Computer Networking - A Top Down Approach

References

• Computer Networking, A Top-Down Approach; Seventh Edition; Jim Kurose, Keith Ross
• A List of Well-Known Port Numbers for all Internet Standard Protocols
• Find an RFC Definition By Replacing #### in the URL with the RFC number: https://datatracker.ietf.org/doc/html/rfc####

Computer Networking and The Internet

The first chapter presents a broad overview of computer networking and the internet. Our goal here is to paint a broad picture and set the context for the rest of this book, to see the forest through the trees.

What is The Internet?

Nuts and Bolts Description

• The internet is a computer network that interconnects billions of computing devices throughout the world. In internet jargon, computers/smartphones/TVs/gaming consoles/etc. are called hosts or end systems.

• End systems are connected together by a network of communication links and packet switches.
• Different links can transmit data at different rates, with the transmission rate of a link measured in bits/second. When one end system has data to send to another end system, the sending end system segments data and adds header bytes to each segment. The resulting packages of information, known ad packets in the jargon of computer networks, are then sent through the network to the destination end system, where they are reassembled into the original data.
• A packet switch takes a packet arriving on one of its incoming communication links and forwards that packet on one of its outgoing communication links. Packet switches come in many shapes and flavors, but the two most prominent types in today's Internet are routers and link-layer switches.
• The sequence of communication links and packet switches traversed by a packet from the sending end system to the receiving end system is known as a route or path through the network.
• End systems access the Internet through Internet Service Providers (ISPs) including residential ISPs, such as local cable or telephone companies; corporate ISPs; university ISPs; ISPs that provide WiFi access in airports, hotels, coffee shops, and other public places; and cellular data ISPs, proving mobile access to our smartphone an other devices.
• End systems, packet switches, and other pieces of the Internet run protocols that control the sending and receiving of information within the Internet. The Transmission Control Protocol (TCP) and the Internet Protocol (IP) are two of the most important protocols in the Internet.
• The Internet's principal protocols are collectively known as TCP/IP.
• Internet Standards are developed by the Internet Engineering Task Force (IETF). The IETF standards documents are called requests for comments (RFCs). RFCs define protocols such as TCP, IP, HTTP, and SMTP.

Services Description

• Internet can also be described as an infrastructure that provides services to applications. Internet applications, distributed applications, run on end systems - they do not run in the packet switches in the network core.
• End systems are attached to the Internet provide a socket interface that specifies how a program running on one end system asks the Internet infrastructure to deliver data to a specific destination program running on another end system. The Internet socket interface is a set of rules that the sending program must follow so that the Internet can deliver the data to the destination program.
• The Internet has a socket interface that the program sending the data must follow to have the Internet deliver the data to the program that will receive the data.

What is a Protocol?

• It takes two communicating entities running the same protocol in order to accomplish a task.
• All activity in the Internet that involves two or more communicating remote entities is governed by a protocol.

A protocol defines the format and the order of messages exchanged between two or more communicating entities, as well as the actions taken on the transmission and/or receipt of a message or other event.

The Network Edge

The Internet of Things (IOT) offers potentially revolutionary benefits to users. But at the same time there are also huge security and privacy risks. For example, attackers, via the Internet, might be able to hack into IoT devices or into the servers collecting data from IoT devices. For example, an attacker could hijack an Internet-connected doll and talk directly with a child; or an attacker could hack into a database that stores personal health and activity information collected from wearable devices. These security and privacy concerns could undermine the consumer confidence necessary for the technologies to meet their full potential and may result in less widespread adoption

• Hosts / end systems are sometimes divided into two categories: clients and servers. Informally, clients tend to be desktop and mobile PCs, smartphones, and so on, whereas servers tend to be more powerful machines that store and distribute Web pages, stream video, relay e-mail, and so on.

Access Networks

• Access networks are the networks that physically connect an end system to the first router.
• Today, the two most prevalent types of broadband residential access are digital subscriber line (DSL) and cable.
• The residential telephone line carries both data and traditional telephone signals simultaneously, which are encoded at different frequencies, which allows telephone call and Internet connection to share the DSL link at the same time.

• While DSL makes use of the telco's existing local telephone infrastructure, cable internet access makes use of the cable television company's existing cable television infrastructure.

• Cable internet access requires special modems, called cable modems. As with a DSL modem, the cable modem is typically an external device and connects to the home PC through an Ethernet port.
• Fiber to the Home (FTTH) is an up and coming technology that provides even high rates of data transmission.
• There are also satellite access providers.
• On corporate and university campuses, and increasingly in home settings, a local area network (LAN) is used to connect an end system to the edge router. Although there are many types of LAN technologies, Ethernet is by far the most prevalent access technology in corporate, university, and home networks.

• In wireless LAN setting, wireless users transmit / receive packets to/from and access point that is connected into the enterprise's network, which in turn is connected to the wired internet. In a wireless LAN, setting, wireless users transmit/receive packets to/from an access point that is connected into the enterprise's network, which in turn is connected to the wired Internet. A wireless LAN user must typically be within a few tens of meters of the access point. Wireless LAN access based on IEEE 802.11 technology, more colloquially known as WiFi, is now just about everywhere.
• Many homes combine broadband residential access with these inexpensive wireless LAN technologies to create powerful home networks.

• Telecommunication companies have made enormous investments in so called third-generation wireless (3G), which provides packet-switches wide-area wireless Internet access at speed in excess of 1Mbps. But event higher-speed wide-area access technologies - a fourth generation (4G) of wide-area wireless networks - are already being deployed. LTE (Long-Term Evolution) has its roots in 3G technology and can achieve rates in excess of 10 Mbps.

Physical Media

• For each transmitter receiver pair, the bit is sent by propagating electromagnetic waves and optical pulses across a physical medium.
• Physical media fall into two categories: guided media and unguided media. With guided media, the waves are guided along a solid medium, such as fiber-optic cable, a twisted-pair copper wire, or a coaxial cable. With unguided media, the waves propagate in the atmosphere and in outer space, such as wireless LAN or a digital satellite channel.
• Cost of physical media is low, but the labor involved is high. So people often install wires in every room because there is a good chance that another medium will be used in the future.
• The most commonly used guided transmission medium is twisted-pair copper wire (twisted to reduce EMF interference). Unshielded twisted pair (UTP) is commonly used for computer networks within a building (for LANs). Twisted pair has emerged as the dominant solution for high-speed LAN networking.
• Like twisted pair, coaxial cable consists of two copper conductors, but the two conductors are concentric rather than parallel. Coaxial cables are common in cable television systems. Coaxial cable can be used as a guided shared medium. Specifically, a number of end systems can be connected directly to the cable, with each of the end systems receiving whatever is send by the other end systems.
• An optical fiber is a thin, flexible medium that conducts pulses of light, with each pulse representing a bit. A single optical fiber can support tremendous bit rates, they are immune to electromagnetic interference, have very low signal attenuation u 10 100 kilometers, and are very hard to tap. These characteristics have made fiber optics the preferred long-haul guided transmission medium, particularly for overseas links. But, they are expensive, so their deployment for short haul transport has been limited.
• Terrestrial radio channels carry signal in the electromagnetic spectrum. They are an attractive medium because they require no physical wire to be installed, can penetrate walls, provide connectivity to a mobile user, and can potentially carry a signal for a long distance.
• Two types of satellites are used in communications: geostationary satellites and low-earth orbiting (LEO) satellites.

