Computer Networks A Revision Summary by James Bedford Copyright to The University of Manchester Current Version: 9:03pm - 20/01/10 This summary is complete. Although I've decided not to cover wireless networks as I really can't be bothered and I'd rather start summarising the summary! Please feel free to contact me to discuss anything at:
[email protected] - MSN/E-mail Starscent - Skype The more I talk about this stuff the more it goes in my head so I'm more than happy to! Good luck in the exam! :)
Introduction What is a computer network? To a user - a network is something that allows applications to talk to each other. They have an idea as to what the infrastructure should allow them to do. Email and web browsing should be reliable. Internet banking should also be secure. Internet radio, voice over IP and video streaming should have quality. With VoIP however you also want low latency (delay) too, as opposed to internet radio. The demands of the network depend on what type of application you want to run. To a developer - needs to understand how the network works in order to create applications that the user can use. Has an Application Programming Interface (API) to create the network application. The API provides a set of functions (services), with quality of service parameters (such as low delay, reliability etc.), and it has documentation as to how the API should be used. The network application developer needs to know about protocols, and the valid sequence of function calls through the API. To a network designer - has a structural view of the network. The network designer knows about the cables and connectivity, and how different types of network can be linked together. To a network provider - something to charge for! Different sizes of networks • • • • •
Persona sonall Ar Area Ne Networ twork k - smallest Syst System em Area rea Netwo etwork rk (SA (SAN) Loca Locall Ar Area Netw etwork ork (L (LAN) Metr Me trop opol olit itan an Are Area a Net Netwo work rk (MA (MAN) N) Wide Wide Area rea Netw Networ ork k (WA (WAN) - largest
Protocols Protocols define interactions, such as the way the programmer uses the network. They have many elements, such as links, switches, end-hosts, processes, and exist within a single layer of the network. A protocol is only used for one service. It defines a service. You get stacks and layers of protocols in order to complete a full operation, these are known as network layers.
Network Layers OSI 7 Layer Model (A Theoretical Model) The OSI 7 Layer model is a theoretical model, and isn't necessarily how the network is laid out. This model was developed to be follows theoretically and consists of seven key layers, as follows.
! ! ! ! ! ! !
Application Application - high level applications. Presentation Session Transport Transport - getting data to the correct applications. Network Network - getting data between a source and destination computer. Data link Physical Physical - physical cables.
Reference Model: Internet This reference model tends to be how the internet was developed and is a more realistic interpretation of the layout of the network hierarchy. ! ! ! !
Application Application Layer - high level applications. Transport Layer Layer - e.g. TCP and UDP protocols exist here. Network Layer Layer - IP - joins different physical networks together. Access Link Layer - physical network layer., comprising of cables etc.
Protocol Encapsulation An application message will use the transport layer to move the message. In order for the transport layer to used, it has to put a header onto the front of the message, before the message is moved down the network layers. Each network layer adds its own header, so the link layer does the same. Once it reaches the link layer it can be moved across the network. The message has now gained additional control information which can be used at the receiver end. When the message is received then the reverse process occurs, the network layer removes the header associated with it, performs any operations it needs to, and then passes it up to the higher network level. This is process is known as encapsulation. encapsulation. Physical Layer Connectivity We're interested in measurements - the bandwidth available for the data, and whether or not the connection is shared (e.g. wireless broadcasts) or dedicated.
At The Edge of the Network Connectivity options: • •
•
•
•
•
POTS (plain POTS (plain old telephone system) (dial-up) 56 kb. (DSL) - broadband. DSL involves a high-speed downstream data Now it's Digital Subscriber Line (DSL) channel, a medium-speed upstream data channel, and an ordinary two-way audio phone channels. This system is asymmetric - the upload stream is a different speed to the download speed. Cable/fibre optic optic - the amount of bandwidth available depends on what other users in the area are doing as to how fast your internet actually is. Cable and fibre optic are shared physical mediums (many people are connected in the same area), as opposed to broadband's dedicated physical connection. Wireless technology Wireless technology - two forms; WAN (54 Mb/s), which is faster but shorter range, used in home Wi-Fi boxes, and through wireless access networks, which are used by mobile phones, which are a lot slower, but span over a large distance. Connect Connectivit ivity y at home home - intern internet et comes comes in via via a phone phone cab cable le which which is conne connected cted to to a router. router. The route routerr found in most homes has has three functions; communicating with the internet, routing the packets, and providing wired Ethernet and/or a wireless access point. Corpora Corporate te networ network k connectiv connectivity ity is used used in compani companies es and univer universiti sities. es. The The connectio connection n with the the rest of the world is linked via a router, which is lined to an Ethernet switch, which is linked to the various computers. The universities ISP connection is 10 gig. The network capabilities are not faster than the ISP connection, but when you add all the traffic required from all the computers, it needs such a large ISP connection.
At The Core •
• •
A packet packet has to to pass throu through gh more more than one one net networ work. k. The packe packett moves moves through through the the network network using using a process of forwarding. It doesn't look at the whole network, it just uses local decisions. It's impossible to get a global view of the internet. Variou Various s tiers tiers exist exist in the net networ work. k. Any Any netw network ork tier tier has has a seri series es of of point of presences (POPs) presences (POPs) to achieve a connection. It's good good not not to go all all the way way through through the the network, network, so so there's there's also also connect connectivit ivity y between between the the same tiere tiered d
•
networks. Tier 3 is local networks. ISPs connect tier 3 to the higher level networks. Network topologies (i.e. the layout of computers and how they're linked togethers); include ring, bus, star, tree, and mesh layouts. They all have their advantages and disadvantages (use common sense to work these out…) ! What can be very important is scalability. Some network topologies have a different ability to ! support scalability than others.
Types of Communication 1. Single (unicast) - once source to one destination. 2. All-nodes (broadcast) - once source to all nodes. 3. Multiple nodes, a subset of all nodes (multicast) - similar to broadcast but less computers that receive the message. Addressing - Used for Connectivity Every device has to have an address in order to communicate with other devices, which has to be unique across the entire world. An IP address (a 32bit numeric value) can be used. An IP address consists of two parts, firstly, the network of the device, and secondly, the computer on that particular network. IP concatenates these two values, so for example: 130.88 (network) + 0.28 (machine) gives the IP address = 130.88.0.28. Ports - Used for Connectivity A computer can run multiple applications, so each application has a unique port number in order ensure a particular network application gets the information it wants, and not another applications data. TCP and UDP use a 16-bit port number. Web browsers use port 80 for web servers. The Reality of Networks - Networks are Unreliable! The network is not reliable - but it should always appear to the end user (and perhaps to different network layers) that it is. There are many reasons why things may go wrong, and so there are methods to work around these faults. Codes (checksums) are used to detect errors in the transmission. Acknowledgments are used to signal that a message has arrived, or negative acknowledgments can be used to signal that a message didn't arrive. Timeouts are used with acknowledgements - when they expire, a retransmission will take place. The main principle is to hide some kinds of network failure and make it look more reliable than it is. Some good principles in which to create applications that achieve functionality and good network design are the following: • • • • • • • • • •
Service model. Global coordination (e.g. port 80 is a web service). Minimise manual setup. Minimise volume of information at any point (otherwise bottlenecks at nodes can occur). Distribute information capture and management. Extensibility. Integration with all different systems (e.g. Windows/Mac/Linux). Error detection. Error recovery (reliability). Scalability.
Switching, Delays and Performance Network Core The network core is a mesh of devices that excludes end-systems. The network core is concerned with routers, switches and backbone hubs. The core is the central network, as opposed to the edge of the network, which refers to end systems. This section deals with issues that arise in the network core. How do we move data through the mesh of devices that make up the network core?
Traditional Circuit Switching • • • • • •
Fixed path (channel) through the network is set up with dedicated resources to the connection. Each path through the network becomes dedicated to the first connection made until it's released. Establishing a second link isn't possible because the resources aren't available. This idea comes from the way telephones used to work. Advantages; guaranteed performance. Disadvantages; setup time and the limitation of fixing an entire path through the network for only one connection.
Packet Switching • • • •
The data is broken up into discrete 'chunks' and send it when the resources are available. These pieces are normally of a fixed size. All the bits in a piece are reserved for an end-to-end transfer. The resource piece is idle if not used by the owning transfer.
