lecture in color

Networking:

So far, we've only worked on configuring specific hosts. This is easy in isolation from other hosts.
The real action comes in network administration when we must coordinate actions of multiple hosts.
To do this, we must understand the network that connects them.
Reference: Burgess Chapter 3

How a network is born:

Standards: encourage multiple vendors/bodies to agree on how the net works.
Three main standards organizations:
- IEEE: Institute of Electrical and Electronic Engineers.
- ISO: International Standards Organization.
- Internet RFC's: Requests for comments
Standards formation: like passing a law in congress:
- Propose idea.
- Committee studies idea.
- If good, propose as a standard.
- Discussion.
- Vote.
- We have a new standard!

One small editorial comment on standards

Standards committees are supposed to be made of technical experts.
In practice, they're made of politicians, just the Internet kind.
Funny story: the standards committee on C and C++ was working on `standardizing' floating point hexadecimal notation.
- 0x34.2 = 00111000.0010 = 001110000010 / 010000 (base 2) !
- this is silly enough, except that there is a conflicting standard:
  - a trailing 'f' means single precision (1.2f).
- So what does 0x1f.ff mean?
  - 0x1f.f in single precision?
  - 0x1f.ff in double precision?
- Still no resolution to this issue as far as I know!

Networking concepts

Protocols: how network devices communicate.
Layers: how one builds complex protocols from simple ones.
Client/server computing: how network devices provide services.

Protocols

A protocol is a method by which two devices achieve communication and mutual understanding.
analogy is diplomacy: the process by which two countries communicate about their needs.
simple protocol:
- I say "hello".
- You say "How are you?"
- I say "Fine, thanks."
meaning of protocol: everything's OK.

Layers

Complex protocols are built incrementally in layers
Each layer uses the features of the previous one.
Rough example: speaking English:
- Layer 1: meaning of words: dictionary
- Layer 2: context: determine which definition to use based upon context of conversation.
- Layer 3: task: determines which words to use to accomplish a specific mission.
Rough example: party conversation.
- Layer 1: smalltalk, establishing communication.
- Layer 2: image, telling the stories you want to tell, projecting an image.
- Layer 3: mission, accomplishing goals, etc.

Client/server computing

Client: that which requires information/services.
Server: that which provides required information/services.
"It is illogical to withhold required information!" (Star Trek, the movie).
Examples:
- network file system: coordinate file users (clients) with file sources (servers).
- name services: coordinate stations needing name translations (clients) with hosts providing name service (servers).

Network layers:

start with physical wire.
end at application level, e.g., "electronic mail".
By layering more complex protocols on top of simpler ones.
Key to understanding networking: OSI/ISO reference model.

OSI/ISO Reference Model:

 +---------------------+
 | Application Layer   |  how devices agree on the meaning of data
 +---------------------+     mayor
 | Presentation Layer  |  how devices agree on the format of data
 +---------------------+     town meetings
 | Session Layer       |  how neighboring devices establish channels of info
 +---------------------+     community cable
 | Transport Layer     |  how to avoid communication errors between devices
 +---------------------+     libel suits/lawyers
 | Network Layer       |  how non-neighboring devices communicate 
 +---------------------+     gossip
 | Data Link Layer     |  how neighboring devices communicate
 +---------------------+     talking over the fence
 | Physical Layer      |  how devices are physically connected 
 +---------------------+     back fences

Running joke among netadmins: the 9 layers of the OSI reference model:

 +---------------------+
 | Political Layer     |  how devices agree on what to spend. (you are here) 
 +---------------------+
 | Financial Layer     |  how devices agree on what to buy. 
 +---------------------+
 | Application Layer   |  how devices agree on the meaning of data.
 +---------------------+     
 | Presentation Layer  |  how devices agree on the format of data
 +---------------------+     
 | Session Layer       |  how neighboring devices establish channels of info
 +---------------------+    
 | Transport Layer     |  how to avoid communication errors between devices
 +---------------------+   
 | Network Layer       |  how non-neighboring devices communicate 
 +---------------------+  
 | Data Link Layer     |  how neighboring devices communicate
 +---------------------+
 | Physical Layer      |  how devices are physically connected 
 +---------------------+

General comments:

network devices understand layers from the bottom up.
the more levels a device understands, the more sophisticated it is and the more involved it is to configure.

we roughly name devices according to the level of information they can interpret.

