4. June 21, 2017 www.snipe.co.in 4
AGENDA
Session 1
• Introduction
Session 2
• Physical Layer
• Data Link Layer
• Network Layer
• Network Security
Session 3
• Transport Layer
• Session Layer
• Presentation Layer
• Application Layer
Session 4
• Implementation
• How to develop Networking projects
5. June 21, 2017 www.snipe.co.in 5
Network Definition
• A network can be defined as two or more computers connected
together in such a way that they can share resources.
• The purpose of a network is to share resources.
• A resource may be:
- A file
- A folder
- A printer
- A disk drive
- Or just about anything else that exists on a computer.
• Networking is the term that describes the processes involved in
designing, implementing, upgrading, managing and otherwise working
with networks and network technologies.
6. June 21, 2017 www.snipe.co.in 6
Advantages of networking
• Connectivity and Communication
• Data Sharing
• Hardware Sharing
• Internet Access
• Internet Access Sharing
• Data Security and Management
• Performance Enhancement and Balancing
• Entertainment
7. June 21, 2017 www.snipe.co.in 7
Network Topology
The network topology defines the way in which computers, printers,
and other devices are connected. A network topology describes the
layout of the wire and devices as well as the paths used by data
transmissions.
Bus Topology: Commonly referred to as a linear bus, all the devices on a
bus topology are connected by one single cable.
8. June 21, 2017 www.snipe.co.in 8
(Contd..)
Star topology: is the most commonly used architecture in Ethernet LANs.
- When installed, the star topology resembles spokes in a bicycle wheel.
- Larger networks use the extended star topology also called tree
topology.
- When used with network devices that filter frames or packets, like
bridges, switches, and routers, this topology significantly reduces the
traffic on the wires by sending packets only to the wires of the
destination host.
9. June 21, 2017 www.snipe.co.in 9
(Contd..)
Ring Topology:
• A frame travels around the ring, stopping at each node. If a node
wants to transmit data, it adds the data as well as the destination
address to the frame.
• The frame then continues around the ring until it finds the destination
node, which takes the data out of the frame.
Single ring – All the devices on the network share a single cable
Dual ring – The dual ring topology allows data to be sent in both directions.
10. June 21, 2017 www.snipe.co.in 10
(Contd..)
Mesh Topology:
• The mesh topology connects all devices (nodes) to each other for
redundancy and fault tolerance.
• It is used in WANs to interconnect LANs and for mission critical
networks like those used by banks and financial institutions.
Implementing the mesh topology is expensive and difficult.
11. June 21, 2017 www.snipe.co.in 11
Fundamental Network Classifications
A Local Area Network (LAN) - is a computer network covering a small
geographic area, like a home, office, or group of buildings
Client
ClientClient
Client Client
Client
12. June 21, 2017 www.snipe.co.in 12
Metropolitan Area Network (MAN) - is a network that interconnects
users with computer resources in a geographic area or region larger than
that covered by even a large local area network (LAN) but smaller than
the area covered by a wide area network (WAN).
(Contd..)
13. June 21, 2017 www.snipe.co.in 13
(Contd..)
Wide Area Network (WAN) - is a computer network that covers a broad
area (i.e., any network whose communications links cross metropolitan,
regional, or national boundaries). Or, less formally, a network that uses
routers and public communications links
- The largest and most well-known example of a WAN is the
Internet.
14. June 21, 2017 www.snipe.co.in 14
Intranet and Internet Specifications
• Intranet: An intranet is a private network that is contained within an
enterprise. It may consist of many interlinked local area networks and
also use leased lines in the wide area network.
• An intranet uses TCP/IP, HTTP, and other Internet protocols and in
general looks like a private version of the Internet. With tunneling,
companies can send private messages through the public network, using
the public network with special encryption/decryption and other
security safeguards to connect one part of their intranet to another.
• Internet: is a worldwide system of computer networks - a network of
networks in which users at any one computer can, if they have
permission, get information from any other computer (and sometimes
talk directly to users at other computers).
15. June 21, 2017 www.snipe.co.in 15
Applications
• E-mail
• Searchable Data (Web Sites)
• E-Commerce
• News Groups
• Internet Telephony (VoIP)
• Video Conferencing
• Chat Groups
• Instant Messengers
• Internet Radio
16. June 21, 2017 www.snipe.co.in 16
What are Computer networks?
A computer network is an interconnection between general purpose
programmable devices that deals with the handling of data.
17. June 21, 2017 www.snipe.co.in 17
The Connectivity:
The goal of a network is to achieve the connectivity between two or
more systems.
For the purpose of security the networks may be public, like the Internet
or Wi-Fi hotspots, or it may be private, like the Local Area Network in
SEECS.
Identifying The Requirement Constraints Of A Network:
Different people who interact with a network will have different
requirements: e.g., an application programmer will want the network to
be efficient, easy to work with, and provide error free data transfer,
while a network designer will want the network to be cost-effective and
allow efficient resource utilization.
(Contd..)
18. June 21, 2017 www.snipe.co.in 18
Some of the components and issues related to a Network are following:
Link:
Link is defined as the physical transmission medium that connects
networked devices/systems.
19. June 21, 2017 www.snipe.co.in 19
Different types of links
There are two types of links:
Point-to-Point or Direct Access Link:
• Such links are used to connect two devices only. Such links provide a
direct path between two devices, thus forming a network that does not
have any intermediate device.
• Such an approach can not be used to interconnect a large network
since it's not feasible to have a direct point-to-point link between all the
nodes in a network.
• The drawback of such networks is that for large networks, it is not
feasible to have a direct point to point link between all nodes for cost
reasons. A network in which there is a direct point-to-point link between
every node and all other nodes is called a fully connected network.
20. June 21, 2017 www.snipe.co.in 20
Client-Server Networking Model
21. June 21, 2017 www.snipe.co.in 21
2. Multiple Access Link:
When multiple devices are connected to one another via a single link,
such that each of the devices is connected by the link to all other devices
at the same time, the link is said to be a multiple-access link. The main
channel that connects all the devices is also called as a ‘bus’ or an 'ether'
Multiple access links solves the problem of connecting multiple nodes
without requiring point-to-point links. However, they have limitations of
the number of nodes they can connect, and the geographical distance
they can span.
22. June 21, 2017 www.snipe.co.in 22
Types of nodes:
There are two types of nodes:
1. Nodes that use the network (Hosts)
It is the node that it does not participate in routing or packet switching.
They support users and run application programs.
2. Nodes that implement the Network (Switches/Routers/ Hubs/ Repeaters)
These are the networks nodes whose function is to implement the
functionality of the network (such as receiving data from end hosts and
forwarding to the other hosts [potentially through other network
implementing nodes]).
23. June 21, 2017 www.snipe.co.in 23
Switch
A network switch is a computer networking device that connects
network segments. The number of users that a switch can support is
limited and so is the geographical distance in which it can provide
service.
Ex: Ethernet can support about 1000 users in an area as large as a
building. For more users, we need to form separate networks
and then join those networks.
24. June 21, 2017 www.snipe.co.in 24
Routers
• The nodes that provide communication between different networks
(that may be based on different underlying technologies).
• Thus to connect two separate LANs, a router may be used.
• As the name implies it ‘routes’ data, that is it receives data/messages
from the source and systematically forward these messages toward the
destination node based on their address.
25. June 21, 2017 www.snipe.co.in 25
Hubs
• Hubs are devices used to link several computers together.
• They repeat any signal that comes in on one port and copy it to the
other ports (a process that is also called broadcasting).
• There are two types of hubs: active and passive.
26. June 21, 2017 www.snipe.co.in 26
Repeaters
• Repeaters are nothing more than amplifiers and, as such, are very
inexpensive.
• Repeaters can only be used to regenerate signals between similar
network segments.
• The main disadvantage to repeaters is that they just amplify signals.
These signals not only include the network signals, but any noise on the
wire as well.
27. June 21, 2017 www.snipe.co.in 27
Cloud
• In the networks the cloud is used to represent a higher level of
abstraction.
• The cloud is a placeholder for a network, that we are using or are
connected to, but we do not want to see into its inner workings, thus
simplifying the study of the network.
Ex: when showing an interconnection of several networks, we may
represent each network with a cloud, to hide the network it self and only
see the bigger picture.
29. June 21, 2017 www.snipe.co.in 29
Mode of Data Transfer
Data is transferred in networks by two primary ways –
circuit switching and packet switching. These form the core of the
networks.
• The type of network that establishes a connection or channel between
the communicating nodes as if they were physically connected with an
electrical circuit is called as circuit switched network.
Ex: Telephone Connections
• The data is broken down into chunks/pieces and those chunks are
wrapped into structures called packets. Each packet contains, along with
the data (or payload), the information about the address of the source
and the destination nodes, sequence numbers and other control
information. A packet can also be called a ‘segment’ or ‘datagram’.
30. June 21, 2017 www.snipe.co.in 30
Why Network Protocol Models?