Network Circuit Switching Frequency Division Multiplexing (FDM) • • • •
Split up frequencies into a number of pieces. Each user gets to use a bit of the bandwidth all of the time. It's continuous. Disadvantages; the bandwidth limited to the total bandwidth divided by the number of users currently using the network.
Time Division Multiplexing (TDM) • • • • •
Split up time. At any time, the user gets all of the bandwidth The user gets bursts of connection time. The bursts are so small you probably wouldn't notice the difference. Advantages; constant speed, good for latency needs.
Wi-Fi boxes available in consumer's homes use these techniques. Packet Switching • • • • • • •
•
This alternative is to break up the data, rather than the bandwidth. The application data gets broken up into packets. A switch stores and forwards packets across the network - a complete packet has to be received before it's forwarded on. Data comes in from multiple sources and may be going to multiple destinations, so the switches have to interleave them. The packets are thus demultiplexed before being sent. The application then receives the packets in the correct order and is unaware of the way the data actually got there. However, the amount of data going into a switch can exceed the amount of data that can come out. Rather than throwing packets away, the switch uses a buffer that the packets go into. ! An assumption is made that the data traffic is in bursts, and a buffer can level out these bursts of ! data transfer into a more level amount. Disadvantages: The packets may be lost if the buffer becomes full.
Round Trip Time (RTT) The amount of time it takes for a packet to go from the source to the destination and back. Delay in Transmission If the transmission can transmit R bits per second. Then the delay is the size of the data to be sent in bits divided by R. Transmission Time/Delay - The time it takes to process a single bit at a switch. Propagation Time/Delay - The time it takes the packet to travel between switches.
The total time to get a packet from one switch to another is the transmission time multiplied by the size of the packet, then added to the propagation time. Total Packet Transmission Time = Transmission Time * Size of the Packet + Propagation Delay Traceroute Traceroute is an application that shows the path a packet takes through a network from a source to a destination. Units of Measurement 1kbps is 1ms per bit. 1mbps is 1microsecond per bit.
Network Applications Examples include mail clients, web browsers, video games… and there are many more! A network application is an application that has parts running on different computers. They communicate over the network. They run at the edge of the network.
Architecture Client-Server • • •
•
• •
This is the architecture web browsers use. There's a server and a client! Server: Always on. Has a permanent IP address so that it can always be found. There may be multiple ! IP addresses for a popular site such as Google to improve performance. Client: Has a dynamic IP address. The client may not always be at the same address. Clients ! communicate through a server. Advantages: It's easy to find the information because the server never changes. Disadvantages: Not very scalable.
Peer-to-Peer (P2P) • •
No server. Instead, a collection of machines that change over time. Peers are intermittently connected and may have a different address for each connection. Highly scalable. Disadvantage: It's hard to manage because it can be hard to know where the information is.
Hybrid of Client-Server and P2P Voice-over-IP and instant messaging uses a central server that registers client's IP address, and then links clients together. The server sets up a P2P connection.
End-Point Implementation of Architecture Network applications run as a processes on an operating system. The ends (one at each client) communicate by exchanging messages. Messages are sent and received via a socket. Socket - is an abstraction. The socket sits between the process (application) and the transport service implementation. The application can only use this socket (set up by the operating system) and can't change it. The operating system will provide an API (Application Program Interface) which will allow a programmer of the application to make use of the socket through the operating system. One end sits in a waiting state for the connection (i.e. waiting for a message from the other system). End-point identification
IP address - tells us which computer were trying to connect to. Port number - tells us which application we want to give the information to. Implemented as a16 bit number. e.g. HTTP server: port 80, Mail server: 25. Quality of Service Parameters Data loss - We care for files or emails, but maybe not for video streaming. Timing - We don't care for file transfers, but we do for VoIP Throughput - We care for video streaming to get a decent image. Security - Encryption etc. may be required. File transfer, email, web, instant messaging are elastic applications - they just take advantage of the bandwidth that's there. Video games are loss-tolerant, and require a few kbps upwards for the throughput and has a time sensitivity of a few seconds. Internet Transport Service Models TCP • • • •
Reliable Can recover errors. Has delays in recovering errors. Example uses: E-mail, remote terminal access, web, file transfer, streaming media.
UDP • Unreliable. • No error recovery. • Example uses: Streaming multimedia, VoIP. Application Protocols • •
Enhance the transport service model. Define a request and a response message.
Ways they're defined: • •
RFCs (request for comments) - used to define worldwide protocols. (e.g. Email). Proprietary implementations - the application just decides (e.g. Skype).
Application Data The application source and destination must make sure they know and have the same interpretation of the data. The applications also need to know what encoding is being used. Compression if a form of encoding that makes minimises the size on the cable. Understanding Data Implicit Typing - the application at each end has to know what the format of the data will come in. Explicit Typing - the data has in it flags (typically 1 bit) which tells the application what's coming next. The application reads flag/data/flag/data etc. Data Conversion The data may need to be converted, for example if the size of an int is different for different applications on different systems (this is an application-layer level of conversion). Heterogeneous systems - different operating systems working together may have to be allowed for, so for example one messaging client may run on Mac OS X, whilst another client may be running on Linux - the two have to be able to communicate together and this is an application-level issue. Canonical approach - same representation across the cable. The source converts to this representation if it needs to and the destination translates from this representation if it needs to. For example, all integers could be converted to, say 16, bits before being transmitted, and then converted. Some information can be sent at the start of the transmission that identified what needs to be converted (for
example how to convert ints). This information only needs to be sent once. Binary attachments for emails are converted into 7-bit ASCII values. This encoding takes series of 3 bytes and then converts it into a ASCII values. This is base64 encoding. Application Extensibility Communicating between different versions of the application can cause problems. You want version 2 to be compatible with version 1. If this is possible then application extensibility is achieved.
Case Study: Telnet • • • •
•
A remote login application. Uses a canonical approach - there is a representation of what a terminal is. Issue: An end-of-line is denoted differently on different systems. Telnet defines that it will always be a carriage return and conversation will have to take place if needs be. Issue: Telnet embeds control into the data stream. Sometimes the user will type the IAC (control) character into the data. In order to get around this, if you want to type this character then you have to type it twice. Options (extensibility): Do/Don't and Will/Won't commands - so that if a command from a higher version is called to a lower version, the lower version can just say "Won't" back - so now the older version knows it can't do it and extensibility is achieved.
Case Study: File Transfer Protocol (FTP) • • • • • • • • •
Client indicates transfer. Server remote host. Issue: is it binary or textual data? How do you handle the end of line? How do you separate the control from the data? FTP completely separates the two. It opens two connections - one for control and one for commands. FTP has some state - it remembers your working directory, whether you're logged in or not. Example commands: "USER username ", "RETR filename ". Responses come back as ASCII values. Numeric and textual information. The numerical representation refers to the message that should be displayed.
Case Study: Web and HTTP • • • •
•
•
•
• •
Client-server model. Client sends a request and the server sends something back. Uses TCP and port 80, which has been universally accepted. Stateless. Every time the client sends a request, it is treated by the server as if its never communicated with ! the client before. Maintaing state becomes to complicated - because it's a distributed system, its possible for one ! end to crash, or bits of the network can go down. A form of recovery mechanism would be required. Because of these complications, HTTP decided it's not gong to bother with state. ! The protocol has no concept of state. BUT cookies can allow a form of state. A client sends a normal request. ! The cookie can be sent back in the response message header lines. ! The client can then use this cookie when making further requests to the server, with the cookie ! being sent in the header file of the request message. The server can then know things about the client with this cookie it receives. ! The server can perform backend operations with a database before sending back information ! relating to the user. The cookie is managed at the client end in the user's browser. ! Non-Persistent connection - the client has to establish a TCP connection with the server in order to establish the connection. Having done that, the client can then request the object it is after. The server then responds by sending this information. The connection is then closed and if more data is required (for example a link in the data received is followed) then the connection has to be re-established. Two round trip times are necessary per object; one to set up the connection and one to request the file. However, it is possible to ask for 10 objects and get them all back (reducing the amount of round-trip times). Every connection has an operating system overhead. Multiple connections has an effect on the scalability because the server las a limit on the maximum
•
•
• •
•
•
connections it can have open. When the first versions of the internet were being designed, the developers never thought about the huge number of users that might want to connect to a single server. It never occurred to them what they could do with it (scalability wise). In response to these issues, a second version was developed so that the connection doesn't have to be closed. Now multiple connections don't have to be re-setup which takes a lot of the load off the server. The data is ASCII encoded. Binary format would be more efficient but ASCII makes it easier to debug. Data and control is embedded. Each send and receive packet has a header. The header tells the server information about what the client wants to get or send send and ! where, or what is going to be received (how big, what type, the date, other information). A carriage return signals the end of a header. ! HTTP request methods: GET ! HEAD ! POST ! PUT ! DELETE ! Web caching A cache keeps a copy of web items, which avoids re-fetching from the server. ! Reduces the amount of connections to the server. ! Very cheap compared to upgrading the network speed. ! If the version on the server has changed, then the information in the cache is not required. ! The server can be asked if the version it has is different to the one in the cache. ! Response header files also control caching. !
