os overview
Post on 20-Mar-2016
30 Views
Preview:
DESCRIPTION
TRANSCRIPT
04/24/23 . 1
OS Overview
04/24/23 . 2
Block Diagram of the System KernelUser Program
User Level User Libraries
System Call Interface
File SystemMobility Interface
Security Interface
Process Control system
MIPv4
MIPv6
Buffer Cache
Inter process Communication
Intra process Communication
Scheduler
Memory Management
Schedulerblockcharacter
Device Driver
Confidentiality
Authentication
Integrity
Nonrepudiation
Access Control
Availability Hardware Control
Kernel Level
Traps/ Interrupts
Hardware
VoIP & PTT Support
04/24/23 . 3
Algorithm Analysis Notations
04/24/23 . 4
Big O Notation
Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = O(g(n)) means it is less than some constant multiple of g(n).
Formal Definition: f(n) = O(g(n)) means there are positive constants c and k, such that 0 ≤ f(n) ≤ cg(n) for all n ≥ k. The values of c and k must be fixed for the function f and must not depend on n.
cg(n)
f(n)
k
04/24/23 . 5
Big ω Notation
Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = ω (g(n)) means g(n) becomes insignificant relative to f(n) as n goes to infinity.
Formal Definition: f(n) = ω (g(n)) means that for any positive constant c, there exists a constant k, such that 0 ≤ cg(n) < f(n) for all n ≥ k. The value of k must not depend on n, but may depend on c.
cg(n)
f(n)
k
04/24/23 . 6
Big Θ Notation
Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = Θ (g(n)) means it is within a constant multiple of g(n). The equation is read, "f of n is theta g of n".
Formal Definition: f(n) = Θ (g(n)) means there are positive constants c1, c2, and k, such that 0 ≤ c1g(n) ≤ f(n) ≤ c2g(n) for all n ≥ k. The values of c1, c2, and k must be fixed for the function f and must not depend on n.
f(n)
c1g(n)
k
c2g(n)
04/24/23 . 7
Process Management
04/24/23 . 8
• A process is an entity which is created by the operating system and consists of a sequence of bytes which is interpreted by the CPU as
1.Machine instruction.
2.Data
3.Stack.
Many processes appear to execute simultaneously as the kernel schedules them for execution and several processes may be an instance of one program. In UNIX fork is used to create a process.
Process Definition
04/24/23 . 9
Process State & Transition
User Running
Sleep
Kernel
sleep
Ready to run
Wakeup
Schedule Process
Trap/interrupt return
Interrupt/Interrupt Return
04/24/23 . 10
Process Structure
text
Data
Stack
Process consists of 3 regions. Region is a contiguous area of the virtual address space
04/24/23 . 11
Data structure for a process
U Area
Process table
Per process region table allows independent processes to share regions.
text
data
stack
Per process region table
Region table
memory
04/24/23 . 12
File System
04/24/23 . 13
File System Definition
1. The collection of files and file management structures on a physical or logical mass storage device, such as a diskette or disk
2. the way the files are organized on the disk and the methods and data structures that an operating system uses to keep track of files on a disk or partition.
3. A data structure that translates the logical (files, directories) structure into physical (sector); it helps both computers and users to locate files.
04/24/23 . 14
File System Architecture for UNIX
/
bin unix devetc user
jimmike
x yz
tty00 tty01
04/24/23 . 15
File System Layout
Super block Inode list Data BlocksBoot block
Boot Block : first sector, contains bootstrap code to initialize the operating systemSuper Block : how many file it can store, where to find free spaceInode List : The list of inode in the file system. Each Inode may represent a file or a directory.
Data Blocks : The list of data blocks to carry the files information.
04/24/23 . 16
File System Data Structure
User File Descriptor File Table Inode Table
User File Descriptor: For each process. identify all open files for specific process
File table: Shared between all processes in the system . Contains how many bytes read or written, access rights allowed for the file
Inode Table: access rights and file blocks location
04/24/23 . 17
Intra process communication
04/24/23 . 18
signals
1. Signals are limited form of IPC that are used to notify a process that a given event has taken place.
2. Each signal has a unique positive integer representing it as well as a symbolic name (that is usually defined in the file /usr/include/signal.h.
3. Amount of information that can be conveyed via a signal is very limited (basically only the signal number).
P1 P2
Kill (pid, SIGSTOP)
04/24/23 . 19
signals (continue)
When a signal interrupts a process, the signal is handled as follows:1. Ignore the signal.2. Catch the signal. 3. default action apply.