The Network Core

• The network core is the mesh of packet switches and links that interconnects the Internet's end systems.

Packet Switching

• In a network application, end systems exchange messages with each other. To send a message from a source end system to a destination end system, the source breaks long messages into smaller chunks of data known as packets. Between source and destination, each packet travels through communication links and packet switches (for which there are two predominant types, routers and link-layer switches).
• Most packet switches use store and forward transmission at the inputs to the links. Store-and-forward transmission means that the packet switch must receive the entire packet before it can begin to transmit the first bit of the packet onto the outbound link. The packet switch must buffer (store) a packets bits until it has received all the packets bits, which then allows it to transmit the packet to the outbound link.

• In the internet, every end system has an address called an IP address. When a source end system wants to send a packet to a destination end system, the source included the destination's IP address in the packet's header. When a packet arrives at a router in the network, the router examines a portion of the packet's destination address and forwards the packet to an adjacent router. More specifically, each router has a forwarding table that maps destination addresses to that router's outbound links. When a packet arrives at a router, the router examines the address and searches its forwarding table, using this destination address, to find the appropriate outbound link. The internet has a number of special routing protocols that are used to automatically set the forwarding tables.

Circuit Switching

• The two fundamental approaches to moving data through a network of links and switches: circuit switching and packet switching.
• In circuit switched networks, the resources needed along a path (buffers, link transmission rate) to provide for communication between the end system are reserved for the duration of the communication session between the end systems.
• A circuit in the jargon of telephony is when the switches on the path between the sender and receiver maintain a reserved? connection state for the duration of the connection.
• A circuit in a link is implemented with either frequency-division multiplexing (FDM) or time-division multiplexing (TDM).
• Proponents of packet switching have always argues that circuit switching is wasteful because the dedicated circuits are idle during silent periods.
• Critics of packet switching have often argued that packet switching is not suitable for real-time services because of its variable and unpredictable end-to-end delays. Proponents of packet switching argue that (1) it offers better sharing of transmission capacity than circuit switching and (2) it is simpler, more efficient, and less costly to implement than circuit switching.

Circuit switching pre-allocates use of the transmission link regardless of demand, with allocated but unneeded link time going unused. Packet switching on the other hand allocates link use on demand. Link transmission capacity will be shared on a packet-by-packet basis only among those users who have packets that need to be transmitted over the link.

• Things are trending clearly in the direction of packet switching

A Network of Networks

• ISPs themselves must be interconnected - this is done by creating a network of networks
• A Point(s) of Presence (POP) is a group of one or more routers (at the same location) in the provider's network where the customer ISP can connect into the provider ISP.
• ISPs at the same level in a hierarchy can peer, they can directly connect their networks together so that all the traffic between them passes over the direct connection rather than through the upstream intermediaries.
• An Internet Exchange Point (IXP) is a meeting point where multiple ISPs can peer together.
• In summary, today's Internet - a network of networks - is complex, consisting of a dozen or so tier-1 ISPs and hundreds of thousands of lower-tier ISPs.

Delay, Loss, and Throughput in Packet-Switched Networks

• Computer networks necessarily constrain throughput (the amount of data per second that can be transferred) between end systems, introduce delays between end systems, and can actually lose packets

• Delays in Packet Switched Networks
• • Nodal Processing Delay
  • Queueing Delay
  • Transmission Delay
  • Propagation Delay
• These delays accumulate to give a total nodal delay.
• The performance of applications is greatly affected by network delays.

• The time required to examine the packet's header and determine where to direct the packet is part of the processing delay. (Usually microseconds)
• At the queue, the packet experiences a queueing delay as it waits to be transmitted onto the link. (Usually microseconds to milliseconds depending on traffic).
• The transmission delay is the number of bits, L, divided by the transmission rate, R, (bits/second) . This is the amount of time required to push (transmit) all of the packet's bits into the link. (Usually microseconds to milliseconds) in practice.
• Once a bit is pushed into the link, it needs to propagate to router B. The time required to propagate from the beginning of the link to router B is the propagation delay. The propagation delay is a function of the transmission medium and information is transferred near the speed of light.
• A packet can arrive at a router with a full queue - in that case - the router will drop the packet, and the packet will be lost.
• In addition to delay and packet loss, another critical performance measure in computer networks is end-to-end throughput. To defined throughput, consider transferring a large file from Host A to Host B across a computer network. The instantaneous throughput at any instant of time is the rate (in bits/sec) at which Host B is receiving the file. The average throughput is the total number of bits transmitted divided by the total amount of time all the packets need to reach the end system.

Protocol Layers and Their Service Models

• A layered architecture allows us to discuss a well-defined, specific part of a large and complex system. This simplification itself is of considerable value by providing modularity, making it much easier to change the implementation of the service provided by the layer. As long as the layer provides the same service as the layer above it, and uses the same services from the layer below it, the remainder of the system remains unchanged when a layer's implementation is changed.
• For large and complex systems that are constantly being updated, the ability to change the implementation of a service without affecting other components of the system is another important advantage of layering.
• Network designers organize protocols in layers. Each protocol belongs to one of the layers. Each layer provides its service by (1) performing certain actions within the layer and by (2) using the services of the layer directly below it.
• Layers can be implemented in hardware of software. Application-layer protocols - such as HTTP and SMTP -are almost always implemented in software in the end systems; so are transport layer protocols. The network layer is often a mix of software and hardware.

• When taken together, the protocols of the various layers are called the protocol stack.
• The application layer is where the network applications and their application-layer protocols reside. The Internet's application layer includes many protocols, such as HTTP protocol, SMTP, and FTP (file transfer protocol). he packet of information at the application layer is called a message.
• The Internet's transport layer transports application-layer messages between application endpoints. In the internet, there are two transport protocols, TCP and UDP, either of which can be transport application-layer messages. A transport layer packet is known as a segment.
• • TCP provides a connection-oriented service to its applications. This service includes guaranteed delivery of application layer messages to the destination and flow control (that is, sender/receiver matching). TCP also breaks long messages into shorter segments and provides a congestion-control mechanism, so that a source throttles its transmission rate when the network is congested.
  • The UDP protocol provides a connectionless service to its applications. There is a no-frills service that provides no reliability, no flow control, and no congestion control.
• The Internet's network layer is responsible for moving network-layer packets known as datagrams from one host to another. The network layer receives a transport layer segment and a destination address from the transport layer. The network layer then provides the service of delivering the segment to the transport layer in the destination host. The Internet's network layer includes the celebrated IP protocol, which defined the fields in the datagram as as well as how the end systems and routers act on these fields. There is only one IP protocol, and all Internet components that have a network layer must run the Internet protocol. The network layer also has routing protocols.
• The Internet's network layer routes a datagram through a series of routers between the source and the destination. To move a packet from one node (host or router) to the next node in the route, the network layer relies on the services of the link layer. Examples of link layer protocols include Ethernet, WiFi, and the cable access network's DOCSIS protocol. Datagrams may be handled by different link protocols along a route. Link layer protocols are referred to as frames.
• The job of the physical layer is to move the individual bits within the frame from one node to the next. The protocols in this layer are again dependent on the physical implementation of the layer: twisted copper wire vs coaxial cable.
• The OSI model is an early model that was developed in the 70s.