Electronic Mail Mail servers: • Dedicated mail servers are used to hold all the user's messages. • There's an outgoing queue of messages. • Mail must be sent to the correct server, which must then go into the correct mailbox on the server. • The server is often acting like a client in sorting these things out. User agents: • Accesses the correct mailbox on the correct server. There are a large number of sending protocols: • SMTP (Simple Mail Transfer Protocol) Three phases of transfer: ! 1. Handshaking 2. Transfer of messages 3. Closure. All messages must be 7-bit ASCII text. ! It's about allowing your message to move backwards and forwards through the system. (It's like the envelope). The end of the message is signalled by a single full-stop on its own line (because a blank line may be in the email message). Basic email format: • Header lines (to, from, subject etc.) • These are followed by a blank line and body (the main message of the email and attachments via MIME). MIME (Multipurpose Internet Mail Extensions): • Allow non-ASCII character sets and file attachments to be sent via the e-mail ASCII-encoded systems. • Additional header lines are defined in order to tell the client to interpret the data in the message in a different way. • Content types - discrete types (e.g. image/gif, text/plain), application discrete types (the subtype is application, followed by the type e.g. "application/word" it means that this application is responsible for interpreting this section), multipart type means that the body can contain multiple types. MIME Encodings: Only 7-bit ASCII values can be transmitted, so a message that is a straight text message doesn't need any translation. However, non-ASCII characters have to be translated into ASCII values and then translated back
at the other end. Base64 is the main encoder. As previously mentioned, this encoding takes groups of 3 bytes and translates them into 4 ASCII characters. Server access protocols for e-mail: • POP The user agent communicates with the server and downloads all the messages. ! So you can really only use one client, as the emails are being downloaded to this single client. ! • IMAP (Internet Mail Access Protocol) More features but more complex. ! The client manages the emails on the server, as opposed to getting a copy. ! The messages stay on the server, so whatever client you use you always get the same state of ! your messages. • HTTP (e.g. Gmail, Hotmail etc.) Probably still uses POP and IMAP underneath. !
Web Address Name Lookup Humans can easily remember names e.g. ebay. When you use a name, the numerical address is looked up. Characterised as middleware, as name lookup is part of an application protocol. It's a service for users so they can just use names. Domain Name System (DNS) provides the mapping. Resolution is the procedure that performs the mapping. The name server is an implementation of the resolution. DNS • • • • • •
• • •
•
• • • •
•
•
•
Hierarchical namespace for internet objects (e.g. .co.uk, .com, .ac.uk are different hierarchies). Names have to be unique. But not worldwide unique, just within the hierarchy. Decentralising because there's a lot of name mappings out there, so the looking up of these names has to be optimised. It's a "decentralised database" (but not a real database). There's global coordination of the names. A top organisation manages the top-level names, for example .com names. The organisation delegates down to other organisations lower-level hierarchical names such as .co.uk. Further delegations are made, such as .ac.uk. Worldwide coordination. Looking up the address for a name is done by first querying the root name server. There is an implicit dot ('.') that's never written at the end of a web address. This is the root server. The principle is that the name server for the next level down is then looked up at the current name server, so the root server can be queried for a '.com' server, which can then be queried for 'google.com'. The implication is that the traffic levels for the root servers will be huge - so the root servers are distributed across the world to spread out the load. The root server that's closest is the one that's looked up. There are around thirteen major root servers across the planet, with the majority in the USA. ISPs, companies and universities have local servers. Host queries are sent via a local DNS server that can act as a proxy forwarding the query into the hierarchy. All name servers can cache mapping they discover, which speeds up the response to queries and minimises the remote load on the servers. DNS: Iterative Resolution for name lookup A host sends the name of the server it's after to a local DNS server, which then asks all the other ! servers for the name before sending the name of the server that has the name back to the original host. Lots of network traffic. DNS: Recursive Resolution for name lookup A host sends the name of the server it's after to a local DNS server, which then asks the next ! server if it doesn't know, which then asks the next server if it doesn't know and so on, until the server that knows which computer has that address responds, to the previous server, which responds to the previous server, and so on until the information is passed back to the original host. DNS Zone
! !
A zone is a collection of resource records. A record has the format,
. Type specifies how to interpret the file (A = address, NS = authoritative name server for ! zone, CNAME = true name of alias, MX = mail exchange/relay for zone, PTR = used to map addresses to names). Class defines purpose, which is an extension mechanism because at the moment it's only ! ever set to IN (internet). TTL is the time-to-live. !
Multimedia Multimedia is anything that is transmitted over a network that is not ordinary textual data. Examples include pictures, movies and sound (voice or music). Most forms of media have analogue representation, yet we can interpret it as binary data. We can convert sound wave voltages into binary information for transfer or manipulation, and then convert it back to analogue in order to play it back (for example when playing back sound through some speakers). Text when stored into a computer using binary data is very small, but sounds and videos can be quite large in file size, as well as being of mixed formats, requiring multiple interpretations. Because of this, we have to be aware of the amount of network bandwidth available for transmitting large files. Data can be delivered via: • Telephone line - uses a piece of copper with a very limited bandwidth. • Broadband - uses the same copper wire but can now go up to 20mbs. • Fibre optic - much more bandwidth still. • Data networks - such as ethernet, and backbones to ISPs. • Broadcast television - now converging to broadband multi-service networks. HD television shows are becoming available over a broadband link. Media is delay sensitive. When playing media from a remote source, you have two options; either you download the entire media piece and play it back, or you ensure that enough of the data has been transferred before playing it back. Media is loss tolerant. You don't notice small irregularities if the data received isn't exactly the same as what was sent, although there is a threshold point beyond which the user starts to notice. There are methods of testing what this threshold of loss toleration is (such as investigating the percentage of randomised pixel data in an image before the quality of the image becomes unsatisfiable).
Networks That Can Allow Multimedia Access Plain Old Telephone Service (POTS) • • •
Phones are connected via a copper wire. The circuits were switches in ordered to connect to ends and create a contiguous circuit from the source to the destination. The bandwidth is also very limited and can only transmit around 4kz of sound (human voice and music requires approximately 20khz to capture the relevant information).
Cellular Mobile Phones • • •
•
•
All digital. Information can be compressed further/better. The phone makes the audio to digital data conversation, compresses it and sends it to a Base Transceiver Station (BTS), which then passes it via a standardised Abis Interface to a Base Station Controller (BSC). The Base Station Controller then uses another standardised interface to send the information to a Mobile Switching Centre (MSC). SS7 (Signalling Service 7) is used to set up connections and tear them down. The information continues to move across the backbone of the phone network using standard IP and networking. 2G phones can't use VoIP. GSM (the phone standard) uses a time sharing system that uses eight slots per transmission channel (each users gets 1/8th of the transmitter at a time and only gets this time with the transmitter in bursts with long pauses between). 3G uses a bandwidth dependant on what other users are doing and you don't have to find a slot on the transmitter because you can always connect. The bandwidth is greater but still not great - but good
enough for the size of the screen you're using. The Internet • • • • •
1-2 billion PCs hooked up. 3-4 billion mobiles phones. 80-100 million data servers. Lots of different types of network (e.g. LAN, MAN, WAN) make up the internet. All the data is in packet mode (discrete little blocks of data being sent from one place to another).
Broadcast Television A much more effective mechanism for broadcasting the same data to a wide range of devices. Much better than the internet, because if the same amount of people try to get hold of the data via the internet, the servers will become overloaded.