04/24/23 . 20
Sending Signals 1. Using the keyboard: the Ctrl-C key causes the operating system to send a
SIGINT signal to the running process
2. From the command line: kill -INT 3333
3. Using system calls: #include <unistd.h> /* standard unix functions, like getpid() */#include <sys/ types.h> /* various type definitions, like pid_t */#include <signal.h> /* signal name macros, and the kill() prototype *//* first, find my own process ID */pid_t my_pid = getpid(); /* now that i got my PID, send myself the SIGSTOP signal. */int rc = kill(my_pid, SIGSTOP);if (rc != 0) /* unsuccessful */ { printf ("The \"kill\" system call failed with rc: %d\n", rc); }
04/24/23 . 21
Catching Signals #include <stdio.h> /* standard I/O functions */ #include <unistd.h> /* standard unix functions, like getpid() */ #include <sys/types.h> /* various type definitions, like pid_t */ #include <signal.h> /* signal name macros, and the signal() prototype */ /* The signal handler definition. */ void sigintHandler(int sig_num) { /* Register signal handler for SIGINT next time */ signal(SIGINT, sigintHandler); /* Print the message */ printf ("Don't you dare interrupt me\n"); } /* The main function. */ int main (int argc, char* argv[]) { /* Register signal handler for SIGINT */ signal(SIGINT, sigintHandler); /* Go into an infinite loop */ for ( ;; ) pause(); }
04/24/23 . 22
pipes
P1 P2
Fd[1] Fd[0]
write read
Pipes allows transfer of stream of data between processes in a first-in-first-out manner (FIFO), and also allow
synchronization of process execution.
04/24/23 . 23
Pipes (continue)
#include <stdio.h>#include <stdlib.h>#include <errno.h> #include <unistd.h> int main() { int pfds[2]; char buf[30]; if (pipe(pfds) == -1) { perror("pipe"); exit(1); } printf ("writing to file descriptor #%d\n", pfds[1]); write(pfds[1], "test", 5); printf ("reading from file descriptor #%d\n", pfds[0]); read(pfds[0], buf, 5); printf ("read \"%s\“ \n", buf); }
04/24/23 . 24
message queues
P1 P2
msgsnd
Message queues allows transfer of user defined messages between processes in a first-in-first-out manner (FIFO), and
they also allow synchronization of process execution.
msgrcv
04/24/23 . 25
msgsnd & msgrcv example#include <sys/types.h>#include <sys/ipc.h>#include <sys/msg.h>#define MSGKEY 75struct msgform{
long msgtype;char mtext [256];
}main (){
struct msgform msg;int msgid, pid;pid = getpid ();msg.mtext [0] = pid;msg.mtype = 1;msgid = msgget (MSGKEY,0777);msgsend (msgid, &msg,sizeof (int),0);msgrcv (msgid, &msg,256,pid,0);
}
04/24/23 . 26
Shared memory example (continue)
P1 P2
strncpy
a segment of memory that is shared between processes no synchronization of processes is provided.
strncpy
Shared memory
04/24/23 . 27
Shared memory example
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/types.h> #include <sys/ipc.h> #include <sys/shm.h> #define SHM_SIZE 1024 /* make it a 1K shared memory segment */ int main (int argc, char *argv[]) { key_t key; int shmid; char *data; int mode; /* make the key: */ if ((key = ftok ("shmdemo.c", 'R')) == -1) { perror("ftok"); exit(1); }
04/24/23 . 28
Shared memory (continue)
/* connect to (and possibly create) the segment: */ if ((shmid = shmget(key, SHM_SIZE, 0644 | IPC_CREAT)) == -1) { perror ("shmget"); exit(1); } /* attach to the segment to get a pointer to it: */ data = shmat (shmid, (void *)0, 0); if (data == (char *)(-1)) { perror ("shmat"); exit(1); } /* read or modify the segment, based on the command line: */ strncpy (data, argv[1], SHM_SIZE); printf ("segment contains: \"%s\"\n", data); /* detach from the segment: */ if (shmdt(data) == -1) { perror ("shmdt"); exit(1); } return 0; }
04/24/23 . 29
sockets
P1 P2
Fd[1] Fd[0]
write read
Sockets are used for inter and intra process communication. It is based on TCP or UDP, and also allow synchronization of process
execution.