 +---------------------+
 | Application Layer   | \
 +---------------------+  +- `gateways' (application semantics) 
 | Presentation Layer  | /
 +---------------------+ 
 | Session Layer       | \
 +---------------------+  +- routers (global addressing)
 | Transport Layer     | /
 +---------------------+  
 | Network Layer       |  switches (local address) 
 +---------------------+  
 | Data Link Layer     |  hubs, repeaters (signal multiplexing) 
 +---------------------+         
 | Physical Layer      |  transceivers (signal conversion) 
 +---------------------+

Internet concepts:

Local area network(LAN): a small cluster of machines networked together within a site or building.
local address: the address of a machine on a local-area network.
Wide-area network (WAN): a network spanning multiple organizations or buildings.
Internet: a global network connecting all machines in the world.
global address: the address of a machine on the whole internet.

A brief map of internet technologies to ISO model:

 +---------------------+
 | Application Layer   |  IMAP, POP, TELNET, SSH, .... 
 +---------------------+  
 | Presentation Layer  |  RPC
 +---------------------+ 
 | Session Layer       |  Transmission Control Protocol (TCP)  \  Internet
 +---------------------+                                        + Protocol (IP)
 | Transport Layer     |  User Datagram Protocol (UDP)         /  (Internet
 +---------------------+                                           address) 
 | Network Layer       |  Media Access Control (MAC address: ethernet) 
 +---------------------+  
 | Data Link Layer     |  point-to-point communication 
 +---------------------+         
 | Physical Layer      |  point-to-point connectivity 
 +---------------------+

Protocol stack

This set of layers acts like a stack (``the protocol stack'').
Each layer uses the one beneath it to communicate.
Information to be sent starts at a particular level and gets sent downward in the stack until it is sent on the physical level.

The receiver interprets the info by allowing it to propogate upward to the appropriate level.

 +---------------------+                         +---------------------+
 | Application Layer   | v                     ^ | Application Layer   |  
 +---------------------+ |                     | +---------------------+ 
 | Presentation Layer  | |                     | | Presentation Layer  |  
 +---------------------+ |                     | +---------------------+ 
 | Session Layer       | |                     | | Session Layer       |  
 +---------------------+ |                     | +---------------------+
 | Transport Layer     | |                     | | Transport Layer     |  
 +---------------------+ |                     | +---------------------+
 | Network Layer       | |                     | | Network Layer       | 
 +---------------------+ |                     | +---------------------+
 | Data Link Layer     | |                     | | Data Link Layer     | 
 +---------------------+ |                     | +---------------------+ 
 | Physical Layer      | +---------------------+ | Physical Layer      |
 +---------------------+                         +---------------------+

Typical example of layering in action:

 host        repeater    router      host
 [ App ]>    [ App ]     [ App ]    >[ App ] 
 [ Pre ]|    [ Pre ]     [ Pre ]    |[ Pre ]
 [ Ses ]|    [ Ses ]     [ Ses ]    |[ Ses ]
 [ Trn ]|    [ Trn ]    +[ Trn ]+   |[ Trn ]
 [ Net ]|    [ Net ]    |[ Net ]|   |[ Net ]
 [ Lnk ]|   +[ Lnk ]+   |[ Lnk ]|   |[ Lnk ]
 [ Phy ]+-->+[ Phy ]+-->|[ Phy ]+-->+[ Phy ]

Encapsulation:

A device can initiate transfer of information at almost any level.
A level introduces information in the form of packets that it forwards to lower levels.

Each level adds its own header and trailer and forwards the packet to the next level down.

