Title: Distributed Systems 2006
1Distributed Systems 2006
- Basic Communication Services
- Material adapted from Ken Birman and Paul Francis
2What is this?
1. Host name
2. Get IP Address
3. Create socket
4. Send byte stream
5. Receive byte stream
Classic network API
3- HTTP/1.1 200 OK
- Cache-Control private
- Content-Type text/html
- Set-Cookie PREFID4b2c02195f828950TM1138745982
LM1138745982S8Iy66TXejIYChZ4y expiresSun,
17-Jan-2038 191407 GMT path/
domain.google.com - Server GWS/2.1
- Transfer-Encoding chunked
- Date Tue, 31 Jan 2006 221942 GMT
- d93
- lthtmlgtltheadgtltmeta HTTP-EQUIV"content-type"
CONTENT"text/html charsetISO-8859-1"gtlttitlegtdis
tributed systems - Google Searchlt/titlegtltstylegtlt!-
- - body,td,div,.p,afont-familyarial,sans-serif
- div,tdcolor000
- .fcolor6f6f6f
- .fllinkcolor77c
- alink,.w,a.wlink,.w alinkcolor00c
- avisited,.flvisitedcolor551a8b
- aactive,.flactivecolorf00
- .t alink,.t aactive,.t avisited,.tcolor000
- .tbackground-colore5ecf9
4Protocol layering example
Browser process
Web server process
Physical Link 1
Physical Link 2
5Protocol layering example
Browser wants to request a page. Calls HTTP with
the web address (URL). HTTPs job is to convey
the URL to the web server. HTTP learns the IP
address of the web server, adds its header, and
calls TCP.
Browser process
Web server process
HTTP
HTTP
H
TCP
TCP
IP
IP
IP
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
6Protocol layering example
TCPs job is to work with server to make sure
bytes arrive reliably and in order. TCP adds its
header and calls IP. (Before that, TCP
establishes a connection with its peer.)
Browser process
Web server process
HTTP
HTTP
TCP
TCP
H
T
IP
IP
IP
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
7Protocol layering example
IPs job is to get the packet routed to the peer
through zero or more routers. IP determines the
next hop from the destination IP address. IP adds
its header and calls the link layer (e.g.,
Ethernet) with the next hop address.
Browser process
Web server process
HTTP
HTTP
TCP
TCP
IP
IP
IP
H
T
I
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
8Protocol layering example
The links job is to get the packet to the next
physical box (here a router). It adds its header
and sends the resulting packet over the wire.
Browser process
Web server process
HTTP
HTTP
TCP
TCP
IP
IP
IP
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
H
T
I
L1
9Protocol layering example
The routers link layer receives the packet,
strips the link header, and hands the result to
the IP forwarding process.
Browser process
Web server process
HTTP
HTTP
TCP
TCP
IP
IP
IP
H
T
I
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
10Protocol layering example
The routers IP forwarding process looks at the
destination IP address, determines what the next
hop is, and hands the packet to the appropriate
link layer with the appropriate next hop link
address.
Browser process
Web server process
HTTP
HTTP
TCP
TCP
IP
IP
IP
H
T
I
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
11Protocol layering example
The packet goes over the link to the web server,
after which each layer processes and strips its
corresponding header.
Browser process
Web server process
HTTP
HTTP
H
TCP
TCP
H
T
IP
IP
IP
H
T
I
Link1
Link1
Link2
Link1
Physical Link 1
Physical Link 2
H
T
I
L2
12Reality
13Example Microsoft VPN stack
Application
TCP
IP
PPP
L2TP
UDP
IPsec
IP
PPP
PPPoE
The link layer
Ethernet
14Example Microsoft VPN stack
Application
TCP
IP
PPP
L2TP
UDP
IPsec
IP
A logical link layer
PPP
PPPoE
The link layer
Ethernet
15Example Microsoft VPN stack
Application
TCP
IP
PPP
L2TP
UDP
IPsec
A tunnel
IP
A logical link layer
PPP
PPPoE
The link layer
Ethernet
16Example Microsoft VPN stack
Application
TCP
IP
PPP
L2TP
A security layer
UDP
IPsec
A tunnel
IP
A logical link layer
PPP
PPPoE
The link layer
Ethernet
17Example Microsoft VPN stack
Application
TCP
IP
A network abstraction that Microsoft finds
convenient
PPP
L2TP
A security layer
UDP
IPsec
A tunnel
IP
A logical link layer
PPP
PPPoE
The link layer
Ethernet
18Example Microsoft VPN stack
The actual end-to-end network and transport layers
Application
TCP
IP
A network abstraction that Microsoft finds
convenient
PPP
L2TP
A security layer
UDP
IPsec
A tunnel
IP
A logical link layer
PPP
PPPoE
The link layer
Ethernet
19Example Microsoft VPN stack
Application
TCP
TCP Transport Control Protocol IP Internet
Protocol PPP Point-to-Point Protocol L2TP Layer
2 Tunneling Protocol UDP User Datagram
Protocol IPsec Secure IP PPPoE PPP over Ethernet
IP
PPP
L2TP
UDP
IPsec
IP
PPP
PPPoE
Ethernet
20What can we learn from this?