04/24/23 . 30
UDP Socket system calls for client/server
Client Side
socket
connect
write
read
close
Server Side
socket
bind
read
write
close
04/24/23 . 31
Conceptual OS Data Structure for UDP socket
File Descriptor TableOne per process
Family : PF_INETService: SOCK_DGRAMLocal IP: 47.12.121.13Local port: 5000stdin
stdoutstderr
04/24/23 . 32
TCP Socket system calls for client/server Client Side
socket
connect
write
read
close
Server Side
socket
bind
listen
accept
read
write
close
04/24/23 . 33
Conceptual OS Data Structure for TCP socket
File Descriptor TableOne per process
Family : PF_INETService: SOCK_STREAMLocal IP: 47.12.121.13Remote IP: 47.12.121.100Local Port: 5000
Remote Port: 5100
stdinstdoutstderr
04/24/23 . 34
UDP/TCP Server #include <sys/types.h> #include <sys/socket.h > #include <netinet/in.h> #include <arpa/inet.h > #include <netdb.h > #include <stdio.h> #include <unistd.h> /* close() */ #include <string.h> /* memset() */ #define LOCAL_SERVER_PORT 1500 #define MAX_MSG 100 int server (char *protocol,int argc, char *argv[]) { int sd, rc, n, cliLen; struct sockaddr_in servAddr; char msg[MAX_MSG]; /* socket creation */ if (strcmp (protocol, ”udp”) == 0) sd =socket (AF_INET, SOCK_DGRAM, 0); else
sd =socket (AF_INET, SOCK_STREAM, 0); /* bind local server port */ servAddr.sin_family = AF_INET; servAddr.sin_addr.s_addr = htonl(INADDR_ANY); servAddr.sin_port = htons(LOCAL_SERVER_PORT); rc = bind (sd, (struct sockaddr *) &servAddr,sizeof(servAddr)); if (strcmp (protocol, ”udp”) != 0)
listen (sd,5); return sd;}
04/24/23 . 35
UDP/TCP Client #include <sys/types.h> #include <sys/socket.h > #include <netinet/in.h> #include <arpa/inet.h > #include <netdb.h > #include <stdio.h> #include <unistd.h> /* close() */ #include <string.h> /* memset() */ #define REMOTE_SERVER_PORT 1500 int client (int protocol,int argc, char *argv[]) { int sd, rc, i; struct sockaddr_in sin; struct hostent *h; /* get server IP address*/ h = gethostbyname(argv[1]); sin.sin_family = h->h_addrtype; // AF_INET memcpy ((char *) &sin.sin_addr.s_addr, h->h_addr_list[0], h->h_length); sin.sin_port = htons(REMOTE_SERVER_PORT); /* socket creation */ if (strcmp (“udp”, protocol) == 0) sd = socket(AF_INET,SOCK_DGRAM,0); else sd = socket(AF_INET,SOCK_STREAM,0); if ((rc = connect (sd, (struct sockaddr *) &sin, sizeof(sin))<0) return -1; return sd;}
04/24/23 . 36
UDP Server
/* server infinite loop */int main (int argc, char *argv[]) ( int sd =0, cliLen; struct sockaddr_in cliAddr;
sd = server (“udp”, argc, argv); while(1) { /* init buffer */ memset(msg,0x0,MAX_MSG); /* receive message */ cliLen = sizeof(cliAddr); n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) &cliAddr, &cliLen); if (n<0) { printf("%s: cannot receive data \n",argv[0]); exit (-1); } /* print rcv message */ print ("%s: from %s:UDP%u : %s \n", argv[0],inet_ntoa(cliAddr.sin_addr), ntohs(cliAddr.sin_port),msg); }/* end of server infinite loop */ return 0;
}
04/24/23 . 37
Inter process communication
04/24/23 . 38
Inter process communication protocols
•TCP – Transport Communication Protocol.•UDP - User Defined Protocol.•IP4 - Internet Protocol version 4.•IP6 - Internet Protocol version 6.
04/24/23 . 39
Protocol Stack
Physical Layer
Data Link Layer
Internet Protocol (MIP6,MIPv4,IP4,IP6)
Transport (UDP,TCP)
Application (MIPv4)
Kernel
04/24/23 . 40
TCP Protocol Procedure
04/24/23 . 41
TCP- Transport Communication Protocol
•Byte stream service with no structure.
•Full Duplex.
•Connection Oriented.
