet UDP transport protocols r UDP adds very little TCP service: UDP service: 32 bits functionality (or r connection-oriented:setup r unreliable data transfer overhead) to bare IP source port # dest port # required between client, between sending and length checksum server receiving process r Adds multiplexing/ Length, in r reliable transport between r does not provide: demultiplexing bytes of UDP sending and receiving process connection setup, r other UDP uses segment, r including flow control: sender won’t reliability, flow control, (why?): overwhelm receiver header congestion control, timing, m DNS: small, retransmit Application r congestion control: throttle sender when network or bandwidth guarantee if necessary data overloaded m often used for streaming (message) multimedia apps r Q: why bother? Why is does not providing: timing, • Loss tolerant minimum bandwidth there a UDP? • rate sensitive guarantees UDP segment format -11 -12 2 Process-to-Process Message Multiplexing/demultiplexing Delivery Multiplexing: Demultiplexing: Goal : Deliver application data to correct process (and more gathering data from multiple particularly to the right socket) Stream of incoming data into app processes, enveloping one machine separated into data with header (later used smaller streams destined for Segment - unit of data exchanged between transport layer for demultiplexing) entities; transport protocol data unit (TPDU) individual processes receiver 32 bits Demultiplexing based on IP P3 P4 source port # dest port # application-layer M M addresses of sender and and data port numbers of both sender application and receiver segment P1 transport P2 other header fields header M m Can distinguish traffic M network application application coming to same port but segment transport Ht M transport part of separate network application Hn segment network conversations (like data multiple client connections (message) to a web server) TCP/UDP segment format -13 -14 TCP adds functionality Common Sense r TCP adds lots of functionality over bare IP and r Consider faxing a document with flaky machine over UDP m Can’t talk to person on the other side any other way m Still has multiplexing/demultiplexing r What would you do to make sure they got the m Adds reliable, in-order delivery transmission? m Adds flow control and congestion control m Number the pages – so receiver can put them in order/detect duplicates/detect losses r How can you guarantee that other side gets “A B C m Need feedback from the receiver!!! D E” when network could: m Resend data that is missing or if don’t hear from m Lose data “A B D E” receiver m Duplicate data “A B C C D E” r Put some info on cover sheet that lets person m Corrupt data “A B X D E” verify fax info (summarize info like checksum) m Reorder data “A C D E B” r What if it is a really big document? Receiver might m Or all of the above! like to be able to tell you send first 10 pages then 10 more… -15 -16 TCP Connection Management Three-Way Handshake Active participant Passive participant Recall: TCP sender, receiver Three way handshake: (client) (server) establish “connection” before exchanging data Step 1: client end system SYN, SequenceNum = segments sends TCP SYN control x r segment to server initialize TCP variables: y, m seq. #s m specifies initial seq # x + 1 m buffers, flow control info (e.g. RcvWindow) Step 2: server end system SYN + ACK, SequenceNum = receives SYN, replies with Acknowledgment = r client:connection initiator SYNACK control segment ACK, Acknowledgment = Socket clientSocket = new Socket("hostname","port m ACKs received SYN y + 1 number"); m allocates buffers r server:contacted by client m specifies server-> Socket connectionSocket = receiver initial seq. # Note: SYNs take up a sequence number even though welcomeSocket.accept(); no data bytes Step 3: client acknowledges servers initial seq. # -17 -18 3 Timeout and Retransmission TCP: retransmission scenarios (1) Host A Host B Host A Host B r Seq=92, 8 bytes data Receiver must acknowledge receipt of all Seq=92, 8 bytes data packets X loss r Sender sets a timer if acknowledgement ACK=100 timeout has not arrived before timer expires then timeout X loss sender will retransmit packet Seq=92, 8 bytes data Seq=92, 8 bytes data r Adaptive retransmission: timer value computed as a function of average round ACK=100 trip times and variance ACK=100 time lost data scenario time lost ACK scenario -19 -20 TCP: retransmission scenarios (2) Network layer functions Host A Host B Host A Host B r transport packet from sending application to receiving hosts transport Seq=92, 8 bytes data Seq=92, 8 bytes data network data link network Seq r network layer protocols in physical Seq=100, 20 bytes data =100, 20 bytes data network data link network every host, router (Recall data link physical data link physical physical Seq=120, 20 bytes data X loss transport layer is end-to-end) network data link =92 timeout three important functions: physical network ACK=100ACK=120 data link Seq ACK=100 physical =100 timeout r path determination: route =100 timeout Seq=92, 8 bytes data ACK=100 network Seq taken by packets from source Seq network data link data link physical to dest. Routing algorithms physical r switching: move packets from network Seq data link application =100, 20 bytes data router’s input to appropriate physical transport ACK=120 network router output data link physical r call setup: some network time time architectures (e.g. telephone, premature timeout, Duplicate ACK, fast retransmit (really need ATM) require router call setup cumulative ACKs 3 dup acks before fast retransmit) along path before data flow -21 -22 Internet Protocol IP Addressing: introduction 223.1.1.1 r The Internet is a network of heterogeneousnetworks: r IP address: 32-bit identifier for host, 223.1.2.1 m using different technologies (ex. different maximum packet 223.1.1.2 router interface sizes) 223.1.1.4 223.1.2.9 r interface: connection m belonging to different administrative authorities (ex.
