Computer Networking [PART-2]

INDEX 753 Open Shortest Path First (OSPF), 377, packets, 4, 23 383, 396–399, 516 choke, 262 control, 312 authentication in, 398 deep inspection of, 347, 360 broadcast in, 397–398 duplicate, 206 Dijkstra’s algorithm, 396 duplicate data, 210 link weights, 397 forwarding, 306 multicast, 398 in-order delivery of, 309 security and, 398 out-of-order, 219 subnets, 396 operational data, 426 packet-satellite networks, 59 operational security, 609 packet scheduler, 323 IDSs, 347 packet scheduling Optical Carrier standard (OC), 20 optical line terminator (OLT), 16 FIFO, 325–326 optical network terminator (ONT), 16 priority queuing, 326–327, 329 options field, 230 round robin, 329–330 orthogonal frequency division multi- WFQ, 329–330 packet sniffer, 57, 76 plexing (OFDM), 571 packet-switched networks, delays in, OSPF. See Open Shortest Path First out-of-order packets, 219 35–46 output buffer, 24 packet switches, 4, 23, 311 output port, 312 packet switching, 23–27, 78 forwarding to, 316 circuit switching versus, 30–31 output port processing, 319 development of, 58–59 output queue, 24 store-and-forward, 23–24 output queueing, 321–323 paging, 567 outside-AS destinations, 404 pairwise communication, 301 OVSDB, 421 parallel TCP connections, fairness P and, 279 parity bit, 456 packet data convergence, 570 parity checks, 456–458 Packet Data Network Gateway passive optical networks (PONs), 16 passive scanning, 546 (P-GW), 565 path loss, 536 packet-dropping strategies, 322 paths, 4, 381 packet filtering, 669 packet header overhead, 196 least-cost, 382, 384–386, 388–389 packet headers multihop, 259–261 multiple same-cost, 398 routing and, 306, 307 shortest, 382 packet loss, 25, 41, 319 Paxos, 417 packet-marking strategies, 322 payload field, 53 packet-radio networks, 59 PDUs. See protocol data units

754 INDEX peering agreements, 408–409 points of presence (PoPs), 33 peers, 33 point-to-point connections, 227 peer-to-peer (P2P) architecture, 84, point-to-point link, 461 Point-to-Point Protocol (PPP) 137–140 BitTorrent, 140–143 MTU, 229 chunks, 140 poisoned reverse, 394 DHT, 143 polling protocol, 474 file distribution with, 141 polls, 474 optimistically unchoked, 142 polyalphabetic encryption, 613, 614 rarest first, 142 polynomial codes, 459 torrent, defined, 140 PONs. See passive optical networks tracker, 141 PoPs. See points of presence unchoked, 142 port numbers, 88, 154, 189–190 per-connection throughput, 256–257 performance enhancement, 360 NAT and, 344–346 per-router control, 378–380, 436 socket, 189–190 persistent connections, 98 well-known, 188 PGP. See Pretty Good Privacy port scanning, 192 P-GW. See Packet Data Network port-status message, 419 positive acknowledgments, 204 Gateway Pouzin, Louis, 60 Photobell, 78 PPP. See Point-to-Point Protocol physical address, 478 preamble, 487 physical layer, 52 prefix, 315, 316, 336–338 physical media, 18–21 Pretty Good Privacy (PGP), coaxial cable, 20 643–644 fiber optics, 20 Prim’s algorithm, 383 satellite radio, 21 priority queueing, 325–327, 329 terrestrial radio, 21 twisted-pair copper wire, 19–20 non-preemptive, 327 physical medium, 19 privacy, 674–675 piconets, 561 private key, 619 piggybacked acknowledgments, 235 private networks, 34, 64, 344, 380 ping, 423 processes, 85 pipelined reliable data transfer proto- server, 227 cols, 211, 213–215 transport layer protocols pipelining, 215 connecting, 182 TCP, 237 processing delay, 36 plaintext, 611, 612 programmable network, 412 playback attack, 638 propagation delay, 35, 37–39 plug-and-play, 341 proprietary networks, 59–61 plug-and-play devices, 494 protocol data units (PDUs), 429, 430 protocol layering, 49–50

