Post on 11-Jan-2016
Cosc 2150:Computer Organization
Chapter 12:Network Organization and Architecture
Chapter 12 Objectives
• Become familiar with the fundamentals of network architectures.
• Learn the basic components of a local area network.
• Become familiar with the general architecture of the Internet.
Bandwidth
• Bit (b) = a unit of information, 0 or 1—10 bits can represent 1024 different messages—20 bits represent > 1 million—30 bits > 1 billion messages
• The bandwidth of a communication channel = number of bits per second it transmits
• All channels have limited bandwidth• One byte (B) = 8 bits (an octet)• Transmitting 1 MB at 56K bps takes 143 sec.• 1 GB = gigabyte takes 40 hours
—at 7Mbps 19 minutes; at 1 Gbps takes 8 seconds)• Latency = delay from first bit transmitted to first
received
Progress of Technology
• Have more disk storage—1971: 10 MB—2001: 80,000 MB —2008: 1,000,000 MB (1 TB)
• Higher communication speeds—Human speech: 30 bits/sec—1971 Modem 300 bits/sec—2001 Modem: 56,000 bits/sec—T1 line: 1,544,000 bits/sec—Internet 2: 1,000,000,000 bits/sec—Nortel: 1,000,000,000,000 bits/sec in 1 fiber
(entire U.S. telephone traffic)
IMPROVEMENT: 8000 x
1971-2001IMPROVEMENT:
3 BILLION x
BANDWIDTH APPLICATION TECHNOLOGY
Streaming Video + Voice
Browsing, Audio
E-mail, FTP
Paging
Video Conferencing, Multimedia
Telnet
ISDN
FDDI
T3/E3
T1/E1
New Modem
Wireless WAN
Old Modem
4.8
19.2
56K
128K
T3 = 44.7 Mb
OC3 = 155 Mb
In Kbps
Virtual Reality, Medical Imaging
1 gigabit
ADSL
Full-motion HDTV
GigabitEthernet
Copper
Fiber
Experimental1 terabitAll U.S. telephone conversations simultaneously
T1 = 1.544 Mb
DSL ~ 7 Mb
OC12 = 622 Mb
Human speech = 30 bps
Early Academic and Scientific Networks
• In the 1960s, the Advanced Research Projects Agency funded research under the auspices of the U.S. Department of Defense.
• Computers at that time were few and costly. In 1968, the Defense Department funded an interconnecting network to make the most of these precious resources.
• The network, DARPANet, designed by Bolt, Beranek, and Newman, had sufficient redundancy to withstand the loss of a good portion of the network.
• DARPANet, later turned over to the public domain, eventually evolved to become today’s Internet.
Some humor first
http://www.the5thwave.com/images/cartoons_computer/large/training/631lg.gif
OSI - The Model
• A layered model• Each layer performs a subset of the
required communication functions• Each layer relies on the next lower layer
to perform more primitive functions• Each layer provides services to the next
higher layer• Changes in one layer should not require
changes in other layers
OSI - The Model (2)
OSI Layers (1)• Transmission media (Layer 0 Hardware)
—cables between two network stations
• Physical (Layer 1 Hardware)—Physical interface between devices
– Mechanical– Electrical– Functional– Procedural
• Data Link (Layer 2 Hardware)—Means of activating, maintaining and deactivating
a reliable link—Error detection and control—Higher layers may assume error free transmission—transmits and receives frames, MAC protocol
belongs to this layer
OSI Layers (2)
• Network (layer 3 Hardware)—Transport of information—Higher layers do not need to know about
underlying technology—Not needed on direct links—Most high level Network protocols are in this
layer
• Transport (layer 4)—Exchange of data between end systems—Error free—In sequence—No losses—No duplicates—Quality of service
OSI Layers (3)
• Session (layer 5)—Control of dialogues between applications—Dialogue discipline—Grouping—Recovery
• Presentation (layer 6)—Data formats and coding—Data compression—Encryption
• Application (layer 7)—Means for applications to access OSI
environment
Network Hardware Outline
• layer 0: media—Cabling
• Layer 1: physical—repeaters, hubs
• Layer 2: Link layer —bridges, switches, and Collision domains
• Layer 3: Network layer—Router, router architecture.
Layer 0: Transmission media
• 10BASE2 standard—uses coax cable (like Cable TV wiring).
component pieces include BNC T connectors and BNC terminators
—Segments of cable had a maximum length of 185 meters
—Why 10BASE2? standards committee rounded 185 to 200, then shorten it.