 [ App ]                           DATA
 [ Pre ]                      PreH DATA PreT
 [ Ses ]                 SesH PreH DATA PreT SesT
 [ Trn ]            TrnH SesH PreH DATA PreT SesT TrnT
 [ Net ]       NetH TrnH SesH PreH DATA PreT SesT TrnT NetT
 [ Lnk ]  LnkH NetH TrnH SesH PreH DATA PreT SesT TrnT NetT LnkT
 [ Phy ]

The receiving device UNWRAPS the packet in the same way it was wrapped, removing info upper layers SHOULDN'T KNOW!
A layer can have an empty header and/or trailer.

Case study: telnet/ssh

Telnet and ssh are application protocols.
When you type a character, it's sent in a packet.
The packet gets wrapped with a TCP header, then an IP header, then a MAC header, then sent.
When received, it's unwrapped and the server receives the character.
But on the transmission line, we didn't just send the characters, but also three headers (TCP, IP, and MAC).

Here's what a single character message looks like using Sun's `snoop' program: (in this case, from server to client)

 ETHER:  ----- Ether Header -----
 ETHER:  
 ETHER:  Packet 2 arrived at 15:07:10.24
 ETHER:  Packet size = 94 bytes
 ETHER:  Destination = 8:0:20:7a:67:e9, Sun LAN address 
 ETHER:  Source      = 8:0:20:b0:17:e, Sun LAN address 
 ETHER:  Ethertype = 0800 (IP)
 ETHER:  
 IP:   ----- IP Header -----
 IP:   
 IP:   Version = 4
 IP:   Header length = 20 bytes
 IP:   Type of service = 0x00
 IP:         xxx. .... = 0 (precedence)
 IP:         ...0 .... = normal delay
 IP:         .... 0... = normal throughput
 IP:         .... .0.. = normal reliability
 IP:   Total length = 80 bytes
 IP:   Identification = 6587
 IP:   Flags = 0x4
 IP:         .1.. .... = do not fragment
 IP:         ..0. .... = last fragment
 IP:   Fragment offset = 0 bytes
 IP:   Time to live = 255 seconds/hops
 IP:   Protocol = 6 (TCP)
 IP:   Header checksum = 2ea1
 IP:   Source address = 130.64.23.39, Conbrio.EECS.Tufts.EDU
       global 
 IP:   Destination address = 130.64.23.164, Blackhole.EECS.Tufts.EDU
       global 
 IP:   No options
 IP:   
 TCP:  ----- TCP Header -----
 TCP:  
 TCP:  Source port = 22  ssh daemon 
 TCP:  Destination port = 33158  ssh client
 TCP:  Sequence number = 278287127
 TCP:  Acknowledgement number = 1357088868
 TCP:  Data offset = 20 bytes
 TCP:  Flags = 0x18
 TCP:        ..0. .... = No urgent pointer
 TCP:        ...1 .... = Acknowledgement
 TCP:        .... 1... = Push
 TCP:        .... .0.. = No reset
 TCP:        .... ..0. = No Syn
 TCP:        .... ...0 = No Fin
 TCP:  Window = 8760
 TCP:  Checksum = 0xda12
 TCP:  Urgent pointer = 0
 TCP:  No options

That's right, a single character takes 94 characters to transmit!

TCP/IP: Transmission Control Protocol/Internet Protocol

IP: provides global naming scheme:

 [  ?  ]                                Data raw data 
 [ Net ]                 [IP Addresses] Data global address
 [ Lnk ] [MAC Addresses] [IP Addresses] Data local address

TCP: allows sessions on top of that

 [  ?  ]                              Data
 [ Ses ]                    [TCP head]Data packet/sequence number 
 [ Net ]           [IP head][TCP head]Data global address 
 [ Lnk ] [MAC head][IP head][TCP head]Data local address

 OSI                     TCP/IP          TCP             UDP
 Application             Application     stream          message
 Session/Transport       Transport       segment         packet
 Network                 Internet        datagram        datagram

TCP: Transmission Control Protocol

stream based; handles stream dissassembly and reassembly.
connection: stateful:
- negotiation: two machines start talking
- session: one conversation.
- closure: stop talking.
- EX: telnet, ssh.
reliable: you're assured that your data is sent.
roughly corresponds to ISO session layer.
metaphor: a two-way pipe of data between processes on differing machines.