How To Get Media A simple approach to getting media • Audio or video is stored in a file. • Files are then transferred as HTTP objects embedded in TCP. The client then received the data, and passes it to the player. • This is not streamed - just getting a simple file! There's a long delay before you can play it back because the entire file has to be downloaded to the client's local machine. Streaming live multimedia • Client requests the media data stream. • The server then sends the data across. • The data is then stored in a buffer when it arrives, and is played back to the user from this buffer. • An initial delay is set up so that the buffer has a bit of time to fill up. • Rewind and pause is possible, but fast forward is not possible. • If the buffer is under-filled then the video will stop and start. Real Time Streaming Protocol (RTSP) • A metatrack has all the information about the streamed media that the player can then use to get the data its after. • Can be used between the client and the streaming server. • If the delay across the network changes, then the buffer time has to be adapted. • A buffer is a block of memory that you can put things into. You have a variable fill rate, a constant drain rate. So long as the fill rate is greater than the drain rate everything will be smooth. If the buffer fills up, it can give the server a rest. Real Time Interactive Multimedia and Internet Phone • As small a delay as possible is desired. • Some packets may get lost, or some may arrive in a different order. At the receiver's end the packets must be reassembled in a sensible and coherent way before data is played to the user. A buffer is used to facilitate this. The buffer will allow for jitter (the variance in the delay) and make the delay be a set amount as opposed to a varying amount which could cause problems with the smoothness and quality of service of transmission. • Packets are sent every 20 milliseconds. Ideally at the client every 20 milliseconds a packet will arrive and be played back. Again, a buffer and fixed delay time will have to be incorporated to make sure that this happens over time, and to compensate for jitter. • Fixed play out delay - delay the playing of the data by a value of q, so that if data arrives late then it won't be disregarded because it's missed it's time to be played. A value of q must be selected to maximise the amount of packets that won't get lost, but also minimise the delay so as to make a more interactive experience. An adaptive pay-out delay could be used. Most multimedia is transmitted via TCP or UDP. Some media transmissions will also use RTP or RTCP, which are extensions of UDP.
Transmission Control Protocol (TCP) TCP sets up a connection before use and tears it down afterwards. Connections are useful for maintaining state. There is a delay in setting up the connection. TCP operates using a byte stream, which is fragmented into packets - not samples. The data (such as sound or video) that is to be transmitted must be broken up and then sent, which may then be received in a different
order and have to be re-arranged. If there's an error (such as a packet being lost) then a retransmission will have to take place - which increases the amount of delay. In TCP the sequence numbers are used to determine the order of packets. The sequence numbers are limited to 32 bits, so the sequence number may go round the count. This not often an issue but it can cause problems. TCP assumes that there must be congestion within the network if packets are being lost or arriving late, and it can slow down the transfer speed by lowering the value of the window size (which may even be set to zero).
User Datagram Protocol (UDP) UDP differs greatly from TCP. UDP has no concept of a connection, therefore it's up to the application to keep track of any state that may be desired. It sends a packet stream instead of a byte stream and it's up to the application to decide how much information should be put into a single packet, as well as when the packets are sent. UDP operates as a "fire and forget" protocol. Packets can overtake each other. The delays will vary, resulting in a large jitter. There are various options to an audio streaming application, if the packets arrives too late: • Play silence - works quite well if this is very rare. • Relay the previous packets. • Try and predict what's coming next. • If a packet is missing but the next one is here, just play the next one. For media you need quality of service, so we want the "best effort" to get this. Best effort is the idea of the protocol doing the best it can to deliver the data, but, if things go wrong then it's not the end of the world. The internet gives no promises. Sometimes the messages don't get delivered properly. Causes of packet delay: Encoding, sampling, packetising. Queues and scheduling at the router. Decoding, de-packetising etc. Multi-media is delay sensitive, so we care about the best effort: • • • • •
Delay - the difference between the time sent and the time received. Jitter - the difference between the delay for the current pack and the previous one. The delay and the jitter can be taken as an average over a period of time, which can be used to find resolutions to network problems (more on this later). Loss tolerant - infrequent losses cause minor glitches. Opposite of data transfer (files, web pages etc.) - data is loss intolerant but delay tolerant.
Real-Time Transport Protocol (RTP) RTP specifies the packet structure for packets carrying audio or video data. Each RTP packet provides a payload type identification (e.g. MP3, Mov). It also provides a packet sequence number (a 16 bit integer), which will be counted much more slowly than counting data bytes as in TCP, as well as a time stamp. When the delays occur, the receiver can put packets into the correct order, should they arrive out of order. RTP runs in end systems and is an application layer protocol, but is transport oriented. An RTP packet is normally an encapsulation of a UDP packet but it doesn't have to be. RTP does not provide any mechanisms to ensure timely delivery or quality of service, and has no control over the network in-between. RTP Header: • Payload type (7 bits) - indicates the type of encoding being used. • Sequence number ( 16 bits). • Time stamp (32 bytes long) - sampling of the first byte in this data packet. • SSRC (32 bits long) - identifies the source of the RTP stream. For example, using sound and video would have two unique SSRC numbers.
Real-Time Control Protocol (RTCP) Each participate in RTP will periodically send RTCP information to other participants. Each RTCP packet will contain information about the jitter, the loss rate etc. etc. The sender can then adapt to what's going on within the network. RTCP Process:
• • • •
•
The sender sends RTP and RTCP to the internet, which goes to a number of receivers. The receivers then send control packets back to the sender. Receiver report packets include the fraction of packets lost, the last sequence number, the average inter-arrival jitter. The sender report packets include the SSRC of the RTP stream (this is the ID it's using), the current time, the number of packets sent and the number of bytes sent. Source description packets include the email address of the sender, the sender's name, the SSRC of the associated RTP stream - the aim of which is to provide a mapping between the SSRC and the user/ host name. We can now synchronise streams.
RTCP attempts to limit its traffic to 5% of the session bandwidth. RTCP gives 25% of the speed to senders, and 75% to the receivers.
Recovery From Lost Packets This can be achieved using a variety of techniques. Retransmission Lost packets in multimedia are either packets that really were lost, or were received too late. If we're expecting a packet and it doesn't arrive, we can send a NACK, which can be much more efficient than sending an ACK for every packet. If the packet just arrives late, then multiple copies may be received (the retransmission and the original late packet). If a packet arrives with the same sequence number as a packet that's already been received then it's simply thrown away. Retransmission delays can be very large. Forward Error Correction: Errors can be detected with CRC checksums (optionally used in UDP). Simple scheme - for every group of n chunks of data send out n + 1 chunks. The additional chunk is the XOR of the original n chunks. If data is lost then the XOR can be used to work out which bits should be there. Multiple packets can be XOR-ed together one after the other to achieve this extra XOR packet for several packets. This only works when one packet is lost. However, this mechanism adds to the play-out delay because the receiver's sending out an extra packet every n packets. Another idea is to send two versions of the same media, a compressed lower quality and a higher quality. When the network begins to struggle with load, then the lower quality stream can be switched to and vice versa. Interleaving - the data is divided up and split it up to n packets. These packets are then mixed up to form a new set of packets, "interleaved" with the information. The packets are then reassembled with the correct information in each at the receiving end. If a packet is lost then n /data information is lost across the data so it's not as noticeable.