—The 10 is for 10Mbps (megabits per second)
Layer 0: Transmission media (2)
• 10BASE-T—The T is for “twisted”, as in twisted-pair wires—The wire is normally called Category 3 (CAT3)
or better like CAT5—maximum length is 100 meters (328 feet),
• 10BASE-F—F stands for Fiber, or fiber optic media
Layer 0: Transmission media (3)
• 100BASE-T—covers the entire range of 100Mbps systems, all twisted
pair and fiber media—100BASE-TX, uses twisted pair cat-5 wire (100 meters
max length)—100BASE-FX, uses fiber.
• 1000BASE-T or Gigabit or GigE—covers the entire range of 1000Mbps systems.—Uses both Cat-5, Cat-5e and fiber
Layer 0: Transmission media (4)
• Multi-Gigabit Ethernet—10 Gbps Standard and working on faster, 50 to
100 Gbps standards—Cisco Announce 1 Zettabyte edge routers
(2008)– Fiber optic cabling.
• Cable connectors for Cat3 and Cat5—RJ-11 4 wire modular connected. Also used in
standard telephone cables. Cat 3 wires only.—RJ-45 8 wire connected. RJ-45 can be used to
connect 4 wire as well.
What if the max length is to short?
• The max length is where the signal degrades past the point of usefulness
• You will need to put a piece of network hardware.—What do you use?
– Depends on where it is connecting to
Distance Limitations
• Copper = Cat 5 wiring• MMF = Multimode fiber• SMF = Single-mode fiber
Fiber Optic
• Optical fiber supports three different transmission modes depending on the type of fiber used. —Single-mode fiber provides the fastest data
rates over the longest distances. It passes light at only one wavelength, typically, 850, 1300 or 1500 nanometers.
—Multimode fiber can carry several different light wavelengths simultaneously through a larger fiber core.
Fiber Optic
• Multimode graded index fiber also supports multiple wavelengths concurrently, but it does so in a more controlled manner than regular multimode fiber
• Unlike regular multimode fiber, light waves are confined to the area of the optical fiber that is suitable to propagating its particular wavelength. —Thus, different wavelengths concurrently
transmitted through the fiber do not interfere with each other.
• When an STS signal is passed over an optical carrier network, the signal is called OCx, where x is the carrier speed.
The fundamental SDH signal is STM-1, which conveys signals at a rate of 155.52Mbps.
The SONET hierarchy along with SDH is shown in the table.
•
•
High Capacity Digital Links
Ethernet
“dominant” Network/LAN technology: • cheap $20 for 1000Mbs!• first widely used LAN technology• Simpler, cheaper than token LANs and ATM• Kept up with speed race: 10, 100, 1000 Mbps
Metcalfe’s Ethernetsketch
Ethernet Interface Card
• NIC for short.—The piece of hardware you put into your
computer to talk to the network.—Can be 10Mb, 100Mb, even 1Gb card now.—10/100Mb cards run anywhere from $20 to
$100+ for pcmcia cards.
Ethernet Technologies: 10Base2
• thin coaxial cable in a bus topology
• repeaters used to connect up to multiple segments
Repeaters
• A hardware device that connects to segments together.—repeater repeats bits it hears on one interface
to its other interfaces— (Layer 1) physical layer device only!
• Signal attenuation is corrected by repeaters that amplify signals in physical cabling.
• Repeaters are part of the network medium (Layer 1). —In theory, they are dumb devices functioning
entirely without human intervention. However, some repeaters now offer higher-level services to assist with network management and troubleshooting.
Repeaters
Interconnecting LANs
Q: Why not just one big LAN? • Limited amount of supportable traffic: on
single LAN, all stations must share bandwidth
• limited length: 802.3 specifies maximum cable length
• large “collision domain” (can collide with many stations)
Collision Domains
• When network devices share the same, physical transmission media, it is more than possible packets of data will collide—Collision Domain
– Network Devices use CSMA/CD+ A devices listens to see if the media is available, then it
been transmitting.
– More then possible two devices will attempt to transmit at the same time.