- That the internet is a mature technology
- Kludges on kludges
Application
TCP
IP
PPP
L2TP
UDP
IPsec
IP
PPP
PPPoE
Ethernet
21What can we learn from this?
- That the internet is a mature technology
- Kludges on kludges
- That having the biggest company isnt good enough
for Bill
Application
TCP
IP
PPP
L2TP
UDP
IPsec
IP
PPP
PPPoE
Ethernet
22What can we learn from this?
- That the internet is a mature technology
- Kludges on kludges
- That having the biggest company isnt good enough
for Bill - That the end-to-end argument actually works!
- If you want something done right, you have to do
it yourself
Application
TCP
IP
PPP
L2TP
UDP
IPsec
IP
PPP
PPPoE
Ethernet
23End-to-End argument
- Commonly cited as a justification for not
tackling reliability in low levels of a
platform - Originally posed in the Internet
- Suppose an IP packet will take n hops to its
destination, and can be lost with probability p
on each hop - Now, say that we want to transfer a file of k
records that each fit in one IP (or UDP) packet - Should we use a retransmission protocol running
end-to-end or n TCP protocols in a chain?
24End-to-End argument
source
dest
Loss rate p
Probability of successful transit
(1-p)n, Expected packets lost k - k(1-p)n
25Saltzer et al., 1984 analysis
- If p is very small, then even with many hops most
packets will get through - The overhead of using TCP protocols in the links
will slow things down and wont often benefit us - And well need an end-to-end recovery mechanism
no matter what since routers can fail, too - Conclusion let the end-to-end mechanism worry
about reliability
26E2E is visible in Java and .NET
- If something fails, these technologies report
timeouts - But they also report timeouts when nothing has
failed - And when they report timeouts, they dont tell
you what failed - And they dont offer much help to fix things up
after the failure, either
27EHR, Split Brain Syndrome, and E2E?
- Cannot prevent this on a pure end-to-end basis
- We will return to this, but
- Need some kind of agreement among participants
on which machines are up on which are not - Agreement is not a one-to-one concept
28Protocols
29Basic elements of any protocol header
- Demuxing field
- Indicates which is the next higher layer (or
process, or context, etc.) - Length field or header delimiter
- For the header, optionally for the whole packet
- Header format may be text (HTTP, SMTP (email)) or
binary (IP, TCP, Ethernet)
30Demuxing fields
- Ethernet Protocol Number
- Indicates IPv4, IPv6, (old Appletalk, SNA,
Decnet, etc.) - IP Protocol Number
- Indicates TCP, UDP, SCTP
- TCP and UDP Port Number
- Well known ports indicate FTP, SMTP, HTTP, SIP,
many others - Dynamically negotiated ports indicate specific
processes (for these and other protocols) - HTTP Host field
- Indicates virtual web server within a physical
web server - Host www.google.com
- (Well, more like an identifier than a demuxing
field)
31IP (Internet Protocol)
- Three services
- Unicast transmits a packet to a specific host
- Multicast transmits a packet to a group of
hosts - Anycast transmits a packet to one of a group of
hosts (typically nearest) - Destination and source identified by the IP
address (32 bits for IPv4, 128 bits for IPv6) - All services are unreliable
- Packet may be dropped, duplicated, and received
in a different order
32IP Packet Format
33IP address
- The raison d'être for the IP packet
- Both source and destination address may be
modified in transit - By NAT boxes
- But even so, sending a packet back to the source
IP address will get the packet there - Unless source address is spoofed, which can
easily be done - IP (unicast) address is hierarchical, but host
can treat it as a flat identifier - (almostneeds to know network mask)
- Cant tell how close or far a host is by looking
at its IP address
34IP(v4) address format
- In binary, a 32-bit integer
- In text, this 128.52.7.243
- Each decimal digit represents 8 bits (0 255)
- Private addresses are not globally unique
- Used behind NAT boxes
- 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
- (/x x shared initial bits)
- Multicast addresses start with 1110 as the first
4 bits (Class D address) - 224.0.0.0/4
- Unicast and anycast addresses come from the same
space
35UDP (User Datagram Protocol)
- Runs above IP
- Same unreliable service as IP
- Packets can get lost anywhere
- Outgoing buffer at source
- Router or link
- Incoming buffer at destination
- But adds port numbers
- Used to identify application layer protocols or
processes - Also a checksum, optional
36UDP Packet Format
37TCP (Transmission Control Protocol)
- Runs above IP
- Port number and checksum like UDP
- Service is in-order byte stream
- Application does not absolutely know how the
bytes are packaged in packets - Flow control and congestion control
- Connection setup and teardown phases
- Can be considerable delay between bytes in at
source and bytes out at destination - Because of timeouts and retransmissions
- Works only with unicast (not multicast or anycast)
38TCP Packet Format
39- EHR case
- Where and how could TCP, UDP, multicast be used?