• Network communication is an extremely complex task
• Need cooperative efforts from all nodes involved
• A standard model helps to describe the task of a networking product or
service
• Also help in troubleshooting by providing a frame of reference
31. June 21, 2017 www.snipe.co.in 31
Who define Network Model?
Need non-profit making organizations
• ISO - International Standards Organization
e.g. OSI, MPEG-1, 2, 4, etc. (http://www.iso.ch/)
• IEEE - Institute of Electrical & Electronic Engineers
e.g IEEE 802, IEEE 754, etc. (http://www.ieee.org)
• ITU - International Telecommunication Union
e.g. V.34, H.323, H.324, etc. (http://www.itu.int)
32. June 21, 2017 www.snipe.co.in 32
Layered Architecture
• Layering specifies different level of
functions and services
• Each layer works with the layer below
and above it
• Each layer provides services to next
layer
• Shield the upper layer from the details
of actual implementation
33. June 21, 2017 www.snipe.co.in 33
OSI Architecture
• Open Systems Interconnection (OSI) is a set of internationally
recognized, non-proprietary standards for networking and for operating
system involved in networking functions.
• Established in 1947, the International Standards Organization (ISO)
is a multinational body dedicated to worldwide agreement on
international standards.
• An ISO standard that covers all aspects of network communications
is the Open Systems Interconnection (OSI) model. It was first
introduced in the late 1970s.
• ISO is the organization. OSI is the model.
35. June 21, 2017 www.snipe.co.in 35
The interaction between layers in the OSI model
36. June 21, 2017 www.snipe.co.in 36
An exchange using the OSI model
37. June 21, 2017 www.snipe.co.in 37
Why use a layered approach ?
– Data communications requires complex procedures
• Sender identifies data path/receiver
• Systems negotiate preparedness
• Applications negotiate preparedness
• Translation of file formats
– For all tasks to occur, a high level of cooperation is required
– Provide framework to implement multiple specific protocols per
layer
38. June 21, 2017 www.snipe.co.in 38
(Contd..)
• Advantages of Layering
• Easier application development
• Network can change without all programs being modified
• Breaks complex tasks into subtasks
• Each layer handles a specific subset of tasks
• Communication occurs
• between different layers on the same node or stack
(INTERFACES) – vertical communications
• between similar layers on different nodes or stacks (PEER-TO-
PEER PROCESSES) – horizontal communications
39. June 21, 2017 www.snipe.co.in 39
TCP/IP Protocol Suite
• The TCP/IP protocol suite is made of five layers:
physical, data link, network, transport, and application.
• The first four layers provide physical standards, network interface,
internetworking, and transport functions that correspond to the
first four layers of the OSI model.
• The three topmost layers in the OSI model, however, are represented
in TCP/IP by a single layer called the application layer.
40. June 21, 2017 www.snipe.co.in 40
TCP/IP and OSI model
41. June 21, 2017 www.snipe.co.in 41
SMTP: Simple Mail Transfer Protocol is an Internet standard for
electronic mail (e-mail) transmission across Internet Protocol (IP)
networks.
Most e-mail systems that send mail over the Internet use SMTP to send
messages from one server to another; the messages can then be retrieved
with an e-mail client using either POP (Post Office Protocol) or IMAP
(Internet Message Access Protocol).
FTP: File Transfer Protocol is a standard network protocol used to
copy a file from one host to another over a TCP/IP-based network, such
as the Internet.
DNS: Domain Name System is a distributed hierarchical naming
system for computers, services, or any resource connected to the Internet
or a private network that translates domain names into IP addresses .
(Contd..)
42. June 21, 2017 www.snipe.co.in 42
HTTP : Hypertext Transfer Protocol is a networking protocol for
distributed, collaborative, hypermedia information systems.
- HTTP is the foundation of data communication for the World Wide
Web.
- HTTP functions as a request-response protocol in the client-server
computing model.
SNMP: Simple Network Management Protocol is a UDP-based
network protocol.
SCTP: Stream Control Transmission Protocol is a Transport Layer
protocol, serving in a similar role as the popular protocols Transmission
Control Protocol (TCP) and User Datagram Protocol (UDP).
(Contd..)
43. June 21, 2017 www.snipe.co.in 43
ICMP: Internet Control Message Protocol is one of the core
protocols of the Internet Protocol Suite
IGMP: Internet Group Management Protocol is a communications
protocol used to manage the membership of Internet Protocol multicast
groups.
ARP: Address Resolution Protocol is a computer networking
protocol for determining a network host's link layer or hardware address
when only its Internet Layer (IP) or Network Layer address is known.
RARP: Reverse Address Resolution Protocol is a computer networking
protocol used by a host computer to request its Internet Protocol (IPv4)
address from an administrative host, when it has available its Link Layer
or hardware address, such as a MAC address.
(Contd..)
44. June 21, 2017 www.snipe.co.in 44
Addressing
Three different levels of addresses are used in an internet using the
TCP/IP protocols: physical (link) address, logical (IP) address, and
port address.
Addresses in
TCP/IP:
45. June 21, 2017 www.snipe.co.in 45
Relationship of layers and addresses in TCP/IP
46. June 21, 2017 www.snipe.co.in 46
MAC(Media Access Control address )
• It is a unique identifier assigned to network adapters or network
interface cards (NICs) usually by the manufacturer for identification.
• If assigned by the manufacturer, a MAC address usually encodes the
manufacturer's registered identification number.
• It may also be known as an Ethernet Hardware Address (EHA),
hardware address, adapter address, or physical address.
• MAC addresses are used in the Media Access Control protocol sub-
layer of the OSI reference model.
47. June 21, 2017 www.snipe.co.in 47
IP Address Classes
• An Internet Protocol address (IP address) is a numerical label that is
assigned to devices participating in a computer network that uses the
Internet Protocol for communication between its nodes.
• An IP address serves two principal functions: host or network interface
identification and location addressing.
• IP addresses were originally organized into classes. The address class
determined the potential size of the network.
• The class of an address specified which of the bits were used to
identify the network, the network ID, or which bits were used to identify
the host ID, host computer.
• It also defined the total number of hosts subnets per network.
48. June 21, 2017 www.snipe.co.in 48
There were five classes of IP addresses: classes A through E.
49. June 21, 2017 www.snipe.co.in 49
The following table shows how the octets are distributed in classes
A, B, and C. Class IP Address Network ID Host ID
A a,b,c,d a b,c,d
B a,b,c,d a,b c,d
C a,b,c,d a,b,c d
Class A: Class A addresses are specified to networks with large number
of total hosts.
Class A allows for 126 networks by using the first octet for the network
ID. The first bit in this octet, is always set and fixed to zero.
And next seven bits in the octet is all set to one, which then complete
network ID. The 24 bits in the remaining octets represent the hosts ID,
allowing 126 networks and approximately 17 million hosts per network.
Class A network number values begin at 1 and end at 127.
50. June 21, 2017 www.snipe.co.in 50
Class B:
Class B addresses are specified to medium to large sized of networks.
• Class B allows for 16,384 networks by using the first two octets for
the network ID.
• The two bits in the first octet are always set and fixed to 1 0.
• The remaining 6 bits, together with the next octet, complete network
ID. The 16 bits in the third and fourth octet represent host ID, allowing
for approximately 65,000 hosts per network.
• Class B network number values begin at 128 and end at 191.
51. June 21, 2017 www.snipe.co.in 51
Class C:
Class C addresses are used in small local area networks (LANs).
• Class C allows for approximately 2 million networks by using the first
three octets for the network ID.
• In class C address three bits are always set and fixed to 1 1 0.
• And in the first three octets 21 bits complete the total network ID.
• The 8 bits of the last octet represent the host ID
• Allowing for 254 hosts per one network. Class C network number
values begin at 192 and end at 223.
Class D and E: Classes D and E are not allocated to hosts.
Class D addresses are used for multicasting, and class E addresses are
not available for general use: they are reserved for future purposes.
55. June 21, 2017 www.snipe.co.in 55
• The Physical Layer is the first and lowest layer in the seven-layer OSI
model of computer networking.
• The Physical Layer provides an electrical, mechanical, and procedural
interface to the transmission medium.
• Provide the means to transmit bits from sender to receiver => involves
a lot on how to use (analog) signals for digital information
• Theoretical background: signal transmission and Fourier analysis
• Transmission media (wires and no wires)
• Modulation techniques (the actual encoding), multiplexing,
and switching
Introduction
56. June 21, 2017 www.snipe.co.in 56
Magnetic Media
• Floppy disk
• CDs
• Magnetic tapes
• Advantage
- High bandwidth (bulk of data)
• Disadvantage
- Delay is too long
57. June 21, 2017 www.snipe.co.in 57
Twisted Pair
• Waves from different twists cancel out , so the wire radiates less
effectively. The more is the number of twists per cm lesser is the
radiation.
• They run for several Km without amplification
• For longer distances repeaters are required.
(a) category 3:
traditional phone wires,
10 Mbps Ethernet
(b) category 5:
100Mbps Ethernet
58. June 21, 2017 www.snipe.co.in 58
Coaxial Cables
• Better shielding hence better noise immunity
• High bandwidth up to 1GHz
• Earlier used on long distance telephone lines (short distance is twisted
pair), now replaced with optical fibre.