Routers Providing Quality of Service Quality of service is about trying to find the best service over the resources you have. Packets are divided into different classes and isolated. These classes are then allocated resources. Fixed, non-sharable bandwidth is allocated to the classes. At a router, packets can arrive in any order - they go into a queue. If the queue becomes full then packets have to be dropped. Particular classes of router can have a higher priority for their packets to be dropped. Scheduling Policies for Routers Prioritising - assigning priorities using classes to different routes. Classes with a higher priority will be forwarded first. This may not be fair on some classes. Round robin - going round all the classes and forwarding a packet from each. However, if there's congestion then classes such as 'Voice Data' may arrive too late. Weighted fair queue - different classes of data coming in are divided into a different set of queues, so they each get a fixed proportion of the bandwidth. Policing Traffic Traffic arrives in bursts. The aim of a policing mechanism is to limit the traffic to three set parameters:
1. Long term average rate - the number of packets that can be sent per time unit. 2. Peak rate - the maximum number of packets that can be sent at one time in packets per minute. This must support the long term average rate above. 3. Maximum burst size - the maximum number of consequentially sent packets. A token bucket is used to throttle and limit the burst size and average rate. Tokens are added to the bucket periodically. In order for a packet to pass through the router it must obtain a token from the bucket. This consequently means that if too few data is provided then the token bucket will fill up with tokens at a dynamically changeable rate, and if too much data is provided then the token bucket will be emptied of tokens. If there are no tokens then the data has to wait for tokens to become available before it can continue through the network. If there are lots of tokens then a burst of data that is received is just forwarded through. Content Distribution Networks (CDNs) Content Replication Origin server with all the original data -> distributes the information to multiple systems spread around -> accessed by the user. DNS can be used to replace (redirect) a query for a document to a more local query based on your current location. This system can also be used to determine the data to be sent based on your location (such as local language). CDN creates a "map" indicating distances from leaf ISPs and CDNs. It picks the closest CDN and redirects a user's query accordingly. The traditional client-to-server is inefficient for mass downloads. The servers can't handle the vast quantity of users demanding the data. Peer-2-Peer The client sends out a query which searches for the file on other machines recursively until one system replies that it has the information. The same document can then be sent to multiple systems so there are multiple locations to get the data from. The load is now distributed and much lower. There's no heavy load on one single server. Bit Torrent uses a swarm of machines (any machine currently connected to the bit torrent facility) and a tracker. When you request a document, the tracker then asks the swarm for the information and gets a section of the data from each machine. The information is now coming from different machines so it's even more distributed. However, the upload speed of user's client is often slower than that of a dedicates server.
Transport Layer Services and Protocols The transport later provides services to the application level. These services need to know what the requirements are in the application layer (e.g. connectionless and quality of service). The transport layer provides a layer of abstraction for the upper application layer (which shouldn't have to worry about how the transport of data occurs). Practically, network applications run as processes, so the transport services provide a process-to-process link. A computer needs to know which process to deliver the data to. The transport services are still concerned with the edges of the network. On the sender's side, the data is broken into segments (different to packets) and passed down to the network layer. On the receiver side, the segments are reassembled and passed up to the application layer. Identifying Processes We need to identify which process the data goes to. The operating system process identifier can't be used because this identifier is allocated dynamically - so there's no uniformity. To identify processes with networks ports are used (a port is a 16 bit value). For example, a web browser uses port 80. Ports are also identified with the protocol that's using it, so UDP 28 is different to TCP 28. Some services use both protocols and so have two ports (the same number is often used for convenience). The issue is how to know the port numbers. With client-server architecture, the server has a fixed, universal central port number (e.g. web server has port 80). The client's port number doesn't matter because it can let the server know what it is. Typical setup: the network application process is run by the operating system, and a random port is assigned
to that process. The application (running as a client) then sends a message to the server with information about its port number. When the server then sends back information, it supplies the port number it received so as when this information is received by the client it can be passed to the correct process. There's a buffer for each of the applications. When the information arrives, the transport layer puts the information into the correct buffer. The data will then wait there for the application to request it (when it's ready). The buffer is of a finite size, so when the buffer becomes full then the information is thrown away (this may waste the network connection because the sender will keep sending the information, as no acknowledgment will be sent back).
Transport Layer Protocols User Datagram Protocol (UDP) "No frills" internet transport protocol - a simple protocol. UDP provides a "best effort" service, which means that UDP segments can be lost and delivered to an application out of order with no form of recovery within the protocol itself. UDP is connectionless (no handshaking is required), which means that there's no connection-setup delay like in TCP. UDP's main advantages are it's simplicity, as well as there being no congestion control to slow it down, and the segment header being very small. It's usually used for multimedia transfer. If an application wants reliability however, it will either have to implement it for itself, or use the TCP protocol instead.
Recovering from Errors in General (TCP will be later shown to implement some of these…) Two main mechanisms: An acknowledgement - a control packet that's sent from the receiver to the transmitter of the data packet that's being acknowledged. This control packet confirms that the packet has been received. A timeout - the amount of time the transmitter waits for an acknowledgement. The transmitter keeps a copy of the data sent. Automated repeat request. ARQ (Automated Repeat reQuest) Mechanisms Stop-and wait Explained using examples... 1. Sender: sends data. Receiver: successfully receives the data. Receiver: sends back an acknowledgement. Sender: receives the acknowledgement. 2. Sender: sends data. The data is lost. Sender: timeout expires. Sender: sends data again. Receiver: successfully receives the data. Receiver: sends back an acknowledgement. Sender: receives the acknowledgement. 3. Sender: sends data. Receiver: successfully receives the data. Receiver: sends back an acknowledgement. The acknowledgement control packet is lost. Sender: timeout expires. Sender: sends data again. Receiver: successfully receives the data and may make a duplicate copy (not desirable). Receiver: sends back an acknowledgement. Sender: receives the acknowledgement. Sequence numbers are used to prevent duplicates. Only one-bit is needed if an acknowledgement is always
required, which alternates on each new data send. Stop and wait is not very good because when data could be being transferred, the transmitter is instead just waiting for an acknowledgement. So instead sliding windows are used... Sliding Windows Multiple packets are sent, and only acknowledged every so often. The window size is the number of packets that can be sent before the sender requires an acknowledgment. So every, say 8 (if the window size is 8), packets the sender requires an acknowledgement that lets it know that the previous 8 packets have been received and the window then moves along. If the receiver gets a packet that comes out of order to the one it was expecting, then it can't acknowledge it because it hasn't yet got the one before it. If the packet it was expecting arrives late, then the receiver can just acknowledge the most recent packet in order it has. If the packet was lost, then the sender's timeout will expire, and it'll send the whole window of packet's again - including the packets the receiver already has. This is refereed to as a "go-back-N" (GBN). However, it is not desirable to have to resend everything within the window. Instead, a NACK could be sent for the packet that was missing which arrives before the sender's timeout expires. The sender can then only resend the packet that was NACK-ed, which would save the amount of retransmission required. Or, a selective acknowledgement could be used. This is sending an acknowledgement for every packet received. When the sender's timeout expires, the sender only resends the packets that it doesn't have an acknowledgement for. Using sliding windows, 100% network utilisation can be achieved. Sequence numbers are implemented using a fixed size integer. This number is minimised in order to minimise the header overhead. A 3 bit sequence number could be used (which means the packets will count from 0 to 7 round and round). In this example a window size of 8 would be ideal. Issue: if an acknowledgment using selective acknowledgements is lost then the sender could send duplicate packets to the receiver and the receiver would treat them as new. The solution is to use a maximum window size that is half the maximum sequence number so that for the first set of acknowledgements a different set of numbers are used to the second set acknowledgements. These sequence numbers would then alternate in a binary fashion.