+ This area is called a collision domain
Hubs
• Physical Layer devices: essentially repeaters operating at bit levels: repeat received bits on one interface to all other interfaces
• Hubs can be arranged in a hierarchy (or multi-tier design), with backbone hub at its top
Hubs (more)
• Each connected LAN referred to as LAN segment• Hubs do not isolate collision domains: node may
collide with any node residing at any segment in LAN
• Hub Advantages:— simple, inexpensive device— Multi-tier provides graceful degradation: portions of the LAN
continue to operate if one hub malfunctions— extends maximum distance between node pairs (100m per
Hub)— can connect different Ethernet types (e.g., 10BaseT and
100baseT)
Hub limitations
• single collision domain results in no increase in max throughput—multi-tier throughput same as single segment
throughput• individual LAN restrictions pose limits on number
of nodes in same collision domain and on total allowed geographical coverage
Bridges
• ( Layer 2 ) Link Layer devices: operate on Ethernet frames, examining frame header and selectively forwarding frame based on its destination
• Bridge isolates collision domains since it buffers frames
• When frame is to be forwarded on segment, bridge uses CSMA/CD to access segment and transmit
Bridges (more)• Bridge advantages:
—Isolates collision domains resulting in higher total max throughput, and does not limit the number of nodes nor geographical coverage
—Transparent: no need for any change to hosts LAN adapters
• bridges filter packets —same-LAN -segment frames not forwarded onto other
LAN segments
• forwarding: —how to know which LAN segment on which to forward
frame?—looks like a routing problem
Backbone Bridge
Ethernet Switches
• layer 2 forwarding, filtering using LAN addresses
• Switching: A-to-B and A’-to-B’ simultaneously, no collisions
• large number of interfaces• often: individual hosts,
star-connected into switch—Ethernet, but no
collisions!
Ethernet Switches
• Store and forward: frame is completely received, and then sent.
• cut-through switching: frame forwarded from input to output port without awaiting for assembly of entire frame—slight reduction in latency—Does not isolate collision domains.
• combinations of shared/dedicated, 10/100/1000 Mbps interfaces
Full & Half Duplex• Full Duplex:
—Communication that takes place simultaneously, in both directions, between sender and receiver.
—No collisions possible in full duplex mode.—Available on switches, double the speed, 100Mbps line
can pass 200Mbps at a time.
• Half Duplex: —two-way communication occurring in only one direction
at a time. Standard communication method. Line speeds are rated at half duplex speed.
Auto sensing networking devices
• Most networking devices auto sense whether they can talk 10Mb, 100Mb, and 1Gb.
• Simple for configuration, plug it in, let the computer and hub/switch figure it out.
• Does not take into account transmission media• 2 devices that can “speak” at 100Mbps on cat 3
(10Mbps) will attempt to use 100Mbps.
Routers
NORTEL
CISCO
3COM
•Function at layer 3, network layer.
•Able to route based on IP, instead of MAC
•See previous lecture for routing.
WWF Bridges vs. Routers
• both store-and-forward devices— routers: network layer devices (examine network layer headers)—bridges are Link Layer devices
• routers maintain routing tables, implement routing algorithms
• bridges maintain filtering tables, implement filtering, learning and spanning tree algorithms
network routers
• A router is a device that operates at network layer or layer 3.
• Routers actually looks at the message and determine what to do with it.
• For broadcast traffic, it drops the message
• It allows you to design more complex networks with multiple network protocols.
• It also routes between multiple IP domains
• Routers are complex devices because they contain buffers, switching logic, memory, and processing power to calculate the best way to send a packet to its destination.
network routers
Routing Using Subnets
Routers vs. Bridges
Bridges + and - + Bridge operation is simpler requiring less
processing bandwidth- Topologies are restricted with bridges: a spanning
tree must be built to avoid cycles - Bridges do not offer protection from broadcast
storms (endless broadcasting by a host will be forwarded by a bridge)
Routers vs. Bridges
Routers + and -+ arbitrary topologies can be supported, cycling is limited by
TTL counters (and good routing protocols)+ provide firewall protection against broadcast storms- require IP address configuration (not plug and play)- require higher processing bandwidth
• bridges do well in small (a hundred hosts) while routers used in large networks (thousands of hosts)
IEEE 802.11 Wireless LAN
• wireless LANs: untethered (often mobile) networking• IEEE 802.11 standard:
— MAC protocol— unlicensed frequency spectrum: 900Mhz, 2.4Ghz
• Basic Service Set (BSS) (a.k.a. “cell”) contains:—wireless hosts—access point (AP): base
station• BSS’s combined to form
distribution system (DS)
Ad Hoc Networks• Ad hoc network: IEEE 802.11 stations can dynamically form
network without AP• Applications:
—“laptop” meeting in conference room, car
— interconnection of “personal” devices— battlefield
• IETF MANET (Mobile Ad hoc Networks)
working group
LANs and WANs• Local Area Networks (LAN)
—A set of computer connected in a geographically close network, such as in the same building, campus or office building.
• Wide Area Networks (WAN)—A computer network that uses long-range
telecommunications links to connect the networked computers over long distances.
• The line between two is blurry, since LANs can cover geography then some WANs
Network Firewalls
• Definition: A system that can not be broken in to.—Monitors traffic and "protects" the computers behind it.
– Configure so that only certain inbound and outbound ports are "open"
+ Blocking port 6000, means that nothing can remotely connect to that port
– Configure so that IP are not allowed "through" the firewall (inbound, outbound, or both)
—Firewalls are a layer 4 device, because it works on Port numbers as well as IP number, and even MAC addresses.
