Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
EECS 3213, F14 1
L5: Protocols, Services, Layers
Sebastian Magierowski York University
EECS 3213 Fall 2014
L5: Protocol/Service/Layer
EECS 3213, F14 2
• Network Layering Terminology – protocols, services, peers, clients, etc.
• Network Protocol Examples – HTTP, TCP, DNS, UDP
Outline
L5: Protocol/Service/Layer
EECS 3213, F14 3
• For remote entities to establish working communications a set of rules needs to be in place
• Protocols are just these rules – HTTP – TCP – DNS – UDP – BGP – OSPF – etc., etc.,…
• In this lecture we look at some of these rules at work within the context of two other important ideas “layers” and “services”
Protocols
L5: Protocol/Service/Layer
EECS 3213, F14 4
5.1 Network Layers
• Network functions are complex and require careful design
• To reduce design complexity network functions are organized as a stack of layers
L5: Protocol/Service/Layer
0 C—’ I
N..
5’
I
7c
—ç-
rs. 1
‘ -k—c
S•
SLO F 2 (b
0
C 3’ -4-
Cc-
—1-
ç’-S . c.t
(,4-
-+--
o 5 r
C’ C’ II
9zc7
‘S(.0’
“
-I-)
(A
C’
EECS 3213, F14 5
5.1 Network Layers
• Purpose of layer is to: 1. Provide “services” to layer
above (e.g. routing, error control, connection-oriented link, etc.)
2. Shielding upper layers from implementation details (i.e. information hiding/abstract data types, etc.)
L5: Protocol/Service/Layer
0 C—’ I
N..
5’
I
7c
—ç-
rs. 1
‘ -k—c
S•
SLO F 2 (b
0
C 3’ -4-
Cc-
—1-
ç’-S . c.t
(,4-
-+--
o 5 r
C’ C’ II
9zc7
‘S(.0’
“
-I-)
(A
C’
EECS 3213, F14 6
5.2 Layer Communication Flow
• “INTERFACE” lies between each pair of adjacent layers
• INTERFACE defines which services lower layers makes available to layer above
L5: Protocol/Service/Layer
0 C—’ I
N..
5’
I
7c
—ç-
rs. 1
‘ -k—c
S•
SLO F 2 (b
0
C 3’ -4-
Cc-
—1-
ç’-S . c.t
(,4-
-+--
o 5 r
C’ C’ II
9zc7
‘S(.0’
“
-I-)
(A
C’
EECS 3213, F14 7
OSI Network Layers (A Preview)
L5: Protocol/Service/Layer
42 INTRODUCTION CHAP. 1
Layer
Presentation
Application
Session
Transport
Network
Data link
Physical
7
6
5
4
3
2
1
Interface
Host A
Name of unitexchanged
APDU
PPDU
SPDU
TPDU
Packet
Frame
Bit
Presentation
Application
Session
Transport
Network
Data link
Physical
Host B
Network Network
Data link Data link
Physical Physical
Router Router
Internal subnet protocol
Application protocol
Presentation protocol
Transport protocol
Session protocol
Communication subnet boundary
Network layer host-router protocolData link layer host-router protocolPhysical layer host-router protocol
Figure 1-20. The OSI reference model.
4. The layer boundaries should be chosen to minimize the informationflow across the interfaces.
5. The number of layers should be large enough that distinct functionsneed not be thrown together in the same layer out of necessity andsmall enough that the architecture does not become unwieldy.
Below we will discuss each layer of the model in turn, starting at the bottomlayer. Note that the OSI model itself is not a network architecture because it doesnot specify the exact services and protocols to be used in each layer. It just tellswhat each layer should do. However, ISO has also produced standards for all thelayers, although these are not part of the reference model itself. Each one hasbeen published as a separate international standard. The model (in part) is widelyused although the associated protocols have been long forgotten.
EECS 3213, F14 8
• Corresponding layer on different machines are called peers
5.3 Peers and Protocols
L5: Protocol/Service/Layer
SEC. 1.4 REFERENCE MODELS 41
Layer k
Layer k + 1
Layer k - 1
Protocol
Service provided by layer k
Layer k
Layer k + 1
Layer k - 1
Figure 1-19. The relationship between a service and a protocol.