40UDP vs. TCP
- UDP is more real-time
- Packet is sent or dropped, but is not delayed
- UDP has more of a message flavor
- One packet one message
- But must add reliability mechanisms over it
- TCP is great for transferring a file or a bunch
of email, but kind-of frustrating for messaging - Interrupts to application dont conform to
message boundaries - No Application Layer Framing
- TCP is vulnerable to DoS (Denial of Service)
attacks, because initial packet consumes
resources at the receiver
41Ethereal
- Great open-source tool for understanding and
debugging protocol behavior - http//www.ethereal.com
- Features
- Trace packets over the wire
- Sophisticated filtering language
- Display contents of each protocol
- Dump contents into file
- Display TCP conversation
42Capturing
43Captured Frames
44Supports over 750 protocols
3Com XNS Encapsulation
3GPP2 A11 3com Network Jack
802.1Q Virtual LAN 802.1X
Authentication AAL type 2 signalling
protocol (Q.2630) ACN AFS
(4.0) Replication Server call declarations
AIM Administrative AIM
Advertisements AIM Buddylist Service
AIM Chat Navigation AIM
Chat Service AIM Directory Search
AIM E-mail AIM Generic
Service AIM ICQ AIM
Invitation Service AIM Location
AIM Messaging AIM OFT
AIM Popup AIM Privacy Management
Service AIM Server Side Info
AIM Server Side Themes AIM Signon
AIM Statistics AIM
Translate AIM User Lookup
ANSI A-I/F BSMAP ANSI A-I/F DTAP
ANSI IS-637-A (SMS) Teleservice Layer
ANSI IS-637-A (SMS) Transport Layer
ANSI IS-683-A (OTA (Mobile))
ANSI IS-801 (Location Services (PLD))
ANSI Mobile Application Part AOL
Instant Messenger ARCNET
ASN.1 decoding ATAoverEthernet
ATM ATM AAL1 ATM
AAL3/4 ATM LAN Emulation
ATM OAM AAL AVS WLAN Capture header
AX/4000 Test Block Active
Directory Setup Ad hoc On-demand
Distance Vector Routing Protocol
Adaptive Multi-Rate Address
Resolution Protocol AgentX
Aggregate Server Access Protocol
Alert Standard Forum Alteon -
Transparent Proxy Cache Protocol
Andrew File System (AFS) Apache JServ
Protocol v1.3 Apple Filing Protocol
Apple IP-over-IEEE 1394
AppleTalk Session Protocol AppleTalk
Transaction Protocol packet Appletalk
Address Resolution Protocol
Application Configuration Access Protocol
Art-Net Aruba - Aruba Discovery
Protocol Async data over ISDN
(V.120) Asynchronous Layered Coding
AudioCodes Trunk Trace
Authentication Header BACnet Virtual
Link Control BEA Tuxedo
BSSAP/BSAP Banyan Vines ARP
Banyan Vines Echo Banyan Vines
Fragmentation Protocol Banyan Vines
ICP Banyan Vines IP
Banyan Vines IPC Banyan Vines LLC
Banyan Vines RTP Banyan Vines
SPP Base Station Subsystem GPRS
Protocol Basic Encoding Rules (ASN.1
X.690) Bearer Independent Call
Control Bi-directional Fault
Detection Control Message BitTorrent
Blocks Extensible Exchange Protocol
Blubster/Piolet MANOLITO Protocol
Boardwalk Boot Parameters
Bootstrap Protocol Border
Gateway Protocol Building Automation
and Control Network APDU Building
Automation and Control Network NPDU
CBAPhysicalDevice CCSDS
CDS Clerk Server Calls CSM_ENCAPS
Camel Cast Client Control
Protocol Certificate Management
Protocol Certificate Request Message
Format Check Point High Availability
Protocol Checkpoint FW-1
Cisco Auto-RP Cisco Discovery
Protocol Cisco Group Management
Protocol Cisco HDLC Cisco
Hot Standby Router Protocol Cisco
ISL Cisco Interior Gateway Routing
Protocol Cisco NetFlow
Cisco SLARP Cisco Session Management
Cisco Wireless Layer 2
Clearcase NFS CoSine IPNOS L2 debug
output Common Image Generator
Interface Common Industrial Protocol
Common Open Policy Service
Common Unix Printing System (CUPS) Browsing
Protocol Compressed Data Type
Compuserve GIF Computer Interface
to Message Distribution Configuration
Test Protocol (loopback)
Connectionless Lightweight Directory Access
Protocol Coseventcomm Dissector Using
GIOP API Cosnaming Dissector Using
GIOP API Cross Point Frame Injector
Cryptographic Message Syntax
DCE Distributed Time Service Local Server
DCE Distributed Time Service Provider
DCE Name Service DCE RPC
DCE Security ID Mapper DCE/DFS
BUDB DCE/RPC BOS Server
DCE/RPC BUTC DCE/RPC CDS
Solicitation DCE/RPC Conversation
Manager DCE/RPC Directory Acl
Interface DCE/RPC Endpoint Mapper
DCE/RPC Endpoint Mapper v4
DCE/RPC FLDB DCE/RPC FLDB UBIK
TRANSFER DCE/RPC FLDB UBIKVOTE
DCE/RPC ICL RPC DCE/RPC Kerberos
V DCE/RPC NCS 1.5.1 Local Location
Broker DCE/RPC Operations between
registry server replicas DCE/RPC Prop
Attr DCE/RPC RS_ACCT
DCE/RPC RS_BIND DCE/RPC RS_MISC
DCE/RPC RS_PROP_ACCT DCE/RPC
RS_UNIX DCE/RPC Registry Password
Management DCE/RPC Registry Server
Attributes Schema DCE/RPC Registry
server propagation interface - ACLs.