Transport Control Protocol (TCP) TCP is a Connection-Oriented Protocol This means that there's a state that's kept at each end of the communication. TCP is a reliable protocol because it provides a service that handles any errors that can occur using error recovery techniques. TCP uses a finally tuned congestion control mechanism - it reduces the amount of data being sent when it detects that the network is congested. The data is always delivered in the order it's sent because an acknowledgement for each packet is required. TCP uses buffers to send and receive the information before passing it to the application. A connection identifier is used in the header files, using the source and destination IP address and port number. The application passes its stream of bytes it wants sending to TCP, which puts it into packets and a send buffer. TCP can then choose how much to send from the buffer depending on the network congestion. When they're received, the packets are put into a receive buffer, from which the application can decide when it wants to read the packets. However, a key disadvantage is that if one end crashes, then the state at that end is lost. This means that there's no way to perform a recovery, the connection will have to be set up again and everything will have to be sent again. TCP is Reliable TCP's reliability is achieved using a sliding window, go-back-N (cumulative ACKs), sequence numbers (for bytes - not segments) and a single retransmission timer. Sequence numbers are used for every single byte rather than every segment (in UDP). This is because segmented data can cause problems with TCP's error recovery. If segmented data is used for transfer, then the sender will send whatever segments are in its send buffer. If a retransmission is needed then there may now be more information in the send buffer (because new data to be sent has been added after to the data the receiver hasn't yet received). The retransmission will
send all the data in the buffer, and the receiver will get more than it was originally supposed to all at once. So if the sequence number counts segments, then the numbers would be meaningless, as this segment of data is now different to what it should have been (because it effectively is a combination of two segments). If each byte is numbered, then the receiver can tell exactly what it's receiving, and duplicate information can be identified. A TCP acknowledgement acknowledges by stating the byte sequence number that it next expects to receive that's just how it works! Sequence numbers are 32-bits long. The sequence number of the first byte in the segment is needed, and the other sequence numbers in the segment are implicitly calculated form the first. Sequence numbers in each direction of the transmission are independent of each other. The value of the retransmission timeout can't be too small (retransmission will occur too often), nor too large (excessive delays before a retransmission takes place). An appropriate value will to the round trip time. Because the round trip time varies depending on the current level of traffic going through the network an adaptable algorithm is needed. This algorithm can determine the current round trip time and adjust the the timeout accordingly. There are three main algorithms for this: 1. Basic algorithm - set the timeout time to twice the roundtrip time (gives enough margin). An average round trip time (and thus the timeout time) is taken, which is updated every time a packet is received (because the round trip time can be calculated every send-receive-acknowledge cycle). However, the problem is that duplicate packets being retransmitted can be received, which will make the average less representative. 2. Karn/Partridge algorithm - only measures the round trip time for non-retransmitted segments in order to work around the issue outlined for the basic algorithm. 3. Jacobson/Karels algorithm - more suited to communications where the round trip time is more varied and an average isn't appropriate. This algorithm takes into account the variation in the round-trip time (the jitter). TCP Data Flow Control The receiving buffer has a finite size. If the data is arriving more quickly than the application reads from it, then the buffer will fill up. When the buffer becomes full, the receiver can't acknowledge any more data that it receives (because it can't store it anywhere so it'll just loose it). The sender's timeout will expire and a retransmission will take place. Because the receiver's buffer may still not be empty this loop will occur and the transfer will be wasted sending the same thing again and again until the buffer is emptied. A mechanism is required so that the receiver can control how much information the sender is sending. This mechanism is known as flow control… The sliding window size is not fixed. In the acknowledgment, the receiver lets the sender know how much data it's prepared to receive. The window size can be set to 0 (so no more data is transmitted until the buffer is freed, at which point the receiver will re-acknowledge the last byte with a non-0 window size). The flaw is that the re-acknowledgment packet could be lost, which would cause a deadlock. The solution is that once a window size of 0 is set at the sender a much longer timeout is used (such as two minutes) before sending the next segment as normal. Because the window size is determined in a 16 bit value, the maximum window cannot exceed 64kb. This means that for very fast connections the network cannot be fully utilised as the sender will be waiting for the acknowledgment after sending its window. One solution is to use multiple TCP connections. Another solution would be to use a multiplier factor of, say 10, for the sequence number and window size, so that a segment can go up to 640kb. TCP Connection Control Setup is asymmetric, as one side is active and the other side is passive. The teardown is symmetric, as both sides must perform a close symmetrically. A three way handshake is used to establish a connection: A - sends a packet across to B, setting the SYN control flag and an initial sequence number B - acknowledges this packet, sending its own initial sequence number by setting the SYN control flag. In the reality of networks, data can become lost and re-emerge a lot later. If a first TCP connection is set up and torn down whilst information from this connection is still travelling through the networkand a new connection is set up using the same addresses and port numbers, then when the data is finally received it's treated as data for the new connection (if it's within the window size expected). If the sequence number is not set to zero every time, then sequence numbers in the window the receiver is expecting will be different, so the old data will be thrown away when its received because it will have a sequence number outside the window
of sequences numbers that were expected. This is why TCP negotiates an initial sequence number. TCP control is defined in a state transition diagram, which gives a structured method of laying out the protocol. TCP Congestion Control TCP implements an algorithm that attempts to detect if congestion is occurring within the network. If an acknowledgment is received, it determines that there was enough space for that segment to go through - so it increases the amount of data it sends. When a segment gets lost, it determines that there must be congestion, so it decreases the rate in which it sends data. The increase of data occurs slowly, where as the decrease in the data rate occurs very sharply, so a graph showing the amount of data TCP is transmitting would look like a 'sawtooth'. When TCP first connects, the transfer would be very slow by the rules of congestion control just outlined. So, a different approach is used when the connection is first established. As soon as the sender receives an acknowledgement it doubles the rate it sends data (instead of the normal, slow increase) until a particular threshold is met, at which point the sending rate increases using the standard slow increase. TCP Fairness TCP tries to divide the connection bandwidth between the number of TCP connections currently active. But, if an application opens up multiple TCP connections, then that application will get an unfair share of the connection (TCP will have no knowledge of this).
Inter-Networking A collection of networks (each with their own address scheme, service model etc.) can be made to look like one huge, single network. The Internet Protocol (IP) manages to achieve this. Differences between physical networks: • • • • • • • • • •
Service model - connection-oriented or connectionless. Network level protocols being used: IP, IPX, AppleTalk Addressing - flat (no structure to the address - you can't tell anything about the address from the bits), hierarchical (structured address). Broadcasting and Multicasting: whether or not they're supported. Maximum packet size. Quality of service - supported or not. Error recovery - performed or not. Flow control - supported? which mechanism - sliding window? Congestion control - which mechanism? Security - privacy rules, encryption being used?
IP has to work round all these differences and create a uniformed network where it doesn't matter what the individual attributes of linked networks are. IP introduces a secondary, universal, logical, address space which maps physical addresses to logical addresses. This is to give every location a unique universal identifier across the planet. Different sizes of physical packets can be uniformed by setting a packet size. The minimum packet size depends on the path being followed through a network, which could vary. The packet formats can be different. The packets could be translated at each piece of technology, but this is not always possible, so a new universal packet format may need to be introduced in order to encapsulate packets. Broadcasting can be implemented by sending messages to every single computer on the network (multiple unicasts). Service Model This will be provided to the transport layer that the other layers that exist above.
Internet Protocol (IP) The only realistic option to achieve worldwide host-to-host delivery.
Runs on all hosts and routers in the network. Service model Connectionless - it places minimal demands on the underlying networks. Part of the result of this minimal demand is that it will work on any network technology, and has worked on all technologies since it was developed in the 1970s. Unreliable - no error recovery. Best effort delivery. A unique address is needed, with global coordination of these IP addresses. All the numbers are ultimately controlled by the Internet Corporation for Assigned Names & Numbers (ICANN), which delegates blocks to Regional Internet Registries (RIRs). Universal Packet Format (Datagram) This has sufficient information to reach the destination and encapsulates the data from TCP/UDP etc. This is then sent across the network via forwarding, which is a distributed sequence of decisions to make the next "hop". The contents of the packet header are as follows: • • • • •
•
The first few bits contain the IP protocol version (typically v4 and v6 are in use at the moment). There's a 32 bit source IP address. There's a 32 bit destination IP address. Options can hold a timestamp, record of the route taken, or a specified list of routers to take. In order to stop an IP packet going round and round the network, the packet header also has a time-tolive which is decremented each time it passes through a router. Once it gets down to 0, the packet is deleted and the source IP address is notified. There's information about the upper layer protocol to use.
Datagrams must be encapsulated into a physical frame to be transmitted across the physical link layer. The physical address must be mapped to the logical IP address. MAC addresses aren't used, instead, an Address Resolution Protocol (ARP) is used, which is associated with Ethernet/IEEE 802.3. This is a broadcast message which asks for the physical address for the IP. The system with the physical address of the IP address responds with the physical address. In order to reduce the amount of traffic caused by this protocol, the responses are cached and nodes along the network will also cache queries they see. If a packet is too large for a network it's about to enter, it is split up. There are fields in the header of the datagram that allow the packets to be reassembled, which occurs at the final destination. The network becomes more unreliable the more the packet is split up. Dynamic Host Configuration Protocol (DHCP) is used to configure a host with an IP address, so that information such as the default router, netmask and DNS servers are known. It's a client-server protocol. When a client starts up, it broadcasts for the DHCP connection information. The server then sends back the details of the configuration. The DHCP server is part the routing hub. Clients can use static or dynamic address assignment. An organisation may want to restrict access to its network. This can be done using your own cable, although this can be very expensive. Instead, a virtual private network can be implemented which creates a secure tunnel between two ends. All the data has to pass through this tunnel. Network Address Translation (NAT) allows multiple computers to share a unique worldwide address. Local addresses, such as 192.168 known as private addresses. Packets from these addresses that want to go to another network have to go to a NAT box, which maps the address and port number to a worldwide address and vice versa. To a private network, the NAT box works like a router. Internet Protocol Version 6 (IPv6) The motivation to develop a new version of the internet protocol was to deal with the growth of the internet. The datagram format had to be changed for the new version, for example 32 bits for an address was determined to be too small to hold all the network addresses one would want to use, so it was changed to 128 bit - which means that every atom on the planet can have its own unique IP address - but who knows, maybe things in space may need IP addresses - planning for the future! Multicast is to be implemented, which means that computers will be able to broadcast beyond the local network. There will be a method of specifying how far you want to broadcast.