• Now used largely in cable TV and MANs.
59. June 21, 2017 www.snipe.co.in 59
Fibre Optics
3 key components :
– Light source : accepts an electrical signal,converts and transmits as
light pulses.
• LEDs
• Semi-conductor lasers
– Transmission medium
• A very thin fiber of glass
– Detector : senses the light pulses and converts it back to electrical
signal
61. June 21, 2017 www.snipe.co.in 61
Fiber Optics
(a) Three examples of a light ray from inside a silica fiber impinging
on the air/silica boundary at different angles.
(b) Light trapped by total internal reflection.
62. June 21, 2017 www.snipe.co.in 62
Fiber Cables
Attenuation of light:
Attenuation of light through glass depends upon the wavelength of the
light and the physical properties of the glass.
63. June 21, 2017 www.snipe.co.in 63
Fiber Connections
An interface consists of a receiver (photodiode) which transforms light
into electrical signals, and/or a transmitter (LED or laser diode)
Passive interface: A computer is directly connected to the optical fiber
Active interface: There’s an ordinary electrical repeater connected to two
fiber segments and the computer:
64. June 21, 2017 www.snipe.co.in 64
Copper vs Optical
• Advantages of fiber
– High bandwidth
– Low attenuation, hence repeaters required at about 50km vs about 5km for
copper – cost saving
– More immune to external disturbances
– Lighter than copper
– Do not leak light and are difficult to tap – security
• Disadvantages : Interfaces and hence maintenance are expensive.
The optical fiber cable in the
foreground has the equivalent
information-carrying capacity of the
copper cable in the background.
65. June 21, 2017 www.snipe.co.in 65
Wireless Transmission
- The Electromagnetic Spectrum
- Radio Transmission
- Microwave Transmission
- Infrared and Millimeter Waves
- Light-wave Transmission
can all be used for transmitting information
• When electrons move, they create electromagnetic waves that travel
through space.
• When an antenna of appropriate size is attached to an electrical circuit,
the electromagnetic waves can be broadcast efficiently and received by a
receiver some distance away. All wireless communication is based on
this principle.
66. June 21, 2017 www.snipe.co.in 66
Higher Frequency waves
UV, X-ray and gamma rays can carry more information but,
– They are hard to produce and modulate
– Do not propagate well thru buildings
– And, are dangerous to living things
67. June 21, 2017 www.snipe.co.in 67
Radio Waves
• Are easy to generate , can travel long distances and can penetrate
buildings easily.
• Are omni directional, i.e. they travel in all directions
– Advantages : transmitter and receiver do not have to be aligned
– Disadvantages : interference of signals : less secure : govt license
required to use particular frequency band
• The properties of RW are frequency dependent
– At low frequency : pass thru obstacles well but the power falls off
sharply with distance from the source.
– At high frequency : they travel in straight lines , bounce off
obstacles, and absorbed by rain
68. June 21, 2017 www.snipe.co.in 68
(a) In the VLF, LF, and MF bands, radio waves follow the curvature of
the earth.
(b) In the HF band, they bounce off the ionosphere.
69. June 21, 2017 www.snipe.co.in 69
Microwave transmission
• Above 100 MHz, the waves travel in nearly straight lines.
• They do not pass thru buildings well
• Concentrating all energy into a single beam gives a much higher SNR
(signal-to-noise ratio) but,
• The transmitting and receiving antennas must be aligned properly.
• Since MW travel in a straight line, if the towers are too far apart, the
earth will get in the way, hence
• Repeaters are required periodically.
Application of MW:
• Short range Networking
• Example : WLL : Wireless Local Loop
70. June 21, 2017 www.snipe.co.in 70
Infrared and Millimeter waves
• For short range
• Directional
• Do not pass thru solid objects
• Because of above properties .. No eavesdropping .. Hence secure .. No
government license required.
Application of Infrared:
• Applications of Infrared
– Remote control Home- appliances
• Applications of Millimeter
– Wireless Local Loop
71. June 21, 2017 www.snipe.co.in 71
The ISM (Industrial, Scientific and Medical) band
• Low power, hence short range so that no interference from each other.
• For unlicensed usage :
– Garage door openers,
– Cordless phones,
– Radio-controlled toys,
– Wireless mouse,
– And numerous other wireless household devices use the ISM band
• A laser beam
• Directional but
• Cannot penetrate rain or thick fog
Convection currents can interfere with laser communication systems.
Light waves for unguided medium:
73. June 21, 2017 www.snipe.co.in 73
• Introduction
• Features of Data Link Layer
• Framing
• Error Control
• Error Detection Techniques
• Flow Control
Agenda
74. June 21, 2017 www.snipe.co.in 74
Data link layer provides delivery of information frames between
communicating partners.
• This layer is responsible for flow regulation, error detection and
correction, and framing of bits for transmission
• The network data frame is made up of checksum, source address,
destination address, and the data itself.
• The largest frame size that can be sent is known as the maximum
transmission Unit (MTU).
Data link layer
75. June 21, 2017 www.snipe.co.in 75
• Assembles bits into frames, making them ready for transmission over
the network.
• Provides error detection, and correction to transmitted frames. If the
checksum is not correct, it asks for retransmission. (Send a control
message).
• Consists of two sub layers:
- Logical Link Control (LLC): Defines how data is transferred over
the cable and provides data link service to the higher layers.
- Medium Access Control (MAC): Controls media access by
regulating the communicating nodes using pre-defined set of rules.
(i.e. Token passing, Ethernet [CSMA/CD] all have MAC sub-layer
protocol).
Features of Data Link Layer
76. June 21, 2017 www.snipe.co.in 76June 21, 2017 www.snipe.co.in 76
Framing
• Character Count
• Flag bytes with byte stuffing
• Flag bytes with bit stuffing
77. June 21, 2017 www.snipe.co.in 77June 21, 2017 www.snipe.co.in 77
Framing with Character Count
A character stream.
(a) Without errors.
(b) With one error.
78. June 21, 2017 www.snipe.co.in 78June 21, 2017 www.snipe.co.in 78
Problem with Framing with Character Counting
• What if the count is garbled
• Even if with checksum, the receiver knows that the frame is bad there is
no way to tell where the next frame starts.
• Asking for retransmission doesn’t help either because the start of the
retransmitted frame is not known
• No longer used
79. June 21, 2017 www.snipe.co.in 79June 21, 2017 www.snipe.co.in 79
Framing with byte stuffing
Problem: fixed character size : assumes character size to be 8 bits : can’t
handle heterogeneous environment.
80. June 21, 2017 www.snipe.co.in 80June 21, 2017 www.snipe.co.in 80
Framing with byte stuffing (Contd..)
Bit stuffing
(a)The original data.
(b) The data as they appear on the line.
(c) The data as they are stored in receiver’s memory after destuffing.
81. June 21, 2017 www.snipe.co.in 81June 21, 2017 www.snipe.co.in 81
Error Control
Two basic approaches to handle bit errors:
• Error-correcting codes
- Used if retransmission of the data is not possible
- Data are encoded with sufficient redundancy to correct bit
errors.
Examples: Hamming Codes, Reed Solomon Codes, etc.
• Error-detecting codes plus retransmission
- Used if retransmission of corrupted data is feasible
- Receiver detects error and requests retransmission of a
frame.
82. June 21, 2017 www.snipe.co.in 82June 21, 2017 www.snipe.co.in 82
Error Detection Techniques
Error Detection Techniques:
– Parity Checks
– Cyclic Redundancy Check
General Method:
Append a parity bit to the end of each character in a frame such that the
total number of '1' in a character is:
- even (even parity) or
- odd (odd parity)
Example: With ASCII code, a parity bit can be Attached to an 7-bit
character
ASCII "G" = 1 1 1 0 0 0 1
– with even parity =
– with odd parity =
Parity Checks
83. June 21, 2017 www.snipe.co.in 83June 21, 2017 www.snipe.co.in 83
Cyclic-Redundancy Codes (CRC)
General Method:
• The transmitter generates an n-bit check sequence number from a
given k-bit frame such that the resulting (k+n)-bit frame is divisible by
some number.