DCE/RPC Registry server propagation interface -
PGO items DCE/RPC Registry server
propagation interface - properties and policies
DCE/RPC Remote Management
DCE/RPC Repserver Calls DCE/RPC
TokenServer Calls DCE/RPC UpServer
DCOM DCOM IDispatch
DCOM IRemoteActivation DCOM OXID
Resolver DEC DNA Routing Protocol
DEC Spanning Tree Protocol
DFS Calls DG Gryphon Protocol
DHCP Failover DHCPv6
DICOM DLT_USER_A
DLT_USER_B DLT_USER_C
DLT_USER_D DNS Control Program
Server DOCSIS 1.1 DOCSIS
Appendix C TLV's DOCSIS Baseline
Privacy Key Management Attributes
DOCSIS Baseline Privacy Key Management Request
DOCSIS Baseline Privacy Key Management
Response DOCSIS Dynamic Service
Addition Acknowledge DOCSIS Dynamic
Service Addition Request DOCSIS
Dynamic Service Addition Response
DOCSIS Dynamic Service Change Acknowledgement
DOCSIS Dynamic Service Change Request
DOCSIS Dynamic Service Change Response
DOCSIS Dynamic Service Delete Request
DOCSIS Dynamic Service Delete Response
DOCSIS Initial Ranging Message
DOCSIS Mac Management DOCSIS Range
Request Message DOCSIS Ranging
Response DOCSIS Registration
Acknowledge DOCSIS Registration
Requests DOCSIS Registration
Responses DOCSIS Upstream Bandwidth
Allocation DOCSIS Upstream Channel
Change Request DOCSIS Upstream
Channel Change Response DOCSIS
Upstream Channel Descriptor DOCSIS
Upstream Channel Descriptor Type 29
DOCSIS Vendor Specific Endodings
DPNSS/DASS2-User Adaptation Layer
DRSUAPI Data Data Link
SWitching Data Stream Interface
Datagram Congestion Control Protocol
Datagram Delivery Protocol
Decompressed SigComp message as raw text
Diameter Protocol Digital Audio
Access Protocol Distance Vector
Multicast Routing Protocol Distcc
Distributed Compiler Distributed
Checksum Clearinghouse Protocol
Distributed Interactive Simulation
Distributed Network Protocol 3.0
Domain Name Service Dublin Core
Metadata (DC) Dynamic DNS Tools
Protocol Dynamic Trunking Protocol
ENTTEC Echo
Encapsulating Security Payload
Endpoint Name Resolution Protocol
Enhanced Interior Gateway Routing Protocol
EtherNet/IP (Industrial Protocol)
Etheric Ethernet
Ethernet over IP Extended Security
Services Extensible Authentication
Protocol Extreme Discovery Protocol
FC Extended Link Svc FC
Fabric Configuration Server FCIP
FTP Data FTServer Operations
Fiber Distributed Data Interface
Fibre Channel Fibre Channel
Common Transport Fibre Channel Fabric
Zone Server Fibre Channel Name
Server Fibre Channel Protocol for
SCSI Fibre Channel SW_ILS
Fibre Channel Security Protocol Fibre
Channel Single Byte Command File
Transfer Protocol (FTP) Financial
Information eXchange Protocol Frame
Frame Relay G.723
GARP Multicast Registration Protocol
GARP VLAN Registration Protocol GPRS
Network service GPRS Tunneling
Protocol GSM A-I/F BSSMAP
GSM A-I/F DTAP GSM A-I/F RP
GSM Mobile Application GSM SMS TPDU
(GSM 03.40) GSM Short Message Service
User Data GSM_SS GSS-API
Generic Security Service Application Program
Interface General Inter-ORB Protocol
Generic Routing Encapsulation
Gnutella Protocol H.248 MEGACO
H.324/CCSRL H.324/SRP
H221NonStandard
H235-SECURITY-MESSAGES H323-MESSAGES
HP Extended Local-Link Control
HP Remote Maintenance Protocol HP
Switch Protocol HP-UX Network Tracing
and Logging Hummingbird NFS Daemon
HyperSCSI Hypertext Transfer
Protocol ICBAAccoCallback
ICBAAccoCallback2
ICBAAccoMgt ICBAAccoMgt2
ICBAAccoServer ICBAAccoServer2
ICBAAccoServerSRT ICBAAccoSync
ICBABrowse ICBABrowse2
ICBAGroupError
ICBAGroupErrorEvent
ICBALogicalDevice ICBALogicalDevice2
ICBAPersist ICBAPersist2
ICBAPhysicalDevice
ICBAPhysicalDevice2
ICBAPhysicalDevicePC
ICBAPhysicalDevicePCEvent ICBARTAuto
ICBARTAuto2 ICBAState
ICBAStateEvent
ICBASystemProperties ICBATime
ICQ Protocol IEEE 802.11 Radiotap
Capture header IEEE 802.11 wireless