INDEX 755 protocols, 5, 9. See also specific Quick UDP Internet Connections protocols (QUIC), 280–282 defining, 7–9 connection-oriented and secure, network, 8–9 280–281 routing, 25–26 protocol stack, 50 HTTP, 281–282 provider, 32 streams, 281 provider networks, 408 TCP-friendly congestion-controlled proxy server, 108 PSH bit, 231 data transfer, 281 public-key, 619 QUIC protocol, 196, 197 public key certification, 632–634 public key encryption, 612, 618–624 R Public Key Infrastructure (PKI), 631 pull protocol, 151 radio link control, 570 pure ALOHA protocol, 521 Rand Institute, 59 push protocol, 152 random access protocols, 463, 465 Python Random Early Detection (RED), 322 port numbers, 189 RCP. See Routing Control Platform UDP connections, 189 realm with private addresses, 344 real-time conversational applications. Q See Voice-over-IP QoS. See quality of service reassembly, IPv6 datagram, 350 quality of service, 567 receive buffer, 247, 248 receiver authentication, 609, 640 non-default, 349 receiver feedback, 204 queueing delays, 24–25, 36, 39–41 receive window, 230, 247, 248 recursive queries, 130, 131 network congestion and, 257 RED. See Random Early Detection queuing regional ISP, 32–33 registrar, 410 delays, 35 registries, 340 FIFO, 325–326 reliable data transfer, 89, 186, 225–226 input, 320 line speed and, 319–320 implementing, 300 non-preemptive priority, 327 over channel with bit errors, output, 321–323 priority, 325–327, 329 203–208 round-robin, 325, 329–330 over lossy channel with bit errors, in routers, 319–324 traffic load and, 319 208–211 transmission rate and, 319–320 over perfectly reliable channel, WFQ, 329–330 work-conserving, 329 202–203 principles of, 200–226 service implementation for, 201, 202 service model for, 200, 201 TCP, 238–346

756 INDEX reliable data transfer protocol, 200 TCP estimation for, 235–238 building, 202–211 TCP Reno throughput, 273 pipelined, 211, 213–215 TCP variable tracking, 264 route, 4, 402 reliable data transfer service, 238 BGP, 403 reliable delivery, 452 BGP selection algorithm for, reliable, TCP-friendly congestion- 405–406 controlled data transfer, 281 route aggregation, 338 reliable transport protocol, 300 route information, advertising in BGP, remote procedure call (RPC), 432 repeater, 489 400–402 request line, 101 routers, 4, 23, 311, 353 requests for comments (RFCs), 5 Request to Send (RTS) control architecture of, 311 border, 398–399, 506 frame, 551 buffer sizing, 323 response time, cloud service perfor- components of, 311–314 congestion and, 256–261 mance, 269 data plane, 311–330 retransmission, 204 destination-based forwarding, congestion and, 258–259 313–316 duplicate packets from, 206 edge, 312 fast, 243–245 forwarding plane, 312–313 random access protocols, 465 forwarding tables, 306, 307 sequence numbers for handling, gateway, 400 input port processing, 314–316 206–207 internal, 400 slotted ALOHA protocol, 466–468 NAT-enabled, 344–346 TCP timeout interval for, 236–237 output port processing, 319 TCP timer management for, per-router control, 378–380 queuing in, 319–324 238–239 self-synchronization, 387 time-based, 210–211 switching fabric, 317–319 Rexford, Jennifer, 446 route summarization, 338 RFC 1422 public key, 634 routine, node, 444–445 RFCs. See requests for comments routing, 306, 307 RIP, 383, 390, 516 among ISPs, 399–411 Rivest, Ron, 620 hot potato, 404–405 roaming, 580 inter-area, 398–399 Roberts, Lawrence, 59 intra-ASs, 395–399, robustness, LS and DV 409, 420 algorithms, 395 link weights in, 397 root DNS servers, 127 logically centralized, 308 round-robin queuing, 325, 329–330 round-trip time (RTT), 99 buffer sizing and, 323