1.4 REFERENCE MODELS
Now that we have discussed layered networks in the abstract, it is time to lookat some examples. We will discuss two important network architectures: the OSIreference model and the TCP/IP reference model. Although the protocols associ-ated with the OSI model are not used any more, the model itself is actually quitegeneral and still valid, and the features discussed at each layer are still very im-portant. The TCP/IP model has the opposite properties: the model itself is not ofmuch use but the protocols are widely used. For this reason we will look at bothof them in detail. Also, sometimes you can learn more from failures than fromsuccesses.
1.4.1 The OSI Reference Model
The OSI model (minus the physical medium) is shown in Fig. 1-20. Thismodel is based on a proposal developed by the International Standards Organiza-tion (ISO) as a first step toward international standardization of the protocols usedin the various layers (Day and Zimmermann, 1983). It was revised in 1995 (Day,1995). The model is called the ISO OSI (Open Systems Interconnection) Ref-erence Model because it deals with connecting open systems—that is, systemsthat are open for communication with other systems. We will just call it the OSImodel for short.
The OSI model has seven layers. The principles that were applied to arrive atthe seven layers can be briefly summarized as follows:
1. A layer should be created where a different abstraction is needed.
2. Each layer should perform a well-defined function.
3. The function of each layer should be chosen with an eye towarddefining internationally standardized protocols.
sender/receiver receiver/sender
Layer 1 (physical)
Layer 1 (physical) wire/fiber/radio/etc.
EECS 3213, F14 9
• In ABSTRACT we think of virtual communication that happens between peers
• Communication between peers adheres to specific rules called protocols (e.g. HTTP)
• Protocols are implementations of a service
5.3 Peers and Protocols
L5: Protocol/Service/Layer
I-.,
4JJ
-e1
—1
;:t’
a’-.--03cLv))c
-41
.—\
IiA
c49
IcL.
V
‘3
9‘-I’
-
fr)
ztç,
v-)z
ccL
01
I
C
V
-C
I
2a’
EECS 3213, F14 10
• I (client machine) want to grab a file (web page) from a server machine
• A whole bunch of rules (protocols) need to be followed to make this happen
5.4 Protocols In Action: Web Browsing
L5: Protocol/Service/Layer
I-.,
4JJ
-e1
—1
;:t’
a’-.--03cLv))c
-41
.—\
IiA
c49
IcL.
V
‘3
9‘-I’
-
fr)
ztç,
v-)z
ccL
01
I
C
V
-C
I
2a’
EECS 3213, F14 11
• At the top is HTTP
• In the abstract two HTTP entities are engaging in a virtual communication
– The entities are using the HTTP protocol – Let’s look at this in more detail…
5.4 Web Browsing
L5: Protocol/Service/Layer
lvi
I’
0,
— a
-H0
C
C’ C,’
—
‘4
—
C’
(A
EECS 3213, F14 12
• To get a web page a specific set of rules is followed – Generally speaking HTTP is a “request-reply” protocol
• HTTP relies on the services of a bunch of other layers
and their protocols…let’s see this in even more detail!
5.5 HTTP
L5: Protocol/Service/Layer
lvi
I’
0,
— a
-H0
C
C’ C,’
—
‘4
—
C’
(A
EECS 3213, F14 13
• How does C (the client) know where to send its messages (exactly)???????
– www.nytimes.com is actually the server’s address
– But machines work with a 32-bit address (IP address) • not an alphanumeric one
– So you need something capable of translating alphanumeric domain names to IP address • DNS does this
– A few words on IP address • Often written in “dot-decimal” notation (for our consumption) • 2 level-hierarchy
– netID.hostID
5.6 DNS (Domain Name System)
L5: Protocol/Service/Layer
ii’ — —your
S DWP (:M4,0ku1v) S4Mjs yoev ET/)fkAJFT‘ d’ you (,:.t. yor P//VS.. AD[)RE.S) d,.&s d fr-R_
a4. IP L11,74h ,L
WAHEz) DI4CP A kf11s yc9v c1%s. FJ/E1
AlPcW9 £4rt-e
3) (ocLc\1 D1\J scve.r1k1vq vC9R— kvio,+(A2?., +ilt’4+ llIP (cUV,.