LAN IEEE 802.11 wireless LAN
management frame IEEE802a OUI
Extended Ethertype ILMI
IP Device Control (SS7 over IP) IP
Over FC IP Payload Compression
IP Virtual Services Sync Daemon
IPX Message IPX Routing Information
Protocol IPX WAN
IRemUnknown IRemUnknown2
ISDN ISDN Q.921-User Adaptation
Layer ISDN User Part ISO
10589 ISIS InTRA Domain Routeing Information
Exchange Protocol ISO 8073 COTP
Connection-Oriented Transport Protocol
ISO 8327-1 OSI Session Protocol ISO
8473 CLNP ConnectionLess Network Protocol
ISO 8571 FTAM ISO 8602 CLTP
ConnectionLess Transport Protocol ISO
8650-1 OSI Association Control Service
ISO 8823 OSI Presentation Protocol
ISO 9542 ESIS Routeing Information Exchange
Protocol ISUP Thin Protocol
ISystemActivator ISystemActivator Resolver
ITU M.3100 Generic Network Information
Model ITU-T E.164 number
ITU-T Recommendation H.223 ITU-T
Recommendation H.261 ITU-T
Recommendation H.263 ITU-T
Recommendation H.263 RTP Payload header
(RFC2190) InMon sFlow
Information Access Protocol Init
shutdown service Intel ANS probe
Intelligent Network Application Protocol
Intelligent Platform Management
Interface Inter-Access-Point
Protocol Inter-Asterisk eXchange v2
InterSwitch Message Protocol
Interbase Internet Cache Protocol
Internet Communications Engine Protocol
Internet Content Adaptation Protocol
Internet Control Message Protocol
Internet Control Message Protocol v6
Internet Group Management Protocol
Internet Group membership Authentication
Protocol Internet Message Access
Protocol Internet Printing Protocol
Internet Protocol Internet
Protocol Version 6 Internet Relay
Chat Internet Security Association
and Key Management Protocol
Internetwork Datagram Protocol
Internetwork Packet eXchange IrCOMM
Protocol IrDA Link Access Protocol
IrDA Link Management Protocol
IuUP JPEG File Interchange Format
JXTA Connection Welcome Message
JXTA Message JXTA Message Framing
JXTA P2P JXTA UDP
Jabber XML Messaging Java RMI
Java Serialization Juniper
K12xx Kerberized Internet
Negotiation of Key Kerberos
Kerberos Administration Kerberos
v4 Kernel Lock Manager
LWAP Control Message LWAPP
Encapsulated Packet LWAPP Layer 3
Packet Label Distribution Protocol
Laplink Layer 2 Tunneling
Protocol Light Weight DNS RESolver
(BIND9) Lightweight Directory Access
Protocol Lightweight User Datagram
Protocol Line Printer Daemon
Protocol Line-based text data
Link Access Procedure Balanced (LAPB)
Link Access Procedure Balanced Ethernet
(LAPBETHER) Link Access Procedure,
Channel D (LAPD) Link Layer Discovery
Protocol Link Management Protocol
(LMP) Linux cooked-mode capture
Local Management Interface
LocalTalk Link Access Protocol Log
Message Logical Link Control GPRS
Logical-Link Control
Logical-Link Control Basic Format XID
Logotype Certificate Extensions
Lucent/Ascend debug output MAC
Control MAP_DialoguePDU
MDS Header MEGACO MIME
Multipart Media Encapsulation MMS
MMS Message Encapsulation MS
Kpasswd MS Network Load Balancing
MS Proxy Protocol MSN
Messenger Service MSNIP Multicast
Source Notification of Interest Protocol
MTP 2 Transparent Proxy MTP 2 User
Adaptation Layer MTP 3 User
Adaptation Layer MTP2 Peer Adaptation
Layer MULTIMEDIA-SYSTEM-CONTROL
Media Gateway Control Protocol
Media Type Media Type message/http
Message Session Relay Protocol
Message Transfer Part Level 2
Message Transfer Part Level 3 Message
Transfer Part Level 3 Management Meta
Analysis Tracing Engine Microsoft
AT-Scheduler Service Microsoft
Distributed File System Microsoft
Distributed Link Tracking Server Service
Microsoft Encrypted File System Service
Microsoft Eventlog Service
Microsoft Exchange MAPI Microsoft
File Replication Service Microsoft
File Replication Service API
Microsoft Local Security Architecture
Microsoft Media Server Microsoft
