Internet Basics

1
Internet Basics

• (How your email gets to you)
• Richard G. Clegg

2
What we will cover

• The "layers model" of the internet
• Internet addresses
• Internet protocols
• The basics of rout(e)ing
• The journey of email

3
For more information

• Tanenbaum (Computer Networks)
• Stevens (TCP/IP illustrated)
• RFCs (requests for comments)
• IETF (Internet Engineering Task Force)

4
The Internet - emailing a friend
your computer
university of york
G/169 router
JANET
transatlantic cable
LAN
your friend's computer
US backbone
5
Models of the Internet
TCP/IP Reference Model
OSI/ISO reference model
Application Transport Internet Host-to-network
Application Presentation Session Transport Network
Data Link Physical
Model Layers
open systems interconnection (international
standards office) transmission control
protocol/internet protocol
6
Physical layer

• Think "wires in the ground".
• This is the physical hardware of the internet.
• Wires/optical cables/wireless links and other
  technologies provide a way for transmission of
  raw bits (0s and 1s).
• Routers and switches connect these cables and
  direct the traffic.

7
Data link layer

• Groups raw bits into packets of data.
• Basic error checking for lost data.
• In TCP/IP the "Physical layer" and the "Data
  Link" layer are grouped together and called the
  host-to-network layer.

8
Network Layer/Internet Layer

• Tells data which link to travel down.
• Addresses the problem known as routing.
• Deals with the question "where do I go next to
  get to my destination?"
• Ensures packets get from source A to destination
  B.

9
Transport Layer

• Accepts data splits it into packets.
• Ensures a connection between source and
  destination.
• If necessary ensure that connection is lossless
  (resend missing data).
• Provides flow control if necessary (send data
  faster or slower depending on the network
  conditions).

10
Session Layer (not TCP/IP)

• Provides a single connection for one application.
• This connection may be two way or may be
  synchronised.

Presentation Layer (not TCP/IP)

• Provides extra functions which are used quite
  often.
• E.g. exchange of character strings.

11
Application layer

• The computer programs which actually do things
  with the network.
• For example, your email program which will talk
  to the email server at the other end.
• At this layer, we have many protocols (http,
  snmp, smtp, ftp, telnet) which different bits of
  software use.
• We often talk in terms of client and server
  architecture for the software.

12
TCP/IP model in summary
13
Internet (IP) addresses

• richard_at_manor.york.ac.uk (email)
• http//www.apoptygma.eu.org (www)
• ftp//ftp.uk.debian.org (file transfer)
• telnet//towel.blinkenlights.nl (telnet)
• 144.32.108.74
• 148.122.211.110
• 195.224.53.39
• 62.250.7.101

These are the real IP addresses of the above
sites. IP addresses are 32 bits grouped into 4
octets. (Octet 8 bits a number from 0-255)
14
IP Networks(1)

• IP addresses use less significant bits first to
  indicate sub-networks.
• IP address 123.45.67.89
• Netmask255.255.255.0
• If two IP addresses are the same when bitwise
  ORd against the inverse (bitwise NOT) of the
  netmask then they are on the same subnet
• 123.45.67.?? is always on the same subnet in the
  above example.

15
IP Networks(2)

• IP networks were originally subdivided into class
  A, B, C, D and E networks.

16
The IP header

• IP packets all have a header as shown

17
About the IP header

• Type of Service (Best efforts, immediate
  delivery etc)
• Total length (of whole packet)
• Identification (number of packet for later
  reassembly)
• Fragment offset sometimes the network splits a
  packet into fragments.
• Flags (information about fragments). DF Dont
  Fragment MF More Fragments to come

18
About the IP header (2)

• Time To Live (TTL) reduced by one every hop.
  When it reaches zero packet is killed. (This is
  to ensure that the network doesnt fill up with
  lost packets).
• Protocol identified by a number (usually TCP or
  UDP).
• Checksum to ensure that the packet is not
  corrupted.

19
IPv6

• IPv4 allows over 4 billion computers (but not
  really) inefficient subnetting is using these
  up.
• IPv6 allows 16 octet addresses (4 octets in
  IPv4).
• 3x1038 addresses (gt Avogadros number).
• 7x1023 IP addresses per square meter of the
  earths surface.
• Why so many? Electrical devices may want IP
  addresses your house could be its own
  subnetwork. Why NOT have so many?

20
IPv6(2)

• Better security than current IP(v4).
• Allow roaming hosts.
• Permits the old and new protocols to co-exist.
• Pay more attention to type of service (for real
  time data).

21
Domain Name System (DNS)

• DNS takes the human readable name and converts it
  to octets.
• On a unix machine you can try this using nslookup.

manor.york.ac.uk 1 nslookup www.ntk.net Server
castle2.york.ac.uk Address 144.32.128.5 Non-aut
horitative answer Name vwww.flirble.org Addre
ss 195.40.6.34 Aliases www.ntk.net
Question
Answer
22
DNS(2)
generic/US
national
TLDs (Top Level Domains)
com
org
gov
mil
net
jp
uk
nl
sun
ac
vnvnation
co
org
eng
www
york
musicnonstop
ic
manor
www
doc
www
src
23
DNS (3)
24
Routing Tables

• How do packets know where to go?
• This problem is known as routing.
• The oldest (and easiest) solution is static
  routing.
• Each computer has a table saying where to go to
  get to each other computer.
• On a Local Area Network (LAN) list all machines
  on your subnet and the address of the external
  router for everything else.
• Most machines only need to know how to get to
  their nearest router.