The Link Layer I Overview
• • •
Hosts, routers, switches and hubs are known as nodes. Communications channels are known as links. Layer 2 packets are known as frames.
The main aim of the link layer is to provide node-to-adjacent-node transfer of a datagram over a link. Services required to achieve this main aim Framing - encapsulation needs to take place to a packet before it can sent. Nothing about a packet that is received is looked at. Sharing - if a wire is to be shared this needs to be supported by the link layer. Addressing - one machine needs to know what the other machine is that it's trying to communicate with is. Flow control - the amount of data that's being sent needs to be controllable. (This is despite higher-level protocols such as UDP having no flow control). Error correction - forward error correction and other techniques are required at the other end in order get around realistic problems of the network. This is to give the layers above the illusion of a reliable network. 1 bit in a million is the typical error rate for an Ethernet cable. 1 bit in a billion billion is the typical error rate in fibre optic cables. Much more than 1 bit in a million is the typical error for wireless communications. Full or half-duplex - determining the direction that information can be sent at one time, or whether information can be sent in both directions. Where is it implemented? In every node and in every adaptor such as a network interface card (NIC) - such as an Ethernet card. The link layer is not handled by the CPU (which handles all of the higher network levels). Instead, the link layer is handled by a controller in the network card that passes information to a host BUS, which then passes it via interrupts and registers to the CPU. Network adaptor sending: Encapsulates the datagram in a frame, adding error checking bits, flow control and more. Network adaptor receiving: Checks for errors, flow control and other information in the frame. It extracts the information from the datagram and passes it to the upper layer at the receiving side.
Packet Encapsulation A header and a tail is added to the message, which is taken off when it's received. Ethernet frame structure: Header: Preamble - allows the receiver to learn what's going on during the networks. The preamble is set to 1,0,1,0, .. etc. a number of times. The preamble is known, so errors in it can be learnt and recognised to be possible flaws in the network. Start of frame delimiter - lets the receiver know that the rest of the frame is about to continue, again preset. Mac address of the destination - 48 bits in size. Mac address of the source - again 48 bits in size. Ether-type or packet length - so you know much encapsulated data you have. Tail: CRC32 - A cyclic redundancy check - calculated by the sender and checked by the receiver to see if the data has been received correctly. Not perfect. It's possible to pass the check and be passed up to the other layers despite there being an error. Inter-frame gap - a bit of space before the next frame comes along. Flow Control Optional. Most network cards do have flow control. The aim is to ensure that the receiver's buffer doesn't overflow. Implemented via either: • Handshake - a wire can be set to high or low to indicate whether the receiver is ready or not. This can also be done using a software interpreted X-ON/X-OFF.
or... • or... •
Open-flow - pre-reserve and negotiate some of the resources of the receiver in order to deal with the sender's data. A protocol that handles this idea is Connection Admission Control (CAC). Closed-loop - a method of reporting resource availability and resource needs and sending data according to these reports. A message is broadcast to a special multicast address with a 16 bit time request for a pause in the data transmission. The Asynchronous Transfer Mode (ATM) has an Available Bit Rate (ABR) which guarantees a minimum bit rate to a sender and allows the receiver to report back congestion - at which point the minimum bit rate is used.
Link Layer Addressing IP Address: • 32-bit. • Network-layer. • Used to get a datagram to a destination IP subnet. • Partially geographical. MAC Address: • MAC address is the link-layer address of your machine which is essential for communicating with anything. • LAN. Physical. Ethernet. • 48 bits (6 bytes) - for most LANS: 3 bytes for the organisation identifier and three bytes for the NIC identifier. • Set into the Network Interface Card (NIC), but can be software settable. • Expected to last until the year 2100 before the same addresses will be used again... • The aim of the MAC address is to assist the link layer in transmitting the framed packet from one interface to another on a physically-connected interface. • The broadcast address is: FF-FF-FF-FF-FF-FF (all 1s). • Administered by IEEE - the manufacturer buys a portion of MAC address space in order to assure uniqueness. • MAC addresses are flat, which means that you can't tell anything about the sender or receiver (other than the manufacturer) from the numbers. This is opposed to IP addresses, which are geographically allocated (there's not need for geographic information with MAC addresses). Mapping IP to/from MAC Addresses Address Resolution Protocol (ARP) - an address resolution protocol table is used. When an IP address is known, but the MAC address isn't (i.e. it's not in the lookup/mapping table) of a destination machine, then a new frame is broadcast detailing the sender's IP and MAC address, and requesting the MAC address of the system with the IP address we want as the destination. The destination address responds with its MAC address, and nodes along the path and the original sender make a note of this mapping within the ARP table as a cache for later. Entries stay in the table for typically 20 minutes. This cache is to ensure the network isn't constantly filled with traffic requesting the MAC address. Hubs and Switches Hubs - allow the connection of wires from a number of different machines to join together into an effectively analogue communication. The aim is to allow multiple machines to share a connection. A frame is sent out on all systems in the hub. Nodes connected to the hub can collide with each other and can listen to other messages. When multiple messages get mixed up (and no longer make sense!) then collision avoidance has to take place, which may mean turning off communications and backing off before retransmitting. Not very common any more. Switches - store and forward devices. Transparent - the hosts are unaware of switches. Plug-and-play and self-learning. Each wire is a separate collision domain - they're separate so there's no collisions. They're also full duplex wires. Switches can also buffer and queue the packets. Switches can do much more than hubs can, which is why they've pretty much replaced hubs. For each of the connections it provides it has a network interface card and a processor in order to look at the data coming in, check CRCs, extract the datagrams and then send the data up the layers. If the data is to be forwarded then it takes it up a a layer, moves it to the correct network interface, encapsulates it, and sends it down the wire. A switch knows that destinations are reachable using a switch table. It broadcasts a message in order to fill the table up with MAC addresses of the destination. This is very similar to how ARP works. Switches can be connected together - the same principles apply, the switches will talk to each other in exactly the same way.
Gigabyte Ethernet is used for faster transmissions, and is often used for backbones to multiple standard Ethernet switches as it has a higher bandwidth, but is becoming more popular and mainstream for Ethernet solutions. Switches vs. Routers They both act in the same store-and-forward way, but routers maintain routing tables and implement routing algorithms, whilst switches maintain switch tables, implement learning algorithms, and implement filtering. Routers can do more complicated forwarding because they can access the higher network layers and look at IP addresses in the datagram etc.
Switches, Routing and Local Area Network (LAN) Addresses Multiple Access - Sharing a Network Two main types: 1. Point-to-Point E.g. ADSL at home using a telephone wire has a single sender and single receiver (the telephone exchange). Over the wire a protocol is run (typically "Point-toPoint Protocol" or PPP, which is on top of the High Level Data Link Control or HLDLC which is used to control the line). 2. Broadcast A single shared medium which is the broadcast channel. Every device can talk at the same time so interference can occur. The communications rely on Signal to Noise and Interference Ratio (SNIR) in order to listen to and understand - the signal you want to be listening to needs to be the loudest one at the time. The more information that's being sent in a given time period, the louder the sender has to be. Collisions can occur if two transmissions overlap in time. When this occurs the resources become wasted, the transmission becomes rubbish and has to be thrown away and re-transmitted, which takes up more time and resources. The solution is to coordinate all the systems using Medium Access Control (MAC) so as they all get a chance to communicate. A central controller (such as in 2G phones) can have a fixed schedule of when every system uses the channel. This would mean that the channel is never empty, and that there's never a clash. There may be empty slots left but these can be used for network control. Three 1. 2. 3.
main types of medium access control: Channel Partitioning Random Access Turn Taking
The ideal characteristics for a channel is to have are: • • • •
One node with the data using the whole bandwidth of the channel so as there's no competition for resources. In practice however, nodes are not capable of using the full channel. The connection to be shared equally between all the nodes currently using the connection. Decentralisation - so as there's no central point of failure. Simple and inexpensive.