Messenger Service Microsoft Network
Logon Microsoft Plug and Play
service Microsoft Routing and Remote
Access Service Microsoft Security
Account Manager Microsoft Server
Service Microsoft Service Control
Microsoft Spool Subsystem
Microsoft Telephony API Service
Microsoft Windows Browser Protocol
Microsoft Windows Lanman Remote API Protocol
Microsoft Windows Logon Protocol (Old)
Microsoft Workstation Service
Mobile IP Mobile IPv6 / Network
Mobility Modbus/TCP
Monotone Netsync Mount Service
MultiProtocol Label Switching Header
Multicast Router DISCovery protocol
Multicast Source Discovery Protocol
Multiprotocol Label Switching Echo
MySQL Protocol NBMA Next Hop
Resolution Protocol NFSACL
NFSAUTH NIS NIS
Callback NSPI NTLM Secure
Service Provider Name Binding
Protocol Name Management Protocol
over IPX Negative-acknowledgment
Oriented Reliable Multicast NetBIOS
NetBIOS Datagram Service
NetBIOS Name Service NetBIOS Session
Service NetBIOS over IPX
NetScape Certificate Extensions
NetWare Core Protocol NetWare Link
Services Protocol NetWare
Serialization Protocol Network Data
Management Protocol Network File
System Network Lock Manager Protocol
Network News Transfer Protocol
Network Service Over IP Network
Status Monitor CallBack Protocol
Network Status Monitor Protocol
Network Time Protocol Nortel SONMP
Novell Cluster Services
Novell Distributed Print System
Novell Modular Authentication Service
Novell SecretStore Services
Null/Loopback Online Certificate
Status Protocol Open Policy Service
Interface Open Shortest Path First
OpenBSD Encapsulating device
OpenBSD Packet Filter log file
OpenBSD Packet Filter log file, pre 3.4
Optimized Link State Routing Protocol
PC NFS PKCS1 PKINIT
PKIX CERT File Format PKIX
Qualified PKIX Time Stamp Protocol
PKIX1Explitit PKIX1Implitit
PKIXProxy (RFC3820) PPP
Bandwidth Allocation Control Protocol
PPP Bandwidth Allocation Protocol PPP
CDP Control Protocol PPP Callback
Control Protocol PPP Challenge
Handshake Authentication Protocol PPP
Compressed Datagram PPP Compression
Control Protocol PPP IP Control
Protocol PPP IPv6 Control Protocol
PPP In HDLC-Like Framing PPP
Link Control Protocol PPP MPLS
Control Protocol PPP Multilink
Protocol PPP Multiplexing
PPP OSI Control Protocol PPP Password
Authentication Protocol PPP VJ
Compression PPP-over-Ethernet
Discovery PPP-over-Ethernet Session
PPPMux Control Protocol
PROFINET DCP PROFINET IO
PROFINET Real-Time Protocol P_Mul
(ACP142) Packed Encoding Rules (ASN.1
X.691) Packet Cable Lawful Intercept
PacketCable Parallel
Virtual File System Parlay Dissector
Using GIOP API Plan 9 9P
Point-to-Point Protocol
Point-to-Point Tunnelling Protocol
Port Aggregation Protocol Portmap
Post Office Protocol
PostgreSQL
Pragmatic General Multicast Precision
Time Protocol (IEEE1588) Printer
Access Protocol Prism
Privilege Server operations Protocol
Independent Multicast Q.2931
Q.931 Q.933 Quake II
Network Protocol Quake III Arena
Network Protocol Quake Network
Protocol QuakeWorld Network Protocol
Qualified Logical Link Control
RDM RFC 2250 MPEG1
RFC 2833 RTP Event RIPng
RPC Browser RS Interface properties
RSTAT RSYNC File
Synchroniser RTcfg RX
Protocol Radio Access Network
Application Part Radius Protocol
Raw packet data Real Data
Transport Real Time Streaming
Protocol Real-Time Media Access
Control Real-Time Publish-Subscribe
Wire Protocol Real-Time Transport
Protocol Real-time Transport Control
Protocol Redback
Redundant Link Management Protocol
Registry Server Attributes Manipulation
Interface Registry server
administration operations. Reliable
UDP Remote Management Control
Protocol Remote Override interface
Remote Procedure Call Remote
Program Load Remote Quota
Remote Registry Service Remote Shell
Remote Wall protocol
Remote sec_login preauth interface.