UDP: User Datagram Protocol

packet based: one `message' at a time. `Message passing'.
unreliable: you have no guarantee that the packet you sent actually got there. It could be dropped.
roughly corresponds to ISO transport layer
metaphor: a single message between two processes on differing machines.

Reliability and `drops'

Networks aren't perfect.
Packets can be dropped.
A dropped packet simply never arrives at its destination.

Let's build ourselves a network:

Example: our Lin* network:

 Internet
   | 2xT3
 Tufts backbone
   | 1000/FX
 EECS NAT firewall 
   | 2x1000/FX  1000/FX
 EECS router----------- [switch]
   |1000/FX            /    |   \  100/T : 100 Mbits/second
   |                 lin00 lin01 lin02 ...
 [switch]
   | 100/T
 conmoto

100/T: '100-base-T': 100 megabits/second over copper cables.
1000/T: '1000-base-T': 1 gigabit/second over copper cables.
1000/FX: '100-base-FX': 1 gigabit/second over optical fiber.

First step: the physical layer:

Many kinds of Ethernet
- Thinnet
- Thicknet
- Twisted-Pair (10/T)
Other kinds of physical layers:
- Token-ring
- Frame-relay
For this class, we concentrate on Ethernet.

thicknet(AUI):

original 'ethernet'
bulky (multi-conductor)
fragile
limited runlength
segments must be multiples of fixed length
This is a pain.

thinnet:

coax (two conductor cable)
thin
long run-length,
vampire-taps,
segments must be on multiples of .5 meters.
BNC connectors (like video)
easy to wire: snake the cable everywhere and tap into where needed.
failure of cable (or station) takes down whole segment (and all stations connected to it).
This is cheap but even more of a pain.

twisted pair:

telco-like cable (not telco),
RJ-45 connectors (similar to, but larger than RJ11 two line phone connectors).
six conductors in cable.
robust
point-to-point
failure points isolated.
wiring cost much higher because one must wire one's network in a star!
must buy lots of hubs/switches!

The link layer: ethernet.

thicknet, thinnet: 'bussed' communication (IEEE 802.3).
IEEE 802.3: standard for
- wiring
- protocol for machine-machine communication.

Basics of ethernet: simple model (thinnet)

all machines connected to one wire (with another wire as a ground reference).

  ---------+------------+----------+-----------+---------- signal
           |            |
          machine 1   machine 2
           |            |
  ---------+------------+----------+-----------+---------- ground

if any station shorts the signal wire to ground, the signal becomes the same as ground from the point of view of all stations.
Every other station sees this short when one station does it.
one bit wire-or `bus'. anyone can transmit or receive on it.

Representing a message

messages on the wire are expressed as binary voltage differences between ground and a reference voltage.
each message is called an `ethernet packet'.
messages are binary streams of 1's and 0's.
each 1 or 0 is expressed by a transition in voltage (manchester encoding).

Sending a message

to send a message, machines listen on the wire for a lull in activity.
A machine starts sending a message when it thinks the wire is free of messages from other machines.
There can be collisions due to the delay between a machine's inference that the line is free and the machine's transmission of a packet.

Messages from all machines are wire-or'd into one data stream.

    [[[[[[[[[ is a packet. 
    -----------[[[[[[[[[------------------[[[[[[[[-------[[[[[[[[--- M1
  + -----------------------[[[[[[[[[[[------------------------------ M2
  + ---------------------------------------------------[[[[[[[[----- M3
  = -----------[[[[[[[[[---[[[[[[[[[[[----[[[[[[[[-----[[[[[[[[[[--- result
               clean!      clean!         clean!       collision!

logical 'or' of packets can result in clean packet or collision.

Packet structure

Each packet starts with a preamble that determines source and destination machine addresses.
These are local addresses (also called MAC addresses, `Media Access Control')
Each machine reads and writes two kinds of packets:
- broadcasts intended for all machines (special MAC address)
- directed packets intended for one and only one machine.
Each machine reads all broadcasts and only those directed packets that are intended for that one machine. (unless you configure it differently).
except for a special promiscuous mode': in this mode the interface reads every packet whether or not it's for you. nice for debugging networks and stealing passwords.