.rV r o’ODS. )YQ, P1Lc 1vOt?LS kL P VOU 4bQ
,# jibiU DtJSyou ]s— ITR4T1vEL.y vw
DP 1 i4pl piàoa 1 öv
°vcrS > ôo
1CAMN (IH+1. Cot,.1&v’ 4VL(4 V’5 po
1)l;\t (Ok14 0) U. . D.
fJ J4 To7 /.</ Dom/ ..co& •:T)‘141?4eS °° + 5
.rc, 1;/1 so1ei.,h€-/ /‘c:A:;/’..
0
kLQ.
D1\)S: ( 1kJb41
2O)21)
EECS 3213, F14 14
• In the end the DNS system runs the DNS protocol – It runs this on top of the UDP layer (which runs the UDP protocol)
5.6 DNS
L5: Protocol/Service/Layer
I
it_ —I
3 7-
I
?ç)1
I
f)
-
VP
1 4.
+,c. 0
EECS 3213, F14 15
• HTTP employs the services of a lower layer and its protocol: TCP
5.7 TCP
L5: Protocol/Service/Layer
I
it_ —I
3 7-
I
?ç)1
I
f)
-
VP
1 4.
+,c. 0
EECS 3213, F14 16
• TCP can be serving a number of higher-level protocols simultaneously
• Define TCP (Transport) address which can identify different higher-level protocols
– Ports – 16-bit number (64k possible ports) – First 1k are reserved (remainder are ephemeral)
TCP Ports
L5: Protocol/Service/Layer
—i
0-
“C)
I1
I
$I
‘J.
U“l
\1
S
EECS 3213, F14 17
HTTP Uses Service of TCP
HTTP server
HTTP client
TCP
Port 80 Port 1127
TCP
Response GET
TCP 80, 1127 GET 1127, 80 bytes Response GET Response
L5: Protocol/Service/Layer
EECS 3213, F14 18
• TCP provides connection-oriented byte stream service – Makes sure destination is available and reserves our access to it
until disconnect (Layer 4 virtual circuit) – Delivers the bytes that a message is made up of in order
• How? Labels messages with sequence numbers
5.8 TCP Communications
L5: Protocol/Service/Layer
4
a-)
-4.
.—‘
‘S
-.--
—‘4
“-.
‘j
:‘
‘%.‘
•‘%:
c:LN)c,-$-.
o(
—.‘j
,—,I—‘
‘-.—.--
,
,1
(I
4
I,
11-.‘V
.4_c6
1rcL
0if,••
444.
II,4
!41)
EECS 3213, F14 19
• A 3-way handshake
5.9 TCP Connection Establishment
L5: Protocol/Service/Layer
:;-4--
‘-I
‘vi‘—I
Zcv’
0’
I4i
1-I
\iy .—‘-‘J
c
—4,:
U-.-
:c::
H
-1--;•v-
[•%
±1!
-4-
‘SDLb)
•*j
/7‘)
.-t1%
‘1
vi
-1,r
4-.,,
,;iiI‘I‘I•4
ff
f1
/
.:%JC%)
S.
I,ii
0
1!w
9-—‘
-
EECS 3213, F14 20
• …can cause problems
Predictable Sequence Numbers…
L5: Protocol/Service/Layer
:;-4--
‘-I
‘vi‘—I
Zcv’
0’
I4i
1-I
\iy .—‘-‘J
c
—4,:
U-.-
:c::
H
-1--;•v-
[•%
±1!
-4-
‘SDLb)
•*j
/7‘)
.-t1%
‘1
vi
-1,r
4-.,,
,;iiI‘I‘I•4
ff
f1
/
.:%JC%)
S.
I,ii
0
1!w
9-—‘
-
EECS 3213, F14 21
• SYN Flood
5.10 TCP Hacks
L5: Protocol/Service/Layer
oO
04-•;
vl
‘-I‘S
,‘.4‘1.
3v,)
V
S.Q_
j‘I
b’1
I
I•1
>—
0—
0l
c-.
I
LI’
V0‘0
\_)\j%
>—
10
>V7
gcL
.I
I
V
EECS 3213, F14 22
• Calculating SN’s
SYN Cookies
L5: Protocol/Service/Layer
oO
04-•;
vl
‘-I‘S
,‘.4‘1.
3v,)
V
S.Q_
j‘I
b’1
I
I•1
>—
0—
0l
c-.
I
LI’
V0‘0
\_)\j%
>—
10
>V7
gcL
.I
I
V
EECS 3213, F14 23
Man-in-the-Middle Attack
L5: Protocol/Service/Layer