INDEX 757 multicast, 398 SDN. See software-defined programming assignment, networking 444–445 SDN control and management, 510 routing algorithms, 306, 307, SDN controller, 414–416 secure communication, 608 380–395 Secure Hash Algorithm (SHA-1), 626 ARPAnet, 383, 390 secure shell (SSH) connection, 427 centralized, 382, 384 security convergence speed, 395 decentralized, 382–383 datagram inspection, 347 distance-vector, 388–395 firewalls, 347, 353 dynamic, 383 IDSs, 347 link-state, 383–387 network, 608–610 load sensitivity, 383 network layer, 310 static, 383 operational, 388, 609 routing controllers OSPF and, 398 logically centralized, 308 SYN flood attacks, 254 SDN and, 309 security association (SA), 653 Routing Control Platform (RCP), 446 Security Association Database routing loop, 393 routing policy, BGP, 407–410 (SAD), 654 routing processor, 312 security associations, 653–655 routing protocols, 25–26 Security Parameter Index (SPI), 654 routing tables, 390 Security Policy Database (SPD), 657 BGP, 405–406 security services, 360 RSA algorithm, 620–622 segments, 51, 182, 185 components of, 620 encryption/decryption, 623 acknowledged, 265 RST bit, 230 lost, 265 RTT. See round-trip time maximum size, 229, 230 rwnd, 264 TCP, 229 TCP structure, 230–235 S transport-layer, 53 UDP structure, 198 SA. See security association selective acknowledgment, 246 SAD. See Security Association selective repeat (SR), 215, 220–226 events and actions, 222 Database operation of, 223 SAL. See Service Abstraction Layer TCP as, 246 SampleRTT, 236 window size, 224, 225 satellite radio channels, 21 self-clocking, 265 Scantlebury, Roger, 59 self-learning, 493, 514 SCTP. See Stream Control link-layer switches, 493–494 self-replicating malware, 55 Transmission Protocol

758 INDEX S-GW. See Serving Gateway SHA-1. See Secure Hash Algorithm self-synchronization, 387 Shamir, Adi, 620 send buffer, 229 shared medium, 20 sender authentication, 609, 640 sending rate, 258 delays in, 43 sequence number, 206 shortest path, 382 Short Inter-frame Spacing in GBN protocol, 215–216 in pipelined protocols, 215 (SIFS), 549 retransmission handling with, SIFS. See Short Inter-frame Spacing signal-to-noise ratio (SNR), 536 206–207 signature-based systems, 677 in SR protocol, 221, 224 silent periods, 29 TCP, 231–233 simple authentication, 398 for TCP segment, 232 Simple Mail Transfer Protocol Telnet and, 233–235 sequence number field, 230 (SMTP), 50, 116–120 sequence number for segment, 232 Simple Network Management server, 86 servers, 11 Protocol (SNMP), 421, managing, 426 428–432 network control, 417 Simple Network Management processes, 227 Protocol version 3 (SNMPv3), web, 62, 193–194 428–431 Service Abstraction Layer single-hop, infrastructure-based net- works, 535 (SAL), 420–421 single-hop, infrastructure-less net- Service Level Agreements works, 535 Skype (SLAs), 426 application-layer protocols, 94 service model, 49 internet telephony, 93 Slammer worm, 192 IP, 186 SLAs. See Service Level Agreements network, 309–310 sleep modes, 573–574 reliable data transfer, 200, 201 sliding-window protocol, 216 services, 49 slow start, 266–267 flow-control, 246 small cell stations, 577 full-duplex, 227 small office, home office (SOHO), layering, 49 subnets, 344 network layer, 309–310 smart spaces, 79 TCP, 186 SMI. See Structure of Management unreliable, 186 Information service set identifier (SSID), 545 SMTP. See Simple Mail Transfer Serving Gateway (S-GW), 565 Protocol session key, 622 session management function (SMF), 578