•Reliable Service.
04/24/23 . 42
TCP Connection Opened
User A
TCP:SYNC – (port 5060)
TCP:SYNC+ACK – (port 5060)
TCP:ACK – (port 5060)
User B
04/24/23 . 43
TCP Connection Closed
User A
TCP:FIN – (port 5060)
TCP:ACK – (port 5060)
Connection Closed
User B
TCP:FIN – (port 5060)
TCP:ACK – (port 5060)
04/24/23 . 44
TCP Sliding Window
1 2 3 4 5 6 7 8 9 10
1 2 3 4 5 6 7 8 9 10
Initial window
Window slides
A sliding window protocol with 8 packets in the window. The window slides so that packet 9 can be sent when an
acknowledgment has been received for packet 1. Only non acknowledged packets are retransmitted.
04/24/23 . 45
TCP Positive Acknowledgement
User A User B
Send Packet 1
Send Packet 2
Send Packet 3
Recv Ack 1
Recv Ack 3
Recv Ack 2
Recv Packet 1Send ACK1Recv Packet 2Send ACK 2Recv Packet 3Send ACK 3
04/24/23 . 46
UDP Protocol
04/24/23 . 47
User Datagram Protocol (UDP)
The UDP protocol provides an unreliable connectionless delivery service using IP to transport messages between machines. It uses IP to carry messages, but adds the ability to distinguish among multiple destinations within the given host computer
Host:: x1.y1.z1.w1
p1
p2
p3
Multiple applications distinguished by port
numbers
Host:: x2.y2.z2.w2
p1
p2
p3
Multiple applications distinguished by port
numbers
04/24/23 . 48
UDP Header
Source Port Destination Port
UDP Message Length UDP Checksum
Data
04/24/23 . 49
UDP Checksum
Verify the integrity of the packet
Calculate Checksum
Received PacketChecksum
= If changed or not
04/24/23 . 50
IP4 Protocol
04/24/23 . 51
Type of Addresses for IPv4
Unicast Address
An address for a single interface. Packet sent to this address is delivered to the interface identified by this address.
04/24/23 . 52
Type of Addresses for IPv4 (continue)
Broadcast Address
An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to all nodes in the network
04/24/23 . 53
Type of Addresses for IPv4 (continue)
Multicast Address
An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to interfaces
identified by this address
04/24/23 . 54
IPv4 Header
Source IP Address
Destination IP Address
Time to live Protocol checksum
flags Fragment OffsetIdentification
Total lengthType of serviceversion IHL
IF OPTIONS (IF ANY) PADDING
Data
04/24/23 . 55
TOS field description
Differential Service Code Point DSCP Unused
Different queue for services•Delay Sensitive•Rate Sensitive
04/24/23 . 56
IPv4 Header Checksum
Source IP Address
Destination IP Address
Time to live Protocol 0
flags Fragment OffsetIdentification
Total lengthType of serviceversion IHL
IF OPTIONS (IF ANY) PADDING
Data
IP checksum is formed by treating the header as a sequence of 16-bit integers (in network byte order), adding them together
using one’s complement arithmetic, and then taking the one’s complement of the result.
04/24/23 . 57
IP6 Protocol
04/24/23 . 58
Type of Addresses for IPv6
Unicast Address
An address for a single interface. Packet sent to this address is delivered to the interface identified by this address.
04/24/23 . 59
Type of Addresses for IPv6 (continue)
Anycast Address
An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to only one node in this set.
04/24/23 . 60
Type of Addresses for IPv6 (continue)
Multicast Address
An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to interfaces
identified by this address
04/24/23 . 61
IPv6 Header Format
Version Traffic Class Flow Label
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
Payload Length Next
Header Hop Limit
Source IP (128 bits)
Destination IP (128 bits)
04/24/23 . 62
Order of Extension Header
IPv6 Header
Hop-By-Hop
Destination Header
Routing Header
AH
ESP
Destination Header
Upper Layer Header
Fragmentation Header
Processed by all the intermediate Nodes
To be processed by the first destination that appears in the IPv6 Destination Address field plus subsequent destinations listed in the Routing header.
for options to be processed only by the final destination of the packet.
e.g. UDP TCP ICMP
04/24/23 . 63
Routing Header
Next Header Hdr Ext Len
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
Type-specific data
The Routing Header is used by an IPv6 source to list one or more intermediate nodes to be “visited” on the way to the
packet’s destination. The Routing header is identified by the value 43 in the Next Header field of the IPv6 Header
Routing Type Segment Left
04/24/23 . 64
Routing Header (continue)
Next Header Hdr Ext Len
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
Type-specific data
Routing Type Segment Left
Routing Type – 8 bits identifier of a particular routing header variant.
