Home > Documents > Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008.

Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008.

Date post: 27-Mar-2015
Author: jada-wheeler
View: 217 times
Download: 0 times
Share this document with a friend
Embed Size (px)
Popular Tags:
of 37 /37
Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008
  • Slide 1

Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008 Slide 2 Transport Protocols Lowest level end- to-end protocol. Header generated by sender is interpreted only by the destination Routers view transport header as part of the payload 7 7 6 6 5 5 7 7 6 6 5 5 Transport IP Datalink Physical Transport IP Datalink Physical IP router 2 2 2 2 1 1 1 1 Slide 3 Functionality Split Network provides best-effort delivery End-systems implement many functions Reliability In-order delivery Demultiplexing Message boundaries Connection abstraction Congestion control Slide 4 Transport Protocols UDP provides just integrity and demux TCP adds Connection-oriented Reliable Ordered Point-to-point Byte-stream Full duplex Flow and congestion controlled Slide 5 UDP: User Datagram Protocol No frills, bare bones Internet transport protocol Best effort service, UDP segments may be: Lost Delivered out of order Connectionless: No handshaking between UDP sender, receiver Each UDP segment handled independently of others Why is there a UDP? No connection establishment (which can add delay) Simple: no connection state at sender, receiver Small header No congestion control: UDP can blast away as fast as desired Slide 6 UDP Often used for streaming multimedia apps Loss tolerant Rate sensitive Other UDP uses (why?): DNS, SNMP Reliable transfer over UDP Must be at application layer Application-specific error recovery Source port # Dest port # 32 bits Application data (message) UDP segment format Length Checksum Length, in bytes of UDP segment, including header Slide 7 UDP Checksum Sender: Treat segment contents as sequence of 16-bit integers Checksum: addition (1s complement sum) of segment contents Sender puts checksum value into UDP checksum field Receiver: Compute checksum of received segment Check if computed checksum equals checksum field value: NO - error detected YES - no error detected But maybe errors nonethless? Goal: detect errors (e.g., flipped bits) in transmitted segment optional use! Slide 8 High-Level TCP Characteristics Protocol implemented entirely at the ends Fate sharing Protocol has evolved over time and will continue to do so Nearly impossible to change the header Use options to add information to the header Change processing at endpoints Backward compatibility is what makes it TCP Slide 9 TCP Header Source portDestination port Sequence number Acknowledgement Advertised windowHdrLen Flags 0 ChecksumUrgent pointer Options (variable) Data Flags: SYN FIN RESET PUSH URG ACK Slide 10 Evolution of TCP 19751980 1985 1990 1982 TCP & IP RFC 793 & 791 1974 TCP described by Vint Cerf and Bob Kahn In IEEE Trans Comm 1983 BSD Unix 4.2 supports TCP/IP 1984 Nagels algorithm to reduce overhead of small packets; predicts congestion collapse 1987 Karns algorithm to better estimate round-trip time 1986 Congestion collapse observed 1988 Van Jacobsons algorithms congestion avoidance and congestion control (most implemented in 4.3BSD Tahoe) 1990 4.3BSD Reno fast retransmit delayed ACKs 1975 Three-way handshake Raymond Tomlinson In SIGCOMM 75 Slide 11 TCP Through the 1990s 1993 1994 1996 1994 ECN (Floyd) Explicit Congestion Notification 1993 TCP Vegas (Brakmo et al) delay-based congestion avoidance 1994 T/TCP (Braden) Transaction TCP 1996 SACK TCP (Floyd et al) Selective Acknowledgement 1996 Hoe NewReno startup and loss recovery 1996 FACK TCP (Mathis et al) extension to SACK Slide 12 TCP: 3-Way Handshake Why do we have a 3-way handshake? What are potential problems with this approach? SYN C SYN S, ACK C ACK S Listening Store data Wait Connected Slide 13 TCP handshake Each arriving SYN stores state at the server TCP Control Block (TCB) ~ 280 bytes FlowID, timer info, Sequence number, flow control status, out-of-band data, MSS, other options agreed to Half-open TCB entries exist until timeout Fixed bound on half-open connections Resources exhausted requests rejected Slide 14 TCP SYN flooding Problem: No client authentication of packets before resources allocated Attacker sends many connection requests Spoofed source addresses RSTs quickly generated if source address exists No reply for non-existent sources Attacker exhausts TCP buffer to w/ half-open connections Slide 15 SYN Flooding C S SYN C1 Listening Store data SYN C2 SYN C3 SYN C4 SYN C5 Slide 16 SYN Cookies client sends SYN packet and ACK number to server waits for SYN-ACK from server w/ matching ACK number server responds w/ SYN-ACK packet w/ initial SYN-cookie sequence number Sequence number is cryptographically generated value based on client address, port, and time. client sends ACK to server w/ matching sequence number server If ACK is to an unopened socket, server validates returned sequence number as SYN-cookie If value is reasonable, a buffer is allocated and socket is opened SYN ack-number SYN-ACK seq-number as SYN-cookie, ack-number NO BUFFER ALLOCATED ACK seq_number ack-number+data SYN-ACK seq-number, ack-number TCP BUFFER ALLOCATED Slide 17 Time Packet ACK Timeout ARQ Receiver sends acknowledgement (ACK) when it receives packet Sender waits for ACK and times out if it does not arrive within some time period Simplest ARQ protocol Send a packet, stop and wait until ACK arrives SenderReceiver Stop and Wait Slide 18 Recovering from Error Packet ACK Timeout Packet ACK Timeout Packet Timeout Packet ACK Timeout Time Packet ACK Timeout Packet ACK Timeout ACK lostPacket lost Early timeout DUPLICATE PACKETS!!! Slide 19 Duplicates Performance Can only send one packet per round trip But the capacity of the pipe is, in practice, much greater Problems with Stop and Wait Slide 20 How to Recognize Resends? Use sequence numbers both packets and acks Sequence # in packet is finite How big should it be? For stop and wait? One bit wont send seq #1 until received ACK for seq #0 Pkt 0 ACK 0 Pkt 0 ACK 1 Pkt 1 ACK 0 Slide 21 How to Keep the Pipe Full? Send multiple packets without waiting for first to be acked Number of pkts in flight = window Reliable, unordered delivery Several parallel stop & waits Send new packet after each ack Sender keeps list of unacked packets; resends after timeout Receiver same as stop & wait How large a window is needed? Suppose 10Mbps link, 4ms delay, 500byte pkts 1? 10? 20?11020 Round trip delay * bandwidth = capacity of pipe Slide 22 Sliding Window Reliable, ordered delivery Receiver has to hold onto a packet until all prior packets have arrived Why might this be difficult for just parallel stop & wait? Sender must prevent buffer overflow at receiver Circular buffer at sender and receiver Packets in transit buffer size Advance when sender and receiver agree packets at beginning have been received Slide 23 Receiver Sender Sender/Receiver State Sent & AckedSent Not Acked OK to SendNot Usable Max acceptable Receiver window Max ACK receivedNext seqnum Received & AckedAcceptable Packet Not Usable Sender window Next expected Slide 24 Sequence Numbers How large do sequence numbers need to be? Must be able to detect wrap-around Depends on sender/receiver window size E.g. Max seq = 7, send win=recv win=7 If pkts 0..6 are sent succesfully and all acks lost Receiver expects 7,0..5, sender retransmits old 0..6!!! Max sequence must be send window + recv window Slide 25 Window Sliding Common Case On reception of new ACK (i.e. ACK for something that was not acked earlier) Increase sequence of max ACK received Send next packet On reception of new in-order data packet (next expected) Hand packet to application Send cumulative ACK acknowledges reception of all packets up to sequence number Increase sequence of max acceptable packet Slide 26 Loss Recovery On reception of out-of-order packet Send nothing (wait for source to timeout) Cumulative ACK (helps source identify loss) Timeout (Go-Back-N recovery) Set timer upon transmission of packet Retransmit all unacknowledged packets Performance during loss recovery No longer have an entire window in transit Can have much more clever loss recovery Slide 27 DNS: Mapping Names to Addresses ClientLocal DNS resolver root,.edu troll-gw.gatech.edu www.cc.gatech.edu NS troll-gw.gatech.edu www.cc.gatech.edu NS burdell.cc.gatech.edu A burdell.cc.gatech.edu Recursive query Iterative queries Note the diversity of Georgia Techs authoritative nameservers Slide 28 Some Record Types A NS MX CNAME TXT PTR AAAA SRV Slide 29 Caching Resolvers cache DNS responses Quick response for repeated translations Other queries may reuse some parts of lookup NS records for domains typically cached for longer Negative responses also cached Typos, localhost, etc. Cached data periodically times out Lifetime (TTL) of data controlled by owner of data TTL passed with every record What if DNS entries get corrupted? Slide 30 Root Zone Generic Top Level Domains (gTLD) .com,.net,.org, Country Code Top Level Domain (ccTLD) .us,.ca,.fi,.uk, etc Root server ({a-m}.root-servers.net) also used to cover gTLD domains Increased load on root servers August 2000:.com,.net,.org moved off root servers onto gTLDs Slide 31 Some gTLDs.info general info.biz businesses.name individuals.aero air-transport industry.coop business cooperatives.pro accountants, lawyers, physicians.museum museums Slide 32 Do you trust the TLD operators? Wildcard DNS record for all.com and.net domain names not yet registered by others.com.net September 15 October 4, 2003 February 2004: Verisign sues ICANN Redirection for these domain names to Verisign web portal What services might this break? Slide 33 Protecting the Root Nameservers Redundancy: 13 root nameservers IP Anycast for root DNS servers {c,f,i,j,k}.root-servers.net RFC 3258 Most physical nameservers lie outside of the US Sophisticated? Why did nobody notice? gatech.edu. 13759 NS trollgw.gatech.edu. Defense Mechanisms Slide 34 Defense: Replication and Caching source: wikipedia Slide 35 DNS Hack #1: Reverse Lookup Method Hierarchy based on IP addresses Query for PTR record of addr.arpa. Managing Authority manages IP addresses assigned to it Slide 36 DNS Hack #2: Load Balance Server sends out multiple A records Order of these records changes per-client Slide 37 DNS Hack #3: Blackhole Lists First: Mail Abuse Prevention System (MAPS) Paul Vixie, 1997 Today: Spamhaus, spamcop, dnsrbl.org, etc. % dig ;; ANSWER SECTION: 2100 IN A ;; ANSWER SECTION: 1799 IN TXT "Blocked - see http://www.spamcop.net/bl.shtml?" Different addresses refer to different reasons for blocking