INDEX 759 SNA, 60 Spotify sniffing, 57, 76 DNS vulnerabilities, 135 SNMP. See Simple Network Sprint, 32 Management Protocol SR. See selective repeat Snort, 678 SRI. See Stanford Research Institute SNR. See signal-to-noise ratio SSID. See Service Set Identifier social networks, 64 ssthresh, 267–270 socket interface, 6 Stanford Research Institute (SRI), socket programming 59, 78 port numbers, 189–190 stateless protocol, 98 with TCP, 159–165 state-management layer, SDN, 414 types of, 152, 153 static routing algorithms, 383 with UDP, 154–159 status line, 103 sockets, 87, 187 stop-and-wait protocols, 205, port numbers, 189–190 simultaneous, 192 213, 214 welcoming, 191 store-and-forward transmission, 23–24 software agents, 79 Stream Control Transmission Protocol software-defined networking (SDN), (SCTP), 281 304, 309, 447 streaming architecture of, 413 control applications, 414–416 content distribution networks, control plane, 313, 411–420 145–149 data plane, 412, 418–419 forwarding tables in, 312, 314 DASH, 144–145 generalized forwarding and, HTTP streaming, 144–145 internet video, 143–144 353–360 streams, 281 key characteristics of, 411–412 Structure of Management Information link state change in, 418–419 logically centralized control in, (SMI), 429 subnet mask, 335 379–380 subnets, 334–338, 483–484 packet forwarding and, 310 routing component, 436 obtaining blocks of IP addresses, routing processor responsibilities 340–341 in, 312 in OSPF, 396 source port number, 230 SOHO, 344 source port number field, 188 SWAN, 380 source quench message, 423–424 switch spanning layer, 362 top of rack, 505 SPD. See Security Policy Database switches, 313 SPI. See Security Parameter Index crossbar, 318–319 link-layer, 4, 23, 311, 316 non-blocking, 318 switches vs. routers, 495–497

760 INDEX switching, 311 TCP-friendly congestion-controlled in destination-based forwarding, 316 data transfer, 281 techniques for, 317–319 TCP/IP, 5, 228 switching fabric, 312 TCP Reno, 270–273 bus, 318 TCP segments, 229 crossbar, 317–319 TCP socket, 514, 516 interconnection network, 318–319 TCP splitting, 269 memory, 317–318 TCP states, 251–253 queuing and speed of, 319–320 TCP SYN, 516 TCP Tahoe, 270, 271 switch poisoning, 495 TCP Vegas, 275–276 switch table, 491 TDM. See time-division multiplexing symmetric key encryption, 612–618 telco. See telephone company Telenet, 59 block ciphers, 614–616 telephone company (telco), 13 Caesar cipher, 612 Telnet, 233–235, 427 chosen-plaintext attack, 613 temporary IP addresses, 341 Cipher Block Chaining (CBC), 617 Ternary Content Addressable ciphertext-only attack, 613 in IPsec, 614 Memories (TCAMs), 316 known-plaintext attack, 613 terrestrial radio channels, 21 monoalphabetic cipher, 612 3G, 18 in PGP, 614 Third Generation Partnership polyalphabetic encryption, 613, 614 in TLS, 614 Program, 352 SYNACK segment, 249, 253 three-way handshake, 228, 250–251, 516 SYN bit, 231 throughput, 43–46 SYN cookies, 254 SYN flood attack, 254 average, 44 congestion and, 256–261 T instantaneous, 43 per-connection, 256–257 Tag Protocol Identifier (TPID), 499 TCP Reno, 273 taking-turns protocols, 463, tier-1 ISPs, 32–33 TikTok 474–475 video streaming, 143 TCAMs. See Ternary Content time-based retransmission, 210–211 time-division multiplexing (TDM), Addressable Memories TCP. See Transmission Control 28–30, 463–464 time frames, 464 Protocol timeout events TCP BBR, 276 TCP congestion-control algorithm, in GBN protocol, 218 in SR protocol, 222 265–270 TCP, 236–237, 239, 240 TCP connection, 91 TCP CUBIC, 271–273, 279