• The receiver divides the incoming frame by the same number
• If the result of the division does not leave a remainder, the receiver
assumes that there was no error• CRC is used by all advanced data link protocols, for the following
reasons:
– Powerful error detection capability
– CRC can be efficiently implemented in hardware
84. Errors can be expressed as Error Polynomials
For example,
Sent Message : 1 0 1 1 1 0 1
Received Message: 1 1 1 1 0 0 1
______________________________
Error : 0 1 0 0 1 0 0
In the example, the Error Polynomial E(x) is given by:
E(x) = x 5 + x 2
Error Detection with CRC
June 21, 2017 www.snipe.co.in 84
85. Flow Control
• Flow Control is a technique for speed-matching of transmitter and
receiver. Flow control ensures that a transmitting station does not
overflow a receiving station with data
• We will discuss two protocols for flow control:
– Stop-and-Wait Protocol
– Sliding Window Protocol
• For the time being, we assume that we have a perfect channel between
sender and receiver (no errors)
June 21, 2017 www.snipe.co.in 85
86. Stop-and-Wait Flow Control
• Simplest form of flow control
• In Stop-and-Wait flow control, the receiver indicates its readiness to
receive data for each frame
• Operations:
1. Sender: Transmit a single frame
2. Receiver: Transmit acknowledgment (ACK)
3. Goto 1.
Analysis of Stop-and-Wait
June 21, 2017 www.snipe.co.in 86
87. Sliding Window Flow Control
• Major Drawback of Stop-and-Wait Flow Control:
– Only one frame can be in transmission at a time
– This leads to inefficiency if a>1
• Sliding Window Flow Control
– Allows transmission of multiple frames
– Assigns each frame a k-bit sequence number
– Range of sequence number is [0..2k-1], i.e., frames are counted
modulo 2k
June 21, 2017 www.snipe.co.in 87
88. Operation of Sliding Window
• Sending Window:
- At any instant, the sender is permitted to send frames with
sequence numbers in a certain range
- The range of sequence numbers is called the sending window
June 21, 2017 www.snipe.co.in 88
89. • Receiving Window:
- The receiver maintains a receiving window corresponding to
the sequence numbers of frames that are accepted.
Operation of Sliding Window
June 21, 2017 www.snipe.co.in 89
90. Basic Elements of ARQ
Packet
sequence
Error-free
packet
sequence
Information
frames
Control
frames
Transmitter Receiver
CRC
Information
packet
Header
Station A Station B
Information Frame
Control frame
CRC Header
June 21, 2017 www.snipe.co.in 90
91. ARQ Error Control
Two types of errors:
– Lost frames
– Damaged Frames
• Most Error Control techniques are based on
(1) Error Detection Scheme (e.g., Parity checks, CRC),
(2) Retransmission Scheme
• Error control schemes that involve error detection and retransmission
of lost or corrupted frames are referred to as Automatic Repeat
Request (ARQ) error control
• All retransmission schemes use all or a subset of the following
procedures:
– Receiver sends an acknowledgment (ACK) if a frame is correctly received
– Receiver sends a negative acknowledgment (NAK) if a frame is not
rectly received.
– The sender retransmits a packet if an ACK is not received within a timeout
interval.
– All retransmission schemes (using ACK, NAK or both) rely on the use of
timers.
June 21, 2017 www.snipe.co.in 91
92. • The most common ARQ retransmission schemes:
– Stop-and-Wait ARQ
– Go-Back-N ARQ
– Selective Repeat ARQ
• The protocol for sending ACKs in all ARQ protocols are based on the
sliding window flow control scheme
June 21, 2017 www.snipe.co.in 92
94. June 21, 2017 www.snipe.co.in 94
Introduction
Network Layer figure out the network topology, handle routing and to
prepare data for transmission. The network layer is concerned with the
following primary functions:
- Communication with the Transport layer above.
- Encapsulation of Transport data into Network layer Protocol Data
Units.
- Management of connectivity and routing between hosts or networks
. - Communication with the data link layer below.
95. June 21, 2017 www.snipe.co.in 95
Source-To-Destination Delivery
The network layer is responsible for the delivery of individual packets
from the source host to the destination host.
96. June 21, 2017 www.snipe.co.in 96
Complexity at the Edge or in the Core?
97. June 21, 2017 www.snipe.co.in 97
End-to-End Packet Network
• Individual packet streams are highly bursty
• Statistical multiplexing is used to concentrate streams
• User demand can undergo dramatic change
• Peer-to-peer applications stimulated huge growth in traffic volumes
• Internet structure highly decentralized
• Paths traversed by packets can go through many networks controlled
by different organizations
• No single entity responsible for end-to-end service
98. June 21, 2017 www.snipe.co.in 98
Access Multiplexing
• Packet traffic from users multiplexed at access to network into aggregated streams
• Statistical multiplexing allows oversubscription: R << X x r
• Many examples: LAN switches, Cable Modem Termination System, DSL Access
Mux, …
Access Multiplexing
99. June 21, 2017 www.snipe.co.in 99
Key Network-Layer Functions
• Routing: mechanisms for determining the set of best paths for routing
packets requires the collaboration of network elements
• Forwarding: transfer of packets from network element (NE) inputs to
outputs
• Priority & Scheduling: determining order of packet transmission in
each NE
• Congestion control, segmentation & reassembly, security
100. June 21, 2017 www.snipe.co.in 100
Key Role of Routing
How to get packet from here to there?
• Decentralized nature of Internet makes routing a major challenge
• Interior gateway protocols (IGPs) are used to determine routes within a
domain
• Exterior gateway protocols (EGPs) are used to determine routes across
domains
• Routes must be consistent & produce stable flows
• Scalability required to accommodate growth
• Hierarchical structure of IP addresses essential to keeping size of
routing tables manageable
101. June 21, 2017 www.snipe.co.in 101
Distance Vector Routing
• Historically known as the old ARPANET routing algorithm {or known
as Bellman-Ford algorithm}.
Basic idea: each network node maintains a Distance Vector table
containing the distance between itself and ALL possible destination
nodes.
• Distances are based on a chosen metric and are computed using
information from the neighbors’ distance vectors.
• Metric: usually hops or delay
102. June 21, 2017 www.snipe.co.in 102
Distance Vector Routing
Figure (a) A subnet. (b) Input from A, I, H, K, and the new
routing table for J.
104. June 21, 2017 www.snipe.co.in 104
Agenda
• What is security?
• Why do we need security?
• Who is vulnerable?
• Common security attacks and countermeasures
105. June 21, 2017 www.snipe.co.in 105
What is Security
Dictionary.com says:
1.Freedom from risk or danger; safety.
2. Freedom from doubt, anxiety, or fear; confidence.
3. Something that gives or assures safety, as:
- A group or department of private guards: Call building security
if a visitor acts suspicious.
- Measures adopted by a government to prevent espionage,
sabotage, or attack.
- Measures adopted, as by a business or homeowner, to prevent a
crime such as burglary or assault: Security was lax at the firm's
smaller plant.
…etc.
106. June 21, 2017 www.snipe.co.in 106
Why do we need Security
• Protect vital information while still allowing access to those who need
it
– Trade secrets, medical records, etc.
• Provide authentication and access control for resources
– Ex: AFS
• Guarantee availability of resources
– Ex: 5 9’s (99.999% reliability)
107. June 21, 2017 www.snipe.co.in 107
Who is Vulnerable
• Financial institutions and banks
• Internet service providers
• Pharmaceutical companies
• Government and defense agencies
• Contractors to various government agencies
• Multinational corporations
• ANYONE ON THE NETWORK
108. June 21, 2017 www.snipe.co.in 108
Common security attacks and their Countermeasures
• Finding a way into the network
- Firewalls
• Exploiting software bugs, buffer overflows
- Intrusion Detection Systems
• Denial of Service
- Ingress filtering, IDS
• TCP hijacking
- IPSec
• Packet sniffing
- Encryption (SSH, SSL, HTTPS)
• Social problems
- Education
109. June 21, 2017 www.snipe.co.in 109
Firewalls
• Basic problem – many network applications and protocols have
security problems that are fixed over time.
• Difficult for users to keep up with changes and keep host secure.
• Solution:
- Administrators limit access to end hosts by using a firewall.
- Firewall is kept up-to-date by administrators.
110. June 21, 2017 www.snipe.co.in 110
Firewalls
• A firewall is like a castle with a drawbridge
- Only one point of access into the network.
- This can be good or bad.
• Can be hardware or software
- Ex. Some routers come with firewall functionality.
- ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X
have built in firewalls.
111. June 21, 2017 www.snipe.co.in 111
Firewalls
Intranet
DMZInternet
Firewall
Firewall
Web server, email
server, web proxy,
etc
112. June 21, 2017 www.snipe.co.in 112
Firewalls
• Used to filter packets based on a combination of features
• These are called packet filtering firewalls
- There are other types too, but they will not be discussed
• Ex. Drop packets with destination port of 23 (Telnet)
• Can use any combination of IP/UDP/TCP header information
• man ipfw on unix47 for much more detail
• But why don’t we just turn Telnet off?
113. June 21, 2017 www.snipe.co.in 113
Firewalls
• Here is what a computer with a default Windows XP install looks like:
- 135/tcp open loc-srv
- 139/tcp open netbios-ssn
- 445/tcp open microsoft-ds
- 1025/tcp open NFS-or-IIS
- 3389/tcp open ms-term-serv
- 5000/tcp open UPnP
• Might need some of these services, or might not be able to control all the
machines on the network
114. June 21, 2017 www.snipe.co.in 114
Firewalls
• What does a firewall rule look like?
• Depends on the firewall used
• Example: ipfw
• /sbin/ipfw add deny tcp from cracker.evil.org to wolf.tambov.su
telnet.