25
Dynamic Routing

• Distance Vector Routing (Bellman-Ford)
• Each router stores a distance metric to various
  network locations.
• Routers exchange routing packets periodically to
  update their route information (routing table).
• Each router measures how far their neighbours are
  away and learns how far the neighbours are from
  various destinations.

26
Dynamic Routing (2)
A knows that it is 2 units from B and 4 from
C. It also knows that C takes 4 units to get to
D and B takes 5. Therefore, to get packets to
D, A will first send them to B.
2
A
B
1
4
C
4
D
If things change, then the routing tables are
updated. For example, if congestion increases the
B to C cost to 3 then B will tell A the new
price to get to D is 7. A will send things
directly to C instead of via B. If the link A-C
breaks A will send via B again.
27
Routing problems
1

• The count to infinity problem.
• All links cost 1.
• Link C-D breaks.
• What happens?

A
B
1
1
C
1
D
Assumed Cost to D
split horizon hack
28
Open Shortest Path First (OSPF)

• Common internet routing algorithm.
• Uses three metrics, throughput, delay and
  reliability.
• Allows some load balancing.
• Accounts for the fact that routers cannot know
  the entire internet.
• Works within an Autonomous System (AS) assumed
  to be run by the same organisation.
• Border Gateway Protocol (BGP) connects these (I
  will not describe BGP here).

29
TCP and UDP

• Once weve got our IP packet safely to its
  destination what happens next?
• Having stripped off the header, the first thing
  we find is another header.
• The second header provides information on which
  port to enter the machine on and where to send
  the reply.
• It also provides a checksum to check the data is
  valid.
• UDP will do nothing else. TCP will ensure that
  the connection is lossless.

30
What are ports?

• Ports are conceptual points of entry into a
  host computer.
• They do not correspond with real hardware.
• Usually a service is associated with a port (e.g.
  http on port 80).
• Servers listen on a port for connection
  attempts.
• Ports provide one level of internet security.
• Generally, low level ports are reserved for
  special services.

31
Common Services and Ports

• Service Listens on Port
• ftp 21
• telnet 23
• smtp (mail) 25
• finger 79
• http 80
• User configured services (your Half-Life server?)
  will listen on high numbered ports which are
  usually left open to all users.

32
UDP data

• User Datagram Protocol the header is shown
  below.
• Length and checksum are as for IP.

33
About UDP

• Provides a lossy connection (data may vanish).
• Does not guarantee packets are delivered in
  order.
• Useful for real time applications. (It is no use
  having your Quake III information arriving
  correctly but ten seconds late).
• UDP applications can implement their own packet
  loss checking but it is best to use TCP for this.

34
The TCP header

• The TCP header is shown below

35
About the TCP header

• Sequence number (what is the order of this
  packet) incremented by 1 for every packet.
• Acknowledgement number (what packet sequence
  number does this acknowledge).
• Header length (how many 32 bit words are in
  options).
• Flags SYN start connection, ACK acknowledge
  packet, FIN finish connection.
• (Three other flags, URG, RST, PSH).

36
TCP header (2)

• Window size will be described in more detail
  later (it sets how many unacknowledged packets
  may exist).
• Checksum is as for IP and UDP.
• Urgent Pointer points to part of the data that
  must be looked at by the receiver before the TCP
  session (rarely used).

37
About TCP

• TCP provides a lossless connection (or flags an
  error when losses occur).
• Data packets are given an order and can be
  reassembled.
• TCP provides some limited congestion control.
• TCP is most useful for applications where data
  validity is important but real-time is not
  critical (email, www, ftp).
• TCP packets are part of a TCP session.

38
TCP connections

• This diagram shows the start of a TCP connection.

A sends packet X with SYN. Hello I would like
to talk. B sends a SYN, ACK pair I got
your message. I would also like to talk A sends
an ACK (and some data) I got your message, here
is some data.
39
TCP mechanisms

• The window size is the number of outstanding
  (unacknowledged) packets that that a TCP session
  can send.
• The window size provides a crude method for
  congestion control.
• The window size increases to allow more packets
  to be sent (it increases throughput).
• If a packet is lost then the window is reduced
  again.

40
TCP lost packets

• When a packet is received out of sequence the
  receiver sends an ACK with the same number as the
  previous.
• If the sender receives three duplicate ACKs then
  it assumes the packet has been lost and resends.
• If the sender has not received an ACK for a
  packet within a certain amount of time then it
  times out and assumes the packet lost.
• Packet loss causes the packet to be resent and
  the congestion window to be reduced.

