Our job might be to build web applications, but we can't build apps that rely on networking if we don't know how these networks and the big network that connects them all (this thing called the Internet) actually work.
I'll walk through the basics of networking, then dive a lot deeper (from TCP/UDP to IPv4/6, source/destination ports, sockets, DNS and even BGP).
Prepare for an eye-opener when you realize how much a typical app relies on all of these (and many more) working flawlessly... and how you can prepare your app for failure in the chain.
The time of static or dynamically generated sites is long gone. Non-stop interaction with users is the new normal. However, polling with Ajax requests is processor intensive and cumbersome. Websockets allow you to interact with users in real-time without increasing system load. We'll go through the basics and see all the different options, illustrated with live examples of how and when to use it.
The overview on Socket Programming that will lead you how to program with a short example of programming which is in slide. With the help of this you can understand about network programming.
The time of static or dynamically generated sites is long gone. Non-stop interaction with users is the new normal. However, polling with Ajax requests is processor intensive and cumbersome. Websockets allow you to interact with users in real-time without increasing system load. We'll go through the basics and see all the different options, illustrated with live examples of how and when to use it.
The overview on Socket Programming that will lead you how to program with a short example of programming which is in slide. With the help of this you can understand about network programming.
This is all about socket programming in java using TCP and UDP socket and an example of simple Echo Server.
Also includes concepts of the socket, Socket class and methods and use of those.
Overview of socket API.
A network socket is an interface for an application to connect to a host‘s network stack (part of the OS). Sockets provide an abstraction of the network. Applications use the transport services available on the socket interface for communication with a peer application.
Transport protocol such as TCP, UDP or SCTP offer different levels of service. TCP for example provides reliable stream-oriented transport service while UDP more reflects the best-effort kind of service provided by the underlying IP protocol layer.
Sockets are bound to a transport address. For TCP/IP sockets this means an IP address and port number.
Sockets provide only very basic data transport services without any higher level functions like parameter marshaling or serialization. These functions have to be performed by the applications. These functions are often hidden in middleware platforms like distributed object technologies (CORBA, RMI, DCOM) or web service frameworks (WCF, JAX-WS).
Multicast sockets make the IP multicast capability accessible to applications. Multicast sockets are often used for streaming services where multiple applications are recipients of the same data packets.
This is all about socket programming in java using TCP and UDP socket and an example of simple Echo Server.
Also includes concepts of the socket, Socket class and methods and use of those.
Overview of socket API.
A network socket is an interface for an application to connect to a host‘s network stack (part of the OS). Sockets provide an abstraction of the network. Applications use the transport services available on the socket interface for communication with a peer application.
Transport protocol such as TCP, UDP or SCTP offer different levels of service. TCP for example provides reliable stream-oriented transport service while UDP more reflects the best-effort kind of service provided by the underlying IP protocol layer.
Sockets are bound to a transport address. For TCP/IP sockets this means an IP address and port number.
Sockets provide only very basic data transport services without any higher level functions like parameter marshaling or serialization. These functions have to be performed by the applications. These functions are often hidden in middleware platforms like distributed object technologies (CORBA, RMI, DCOM) or web service frameworks (WCF, JAX-WS).
Multicast sockets make the IP multicast capability accessible to applications. Multicast sockets are often used for streaming services where multiple applications are recipients of the same data packets.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
Beyond PHP - it's not (just) about the codeWim Godden
Most PHP developers focus on writing code. But creating Web applications is about much more than just writing PHP. Take a step outside the PHP cocoon and into the big PHP ecosphere to find out how small code changes can make a world of difference on servers and network. This talk is an eye-opener for developers who spend over 80% of their time coding, debugging and testing.
Caching and tuning fun for high scalability @ phpBenelux 2011Wim Godden
Slides for "Caching and Tuning fun for high scalability" talk, given @ phpBenelux Conference - Jan 28, 2011
Note that a lot of things were explained with each slide... that content is ofcourse not in the slides, so it might make some slides very unclear.
Let's (not) get rid of all the managers!Julia Wester
Talk given at Confoo16: Are you a manager in a world that increasingly wishes you didn’t exist? The positional power structure of traditional management is at odds with an agile approach. But, don’t despair… there’s hope! Fortunately, it is possible to do your job well and have your team want to hug you instead of kill you. Julia Wester will talk about how to transform your role away from its command and control roots and be a valuable member of an agile team.