Modern ethernet: 10/T, 100/T, 1000/T

10/T: 10 MegaBits/second transmit rate
100/T: 100 MegaBit/second transmit rate
1000/T: 1 GigaBit/second transmit rate
point to point.
hubs replace busses, contain complex electronics ($).
`twisted pair'

Wiring 10,100,1000/T:

4 conductor phone wires, RJ-11 8 conductor jack, using only pins:

   DTE mapping: on the back of a workstation
   1  TX+             [  Transmit pair wire 1
   2  TX-             [  Transmit pair wire 2
   3  RX+             [  Receive pair wire 1
   4  UNUSED          (ground plane) 
   5  UNUSED          (ground plane) 
   6  RX-             [  Receive pair wire 2
   7  UNUSED          (ground plane) 
   8  UNUSED          (ground plane) 
 
   DCE mapping: on the back of a hub or concentrator
   1  RX+             [  Receive pair wire 1
   2  RX-             [  Receive pair wire 2
   3  TX+             [  Transmit pair wire 1
   4  UNUSED          (ground plane) 
   5  UNUSED          (ground plane) 
   6  TX-             [  Transmit pair wire 2
   7  UNUSED          (ground plane) 
   8  UNUSED          (ground plane)

DTE: Data Terminal Equipment: End-user node, server node.
DCE: Data Communications Equipment: hub, router, switch, modem, etc.

Basic game: connect transmit to receive, receive to transmit!

      SWITCH          COMPUTER
   1  RX+             TX+
   2  RX-             TX-
   3  TX+             RX+
   4  GND             GND
   5  GND             GND
   6  TX-             RX-
   7  GND             GND
   8  GND             GND

How 10,100,1000/T works:

wire-or bus replaced by two busses between switch and machine.
Each device talks on its TX and listens on its RX.
Switches enable talking to computers in full duplex mode (TX and RX independent, both devices can talk at same time).
Hubs only allow talking in half-duplex mode (RX echoes TX, wire-or occurs inside hub).
This is why switches are much more expensive than hubs!
In the dorms: have hubs, want switches.

Crossover:

you can always connect DTE DIRECTLY to DCE by means of a CROSSOVER cable (NULL cable) :

   1 ----- 3   (transmit to receive, receive to transmit) 
   2 ----- 6
   3 ----- 1
   6 ----- 2

If you have two machines, you don't need a hub! $100 saved.

Comments on all ethernet link layers:

collisions: packets get lost
protocol: complex requirements for avoiding collisions and for packet recovery when lost.
- half hardware, half software,
- usually encoded into special hardware contained on the 'ethernet board'.
- older boards do this in software.
lies, damn lies, and bandwidth estimates.

Collisions:

Machines try to avoid sending messages at the same time.
look at wire
if someone talking, desist.
if no one talking, you can send a packet.
if this process fails, collisions occur.

happens when two machines find a free wire at roughly the same time.

    -----------[[[[[[[[[------------------[[[[[[[[------------------ M1
  + ------------[[[[[[[[[------------------------------------------- M2
  = -----------[XXXXXXXX[-----------------[[[[[[[[------------------ result
                ^^^^^^^^ collision between two packets. both packets lost

Detecting collisions:

collisions are detected via use of checksums:
sum up words in message, and append sum to header of message.
if the words you get don't sum up to the sum you get, oops!

Dealing with collisions:

The result of a collision is a garbled message.
802.3: After a collision, both machines try again with increasing delays between tries (exponential backoff).
This guarantees that eventually, one machine will send its message before the other can mistake the channel for blank.
distance between packets in time is shorter than time it takes to set up communication after seeing a clear line.

This and the speed of light determine line length limits!

