Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Slides:



Advertisements
Similar presentations
IPv4 to IPv6 Network Address Translation. Introduction 4 What is the current internet addressing scheme and what limitations does it face. 4 A new addressing.
Advertisements

Internet Protocol How does information get sent from one device to another across a WAN?
COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.
CSE331: Introduction to Networks and Security Lecture 8 Fall 2002.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
EEC-484/584 Computer Networks Lecture 10 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Routing and Routing Protocols Introduction to Static Routing.
Delivery, Forwarding, and Routing
1 Autonomous Systems An autonomous system is a region of the Internet that is administered by a single entity. Examples of autonomous regions are: UVA’s.
Internet Basics.
1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen
Networking Components Chad Benedict – LTEC
Computer Networks Layering and Routing Dina Katabi
Inter-domain Routing Outline Border Gateway Protocol.
A global, public network of computer networks. The largest computer network in the world. Computer Network A collection of computing devices connected.
Delivery, Forwarding and
Network Redundancy Multiple paths may exist between systems. Redundancy is not a requirement of a packet switching network. Redundancy was part of the.
1 Chapter 27 Internetwork Routing (Static and automatic routing; route propagation; BGP, RIP, OSPF; multicast routing)
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Chapter 22 Network Layer: Delivery, Forwarding, and Routing
TCOM 515 Lecture 6.
Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.
Introduction to BGP.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 6 Routing and Routing Protocols.
1 Chapter 27 Internetwork Routing (Static and automatic routing; route propagation; BGP, RIP, OSPF; multicast routing)
1 Routing. 2 Routing is the act of deciding how each individual datagram finds its way through the multiple different paths to its destination. Routing.
Objectives: Chapter 5: Network/Internet Layer  How Networks are connected Network/Internet Layer Routed Protocols Routing Protocols Autonomous Systems.
Lecture#1 on Internet. Internet Addressing IP address: pattern of 32 or 128 bits often represented in dotted decimal notation IP address: pattern of 32.
CCNA 1 Module 10 Routing Fundamentals and Subnets.
10/8/2015CST Computer Networks1 IP Routing CST 415.
Mr. SACHIN KHANDELWAL (S.D.E.) Mr. N.S.NAG (D.E.) Mr. L.K.VERMA (PROJECT GUIDE)  Group Members- 1)Mohit Udani 2)Ranjith Kumar.M 3)Salma Siddique 4)Abhishek.
UNIT IP Datagram Fragmentation Figure 20.7 IP datagram.
Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014.
CS 447 Networks and Data Communication Department of Computer Science Southern Illinois University Edwardsville Fall, 2015 Dr. Hiroshi Fujinoki
Lecture 6 Page 1 Advanced Network Security Review of Networking Basics Advanced Network Security Peter Reiher August, 2014.
Presented by Rebecca Meinhold But How Does the Internet Work?
Internet Protocols. ICMP ICMP – Internet Control Message Protocol Each ICMP message is encapsulated in an IP packet – Treated like any other datagram,
Internet Essentials. The History of the Internet The Internet started when the Advanced Research Projects Agency (ARPA) of the United States Defense Department.
Routing in the Inernet Outcomes: –What are routing protocols used for Intra-ASs Routing in the Internet? –The Working Principle of RIP and OSPF –What is.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Course Introduction.
Routing Algorithms Lecture Static/ Dynamic, Direct/ Indirect, Shortest Path Routing, Flooding, Distance Vector Routing, Link State Routing, Hierarchical.
NETWORKING (2) Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Inter-domain Routing Outline Border Gateway Protocol.
1 Layer 3: Routing & Addressing Honolulu Community College Cisco Academy Training Center Semester 1 Version
1 CS716 Advanced Computer Networks By Dr. Amir Qayyum.
Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems.
ROUTING.
Working at a Small-to-Medium Business or ISP – Chapter 6
Autonomous Systems An autonomous system is a region of the Internet that is administered by a single entity. Examples of autonomous regions are: UVA’s.
DNS Security Advanced Network Security Peter Reiher August, 2014
(How the routers’ tables are filled in)
Border Gateway Protocol
ICMP ICMP – Internet Control Message Protocol
COMP 3270 Computer Networks
Dynamic Routing: Dynamic routing is where we use a routing protocol; routing protocols are cool because they take care of our work. Routing protocols will.
CCNA 2 v3.1 Module 6 Routing and Routing Protocols
Net 323 D: Networks Protocols
Net 323 D: Networks Protocols
Autonomous Systems An autonomous system is a region of the Internet that is administered by a single entity. Examples of autonomous regions are: UVA’s.
(How the routers’ tables are filled in)
EEC-484/584 Computer Networks
COS 561: Advanced Computer Networks
Inter-domain Routing Outline Homework #3 solutions
COS 561: Advanced Computer Networks
Working at a Small-to-Medium Business or ISP – Chapter 6
Dynamic Routing: Dynamic routing is where we use a routing protocol; routing protocols are cool because they take care of our work. Routing protocols will.
Other Routing Protocols
Computer Networks Protocols
Presentation transcript:

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher August, 2014

Lecture 8 Page 2 Advanced Network Security Outline Basics of Internet architecture Routing for the Internet and other networks Naming issues in networks

Lecture 8 Page 3 Advanced Network Security Internet Architecture The Internet is a network of networks It connects together different networks –Controlled by different parties –In different geographical locations –Under different legal and political control –Using different underlying technologies

