T-110.5110 Computer Networks II Introduction 22.9.2008 Prof. Sasu Tarkoma.

Slides:

Advertisements

Similar presentations

Using HIP to solve MULTI-HOMING IN IPv6 networks YUAN Zhangyi Beijing University of Posts and Telecommunications.

Advertisements

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

1 Address Selection, Failure Detection and Recovery in MULTI6 draft-arkko-multi6dt-failure-detection-00.txt Multi6 Design Team -- Jari Arkko, Marcelo Bagnulo,

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

T Special Course in Data Communication Software Mobility in the Internet Prof. Sasu Tarkoma.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

COM555: Mobile Technologies Location-Identifier Separation.

T Computer Networks II Summary

Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.

T Computer Networks II Summary

1 Computer Networks and Communications [Δίκτυα Υπολογιστών και Επικοινωνίες] Lectures 8&9: Internet Protocols in Detail – TCP/IP Univ. of the Aegean Financial.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )

COS 420 Day 18. Agenda Assignment 4 Posted Chap Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.

EECS 122 Communications Networks Department of Electrical Engineering and Computer Sciences University of California Berkeley Slides: K. Fall, K. Lai,

T Computer Networks II Introduction Adj. Prof. Sasu Tarkoma.

Mobility in the Internet Part II CS 444N, Spring 2002 Instructor: Mary Baker Computer Science Department Stanford University.

ISOC-Chicago 2001John Kristoff - DePaul University1 Journey to the Center of the Internet John Kristoff DePaul University.

COS 420 Day 20. Agenda Group Project Discussion Protocol Definition Due April 12 Paperwork Due April 29 Assignment 3 Due Assignment 4 is posted Last Assignment.

1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

The Future of the Internet Jennifer Rexford ’91 Computer Science Department Princeton University

Network Layer IS250 Spring 2010

NEtwork MObility By: Kristin Belanger. Contents Introduction Introduction Mobile Devices Mobile Devices Objectives Objectives Security Security Solution.

Copyright 2003 CCNA 1 Chapter 7 TCP/IP Protocol Suite and IP Addressing By Your Name.

Host Identity Protocol

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing.

Lecture 1 Internet CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger and Daniel Zappala Lecture 1 Introduction.

Presentation Title Subtitle Author Copyright © 2002 OPNET Technologies, Inc. TM Introduction to IP and Routing.

2002 년 2 학기이동인터넷프로토콜 1 Mobile IP:Overview 년 2 학기이동인터넷프로토콜 2 Mobile IP overview Is Mobile IP an official standard? What problems does Mobile IP solve?

Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing

Chapter 6: Packet Filtering

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

1.1 What is the Internet What is the Internet? The Internet is a shared media (coaxial cable, copper wire, fiber optics, and radio spectrum) communication.

CS 540 Computer Networks II Sandy Wang

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Internet Protocol Internetworking Lab 1. Why Internet?

1 November 2006 in Dagstuhl, Germany

COP 4930 Computer Network Projects Summer C 2004 Prof. Roy B. Levow Lecture 3.

T Computer Networks II Introduction Prof. Sasu Tarkoma.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Content-oriented Networking Platform: A Focus on DDoS Countermeasure ( In incremental deployment perspective) Authors: Junho Suh, Hoon-gyu Choi, Wonjun.

First, by sending smaller individual pieces from source to destination, many different conversations can be interleaved on the network. The process.

Chapter 2 Protocols and the TCP/IP Suite 1 Chapter 2 Protocols and the TCP/IP Suite.

CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing

1 Chapters 2 & 3 Computer Networking Review – The TCP/IP Protocol Architecture.

Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

Ασύρματες και Κινητές Επικοινωνίες Ενότητα # 10: Mobile Network Layer: Mobile IP Διδάσκων: Βασίλειος Σύρης Τμήμα: Πληροφορικής.

Network Layer (OSI and TCP/IP) Lecture 9, May 2, 2003 Data Communications and Networks Mr. Greg Vogl Uganda Martyrs University.

1 12-Jan-16 OSI network layer CCNA Exploration Semester 1 Chapter 5.

T Network Application Frameworks and XML Summary and Conclusions Sasu Tarkoma.

Introduction to Networks v5.1 Chapter 6: Network Layer.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Course Introduction.

1 Review – The Internet’s Protocol Architecture. Protocols, Internetworking & the Internet 2 Introduction Internet standards Internet standards Layered.

1 cellhost-ipv6-52.ppt/ December 13, 2001 / John A. Loughney Minimum IPv6 Functionality for a Cellular Host John Loughney, Pertti Suomela, Juha Wiljakka,

K. Salah1 Security Protocols in the Internet IPSec.

TCP/IP Protocol Suite and IP Addressing Presented By : Dupien AMS.

@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.

On Firewalls Fred Baker and Paul Hoffman draft-ietf-opsawg-firewalls-01.txt.

Lecture 14 Mobile IP. Mobile IP (or MIP) is an Internet Engineering Task Force (IETF) standard communications protocol that is designed to allow mobile.

Mobile Networking (I) CS 395T - Mobile Computing and Wireless Networks

Multiple Addresses in Transport - For Discussion

Chapter 6: Network Layer

Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.