• Other examples: WinXP & Mac OS X have built in and third party
firewalls
- Different graphical user interfaces
- Varying amounts of complexity and power
115. June 21, 2017 www.snipe.co.in 115
Intrusion Detection
• Used to monitor for “suspicious activity” on a network
- Can protect against known software exploits, like buffer overflows
• Open Source IDS: Snort, www.snort.org
116. June 21, 2017 www.snipe.co.in 116
Intrusion Detection
• Uses “intrusion signatures”
• Well known patterns of behavior
- Ping sweeps, port scanning, web server indexing, OS
fingerprinting, DoS attempts, etc.
• Example
• IRIX vulnerability in webdist.cgi
• Can make a rule to drop packets containing the line
- “/cgi-bin/webdist.cgi?distloc=?;cat%20/etc/passwd”
• However, IDS is only useful if contingency plans are in place to curb
attacks as they are occurring
117. June 21, 2017 www.snipe.co.in 117
Minor Detour
• Say we got the /etc/passwd file from the IRIX server
• What can we do with it?
118. June 21, 2017 www.snipe.co.in 118
Dictionary Attack
• We can run a dictionary attack on the passwords
- The passwords in /etc/passwd are encrypted with the crypt(3)
function (one-way hash)
- Can take a dictionary of words, crypt() them all, and compare with
the hashed passwords
• This is why your passwords should be meaningless random junk!
For example, “sdfo839f” is a good password
- That is not my andrew password
- Please don’t try it either
119. June 21, 2017 www.snipe.co.in 119
Denial of Service
• Purpose: Make a network service unusable, usually by overloading the
server or network
• Many different kinds of DoS attacks
- SYN flooding
- SMURF
- Distributed attacks
- Mini Case Study: Code-Red
120. June 21, 2017 www.snipe.co.in 120
Denial of Service
• SYN flooding attack
• Send SYN packets with bogus source address
Why?
• Server responds with SYN ACK and keeps state about TCP half-open
connection
- Eventually, server memory is exhausted with this state
• Solution: use “SYN cookies”
- In response to a SYN, create a special “cookie” for the connection,
and forget everything else
- Then, can recreate the forgotten information when the ACK comes
in from a legitimate connection
121. June 21, 2017 www.snipe.co.in 121
Denial of Service
122. June 21, 2017 www.snipe.co.in 122
Denial of Service
• SMURF
- Source IP address of a broadcast ping is forged
- Large number of machines respond back to victim, overloading it
123. June 21, 2017 www.snipe.co.in 123
Denial of Service
• ICMP echo (spooted source address of victim) Sent to IP broadcast
Address
• ICMP echo reply
124. June 21, 2017 www.snipe.co.in 124
Denial of Service
• Distributed Denial of Service
• Same techniques as regular DoS, but on a much larger scale
• Example: Sub7Server Trojan and IRC bots
- Infect a large number of machines with a “zombie” program
- Zombie program logs into an IRC channel and awaits
commands
Example:
• Bot command: !p4 207.71.92.193
• Result: runs ping.exe 207.71.92.193 -l 65500 -n 10000
• Sends 10,000 64k packets to the host (655MB!)
125. June 21, 2017 www.snipe.co.in 125
Denial of Service
• Mini Case Study – CodeRed
July 19, 2001: over 359,000 computers infected with Code-Red in less
than 14 hours
• Used a recently known buffer exploit in Microsoft IIS
• Damages estimated in excess of $2.6 billion
126. June 21, 2017 www.snipe.co.in 126
Denial of Service
• Why is this under the Denial of Service category?
- CodeRed launched a DDOS attack against www1.whitehouse.gov from
the 20th to the 28th of every month!
- Spent the rest of its time infecting other hosts
127. June 21, 2017 www.snipe.co.in 127
Denial of Service
• How can we protect ourselves?
• Ingress filtering
- If the source IP of a packet comes in on an interface which does
not have a route to that packet, then drop it
- RFC 2267 has more information about this
• Stay on top of CERT advisories and the latest security patches
- A fix for the IIS buffer overflow was released sixteen days
before CodeRed had been deployed!
128. June 21, 2017 www.snipe.co.in 128
TCP Attacks
• Recall how IP works…
• End hosts create IP packets and routers process them purely based
on destination address alone
• Problem: End hosts may lie about other fields which do not affect
delivery
• Source address – host may trick destination into believing that the
packet is from a trusted source
- Especially applications which use IP addresses as a simple
authentication method
- Solution – use better authentication methods
129. June 21, 2017 www.snipe.co.in 129
TCP Attacks
• TCP connections have associated state
- Starting sequence numbers, port numbers
• Problem – what if an attacker learns these values?
- Port numbers are sometimes well known to begin with (ex. HTTP
uses port 80)
- Sequence numbers are sometimes chosen in very predictable ways
• If an attacker learns the associated TCP state for the connection, then
the connection can be hijacked!
• Attacker can insert malicious data into the TCP stream, and the recipient
will believe it came from the original source
- Ex. Instead of downloading and running new program, you download a
virus and execute it
130. June 21, 2017 www.snipe.co.in 130
TCP Attacks
Say hello to Alice, Bob and Mr. Big Ears
131. June 21, 2017 www.snipe.co.in 131
TCP Attacks
Alice and Bob have an established TCP connection
132. June 21, 2017 www.snipe.co.in 132
TCP Attacks
Mr. Big Ears lies on the path between Alice and Bob on the network
• He can intercept all of their packets
133. June 21, 2017 www.snipe.co.in 133
TCP Attacks
First, Mr. Big Ears must drop all of Alice’s packets since they must not
be delivered to Bob (why?)
Packets
The Void
134. June 21, 2017 www.snipe.co.in 134
TCP Attacks
Then, Mr. Big Ears sends his malicious packet with the next ISN (sniffed
from the network)
ISN, SRC=Alice
135. June 21, 2017 www.snipe.co.in 135
TCP Attacks
What if Mr. Big Ears is unable to sniff the packets between Alice and
Bob?
- Can just DoS Alice instead of dropping her packets
- Can just send guesses of what the ISN is until it is accepted
• How do you know when the ISN is accepted?
- Mitnick: payload is “add self to .rhosts”
- Or, “xterm -display MrBigEars:0”
136. June 21, 2017 www.snipe.co.in 136
TCP Attacks
Why are these types of TCP attacks so dangerous?
Web server
Malicious user
Trusting web client
137. June 21, 2017 www.snipe.co.in 137
TCP Attacks
• How do we prevent this?
• IPSec
- Provides source authentication, so Mr. Big Ears cannot pretend to
be Alice
- Encrypts data before transport, so Mr. Big Ears cannot talk to Bob
without knowing what the session key is
138. June 21, 2017 www.snipe.co.in 138
Packet Sniffing
• Recall how Ethernet works …
• When someone wants to send a packet to some else …
• They put the bits on the wire with the destination MAC address …
• And remember that other hosts are listening on the wire to detect for
collisions …
• It couldn’t get any easier to figure out what data is being transmitted
over the network!
• This works for wireless too!
• In fact, it works for any broadcast-based medium
139. June 21, 2017 www.snipe.co.in 139
Packet Sniffing
• What kinds of data can we get?
• Asked another way, what kind of information would be most useful to
a malicious user?
• Answer: Anything in plain text
- Passwords are the most popular
140. June 21, 2017 www.snipe.co.in 140
Packet Sniffing
• How can we protect ourselves?
• SSH, not Telnet
- Many people at CMU still use Telnet and send their password in the clear (use
PuTTY instead!)
- Now that I have told you this, please do not exploit this information
- Packet sniffing is, by the way, prohibited by Computing Services
• HTTP over SSL
- Especially when making purchases with credit cards!
• SFTP, not FTP
- Unless you really don’t care about the password or data
- Can also use KerbFTP (download from MyAndrew)
• IPSec
- Provides network-layer confidentiality
141. June 21, 2017 www.snipe.co.in 141
Conclusions
• The Internet works only because we implicitly trust one another
• It is very easy to exploit this trust
• The same holds true for software
• It is important to stay on top of the latest CERT security advisories to
know how to patch any security holes
144. • Introduction
• Transport Protocols
• Addressing
• Multiplexing
• User Datagram Protocol (UDP)
• Transmission Control Protocol (TCP)
• Reliable Delivery
• Flow Control
Agenda
145. June 21, 2017 www.snipe.co.in 145
Introduction
The Transport Layer resides above the Network Layer and below the
Session Layer.
• The Transport Layer is responsible for delivering messages between
networked hosts
• As part of this, the Transport Layer is also responsible for
fragmentation and reassembly.
• In addition, some Transport Layer protocols also provide services to
manage flow control and end-to-end error recovery.
146. June 21, 2017 www.snipe.co.in 146
Transport Protocols
147. June 21, 2017 www.snipe.co.in 147
Transport Protocols -Functions
Functions that you can encounter in the Transport Layer are:
– Error Handling
– Flow Control
– Multiplexing
– Connection Set-up and Release
– Congestion Handling
– Segmentation and Reassembly
– Addressing
148. June 21, 2017 www.snipe.co.in 148
Transport Layer for IP Networks
• In the Internet world, there are two different Transport Layer
Protocols:
User Datagram Protocol (UDP)
• Simple (asynchronous) multiplexing protocol
Transport Control Protocol (TCP)
• Reliable connection oriented byte-stream protocol
• Which of the two is used can be seen in the Protocol Field of the IP
Header.