INDEX 761 timeout intervals exploring, 300 doubling, 241–243 fairness and, 276–279 TCP, 236–237, 241–243 fast recovery, 268–270 fast retransmit, 243–245 time slots, 464 flow control, 246–248 time-to-live (TTL), 332 full-duplex service, 227 token, 475 handshake protocol, 638 token-passing protocol, 475 multimedia applications using, 196 Tomlinson, Ray, 59 parallel connection fairness, 279 top-down approach, 50 pipelining, 237 top-level domain (TLD), 126, 127 point-to-point connections, 227 Top of Rack (TOR) switch, 505 receive window, 247, 248 torrent, 140 reliable data transfer, 238–346 TOR switch. See Top of Rack switch retransmission timeout interval, TOS. See type of service total nodal delay, 35 236–237 TPID. See Tag Protocol Identifier RTT estimation, 235–238 Traceroute, 41–43, 424–425 securing connections, 644–646 traffic engineering, 397, 504 segment structure, 230–235 traffic intensity, 39 selective acknowledgment, 246 traffic load, queuing and, 319 self-clocking, 265 traffic volume, DNS, 126 sequence number, 231–233 Transmission Control Protocol (TCP) services provided by, 186 simultaneous connection ACK generation recommendation, 244 sockets, 192 slow start, 266–267 acknowledgment number, 231–233 socket programming with, 159–165 classic congestion control, 263–273 client-server application using, 162 (see also socket programming) closing connection, 250–251 steady-state behavior of, 273 congestion avoidance, 267–268 TCPClient.py, 161–163 congestion-control algorithm, 265–270 TCPServer.py, 163–165 congestion control in, 263–279 three-way handshake, 228, congestion window, 264, 270 connection, 227–230 250–251 connection management, throughput, 273 timeout events, 236–237, 239, 240 249–253, 255 timeout intervals, 236–237, connection requests, 191 cubic, 271–273 241–243 cumulative acknowledgment, 232 timer management, 238–239 demultiplexing, 190–193 transition to, 61–62 development of, 61 transport-layer functionality, 279–282 establishing connection, 249–250 variables, 264, 267, 270 Web servers and, 193–194

762 INDEX transmission delay, 35–39 UDP. See User Datagram Protocol transmission rate, 4 UDP segment, 513 ultra reliable low-latency queuing and, 319–320 transparent, 491 communications (URLLC), 576 transport layer, 50–51 undetected bit errors, 455 unguided media, 19 in Internet, 185–187 unidirectional data transfer, 202 network layer relationship to, UNIX, Snort, 678 unreliable services, 186 182–185 unshielded twisted pair (UTP), 19 transport-layer functionality, 279–282 URG bit, 231 transport-layer multiplexing and urgent data pointer field, 231 user agents, 116 demultiplexing, 186 User Datagram Protocol (UDP), 185, transport-layer protocols (TCP), 186, 194–200 182, 452 advantages of, 195–196 and HTTP, 516–517 checksum, 198–200 Transport Layer Security (TLS), 92, client-server application using, 155 connectionless nature of, 195 432, 644–645 DNS using, 195 connection closure, 650 exploring, 300 data transfer, 647 fairness and, 278–279 handshake phase, 646, 649–650 multimedia applications using, key derivation, 647 record, 648 196–197 transport-layer segment, 53 multiplexing and demultiplexing, transport mode, 655 triangle routing problem, 585 189–190 trunking, VLAN, 499 reliability with, 197–198 TTL. See time-to-live segment structure, 198 tunnel, 351 socket programming with, 154–159 tunnel endpoint identifier (TEID), 571 UDPClient.py, 156–158 tunneling, 351 UDPServer.py, 158–159 tunnel mode, 655 User Equipment (UE), 564 twisted-pair copper wire, 19–20 user-plane function (UPF), 578 Twitter utilization, 213 DNS vulnerabilities, 135 UTP. See unshielded twisted pair two-dimensional even parity, 457 two-dimensional parity scheme, 457 V Tymnet, 60 type of service (TOS), 332 VANET. See vehicular ad hoc network U vehicular ad hoc network ubiquitous WiFi, 563 (VANET), 535 UCLA, 78, 375