41
TCP Window Increase/Decrease
Congestion window
The initial doubling of the window size is called
slow start.
Timeout
Threshold
Threshold
Transmission no
42
ICMP

• Internet Control Message Protocol packets are
  used for various control purposes. Here are some
  common ones
• Time exceeded TTL hit 0.
• Echo request Can you hear me out there?
• Echo reply Yes I can hear you.
• Source Quench Stop sending so much data.
• Timestamp request/reply (as echo but with times).

43
The story of ping

• Ping is a handy utility for checking if a
  computer is alive using ICMP echo request/reply
  (or timestamp if we want).
• Ping is a first test if a computer is networked.
• We can even measure the speed of light using
  ping. http//xxx.lanl.gov/abs/physics/0201053
• Hacking makes it increasingly unused.

manor.york.ac.uk 20 ping -s castle.york.ac.uk PIN
G castle2.york.ac.uk 56 data bytes 64 bytes from
castle2.york.ac.uk (144.32.128.5) icmp_seq0.
time1. ms 64 bytes from castle2.york.ac.uk
(144.32.128.5) icmp_seq1. time1. ms 64 bytes
from castle2.york.ac.uk (144.32.128.5)
icmp_seq2. time1. ms 64 bytes from
castle2.york.ac.uk (144.32.128.5) icmp_seq3.
time1. ms
44
Traceroute

• Traceroute neatly combines ping and the TTL flag
  to get a route to a computer.
• If the TTL is one the the packet will die after
  one hop.
• ICMP will return a Time exceeded flag.
• This will tell us where the first hop of our
  journey is.
• Increase the TTL by one to find the next hop.

45
ICMP tourism (with traceroute)
This shows the trip from Estonia to my flat in
Fulford via my Internet Service Provider (ISP)
V21 in Rochdale
traceroute to host213-121-67-224
(213.121.67.224) 2-20 hops, 38 byte packets 2
213.180.11.162
tondi-CR.online.ee 1.62 ms (ttl127) 3
213.180.25.1
liiva-CR.online.ee 1.82 ms (ttl126) 4
213.180.11.189
tix-CR.online.ee 2.16 ms (ttl125) 5
212.47.215.6 r1-Fa4-0-80-Tln-TIX.EE.KPNQwest.n
et 2.28 ms (ttl251) 6 134.222.224.5
r5-AT3-1.105.sthm-KPN1.SE.kpnqwest.net 12.2 ms
(ttl250) 7 134.222.119.226 r2-Ge0-2-0-0.Sthm-K
Q1.SE.KPNQwest.net 34.3 ms (ttl246!) 8
134.222.230.157 r2-Se0-3-0.hmbg-KQ2.DE.KPNQwest.n
et 33.4 ms (ttl247!) 9 134.222.230.117
r2-Se0-2-0.0.ffm-KQ1.DE.kpnqwest.net 34.1 ms
(ttl249!) 10 134.222.230.29
r2-Se0-3-0.0.ledn-KQ1.NL.kpnqwest.net 39.6 ms
(ttl248!) 11 134.222.230.169
r1-Se0-0-0.0.ldn-KQ1.UK.kpnqwest.net 43.7 ms
(ttl246!) 12 134.222.231.14
r1-Se0-0-0.0.Ldn-KQ4.UK.KPNQwest.net 44.9 ms
(ttl245!) 13 134.222.109.241
r13-Gi5-0.200.ldn-KQ4.UK.kpnqwest.net 45.4 ms
(ttl245!) 14 195.66.225.10
linx-l1.ukcore.bt.net 45.2 ms (ttl244!) 15
194.74.65.126 core2-pos14-0.ilford.ukcore.bt.n
et 45.3 ms (ttl243!) 16 194.74.65.222
core2-pos5-0.reading.ukcore.bt.net 46.7 ms
(ttl242!) 17 62.6.196.109
core2-pos8-0.birmingham.ukcore.bt.net 54.3 ms
(ttl241!) 18 194.74.16.194
core2-pos9-0.rochdale.ukcore.bt.net 51.0 ms
(ttl240!) 19 217.32.168.5
vhsaccess1-gig1-0.rochdale.fixed.bt.net 51.1
ms (ttl239!) 20 213.121.156.22
ugint0066-p.vhsaccess1.rochdale.fixed-nte.bt.net
51.3 ms (ttl238!)
46
The journey of email
SYN SYN,ACK ACK
Set up the TCP connection
Look up IP name for distant.com
Dav
e, Gr
eat
to s
To dave_at_distant.com From richard_at_manor Dave,
Great to see you the other day...
Packetise the data
Dav
Dav
Get first hop from routing table
Add TCP header to first packet
Add IP header to front of that
Send the first packet to its first hop
Destination gets packet and returns ACK
And so on for further hops.
Start sending rest of data
47
How can we model this?

• As mathematicians we want to be able to say
  something about these systems.
• How can we apply what we have learned in this and
  other courses to the internet?
• In a future lecture I hope to outline some open
  research questions about the net and show how
  mathematics can help solve some of these problems.