Load more

Recommended publications
  • Solutions to Chapter 2
    CS413 Computer Networks ASN 4 Solutions Solutions to Assignment #4 3. What difference does it make to the network layer if the underlying data link layer provides a connection-oriented service versus a connectionless service? [4 marks] Solution: If the data link layer provides a connection-oriented service to the network layer, then the network layer must precede all transfer of information with a connection setup procedure (2). If the connection-oriented service includes assurances that frames of information are transferred correctly and in sequence by the data link layer, the network layer can then assume that the packets it sends to its neighbor traverse an error-free pipe. On the other hand, if the data link layer is connectionless, then each frame is sent independently through the data link, probably in unconfirmed manner (without acknowledgments or retransmissions). In this case the network layer cannot make assumptions about the sequencing or correctness of the packets it exchanges with its neighbors (2). The Ethernet local area network provides an example of connectionless transfer of data link frames. The transfer of frames using "Type 2" service in Logical Link Control (discussed in Chapter 6) provides a connection-oriented data link control example. 4. Suppose transmission channels become virtually error-free. Is the data link layer still needed? [2 marks – 1 for the answer and 1 for explanation] Solution: The data link layer is still needed(1) for framing the data and for flow control over the transmission channel. In a multiple access medium such as a LAN, the data link layer is required to coordinate access to the shared medium among the multiple users (1).
    [Show full text]
  • Data Link Layer
    Data link layer Goals: ❒ Principles behind data link layer services ❍ Error detection, correction ❍ Sharing a broadcast channel: Multiple access ❍ Link layer addressing ❍ Reliable data transfer, flow control: Done! ❒ Example link layer technology: Ethernet Link layer services Framing and link access ❍ Encapsulate datagram: Frame adds header, trailer ❍ Channel access – if shared medium ❍ Frame headers use ‘physical addresses’ = “MAC” to identify source and destination • Different from IP address! Reliable delivery (between adjacent nodes) ❍ Seldom used on low bit error links (fiber optic, co-axial cable and some twisted pairs) ❍ Sometimes used on high error rate links (e.g., wireless links) Link layer services (2.) Flow Control ❍ Pacing between sending and receiving nodes Error Detection ❍ Errors are caused by signal attenuation and noise. ❍ Receiver detects presence of errors signals sender for retrans. or drops frame Error Correction ❍ Receiver identifies and corrects bit error(s) without resorting to retransmission Half-duplex and full-duplex ❍ With half duplex, nodes at both ends of link can transmit, but not at same time Multiple access links / protocols Two types of “links”: ❒ Point-to-point ❍ PPP for dial-up access ❍ Point-to-point link between Ethernet switch and host ❒ Broadcast (shared wire or medium) ❍ Traditional Ethernet ❍ Upstream HFC ❍ 802.11 wireless LAN MAC protocols: Three broad classes ❒ Channel Partitioning ❍ Divide channel into smaller “pieces” (time slots, frequency) ❍ Allocate piece to node for exclusive use ❒ Random
    [Show full text]
  • Medium Access Control Layer
    Telematics Chapter 5: Medium Access Control Sublayer User Server watching with video Beispielbildvideo clip clips Application Layer Application Layer Presentation Layer Presentation Layer Session Layer Session Layer Transport Layer Transport Layer Network Layer Network Layer Network Layer Univ.-Prof. Dr.-Ing. Jochen H. Schiller Data Link Layer Data Link Layer Data Link Layer Computer Systems and Telematics (CST) Physical Layer Physical Layer Physical Layer Institute of Computer Science Freie Universität Berlin http://cst.mi.fu-berlin.de Contents ● Design Issues ● Metropolitan Area Networks ● Network Topologies (MAN) ● The Channel Allocation Problem ● Wide Area Networks (WAN) ● Multiple Access Protocols ● Frame Relay (historical) ● Ethernet ● ATM ● IEEE 802.2 – Logical Link Control ● SDH ● Token Bus (historical) ● Network Infrastructure ● Token Ring (historical) ● Virtual LANs ● Fiber Distributed Data Interface ● Structured Cabling Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 5: Medium Access Control Sublayer 5.2 Design Issues Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 5: Medium Access Control Sublayer 5.3 Design Issues ● Two kinds of connections in networks ● Point-to-point connections OSI Reference Model ● Broadcast (Multi-access channel, Application Layer Random access channel) Presentation Layer ● In a network with broadcast Session Layer connections ● Who gets the channel? Transport Layer Network Layer ● Protocols used to determine who gets next access to the channel Data Link Layer ● Medium Access Control (MAC) sublayer Physical Layer Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 5: Medium Access Control Sublayer 5.4 Network Types for the Local Range ● LLC layer: uniform interface and same frame format to upper layers ● MAC layer: defines medium access ..