Lecture 8 Page 4 Advanced Network Security So the Internet Isn’t Really This

Lecture 8 Page 5 Advanced Network Security It’s More Like This Except much, much bigger And much, much more complicated

Lecture 8 Page 6 Advanced Network Security High Level Internet Organization Subnetworks are considered to be: –Tier 1 networks –Tier 2 networks –Or tier 3 networks Definitions of tiers slightly imprecise But commonly understood

Lecture 8 Page 7 Advanced Network Security Tier 1 Networks All tier 1 networks interconnect directly In essence, the Internet backbone Tier 1 networks mostly move data between each other –Without paying each other per packet or for amount of bandwidth used Until it is moved down to lower tier networks for delivery Examples: AT&T, Sprint, NTT

Lecture 8 Page 8 Advanced Network Security Tier 2 Networks ISPs that do some peering, but also pay some other networks for data transit Essentially, large ISPs They connect to some tier 1 networks –And to some tier 3 networks –Perhaps even directly to customers Examples: British Telecom, Comcast

Lecture 8 Page 9 Advanced Network Security Tier 3 Networks ISPs that primarily provide direct service to customers They typically connect to one or more tier 2 networks Tend to be highly regional Usually lower bandwidth networks Example: Thang Long Data Center

Lecture 8 Page 10 Advanced Network Security How They Fit Together

Lecture 8 Page 11 Advanced Network Security Some Basic Internet Policies Valley-free –Once traffic goes up in tiers, it doesn’t go down until you get close to delivery I.e., customer->tier-3->tier-2->tier-1->tier-2->tier-3- >receiver Not customer->tier-3->tier-2->tier-1->tier-2->tier-1->tier2- >tier-3->customer That’s a valley! Prefer customer route, then peer, then provider - Go down before sideways - Go sideways before up Typical policy, not ironclad rule

Lecture 8 Page 12 Advanced Network Security Why Should We Care? Security solutions at Internet level must match Internet realities Some parties won’t do certain things –Tier 1 won’t filter packets Others might –Tier 3 might filter packets Don’t design solutions based on unrealistic assumptions

Lecture 8 Page 13 Advanced Network Security Autonomous Systems A key organizational concept for the Internet Abbreviated “AS” A subnetwork run by a single organization –Whose machines are tightly connected together Identified by a unique number Often, Internet is viewed as a set of connected ASes

Lecture 8 Page 14 Advanced Network Security Internet Routing IP assumes the sites it visits know where to send a packet next Based on forwarding tables –Except for the final destination How to we build and maintain these tables? Routing protocols

Lecture 8 Page 15 Advanced Network Security Routing Protocols Internet nodes exchange information about how to reach destinations –Specified by ranges of IP addresses Different routing protocols used in different parts of the Internet Used to create forwarding tables

Lecture 8 Page 16 Advanced Network Security Styles of Routing Protocols Link state protocols –Pass around information about state of links Distance vector protocols –Pass around information about how far away things are Path vector protocols –Pass around paths that can reach various places Ad hoc protocols –Search for paths as necessary (typically for mobile scenarios)

Lecture 8 Page 17 Advanced Network Security BGP A path vector protocol The core protocol for routing in the Internet backbone Autonomous systems exchange path information Can also be used within an AS

Lecture 8 Page 18 Advanced Network Security OSPF and RIP Protocols used within a single network Such as a large company’s network OSPF is a link state protocol RIP is a distance vector protocol Generally only suitable for networks of limited size

Lecture 8 Page 19 Advanced Network Security Security Issues for Routing Protocols Largely integrity and availability Generally, routing info is not regarded as secret –Though perhaps some of it should be None of the original protocols include any integrity mechanisms We’ll discuss routing security in detail

Lecture 8 Page 20 Advanced Network Security Internet Naming At the low level, IP addresses are the names understood by the Internet But IP addresses are not convenient names for users –No semantic meaning Tying a high level entity to an IP address is limiting So we need other names, as well

Lecture 8 Page 21 Advanced Network Security Goals of Standard Internet Naming To tie some high level name to an IP address Generally a name indicating some machine –Or collection of machines working together Not to tie name to a particular data item or user

Lecture 8 Page 22 Advanced Network Security Internet Domain Names A string defining a resource on the Internet –Like a web site, mail server, etc. Typically readable by humans Often 1-to-1 connection between domain name and a machine –But not always –Several machines can share domain name –One machine can host several domain names

Lecture 8 Page 23 Advanced Network Security A Typical Domain Name lever.cs.ucla.edu My research group’s server at UCLA Its IP address is When a person or program wants to send data there, they use the name When the Internet delivers packets there, it uses the IP address Clearly, we need to translate

Lecture 8 Page 24 Advanced Network Security Format of Internet Domain Names The domain name is a string divided into components by dots –lever.cs.ucla.edu A hierarchical organization –Read right to left –So “edu” is the “highest” level in the example Ultimately, translates down to one IP address –Which might be different each time you ask...

Lecture 8 Page 25 Advanced Network Security Name Translation in the Internet Can be done many ways But almost always, we use DNS DNS = Domain Name Service A special service to do these translations

Lecture 8 Page 26 Advanced Network Security Basics of DNS A hierarchical name resolution system With lots of caching Integrity and availability are big concerns –Secrecy isn’t –Name translations are public info Basic version does not perform any integrity checking We’ll talk about security issues later

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.