A practical step-by-step guide to Git, taking you through each phase of a project and explaining the use of Git at each step of the development process. Expect lots of how-to, but also some how-not-to, to avoid going down the wrong path.
API 101 workshop slides from APIStrat Chicgo in 9/2014. Note tat the second section, on excellent API design, is better covered in the workshop and deck pointed to on my blog, www.princesspolymat.con
In this presentation we will see a brief introduction to design patterns, their origin and why we should learn them, Then we will spend most of the presentation to transform a real code sample by extracting some of the most common used patterns.
This is my presentation on how to design APIs that developers love, that give your company good value, and that are successful in the long run. Since I use Haiku deck for my presentations, you should probably check the notes - without my interpretive dance it's the easiest way to understand what I'm talking about
What Your Database Query is Really DoingDave Stokes
Do you ever wonder what your database servers is REALLY doing with that query you just wrote. This is a high level overview of the process of running a query
Microservices Minus the Hype: How to Build and WhyMark Heckler
The presenter examines the ups & downs of adopting a microservices architecture and discusses why, in most cases, the pros outweigh the cons. In this presentation, participants see how to build & integrate microservices using popular open source tools and risks & mitigation strategies (including load balancers, circuit breakers, tests, & more) to increase software quality.
Tips on solving E_TOO_MANY_THINGS_TO_LEARN with KubernetesBen Hall
Presented at Skills Matter, 8th February 2017.
Discusses the Kubernetes community and tools such as Minikube, Kubeadm, Helm and Weave Flux. Demos driven by katacoda.com
Your app lives on the network - networking for web developersWim Godden
Our job might be to build web applications, but we can't build apps that rely on networking if we don't know how these networks and the big network that connects them all (this thing called the Internet) actually work.
I'll walk through the basics of networking, then dive a lot deeper (from TCP/UDP to IPv4/6, source/destination ports, sockets, DNS and even BGP).
Prepare for an eye-opener when you realize how much a typical app relies on all of these (and many more) working flawlessly... and how you can prepare your app for failure in the chain.
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
Beyond php - it's not (just) about the codeWim Godden
Most PHP developers focus on writing code. But creating Web applications is about much more than just wrting PHP. Take a step outside the PHP cocoon and into the big PHP ecosphere to find out how small code changes can make a world of difference on servers and network. This talk is an eye-opener for developers who spend over 80% of their time coding, debugging and testing.
Who would have thought putting 140 charachter messages about one's life online or having a virtual farm game could ever be popular ? Then again, many of us have those weird (but sometimes brilliant) ideas.
But no matter how incredible your ideas might be, getting them launched successfully takes more than writing lots of php code, smacking a sleek design on it and dropping it on a server.
So what does it take ? Where do most ideas crashland and how can you avoid making the same mistakes and transform your ideas into reality ? We'll look at what steps are needed to make a service successful and sustainable.
With PHP 8.0 recently released and PHP 5.x still accounting for over 40% of all production environments, it's time to paint a clear picture on not just why everyone should move to 8.x, but on how to get code ready for the latest version of PHP. In this talk, we'll look at some handy tools and techniques to ease the migration.
With PHP 7.2 recently released and PHP 5.3 and 5.4 still accounting for over 40% of all production environments, it's time to paint a clear picture on not just why everyone should move to 7.0 (or preferably 7.1), but on how to get code ready for the latest version of PHP.
Using the version compatibility checker for PHP_CodeSniffer and a few simple step-by-step instructions, upgrading old code to make it compatible with the latest PHP versions becomes actually really easy. In this talk, we'll migrate an old piece of code and get rid of the demons of the past and ready for the present and future.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
The time of static or dynamically generated sites is long gone. Non-stop interaction with users is the new normal. However, polling with Ajax requests is processor intensive and cumbersome. Websockets allow you to interact with users in real-time without increasing system load. We'll go through the basics and see all the different options, illustrated with live examples of how and when to use it, as well as when not to use it.
Who would have thought putting 140 charachter messages about one's life online or having a virtual farm game could ever be popular ? Then again, many of us have those weird (but sometimes brilliant) ideas.
But no matter how incredible your ideas might be, getting them launched successfully takes more than writing lots of php code, smacking a sleek design on it and dropping it on a server.
So what does it take ? Where do most ideas crashland and how can you avoid making the same mistakes and transform your ideas into reality ? We'll look at what steps are needed to make a service successful and sustainable.