    [Show full text]
  • Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns
    NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel Karen Scarfone Paul Wouters This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 C O M P U T E R S E C U R I T Y NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel* Computer Security Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA Paul Wouters Red Hat Toronto, ON, Canada *Former employee; all work for this publication was done while at NIST This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 June 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • Network Layer Security Adaptation Profile
    Recommendation for Space Data System Standards NETWORK LAYER SECURITY ADAPTATION PROFILE RECOMMENDED STANDARD CCSDS 356.0-B-1 BLUE BOOK June 2018 Recommendation for Space Data System Standards NETWORK LAYER SECURITY ADAPTATION PROFILE RECOMMENDED STANDARD CCSDS 356.0-B-1 BLUE BOOK June 2018 RECOMMENDED STANDARD FOR NETWORK LAYER SECURITY ADAPTATION PROFILE AUTHORITY Issue: Recommended Standard, Issue 1 Date: June 2018 Location: Washington, DC, USA This document has been approved for publication by the Management Council of the Consultative Committee for Space Data Systems (CCSDS) and represents the consensus technical agreement of the participating CCSDS Member Agencies. The procedure for review and authorization of CCSDS documents is detailed in Organization and Processes for the Consultative Committee for Space Data Systems (CCSDS A02.1-Y-4), and the record of Agency participation in the authorization of this document can be obtained from the CCSDS Secretariat at the e-mail address below. This document is published and maintained by: CCSDS Secretariat National Aeronautics and Space Administration Washington, DC, USA E-mail: [email protected] CCSDS 356.0-B-1 Page i June 2018 RECOMMENDED STANDARD FOR NETWORK LAYER SECURITY ADAPTATION PROFILE STATEMENT OF INTENT The Consultative Committee for Space Data Systems (CCSDS) is an organization officially established by the management of its members. The Committee meets periodically to address data systems problems that are common to all participants, and to formulate sound technical solutions to these problems. Inasmuch as participation in the CCSDS is completely voluntary, the results of Committee actions are termed Recommended Standards and are not considered binding on any Agency.
    [Show full text]
  • Guidelines for the Secure Deployment of Ipv6
    Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks NIST Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 December 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Dr. Patrick D. Gallagher, Director GUIDELINES FOR THE SECURE DEPLOYMENT OF IPV6 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-119 Natl. Inst. Stand. Technol. Spec. Publ. 800-119, 188 pages (Dec. 2010) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]
  • Chapter 6: Medium Access Control Layer
    Chapter 6: Medium Access Control Layer Chapter 6: Roadmap " Overview! " Wireless MAC protocols! " Carrier Sense Multiple Access! " Multiple Access with Collision Avoidance (MACA) and MACAW! " MACA By Invitation! " IEEE 802.11! " IEEE 802.15.4 and ZigBee! " Characteristics of MAC Protocols in Sensor Networks! " Energy Efficiency! " Scalability! " Adaptability! " Low Latency and Predictability! " Reliability! " Contention-Free MAC Protocols! " Contention-Based MAC Protocols! " Hybrid MAC Protocols! Fundamentals of Wireless Sensor Networks: Theory and Practice Waltenegus Dargie and Christian Poellabauer © 2010 John Wiley & Sons Ltd. 2! Medium Access Control " In most networks, multiple nodes share a communication medium for transmitting their data packets! " The medium access control (MAC) protocol is primarily responsible for regulating access to the shared medium! " The choice of MAC protocol has a direct bearing on the reliability and efficiency of network transmissions! " due to errors and interferences in wireless communications and to other challenges! " Energy efficiency also affects the design of the MAC protocol! " trade energy efficiency for increased latency or a reduction in throughput or fairness! Fundamentals of Wireless Sensor Networks: Theory and Practice Waltenegus Dargie and Christian Poellabauer © 2010 John Wiley & Sons Ltd. 3! 1! Overview " Responsibilities of MAC layer include:! " decide when a node accesses a shared medium! " resolve any potential conflicts between competing nodes! " correct communication errors occurring at the physical layer! " perform other activities such as framing, addressing, and flow control! " Second layer of the OSI reference model (data link layer) or the IEEE 802 reference model (which divides data link layer into logical link control and medium access control layer)! Fundamentals of Wireless Sensor Networks: Theory and Practice Waltenegus Dargie and Christian Poellabauer © 2010 John Wiley & Sons Ltd.