    -----[[[[[[[[---------[[[[[[[[----------------------------------
    ------[[[[[[[[------------........------------------------------
         ^^^^^^^^ sends too close for collision avoidance: oops!
                          ^^^^^^^^^ here machine 1 gets the wire 
                              ^^^^^^^^ machine 2 checks the wire, loses race

lies, damn lies, and bandwidth calculations

ethernet's advertised bandwidth is 10, 100, or 1000 megabits/second.
But collision resolution gets completely out of hand when a half-duplex wire exceeds 3,30, or 300 megabits/second respectively. (30% overhead).
At 50% overhead, almost no information gets through.
Only exception: two machines connected together by an otherwise unfettered wire in full duplex.
Point-to-point independent connections can run at advertised bandwidth.
- half duplex: one machine can talk at a time.
- full duplex: both machines on a p-to-p link can talk simultaneously.
10 mbit half to 100 mbit full = x30.

RS232 (modem-to-computer) connections: also called SERIAL

DB25 connector (25 pins) or DB9 connector (PC, 9 pins)

Meant to connect a local computer and a remote one through a modem:

 computer <------> modem <-------> modem <-------> computer
        DTE      DCE       phone       DCE       DTE
                           line

Pin map looks similar to the map for T/P ethernet:

DCE: Data Communications Equipment: on the back of your modem.

 DCE pin map: (most common signals)               direction of signal
 1       chassis ground (shield for cable).                 ..
 2       TXD     transmit data                              -> 
 3       RXD     receive data                               <-
 4       RTS     request to send                            ->
                 (1 when terminal ready to send data)
 5       CTS      clear to send                             <-
                 (1 when ok to send it)
                 'hardware flow control' 
 7       signal ground
 8       DCD     data carrier detect                        ->
                 (1 when modem connected to another) 
 20      DTR     data terminal ready                        <-
                 (1 when terminal ready)

DTE: Data Terminal Equipment: on the back of your computer.

 DTE pin map: (most common signals)               direction of signal
 1       chassis ground (shield for cable).                 ..
 2       RXD     receive data                               <-
 3       TXD     transmit data                              -> 
 5       RTS     request to send                            ->
 4       CTS     clear to send                              <-
 7       signal ground
 8       DTR     data terminal ready                        <-
 20      DCD     data carrier detect                        ->

RS232 function:

by nature, point to point communication (no network layer).
normally full duplex: talk on TXD, listen on RXD.
To talk, must connect TXD to RXD and RXD to TXD.

Null modems:

connect two serial devices without the modem

utilize _CROSSOVER_ cables between devices.

       1  --------  1
 TXD   2  --------  3  RXD
 RXD   3  --------  2  TXD
 RTS   4  --------  5  CTS
 CTS   5  --------  4  RTS
       7  --------  7
 DCD   8  -------- 20  DTR
 DTR  20  --------  8  DCD

RS232 speeds:

Standard bank of speeds.
300,600,1200,2400,4800,9600,19200,38400,57600,112000 bits per second (baud).
baud/10 =~ characters per second (raw rate)
compression technologies allow one to send more.

RS232 data format:

Two logic levels corresponding to voltage level: 1 and 0.
line starts out at logic 0.
After a start bit there are 6, 7, or 8 data bits followed by an optional parity bit and one or two stop bits.
Confusing: bits are transmitted in binary right to left!

Example: one start bit, 8 data, no parity, one stop bit:

ASCII 'C' = 67 (base 10) = 1000011 (base 2) so to send it one would send

 1 1 1 0 0 0 0 1 0 1
 ^                    start bit
   ^^^^^^^^^^^^^^^    8 data bits backwards
                   ^ one stop bit

Parity bit is binary parity of data bits
- 1 represents odd number of 1's,
- 0 represents even number of 1's

Point-to-point protocol:

IP over RS232.
one host connected to another through serial link and optional modem.
software unwraps IP packets, sends through interface, re-wraps as IP packets on other end.
two phases in a ppp connection:
1. negotiation: two computers talk to one another, figure out what to agree upon for ip addresses, compression methods, etc. Ppp uses a symmetric negotiation: either host can specify the appropriate parameters.
2. link: use these agreed upon parameters and establish a link.
typical use: home internet access (to be obsoleted by Cable Modems).

Illusions:

If your modem and your computer both compress data, they work against one another.
compression reduces the length of data, not content.
- compress once -> get to minimal length.
- compress again -> no gain.
This means a slowdown of compression, and decompression!