With PHP 7.2 recently released and PHP 5.3 and 5.4 still accounting for over 40% of all production environments, it's time to paint a clear picture on not just why everyone should move to 7.0 (or preferably 7.1), but on how to get code ready for the latest version of PHP.
Using the version compatibility checker for PHP_CodeSniffer and a few simple step-by-step instructions, upgrading old code to make it compatible with the latest PHP versions becomes actually really easy. In this talk, we'll migrate an old piece of code and get rid of the demons of the past and ready for the present and future.
With PHP 7.2 recently released and PHP 5.3 and 5.4 still accounting for over 40% of all production environments, it's time to paint a clear picture on not just why everyone should move to 7.0 (or preferably 7.1), but on how to get code ready for the latest version of PHP.
Using the version compatibility checker for PHP_CodeSniffer and a few simple step-by-step instructions, upgrading old code to make it compatible with the latest PHP versions becomes actually really easy. In this talk, we'll migrate an old piece of code and get rid of the demons of the past and ready for the present and future.
Beyond php - it's not (just) about the codeWim Godden
Most PHP developers focus on writing code. But creating Web applications is about much more than just wrting PHP. Take a step outside the PHP cocoon and into the big PHP ecosphere to find out how small code changes can make a world of difference on servers and network. This talk is an eye-opener for developers who spend over 80% of their time coding, debugging and testing.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
From ReactPHP to Facebook Hack's Async implementation and many more, asynchronous programming has been a 'hot' topic lately. But how well does async programming support work in PHP and what can you actually use it for in your projects ? Let's look at some real-world use cases and how they leverage the power of async to do things you didn't know PHP could do.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
Beyond php - it's not (just) about the codeWim Godden
Most PHP developers focus on writing code. But creating Web applications is about much more than just wrting PHP. Take a step outside the PHP cocoon and into the big PHP ecosphere to find out how small code changes can make a world of difference on servers and network. This talk is an eye-opener for developers who spend over 80% of their time coding, debugging and testing.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
With more and more sites falling victim to data theft, you've probably read the list of things (not) to do to write secure code. But what else should you do to make sure your code and the rest of your web stack is secure ? In this tutorial we'll go through the basic and more advanced techniques of securing your web and database servers, securing your backend PHP code and your frontend javascript code. We'll also look at how you can build code that detects and blocks intrusion attempts and a bunch of other tips and tricks to make sure your customer data stays secure.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
12. Who am I ?
Wim Godden (@wimgtr)
Founder of Cu.be Solutions (http://cu.be)
Open Source developer since 1997
Developer of PHPCompatibility, OpenX, Nginx SLIC, ...
Speaker at PHP and Open Source conferences
13. Who are you ?
Developers ?
System engineers ?
Network engineers ?
Do you know how the Internet works ?
14. We’re web developers, not network engineers !
Know enough to build new stuff
Know enough to maintain existing code
What if...
Customer Support Desk Developers
15. Do you know these ?
TCP
UDP
IP
DNS
BGP
MAC address
IPv4
IPv6
SYN
ACK
Source port
Destination port
Default gateway
Routing table
16. Basics : OSI model
Physical
Layer 1
Data Link
Layer 2
Network
Layer 3
Transport
Layer 4
Session
Layer 5
Presentation
Layer 6
Application
Layer 7
Wires, network card, wireless interface
Data protocol (ethernet, ...)
IP adressing
TCP, UDP, ports, ...
TLS, L2TP, SOCKS, PPTP, ...
Serialization, data translation
HTTP, DNS, SMTP, ...
18. Basics : packets
Destination MAC (6 bytes) Source MAC (6 bytes) Type (2 bytes)
Payload (46 – 1500 bytes) CRC (4 bytes)
Part 1 : Ethernet frame
0-3 4-7 8-11 12-15 16-19 20-23 24-27 28-31
0 Version Header
length
DSCP ECN Total length
32 Identification Flags Fragment Offset
64 Time To Live Protocol Header Checksum
96 Source IP Address
128 Destination IP Address
160 Options (if required)
< Contents of the packet >
Part 2 : IPv4 header (min. 160 bytes)
Part 3 : TCP/UDP/… header and data
19. Basics : TCP packet
Bit 0-3 4-7 8-11 12-15 16-19 20-23 24-27 28-31
0 Source port Destination port
32 Sequence number
64 Acknowledgment number
96 Data
offset
Flags Window size
128 Checksum Urgent pointer
160 Options (if required)
< Contents of the packet >
20. Basics : packets
Destination MAC (6 bytes) Source MAC (6 bytes) Type (2 bytes)
Payload (46 – 1500 bytes) CRC (4 bytes)
Part 1 : Ethernet frame
21. Sending on a local network
Each system has a MAC address
Assigned by manufacturer
Can be overwritten (for VM or failover)
Same physical network → send packet to MAC address
Switch knows MAC address(es) of devices and forwards traffic
Layer 2
22. Sending IP traffic on local network
Requires IP addresses
Where to send ? We need to know MAC address
Uses ARP (Address Resolution Protocol) for lookup
Stores IP ↔ MAC relation in ARP table
What’s “local” ?