• The PDUs that transport protocol entities exchange are called
segments.
149. June 21, 2017 www.snipe.co.in 149
Transport Layer Addressing
HostHost
• Network SAP = IP Address
• It uniquely identifies the host
Transport
Protocol
Entity
Transport
Protocol
Entity
Network Service Provider
IP Address IP Address
Appl. z Appl. zAppl. y Appl. yAppl. x Appl. x
150. June 21, 2017 www.snipe.co.in 150
Transport Layer Addressing
• Transport SAP = IP Address + Port Number
• For the Internet, there are well known port numbers for the
application protocols:
– smtp: port number = 25
– http: port number = 80
• There is an RFC (Request For Comments) that specifies the well
known port numbers: RFC 1700.
151. June 21, 2017 www.snipe.co.in 151
Multiplexing
• Upward Multiplexing
- The transport layer can send several transmissions bound for the same
destination along the same path.
- It is useful when the underlying networks have high throughput.
• Downward Multiplexing
- It is useful when the underlying networks have low or slow capacity (e.g.,
X.25’s three bit sequence code).
152. June 21, 2017 www.snipe.co.in 152
User Datagram Protocol (UDP)
• End-to-End communication for user processes
• Processes must communicate with packets (byte arrays)
• Processes must be prepared for some packets not to arrive
• Must also be prepared for other packets to arrive out of order (the
line in the previous diagram is not a FIFO queue)
153. June 21, 2017 www.snipe.co.in 153
Transmission Control Protocol (TCP)
• End-to-End communication for user processes
• Processes can communicate in a simple stream of binary data
• Each byte of data will arrive in the order it was sent
• If some part of the data cannot be received this will be made explicit
by an error being passed to the user code
(e.g. an Exception)
End-to-End Delivery
• The network layer treats each packet as an independent entry, even
those belonging to a single message.
• The transport layer oversees the end-to-end (source-to- destination)
delivery of an entire message.
154. June 21, 2017 www.snipe.co.in 154
Aspects of reliable delivery
Reliable Delivery
155. June 21, 2017 www.snipe.co.in 155
Error Control
• Mechanisms for error control are based on error detection and
retransmission.
• Error detections are performed using algorithms implemented in
software, such as checksum.
• We already have error handling at the data link layer, why do we
need it at the transport layer?
156. June 21, 2017 www.snipe.co.in 156
Sequence Control
Segmentation Reassembly
157. June 21, 2017 www.snipe.co.in 157
Reliable Delivery
• Segmentation and Reassembly
- Transport layer adds a sequence number at each segment.
- This number indicates the order for reassembly.
- Each segment carries a field that indicates whether it is the
final segment or middle segment of a transmission.
• Concatenation and Separation
- When the size of the data unit belonging to a single session is so
small that several units can fit together into a single datagram.
- A sequence number at each unit allows correct separation at the
destination.
158. June 21, 2017 www.snipe.co.in 158
(Contd..)
• Loss Control
- Sequence numbers allow the receiver’s transport layer protocol to
identify any missing segments and request redelivery.
159. June 21, 2017 www.snipe.co.in 159
(Contd..)
• Duplication Control
- Sequence numbers allow the receiver to identify and discard
duplicate segments.
160. June 21, 2017 www.snipe.co.in 160
Flow Control
• Flow control at this layer is performed end-to-end rather than across
a single link.
• A sliding window is used to make data transmission more efficient as
well as to control the flow of data so that the receiver does not
become overwhelmed.
• Some points about sliding windows at the transport layer:
- The sender does not have to send a full window’s worth of data.
- An acknowledgment can expand the size of the window based
on the sequence number of the acknowledged data segment.
- The size of the window can be increased or decreased by the
receiver.
- The receiver can send an acknowledgment at anytime.
162. June 21, 2017 www.snipe.co.in 162
Agenda
• Introduction
• Session layer protocols
• Session Layer Functions
- Session Establishment and Termination
- Dialogue control
163. June 21, 2017 www.snipe.co.in 163
Introduction
• Session layer provides mechanism for controlling the dialogue between
the two end systems. It defines how to start, control and end
conversations (called sessions) between applications.
• This layer requests for a logical connection to be established on an end-
user’s request.
• Any necessary log-on or password validation is also handled by this
layer.
• Session layer is also responsible for terminating the connection. This
layer provides services like dialogue discipline which can be full duplex
or half duplex.
• Session layer can also provide check-pointing mechanism such that if a
failure of some sort occurs between checkpoints, all data can be
retransmitted from the last checkpoint.
164. June 21, 2017 www.snipe.co.in 164
The session layer is responsible for dialog
control and synchronization.
165. June 21, 2017 www.snipe.co.in 165
Examples
• DLC (data link control)
• PAP (printer access control)
• SMB (server message block)
• ASP (AppleTalk session protocol)
• NetBIOS (network basic input/output system)
• ZIP (zone information protocol).
166. June 21, 2017 www.snipe.co.in 166
Session Layer Functions
Session Establishment and Termination
• A session is a communication relationship between two applications
residing in two different end systems connected to a common inter
network.
• The Session Layer must define mechanisms for establishing these
sessions, negotiating their parameters, supervising their activity, and
terminating sessions that are no longer needed.
• The logical way to do this would be to provide session numbers or
addresses.
167. June 21, 2017 www.snipe.co.in 167
(Contd..)
Dialogue control
There are three types of sessions that can be implemented:
many-to-one, one-to-one, and one-to-many.
• Many-to-one is the classic client/server model where multiple users
are accessing a common services (e.g., thousands of subscribers
accessing the amazon.com website).
• One-to-one, or peer-to-peer, could be the session established between
the PDA (Personal digital assistance) and the laptop to synchronize
the respective databases.
• One-to-many is a push operation that sends information from a single
server to many users (e.g., the Wall Street Journal online).
168. June 21, 2017 www.snipe.co.in 168
Presentation Layer
169. June 21, 2017 www.snipe.co.in 169
Agenda
• Explain the presentation layer in simple terms.
• Give an overview of the presentation layer.
• Describe graphics formats
• Describe multimedia formats
• Recognize data format.
• Explain data encryption.
• Describe data compression.
170. June 21, 2017 www.snipe.co.in 170
Explain the Presentation layer in simple terms
• The presentation layer is responsible for presenting data in a form that
the receiving device can understand.
• To better understand the concept, use the analogy of two people
speaking different languages. The only way for them to understand each
other is to have another person translate. The presentation layer serves
as the translator for devices that need to communicate over a network.
171. June 21, 2017 www.snipe.co.in 171
Give an overview of the presentation layer
The presentation layer, provides three main functions. Those functions
are:
- data formatting (presentation)
- data encryption
- data compression
172. June 21, 2017 www.snipe.co.in 172
(Contd..)
- After receiving data from the application layer, the presentation layer
performs one, or all, of its functions on the data before it sends them to
the session layer.
- At the receiving station, the presentation layer takes the data from the
session layer and performs the required functions before passing them to
the application layer.
173. June 21, 2017 www.snipe.co.in 173
Recognize data format
174. June 21, 2017 www.snipe.co.in 174
Describe graphics formats
175. June 21, 2017 www.snipe.co.in 175
Describe multimedia formats
176. June 21, 2017 www.snipe.co.in 176
Explain data encryption
• Presentation layer is responsible for data encryption. Data encryption
protects information during its transmission.
• Financial transactions (e.g. credit card information) use encryption to
protect sensitive information as it traverses the Internet. An encryption
key is used to encrypt the data at its source and then to decrypt the data
at its destination.
178. June 21, 2017 www.snipe.co.in 178
Describe data compression
• The presentation layer is also responsible for the compression of
files. Compression works by using algorithms (complex mathematical
formulas) to shrink the size of the file.
• The algorithm searches the file for repeating bit patterns, and then
replaces them with a token. A token is a much shorter bit pattern that
represents the long pattern. A simple analogy might be the name Cathy
(the nickname), the token, to refer to anyone whose full name is
Catherine.
180. June 21, 2017 www.snipe.co.in 180
Application Layer
181. June 21, 2017 www.snipe.co.in 181
• Introduction
• Application Layer protocols
• Application layer example
HTTP
SMTP
FTP
Agenda
182. June 21, 2017 www.snipe.co.in 182
Introduction
• Application layer interacts with application programs and is the
highest level of OSI model.
• Application layer contains management functions to support
distributed applications.
• Examples of application layer are applications such as file transfer,
electronic mail, remote login etc.
Network Layer
Transport Layer
Applications
(e.g., email, web,
word processing)
Application Layer
183. June 21, 2017 www.snipe.co.in 183
The application layer is responsible for
providing services to the user.