Resource ReserVation Protocol (RSVP)
Retix Spanning Tree Protocol Rlogin
Protocol Routing Information
Protocol Routing Table Maintenance
Protocol SADMIND SCSI
SEBEK - Kernel Data Capture
SGI Mount Service SMB (Server Message
Block Protocol) SMB MailSlot
Protocol SMB Pipe Protocol
SMB2 (Server Message Block Protocol version 2)
SNA-over-Ethernet SNMP
Multiplex Protocol SPNEGO-KRB5
SPRAY SS7 SCCP-User Adaptation
Layer SSCF-NNI SSCOP
SSH Protocol STANAG 4406
Military Message STANAG 5066 (SIS
layer) Secure Socket Layer
Sequenced Packet Protocol Sequenced
Packet eXchange Serial Infrared
Service Advertisement Protocol
Service Location Protocol Session
Announcement Protocol Session
Description Protocol Session
Initiation Protocol Session
Initiation Protocol (SIP as raw text)
Short Message Peer to Peer Short
Message Relaying Service Signaling
Compression Signalling Connection
Control Part Signalling Connection
Control Part Management Simple Mail
Transfer Protocol Simple Network
Management Protocol Simple Protected
Negotiation Simple Traversal of UDP
Through NAT Sinec H1 Protocol
Sipfrag Skinny Client Control
Protocol SliMP3 Communication
Protocol Slow Protocols
Socks Protocol SoulSeek Protocol
Spanning Tree Protocol Stream
Control Transmission Protocol
Subnetwork Dependent Convergence Protocol
Symantec Enterprise Firewall
Synchronized Multimedia Integration Language
Synchronous Data Link Control (SDLC)
Synergy Syslog message
Systems Network Architecture
Systems Network Architecture XID
T.38 TACACS TACACS
TDMA RTmac Discipline TEI
Management Procedure, Channel D (LAPD)
TPKT - ISO on TCP - RFC1006 Tabular
Data Stream Tango Dissector Using
GIOP API Tazmen Sniffer Protocol
Telnet Teredo IPv6 over UDP
tunneling The Armagetron Advanced
OpenGL Tron clone Time Protocol
Time Synchronization Protocol
Tiny Transport Protocol Token-Ring
Token-Ring Media Access Control
Transaction Capabilities Application Part
Transmission Control Protocol
Transparent Inter Process Communication(TIPC)
Transparent Network Substrate Protocol
Transport Adapter Layer Interface v1.0,
RFC 3094 Trivial File Transfer
Protocol UDP Encapsulation of IPsec
Packets UTRAN Iub interface NBAP
signalling UTRAN Iur interface Radio
Network Subsystem Application Part
Universal Computer Protocol
Unlicensed Mobile Access User
Datagram Protocol V5.2-User
Adaptation Layer Virtual Network
Computing Virtual Router Redundancy
Protocol Virtual Trunking Protocol
WAP Binary XML WAP Session
Initiation Request WINS (Windows
Internet Name Service) Replication
Web Cache Coordination Protocol
WebSphere MQ WebSphere MQ
Programmable Command Formats
Wellfleet Breath of Life Wellfleet
Compression Wellfleet HDLC
Who Windows 2000 DNS
Wireless Session Protocol Wireless
Transaction Protocol Wireless
Transport Layer Security Wlan
Certificate Extension X Display
Manager Control Protocol X.228 OSI
Reliable Transfer Service X.25
X.25 over TCP X.29
X.411 Message Transfer Service X.420
File Transfer Body Part X.420
Information Object X.501 Directory
Operational Binding Management Protocol
X.509 Authentication Framework
X.509 Certificate Extensions X.509
Information Framework X.509 Selected
Attribute Types X.519 Directory
Access Protocol X.519 Directory
Information Shadowing Protocol X.519
Directory System Protocol X.880 OSI
Remote Operations Service X11
X711 CMIP Xyplex
Yahoo Messenger Protocol Yahoo YMSG
Messenger Protocol Yellow Pages Bind
Yellow Pages Passwd Yellow
Pages Service Yellow Pages Transfer
Zebra Protocol Zone
Information Protocol eDonkey
Protocol eXtensible Markup Language
giFT Internet File Transfer
h450 iFCP iSCSI
iSNS iTunes podCast rss elements
rss
45Summary
- TCP, UDP, IP provide a nice set of basic tools
- Key is to understand concept of protocol layering
- But problems/limitations exist
- IP has been compromised by NAT, cant be used as
a stable identifier - Firewalls can block communications
- TCP has vulnerabilities
- Network performance highly variable
- Next, other forms of naming and identification
46Naming
47Naming is a layer of indirection
- What problems does it solve?