→ Same IP subnet
OK, what’s a subnet ?
Layer 3
16:58:56.933019 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.15 tell 192.168.0.12, length 28
16:58:56.938019 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.0.15 is-at 00:50:56:8b:6a:b7, length 46
23. IP adressing (IPv4)
IPv4 adressing = CIDR notation
xxx.xxx.xxx.xxx where 0 <= xxx <= 255
0.0.0.0 → 255.255.255.255
Total amount of IP addresses available :
256 * 256 * 256 * 256 = 28
* 28
* 28
* 28
= 232
= 4.3 billion
Subnet = range of IP addresses
192.168.0.0 → 192.168.0.255
Typical notation uses a “mask” :
192.168.0.0 → 192.168.0.255 = 192.168.0.0/24
IPv4 provides 232
addresses
A /24 mask gives 2(32-24)
or 28
addresses = 256 addresses
Local networks :
10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16
24. Sending IP traffic on local network
Client
192.168.0.15/24
Server
192.168.0.2/24
MAC for
192.168.0.2 ?
AA:BB:CC:DD:EE:FF
Let’s talk !
25. Sending IP traffic to remote device
Requires IP addresses
Where to send ?
Can not use ARP : MAC addresses are not shared beyond local network
Uses default gateway
Provided by DHCP or
Set statically
Must be on same subnet → address found in ARP table
Layer 3
26. Sending IP traffic to remote device
Requires IP addresses
Where to send ?
Can not use ARP : MAC addresses are not shared beyond local network
Uses default gateway
Provided by DHCP or
Set statically
Must be on same subnet → address found in ARP table
Layer 3
Client Router ServerInternet
192.168.0.15 192.168.0.1 194.7.1.4
Default gateway
MAC for
192.168.0.1 ?
AA:BB:CC:DD:EE:FF
Destination : AA:BB:CC:DD:EE:FF
Contents : TCP packet to 194.7.1.4
See ARP table : arp -a
See default gateway : route -n (Lin)
route print (Win)
27. Basics : TCP packet
Bit 0-3 4-7 8-11 12-15 16-19 20-23 24-27 28-31
0 Source port Destination port
32 Sequence number
64 Acknowledgment number
96 Data
offset
Flags Window size
128 Checksum Urgent pointer
160 Options (if required)
< Contents of the packet >
28. Establishing a TCP connection
Client Server
SYN
SYN ACK
ACK
Data
Sequence no = 1002
Acknowledge no = 9001
Sequence no = 1000
Sequence no = 1001
Acknowledge no = 9000
29. Establishing a TCP connection
Client Server
SYN
SYN ACK
ACK
Data
Sequence no = 1002
Acknowledge no = 9001
Sequence no = 1000
Sequence no = 1001
Acknowledge no = 9000
Brussels Montreal45ms
0
45
90
135
30. Establishing a TCP connection
Client Server
SYN
SYN ACK
ACK
Data
Sequence no = 1002
Acknowledge no = 9001
Sequence no = 1000
Sequence no = 1001
Acknowledge no = 9000
Brussels Montreal45ms
0
45
90
135
London10ms
10
20
30
31. TCP Window Size
Client Server
Brussels Montreal
SYN
SYN ACK
rwnd = 8192
rwnd = 8192
rwnd = 16384
ACK
DATA
sysctl net.ipv4.tcp_window_scaling
34. New vs existing connection
Client Server
Brussels Montreal45ms
0
45
90
135
280
325
SYN
SYN ACK
ACK
DATA
(x8)
ACK
(x4)
GET /url
DATA
(x4)
ACK
(x8)
370
415
Processing request
235
35. New vs existing connection
Client Server
GET /url
Brussels Montreal45ms
0
45
145
180
DATA
DATA
(x12)
ACK
(x12)
Processing request
225
36. TCP Performance
Upgrade to latest Linux kernel or OS
Check window size
Reduce latency (move servers closer to client)
Reuse already established connections
37. UDP
User Datagram Protocol
Unreliable Datagram Protocol
Connectionless
→ No 3-way handshake required
Simple packet structure
Packets might not arrive
Packets might arrive out of order
Ideal for streaming, gaming, ...