• Encapsulation is the concept that at each layer, information is appended to data that was passed to it, but the new data still encapsulates the data that was send to it. . At each layer, a packet has two types of fields: header fields and a payload field.

Networks Under Attack

• Malware - information that is sent that can do devious things. Botnet - when people control many compromised devices and attempt to do malicious things with these devices. Most malware out today is self replicating; once it infects one host, from that host it seeks entry into other hosts over the Internet, and from the newly infected hosts, it seeks entry into yet more hosts. Malware can spread in the form of a virus or a worm. Viruses are malware that require some form of user interaction to infect the user's device. Worms are malware that can enter a device without any explicit user interaction.
• Denial of Service attacks:
• • Vulnerability Attack: Sending well-crafted messages to a vulnerable application or operating system running on a targeted host. If the right sequence of packets is sent to a vulnerable application or operating system, the service can stop or, worse, the host can crash.
  • Bandwidth Flooding: The attackers sends a deluge of packets to the targeted host - so many packets that the target's access link becomes clogged, preventing legitimate packets from reaching the server.
  • Connection Flooding: The attacker establishes a large number of half-open or fully open TCP connections at the target host. The host can become so bogged down with these bogus connections that it stops accepting legitimate connections.
• In a distributed Denial of Service attack, the attacker controls multiple sources and has each source blast traffic at the target. DDoS attacks leveraging botnets with thousands of compromised hosts are a common occurrence today.
• A packet receiver that records a copy of every packet that flies is called a packet sniffer. Some of the best defenses against packet sniffing involve cryptography.
• The ability to inject packets into the Internet with a false source address is known as IP spoofing, and is but one of many ways in which one user can masquerade as another user. To solve this problem, we will need end point authentication, that is, a mechanism that will allow us to determine with certainty if the message originates from where we think it does.

History of Computer Networking and the Internet

• Packet Switching - developed in the '60s and implemented on a small scale in the American West in the late 60s / early 70s
• In the 80s, stand alone packet switching networks besides ARPAnet came into being
• By the ends of the 1980s, the number of hosts connected to the public internet, a confederation of networks looking much like today's internet, would reach a hundred thousand. Much of the growth in the 80s came from linking university networks together.
• The main event of the 1990s was to be the emergence of the World Wide Web application, which brought the Internet into the homes and businesses of millions of people worldwide.

\

Application Layer

Principles of Network Applications

• In choosing the application architecture, an application developer will likely draw on one of the two predominant architectural paradigms used in modern network applications: the client-server architecture or the peer-to-peer (P2P) architecture.
• In a client-server architecture, there is an always-on host, called the server, which services requests from many other hosts, called clients. A classic example is the Web application for which an always-on Web server services requests from browsers running on client hosts. When a Web server receives a request for an object from a client host, it responds by sending the requested object to the client host.
• Another characteristic of the client-server architecture is that the server has a fixed, well-known address, called an IP address (which we'll discuss soon). Because the server has a fixed, well-known address, and because the server is always on, a client can always contact the server by sending a packet to the server's IP address.
• A data center, housing a large number of hosts, is often used to create a powerful virtual server to keep up with a large amount of requests.
• In a P2P architecture, there is minimal (or no) reliance on dedicated servers in data centers. Instead, the application exploits direct communication between pairs of intermittently connected hosts, called peers. The peers are not owned by the service provider, but are instead desktops and laptops controlled by users, with most of the peers residing in homes, universities, and offices.
• Many applications have hybrid architecture.
• In the jargon of operating systems, it is not actually programs but processes that communicate. A process can be thought of as a program that is running within an end system. When processes are running on the same end system, they can communicate with each other with inter-process communication, using rules that are governed by the end system's operating systems.
• Process on two different end systems communicate with each other exchanging messages across the computer network. A sending process creates and sends messages into the network; a receiving process receives these messages and possibly responds by sending messages back.
• A network process consists of pairs of processes that send message to each other over a network. For each pair of communicating processes, we typically label one of the two processes as the client and the other process as the server.

In the context of a communication session between a pair of processes, the process that initiates the communication (that is, initially contacts the other process at the beginning of the session)is labeled as the client. The process that waits to begin the session is the server.

• A process sends messages into, and receives messages from, the network through a software interface called a socket. A socket is an interface between the application layer and the transport layer within a host. It is also referred to as the Application Programming Interface (API) between the application and the network, since the socket is the programming interface with which the network applications are built.
• The only control that the application developer has on the transport layer side is

1. 1. the choice of transport layer protocol
   2. perhaps the ability to fix a few transport layer parameters such as maximum buffer and maximum segment sizes

• In order for a process on one host to send packets to a process running on another host, the receiving process needs to have an address. To identify the receiving process, two pieces of information need to be specified:
• • The address of the host
  • an identifier that specifies the receiving process in the destination host
• In the Internet, the host is identified by its IP address. An IP address is a 32-bit quantity that we can think of as identifying the host. The sending process must also know the receiving process (more specifically, the receiving socket) running in the host. A destination port number serves this purpose. Popular applications have been assigned port numbers. For example, a Web Server is identified by port 80. A mail server process (using the SMTP protocol) is identified by port number 25.

Transport Services Available to Applications

• How do you choose the transport protocol? What are the services that a transport-layer protocol can offer to applications invoking it?
• If a protocol provides a guarantee that the data sent by one end of the application is delivered correctly and completely to the other end of the application, the protocol is said to provide reliable data transfer. Toss-tolerant-applications are applications where some of the data sent by the sending process may never arrive at the receiving process.
• Another service that a transport layer protocol can provide is guaranteed throughput at some specified rate. Applications that have throughput requirements are said to be bandwidth-sensitive applications. Elastic Applications make use of as much, or as little, throughput as happens to be available.
• A transport layer protocol can also provide timing guarantees. (Real Time Applications)
• A transport layer protocol can provide an application with more security services.

Transport Services Provided by the Internet

• The Internet (TCP/IP networks) makes two transport protocols available to applications, UDP and TCP.
• TCP Services
• • The TCP service model includes a connection-oriented service and a reliable data transfer service. When an application invokes TCP as its transport protocol, the application receives both of these services from TCP.
  • Connection Oriented Services - TCP has the client and server exchange transport-layer control information with each other before the application level messages begin to flow. This so called handshaking procedure alerts the client and server, allowing them to prepare for an onslaught of packets.
  • Reliable Data Transfer service - The communication processes can rely on TCP to deliver all data sent without error and in the proper order. When one side of the application passes a stream of bytes into a socket, it can count on TCP to deliver the same stream of bytes to the receiving socket, with no missing or duplicate bytes.
  • TCP also includes a congestion control mechanism.