- Makes objects human readable
- Hides complexity and dynamics
- Multiple lower-layer objects can have one name
- Changes in lower-layer objects hidden
- Allows an object to be found in different ways
- One object can have multiple names
- Any problem in computer science can be solved
with another layer of indirection - David Wheeler
48Names map to objects through a resolution service
Name
Distributed Name Resolution Service
Object
49Identifiers and Locators
- A name is always an identifier to a greater or
lesser extent - Can be persistent or non-persistent
- Can be globally unique, locally unique, or even
non-unique - If a name has structure that helps the resolution
service, then the name is also a locator
50Naming in networks
Address
Name
Route
51DNS names map into addresses
Domain Name System (DNS)
Address
Many-to-many
Name
Route
- Hierarchical
- User-friendly
- Location independent
- But not org independent
Domain Name (www.cnn.com)
52Addresses map into routes
IP address (128.94.2.17)
Routing algorithm (BGP, OSPF, RIP)
Address
One-to-many
Name
- Hierarchical
- Location Dependent
- Non-unique
- Can change often
- Refers to an interface, not a host
Route
53Routes get packets to interfaces
Address
Name
Route
- A path
- Source dependent
- Can change often
54DNS names and IP addresses are identifiers and
locators
- Both are typically non-persistent
- Private IP addresses identify only in the context
of an IP realm - Domain names are good identifiers
- israel.daimi.au.dk identifies a host
- www.cnn.com identifies a service
- URLs are good identifiers
55Domain Name System (DNS)
- Distributed directory service
- Hierarchical name space
- Each level separated by .
- Analogous to / separator in file systems
- One global root
- Replicated across lt20 root servers!
- There have been Denial of Service (DoS) attacks
on these root servers, none real successful - Because of caching, queries to root servers
relatively rare - DNS maybe only global directory service???
56DNS is simple but powerful
- Only one type of query
- Query(domain name, RR type)
- Resource Record (RR) type is like an attribute
type - Answer(values, additional RRs)
- Limited number of RR types
- Hard to make new RR types
- Not for technical reasons
- Rather because each requires global agreement
57Important DNS RR types
- NS Points to next Name Server down the tree
- A Contains the IP address
- AAAA for IPv6
- MX Contains the name of the mail server
- Service-oriented RR types
- SRV Contains addresses and ports of services on
servers - One way to learn what port number to use
- NAPTR Essentially a generalized mapping from one
name space (i.e. phone numbers) to another (i.e.
SIP URL)
58DNS tree structure
NS RR pointers
.
dk.
com.
edu.
us.
au.dk.
iha.dk.
itu.dk
daimi.au.dk.
nat.au.dk.
www.daimi.au.dk A 130.225.16.54
svn.daimi.au.dk A 130.225.16.55
59Primary and secondary servers
au.dk.
NS RRs point to both primary and secondary servers
daimi.au.dk.
Primary server replicates RRs onto secondary
servers periodically (updates are incremental)
RRs are initially configured into primary server
60DNS cache management
- All RRs have Time-to-live (TTL) values
- When TTL expires, cache entries are removed
- NS RRs tend to have long TTLs
- Cached for a long time
- Reduces load on higher level servers
- A RRs may have very short TTLs
- Order one minute for some web services
- Order one day for typical hosts
61LDAP is another popular distributed directory
service
- Richer and more general than DNS
- Has generalized attribute/value scheme
- Can search on attribute, not just name
- Simpler and more efficient than a full relational
database - Not a global directory service, though namespace
is global - Its predecessor, X.500, was meant to be
- But local LDAP services can point to each other
- Commonly used for personnel RR databases,
subscriber databases
62URLs, URNs, and URIs
- Uniform Resource ltLocator, Name, Identifiergt
- URL tells a computer where and how to reach a
resource - These came first
- URN is a true identifier
- Unique, persistent
- URI refers to both URLs and URNs
- Defines syntax for current and future URLs and
URNs - For now we only really care about URLs
63URL
- Consists of
- ltschemegtltscheme-specific-partgt
64URL
- Consists of
- ltschemegtltscheme-specific-partgt
A protocol
Information the protocol needs
65URL examples
- HTTP (web)
- http//www.cnn.com/news/story.html
- Email
- mailto//klaus.m.hansen_at_daimi.au.dk
- Newsgroups
- newsdaimi/ddist
- SIP (Session Initiation Protocol)
- sip//service_at_phone.verizon.com
66Note the central role of DNS
- HTTP (web)
- http//www.cnn.com/news/story.html
- Email
- mailto//klaus.m.hansen_at_daimi.au.dk
- Newsgroups
- newsdaimi/ddist
- SIP (Session Initiation Protocol)
- sip//service_at_phone.verizon.com
67Summary
- Naming basics
- Names, Addresses, Routes
- Identifiers and Locators
- DNS is the global directory service
- LDAP is a popular local directory service
- URLs build on DNS (and also URIs and URNs)
68References
- Saltzer et al., 1984
- Saltzer, J. H., Reed, D. P., and Clark, D. D.
(1984). End-to-end arguments in system design.
ACM Transactions on Computer Systems (TOCS).
4(2), pp. 277288