Segments Left– 8 bits unsigned integer. Number of explicitly listed intermediate nodes still to be visited before reaching the final destination.
Type-specified data– Variable-length field, of format determined by the routing type, and of length such that the complete routing header is an integer multiple of 8 octets long.
04/24/23 . 65
Routing Header Routing Type = 0 (continue)
Next Header Hdr Ext Len
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
Address [1] (128 bits)
Routing Header= 0 Segment Left
Address [2] (128 bits)
Address [n] (128 bits)
04/24/23 . 66
1. IPv4 address is 32 bits, IPv6 address is 128 bits.
2. IPv4 header is variable size, at least 20 bytes. IPv6 header size is fixed 40 bytes. This feature will make router header processing more efficient.
3. Addressing modes for IPv4 are: Broadcast, Multicast, Unicast. IPv6 addressing modes are Multicast, Anycast, Unicast. IPv6 eliminate the Broadcast mode for security reasons. IPv6 added Anycast which was not in IPv4.
4. Security is built in feature in the IPv6 protocol. In IPv4 it is not.
5. IPv6 has more support for QoS. It has two Fields Traffic Class & Flow Label fields. IPv4 has only a TOS field.
6. Fragmentation is done by any node in IPv4. In IPv6 the fragmentation is done by the source.
7. Improvement support for extensions & options. New extension encoding allow flexibility in introducing new options & easy processing for those options.
8. Stateless & stateful address configuration for IPv6, Stateful address configuration for IPv4
IPv4 vs IPv6
04/24/23 . 67
Acronym
HA Home Agent
FA Foreign Agent
HoA Home IP Address.
CCoA collocated Care-of Address
FCoA Foreign Agent Care-of Address.
MIPv4 Mobile IP version 4.
MIPv6 Mobile IP version 6.
MN Mobile Node.
CN Correspondent Node.
04/24/23 . 68
Mobility Problem
電腦
路由器 Internet
路由器
路由器
工作站
Home AgentCorrespondent Node
Mobile Node
Router
Router
Router
Home Link Link A Link B
Link C
move
04/24/23 . 69
Visiting Network
Internet
MIP Conceptual Model
Home Network
HA
HoA CoA
MN
CN
04/24/23 . 70
MIPv4
04/24/23 . 71
MIP4: Protocol Stack
Physical Layer
Data Link Layer
Internet Protocol (MIP4,IP4)
Transport (UDP,TCP)
Application (MIPv4)
Kernel
04/24/23 . 72
MIP4:Registration With Home Agent- CCoA –Ref [1]
IP4HA
Home NetworkForeign Network
MN
CN
RRQ
RRPCCoA
FA
04/24/23 . 73
MIP4:Forward Traffic-FCoA
IP4
CoA
HAHome Network
Foreign Network
MN
CNOuter IP Header:•Src = HAIP•Dst = FCoA
Inner IP header•Src = CNIP•Dst = HoA
IP header•Src = CNIP•Dst = HoA
1
2
FA
04/24/23 . 74
MIP4:Forward Traffic-Tunneling-CCoA
IP4
CCoA
HAHome Network
Foreign Network
MN
CNOuter IP Header:•Src = HAIP•Dst = CCoA
Inner IP header•Src = CNIP•Dst = HoA
IP header•Src = CNIP•Dst = HoA
1
2
04/24/23 . 75
MIP4:Reverse Traffic-FCoA
IP4
FCoA
HAHome Network
Foreign Network
MN
CN
IP header•Src = HoA•Dst = CNIP
1
FA
04/24/23 . 76
MIP4:Reverse Traffic-CCoA
IP4
CCoA
HAHome Network
Foreign Network
MN