INDEX 763 video weighted fair queuing (WFQ), from remote server, 587 329–330 streaming, 576 welcoming socket, 191 video streaming well-known application protocols, content distribution networks, 145–149 188–189 DASH, 144–145 well-known port numbers, 188 HTTP streaming, 144–145 well-know service, 328 internet video, 143–144 WFQ. See weighted fair queuing wide-area wireless Internet virtualization, 510–511 virtual local area networks access, 18 WiFi, 4, 5, 17, 362, 543. See also (VLANs), 498 inefficient use of switches, 498 IEEE 802.11 wireless LAN lack of traffic isolation, 497–498 address fields, 554–556 original ethernet frame, 500 advanced features in, 559–560 single switch with two, 498 architecture, 544–548 tag, 499 channels and association, 545–548 trunking, 499 clear to send (CTS) control two switches with two, 500 users management, 498 frame, 551 virtual private networks (VPNs), 504, collision avoidance, 552 duration, 556 651–653 enterprise usage of, 16–17 visited network, 580 frame control fields, 556 VLANs. See virtual local area frames, 553–556 hidden terminals, dealing with, networks Voice-over-IP (VoIP), 35, 43, 551–553 link-layer acknowledgments, 549 326, 328 MAC protocol, 548–553 VoIP. See Voice-over-IP mobility in same IP subnet, VPNs. See virtual private networks vulnerability attacks, 55 556–558 packet sniffing, 57 W payload and CRC fields, 553–554 personal area networks, 560–562 Web browsers, 62–63, 96 as point-to-point link, 553 conditional GET, 112 power management, 560 parallel connections, 279 public access, 63 rate adaptation, 559–560 Web cache, 108 request to send (RTS) control, 551 web client-server interaction, sequence number, 556 standards, 543 516–517 transmission rates and range, 534 Web page, 96 wide-area wireless versus, 18 Web servers, 62, 96, 276 TCP and, 193–194

764 INDEX WiFi jungle, 546 mesh, 535 WiFi Positioning System (WPS), 558 packet sniffing, 57 WiFi wireless router, 16 transmission rates and range, 534 wildcards, in flow table entries, 356 WiFi, 542–563 window scaling factor, 230 wireless personal area networks window size, 216 (WPANs), 561 in SR, 224, 225 Wireshark, 57, 76–77 Windows platforms TCP, 300 Snort, 678 work-conserving queuing, 329 wireless and mobile devices, 79 worms, 192 wireless communication link, 532 WPANs. See wireless personal area wireless host, 532 wireless LANs, 17 networks encryption, 659 X encryption-key derivation, 660 four-way handshake, 662 X.509, 634 mutual authentication, 660 Xerox security, 659–664 security messaging protocols, ethernet, 488 X.25 protocol suite, 62 663–664 XTP, 458 shared symmetric session key Y derivation, 661 802.11 wireless LANs. See IEEE Yahoo, 63 YANG, 428, 436 802.11 wireless LAN YouTube, 276 wireless mesh networks, 535 wireless networks CDN and, 152 video streaming, 143 CDMA, 539–542 elements, 532, 533 Z links and network characteristics, zeroconf, 341 536–539 Zimmerman, Phil, 643