Collisions and Channel Partitioning Channels can be partitioned in four different ways: Space - such as separate wires so there's no overlap. FM channels can be re-used in different areas of the country because they're spatially separated. Space Division Multiple Access (SDMA). Frequency - Frequency Division Multiple Access (FDMA). Used by mobile telephones. Each spectrum is divided into frequency bands which are then allocated. Different stations have a a different frequency band that it can used. Time - Time Division Multiple Access (TDMA). Assigning time slots to different systems. Phones are allocated time slots. Unused slots are idle, and are either wasted or can be used by other users. Code - 3G phones use Code Division Multiple Access (CDMA) which uses numerical coding techniques
which don't affect other coded communications. The phones listen out for communications that are coded in the format that they understand.
Random Access Protocols A node must decide when it's going to send a packet. If packets are just sent whenever and multiple nodes are transmitting then collisions will occur. The random access MAC protocol specifies how to detect and recover from collisions. Examples of random access MAC protocols... ALOHA Unslotted - when a frame arrives it's transmitted. Pure ALOHA just transmits randomly. The probability of a collision depends on the overlap between packets. Frames must be sent at least one frame apart in order to avoid collisions. This means that the probability of success is only 18%... Not good... Slotted ALOHA Assumptions; all frames are the same size, time is divided into equal size slots. All the nodes must be synchronised in order to avoid collisions (which can be achieved by a base station "pulsing" the start of each slot in the mobile phone world). When a node obtains a fresh frame to transmit, it transmits it in the next slot. A node can only transmit at the beginning of a new slot. If there's no collision then the node can send a new frame in the next slot. If there is a collision, the the node has to re-transmit within each subsequent slot until it's successful. The probability of a collision is so much less that for pure ALOHA (see above) because there's no continuous overlap that can occur. Advantages ; a single, active node can continuously transmit at a full rate of the channel. Highly decentralised, and simple. Disadvantages; collisions still occur, waiting for slots, idle slots, unable to detect collisions, clock synchronisation is hard - still only 37% probability of a successful frame transmission at best! Carrier Sense Multiple Access (CSMA) The idea with carrier sense multiple access is to listen down the channels before a transmission takes place, in order to ensure that there's no communication collisions - if the channel is busy then defer the transmission to a queue. The collisions can occur due to a delay in time from when a transmission occurs to it being detectable by other nodes. The greater the distance and propagation, the greater the chance of collisions. Carrier Sense Multiple Access/Collision Detection (CSMA/CD) When a collision occurs then the data's being received gets jumbled and turns into rubbish. Nodes detect this and just throw array the current frame being transmitted. However, it may still be understandable, so when a collision is detected by a node (it sees two signals overlap) it sends a blocking signal which aims to stop all frames currently being sent. "Taking Turns" MAC Protocols Polling - using a master computer and slave computers, the master determines when a slave can transmit. This is typically used with less complicated slave devices. The main disadvantage is the delays caused by the polling overhead Token Passing - a control token message is used to determine which device can communicate. If a system has the token message then it can communicate. The main disadvantage is that a system could be waiting for the token to communicate for quite a while.
Link Layer Framing Within the Last Mile Much cheaper than dedicated links. Some of the options currently available include: Plain Old Telephone Systems (POTS) - 56kbs limited by bandwidth. Integrated Services Digital Network (ISDN) - two POTS lines with 64kbs channels allows for 128kbs in total. This uses a coder and a decoder to put voice over the digital link. Digital Subscriber Line (DSL) - marketed as broadband and has a speed of 1-32 Mbps and growing... There are a number of usable channels and the uplink and downlink determines the data rate. Cable TV (CATV) - wide bandwidth but shared between TV (6Mhz channels) and data.
Link Layer Bit Encoding Signals, such as voltages, travel through the physical medium between hosts. So the bits have to be encoded into these signals by the sender's network adaptor, and decoded by the receiver's network adapter. The link layer uses a mapping between 1 to a HIGH value (e.g. a high voltage) and 0 to a LOW value (e.g. a low voltage). It uses an idea is known as Non Return to Zero (NRZ), which means that if the voltage is high then ever clock cycle a 1 is added, and if the voltage is low then a 0 is used ever clock cycle. However, the problem with this is that the sender's and the receiver's clocks need to be synchronised in order for the receiver to know when a new bit should be taken from the continuous voltage. The clock could be broadcast on a different channel - but this is a waste of the network! There's also an issue with the amount of voltage change required to signal a bit change. The receiver could learn where the transitions are - but after a long series of 0s or 1s, it can forget what the change should look like. So, the average of the signal across time could be taken. An average voltage is used to distinguish between a 1 and a 0. All zeros causes the average to drop to zero (and a slight change would signal a one...) All ones cause the average to rises towards 1 (and a slight change would signal a zero…).
Clock Recovery The clock is not sent as this is a waste of the network's resources. Non-Return to Zero Inverted A transition in the voltages levels always converts to a binary bit 1, where as a consecutive voltages across multiple clock cycles indicates a 0 bit each clock cycle. Multiple ones then make good clock recovery, as there'll be multiple transitions on the clock edge. This is why an ideal synchronisation pattern is 111111. On the other hand, a whole sequence of 0s can mean the clock get's lost. Manchester Encoding Used in IEEE 802.3 Ethernet. The clock runs at twice the data rate. The sender sends the XOR of the clock (which is twice as fast as the data) and the data. However, using this encoding, only 50% of the speed of the network can be used, as the clock has to be twice the speed of the data. But there is very easy clock recovery. Strings of 0s and 1s can be dealt with quite easily. 4B/5B • Used in 100BASE-TX Cat 5 Ethernet . • More transitions, but without the same clock overhead. • The bits are broken down into a series of 4 bits. Each series of 4 bits is encoded as a 5 bit code. The 5 bit code ensures there's only ever: One leading zero and ! Two trailing zeros. ! • This means that there's only ever 3 zeroes in a row before there's a transition to a 1. This encoding can then be sent over Non-Return-to-Zero, so every 1 transmitted has a voltage transition (the more transitions the better!), and has an efficiency of 80%. • There are spare codes (as you can use 32 codes with 5 bits and encoding 4 bits only takes up 16 codes). Some of these spare codes are used for transmitting control. 11111 == Idle (1s are used to maintain the transitions and clock synchronisation so that when data does come in there's no transition problems). 00000 == dead (no transitions, no transmission - it's dead because it's not moving!). 00100 == halt (a control to stop the transmission). There are 6 more control signals, and 7 unused codes because they break the zeros rule (described above). Signals and Modulation Whatever medium is being used, the signals are usually electromagnetic waves - the speed of light. Different materials have different refractive indexes, which varies the speed of light. When transmitting light down a copper wire, to find the velocity, it is 2/3 * speed of light. The velocity factor for a medium determines how much the light will slow down when it passes through that medium. Different methods of transmission: • • •
Simple - on/off e.g. morse code (carrier wave modulation). Amplitude Modulation (AM) - vary the strength of the voltage over time in order to create waves for transmission. A varied amplitude could represent a 1 where as no modulation could represent a 0. Frequency Modulation (FM) - they modulate the carrier wave frequencies. Perhaps a low frequency could represent a 0, and a high frequency could represent a 1. A symbol (a frequency) may represent
• • •
•
more than 1 bit, for four different frequencies could represent 2 bits. Phase (PM) - vary the angle of the sine wave. The angle determines where the changes occur. Phase Shift Keying - multiple angles are used to transmit multiple bits per signal. The more bits per signal, the faster the data rate. Quadrature Amplitude Modulation (QAM): 16-QAM uses 4 amplitudes and 4 phases to transmit 4 bits per signal. ! 64-QAM uses 16 amplitudes and 4 phases to transmit 6 bits per symbol. ! The louder the transmission the clearer the signal. Forward error correction can be used up to a point at which point the data transmission needs to be lowered (e.g. from 64-QAM to 16-QAM).
Did somebody say this was a summary…? ;) Good luck with the exam!