• UDP Services
• • UDP is a no frills, lightweight transport protocol that provides minimal services. UDP is connectionless, so there is no handshaking before the two processes start to communicate. UDP provides an unreliable data transfer service. UDP provides no congestion control mechanism.
• Timing guarantees are not provided by today's internet transfer protocol.

• Application Layer Protocols
• • An application layer protocol defined how an application's process, running on different end systems, pass messages to each other. In particular, an application layer protocol defines:
  • • The type of messages exchanged (request and response)
    • The syntax of the various message types, such as fields in the message and how the fields are delineated
    • The semantics of the fields, that is, the meaning of the information in the fields
    • Rules for determining when and how a process sends and responds to a message
  • The Web's application-layer protocol, HTTP, is available as an RFC. It defines the format and sequence of messages exchanged between the browser and web server. The principle application layer protocol for electronic mail is SMTP (Simple Mail Transfer Protocol)

The Web and HTTP

• The Hypertext Transfer Protocol (HTTP), the Web's application layer protocol, is at the heart of the web. It is defined in RFC1945 and RFC2616, and is implemented in client and server programs.
• A Web Page consists of objects. An object is simply a file - such as HTML file, a JPEG image, a Java applet, or a video clip - that is addressable by a single URL.
• The web browser is the client.
• HTTP defines how Web clients request Web pages from Web servers and how servers transfer Web pages to clients.
• HTTP uses TCP as its underlying transport protocol. The HTTP client initiates a TCP connection with the server. Once the connection is established, the browser and the server process access TCP through their socket interfaces.
• Because an HTTP server maintains no information about the clients, HTTP is said to be a stateless protocol.
• Should each request/response be sent over the same TCP connection (persistent connections) or over a separate TCP connection (non-persistent connections). HTTP uses persistent connections as its default mode, but HTTP clients and servers can be configured to use non-persistent connections instead.
• The HTTP specifications (RFC1945 and RFC2616) defined only the communication protocol between the client HTTP program and the server HTTP program.
• Round Trip Time (RTT) is the time it takes for a small packet to travel from client to server and then back to the client.

• Non-persistent connection shortcomings: a new connection must be established and maintained for each requested object.
• Typically, the HTTP server closes a connection when it isn't used for a certain time (a configurable timeout interval).
• The HTTP specifications (RFC1945; RFC2616;; and RFC7540) include the definitions of the HTTP message formats. There are two types of HTTP messages: the request message and the response message.

REQUEST MESSAGE:
GET /somedir/page.html HTTP/1.1 
Host: www.someschool.edu 
Connection: close 
User-agent: Mozilla/5.0 
Accept-language: fr

RESPONSE MESSAGE: 
HTTP/1.1 200 OK 
Connection: close 
Date: Tue, 18 Aug 2015 15:44:04 GMT 
Server: Apache/2.2.3 (CentOS) 
Last-Modified: Tue, 18 Aug 2015 15:11:03 GMT 
Content-Length: 6821 
Content-Type: text/html 
(data data data data data ...)

• The first like in an HTTP request message is called the request line, and the lines below it are called the header lines.
• The response message has an initial status line, six status lines, and then the entire body.
• Connection: close means close the TCP connection after sending the message.

• Cookies, defined in (RFC6265), allow sites to keep track of users. Cookie technology has four components: a cookie header line in the HTTP response method, a cookie header line in the HTTP request message, a cookie file kept on the user's end system and managed by the user's web browser, and a back-end database at the website.
• A Web cache - also called a proxy server - is a network entity that satisfies HTTP requests on behalf of the origin web server. The web cache has its own disk storage and keeps copies of recently requested objects in this storage.

• Web caches can improve the speed at which the requested object is sent and they can reduce load on the server. Through the use of Content Distribution Networks (CDNs), Web Caches are increasingly playing an important role in the internet. A CND company installs many geographically distributed caches throughout the Internet, thereby localizing much of the traffic.
• An HTTP request method is a so-called conditional GET message if (1) the requested messaged uses the GET method and (2) the request message includes an If-Modified-Since header line.

Electronic Mail in the Internet

• The internet mail system has three major components: user-agents, mail-servers, and Simple Mail Transfer Protocol. SMTP, defined in RFC5321, is at the heart of Internet electronic mail.
• Transcript between a client SMTP server (C) and a server SMTP server (S):

S: 220 hamburger.edu 
C: HELO crepes.fr 
S: 250 Hello crepes.fr, pleased to meet you
C: MAIL FROM: <alice@crepes.fr>
S: 250 alice@crepes.fr ... Sender ok
C: RCPT TO: <bob@hamburger.edu>
S: 250 bob@hamburger.edu ... Recipient ok 
C: DATA 
S: 354 Enter mail, end with ”.” on a line by itself 
C: Do you like ketchup? 
C: How about pickles? 
C: . 
S: 250 Message accepted for delivery 
C: QUIT S: 221 hamburger.edu closing connection

• Both SMTP and HTTP use persistent connections
• HTTP is mainly a pull protocol - someone loads information on a Web server and users use HTTP to pull the information from the server at their convenience. SMTP is primarily a push protocol - the sending mail server pushes the file to the receiving mail sever.
• RFC5322 specifies the exact format for mail header lines as well as their semantic implementations

• Protocols used for internet mail: SMTP is used to transfer mail from the sender's mail server to the recipient's mail server; SMTP is also used to transfer mail from the sender's user agent to the sender's mail server. A mail access protocol, such as POP3, is used to transfer mail from the recipient's mail server to the recipient's user agent. POP3 is defined in RCF1939.

With POP3 access, once Bob has downloaded his messages to the local machine, he can create mail folders and move the downloaded messages into the folders. Bob can then delete messages, move messages across folders, and search for messages (by sender name or subject). But this paradigm— namely, folders and messages in the local machine—poses a problem for the nomadic user, who would prefer to maintain a folder hierarchy on a remote server that can be accessed from any computer. This is not possible with POP3—the POP3 protocol does not provide any means for a user to create remote folders and assign messages to folders. To solve this and other problems, IMAP protocol (RFC3501) was invented.

• More and more people are sending and receiving mail through their web browsers, communicating with a remote mailbox via HTTP.

DNS- The Internet's Directory Service

• Internet Hosts are identified by hostname ((www.)?frankmbrown.net) and IP addresses. An IP address consists of four bytes and has a rigid hierarchal structure. An IP address looks like 121.7.106.83, where each period separates one of the bytes expressed in decimal notation from 0 to 255.
• The main task of the Internet's domain name system (DNS) is to translate hostnames to IP addresses. The DNS servers are often UNIX machines running the Berkeley Internet Name Domain (BIND) software. The DNS protocol runs over UDP and uses port 53.
• DNS provides a few other important services in addition to translating hostnames to IP addresses:
• • Host aliasing
  • Mail server aliasing
  • Load distribution - the DNS con contain multiple IP addresses for a hostname of a busy site and send rotated IP addresses to the client. This means that DNS rotation distributes the traffic along the replicated servers.