CNIP header•Src = CCoA•Dst = CNIP
1
FA
04/24/23 . 77
MIP4:Reverse Traffic-Tunneling-FCoA
IP4
FCoA
HAHome Network
Foreign Network
MN
CNOuter IP Header:•Src = FCoA•Dst = HAIP
Inner IP header•Src = HoA•Dst = CNIP
IP header•Src = HoA•Dst = CNIP
1
2
FA
04/24/23 . 78
MIP4:Reverse Traffic-CCoA
IP4
CCoA
HAHome Network
Foreign Network
MN
CNOuter IP Header:•Src = CCoA•Dst = HAIP
Inner IP header•Src = HoA•Dst = CNIP
IP header•Src = HoA•Dst = CNIP
1
2
04/24/23 . 79
MIP4:Going Back Home
HAHome Network
Foreign Network
CN
RRQ [lifetime=0]
RRP[lifetime = 0]
MN
IP6
gratuitous ARP
Gratuitous ARP
Agent Advertisement
04/24/23 . 80
MIP4:Security
IP4
FCoA
HAHome Network
Foreign Network
MN
FA
FA-HA AE
MN-HA AE
MN-FA AE
04/24/23 . 81
MIP4:Authentication Calculation
HMAC_MD5
UDP payload
SPI
Auth Type
Shared Security Key
Message Digest
04/24/23 . 82
MIP4: Registration With Home Agent-FCoA –Ref [1]
IP4HA
Home NetworkForeign Network
MN
CN
RRQ(HoA,FCoA,HA)FCoA
FA RRP(HoA,FCoA,HA)
Gratuitous ARP
04/24/23 . 83
MIP4:Registration With Dynamic HoA Allocation –Ref [3]
IP4HA
Home NetworkForeign Network
MN
CN
RRQ(NAI,HoA=?,FCoA,HA)
FCoA
FA RRP(NAI,HoA,FCoA,HA)
04/24/23 . 84
MIP4: Registration With Dynamic HA Allocation –Ref [2]
IP4HA
Home NetworkForeign Network
MN
CN
RRQ(NAI,HoA,FCoA,HA=?)
FCoA
FA RRP(NAI,HoA,FCoA,HA)
04/24/23 . 85
MIP4:Registration With Dynamic HA Allocation-Ref [2] (Cont)
IP4HA2
Home NetworkForeign Network
MN
CN
RRQ(NAI,HoA,FCoA,HA=?)FCoA
FA
RRP(NAI,HoA,FCoA,HA=HA2) HA1
RRQ(NAI,HoA,FCoA,HA=HA2)
RRP(NAI,HoA,FCoA,HA=HA2)
04/24/23 . 86
MIP4:Registration With Dynamic HA & HoA Allocation –Ref [2],[3]
IP4HA
Home NetworkForeign Network
MN
CN
RRQ(NAI,HoA=?,FCoA,HA=?)
FCoA
FA RRP(NAI,HoA,FCoA,HA)
04/24/23 . 87
MIPv6
04/24/23 . 88
Registration With Home Agent
Internet HA
Home NetworkForeign Network
HoAMN
CN
BU
BACoA
04/24/23 . 89
Bidirectional Tunneling -Forward Traffic
Internet
CoA
HAHome Network
Foreign Network
HoAMN
CNOuter IP Header:•Src = HAIP•Dst = CoA
Inner IP header•Src = CNIP•Dst = HoA
IP header•Src = CNIP•Dst = HoA
1
2
04/24/23 . 90
Bidirectional Tunneling –Reverse Traffic
Internet
CoA
HAHome Network
Foreign Network
HoAMN
CNOuter IP Header:
•Src = CoA•Dst = HAIP
Inner IP header•Src = HoA•Dst = CNIP
IP header•Src = HoA•Dst = CNIP
1
2
04/24/23 . 91
Route Optimization-Forward Traffic
Internet
CoA
HAHome Network
Foreign Network
HoAMN
CNIP Header:
•Src = CNIP•Dst = CoA
Type 2 Routing Header• HoA
IP Header:•Src = CNIP•Dst = HoA
12
04/24/23 . 92
Route Optimization-Reverse Traffic
Internet
CoA
HAHome Network
Foreign Network
HoAMN
CNIP Header:•Src = CoA•Dst = CNIP
Destination Option Header•Home Address Option with HoA
IP Header:•Src = HoA•Dst = CNIP
12
04/24/23 . 93
Basic Address Stealing
Original Data Flow
BU <HoA = IPMN, CoA = IPvictim >
New Data Flow
attacker
MN CN Victim
04/24/23 . 94
Round Routability
Internet
CoA
HAHome Network
Foreign Network
HoAMN
CN
HoT
HoTI
HoT
HoTI
1
1
CoTICoT
1
2
2
BUBA
34
2
top related