184. June 21, 2017 www.snipe.co.in 184
Application Layer protocols
Many different application layer protocols
185. June 21, 2017 www.snipe.co.in 185
Application layer example: HTTP
• Hypertext Transfer Protocol (HTTP)
Protocol to access to web pages
• Remember: purpose of protocol
Definition of message format
» Types of messages
» Syntax of messages (i.e., fields and delineation)
» Semantics of fields
Definition of message exchange
» When and how to send messages
» When and how to respond
• What does HTTP look like?
186. June 21, 2017 www.snipe.co.in 186
Application layer example: SMTP
Electronic Mail
• Mail servers
- Transfer mail
- Store mail in
- Mailboxes
• User agents
- Access mail from server
- Transmit new mail
• Protocols
- Simple Mail Transfer Protocol (SMTP)
- Post Office Protocol (POP)
- Internet Mail Access Protocol (IMAP)
- Web-based email access (HTTP)
187. June 21, 2017 www.snipe.co.in 187
Electronic mail (Contd..)
• Sending of email
• Alice uses user agent (UA) to compose message and “to”
bob@someschool.edu
• Alice’s UA sends message to her mail server; message placed in
message queue
• Client side of SMTP opens TCP connection with Bob’s mail server
• SMTP client sends Alice’s message over the TCP connection
• Bob’s mail server places the message in Bob’s mailbox
• Bob invokes his user agent to read message
191. June 21, 2017 www.snipe.co.in 191
Implementation in JAVA
192. June 21, 2017 www.snipe.co.in 192
Understanding Socket
• Sockets provide an interface for programming networks at the transport
layer.
• Network communication using Sockets is very much similar to
performing file I/O
– In fact, socket handle is treated like file handle.
– The streams used in file I/O operation are also applicable to socket-
based I/O
• Socket-based communication is programming language independent.
– That means, a socket program written in Java language can also
communicate to a program written in Java or non-Java socket
program.
193. June 21, 2017 www.snipe.co.in 193
Socket Communication
Serve
r
Client
Connection request
port
A server (program) runs on a specific computer and has a socket that
is bound to a specific port.
The server waits and listens to the socket for a client to make a
connection request.
194. June 21, 2017 www.snipe.co.in 194
(Contd..)
If everything goes well, the server accepts the connection.
Upon acceptance, the server gets a new socket bounds to a different
port.
It needs a new socket (consequently a different port number) so that it
can continue to listen to the original socket for connection requests
while serving the connected client.
195. June 21, 2017 www.snipe.co.in 195
Socket and Java Socket
• A socket is an endpoint of a two-way communication link between
two programs running on the network.
• A socket is bound to a port number so that the TCP layer can identify
the application that data destined to be sent.
• Java’s .net package provides two classes:
- Socket – for implementing a client
Server Socket – for implementing a server
196. June 21, 2017 www.snipe.co.in 196
(Contd..)
ServerSocket(1234)
Socket(“128.250.25.158”, 1234)
Output/write stream
Input/read stream
It can be host_name like “mandroo.cs.mu.oz.au”
Client
Server
197. June 21, 2017 www.snipe.co.in 197
Socket Programming Steps:
Client:
1. Determine server location – IP address & port
2. Open network connection to server
3. Write data to server (request)
4. Read data from server (response)
5. Close network connection
6. Stop client
Server:
1. Determine server location - port (& IP address)
2. Create server to listen for connections
3. Open network connection to client
4. Read data from client (request)
5. Write data to client (response)
6. Close network connection to client
7. Stop server
198. June 21, 2017 www.snipe.co.in 198
Socket Programming using TCP
199. June 21, 2017 www.snipe.co.in 199
Implementing Server
1. Open the Server Socket:
ServerSocket server;
DataOutputStream os;
DataInputStream is;
server = new ServerSocket( PORT );
2. Wait for the Client Request:
Socket client = server.accept();
3. Create I/O streams for communicating to the client
is = new DataInputStream( client.getInputStream() );
os = new DataOutputStream( client.getOutputStream() );
200. June 21, 2017 www.snipe.co.in 200
4. Perform communication with client
Receive from client: String line = is.readLine();
Send to client: os.writeBytes ("Hellon");
5. Close sockets: client.close();
For multithreaded server:
while(true) {
i. wait for client requests (step 2 above)
ii. create a thread with “client” socket as parameter (the thread
creates streams (as in step (3) and does communication as stated
in (4). Remove thread once service is provided.
}
(Contd..)
201. June 21, 2017 www.snipe.co.in 201
1. Create a Socket Object:
client = new Socket( server, port_id );
2. Create I/O streams for communicating with the server.
is = new DataInputStream(client.getInputStream() );
os = new DataOutputStream( client.getOutputStream() );
3. Perform I/O or communication with the server:
– Receive data from the server:
String line = is.readLine();
– Send data to the server:
os.writeBytes ("Hellon");
4. Close the socket when done:
client.close();
Implementing Client
202. June 21, 2017 www.snipe.co.in 202
Package java.net.*
204. June 21, 2017 www.snipe.co.in 204
• Each host has at least one IP Address
• Java uses 32 bit address format but supports for 128 bit address
format
• Inet Address represents IP Address
• Two fields : Host name (String) and Address(int)
• No public constructors
• Fields not public, accessed by three methods.
– public static InetAddress InetAddress.getByName(String host
name)
– Public static InetAddress InetAddress.getAllByName(String
hostname)
– Public static InetAddress InetAddress.getByLocalHost()
Class: Inet Address
221. June 21, 2017 www.snipe.co.in 221
What is a socket?
• A communication endpoint
• An OS data structure that can be created, manipulated and
used for communication using system calls
• Created using the socket() system call
– fd = socket(AF_INET, SOCK_STREAM, 0)
• Socket must be named before someone can connect to it
– Similar to giving address to postal mailbox, phone number
– bind() system call does that
domaindomain
socket type
• SOCK_STREAM: reliable byte stream, connection-oriented
(like telephone)
• SOCK_DGRAM: unreliable, message-based, connectionless
(like postal mail)
socket type
• SOCK_STREAM: reliable byte stream, connection-oriented
(like telephone)
• SOCK_DGRAM: unreliable, message-based, connectionless
(like postal mail)
protocol (normally 0)protocol (normally 0)File descriptorFile descriptor
222. June 21, 2017 www.snipe.co.in 222
Socket Domains
• AF_UNIX: sockets are filenames
– /dev/printer used by printer daemon to receive requests (from
processes running on same host)
– /dev/log used by logger process that records noteworthy events
such as hardware errors or authentication failures
– ls –l /dev/log gives
srw-rw-rw- root root Mar 14 2:25 /dev/log=
• AF_INET: socket names are (host, port) pairs, host is an internet
address
indicates special file (socket)indicates special file (socket)
223. June 21, 2017 www.snipe.co.in 223
• Server:
1. socket()
2. bind()
3. listen()
4. accept()
• accept() returns a new file
descriptor to be used to
communicate with incoming
requester
• old (listening) socket remains
• Server:
1. socket()
2. bind()
3. listen()
4. accept()
• accept() returns a new file
descriptor to be used to
communicate with incoming
requester
• old (listening) socket remains
• Client:
1. socket()
2. connect()
• “Unpleasant” calls (use weird
data structures as arguments
and may need casts)
• Client:
1. socket()
2. connect()
• “Unpleasant” calls (use weird
data structures as arguments
and may need casts)
Socket Connection Overview
224. June 21, 2017 www.snipe.co.in 224
(Contd..)
• Once a connection is established, communication is just like
reading/writing a file
• Sockets give us file descriptors
- To send data: write() system call
- To receive data: read() system call
• Can convert them to FILE * to use with fprintf() or fscanf() for
formatted messages
• Note: read() and write() read/write bytes, not ints, floats, or objects!
char *data = “hello”;
write(sock, data, 6);
char *data = “hello”;
write(sock, data, 6);
int x;
char y, z;
read(sock, &x, 4);
read(sock, &y, 1);
read(sock, &z, 1);
int x;
char y, z;
read(sock, &x, 4);
read(sock, &y, 1);
read(sock, &z, 1);
network
x = 1819043176
y = ‘o’
z = 0
4 bytes ‘h’, ‘e’, ‘l’, ‘o’
interpreted as a 32-bit integer
225. June 21, 2017 www.snipe.co.in 225
Sending objects over the network
• To convert between the network byte order and the host byte order
- ntohl(): Network to host (byte order) long (32 bits)
- ntohs(): Network to host (byte order) short (16 bits)
- htonl(): Host to network (byte order) long (32 bits)
- htons(): Host to network (byte order) short (16 bits)
- On Intel 80x86 host byte order is Least Significant Byte first,
Internet byte order is Most Significant byte first, so make sure
you use these calls!
- Remember: a port number is a short (16 bits) so use to print
port of incoming connection (for example)
- Do “man ntohl” etc
• For more complicated objects (C arrays, structures, even with pointers
in them): use XDR (eXternal Data Representation) calls (“man xdr”)
Introduced by Sun Microsystems
226. June 21, 2017 www.snipe.co.in 226
Example TCP/IP Server Code
227. June 21, 2017 www.snipe.co.in 227
/*
* Simple TCP/IP socket server.