    [Show full text]
  • Data Link Layer Design Issues • Error Detection and Correction • Elementary Data Link Protocols • Sliding Window Protocols • Example Data Link Protocols
    The Data Link Layer Chapter 3 • Data Link Layer Design Issues • Error Detection and Correction • Elementary Data Link Protocols • Sliding Window Protocols • Example Data Link Protocols Revised: August 2011 CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011 The Data Link Layer Application Responsible for delivering frames of information over a single link Transport Network • Handles transmission errors and Link regulates the flow of data Physical CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011 Data Link Layer Design Issues • Frames » • Possible services » • Framing methods » • Error control » • Flow control » CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011 Frames Link layer accepts packets from the network layer, and encapsulates them into frames that it sends using the physical layer; reception is the opposite process Network Link Virtual data path Physical Actual data path CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011 Possible Services Unacknowledged connectionless service • Frame is sent with no connection / error recovery • Ethernet is example Acknowledged connectionless service • Frame is sent with retransmissions if needed • Very unreliable channels; Example is 802.11 • NOTE: DL acknowledgement is an optimization to improve performance for unreliable channels, ACKs can also be done at higher layers Acknowledged connection-oriented service • Connection is set up; rare • Long
    [Show full text]
  • 1.7 Link-Layer Addressing
    ROHINI COLLEGE OF ENGINEERING &TECHNOLOGY 1.7 LINK-LAYER ADDRESSING A link-layer address is called a link address, called a physical address, and sometimes a MAC address. Since a link is controlled at the data-link layer, the addresses need to belong to the data-link layer. When a datagram passes from the network layer to the data-link layer,the datagram will be encapsulated in a frame and two data-link addresses are added to the frame header.These two addresses are changed every time the frame moves from one link to another. Figure 1.7.1 shows, IP addresses and link-layer addresses in a small internet. This is easy to understand. Fig1.7.1: IP addresses and link-layer addresses in a small internet. [Source :”Data Communications and Networking” by Behrouz A. Forouzan,Page-243] Here we have three links and two routers. We have two hosts: Alice (source) and Bob (destination). For each host, we have shown two addresses, the IP addresses (N) and the link-layer addresses (L). EC8551 COMMUNICATION NETWORKS ROHINI COLLEGE OF ENGINEERING &TECHNOLOGY We have three frames, one in each link.Each frame carries the same datagram with the same source and destination addresses (N1 and N8), but the link-layer addresses of the frame change from link to link. In link 1, the link-layer addresses are L1 and L2. In link 2, they are L4 and L5. In link 3, they are L7 and L8. Note that the IP addresses and the link-layer addresses are not in the same order.