Internet Protocol version 6 (IPv6)

Presentation transcript:

T Computer Networks II Introduction Prof. Sasu Tarkoma

Contents Course Outline Carrying out the course Lectures Material

Course Outline 4 credit course During Autumn 2008, we will look at protocols and architectures related to mobility management, session management, authentication, authorization and accounting (AAA) services and quality of service (QoS). The course consists of the lectures and a final exam. The purpose is that the participants actively read the material beforehand and discuss problem areas during the lectures. Networks II lectures start on Monday in T2. Registration happens on this first lecture. Course material will be in English. Lectures will be in English if required.

Course Goals Understand advanced networking techniques Learn state of the art Get a glimpse to near-future technologies and long haul development

Time and Place Time and place: Mondays at 14:15 – 15:45 in T2. Prof. Sasu Tarkoma gives the lecture unless otherwise indicated.

Carrying out the Course The course grade consists of partication to lectures and a final exam. Final exams will be held as follows: – at T1. Required preliminary knowledge –T Telecommunication Architectures –T Computer Networks –T Information Security Technology

Final Exam T1 Exam will be based on course material –Slides –Articles and standards documents

Contact Points Send Follow course web-page –Results and updates will be posted to the Web Reception –After the lectures –Otherwise send to arrange a meeting –Exam reception will be scheduled after results

Summary of Course As discussed the course focuses on several important features of current networking systems – Mobility, QoS, Security, Privacy We observe that these features were not important for the original Internet architecture They are important now –Mobility, QoS, Security are coming with IPv6 –IPv6 deployment does not look promising Hence, many proposals to solve issues in the current Internet Also many solutions to solve expected problems in the Future Internet

Layered Architecture Internet has a layered architecture Four layers in TCP/IP –Application (L7) –Transport (L4) –Network (L3) –Link layer / physical (L2-L1) We will talk a lot about layering –Benefits, limitations, possibilities (cross-layer) –It is not always clear what is a good layering A lot of interesting networking developments are happening on application layer

The Internet has Changed A lot of the assumptions of the early Internet has changed –Trusted end-points –Stationary, publicly addressable addresses –End-to-End We will have a look at these in the light of recent developments End-to-end broken by NATs and firewalls

Network has Value A network is about delivering data between endpoints Data delivery creates value Data is the basis for decision making We have requirements to the network –Timeliness –Scalability –Security –...

Looking at the Layers Link Layer / Physical Network –We will look at mobility, security, and QoS on L3 –Mobile IP, network mobility, HIP, NAT Traversal Transport –Basic properties of transport layer protocols TCP variants, DCCP, TLS, dTLS –Mobility and security on L4 Application –Security, identity management Goal: have an understanding of the solutions and tradeoffs on each layer and discussion on the role of layering

Physical Link Network Transport Application Physical Link Network Transport Application PAP, CHAP, EAP, WEP,... IPsec HIP HTTPS, S/MIME, PGP,WS-Security, Radius, Diameter, SAML TLS, SSH,...

Role of Standards On this course, we will talk a lot about standards –IETF is the main standards body for Internet technologies –Instruments: RFCs, Internet drafts –Working groups –IRTF Other relevant standards bodies –W3C, OMA, 3GPP, OMG

Transport Issues Network layer (IP) provides basic unreliable packet delivery between end-points Transport layer needs to provide reliability, congestion control, flow control, etc. for applications TCP variants SCTP DCCP TLS dTLS

Mobility What happens when network endpoints start to move? What happens when networks move? Problem for on-going conversations –X no longer associated with address –Solution: X informs new address Problem for future conversations –Where is X? what is the address? –Solution: X makes contact address available In practice not so easy. Security is needed!

Mobility Micro Macro Global Intra-subnet Intra-domain Inter-domain Cellular IP (1998) TMIP (2001) Hierarchical MIP (1996) Hawaii (1999) Dynamic Mobility Agent (2000) HMIPv6 (2001) MIP (1996) MIPv6 (2001) Time (evolutionary path) Classifying Mobility Protocols

NAT Traversal As mentioned, end-to-end is broken Firewalls block and drop traffic NATs do address and port translation –Hide subnetwork and private IPs How to work with NATs –Tricky: two NATs between communications –NAT and NAPT –One part is to detect NATs –Another is to get ports open IETF efforts –STUN –ICE –TURN –NSIS

QoS By default, there is no QoS support on the Internet IP is unreliable, packet types are handled differently (TCP/UDP/ICMP) No guarantees on TCP flow priority (OS and NW stack issue) IETF work –DiffServ, IntServ, NSIS

Security Features IPSec provides basic security (tunnel,transport) with IKE Solution for autentication, authorization, accounting is needed (AAA) –Radius, Diameter Case: WLAN access network

HIP HIP is a proposal to unify mobility, multi-homing, and security features that are needed by applications Identity-based addressing realizing locator-identity split Change in the networking stack that is not very visible to applications (no IP addresses though!) HIP architecture, HIP implementation for Linux

NetFPGA The NetFPGA is a low-cost platform for teaching networking hardware and router design, and a tool for networking researchers. The NetFPGA offloads processing from a host processor. The host's CPU has access to main memory and can DMA to read and write registers and memories on the NetFPGA. A hardware-accelerated datapath. Four Gigabit ports and multiple banks of local memory installed on the card. Uses Verilog and a cross compilation environment.

Basic Architectural Components of an IP Router Control Plane Datapath per-packet processing Switching Forwarding Table Routing Table Routing Protocols Management & CLI Software Hardware Reference:

Privacy and Identity Management Privacy and trust matters a lot Services on the Web Single sign-on –Liberty, OpenID, GAA,.. Recent developments

Questions and Discussion