• The DNS is specified in RFC1034 and RFC1035. DNS is distributed by design. There are three classes of DNS servers: root DNS servers, top-level domain (TLD) DNS servers, and authoritative DNS servers:
• Root DNS Servers - there are over 400 root name servers in the world managed by 13 different organizations.
• Top Level Domain Servers - For each top level domain
• Authoritative DNS Servers - Every organization with publicly accessible hosts (such as Web servers and mail servers) on the Internet must provide accessible DNS records that map the names of the hosts to IP addresses.

• DNS Caching is a critically important feature of the DNS system that improved the delay performance and reduces the number of DNS messages.
• DNS servers that together implement the DNS distributed database store resource records (RRs) that provide hostname-to-IP address mappings. A resource record is a four-tuple that contains: (Name, Value, Type, TTL). TTL is the time to live of the resource record; it determines when a resource should be removed from a cache.
• DNS Types - the meaning of value an name depend on type
• • A - Name is a hostname and Value is the IP address for the hostname.
  • NS - Name is the domain and Value is the hostname of the authoritative DNS server that knows how to obtain the IP addresses for hosts in the domain.
  • CNAME - Value is a canonical hostname for the alias hostname Name.
  • MX - Value is the canonical name of the mail server that has an alias hostname Name.

• You can send a DNS query message directly from the host you're working on to some DNS server using the nslookup program, which can be used in windows with the nslookup command
• A DNS registrar is a commercial entity that verifies the uniqueness of the domain name, enters the domain name into the DNS database, and collects a small fee from you for its services.

Peer to Peer Applications

• With P2P architecture, there is minimal (or no) reliance on always-on infrastructure servers. Instead, pairs of intermittently connected hosts, called peers, communicate directly with each other. The peers are not owned by a service provider, but are instead desktops and laptops controlled by users.
• The most popular P2P file distribution protocol is BitTorrent.
• In BitTorrent lingo, the collection of all peers participating in the distribution of a particular file is called a torrent. When a peer first joins a torrent, it has no chunks. Over time, it accumulates more and more chunks. While it downloads chunks to other peers. Once a peer has acquired the entire file, it may leave the torrent (selfish), or (altruistically) remain in the torrent and continue to upload chunks to other peers.

• Each torrent has an infrastructure node called a tracker. When a peer joins a torrent, it registers itself with the tracker and periodically informs the tracker that it is still in the torrent. In this manner, the tracker keeps track of the peers that are participating in the torrent. A given torrent may have fewer than ten or more than a thousand peers participating at any instant of time.

• Peers establish TCP connections with each other and ask each other for lists of chunks that they have and send each other chunks that their peers do not have. They request chunks in rarest first order. A distributed hash table is a simple database, with the database records being distributed over the peers in a P2P system.

Video Streaming and Content Distribution Networks

• HTTP Streaming: Client issues HTTP GET request for a video at a URL. The server responds with the video file, within a HTTP response message, as quickly as the underlying network protocols and traffic conditions allow. On the client, the bytes are collected in a client application buffer. Once the number of bytes in the buffer exceeds a predetermined threshold, the client application begins playback - specifically, the streaming video application periodically grabs video frames from the client application buffer, decompresses the frames, and displays them on the user's screen. There are drawbacks to this as you know.
• The drawbacks associated with HTTP streaming has lead to a new type of HTTP based streaming, often referred to as Dynamic Adaptive Streaming over HTTP (DASH). In DASH, the video is encoded into several different versions, with each version having a different bit rate and, correspondingly, a different quality level. The client dynamically requests chunks of video segments a few seconds in length, when the amount of available bandwidth is high, the client naturally selects chunks from a high bit rate version; and when the available bandwidth is low, it selects from a low-rate version. DASH allows clients with different Internet access rates to stream in video at different encoding rates. With DASH, each video is stored in the HTTP server, each with a different URL. The HTTP server also has a manifest file, which provides a URL for each version along with its bit rate.
• In order to meet the challenge of distributing massive amounts of video data to users distributed around the world, almost all major video streaming companies make use of Content Distribution Networks (CDNs). A CDN manages servers in multiple geographically distributed locations, stores copies of the videos in its servers, and attempts to direct each user request to a CDN location that will provide the best user experience.

Socket Programming: Creating Network Applications

• One type of network application is an implementation whose operation is specified in a protocol standard, sych as RFC or some other standards document; such an application is known as "open", since the rules specifying its operation are known to all. For such an implementation, the client and server programs must conform to the rules dictated by the RFC.
• The other type of network application is the proprietary network application. In this case, the client and server programs employ an application layer protocol that has not been openly published in an RFC or elsewhere. A single developer creates both the client and server programs, and has complete control over what goes within the code.
• I'll come look back at this when I need to - it is unlikely that I'll need this.

Transport Layer

• Examining the relationship between the transport and network layers and how to entities can reliably communicate over a medium that may lose or corrupt data.

Introduction and Transport-Layer Services

• A transport layer provides for logical communication between application processes running on different hosts. By logical communication, we mean that from an application's perspective, it is as if the hosts running the processes were directly connected. Application processes use the logical communication provided by the transport layer to send messages to each other, free from the logical communication provided by the transport layer to send messages to each other, free from the worry of the physical infrastructure used to carry these messages.
• Transport layer protocols are implemented in the end systems but not in network routers. On the sending side, the transport layer converts the application-layer messages it receives from a sending application process into transport-layer packets, known as transport layer segments in Internet terminology. This is done by breaking the application messages into smaller chunks and adding a transport layer header to each chunk to create the transport layer segment. The transport layer then passes the segment to the network layer at the sending end system, where the segment is encapsulated within a network layer segment encapsulated within a network-layer packet (a datagram) and sent to the destination. On the receiving side, the network layer extracts the transport layer segment from the datagram and passes the segment to the transport layer. The transport layer then processes the received segment, making the data in the segment available to the receiving application.
• Whereas transport layer protocol provides logical communication between processes running on different hosts, a network layer protocol provides logical communication between hosts.
• The services that a transport protocol can provide are often constrained by the service model of the underlying network-layer protocol. If the network-layer protocol cannot provide delay or bandwidth guarantees for transport-layer segments sent between hosts, then the transport layer protocol cannot provide guarantees for application messages sent between processes. Nevertheless, certain services can be offered by a transport protocol when the underlying network protocol can offer reliable data transfer service to an application even when the underlying network protocol is unreliable - even when the network protocol loses, garbles, or duplicates packets.
• The Internet's network layer protocol has a name - IP, Internet Protocol - that provides logical communication between hosts. The IP service model is a best effort delivery service. This means that IP makes its "best effort" to deliver segments between communicating hosts, but it makes no guarantees. It does not guarantee segment delivery, it does not guarantee orderly delivery of segments, and it foes not guarantee the integrity of the data in the segments. For this reason, IP is said to be an unreliable service.
• The most fundamental responsibility of transport layer protocols is to extend IP's delivery service between two end systems to a delivery service between two processes running on the end systems.
• Extending host-to-host delivery to process-to-process delivery is called transport layer multiplexing and demultiplexing. UDP and TCP offer data integrity checking by including error-detection fields in their segment headers. these two minimal transport-layer services - process-to-process data delivery and error checking - are two guarantee that data sent by one process will arrive intact to the destination process.
• TCP offers reliable data transfer. Using flow control, sequence numbers, acknowledgements, and timers, TCP ensures that data is delivered from sending process to receiving process, correctly and in order. TCP also provides congestion control.