Bit 0-3 4-7 8-11 12-15 16-19 20-23 24-27 28-31
0 Source port Destination port
32 Length Checksum
< Contents of the packet >
38. TCP/UDP ports
Bit 0-3 4-7 8-11 12-15 16-19 20-23 24-27 28-31
0 Source port Destination port
32 Sequence number
64 Acknowledgment number
96 Data
offset
Flags Window size
128 Checksum Urgent pointer
160 Options (if required)
< Contents of the packet >
Bit 0-3 4-7 8-11 12-15 16-19 20-23 24-27 28-31
0 Source port Destination port
32 Length Checksum
< Contents of the packet >
TCP
UDP
39. Source and Destination ports
Destination port : defined by service
HTTP : TCP port 80
HTTPS : TCP port 443
DNS : UDP port 53
Source port : for identification of a connection
Client Server
80
80
80
5000
5001
5002
See active connections with
source/destination ports :
netstat -n
40. Fetching a website
Need to fetch http://cu.be
TCP doesn’t know what cu.be is
→ needs an IP address
Looks up IP address through DNS
Open a socket
Connect to IP address on port 80
Send HTTP request over the connection
Get data back
Get images, CSS, javascript over the same connection
Close the connection
Show the webpage
41. DNS lookups
Through a DNS server
Authoritative : in charge of the domain name
Recursive : asks the authoritative server, then caches for a while
→ Cache time is defined by TTL
Usually you will use a recursive server (owned by your provider)
Client Recursive
DNS
Server
IP for
cu.be ?
Root DNS
server
IP for
cu.be ?
.be DNS
server
cu.be DNS
server
Ask the .be
DNS server
IP for
cu.be ?Ask the cu.beDNS server
IP forcu.be ?194.50.97.38
194.50.97.38
42. DNS lookups
Actual lookups depend on type of DNS record
DNS holds lots of things :
A record = IP addresses
CNAME records = aliases for A records
MX records = mail servers
NS records = DNS servers
TXT = various stuff (anti-spam mostly)
2 tools to debug DNS :
dig
nslookup
43. Sockets
The layer between your application and TCP, UDP, ...
Abstracts syntax
Makes it easy to switch between protocols
Provides an easy interface
No need to know implementation
Send a stream of data → split up in packets
Receive lots of data → converted from packets to string
44. Packets over the Internet
Client Router ServerInternet
192.168.0.15 192.168.0.1 194.7.1.4
BGP protocol decides how packets are routed
Each public network has AS (Autonomous System) number
AS3356 = Level3
AS39628 = Cu.be
BGP announces subnets over BGP to its uplink providers :
“AS39628 here… you can reach 194.50.97.0/24 through me”
47. IPv6
Created to solve lack of IP addresses (4.3 billion in IPv4)
Standard created in 90s
Deployed on most major sites, but small sites behind
Addresses :
IPv4 address : 192.168.0.1
IPv6 address : 2001:0db8:0000:0000:0000:0000:0370:7334
Abbreviated : 2001:0db8::0370:7334
Can’t talk to eachother !
Address space :
2128
= 340,282,366,920,938,463,463,374,607,431,770,000,000
Deployment rates (source : Google) :
Global : 13.12%
US : 29.78%
Canada : 16.58%
Belgium : 48.42%
Should you use it ? YES ! (But don’t forget about firewalling !)
49. TLS with Session Resumption
Client Server
0
45
90
135
180
225
SYN
ClientHello
SYN ACK
ACK
ServerHello
ChangecipherSpec
Finished
ChangeCipherSpec
Finished
DATA
270
315
50. TLS → HSTS
HSTS = HTTP Strict Transport Security
Remembers that a site is SSL-only
Prevents users from going to http:// then redirected to https://
Prevents leaking of session cookies over unsecured wifi
51. HTTP
It’s what we use every day ;-)
There’s “new” version : HTTP/2
Developed by Google as SPDY
Designed for speed
Multiple simultaneous requests in 1 connection
Binary format (pro : more efficient – con : harder to debug)
TLS/SSL encryption is standard
Built-in prioritization
Server Push
Header compression
Try it out
Deploy it !