    [Show full text]
  • Lecture 16: TCP/IP Vulnerabilities and Dos Attacks: IP Spoofing, SYN Flooding, and the Shrew Dos Attack
    Lecture 16: TCP/IP Vulnerabilities and DoS Attacks: IP Spoofing, SYN Flooding, and The Shrew DoS Attack Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) March 16, 2021 5:43pm ©2021 Avinash Kak, Purdue University Goals: • To review the IP and TCP packet headers • Controlling TCP Traffic Congestion and the Shrew DoS Attack • The TCP SYN Flood Attack for Denial of Service • IP Source Address Spoofing Attacks • BCP 38 for Thwarting IP Address Spoofing for DoS Attacks • Python and Perl Scripts for Mounting DoS Attacks with IP Address Spoofing and SYN Flooding • Troubleshooting Networks with the Netstat Utility CONTENTS Section Title Page 16.1 TCP and IP 3 16.2 The TCP/IP Protocol Stack 5 16.3 The Network Layer (also known as the Internet 14 Layer or the IP Layer) 16.4 TCP, The Transport Layer Protocol for Reliable 25 Communications 16.5 TCP versus IP 34 16.6 How TCP Breaks Up a Byte Stream That 36 Needs to be Sent to a Receiver 16.7 The TCP State Transition Diagram 38 16.8 A Demonstration of the 3-Way Handshake 44 16.9 Splitting the Handshake for Establishing 52 a TCP Connection 16.10 TCP Timers 58 16.11 TCP Congestion Control and the Shrew DoS Attack 60 16.12 SYN Flooding 68 16.13 IP Source Address Spoofing for SYN Flood 71 DoS Attacks 16.14 Thwarting IP Source Address Spoofing With BCP 38 84 16.15 Demonstrating DoS through IP Address Spoofing and 89 SYN Flooding When The Attacking and The Attacked Hosts Are in The Same LAN 16.16 Using the Netstat Utility for Troubleshooting 103 Networks 16.17 Homework Problems 113 Computer and Network Security by Avi Kak Lecture 16 Back to TOC 16.1 TCP and IP • We now live in a world in which the acronyms TCP and IP are almost as familiar as some other computer-related words like bits, bytes, megabytes, etc.
    [Show full text]
  • Network Layer and IP Protocol
    1 NetworkNetwork Layer:Layer: NetworkNetwork LayerLayer andand IPIP ProtocolProtocol Required reading: Garcia 7.3.3, 8.1, 8.2.1 CSE 3213, Winter 2010 Instructor: N. Vlajic 2 1. Introduction 2. Router Architecture 3. Network Layer Protocols in the Internet 4. IPv4 5. IP Addressing and Subnetting Introduction 3 Network Layer – supervises host-to-host packet delivery – hosts could be separated by several physical networks • data-link layer provides node-to-node delivery, transport layer provides process-to-process delivery Major (Basic) Network Layer Duties • addressing: identify each device uniquely to allow global communication • routing: determine optimal route for sending a packet from one host to another • packetizing: encapsulate packets received from upper-layer protocols • fragmenting: decapsulate packets from one and encapsulate them for another network Introduction (cont.) 4 Example [ network layer duties in the Internet, at the SOURCE ] find interface from which packet must be sent encapsulate packet from upper layer, i.e. add header: 1) add universal source and destination address; 2) add fields for error control, etc. verify whether destination address is make sure packet is of host address – if so, correct size for data- routing is not needed Internet network layer at the SOURCE link layer, i.e. protocol Introduction (cont.) 5 Example cont. [ network layer duties in the Internet, at a ROUTER ] check if packet has reached its final destination or needs to be forwarded (TTL!) + header error checking !!! Internet network layer at a ROUTER find interface from which packet must be sent Introduction (cont.) 6 Example cont. [ network layer duties in the Internet, at the DESTINATION ] verify whether Internet network layer at the DESTINATION if packet has been destination fragmented, wait address is until all fragments host address have arrived, reassemble them, and then deliver the check if packet has reassembled packet been corrupted to transport layer during transmission 7 1.
    [Show full text]
  • Chapter 5 Link Layer
    Chapter 5 Link Layer Computer Networking: A Top Down Approach th 6 edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights Reserved Link Layer 5-1 Chapter 5: Link layer our goals: v understand principles behind link layer services: § error detection, correction § sharing a broadcast channel: multiple access § link layer addressing § local area networks: Ethernet, VLANs v instantiation, implementation of various link layer technologies Link Layer 5-2 Link layer, LANs: outline 5.1 introduction, services 5.5 link virtualization: 5.2 error detection, MPLS correction 5.6 data center 5.3 multiple access networking protocols 5.7 a day in the life of a 5.4 LANs web request § addressing, ARP § Ethernet § switches § VLANS Link Layer 5-3 Link layer: introduction terminology: v hosts and routers: nodes global ISP v communication channels that connect adjacent nodes along communication path: links § wired links § wireless links § LANs v layer-2 packet: frame, encapsulates datagram data-link layer has responsibility of transferring datagram from one node to physically adjacent node over a link Link Layer 5-4 Link layer: context v datagram transferred by transportation analogy: different link protocols over v trip from Princeton to Lausanne different links: § limo: Princeton to JFK § e.g., Ethernet on first link, § plane: JFK to Geneva frame relay on § train: Geneva to Lausanne intermediate links, 802.11 v tourist = datagram on last link v transport segment = v each link protocol
    [Show full text]