Multiplexing and Demultiplexing

• Multiplexing and demultiplexing : extending the host to host delivery service provided by the network layer to a process-to-process delivery service for applications running on the hosts.
• A process can have one or more sockets through which data passes from the network to the process and through which data passes from the process to the network.
• At the receiving end, the transport layer examines the fields to identify the receiving socket and then redirects the segment to that socket. The job of delivering the data in a transport layer segment to the correct socket is called demultiplexing. The job of gathering data chunks at the source host from different sockets, encapsulating each data chunk with header information to create segments, and passing the segments to the network layer is called multiplexing.
• The source port number field and the destination port number field are the special fields that indicate the socket to which the segment is to be delivered. Each port number is a 16 bit number, ranging from 0 to 65535. The port numbers ranging from 0 to 1023 are called well known port numbers and are restricted, which means that they are reserved for use by well-known application protocols such as HTTP and FTP (ports 80 and 21 respectively).

• A TCP socket is defined by a four-tuple (source and designation IP address, and source and destination port number), which the host uses all 4 values to demultiplex the segment to the appropriate socket.
• Today's high performing Web servers often use only one process and create a new thread with a new connection socket for each new client connection (A thread can be viewed as a lightweight subprocess). For such a server, at any given time, there may be many connection sockets (with different identifiers) attached to the same process.

Connectionless Transport: UDP

• UDP, defined in RFC768 does just about as little as a transport protocol can do. Aside from the multiplexing/demultiplexing function and some light error checking, it adds nothin to IP.

UDP takes messages from the application process, attaches source and destination port number fields for the multiplexing/demultiplexing service, adds two other small fields, and passes the resulting segment to the network layer.

• There is no handshaking between sending and receiving transport-layer entities before the sending a segment with UDP, which is why it is said to be connectionless. DNS is an example of an application layer protocol that typically uses UDP.
• Some applications are suitable for UDP for the following readons:
• • Finer application-level control over what data is sent, and when. UDP is more suited to real time applications.
  • No connection establishment - UDP does not add any delay in establishing a connection.
  • No connection State - a server devotes to a particular application can typically support many more active clients when the application runs over UDP rather than TCP.
  • Small packet header overhead - UDP only adds 8 bytes of overhead while TCP adds 20
• UDP is used to carry network management data. DNS runs over UDP. Both TCP and UDP are sometimes used today with multimedia applications, such as Internet phone, real-time video conferencing, and streaming of stored audio and video.

• The UDP header has 4 fields, consisting of two bytes. Port numbers allow the destination host to pass the application data to the correct process running on the destination end system. The length field specifies the number of bytes in the UDP segment. An explicit length value is needed since the size of the data field may differ from one UDP segment to the next.

• A checksum is a value that represents the number of bits in a transmission message. UDP provides a checksum because there is no guarantee that all the links betwen the source and destination provide error checking. End-end principle in system design: since certain functionality (error detection, in this case) must be implemented on end-end basis: "functions places at the lower levels may be redundant or of little value when compared to the cost of providing them at the higher level"

Principles of Reliable Data Transfer

• With a reliable channel, no transferred data bits are corrupted (flipped form 0 to 1) or lost, and all are delivered in the order in which they were sent. This is precisely the service model offered by TCP to the Internet applications that invoke it.
• Automatic Repeat reQuest (ARQ) Protocols - protocols in which the receiver lets the sender know what has been received correctly
• There are three additional protocol capabilities that are required in ARQ protocols to handle the presence of bit errors:
• • Error Detection
  • Receiver Feedback - receiver provides explicit feedback to the sender
  • Retransmission - a packet that is received in error at the receive will be retransmitted by the sender.

Checksums, sequence numbers, timers, and positive and negative acknowledgement packets each play a crucial and necessary role in the operation of a data transfer protocol.

• Pipelining - when the sender sends multiple packets without waiting for acknowledgement that they have been received without error. Pipelining has the following consequences:
• • The range of sequence numbers cannot be binary
  • The sender and receiver sides of the protocols may have to buffer more than one packet.
  • The range of sequence numbers needed and the buffering requirements will depend on the manner in which a data transfer protocol responds to lost, corrupted, and overly delayed packets. Two basic approaches to pipelined error recovery can be identified as Go-Back-N (sender only allowed to have so many unacknowledged sent packets in the pipeline) and selective repeat (selective repeat protocols avoid unnecessary retransmissions by having the sender retransmit only those packets that it suspects were received in error).

Connection-Oriented Transport: TCP

• TCP, the Internet's transport layer, connection-oriented, reliable transport protocol. TCP is defined in RFC 793, RFC 1122, RFC 1323, RFC 2018, and RFC 2581. TCP is said to be connection-oriented because before one application process can begin to send data to another, the two processes must first "handshake" with each other - they must send preliminary segments to each other to establish the parameters of ensuring data transfer. The "connection" is a logical one, with common state residing in the TCPs in the two communicating end systems. Because TCP only runs on end systems, intermediate network elements do not maintain TCP connection state.
• A TCP connection provides full duplex service: if there is a TCP connection between Process A on one host and Process B on another host, then application-layer data can flow from Process A to Process B at the same time as application-layer data flows from Process B to Process A. A TCP connection is also always point-to-point between a single sender and a single receiver. Because three segments are sent between two hosts, the connection establishment procedure is often referred to as a three way handshake.
• TCP directs data from the application layer to the TCP connection's send buffer, which is one of the buffers that is set aside during the initial three-way handshake. From time to time, TCP will grab chunks of data from the send buffer and pass the data to the network layer. The maximum amount of data that can be grabbed and placed in a segment is limited by the maximum segment size (MSS). The MSS is typically set by determining the length of the largest link-layer frame that can be sent by the local sending host (the so-called maximum transmission unit, MTU), and then setting the MSS to ensure that a TCP segment (when encapsulated in an IP datagram) plus the TCP/IP header length (typically 40 bytes( will fit into a single link-layer frame.