Network Firewalls (2)
• Packet Filtering—block certain types of packets, such only allowing TCP
packets to port 25, but block UDP packets.—Blocking all ICMP packets—Allowing only ssh packets.
• Also can provide "Zones" of security—unrestricted access from/to internet, protected zones
(called DMZs) from/to the internet, and no access zone from/to internet.
– Or other section of the local network.
NAT
• Network Address Translation—The internal computers have a 10.x.x.x IP
numbers—When a computer wants to access the
internet, the NAT receives the packet, changes the IP to it's, then sends to the internet. On response, the NAT forwards it onto the computer again.
—Since the NAT is acting as a go between, the computer is protected.
VPN
• Virtual Private Network—A method to provide a secure and encrypted connection
between two trusted networks over an unsecured line– Where line could be the internet.
—Example– A company has two locations, New York and LA.
+ They could pay for a private connection between, which is really expensive
+ Or use a VPN on each side to connect them over the internet.
VPN (2)
• A VPN client connects to the VPN server.—All networking from the client is directed to the
server, which acts as the network gateway.– So the client functions as if it was behind a firewall
and could access everything like normal.
—Example– Employee goes on a business trip. Connect up to an
unsecured network. Connects to the VPN server (via the client) and now has a secure connection to "work" over the unsecured network.
IDS
• Intrusion Detection System—Detects traffic matching a signature of a
known attack. Similar to a Anti-Virus program.– alerts the admin to the attack
—If it a NIPS (network Intrusion Prevention system), then it will initiate defensive response.
– such as terminating the connection+ by configuring the firewall to block it.
Putting it all together
Web Architecture
SOURCE: INTERSHOP
TIER 1TIER 2Server
TIER 3Applications
TIER 4Database
Deploying network equipment
• Minimize collision domains where ever possible
• Put biggest switches on top or where the most capacity is needed
• Always! plan to bandwidth to increase.—planning only for today, causes more problems
tomorrow.
Internet• a lot of WANs and LANs connected together to
form the global access to computers via TCP/IP. Connected in a very chaotic manner, no real order.
• At the top of the internet hierarchy are National Service Providers (NSPs) that form the backbone of the internet.—Regional ISPs connect to an NSP.—Network Access Points (NAPs) are switching centers
between the NSPs. Generally referred to as Metropolitan area exchanges (MAEs).
Internet hosts count1981 – 213 1982 – 235 1983 – 562 1984 – 1,204 1985 – 1,961 1986 – 5,089 1987 – 28,174 1988 – 80,000 1989 – 159,000 1990 – 376,000 1991 – 727,000 1992 – 1,313,000 1993 – 2,217,000 1994 – 5,846,000 1995 – 14,352,000 1996 – 21,819,000 1997 – 29,760,000 1998 – 43,230,000 1999 – 72,398,000 2000 – 109,574,000 2001 – 147,345,000 2002 – 171,638,000 2003 – 233,101,000 2004 – 317,646,000 2005 – 394,992,000 2006 – 433,193,000 2007 – 541,677,000
Internet host 1991 to 2007 Hosts in millions
Reference: http://www.gandalf.it/data/data1.htm
Connecting to Internet Backbone
SOURCE: HOWSTUFFWORKS.COM
MONEY
Structure of the Internet
Europe
Japan
Backbone 1
Backbone 2
Backbone 3
Backbone 4, 5, N
Australia
Regional A
Regional B
NAP
NAP
NAP
NAP
SOURCE: CISCO SYSTEMS
MAPS UUNET MAP
Satellite Access (InterSatCom)
Home Networks• Connecting via DSL or Cable Modem and assuming you are
connecting 2 or more computers in your house.— You may want a firewall.
– Most Cable Modem provide "no protection" from the internet— Connect DSL/Cable modem, then firewall, then a hub or
wireless hub.– With Wireless don't forget to set the WEP, otherwise, you maybe
providing internet access to your neighbors as well without your knowledge.
— For Home use, you do not need the expensive switches and hubs. Many wireless hubs provide 10/100 connection as well. And may also include a firewall.
References
• See References inside this lecture• The Internet Security Guidebook, from
planning to deployment, Ellis and Speed, Academic Press, 2001
• The CERT® Guide to System and Network Security Practices, Allen, Addison Wesley, 2001
• TCP/IP Network Administration, Hunt, 3rd, O'Reilly, 2002
• How the Internet Works, Gralla, QUE, 1999• The Essentails of Computer Organization and
Architecture, chap12, Null• Numerous websites
QA&