*/
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <iostream.h>
#include <string.h>
#include <sys/time.h>
#include <sys/types.h>
/* Creates a socket that listens for connections.
* Returns: the file descriptor of the listener on success,
* -1 on failure.
*/
int MakeListener()
{
/* Create a socket (i.e., communication endpoint). */
int listener = socket(AF_INET, SOCK_STREAM, 0);
if (listener < 0) {
cerr << "Couldn't create socketn";
return -1;
}
/*
* Simple TCP/IP socket server.
*/
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <iostream.h>
#include <string.h>
#include <sys/time.h>
#include <sys/types.h>
/* Creates a socket that listens for connections.
* Returns: the file descriptor of the listener on success,
* -1 on failure.
*/
int MakeListener()
{
/* Create a socket (i.e., communication endpoint). */
int listener = socket(AF_INET, SOCK_STREAM, 0);
if (listener < 0) {
cerr << "Couldn't create socketn";
return -1;
}
228. June 21, 2017 www.snipe.co.in 228
/* Name the socket
* (required before receiving connections)
*/
struct sockaddr_in s1;
bzero((char *) &s1, sizeof(s1)); /* They say to do this */
s1.sin_family = AF_INET;
s1.sin_addr.s_addr = INADDR_ANY; /* Use any of host’s addresses. */
s1.sin_port = 0; /* Have a port number assigned to us. */
if (bind(listener, (sockaddr *) &s1, sizeof(s1)) < 0) {
cerr << "Couldn't bind address to socketn";
return -1;
}
/* Get the host name. */
char hostname[48];
gethostname(hostname, 48);
/* Name the socket
* (required before receiving connections)
*/
struct sockaddr_in s1;
bzero((char *) &s1, sizeof(s1)); /* They say to do this */
s1.sin_family = AF_INET;
s1.sin_addr.s_addr = INADDR_ANY; /* Use any of host’s addresses. */
s1.sin_port = 0; /* Have a port number assigned to us. */
if (bind(listener, (sockaddr *) &s1, sizeof(s1)) < 0) {
cerr << "Couldn't bind address to socketn";
return -1;
}
/* Get the host name. */
char hostname[48];
gethostname(hostname, 48);
229. June 21, 2017 www.snipe.co.in 229
/* Get the name of the socket.
* We only care about the port number, so that
* the clients know how to connect to our socket.
*/
size_t length;
length = sizeof(s1);
getsockname(listener, (sockaddr *) &s1, &length);
cout << "nListening on host: " << hostname;
cout << ", port: " << ntohs(s1.sin_port) << "nn";
/* Start listening for connections. */
if (listen(listener, 1) < 0) {
cerr << "Couldn't listen().n";
return -1;
}
cout << "Ready for incoming connectionsn";
return listener;
}
/* Get the name of the socket.
* We only care about the port number, so that
* the clients know how to connect to our socket.
*/
size_t length;
length = sizeof(s1);
getsockname(listener, (sockaddr *) &s1, &length);
cout << "nListening on host: " << hostname;
cout << ", port: " << ntohs(s1.sin_port) << "nn";
/* Start listening for connections. */
if (listen(listener, 1) < 0) {
cerr << "Couldn't listen().n";
return -1;
}
cout << "Ready for incoming connectionsn";
return listener;
}
230. June 21, 2017 www.snipe.co.in 230
int main()
{
int listener = MakeListener();
if (listener < 0) return -1;
for (;;) {
/* Wait for, and then accept an incoming connection. */
cout << "Server waiting for connectionsn";
struct sockaddr_in s2;
size_t length = sizeof(s2);
int conn = accept(listener, (sockaddr *) &s2, &length);
/* We now have a connection to a client via
* file descriptor "conn".
*/
cout << "Server accepted connectionn";
/* Get a message from the client. */
char data[128];
int msglen = read(conn, data, 128);
cout << "Server got " << msglen << " byte message: " << data << "n";
int main()
{
int listener = MakeListener();
if (listener < 0) return -1;
for (;;) {
/* Wait for, and then accept an incoming connection. */
cout << "Server waiting for connectionsn";
struct sockaddr_in s2;
size_t length = sizeof(s2);
int conn = accept(listener, (sockaddr *) &s2, &length);
/* We now have a connection to a client via
* file descriptor "conn".
*/
cout << "Server accepted connectionn";
/* Get a message from the client. */
char data[128];
int msglen = read(conn, data, 128);
cout << "Server got " << msglen << " byte message: " << data << "n";
231. June 21, 2017 www.snipe.co.in 231
/* Send a quick acknowledgement to the client
* (the number of bytes we received).
*/
write(conn, &msglen, sizeof(msglen));
/* Close the connection on this end. */
close(conn);
}
cout << "How did we get here?n";
return 0;
}
/* Send a quick acknowledgement to the client
* (the number of bytes we received).
*/
write(conn, &msglen, sizeof(msglen));
/* Close the connection on this end. */
close(conn);
}
cout << "How did we get here?n";
return 0;
}
232. June 21, 2017 www.snipe.co.in 232
Example TCP/IP Client Code
233. June 21, 2017 www.snipe.co.in 233
/*
* Simple TCP/IP socket client.
*/
#include <sys/socket.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <iostream.h>
int ServerConnect() {
/* Establishes a TCP/IP connection with the server.
* The user is prompted for the hostname and port number.
* Returns: the file descriptor of the socket on success,
* -1 on failure
*/
char server_host[80];
u_short server_port;
cout << "Enter the hostname the server is running onn";
cin.getline(server_host, 80);
cout << "Enter the port number the server is listening onn";
cin >> server_port;
cin.ignore(1,'n');
/*
* Simple TCP/IP socket client.
*/
#include <sys/socket.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <iostream.h>
int ServerConnect() {
/* Establishes a TCP/IP connection with the server.
* The user is prompted for the hostname and port number.
* Returns: the file descriptor of the socket on success,
* -1 on failure
*/
char server_host[80];
u_short server_port;
cout << "Enter the hostname the server is running onn";
cin.getline(server_host, 80);
cout << "Enter the port number the server is listening onn";
cin >> server_port;
cin.ignore(1,'n');
234. June 21, 2017 www.snipe.co.in 234
/* Create a socket (i.e., communication endpoint). */
int sock;
sock = socket(AF_INET, SOCK_STREAM, 0);
/* Convert (host, port) into the required form
*/
struct sockaddr_in dest;
bzero((char *) &dest, sizeof(dest)); /* They say to do this */
/* Get info about the host. */
struct hostent *hostptr = gethostbyname(server_host);
if (NULL == hostptr) {
cerr << "Error looking up host " << server_host << "n";
return -1;
}
dest.sin_family = AF_INET;
bcopy(hostptr->h_addr, (char *) &dest.sin_addr, hostptr->h_length);
dest.sin_port = htons(server_port);
/* Create a socket (i.e., communication endpoint). */
int sock;
sock = socket(AF_INET, SOCK_STREAM, 0);
/* Convert (host, port) into the required form
*/
struct sockaddr_in dest;
bzero((char *) &dest, sizeof(dest)); /* They say to do this */
/* Get info about the host. */
struct hostent *hostptr = gethostbyname(server_host);
if (NULL == hostptr) {
cerr << "Error looking up host " << server_host << "n";
return -1;
}
dest.sin_family = AF_INET;
bcopy(hostptr->h_addr, (char *) &dest.sin_addr, hostptr->h_length);
dest.sin_port = htons(server_port);
235. June 21, 2017 www.snipe.co.in 235
/* The address is set up, we're ready to connect. */
cout << "Trying to connectn";
if (connect(sock, (sockaddr *) &dest, sizeof(dest))) {
cout << "Couldn't connectn";
return -1;
}
cout << "Connection establishedn";
return sock;
}
/* The address is set up, we're ready to connect. */
cout << "Trying to connectn";
if (connect(sock, (sockaddr *) &dest, sizeof(dest))) {
cout << "Couldn't connectn";
return -1;
}
cout << "Connection establishedn";
return sock;
}
236. June 21, 2017 www.snipe.co.in 236
int main()
{
int conn = ServerConnect();
if (conn < 0) return -1;
char message[128];
int ack;
cout << "Enter message for server:n";
cin.getline(message, 128);
/* Send the message to the server. */
write(conn, message, 1+strlen(message));
/* Get the ack from the server. */
read(conn, &ack, sizeof(ack));
cout << "The server got " << ack << " bytesn";
/* Close the connection on this end. */
close(conn);
return 0;
}
int main()
{
int conn = ServerConnect();
if (conn < 0) return -1;
char message[128];
int ack;
cout << "Enter message for server:n";
cin.getline(message, 128);
/* Send the message to the server. */
write(conn, message, 1+strlen(message));
/* Get the ack from the server. */
read(conn, &ack, sizeof(ack));
cout << "The server got " << ack << " bytesn";
/* Close the connection on this end. */
close(conn);
return 0;
}