We see from this discussion that a TCP connection consists of buffers, variables, and a socket connection to a process in one host, and another set of buffers, variables, and a socket connection to a process in another host. As mentioned earlier, no buffers or variables are allocated to the connection in the network elements (routers, switches, and repeaters) between the hosts

• The TCP segment consists of header fields and a data field. The data field contains a chunk of application data. The TCP header is typically 20 bytes.
• A TCP header includes all of the fields in the UDP header plus:
• • The 32 bit sequence number field and the 32-bit acknowledgement number field, which are used by the TCP sender and receiver in implementing a reliable data transfer service
  • The 16-bit receiver window field, which is used for flow control, indicating the number of bytes that a receiver is willing to accept
  • The 4-bit header length field, which specifies the length of the TCP header in 32-bit words. The TCP header can be of variable length due to TCP options field.
  • The optional and variable-length options field is used when a sender and receiver negotiate the maximum segment size (MSS) or as a window scaling factor for use in high-speed networks.
  • The flag field contains 6 bits. The ACK bit is used to indicate that the value carried in the acknowledgement field is valid, so that the segment contains an acknowledgement for a segment that has been successfully received.

• TCP create a reliable data transfer service on top of IP's unreliable best-effort service. TCP's reliable data transfer service ensures that the data stream that a process reads out of its TCP receive buffer is uncorrupted, without gaps, without duplication, and in sequence; that is, the byte stream is exactly the same byte stream that was sent by the end system on the other side of the connection.
• ACK packet 0 An ACK packet is any TCP packet that acknowledges receiving a message or a series of packets.
• There are timeout associated with TCP connections that means that packets will be resent if the timeout occurs.
• When the TCP connection receives bytes that are correct and in sequence, it places the data in the receive buffer. The associated application process will read the data from this buffer but not necessarily at the instant the data arrives. TCP provides a flow control service to its application to eliminate the possibility of the sender overflowing the receiver's buffer.
• A TCP sender can be throttled due to congestion within the IP network; this form of sender control is referred to as congestion control. TCP provides flow control by having the sender maintain a variable called the receive window, which is used to give the sender an idea of how much free buffer space is available at the receiver.

Principles of Congestion Control

• Causes of Congestion Control:
• • The router receives incoming packets faster than it can send them out.
• Costs of Congestion:
• • Congestion causes large queuing delays
  • The sender must perform retransmission in order to compensate for dropped (lost) packets due to buffer overflow.
  • Unneeded retransmissions by the sender in the face of large delays may cause a router to use its link bandwidth to forward unneeded copies of a packet.
• Approaches to Congestion Control:
• • End-to-end congestion control - TCP takes packet loss as a sign of a congested network and TCP decreases its window size accordingly
  • Network assisted congestion control - the network informs the sender of the maximum sending rate it can support

TCP Congestion Control

• TCP must use end-to-end congestion control rather than network-assisted congestion control, since the IP layer provides no explicit feedback to the end systems regarding network congestion.
• The TCP congestion-control mechanism operating at the sender keeps track of an additional variable, the congestion window. The congestion window imposes a constraint on the rate at which a TCP sender can send traffic into the network.
• Congestion is detected by a loss packet. Because TCP uses acknowledgements to trigger (or clock) its increase in congestion window size, TCP is said to be self-clocking.
• TCP Congestion control guiding principles:
• • A lost segment implies congestion, and hence, the TCP sender's rate should be decreased when a segment is lost.
  • An acknowledgement segment indicates that the network is delivering the sender's segments to the receiver, and hence, the sender's rate can be increased when an ACK arrives for a previously unacknowledged segment.
  • Bandwidth probing - increase transmission rate until a loss event occurs, then decrease the transmission rate.
• The TCP congestion-control algorithm has three major components: (1) slow start, congestion avoidance, and fast recovery.

The Network Layer: Data Plane

• Unlike the application and transport layers, there is a piece of the network layer in each and every host and router in the network. Because oft this, network-layer protocols are among the most challenging in the protocol stack.

Overview of Network Layer

• The primary data-plane role of each router is to forward datagrams from its input to its output links.
• The primary role of the network layer is deceptively simple - to move packets from a sending host to a receiving host. To do so, two important network layer functions can be identified:
• • Forwarding: When a packet arrives at a router's input link, the router must move the packet to the appropriate output link. Forwarding refers to the router-local action of transferring a packet from an input link interface to the appropriate output link interface. Forwarding takes place at very short timescales (typically a few nanoseconds), and this is typically implemented in hardware.
  • Routing: The network layer must determine the route or path taken by packets as they flow from a sender to a receiver. The algorithms that calculate these paths are referred to as routing algorithms. Routing is implemented in the control plane of the Network Layer. Routing refers to the network-wide process that determined the end-to-end paths that packets take from source to destination.
• A key element in every network router is its forwarding table. A router forwards a packet by examining the value of one or more fields in the arriving packet's header, and then using these header values to index into its forwarding table.

• The network service model defines the characteristics of end-to-end delivery of packets between sending and receiving hosts.
• Services that network layer could provide:
• • Guaranteed Delivery - guarantees that a packet sent by a source host will eventually arrive a the destination host.
  • Guaranteed Delivery with Bounded Delay - not only guaranteed delivery, but delivery within a specified host-to-host delay
  • In-Order Packet Delivery - The service guarantees that packets arrive at the destination in the order that they were sent
  • Guaranteed Minimal Bandwidth - This network layer service emulates the behavior of a transmission link of a specified bit rate between sending and receiving hosts. As long as the sending host transmits bits at a rate below the specified bit rate, then all packets are eventually delivered to the destination host
  • Security - The network layer could encrypt all datagrams at the source and decrypt them at the destination, thereby proving confidentiality to all transport layer segments.
• The Internet's network layer provides a single service, known as best-effort service. Packet witches are devices that transfer a packet from an input link interface to output link interface according to values in a packet's header fields. Link-layer switches base their forwarding decision on the header field values in the network layer datagram.

What's Inside a Router?

• For components:

I Lost My notes on the Rest of This Section, see the summary of the chapter below

In this chapter we’ve covered the data plane functions of the network layer—the per-router functions that determine how packets arriving on one of a router’s input links are forwarded to one of that router’s output links. We began by taking a detailed look at the internal operations of a router, studying input and output port functionality and destination-based forwarding, a router’s internal switching mechanism, packet queue management and more. We covered both traditional IP forwarding (where forwarding is based on a datagram’s destination address) and generalized forwarding (where forwarding and other functions may be performed using values in several different fields in the datagram’s header) and seen the versatility of the latter approach. We also studied the IPv4 and IPv6 protocols in detail, and Internet addressing, which we found to be much deeper, subtler, and more interesting than we might have expected.

Things that were covered in this chapter that I forgot to save:

• Maximum Transmissible Unit - the maximum amount of data that a link layer frame can carry
• Fragmentation of Datagrams - splitting up datagrams to comply with MTU. Reassembly is done on end systems.
• Subnets / Subnet Masks - a logical subdivision of an IP network. Only some of the bits within the IP address are used for network routing outside the subnet, while other bits are used for routing inside the subnet.
• Classless Interdomain Routing (CIDR) - CIDR generalizes the notion of subnet addressing
• Dynamic Host Configuration Protocol - assigning IP addresses to end systems in a network
• Network Address Translation - Many end systems connect to outside network through one router which appears as one device to the outside network. The NAT uses a NAT lookup table to route datagrams to appropriate end device within a network.

The Network Layer: Control Plane

• There are two approaches for computing forwarding and flow tables
• • Per router control - Routing algorithm runs in each and every router; both a forwarding and routing function are contained within each router.
  • Logically centralized control - a logically centralized controller computes and distributed the forwarding tables to be used by each and every router.

Routing Algorithms

• Routing algorithms have a goal of determining good paths from senders to receivers through networks of routers. Routing algorithms involve graphs where routers are like nodes. A centralized routing algorithm computes the least-cost path between a source and destination using complete, global knowledge about the network. A decentralized routing algorithm calculated the least cost path in an iterative, distributed manner by the routers. Static routing algorithms - routes change very slowly over time. Dynamic routing algorithms change the routing paths as the network traffic loads or topology changes.

Intra-AS Routing in the Internet

• Autonomous systems are a group of routers that are under the same administrative control. Intra-autonomous system routing protocol is when all routers run the same routing algorithm and have information about each other.

Routing Among the ISPs

• In the internet, all ASs run the same inter-AS routing protocol, called the Broader Gateway Protocol, more commonly known as BGP. For each AS, each router is either a gateway router, a router on the edge of an AS that directly connects to one or more routers in other ASs, or an internal router, connecting only to hosts and outers within its own AS.

ICMP: The Internet Control Message Protocol

• The ICMP (Internet Control Message Protocol) specified in RFC192 is used by hosts and routers to communicate network layer information to each other.
• ICMP is most often use for error reporting. ICMP messages are contained within IP datagrams.

Network Management and SNMP

Network management includes the deployment, integration, and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost.

The Link Layer and LANs

• Any device that runs a link layer protocol is referred to as a node. The communication channel that connects adjacent nodes along the communication path is a link. Over a given link, a transmitting node encapsulates the datagram in a link-layer frame and transmits the frame into the link.
• Possible services that can be offered by a link-layer protocol
• • Framing - encapsulating datagram before sending over link
  • Link access -a medium access control (MAC) protocol specifies the rules by which a frame is transmitted onto a link.
  • Reliable Network -When a link-layer protocol provides reliable delivery service, it guarantees to move each network-layer datagram across the link without error.
  • Error detection and correction - The link-layer hardware in a receiving node can incorrectly decide that a bit in a frame is zero when it was transmitted as a one, and vice versa. Such bit errors are introduced by signal attenuation and electromagnetic noise. Because there is no need to forward a datagram that has an error, many link-layer protocols provide a mechanism to detect such bit errors.
• For the most part, the link layer is implemented in a network adapter, also known as a network interface card (NIC). At the heart of the network adapter is the link layer controller, usually a single, special purpose chip that implements many f the link layer services. Thus, much of a link layer controller's functionality is implemented in hardware.

On the sending side, the controller takes a datagram that has been created and stored in host memory by the higher layers of the protocol stack, encapsulates the datagram in a link-layer frame (filling in the frame’s various fields), and then transmits the frame into the communication link, following the link access protocol. On the receiving side, a controller receives the entire frame, and extracts the network layer datagram. If the link layer performs error detection, then it is the sending controller that sets the error-detection bits in the frame header and it is the receiving controller that performs error detection.

• Error detection in the link layer is beyond the scope of what I want to look into right now.
• The Link Layer is beyond what I want to look into right now. I have no control over it, so it is of less importance to me than other layers.

Wireless and Mobile Networks

• A host connects to a base station or to another wireless host through a wireless communication link. A base station is a key part of the wireless network infrastructure. A base station is responsible for sending and receiving data to and from a wireless host that is within the wireless communication distance of the base station with that base station. Cell towers in cellular networks and access points in 802.11 wireless LANs are examples of base stations. Hosts associated with a base station are often referred to as operating in infrastructure mode since all traditional network services (address assignment and routing) are provided by the network to which a host is connected via the base station.
• At the highest level we can classify wireless networks according to two criteria: whether a packet in the wireless network crosses exactly one wireless hop or multiple wireless hops and whether there is infrastructure such as a base station in the network:
• • Single hop, infrastructure based: These networks have abase station that is connected to a larger wired network (e.g., the Internet). The 802.11 networks and 4G LTE data networks that we will learn about shortly fall into this category. The vast majority of our daily interactions are with single hop, infrastructure based wireless networks.
  • Single hop, infrastructure-less: In these networks, there is no base station that is connected to a wireless network. However, as we will see, one of the nodes in this single hop network may coordinate the transmissions of the other nodes. Bluetooth networks and 802.11 networks in as hoc mode are single-hop, infrastructure-less networks.
  • Multi-hip, infrastructure based: In these networks, a base station is present that is wired to the larger network.
  • Multi-hop, infrastructure-less: There is no base station in these networks, and nodes may have to relay messages among several other nodes in order to reach a destination.
• Important differences between wired length and wireless link:
• • Decreasing signal strength: Electromagnetic radiation attenuates as it passes through matter
  • Interference from other sources: Radio sources transmitting in the same frequency bands interfere with each other.
  • Multipath propagation: This occurs when portions of the electromagnetic wave reflect off objects and the ground, taking paths of different lengths between a sender and a receiver
• IEEE 802.11 Wireless LAN, also known as WiFi
• • Image below shows the principal components of the 802.11 wireless LAN architecture. The fundamental building block of the 802.11 architecture is known as the basic service set (BSS). A BSS contains or more wireless stations and a central base station, known as an access point.

I'm not really interested in this right now.

Security in Computer Networks

What is Network Security?

• Desirable properties of secure communication:
• • Confidentiality - Only the sender and intended receiver should be able to understand the contents of the transmitted message. This necessarily requires that the message be somehow encrypted so that an intercepted message can not be understood by an interceptor.
  • Message Integrity - Want to make sure that the content of communication is not altered in transit.
  • End-point Authentication - Both the sender and the receiver should be able to confirm the identity of the other part involved in the communication.
  • Operational Security

• Cryptographic techniques allow a sender to disguise data so that an intruder can gain no information from the intercepted data. The receiver must be able to recover the original data from the disguised data.
• An original message is known to be in plaintext or cleartext and using an encryption algorithm, an encrypted message is known as ciphertext.
• Keys are used to encrypt messages on the internet. In symmetric key algorithms, the same key is known by both sender and receiver. In public key systems, a pair of keys is used. One of the keys is used by the sender, and the other by the receiver.

• A hash function takes an input, m, and computes a fixed-size string H(m) known as a hash. The internet checksum and CRCs meet this definition. A cryptographic hash function is required to have the following additional property:
• • It i computationally infeasible to find any two different messages x and y such that H(x)=H(y)
• End point authentication is the process of one entity proving its identity to another entity over a computer network